--- a/net80211/ieee80211_input.c
+++ b/net80211/ieee80211_input.c
-@@ -202,6 +202,7 @@
- struct ieee80211com *ic = vap->iv_ic;
- struct net_device *dev = vap->iv_dev;
+@@ -202,6 +202,7 @@ ieee80211_input(struct ieee80211vap * va
+ struct ieee80211com *ic;
+ struct net_device *dev;
struct ieee80211_node *ni_wds = NULL;
+ struct net_device_stats *stats;
struct ieee80211_frame *wh;
struct ieee80211_key *key;
struct ether_header *eh;
-@@ -435,7 +436,7 @@
+@@ -447,7 +448,7 @@ ieee80211_input(struct ieee80211vap * va
switch (type) {
case IEEE80211_FC0_TYPE_DATA:
if (skb->len < hdrspace) {
IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY,
wh, "data", "too short: len %u, expecting %u",
-@@ -445,16 +446,26 @@
+@@ -457,16 +458,24 @@ ieee80211_input(struct ieee80211vap * va
}
switch (vap->iv_opmode) {
case IEEE80211_M_STA:
- if ((dir != IEEE80211_FC1_DIR_FROMDS) &&
- (!((vap->iv_flags_ext & IEEE80211_FEXT_WDS) &&
- (dir == IEEE80211_FC1_DIR_DSTODS)))) {
-- IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY,
-- wh, "data", "invalid dir 0x%x", dir);
-- vap->iv_stats.is_rx_wrongdir++;
-- goto out;
-+ {
-+ int accept;
-+
++ switch(dir) {
++ case IEEE80211_FC1_DIR_FROMDS:
++ break;
++ case IEEE80211_FC1_DIR_DSTODS:
+ if (vap->iv_flags_ext & IEEE80211_FEXT_WDS)
-+ accept = IEEE80211_FC1_DIR_DSTODS;
-+ else
-+ accept = IEEE80211_FC1_DIR_FROMDS;
-+ if (dir != accept) {
-+ IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY,
-+ wh, "data", "invalid dir 0x%x", dir);
-+ vap->iv_stats.is_rx_wrongdir++;
-+ goto out;
-+ }
++ break;
++ default:
+ IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY,
+ wh, "data", "invalid dir 0x%x", dir);
+ vap->iv_stats.is_rx_wrongdir++;
+ goto out;
}
- if (IEEE80211_IS_MULTICAST(wh->i_addr1)) {
/* Discard multicast if IFF_MULTICAST not set */
if ((0 != memcmp(wh->i_addr3, dev->broadcast, ETH_ALEN)) &&
(0 == (dev->flags & IFF_MULTICAST))) {
-@@ -482,24 +493,10 @@
+@@ -494,24 +503,10 @@ ieee80211_input(struct ieee80211vap * va
vap->iv_stats.is_rx_mcastecho++;
goto out;
}
}
break;
case IEEE80211_M_IBSS:
-@@ -541,6 +538,11 @@
+@@ -553,14 +548,30 @@ ieee80211_input(struct ieee80211vap * va
vap->iv_stats.is_rx_notassoc++;
goto err;
}
/*
* If we're a 4 address packet, make sure we have an entry in
* the node table for the packet source address (addr4).
-@@ -548,9 +550,16 @@
+ * If not, add one.
