2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
11 #include <net/mac80211.h>
12 #include <net/ieee80211_radiotap.h>
13 #include <linux/module.h>
14 #include <linux/init.h>
15 #include <linux/netdevice.h>
16 #include <linux/types.h>
17 #include <linux/slab.h>
18 #include <linux/skbuff.h>
19 #include <linux/etherdevice.h>
20 #include <linux/if_arp.h>
21 #include <linux/wireless.h>
22 #include <linux/rtnetlink.h>
23 #include <net/iw_handler.h>
24 #include <linux/compiler.h>
25 #include <linux/bitmap.h>
26 #include <net/cfg80211.h>
27 #include <asm/unaligned.h>
29 #include "ieee80211_common.h"
30 #include "ieee80211_i.h"
31 #include "ieee80211_rate.h"
37 #include "ieee80211_led.h"
38 #include "ieee80211_cfg.h"
40 #include "debugfs_netdev.h"
41 #include "debugfs_key.h"
43 /* privid for wiphys to determine whether they belong to us or not */
44 void *mac80211_wiphy_privid = &mac80211_wiphy_privid;
46 /* See IEEE 802.1H for LLC/SNAP encapsulation/decapsulation */
47 /* Ethernet-II snap header (RFC1042 for most EtherTypes) */
48 static const unsigned char rfc1042_header[] =
49 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
51 /* Bridge-Tunnel header (for EtherTypes ETH_P_AARP and ETH_P_IPX) */
52 static const unsigned char bridge_tunnel_header[] =
53 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0xf8 };
55 /* No encapsulation header if EtherType < 0x600 (=length) */
56 static const unsigned char eapol_header[] =
57 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00, 0x88, 0x8e };
60 static inline void ieee80211_include_sequence(struct ieee80211_sub_if_data *sdata,
61 struct ieee80211_hdr *hdr)
63 /* Set the sequence number for this frame. */
64 hdr->seq_ctrl = cpu_to_le16(sdata->sequence);
66 /* Increase the sequence number. */
67 sdata->sequence = (sdata->sequence + 0x10) & IEEE80211_SCTL_SEQ;
70 struct ieee80211_key_conf *
71 ieee80211_key_data2conf(struct ieee80211_local *local,
72 const struct ieee80211_key *data)
74 struct ieee80211_key_conf *conf;
76 conf = kmalloc(sizeof(*conf) + data->keylen, GFP_ATOMIC);
80 conf->hw_key_idx = data->hw_key_idx;
81 conf->alg = data->alg;
82 conf->keylen = data->keylen;
84 if (data->force_sw_encrypt)
85 conf->flags |= IEEE80211_KEY_FORCE_SW_ENCRYPT;
86 conf->keyidx = data->keyidx;
87 if (data->default_tx_key)
88 conf->flags |= IEEE80211_KEY_DEFAULT_TX_KEY;
89 if (local->default_wep_only)
90 conf->flags |= IEEE80211_KEY_DEFAULT_WEP_ONLY;
91 memcpy(conf->key, data->key, data->keylen);
96 struct ieee80211_key *ieee80211_key_alloc(struct ieee80211_sub_if_data *sdata,
97 int idx, size_t key_len, gfp_t flags)
99 struct ieee80211_key *key;
101 key = kzalloc(sizeof(struct ieee80211_key) + key_len, flags);
104 kref_init(&key->kref);
108 static void ieee80211_key_release(struct kref *kref)
110 struct ieee80211_key *key;
112 key = container_of(kref, struct ieee80211_key, kref);
113 if (key->alg == ALG_CCMP)
114 ieee80211_aes_key_free(key->u.ccmp.tfm);
115 ieee80211_debugfs_key_remove(key);
119 void ieee80211_key_free(struct ieee80211_key *key)
122 kref_put(&key->kref, ieee80211_key_release);
125 static int rate_list_match(const int *rate_list, int rate)
132 for (i = 0; rate_list[i] >= 0; i++)
133 if (rate_list[i] == rate)
140 void ieee80211_prepare_rates(struct ieee80211_local *local,
141 struct ieee80211_hw_mode *mode)
145 for (i = 0; i < mode->num_rates; i++) {
146 struct ieee80211_rate *rate = &mode->rates[i];
148 rate->flags &= ~(IEEE80211_RATE_SUPPORTED |
149 IEEE80211_RATE_BASIC);
151 if (local->supp_rates[mode->mode]) {
152 if (!rate_list_match(local->supp_rates[mode->mode],
157 rate->flags |= IEEE80211_RATE_SUPPORTED;
159 /* Use configured basic rate set if it is available. If not,
160 * use defaults that are sane for most cases. */
161 if (local->basic_rates[mode->mode]) {
162 if (rate_list_match(local->basic_rates[mode->mode],
164 rate->flags |= IEEE80211_RATE_BASIC;
165 } else switch (mode->mode) {
166 case MODE_IEEE80211A:
167 if (rate->rate == 60 || rate->rate == 120 ||
169 rate->flags |= IEEE80211_RATE_BASIC;
171 case MODE_IEEE80211B:
172 if (rate->rate == 10 || rate->rate == 20)
173 rate->flags |= IEEE80211_RATE_BASIC;
175 case MODE_ATHEROS_TURBO:
176 if (rate->rate == 120 || rate->rate == 240 ||
178 rate->flags |= IEEE80211_RATE_BASIC;
180 case MODE_IEEE80211G:
181 if (rate->rate == 10 || rate->rate == 20 ||
182 rate->rate == 55 || rate->rate == 110)
183 rate->flags |= IEEE80211_RATE_BASIC;
187 /* Set ERP and MANDATORY flags based on phymode */
188 switch (mode->mode) {
189 case MODE_IEEE80211A:
190 if (rate->rate == 60 || rate->rate == 120 ||
192 rate->flags |= IEEE80211_RATE_MANDATORY;
194 case MODE_IEEE80211B:
195 if (rate->rate == 10)
196 rate->flags |= IEEE80211_RATE_MANDATORY;
198 case MODE_ATHEROS_TURBO:
200 case MODE_IEEE80211G:
201 if (rate->rate == 10 || rate->rate == 20 ||
202 rate->rate == 55 || rate->rate == 110 ||
203 rate->rate == 60 || rate->rate == 120 ||
205 rate->flags |= IEEE80211_RATE_MANDATORY;
208 if (ieee80211_is_erp_rate(mode->mode, rate->rate))
209 rate->flags |= IEEE80211_RATE_ERP;
214 static void ieee80211_key_threshold_notify(struct net_device *dev,
215 struct ieee80211_key *key,
216 struct sta_info *sta)
218 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
220 struct ieee80211_msg_key_notification *msg;
222 /* if no one will get it anyway, don't even allocate it.
223 * unlikely because this is only relevant for APs
224 * where the device must be open... */
225 if (unlikely(!local->apdev))
228 skb = dev_alloc_skb(sizeof(struct ieee80211_frame_info) +
229 sizeof(struct ieee80211_msg_key_notification));
233 skb_reserve(skb, sizeof(struct ieee80211_frame_info));
234 msg = (struct ieee80211_msg_key_notification *)
235 skb_put(skb, sizeof(struct ieee80211_msg_key_notification));
236 msg->tx_rx_count = key->tx_rx_count;
237 memcpy(msg->ifname, dev->name, IFNAMSIZ);
239 memcpy(msg->addr, sta->addr, ETH_ALEN);
241 memset(msg->addr, 0xff, ETH_ALEN);
243 key->tx_rx_count = 0;
245 ieee80211_rx_mgmt(local, skb, NULL,
246 ieee80211_msg_key_threshold_notification);
250 static u8 * ieee80211_get_bssid(struct ieee80211_hdr *hdr, size_t len)
257 fc = le16_to_cpu(hdr->frame_control);
259 switch (fc & IEEE80211_FCTL_FTYPE) {
260 case IEEE80211_FTYPE_DATA:
261 switch (fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) {
262 case IEEE80211_FCTL_TODS:
264 case (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS):
266 case IEEE80211_FCTL_FROMDS:
272 case IEEE80211_FTYPE_MGMT:
274 case IEEE80211_FTYPE_CTL:
275 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PSPOLL)
284 int ieee80211_get_hdrlen(u16 fc)
288 switch (fc & IEEE80211_FCTL_FTYPE) {
289 case IEEE80211_FTYPE_DATA:
290 if ((fc & IEEE80211_FCTL_FROMDS) && (fc & IEEE80211_FCTL_TODS))
291 hdrlen = 30; /* Addr4 */
293 * The QoS Control field is two bytes and its presence is
294 * indicated by the IEEE80211_STYPE_QOS_DATA bit. Add 2 to
295 * hdrlen if that bit is set.
296 * This works by masking out the bit and shifting it to
297 * bit position 1 so the result has the value 0 or 2.
299 hdrlen += (fc & IEEE80211_STYPE_QOS_DATA)
300 >> (ilog2(IEEE80211_STYPE_QOS_DATA)-1);
302 case IEEE80211_FTYPE_CTL:
304 * ACK and CTS are 10 bytes, all others 16. To see how
305 * to get this condition consider
306 * subtype mask: 0b0000000011110000 (0x00F0)
307 * ACK subtype: 0b0000000011010000 (0x00D0)
308 * CTS subtype: 0b0000000011000000 (0x00C0)
309 * bits that matter: ^^^ (0x00E0)
310 * value of those: 0b0000000011000000 (0x00C0)
312 if ((fc & 0xE0) == 0xC0)
321 EXPORT_SYMBOL(ieee80211_get_hdrlen);
323 int ieee80211_get_hdrlen_from_skb(const struct sk_buff *skb)
325 const struct ieee80211_hdr *hdr = (const struct ieee80211_hdr *) skb->data;
328 if (unlikely(skb->len < 10))
330 hdrlen = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_control));
331 if (unlikely(hdrlen > skb->len))
335 EXPORT_SYMBOL(ieee80211_get_hdrlen_from_skb);
337 static int ieee80211_get_radiotap_len(struct sk_buff *skb)
339 struct ieee80211_radiotap_header *hdr =
340 (struct ieee80211_radiotap_header *) skb->data;
342 return le16_to_cpu(hdr->it_len);
345 #ifdef CONFIG_MAC80211_LOWTX_FRAME_DUMP
346 static void ieee80211_dump_frame(const char *ifname, const char *title,
347 const struct sk_buff *skb)
349 const struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
353 printk(KERN_DEBUG "%s: %s (len=%d)", ifname, title, skb->len);
359 fc = le16_to_cpu(hdr->frame_control);
360 hdrlen = ieee80211_get_hdrlen(fc);
361 if (hdrlen > skb->len)
364 printk(" FC=0x%04x DUR=0x%04x",
365 fc, le16_to_cpu(hdr->duration_id));
367 printk(" A1=" MAC_FMT, MAC_ARG(hdr->addr1));
369 printk(" A2=" MAC_FMT, MAC_ARG(hdr->addr2));
371 printk(" A3=" MAC_FMT, MAC_ARG(hdr->addr3));
373 printk(" A4=" MAC_FMT, MAC_ARG(hdr->addr4));
376 #else /* CONFIG_MAC80211_LOWTX_FRAME_DUMP */
377 static inline void ieee80211_dump_frame(const char *ifname, const char *title,
381 #endif /* CONFIG_MAC80211_LOWTX_FRAME_DUMP */
384 static int ieee80211_is_eapol(const struct sk_buff *skb)
386 const struct ieee80211_hdr *hdr;
390 if (unlikely(skb->len < 10))
393 hdr = (const struct ieee80211_hdr *) skb->data;
394 fc = le16_to_cpu(hdr->frame_control);
396 if (unlikely(!WLAN_FC_DATA_PRESENT(fc)))
399 hdrlen = ieee80211_get_hdrlen(fc);
401 if (unlikely(skb->len >= hdrlen + sizeof(eapol_header) &&
402 memcmp(skb->data + hdrlen, eapol_header,
403 sizeof(eapol_header)) == 0))
410 static ieee80211_txrx_result
411 ieee80211_tx_h_rate_ctrl(struct ieee80211_txrx_data *tx)
413 struct rate_control_extra extra;
415 memset(&extra, 0, sizeof(extra));
416 extra.mode = tx->u.tx.mode;
417 extra.mgmt_data = tx->sdata &&
418 tx->sdata->type == IEEE80211_IF_TYPE_MGMT;
419 extra.ethertype = tx->ethertype;
421 tx->u.tx.rate = rate_control_get_rate(tx->local, tx->dev, tx->skb,
423 if (unlikely(extra.probe != NULL)) {
424 tx->u.tx.control->flags |= IEEE80211_TXCTL_RATE_CTRL_PROBE;
425 tx->u.tx.probe_last_frag = 1;
426 tx->u.tx.control->alt_retry_rate = tx->u.tx.rate->val;
427 tx->u.tx.rate = extra.probe;
429 tx->u.tx.control->alt_retry_rate = -1;
433 if (tx->u.tx.mode->mode == MODE_IEEE80211G &&
434 tx->local->cts_protect_erp_frames && tx->fragmented &&
436 tx->u.tx.last_frag_rate = tx->u.tx.rate;
437 tx->u.tx.probe_last_frag = extra.probe ? 1 : 0;
439 tx->u.tx.rate = extra.nonerp;
440 tx->u.tx.control->rate = extra.nonerp;
441 tx->u.tx.control->flags &= ~IEEE80211_TXCTL_RATE_CTRL_PROBE;
443 tx->u.tx.last_frag_rate = tx->u.tx.rate;
444 tx->u.tx.control->rate = tx->u.tx.rate;
446 tx->u.tx.control->tx_rate = tx->u.tx.rate->val;
447 if ((tx->u.tx.rate->flags & IEEE80211_RATE_PREAMBLE2) &&
448 tx->local->short_preamble &&
449 (!tx->sta || (tx->sta->flags & WLAN_STA_SHORT_PREAMBLE))) {
450 tx->u.tx.short_preamble = 1;
451 tx->u.tx.control->tx_rate = tx->u.tx.rate->val2;
454 return TXRX_CONTINUE;
458 static ieee80211_txrx_result
459 ieee80211_tx_h_select_key(struct ieee80211_txrx_data *tx)
462 tx->u.tx.control->key_idx = tx->sta->key_idx_compression;
464 tx->u.tx.control->key_idx = HW_KEY_IDX_INVALID;
466 if (unlikely(tx->u.tx.control->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT))
468 else if (tx->sta && tx->sta->key)
469 tx->key = tx->sta->key;
470 else if (tx->sdata->default_key)
471 tx->key = tx->sdata->default_key;
472 else if (tx->sdata->drop_unencrypted &&
473 !(tx->sdata->eapol && ieee80211_is_eapol(tx->skb))) {
474 I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted);
480 tx->key->tx_rx_count++;
481 if (unlikely(tx->local->key_tx_rx_threshold &&
482 tx->key->tx_rx_count >
483 tx->local->key_tx_rx_threshold)) {
484 ieee80211_key_threshold_notify(tx->dev, tx->key,
489 return TXRX_CONTINUE;
493 static ieee80211_txrx_result
494 ieee80211_tx_h_fragment(struct ieee80211_txrx_data *tx)
496 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
497 size_t hdrlen, per_fragm, num_fragm, payload_len, left;
498 struct sk_buff **frags, *first, *frag;
502 int frag_threshold = tx->local->fragmentation_threshold;
505 return TXRX_CONTINUE;
509 hdrlen = ieee80211_get_hdrlen(tx->fc);
510 payload_len = first->len - hdrlen;
511 per_fragm = frag_threshold - hdrlen - FCS_LEN;
512 num_fragm = (payload_len + per_fragm - 1) / per_fragm;
514 frags = kzalloc(num_fragm * sizeof(struct sk_buff *), GFP_ATOMIC);
518 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_MOREFRAGS);
519 seq = le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_SEQ;
520 pos = first->data + hdrlen + per_fragm;
521 left = payload_len - per_fragm;
522 for (i = 0; i < num_fragm - 1; i++) {
523 struct ieee80211_hdr *fhdr;
529 /* reserve enough extra head and tail room for possible
532 dev_alloc_skb(tx->local->hw.extra_tx_headroom +
534 IEEE80211_ENCRYPT_HEADROOM +
535 IEEE80211_ENCRYPT_TAILROOM);
538 /* Make sure that all fragments use the same priority so
539 * that they end up using the same TX queue */
540 frag->priority = first->priority;
541 skb_reserve(frag, tx->local->hw.extra_tx_headroom +
542 IEEE80211_ENCRYPT_HEADROOM);
543 fhdr = (struct ieee80211_hdr *) skb_put(frag, hdrlen);
544 memcpy(fhdr, first->data, hdrlen);
545 if (i == num_fragm - 2)
546 fhdr->frame_control &= cpu_to_le16(~IEEE80211_FCTL_MOREFRAGS);
547 fhdr->seq_ctrl = cpu_to_le16(seq | ((i + 1) & IEEE80211_SCTL_FRAG));
548 copylen = left > per_fragm ? per_fragm : left;
549 memcpy(skb_put(frag, copylen), pos, copylen);
554 skb_trim(first, hdrlen + per_fragm);
556 tx->u.tx.num_extra_frag = num_fragm - 1;
557 tx->u.tx.extra_frag = frags;
559 return TXRX_CONTINUE;
562 printk(KERN_DEBUG "%s: failed to fragment frame\n", tx->dev->name);
564 for (i = 0; i < num_fragm - 1; i++)
566 dev_kfree_skb(frags[i]);
569 I802_DEBUG_INC(tx->local->tx_handlers_drop_fragment);
574 static int wep_encrypt_skb(struct ieee80211_txrx_data *tx, struct sk_buff *skb)
576 if (tx->key->force_sw_encrypt) {
577 if (ieee80211_wep_encrypt(tx->local, skb, tx->key))
580 tx->u.tx.control->key_idx = tx->key->hw_key_idx;
581 if (tx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) {
582 if (ieee80211_wep_add_iv(tx->local, skb, tx->key) ==
591 void ieee80211_tx_set_iswep(struct ieee80211_txrx_data *tx)
593 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
595 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
596 if (tx->u.tx.extra_frag) {
597 struct ieee80211_hdr *fhdr;
599 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
600 fhdr = (struct ieee80211_hdr *)
601 tx->u.tx.extra_frag[i]->data;
602 fhdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
608 static ieee80211_txrx_result
609 ieee80211_tx_h_wep_encrypt(struct ieee80211_txrx_data *tx)
611 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
614 fc = le16_to_cpu(hdr->frame_control);
616 if (!tx->key || tx->key->alg != ALG_WEP ||
617 ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
618 ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
619 (fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)))
620 return TXRX_CONTINUE;
622 tx->u.tx.control->iv_len = WEP_IV_LEN;
623 tx->u.tx.control->icv_len = WEP_ICV_LEN;
624 ieee80211_tx_set_iswep(tx);
626 if (wep_encrypt_skb(tx, tx->skb) < 0) {
627 I802_DEBUG_INC(tx->local->tx_handlers_drop_wep);
631 if (tx->u.tx.extra_frag) {
633 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
634 if (wep_encrypt_skb(tx, tx->u.tx.extra_frag[i]) < 0) {
635 I802_DEBUG_INC(tx->local->
636 tx_handlers_drop_wep);
642 return TXRX_CONTINUE;
646 static int ieee80211_frame_duration(struct ieee80211_local *local, size_t len,
647 int rate, int erp, int short_preamble)
651 /* calculate duration (in microseconds, rounded up to next higher
652 * integer if it includes a fractional microsecond) to send frame of
653 * len bytes (does not include FCS) at the given rate. Duration will
656 * rate is in 100 kbps, so divident is multiplied by 10 in the
657 * DIV_ROUND_UP() operations.
660 if (local->hw.conf.phymode == MODE_IEEE80211A || erp ||
661 local->hw.conf.phymode == MODE_ATHEROS_TURBO) {
665 * N_DBPS = DATARATE x 4
666 * N_SYM = Ceiling((16+8xLENGTH+6) / N_DBPS)
667 * (16 = SIGNAL time, 6 = tail bits)
668 * TXTIME = T_PREAMBLE + T_SIGNAL + T_SYM x N_SYM + Signal Ext
671 * 802.11a - 17.5.2: aSIFSTime = 16 usec
672 * 802.11g - 19.8.4: aSIFSTime = 10 usec +
673 * signal ext = 6 usec
675 /* FIX: Atheros Turbo may have different (shorter) duration? */
676 dur = 16; /* SIFS + signal ext */
677 dur += 16; /* 17.3.2.3: T_PREAMBLE = 16 usec */
678 dur += 4; /* 17.3.2.3: T_SIGNAL = 4 usec */
679 dur += 4 * DIV_ROUND_UP((16 + 8 * (len + 4) + 6) * 10,
680 4 * rate); /* T_SYM x N_SYM */
683 * 802.11b or 802.11g with 802.11b compatibility:
684 * 18.3.4: TXTIME = PreambleLength + PLCPHeaderTime +
685 * Ceiling(((LENGTH+PBCC)x8)/DATARATE). PBCC=0.
