mac80211: merge a fix for a race condition on station removal
[openwrt/svn-archive/archive.git] / package / mac80211 / patches / 300-pending_work.patch
1 --- a/drivers/net/wireless/ath/ath9k/common.h
2 +++ b/drivers/net/wireless/ath/ath9k/common.h
3 @@ -27,7 +27,7 @@
4 #define WME_MAX_BA WME_BA_BMP_SIZE
5 #define ATH_TID_MAX_BUFS (2 * WME_MAX_BA)
6
7 -#define ATH_RSSI_DUMMY_MARKER 0x127
8 +#define ATH_RSSI_DUMMY_MARKER 127
9 #define ATH_RSSI_LPF_LEN 10
10 #define RSSI_LPF_THRESHOLD -20
11 #define ATH_RSSI_EP_MULTIPLIER (1<<7)
12 --- a/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
13 +++ b/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
14 @@ -1067,15 +1067,19 @@ static bool ath9k_rx_prepare(struct ath9
15
16 last_rssi = priv->rx.last_rssi;
17
18 - if (likely(last_rssi != ATH_RSSI_DUMMY_MARKER))
19 - rxbuf->rxstatus.rs_rssi = ATH_EP_RND(last_rssi,
20 - ATH_RSSI_EP_MULTIPLIER);
21 + if (ieee80211_is_beacon(hdr->frame_control) &&
22 + !is_zero_ether_addr(common->curbssid) &&
23 + ether_addr_equal(hdr->addr3, common->curbssid)) {
24 + s8 rssi = rxbuf->rxstatus.rs_rssi;
25
26 - if (rxbuf->rxstatus.rs_rssi < 0)
27 - rxbuf->rxstatus.rs_rssi = 0;
28 + if (likely(last_rssi != ATH_RSSI_DUMMY_MARKER))
29 + rssi = ATH_EP_RND(last_rssi, ATH_RSSI_EP_MULTIPLIER);
30
31 - if (ieee80211_is_beacon(fc))
32 - priv->ah->stats.avgbrssi = rxbuf->rxstatus.rs_rssi;
33 + if (rssi < 0)
34 + rssi = 0;
35 +
36 + priv->ah->stats.avgbrssi = rssi;
37 + }
38
39 rx_status->mactime = be64_to_cpu(rxbuf->rxstatus.rs_tstamp);
40 rx_status->band = hw->conf.channel->band;
41 --- a/include/linux/ieee80211.h
42 +++ b/include/linux/ieee80211.h
43 @@ -185,7 +185,7 @@ struct ieee80211_hdr {
44 u8 addr3[6];
45 __le16 seq_ctrl;
46 u8 addr4[6];
47 -} __packed;
48 +} __packed __aligned(2);
49
50 struct ieee80211_hdr_3addr {
51 __le16 frame_control;
52 @@ -194,7 +194,7 @@ struct ieee80211_hdr_3addr {
53 u8 addr2[6];
54 u8 addr3[6];
55 __le16 seq_ctrl;
56 -} __packed;
57 +} __packed __aligned(2);
58
59 struct ieee80211_qos_hdr {
60 __le16 frame_control;
61 @@ -204,7 +204,7 @@ struct ieee80211_qos_hdr {
62 u8 addr3[6];
63 __le16 seq_ctrl;
64 __le16 qos_ctrl;
65 -} __packed;
66 +} __packed __aligned(2);
67
68 /**
69 * ieee80211_has_tods - check if IEEE80211_FCTL_TODS is set
70 @@ -581,7 +581,7 @@ struct ieee80211s_hdr {
71 __le32 seqnum;
72 u8 eaddr1[6];
73 u8 eaddr2[6];
74 -} __packed;
75 +} __packed __aligned(2);
76
77 /* Mesh flags */
78 #define MESH_FLAGS_AE_A4 0x1
79 @@ -875,7 +875,7 @@ struct ieee80211_mgmt {
80 } u;
81 } __packed action;
82 } u;
83 -} __packed;
84 +} __packed __aligned(2);
85
86 /* Supported Rates value encodings in 802.11n-2009 7.3.2.2 */
87 #define BSS_MEMBERSHIP_SELECTOR_HT_PHY 127
88 @@ -906,20 +906,20 @@ struct ieee80211_rts {
89 __le16 duration;
90 u8 ra[6];
91 u8 ta[6];
92 -} __packed;
93 +} __packed __aligned(2);
94
95 struct ieee80211_cts {
96 __le16 frame_control;
97 __le16 duration;
98 u8 ra[6];
99 -} __packed;
100 +} __packed __aligned(2);
101
102 struct ieee80211_pspoll {
103 __le16 frame_control;
104 __le16 aid;
105 u8 bssid[6];
106 u8 ta[6];
107 -} __packed;
108 +} __packed __aligned(2);
109
110 /* TDLS */
111
112 --- a/net/mac80211/agg-rx.c
113 +++ b/net/mac80211/agg-rx.c
114 @@ -204,6 +204,8 @@ static void ieee80211_send_addba_resp(st
115 memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
116 else if (sdata->vif.type == NL80211_IFTYPE_ADHOC)
117 memcpy(mgmt->bssid, sdata->u.ibss.bssid, ETH_ALEN);
118 + else if (sdata->vif.type == NL80211_IFTYPE_WDS)
119 + memcpy(mgmt->bssid, da, ETH_ALEN);
120
121 mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
122 IEEE80211_STYPE_ACTION);
123 --- a/net/mac80211/agg-tx.c
124 +++ b/net/mac80211/agg-tx.c
125 @@ -81,7 +81,8 @@ static void ieee80211_send_addba_request
126 memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
127 if (sdata->vif.type == NL80211_IFTYPE_AP ||
128 sdata->vif.type == NL80211_IFTYPE_AP_VLAN ||
129 - sdata->vif.type == NL80211_IFTYPE_MESH_POINT)
