1 commit 230ab8c1880266c9cfceac962e2d48309dea79a7
2 Author: Felix Fietkau <nbd@openwrt.org>
3 Date: Mon May 19 21:48:56 2014 +0200
5 ath9k: re-schedule rx processing after budget exceeded
7 Should improve rx stability under load
9 Signed-off-by: Felix Fietkau <nbd@openwrt.org>
11 commit ff9655bebd25d35ab13c2515a029723b69949720
12 Author: Felix Fietkau <nbd@openwrt.org>
13 Date: Mon May 19 21:20:49 2014 +0200
15 ath9k: avoid passing buffers to the hardware during flush
17 The commit "ath9k: fix possible hang on flush" changed the receive code
18 to always link rx descriptors of processed frames, even when flushing.
19 In some cases, this leads to flushed rx buffers being passed to the
20 hardware while rx is already stopped.
22 Signed-off-by: Felix Fietkau <nbd@openwrt.org>
24 commit 46c5d7d207a2a0725066c0928fd19b8c578b7d4f
25 Author: Oleksij Rempel <linux@rempel-privat.de>
26 Date: Tue May 20 00:02:03 2014 +0200
28 ath9k_htc: fix build with disabled debug
30 CC [M] drivers/net/wireless/ath/ath9k/htc_drv_txrx.o
31 drivers/net/wireless/ath/ath9k/htc_drv_txrx.c: In function ‘ath9k_rx_prepare’:
32 drivers/net/wireless/ath/ath9k/htc_drv_txrx.c:1006:2: warning: passing argument 2 of ‘ath9k_htc_err_stat_rx’ from incompatible pointer type [enabled by default]
33 ath9k_htc_err_stat_rx(priv, &rx_stats);
35 In file included from drivers/net/wireless/ath/ath9k/htc_drv_txrx.c:17:0:
36 drivers/net/wireless/ath/ath9k/htc.h:380:20: note: expected ‘struct ath_htc_rx_status *’ but argument is of type ‘struct ath_rx_status *’
37 static inline void ath9k_htc_err_stat_rx(struct ath9k_htc_priv *priv,
39 Signed-off-by: Oleksij Rempel <linux@rempel-privat.de>
41 commit 2d331334e9dc5659fdf9a89326c34c3db5a15279
42 Author: Johannes Berg <johannes.berg@intel.com>
43 Date: Mon May 19 17:59:50 2014 +0200
45 cfg80211: constify wowlan/coalesce mask/pattern pointers
47 This requires changing the nl80211 parsing code a bit to use
48 intermediate pointers for the allocation, but clarifies the
49 API towards the drivers.
51 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
53 commit 6788105c46babaa6938cbacb72fdf20bec4bb2e3
54 Author: Johannes Berg <johannes.berg@intel.com>
55 Date: Mon May 19 17:53:16 2014 +0200
57 cfg80211: constify more pointers in the cfg80211 API
59 This also propagates through the drivers.
61 The orinoco driver uses the cfg80211 API structs for internal
62 bookkeeping, and so needs a (void *) cast that removes the
63 const - but that's OK because it allocates those pointers.