687 * 802.11 (DS): 15.3.3, 802.11b: 18.3.4
688 * aSIFSTime = 10 usec
689 * aPreambleLength = 144 usec or 72 usec with short preamble
690 * aPLCPHeaderLength = 48 usec or 24 usec with short preamble
692 dur = 10; /* aSIFSTime = 10 usec */
693 dur += short_preamble ? (72 + 24) : (144 + 48);
695 dur += DIV_ROUND_UP(8 * (len + 4) * 10, rate);
702 /* Exported duration function for driver use */
703 __le16 ieee80211_generic_frame_duration(struct ieee80211_hw *hw,
704 size_t frame_len, int rate)
706 struct ieee80211_local *local = hw_to_local(hw);
710 erp = ieee80211_is_erp_rate(hw->conf.phymode, rate);
711 dur = ieee80211_frame_duration(local, frame_len, rate,
712 erp, local->short_preamble);
714 return cpu_to_le16(dur);
716 EXPORT_SYMBOL(ieee80211_generic_frame_duration);
719 static u16 ieee80211_duration(struct ieee80211_txrx_data *tx, int group_addr,
722 int rate, mrate, erp, dur, i;
723 struct ieee80211_rate *txrate = tx->u.tx.rate;
724 struct ieee80211_local *local = tx->local;
725 struct ieee80211_hw_mode *mode = tx->u.tx.mode;
727 erp = txrate->flags & IEEE80211_RATE_ERP;
730 * data and mgmt (except PS Poll):
731 * - during CFP: 32768
732 * - during contention period:
733 * if addr1 is group address: 0
734 * if more fragments = 0 and addr1 is individual address: time to
735 * transmit one ACK plus SIFS
736 * if more fragments = 1 and addr1 is individual address: time to
737 * transmit next fragment plus 2 x ACK plus 3 x SIFS
740 * - control response frame (CTS or ACK) shall be transmitted using the
741 * same rate as the immediately previous frame in the frame exchange
742 * sequence, if this rate belongs to the PHY mandatory rates, or else
743 * at the highest possible rate belonging to the PHY rates in the
747 if ((tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL) {
748 /* TODO: These control frames are not currently sent by
749 * 80211.o, but should they be implemented, this function
750 * needs to be updated to support duration field calculation.
752 * RTS: time needed to transmit pending data/mgmt frame plus
753 * one CTS frame plus one ACK frame plus 3 x SIFS
754 * CTS: duration of immediately previous RTS minus time
755 * required to transmit CTS and its SIFS
756 * ACK: 0 if immediately previous directed data/mgmt had
757 * more=0, with more=1 duration in ACK frame is duration
758 * from previous frame minus time needed to transmit ACK
760 * PS Poll: BIT(15) | BIT(14) | aid
766 if (0 /* FIX: data/mgmt during CFP */)
769 if (group_addr) /* Group address as the destination - no ACK */
772 /* Individual destination address:
773 * IEEE 802.11, Ch. 9.6 (after IEEE 802.11g changes)
774 * CTS and ACK frames shall be transmitted using the highest rate in
775 * basic rate set that is less than or equal to the rate of the
776 * immediately previous frame and that is using the same modulation
777 * (CCK or OFDM). If no basic rate set matches with these requirements,
778 * the highest mandatory rate of the PHY that is less than or equal to
779 * the rate of the previous frame is used.
780 * Mandatory rates for IEEE 802.11g PHY: 1, 2, 5.5, 11, 6, 12, 24 Mbps
783 mrate = 10; /* use 1 Mbps if everything fails */
784 for (i = 0; i < mode->num_rates; i++) {
785 struct ieee80211_rate *r = &mode->rates[i];
786 if (r->rate > txrate->rate)
789 if (IEEE80211_RATE_MODULATION(txrate->flags) !=
790 IEEE80211_RATE_MODULATION(r->flags))
793 if (r->flags & IEEE80211_RATE_BASIC)
795 else if (r->flags & IEEE80211_RATE_MANDATORY)
799 /* No matching basic rate found; use highest suitable mandatory
804 /* Time needed to transmit ACK
805 * (10 bytes + 4-byte FCS = 112 bits) plus SIFS; rounded up
806 * to closest integer */
808 dur = ieee80211_frame_duration(local, 10, rate, erp,
809 local->short_preamble);
812 /* Frame is fragmented: duration increases with time needed to
813 * transmit next fragment plus ACK and 2 x SIFS. */
814 dur *= 2; /* ACK + SIFS */
816 dur += ieee80211_frame_duration(local, next_frag_len,
818 local->short_preamble);
825 static ieee80211_txrx_result
826 ieee80211_tx_h_misc(struct ieee80211_txrx_data *tx)
828 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
830 struct ieee80211_tx_control *control = tx->u.tx.control;
831 struct ieee80211_hw_mode *mode = tx->u.tx.mode;
833 if (!is_multicast_ether_addr(hdr->addr1)) {
834 if (tx->skb->len + FCS_LEN > tx->local->rts_threshold &&
835 tx->local->rts_threshold < IEEE80211_MAX_RTS_THRESHOLD) {
836 control->flags |= IEEE80211_TXCTL_USE_RTS_CTS;
837 control->retry_limit =
838 tx->local->long_retry_limit;
840 control->retry_limit =
841 tx->local->short_retry_limit;
844 control->retry_limit = 1;
847 if (tx->fragmented) {
848 /* Do not use multiple retry rates when sending fragmented
850 * TODO: The last fragment could still use multiple retry
852 control->alt_retry_rate = -1;
855 /* Use CTS protection for unicast frames sent using extended rates if
856 * there are associated non-ERP stations and RTS/CTS is not configured
858 if (mode->mode == MODE_IEEE80211G &&
859 (tx->u.tx.rate->flags & IEEE80211_RATE_ERP) &&
861 tx->local->cts_protect_erp_frames &&
862 !(control->flags & IEEE80211_TXCTL_USE_RTS_CTS))
863 control->flags |= IEEE80211_TXCTL_USE_CTS_PROTECT;
865 /* Setup duration field for the first fragment of the frame. Duration
866 * for remaining fragments will be updated when they are being sent
867 * to low-level driver in ieee80211_tx(). */
868 dur = ieee80211_duration(tx, is_multicast_ether_addr(hdr->addr1),
869 tx->fragmented ? tx->u.tx.extra_frag[0]->len :
871 hdr->duration_id = cpu_to_le16(dur);
873 if ((control->flags & IEEE80211_TXCTL_USE_RTS_CTS) ||
874 (control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT)) {
875 struct ieee80211_rate *rate;
877 /* Do not use multiple retry rates when using RTS/CTS */
878 control->alt_retry_rate = -1;
880 /* Use min(data rate, max base rate) as CTS/RTS rate */
881 rate = tx->u.tx.rate;
882 while (rate > mode->rates &&
883 !(rate->flags & IEEE80211_RATE_BASIC))
886 control->rts_cts_rate = rate->val;
887 control->rts_rate = rate;
891 tx->sta->tx_packets++;
892 tx->sta->tx_fragments++;
893 tx->sta->tx_bytes += tx->skb->len;
894 if (tx->u.tx.extra_frag) {
896 tx->sta->tx_fragments += tx->u.tx.num_extra_frag;
897 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
899 tx->u.tx.extra_frag[i]->len;
904 return TXRX_CONTINUE;
908 static ieee80211_txrx_result
909 ieee80211_tx_h_check_assoc(struct ieee80211_txrx_data *tx)
911 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
912 struct sk_buff *skb = tx->skb;
913 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
914 #endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
917 if (unlikely(tx->local->sta_scanning != 0) &&
918 ((tx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
919 (tx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PROBE_REQ))
922 if (tx->u.tx.ps_buffered)
923 return TXRX_CONTINUE;
925 sta_flags = tx->sta ? tx->sta->flags : 0;
927 if (likely(tx->u.tx.unicast)) {
928 if (unlikely(!(sta_flags & WLAN_STA_ASSOC) &&
929 tx->sdata->type != IEEE80211_IF_TYPE_IBSS &&
930 (tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)) {
931 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
932 printk(KERN_DEBUG "%s: dropped data frame to not "
933 "associated station " MAC_FMT "\n",
934 tx->dev->name, MAC_ARG(hdr->addr1));
935 #endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
936 I802_DEBUG_INC(tx->local->tx_handlers_drop_not_assoc);
940 if (unlikely((tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
941 tx->local->num_sta == 0 &&
942 !tx->local->allow_broadcast_always &&
943 tx->sdata->type != IEEE80211_IF_TYPE_IBSS)) {
945 * No associated STAs - no need to send multicast
950 return TXRX_CONTINUE;
953 if (unlikely(!tx->u.tx.mgmt_interface && tx->sdata->ieee802_1x &&
954 !(sta_flags & WLAN_STA_AUTHORIZED))) {
955 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
956 printk(KERN_DEBUG "%s: dropped frame to " MAC_FMT
957 " (unauthorized port)\n", tx->dev->name,
958 MAC_ARG(hdr->addr1));
960 I802_DEBUG_INC(tx->local->tx_handlers_drop_unauth_port);
964 return TXRX_CONTINUE;
967 static ieee80211_txrx_result
968 ieee80211_tx_h_sequence(struct ieee80211_txrx_data *tx)
970 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data;
972 if (ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_control)) >= 24)
973 ieee80211_include_sequence(tx->sdata, hdr);
975 return TXRX_CONTINUE;
978 /* This function is called whenever the AP is about to exceed the maximum limit
979 * of buffered frames for power saving STAs. This situation should not really
980 * happen often during normal operation, so dropping the oldest buffered packet
981 * from each queue should be OK to make some room for new frames. */
982 static void purge_old_ps_buffers(struct ieee80211_local *local)
984 int total = 0, purged = 0;
986 struct ieee80211_sub_if_data *sdata;
987 struct sta_info *sta;
989 read_lock(&local->sub_if_lock);
990 list_for_each_entry(sdata, &local->sub_if_list, list) {
991 struct ieee80211_if_ap *ap;
992 if (sdata->dev == local->mdev ||
993 sdata->type != IEEE80211_IF_TYPE_AP)
996 skb = skb_dequeue(&ap->ps_bc_buf);
1001 total += skb_queue_len(&ap->ps_bc_buf);
1003 read_unlock(&local->sub_if_lock);
1005 spin_lock_bh(&local->sta_lock);
1006 list_for_each_entry(sta, &local->sta_list, list) {
1007 skb = skb_dequeue(&sta->ps_tx_buf);
1012 total += skb_queue_len(&sta->ps_tx_buf);
1014 spin_unlock_bh(&local->sta_lock);
1016 local->total_ps_buffered = total;
1017 printk(KERN_DEBUG "%s: PS buffers full - purged %d frames\n",
1018 local->mdev->name, purged);
1022 static inline ieee80211_txrx_result
1023 ieee80211_tx_h_multicast_ps_buf(struct ieee80211_txrx_data *tx)
1025 /* broadcast/multicast frame */
1026 /* If any of the associated stations is in power save mode,
1027 * the frame is buffered to be sent after DTIM beacon frame */
1028 if ((tx->local->hw.flags & IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING) &&
1029 tx->sdata->type != IEEE80211_IF_TYPE_WDS &&
1030 tx->sdata->bss && atomic_read(&tx->sdata->bss->num_sta_ps) &&
1031 !(tx->fc & IEEE80211_FCTL_ORDER)) {
1032 if (tx->local->total_ps_buffered >= TOTAL_MAX_TX_BUFFER)
1033 purge_old_ps_buffers(tx->local);
1034 if (skb_queue_len(&tx->sdata->bss->ps_bc_buf) >=
1036 if (net_ratelimit()) {
1037 printk(KERN_DEBUG "%s: BC TX buffer full - "
1038 "dropping the oldest frame\n",
1041 dev_kfree_skb(skb_dequeue(&tx->sdata->bss->ps_bc_buf));
1043 tx->local->total_ps_buffered++;
1044 skb_queue_tail(&tx->sdata->bss->ps_bc_buf, tx->skb);
1048 return TXRX_CONTINUE;
1052 static inline ieee80211_txrx_result
1053 ieee80211_tx_h_unicast_ps_buf(struct ieee80211_txrx_data *tx)
1055 struct sta_info *sta = tx->sta;
1057 if (unlikely(!sta ||
1058 ((tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT &&
1059 (tx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP)))
1060 return TXRX_CONTINUE;
1062 if (unlikely((sta->flags & WLAN_STA_PS) && !sta->pspoll)) {
1063 struct ieee80211_tx_packet_data *pkt_data;
1064 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
1065 printk(KERN_DEBUG "STA " MAC_FMT " aid %d: PS buffer (entries "
1067 MAC_ARG(sta->addr), sta->aid,
1068 skb_queue_len(&sta->ps_tx_buf));
1069 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
1070 sta->flags |= WLAN_STA_TIM;
1071 if (tx->local->total_ps_buffered >= TOTAL_MAX_TX_BUFFER)
1072 purge_old_ps_buffers(tx->local);
1073 if (skb_queue_len(&sta->ps_tx_buf) >= STA_MAX_TX_BUFFER) {
1074 struct sk_buff *old = skb_dequeue(&sta->ps_tx_buf);
1075 if (net_ratelimit()) {
1076 printk(KERN_DEBUG "%s: STA " MAC_FMT " TX "
1077 "buffer full - dropping oldest frame\n",
1078 tx->dev->name, MAC_ARG(sta->addr));
1082 tx->local->total_ps_buffered++;
1083 /* Queue frame to be sent after STA sends an PS Poll frame */
1084 if (skb_queue_empty(&sta->ps_tx_buf)) {
1085 if (tx->local->ops->set_tim)
1086 tx->local->ops->set_tim(local_to_hw(tx->local),
1089 bss_tim_set(tx->local, tx->sdata->bss, sta->aid);
1091 pkt_data = (struct ieee80211_tx_packet_data *)tx->skb->cb;
1092 pkt_data->jiffies = jiffies;
1093 skb_queue_tail(&sta->ps_tx_buf, tx->skb);
1096 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
1097 else if (unlikely(sta->flags & WLAN_STA_PS)) {
1098 printk(KERN_DEBUG "%s: STA " MAC_FMT " in PS mode, but pspoll "
1099 "set -> send frame\n", tx->dev->name,
1100 MAC_ARG(sta->addr));
1102 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
1105 return TXRX_CONTINUE;
1109 static ieee80211_txrx_result
1110 ieee80211_tx_h_ps_buf(struct ieee80211_txrx_data *tx)
1112 if (unlikely(tx->u.tx.ps_buffered))
1113 return TXRX_CONTINUE;
1115 if (tx->u.tx.unicast)
1116 return ieee80211_tx_h_unicast_ps_buf(tx);
1118 return ieee80211_tx_h_multicast_ps_buf(tx);
1123 * deal with packet injection down monitor interface
1124 * with Radiotap Header -- only called for monitor mode interface
1127 static ieee80211_txrx_result
1128 __ieee80211_parse_tx_radiotap(
1129 struct ieee80211_txrx_data *tx,
1130 struct sk_buff *skb, struct ieee80211_tx_control *control)
1133 * this is the moment to interpret and discard the radiotap header that
1134 * must be at the start of the packet injected in Monitor mode
1136 * Need to take some care with endian-ness since radiotap
1137 * args are little-endian
1140 struct ieee80211_radiotap_iterator iterator;
1141 struct ieee80211_radiotap_header *rthdr =
1142 (struct ieee80211_radiotap_header *) skb->data;
1143 struct ieee80211_hw_mode *mode = tx->local->hw.conf.mode;
1144 int ret = ieee80211_radiotap_iterator_init(&iterator, rthdr, skb->len);
1147 * default control situation for all injected packets
1148 * FIXME: this does not suit all usage cases, expand to allow control
1151 control->retry_limit = 1; /* no retry */
1152 control->key_idx = -1; /* no encryption key */
1153 control->flags &= ~(IEEE80211_TXCTL_USE_RTS_CTS |
1154 IEEE80211_TXCTL_USE_CTS_PROTECT);
1155 control->flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT |
1156 IEEE80211_TXCTL_NO_ACK;
1157 control->antenna_sel_tx = 0; /* default to default antenna */
1160 * for every radiotap entry that is present
1161 * (ieee80211_radiotap_iterator_next returns -ENOENT when no more
1162 * entries present, or -EINVAL on error)
1168 ret = ieee80211_radiotap_iterator_next(&iterator);
1173 /* see if this argument is something we can use */
1174 switch (iterator.this_arg_index) {
1176 * You must take care when dereferencing iterator.this_arg
1177 * for multibyte types... the pointer is not aligned. Use
1178 * get_unaligned((type *)iterator.this_arg) to dereference
1179 * iterator.this_arg for type "type" safely on all arches.
1181 case IEEE80211_RADIOTAP_RATE:
1183 * radiotap rate u8 is in 500kbps units eg, 0x02=1Mbps
1184 * ieee80211 rate int is in 100kbps units eg, 0x0a=1Mbps
1186 target_rate = (*iterator.this_arg) * 5;
1187 for (i = 0; i < mode->num_rates; i++) {
1188 struct ieee80211_rate *r = &mode->rates[i];
1190 if (r->rate > target_rate)
1195 if (r->flags & IEEE80211_RATE_PREAMBLE2)
1196 control->tx_rate = r->val2;
1198 control->tx_rate = r->val;
1200 /* end on exact match */
1201 if (r->rate == target_rate)
1202 i = mode->num_rates;
1206 case IEEE80211_RADIOTAP_ANTENNA:
1208 * radiotap uses 0 for 1st ant, mac80211 is 1 for
1211 control->antenna_sel_tx = (*iterator.this_arg) + 1;
1214 case IEEE80211_RADIOTAP_DBM_TX_POWER:
1215 control->power_level = *iterator.this_arg;
1218 case IEEE80211_RADIOTAP_FLAGS:
1219 if (*iterator.this_arg & IEEE80211_RADIOTAP_F_FCS) {
1221 * this indicates that the skb we have been
1222 * handed has the 32-bit FCS CRC at the end...