130 + sdata->vif.type == NL80211_IFTYPE_MESH_POINT ||
131 + sdata->vif.type == NL80211_IFTYPE_WDS)
132 memcpy(mgmt->bssid, sdata->vif.addr, ETH_ALEN);
133 else if (sdata->vif.type == NL80211_IFTYPE_STATION)
134 memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
135 @@ -527,6 +528,7 @@ int ieee80211_start_tx_ba_session(struct
136 sdata->vif.type != NL80211_IFTYPE_MESH_POINT &&
137 sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
138 sdata->vif.type != NL80211_IFTYPE_AP &&
139 + sdata->vif.type != NL80211_IFTYPE_WDS &&
140 sdata->vif.type != NL80211_IFTYPE_ADHOC)
141 return -EINVAL;
142
143 --- a/net/mac80211/debugfs_sta.c
144 +++ b/net/mac80211/debugfs_sta.c
145 @@ -65,11 +65,11 @@ static ssize_t sta_flags_read(struct fil
146 test_sta_flag(sta, WLAN_STA_##flg) ? #flg "\n" : ""
147
148 int res = scnprintf(buf, sizeof(buf),
149 - "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
150 + "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
151 TEST(AUTH), TEST(ASSOC), TEST(PS_STA),
152 TEST(PS_DRIVER), TEST(AUTHORIZED),
153 TEST(SHORT_PREAMBLE),
154 - TEST(WME), TEST(WDS), TEST(CLEAR_PS_FILT),
155 + TEST(WME), TEST(CLEAR_PS_FILT),
156 TEST(MFP), TEST(BLOCK_BA), TEST(PSPOLL),
157 TEST(UAPSD), TEST(SP), TEST(TDLS_PEER),
158 TEST(TDLS_PEER_AUTH), TEST(4ADDR_EVENT),
159 --- a/net/mac80211/iface.c
160 +++ b/net/mac80211/iface.c
161 @@ -107,7 +107,7 @@ void ieee80211_recalc_idle(struct ieee80
162
163 lockdep_assert_held(&local->mtx);
164
165 - active = !list_empty(&local->chanctx_list);
166 + active = !list_empty(&local->chanctx_list) || local->monitors;
167
168 if (!local->ops->remain_on_channel) {
169 list_for_each_entry(roc, &local->roc_list, list) {
170 @@ -436,7 +436,6 @@ int ieee80211_do_open(struct wireless_de
171 struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
172 struct net_device *dev = wdev->netdev;
173 struct ieee80211_local *local = sdata->local;
174 - struct sta_info *sta;
175 u32 changed = 0;
176 int res;
177 u32 hw_reconf_flags = 0;
178 @@ -541,6 +540,9 @@ int ieee80211_do_open(struct wireless_de
179
180 ieee80211_adjust_monitor_flags(sdata, 1);
181 ieee80211_configure_filter(local);
182 + mutex_lock(&local->mtx);
183 + ieee80211_recalc_idle(local);
184 + mutex_unlock(&local->mtx);
185
186 netif_carrier_on(dev);
187 break;
188 @@ -595,30 +597,8 @@ int ieee80211_do_open(struct wireless_de
189
190 set_bit(SDATA_STATE_RUNNING, &sdata->state);
191
192 - if (sdata->vif.type == NL80211_IFTYPE_WDS) {
193 - /* Create STA entry for the WDS peer */
194 - sta = sta_info_alloc(sdata, sdata->u.wds.remote_addr,
195 - GFP_KERNEL);
196 - if (!sta) {
197 - res = -ENOMEM;
198 - goto err_del_interface;
199 - }
200 -
201 - sta_info_pre_move_state(sta, IEEE80211_STA_AUTH);
202 - sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC);
203 - sta_info_pre_move_state(sta, IEEE80211_STA_AUTHORIZED);
204 -
205 - res = sta_info_insert(sta);
206 - if (res) {
207 - /* STA has been freed */
208 - goto err_del_interface;
209 - }
210 -
211 - rate_control_rate_init(sta);
212 - netif_carrier_on(dev);
213 - } else if (sdata->vif.type == NL80211_IFTYPE_P2P_DEVICE) {
214 + if (sdata->vif.type == NL80211_IFTYPE_P2P_DEVICE)
215 rcu_assign_pointer(local->p2p_sdata, sdata);
216 - }
217
218 /*
219 * set_multicast_list will be invoked by the networking core
220 @@ -817,6 +797,9 @@ static void ieee80211_do_stop(struct iee
221
222 ieee80211_adjust_monitor_flags(sdata, -1);
223 ieee80211_configure_filter(local);
224 + mutex_lock(&local->mtx);
225 + ieee80211_recalc_idle(local);
226 + mutex_unlock(&local->mtx);
227 break;
228 case NL80211_IFTYPE_P2P_DEVICE:
229 /* relies on synchronize_rcu() below */
230 @@ -1022,6 +1005,72 @@ static void ieee80211_if_setup(struct ne
231 dev->destructor = free_netdev;
232 }
233
234 +static void ieee80211_wds_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata,
235 + struct sk_buff *skb)
236 +{
237 + struct ieee80211_local *local = sdata->local;
238 + struct ieee80211_rx_status *rx_status;
239 + struct ieee802_11_elems elems;