65 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
67 commit c3d95010fd881da0fa0a4e88532412f5d0c092f6
68 Author: Johannes Berg <johannes.berg@intel.com>
69 Date: Mon May 19 17:19:31 2014 +0200
71 cfg80211: constify MAC addresses in cfg80211 ops
73 This propagates through all the drivers and mac80211.
75 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
77 commit ddf1e6f0f0354c601af7d42e5ace4b51f8b0bffc
78 Author: Luciano Coelho <luciano.coelho@intel.com>
79 Date: Thu May 15 20:32:08 2014 +0300
81 mac80211: fix csa_counter_offs argument name in docbook
83 The csa_counter_offs was erroneously described as csa_offs in
86 This fixes two warnings when making htmldocs (at least):
88 Warning(include/net/mac80211.h:3428): No description found for parameter 'csa_counter_offs[IEEE80211_MAX_CSA_COUNTERS_NUM]'
89 Warning(include/net/mac80211.h:3428): Excess struct/union/enum/typedef member 'csa_offs' description in 'ieee80211_mutable_offsets'
91 Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
92 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
94 commit 202322d1c04b8e498bd5bb78606fcf3941512b35
95 Author: Luciano Coelho <luciano.coelho@intel.com>
96 Date: Thu May 15 20:18:09 2014 +0300
98 cfg80211: add documentation for max_num_csa_counters
100 Move the comment in the structure to a description of the
101 max_num_csa_counters field in the docbook area.
103 This fixes a warning when building htmldocs (at least):
105 Warning(include/net/cfg80211.h:3064): No description found for parameter 'max_num_csa_counters'
107 Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
108 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
110 commit 457a33192f64b7637e8fd0ae0e9f32701c908603
111 Author: Johannes Berg <johannes.berg@intel.com>
112 Date: Mon May 19 11:24:19 2014 +0200
114 mac80211: minstrel-ht: small clarifications
116 Antonio and I were looking over this code and some things
117 didn't immediately make sense, so we came up with two small
120 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
122 commit 1e35dce952a64a957de97ae1f2bb19301756b936
123 Author: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
124 Date: Fri May 9 14:11:50 2014 +0300
126 mac80211: Handle the CSA counters correctly
128 Make the beacon CSA counters part of ieee80211_mutable_offsets and don't
129 decrement CSA counters when generating a beacon template. This permits the
130 driver to offload the CSA counters handling. Since mac80211 updates the probe
131 responses with the correct counter, the driver should sync the counter's value
132 with mac80211 using ieee80211_csa_update_counter function.
134 Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
135 Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
136 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
138 commit e7b5c449815d28a2105fde5b42e112f78cc711ac
139 Author: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
140 Date: Fri May 9 14:11:49 2014 +0300
142 mac80211: Provide ieee80211_beacon_get_template API
144 Add a new API ieee80211_beacon_get_template, which doesn't
145 affect DTIM counter and should be used if the device generates beacon
146 frames, and new beacon template is needed. In addition set the offsets
147 to TIM IE for MESH interface.
149 Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
150 Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
151 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
153 commit e54eda80273ce8aded058c3c9365dca2342e2e75
154 Author: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
155 Date: Fri May 9 14:11:47 2014 +0300
157 mac80211: Support multiple CSA counters
159 Support up to IEEE80211_MAX_CSA_COUNTERS_NUM csa counters.
160 This is defined to be 2 now, to support both CSA and eCSA
163 Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
164 Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
165 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
167 commit 678e87c3b929dd60d59470e8981eb551cee10319
168 Author: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
169 Date: Fri May 9 14:11:46 2014 +0300
171 cfg80211: Support multiple CSA counters
173 Change the type of NL80211_ATTR_CSA_C_OFF_BEACON and
174 NL80211_ATTR_CSA_C_OFF_PRESP to be NLA_BINARY which allows
175 userspace to use beacons and probe responses with
176 multiple CSA counters.
177 This isn't breaking the API since userspace can
178 continue to use nla_put_u16 for this attributes, which
179 is equivalent to a single element u16 array.
180 In addition advertise max number of supported CSA counters.
181 This is needed when using CSA and eCSA IEs together.
183 Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
184 Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
185 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
187 commit 93f4867a966cc8645659031bbd44a9bb4b78485f
188 Author: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
189 Date: Fri May 9 14:11:45 2014 +0300
191 mac80211: Update CSA counters in mgmt frames
193 Track current csa counter value and use it
194 to update mgmt frames at the provided offsets.