1223 * we should react to that by snipping it off
1224 * because it will be recomputed and added
1227 if (skb->len < (iterator.max_length + FCS_LEN))
1230 skb_trim(skb, skb->len - FCS_LEN);
1239 if (ret != -ENOENT) /* ie, if we didn't simply run out of fields */
1243 * remove the radiotap header
1244 * iterator->max_length was sanity-checked against
1245 * skb->len by iterator init
1247 skb_pull(skb, iterator.max_length);
1249 return TXRX_CONTINUE;
1253 static ieee80211_txrx_result inline
1254 __ieee80211_tx_prepare(struct ieee80211_txrx_data *tx,
1255 struct sk_buff *skb,
1256 struct net_device *dev,
1257 struct ieee80211_tx_control *control)
1259 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1260 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
1261 struct ieee80211_sub_if_data *sdata;
1262 ieee80211_txrx_result res = TXRX_CONTINUE;
1266 memset(tx, 0, sizeof(*tx));
1268 tx->dev = dev; /* use original interface */
1270 tx->sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1271 tx->sta = sta_info_get(local, hdr->addr1);
1272 tx->fc = le16_to_cpu(hdr->frame_control);
1275 * set defaults for things that can be set by
1276 * injected radiotap headers
1278 control->power_level = local->hw.conf.power_level;
1279 control->antenna_sel_tx = local->hw.conf.antenna_sel_tx;
1280 if (local->sta_antenna_sel != STA_ANTENNA_SEL_AUTO && tx->sta)
1281 control->antenna_sel_tx = tx->sta->antenna_sel_tx;
1283 /* process and remove the injection radiotap header */
1284 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1285 if (unlikely(sdata->type == IEEE80211_IF_TYPE_MNTR)) {
1286 if (__ieee80211_parse_tx_radiotap(tx, skb, control) ==
1291 * we removed the radiotap header after this point,
1292 * we filled control with what we could use
1293 * set to the actual ieee header now
1295 hdr = (struct ieee80211_hdr *) skb->data;
1296 res = TXRX_QUEUED; /* indication it was monitor packet */
1299 tx->u.tx.control = control;
1300 tx->u.tx.unicast = !is_multicast_ether_addr(hdr->addr1);
1301 if (is_multicast_ether_addr(hdr->addr1))
1302 control->flags |= IEEE80211_TXCTL_NO_ACK;
1304 control->flags &= ~IEEE80211_TXCTL_NO_ACK;
1305 tx->fragmented = local->fragmentation_threshold <
1306 IEEE80211_MAX_FRAG_THRESHOLD && tx->u.tx.unicast &&
1307 skb->len + FCS_LEN > local->fragmentation_threshold &&
1308 (!local->ops->set_frag_threshold);
1310 control->flags |= IEEE80211_TXCTL_CLEAR_DST_MASK;
1311 else if (tx->sta->clear_dst_mask) {
1312 control->flags |= IEEE80211_TXCTL_CLEAR_DST_MASK;
1313 tx->sta->clear_dst_mask = 0;
1315 hdrlen = ieee80211_get_hdrlen(tx->fc);
1316 if (skb->len > hdrlen + sizeof(rfc1042_header) + 2) {
1317 u8 *pos = &skb->data[hdrlen + sizeof(rfc1042_header)];
1318 tx->ethertype = (pos[0] << 8) | pos[1];
1320 control->flags |= IEEE80211_TXCTL_FIRST_FRAGMENT;
1325 static int inline is_ieee80211_device(struct net_device *dev,
1326 struct net_device *master)
1328 return (wdev_priv(dev->ieee80211_ptr) ==
1329 wdev_priv(master->ieee80211_ptr));
1332 /* Device in tx->dev has a reference added; use dev_put(tx->dev) when
1333 * finished with it. */
1334 static int inline ieee80211_tx_prepare(struct ieee80211_txrx_data *tx,
1335 struct sk_buff *skb,
1336 struct net_device *mdev,
1337 struct ieee80211_tx_control *control)
1339 struct ieee80211_tx_packet_data *pkt_data;
1340 struct net_device *dev;
1342 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
1343 dev = dev_get_by_index(pkt_data->ifindex);
1344 if (unlikely(dev && !is_ieee80211_device(dev, mdev))) {
1350 __ieee80211_tx_prepare(tx, skb, dev, control);
1354 static inline int __ieee80211_queue_stopped(const struct ieee80211_local *local,
1357 return test_bit(IEEE80211_LINK_STATE_XOFF, &local->state[queue]);
1360 static inline int __ieee80211_queue_pending(const struct ieee80211_local *local,
1363 return test_bit(IEEE80211_LINK_STATE_PENDING, &local->state[queue]);
1366 #define IEEE80211_TX_OK 0
1367 #define IEEE80211_TX_AGAIN 1
1368 #define IEEE80211_TX_FRAG_AGAIN 2
1370 static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb,
1371 struct ieee80211_txrx_data *tx)
1373 struct ieee80211_tx_control *control = tx->u.tx.control;
1376 if (!ieee80211_qdisc_installed(local->mdev) &&
1377 __ieee80211_queue_stopped(local, 0)) {
1378 netif_stop_queue(local->mdev);
1379 return IEEE80211_TX_AGAIN;
1382 ieee80211_dump_frame(local->mdev->name, "TX to low-level driver", skb);
1383 ret = local->ops->tx(local_to_hw(local), skb, control);
1385 return IEEE80211_TX_AGAIN;
1386 local->mdev->trans_start = jiffies;
1387 ieee80211_led_tx(local, 1);
1389 if (tx->u.tx.extra_frag) {
1390 control->flags &= ~(IEEE80211_TXCTL_USE_RTS_CTS |
1391 IEEE80211_TXCTL_USE_CTS_PROTECT |
1392 IEEE80211_TXCTL_CLEAR_DST_MASK |
1393 IEEE80211_TXCTL_FIRST_FRAGMENT);
1394 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
1395 if (!tx->u.tx.extra_frag[i])
1397 if (__ieee80211_queue_stopped(local, control->queue))
1398 return IEEE80211_TX_FRAG_AGAIN;
1399 if (i == tx->u.tx.num_extra_frag) {
1400 control->tx_rate = tx->u.tx.last_frag_hwrate;
1401 control->rate = tx->u.tx.last_frag_rate;
1402 if (tx->u.tx.probe_last_frag)
1404 IEEE80211_TXCTL_RATE_CTRL_PROBE;
1407 ~IEEE80211_TXCTL_RATE_CTRL_PROBE;
1410 ieee80211_dump_frame(local->mdev->name,
1411 "TX to low-level driver",
1412 tx->u.tx.extra_frag[i]);
1413 ret = local->ops->tx(local_to_hw(local),
1414 tx->u.tx.extra_frag[i],
1417 return IEEE80211_TX_FRAG_AGAIN;
1418 local->mdev->trans_start = jiffies;
1419 ieee80211_led_tx(local, 1);
1420 tx->u.tx.extra_frag[i] = NULL;
1422 kfree(tx->u.tx.extra_frag);
1423 tx->u.tx.extra_frag = NULL;
1425 return IEEE80211_TX_OK;
1428 static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1429 struct ieee80211_tx_control *control, int mgmt)
1431 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1432 struct sta_info *sta;
1433 ieee80211_tx_handler *handler;
1434 struct ieee80211_txrx_data tx;
1435 ieee80211_txrx_result res = TXRX_DROP, res_prepare;
1438 WARN_ON(__ieee80211_queue_pending(local, control->queue));
1440 if (unlikely(skb->len < 10)) {
1445 res_prepare = __ieee80211_tx_prepare(&tx, skb, dev, control);
1447 if (res_prepare == TXRX_DROP) {
1453 tx.u.tx.mgmt_interface = mgmt;
1454 tx.u.tx.mode = local->hw.conf.mode;
1456 if (res_prepare == TXRX_QUEUED) { /* if it was an injected packet */
1457 res = TXRX_CONTINUE;
1459 for (handler = local->tx_handlers; *handler != NULL;
1461 res = (*handler)(&tx);
1462 if (res != TXRX_CONTINUE)
1467 skb = tx.skb; /* handlers are allowed to change skb */
1472 if (unlikely(res == TXRX_DROP)) {
1473 I802_DEBUG_INC(local->tx_handlers_drop);
1477 if (unlikely(res == TXRX_QUEUED)) {
1478 I802_DEBUG_INC(local->tx_handlers_queued);
1482 if (tx.u.tx.extra_frag) {
1483 for (i = 0; i < tx.u.tx.num_extra_frag; i++) {
1485 struct ieee80211_hdr *hdr =
1486 (struct ieee80211_hdr *)
1487 tx.u.tx.extra_frag[i]->data;
1489 if (i + 1 < tx.u.tx.num_extra_frag) {
1490 next_len = tx.u.tx.extra_frag[i + 1]->len;
1493 tx.u.tx.rate = tx.u.tx.last_frag_rate;
1494 tx.u.tx.last_frag_hwrate = tx.u.tx.rate->val;
1496 dur = ieee80211_duration(&tx, 0, next_len);
1497 hdr->duration_id = cpu_to_le16(dur);
1502 ret = __ieee80211_tx(local, skb, &tx);
1504 struct ieee80211_tx_stored_packet *store =
1505 &local->pending_packet[control->queue];
1507 if (ret == IEEE80211_TX_FRAG_AGAIN)
1509 set_bit(IEEE80211_LINK_STATE_PENDING,
1510 &local->state[control->queue]);
1512 /* When the driver gets out of buffers during sending of
1513 * fragments and calls ieee80211_stop_queue, there is
1514 * a small window between IEEE80211_LINK_STATE_XOFF and
1515 * IEEE80211_LINK_STATE_PENDING flags are set. If a buffer
1516 * gets available in that window (i.e. driver calls
1517 * ieee80211_wake_queue), we would end up with ieee80211_tx
1518 * called with IEEE80211_LINK_STATE_PENDING. Prevent this by
1519 * continuing transmitting here when that situation is
1520 * possible to have happened. */
1521 if (!__ieee80211_queue_stopped(local, control->queue)) {
1522 clear_bit(IEEE80211_LINK_STATE_PENDING,
1523 &local->state[control->queue]);
1526 memcpy(&store->control, control,
1527 sizeof(struct ieee80211_tx_control));
1529 store->extra_frag = tx.u.tx.extra_frag;
1530 store->num_extra_frag = tx.u.tx.num_extra_frag;
1531 store->last_frag_hwrate = tx.u.tx.last_frag_hwrate;
1532 store->last_frag_rate = tx.u.tx.last_frag_rate;
1533 store->last_frag_rate_ctrl_probe = tx.u.tx.probe_last_frag;
1540 for (i = 0; i < tx.u.tx.num_extra_frag; i++)
1541 if (tx.u.tx.extra_frag[i])
1542 dev_kfree_skb(tx.u.tx.extra_frag[i]);
1543 kfree(tx.u.tx.extra_frag);
1547 static void ieee80211_tx_pending(unsigned long data)
1549 struct ieee80211_local *local = (struct ieee80211_local *)data;
1550 struct net_device *dev = local->mdev;
1551 struct ieee80211_tx_stored_packet *store;
1552 struct ieee80211_txrx_data tx;
1553 int i, ret, reschedule = 0;
1555 netif_tx_lock_bh(dev);
1556 for (i = 0; i < local->hw.queues; i++) {
1557 if (__ieee80211_queue_stopped(local, i))
1559 if (!__ieee80211_queue_pending(local, i)) {
1563 store = &local->pending_packet[i];
1564 tx.u.tx.control = &store->control;
1565 tx.u.tx.extra_frag = store->extra_frag;
1566 tx.u.tx.num_extra_frag = store->num_extra_frag;
1567 tx.u.tx.last_frag_hwrate = store->last_frag_hwrate;
1568 tx.u.tx.last_frag_rate = store->last_frag_rate;
1569 tx.u.tx.probe_last_frag = store->last_frag_rate_ctrl_probe;
1570 ret = __ieee80211_tx(local, store->skb, &tx);
1572 if (ret == IEEE80211_TX_FRAG_AGAIN)
1575 clear_bit(IEEE80211_LINK_STATE_PENDING,
1580 netif_tx_unlock_bh(dev);
1582 if (!ieee80211_qdisc_installed(dev)) {
1583 if (!__ieee80211_queue_stopped(local, 0))
1584 netif_wake_queue(dev);
1586 netif_schedule(dev);
1590 static void ieee80211_clear_tx_pending(struct ieee80211_local *local)
1593 struct ieee80211_tx_stored_packet *store;
1595 for (i = 0; i < local->hw.queues; i++) {
1596 if (!__ieee80211_queue_pending(local, i))
1598 store = &local->pending_packet[i];
1599 kfree_skb(store->skb);
1600 for (j = 0; j < store->num_extra_frag; j++)
1601 kfree_skb(store->extra_frag[j]);
1602 kfree(store->extra_frag);
1603 clear_bit(IEEE80211_LINK_STATE_PENDING, &local->state[i]);
1607 static int ieee80211_master_start_xmit(struct sk_buff *skb,
1608 struct net_device *dev)
1610 struct ieee80211_tx_control control;
1611 struct ieee80211_tx_packet_data *pkt_data;
1612 struct net_device *odev = NULL;
1613 struct ieee80211_sub_if_data *osdata;
1618 * copy control out of the skb so other people can use skb->cb
1620 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
1621 memset(&control, 0, sizeof(struct ieee80211_tx_control));
1623 if (pkt_data->ifindex)
1624 odev = dev_get_by_index(pkt_data->ifindex);
1625 if (unlikely(odev && !is_ieee80211_device(odev, dev))) {
1629 if (unlikely(!odev)) {
1630 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
1631 printk(KERN_DEBUG "%s: Discarded packet with nonexistent "
1632 "originating device\n", dev->name);
1637 osdata = IEEE80211_DEV_TO_SUB_IF(odev);
1639 headroom = osdata->local->hw.extra_tx_headroom +
1640 IEEE80211_ENCRYPT_HEADROOM;
1641 if (skb_headroom(skb) < headroom) {
1642 if (pskb_expand_head(skb, headroom, 0, GFP_ATOMIC)) {
1648 control.ifindex = odev->ifindex;
1649 control.type = osdata->type;
1650 if (pkt_data->req_tx_status)
1651 control.flags |= IEEE80211_TXCTL_REQ_TX_STATUS;
1652 if (pkt_data->do_not_encrypt)
1653 control.flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT;
1654 if (pkt_data->requeue)
1655 control.flags |= IEEE80211_TXCTL_REQUEUE;
1656 control.queue = pkt_data->queue;
1658 ret = ieee80211_tx(odev, skb, &control,
1659 control.type == IEEE80211_IF_TYPE_MGMT);
1667 * ieee80211_subif_start_xmit - netif start_xmit function for Ethernet-type
1668 * subinterfaces (wlan#, WDS, and VLAN interfaces)
1669 * @skb: packet to be sent
1670 * @dev: incoming interface
1672 * Returns: 0 on success (and frees skb in this case) or 1 on failure (skb will
1673 * not be freed, and caller is responsible for either retrying later or freeing
1676 * This function takes in an Ethernet header and encapsulates it with suitable
1677 * IEEE 802.11 header based on which interface the packet is coming in. The
1678 * encapsulated packet will then be passed to master interface, wlan#.11, for
1679 * transmission (through low-level driver).
1681 static int ieee80211_subif_start_xmit(struct sk_buff *skb,
1682 struct net_device *dev)
1684 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1685 struct ieee80211_tx_packet_data *pkt_data;
1686 struct ieee80211_sub_if_data *sdata;
1687 int ret = 1, head_need;
1688 u16 ethertype, hdrlen, fc;
1689 struct ieee80211_hdr hdr;
1690 const u8 *encaps_data;
1691 int encaps_len, skip_header_bytes;
1692 int nh_pos, h_pos, no_encrypt = 0;
1693 struct sta_info *sta;
1695 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1696 if (unlikely(skb->len < ETH_HLEN)) {
1697 printk(KERN_DEBUG "%s: short skb (len=%d)\n",
1698 dev->name, skb->len);
1703 if (unlikely(sdata->type == IEEE80211_IF_TYPE_MNTR)) {
1704 struct ieee80211_radiotap_header *prthdr =
1705 (struct ieee80211_radiotap_header *)skb->data;
1709 * there must be a radiotap header at the
1710 * start in this case
1712 if (unlikely(prthdr->it_version)) {
1713 /* only version 0 is supported */
1718 skb->dev = local->mdev;
1720 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
1721 memset(pkt_data, 0, sizeof(*pkt_data));
1722 pkt_data->ifindex = sdata->dev->ifindex;
1723 pkt_data->mgmt_iface = 0;
1724 pkt_data->do_not_encrypt = 1;
1726 /* above needed because we set skb device to master */
1729 * fix up the pointers accounting for the radiotap
1730 * header still being in there. We are being given
1731 * a precooked IEEE80211 header so no need for
1734 len = le16_to_cpu(get_unaligned(&prthdr->it_len));
1735 skb_set_mac_header(skb, len);
1736 skb_set_network_header(skb, len + sizeof(hdr));
1737 skb_set_transport_header(skb, len + sizeof(hdr));
1740 * pass the radiotap header up to
1741 * the next stage intact
1743 dev_queue_xmit(skb);
1748 nh_pos = skb_network_header(skb) - skb->data;
1749 h_pos = skb_transport_header(skb) - skb->data;
1751 /* convert Ethernet header to proper 802.11 header (based on
1752 * operation mode) */
1753 ethertype = (skb->data[12] << 8) | skb->data[13];
1754 /* TODO: handling for 802.1x authorized/unauthorized port */
1755 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA;
1757 if (likely(sdata->type == IEEE80211_IF_TYPE_AP ||
1758 sdata->type == IEEE80211_IF_TYPE_VLAN)) {
1759 fc |= IEEE80211_FCTL_FROMDS;
1761 memcpy(hdr.addr1, skb->data, ETH_ALEN);
1762 memcpy(hdr.addr2, dev->dev_addr, ETH_ALEN);
1763 memcpy(hdr.addr3, skb->data + ETH_ALEN, ETH_ALEN);
1765 } else if (sdata->type == IEEE80211_IF_TYPE_WDS) {
1766 fc |= IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS;
1768 memcpy(hdr.addr1, sdata->u.wds.remote_addr, ETH_ALEN);
1769 memcpy(hdr.addr2, dev->dev_addr, ETH_ALEN);
1770 memcpy(hdr.addr3, skb->data, ETH_ALEN);
1771 memcpy(hdr.addr4, skb->data + ETH_ALEN, ETH_ALEN);
1773 } else if (sdata->type == IEEE80211_IF_TYPE_STA) {
1774 fc |= IEEE80211_FCTL_TODS;
1776 memcpy(hdr.addr1, sdata->u.sta.bssid, ETH_ALEN);
1777 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN);
1778 memcpy(hdr.addr3, skb->data, ETH_ALEN);
1780 } else if (sdata->type == IEEE80211_IF_TYPE_IBSS) {
1782 memcpy(hdr.addr1, skb->data, ETH_ALEN);
1783 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN);
1784 memcpy(hdr.addr3, sdata->u.sta.bssid, ETH_ALEN);
1791 /* receiver is QoS enabled, use a QoS type frame */
1792 sta = sta_info_get(local, hdr.addr1);
1794 if (sta->flags & WLAN_STA_WME) {
1795 fc |= IEEE80211_STYPE_QOS_DATA;
1801 hdr.frame_control = cpu_to_le16(fc);
1802 hdr.duration_id = 0;
1805 skip_header_bytes = ETH_HLEN;
1806 if (ethertype == ETH_P_AARP || ethertype == ETH_P_IPX) {
1807 encaps_data = bridge_tunnel_header;
1808 encaps_len = sizeof(bridge_tunnel_header);
1809 skip_header_bytes -= 2;
1810 } else if (ethertype >= 0x600) {
1811 encaps_data = rfc1042_header;
1812 encaps_len = sizeof(rfc1042_header);
1813 skip_header_bytes -= 2;
1819 skb_pull(skb, skip_header_bytes);
1820 nh_pos -= skip_header_bytes;
1821 h_pos -= skip_header_bytes;
1823 /* TODO: implement support for fragments so that there is no need to
1824 * reallocate and copy payload; it might be enough to support one
1825 * extra fragment that would be copied in the beginning of the frame
1826 * data.. anyway, it would be nice to include this into skb structure
1829 * There are few options for this:
1830 * use skb->cb as an extra space for 802.11 header
1831 * allocate new buffer if not enough headroom
1832 * make sure that there is enough headroom in every skb by increasing
1833 * build in headroom in __dev_alloc_skb() (linux/skbuff.h) and
1834 * alloc_skb() (net/core/skbuff.c)
1836 head_need = hdrlen + encaps_len + local->hw.extra_tx_headroom;
1837 head_need -= skb_headroom(skb);
1839 /* We are going to modify skb data, so make a copy of it if happens to
1840 * be cloned. This could happen, e.g., with Linux bridge code passing
1841 * us broadcast frames. */
1843 if (head_need > 0 || skb_cloned(skb)) {
1845 printk(KERN_DEBUG "%s: need to reallocate buffer for %d bytes "
1846 "of headroom\n", dev->name, head_need);
1849 if (skb_cloned(skb))
1850 I802_DEBUG_INC(local->tx_expand_skb_head_cloned);
1852 I802_DEBUG_INC(local->tx_expand_skb_head);
1853 /* Since we have to reallocate the buffer, make sure that there
1854 * is enough room for possible WEP IV/ICV and TKIP (8 bytes
1855 * before payload and 12 after). */
1856 if (pskb_expand_head(skb, (head_need > 0 ? head_need + 8 : 8),
1858 printk(KERN_DEBUG "%s: failed to reallocate TX buffer"
1865 memcpy(skb_push(skb, encaps_len), encaps_data, encaps_len);
1866 nh_pos += encaps_len;
1867 h_pos += encaps_len;
1869 memcpy(skb_push(skb, hdrlen), &hdr, hdrlen);
1873 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
1874 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data));
1875 pkt_data->ifindex = sdata->dev->ifindex;
1876 pkt_data->mgmt_iface = (sdata->type == IEEE80211_IF_TYPE_MGMT);
1877 pkt_data->do_not_encrypt = no_encrypt;
1879 skb->dev = local->mdev;
1880 sdata->stats.tx_packets++;
1881 sdata->stats.tx_bytes += skb->len;
1883 /* Update skb pointers to various headers since this modified frame
1884 * is going to go through Linux networking code that may potentially
1885 * need things like pointer to IP header. */
1886 skb_set_mac_header(skb, 0);
1887 skb_set_network_header(skb, nh_pos);
1888 skb_set_transport_header(skb, h_pos);
1890 dev->trans_start = jiffies;
1891 dev_queue_xmit(skb);
1904 * This is the transmit routine for the 802.11 type interfaces
1905 * called by upper layers of the linux networking
1906 * stack when it has a frame to transmit
1909 ieee80211_mgmt_start_xmit(struct sk_buff *skb, struct net_device *dev)
1911 struct ieee80211_sub_if_data *sdata;
1912 struct ieee80211_tx_packet_data *pkt_data;
1913 struct ieee80211_hdr *hdr;
1916 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1918 if (skb->len < 10) {
1923 if (skb_headroom(skb) < sdata->local->hw.extra_tx_headroom) {
1924 if (pskb_expand_head(skb,
1925 sdata->local->hw.extra_tx_headroom, 0, GFP_ATOMIC)) {
1931 hdr = (struct ieee80211_hdr *) skb->data;
1932 fc = le16_to_cpu(hdr->frame_control);
1934 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
1935 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data));
1936 pkt_data->ifindex = sdata->dev->ifindex;
1937 pkt_data->mgmt_iface = (sdata->type == IEEE80211_IF_TYPE_MGMT);
1939 skb->priority = 20; /* use hardcoded priority for mgmt TX queue */
1940 skb->dev = sdata->local->mdev;
1943 * We're using the protocol field of the the frame control header
1944 * to request TX callback for hostapd. BIT(1) is checked.
