2 * Copyright 2002-2005, Instant802 Networks, Inc.
3 * Copyright 2005-2006, Devicescape Software, Inc.
4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
11 #include <net/mac80211.h>
12 #include <net/ieee80211_radiotap.h>
13 #include <linux/module.h>
14 #include <linux/init.h>
15 #include <linux/netdevice.h>
16 #include <linux/types.h>
17 #include <linux/slab.h>
18 #include <linux/skbuff.h>
19 #include <linux/etherdevice.h>
20 #include <linux/if_arp.h>
21 #include <linux/wireless.h>
22 #include <linux/rtnetlink.h>
23 #include <net/iw_handler.h>
24 #include <linux/compiler.h>
25 #include <linux/bitmap.h>
26 #include <net/cfg80211.h>
28 #include "ieee80211_common.h"
29 #include "ieee80211_i.h"
30 #include "ieee80211_rate.h"
36 #include "ieee80211_led.h"
37 #include "ieee80211_cfg.h"
39 #include "debugfs_netdev.h"
40 #include "debugfs_key.h"
42 /* privid for wiphys to determine whether they belong to us or not */
43 void *mac80211_wiphy_privid = &mac80211_wiphy_privid;
45 /* See IEEE 802.1H for LLC/SNAP encapsulation/decapsulation */
46 /* Ethernet-II snap header (RFC1042 for most EtherTypes) */
47 static const unsigned char rfc1042_header[] =
48 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
50 /* Bridge-Tunnel header (for EtherTypes ETH_P_AARP and ETH_P_IPX) */
51 static const unsigned char bridge_tunnel_header[] =
52 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0xf8 };
54 /* No encapsulation header if EtherType < 0x600 (=length) */
55 static const unsigned char eapol_header[] =
56 { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00, 0x88, 0x8e };
59 static inline void ieee80211_include_sequence(struct ieee80211_sub_if_data *sdata,
60 struct ieee80211_hdr *hdr)
62 /* Set the sequence number for this frame. */
63 hdr->seq_ctrl = cpu_to_le16(sdata->sequence);
65 /* Increase the sequence number. */
66 sdata->sequence = (sdata->sequence + 0x10) & IEEE80211_SCTL_SEQ;
69 struct ieee80211_key_conf *
70 ieee80211_key_data2conf(struct ieee80211_local *local,
71 const struct ieee80211_key *data)
73 struct ieee80211_key_conf *conf;
75 conf = kmalloc(sizeof(*conf) + data->keylen, GFP_ATOMIC);
79 conf->hw_key_idx = data->hw_key_idx;
80 conf->alg = data->alg;
81 conf->keylen = data->keylen;
83 if (data->force_sw_encrypt)
84 conf->flags |= IEEE80211_KEY_FORCE_SW_ENCRYPT;
85 conf->keyidx = data->keyidx;
86 if (data->default_tx_key)
87 conf->flags |= IEEE80211_KEY_DEFAULT_TX_KEY;
88 if (local->default_wep_only)
89 conf->flags |= IEEE80211_KEY_DEFAULT_WEP_ONLY;
90 memcpy(conf->key, data->key, data->keylen);
95 struct ieee80211_key *ieee80211_key_alloc(struct ieee80211_sub_if_data *sdata,
96 int idx, size_t key_len, gfp_t flags)
98 struct ieee80211_key *key;
100 key = kzalloc(sizeof(struct ieee80211_key) + key_len, flags);
103 kref_init(&key->kref);
107 static void ieee80211_key_release(struct kref *kref)
109 struct ieee80211_key *key;
111 key = container_of(kref, struct ieee80211_key, kref);
112 if (key->alg == ALG_CCMP)
113 ieee80211_aes_key_free(key->u.ccmp.tfm);
114 ieee80211_debugfs_key_remove(key);
118 void ieee80211_key_free(struct ieee80211_key *key)
121 kref_put(&key->kref, ieee80211_key_release);
124 static int rate_list_match(const int *rate_list, int rate)
131 for (i = 0; rate_list[i] >= 0; i++)
132 if (rate_list[i] == rate)
139 void ieee80211_prepare_rates(struct ieee80211_local *local,
140 struct ieee80211_hw_mode *mode)
144 for (i = 0; i < mode->num_rates; i++) {
145 struct ieee80211_rate *rate = &mode->rates[i];
147 rate->flags &= ~(IEEE80211_RATE_SUPPORTED |
148 IEEE80211_RATE_BASIC);
150 if (local->supp_rates[mode->mode]) {
151 if (!rate_list_match(local->supp_rates[mode->mode],
156 rate->flags |= IEEE80211_RATE_SUPPORTED;
158 /* Use configured basic rate set if it is available. If not,
159 * use defaults that are sane for most cases. */
160 if (local->basic_rates[mode->mode]) {
161 if (rate_list_match(local->basic_rates[mode->mode],
163 rate->flags |= IEEE80211_RATE_BASIC;
164 } else switch (mode->mode) {
165 case MODE_IEEE80211A:
166 if (rate->rate == 60 || rate->rate == 120 ||
168 rate->flags |= IEEE80211_RATE_BASIC;
170 case MODE_IEEE80211B:
171 if (rate->rate == 10 || rate->rate == 20)
172 rate->flags |= IEEE80211_RATE_BASIC;
174 case MODE_ATHEROS_TURBO:
175 if (rate->rate == 120 || rate->rate == 240 ||
177 rate->flags |= IEEE80211_RATE_BASIC;
179 case MODE_IEEE80211G:
180 if (rate->rate == 10 || rate->rate == 20 ||
181 rate->rate == 55 || rate->rate == 110)
182 rate->flags |= IEEE80211_RATE_BASIC;
186 /* Set ERP and MANDATORY flags based on phymode */
187 switch (mode->mode) {
188 case MODE_IEEE80211A:
189 if (rate->rate == 60 || rate->rate == 120 ||
191 rate->flags |= IEEE80211_RATE_MANDATORY;
193 case MODE_IEEE80211B:
194 if (rate->rate == 10)
195 rate->flags |= IEEE80211_RATE_MANDATORY;
197 case MODE_ATHEROS_TURBO:
199 case MODE_IEEE80211G:
200 if (rate->rate == 10 || rate->rate == 20 ||
201 rate->rate == 55 || rate->rate == 110 ||
202 rate->rate == 60 || rate->rate == 120 ||
204 rate->flags |= IEEE80211_RATE_MANDATORY;
207 if (ieee80211_is_erp_rate(mode->mode, rate->rate))
208 rate->flags |= IEEE80211_RATE_ERP;
213 static void ieee80211_key_threshold_notify(struct net_device *dev,
214 struct ieee80211_key *key,
215 struct sta_info *sta)
217 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
219 struct ieee80211_msg_key_notification *msg;
221 /* if no one will get it anyway, don't even allocate it.
222 * unlikely because this is only relevant for APs
223 * where the device must be open... */
224 if (unlikely(!local->apdev))
227 skb = dev_alloc_skb(sizeof(struct ieee80211_frame_info) +
228 sizeof(struct ieee80211_msg_key_notification));
232 skb_reserve(skb, sizeof(struct ieee80211_frame_info));
233 msg = (struct ieee80211_msg_key_notification *)
234 skb_put(skb, sizeof(struct ieee80211_msg_key_notification));
235 msg->tx_rx_count = key->tx_rx_count;
236 memcpy(msg->ifname, dev->name, IFNAMSIZ);
238 memcpy(msg->addr, sta->addr, ETH_ALEN);
240 memset(msg->addr, 0xff, ETH_ALEN);
242 key->tx_rx_count = 0;
244 ieee80211_rx_mgmt(local, skb, NULL,
245 ieee80211_msg_key_threshold_notification);
249 static u8 * ieee80211_get_bssid(struct ieee80211_hdr *hdr, size_t len)
256 fc = le16_to_cpu(hdr->frame_control);
258 switch (fc & IEEE80211_FCTL_FTYPE) {
259 case IEEE80211_FTYPE_DATA:
260 switch (fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) {
261 case IEEE80211_FCTL_TODS:
263 case (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS):
265 case IEEE80211_FCTL_FROMDS:
271 case IEEE80211_FTYPE_MGMT:
273 case IEEE80211_FTYPE_CTL:
274 if ((fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PSPOLL)
283 int ieee80211_get_hdrlen(u16 fc)
287 switch (fc & IEEE80211_FCTL_FTYPE) {
288 case IEEE80211_FTYPE_DATA:
289 if ((fc & IEEE80211_FCTL_FROMDS) && (fc & IEEE80211_FCTL_TODS))
290 hdrlen = 30; /* Addr4 */
292 * The QoS Control field is two bytes and its presence is
293 * indicated by the IEEE80211_STYPE_QOS_DATA bit. Add 2 to
294 * hdrlen if that bit is set.
295 * This works by masking out the bit and shifting it to
296 * bit position 1 so the result has the value 0 or 2.
298 hdrlen += (fc & IEEE80211_STYPE_QOS_DATA)
299 >> (ilog2(IEEE80211_STYPE_QOS_DATA)-1);
301 case IEEE80211_FTYPE_CTL:
303 * ACK and CTS are 10 bytes, all others 16. To see how
304 * to get this condition consider
305 * subtype mask: 0b0000000011110000 (0x00F0)
306 * ACK subtype: 0b0000000011010000 (0x00D0)
307 * CTS subtype: 0b0000000011000000 (0x00C0)
308 * bits that matter: ^^^ (0x00E0)
309 * value of those: 0b0000000011000000 (0x00C0)
311 if ((fc & 0xE0) == 0xC0)
320 EXPORT_SYMBOL(ieee80211_get_hdrlen);
322 int ieee80211_get_hdrlen_from_skb(const struct sk_buff *skb)
324 const struct ieee80211_hdr *hdr = (const struct ieee80211_hdr *) skb->data;
327 if (unlikely(skb->len < 10))
329 hdrlen = ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_control));
330 if (unlikely(hdrlen > skb->len))
334 EXPORT_SYMBOL(ieee80211_get_hdrlen_from_skb);
336 static int ieee80211_get_radiotap_len(struct sk_buff *skb)
338 struct ieee80211_radiotap_header *hdr =
339 (struct ieee80211_radiotap_header *) skb->data;
341 return le16_to_cpu(hdr->it_len);
344 #ifdef CONFIG_MAC80211_LOWTX_FRAME_DUMP
345 static void ieee80211_dump_frame(const char *ifname, const char *title,
346 const struct sk_buff *skb)
348 const struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
352 printk(KERN_DEBUG "%s: %s (len=%d)", ifname, title, skb->len);
358 fc = le16_to_cpu(hdr->frame_control);
359 hdrlen = ieee80211_get_hdrlen(fc);
360 if (hdrlen > skb->len)
363 printk(" FC=0x%04x DUR=0x%04x",
364 fc, le16_to_cpu(hdr->duration_id));
366 printk(" A1=" MAC_FMT, MAC_ARG(hdr->addr1));
368 printk(" A2=" MAC_FMT, MAC_ARG(hdr->addr2));
370 printk(" A3=" MAC_FMT, MAC_ARG(hdr->addr3));
372 printk(" A4=" MAC_FMT, MAC_ARG(hdr->addr4));
375 #else /* CONFIG_MAC80211_LOWTX_FRAME_DUMP */
376 static inline void ieee80211_dump_frame(const char *ifname, const char *title,
380 #endif /* CONFIG_MAC80211_LOWTX_FRAME_DUMP */
383 static int ieee80211_is_eapol(const struct sk_buff *skb)
385 const struct ieee80211_hdr *hdr;
389 if (unlikely(skb->len < 10))
392 hdr = (const struct ieee80211_hdr *) skb->data;
393 fc = le16_to_cpu(hdr->frame_control);
395 if (unlikely(!WLAN_FC_DATA_PRESENT(fc)))
398 hdrlen = ieee80211_get_hdrlen(fc);
400 if (unlikely(skb->len >= hdrlen + sizeof(eapol_header) &&
401 memcmp(skb->data + hdrlen, eapol_header,
402 sizeof(eapol_header)) == 0))
409 static ieee80211_txrx_result
410 ieee80211_tx_h_rate_ctrl(struct ieee80211_txrx_data *tx)
412 struct rate_control_extra extra;
414 memset(&extra, 0, sizeof(extra));
415 extra.mode = tx->u.tx.mode;
416 extra.mgmt_data = tx->sdata &&
417 tx->sdata->type == IEEE80211_IF_TYPE_MGMT;
418 extra.ethertype = tx->ethertype;
420 tx->u.tx.rate = rate_control_get_rate(tx->local, tx->dev, tx->skb,
422 if (unlikely(extra.probe != NULL)) {
423 tx->u.tx.control->flags |= IEEE80211_TXCTL_RATE_CTRL_PROBE;
424 tx->u.tx.probe_last_frag = 1;
425 tx->u.tx.control->alt_retry_rate = tx->u.tx.rate->val;
426 tx->u.tx.rate = extra.probe;
428 tx->u.tx.control->alt_retry_rate = -1;
432 if (tx->u.tx.mode->mode == MODE_IEEE80211G &&
433 tx->local->cts_protect_erp_frames && tx->fragmented &&
435 tx->u.tx.last_frag_rate = tx->u.tx.rate;
436 tx->u.tx.probe_last_frag = extra.probe ? 1 : 0;
438 tx->u.tx.rate = extra.nonerp;
439 tx->u.tx.control->rate = extra.nonerp;
440 tx->u.tx.control->flags &= ~IEEE80211_TXCTL_RATE_CTRL_PROBE;
442 tx->u.tx.last_frag_rate = tx->u.tx.rate;
443 tx->u.tx.control->rate = tx->u.tx.rate;
445 tx->u.tx.control->tx_rate = tx->u.tx.rate->val;
446 if ((tx->u.tx.rate->flags & IEEE80211_RATE_PREAMBLE2) &&
447 tx->local->short_preamble &&
448 (!tx->sta || (tx->sta->flags & WLAN_STA_SHORT_PREAMBLE))) {
449 tx->u.tx.short_preamble = 1;
450 tx->u.tx.control->tx_rate = tx->u.tx.rate->val2;
453 return TXRX_CONTINUE;
457 static ieee80211_txrx_result
458 ieee80211_tx_h_select_key(struct ieee80211_txrx_data *tx)
461 tx->u.tx.control->key_idx = tx->sta->key_idx_compression;
463 tx->u.tx.control->key_idx = HW_KEY_IDX_INVALID;
465 if (unlikely(tx->u.tx.control->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT))
467 else if (tx->sta && tx->sta->key)
468 tx->key = tx->sta->key;
469 else if (tx->sdata->default_key)
470 tx->key = tx->sdata->default_key;
471 else if (tx->sdata->drop_unencrypted &&
472 !(tx->sdata->eapol && ieee80211_is_eapol(tx->skb))) {
473 I802_DEBUG_INC(tx->local->tx_handlers_drop_unencrypted);
479 tx->key->tx_rx_count++;
480 if (unlikely(tx->local->key_tx_rx_threshold &&
481 tx->key->tx_rx_count >
482 tx->local->key_tx_rx_threshold)) {
483 ieee80211_key_threshold_notify(tx->dev, tx->key,
488 return TXRX_CONTINUE;
492 static ieee80211_txrx_result
493 ieee80211_tx_h_fragment(struct ieee80211_txrx_data *tx)
495 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
496 size_t hdrlen, per_fragm, num_fragm, payload_len, left;
497 struct sk_buff **frags, *first, *frag;
501 int frag_threshold = tx->local->fragmentation_threshold;
504 return TXRX_CONTINUE;
508 hdrlen = ieee80211_get_hdrlen(tx->fc);
509 payload_len = first->len - hdrlen;
510 per_fragm = frag_threshold - hdrlen - FCS_LEN;
511 num_fragm = (payload_len + per_fragm - 1) / per_fragm;
513 frags = kzalloc(num_fragm * sizeof(struct sk_buff *), GFP_ATOMIC);
517 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_MOREFRAGS);
518 seq = le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_SEQ;
519 pos = first->data + hdrlen + per_fragm;
520 left = payload_len - per_fragm;
521 for (i = 0; i < num_fragm - 1; i++) {
522 struct ieee80211_hdr *fhdr;
528 /* reserve enough extra head and tail room for possible
531 dev_alloc_skb(tx->local->hw.extra_tx_headroom +
533 IEEE80211_ENCRYPT_HEADROOM +
534 IEEE80211_ENCRYPT_TAILROOM);
537 /* Make sure that all fragments use the same priority so
538 * that they end up using the same TX queue */
539 frag->priority = first->priority;
540 skb_reserve(frag, tx->local->hw.extra_tx_headroom +
541 IEEE80211_ENCRYPT_HEADROOM);
542 fhdr = (struct ieee80211_hdr *) skb_put(frag, hdrlen);
543 memcpy(fhdr, first->data, hdrlen);
544 if (i == num_fragm - 2)
545 fhdr->frame_control &= cpu_to_le16(~IEEE80211_FCTL_MOREFRAGS);
546 fhdr->seq_ctrl = cpu_to_le16(seq | ((i + 1) & IEEE80211_SCTL_FRAG));
547 copylen = left > per_fragm ? per_fragm : left;
548 memcpy(skb_put(frag, copylen), pos, copylen);
553 skb_trim(first, hdrlen + per_fragm);
555 tx->u.tx.num_extra_frag = num_fragm - 1;
556 tx->u.tx.extra_frag = frags;
558 return TXRX_CONTINUE;
561 printk(KERN_DEBUG "%s: failed to fragment frame\n", tx->dev->name);
563 for (i = 0; i < num_fragm - 1; i++)
565 dev_kfree_skb(frags[i]);
568 I802_DEBUG_INC(tx->local->tx_handlers_drop_fragment);
573 static int wep_encrypt_skb(struct ieee80211_txrx_data *tx, struct sk_buff *skb)
575 if (tx->key->force_sw_encrypt) {
576 if (ieee80211_wep_encrypt(tx->local, skb, tx->key))
579 tx->u.tx.control->key_idx = tx->key->hw_key_idx;
580 if (tx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) {
581 if (ieee80211_wep_add_iv(tx->local, skb, tx->key) ==
590 void ieee80211_tx_set_iswep(struct ieee80211_txrx_data *tx)
592 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
594 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
595 if (tx->u.tx.extra_frag) {
596 struct ieee80211_hdr *fhdr;
598 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
599 fhdr = (struct ieee80211_hdr *)
600 tx->u.tx.extra_frag[i]->data;
601 fhdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
607 static ieee80211_txrx_result
608 ieee80211_tx_h_wep_encrypt(struct ieee80211_txrx_data *tx)
610 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
613 fc = le16_to_cpu(hdr->frame_control);
615 if (!tx->key || tx->key->alg != ALG_WEP ||
616 ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
617 ((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
618 (fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)))
619 return TXRX_CONTINUE;
621 tx->u.tx.control->iv_len = WEP_IV_LEN;
622 tx->u.tx.control->icv_len = WEP_ICV_LEN;
623 ieee80211_tx_set_iswep(tx);
625 if (wep_encrypt_skb(tx, tx->skb) < 0) {
626 I802_DEBUG_INC(tx->local->tx_handlers_drop_wep);
630 if (tx->u.tx.extra_frag) {
632 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
633 if (wep_encrypt_skb(tx, tx->u.tx.extra_frag[i]) < 0) {
634 I802_DEBUG_INC(tx->local->
635 tx_handlers_drop_wep);
641 return TXRX_CONTINUE;
645 static int ieee80211_frame_duration(struct ieee80211_local *local, size_t len,
646 int rate, int erp, int short_preamble)
650 /* calculate duration (in microseconds, rounded up to next higher
651 * integer if it includes a fractional microsecond) to send frame of
652 * len bytes (does not include FCS) at the given rate. Duration will
655 * rate is in 100 kbps, so divident is multiplied by 10 in the
656 * DIV_ROUND_UP() operations.
659 if (local->hw.conf.phymode == MODE_IEEE80211A || erp ||
660 local->hw.conf.phymode == MODE_ATHEROS_TURBO) {
664 * N_DBPS = DATARATE x 4
665 * N_SYM = Ceiling((16+8xLENGTH+6) / N_DBPS)
666 * (16 = SIGNAL time, 6 = tail bits)
667 * TXTIME = T_PREAMBLE + T_SIGNAL + T_SYM x N_SYM + Signal Ext
670 * 802.11a - 17.5.2: aSIFSTime = 16 usec
671 * 802.11g - 19.8.4: aSIFSTime = 10 usec +
672 * signal ext = 6 usec
674 /* FIX: Atheros Turbo may have different (shorter) duration? */
675 dur = 16; /* SIFS + signal ext */
676 dur += 16; /* 17.3.2.3: T_PREAMBLE = 16 usec */
677 dur += 4; /* 17.3.2.3: T_SIGNAL = 4 usec */
678 dur += 4 * DIV_ROUND_UP((16 + 8 * (len + 4) + 6) * 10,
679 4 * rate); /* T_SYM x N_SYM */
682 * 802.11b or 802.11g with 802.11b compatibility:
683 * 18.3.4: TXTIME = PreambleLength + PLCPHeaderTime +
684 * Ceiling(((LENGTH+PBCC)x8)/DATARATE). PBCC=0.