240 + struct ieee80211_mgmt *mgmt;
241 + struct sta_info *sta;
242 + size_t baselen;
243 + u32 rates = 0;
244 + u16 stype;
245 + bool new = false;
246 + enum ieee80211_band band = local->hw.conf.channel->band;
247 + struct ieee80211_supported_band *sband = local->hw.wiphy->bands[band];
248 +
249 + rx_status = IEEE80211_SKB_RXCB(skb);
250 + mgmt = (struct ieee80211_mgmt *) skb->data;
251 + stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE;
252 +
253 + if (stype != IEEE80211_STYPE_BEACON)
254 + return;
255 +
256 + baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt;
257 + if (baselen > skb->len)
258 + return;
259 +
260 + ieee802_11_parse_elems(mgmt->u.probe_resp.variable,
261 + skb->len - baselen, &elems);
262 +
263 + rates = ieee80211_sta_get_rates(local, &elems, band, NULL);
264 +
265 + rcu_read_lock();
266 +
267 + sta = sta_info_get(sdata, sdata->u.wds.remote_addr);
268 +
269 + if (!sta) {
270 + rcu_read_unlock();
271 + sta = sta_info_alloc(sdata, sdata->u.wds.remote_addr,
272 + GFP_KERNEL);
273 + if (!sta)
274 + return;
275 +
276 + new = true;
277 + }
278 +
279 + sta->last_rx = jiffies;
280 + sta->sta.supp_rates[local->hw.conf.channel->band] = rates;
281 +
282 + if (elems.ht_cap_elem)
283 + ieee80211_ht_cap_ie_to_sta_ht_cap(sdata, sband,
284 + elems.ht_cap_elem, sta);
285 +
286 + if (elems.wmm_param)
287 + set_sta_flag(sta, WLAN_STA_WME);
288 +
289 + if (new) {
290 + sta_info_pre_move_state(sta, IEEE80211_STA_AUTH);
291 + sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC);
292 + sta_info_pre_move_state(sta, IEEE80211_STA_AUTHORIZED);
293 + rate_control_rate_init(sta);
294 + sta_info_insert_rcu(sta);
295 + }
296 +
297 + rcu_read_unlock();
298 +}
299 +
300 static void ieee80211_iface_work(struct work_struct *work)
301 {
302 struct ieee80211_sub_if_data *sdata =
303 @@ -1126,6 +1175,9 @@ static void ieee80211_iface_work(struct
304 break;
305 ieee80211_mesh_rx_queued_mgmt(sdata, skb);
306 break;
307 + case NL80211_IFTYPE_WDS:
308 + ieee80211_wds_rx_queued_mgmt(sdata, skb);
309 + break;
310 default:
311 WARN(1, "frame for unexpected interface type");
312 break;
313 --- a/net/mac80211/rx.c
314 +++ b/net/mac80211/rx.c
315 @@ -2365,6 +2365,7 @@ ieee80211_rx_h_action(struct ieee80211_r
316 sdata->vif.type != NL80211_IFTYPE_MESH_POINT &&
317 sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
318 sdata->vif.type != NL80211_IFTYPE_AP &&
319 + sdata->vif.type != NL80211_IFTYPE_WDS &&
320 sdata->vif.type != NL80211_IFTYPE_ADHOC)
321 break;
322
323 @@ -2692,14 +2693,15 @@ ieee80211_rx_h_mgmt(struct ieee80211_rx_
324
325 if (!ieee80211_vif_is_mesh(&sdata->vif) &&
326 sdata->vif.type != NL80211_IFTYPE_ADHOC &&
327 - sdata->vif.type != NL80211_IFTYPE_STATION)
328 + sdata->vif.type != NL80211_IFTYPE_STATION &&
329 + sdata->vif.type != NL80211_IFTYPE_WDS)
330 return RX_DROP_MONITOR;
331
332 switch (stype) {
333 case cpu_to_le16(IEEE80211_STYPE_AUTH):
334 case cpu_to_le16(IEEE80211_STYPE_BEACON):
335 case cpu_to_le16(IEEE80211_STYPE_PROBE_RESP):
336 - /* process for all: mesh, mlme, ibss */
337 + /* process for all: mesh, mlme, ibss, wds */
338 break;
339 case cpu_to_le16(IEEE80211_STYPE_ASSOC_RESP):
340 case cpu_to_le16(IEEE80211_STYPE_REASSOC_RESP):
341 @@ -3028,10 +3030,16 @@ static int prepare_for_handlers(struct i
342 }
343 break;
344 case NL80211_IFTYPE_WDS:
345 - if (bssid || !ieee80211_is_data(hdr->frame_control))
346 - return 0;
347 if (!ether_addr_equal(sdata->u.wds.remote_addr, hdr->addr2))
348 return 0;
349 +
350 + if (ieee80211_is_data(hdr->frame_control) ||
351 + ieee80211_is_action(hdr->frame_control)) {
352 + if (compare_ether_addr(sdata->vif.addr, hdr->addr1))
353 + return 0;
354 + } else if (!ieee80211_is_beacon(hdr->frame_control))
355 + return 0;
356 +
357 break;
358 case NL80211_IFTYPE_P2P_DEVICE:
359 if (!ieee80211_is_public_action(hdr, skb->len) &&
360 --- a/net/mac80211/sta_info.h
361 +++ b/net/mac80211/sta_info.h
362 @@ -32,7 +32,6 @@
363 * @WLAN_STA_SHORT_PREAMBLE: Station is capable of receiving short-preamble
364 * frames.