1946 if ((fc & BIT(1)) == BIT(1)) {
1947 pkt_data->req_tx_status = 1;
1949 hdr->frame_control = cpu_to_le16(fc);
1952 pkt_data->do_not_encrypt = !(fc & IEEE80211_FCTL_PROTECTED);
1954 sdata->stats.tx_packets++;
1955 sdata->stats.tx_bytes += skb->len;
1957 dev_queue_xmit(skb);
1963 static void ieee80211_beacon_add_tim(struct ieee80211_local *local,
1964 struct ieee80211_if_ap *bss,
1965 struct sk_buff *skb)
1969 int i, have_bits = 0, n1, n2;
1971 /* Generate bitmap for TIM only if there are any STAs in power save
1973 spin_lock_bh(&local->sta_lock);
1974 if (atomic_read(&bss->num_sta_ps) > 0)
1975 /* in the hope that this is faster than
1976 * checking byte-for-byte */
1977 have_bits = !bitmap_empty((unsigned long*)bss->tim,
1978 IEEE80211_MAX_AID+1);
1980 if (bss->dtim_count == 0)
1981 bss->dtim_count = bss->dtim_period - 1;
1985 tim = pos = (u8 *) skb_put(skb, 6);
1986 *pos++ = WLAN_EID_TIM;
1988 *pos++ = bss->dtim_count;
1989 *pos++ = bss->dtim_period;
1991 if (bss->dtim_count == 0 && !skb_queue_empty(&bss->ps_bc_buf))
1995 /* Find largest even number N1 so that bits numbered 1 through
1996 * (N1 x 8) - 1 in the bitmap are 0 and number N2 so that bits
1997 * (N2 + 1) x 8 through 2007 are 0. */
1999 for (i = 0; i < IEEE80211_MAX_TIM_LEN; i++) {
2006 for (i = IEEE80211_MAX_TIM_LEN - 1; i >= n1; i--) {
2013 /* Bitmap control */
2015 /* Part Virt Bitmap */
2016 memcpy(pos, bss->tim + n1, n2 - n1 + 1);
2018 tim[1] = n2 - n1 + 4;
2019 skb_put(skb, n2 - n1);
2021 *pos++ = aid0; /* Bitmap control */
2022 *pos++ = 0; /* Part Virt Bitmap */
2024 spin_unlock_bh(&local->sta_lock);
2028 struct sk_buff * ieee80211_beacon_get(struct ieee80211_hw *hw, int if_id,
2029 struct ieee80211_tx_control *control)
2031 struct ieee80211_local *local = hw_to_local(hw);
2032 struct sk_buff *skb;
2033 struct net_device *bdev;
2034 struct ieee80211_sub_if_data *sdata = NULL;
2035 struct ieee80211_if_ap *ap = NULL;
2036 struct ieee80211_rate *rate;
2037 struct rate_control_extra extra;
2038 u8 *b_head, *b_tail;
2041 bdev = dev_get_by_index(if_id);
2043 sdata = IEEE80211_DEV_TO_SUB_IF(bdev);
2048 if (!ap || sdata->type != IEEE80211_IF_TYPE_AP ||
2050 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2051 if (net_ratelimit())
2052 printk(KERN_DEBUG "no beacon data avail for idx=%d "
2053 "(%s)\n", if_id, bdev ? bdev->name : "N/A");
2054 #endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
2058 /* Assume we are generating the normal beacon locally */
2059 b_head = ap->beacon_head;
2060 b_tail = ap->beacon_tail;
2061 bh_len = ap->beacon_head_len;
2062 bt_len = ap->beacon_tail_len;
2064 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
2065 bh_len + bt_len + 256 /* maximum TIM len */);
2069 skb_reserve(skb, local->hw.extra_tx_headroom);
2070 memcpy(skb_put(skb, bh_len), b_head, bh_len);
2072 ieee80211_include_sequence(sdata, (struct ieee80211_hdr *)skb->data);
2074 ieee80211_beacon_add_tim(local, ap, skb);
2077 memcpy(skb_put(skb, bt_len), b_tail, bt_len);
2081 memset(&extra, 0, sizeof(extra));
2082 extra.mode = local->oper_hw_mode;
2084 rate = rate_control_get_rate(local, local->mdev, skb, &extra);
2086 if (net_ratelimit()) {
2087 printk(KERN_DEBUG "%s: ieee80211_beacon_get: no rate "
2088 "found\n", local->mdev->name);
2094 control->tx_rate = (local->short_preamble &&
2095 (rate->flags & IEEE80211_RATE_PREAMBLE2)) ?
2096 rate->val2 : rate->val;
2097 control->antenna_sel_tx = local->hw.conf.antenna_sel_tx;
2098 control->power_level = local->hw.conf.power_level;
2099 control->flags |= IEEE80211_TXCTL_NO_ACK;
2100 control->retry_limit = 1;
2101 control->flags |= IEEE80211_TXCTL_CLEAR_DST_MASK;
2107 EXPORT_SYMBOL(ieee80211_beacon_get);
2109 __le16 ieee80211_rts_duration(struct ieee80211_hw *hw,
2111 const struct ieee80211_tx_control *frame_txctl)
2113 struct ieee80211_local *local = hw_to_local(hw);
2114 struct ieee80211_rate *rate;
2115 int short_preamble = local->short_preamble;
2119 rate = frame_txctl->rts_rate;
2120 erp = !!(rate->flags & IEEE80211_RATE_ERP);
2123 dur = ieee80211_frame_duration(local, 10, rate->rate,
2124 erp, short_preamble);
2125 /* Data frame duration */
2126 dur += ieee80211_frame_duration(local, frame_len, rate->rate,
2127 erp, short_preamble);
2129 dur += ieee80211_frame_duration(local, 10, rate->rate,
2130 erp, short_preamble);
2132 return cpu_to_le16(dur);
2134 EXPORT_SYMBOL(ieee80211_rts_duration);
2137 __le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw,
2139 const struct ieee80211_tx_control *frame_txctl)
2141 struct ieee80211_local *local = hw_to_local(hw);
2142 struct ieee80211_rate *rate;
2143 int short_preamble = local->short_preamble;
2147 rate = frame_txctl->rts_rate;
2148 erp = !!(rate->flags & IEEE80211_RATE_ERP);
2150 /* Data frame duration */
2151 dur = ieee80211_frame_duration(local, frame_len, rate->rate,
2152 erp, short_preamble);
2153 if (!(frame_txctl->flags & IEEE80211_TXCTL_NO_ACK)) {
2155 dur += ieee80211_frame_duration(local, 10, rate->rate,
2156 erp, short_preamble);
2159 return cpu_to_le16(dur);
2161 EXPORT_SYMBOL(ieee80211_ctstoself_duration);
2163 void ieee80211_rts_get(struct ieee80211_hw *hw,
2164 const void *frame, size_t frame_len,
2165 const struct ieee80211_tx_control *frame_txctl,
2166 struct ieee80211_rts *rts)
2168 const struct ieee80211_hdr *hdr = frame;
2171 fctl = IEEE80211_FTYPE_CTL | IEEE80211_STYPE_RTS;
2172 rts->frame_control = cpu_to_le16(fctl);
2173 rts->duration = ieee80211_rts_duration(hw, frame_len, frame_txctl);
2174 memcpy(rts->ra, hdr->addr1, sizeof(rts->ra));
2175 memcpy(rts->ta, hdr->addr2, sizeof(rts->ta));
2177 EXPORT_SYMBOL(ieee80211_rts_get);
2179 void ieee80211_ctstoself_get(struct ieee80211_hw *hw,
2180 const void *frame, size_t frame_len,
2181 const struct ieee80211_tx_control *frame_txctl,
2182 struct ieee80211_cts *cts)
2184 const struct ieee80211_hdr *hdr = frame;
2187 fctl = IEEE80211_FTYPE_CTL | IEEE80211_STYPE_CTS;
2188 cts->frame_control = cpu_to_le16(fctl);
2189 cts->duration = ieee80211_ctstoself_duration(hw, frame_len, frame_txctl);
2190 memcpy(cts->ra, hdr->addr1, sizeof(cts->ra));
2192 EXPORT_SYMBOL(ieee80211_ctstoself_get);
2195 ieee80211_get_buffered_bc(struct ieee80211_hw *hw, int if_id,
2196 struct ieee80211_tx_control *control)
2198 struct ieee80211_local *local = hw_to_local(hw);
2199 struct sk_buff *skb;
2200 struct sta_info *sta;
2201 ieee80211_tx_handler *handler;
2202 struct ieee80211_txrx_data tx;
2203 ieee80211_txrx_result res = TXRX_DROP;
2204 struct net_device *bdev;
2205 struct ieee80211_sub_if_data *sdata;
2206 struct ieee80211_if_ap *bss = NULL;
2208 bdev = dev_get_by_index(if_id);
2210 sdata = IEEE80211_DEV_TO_SUB_IF(bdev);
2214 if (!bss || sdata->type != IEEE80211_IF_TYPE_AP || !bss->beacon_head)
2217 if (bss->dtim_count != 0)
2218 return NULL; /* send buffered bc/mc only after DTIM beacon */
2219 memset(control, 0, sizeof(*control));
2221 skb = skb_dequeue(&bss->ps_bc_buf);
2224 local->total_ps_buffered--;
2226 if (!skb_queue_empty(&bss->ps_bc_buf) && skb->len >= 2) {
2227 struct ieee80211_hdr *hdr =
2228 (struct ieee80211_hdr *) skb->data;
2229 /* more buffered multicast/broadcast frames ==> set
2230 * MoreData flag in IEEE 802.11 header to inform PS
2232 hdr->frame_control |=
2233 cpu_to_le16(IEEE80211_FCTL_MOREDATA);
2236 if (ieee80211_tx_prepare(&tx, skb, local->mdev, control) == 0)
2238 dev_kfree_skb_any(skb);
2241 tx.u.tx.ps_buffered = 1;
2243 for (handler = local->tx_handlers; *handler != NULL; handler++) {
2244 res = (*handler)(&tx);
2245 if (res == TXRX_DROP || res == TXRX_QUEUED)
2249 skb = tx.skb; /* handlers are allowed to change skb */
2251 if (res == TXRX_DROP) {
2252 I802_DEBUG_INC(local->tx_handlers_drop);
2255 } else if (res == TXRX_QUEUED) {
2256 I802_DEBUG_INC(local->tx_handlers_queued);
2265 EXPORT_SYMBOL(ieee80211_get_buffered_bc);
2267 static int __ieee80211_if_config(struct net_device *dev,
2268 struct sk_buff *beacon,
2269 struct ieee80211_tx_control *control)
2271 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2272 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2273 struct ieee80211_if_conf conf;
2274 static u8 scan_bssid[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
2276 if (!local->ops->config_interface || !netif_running(dev))
2279 memset(&conf, 0, sizeof(conf));
2280 conf.type = sdata->type;
2281 if (sdata->type == IEEE80211_IF_TYPE_STA ||
2282 sdata->type == IEEE80211_IF_TYPE_IBSS) {
2283 if (local->sta_scanning &&
2284 local->scan_dev == dev)
2285 conf.bssid = scan_bssid;
2287 conf.bssid = sdata->u.sta.bssid;
2288 conf.ssid = sdata->u.sta.ssid;
2289 conf.ssid_len = sdata->u.sta.ssid_len;
2290 conf.generic_elem = sdata->u.sta.extra_ie;
2291 conf.generic_elem_len = sdata->u.sta.extra_ie_len;
2292 } else if (sdata->type == IEEE80211_IF_TYPE_AP) {
2293 conf.ssid = sdata->u.ap.ssid;
2294 conf.ssid_len = sdata->u.ap.ssid_len;
2295 conf.generic_elem = sdata->u.ap.generic_elem;
2296 conf.generic_elem_len = sdata->u.ap.generic_elem_len;
2297 conf.beacon = beacon;
2298 conf.beacon_control = control;
2300 return local->ops->config_interface(local_to_hw(local),
2301 dev->ifindex, &conf);
2304 int ieee80211_if_config(struct net_device *dev)
2306 return __ieee80211_if_config(dev, NULL, NULL);
2309 int ieee80211_if_config_beacon(struct net_device *dev)
2311 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2312 struct ieee80211_tx_control control;
2313 struct sk_buff *skb;
2315 if (!(local->hw.flags & IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE))
2317 skb = ieee80211_beacon_get(local_to_hw(local), dev->ifindex, &control);
2320 return __ieee80211_if_config(dev, skb, &control);
2323 int ieee80211_hw_config(struct ieee80211_local *local)
2325 struct ieee80211_hw_mode *mode;
2326 struct ieee80211_channel *chan;
2329 if (local->sta_scanning) {
2330 chan = local->scan_channel;
2331 mode = local->scan_hw_mode;
2333 chan = local->oper_channel;
2334 mode = local->oper_hw_mode;
2337 local->hw.conf.channel = chan->chan;
2338 local->hw.conf.channel_val = chan->val;
2339 local->hw.conf.power_level = chan->power_level;
2340 local->hw.conf.freq = chan->freq;
2341 local->hw.conf.phymode = mode->mode;
2342 local->hw.conf.antenna_max = chan->antenna_max;
2343 local->hw.conf.chan = chan;
2344 local->hw.conf.mode = mode;
2346 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2347 printk(KERN_DEBUG "HW CONFIG: channel=%d freq=%d "
2348 "phymode=%d\n", local->hw.conf.channel, local->hw.conf.freq,
2349 local->hw.conf.phymode);
2350 #endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
2352 if (local->ops->config)
2353 ret = local->ops->config(local_to_hw(local), &local->hw.conf);
2359 static int ieee80211_change_mtu(struct net_device *dev, int new_mtu)
2361 /* FIX: what would be proper limits for MTU?
2362 * This interface uses 802.3 frames. */
2363 if (new_mtu < 256 || new_mtu > IEEE80211_MAX_DATA_LEN - 24 - 6) {
2364 printk(KERN_WARNING "%s: invalid MTU %d\n",
2365 dev->name, new_mtu);
2369 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2370 printk(KERN_DEBUG "%s: setting MTU %d\n", dev->name, new_mtu);
2371 #endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
2377 static int ieee80211_change_mtu_apdev(struct net_device *dev, int new_mtu)
2379 /* FIX: what would be proper limits for MTU?
2380 * This interface uses 802.11 frames. */
2381 if (new_mtu < 256 || new_mtu > IEEE80211_MAX_DATA_LEN) {
2382 printk(KERN_WARNING "%s: invalid MTU %d\n",
2383 dev->name, new_mtu);
2387 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2388 printk(KERN_DEBUG "%s: setting MTU %d\n", dev->name, new_mtu);
2389 #endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
2394 enum netif_tx_lock_class {
2399 static inline void netif_tx_lock_nested(struct net_device *dev, int subclass)
2401 spin_lock_nested(&dev->_xmit_lock, subclass);
2402 dev->xmit_lock_owner = smp_processor_id();
2405 static void ieee80211_set_multicast_list(struct net_device *dev)
2407 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2408 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2409 unsigned short flags;
2411 netif_tx_lock_nested(local->mdev, TX_LOCK_MASTER);
2412 if (((dev->flags & IFF_ALLMULTI) != 0) ^ (sdata->allmulti != 0)) {
2413 if (sdata->allmulti) {
2414 sdata->allmulti = 0;
2415 local->iff_allmultis--;
2417 sdata->allmulti = 1;
2418 local->iff_allmultis++;
2421 if (((dev->flags & IFF_PROMISC) != 0) ^ (sdata->promisc != 0)) {
2422 if (sdata->promisc) {
2424 local->iff_promiscs--;
2427 local->iff_promiscs++;
2430 if (dev->mc_count != sdata->mc_count) {
2431 local->mc_count = local->mc_count - sdata->mc_count +
2433 sdata->mc_count = dev->mc_count;
2435 if (local->ops->set_multicast_list) {
2436 flags = local->mdev->flags;
2437 if (local->iff_allmultis)
2438 flags |= IFF_ALLMULTI;
2439 if (local->iff_promiscs)
2440 flags |= IFF_PROMISC;
2441 read_lock(&local->sub_if_lock);
2442 local->ops->set_multicast_list(local_to_hw(local), flags,
2444 read_unlock(&local->sub_if_lock);
2446 netif_tx_unlock(local->mdev);
2449 struct dev_mc_list *ieee80211_get_mc_list_item(struct ieee80211_hw *hw,
2450 struct dev_mc_list *prev,
2453 struct ieee80211_local *local = hw_to_local(hw);
2454 struct ieee80211_sub_if_data *sdata = *ptr;
2455 struct dev_mc_list *mc;
2461 if (!prev || !prev->next) {
2463 sdata = list_entry(sdata->list.next,
2464 struct ieee80211_sub_if_data, list);
2466 sdata = list_entry(local->sub_if_list.next,
2467 struct ieee80211_sub_if_data, list);
2468 if (&sdata->list != &local->sub_if_list)
2469 mc = sdata->dev->mc_list;
2478 EXPORT_SYMBOL(ieee80211_get_mc_list_item);
2480 static struct net_device_stats *ieee80211_get_stats(struct net_device *dev)
2482 struct ieee80211_sub_if_data *sdata;
2483 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2484 return &(sdata->stats);
2487 static void ieee80211_if_shutdown(struct net_device *dev)
2489 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2490 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2493 switch (sdata->type) {
2494 case IEEE80211_IF_TYPE_STA:
2495 case IEEE80211_IF_TYPE_IBSS:
2496 sdata->u.sta.state = IEEE80211_DISABLED;
2497 del_timer_sync(&sdata->u.sta.timer);
2498 skb_queue_purge(&sdata->u.sta.skb_queue);
2499 if (!local->ops->hw_scan &&
2500 local->scan_dev == sdata->dev) {
2501 local->sta_scanning = 0;
2502 cancel_delayed_work(&local->scan_work);
2504 flush_workqueue(local->hw.workqueue);
2509 static inline int identical_mac_addr_allowed(int type1, int type2)
2511 return (type1 == IEEE80211_IF_TYPE_MNTR ||
2512 type2 == IEEE80211_IF_TYPE_MNTR ||
2513 (type1 == IEEE80211_IF_TYPE_AP &&
2514 type2 == IEEE80211_IF_TYPE_WDS) ||
2515 (type1 == IEEE80211_IF_TYPE_WDS &&
2516 (type2 == IEEE80211_IF_TYPE_WDS ||
2517 type2 == IEEE80211_IF_TYPE_AP)) ||
2518 (type1 == IEEE80211_IF_TYPE_AP &&
2519 type2 == IEEE80211_IF_TYPE_VLAN) ||
2520 (type1 == IEEE80211_IF_TYPE_VLAN &&
2521 (type2 == IEEE80211_IF_TYPE_AP ||
2522 type2 == IEEE80211_IF_TYPE_VLAN)));
2525 static int ieee80211_master_open(struct net_device *dev)
2527 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2528 struct ieee80211_sub_if_data *sdata;
2529 int res = -EOPNOTSUPP;
2531 read_lock(&local->sub_if_lock);
2532 list_for_each_entry(sdata, &local->sub_if_list, list) {
2533 if (sdata->dev != dev && netif_running(sdata->dev)) {
2538 read_unlock(&local->sub_if_lock);
2542 static int ieee80211_master_stop(struct net_device *dev)
2544 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2545 struct ieee80211_sub_if_data *sdata;
2547 read_lock(&local->sub_if_lock);
2548 list_for_each_entry(sdata, &local->sub_if_list, list)
2549 if (sdata->dev != dev && netif_running(sdata->dev))
2550 dev_close(sdata->dev);
2551 read_unlock(&local->sub_if_lock);
2556 static int ieee80211_mgmt_open(struct net_device *dev)
2558 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2560 if (!netif_running(local->mdev))
2565 static int ieee80211_mgmt_stop(struct net_device *dev)
2570 /* Check if running monitor interfaces should go to a "soft monitor" mode
2571 * and switch them if necessary. */
2572 static inline void ieee80211_start_soft_monitor(struct ieee80211_local *local)
2574 struct ieee80211_if_init_conf conf;
2576 if (local->open_count && local->open_count == local->monitors &&
2577 !(local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER) &&
2578 local->ops->remove_interface) {
2580 conf.type = IEEE80211_IF_TYPE_MNTR;
2581 conf.mac_addr = NULL;
2582 local->ops->remove_interface(local_to_hw(local), &conf);
2586 /* Check if running monitor interfaces should go to a "hard monitor" mode
2587 * and switch them if necessary. */
2588 static void ieee80211_start_hard_monitor(struct ieee80211_local *local)
2590 struct ieee80211_if_init_conf conf;
2592 if (local->open_count && local->open_count == local->monitors &&
2593 !(local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER) &&
2594 local->ops->add_interface) {
2596 conf.type = IEEE80211_IF_TYPE_MNTR;
2597 conf.mac_addr = NULL;
2598 local->ops->add_interface(local_to_hw(local), &conf);
2602 static int ieee80211_open(struct net_device *dev)
2604 struct ieee80211_sub_if_data *sdata, *nsdata;
2605 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2606 struct ieee80211_if_init_conf conf;
2609 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2610 read_lock(&local->sub_if_lock);
2611 list_for_each_entry(nsdata, &local->sub_if_list, list) {
2612 struct net_device *ndev = nsdata->dev;
2614 if (ndev != dev && ndev != local->mdev && netif_running(ndev) &&
2615 compare_ether_addr(dev->dev_addr, ndev->dev_addr) == 0 &&
2616 !identical_mac_addr_allowed(sdata->type, nsdata->type)) {
2617 read_unlock(&local->sub_if_lock);
2621 read_unlock(&local->sub_if_lock);
2623 if (sdata->type == IEEE80211_IF_TYPE_WDS &&
2624 is_zero_ether_addr(sdata->u.wds.remote_addr))
2627 if (sdata->type == IEEE80211_IF_TYPE_MNTR && local->open_count &&
2628 !(local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER)) {
2629 /* run the interface in a "soft monitor" mode */
2631 local->open_count++;
2632 local->hw.conf.flags |= IEEE80211_CONF_RADIOTAP;
2635 ieee80211_start_soft_monitor(local);
2637 if (local->ops->add_interface) {
2638 conf.if_id = dev->ifindex;
2639 conf.type = sdata->type;
2640 conf.mac_addr = dev->dev_addr;
2641 res = local->ops->add_interface(local_to_hw(local), &conf);
2643 if (sdata->type == IEEE80211_IF_TYPE_MNTR)
2644 ieee80211_start_hard_monitor(local);
2648 if (sdata->type != IEEE80211_IF_TYPE_STA)
2650 if (local->open_count > 0)
2654 if (local->open_count == 0) {
2656 tasklet_enable(&local->tx_pending_tasklet);
2657 tasklet_enable(&local->tasklet);
2658 if (local->ops->open)
2659 res = local->ops->open(local_to_hw(local));
2661 res = dev_open(local->mdev);
2663 if (local->ops->stop)
2664 local->ops->stop(local_to_hw(local));
2666 res = ieee80211_hw_config(local);
2667 if (res && local->ops->stop)
2668 local->ops->stop(local_to_hw(local));
2669 else if (!res && local->apdev)
2670 dev_open(local->apdev);
2674 if (local->ops->remove_interface)
2675 local->ops->remove_interface(local_to_hw(local),
2680 local->open_count++;
2682 if (sdata->type == IEEE80211_IF_TYPE_MNTR) {
2684 local->hw.conf.flags |= IEEE80211_CONF_RADIOTAP;
2686 ieee80211_if_config(dev);
2688 if (sdata->type == IEEE80211_IF_TYPE_STA &&
2689 !local->user_space_mlme)
2690 netif_carrier_off(dev);
2692 netif_carrier_on(dev);
2694 netif_start_queue(dev);
2699 static int ieee80211_stop(struct net_device *dev)
2701 struct ieee80211_sub_if_data *sdata;
2702 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2704 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2706 if (sdata->type == IEEE80211_IF_TYPE_MNTR &&
2707 local->open_count > 1 &&
2708 !(local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER)) {