*/
-
- /* check for wds link first */
-- if (dir == IEEE80211_FC1_DIR_DSTODS) {
++ /* check for wds link first */
+ if ((dir == IEEE80211_FC1_DIR_DSTODS) && !ni->ni_subif) {
- struct ieee80211vap *avp;
-
+ if (vap->iv_flags_ext & IEEE80211_FEXT_WDSSEP) {
+ ieee80211_wds_addif(ni);
+ /* we must drop frames here until the interface has
+ * confused */
+ goto err;
+ }
- TAILQ_FOREACH(avp, &vap->iv_wdslinks, iv_wdsnext) {
- if (!memcmp(avp->wds_mac, wh->i_addr2, IEEE80211_ADDR_LEN)) {
- IEEE80211_LOCK_IRQ(ni->ni_ic);
-@@ -566,7 +575,7 @@
- }
++ }
/* XXX: Useless node mgmt API; make better */
-- if ((dir == IEEE80211_FC1_DIR_DSTODS) && !ni_wds) {
-+ if ((dir == IEEE80211_FC1_DIR_DSTODS) && !ni_wds && !ni->ni_subif) {
+- if ((dir == IEEE80211_FC1_DIR_DSTODS) && !vap->iv_wdsnode && !ni_wds) {
++ if ((dir == IEEE80211_FC1_DIR_DSTODS) && !vap->iv_wdsnode &&
++ !ni_wds && !ni->ni_subif) {
struct ieee80211_node_table *nt = &ic->ic_sta;
struct ieee80211_frame_addr4 *wh4;
-@@ -626,6 +635,11 @@
+@@ -620,6 +631,11 @@ ieee80211_input(struct ieee80211vap * va
goto out;
}
/*
* Handle privacy requirements. Note that we
* must not be preempted from here until after
-@@ -698,8 +712,12 @@
+@@ -692,8 +708,12 @@ ieee80211_input(struct ieee80211vap * va
if (! accept_data_frame(vap, ni, key, skb, eh))
goto out;
IEEE80211_NODE_STAT(ni, rx_data);
IEEE80211_NODE_STAT_ADD(ni, rx_bytes, skb->len);
ic->ic_lastdata = jiffies;
-@@ -1132,6 +1150,13 @@
+@@ -1126,6 +1146,13 @@ ieee80211_deliver_data(struct ieee80211_
dev = vap->iv_xrvap->iv_dev;
#endif
/* perform as a bridge within the vap */
/* XXX intra-vap bridging only */
if (vap->iv_opmode == IEEE80211_M_HOSTAP &&
-@@ -1157,7 +1182,16 @@
+@@ -1151,7 +1178,16 @@ ieee80211_deliver_data(struct ieee80211_
if (ni1 != NULL) {
if (ni1->ni_vap == vap &&
ieee80211_node_is_authorized(ni1) &&
}
--- a/net80211/ieee80211_ioctl.h
+++ b/net80211/ieee80211_ioctl.h
-@@ -649,6 +649,7 @@
+@@ -649,6 +649,7 @@ enum {
IEEE80211_PARAM_BGSCAN_THRESH = 79, /* bg scan rssi threshold */
IEEE80211_PARAM_RSSI_DIS_THR = 80, /* rssi threshold for disconnection */
IEEE80211_PARAM_RSSI_DIS_COUNT = 81, /* counter for rssi threshold */
#define SIOCG80211STATS (SIOCDEVPRIVATE+2)
--- a/net80211/ieee80211_node.h
+++ b/net80211/ieee80211_node.h
-@@ -92,11 +92,13 @@
+@@ -92,11 +92,13 @@ struct ath_softc;
* the ieee80211com structure.
*/
struct ieee80211_node {
atomic_t ni_refcnt;
u_int ni_scangen; /* gen# for timeout scan */
u_int8_t ni_authmode; /* authentication algorithm */
-@@ -430,5 +432,6 @@
+@@ -430,5 +432,6 @@ void ieee80211_node_join(struct ieee8021
void ieee80211_node_leave(struct ieee80211_node *);
u_int8_t ieee80211_getrssi(struct ieee80211com *);
int32_t ieee80211_get_node_count(struct ieee80211com *);
--- a/net80211/ieee80211_var.h
+++ b/net80211/ieee80211_var.h
-@@ -322,6 +322,7 @@
+@@ -322,6 +322,7 @@ struct ieee80211com {
u_int8_t ic_myaddr[IEEE80211_ADDR_LEN];
struct timer_list ic_inact; /* mgmt/inactivity timer */
u_int32_t ic_flags; /* state flags */
u_int32_t ic_flags_ext; /* extension of state flags */
u_int32_t ic_caps; /* capabilities */
-@@ -625,6 +626,7 @@
+@@ -625,6 +626,7 @@ MALLOC_DECLARE(M_80211_VAP);
#define IEEE80211_FEXT_DROPUNENC_EAPOL 0x00000800 /* CONF: drop unencrypted eapol frames */
#define IEEE80211_FEXT_APPIE_UPDATE 0x00001000 /* STATE: beacon APP IE updated */