365 * @WLAN_STA_WME: Station is a QoS-STA.
366 - * @WLAN_STA_WDS: Station is one of our WDS peers.
367 * @WLAN_STA_CLEAR_PS_FILT: Clear PS filter in hardware (using the
368 * IEEE80211_TX_CTL_CLEAR_PS_FILT control flag) when the next
369 * frame to this station is transmitted.
370 @@ -66,7 +65,6 @@ enum ieee80211_sta_info_flags {
371 WLAN_STA_AUTHORIZED,
372 WLAN_STA_SHORT_PREAMBLE,
373 WLAN_STA_WME,
374 - WLAN_STA_WDS,
375 WLAN_STA_CLEAR_PS_FILT,
376 WLAN_STA_MFP,
377 WLAN_STA_BLOCK_BA,
378 --- a/net/mac80211/tx.c
379 +++ b/net/mac80211/tx.c
380 @@ -1231,34 +1231,40 @@ static bool ieee80211_tx_frags(struct ie
381 if (local->queue_stop_reasons[q] ||
382 (!txpending && !skb_queue_empty(&local->pending[q]))) {
383 if (unlikely(info->flags &
384 - IEEE80211_TX_INTFL_OFFCHAN_TX_OK &&
385 - local->queue_stop_reasons[q] &
386 - ~BIT(IEEE80211_QUEUE_STOP_REASON_OFFCHANNEL))) {
387 + IEEE80211_TX_INTFL_OFFCHAN_TX_OK)) {
388 + if (local->queue_stop_reasons[q] &
389 + ~BIT(IEEE80211_QUEUE_STOP_REASON_OFFCHANNEL)) {
390 + /*
391 + * Drop off-channel frames if queues
392 + * are stopped for any reason other
393 + * than off-channel operation. Never
394 + * queue them.
395 + */
396 + spin_unlock_irqrestore(
397 + &local->queue_stop_reason_lock,
398 + flags);
399 + ieee80211_purge_tx_queue(&local->hw,
400 + skbs);
401 + return true;
402 + }
403 + } else {
404 +
405 /*
406 - * Drop off-channel frames if queues are stopped
407 - * for any reason other than off-channel
408 - * operation. Never queue them.
409 + * Since queue is stopped, queue up frames for
410 + * later transmission from the tx-pending
411 + * tasklet when the queue is woken again.
412 */
413 - spin_unlock_irqrestore(
414 - &local->queue_stop_reason_lock, flags);
415 - ieee80211_purge_tx_queue(&local->hw, skbs);
416 - return true;
417 + if (txpending)
418 + skb_queue_splice_init(skbs,
419 + &local->pending[q]);
420 + else
421 + skb_queue_splice_tail_init(skbs,
422 + &local->pending[q]);
423 +
424 + spin_unlock_irqrestore(&local->queue_stop_reason_lock,
425 + flags);
426 + return false;
427 }
428 -
429 - /*
430 - * Since queue is stopped, queue up frames for later
431 - * transmission from the tx-pending tasklet when the
432 - * queue is woken again.