2709 /* remove "soft monitor" interface */
2710 local->open_count--;
2712 if (!local->monitors)
2713 local->hw.conf.flags &= ~IEEE80211_CONF_RADIOTAP;
2717 netif_stop_queue(dev);
2718 ieee80211_if_shutdown(dev);
2720 if (sdata->type == IEEE80211_IF_TYPE_MNTR) {
2722 if (!local->monitors)
2723 local->hw.conf.flags &= ~IEEE80211_CONF_RADIOTAP;
2726 local->open_count--;
2727 if (local->open_count == 0) {
2728 if (netif_running(local->mdev))
2729 dev_close(local->mdev);
2731 dev_close(local->apdev);
2732 if (local->ops->stop)
2733 local->ops->stop(local_to_hw(local));
2734 tasklet_disable(&local->tx_pending_tasklet);
2735 tasklet_disable(&local->tasklet);
2737 if (local->ops->remove_interface) {
2738 struct ieee80211_if_init_conf conf;
2740 conf.if_id = dev->ifindex;
2741 conf.type = sdata->type;
2742 conf.mac_addr = dev->dev_addr;
2743 local->ops->remove_interface(local_to_hw(local), &conf);
2746 ieee80211_start_hard_monitor(local);
2752 static int header_parse_80211(struct sk_buff *skb, unsigned char *haddr)
2754 memcpy(haddr, skb_mac_header(skb) + 10, ETH_ALEN); /* addr2 */
2758 static inline int ieee80211_bssid_match(const u8 *raddr, const u8 *addr)
2760 return compare_ether_addr(raddr, addr) == 0 ||
2761 is_broadcast_ether_addr(raddr);
2765 static ieee80211_txrx_result
2766 ieee80211_rx_h_data(struct ieee80211_txrx_data *rx)
2768 struct net_device *dev = rx->dev;
2769 struct ieee80211_local *local = rx->local;
2770 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
2771 u16 fc, hdrlen, ethertype;
2775 struct sk_buff *skb = rx->skb, *skb2;
2776 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2779 if (unlikely((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA))
2780 return TXRX_CONTINUE;
2782 if (unlikely(!WLAN_FC_DATA_PRESENT(fc)))
2785 hdrlen = ieee80211_get_hdrlen(fc);
2787 /* convert IEEE 802.11 header + possible LLC headers into Ethernet
2789 * IEEE 802.11 address fields:
2790 * ToDS FromDS Addr1 Addr2 Addr3 Addr4
2791 * 0 0 DA SA BSSID n/a
2792 * 0 1 DA BSSID SA n/a
2793 * 1 0 BSSID SA DA n/a
2797 switch (fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) {
2798 case IEEE80211_FCTL_TODS:
2800 memcpy(dst, hdr->addr3, ETH_ALEN);
2801 memcpy(src, hdr->addr2, ETH_ALEN);
2803 if (unlikely(sdata->type != IEEE80211_IF_TYPE_AP &&
2804 sdata->type != IEEE80211_IF_TYPE_VLAN)) {
2805 printk(KERN_DEBUG "%s: dropped ToDS frame (BSSID="
2806 MAC_FMT " SA=" MAC_FMT " DA=" MAC_FMT ")\n",
2807 dev->name, MAC_ARG(hdr->addr1),
2808 MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr3));
2812 case (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS):
2814 memcpy(dst, hdr->addr3, ETH_ALEN);
2815 memcpy(src, hdr->addr4, ETH_ALEN);
2817 if (unlikely(sdata->type != IEEE80211_IF_TYPE_WDS)) {
2818 printk(KERN_DEBUG "%s: dropped FromDS&ToDS frame (RA="
2819 MAC_FMT " TA=" MAC_FMT " DA=" MAC_FMT " SA="
2821 rx->dev->name, MAC_ARG(hdr->addr1),
2822 MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr3),
2823 MAC_ARG(hdr->addr4));
2827 case IEEE80211_FCTL_FROMDS:
2829 memcpy(dst, hdr->addr1, ETH_ALEN);
2830 memcpy(src, hdr->addr3, ETH_ALEN);
2832 if (sdata->type != IEEE80211_IF_TYPE_STA) {
2838 memcpy(dst, hdr->addr1, ETH_ALEN);
2839 memcpy(src, hdr->addr2, ETH_ALEN);
2841 if (sdata->type != IEEE80211_IF_TYPE_IBSS) {
2842 if (net_ratelimit()) {
2843 printk(KERN_DEBUG "%s: dropped IBSS frame (DA="
2844 MAC_FMT " SA=" MAC_FMT " BSSID=" MAC_FMT
2846 dev->name, MAC_ARG(hdr->addr1),
2847 MAC_ARG(hdr->addr2),
2848 MAC_ARG(hdr->addr3));
2855 payload = skb->data + hdrlen;
2857 if (unlikely(skb->len - hdrlen < 8)) {
2858 if (net_ratelimit()) {
2859 printk(KERN_DEBUG "%s: RX too short data frame "
2860 "payload\n", dev->name);
2865 ethertype = (payload[6] << 8) | payload[7];
2867 if (likely((compare_ether_addr(payload, rfc1042_header) == 0 &&
2868 ethertype != ETH_P_AARP && ethertype != ETH_P_IPX) ||
2869 compare_ether_addr(payload, bridge_tunnel_header) == 0)) {
2870 /* remove RFC1042 or Bridge-Tunnel encapsulation and
2871 * replace EtherType */
2872 skb_pull(skb, hdrlen + 6);
2873 memcpy(skb_push(skb, ETH_ALEN), src, ETH_ALEN);
2874 memcpy(skb_push(skb, ETH_ALEN), dst, ETH_ALEN);
2876 struct ethhdr *ehdr;
2878 skb_pull(skb, hdrlen);
2879 len = htons(skb->len);
2880 ehdr = (struct ethhdr *) skb_push(skb, sizeof(struct ethhdr));
2881 memcpy(ehdr->h_dest, dst, ETH_ALEN);
2882 memcpy(ehdr->h_source, src, ETH_ALEN);
2883 ehdr->h_proto = len;
2889 sdata->stats.rx_packets++;
2890 sdata->stats.rx_bytes += skb->len;
2892 if (local->bridge_packets && (sdata->type == IEEE80211_IF_TYPE_AP
2893 || sdata->type == IEEE80211_IF_TYPE_VLAN) && rx->u.rx.ra_match) {
2894 if (is_multicast_ether_addr(skb->data)) {
2895 /* send multicast frames both to higher layers in
2896 * local net stack and back to the wireless media */
2897 skb2 = skb_copy(skb, GFP_ATOMIC);
2899 printk(KERN_DEBUG "%s: failed to clone "
2900 "multicast frame\n", dev->name);
2902 struct sta_info *dsta;
2903 dsta = sta_info_get(local, skb->data);
2904 if (dsta && !dsta->dev) {
2905 printk(KERN_DEBUG "Station with null dev "
2907 } else if (dsta && dsta->dev == dev) {
2908 /* Destination station is associated to this
2909 * AP, so send the frame directly to it and
2910 * do not pass the frame to local net stack.
2921 /* deliver to local stack */
2922 skb->protocol = eth_type_trans(skb, dev);
2923 memset(skb->cb, 0, sizeof(skb->cb));
2928 /* send to wireless media */
2929 skb2->protocol = __constant_htons(ETH_P_802_3);
2930 skb_set_network_header(skb2, 0);
2931 skb_set_mac_header(skb2, 0);
2932 dev_queue_xmit(skb2);
2939 static struct ieee80211_rate *
2940 ieee80211_get_rate(struct ieee80211_local *local, int phymode, int hw_rate)
2942 struct ieee80211_hw_mode *mode;
2945 list_for_each_entry(mode, &local->modes_list, list) {
2946 if (mode->mode != phymode)
2948 for (r = 0; r < mode->num_rates; r++) {
2949 struct ieee80211_rate *rate = &mode->rates[r];
2950 if (rate->val == hw_rate ||
2951 (rate->flags & IEEE80211_RATE_PREAMBLE2 &&
2952 rate->val2 == hw_rate))
2961 ieee80211_fill_frame_info(struct ieee80211_local *local,
2962 struct ieee80211_frame_info *fi,
2963 struct ieee80211_rx_status *status)
2967 struct ieee80211_rate *rate;
2969 jiffies_to_timespec(jiffies, &ts);
2970 fi->hosttime = cpu_to_be64((u64) ts.tv_sec * 1000000 +
2972 fi->mactime = cpu_to_be64(status->mactime);
2973 switch (status->phymode) {
2974 case MODE_IEEE80211A:
2975 fi->phytype = htonl(ieee80211_phytype_ofdm_dot11_a);
2977 case MODE_IEEE80211B:
2978 fi->phytype = htonl(ieee80211_phytype_dsss_dot11_b);
2980 case MODE_IEEE80211G:
2981 fi->phytype = htonl(ieee80211_phytype_pbcc_dot11_g);
2983 case MODE_ATHEROS_TURBO:
2985 htonl(ieee80211_phytype_dsss_dot11_turbo);
2988 fi->phytype = htonl(0xAAAAAAAA);
2991 fi->channel = htonl(status->channel);
2992 rate = ieee80211_get_rate(local, status->phymode,
2995 fi->datarate = htonl(rate->rate);
2996 if (rate->flags & IEEE80211_RATE_PREAMBLE2) {
2997 if (status->rate == rate->val)
2998 fi->preamble = htonl(2); /* long */
2999 else if (status->rate == rate->val2)
3000 fi->preamble = htonl(1); /* short */
3002 fi->preamble = htonl(0);
3004 fi->datarate = htonl(0);
3005 fi->preamble = htonl(0);
3008 fi->antenna = htonl(status->antenna);
3009 fi->priority = htonl(0xffffffff); /* no clue */
3010 fi->ssi_type = htonl(ieee80211_ssi_raw);
3011 fi->ssi_signal = htonl(status->ssi);
3012 fi->ssi_noise = 0x00000000;
3015 /* clear everything because we really don't know.
3016 * the msg_type field isn't present on monitor frames
3017 * so we don't know whether it will be present or not,
3018 * but it's ok to not clear it since it'll be assigned
3020 memset(fi, 0, sizeof(*fi) - sizeof(fi->msg_type));
3022 fi->ssi_type = htonl(ieee80211_ssi_none);
3024 fi->version = htonl(IEEE80211_FI_VERSION);
3025 fi->length = cpu_to_be32(sizeof(*fi) - sizeof(fi->msg_type));
3028 /* this routine is actually not just for this, but also
3029 * for pushing fake 'management' frames into userspace.
3030 * it shall be replaced by a netlink-based system. */
3032 ieee80211_rx_mgmt(struct ieee80211_local *local, struct sk_buff *skb,
3033 struct ieee80211_rx_status *status, u32 msg_type)
3035 struct ieee80211_frame_info *fi;
3036 const size_t hlen = sizeof(struct ieee80211_frame_info);
3037 struct ieee80211_sub_if_data *sdata;
3039 skb->dev = local->apdev;
3041 sdata = IEEE80211_DEV_TO_SUB_IF(local->apdev);
3043 if (skb_headroom(skb) < hlen) {
3044 I802_DEBUG_INC(local->rx_expand_skb_head);
3045 if (pskb_expand_head(skb, hlen, 0, GFP_ATOMIC)) {
3051 fi = (struct ieee80211_frame_info *) skb_push(skb, hlen);
3053 ieee80211_fill_frame_info(local, fi, status);
3054 fi->msg_type = htonl(msg_type);
3056 sdata->stats.rx_packets++;
3057 sdata->stats.rx_bytes += skb->len;
3059 skb_set_mac_header(skb, 0);
3060 skb->ip_summed = CHECKSUM_UNNECESSARY;
3061 skb->pkt_type = PACKET_OTHERHOST;
3062 skb->protocol = htons(ETH_P_802_2);
3063 memset(skb->cb, 0, sizeof(skb->cb));
3068 ieee80211_rx_monitor(struct net_device *dev, struct sk_buff *skb,
3069 struct ieee80211_rx_status *status)
3071 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3072 struct ieee80211_sub_if_data *sdata;
3073 struct ieee80211_rate *rate;
3074 struct ieee80211_rtap_hdr {
3075 struct ieee80211_radiotap_header hdr;
3081 } __attribute__ ((packed)) *rthdr;
3085 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3087 if (status->flag & RX_FLAG_RADIOTAP)
3090 if (skb_headroom(skb) < sizeof(*rthdr)) {
3091 I802_DEBUG_INC(local->rx_expand_skb_head);
3092 if (pskb_expand_head(skb, sizeof(*rthdr), 0, GFP_ATOMIC)) {
3098 rthdr = (struct ieee80211_rtap_hdr *) skb_push(skb, sizeof(*rthdr));
3099 memset(rthdr, 0, sizeof(*rthdr));
3100 rthdr->hdr.it_len = cpu_to_le16(sizeof(*rthdr));
3101 rthdr->hdr.it_present =
3102 cpu_to_le32((1 << IEEE80211_RADIOTAP_FLAGS) |
3103 (1 << IEEE80211_RADIOTAP_RATE) |
3104 (1 << IEEE80211_RADIOTAP_CHANNEL) |
3105 (1 << IEEE80211_RADIOTAP_DB_ANTSIGNAL));
3106 rthdr->flags = local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS ?
3107 IEEE80211_RADIOTAP_F_FCS : 0;
3108 rate = ieee80211_get_rate(local, status->phymode, status->rate);
3110 rthdr->rate = rate->rate / 5;
3111 rthdr->chan_freq = cpu_to_le16(status->freq);
3113 status->phymode == MODE_IEEE80211A ?
3114 cpu_to_le16(IEEE80211_CHAN_OFDM | IEEE80211_CHAN_5GHZ) :
3115 cpu_to_le16(IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ);
3116 rthdr->antsignal = status->ssi;
3119 sdata->stats.rx_packets++;
3120 sdata->stats.rx_bytes += skb->len;
3122 skb_set_mac_header(skb, 0);
3123 skb->ip_summed = CHECKSUM_UNNECESSARY;
3124 skb->pkt_type = PACKET_OTHERHOST;
3125 skb->protocol = htons(ETH_P_802_2);
3126 memset(skb->cb, 0, sizeof(skb->cb));
3130 int ieee80211_radar_status(struct ieee80211_hw *hw, int channel,
3131 int radar, int radar_type)
3133 struct sk_buff *skb;
3134 struct ieee80211_radar_info *msg;
3135 struct ieee80211_local *local = hw_to_local(hw);
3140 skb = dev_alloc_skb(sizeof(struct ieee80211_frame_info) +
3141 sizeof(struct ieee80211_radar_info));
3145 skb_reserve(skb, sizeof(struct ieee80211_frame_info));
3147 msg = (struct ieee80211_radar_info *)
3148 skb_put(skb, sizeof(struct ieee80211_radar_info));
3149 msg->channel = channel;
3151 msg->radar_type = radar_type;
3153 ieee80211_rx_mgmt(local, skb, NULL, ieee80211_msg_radar);
3156 EXPORT_SYMBOL(ieee80211_radar_status);
3158 int ieee80211_set_aid_for_sta(struct ieee80211_hw *hw, u8 *peer_address,
3161 struct sk_buff *skb;
3162 struct ieee80211_msg_set_aid_for_sta *msg;
3163 struct ieee80211_local *local = hw_to_local(hw);
3165 /* unlikely because if this event only happens for APs,
3166 * which require an open ap device. */
3167 if (unlikely(!local->apdev))
3170 skb = dev_alloc_skb(sizeof(struct ieee80211_frame_info) +
3171 sizeof(struct ieee80211_msg_set_aid_for_sta));
3175 skb_reserve(skb, sizeof(struct ieee80211_frame_info));
3177 msg = (struct ieee80211_msg_set_aid_for_sta *)
3178 skb_put(skb, sizeof(struct ieee80211_msg_set_aid_for_sta));
3179 memcpy(msg->sta_address, peer_address, ETH_ALEN);
3182 ieee80211_rx_mgmt(local, skb, NULL, ieee80211_msg_set_aid_for_sta);
3185 EXPORT_SYMBOL(ieee80211_set_aid_for_sta);
3187 static void ap_sta_ps_start(struct net_device *dev, struct sta_info *sta)
3189 struct ieee80211_sub_if_data *sdata;
3190 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
3193 atomic_inc(&sdata->bss->num_sta_ps);
3194 sta->flags |= WLAN_STA_PS;
3196 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3197 printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d enters power "
3198 "save mode\n", dev->name, MAC_ARG(sta->addr), sta->aid);
3199 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3203 static int ap_sta_ps_end(struct net_device *dev, struct sta_info *sta)
3205 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3206 struct sk_buff *skb;
3208 struct ieee80211_sub_if_data *sdata;
3209 struct ieee80211_tx_packet_data *pkt_data;
3211 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
3213 atomic_dec(&sdata->bss->num_sta_ps);
3214 sta->flags &= ~(WLAN_STA_PS | WLAN_STA_TIM);
3216 if (!skb_queue_empty(&sta->ps_tx_buf)) {
3217 if (local->ops->set_tim)
3218 local->ops->set_tim(local_to_hw(local), sta->aid, 0);
3220 bss_tim_clear(local, sdata->bss, sta->aid);
3222 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3223 printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d exits power "
3224 "save mode\n", dev->name, MAC_ARG(sta->addr), sta->aid);
3225 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3226 /* Send all buffered frames to the station */
3227 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) {
3228 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
3230 pkt_data->requeue = 1;
3231 dev_queue_xmit(skb);
3233 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) {
3234 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
3235 local->total_ps_buffered--;
3237 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3238 printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d send PS frame "
3239 "since STA not sleeping anymore\n", dev->name,
3240 MAC_ARG(sta->addr), sta->aid);
3241 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3242 pkt_data->requeue = 1;
3243 dev_queue_xmit(skb);
3250 static ieee80211_txrx_result
3251 ieee80211_rx_h_ps_poll(struct ieee80211_txrx_data *rx)
3253 struct sk_buff *skb;
3254 int no_pending_pkts;
3256 if (likely(!rx->sta ||
3257 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_CTL ||
3258 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PSPOLL ||
3259 !rx->u.rx.ra_match))
3260 return TXRX_CONTINUE;
3262 skb = skb_dequeue(&rx->sta->tx_filtered);
3264 skb = skb_dequeue(&rx->sta->ps_tx_buf);
3266 rx->local->total_ps_buffered--;
3268 no_pending_pkts = skb_queue_empty(&rx->sta->tx_filtered) &&
3269 skb_queue_empty(&rx->sta->ps_tx_buf);
3272 struct ieee80211_hdr *hdr =
3273 (struct ieee80211_hdr *) skb->data;
3275 /* tell TX path to send one frame even though the STA may
3276 * still remain is PS mode after this frame exchange */
3277 rx->sta->pspoll = 1;
3279 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3280 printk(KERN_DEBUG "STA " MAC_FMT " aid %d: PS Poll (entries "
3282 MAC_ARG(rx->sta->addr), rx->sta->aid,
3283 skb_queue_len(&rx->sta->ps_tx_buf));
3284 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3286 /* Use MoreData flag to indicate whether there are more
3287 * buffered frames for this STA */
3288 if (no_pending_pkts) {
3289 hdr->frame_control &= cpu_to_le16(~IEEE80211_FCTL_MOREDATA);
3290 rx->sta->flags &= ~WLAN_STA_TIM;
3292 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_MOREDATA);
3294 dev_queue_xmit(skb);
3296 if (no_pending_pkts) {
3297 if (rx->local->ops->set_tim)
3298 rx->local->ops->set_tim(local_to_hw(rx->local),
3301 bss_tim_clear(rx->local, rx->sdata->bss, rx->sta->aid);
3303 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3304 } else if (!rx->u.rx.sent_ps_buffered) {
3305 printk(KERN_DEBUG "%s: STA " MAC_FMT " sent PS Poll even "
3306 "though there is no buffered frames for it\n",
3307 rx->dev->name, MAC_ARG(rx->sta->addr));
3308 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3312 /* Free PS Poll skb here instead of returning TXRX_DROP that would
3313 * count as an dropped frame. */
3314 dev_kfree_skb(rx->skb);
3320 static inline struct ieee80211_fragment_entry *
3321 ieee80211_reassemble_add(struct ieee80211_sub_if_data *sdata,
3322 unsigned int frag, unsigned int seq, int rx_queue,
3323 struct sk_buff **skb)
3325 struct ieee80211_fragment_entry *entry;
3328 idx = sdata->fragment_next;
3329 entry = &sdata->fragments[sdata->fragment_next++];
3330 if (sdata->fragment_next >= IEEE80211_FRAGMENT_MAX)
3331 sdata->fragment_next = 0;
3333 if (!skb_queue_empty(&entry->skb_list)) {
3334 #ifdef CONFIG_MAC80211_DEBUG
3335 struct ieee80211_hdr *hdr =
3336 (struct ieee80211_hdr *) entry->skb_list.next->data;
3337 printk(KERN_DEBUG "%s: RX reassembly removed oldest "
3338 "fragment entry (idx=%d age=%lu seq=%d last_frag=%d "
3339 "addr1=" MAC_FMT " addr2=" MAC_FMT "\n",
3340 sdata->dev->name, idx,
3341 jiffies - entry->first_frag_time, entry->seq,
3342 entry->last_frag, MAC_ARG(hdr->addr1),
3343 MAC_ARG(hdr->addr2));
3344 #endif /* CONFIG_MAC80211_DEBUG */
3345 __skb_queue_purge(&entry->skb_list);
3348 __skb_queue_tail(&entry->skb_list, *skb); /* no need for locking */
3350 entry->first_frag_time = jiffies;
3352 entry->rx_queue = rx_queue;
3353 entry->last_frag = frag;
3355 entry->extra_len = 0;
3361 static inline struct ieee80211_fragment_entry *
3362 ieee80211_reassemble_find(struct ieee80211_sub_if_data *sdata,
3363 u16 fc, unsigned int frag, unsigned int seq,
3364 int rx_queue, struct ieee80211_hdr *hdr)
3366 struct ieee80211_fragment_entry *entry;
3369 idx = sdata->fragment_next;
3370 for (i = 0; i < IEEE80211_FRAGMENT_MAX; i++) {
3371 struct ieee80211_hdr *f_hdr;
3376 idx = IEEE80211_FRAGMENT_MAX - 1;
3378 entry = &sdata->fragments[idx];
3379 if (skb_queue_empty(&entry->skb_list) || entry->seq != seq ||
3380 entry->rx_queue != rx_queue ||
3381 entry->last_frag + 1 != frag)
3384 f_hdr = (struct ieee80211_hdr *) entry->skb_list.next->data;
3385 f_fc = le16_to_cpu(f_hdr->frame_control);
3387 if ((fc & IEEE80211_FCTL_FTYPE) != (f_fc & IEEE80211_FCTL_FTYPE) ||
3388 compare_ether_addr(hdr->addr1, f_hdr->addr1) != 0 ||
3389 compare_ether_addr(hdr->addr2, f_hdr->addr2) != 0)
3392 if (entry->first_frag_time + 2 * HZ < jiffies) {
3393 __skb_queue_purge(&entry->skb_list);
3403 static ieee80211_txrx_result
3404 ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
3406 struct ieee80211_hdr *hdr;
3408 unsigned int frag, seq;
3409 struct ieee80211_fragment_entry *entry;
3410 struct sk_buff *skb;
3412 hdr = (struct ieee80211_hdr *) rx->skb->data;
3413 sc = le16_to_cpu(hdr->seq_ctrl);
3414 frag = sc & IEEE80211_SCTL_FRAG;
3416 if (likely((!(rx->fc & IEEE80211_FCTL_MOREFRAGS) && frag == 0) ||
3417 (rx->skb)->len < 24 ||
3418 is_multicast_ether_addr(hdr->addr1))) {
3419 /* not fragmented */
3422 I802_DEBUG_INC(rx->local->rx_handlers_fragments);
3424 seq = (sc & IEEE80211_SCTL_SEQ) >> 4;
3427 /* This is the first fragment of a new frame. */
3428 entry = ieee80211_reassemble_add(rx->sdata, frag, seq,
3429 rx->u.rx.queue, &(rx->skb));
3430 if (rx->key && rx->key->alg == ALG_CCMP &&
3431 (rx->fc & IEEE80211_FCTL_PROTECTED)) {
3432 /* Store CCMP PN so that we can verify that the next
3433 * fragment has a sequential PN value. */
3435 memcpy(entry->last_pn,
3436 rx->key->u.ccmp.rx_pn[rx->u.rx.queue],
3442 /* This is a fragment for a frame that should already be pending in
3443 * fragment cache. Add this fragment to the end of the pending entry.