686 * 802.11 (DS): 15.3.3, 802.11b: 18.3.4
687 * aSIFSTime = 10 usec
688 * aPreambleLength = 144 usec or 72 usec with short preamble
689 * aPLCPHeaderLength = 48 usec or 24 usec with short preamble
691 dur = 10; /* aSIFSTime = 10 usec */
692 dur += short_preamble ? (72 + 24) : (144 + 48);
694 dur += DIV_ROUND_UP(8 * (len + 4) * 10, rate);
701 /* Exported duration function for driver use */
702 __le16 ieee80211_generic_frame_duration(struct ieee80211_hw *hw,
703 size_t frame_len, int rate)
705 struct ieee80211_local *local = hw_to_local(hw);
709 erp = ieee80211_is_erp_rate(hw->conf.phymode, rate);
710 dur = ieee80211_frame_duration(local, frame_len, rate,
711 erp, local->short_preamble);
713 return cpu_to_le16(dur);
715 EXPORT_SYMBOL(ieee80211_generic_frame_duration);
718 static u16 ieee80211_duration(struct ieee80211_txrx_data *tx, int group_addr,
721 int rate, mrate, erp, dur, i;
722 struct ieee80211_rate *txrate = tx->u.tx.rate;
723 struct ieee80211_local *local = tx->local;
724 struct ieee80211_hw_mode *mode = tx->u.tx.mode;
726 erp = txrate->flags & IEEE80211_RATE_ERP;
729 * data and mgmt (except PS Poll):
730 * - during CFP: 32768
731 * - during contention period:
732 * if addr1 is group address: 0
733 * if more fragments = 0 and addr1 is individual address: time to
734 * transmit one ACK plus SIFS
735 * if more fragments = 1 and addr1 is individual address: time to
736 * transmit next fragment plus 2 x ACK plus 3 x SIFS
739 * - control response frame (CTS or ACK) shall be transmitted using the
740 * same rate as the immediately previous frame in the frame exchange
741 * sequence, if this rate belongs to the PHY mandatory rates, or else
742 * at the highest possible rate belonging to the PHY rates in the
746 if ((tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL) {
747 /* TODO: These control frames are not currently sent by
748 * 80211.o, but should they be implemented, this function
749 * needs to be updated to support duration field calculation.
751 * RTS: time needed to transmit pending data/mgmt frame plus
752 * one CTS frame plus one ACK frame plus 3 x SIFS
753 * CTS: duration of immediately previous RTS minus time
754 * required to transmit CTS and its SIFS
755 * ACK: 0 if immediately previous directed data/mgmt had
756 * more=0, with more=1 duration in ACK frame is duration
757 * from previous frame minus time needed to transmit ACK
759 * PS Poll: BIT(15) | BIT(14) | aid
765 if (0 /* FIX: data/mgmt during CFP */)
768 if (group_addr) /* Group address as the destination - no ACK */
771 /* Individual destination address:
772 * IEEE 802.11, Ch. 9.6 (after IEEE 802.11g changes)
773 * CTS and ACK frames shall be transmitted using the highest rate in
774 * basic rate set that is less than or equal to the rate of the
775 * immediately previous frame and that is using the same modulation
776 * (CCK or OFDM). If no basic rate set matches with these requirements,
777 * the highest mandatory rate of the PHY that is less than or equal to
778 * the rate of the previous frame is used.
779 * Mandatory rates for IEEE 802.11g PHY: 1, 2, 5.5, 11, 6, 12, 24 Mbps
782 mrate = 10; /* use 1 Mbps if everything fails */
783 for (i = 0; i < mode->num_rates; i++) {
784 struct ieee80211_rate *r = &mode->rates[i];
785 if (r->rate > txrate->rate)
788 if (IEEE80211_RATE_MODULATION(txrate->flags) !=
789 IEEE80211_RATE_MODULATION(r->flags))
792 if (r->flags & IEEE80211_RATE_BASIC)
794 else if (r->flags & IEEE80211_RATE_MANDATORY)
798 /* No matching basic rate found; use highest suitable mandatory
803 /* Time needed to transmit ACK
804 * (10 bytes + 4-byte FCS = 112 bits) plus SIFS; rounded up
805 * to closest integer */
807 dur = ieee80211_frame_duration(local, 10, rate, erp,
808 local->short_preamble);
811 /* Frame is fragmented: duration increases with time needed to
812 * transmit next fragment plus ACK and 2 x SIFS. */
813 dur *= 2; /* ACK + SIFS */
815 dur += ieee80211_frame_duration(local, next_frag_len,
817 local->short_preamble);
824 static ieee80211_txrx_result
825 ieee80211_tx_h_misc(struct ieee80211_txrx_data *tx)
827 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) tx->skb->data;
829 struct ieee80211_tx_control *control = tx->u.tx.control;
830 struct ieee80211_hw_mode *mode = tx->u.tx.mode;
832 if (!is_multicast_ether_addr(hdr->addr1)) {
833 if (tx->skb->len + FCS_LEN > tx->local->rts_threshold &&
834 tx->local->rts_threshold < IEEE80211_MAX_RTS_THRESHOLD) {
835 control->flags |= IEEE80211_TXCTL_USE_RTS_CTS;
836 control->retry_limit =
837 tx->local->long_retry_limit;
839 control->retry_limit =
840 tx->local->short_retry_limit;
843 control->retry_limit = 1;
846 if (tx->fragmented) {
847 /* Do not use multiple retry rates when sending fragmented
849 * TODO: The last fragment could still use multiple retry
851 control->alt_retry_rate = -1;
854 /* Use CTS protection for unicast frames sent using extended rates if
855 * there are associated non-ERP stations and RTS/CTS is not configured
857 if (mode->mode == MODE_IEEE80211G &&
858 (tx->u.tx.rate->flags & IEEE80211_RATE_ERP) &&
860 tx->local->cts_protect_erp_frames &&
861 !(control->flags & IEEE80211_TXCTL_USE_RTS_CTS))
862 control->flags |= IEEE80211_TXCTL_USE_CTS_PROTECT;
864 /* Setup duration field for the first fragment of the frame. Duration
865 * for remaining fragments will be updated when they are being sent
866 * to low-level driver in ieee80211_tx(). */
867 dur = ieee80211_duration(tx, is_multicast_ether_addr(hdr->addr1),
868 tx->fragmented ? tx->u.tx.extra_frag[0]->len :
870 hdr->duration_id = cpu_to_le16(dur);
872 if ((control->flags & IEEE80211_TXCTL_USE_RTS_CTS) ||
873 (control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT)) {
874 struct ieee80211_rate *rate;
876 /* Do not use multiple retry rates when using RTS/CTS */
877 control->alt_retry_rate = -1;
879 /* Use min(data rate, max base rate) as CTS/RTS rate */
880 rate = tx->u.tx.rate;
881 while (rate > mode->rates &&
882 !(rate->flags & IEEE80211_RATE_BASIC))
885 control->rts_cts_rate = rate->val;
886 control->rts_rate = rate;
890 tx->sta->tx_packets++;
891 tx->sta->tx_fragments++;
892 tx->sta->tx_bytes += tx->skb->len;
893 if (tx->u.tx.extra_frag) {
895 tx->sta->tx_fragments += tx->u.tx.num_extra_frag;
896 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
898 tx->u.tx.extra_frag[i]->len;
903 return TXRX_CONTINUE;
907 static ieee80211_txrx_result
908 ieee80211_tx_h_check_assoc(struct ieee80211_txrx_data *tx)
910 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
911 struct sk_buff *skb = tx->skb;
912 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
913 #endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
916 if (unlikely(tx->local->sta_scanning != 0) &&
917 ((tx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
918 (tx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PROBE_REQ))
921 if (tx->u.tx.ps_buffered)
922 return TXRX_CONTINUE;
924 sta_flags = tx->sta ? tx->sta->flags : 0;
926 if (likely(tx->u.tx.unicast)) {
927 if (unlikely(!(sta_flags & WLAN_STA_ASSOC) &&
928 tx->sdata->type != IEEE80211_IF_TYPE_IBSS &&
929 (tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)) {
930 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
931 printk(KERN_DEBUG "%s: dropped data frame to not "
932 "associated station " MAC_FMT "\n",
933 tx->dev->name, MAC_ARG(hdr->addr1));
934 #endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
935 I802_DEBUG_INC(tx->local->tx_handlers_drop_not_assoc);
939 if (unlikely((tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
940 tx->local->num_sta == 0 &&
941 !tx->local->allow_broadcast_always &&
942 tx->sdata->type != IEEE80211_IF_TYPE_IBSS)) {
944 * No associated STAs - no need to send multicast
949 return TXRX_CONTINUE;
952 if (unlikely(!tx->u.tx.mgmt_interface && tx->sdata->ieee802_1x &&
953 !(sta_flags & WLAN_STA_AUTHORIZED))) {
954 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
955 printk(KERN_DEBUG "%s: dropped frame to " MAC_FMT
956 " (unauthorized port)\n", tx->dev->name,
957 MAC_ARG(hdr->addr1));
959 I802_DEBUG_INC(tx->local->tx_handlers_drop_unauth_port);
963 return TXRX_CONTINUE;
966 static ieee80211_txrx_result
967 ieee80211_tx_h_sequence(struct ieee80211_txrx_data *tx)
969 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)tx->skb->data;
971 if (ieee80211_get_hdrlen(le16_to_cpu(hdr->frame_control)) >= 24)
972 ieee80211_include_sequence(tx->sdata, hdr);
974 return TXRX_CONTINUE;
977 /* This function is called whenever the AP is about to exceed the maximum limit
978 * of buffered frames for power saving STAs. This situation should not really
979 * happen often during normal operation, so dropping the oldest buffered packet
980 * from each queue should be OK to make some room for new frames. */
981 static void purge_old_ps_buffers(struct ieee80211_local *local)
983 int total = 0, purged = 0;
985 struct ieee80211_sub_if_data *sdata;
986 struct sta_info *sta;
988 read_lock(&local->sub_if_lock);
989 list_for_each_entry(sdata, &local->sub_if_list, list) {
990 struct ieee80211_if_ap *ap;
991 if (sdata->dev == local->mdev ||
992 sdata->type != IEEE80211_IF_TYPE_AP)
995 skb = skb_dequeue(&ap->ps_bc_buf);
1000 total += skb_queue_len(&ap->ps_bc_buf);
1002 read_unlock(&local->sub_if_lock);
1004 spin_lock_bh(&local->sta_lock);
1005 list_for_each_entry(sta, &local->sta_list, list) {
1006 skb = skb_dequeue(&sta->ps_tx_buf);
1011 total += skb_queue_len(&sta->ps_tx_buf);
1013 spin_unlock_bh(&local->sta_lock);
1015 local->total_ps_buffered = total;
1016 printk(KERN_DEBUG "%s: PS buffers full - purged %d frames\n",
1017 local->mdev->name, purged);
1021 static inline ieee80211_txrx_result
1022 ieee80211_tx_h_multicast_ps_buf(struct ieee80211_txrx_data *tx)
1024 /* broadcast/multicast frame */
1025 /* If any of the associated stations is in power save mode,
1026 * the frame is buffered to be sent after DTIM beacon frame */
1027 if ((tx->local->hw.flags & IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING) &&
1028 tx->sdata->type != IEEE80211_IF_TYPE_WDS &&
1029 tx->sdata->bss && atomic_read(&tx->sdata->bss->num_sta_ps) &&
1030 !(tx->fc & IEEE80211_FCTL_ORDER)) {
1031 if (tx->local->total_ps_buffered >= TOTAL_MAX_TX_BUFFER)
1032 purge_old_ps_buffers(tx->local);
1033 if (skb_queue_len(&tx->sdata->bss->ps_bc_buf) >=
1035 if (net_ratelimit()) {
1036 printk(KERN_DEBUG "%s: BC TX buffer full - "
1037 "dropping the oldest frame\n",
1040 dev_kfree_skb(skb_dequeue(&tx->sdata->bss->ps_bc_buf));
1042 tx->local->total_ps_buffered++;
1043 skb_queue_tail(&tx->sdata->bss->ps_bc_buf, tx->skb);
1047 return TXRX_CONTINUE;
1051 static inline ieee80211_txrx_result
1052 ieee80211_tx_h_unicast_ps_buf(struct ieee80211_txrx_data *tx)
1054 struct sta_info *sta = tx->sta;
1056 if (unlikely(!sta ||
1057 ((tx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT &&
1058 (tx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PROBE_RESP)))
1059 return TXRX_CONTINUE;
1061 if (unlikely((sta->flags & WLAN_STA_PS) && !sta->pspoll)) {
1062 struct ieee80211_tx_packet_data *pkt_data;
1063 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
1064 printk(KERN_DEBUG "STA " MAC_FMT " aid %d: PS buffer (entries "
1066 MAC_ARG(sta->addr), sta->aid,
1067 skb_queue_len(&sta->ps_tx_buf));
1068 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
1069 sta->flags |= WLAN_STA_TIM;
1070 if (tx->local->total_ps_buffered >= TOTAL_MAX_TX_BUFFER)
1071 purge_old_ps_buffers(tx->local);
1072 if (skb_queue_len(&sta->ps_tx_buf) >= STA_MAX_TX_BUFFER) {
1073 struct sk_buff *old = skb_dequeue(&sta->ps_tx_buf);
1074 if (net_ratelimit()) {
1075 printk(KERN_DEBUG "%s: STA " MAC_FMT " TX "
1076 "buffer full - dropping oldest frame\n",
1077 tx->dev->name, MAC_ARG(sta->addr));
1081 tx->local->total_ps_buffered++;
1082 /* Queue frame to be sent after STA sends an PS Poll frame */
1083 if (skb_queue_empty(&sta->ps_tx_buf)) {
1084 if (tx->local->ops->set_tim)
1085 tx->local->ops->set_tim(local_to_hw(tx->local),
1088 bss_tim_set(tx->local, tx->sdata->bss, sta->aid);
1090 pkt_data = (struct ieee80211_tx_packet_data *)tx->skb->cb;
1091 pkt_data->jiffies = jiffies;
1092 skb_queue_tail(&sta->ps_tx_buf, tx->skb);
1095 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
1096 else if (unlikely(sta->flags & WLAN_STA_PS)) {
1097 printk(KERN_DEBUG "%s: STA " MAC_FMT " in PS mode, but pspoll "
1098 "set -> send frame\n", tx->dev->name,
1099 MAC_ARG(sta->addr));
1101 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
1104 return TXRX_CONTINUE;
1108 static ieee80211_txrx_result
1109 ieee80211_tx_h_ps_buf(struct ieee80211_txrx_data *tx)
1111 if (unlikely(tx->u.tx.ps_buffered))
1112 return TXRX_CONTINUE;
1114 if (tx->u.tx.unicast)
1115 return ieee80211_tx_h_unicast_ps_buf(tx);
1117 return ieee80211_tx_h_multicast_ps_buf(tx);
1122 __ieee80211_tx_prepare(struct ieee80211_txrx_data *tx,
1123 struct sk_buff *skb,
1124 struct net_device *dev,
1125 struct ieee80211_tx_control *control)
1127 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1128 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
1131 memset(tx, 0, sizeof(*tx));
1133 tx->dev = dev; /* use original interface */
1135 tx->sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1136 tx->sta = sta_info_get(local, hdr->addr1);
1137 tx->fc = le16_to_cpu(hdr->frame_control);
1138 control->power_level = local->hw.conf.power_level;
1139 tx->u.tx.control = control;
1140 tx->u.tx.unicast = !is_multicast_ether_addr(hdr->addr1);
1141 if (is_multicast_ether_addr(hdr->addr1))
1142 control->flags |= IEEE80211_TXCTL_NO_ACK;
1144 control->flags &= ~IEEE80211_TXCTL_NO_ACK;
1145 tx->fragmented = local->fragmentation_threshold <
1146 IEEE80211_MAX_FRAG_THRESHOLD && tx->u.tx.unicast &&
1147 skb->len + FCS_LEN > local->fragmentation_threshold &&
1148 (!local->ops->set_frag_threshold);
1150 control->flags |= IEEE80211_TXCTL_CLEAR_DST_MASK;
1151 else if (tx->sta->clear_dst_mask) {
1152 control->flags |= IEEE80211_TXCTL_CLEAR_DST_MASK;
1153 tx->sta->clear_dst_mask = 0;
1155 control->antenna_sel_tx = local->hw.conf.antenna_sel_tx;
1156 if (local->sta_antenna_sel != STA_ANTENNA_SEL_AUTO && tx->sta)
1157 control->antenna_sel_tx = tx->sta->antenna_sel_tx;
1158 hdrlen = ieee80211_get_hdrlen(tx->fc);
1159 if (skb->len > hdrlen + sizeof(rfc1042_header) + 2) {
1160 u8 *pos = &skb->data[hdrlen + sizeof(rfc1042_header)];
1161 tx->ethertype = (pos[0] << 8) | pos[1];
1163 control->flags |= IEEE80211_TXCTL_FIRST_FRAGMENT;
1167 static int inline is_ieee80211_device(struct net_device *dev,
1168 struct net_device *master)
1170 return (wdev_priv(dev->ieee80211_ptr) ==
1171 wdev_priv(master->ieee80211_ptr));
1174 /* Device in tx->dev has a reference added; use dev_put(tx->dev) when
1175 * finished with it. */
1176 static int inline ieee80211_tx_prepare(struct ieee80211_txrx_data *tx,
1177 struct sk_buff *skb,
1178 struct net_device *mdev,
1179 struct ieee80211_tx_control *control)
1181 struct ieee80211_tx_packet_data *pkt_data;
1182 struct net_device *dev;
1184 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
1185 dev = dev_get_by_index(pkt_data->ifindex);
1186 if (unlikely(dev && !is_ieee80211_device(dev, mdev))) {
1192 __ieee80211_tx_prepare(tx, skb, dev, control);
1196 static inline int __ieee80211_queue_stopped(const struct ieee80211_local *local,
1199 return test_bit(IEEE80211_LINK_STATE_XOFF, &local->state[queue]);
1202 static inline int __ieee80211_queue_pending(const struct ieee80211_local *local,
1205 return test_bit(IEEE80211_LINK_STATE_PENDING, &local->state[queue]);
1208 #define IEEE80211_TX_OK 0
1209 #define IEEE80211_TX_AGAIN 1
1210 #define IEEE80211_TX_FRAG_AGAIN 2
1212 static int __ieee80211_tx(struct ieee80211_local *local, struct sk_buff *skb,
1213 struct ieee80211_txrx_data *tx)
1215 struct ieee80211_tx_control *control = tx->u.tx.control;
1218 if (!ieee80211_qdisc_installed(local->mdev) &&
1219 __ieee80211_queue_stopped(local, 0)) {
1220 netif_stop_queue(local->mdev);
1221 return IEEE80211_TX_AGAIN;
1224 ieee80211_dump_frame(local->mdev->name, "TX to low-level driver", skb);
1225 ret = local->ops->tx(local_to_hw(local), skb, control);
1227 return IEEE80211_TX_AGAIN;
1228 local->mdev->trans_start = jiffies;
1229 ieee80211_led_tx(local, 1);
1231 if (tx->u.tx.extra_frag) {
1232 control->flags &= ~(IEEE80211_TXCTL_USE_RTS_CTS |
1233 IEEE80211_TXCTL_USE_CTS_PROTECT |
1234 IEEE80211_TXCTL_CLEAR_DST_MASK |
1235 IEEE80211_TXCTL_FIRST_FRAGMENT);
1236 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
1237 if (!tx->u.tx.extra_frag[i])
1239 if (__ieee80211_queue_stopped(local, control->queue))
1240 return IEEE80211_TX_FRAG_AGAIN;
1241 if (i == tx->u.tx.num_extra_frag) {
1242 control->tx_rate = tx->u.tx.last_frag_hwrate;
1243 control->rate = tx->u.tx.last_frag_rate;
1244 if (tx->u.tx.probe_last_frag)
1246 IEEE80211_TXCTL_RATE_CTRL_PROBE;
1249 ~IEEE80211_TXCTL_RATE_CTRL_PROBE;
1252 ieee80211_dump_frame(local->mdev->name,