433 - */
434 - if (txpending)
435 - skb_queue_splice_init(skbs, &local->pending[q]);
436 - else
437 - skb_queue_splice_tail_init(skbs,
438 - &local->pending[q]);
439 -
440 - spin_unlock_irqrestore(&local->queue_stop_reason_lock,
441 - flags);
442 - return false;
443 }
444 spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags);
445
446 @@ -1848,9 +1854,24 @@ netdev_tx_t ieee80211_subif_start_xmit(s
447 }
448
449 if (!is_multicast_ether_addr(skb->data)) {
450 + struct sta_info *next_hop;
451 + bool mpp_lookup = true;
452 +
453 mpath = mesh_path_lookup(sdata, skb->data);
454 - if (!mpath)
455 + if (mpath) {
456 + mpp_lookup = false;
457 + next_hop = rcu_dereference(mpath->next_hop);
458 + if (!next_hop ||
459 + !(mpath->flags & (MESH_PATH_ACTIVE |
460 + MESH_PATH_RESOLVING)))
461 + mpp_lookup = true;
462 + }
463 +
464 + if (mpp_lookup)
465 mppath = mpp_path_lookup(sdata, skb->data);
466 +
467 + if (mppath && mpath)
468 + mesh_path_del(mpath->sdata, mpath->dst);
469 }
470
471 /*
472 --- a/net/wireless/nl80211.c
473 +++ b/net/wireless/nl80211.c
474 @@ -554,16 +554,9 @@ static int nl80211_msg_put_channel(struc
475 if ((chan->flags & IEEE80211_CHAN_NO_IBSS) &&
476 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_IBSS))
477 goto nla_put_failure;
478 - if (chan->flags & IEEE80211_CHAN_RADAR) {
479 - u32 time = elapsed_jiffies_msecs(chan->dfs_state_entered);
480 - if (nla_put_flag(msg, NL80211_FREQUENCY_ATTR_RADAR))
481 - goto nla_put_failure;
482 - if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_DFS_STATE,
483 - chan->dfs_state))
484 - goto nla_put_failure;
485 - if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_DFS_TIME, time))
486 - goto nla_put_failure;
487 - }
488 + if ((chan->flags & IEEE80211_CHAN_RADAR) &&
489 + nla_put_flag(msg, NL80211_FREQUENCY_ATTR_RADAR))
490 + goto nla_put_failure;
491 if ((chan->flags & IEEE80211_CHAN_NO_HT40MINUS) &&
492 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_HT40_MINUS))
493 goto nla_put_failure;
494 @@ -900,9 +893,6 @@ static int nl80211_put_iface_combination
495 nla_put_u32(msg, NL80211_IFACE_COMB_MAXNUM,
496 c->max_interfaces))
497 goto nla_put_failure;
498 - if (nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS,
499 - c->radar_detect_widths))
500 - goto nla_put_failure;
501
502 nla_nest_end(msg, nl_combi);
503 }
504 @@ -914,48 +904,6 @@ nla_put_failure:
505 return -ENOBUFS;
506 }
507
508 -#ifdef CONFIG_PM
509 -static int nl80211_send_wowlan_tcp_caps(struct cfg80211_registered_device *rdev,
510 - struct sk_buff *msg)
511 -{
512 - const struct wiphy_wowlan_tcp_support *tcp = rdev->wiphy.wowlan.tcp;
513 - struct nlattr *nl_tcp;
514 -
515 - if (!tcp)
516 - return 0;
517 -
518 - nl_tcp = nla_nest_start(msg, NL80211_WOWLAN_TRIG_TCP_CONNECTION);
519 - if (!nl_tcp)
520 - return -ENOBUFS;
521 -
522 - if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD,
523 - tcp->data_payload_max))
524 - return -ENOBUFS;
525 -
526 - if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD,
527 - tcp->data_payload_max))
528 - return -ENOBUFS;
529 -
530 - if (tcp->seq && nla_put_flag(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ))
531 - return -ENOBUFS;
532 -
533 - if (tcp->tok && nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN,
534 - sizeof(*tcp->tok), tcp->tok))
535 - return -ENOBUFS;
536 -
537 - if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_INTERVAL,
538 - tcp->data_interval_max))
539 - return -ENOBUFS;
540 -
541 - if (nla_put_u32(msg, NL80211_WOWLAN_TCP_WAKE_PAYLOAD,
542 - tcp->wake_payload_max))
543 - return -ENOBUFS;
544 -
545 - nla_nest_end(msg, nl_tcp);
546 - return 0;
547 -}
548 -#endif
549 -
550 static int nl80211_send_wiphy(struct sk_buff *msg, u32 portid, u32 seq, int flags,
551 struct cfg80211_registered_device *dev)
552 {
553 @@ -1330,9 +1278,6 @@ static int nl80211_send_wiphy(struct sk_
554 goto nla_put_failure;
555 }
556
557 - if (nl80211_send_wowlan_tcp_caps(dev, msg))
558 - goto nla_put_failure;
559 -
560 nla_nest_end(msg, nl_wowlan);
561 }
562 #endif
563 --- a/net/mac80211/cfg.c
564 +++ b/net/mac80211/cfg.c
565 @@ -3285,13 +3285,19 @@ static int ieee80211_cfg_get_channel(str
566 struct cfg80211_chan_def *chandef)
567 {
568 struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
569 + struct ieee80211_local *local = wiphy_priv(wiphy);
570 struct ieee80211_chanctx_conf *chanctx_conf;
571 int ret = -ENODATA;
572
573 rcu_read_lock();
574 - chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
575 - if (chanctx_conf) {
576 - *chandef = chanctx_conf->def;
577 + if (local->use_chanctx) {
578 + chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
579 + if (chanctx_conf) {
580 + *chandef = chanctx_conf->def;
581 + ret = 0;
582 + }
583 + } else if (local->open_count == local->monitors) {
584 + *chandef = local->monitor_chandef;
585 ret = 0;
586 }
587 rcu_read_unlock();
588 --- a/drivers/net/wireless/ath/ath9k/hw.c
589 +++ b/drivers/net/wireless/ath/ath9k/hw.c
590 @@ -1463,7 +1463,9 @@ static bool ath9k_hw_chip_reset(struct a
591 reset_type = ATH9K_RESET_POWER_ON;
592 else
593 reset_type = ATH9K_RESET_COLD;
594 - }
595 + } else if (ah->chip_fullsleep || REG_READ(ah, AR_Q_TXE) ||
596 + (REG_READ(ah, AR_CR) & AR_CR_RXE))
597 + reset_type = ATH9K_RESET_COLD;
598
599 if (!ath9k_hw_set_reset_reg(ah, reset_type))
600 return false;
601 --- a/drivers/net/wireless/rt2x00/rt2x00dev.c
602 +++ b/drivers/net/wireless/rt2x00/rt2x00dev.c
603 @@ -1236,8 +1236,10 @@ static inline void rt2x00lib_set_if_comb
604 */
605 if_limit = &rt2x00dev->if_limits_ap;
606 if_limit->max = rt2x00dev->ops->max_ap_intf;
607 - if_limit->types = BIT(NL80211_IFTYPE_AP) |
608 - BIT(NL80211_IFTYPE_MESH_POINT);
609 + if_limit->types = BIT(NL80211_IFTYPE_AP);
610 +#ifdef CONFIG_MAC80211_MESH
611 + if_limit->types |= BIT(NL80211_IFTYPE_MESH_POINT);
612 +#endif
613
614 /*
615 * Build up AP interface combinations structure.