3445 entry = ieee80211_reassemble_find(rx->sdata, rx->fc, frag, seq,
3446 rx->u.rx.queue, hdr);
3448 I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag);
3452 /* Verify that MPDUs within one MSDU have sequential PN values.
3453 * (IEEE 802.11i, 8.3.3.4.5) */
3456 u8 pn[CCMP_PN_LEN], *rpn;
3457 if (!rx->key || rx->key->alg != ALG_CCMP)
3459 memcpy(pn, entry->last_pn, CCMP_PN_LEN);
3460 for (i = CCMP_PN_LEN - 1; i >= 0; i--) {
3465 rpn = rx->key->u.ccmp.rx_pn[rx->u.rx.queue];
3466 if (memcmp(pn, rpn, CCMP_PN_LEN) != 0) {
3467 printk(KERN_DEBUG "%s: defrag: CCMP PN not sequential"
3468 " A2=" MAC_FMT " PN=%02x%02x%02x%02x%02x%02x "
3469 "(expected %02x%02x%02x%02x%02x%02x)\n",
3470 rx->dev->name, MAC_ARG(hdr->addr2),
3471 rpn[0], rpn[1], rpn[2], rpn[3], rpn[4], rpn[5],
3472 pn[0], pn[1], pn[2], pn[3], pn[4], pn[5]);
3475 memcpy(entry->last_pn, pn, CCMP_PN_LEN);
3478 skb_pull(rx->skb, ieee80211_get_hdrlen(rx->fc));
3479 __skb_queue_tail(&entry->skb_list, rx->skb);
3480 entry->last_frag = frag;
3481 entry->extra_len += rx->skb->len;
3482 if (rx->fc & IEEE80211_FCTL_MOREFRAGS) {
3487 rx->skb = __skb_dequeue(&entry->skb_list);
3488 if (skb_tailroom(rx->skb) < entry->extra_len) {
3489 I802_DEBUG_INC(rx->local->rx_expand_skb_head2);
3490 if (unlikely(pskb_expand_head(rx->skb, 0, entry->extra_len,
3492 I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag);
3493 __skb_queue_purge(&entry->skb_list);
3497 while ((skb = __skb_dequeue(&entry->skb_list))) {
3498 memcpy(skb_put(rx->skb, skb->len), skb->data, skb->len);
3502 /* Complete frame has been reassembled - process it now */
3507 rx->sta->rx_packets++;
3508 if (is_multicast_ether_addr(hdr->addr1))
3509 rx->local->dot11MulticastReceivedFrameCount++;
3511 ieee80211_led_rx(rx->local);
3512 return TXRX_CONTINUE;
3516 static ieee80211_txrx_result
3517 ieee80211_rx_h_monitor(struct ieee80211_txrx_data *rx)
3519 if (rx->sdata->type == IEEE80211_IF_TYPE_MNTR) {
3520 ieee80211_rx_monitor(rx->dev, rx->skb, rx->u.rx.status);
3524 if (rx->u.rx.status->flag & RX_FLAG_RADIOTAP)
3525 skb_pull(rx->skb, ieee80211_get_radiotap_len(rx->skb));
3527 return TXRX_CONTINUE;
3531 static ieee80211_txrx_result
3532 ieee80211_rx_h_check(struct ieee80211_txrx_data *rx)
3534 struct ieee80211_hdr *hdr;
3536 hdr = (struct ieee80211_hdr *) rx->skb->data;
3538 /* Drop duplicate 802.11 retransmissions (IEEE 802.11 Chap. 9.2.9) */
3539 if (rx->sta && !is_multicast_ether_addr(hdr->addr1)) {
3540 if (unlikely(rx->fc & IEEE80211_FCTL_RETRY &&
3541 rx->sta->last_seq_ctrl[rx->u.rx.queue] ==
3543 if (rx->u.rx.ra_match) {
3544 rx->local->dot11FrameDuplicateCount++;
3545 rx->sta->num_duplicates++;
3549 rx->sta->last_seq_ctrl[rx->u.rx.queue] = hdr->seq_ctrl;
3552 if ((rx->local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS) &&
3553 rx->skb->len > FCS_LEN)
3554 skb_trim(rx->skb, rx->skb->len - FCS_LEN);
3556 if (unlikely(rx->skb->len < 16)) {
3557 I802_DEBUG_INC(rx->local->rx_handlers_drop_short);
3561 if (!rx->u.rx.ra_match)
3562 rx->skb->pkt_type = PACKET_OTHERHOST;
3563 else if (compare_ether_addr(rx->dev->dev_addr, hdr->addr1) == 0)
3564 rx->skb->pkt_type = PACKET_HOST;
3565 else if (is_multicast_ether_addr(hdr->addr1)) {
3566 if (is_broadcast_ether_addr(hdr->addr1))
3567 rx->skb->pkt_type = PACKET_BROADCAST;
3569 rx->skb->pkt_type = PACKET_MULTICAST;
3571 rx->skb->pkt_type = PACKET_OTHERHOST;
3573 /* Drop disallowed frame classes based on STA auth/assoc state;
3574 * IEEE 802.11, Chap 5.5.
3576 * 80211.o does filtering only based on association state, i.e., it
3577 * drops Class 3 frames from not associated stations. hostapd sends
3578 * deauth/disassoc frames when needed. In addition, hostapd is
3579 * responsible for filtering on both auth and assoc states.
3581 if (unlikely(((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA ||
3582 ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL &&
3583 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PSPOLL)) &&
3584 rx->sdata->type != IEEE80211_IF_TYPE_IBSS &&
3585 (!rx->sta || !(rx->sta->flags & WLAN_STA_ASSOC)))) {
3586 if ((!(rx->fc & IEEE80211_FCTL_FROMDS) &&
3587 !(rx->fc & IEEE80211_FCTL_TODS) &&
3588 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)
3589 || !rx->u.rx.ra_match) {
3590 /* Drop IBSS frames and frames for other hosts
3595 if (!rx->local->apdev)
3598 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
3599 ieee80211_msg_sta_not_assoc);
3603 if (rx->sdata->type == IEEE80211_IF_TYPE_STA)
3608 if (rx->sta && rx->sta->key && always_sta_key) {
3609 rx->key = rx->sta->key;
3611 if (rx->sta && rx->sta->key)
3612 rx->key = rx->sta->key;
3614 rx->key = rx->sdata->default_key;
3616 if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) &&
3617 rx->fc & IEEE80211_FCTL_PROTECTED) {
3618 int keyidx = ieee80211_wep_get_keyidx(rx->skb);
3620 if (keyidx >= 0 && keyidx < NUM_DEFAULT_KEYS &&
3621 (!rx->sta || !rx->sta->key || keyidx > 0))
3622 rx->key = rx->sdata->keys[keyidx];
3625 if (!rx->u.rx.ra_match)
3627 printk(KERN_DEBUG "%s: RX WEP frame with "
3628 "unknown keyidx %d (A1=" MAC_FMT " A2="
3629 MAC_FMT " A3=" MAC_FMT ")\n",
3630 rx->dev->name, keyidx,
3631 MAC_ARG(hdr->addr1),
3632 MAC_ARG(hdr->addr2),
3633 MAC_ARG(hdr->addr3));
3634 if (!rx->local->apdev)
3637 rx->local, rx->skb, rx->u.rx.status,
3638 ieee80211_msg_wep_frame_unknown_key);
3644 if (rx->fc & IEEE80211_FCTL_PROTECTED && rx->key && rx->u.rx.ra_match) {
3645 rx->key->tx_rx_count++;
3646 if (unlikely(rx->local->key_tx_rx_threshold &&
3647 rx->key->tx_rx_count >
3648 rx->local->key_tx_rx_threshold)) {
3649 ieee80211_key_threshold_notify(rx->dev, rx->key,
3654 return TXRX_CONTINUE;
3658 static ieee80211_txrx_result
3659 ieee80211_rx_h_sta_process(struct ieee80211_txrx_data *rx)
3661 struct sta_info *sta = rx->sta;
3662 struct net_device *dev = rx->dev;
3663 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
3666 return TXRX_CONTINUE;
3668 /* Update last_rx only for IBSS packets which are for the current
3669 * BSSID to avoid keeping the current IBSS network alive in cases where
3670 * other STAs are using different BSSID. */
3671 if (rx->sdata->type == IEEE80211_IF_TYPE_IBSS) {
3672 u8 *bssid = ieee80211_get_bssid(hdr, rx->skb->len);
3673 if (compare_ether_addr(bssid, rx->sdata->u.sta.bssid) == 0)
3674 sta->last_rx = jiffies;
3676 if (!is_multicast_ether_addr(hdr->addr1) ||
3677 rx->sdata->type == IEEE80211_IF_TYPE_STA) {
3678 /* Update last_rx only for unicast frames in order to prevent
3679 * the Probe Request frames (the only broadcast frames from a
3680 * STA in infrastructure mode) from keeping a connection alive.
3682 sta->last_rx = jiffies;
3685 if (!rx->u.rx.ra_match)
3686 return TXRX_CONTINUE;
3688 sta->rx_fragments++;
3689 sta->rx_bytes += rx->skb->len;
3690 sta->last_rssi = (sta->last_rssi * 15 +
3691 rx->u.rx.status->ssi) / 16;
3692 sta->last_signal = (sta->last_signal * 15 +
3693 rx->u.rx.status->signal) / 16;
3694 sta->last_noise = (sta->last_noise * 15 +
3695 rx->u.rx.status->noise) / 16;
3697 if (!(rx->fc & IEEE80211_FCTL_MOREFRAGS)) {
3698 /* Change STA power saving mode only in the end of a frame
3699 * exchange sequence */
3700 if ((sta->flags & WLAN_STA_PS) && !(rx->fc & IEEE80211_FCTL_PM))
3701 rx->u.rx.sent_ps_buffered += ap_sta_ps_end(dev, sta);
3702 else if (!(sta->flags & WLAN_STA_PS) &&
3703 (rx->fc & IEEE80211_FCTL_PM))
3704 ap_sta_ps_start(dev, sta);
3707 /* Drop data::nullfunc frames silently, since they are used only to
3708 * control station power saving mode. */
3709 if ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
3710 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_NULLFUNC) {
3711 I802_DEBUG_INC(rx->local->rx_handlers_drop_nullfunc);
3712 /* Update counter and free packet here to avoid counting this
3713 * as a dropped packed. */
3715 dev_kfree_skb(rx->skb);
3719 return TXRX_CONTINUE;
3720 } /* ieee80211_rx_h_sta_process */
3723 static ieee80211_txrx_result
3724 ieee80211_rx_h_wep_weak_iv_detection(struct ieee80211_txrx_data *rx)
3726 if (!rx->sta || !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
3727 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
3728 !rx->key || rx->key->alg != ALG_WEP || !rx->u.rx.ra_match)
3729 return TXRX_CONTINUE;
3731 /* Check for weak IVs, if hwaccel did not remove IV from the frame */
3732 if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) ||
3733 rx->key->force_sw_encrypt) {
3734 u8 *iv = ieee80211_wep_is_weak_iv(rx->skb, rx->key);
3736 rx->sta->wep_weak_iv_count++;
3740 return TXRX_CONTINUE;
3744 static ieee80211_txrx_result
3745 ieee80211_rx_h_wep_decrypt(struct ieee80211_txrx_data *rx)
3747 /* If the device handles decryption totally, skip this test */
3748 if (rx->local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP)
3749 return TXRX_CONTINUE;
3751 if ((rx->key && rx->key->alg != ALG_WEP) ||
3752 !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
3753 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
3754 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
3755 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)))
3756 return TXRX_CONTINUE;
3759 printk(KERN_DEBUG "%s: RX WEP frame, but no key set\n",
3764 if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED) ||
3765 rx->key->force_sw_encrypt) {
3766 if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) {
3767 printk(KERN_DEBUG "%s: RX WEP frame, decrypt "
3768 "failed\n", rx->dev->name);
3771 } else if (rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) {
3772 ieee80211_wep_remove_iv(rx->local, rx->skb, rx->key);
3774 skb_trim(rx->skb, rx->skb->len - 4);
3777 return TXRX_CONTINUE;
3781 static ieee80211_txrx_result
3782 ieee80211_rx_h_802_1x_pae(struct ieee80211_txrx_data *rx)
3784 if (rx->sdata->eapol && ieee80211_is_eapol(rx->skb) &&
3785 rx->sdata->type != IEEE80211_IF_TYPE_STA && rx->u.rx.ra_match) {
3786 /* Pass both encrypted and unencrypted EAPOL frames to user
3787 * space for processing. */
3788 if (!rx->local->apdev)
3790 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
3791 ieee80211_msg_normal);
3795 if (unlikely(rx->sdata->ieee802_1x &&
3796 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
3797 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_NULLFUNC &&
3798 (!rx->sta || !(rx->sta->flags & WLAN_STA_AUTHORIZED)) &&
3799 !ieee80211_is_eapol(rx->skb))) {
3800 #ifdef CONFIG_MAC80211_DEBUG
3801 struct ieee80211_hdr *hdr =
3802 (struct ieee80211_hdr *) rx->skb->data;
3803 printk(KERN_DEBUG "%s: dropped frame from " MAC_FMT
3804 " (unauthorized port)\n", rx->dev->name,
3805 MAC_ARG(hdr->addr2));
3806 #endif /* CONFIG_MAC80211_DEBUG */
3810 return TXRX_CONTINUE;
3814 static ieee80211_txrx_result
3815 ieee80211_rx_h_drop_unencrypted(struct ieee80211_txrx_data *rx)
3817 /* If the device handles decryption totally, skip this test */
3818 if (rx->local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP)
3819 return TXRX_CONTINUE;
3821 /* Drop unencrypted frames if key is set. */
3822 if (unlikely(!(rx->fc & IEEE80211_FCTL_PROTECTED) &&
3823 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
3824 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_NULLFUNC &&
3825 (rx->key || rx->sdata->drop_unencrypted) &&
3826 (rx->sdata->eapol == 0 ||
3827 !ieee80211_is_eapol(rx->skb)))) {
3828 printk(KERN_DEBUG "%s: RX non-WEP frame, but expected "
3829 "encryption\n", rx->dev->name);
3832 return TXRX_CONTINUE;
3836 static ieee80211_txrx_result
3837 ieee80211_rx_h_mgmt(struct ieee80211_txrx_data *rx)
3839 struct ieee80211_sub_if_data *sdata;
3841 if (!rx->u.rx.ra_match)
3844 sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
3845 if ((sdata->type == IEEE80211_IF_TYPE_STA ||
3846 sdata->type == IEEE80211_IF_TYPE_IBSS) &&
3847 !rx->local->user_space_mlme) {
3848 ieee80211_sta_rx_mgmt(rx->dev, rx->skb, rx->u.rx.status);
3850 /* Management frames are sent to hostapd for processing */
3851 if (!rx->local->apdev)
3853 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
3854 ieee80211_msg_normal);
3860 static ieee80211_txrx_result
3861 ieee80211_rx_h_passive_scan(struct ieee80211_txrx_data *rx)
3863 struct ieee80211_local *local = rx->local;
3864 struct sk_buff *skb = rx->skb;
3866 if (unlikely(local->sta_scanning != 0)) {
3867 ieee80211_sta_rx_scan(rx->dev, skb, rx->u.rx.status);
3871 if (unlikely(rx->u.rx.in_scan)) {
3872 /* scanning finished during invoking of handlers */
3873 I802_DEBUG_INC(local->rx_handlers_drop_passive_scan);
3877 return TXRX_CONTINUE;
3881 static void ieee80211_rx_michael_mic_report(struct net_device *dev,
3882 struct ieee80211_hdr *hdr,
3883 struct sta_info *sta,
3884 struct ieee80211_txrx_data *rx)
3888 hdrlen = ieee80211_get_hdrlen_from_skb(rx->skb);
3889 if (rx->skb->len >= hdrlen + 4)
3890 keyidx = rx->skb->data[hdrlen + 3] >> 6;
3894 /* TODO: verify that this is not triggered by fragmented
3895 * frames (hw does not verify MIC for them). */
3896 printk(KERN_DEBUG "%s: TKIP hwaccel reported Michael MIC "
3897 "failure from " MAC_FMT " to " MAC_FMT " keyidx=%d\n",
3898 dev->name, MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr1), keyidx);
3901 /* Some hardware versions seem to generate incorrect
3902 * Michael MIC reports; ignore them to avoid triggering
3903 * countermeasures. */
3904 printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
3905 "error for unknown address " MAC_FMT "\n",
3906 dev->name, MAC_ARG(hdr->addr2));
3910 if (!(rx->fc & IEEE80211_FCTL_PROTECTED)) {
3911 printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
3912 "error for a frame with no ISWEP flag (src "
3913 MAC_FMT ")\n", dev->name, MAC_ARG(hdr->addr2));
3917 if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) &&
3918 rx->sdata->type == IEEE80211_IF_TYPE_AP) {
3919 keyidx = ieee80211_wep_get_keyidx(rx->skb);
3920 /* AP with Pairwise keys support should never receive Michael
3921 * MIC errors for non-zero keyidx because these are reserved
3922 * for group keys and only the AP is sending real multicast
3925 printk(KERN_DEBUG "%s: ignored Michael MIC error for "
3926 "a frame with non-zero keyidx (%d) (src " MAC_FMT
3927 ")\n", dev->name, keyidx, MAC_ARG(hdr->addr2));
3932 if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
3933 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
3934 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)) {
3935 printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
3936 "error for a frame that cannot be encrypted "
3937 "(fc=0x%04x) (src " MAC_FMT ")\n",
3938 dev->name, rx->fc, MAC_ARG(hdr->addr2));
3943 union iwreq_data wrqu;
3944 char *buf = kmalloc(128, GFP_ATOMIC);
3948 /* TODO: needed parameters: count, key type, TSC */
3949 sprintf(buf, "MLME-MICHAELMICFAILURE.indication("
3950 "keyid=%d %scast addr=" MAC_FMT ")",
3951 keyidx, hdr->addr1[0] & 0x01 ? "broad" : "uni",
3952 MAC_ARG(hdr->addr2));
3953 memset(&wrqu, 0, sizeof(wrqu));
3954 wrqu.data.length = strlen(buf);
3955 wireless_send_event(rx->dev, IWEVCUSTOM, &wrqu, buf);
3959 /* TODO: consider verifying the MIC error report with software
3960 * implementation if we get too many spurious reports from the
3962 if (!rx->local->apdev)
3964 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
3965 ieee80211_msg_michael_mic_failure);
3969 dev_kfree_skb(rx->skb);
3973 static inline ieee80211_txrx_result __ieee80211_invoke_rx_handlers(
3974 struct ieee80211_local *local,
3975 ieee80211_rx_handler *handlers,
3976 struct ieee80211_txrx_data *rx,
3977 struct sta_info *sta)
3979 ieee80211_rx_handler *handler;
3980 ieee80211_txrx_result res = TXRX_DROP;
3982 for (handler = handlers; *handler != NULL; handler++) {
3983 res = (*handler)(rx);
3984 if (res != TXRX_CONTINUE) {
3985 if (res == TXRX_DROP) {
3986 I802_DEBUG_INC(local->rx_handlers_drop);
3990 if (res == TXRX_QUEUED)
3991 I802_DEBUG_INC(local->rx_handlers_queued);
3996 if (res == TXRX_DROP) {
3997 dev_kfree_skb(rx->skb);
4002 static inline void ieee80211_invoke_rx_handlers(struct ieee80211_local *local,
4003 ieee80211_rx_handler *handlers,
4004 struct ieee80211_txrx_data *rx,
4005 struct sta_info *sta)
4007 if (__ieee80211_invoke_rx_handlers(local, handlers, rx, sta) ==
4009 dev_kfree_skb(rx->skb);
4013 * This is the receive path handler. It is called by a low level driver when an
4014 * 802.11 MPDU is received from the hardware.