1253 "TX to low-level driver",
1254 tx->u.tx.extra_frag[i]);
1255 ret = local->ops->tx(local_to_hw(local),
1256 tx->u.tx.extra_frag[i],
1259 return IEEE80211_TX_FRAG_AGAIN;
1260 local->mdev->trans_start = jiffies;
1261 ieee80211_led_tx(local, 1);
1262 tx->u.tx.extra_frag[i] = NULL;
1264 kfree(tx->u.tx.extra_frag);
1265 tx->u.tx.extra_frag = NULL;
1267 return IEEE80211_TX_OK;
1270 static int ieee80211_tx(struct net_device *dev, struct sk_buff *skb,
1271 struct ieee80211_tx_control *control, int mgmt)
1273 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1274 struct sta_info *sta;
1275 ieee80211_tx_handler *handler;
1276 struct ieee80211_txrx_data tx;
1277 ieee80211_txrx_result res = TXRX_DROP;
1280 WARN_ON(__ieee80211_queue_pending(local, control->queue));
1282 if (unlikely(skb->len < 10)) {
1287 __ieee80211_tx_prepare(&tx, skb, dev, control);
1289 tx.u.tx.mgmt_interface = mgmt;
1290 tx.u.tx.mode = local->hw.conf.mode;
1292 for (handler = local->tx_handlers; *handler != NULL; handler++) {
1293 res = (*handler)(&tx);
1294 if (res != TXRX_CONTINUE)
1298 skb = tx.skb; /* handlers are allowed to change skb */
1303 if (unlikely(res == TXRX_DROP)) {
1304 I802_DEBUG_INC(local->tx_handlers_drop);
1308 if (unlikely(res == TXRX_QUEUED)) {
1309 I802_DEBUG_INC(local->tx_handlers_queued);
1313 if (tx.u.tx.extra_frag) {
1314 for (i = 0; i < tx.u.tx.num_extra_frag; i++) {
1316 struct ieee80211_hdr *hdr =
1317 (struct ieee80211_hdr *)
1318 tx.u.tx.extra_frag[i]->data;
1320 if (i + 1 < tx.u.tx.num_extra_frag) {
1321 next_len = tx.u.tx.extra_frag[i + 1]->len;
1324 tx.u.tx.rate = tx.u.tx.last_frag_rate;
1325 tx.u.tx.last_frag_hwrate = tx.u.tx.rate->val;
1327 dur = ieee80211_duration(&tx, 0, next_len);
1328 hdr->duration_id = cpu_to_le16(dur);
1333 ret = __ieee80211_tx(local, skb, &tx);
1335 struct ieee80211_tx_stored_packet *store =
1336 &local->pending_packet[control->queue];
1338 if (ret == IEEE80211_TX_FRAG_AGAIN)
1340 set_bit(IEEE80211_LINK_STATE_PENDING,
1341 &local->state[control->queue]);
1343 /* When the driver gets out of buffers during sending of
1344 * fragments and calls ieee80211_stop_queue, there is
1345 * a small window between IEEE80211_LINK_STATE_XOFF and
1346 * IEEE80211_LINK_STATE_PENDING flags are set. If a buffer
1347 * gets available in that window (i.e. driver calls
1348 * ieee80211_wake_queue), we would end up with ieee80211_tx
1349 * called with IEEE80211_LINK_STATE_PENDING. Prevent this by
1350 * continuing transmitting here when that situation is
1351 * possible to have happened. */
1352 if (!__ieee80211_queue_stopped(local, control->queue)) {
1353 clear_bit(IEEE80211_LINK_STATE_PENDING,
1354 &local->state[control->queue]);
1357 memcpy(&store->control, control,
1358 sizeof(struct ieee80211_tx_control));
1360 store->extra_frag = tx.u.tx.extra_frag;
1361 store->num_extra_frag = tx.u.tx.num_extra_frag;
1362 store->last_frag_hwrate = tx.u.tx.last_frag_hwrate;
1363 store->last_frag_rate = tx.u.tx.last_frag_rate;
1364 store->last_frag_rate_ctrl_probe = tx.u.tx.probe_last_frag;
1371 for (i = 0; i < tx.u.tx.num_extra_frag; i++)
1372 if (tx.u.tx.extra_frag[i])
1373 dev_kfree_skb(tx.u.tx.extra_frag[i]);
1374 kfree(tx.u.tx.extra_frag);
1378 static void ieee80211_tx_pending(unsigned long data)
1380 struct ieee80211_local *local = (struct ieee80211_local *)data;
1381 struct net_device *dev = local->mdev;
1382 struct ieee80211_tx_stored_packet *store;
1383 struct ieee80211_txrx_data tx;
1384 int i, ret, reschedule = 0;
1386 netif_tx_lock_bh(dev);
1387 for (i = 0; i < local->hw.queues; i++) {
1388 if (__ieee80211_queue_stopped(local, i))
1390 if (!__ieee80211_queue_pending(local, i)) {
1394 store = &local->pending_packet[i];
1395 tx.u.tx.control = &store->control;
1396 tx.u.tx.extra_frag = store->extra_frag;
1397 tx.u.tx.num_extra_frag = store->num_extra_frag;
1398 tx.u.tx.last_frag_hwrate = store->last_frag_hwrate;
1399 tx.u.tx.last_frag_rate = store->last_frag_rate;
1400 tx.u.tx.probe_last_frag = store->last_frag_rate_ctrl_probe;
1401 ret = __ieee80211_tx(local, store->skb, &tx);
1403 if (ret == IEEE80211_TX_FRAG_AGAIN)
1406 clear_bit(IEEE80211_LINK_STATE_PENDING,
1411 netif_tx_unlock_bh(dev);
1413 if (!ieee80211_qdisc_installed(dev)) {
1414 if (!__ieee80211_queue_stopped(local, 0))
1415 netif_wake_queue(dev);
1417 netif_schedule(dev);
1421 static void ieee80211_clear_tx_pending(struct ieee80211_local *local)
1424 struct ieee80211_tx_stored_packet *store;
1426 for (i = 0; i < local->hw.queues; i++) {
1427 if (!__ieee80211_queue_pending(local, i))
1429 store = &local->pending_packet[i];
1430 kfree_skb(store->skb);
1431 for (j = 0; j < store->num_extra_frag; j++)
1432 kfree_skb(store->extra_frag[j]);
1433 kfree(store->extra_frag);
1434 clear_bit(IEEE80211_LINK_STATE_PENDING, &local->state[i]);
1438 static int ieee80211_master_start_xmit(struct sk_buff *skb,
1439 struct net_device *dev)
1441 struct ieee80211_tx_control control;
1442 struct ieee80211_tx_packet_data *pkt_data;
1443 struct net_device *odev = NULL;
1444 struct ieee80211_sub_if_data *osdata;
1449 * copy control out of the skb so other people can use skb->cb
1451 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
1452 memset(&control, 0, sizeof(struct ieee80211_tx_control));
1454 if (pkt_data->ifindex)
1455 odev = dev_get_by_index(pkt_data->ifindex);
1456 if (unlikely(odev && !is_ieee80211_device(odev, dev))) {
1460 if (unlikely(!odev)) {
1461 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
1462 printk(KERN_DEBUG "%s: Discarded packet with nonexistent "
1463 "originating device\n", dev->name);
1468 osdata = IEEE80211_DEV_TO_SUB_IF(odev);
1470 headroom = osdata->local->hw.extra_tx_headroom +
1471 IEEE80211_ENCRYPT_HEADROOM;
1472 if (skb_headroom(skb) < headroom) {
1473 if (pskb_expand_head(skb, headroom, 0, GFP_ATOMIC)) {
1479 control.ifindex = odev->ifindex;
1480 control.type = osdata->type;
1481 if (pkt_data->req_tx_status)
1482 control.flags |= IEEE80211_TXCTL_REQ_TX_STATUS;
1483 if (pkt_data->do_not_encrypt)
1484 control.flags |= IEEE80211_TXCTL_DO_NOT_ENCRYPT;
1485 if (pkt_data->requeue)
1486 control.flags |= IEEE80211_TXCTL_REQUEUE;
1487 control.queue = pkt_data->queue;
1489 ret = ieee80211_tx(odev, skb, &control,
1490 control.type == IEEE80211_IF_TYPE_MGMT);
1498 * ieee80211_subif_start_xmit - netif start_xmit function for Ethernet-type
1499 * subinterfaces (wlan#, WDS, and VLAN interfaces)
1500 * @skb: packet to be sent
1501 * @dev: incoming interface
1503 * Returns: 0 on success (and frees skb in this case) or 1 on failure (skb will
1504 * not be freed, and caller is responsible for either retrying later or freeing
1507 * This function takes in an Ethernet header and encapsulates it with suitable
1508 * IEEE 802.11 header based on which interface the packet is coming in. The
1509 * encapsulated packet will then be passed to master interface, wlan#.11, for
1510 * transmission (through low-level driver).
1512 static int ieee80211_subif_start_xmit(struct sk_buff *skb,
1513 struct net_device *dev)
1515 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
1516 struct ieee80211_tx_packet_data *pkt_data;
1517 struct ieee80211_sub_if_data *sdata;
1518 int ret = 1, head_need;
1519 u16 ethertype, hdrlen, fc;
1520 struct ieee80211_hdr hdr;
1521 const u8 *encaps_data;
1522 int encaps_len, skip_header_bytes;
1523 int nh_pos, h_pos, no_encrypt = 0;
1524 struct sta_info *sta;
1526 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1527 if (unlikely(skb->len < ETH_HLEN)) {
1528 printk(KERN_DEBUG "%s: short skb (len=%d)\n",
1529 dev->name, skb->len);
1534 nh_pos = skb_network_header(skb) - skb->data;
1535 h_pos = skb_transport_header(skb) - skb->data;
1537 /* convert Ethernet header to proper 802.11 header (based on
1538 * operation mode) */
1539 ethertype = (skb->data[12] << 8) | skb->data[13];
1540 /* TODO: handling for 802.1x authorized/unauthorized port */
1541 fc = IEEE80211_FTYPE_DATA | IEEE80211_STYPE_DATA;
1543 if (likely(sdata->type == IEEE80211_IF_TYPE_AP ||
1544 sdata->type == IEEE80211_IF_TYPE_VLAN)) {
1545 fc |= IEEE80211_FCTL_FROMDS;
1547 memcpy(hdr.addr1, skb->data, ETH_ALEN);
1548 memcpy(hdr.addr2, dev->dev_addr, ETH_ALEN);
1549 memcpy(hdr.addr3, skb->data + ETH_ALEN, ETH_ALEN);
1551 } else if (sdata->type == IEEE80211_IF_TYPE_WDS) {
1552 fc |= IEEE80211_FCTL_FROMDS | IEEE80211_FCTL_TODS;
1554 memcpy(hdr.addr1, sdata->u.wds.remote_addr, ETH_ALEN);
1555 memcpy(hdr.addr2, dev->dev_addr, ETH_ALEN);
1556 memcpy(hdr.addr3, skb->data, ETH_ALEN);
1557 memcpy(hdr.addr4, skb->data + ETH_ALEN, ETH_ALEN);
1559 } else if (sdata->type == IEEE80211_IF_TYPE_STA) {
1560 if (dls_link_status(local, skb->data) == DLS_STATUS_OK) {
1562 memcpy(hdr.addr1, skb->data, ETH_ALEN);
1563 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN);
1564 memcpy(hdr.addr3, sdata->u.sta.bssid, ETH_ALEN);
1566 fc |= IEEE80211_FCTL_TODS;
1568 memcpy(hdr.addr1, sdata->u.sta.bssid, ETH_ALEN);
1569 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN);
1570 memcpy(hdr.addr3, skb->data, ETH_ALEN);
1573 } else if (sdata->type == IEEE80211_IF_TYPE_IBSS) {
1575 memcpy(hdr.addr1, skb->data, ETH_ALEN);
1576 memcpy(hdr.addr2, skb->data + ETH_ALEN, ETH_ALEN);
1577 memcpy(hdr.addr3, sdata->u.sta.bssid, ETH_ALEN);
1584 /* receiver is QoS enabled, use a QoS type frame */
1585 sta = sta_info_get(local, hdr.addr1);
1587 if (sta->flags & WLAN_STA_WME) {
1588 fc |= IEEE80211_STYPE_QOS_DATA;
1594 hdr.frame_control = cpu_to_le16(fc);
1595 hdr.duration_id = 0;
1598 skip_header_bytes = ETH_HLEN;
1599 if (ethertype == ETH_P_AARP || ethertype == ETH_P_IPX) {
1600 encaps_data = bridge_tunnel_header;
1601 encaps_len = sizeof(bridge_tunnel_header);
1602 skip_header_bytes -= 2;
1603 } else if (ethertype >= 0x600) {
1604 encaps_data = rfc1042_header;
1605 encaps_len = sizeof(rfc1042_header);
1606 skip_header_bytes -= 2;
1612 skb_pull(skb, skip_header_bytes);
1613 nh_pos -= skip_header_bytes;
1614 h_pos -= skip_header_bytes;
1616 /* TODO: implement support for fragments so that there is no need to
1617 * reallocate and copy payload; it might be enough to support one
1618 * extra fragment that would be copied in the beginning of the frame
1619 * data.. anyway, it would be nice to include this into skb structure
1622 * There are few options for this:
1623 * use skb->cb as an extra space for 802.11 header
1624 * allocate new buffer if not enough headroom
1625 * make sure that there is enough headroom in every skb by increasing
1626 * build in headroom in __dev_alloc_skb() (linux/skbuff.h) and
1627 * alloc_skb() (net/core/skbuff.c)
1629 head_need = hdrlen + encaps_len + local->hw.extra_tx_headroom;
1630 head_need -= skb_headroom(skb);
1632 /* We are going to modify skb data, so make a copy of it if happens to
1633 * be cloned. This could happen, e.g., with Linux bridge code passing
1634 * us broadcast frames. */
1636 if (head_need > 0 || skb_cloned(skb)) {
1638 printk(KERN_DEBUG "%s: need to reallocate buffer for %d bytes "
1639 "of headroom\n", dev->name, head_need);
1642 if (skb_cloned(skb))
1643 I802_DEBUG_INC(local->tx_expand_skb_head_cloned);
1645 I802_DEBUG_INC(local->tx_expand_skb_head);
1646 /* Since we have to reallocate the buffer, make sure that there
1647 * is enough room for possible WEP IV/ICV and TKIP (8 bytes
1648 * before payload and 12 after). */
1649 if (pskb_expand_head(skb, (head_need > 0 ? head_need + 8 : 8),
1651 printk(KERN_DEBUG "%s: failed to reallocate TX buffer"
1658 memcpy(skb_push(skb, encaps_len), encaps_data, encaps_len);
1659 nh_pos += encaps_len;
1660 h_pos += encaps_len;
1662 memcpy(skb_push(skb, hdrlen), &hdr, hdrlen);
1666 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
1667 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data));
1668 pkt_data->ifindex = sdata->dev->ifindex;
1669 pkt_data->mgmt_iface = (sdata->type == IEEE80211_IF_TYPE_MGMT);
1670 pkt_data->do_not_encrypt = no_encrypt;
1672 skb->dev = local->mdev;
1673 sdata->stats.tx_packets++;
1674 sdata->stats.tx_bytes += skb->len;
1676 /* Update skb pointers to various headers since this modified frame
1677 * is going to go through Linux networking code that may potentially
1678 * need things like pointer to IP header. */
1679 skb_set_mac_header(skb, 0);
1680 skb_set_network_header(skb, nh_pos);
1681 skb_set_transport_header(skb, h_pos);
1683 dev->trans_start = jiffies;
1684 dev_queue_xmit(skb);
1697 * This is the transmit routine for the 802.11 type interfaces
1698 * called by upper layers of the linux networking
1699 * stack when it has a frame to transmit
1702 ieee80211_mgmt_start_xmit(struct sk_buff *skb, struct net_device *dev)
1704 struct ieee80211_sub_if_data *sdata;
1705 struct ieee80211_tx_packet_data *pkt_data;
1706 struct ieee80211_hdr *hdr;
1709 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1711 if (skb->len < 10) {
1716 if (skb_headroom(skb) < sdata->local->hw.extra_tx_headroom) {
1717 if (pskb_expand_head(skb,
1718 sdata->local->hw.extra_tx_headroom, 0, GFP_ATOMIC)) {
1724 hdr = (struct ieee80211_hdr *) skb->data;
1725 fc = le16_to_cpu(hdr->frame_control);
1727 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
1728 memset(pkt_data, 0, sizeof(struct ieee80211_tx_packet_data));
1729 pkt_data->ifindex = sdata->dev->ifindex;
1730 pkt_data->mgmt_iface = (sdata->type == IEEE80211_IF_TYPE_MGMT);
1732 skb->priority = 20; /* use hardcoded priority for mgmt TX queue */
1733 skb->dev = sdata->local->mdev;
1736 * We're using the protocol field of the the frame control header
1737 * to request TX callback for hostapd. BIT(1) is checked.
1739 if ((fc & BIT(1)) == BIT(1)) {
1740 pkt_data->req_tx_status = 1;
1742 hdr->frame_control = cpu_to_le16(fc);
1745 pkt_data->do_not_encrypt = !(fc & IEEE80211_FCTL_PROTECTED);
1747 sdata->stats.tx_packets++;
1748 sdata->stats.tx_bytes += skb->len;
1750 dev_queue_xmit(skb);
1756 static void ieee80211_beacon_add_tim(struct ieee80211_local *local,
1757 struct ieee80211_if_ap *bss,
1758 struct sk_buff *skb)
1762 int i, have_bits = 0, n1, n2;
1764 /* Generate bitmap for TIM only if there are any STAs in power save
1766 spin_lock_bh(&local->sta_lock);
1767 if (atomic_read(&bss->num_sta_ps) > 0)
1768 /* in the hope that this is faster than
1769 * checking byte-for-byte */
1770 have_bits = !bitmap_empty((unsigned long*)bss->tim,
1771 IEEE80211_MAX_AID+1);
1773 if (bss->dtim_count == 0)
1774 bss->dtim_count = bss->dtim_period - 1;
1778 tim = pos = (u8 *) skb_put(skb, 6);
1779 *pos++ = WLAN_EID_TIM;
1781 *pos++ = bss->dtim_count;
1782 *pos++ = bss->dtim_period;
1784 if (bss->dtim_count == 0 && !skb_queue_empty(&bss->ps_bc_buf))
1788 /* Find largest even number N1 so that bits numbered 1 through
1789 * (N1 x 8) - 1 in the bitmap are 0 and number N2 so that bits
1790 * (N2 + 1) x 8 through 2007 are 0. */
1792 for (i = 0; i < IEEE80211_MAX_TIM_LEN; i++) {
1799 for (i = IEEE80211_MAX_TIM_LEN - 1; i >= n1; i--) {
1806 /* Bitmap control */
1808 /* Part Virt Bitmap */
1809 memcpy(pos, bss->tim + n1, n2 - n1 + 1);
1811 tim[1] = n2 - n1 + 4;
1812 skb_put(skb, n2 - n1);
1814 *pos++ = aid0; /* Bitmap control */
1815 *pos++ = 0; /* Part Virt Bitmap */
1817 spin_unlock_bh(&local->sta_lock);
1821 struct sk_buff * ieee80211_beacon_get(struct ieee80211_hw *hw, int if_id,
1822 struct ieee80211_tx_control *control)
1824 struct ieee80211_local *local = hw_to_local(hw);
1825 struct sk_buff *skb;
1826 struct net_device *bdev;
1827 struct ieee80211_sub_if_data *sdata = NULL;
1828 struct ieee80211_if_ap *ap = NULL;
1829 struct ieee80211_rate *rate;
1830 struct rate_control_extra extra;
1831 u8 *b_head, *b_tail;
1834 bdev = dev_get_by_index(if_id);
1836 sdata = IEEE80211_DEV_TO_SUB_IF(bdev);
1841 if (!ap || sdata->type != IEEE80211_IF_TYPE_AP ||
1843 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
1844 if (net_ratelimit())
1845 printk(KERN_DEBUG "no beacon data avail for idx=%d "
1846 "(%s)\n", if_id, bdev ? bdev->name : "N/A");
1847 #endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
1851 /* Assume we are generating the normal beacon locally */
1852 b_head = ap->beacon_head;
1853 b_tail = ap->beacon_tail;
1854 bh_len = ap->beacon_head_len;
1855 bt_len = ap->beacon_tail_len;
1857 skb = dev_alloc_skb(local->hw.extra_tx_headroom +
1858 bh_len + bt_len + 256 /* maximum TIM len */);
1862 skb_reserve(skb, local->hw.extra_tx_headroom);
1863 memcpy(skb_put(skb, bh_len), b_head, bh_len);
1865 ieee80211_include_sequence(sdata, (struct ieee80211_hdr *)skb->data);
1867 ieee80211_beacon_add_tim(local, ap, skb);
1870 memcpy(skb_put(skb, bt_len), b_tail, bt_len);
1874 memset(&extra, 0, sizeof(extra));
1875 extra.mode = local->oper_hw_mode;
1877 rate = rate_control_get_rate(local, local->mdev, skb, &extra);
1879 if (net_ratelimit()) {
1880 printk(KERN_DEBUG "%s: ieee80211_beacon_get: no rate "
1881 "found\n", local->mdev->name);
1887 control->tx_rate = (local->short_preamble &&
1888 (rate->flags & IEEE80211_RATE_PREAMBLE2)) ?