616 @@ -1309,7 +1311,9 @@ int rt2x00lib_probe_dev(struct rt2x00_de
617 rt2x00dev->hw->wiphy->interface_modes |=
618 BIT(NL80211_IFTYPE_ADHOC) |
619 BIT(NL80211_IFTYPE_AP) |
620 +#ifdef CONFIG_MAC80211_MESH
621 BIT(NL80211_IFTYPE_MESH_POINT) |
622 +#endif
623 BIT(NL80211_IFTYPE_WDS);
624
625 rt2x00dev->hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
626 --- a/net/mac80211/rc80211_minstrel_ht.c
627 +++ b/net/mac80211/rc80211_minstrel_ht.c
628 @@ -26,11 +26,11 @@
629 /* Number of symbols for a packet with (bps) bits per symbol */
630 #define MCS_NSYMS(bps) ((MCS_NBITS + (bps) - 1) / (bps))
631
632 -/* Transmission time for a packet containing (syms) symbols */
633 +/* Transmission time (nanoseconds) for a packet containing (syms) symbols */
634 #define MCS_SYMBOL_TIME(sgi, syms) \
635 (sgi ? \
636 - ((syms) * 18 + 4) / 5 : /* syms * 3.6 us */ \
637 - (syms) << 2 /* syms * 4 us */ \
638 + ((syms) * 18000 + 4000) / 5 : /* syms * 3.6 us */ \
639 + ((syms) * 1000) << 2 /* syms * 4 us */ \
640 )
641
642 /* Transmit duration for the raw data part of an average sized packet */
643 @@ -64,9 +64,9 @@
644 }
645
646 #define CCK_DURATION(_bitrate, _short, _len) \
647 - (10 /* SIFS */ + \
648 + (1000 * (10 /* SIFS */ + \
649 (_short ? 72 + 24 : 144 + 48 ) + \
650 - (8 * (_len + 4) * 10) / (_bitrate))
651 + (8 * (_len + 4) * 10) / (_bitrate)))
652
653 #define CCK_ACK_DURATION(_bitrate, _short) \
654 (CCK_DURATION((_bitrate > 10 ? 20 : 10), false, 60) + \
655 @@ -211,7 +211,8 @@ static void
656 minstrel_ht_calc_tp(struct minstrel_ht_sta *mi, int group, int rate)
657 {
658 struct minstrel_rate_stats *mr;
659 - unsigned int usecs = 0;
660 + unsigned int nsecs = 0;
661 + unsigned int tp;
662
663 mr = &mi->groups[group].rates[rate];
664
665 @@ -221,10 +222,12 @@ minstrel_ht_calc_tp(struct minstrel_ht_s
666 }
667
668 if (group != MINSTREL_CCK_GROUP)
669 - usecs = mi->overhead / MINSTREL_TRUNC(mi->avg_ampdu_len);
670 + nsecs = 1000 * mi->overhead / MINSTREL_TRUNC(mi->avg_ampdu_len);
671
672 - usecs += minstrel_mcs_groups[group].duration[rate];
673 - mr->cur_tp = MINSTREL_TRUNC((1000000 / usecs) * mr->probability);
674 + nsecs += minstrel_mcs_groups[group].duration[rate];
675 + tp = 1000000 * ((mr->probability * 1000) / nsecs);
676 +
677 + mr->cur_tp = MINSTREL_TRUNC(tp);
678 }
679
680 /*
681 @@ -308,8 +311,8 @@ minstrel_ht_update_stats(struct minstrel
682 }
683 }
684
685 - /* try to sample up to half of the available rates during each interval */
686 - mi->sample_count *= 4;
687 + /* try to sample all available rates during each interval */
688 + mi->sample_count *= 8;
689
690 cur_prob = 0;
691 cur_prob_tp = 0;
692 @@ -320,20 +323,13 @@ minstrel_ht_update_stats(struct minstrel
693 if (!mg->supported)
694 continue;
695
696 - mr = minstrel_get_ratestats(mi, mg->max_prob_rate);
697 - if (cur_prob_tp < mr->cur_tp &&
698 - minstrel_mcs_groups[group].streams == 1) {
699 - mi->max_prob_rate = mg->max_prob_rate;
700 - cur_prob = mr->cur_prob;
701 - cur_prob_tp = mr->cur_tp;
702 - }
703 -
704 mr = minstrel_get_ratestats(mi, mg->max_tp_rate);
705 if (cur_tp < mr->cur_tp) {
706 mi->max_tp_rate2 = mi->max_tp_rate;
707 cur_tp2 = cur_tp;
708 mi->max_tp_rate = mg->max_tp_rate;
709 cur_tp = mr->cur_tp;
710 + mi->max_prob_streams = minstrel_mcs_groups[group].streams - 1;
711 }
712
713 mr = minstrel_get_ratestats(mi, mg->max_tp_rate2);
714 @@ -343,6 +339,23 @@ minstrel_ht_update_stats(struct minstrel
715 }
716 }
717