4016 void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
4017 struct ieee80211_rx_status *status)
4019 struct ieee80211_local *local = hw_to_local(hw);
4020 struct ieee80211_sub_if_data *sdata;
4021 struct sta_info *sta;
4022 struct ieee80211_hdr *hdr;
4023 struct ieee80211_txrx_data rx;
4026 int radiotap_len = 0;
4028 if (status->flag & RX_FLAG_RADIOTAP) {
4029 radiotap_len = ieee80211_get_radiotap_len(skb);
4030 skb_pull(skb, radiotap_len);
4033 hdr = (struct ieee80211_hdr *) skb->data;
4034 memset(&rx, 0, sizeof(rx));
4038 rx.u.rx.status = status;
4039 rx.fc = skb->len >= 2 ? le16_to_cpu(hdr->frame_control) : 0;
4040 type = rx.fc & IEEE80211_FCTL_FTYPE;
4041 if (type == IEEE80211_FTYPE_DATA || type == IEEE80211_FTYPE_MGMT)
4042 local->dot11ReceivedFragmentCount++;
4043 multicast = is_multicast_ether_addr(hdr->addr1);
4046 sta = rx.sta = sta_info_get(local, hdr->addr2);
4048 sta = rx.sta = NULL;
4052 rx.sdata = IEEE80211_DEV_TO_SUB_IF(rx.dev);
4055 if ((status->flag & RX_FLAG_MMIC_ERROR)) {
4056 ieee80211_rx_michael_mic_report(local->mdev, hdr, sta, &rx);
4060 if (unlikely(local->sta_scanning))
4061 rx.u.rx.in_scan = 1;
4063 if (__ieee80211_invoke_rx_handlers(local, local->rx_pre_handlers, &rx,
4064 sta) != TXRX_CONTINUE)
4068 skb_push(skb, radiotap_len);
4069 if (sta && !sta->assoc_ap && !(sta->flags & WLAN_STA_WDS) &&
4070 !local->iff_promiscs && !multicast) {
4071 rx.u.rx.ra_match = 1;
4072 ieee80211_invoke_rx_handlers(local, local->rx_handlers, &rx,
4075 struct ieee80211_sub_if_data *prev = NULL;
4076 struct sk_buff *skb_new;
4077 u8 *bssid = ieee80211_get_bssid(hdr, skb->len - radiotap_len);
4079 read_lock(&local->sub_if_lock);
4080 list_for_each_entry(sdata, &local->sub_if_list, list) {
4081 rx.u.rx.ra_match = 1;
4082 switch (sdata->type) {
4083 case IEEE80211_IF_TYPE_STA:
4086 if (!ieee80211_bssid_match(bssid,
4087 sdata->u.sta.bssid)) {
4088 if (!rx.u.rx.in_scan)
4090 rx.u.rx.ra_match = 0;
4091 } else if (!multicast &&
4092 compare_ether_addr(sdata->dev->dev_addr,
4094 if (!sdata->promisc)
4096 rx.u.rx.ra_match = 0;
4099 case IEEE80211_IF_TYPE_IBSS:
4102 if (!ieee80211_bssid_match(bssid,
4103 sdata->u.sta.bssid)) {
4104 if (!rx.u.rx.in_scan)
4106 rx.u.rx.ra_match = 0;
4107 } else if (!multicast &&
4108 compare_ether_addr(sdata->dev->dev_addr,
4110 if (!sdata->promisc)
4112 rx.u.rx.ra_match = 0;
4115 ieee80211_ibss_add_sta(sdata->dev,
4119 case IEEE80211_IF_TYPE_AP:
4121 if (compare_ether_addr(sdata->dev->dev_addr,
4124 } else if (!ieee80211_bssid_match(bssid,
4125 sdata->dev->dev_addr)) {
4126 if (!rx.u.rx.in_scan)
4128 rx.u.rx.ra_match = 0;
4130 if (sdata->dev == local->mdev &&
4132 /* do not receive anything via
4133 * master device when not scanning */
4136 case IEEE80211_IF_TYPE_WDS:
4138 (rx.fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)
4140 if (compare_ether_addr(sdata->u.wds.remote_addr,
4147 skb_new = skb_copy(skb, GFP_ATOMIC);
4149 if (net_ratelimit())
4150 printk(KERN_DEBUG "%s: failed to copy "
4151 "multicast frame for %s",
4152 local->mdev->name, prev->dev->name);
4158 ieee80211_invoke_rx_handlers(local,
4168 ieee80211_invoke_rx_handlers(local, local->rx_handlers,
4172 read_unlock(&local->sub_if_lock);
4179 EXPORT_SYMBOL(__ieee80211_rx);
4181 static ieee80211_txrx_result
4182 ieee80211_tx_h_load_stats(struct ieee80211_txrx_data *tx)
4184 struct ieee80211_local *local = tx->local;
4185 struct ieee80211_hw_mode *mode = tx->u.tx.mode;
4186 struct sk_buff *skb = tx->skb;
4187 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
4188 u32 load = 0, hdrtime;
4190 /* TODO: this could be part of tx_status handling, so that the number
4191 * of retries would be known; TX rate should in that case be stored
4192 * somewhere with the packet */
4194 /* Estimate total channel use caused by this frame */
4196 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values,
4197 * 1 usec = 1/8 * (1080 / 10) = 13.5 */
4199 if (mode->mode == MODE_IEEE80211A ||
4200 mode->mode == MODE_ATHEROS_TURBO ||
4201 mode->mode == MODE_ATHEROS_TURBOG ||
4202 (mode->mode == MODE_IEEE80211G &&
4203 tx->u.tx.rate->flags & IEEE80211_RATE_ERP))
4204 hdrtime = CHAN_UTIL_HDR_SHORT;
4206 hdrtime = CHAN_UTIL_HDR_LONG;
4209 if (!is_multicast_ether_addr(hdr->addr1))
4212 if (tx->u.tx.control->flags & IEEE80211_TXCTL_USE_RTS_CTS)
4213 load += 2 * hdrtime;
4214 else if (tx->u.tx.control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT)
4217 load += skb->len * tx->u.tx.rate->rate_inv;
4219 if (tx->u.tx.extra_frag) {
4221 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
4222 load += 2 * hdrtime;
4223 load += tx->u.tx.extra_frag[i]->len *
4224 tx->u.tx.rate->rate;
4228 /* Divide channel_use by 8 to avoid wrapping around the counter */
4229 load >>= CHAN_UTIL_SHIFT;
4230 local->channel_use_raw += load;
4232 tx->sta->channel_use_raw += load;
4233 tx->sdata->channel_use_raw += load;
4235 return TXRX_CONTINUE;
4239 static ieee80211_txrx_result
4240 ieee80211_rx_h_load_stats(struct ieee80211_txrx_data *rx)
4242 struct ieee80211_local *local = rx->local;
4243 struct sk_buff *skb = rx->skb;
4244 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
4245 u32 load = 0, hdrtime;
4246 struct ieee80211_rate *rate;
4247 struct ieee80211_hw_mode *mode = local->hw.conf.mode;
4250 /* Estimate total channel use caused by this frame */
4252 if (unlikely(mode->num_rates < 0))
4253 return TXRX_CONTINUE;
4255 rate = &mode->rates[0];
4256 for (i = 0; i < mode->num_rates; i++) {
4257 if (mode->rates[i].val == rx->u.rx.status->rate) {
4258 rate = &mode->rates[i];
4263 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values,
4264 * 1 usec = 1/8 * (1080 / 10) = 13.5 */
4266 if (mode->mode == MODE_IEEE80211A ||
4267 mode->mode == MODE_ATHEROS_TURBO ||
4268 mode->mode == MODE_ATHEROS_TURBOG ||
4269 (mode->mode == MODE_IEEE80211G &&
4270 rate->flags & IEEE80211_RATE_ERP))
4271 hdrtime = CHAN_UTIL_HDR_SHORT;
4273 hdrtime = CHAN_UTIL_HDR_LONG;
4276 if (!is_multicast_ether_addr(hdr->addr1))
4279 load += skb->len * rate->rate_inv;
4281 /* Divide channel_use by 8 to avoid wrapping around the counter */
4282 load >>= CHAN_UTIL_SHIFT;
4283 local->channel_use_raw += load;
4285 rx->sta->channel_use_raw += load;
4286 rx->u.rx.load = load;
4288 return TXRX_CONTINUE;
4291 static ieee80211_txrx_result
4292 ieee80211_rx_h_if_stats(struct ieee80211_txrx_data *rx)
4294 rx->sdata->channel_use_raw += rx->u.rx.load;
4295 return TXRX_CONTINUE;
4298 static void ieee80211_stat_refresh(unsigned long data)
4300 struct ieee80211_local *local = (struct ieee80211_local *) data;
4301 struct sta_info *sta;
4302 struct ieee80211_sub_if_data *sdata;
4304 if (!local->stat_time)
4307 /* go through all stations */
4308 spin_lock_bh(&local->sta_lock);
4309 list_for_each_entry(sta, &local->sta_list, list) {
4310 sta->channel_use = (sta->channel_use_raw / local->stat_time) /
4312 sta->channel_use_raw = 0;
4314 spin_unlock_bh(&local->sta_lock);
4316 /* go through all subinterfaces */
4317 read_lock(&local->sub_if_lock);
4318 list_for_each_entry(sdata, &local->sub_if_list, list) {
4319 sdata->channel_use = (sdata->channel_use_raw /
4320 local->stat_time) / CHAN_UTIL_PER_10MS;
4321 sdata->channel_use_raw = 0;
4323 read_unlock(&local->sub_if_lock);
4325 /* hardware interface */
4326 local->channel_use = (local->channel_use_raw /
4327 local->stat_time) / CHAN_UTIL_PER_10MS;
4328 local->channel_use_raw = 0;
4330 local->stat_timer.expires = jiffies + HZ * local->stat_time / 100;
4331 add_timer(&local->stat_timer);
4335 /* This is a version of the rx handler that can be called from hard irq
4336 * context. Post the skb on the queue and schedule the tasklet */
4337 void ieee80211_rx_irqsafe(struct ieee80211_hw *hw, struct sk_buff *skb,
4338 struct ieee80211_rx_status *status)
4340 struct ieee80211_local *local = hw_to_local(hw);
4342 BUILD_BUG_ON(sizeof(struct ieee80211_rx_status) > sizeof(skb->cb));
4344 skb->dev = local->mdev;
4345 /* copy status into skb->cb for use by tasklet */
4346 memcpy(skb->cb, status, sizeof(*status));
4347 skb->pkt_type = IEEE80211_RX_MSG;
4348 skb_queue_tail(&local->skb_queue, skb);
4349 tasklet_schedule(&local->tasklet);
4351 EXPORT_SYMBOL(ieee80211_rx_irqsafe);
4353 void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw,
4354 struct sk_buff *skb,
4355 struct ieee80211_tx_status *status)
4357 struct ieee80211_local *local = hw_to_local(hw);
4358 struct ieee80211_tx_status *saved;
4361 skb->dev = local->mdev;
4362 saved = kmalloc(sizeof(struct ieee80211_tx_status), GFP_ATOMIC);
4363 if (unlikely(!saved)) {
4364 if (net_ratelimit())
4365 printk(KERN_WARNING "%s: Not enough memory, "
4366 "dropping tx status", skb->dev->name);
4367 /* should be dev_kfree_skb_irq, but due to this function being
4368 * named _irqsafe instead of just _irq we can't be sure that
4369 * people won't call it from non-irq contexts */
4370 dev_kfree_skb_any(skb);
4373 memcpy(saved, status, sizeof(struct ieee80211_tx_status));
4374 /* copy pointer to saved status into skb->cb for use by tasklet */
4375 memcpy(skb->cb, &saved, sizeof(saved));
4377 skb->pkt_type = IEEE80211_TX_STATUS_MSG;
4378 skb_queue_tail(status->control.flags & IEEE80211_TXCTL_REQ_TX_STATUS ?
4379 &local->skb_queue : &local->skb_queue_unreliable, skb);
4380 tmp = skb_queue_len(&local->skb_queue) +
4381 skb_queue_len(&local->skb_queue_unreliable);
4382 while (tmp > IEEE80211_IRQSAFE_QUEUE_LIMIT &&
4383 (skb = skb_dequeue(&local->skb_queue_unreliable))) {
4384 memcpy(&saved, skb->cb, sizeof(saved));
4386 dev_kfree_skb_irq(skb);
4388 I802_DEBUG_INC(local->tx_status_drop);
4390 tasklet_schedule(&local->tasklet);
4392 EXPORT_SYMBOL(ieee80211_tx_status_irqsafe);
4394 static void ieee80211_tasklet_handler(unsigned long data)
4396 struct ieee80211_local *local = (struct ieee80211_local *) data;
4397 struct sk_buff *skb;
4398 struct ieee80211_rx_status rx_status;
4399 struct ieee80211_tx_status *tx_status;
4401 while ((skb = skb_dequeue(&local->skb_queue)) ||
4402 (skb = skb_dequeue(&local->skb_queue_unreliable))) {
4403 switch (skb->pkt_type) {
4404 case IEEE80211_RX_MSG:
4405 /* status is in skb->cb */
4406 memcpy(&rx_status, skb->cb, sizeof(rx_status));
4407 /* Clear skb->type in order to not confuse kernel
4410 __ieee80211_rx(local_to_hw(local), skb, &rx_status);
4412 case IEEE80211_TX_STATUS_MSG:
4413 /* get pointer to saved status out of skb->cb */
4414 memcpy(&tx_status, skb->cb, sizeof(tx_status));
4416 ieee80211_tx_status(local_to_hw(local),
4420 default: /* should never get here! */
4421 printk(KERN_ERR "%s: Unknown message type (%d)\n",
4422 local->mdev->name, skb->pkt_type);
4430 /* Remove added headers (e.g., QoS control), encryption header/MIC, etc. to
4431 * make a prepared TX frame (one that has been given to hw) to look like brand
4432 * new IEEE 802.11 frame that is ready to go through TX processing again.
4433 * Also, tx_packet_data in cb is restored from tx_control. */
4434 static void ieee80211_remove_tx_extra(struct ieee80211_local *local,
4435 struct ieee80211_key *key,
4436 struct sk_buff *skb,
4437 struct ieee80211_tx_control *control)
4439 int hdrlen, iv_len, mic_len;
4440 struct ieee80211_tx_packet_data *pkt_data;
4442 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
4443 pkt_data->ifindex = control->ifindex;
4444 pkt_data->mgmt_iface = (control->type == IEEE80211_IF_TYPE_MGMT);
4445 pkt_data->req_tx_status = !!(control->flags & IEEE80211_TXCTL_REQ_TX_STATUS);
4446 pkt_data->do_not_encrypt = !!(control->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT);
4447 pkt_data->requeue = !!(control->flags & IEEE80211_TXCTL_REQUEUE);
4448 pkt_data->queue = control->queue;
4450 hdrlen = ieee80211_get_hdrlen_from_skb(skb);
4457 iv_len = WEP_IV_LEN;
4458 mic_len = WEP_ICV_LEN;
4461 iv_len = TKIP_IV_LEN;
4462 mic_len = TKIP_ICV_LEN;
4465 iv_len = CCMP_HDR_LEN;
4466 mic_len = CCMP_MIC_LEN;
4472 if (skb->len >= mic_len && key->force_sw_encrypt)
4473 skb_trim(skb, skb->len - mic_len);
4474 if (skb->len >= iv_len && skb->len > hdrlen) {
4475 memmove(skb->data + iv_len, skb->data, hdrlen);
4476 skb_pull(skb, iv_len);
4481 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
4482 u16 fc = le16_to_cpu(hdr->frame_control);
4483 if ((fc & 0x8C) == 0x88) /* QoS Control Field */ {
4484 fc &= ~IEEE80211_STYPE_QOS_DATA;
4485 hdr->frame_control = cpu_to_le16(fc);
4486 memmove(skb->data + 2, skb->data, hdrlen - 2);
4493 void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
4494 struct ieee80211_tx_status *status)
4496 struct sk_buff *skb2;
4497 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
4498 struct ieee80211_local *local = hw_to_local(hw);
4504 "%s: ieee80211_tx_status called with NULL status\n",
4510 if (status->excessive_retries) {
4511 struct sta_info *sta;
4512 sta = sta_info_get(local, hdr->addr1);
4514 if (sta->flags & WLAN_STA_PS) {
4515 /* The STA is in power save mode, so assume
4516 * that this TX packet failed because of that.