1889 rate->val2 : rate->val;
1890 control->antenna_sel_tx = local->hw.conf.antenna_sel_tx;
1891 control->power_level = local->hw.conf.power_level;
1892 control->flags |= IEEE80211_TXCTL_NO_ACK;
1893 control->retry_limit = 1;
1894 control->flags |= IEEE80211_TXCTL_CLEAR_DST_MASK;
1900 EXPORT_SYMBOL(ieee80211_beacon_get);
1902 __le16 ieee80211_rts_duration(struct ieee80211_hw *hw,
1904 const struct ieee80211_tx_control *frame_txctl)
1906 struct ieee80211_local *local = hw_to_local(hw);
1907 struct ieee80211_rate *rate;
1908 int short_preamble = local->short_preamble;
1912 rate = frame_txctl->rts_rate;
1913 erp = !!(rate->flags & IEEE80211_RATE_ERP);
1916 dur = ieee80211_frame_duration(local, 10, rate->rate,
1917 erp, short_preamble);
1918 /* Data frame duration */
1919 dur += ieee80211_frame_duration(local, frame_len, rate->rate,
1920 erp, short_preamble);
1922 dur += ieee80211_frame_duration(local, 10, rate->rate,
1923 erp, short_preamble);
1925 return cpu_to_le16(dur);
1927 EXPORT_SYMBOL(ieee80211_rts_duration);
1930 __le16 ieee80211_ctstoself_duration(struct ieee80211_hw *hw,
1932 const struct ieee80211_tx_control *frame_txctl)
1934 struct ieee80211_local *local = hw_to_local(hw);
1935 struct ieee80211_rate *rate;
1936 int short_preamble = local->short_preamble;
1940 rate = frame_txctl->rts_rate;
1941 erp = !!(rate->flags & IEEE80211_RATE_ERP);
1943 /* Data frame duration */
1944 dur = ieee80211_frame_duration(local, frame_len, rate->rate,
1945 erp, short_preamble);
1946 if (!(frame_txctl->flags & IEEE80211_TXCTL_NO_ACK)) {
1948 dur += ieee80211_frame_duration(local, 10, rate->rate,
1949 erp, short_preamble);
1952 return cpu_to_le16(dur);
1954 EXPORT_SYMBOL(ieee80211_ctstoself_duration);
1956 void ieee80211_rts_get(struct ieee80211_hw *hw,
1957 const void *frame, size_t frame_len,
1958 const struct ieee80211_tx_control *frame_txctl,
1959 struct ieee80211_rts *rts)
1961 const struct ieee80211_hdr *hdr = frame;
1964 fctl = IEEE80211_FTYPE_CTL | IEEE80211_STYPE_RTS;
1965 rts->frame_control = cpu_to_le16(fctl);
1966 rts->duration = ieee80211_rts_duration(hw, frame_len, frame_txctl);
1967 memcpy(rts->ra, hdr->addr1, sizeof(rts->ra));
1968 memcpy(rts->ta, hdr->addr2, sizeof(rts->ta));
1970 EXPORT_SYMBOL(ieee80211_rts_get);
1972 void ieee80211_ctstoself_get(struct ieee80211_hw *hw,
1973 const void *frame, size_t frame_len,
1974 const struct ieee80211_tx_control *frame_txctl,
1975 struct ieee80211_cts *cts)
1977 const struct ieee80211_hdr *hdr = frame;
1980 fctl = IEEE80211_FTYPE_CTL | IEEE80211_STYPE_CTS;
1981 cts->frame_control = cpu_to_le16(fctl);
1982 cts->duration = ieee80211_ctstoself_duration(hw, frame_len, frame_txctl);
1983 memcpy(cts->ra, hdr->addr1, sizeof(cts->ra));
1985 EXPORT_SYMBOL(ieee80211_ctstoself_get);
1988 ieee80211_get_buffered_bc(struct ieee80211_hw *hw, int if_id,
1989 struct ieee80211_tx_control *control)
1991 struct ieee80211_local *local = hw_to_local(hw);
1992 struct sk_buff *skb;
1993 struct sta_info *sta;
1994 ieee80211_tx_handler *handler;
1995 struct ieee80211_txrx_data tx;
1996 ieee80211_txrx_result res = TXRX_DROP;
1997 struct net_device *bdev;
1998 struct ieee80211_sub_if_data *sdata;
1999 struct ieee80211_if_ap *bss = NULL;
2001 bdev = dev_get_by_index(if_id);
2003 sdata = IEEE80211_DEV_TO_SUB_IF(bdev);
2007 if (!bss || sdata->type != IEEE80211_IF_TYPE_AP || !bss->beacon_head)
2010 if (bss->dtim_count != 0)
2011 return NULL; /* send buffered bc/mc only after DTIM beacon */
2012 memset(control, 0, sizeof(*control));
2014 skb = skb_dequeue(&bss->ps_bc_buf);
2017 local->total_ps_buffered--;
2019 if (!skb_queue_empty(&bss->ps_bc_buf) && skb->len >= 2) {
2020 struct ieee80211_hdr *hdr =
2021 (struct ieee80211_hdr *) skb->data;
2022 /* more buffered multicast/broadcast frames ==> set
2023 * MoreData flag in IEEE 802.11 header to inform PS
2025 hdr->frame_control |=
2026 cpu_to_le16(IEEE80211_FCTL_MOREDATA);
2029 if (ieee80211_tx_prepare(&tx, skb, local->mdev, control) == 0)
2031 dev_kfree_skb_any(skb);
2034 tx.u.tx.ps_buffered = 1;
2036 for (handler = local->tx_handlers; *handler != NULL; handler++) {
2037 res = (*handler)(&tx);
2038 if (res == TXRX_DROP || res == TXRX_QUEUED)
2042 skb = tx.skb; /* handlers are allowed to change skb */
2044 if (res == TXRX_DROP) {
2045 I802_DEBUG_INC(local->tx_handlers_drop);
2048 } else if (res == TXRX_QUEUED) {
2049 I802_DEBUG_INC(local->tx_handlers_queued);
2058 EXPORT_SYMBOL(ieee80211_get_buffered_bc);
2060 static int __ieee80211_if_config(struct net_device *dev,
2061 struct sk_buff *beacon,
2062 struct ieee80211_tx_control *control)
2064 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2065 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2066 struct ieee80211_if_conf conf;
2067 static u8 scan_bssid[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
2069 if (!local->ops->config_interface || !netif_running(dev))
2072 memset(&conf, 0, sizeof(conf));
2073 conf.type = sdata->type;
2074 if (sdata->type == IEEE80211_IF_TYPE_STA ||
2075 sdata->type == IEEE80211_IF_TYPE_IBSS) {
2076 if (local->sta_scanning &&
2077 local->scan_dev == dev)
2078 conf.bssid = scan_bssid;
2080 conf.bssid = sdata->u.sta.bssid;
2081 conf.ssid = sdata->u.sta.ssid;
2082 conf.ssid_len = sdata->u.sta.ssid_len;
2083 conf.generic_elem = sdata->u.sta.extra_ie;
2084 conf.generic_elem_len = sdata->u.sta.extra_ie_len;
2085 } else if (sdata->type == IEEE80211_IF_TYPE_AP) {
2086 conf.ssid = sdata->u.ap.ssid;
2087 conf.ssid_len = sdata->u.ap.ssid_len;
2088 conf.generic_elem = sdata->u.ap.generic_elem;
2089 conf.generic_elem_len = sdata->u.ap.generic_elem_len;
2090 conf.beacon = beacon;
2091 conf.beacon_control = control;
2093 return local->ops->config_interface(local_to_hw(local),
2094 dev->ifindex, &conf);
2097 int ieee80211_if_config(struct net_device *dev)
2099 return __ieee80211_if_config(dev, NULL, NULL);
2102 int ieee80211_if_config_beacon(struct net_device *dev)
2104 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2105 struct ieee80211_tx_control control;
2106 struct sk_buff *skb;
2108 if (!(local->hw.flags & IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE))
2110 skb = ieee80211_beacon_get(local_to_hw(local), dev->ifindex, &control);
2113 return __ieee80211_if_config(dev, skb, &control);
2116 int ieee80211_hw_config(struct ieee80211_local *local)
2118 struct ieee80211_hw_mode *mode;
2119 struct ieee80211_channel *chan;
2122 if (local->sta_scanning) {
2123 chan = local->scan_channel;
2124 mode = local->scan_hw_mode;
2126 chan = local->oper_channel;
2127 mode = local->oper_hw_mode;
2130 local->hw.conf.channel = chan->chan;
2131 local->hw.conf.channel_val = chan->val;
2132 local->hw.conf.power_level = chan->power_level;
2133 local->hw.conf.freq = chan->freq;
2134 local->hw.conf.phymode = mode->mode;
2135 local->hw.conf.antenna_max = chan->antenna_max;
2136 local->hw.conf.chan = chan;
2137 local->hw.conf.mode = mode;
2139 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2140 printk(KERN_DEBUG "HW CONFIG: channel=%d freq=%d "
2141 "phymode=%d\n", local->hw.conf.channel, local->hw.conf.freq,
2142 local->hw.conf.phymode);
2143 #endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
2145 if (local->ops->config)
2146 ret = local->ops->config(local_to_hw(local), &local->hw.conf);
2152 static int ieee80211_change_mtu(struct net_device *dev, int new_mtu)
2154 /* FIX: what would be proper limits for MTU?
2155 * This interface uses 802.3 frames. */
2156 if (new_mtu < 256 || new_mtu > IEEE80211_MAX_DATA_LEN - 24 - 6) {
2157 printk(KERN_WARNING "%s: invalid MTU %d\n",
2158 dev->name, new_mtu);
2162 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2163 printk(KERN_DEBUG "%s: setting MTU %d\n", dev->name, new_mtu);
2164 #endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
2170 static int ieee80211_change_mtu_apdev(struct net_device *dev, int new_mtu)
2172 /* FIX: what would be proper limits for MTU?
2173 * This interface uses 802.11 frames. */
2174 if (new_mtu < 256 || new_mtu > IEEE80211_MAX_DATA_LEN) {
2175 printk(KERN_WARNING "%s: invalid MTU %d\n",
2176 dev->name, new_mtu);
2180 #ifdef CONFIG_MAC80211_VERBOSE_DEBUG
2181 printk(KERN_DEBUG "%s: setting MTU %d\n", dev->name, new_mtu);
2182 #endif /* CONFIG_MAC80211_VERBOSE_DEBUG */
2187 enum netif_tx_lock_class {
2192 static inline void netif_tx_lock_nested(struct net_device *dev, int subclass)
2194 spin_lock_nested(&dev->_xmit_lock, subclass);
2195 dev->xmit_lock_owner = smp_processor_id();
2198 static void ieee80211_set_multicast_list(struct net_device *dev)
2200 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2201 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2202 unsigned short flags;
2204 netif_tx_lock_nested(local->mdev, TX_LOCK_MASTER);
2205 if (((dev->flags & IFF_ALLMULTI) != 0) ^ (sdata->allmulti != 0)) {
2206 if (sdata->allmulti) {
2207 sdata->allmulti = 0;
2208 local->iff_allmultis--;
2210 sdata->allmulti = 1;
2211 local->iff_allmultis++;
2214 if (((dev->flags & IFF_PROMISC) != 0) ^ (sdata->promisc != 0)) {
2215 if (sdata->promisc) {
2217 local->iff_promiscs--;
2220 local->iff_promiscs++;
2223 if (dev->mc_count != sdata->mc_count) {
2224 local->mc_count = local->mc_count - sdata->mc_count +
2226 sdata->mc_count = dev->mc_count;
2228 if (local->ops->set_multicast_list) {
2229 flags = local->mdev->flags;
2230 if (local->iff_allmultis)
2231 flags |= IFF_ALLMULTI;
2232 if (local->iff_promiscs)
2233 flags |= IFF_PROMISC;
2234 read_lock(&local->sub_if_lock);
2235 local->ops->set_multicast_list(local_to_hw(local), flags,
2237 read_unlock(&local->sub_if_lock);
2239 netif_tx_unlock(local->mdev);
2242 struct dev_mc_list *ieee80211_get_mc_list_item(struct ieee80211_hw *hw,
2243 struct dev_mc_list *prev,
2246 struct ieee80211_local *local = hw_to_local(hw);
2247 struct ieee80211_sub_if_data *sdata = *ptr;
2248 struct dev_mc_list *mc;
2254 if (!prev || !prev->next) {
2256 sdata = list_entry(sdata->list.next,
2257 struct ieee80211_sub_if_data, list);
2259 sdata = list_entry(local->sub_if_list.next,
2260 struct ieee80211_sub_if_data, list);
2261 if (&sdata->list != &local->sub_if_list)
2262 mc = sdata->dev->mc_list;
2271 EXPORT_SYMBOL(ieee80211_get_mc_list_item);
2273 static struct net_device_stats *ieee80211_get_stats(struct net_device *dev)
2275 struct ieee80211_sub_if_data *sdata;
2276 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2277 return &(sdata->stats);
2280 static void ieee80211_if_shutdown(struct net_device *dev)
2282 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2283 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2286 switch (sdata->type) {
2287 case IEEE80211_IF_TYPE_STA:
2288 case IEEE80211_IF_TYPE_IBSS:
2289 sdata->u.sta.state = IEEE80211_DISABLED;
2290 del_timer_sync(&sdata->u.sta.timer);
2291 del_timer_sync(&sdata->u.sta.admit_timer);
2292 skb_queue_purge(&sdata->u.sta.skb_queue);
2293 if (!local->ops->hw_scan &&
2294 local->scan_dev == sdata->dev) {
2295 local->sta_scanning = 0;
2296 cancel_delayed_work(&local->scan_work);
2298 flush_workqueue(local->hw.workqueue);
2303 static inline int identical_mac_addr_allowed(int type1, int type2)
2305 return (type1 == IEEE80211_IF_TYPE_MNTR ||
2306 type2 == IEEE80211_IF_TYPE_MNTR ||
2307 (type1 == IEEE80211_IF_TYPE_AP &&
2308 type2 == IEEE80211_IF_TYPE_WDS) ||
2309 (type1 == IEEE80211_IF_TYPE_WDS &&
2310 (type2 == IEEE80211_IF_TYPE_WDS ||
2311 type2 == IEEE80211_IF_TYPE_AP)) ||
2312 (type1 == IEEE80211_IF_TYPE_AP &&
2313 type2 == IEEE80211_IF_TYPE_VLAN) ||
2314 (type1 == IEEE80211_IF_TYPE_VLAN &&
2315 (type2 == IEEE80211_IF_TYPE_AP ||
2316 type2 == IEEE80211_IF_TYPE_VLAN)));
2319 static int ieee80211_master_open(struct net_device *dev)
2321 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2322 struct ieee80211_sub_if_data *sdata;
2323 int res = -EOPNOTSUPP;
2325 read_lock(&local->sub_if_lock);
2326 list_for_each_entry(sdata, &local->sub_if_list, list) {
2327 if (sdata->dev != dev && netif_running(sdata->dev)) {
2332 read_unlock(&local->sub_if_lock);
2336 static int ieee80211_master_stop(struct net_device *dev)
2338 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2339 struct ieee80211_sub_if_data *sdata;
2341 read_lock(&local->sub_if_lock);
2342 list_for_each_entry(sdata, &local->sub_if_list, list)
2343 if (sdata->dev != dev && netif_running(sdata->dev))
2344 dev_close(sdata->dev);
2345 read_unlock(&local->sub_if_lock);
2350 static int ieee80211_mgmt_open(struct net_device *dev)
2352 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2354 if (!netif_running(local->mdev))
2359 static int ieee80211_mgmt_stop(struct net_device *dev)
2364 /* Check if running monitor interfaces should go to a "soft monitor" mode
2365 * and switch them if necessary. */
2366 static inline void ieee80211_start_soft_monitor(struct ieee80211_local *local)
2368 struct ieee80211_if_init_conf conf;
2370 if (local->open_count && local->open_count == local->monitors &&
2371 !(local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER) &&
2372 local->ops->remove_interface) {
2374 conf.type = IEEE80211_IF_TYPE_MNTR;
2375 conf.mac_addr = NULL;
2376 local->ops->remove_interface(local_to_hw(local), &conf);
2380 /* Check if running monitor interfaces should go to a "hard monitor" mode
2381 * and switch them if necessary. */
2382 static void ieee80211_start_hard_monitor(struct ieee80211_local *local)
2384 struct ieee80211_if_init_conf conf;
2386 if (local->open_count && local->open_count == local->monitors &&
2387 !(local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER) &&
2388 local->ops->add_interface) {
2390 conf.type = IEEE80211_IF_TYPE_MNTR;
2391 conf.mac_addr = NULL;
2392 local->ops->add_interface(local_to_hw(local), &conf);
2396 static int ieee80211_open(struct net_device *dev)
2398 struct ieee80211_sub_if_data *sdata, *nsdata;
2399 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2400 struct ieee80211_if_init_conf conf;
2403 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2404 read_lock(&local->sub_if_lock);
2405 list_for_each_entry(nsdata, &local->sub_if_list, list) {
2406 struct net_device *ndev = nsdata->dev;
2408 if (ndev != dev && ndev != local->mdev && netif_running(ndev) &&
2409 compare_ether_addr(dev->dev_addr, ndev->dev_addr) == 0 &&
2410 !identical_mac_addr_allowed(sdata->type, nsdata->type)) {
2411 read_unlock(&local->sub_if_lock);
2415 read_unlock(&local->sub_if_lock);
2417 if (sdata->type == IEEE80211_IF_TYPE_WDS &&
2418 is_zero_ether_addr(sdata->u.wds.remote_addr))
2421 if (sdata->type == IEEE80211_IF_TYPE_MNTR && local->open_count &&
2422 !(local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER)) {
2423 /* run the interface in a "soft monitor" mode */
2425 local->open_count++;
2426 local->hw.conf.flags |= IEEE80211_CONF_RADIOTAP;
2429 ieee80211_start_soft_monitor(local);
2431 if (local->ops->add_interface) {
2432 conf.if_id = dev->ifindex;
2433 conf.type = sdata->type;
2434 conf.mac_addr = dev->dev_addr;
2435 res = local->ops->add_interface(local_to_hw(local), &conf);
2437 if (sdata->type == IEEE80211_IF_TYPE_MNTR)
2438 ieee80211_start_hard_monitor(local);
2442 if (sdata->type != IEEE80211_IF_TYPE_STA)
2444 if (local->open_count > 0)
2448 if (local->open_count == 0) {
2450 tasklet_enable(&local->tx_pending_tasklet);
2451 tasklet_enable(&local->tasklet);
2452 if (local->ops->open)
2453 res = local->ops->open(local_to_hw(local));
2455 res = dev_open(local->mdev);
2457 if (local->ops->stop)
2458 local->ops->stop(local_to_hw(local));
2460 res = ieee80211_hw_config(local);
2461 if (res && local->ops->stop)
2462 local->ops->stop(local_to_hw(local));
2463 else if (!res && local->apdev)
2464 dev_open(local->apdev);
2468 if (local->ops->remove_interface)
2469 local->ops->remove_interface(local_to_hw(local),
2474 local->open_count++;
2476 if (sdata->type == IEEE80211_IF_TYPE_MNTR) {
2478 local->hw.conf.flags |= IEEE80211_CONF_RADIOTAP;
2480 ieee80211_if_config(dev);
2482 if (sdata->type == IEEE80211_IF_TYPE_STA &&
2483 !local->user_space_mlme)
2484 netif_carrier_off(dev);
2486 netif_carrier_on(dev);
2488 netif_start_queue(dev);
2493 static int ieee80211_stop(struct net_device *dev)
2495 struct ieee80211_sub_if_data *sdata;
2496 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2498 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2500 if (sdata->type == IEEE80211_IF_TYPE_MNTR &&
2501 local->open_count > 1 &&
2502 !(local->hw.flags & IEEE80211_HW_MONITOR_DURING_OPER)) {
2503 /* remove "soft monitor" interface */
2504 local->open_count--;
2506 if (!local->monitors)
2507 local->hw.conf.flags &= ~IEEE80211_CONF_RADIOTAP;
2511 netif_stop_queue(dev);
2512 ieee80211_if_shutdown(dev);
2514 if (sdata->type == IEEE80211_IF_TYPE_MNTR) {
2516 if (!local->monitors)
2517 local->hw.conf.flags &= ~IEEE80211_CONF_RADIOTAP;
2520 local->open_count--;
2521 if (local->open_count == 0) {
2522 if (netif_running(local->mdev))
2523 dev_close(local->mdev);
2525 dev_close(local->apdev);
2526 if (local->ops->stop)
2527 local->ops->stop(local_to_hw(local));
2528 tasklet_disable(&local->tx_pending_tasklet);
2529 tasklet_disable(&local->tasklet);
2531 if (local->ops->remove_interface) {
2532 struct ieee80211_if_init_conf conf;
2534 conf.if_id = dev->ifindex;
2535 conf.type = sdata->type;
2536 conf.mac_addr = dev->dev_addr;
2537 local->ops->remove_interface(local_to_hw(local), &conf);
2540 ieee80211_start_hard_monitor(local);
2546 static int header_parse_80211(struct sk_buff *skb, unsigned char *haddr)
2548 memcpy(haddr, skb_mac_header(skb) + 10, ETH_ALEN); /* addr2 */
2552 static inline int ieee80211_bssid_match(const u8 *raddr, const u8 *addr)
2554 return compare_ether_addr(raddr, addr) == 0 ||
2555 is_broadcast_ether_addr(raddr);
2559 inline static unsigned int calc_pad_len(unsigned int len)
2561 return ((4 - len) & 0x3);
2564 static ieee80211_txrx_result
2565 ieee80211_rx_h_data_agg(struct ieee80211_txrx_data *rx)
2567 struct net_device *dev = rx->dev;
2568 struct ieee80211_local *local = rx->local;
2569 u16 fc, hdrlen, ethertype;
2571 struct sk_buff *skb = rx->skb, *skb2, *frame;
2572 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2573 const struct ethhdr* eth;
2577 if (unlikely((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA))
2578 return TXRX_CONTINUE;
2580 if (unlikely(!WLAN_FC_DATA_PRESENT(fc)))
2583 if (!rx->u.rx.is_agg_frame)
2584 return TXRX_CONTINUE;
2586 hdrlen = ieee80211_get_hdrlen(fc);
2588 payload = skb->data + hdrlen;
2590 if (unlikely((skb->len - hdrlen) < 8)) {
2591 if (net_ratelimit())
2592 printk(KERN_DEBUG "%s: RX too short data frame "
2593 "payload\n", dev->name);
2597 ethertype = (payload[6] << 8) | payload[7];
2599 if (likely((compare_ether_addr(payload, rfc1042_header) == 0 &&
2600 ethertype != ETH_P_AARP && ethertype != ETH_P_IPX) ||
2601 compare_ether_addr(payload, bridge_tunnel_header) == 0)) {
2602 /* remove RFC1042 or Bridge-Tunnel encapsulation and
2603 * replace EtherType */
2604 eth = (struct ethhdr*) (skb->data + hdrlen + 6);
2605 remaining = skb->len - (hdrlen + 6);
2607 eth = (struct ethhdr*) (skb->data + hdrlen);
2608 remaining = skb->len - hdrlen;
2611 while ((u8*)eth < skb->data + skb->len) {
2613 unsigned int subframe_len = sizeof(struct ethhdr) +
2614 ntohs(eth->h_proto);
2616 padding = calc_pad_len(subframe_len);
2617 /* the last MSDU has no padding */
2618 if (subframe_len > remaining)
2621 frame = dev_alloc_skb(local->hw.extra_tx_headroom +
2627 memcpy(skb_put(frame, subframe_len), (u8*)eth, subframe_len);
2628 skb_set_mac_header(frame, 0);
2631 sdata->stats.rx_packets++;
2632 sdata->stats.rx_bytes += frame->len;
2634 if (local->bridge_packets &&
2635 (sdata->type == IEEE80211_IF_TYPE_AP ||
2636 sdata->type == IEEE80211_IF_TYPE_VLAN) &&
2637 rx->u.rx.ra_match) {
2638 if (is_multicast_ether_addr(frame->data)) {
2639 /* send multicast frames both to higher layers
2640 * in local net stack and back to the wireless
2642 skb2 = skb_copy(frame, GFP_ATOMIC);
2644 printk(KERN_DEBUG "%s: failed to clone"
2645 " multicast frame\n", dev->name);
2647 struct sta_info *dsta;
2649 dsta = sta_info_get(local, frame->data);
2650 if (dsta && !dsta->dev)
2651 printk(KERN_DEBUG "Station with null "
2652 "dev structure!\n");
2653 else if (dsta && dsta->dev == dev) {
2654 /* Destination station is associated
2655 * to this AP, so send the frame
2656 * directly to it and do not pass
2657 * the frame to local net stack.