718 + if (mi->max_prob_streams < 1)
719 + mi->max_prob_streams = 1;
720 +
721 + for (group = 0; group < ARRAY_SIZE(minstrel_mcs_groups); group++) {
722 + mg = &mi->groups[group];
723 + if (!mg->supported)
724 + continue;
725 + mr = minstrel_get_ratestats(mi, mg->max_prob_rate);
726 + if (cur_prob_tp < mr->cur_tp &&
727 + minstrel_mcs_groups[group].streams <= mi->max_prob_streams) {
728 + mi->max_prob_rate = mg->max_prob_rate;
729 + cur_prob = mr->cur_prob;
730 + cur_prob_tp = mr->cur_tp;
731 + }
732 + }
733 +
734 +
735 mi->stats_update = jiffies;
736 }
737
738 @@ -467,7 +480,7 @@ minstrel_ht_tx_status(void *priv, struct
739
740 if (!mi->sample_wait && !mi->sample_tries && mi->sample_count > 0) {
741 mi->sample_wait = 16 + 2 * MINSTREL_TRUNC(mi->avg_ampdu_len);
742 - mi->sample_tries = 2;
743 + mi->sample_tries = 1;
744 mi->sample_count--;
745 }
746
747 @@ -536,7 +549,7 @@ minstrel_calc_retransmit(struct minstrel
748 mr->retry_updated = true;
749
750 group = &minstrel_mcs_groups[index / MCS_GROUP_RATES];
751 - tx_time_data = group->duration[index % MCS_GROUP_RATES] * ampdu_len;
752 + tx_time_data = group->duration[index % MCS_GROUP_RATES] * ampdu_len / 1000;
753
754 /* Contention time for first 2 tries */
755 ctime = (t_slot * cw) >> 1;
756 @@ -616,6 +629,7 @@ minstrel_get_sample_rate(struct minstrel
757 {
758 struct minstrel_rate_stats *mr;
759 struct minstrel_mcs_group_data *mg;
760 + unsigned int sample_dur, sample_group;
761 int sample_idx = 0;
762
763 if (mi->sample_wait > 0) {
764 @@ -626,11 +640,11 @@ minstrel_get_sample_rate(struct minstrel
765 if (!mi->sample_tries)
766 return -1;
767
768 - mi->sample_tries--;
769 mg = &mi->groups[mi->sample_group];
770 sample_idx = sample_table[mg->column][mg->index];
771 mr = &mg->rates[sample_idx];
772 - sample_idx += mi->sample_group * MCS_GROUP_RATES;
773 + sample_group = mi->sample_group;
774 + sample_idx += sample_group * MCS_GROUP_RATES;
775 minstrel_next_sample_idx(mi);
776
777 /*
778 @@ -651,14 +665,18 @@ minstrel_get_sample_rate(struct minstrel
779 * Make sure that lower rates get sampled only occasionally,
780 * if the link is working perfectly.
781 */
782 - if (minstrel_get_duration(sample_idx) >
783 - minstrel_get_duration(mi->max_tp_rate)) {
784 + sample_dur = minstrel_get_duration(sample_idx);
785 + if (sample_dur >= minstrel_get_duration(mi->max_tp_rate2) &&
786 + (mi->max_prob_streams <
787 + minstrel_mcs_groups[sample_group].streams ||
788 + sample_dur >= minstrel_get_duration(mi->max_prob_rate))) {
789 if (mr->sample_skipped < 20)
790 return -1;
791
792 if (mi->sample_slow++ > 2)
793 return -1;
794 }
795 + mi->sample_tries--;
796
797 return sample_idx;
798 }
799 --- a/net/mac80211/rc80211_minstrel_ht.h
800 +++ b/net/mac80211/rc80211_minstrel_ht.h
801 @@ -85,6 +85,7 @@ struct minstrel_ht_sta {
802
803 /* best probability rate */
804 unsigned int max_prob_rate;
805 + unsigned int max_prob_streams;
806
807 /* time of last status update */
808 unsigned long stats_update;
809 --- a/drivers/net/wireless/ath/ath9k/ar9003_calib.c
810 +++ b/drivers/net/wireless/ath/ath9k/ar9003_calib.c
811 @@ -1023,6 +1023,7 @@ static bool ar9003_hw_init_cal(struct at
812 AR_PHY_AGC_CONTROL_FLTR_CAL |
813 AR_PHY_AGC_CONTROL_PKDET_CAL;
814
815 + /* Use chip chainmask only for calibration */
816 ar9003_hw_set_chain_masks(ah, ah->caps.rx_chainmask, ah->caps.tx_chainmask);
817
818 if (rtt) {
819 @@ -1150,6 +1151,9 @@ skip_tx_iqcal:
820 ar9003_hw_rtt_disable(ah);