#define IEEE80211_FEXT_BGSCAN_THR 0x00002000 /* bgscan due to low rssi */
#define IEEE80211_COM_UAPSD_DISABLE(_ic) ((_ic)->ic_flags_ext &= ~IEEE80211_FEXT_UAPSD)
--- a/net80211/ieee80211_wireless.c
+++ b/net80211/ieee80211_wireless.c
-@@ -2867,6 +2867,14 @@
+@@ -2867,6 +2867,14 @@ ieee80211_ioctl_setparam(struct net_devi
else
vap->iv_minrateindex = 0;
break;
#ifdef ATH_REVERSE_ENGINEERING
case IEEE80211_PARAM_DUMPREGS:
ieee80211_dump_registers(dev, info, w, extra);
-@@ -3223,6 +3231,9 @@
+@@ -3223,6 +3231,9 @@ ieee80211_ioctl_getparam(struct net_devi
case IEEE80211_PARAM_MINRATE:
param[0] = vap->iv_minrateindex;
break;
default:
return -EOPNOTSUPP;
}
-@@ -4447,6 +4458,8 @@
+@@ -4450,6 +4461,8 @@ get_sta_space(void *arg, struct ieee8021
struct ieee80211vap *vap = ni->ni_vap;
size_t ielen;
if (vap != req->vap && vap != req->vap->iv_xrvap) /* only entries for this vap */
return;
if ((vap->iv_opmode == IEEE80211_M_HOSTAP ||
-@@ -4466,6 +4479,8 @@
+@@ -4469,6 +4482,8 @@ get_sta_info(void *arg, struct ieee80211
size_t ielen, len;
u_int8_t *cp;
if (vap != req->vap && vap != req->vap->iv_xrvap) /* only entries for this vap (or) xrvap */
return;
if ((vap->iv_opmode == IEEE80211_M_HOSTAP ||
-@@ -5767,6 +5782,10 @@
+@@ -5770,6 +5785,10 @@ static const struct iw_priv_args ieee802
0, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, "get_minrate"},
{ IEEE80211_IOCTL_SETSCANLIST,
IW_PRIV_TYPE_CHAR | 255, 0, "setscanlist"},
#ifdef ATH_REVERSE_ENGINEERING
/*
-@@ -5890,6 +5909,8 @@
+@@ -5893,6 +5912,8 @@ static int
ieee80211_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
{
struct ieee80211vap *vap = dev->priv;
switch (cmd) {
case SIOCG80211STATS:
-@@ -5898,8 +5919,20 @@
+@@ -5901,8 +5922,20 @@ ieee80211_ioctl(struct net_device *dev,
case SIOC80211IFDESTROY:
if (!capable(CAP_NET_ADMIN))
return -EPERM;
#include "if_media.h"
-@@ -236,7 +237,11 @@
+@@ -236,7 +237,11 @@ void
ieee80211_node_vdetach(struct ieee80211vap *vap)
{
struct ieee80211com *ic = vap->iv_ic;
ieee80211_node_table_reset(&ic->ic_sta, vap);
if (vap->iv_bss != NULL) {
ieee80211_unref_node(&vap->iv_bss);
-@@ -1134,6 +1139,57 @@
+@@ -1140,6 +1145,57 @@ ieee80211_alloc_node(struct ieee80211vap
return ni;
}
/* Add wds address to the node table */
int
#ifdef IEEE80211_DEBUG_REFCNT
-@@ -2254,6 +2310,36 @@
+@@ -2285,6 +2341,36 @@ ieee80211_node_leave_11g(struct ieee8021
}
}
/*
* Handle bookkeeping for a station/neighbor leaving
* the bss when operating in ap or adhoc modes.
-@@ -2270,6 +2356,12 @@
+@@ -2301,6 +2387,12 @@ ieee80211_node_leave(struct ieee80211_no
ni, "station with aid %d leaves (refcnt %u)",
IEEE80211_NODE_AID(ni), atomic_read(&ni->ni_refcnt));
*/
--- a/net80211/ieee80211_linux.h
+++ b/net80211/ieee80211_linux.h
-@@ -81,6 +81,12 @@
+@@ -81,6 +81,12 @@ set_quality(struct iw_quality *iq, u_int
#endif
}
/*
* Task deferral
*
-@@ -113,6 +119,29 @@
+@@ -113,6 +119,29 @@ typedef void *IEEE80211_TQUEUE_ARG;
#define IEEE80211_RESCHEDULE schedule
/* Locking */
/* NB: beware, spin_is_locked() is not usefully defined for !(DEBUG || SMP)
* because spinlocks do not exist in this configuration. Instead IRQs
-@@ -167,6 +196,18 @@
- IEEE80211_VAPS_LOCK_ASSERT(_ic); \
- spin_unlock_bh(&(_ic)->ic_vapslock); \
- } while (0)
-+#define IEEE80211_VAPS_LOCK_IRQ(_ic) do { \