2667 /* deliver to local stack */
2668 frame->protocol = eth_type_trans(frame, dev);
2669 frame->priority = skb->priority;
2675 /* send to wireless media */
2676 skb2->protocol = __constant_htons(ETH_P_802_3);
2677 skb_set_network_header(skb2, 0);
2678 skb_set_mac_header(skb2, 0);
2679 skb2->priority = skb->priority;
2681 dev_queue_xmit(skb2);
2684 eth = (struct ethhdr*)((u8*)eth + subframe_len + padding);
2686 remaining -= (subframe_len + padding);
2693 static ieee80211_txrx_result
2694 ieee80211_rx_h_data(struct ieee80211_txrx_data *rx)
2696 struct net_device *dev = rx->dev;
2697 struct ieee80211_local *local = rx->local;
2698 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
2699 u16 fc, hdrlen, ethertype;
2703 struct sk_buff *skb = rx->skb, *skb2;
2704 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2707 if (unlikely((fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA))
2708 return TXRX_CONTINUE;
2710 if (unlikely(!WLAN_FC_DATA_PRESENT(fc)))
2713 hdrlen = ieee80211_get_hdrlen(fc);
2715 /* convert IEEE 802.11 header + possible LLC headers into Ethernet
2717 * IEEE 802.11 address fields:
2718 * ToDS FromDS Addr1 Addr2 Addr3 Addr4
2719 * 0 0 DA SA BSSID n/a
2720 * 0 1 DA BSSID SA n/a
2721 * 1 0 BSSID SA DA n/a
2725 switch (fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) {
2726 case IEEE80211_FCTL_TODS:
2728 memcpy(dst, hdr->addr3, ETH_ALEN);
2729 memcpy(src, hdr->addr2, ETH_ALEN);
2731 if (unlikely(sdata->type != IEEE80211_IF_TYPE_AP &&
2732 sdata->type != IEEE80211_IF_TYPE_VLAN)) {
2733 printk(KERN_DEBUG "%s: dropped ToDS frame (BSSID="
2734 MAC_FMT " SA=" MAC_FMT " DA=" MAC_FMT ")\n",
2735 dev->name, MAC_ARG(hdr->addr1),
2736 MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr3));
2740 case (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS):
2742 memcpy(dst, hdr->addr3, ETH_ALEN);
2743 memcpy(src, hdr->addr4, ETH_ALEN);
2745 if (unlikely(sdata->type != IEEE80211_IF_TYPE_WDS)) {
2746 printk(KERN_DEBUG "%s: dropped FromDS&ToDS frame (RA="
2747 MAC_FMT " TA=" MAC_FMT " DA=" MAC_FMT " SA="
2749 rx->dev->name, MAC_ARG(hdr->addr1),
2750 MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr3),
2751 MAC_ARG(hdr->addr4));
2755 case IEEE80211_FCTL_FROMDS:
2757 memcpy(dst, hdr->addr1, ETH_ALEN);
2758 memcpy(src, hdr->addr3, ETH_ALEN);
2760 if (sdata->type != IEEE80211_IF_TYPE_STA) {
2766 memcpy(dst, hdr->addr1, ETH_ALEN);
2767 memcpy(src, hdr->addr2, ETH_ALEN);
2769 if (sdata->type != IEEE80211_IF_TYPE_IBSS) {
2770 if (net_ratelimit()) {
2771 printk(KERN_DEBUG "%s: dropped IBSS frame (DA="
2772 MAC_FMT " SA=" MAC_FMT " BSSID=" MAC_FMT
2774 dev->name, MAC_ARG(hdr->addr1),
2775 MAC_ARG(hdr->addr2),
2776 MAC_ARG(hdr->addr3));
2783 payload = skb->data + hdrlen;
2785 if (unlikely(skb->len - hdrlen < 8)) {
2786 if (net_ratelimit()) {
2787 printk(KERN_DEBUG "%s: RX too short data frame "
2788 "payload\n", dev->name);
2793 ethertype = (payload[6] << 8) | payload[7];
2795 if (likely((compare_ether_addr(payload, rfc1042_header) == 0 &&
2796 ethertype != ETH_P_AARP && ethertype != ETH_P_IPX) ||
2797 compare_ether_addr(payload, bridge_tunnel_header) == 0)) {
2798 /* remove RFC1042 or Bridge-Tunnel encapsulation and
2799 * replace EtherType */
2800 skb_pull(skb, hdrlen + 6);
2801 memcpy(skb_push(skb, ETH_ALEN), src, ETH_ALEN);
2802 memcpy(skb_push(skb, ETH_ALEN), dst, ETH_ALEN);
2804 struct ethhdr *ehdr;
2806 skb_pull(skb, hdrlen);
2807 len = htons(skb->len);
2808 ehdr = (struct ethhdr *) skb_push(skb, sizeof(struct ethhdr));
2809 memcpy(ehdr->h_dest, dst, ETH_ALEN);
2810 memcpy(ehdr->h_source, src, ETH_ALEN);
2811 ehdr->h_proto = len;
2817 sdata->stats.rx_packets++;
2818 sdata->stats.rx_bytes += skb->len;
2820 if (local->bridge_packets && (sdata->type == IEEE80211_IF_TYPE_AP
2821 || sdata->type == IEEE80211_IF_TYPE_VLAN) && rx->u.rx.ra_match) {
2822 if (is_multicast_ether_addr(skb->data)) {
2823 /* send multicast frames both to higher layers in
2824 * local net stack and back to the wireless media */
2825 skb2 = skb_copy(skb, GFP_ATOMIC);
2827 printk(KERN_DEBUG "%s: failed to clone "
2828 "multicast frame\n", dev->name);
2830 struct sta_info *dsta;
2831 dsta = sta_info_get(local, skb->data);
2832 if (dsta && !dsta->dev) {
2833 printk(KERN_DEBUG "Station with null dev "
2835 } else if (dsta && dsta->dev == dev) {
2836 /* Destination station is associated to this
2837 * AP, so send the frame directly to it and
2838 * do not pass the frame to local net stack.
2849 /* deliver to local stack */
2850 skb->protocol = eth_type_trans(skb, dev);
2851 memset(skb->cb, 0, sizeof(skb->cb));
2856 /* send to wireless media */
2857 skb2->protocol = __constant_htons(ETH_P_802_3);
2858 skb_set_network_header(skb2, 0);
2859 skb_set_mac_header(skb2, 0);
2860 dev_queue_xmit(skb2);
2867 static struct ieee80211_rate *
2868 ieee80211_get_rate(struct ieee80211_local *local, int phymode, int hw_rate)
2870 struct ieee80211_hw_mode *mode;
2873 list_for_each_entry(mode, &local->modes_list, list) {
2874 if (mode->mode != phymode)
2876 for (r = 0; r < mode->num_rates; r++) {
2877 struct ieee80211_rate *rate = &mode->rates[r];
2878 if (rate->val == hw_rate ||
2879 (rate->flags & IEEE80211_RATE_PREAMBLE2 &&
2880 rate->val2 == hw_rate))
2889 ieee80211_fill_frame_info(struct ieee80211_local *local,
2890 struct ieee80211_frame_info *fi,
2891 struct ieee80211_rx_status *status)
2895 struct ieee80211_rate *rate;
2897 jiffies_to_timespec(jiffies, &ts);
2898 fi->hosttime = cpu_to_be64((u64) ts.tv_sec * 1000000 +
2900 fi->mactime = cpu_to_be64(status->mactime);
2901 switch (status->phymode) {
2902 case MODE_IEEE80211A:
2903 fi->phytype = htonl(ieee80211_phytype_ofdm_dot11_a);
2905 case MODE_IEEE80211B:
2906 fi->phytype = htonl(ieee80211_phytype_dsss_dot11_b);
2908 case MODE_IEEE80211G:
2909 fi->phytype = htonl(ieee80211_phytype_pbcc_dot11_g);
2911 case MODE_ATHEROS_TURBO:
2913 htonl(ieee80211_phytype_dsss_dot11_turbo);
2916 fi->phytype = htonl(0xAAAAAAAA);
2919 fi->channel = htonl(status->channel);
2920 rate = ieee80211_get_rate(local, status->phymode,
2923 fi->datarate = htonl(rate->rate);
2924 if (rate->flags & IEEE80211_RATE_PREAMBLE2) {
2925 if (status->rate == rate->val)
2926 fi->preamble = htonl(2); /* long */
2927 else if (status->rate == rate->val2)
2928 fi->preamble = htonl(1); /* short */
2930 fi->preamble = htonl(0);
2932 fi->datarate = htonl(0);
2933 fi->preamble = htonl(0);
2936 fi->antenna = htonl(status->antenna);
2937 fi->priority = htonl(0xffffffff); /* no clue */
2938 fi->ssi_type = htonl(ieee80211_ssi_raw);
2939 fi->ssi_signal = htonl(status->ssi);
2940 fi->ssi_noise = 0x00000000;
2943 /* clear everything because we really don't know.
2944 * the msg_type field isn't present on monitor frames
2945 * so we don't know whether it will be present or not,
2946 * but it's ok to not clear it since it'll be assigned
2948 memset(fi, 0, sizeof(*fi) - sizeof(fi->msg_type));
2950 fi->ssi_type = htonl(ieee80211_ssi_none);
2952 fi->version = htonl(IEEE80211_FI_VERSION);
2953 fi->length = cpu_to_be32(sizeof(*fi) - sizeof(fi->msg_type));
2956 /* this routine is actually not just for this, but also
2957 * for pushing fake 'management' frames into userspace.
2958 * it shall be replaced by a netlink-based system. */
2960 ieee80211_rx_mgmt(struct ieee80211_local *local, struct sk_buff *skb,
2961 struct ieee80211_rx_status *status, u32 msg_type)
2963 struct ieee80211_frame_info *fi;
2964 const size_t hlen = sizeof(struct ieee80211_frame_info);
2965 struct ieee80211_sub_if_data *sdata;
2967 skb->dev = local->apdev;
2969 sdata = IEEE80211_DEV_TO_SUB_IF(local->apdev);
2971 if (skb_headroom(skb) < hlen) {
2972 I802_DEBUG_INC(local->rx_expand_skb_head);
2973 if (pskb_expand_head(skb, hlen, 0, GFP_ATOMIC)) {
2979 fi = (struct ieee80211_frame_info *) skb_push(skb, hlen);
2981 ieee80211_fill_frame_info(local, fi, status);
2982 fi->msg_type = htonl(msg_type);
2984 sdata->stats.rx_packets++;
2985 sdata->stats.rx_bytes += skb->len;
2987 skb_set_mac_header(skb, 0);
2988 skb->ip_summed = CHECKSUM_UNNECESSARY;
2989 skb->pkt_type = PACKET_OTHERHOST;
2990 skb->protocol = htons(ETH_P_802_2);
2991 memset(skb->cb, 0, sizeof(skb->cb));
2996 ieee80211_rx_monitor(struct net_device *dev, struct sk_buff *skb,
2997 struct ieee80211_rx_status *status)
2999 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3000 struct ieee80211_sub_if_data *sdata;
3001 struct ieee80211_rate *rate;
3002 struct ieee80211_rtap_hdr {
3003 struct ieee80211_radiotap_header hdr;
3009 } __attribute__ ((packed)) *rthdr;
3013 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3015 if (status->flag & RX_FLAG_RADIOTAP)
3018 if (skb_headroom(skb) < sizeof(*rthdr)) {
3019 I802_DEBUG_INC(local->rx_expand_skb_head);
3020 if (pskb_expand_head(skb, sizeof(*rthdr), 0, GFP_ATOMIC)) {
3026 rthdr = (struct ieee80211_rtap_hdr *) skb_push(skb, sizeof(*rthdr));
3027 memset(rthdr, 0, sizeof(*rthdr));
3028 rthdr->hdr.it_len = cpu_to_le16(sizeof(*rthdr));
3029 rthdr->hdr.it_present =
3030 cpu_to_le32((1 << IEEE80211_RADIOTAP_FLAGS) |
3031 (1 << IEEE80211_RADIOTAP_RATE) |
3032 (1 << IEEE80211_RADIOTAP_CHANNEL) |
3033 (1 << IEEE80211_RADIOTAP_DB_ANTSIGNAL));
3034 rthdr->flags = local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS ?
3035 IEEE80211_RADIOTAP_F_FCS : 0;
3036 rate = ieee80211_get_rate(local, status->phymode, status->rate);
3038 rthdr->rate = rate->rate / 5;
3039 rthdr->chan_freq = cpu_to_le16(status->freq);
3041 status->phymode == MODE_IEEE80211A ?
3042 cpu_to_le16(IEEE80211_CHAN_OFDM | IEEE80211_CHAN_5GHZ) :
3043 cpu_to_le16(IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ);
3044 rthdr->antsignal = status->ssi;
3047 sdata->stats.rx_packets++;
3048 sdata->stats.rx_bytes += skb->len;
3050 skb_set_mac_header(skb, 0);
3051 skb->ip_summed = CHECKSUM_UNNECESSARY;
3052 skb->pkt_type = PACKET_OTHERHOST;
3053 skb->protocol = htons(ETH_P_802_2);
3054 memset(skb->cb, 0, sizeof(skb->cb));
3058 int ieee80211_radar_status(struct ieee80211_hw *hw, int channel,
3059 int radar, int radar_type)
3061 struct sk_buff *skb;
3062 struct ieee80211_radar_info *msg;
3063 struct ieee80211_local *local = hw_to_local(hw);
3068 skb = dev_alloc_skb(sizeof(struct ieee80211_frame_info) +
3069 sizeof(struct ieee80211_radar_info));
3073 skb_reserve(skb, sizeof(struct ieee80211_frame_info));
3075 msg = (struct ieee80211_radar_info *)
3076 skb_put(skb, sizeof(struct ieee80211_radar_info));
3077 msg->channel = channel;
3079 msg->radar_type = radar_type;
3081 ieee80211_rx_mgmt(local, skb, NULL, ieee80211_msg_radar);
3084 EXPORT_SYMBOL(ieee80211_radar_status);
3086 int ieee80211_set_aid_for_sta(struct ieee80211_hw *hw, u8 *peer_address,
3089 struct sk_buff *skb;
3090 struct ieee80211_msg_set_aid_for_sta *msg;
3091 struct ieee80211_local *local = hw_to_local(hw);
3093 /* unlikely because if this event only happens for APs,
3094 * which require an open ap device. */
3095 if (unlikely(!local->apdev))
3098 skb = dev_alloc_skb(sizeof(struct ieee80211_frame_info) +
3099 sizeof(struct ieee80211_msg_set_aid_for_sta));
3103 skb_reserve(skb, sizeof(struct ieee80211_frame_info));
3105 msg = (struct ieee80211_msg_set_aid_for_sta *)
3106 skb_put(skb, sizeof(struct ieee80211_msg_set_aid_for_sta));
3107 memcpy(msg->sta_address, peer_address, ETH_ALEN);
3110 ieee80211_rx_mgmt(local, skb, NULL, ieee80211_msg_set_aid_for_sta);
3113 EXPORT_SYMBOL(ieee80211_set_aid_for_sta);
3115 static void ap_sta_ps_start(struct net_device *dev, struct sta_info *sta)
3117 struct ieee80211_sub_if_data *sdata;
3118 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
3121 atomic_inc(&sdata->bss->num_sta_ps);
3122 sta->flags |= WLAN_STA_PS;
3124 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3125 printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d enters power "
3126 "save mode\n", dev->name, MAC_ARG(sta->addr), sta->aid);
3127 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3131 static int ap_sta_ps_end(struct net_device *dev, struct sta_info *sta)
3133 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
3134 struct sk_buff *skb;
3136 struct ieee80211_sub_if_data *sdata;
3137 struct ieee80211_tx_packet_data *pkt_data;
3139 sdata = IEEE80211_DEV_TO_SUB_IF(sta->dev);
3141 atomic_dec(&sdata->bss->num_sta_ps);
3142 sta->flags &= ~(WLAN_STA_PS | WLAN_STA_TIM);
3144 if (!skb_queue_empty(&sta->ps_tx_buf)) {
3145 if (local->ops->set_tim)
3146 local->ops->set_tim(local_to_hw(local), sta->aid, 0);
3148 bss_tim_clear(local, sdata->bss, sta->aid);
3150 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3151 printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d exits power "
3152 "save mode\n", dev->name, MAC_ARG(sta->addr), sta->aid);
3153 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3154 /* Send all buffered frames to the station */
3155 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) {
3156 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
3158 pkt_data->requeue = 1;
3159 dev_queue_xmit(skb);
3161 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) {
3162 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb;
3163 local->total_ps_buffered--;
3165 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3166 printk(KERN_DEBUG "%s: STA " MAC_FMT " aid %d send PS frame "
3167 "since STA not sleeping anymore\n", dev->name,
3168 MAC_ARG(sta->addr), sta->aid);
3169 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3170 pkt_data->requeue = 1;
3171 dev_queue_xmit(skb);
3178 static ieee80211_txrx_result
3179 ieee80211_rx_h_ps_poll(struct ieee80211_txrx_data *rx)
3181 struct sk_buff *skb;
3182 int no_pending_pkts;
3184 if (likely(!rx->sta ||
3185 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_CTL ||
3186 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_PSPOLL ||
3187 !rx->u.rx.ra_match))
3188 return TXRX_CONTINUE;
3190 skb = skb_dequeue(&rx->sta->tx_filtered);
3192 skb = skb_dequeue(&rx->sta->ps_tx_buf);
3194 rx->local->total_ps_buffered--;
3196 no_pending_pkts = skb_queue_empty(&rx->sta->tx_filtered) &&
3197 skb_queue_empty(&rx->sta->ps_tx_buf);
3200 struct ieee80211_hdr *hdr =
3201 (struct ieee80211_hdr *) skb->data;
3203 /* tell TX path to send one frame even though the STA may
3204 * still remain is PS mode after this frame exchange */
3205 rx->sta->pspoll = 1;
3207 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3208 printk(KERN_DEBUG "STA " MAC_FMT " aid %d: PS Poll (entries "
3210 MAC_ARG(rx->sta->addr), rx->sta->aid,
3211 skb_queue_len(&rx->sta->ps_tx_buf));
3212 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3214 /* Use MoreData flag to indicate whether there are more
3215 * buffered frames for this STA */
3216 if (no_pending_pkts) {
3217 hdr->frame_control &= cpu_to_le16(~IEEE80211_FCTL_MOREDATA);
3218 rx->sta->flags &= ~WLAN_STA_TIM;
3220 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_MOREDATA);
3222 dev_queue_xmit(skb);
3224 if (no_pending_pkts) {
3225 if (rx->local->ops->set_tim)
3226 rx->local->ops->set_tim(local_to_hw(rx->local),
3229 bss_tim_clear(rx->local, rx->sdata->bss, rx->sta->aid);
3231 #ifdef CONFIG_MAC80211_VERBOSE_PS_DEBUG
3232 } else if (!rx->u.rx.sent_ps_buffered) {
3233 printk(KERN_DEBUG "%s: STA " MAC_FMT " sent PS Poll even "
3234 "though there is no buffered frames for it\n",
3235 rx->dev->name, MAC_ARG(rx->sta->addr));
3236 #endif /* CONFIG_MAC80211_VERBOSE_PS_DEBUG */
3240 /* Free PS Poll skb here instead of returning TXRX_DROP that would
3241 * count as an dropped frame. */
3242 dev_kfree_skb(rx->skb);
3248 static inline struct ieee80211_fragment_entry *
3249 ieee80211_reassemble_add(struct ieee80211_sub_if_data *sdata,
3250 unsigned int frag, unsigned int seq, int rx_queue,
3251 struct sk_buff **skb)
3253 struct ieee80211_fragment_entry *entry;
3256 idx = sdata->fragment_next;
3257 entry = &sdata->fragments[sdata->fragment_next++];
3258 if (sdata->fragment_next >= IEEE80211_FRAGMENT_MAX)
3259 sdata->fragment_next = 0;
3261 if (!skb_queue_empty(&entry->skb_list)) {
3262 #ifdef CONFIG_MAC80211_DEBUG
3263 struct ieee80211_hdr *hdr =
3264 (struct ieee80211_hdr *) entry->skb_list.next->data;
3265 printk(KERN_DEBUG "%s: RX reassembly removed oldest "
3266 "fragment entry (idx=%d age=%lu seq=%d last_frag=%d "
3267 "addr1=" MAC_FMT " addr2=" MAC_FMT "\n",
3268 sdata->dev->name, idx,
3269 jiffies - entry->first_frag_time, entry->seq,
3270 entry->last_frag, MAC_ARG(hdr->addr1),
3271 MAC_ARG(hdr->addr2));
3272 #endif /* CONFIG_MAC80211_DEBUG */
3273 __skb_queue_purge(&entry->skb_list);
3276 __skb_queue_tail(&entry->skb_list, *skb); /* no need for locking */
3278 entry->first_frag_time = jiffies;
3280 entry->rx_queue = rx_queue;
3281 entry->last_frag = frag;
3283 entry->extra_len = 0;
3289 static inline struct ieee80211_fragment_entry *
3290 ieee80211_reassemble_find(struct ieee80211_sub_if_data *sdata,
3291 u16 fc, unsigned int frag, unsigned int seq,
3292 int rx_queue, struct ieee80211_hdr *hdr)
3294 struct ieee80211_fragment_entry *entry;
3297 idx = sdata->fragment_next;
3298 for (i = 0; i < IEEE80211_FRAGMENT_MAX; i++) {
3299 struct ieee80211_hdr *f_hdr;
3304 idx = IEEE80211_FRAGMENT_MAX - 1;
3306 entry = &sdata->fragments[idx];
3307 if (skb_queue_empty(&entry->skb_list) || entry->seq != seq ||
3308 entry->rx_queue != rx_queue ||
3309 entry->last_frag + 1 != frag)
3312 f_hdr = (struct ieee80211_hdr *) entry->skb_list.next->data;
3313 f_fc = le16_to_cpu(f_hdr->frame_control);
3315 if ((fc & IEEE80211_FCTL_FTYPE) != (f_fc & IEEE80211_FCTL_FTYPE) ||
3316 compare_ether_addr(hdr->addr1, f_hdr->addr1) != 0 ||
3317 compare_ether_addr(hdr->addr2, f_hdr->addr2) != 0)
3320 if (entry->first_frag_time + 2 * HZ < jiffies) {
3321 __skb_queue_purge(&entry->skb_list);
3331 static ieee80211_txrx_result
3332 ieee80211_rx_h_defragment(struct ieee80211_txrx_data *rx)
3334 struct ieee80211_hdr *hdr;
3336 unsigned int frag, seq;
3337 struct ieee80211_fragment_entry *entry;
3338 struct sk_buff *skb;
3340 hdr = (struct ieee80211_hdr *) rx->skb->data;
3341 sc = le16_to_cpu(hdr->seq_ctrl);
3342 frag = sc & IEEE80211_SCTL_FRAG;
3344 if (likely((!(rx->fc & IEEE80211_FCTL_MOREFRAGS) && frag == 0) ||
3345 (rx->skb)->len < 24 ||
3346 is_multicast_ether_addr(hdr->addr1))) {
3347 /* not fragmented */
3350 I802_DEBUG_INC(rx->local->rx_handlers_fragments);
3352 seq = (sc & IEEE80211_SCTL_SEQ) >> 4;
3355 /* This is the first fragment of a new frame. */
3356 entry = ieee80211_reassemble_add(rx->sdata, frag, seq,
3357 rx->u.rx.queue, &(rx->skb));
3358 if (rx->key && rx->key->alg == ALG_CCMP &&
3359 (rx->fc & IEEE80211_FCTL_PROTECTED)) {
3360 /* Store CCMP PN so that we can verify that the next
3361 * fragment has a sequential PN value. */
3363 memcpy(entry->last_pn,
3364 rx->key->u.ccmp.rx_pn[rx->u.rx.queue],
3370 /* This is a fragment for a frame that should already be pending in
3371 * fragment cache. Add this fragment to the end of the pending entry.