821 }
822
823 + /* Revert chainmask to runtime parameters */
824 + ar9003_hw_set_chain_masks(ah, ah->rxchainmask, ah->txchainmask);
825 +
826 /* Initialize list pointers */
827 ah->cal_list = ah->cal_list_last = ah->cal_list_curr = NULL;
828
829 --- a/drivers/net/wireless/ath/ath9k/ar9003_eeprom.c
830 +++ b/drivers/net/wireless/ath/ath9k/ar9003_eeprom.c
831 @@ -3606,6 +3606,12 @@ static void ar9003_hw_ant_ctrl_apply(str
832 value = ar9003_hw_ant_ctrl_common_2_get(ah, is2ghz);
833 REG_RMW_FIELD(ah, AR_PHY_SWITCH_COM_2, AR_SWITCH_TABLE_COM2_ALL, value);
834
835 + if ((AR_SREV_9462(ah)) && (ah->rxchainmask == 0x2)) {
836 + value = ar9003_hw_ant_ctrl_chain_get(ah, 1, is2ghz);
837 + REG_RMW_FIELD(ah, switch_chain_reg[0],
838 + AR_SWITCH_TABLE_ALL, value);
839 + }
840 +
841 for (chain = 0; chain < AR9300_MAX_CHAINS; chain++) {
842 if ((ah->rxchainmask & BIT(chain)) ||
843 (ah->txchainmask & BIT(chain))) {
844 @@ -3772,6 +3778,17 @@ static void ar9003_hw_atten_apply(struct
845 AR_PHY_EXT_ATTEN_CTL_2,
846 };
847
848 + if ((AR_SREV_9462(ah)) && (ah->rxchainmask == 0x2)) {
849 + value = ar9003_hw_atten_chain_get(ah, 1, chan);
850 + REG_RMW_FIELD(ah, ext_atten_reg[0],
851 + AR_PHY_EXT_ATTEN_CTL_XATTEN1_DB, value);
852 +
853 + value = ar9003_hw_atten_chain_get_margin(ah, 1, chan);
854 + REG_RMW_FIELD(ah, ext_atten_reg[0],
855 + AR_PHY_EXT_ATTEN_CTL_XATTEN1_MARGIN,
856 + value);
857 + }
858 +
859 /* Test value. if 0 then attenuation is unused. Don't load anything. */
860 for (i = 0; i < 3; i++) {
861 if (ah->txchainmask & BIT(i)) {
862 --- a/drivers/net/wireless/ath/ath9k/link.c
863 +++ b/drivers/net/wireless/ath/ath9k/link.c
864 @@ -28,21 +28,21 @@ void ath_tx_complete_poll_work(struct wo
865 int i;
866 bool needreset = false;
867
868 - for (i = 0; i < ATH9K_NUM_TX_QUEUES; i++)
869 - if (ATH_TXQ_SETUP(sc, i)) {
870 - txq = &sc->tx.txq[i];
871 - ath_txq_lock(sc, txq);
872 - if (txq->axq_depth) {
873 - if (txq->axq_tx_inprogress) {
874 - needreset = true;
875 - ath_txq_unlock(sc, txq);
876 - break;
877 - } else {
878 - txq->axq_tx_inprogress = true;
879 - }
880 + for (i = 0; i < IEEE80211_NUM_ACS; i++) {
881 + txq = sc->tx.txq_map[i];
882 +
883 + ath_txq_lock(sc, txq);
884 + if (txq->axq_depth) {
885 + if (txq->axq_tx_inprogress) {
886 + needreset = true;
887 + ath_txq_unlock(sc, txq);
888 + break;
889 + } else {
890 + txq->axq_tx_inprogress = true;
891 }
892 - ath_txq_unlock_complete(sc, txq);
893 }
894 + ath_txq_unlock_complete(sc, txq);
895 + }
896
897 if (needreset) {
898 ath_dbg(ath9k_hw_common(sc->sc_ah), RESET,
899 --- a/net/mac80211/sta_info.c
900 +++ b/net/mac80211/sta_info.c
901 @@ -766,6 +766,7 @@ int __must_check __sta_info_destroy(stru
902 struct ieee80211_local *local;
903 struct ieee80211_sub_if_data *sdata;
904 int ret, i;
905 + bool have_key = false;
906
907 might_sleep();
908
909 @@ -793,12 +794,19 @@ int __must_check __sta_info_destroy(stru
910 list_del_rcu(&sta->list);
911
912 mutex_lock(&local->key_mtx);
913 - for (i = 0; i < NUM_DEFAULT_KEYS; i++)
914 + for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
915 __ieee80211_key_free(key_mtx_dereference(local, sta->gtk[i]));
916 - if (sta->ptk)
917 + have_key = true;
918 + }
919 + if (sta->ptk) {
920 __ieee80211_key_free(key_mtx_dereference(local, sta->ptk));
921 + have_key = true;
922 + }
923 mutex_unlock(&local->key_mtx);
924
925 + if (!have_key)
926 + synchronize_net();
927 +
928 sta->dead = true;
929
930 local->num_sta--;