-+ unsigned long __vlockflags; \
-+ IEEE80211_VAPS_LOCK_CHECK(_ic); \
-+ spin_lock_irqsave(&(_ic)->ic_vapslock, __vlockflags);
-+#define IEEE80211_VAPS_UNLOCK_IRQ(_ic) \
-+ IEEE80211_VAPS_LOCK_ASSERT(_ic); \
-+ spin_unlock_irqrestore(&(_ic)->ic_vapslock, __vlockflags); \
-+} while (0)
-+#define IEEE80211_VAPS_UNLOCK_IRQ_EARLY(_ic) \
-+ IEEE80211_VAPS_LOCK_ASSERT(_ic); \
-+ spin_unlock_irqrestore(&(_ic)->ic_vapslock, __vlockflags);
-+
-
- #if (defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK)) && defined(spin_is_locked)
- #define IEEE80211_VAPS_LOCK_ASSERT(_ic) \
--- a/net80211/ieee80211_proto.c
+++ b/net80211/ieee80211_proto.c
-@@ -1081,6 +1081,8 @@
+@@ -1081,6 +1081,8 @@ ieee80211_init(struct net_device *dev, i
int
ieee80211_open(struct net_device *dev)
{
return ieee80211_init(dev, 0);
}
-@@ -1116,11 +1118,33 @@
+@@ -1123,6 +1125,7 @@ ieee80211_stop(struct net_device *dev)
struct ieee80211vap *vap = dev->priv;
struct ieee80211com *ic = vap->iv_ic;
struct net_device *parent = ic->ic_dev;
+ struct ieee80211_node *tni, *ni;
+ struct ieee80211vap *avp;
IEEE80211_DPRINTF(vap,
- IEEE80211_MSG_STATE | IEEE80211_MSG_DEBUG,
- "%s\n", "stop running");
+@@ -1138,6 +1141,27 @@ ieee80211_stop(struct net_device *dev)
+ ieee80211_stop(avp->iv_dev);
+ }
+ /* get rid of all wds nodes while we're still locked */
+ do {
ieee80211_new_state(vap, IEEE80211_S_INIT, -1);
if (dev->flags & IFF_RUNNING) {
dev->flags &= ~IFF_RUNNING; /* mark us stopped */
-@@ -1342,9 +1366,9 @@
- struct ieee80211com *ic = vap->iv_ic;
- int rc;
-
-- IEEE80211_VAPS_LOCK_BH(ic);
-+ IEEE80211_VAPS_LOCK_IRQ(ic);
- rc = vap->iv_newstate(vap, nstate, arg);
-- IEEE80211_VAPS_UNLOCK_BH(ic);
-+ IEEE80211_VAPS_UNLOCK_IRQ(ic);
- return rc;
- }
-
-@@ -1630,6 +1654,7 @@
+@@ -1653,6 +1677,7 @@ __ieee80211_newstate(struct ieee80211vap
*/
if (ni->ni_authmode != IEEE80211_AUTH_8021X)
ieee80211_node_authorize(ni);
#ifdef ATH_SUPERG_XR
/*
* fire a timer to bring up XR vap if configured.
-@@ -1885,8 +1910,15 @@
+@@ -1912,8 +1937,15 @@ ieee80211_newstate(struct ieee80211vap *
if (ostate == IEEE80211_S_SCAN ||
ostate == IEEE80211_S_AUTH ||
ostate == IEEE80211_S_ASSOC) {
if (dstate == IEEE80211_S_RUN) {
--- a/net80211/ieee80211.c
+++ b/net80211/ieee80211.c
-@@ -373,10 +373,25 @@
+@@ -373,10 +373,25 @@ void
ieee80211_ifdetach(struct ieee80211com *ic)
{
struct ieee80211vap *vap;
rtnl_unlock();
del_timer(&ic->ic_dfs_excl_timer);
-@@ -599,8 +614,10 @@
+@@ -600,8 +615,10 @@ ieee80211_vap_detach(struct ieee80211vap
IEEE80211_CANCEL_TQUEUE(&vap->iv_stajoin1tq);
IEEE80211_LOCK_IRQ(ic);
TAILQ_REMOVE(&vap->iv_master->iv_wdslinks, vap, iv_wdsnext);
--- a/ath/if_athvar.h
+++ b/ath/if_athvar.h
-@@ -79,28 +79,6 @@
+@@ -79,28 +79,6 @@ typedef void *TQUEUE_ARG;
#define tasklet_enable(t) do { (void) t; local_bh_enable(); } while (0)
#endif /* !DECLARE_TASKLET */
*/
--- a/net80211/ieee80211_output.c
+++ b/net80211/ieee80211_output.c
-@@ -261,6 +261,10 @@
+@@ -252,6 +252,10 @@ ieee80211_hardstart(struct sk_buff *skb,
goto bad;
}
/* calculate priority so drivers can find the TX queue */
if (ieee80211_classify(ni, skb)) {
IEEE80211_NOTE(vap, IEEE80211_MSG_OUTPUT, ni,
-@@ -340,20 +344,33 @@
+@@ -331,20 +335,33 @@ void ieee80211_parent_queue_xmit(struct
* constructing a frame as it sets i_fc[1]; other bits can
* then be or'd in.