3373 entry = ieee80211_reassemble_find(rx->sdata, rx->fc, frag, seq,
3374 rx->u.rx.queue, hdr);
3376 I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag);
3380 /* Verify that MPDUs within one MSDU have sequential PN values.
3381 * (IEEE 802.11i, 8.3.3.4.5) */
3384 u8 pn[CCMP_PN_LEN], *rpn;
3385 if (!rx->key || rx->key->alg != ALG_CCMP)
3387 memcpy(pn, entry->last_pn, CCMP_PN_LEN);
3388 for (i = CCMP_PN_LEN - 1; i >= 0; i--) {
3393 rpn = rx->key->u.ccmp.rx_pn[rx->u.rx.queue];
3394 if (memcmp(pn, rpn, CCMP_PN_LEN) != 0) {
3395 printk(KERN_DEBUG "%s: defrag: CCMP PN not sequential"
3396 " A2=" MAC_FMT " PN=%02x%02x%02x%02x%02x%02x "
3397 "(expected %02x%02x%02x%02x%02x%02x)\n",
3398 rx->dev->name, MAC_ARG(hdr->addr2),
3399 rpn[0], rpn[1], rpn[2], rpn[3], rpn[4], rpn[5],
3400 pn[0], pn[1], pn[2], pn[3], pn[4], pn[5]);
3403 memcpy(entry->last_pn, pn, CCMP_PN_LEN);
3406 skb_pull(rx->skb, ieee80211_get_hdrlen(rx->fc));
3407 __skb_queue_tail(&entry->skb_list, rx->skb);
3408 entry->last_frag = frag;
3409 entry->extra_len += rx->skb->len;
3410 if (rx->fc & IEEE80211_FCTL_MOREFRAGS) {
3415 rx->skb = __skb_dequeue(&entry->skb_list);
3416 if (skb_tailroom(rx->skb) < entry->extra_len) {
3417 I802_DEBUG_INC(rx->local->rx_expand_skb_head2);
3418 if (unlikely(pskb_expand_head(rx->skb, 0, entry->extra_len,
3420 I802_DEBUG_INC(rx->local->rx_handlers_drop_defrag);
3421 __skb_queue_purge(&entry->skb_list);
3425 while ((skb = __skb_dequeue(&entry->skb_list))) {
3426 memcpy(skb_put(rx->skb, skb->len), skb->data, skb->len);
3430 /* Complete frame has been reassembled - process it now */
3435 rx->sta->rx_packets++;
3436 if (is_multicast_ether_addr(hdr->addr1))
3437 rx->local->dot11MulticastReceivedFrameCount++;
3439 ieee80211_led_rx(rx->local);
3440 return TXRX_CONTINUE;
3444 static ieee80211_txrx_result
3445 ieee80211_rx_h_monitor(struct ieee80211_txrx_data *rx)
3447 if (rx->sdata->type == IEEE80211_IF_TYPE_MNTR) {
3448 ieee80211_rx_monitor(rx->dev, rx->skb, rx->u.rx.status);
3452 if (rx->u.rx.status->flag & RX_FLAG_RADIOTAP)
3453 skb_pull(rx->skb, ieee80211_get_radiotap_len(rx->skb));
3455 return TXRX_CONTINUE;
3459 static ieee80211_txrx_result
3460 ieee80211_rx_h_check(struct ieee80211_txrx_data *rx)
3462 struct ieee80211_hdr *hdr;
3464 hdr = (struct ieee80211_hdr *) rx->skb->data;
3466 /* Drop duplicate 802.11 retransmissions (IEEE 802.11 Chap. 9.2.9) */
3467 if (rx->sta && !is_multicast_ether_addr(hdr->addr1)) {
3468 if (unlikely(rx->fc & IEEE80211_FCTL_RETRY &&
3469 rx->sta->last_seq_ctrl[rx->u.rx.queue] ==
3471 if (rx->u.rx.ra_match) {
3472 rx->local->dot11FrameDuplicateCount++;
3473 rx->sta->num_duplicates++;
3477 rx->sta->last_seq_ctrl[rx->u.rx.queue] = hdr->seq_ctrl;
3480 if ((rx->local->hw.flags & IEEE80211_HW_RX_INCLUDES_FCS) &&
3481 rx->skb->len > FCS_LEN)
3482 skb_trim(rx->skb, rx->skb->len - FCS_LEN);
3484 if (unlikely(rx->skb->len < 16)) {
3485 I802_DEBUG_INC(rx->local->rx_handlers_drop_short);
3489 if (!rx->u.rx.ra_match)
3490 rx->skb->pkt_type = PACKET_OTHERHOST;
3491 else if (compare_ether_addr(rx->dev->dev_addr, hdr->addr1) == 0)
3492 rx->skb->pkt_type = PACKET_HOST;
3493 else if (is_multicast_ether_addr(hdr->addr1)) {
3494 if (is_broadcast_ether_addr(hdr->addr1))
3495 rx->skb->pkt_type = PACKET_BROADCAST;
3497 rx->skb->pkt_type = PACKET_MULTICAST;
3499 rx->skb->pkt_type = PACKET_OTHERHOST;
3501 /* Drop disallowed frame classes based on STA auth/assoc state;
3502 * IEEE 802.11, Chap 5.5.
3504 * 80211.o does filtering only based on association state, i.e., it
3505 * drops Class 3 frames from not associated stations. hostapd sends
3506 * deauth/disassoc frames when needed. In addition, hostapd is
3507 * responsible for filtering on both auth and assoc states.
3509 if (unlikely(((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA ||
3510 ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_CTL &&
3511 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_PSPOLL)) &&
3512 rx->sdata->type != IEEE80211_IF_TYPE_IBSS &&
3513 (!rx->sta || !(rx->sta->flags & WLAN_STA_ASSOC)))) {
3514 if ((!(rx->fc & IEEE80211_FCTL_FROMDS) &&
3515 !(rx->fc & IEEE80211_FCTL_TODS) &&
3516 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)
3517 || !rx->u.rx.ra_match) {
3518 /* Drop IBSS frames and frames for other hosts
3523 if (!rx->local->apdev)
3526 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
3527 ieee80211_msg_sta_not_assoc);
3531 if (rx->sdata->type == IEEE80211_IF_TYPE_STA)
3536 if (rx->sta && rx->sta->key && always_sta_key) {
3537 rx->key = rx->sta->key;
3539 if (rx->sta && rx->sta->key)
3540 rx->key = rx->sta->key;
3542 rx->key = rx->sdata->default_key;
3544 if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) &&
3545 rx->fc & IEEE80211_FCTL_PROTECTED) {
3546 int keyidx = ieee80211_wep_get_keyidx(rx->skb);
3548 if (keyidx >= 0 && keyidx < NUM_DEFAULT_KEYS &&
3549 (!rx->sta || !rx->sta->key || keyidx > 0))
3550 rx->key = rx->sdata->keys[keyidx];
3553 if (!rx->u.rx.ra_match)
3555 printk(KERN_DEBUG "%s: RX WEP frame with "
3556 "unknown keyidx %d (A1=" MAC_FMT " A2="
3557 MAC_FMT " A3=" MAC_FMT ")\n",
3558 rx->dev->name, keyidx,
3559 MAC_ARG(hdr->addr1),
3560 MAC_ARG(hdr->addr2),
3561 MAC_ARG(hdr->addr3));
3562 if (!rx->local->apdev)
3565 rx->local, rx->skb, rx->u.rx.status,
3566 ieee80211_msg_wep_frame_unknown_key);
3572 if (rx->fc & IEEE80211_FCTL_PROTECTED && rx->key && rx->u.rx.ra_match) {
3573 rx->key->tx_rx_count++;
3574 if (unlikely(rx->local->key_tx_rx_threshold &&
3575 rx->key->tx_rx_count >
3576 rx->local->key_tx_rx_threshold)) {
3577 ieee80211_key_threshold_notify(rx->dev, rx->key,
3582 return TXRX_CONTINUE;
3586 static ieee80211_txrx_result
3587 ieee80211_rx_h_sta_process(struct ieee80211_txrx_data *rx)
3589 struct sta_info *sta = rx->sta;
3590 struct net_device *dev = rx->dev;
3591 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) rx->skb->data;
3594 return TXRX_CONTINUE;
3596 /* Update last_rx only for IBSS packets which are for the current
3597 * BSSID to avoid keeping the current IBSS network alive in cases where
3598 * other STAs are using different BSSID. */
3599 if (rx->sdata->type == IEEE80211_IF_TYPE_IBSS) {
3600 u8 *bssid = ieee80211_get_bssid(hdr, rx->skb->len);
3601 if (compare_ether_addr(bssid, rx->sdata->u.sta.bssid) == 0)
3602 sta->last_rx = jiffies;
3604 if (!is_multicast_ether_addr(hdr->addr1) ||
3605 rx->sdata->type == IEEE80211_IF_TYPE_STA) {
3606 /* Update last_rx only for unicast frames in order to prevent
3607 * the Probe Request frames (the only broadcast frames from a
3608 * STA in infrastructure mode) from keeping a connection alive.
3610 sta->last_rx = jiffies;
3613 if (!rx->u.rx.ra_match)
3614 return TXRX_CONTINUE;
3616 sta->rx_fragments++;
3617 sta->rx_bytes += rx->skb->len;
3618 sta->last_rssi = (sta->last_rssi * 15 +
3619 rx->u.rx.status->ssi) / 16;
3620 sta->last_signal = (sta->last_signal * 15 +
3621 rx->u.rx.status->signal) / 16;
3622 sta->last_noise = (sta->last_noise * 15 +
3623 rx->u.rx.status->noise) / 16;
3625 if (!(rx->fc & IEEE80211_FCTL_MOREFRAGS)) {
3626 /* Change STA power saving mode only in the end of a frame
3627 * exchange sequence */
3628 if ((sta->flags & WLAN_STA_PS) && !(rx->fc & IEEE80211_FCTL_PM))
3629 rx->u.rx.sent_ps_buffered += ap_sta_ps_end(dev, sta);
3630 else if (!(sta->flags & WLAN_STA_PS) &&
3631 (rx->fc & IEEE80211_FCTL_PM))
3632 ap_sta_ps_start(dev, sta);
3635 /* Drop data::nullfunc frames silently, since they are used only to
3636 * control station power saving mode. */
3637 if ((rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
3638 (rx->fc & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_NULLFUNC) {
3639 I802_DEBUG_INC(rx->local->rx_handlers_drop_nullfunc);
3640 /* Update counter and free packet here to avoid counting this
3641 * as a dropped packed. */
3643 dev_kfree_skb(rx->skb);
3647 return TXRX_CONTINUE;
3648 } /* ieee80211_rx_h_sta_process */
3651 static ieee80211_txrx_result
3652 ieee80211_rx_h_wep_weak_iv_detection(struct ieee80211_txrx_data *rx)
3654 if (!rx->sta || !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
3655 (rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA ||
3656 !rx->key || rx->key->alg != ALG_WEP || !rx->u.rx.ra_match)
3657 return TXRX_CONTINUE;
3659 /* Check for weak IVs, if hwaccel did not remove IV from the frame */
3660 if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) ||
3661 rx->key->force_sw_encrypt) {
3662 u8 *iv = ieee80211_wep_is_weak_iv(rx->skb, rx->key);
3664 rx->sta->wep_weak_iv_count++;
3668 return TXRX_CONTINUE;
3672 static ieee80211_txrx_result
3673 ieee80211_rx_h_wep_decrypt(struct ieee80211_txrx_data *rx)
3675 /* If the device handles decryption totally, skip this test */
3676 if (rx->local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP)
3677 return TXRX_CONTINUE;
3679 if ((rx->key && rx->key->alg != ALG_WEP) ||
3680 !(rx->fc & IEEE80211_FCTL_PROTECTED) ||
3681 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
3682 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
3683 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)))
3684 return TXRX_CONTINUE;
3687 printk(KERN_DEBUG "%s: RX WEP frame, but no key set\n",
3692 if (!(rx->u.rx.status->flag & RX_FLAG_DECRYPTED) ||
3693 rx->key->force_sw_encrypt) {
3694 if (ieee80211_wep_decrypt(rx->local, rx->skb, rx->key)) {
3695 printk(KERN_DEBUG "%s: RX WEP frame, decrypt "
3696 "failed\n", rx->dev->name);
3699 } else if (rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) {
3700 ieee80211_wep_remove_iv(rx->local, rx->skb, rx->key);
3702 skb_trim(rx->skb, rx->skb->len - 4);
3705 return TXRX_CONTINUE;
3709 static ieee80211_txrx_result
3710 ieee80211_rx_h_802_1x_pae(struct ieee80211_txrx_data *rx)
3712 if (rx->sdata->eapol && ieee80211_is_eapol(rx->skb) &&
3713 rx->sdata->type != IEEE80211_IF_TYPE_STA && rx->u.rx.ra_match) {
3714 /* Pass both encrypted and unencrypted EAPOL frames to user
3715 * space for processing. */
3716 if (!rx->local->apdev)
3718 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
3719 ieee80211_msg_normal);
3723 if (unlikely(rx->sdata->ieee802_1x &&
3724 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
3725 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_NULLFUNC &&
3726 (!rx->sta || !(rx->sta->flags & WLAN_STA_AUTHORIZED)) &&
3727 !ieee80211_is_eapol(rx->skb))) {
3728 #ifdef CONFIG_MAC80211_DEBUG
3729 struct ieee80211_hdr *hdr =
3730 (struct ieee80211_hdr *) rx->skb->data;
3731 printk(KERN_DEBUG "%s: dropped frame from " MAC_FMT
3732 " (unauthorized port)\n", rx->dev->name,
3733 MAC_ARG(hdr->addr2));
3734 #endif /* CONFIG_MAC80211_DEBUG */
3738 return TXRX_CONTINUE;
3742 static ieee80211_txrx_result
3743 ieee80211_rx_h_drop_unencrypted(struct ieee80211_txrx_data *rx)
3745 /* If the device handles decryption totally, skip this test */
3746 if (rx->local->hw.flags & IEEE80211_HW_DEVICE_HIDES_WEP)
3747 return TXRX_CONTINUE;
3749 /* Drop unencrypted frames if key is set. */
3750 if (unlikely(!(rx->fc & IEEE80211_FCTL_PROTECTED) &&
3751 (rx->fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA &&
3752 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_NULLFUNC &&
3753 (rx->key || rx->sdata->drop_unencrypted) &&
3754 (rx->sdata->eapol == 0 ||
3755 !ieee80211_is_eapol(rx->skb)))) {
3756 printk(KERN_DEBUG "%s: RX non-WEP frame, but expected "
3757 "encryption\n", rx->dev->name);
3760 return TXRX_CONTINUE;
3764 static ieee80211_txrx_result
3765 ieee80211_rx_h_mgmt(struct ieee80211_txrx_data *rx)
3767 struct ieee80211_sub_if_data *sdata;
3769 if (!rx->u.rx.ra_match)
3772 sdata = IEEE80211_DEV_TO_SUB_IF(rx->dev);
3773 if ((sdata->type == IEEE80211_IF_TYPE_STA ||
3774 sdata->type == IEEE80211_IF_TYPE_IBSS) &&
3775 !rx->local->user_space_mlme) {
3776 ieee80211_sta_rx_mgmt(rx->dev, rx->skb, rx->u.rx.status);
3778 /* Management frames are sent to hostapd for processing */
3779 if (!rx->local->apdev)
3781 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
3782 ieee80211_msg_normal);
3788 static ieee80211_txrx_result
3789 ieee80211_rx_h_passive_scan(struct ieee80211_txrx_data *rx)
3791 struct ieee80211_local *local = rx->local;
3792 struct sk_buff *skb = rx->skb;
3794 if (unlikely(local->sta_scanning != 0)) {
3795 ieee80211_sta_rx_scan(rx->dev, skb, rx->u.rx.status);
3799 if (unlikely(rx->u.rx.in_scan)) {
3800 /* scanning finished during invoking of handlers */
3801 I802_DEBUG_INC(local->rx_handlers_drop_passive_scan);
3805 return TXRX_CONTINUE;
3809 static void ieee80211_rx_michael_mic_report(struct net_device *dev,
3810 struct ieee80211_hdr *hdr,
3811 struct sta_info *sta,
3812 struct ieee80211_txrx_data *rx)
3816 hdrlen = ieee80211_get_hdrlen_from_skb(rx->skb);
3817 if (rx->skb->len >= hdrlen + 4)
3818 keyidx = rx->skb->data[hdrlen + 3] >> 6;
3822 /* TODO: verify that this is not triggered by fragmented
3823 * frames (hw does not verify MIC for them). */
3824 printk(KERN_DEBUG "%s: TKIP hwaccel reported Michael MIC "
3825 "failure from " MAC_FMT " to " MAC_FMT " keyidx=%d\n",
3826 dev->name, MAC_ARG(hdr->addr2), MAC_ARG(hdr->addr1), keyidx);
3829 /* Some hardware versions seem to generate incorrect
3830 * Michael MIC reports; ignore them to avoid triggering
3831 * countermeasures. */
3832 printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
3833 "error for unknown address " MAC_FMT "\n",
3834 dev->name, MAC_ARG(hdr->addr2));
3838 if (!(rx->fc & IEEE80211_FCTL_PROTECTED)) {
3839 printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
3840 "error for a frame with no ISWEP flag (src "
3841 MAC_FMT ")\n", dev->name, MAC_ARG(hdr->addr2));
3845 if ((rx->local->hw.flags & IEEE80211_HW_WEP_INCLUDE_IV) &&
3846 rx->sdata->type == IEEE80211_IF_TYPE_AP) {
3847 keyidx = ieee80211_wep_get_keyidx(rx->skb);
3848 /* AP with Pairwise keys support should never receive Michael
3849 * MIC errors for non-zero keyidx because these are reserved
3850 * for group keys and only the AP is sending real multicast
3853 printk(KERN_DEBUG "%s: ignored Michael MIC error for "
3854 "a frame with non-zero keyidx (%d) (src " MAC_FMT
3855 ")\n", dev->name, keyidx, MAC_ARG(hdr->addr2));
3860 if ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA &&
3861 ((rx->fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT ||
3862 (rx->fc & IEEE80211_FCTL_STYPE) != IEEE80211_STYPE_AUTH)) {
3863 printk(KERN_DEBUG "%s: ignored spurious Michael MIC "
3864 "error for a frame that cannot be encrypted "
3865 "(fc=0x%04x) (src " MAC_FMT ")\n",
3866 dev->name, rx->fc, MAC_ARG(hdr->addr2));
3871 union iwreq_data wrqu;
3872 char *buf = kmalloc(128, GFP_ATOMIC);
3876 /* TODO: needed parameters: count, key type, TSC */
3877 sprintf(buf, "MLME-MICHAELMICFAILURE.indication("
3878 "keyid=%d %scast addr=" MAC_FMT ")",
3879 keyidx, hdr->addr1[0] & 0x01 ? "broad" : "uni",
3880 MAC_ARG(hdr->addr2));
3881 memset(&wrqu, 0, sizeof(wrqu));
3882 wrqu.data.length = strlen(buf);
3883 wireless_send_event(rx->dev, IWEVCUSTOM, &wrqu, buf);
3887 /* TODO: consider verifying the MIC error report with software
3888 * implementation if we get too many spurious reports from the
3890 if (!rx->local->apdev)
3892 ieee80211_rx_mgmt(rx->local, rx->skb, rx->u.rx.status,
3893 ieee80211_msg_michael_mic_failure);
3897 dev_kfree_skb(rx->skb);
3901 static inline ieee80211_txrx_result __ieee80211_invoke_rx_handlers(
3902 struct ieee80211_local *local,
3903 ieee80211_rx_handler *handlers,
3904 struct ieee80211_txrx_data *rx,
3905 struct sta_info *sta)
3907 ieee80211_rx_handler *handler;
3908 ieee80211_txrx_result res = TXRX_DROP;
3910 for (handler = handlers; *handler != NULL; handler++) {
3911 res = (*handler)(rx);
3912 if (res != TXRX_CONTINUE) {
3913 if (res == TXRX_DROP) {
3914 I802_DEBUG_INC(local->rx_handlers_drop);
3918 if (res == TXRX_QUEUED)
3919 I802_DEBUG_INC(local->rx_handlers_queued);
3924 if (res == TXRX_DROP) {
3925 dev_kfree_skb(rx->skb);
3930 static inline void ieee80211_invoke_rx_handlers(struct ieee80211_local *local,
3931 ieee80211_rx_handler *handlers,
3932 struct ieee80211_txrx_data *rx,
3933 struct sta_info *sta)
3935 if (__ieee80211_invoke_rx_handlers(local, handlers, rx, sta) ==
3937 dev_kfree_skb(rx->skb);
3941 * This is the receive path handler. It is called by a low level driver when an
3942 * 802.11 MPDU is received from the hardware.