4518 status->excessive_retries = 0;
4519 status->flags |= IEEE80211_TX_STATUS_TX_FILTERED;
4525 if (status->flags & IEEE80211_TX_STATUS_TX_FILTERED) {
4526 struct sta_info *sta;
4527 sta = sta_info_get(local, hdr->addr1);
4529 sta->tx_filtered_count++;
4531 /* Clear the TX filter mask for this STA when sending
4532 * the next packet. If the STA went to power save mode,
4533 * this will happen when it is waking up for the next
4535 sta->clear_dst_mask = 1;
4537 /* TODO: Is the WLAN_STA_PS flag always set here or is
4538 * the race between RX and TX status causing some
4539 * packets to be filtered out before 80211.o gets an
4540 * update for PS status? This seems to be the case, so
4541 * no changes are likely to be needed. */
4542 if (sta->flags & WLAN_STA_PS &&
4543 skb_queue_len(&sta->tx_filtered) <
4544 STA_MAX_TX_BUFFER) {
4545 ieee80211_remove_tx_extra(local, sta->key,
4548 skb_queue_tail(&sta->tx_filtered, skb);
4549 } else if (!(sta->flags & WLAN_STA_PS) &&
4550 !(status->control.flags & IEEE80211_TXCTL_REQUEUE)) {
4551 /* Software retry the packet once */
4552 status->control.flags |= IEEE80211_TXCTL_REQUEUE;
4553 ieee80211_remove_tx_extra(local, sta->key,
4556 dev_queue_xmit(skb);
4558 if (net_ratelimit()) {
4559 printk(KERN_DEBUG "%s: dropped TX "
4560 "filtered frame queue_len=%d "
4565 !!(sta->flags & WLAN_STA_PS),
4574 /* FIXME: STUPID to call this with both local and local->mdev */
4575 rate_control_tx_status(local, local->mdev, skb, status);
4578 ieee80211_led_tx(local, 0);
4581 * Fragments are passed to low-level drivers as separate skbs, so these
4582 * are actually fragments, not frames. Update frame counters only for
4583 * the first fragment of the frame. */
4585 frag = le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_FRAG;
4586 type = le16_to_cpu(hdr->frame_control) & IEEE80211_FCTL_FTYPE;
4588 if (status->flags & IEEE80211_TX_STATUS_ACK) {
4590 local->dot11TransmittedFrameCount++;
4591 if (is_multicast_ether_addr(hdr->addr1))
4592 local->dot11MulticastTransmittedFrameCount++;
4593 if (status->retry_count > 0)
4594 local->dot11RetryCount++;
4595 if (status->retry_count > 1)
4596 local->dot11MultipleRetryCount++;
4599 /* This counter shall be incremented for an acknowledged MPDU
4600 * with an individual address in the address 1 field or an MPDU
4601 * with a multicast address in the address 1 field of type Data
4603 if (!is_multicast_ether_addr(hdr->addr1) ||
4604 type == IEEE80211_FTYPE_DATA ||
4605 type == IEEE80211_FTYPE_MGMT)
4606 local->dot11TransmittedFragmentCount++;
4609 local->dot11FailedCount++;
4612 if (!(status->control.flags & IEEE80211_TXCTL_REQ_TX_STATUS)
4613 || unlikely(!local->apdev)) {
4618 msg_type = (status->flags & IEEE80211_TX_STATUS_ACK) ?
4619 ieee80211_msg_tx_callback_ack : ieee80211_msg_tx_callback_fail;
4621 /* skb was the original skb used for TX. Clone it and give the clone
4622 * to netif_rx(). Free original skb. */
4623 skb2 = skb_copy(skb, GFP_ATOMIC);
4631 /* Send frame to hostapd */
4632 ieee80211_rx_mgmt(local, skb, NULL, msg_type);
4634 EXPORT_SYMBOL(ieee80211_tx_status);
4636 /* TODO: implement register/unregister functions for adding TX/RX handlers
4637 * into ordered list */
4639 /* rx_pre handlers don't have dev and sdata fields available in
4640 * ieee80211_txrx_data */
4641 static ieee80211_rx_handler ieee80211_rx_pre_handlers[] =
4643 ieee80211_rx_h_parse_qos,
4644 ieee80211_rx_h_load_stats,
4648 static ieee80211_rx_handler ieee80211_rx_handlers[] =
4650 ieee80211_rx_h_if_stats,
4651 ieee80211_rx_h_monitor,
4652 ieee80211_rx_h_passive_scan,
4653 ieee80211_rx_h_check,
4654 ieee80211_rx_h_sta_process,
4655 ieee80211_rx_h_ccmp_decrypt,
4656 ieee80211_rx_h_tkip_decrypt,
4657 ieee80211_rx_h_wep_weak_iv_detection,
4658 ieee80211_rx_h_wep_decrypt,
4659 ieee80211_rx_h_defragment,
4660 ieee80211_rx_h_ps_poll,
4661 ieee80211_rx_h_michael_mic_verify,
4662 /* this must be after decryption - so header is counted in MPDU mic
4663 * must be before pae and data, so QOS_DATA format frames
4664 * are not passed to user space by these functions
4666 ieee80211_rx_h_remove_qos_control,
4667 ieee80211_rx_h_802_1x_pae,
4668 ieee80211_rx_h_drop_unencrypted,
4669 ieee80211_rx_h_data,
4670 ieee80211_rx_h_mgmt,
4674 static ieee80211_tx_handler ieee80211_tx_handlers[] =
4676 ieee80211_tx_h_check_assoc,
4677 ieee80211_tx_h_sequence,
4678 ieee80211_tx_h_ps_buf,
4679 ieee80211_tx_h_select_key,
4680 ieee80211_tx_h_michael_mic_add,
4681 ieee80211_tx_h_fragment,
4682 ieee80211_tx_h_tkip_encrypt,
4683 ieee80211_tx_h_ccmp_encrypt,
4684 ieee80211_tx_h_wep_encrypt,
4685 ieee80211_tx_h_rate_ctrl,
4686 ieee80211_tx_h_misc,
4687 ieee80211_tx_h_load_stats,
4692 int ieee80211_if_update_wds(struct net_device *dev, u8 *remote_addr)
4694 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
4695 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
4696 struct sta_info *sta;
4698 if (compare_ether_addr(remote_addr, sdata->u.wds.remote_addr) == 0)
4701 /* Create STA entry for the new peer */
4702 sta = sta_info_add(local, dev, remote_addr, GFP_KERNEL);
4707 /* Remove STA entry for the old peer */
4708 sta = sta_info_get(local, sdata->u.wds.remote_addr);
4711 sta_info_free(sta, 0);
4713 printk(KERN_DEBUG "%s: could not find STA entry for WDS link "
4714 "peer " MAC_FMT "\n",
4715 dev->name, MAC_ARG(sdata->u.wds.remote_addr));
4718 /* Update WDS link data */
4719 memcpy(&sdata->u.wds.remote_addr, remote_addr, ETH_ALEN);
4724 /* Must not be called for mdev and apdev */
4725 void ieee80211_if_setup(struct net_device *dev)
4728 dev->hard_start_xmit = ieee80211_subif_start_xmit;
4729 dev->wireless_handlers = &ieee80211_iw_handler_def;
4730 dev->set_multicast_list = ieee80211_set_multicast_list;
4731 dev->change_mtu = ieee80211_change_mtu;
4732 dev->get_stats = ieee80211_get_stats;
4733 dev->open = ieee80211_open;
4734 dev->stop = ieee80211_stop;
4735 dev->uninit = ieee80211_if_reinit;
4736 dev->destructor = ieee80211_if_free;
4739 void ieee80211_if_mgmt_setup(struct net_device *dev)
4742 dev->hard_start_xmit = ieee80211_mgmt_start_xmit;
4743 dev->change_mtu = ieee80211_change_mtu_apdev;
4744 dev->get_stats = ieee80211_get_stats;
4745 dev->open = ieee80211_mgmt_open;
4746 dev->stop = ieee80211_mgmt_stop;
4747 dev->type = ARPHRD_IEEE80211_PRISM;
4748 dev->hard_header_parse = header_parse_80211;
4749 dev->uninit = ieee80211_if_reinit;
4750 dev->destructor = ieee80211_if_free;
4753 int ieee80211_init_rate_ctrl_alg(struct ieee80211_local *local,
4756 struct rate_control_ref *ref, *old;
4759 if (local->open_count || netif_running(local->mdev) ||
4760 (local->apdev && netif_running(local->apdev)))
4763 ref = rate_control_alloc(name, local);
4765 printk(KERN_WARNING "%s: Failed to select rate control "
4766 "algorithm\n", local->mdev->name);
4770 old = local->rate_ctrl;
4771 local->rate_ctrl = ref;
4773 rate_control_put(old);
4774 sta_info_flush(local, NULL);
4777 printk(KERN_DEBUG "%s: Selected rate control "
4778 "algorithm '%s'\n", local->mdev->name,
4785 static void rate_control_deinitialize(struct ieee80211_local *local)
4787 struct rate_control_ref *ref;
4789 ref = local->rate_ctrl;
4790 local->rate_ctrl = NULL;
4791 rate_control_put(ref);
4794 struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
4795 const struct ieee80211_ops *ops)
4797 struct net_device *mdev;
4798 struct ieee80211_local *local;
4799 struct ieee80211_sub_if_data *sdata;
4801 struct wiphy *wiphy;
4803 /* Ensure 32-byte alignment of our private data and hw private data.
4804 * We use the wiphy priv data for both our ieee80211_local and for
4805 * the driver's private data
4807 * In memory it'll be like this:
4809 * +-------------------------+
4811 * +-------------------------+
4812 * | struct ieee80211_local |
4813 * +-------------------------+
4814 * | driver's private data |
4815 * +-------------------------+
4818 priv_size = ((sizeof(struct ieee80211_local) +
4819 NETDEV_ALIGN_CONST) & ~NETDEV_ALIGN_CONST) +
4822 wiphy = wiphy_new(&mac80211_config_ops, priv_size);
4827 wiphy->privid = mac80211_wiphy_privid;
4829 local = wiphy_priv(wiphy);
4830 local->hw.wiphy = wiphy;
4832 local->hw.priv = (char *)local +
4833 ((sizeof(struct ieee80211_local) +
4834 NETDEV_ALIGN_CONST) & ~NETDEV_ALIGN_CONST);
4838 /* for now, mdev needs sub_if_data :/ */
4839 mdev = alloc_netdev(sizeof(struct ieee80211_sub_if_data),
4840 "wmaster%d", ether_setup);
4846 sdata = IEEE80211_DEV_TO_SUB_IF(mdev);
4847 mdev->ieee80211_ptr = &sdata->wdev;
4848 sdata->wdev.wiphy = wiphy;
4850 local->hw.queues = 1; /* default */
4853 local->rx_pre_handlers = ieee80211_rx_pre_handlers;
4854 local->rx_handlers = ieee80211_rx_handlers;
4855 local->tx_handlers = ieee80211_tx_handlers;
4857 local->bridge_packets = 1;
4859 local->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD;
4860 local->fragmentation_threshold = IEEE80211_MAX_FRAG_THRESHOLD;
4861 local->short_retry_limit = 7;
4862 local->long_retry_limit = 4;
4863 local->hw.conf.radio_enabled = 1;
4864 local->rate_ctrl_num_up = RATE_CONTROL_NUM_UP;
4865 local->rate_ctrl_num_down = RATE_CONTROL_NUM_DOWN;
4867 local->enabled_modes = (unsigned int) -1;
4869 INIT_LIST_HEAD(&local->modes_list);
4871 rwlock_init(&local->sub_if_lock);
4872 INIT_LIST_HEAD(&local->sub_if_list);
4874 INIT_DELAYED_WORK(&local->scan_work, ieee80211_sta_scan_work);
4875 init_timer(&local->stat_timer);
4876 local->stat_timer.function = ieee80211_stat_refresh;
4877 local->stat_timer.data = (unsigned long) local;
4878 ieee80211_rx_bss_list_init(mdev);
4880 sta_info_init(local);
4882 mdev->hard_start_xmit = ieee80211_master_start_xmit;
4883 mdev->open = ieee80211_master_open;
4884 mdev->stop = ieee80211_master_stop;
4885 mdev->type = ARPHRD_IEEE80211;
4886 mdev->hard_header_parse = header_parse_80211;
4888 sdata->type = IEEE80211_IF_TYPE_AP;
4890 sdata->local = local;
4891 sdata->u.ap.force_unicast_rateidx = -1;
4892 sdata->u.ap.max_ratectrl_rateidx = -1;
4893 ieee80211_if_sdata_init(sdata);
4894 list_add_tail(&sdata->list, &local->sub_if_list);
4896 tasklet_init(&local->tx_pending_tasklet, ieee80211_tx_pending,
4897 (unsigned long)local);
4898 tasklet_disable(&local->tx_pending_tasklet);
4900 tasklet_init(&local->tasklet,
4901 ieee80211_tasklet_handler,
4902 (unsigned long) local);
4903 tasklet_disable(&local->tasklet);
4905 skb_queue_head_init(&local->skb_queue);
4906 skb_queue_head_init(&local->skb_queue_unreliable);
4908 return local_to_hw(local);
4910 EXPORT_SYMBOL(ieee80211_alloc_hw);
4912 int ieee80211_register_hw(struct ieee80211_hw *hw)
4914 struct ieee80211_local *local = hw_to_local(hw);
4918 result = wiphy_register(local->hw.wiphy);
4922 name = wiphy_dev(local->hw.wiphy)->driver->name;
4923 local->hw.workqueue = create_singlethread_workqueue(name);
4924 if (!local->hw.workqueue) {
4926 goto fail_workqueue;
4929 debugfs_hw_add(local);
4931 local->hw.conf.beacon_int = 1000;
4933 local->wstats_flags |= local->hw.max_rssi ?
4934 IW_QUAL_LEVEL_UPDATED : IW_QUAL_LEVEL_INVALID;
4935 local->wstats_flags |= local->hw.max_signal ?
4936 IW_QUAL_QUAL_UPDATED : IW_QUAL_QUAL_INVALID;
4937 local->wstats_flags |= local->hw.max_noise ?
4938 IW_QUAL_NOISE_UPDATED : IW_QUAL_NOISE_INVALID;
4939 if (local->hw.max_rssi < 0 || local->hw.max_noise < 0)
4940 local->wstats_flags |= IW_QUAL_DBM;
4942 result = sta_info_start(local);
4947 result = dev_alloc_name(local->mdev, local->mdev->name);
4951 memcpy(local->mdev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN);
4952 SET_NETDEV_DEV(local->mdev, wiphy_dev(local->hw.wiphy));
4954 result = register_netdevice(local->mdev);
4958 ieee80211_debugfs_add_netdev(IEEE80211_DEV_TO_SUB_IF(local->mdev));
4960 result = ieee80211_init_rate_ctrl_alg(local, NULL);
4962 printk(KERN_DEBUG "%s: Failed to initialize rate control "
4963 "algorithm\n", local->mdev->name);
4967 result = ieee80211_wep_init(local);
4970 printk(KERN_DEBUG "%s: Failed to initialize wep\n",
4975 ieee80211_install_qdisc(local->mdev);
4977 /* add one default STA interface */
4978 result = ieee80211_if_add(local->mdev, "wlan%d", NULL,
4979 IEEE80211_IF_TYPE_STA);
4981 printk(KERN_WARNING "%s: Failed to add default virtual iface\n",
4984 local->reg_state = IEEE80211_DEV_REGISTERED;
4987 ieee80211_led_init(local);
4992 rate_control_deinitialize(local);
4994 ieee80211_debugfs_remove_netdev(IEEE80211_DEV_TO_SUB_IF(local->mdev));
4995 unregister_netdevice(local->mdev);
4998 sta_info_stop(local);
5000 debugfs_hw_del(local);
5001 destroy_workqueue(local->hw.workqueue);
5003 wiphy_unregister(local->hw.wiphy);
5006 EXPORT_SYMBOL(ieee80211_register_hw);
5008 int ieee80211_register_hwmode(struct ieee80211_hw *hw,
5009 struct ieee80211_hw_mode *mode)
5011 struct ieee80211_local *local = hw_to_local(hw);
5012 struct ieee80211_rate *rate;
5015 INIT_LIST_HEAD(&mode->list);
5016 list_add_tail(&mode->list, &local->modes_list);
5018 local->hw_modes |= (1 << mode->mode);
5019 for (i = 0; i < mode->num_rates; i++) {
5020 rate = &(mode->rates[i]);
5021 rate->rate_inv = CHAN_UTIL_RATE_LCM / rate->rate;
5023 ieee80211_prepare_rates(local, mode);
5025 if (!local->oper_hw_mode) {
5026 /* Default to this mode */
5027 local->hw.conf.phymode = mode->mode;
5028 local->oper_hw_mode = local->scan_hw_mode = mode;
5029 local->oper_channel = local->scan_channel = &mode->channels[0];
5030 local->hw.conf.mode = local->oper_hw_mode;
5031 local->hw.conf.chan = local->oper_channel;
5034 if (!(hw->flags & IEEE80211_HW_DEFAULT_REG_DOMAIN_CONFIGURED))
5035 ieee80211_init_client(local->mdev);
5039 EXPORT_SYMBOL(ieee80211_register_hwmode);
5041 void ieee80211_unregister_hw(struct ieee80211_hw *hw)
5043 struct ieee80211_local *local = hw_to_local(hw);
5044 struct ieee80211_sub_if_data *sdata, *tmp;
5045 struct list_head tmp_list;
5048 tasklet_kill(&local->tx_pending_tasklet);
5049 tasklet_kill(&local->tasklet);
5053 BUG_ON(local->reg_state != IEEE80211_DEV_REGISTERED);
5055 local->reg_state = IEEE80211_DEV_UNREGISTERED;
5057 ieee80211_if_del_mgmt(local);
5059 write_lock_bh(&local->sub_if_lock);
5060 list_replace_init(&local->sub_if_list, &tmp_list);
5061 write_unlock_bh(&local->sub_if_lock);
5063 list_for_each_entry_safe(sdata, tmp, &tmp_list, list)
5064 __ieee80211_if_del(local, sdata);
5068 if (local->stat_time)
5069 del_timer_sync(&local->stat_timer);
5071 ieee80211_rx_bss_list_deinit(local->mdev);
5072 ieee80211_clear_tx_pending(local);
5073 sta_info_stop(local);
5074 rate_control_deinitialize(local);
5075 debugfs_hw_del(local);
5077 for (i = 0; i < NUM_IEEE80211_MODES; i++) {
5078 kfree(local->supp_rates[i]);
5079 kfree(local->basic_rates[i]);
5082 if (skb_queue_len(&local->skb_queue)
5083 || skb_queue_len(&local->skb_queue_unreliable))
5084 printk(KERN_WARNING "%s: skb_queue not empty\n",
5086 skb_queue_purge(&local->skb_queue);
5087 skb_queue_purge(&local->skb_queue_unreliable);
5089 destroy_workqueue(local->hw.workqueue);
5090 wiphy_unregister(local->hw.wiphy);
5091 ieee80211_wep_free(local);
5092 ieee80211_led_exit(local);
5094 EXPORT_SYMBOL(ieee80211_unregister_hw);
5096 void ieee80211_free_hw(struct ieee80211_hw *hw)
5098 struct ieee80211_local *local = hw_to_local(hw);
5100 ieee80211_if_free(local->mdev);
5101 wiphy_free(local->hw.wiphy);
5103 EXPORT_SYMBOL(ieee80211_free_hw);
5105 void ieee80211_wake_queue(struct ieee80211_hw *hw, int queue)
5107 struct ieee80211_local *local = hw_to_local(hw);
5109 if (test_and_clear_bit(IEEE80211_LINK_STATE_XOFF,
5110 &local->state[queue])) {
5111 if (test_bit(IEEE80211_LINK_STATE_PENDING,
5112 &local->state[queue]))
5113 tasklet_schedule(&local->tx_pending_tasklet);
5115 if (!ieee80211_qdisc_installed(local->mdev)) {
5117 netif_wake_queue(local->mdev);
5119 __netif_schedule(local->mdev);
5122 EXPORT_SYMBOL(ieee80211_wake_queue);
5124 void ieee80211_stop_queue(struct ieee80211_hw *hw, int queue)
5126 struct ieee80211_local *local = hw_to_local(hw);
5128 if (!ieee80211_qdisc_installed(local->mdev) && queue == 0)
5129 netif_stop_queue(local->mdev);
5130 set_bit(IEEE80211_LINK_STATE_XOFF, &local->state[queue]);
5132 EXPORT_SYMBOL(ieee80211_stop_queue);
5134 void ieee80211_start_queues(struct ieee80211_hw *hw)
5136 struct ieee80211_local *local = hw_to_local(hw);
5139 for (i = 0; i < local->hw.queues; i++)
5140 clear_bit(IEEE80211_LINK_STATE_XOFF, &local->state[i]);
5141 if (!ieee80211_qdisc_installed(local->mdev))
5142 netif_start_queue(local->mdev);
5144 EXPORT_SYMBOL(ieee80211_start_queues);
5146 void ieee80211_stop_queues(struct ieee80211_hw *hw)
5150 for (i = 0; i < hw->queues; i++)
5151 ieee80211_stop_queue(hw, i);
5153 EXPORT_SYMBOL(ieee80211_stop_queues);
5155 void ieee80211_wake_queues(struct ieee80211_hw *hw)
5159 for (i = 0; i < hw->queues; i++)
5160 ieee80211_wake_queue(hw, i);
5162 EXPORT_SYMBOL(ieee80211_wake_queues);
5164 struct net_device_stats *ieee80211_dev_stats(struct net_device *dev)
5166 struct ieee80211_sub_if_data *sdata;
5167 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
5168 return &sdata->stats;
5171 static int __init ieee80211_init(void)
5173 struct sk_buff *skb;
5176 BUILD_BUG_ON(sizeof(struct ieee80211_tx_packet_data) > sizeof(skb->cb));
5178 ret = ieee80211_wme_register();
5180 printk(KERN_DEBUG "ieee80211_init: failed to "
5181 "initialize WME (err=%d)\n", ret);
5185 ieee80211_debugfs_netdev_init();
5191 static void __exit ieee80211_exit(void)
5193 ieee80211_wme_unregister();
5194 ieee80211_debugfs_netdev_exit();
5198 module_init(ieee80211_init);
5199 module_exit(ieee80211_exit);
5201 MODULE_DESCRIPTION("IEEE 802.11 subsystem");
5202 MODULE_LICENSE("GPL");
projects / firefly-linux-kernel-4.4.55.git / blob