*/
case IEEE80211_M_STA:
wh->i_fc[1] = IEEE80211_FC1_DIR_TODS;
IEEE80211_ADDR_COPY(wh->i_addr1, bssid);
-@@ -395,6 +412,8 @@
+@@ -386,6 +403,8 @@ ieee80211_send_setup(struct ieee80211vap
*(__le16 *)&wh->i_seq[0] =
htole16(ni->ni_txseqs[0] << IEEE80211_SEQ_SEQ_SHIFT);
ni->ni_txseqs[0]++;
#undef WH4
}
-@@ -416,9 +435,7 @@
+@@ -407,9 +426,7 @@ ieee80211_mgmt_output(struct ieee80211_n
SKB_CB(skb)->ni = ni;
IEEE80211_FC0_TYPE_MGT | type,
vap->iv_myaddr, ni->ni_macaddr, vap->iv_bssid);
/* XXX power management */
-@@ -464,6 +481,9 @@
+@@ -455,6 +472,9 @@ ieee80211_send_nulldata(struct ieee80211
struct ieee80211_frame *wh;
u_int8_t *frm;
skb = ieee80211_getmgtframe(&frm, 0);
if (skb == NULL) {
/* XXX debug msg */
-@@ -472,9 +492,7 @@
+@@ -463,9 +483,7 @@ ieee80211_send_nulldata(struct ieee80211
return -ENOMEM;
}
IEEE80211_FC0_TYPE_DATA | IEEE80211_FC0_SUBTYPE_NODATA,
vap->iv_myaddr, ni->ni_macaddr, vap->iv_bssid);
/* NB: power management bit is never sent by an AP */
-@@ -512,6 +530,7 @@
+@@ -503,6 +521,7 @@ ieee80211_send_qosnulldata(struct ieee80
struct sk_buff *skb;
struct ieee80211_qosframe *qwh;
u_int8_t *frm;
int tid;
skb = ieee80211_getmgtframe(&frm, 2);
-@@ -523,11 +542,12 @@
+@@ -514,11 +533,12 @@ ieee80211_send_qosnulldata(struct ieee80
SKB_CB(skb)->ni = ieee80211_ref_node(ni);
skb->priority = ac;
IEEE80211_FC0_TYPE_DATA,
vap->iv_myaddr, /* SA */
ni->ni_macaddr, /* DA */
-@@ -541,10 +561,10 @@
+@@ -532,10 +552,10 @@ ieee80211_send_qosnulldata(struct ieee80
/* map from access class/queue to 11e header priority value */
tid = WME_AC_TO_TID(ac);
IEEE80211_NODE_STAT(ni, tx_data);
-@@ -786,6 +806,8 @@
+@@ -777,6 +797,8 @@ ieee80211_encap(struct ieee80211_node *n
hdrsize = sizeof(struct ieee80211_frame);
SKB_CB(skb)->auth_pkt = (eh.ether_type == __constant_htons(ETHERTYPE_PAE));
switch (vap->iv_opmode) {
case IEEE80211_M_IBSS:
-@@ -805,20 +827,9 @@
+@@ -796,20 +818,9 @@ ieee80211_encap(struct ieee80211_node *n
ismulticast = IEEE80211_IS_MULTICAST(eh.ether_dhost);
break;
case IEEE80211_M_STA:
} else
ismulticast = IEEE80211_IS_MULTICAST(vap->iv_bssid);
break;
-@@ -1689,9 +1700,7 @@
+@@ -1680,9 +1691,7 @@ ieee80211_send_probereq(struct ieee80211
SKB_CB(skb)->ni = ieee80211_ref_node(ni);
/* XXX power management? */
--- a/net80211/ieee80211_linux.c
+++ b/net80211/ieee80211_linux.c
-@@ -145,7 +145,7 @@
+@@ -145,7 +145,7 @@ ieee80211_getmgtframe(u_int8_t **frm, u_
struct sk_buff *skb;
u_int len;
#ifdef IEEE80211_DEBUG_REFCNT
skb = ieee80211_dev_alloc_skb_debug(len + align - 1, func, line);
#else
-@@ -161,7 +161,7 @@
+@@ -161,7 +161,7 @@ ieee80211_getmgtframe(u_int8_t **frm, u_
SKB_CB(skb)->flags = 0;
SKB_CB(skb)->next = NULL;