3944 void __ieee80211_rx(struct ieee80211_hw *hw, struct sk_buff *skb,
3945 struct ieee80211_rx_status *status)
3947 struct ieee80211_local *local = hw_to_local(hw);
3948 struct ieee80211_sub_if_data *sdata;
3949 struct sta_info *sta;
3950 struct ieee80211_hdr *hdr;
3951 struct ieee80211_txrx_data rx;
3954 int radiotap_len = 0;
3956 if (status->flag & RX_FLAG_RADIOTAP) {
3957 radiotap_len = ieee80211_get_radiotap_len(skb);
3958 skb_pull(skb, radiotap_len);
3961 hdr = (struct ieee80211_hdr *) skb->data;
3962 memset(&rx, 0, sizeof(rx));
3966 rx.u.rx.status = status;
3967 rx.fc = skb->len >= 2 ? le16_to_cpu(hdr->frame_control) : 0;
3968 type = rx.fc & IEEE80211_FCTL_FTYPE;
3969 if (type == IEEE80211_FTYPE_DATA || type == IEEE80211_FTYPE_MGMT)
3970 local->dot11ReceivedFragmentCount++;
3971 multicast = is_multicast_ether_addr(hdr->addr1);
3974 sta = rx.sta = sta_info_get(local, hdr->addr2);
3976 sta = rx.sta = NULL;
3980 rx.sdata = IEEE80211_DEV_TO_SUB_IF(rx.dev);
3983 if ((status->flag & RX_FLAG_MMIC_ERROR)) {
3984 ieee80211_rx_michael_mic_report(local->mdev, hdr, sta, &rx);
3988 if (unlikely(local->sta_scanning))
3989 rx.u.rx.in_scan = 1;
3991 if (__ieee80211_invoke_rx_handlers(local, local->rx_pre_handlers, &rx,
3992 sta) != TXRX_CONTINUE)
3996 skb_push(skb, radiotap_len);
3997 if (sta && !sta->assoc_ap && !(sta->flags & WLAN_STA_WDS) &&
3998 !local->iff_promiscs && !multicast) {
3999 rx.u.rx.ra_match = 1;
4000 ieee80211_invoke_rx_handlers(local, local->rx_handlers, &rx,
4003 struct ieee80211_sub_if_data *prev = NULL;
4004 struct sk_buff *skb_new;
4005 u8 *bssid = ieee80211_get_bssid(hdr, skb->len - radiotap_len);
4007 read_lock(&local->sub_if_lock);
4008 list_for_each_entry(sdata, &local->sub_if_list, list) {
4009 rx.u.rx.ra_match = 1;
4010 switch (sdata->type) {
4011 case IEEE80211_IF_TYPE_STA:
4014 if (!ieee80211_bssid_match(bssid,
4015 sdata->u.sta.bssid)) {
4016 if (!rx.u.rx.in_scan)
4018 rx.u.rx.ra_match = 0;
4019 } else if (!multicast &&
4020 compare_ether_addr(sdata->dev->dev_addr,
4022 if (!sdata->promisc)
4024 rx.u.rx.ra_match = 0;
4027 case IEEE80211_IF_TYPE_IBSS:
4030 if (!ieee80211_bssid_match(bssid,
4031 sdata->u.sta.bssid)) {
4032 if (!rx.u.rx.in_scan)
4034 rx.u.rx.ra_match = 0;
4035 } else if (!multicast &&
4036 compare_ether_addr(sdata->dev->dev_addr,
4038 if (!sdata->promisc)
4040 rx.u.rx.ra_match = 0;
4043 ieee80211_ibss_add_sta(sdata->dev,
4047 case IEEE80211_IF_TYPE_AP:
4049 if (compare_ether_addr(sdata->dev->dev_addr,
4052 } else if (!ieee80211_bssid_match(bssid,
4053 sdata->dev->dev_addr)) {
4054 if (!rx.u.rx.in_scan)
4056 rx.u.rx.ra_match = 0;
4058 if (sdata->dev == local->mdev &&
4060 /* do not receive anything via
4061 * master device when not scanning */
4064 case IEEE80211_IF_TYPE_WDS:
4066 (rx.fc & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_DATA)
4068 if (compare_ether_addr(sdata->u.wds.remote_addr,
4075 skb_new = skb_copy(skb, GFP_ATOMIC);
4077 if (net_ratelimit())
4078 printk(KERN_DEBUG "%s: failed to copy "
4079 "multicast frame for %s",
4080 local->mdev->name, prev->dev->name);
4086 ieee80211_invoke_rx_handlers(local,
4096 ieee80211_invoke_rx_handlers(local, local->rx_handlers,
4100 read_unlock(&local->sub_if_lock);
4107 EXPORT_SYMBOL(__ieee80211_rx);
4109 static ieee80211_txrx_result
4110 ieee80211_tx_h_load_stats(struct ieee80211_txrx_data *tx)
4112 struct ieee80211_local *local = tx->local;
4113 struct ieee80211_hw_mode *mode = tx->u.tx.mode;
4114 struct sk_buff *skb = tx->skb;
4115 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
4116 u32 load = 0, hdrtime;
4118 /* TODO: this could be part of tx_status handling, so that the number
4119 * of retries would be known; TX rate should in that case be stored
4120 * somewhere with the packet */
4122 /* Estimate total channel use caused by this frame */
4124 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values,
4125 * 1 usec = 1/8 * (1080 / 10) = 13.5 */
4127 if (mode->mode == MODE_IEEE80211A ||
4128 mode->mode == MODE_ATHEROS_TURBO ||
4129 mode->mode == MODE_ATHEROS_TURBOG ||
4130 (mode->mode == MODE_IEEE80211G &&
4131 tx->u.tx.rate->flags & IEEE80211_RATE_ERP))
4132 hdrtime = CHAN_UTIL_HDR_SHORT;
4134 hdrtime = CHAN_UTIL_HDR_LONG;
4137 if (!is_multicast_ether_addr(hdr->addr1))
4140 if (tx->u.tx.control->flags & IEEE80211_TXCTL_USE_RTS_CTS)
4141 load += 2 * hdrtime;
4142 else if (tx->u.tx.control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT)
4145 load += skb->len * tx->u.tx.rate->rate_inv;
4147 if (tx->u.tx.extra_frag) {
4149 for (i = 0; i < tx->u.tx.num_extra_frag; i++) {
4150 load += 2 * hdrtime;
4151 load += tx->u.tx.extra_frag[i]->len *
4152 tx->u.tx.rate->rate;
4156 /* Divide channel_use by 8 to avoid wrapping around the counter */
4157 load >>= CHAN_UTIL_SHIFT;
4158 local->channel_use_raw += load;
4160 tx->sta->channel_use_raw += load;
4161 tx->sdata->channel_use_raw += load;
4163 return TXRX_CONTINUE;
4167 static ieee80211_txrx_result
4168 ieee80211_rx_h_load_stats(struct ieee80211_txrx_data *rx)
4170 struct ieee80211_local *local = rx->local;
4171 struct sk_buff *skb = rx->skb;
4172 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
4173 u32 load = 0, hdrtime;
4174 struct ieee80211_rate *rate;
4175 struct ieee80211_hw_mode *mode = local->hw.conf.mode;
4178 /* Estimate total channel use caused by this frame */
4180 if (unlikely(mode->num_rates < 0))
4181 return TXRX_CONTINUE;
4183 rate = &mode->rates[0];
4184 for (i = 0; i < mode->num_rates; i++) {
4185 if (mode->rates[i].val == rx->u.rx.status->rate) {
4186 rate = &mode->rates[i];
4191 /* 1 bit at 1 Mbit/s takes 1 usec; in channel_use values,
4192 * 1 usec = 1/8 * (1080 / 10) = 13.5 */
4194 if (mode->mode == MODE_IEEE80211A ||
4195 mode->mode == MODE_ATHEROS_TURBO ||
4196 mode->mode == MODE_ATHEROS_TURBOG ||
4197 (mode->mode == MODE_IEEE80211G &&
4198 rate->flags & IEEE80211_RATE_ERP))
4199 hdrtime = CHAN_UTIL_HDR_SHORT;
4201 hdrtime = CHAN_UTIL_HDR_LONG;
4204 if (!is_multicast_ether_addr(hdr->addr1))
4207 load += skb->len * rate->rate_inv;
4209 /* Divide channel_use by 8 to avoid wrapping around the counter */
4210 load >>= CHAN_UTIL_SHIFT;
4211 local->channel_use_raw += load;
4213 rx->sta->channel_use_raw += load;
4214 rx->u.rx.load = load;
4216 return TXRX_CONTINUE;
4219 static ieee80211_txrx_result
4220 ieee80211_rx_h_if_stats(struct ieee80211_txrx_data *rx)
4222 rx->sdata->channel_use_raw += rx->u.rx.load;
4223 return TXRX_CONTINUE;
4226 static void ieee80211_stat_refresh(unsigned long data)
4228 struct ieee80211_local *local = (struct ieee80211_local *) data;
4229 struct sta_info *sta;
4230 struct ieee80211_sub_if_data *sdata;
4232 if (!local->stat_time)
4235 /* go through all stations */
4236 spin_lock_bh(&local->sta_lock);
4237 list_for_each_entry(sta, &local->sta_list, list) {
4238 sta->channel_use = (sta->channel_use_raw / local->stat_time) /
4240 sta->channel_use_raw = 0;
4242 spin_unlock_bh(&local->sta_lock);
4244 /* go through all subinterfaces */
4245 read_lock(&local->sub_if_lock);
4246 list_for_each_entry(sdata, &local->sub_if_list, list) {
4247 sdata->channel_use = (sdata->channel_use_raw /
4248 local->stat_time) / CHAN_UTIL_PER_10MS;
4249 sdata->channel_use_raw = 0;
4251 read_unlock(&local->sub_if_lock);
4253 /* hardware interface */
4254 local->channel_use = (local->channel_use_raw /
4255 local->stat_time) / CHAN_UTIL_PER_10MS;
4256 local->channel_use_raw = 0;
4258 local->stat_timer.expires = jiffies + HZ * local->stat_time / 100;
4259 add_timer(&local->stat_timer);
4263 /* This is a version of the rx handler that can be called from hard irq
4264 * context. Post the skb on the queue and schedule the tasklet */
4265 void ieee80211_rx_irqsafe(struct ieee80211_hw *hw, struct sk_buff *skb,
4266 struct ieee80211_rx_status *status)
4268 struct ieee80211_local *local = hw_to_local(hw);
4270 BUILD_BUG_ON(sizeof(struct ieee80211_rx_status) > sizeof(skb->cb));
4272 skb->dev = local->mdev;
4273 /* copy status into skb->cb for use by tasklet */
4274 memcpy(skb->cb, status, sizeof(*status));
4275 skb->pkt_type = IEEE80211_RX_MSG;
4276 skb_queue_tail(&local->skb_queue, skb);
4277 tasklet_schedule(&local->tasklet);
4279 EXPORT_SYMBOL(ieee80211_rx_irqsafe);
4281 void ieee80211_tx_status_irqsafe(struct ieee80211_hw *hw,
4282 struct sk_buff *skb,
4283 struct ieee80211_tx_status *status)
4285 struct ieee80211_local *local = hw_to_local(hw);
4286 struct ieee80211_tx_status *saved;
4289 skb->dev = local->mdev;
4290 saved = kmalloc(sizeof(struct ieee80211_tx_status), GFP_ATOMIC);
4291 if (unlikely(!saved)) {
4292 if (net_ratelimit())
4293 printk(KERN_WARNING "%s: Not enough memory, "
4294 "dropping tx status", skb->dev->name);
4295 /* should be dev_kfree_skb_irq, but due to this function being
4296 * named _irqsafe instead of just _irq we can't be sure that
4297 * people won't call it from non-irq contexts */
4298 dev_kfree_skb_any(skb);
4301 memcpy(saved, status, sizeof(struct ieee80211_tx_status));
4302 /* copy pointer to saved status into skb->cb for use by tasklet */
4303 memcpy(skb->cb, &saved, sizeof(saved));
4305 skb->pkt_type = IEEE80211_TX_STATUS_MSG;
4306 skb_queue_tail(status->control.flags & IEEE80211_TXCTL_REQ_TX_STATUS ?
4307 &local->skb_queue : &local->skb_queue_unreliable, skb);
4308 tmp = skb_queue_len(&local->skb_queue) +
4309 skb_queue_len(&local->skb_queue_unreliable);
4310 while (tmp > IEEE80211_IRQSAFE_QUEUE_LIMIT &&
4311 (skb = skb_dequeue(&local->skb_queue_unreliable))) {
4312 memcpy(&saved, skb->cb, sizeof(saved));
4314 dev_kfree_skb_irq(skb);
4316 I802_DEBUG_INC(local->tx_status_drop);
4318 tasklet_schedule(&local->tasklet);
4320 EXPORT_SYMBOL(ieee80211_tx_status_irqsafe);
4322 static void ieee80211_tasklet_handler(unsigned long data)
4324 struct ieee80211_local *local = (struct ieee80211_local *) data;
4325 struct sk_buff *skb;
4326 struct ieee80211_rx_status rx_status;
4327 struct ieee80211_tx_status *tx_status;
4329 while ((skb = skb_dequeue(&local->skb_queue)) ||
4330 (skb = skb_dequeue(&local->skb_queue_unreliable))) {
4331 switch (skb->pkt_type) {
4332 case IEEE80211_RX_MSG:
4333 /* status is in skb->cb */
4334 memcpy(&rx_status, skb->cb, sizeof(rx_status));
4335 /* Clear skb->type in order to not confuse kernel
4338 __ieee80211_rx(local_to_hw(local), skb, &rx_status);
4340 case IEEE80211_TX_STATUS_MSG:
4341 /* get pointer to saved status out of skb->cb */
4342 memcpy(&tx_status, skb->cb, sizeof(tx_status));
4344 ieee80211_tx_status(local_to_hw(local),
4348 default: /* should never get here! */
4349 printk(KERN_ERR "%s: Unknown message type (%d)\n",
4350 local->mdev->name, skb->pkt_type);
4358 /* Remove added headers (e.g., QoS control), encryption header/MIC, etc. to
4359 * make a prepared TX frame (one that has been given to hw) to look like brand
4360 * new IEEE 802.11 frame that is ready to go through TX processing again.
4361 * Also, tx_packet_data in cb is restored from tx_control. */
4362 static void ieee80211_remove_tx_extra(struct ieee80211_local *local,
4363 struct ieee80211_key *key,
4364 struct sk_buff *skb,
4365 struct ieee80211_tx_control *control)
4367 int hdrlen, iv_len, mic_len;
4368 struct ieee80211_tx_packet_data *pkt_data;
4370 pkt_data = (struct ieee80211_tx_packet_data *)skb->cb;
4371 pkt_data->ifindex = control->ifindex;
4372 pkt_data->mgmt_iface = (control->type == IEEE80211_IF_TYPE_MGMT);
4373 pkt_data->req_tx_status = !!(control->flags & IEEE80211_TXCTL_REQ_TX_STATUS);
4374 pkt_data->do_not_encrypt = !!(control->flags & IEEE80211_TXCTL_DO_NOT_ENCRYPT);
4375 pkt_data->requeue = !!(control->flags & IEEE80211_TXCTL_REQUEUE);
4376 pkt_data->queue = control->queue;
4378 hdrlen = ieee80211_get_hdrlen_from_skb(skb);
4385 iv_len = WEP_IV_LEN;
4386 mic_len = WEP_ICV_LEN;
4389 iv_len = TKIP_IV_LEN;
4390 mic_len = TKIP_ICV_LEN;
4393 iv_len = CCMP_HDR_LEN;
4394 mic_len = CCMP_MIC_LEN;
4400 if (skb->len >= mic_len && key->force_sw_encrypt)
4401 skb_trim(skb, skb->len - mic_len);
4402 if (skb->len >= iv_len && skb->len > hdrlen) {
4403 memmove(skb->data + iv_len, skb->data, hdrlen);
4404 skb_pull(skb, iv_len);
4409 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
4410 u16 fc = le16_to_cpu(hdr->frame_control);
4411 if ((fc & 0x8C) == 0x88) /* QoS Control Field */ {
4412 fc &= ~IEEE80211_STYPE_QOS_DATA;
4413 hdr->frame_control = cpu_to_le16(fc);
4414 memmove(skb->data + 2, skb->data, hdrlen - 2);
4421 void ieee80211_tx_status(struct ieee80211_hw *hw, struct sk_buff *skb,
4422 struct ieee80211_tx_status *status)
4424 struct sk_buff *skb2;
4425 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
4426 struct ieee80211_local *local = hw_to_local(hw);
4432 "%s: ieee80211_tx_status called with NULL status\n",
4438 if (status->excessive_retries) {
4439 struct sta_info *sta;
4440 sta = sta_info_get(local, hdr->addr1);
4442 if (sta->flags & WLAN_STA_PS) {
4443 /* The STA is in power save mode, so assume
4444 * that this TX packet failed because of that.
4446 status->excessive_retries = 0;
4447 status->flags |= IEEE80211_TX_STATUS_TX_FILTERED;
4453 if (status->flags & IEEE80211_TX_STATUS_TX_FILTERED) {
4454 struct sta_info *sta;
4455 sta = sta_info_get(local, hdr->addr1);
4457 sta->tx_filtered_count++;
4459 /* Clear the TX filter mask for this STA when sending
4460 * the next packet. If the STA went to power save mode,
4461 * this will happen when it is waking up for the next
4463 sta->clear_dst_mask = 1;
4465 /* TODO: Is the WLAN_STA_PS flag always set here or is
4466 * the race between RX and TX status causing some
4467 * packets to be filtered out before 80211.o gets an
4468 * update for PS status? This seems to be the case, so
4469 * no changes are likely to be needed. */
4470 if (sta->flags & WLAN_STA_PS &&
4471 skb_queue_len(&sta->tx_filtered) <
4472 STA_MAX_TX_BUFFER) {
4473 ieee80211_remove_tx_extra(local, sta->key,
4476 skb_queue_tail(&sta->tx_filtered, skb);
4477 } else if (!(sta->flags & WLAN_STA_PS) &&
4478 !(status->control.flags & IEEE80211_TXCTL_REQUEUE)) {
4479 /* Software retry the packet once */
4480 status->control.flags |= IEEE80211_TXCTL_REQUEUE;
4481 ieee80211_remove_tx_extra(local, sta->key,
4484 dev_queue_xmit(skb);
4486 if (net_ratelimit()) {
4487 printk(KERN_DEBUG "%s: dropped TX "
4488 "filtered frame queue_len=%d "
4493 !!(sta->flags & WLAN_STA_PS),
4502 /* FIXME: STUPID to call this with both local and local->mdev */
4503 rate_control_tx_status(local, local->mdev, skb, status);
4506 ieee80211_led_tx(local, 0);
4509 * Fragments are passed to low-level drivers as separate skbs, so these
4510 * are actually fragments, not frames. Update frame counters only for
4511 * the first fragment of the frame. */
4513 frag = le16_to_cpu(hdr->seq_ctrl) & IEEE80211_SCTL_FRAG;
4514 type = le16_to_cpu(hdr->frame_control) & IEEE80211_FCTL_FTYPE;
4516 if (status->flags & IEEE80211_TX_STATUS_ACK) {
4518 local->dot11TransmittedFrameCount++;
4519 if (is_multicast_ether_addr(hdr->addr1))
4520 local->dot11MulticastTransmittedFrameCount++;
4521 if (status->retry_count > 0)
4522 local->dot11RetryCount++;
4523 if (status->retry_count > 1)
4524 local->dot11MultipleRetryCount++;
4527 /* This counter shall be incremented for an acknowledged MPDU
4528 * with an individual address in the address 1 field or an MPDU
4529 * with a multicast address in the address 1 field of type Data
4531 if (!is_multicast_ether_addr(hdr->addr1) ||
4532 type == IEEE80211_FTYPE_DATA ||
4533 type == IEEE80211_FTYPE_MGMT)
4534 local->dot11TransmittedFragmentCount++;
4537 local->dot11FailedCount++;
4540 if (!(status->control.flags & IEEE80211_TXCTL_REQ_TX_STATUS)
4541 || unlikely(!local->apdev)) {
4546 msg_type = (status->flags & IEEE80211_TX_STATUS_ACK) ?
4547 ieee80211_msg_tx_callback_ack : ieee80211_msg_tx_callback_fail;
4549 /* skb was the original skb used for TX. Clone it and give the clone
4550 * to netif_rx(). Free original skb. */
4551 skb2 = skb_copy(skb, GFP_ATOMIC);
4559 /* Send frame to hostapd */
4560 ieee80211_rx_mgmt(local, skb, NULL, msg_type);
4562 EXPORT_SYMBOL(ieee80211_tx_status);
4564 /* TODO: implement register/unregister functions for adding TX/RX handlers
4565 * into ordered list */
4567 /* rx_pre handlers don't have dev and sdata fields available in
4568 * ieee80211_txrx_data */
4569 static ieee80211_rx_handler ieee80211_rx_pre_handlers[] =
4571 ieee80211_rx_h_parse_qos,
4572 ieee80211_rx_h_load_stats,
4576 static ieee80211_rx_handler ieee80211_rx_handlers[] =
4578 ieee80211_rx_h_if_stats,
4579 ieee80211_rx_h_monitor,
4580 ieee80211_rx_h_passive_scan,
4581 ieee80211_rx_h_check,
4582 ieee80211_rx_h_sta_process,
4583 ieee80211_rx_h_ccmp_decrypt,
4584 ieee80211_rx_h_tkip_decrypt,
4585 ieee80211_rx_h_wep_weak_iv_detection,
4586 ieee80211_rx_h_wep_decrypt,
4587 ieee80211_rx_h_defragment,
4588 ieee80211_rx_h_ps_poll,
4589 ieee80211_rx_h_michael_mic_verify,
4590 /* this must be after decryption - so header is counted in MPDU mic
4591 * must be before pae and data, so QOS_DATA format frames
4592 * are not passed to user space by these functions
4594 ieee80211_rx_h_remove_qos_control,
4595 ieee80211_rx_h_802_1x_pae,
4596 ieee80211_rx_h_drop_unencrypted,
4597 ieee80211_rx_h_data_agg,
4598 ieee80211_rx_h_data,
4599 ieee80211_rx_h_mgmt,
4603 static ieee80211_tx_handler ieee80211_tx_handlers[] =
4605 ieee80211_tx_h_check_assoc,
4606 ieee80211_tx_h_sequence,
4607 ieee80211_tx_h_ps_buf,
4608 ieee80211_tx_h_select_key,
4609 ieee80211_tx_h_michael_mic_add,
4610 ieee80211_tx_h_fragment,
4611 ieee80211_tx_h_tkip_encrypt,
4612 ieee80211_tx_h_ccmp_encrypt,
4613 ieee80211_tx_h_wep_encrypt,
4614 ieee80211_tx_h_rate_ctrl,
4615 ieee80211_tx_h_misc,
4616 ieee80211_tx_h_load_stats,
4621 int ieee80211_if_update_wds(struct net_device *dev, u8 *remote_addr)
4623 struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
4624 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
4625 struct sta_info *sta;
4627 if (compare_ether_addr(remote_addr, sdata->u.wds.remote_addr) == 0)
4630 /* Create STA entry for the new peer */
4631 sta = sta_info_add(local, dev, remote_addr, GFP_KERNEL);
4636 /* Remove STA entry for the old peer */
4637 sta = sta_info_get(local, sdata->u.wds.remote_addr);
4640 sta_info_free(sta, 0);
4642 printk(KERN_DEBUG "%s: could not find STA entry for WDS link "
4643 "peer " MAC_FMT "\n",
4644 dev->name, MAC_ARG(sdata->u.wds.remote_addr));
4647 /* Update WDS link data */
4648 memcpy(&sdata->u.wds.remote_addr, remote_addr, ETH_ALEN);
4653 /* Must not be called for mdev and apdev */
4654 void ieee80211_if_setup(struct net_device *dev)
4657 dev->hard_start_xmit = ieee80211_subif_start_xmit;
4658 dev->wireless_handlers = &ieee80211_iw_handler_def;
4659 dev->do_ioctl = ieee80211_ioctl;
4660 dev->set_multicast_list = ieee80211_set_multicast_list;
4661 dev->change_mtu = ieee80211_change_mtu;
4662 dev->get_stats = ieee80211_get_stats;
4663 dev->open = ieee80211_open;
4664 dev->stop = ieee80211_stop;
4665 dev->uninit = ieee80211_if_reinit;
4666 dev->destructor = ieee80211_if_free;
4669 void ieee80211_if_mgmt_setup(struct net_device *dev)
4672 dev->hard_start_xmit = ieee80211_mgmt_start_xmit;
4673 dev->change_mtu = ieee80211_change_mtu_apdev;
4674 dev->get_stats = ieee80211_get_stats;
4675 dev->open = ieee80211_mgmt_open;
4676 dev->stop = ieee80211_mgmt_stop;
4677 dev->type = ARPHRD_IEEE80211_PRISM;
4678 dev->hard_header_parse = header_parse_80211;
4679 dev->uninit = ieee80211_if_reinit;
4680 dev->destructor = ieee80211_if_free;
4683 int ieee80211_init_rate_ctrl_alg(struct ieee80211_local *local,
4686 struct rate_control_ref *ref, *old;
4689 if (local->open_count || netif_running(local->mdev) ||
4690 (local->apdev && netif_running(local->apdev)))
4693 ref = rate_control_alloc(name, local);
4695 printk(KERN_WARNING "%s: Failed to select rate control "
4696 "algorithm\n", local->mdev->name);
4700 old = local->rate_ctrl;
4701 local->rate_ctrl = ref;
4703 rate_control_put(old);
4704 sta_info_flush(local, NULL);
4707 printk(KERN_DEBUG "%s: Selected rate control "
4708 "algorithm '%s'\n", local->mdev->name,
4715 static void rate_control_deinitialize(struct ieee80211_local *local)
4717 struct rate_control_ref *ref;
4719 ref = local->rate_ctrl;
4720 local->rate_ctrl = NULL;
4721 rate_control_put(ref);
4724 struct ieee80211_hw *ieee80211_alloc_hw(size_t priv_data_len,
4725 const struct ieee80211_ops *ops)
4727 struct net_device *mdev;
4728 struct ieee80211_local *local;
4729 struct ieee80211_sub_if_data *sdata;
4731 struct wiphy *wiphy;
4733 /* Ensure 32-byte alignment of our private data and hw private data.
4734 * We use the wiphy priv data for both our ieee80211_local and for
4735 * the driver's private data
4737 * In memory it'll be like this:
4739 * +-------------------------+
4741 * +-------------------------+
4742 * | struct ieee80211_local |
4743 * +-------------------------+
4744 * | driver's private data |
4745 * +-------------------------+
4748 priv_size = ((sizeof(struct ieee80211_local) +
4749 NETDEV_ALIGN_CONST) & ~NETDEV_ALIGN_CONST) +
4752 wiphy = wiphy_new(&mac80211_config_ops, priv_size);
4757 wiphy->privid = mac80211_wiphy_privid;
4759 local = wiphy_priv(wiphy);
4760 local->hw.wiphy = wiphy;
4762 local->hw.priv = (char *)local +
4763 ((sizeof(struct ieee80211_local) +
4764 NETDEV_ALIGN_CONST) & ~NETDEV_ALIGN_CONST);
4768 /* for now, mdev needs sub_if_data :/ */
4769 mdev = alloc_netdev(sizeof(struct ieee80211_sub_if_data),
4770 "wmaster%d", ether_setup);
4776 sdata = IEEE80211_DEV_TO_SUB_IF(mdev);
4777 mdev->ieee80211_ptr = &sdata->wdev;
4778 sdata->wdev.wiphy = wiphy;
4780 local->hw.queues = 1; /* default */
4783 local->rx_pre_handlers = ieee80211_rx_pre_handlers;
4784 local->rx_handlers = ieee80211_rx_handlers;
4785 local->tx_handlers = ieee80211_tx_handlers;
4787 local->bridge_packets = 1;
4789 local->rts_threshold = IEEE80211_MAX_RTS_THRESHOLD;
4790 local->fragmentation_threshold = IEEE80211_MAX_FRAG_THRESHOLD;
4791 local->short_retry_limit = 7;
4792 local->long_retry_limit = 4;
4793 local->hw.conf.radio_enabled = 1;
4794 local->rate_ctrl_num_up = RATE_CONTROL_NUM_UP;
4795 local->rate_ctrl_num_down = RATE_CONTROL_NUM_DOWN;
4797 local->enabled_modes = (unsigned int) -1;
4799 INIT_LIST_HEAD(&local->modes_list);
4801 rwlock_init(&local->sub_if_lock);
4802 INIT_LIST_HEAD(&local->sub_if_list);
4804 INIT_DELAYED_WORK(&local->scan_work, ieee80211_sta_scan_work);
4805 init_timer(&local->stat_timer);
4806 local->stat_timer.function = ieee80211_stat_refresh;
4807 local->stat_timer.data = (unsigned long) local;
4808 ieee80211_rx_bss_list_init(mdev);
4810 sta_info_init(local);
4812 mdev->hard_start_xmit = ieee80211_master_start_xmit;
4813 mdev->open = ieee80211_master_open;
4814 mdev->stop = ieee80211_master_stop;
4815 mdev->type = ARPHRD_IEEE80211;
4816 mdev->hard_header_parse = header_parse_80211;
4818 sdata->type = IEEE80211_IF_TYPE_AP;
4820 sdata->local = local;
4821 sdata->u.ap.force_unicast_rateidx = -1;
4822 sdata->u.ap.max_ratectrl_rateidx = -1;
4823 ieee80211_if_sdata_init(sdata);
4824 list_add_tail(&sdata->list, &local->sub_if_list);
4826 tasklet_init(&local->tx_pending_tasklet, ieee80211_tx_pending,
4827 (unsigned long)local);
4828 tasklet_disable(&local->tx_pending_tasklet);
4830 tasklet_init(&local->tasklet,
4831 ieee80211_tasklet_handler,
4832 (unsigned long) local);
4833 tasklet_disable(&local->tasklet);
4835 skb_queue_head_init(&local->skb_queue);
4836 skb_queue_head_init(&local->skb_queue_unreliable);
4838 return local_to_hw(local);
4840 EXPORT_SYMBOL(ieee80211_alloc_hw);
4842 int ieee80211_register_hw(struct ieee80211_hw *hw)
4844 struct ieee80211_local *local = hw_to_local(hw);
4848 result = wiphy_register(local->hw.wiphy);
4852 name = wiphy_dev(local->hw.wiphy)->driver->name;
4853 local->hw.workqueue = create_singlethread_workqueue(name);
4854 if (!local->hw.workqueue) {
4856 goto fail_workqueue;
4859 debugfs_hw_add(local);
4861 local->hw.conf.beacon_int = 1000;
4863 local->wstats_flags |= local->hw.max_rssi ?
4864 IW_QUAL_LEVEL_UPDATED : IW_QUAL_LEVEL_INVALID;
4865 local->wstats_flags |= local->hw.max_signal ?
4866 IW_QUAL_QUAL_UPDATED : IW_QUAL_QUAL_INVALID;
4867 local->wstats_flags |= local->hw.max_noise ?
4868 IW_QUAL_NOISE_UPDATED : IW_QUAL_NOISE_INVALID;
4869 if (local->hw.max_rssi < 0 || local->hw.max_noise < 0)
4870 local->wstats_flags |= IW_QUAL_DBM;
4872 result = sta_info_start(local);
4877 result = dev_alloc_name(local->mdev, local->mdev->name);
4881 memcpy(local->mdev->dev_addr, local->hw.wiphy->perm_addr, ETH_ALEN);
4882 SET_NETDEV_DEV(local->mdev, wiphy_dev(local->hw.wiphy));
4884 result = register_netdevice(local->mdev);
4888 ieee80211_debugfs_add_netdev(IEEE80211_DEV_TO_SUB_IF(local->mdev));
4890 result = ieee80211_init_rate_ctrl_alg(local, NULL);
4892 printk(KERN_DEBUG "%s: Failed to initialize rate control "
4893 "algorithm\n", local->mdev->name);
4897 result = ieee80211_wep_init(local);
4900 printk(KERN_DEBUG "%s: Failed to initialize wep\n",
4905 ieee80211_install_qdisc(local->mdev);
4907 /* add one default STA interface */
4908 result = ieee80211_if_add(local->mdev, "wlan%d", NULL,
4909 IEEE80211_IF_TYPE_STA);
4911 printk(KERN_WARNING "%s: Failed to add default virtual iface\n",
4914 local->reg_state = IEEE80211_DEV_REGISTERED;
4917 ieee80211_led_init(local);
4922 rate_control_deinitialize(local);
4924 ieee80211_debugfs_remove_netdev(IEEE80211_DEV_TO_SUB_IF(local->mdev));
4925 unregister_netdevice(local->mdev);
4928 sta_info_stop(local);
4930 debugfs_hw_del(local);
4931 destroy_workqueue(local->hw.workqueue);
4933 wiphy_unregister(local->hw.wiphy);
4936 EXPORT_SYMBOL(ieee80211_register_hw);
4938 int ieee80211_register_hwmode(struct ieee80211_hw *hw,
4939 struct ieee80211_hw_mode *mode)
4941 struct ieee80211_local *local = hw_to_local(hw);
4942 struct ieee80211_rate *rate;
4945 INIT_LIST_HEAD(&mode->list);
4946 list_add_tail(&mode->list, &local->modes_list);
4948 local->hw_modes |= (1 << mode->mode);
4949 for (i = 0; i < mode->num_rates; i++) {
4950 rate = &(mode->rates[i]);
4951 rate->rate_inv = CHAN_UTIL_RATE_LCM / rate->rate;
4953 ieee80211_prepare_rates(local, mode);
4955 if (!local->oper_hw_mode) {
4956 /* Default to this mode */
4957 local->hw.conf.phymode = mode->mode;
4958 local->oper_hw_mode = local->scan_hw_mode = mode;
4959 local->oper_channel = local->scan_channel = &mode->channels[0];
4960 local->hw.conf.mode = local->oper_hw_mode;
4961 local->hw.conf.chan = local->oper_channel;
4964 if (!(hw->flags & IEEE80211_HW_DEFAULT_REG_DOMAIN_CONFIGURED))
4965 ieee80211_set_default_regdomain(mode);
4969 EXPORT_SYMBOL(ieee80211_register_hwmode);
4971 void ieee80211_unregister_hw(struct ieee80211_hw *hw)
4973 struct ieee80211_local *local = hw_to_local(hw);
4974 struct ieee80211_sub_if_data *sdata, *tmp;
4975 struct list_head tmp_list;
4978 tasklet_kill(&local->tx_pending_tasklet);
4979 tasklet_kill(&local->tasklet);
4983 BUG_ON(local->reg_state != IEEE80211_DEV_REGISTERED);
4985 local->reg_state = IEEE80211_DEV_UNREGISTERED;
4987 ieee80211_if_del_mgmt(local);
4989 write_lock_bh(&local->sub_if_lock);
4990 list_replace_init(&local->sub_if_list, &tmp_list);
4991 write_unlock_bh(&local->sub_if_lock);
4993 list_for_each_entry_safe(sdata, tmp, &tmp_list, list)
4994 __ieee80211_if_del(local, sdata);
4998 if (local->stat_time)
4999 del_timer_sync(&local->stat_timer);
5001 ieee80211_rx_bss_list_deinit(local->mdev);
5002 ieee80211_clear_tx_pending(local);
5003 sta_info_stop(local);
5004 rate_control_deinitialize(local);
5005 debugfs_hw_del(local);
5007 for (i = 0; i < NUM_IEEE80211_MODES; i++) {
5008 kfree(local->supp_rates[i]);
5009 kfree(local->basic_rates[i]);
5012 if (skb_queue_len(&local->skb_queue)
5013 || skb_queue_len(&local->skb_queue_unreliable))
5014 printk(KERN_WARNING "%s: skb_queue not empty\n",
5016 skb_queue_purge(&local->skb_queue);
5017 skb_queue_purge(&local->skb_queue_unreliable);
5019 destroy_workqueue(local->hw.workqueue);
5020 wiphy_unregister(local->hw.wiphy);
5021 ieee80211_wep_free(local);
5022 ieee80211_led_exit(local);
5024 EXPORT_SYMBOL(ieee80211_unregister_hw);
5026 void ieee80211_free_hw(struct ieee80211_hw *hw)
5028 struct ieee80211_local *local = hw_to_local(hw);
5030 ieee80211_if_free(local->mdev);
5031 wiphy_free(local->hw.wiphy);
5033 EXPORT_SYMBOL(ieee80211_free_hw);
5035 void ieee80211_wake_queue(struct ieee80211_hw *hw, int queue)
5037 struct ieee80211_local *local = hw_to_local(hw);
5039 if (test_and_clear_bit(IEEE80211_LINK_STATE_XOFF,
5040 &local->state[queue])) {
5041 if (test_bit(IEEE80211_LINK_STATE_PENDING,
5042 &local->state[queue]))
5043 tasklet_schedule(&local->tx_pending_tasklet);
5045 if (!ieee80211_qdisc_installed(local->mdev)) {
5047 netif_wake_queue(local->mdev);
5049 __netif_schedule(local->mdev);
5052 EXPORT_SYMBOL(ieee80211_wake_queue);
5054 void ieee80211_stop_queue(struct ieee80211_hw *hw, int queue)
5056 struct ieee80211_local *local = hw_to_local(hw);
5058 if (!ieee80211_qdisc_installed(local->mdev) && queue == 0)
5059 netif_stop_queue(local->mdev);
5060 set_bit(IEEE80211_LINK_STATE_XOFF, &local->state[queue]);
5062 EXPORT_SYMBOL(ieee80211_stop_queue);
5064 void ieee80211_start_queues(struct ieee80211_hw *hw)
5066 struct ieee80211_local *local = hw_to_local(hw);
5069 for (i = 0; i < local->hw.queues; i++)
5070 clear_bit(IEEE80211_LINK_STATE_XOFF, &local->state[i]);
5071 if (!ieee80211_qdisc_installed(local->mdev))
5072 netif_start_queue(local->mdev);
5074 EXPORT_SYMBOL(ieee80211_start_queues);
5076 void ieee80211_stop_queues(struct ieee80211_hw *hw)
5080 for (i = 0; i < hw->queues; i++)
5081 ieee80211_stop_queue(hw, i);
5083 EXPORT_SYMBOL(ieee80211_stop_queues);
5085 void ieee80211_wake_queues(struct ieee80211_hw *hw)
5089 for (i = 0; i < hw->queues; i++)
5090 ieee80211_wake_queue(hw, i);
5092 EXPORT_SYMBOL(ieee80211_wake_queues);
5094 struct net_device_stats *ieee80211_dev_stats(struct net_device *dev)
5096 struct ieee80211_sub_if_data *sdata;
5097 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
5098 return &sdata->stats;
5101 static int __init ieee80211_init(void)
5103 struct sk_buff *skb;
5106 BUILD_BUG_ON(sizeof(struct ieee80211_tx_packet_data) > sizeof(skb->cb));
5108 ret = ieee80211_wme_register();
5110 printk(KERN_DEBUG "ieee80211_init: failed to "
5111 "initialize WME (err=%d)\n", ret);
5115 ieee80211_debugfs_netdev_init();
5116 ieee80211_regdomain_init();
5122 static void __exit ieee80211_exit(void)
5124 ieee80211_wme_unregister();
5125 ieee80211_debugfs_netdev_exit();
5129 module_init(ieee80211_init);
5130 module_exit(ieee80211_exit);
5132 MODULE_DESCRIPTION("IEEE 802.11 subsystem");
5133 MODULE_LICENSE("GPL");
projects / openwrt.git / blob