196 Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
197 Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
198 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
200 commit 6c8461fcc03ff4d250027e47f53315b5e0ec43aa
201 Author: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
202 Date: Fri May 9 14:11:44 2014 +0300
204 cfg80211: Add API to update CSA counters in mgmt frames
206 Add NL80211_ATTR_CSA_C_OFFSETS_TX which holds an array
207 of offsets to the CSA counters which should be updated
208 when sending a management frames with NL80211_CMD_FRAME.
210 This API should be used by the drivers that wish to keep the
211 CSA counter updated in probe responses, but do not implement
212 probe response offloading and so, do not use
213 ieee80211_proberesp_get function.
215 Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
216 Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
217 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
219 commit 7d09fc9f1903b3d5e7d046bdf10467f37a97c4f9
220 Author: Luciano Coelho <luciano.coelho@intel.com>
221 Date: Thu May 15 13:05:39 2014 +0300
223 cfg80211: pass the actual iftype when calling cfg80211_chandef_dfs_required()
225 There is no need to pass NL80211_IFTYPE_UNSPECIFIED when calling
226 cfg80211_chandef_dfs_required() since we always already have the
227 interface type. So, pass the actual interface type instead.
229 Additionally, have cfg80211_chandef_dfs_required() WARN if the passed
230 interface type is NL80211_IFTYPE_UNSPECIFIED, so we can detect
231 problems more easily.
233 Tested-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
234 Reported-by: Eliad Peller <eliad@wizery.com>
235 Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
236 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
238 commit 2b7443b15f26ecb98281474666383cf2a882fbad
239 Author: Janusz Dziedzic <janusz.dziedzic@tieto.com>
240 Date: Wed May 14 13:25:04 2014 +0200
242 cfg80211: fix start_radar_detection issue
245 cfg80211/mac80211: refactor cfg80211_chandef_dfs_required()
247 start_radar_detection always fail with -EINVAL.
249 Acked-by: Luciano Coelho <luciano.coelho@intel.com>
250 Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
251 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
253 commit 4f46eb8b28f96aca212a364e0fa847eb5333df67
254 Author: Felix Fietkau <nbd@openwrt.org>
255 Date: Mon May 5 11:48:40 2014 +0200
257 cfg80211: allow restricting supported dfs regions
259 At the moment, the ath9k/ath10k DFS module only supports detecting ETSI
261 Add a bitmap in the interface combinations, indicating which DFS regions
262 are supported by the detector. If unset, support for all regions is
265 Signed-off-by: Felix Fietkau <nbd@openwrt.org>
266 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
268 commit 0277b034768d1800a00829a755fc56b925aa6b95
269 Author: Johannes Berg <johannes.berg@intel.com>
270 Date: Wed Apr 30 14:19:04 2014 +0200
272 mac80211: handle failed restart/resume better
274 When the driver fails during HW restart or resume, the whole
275 stack goes into a very confused state with interfaces being
276 up while the hardware is down etc.
278 Address this by shutting down everything; we'll run into a
279 lot of warnings in the process but that's better than having
280 the whole stack get messed up.
282 Reviewed-by: Arik Nemtsov <arik@wizery.com>
283 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
285 commit 43fd71bc4b83d24981e90ca178f505cf6a6b16dc
286 Author: Luciano Coelho <luciano.coelho@intel.com>
287 Date: Wed May 7 20:05:12 2014 +0300
289 mac80211: fix sparse warning caused by __ieee80211_channel_switch()
291 Commit 59af6928 (mac80211: fix CSA tx queue stopping) introduced a
294 net/mac80211/cfg.c:3274:5: warning: symbol '__ieee80211_channel_switch' was not declared. Should it be static?
296 Fix it by declaring the function static.
298 Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
299 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
301 commit dd4371e2957db19870bb22ab84e841e1ac6e8997
302 Author: Luciano Coelho <luciano.coelho@intel.com>
303 Date: Wed May 7 19:07:05 2014 +0300
305 cfg80211: fix docbook warning
307 When trying to generate documentation, at least xmldocs, we get the
310 Warning(include/net/cfg80211.h:461): No description found for parameter 'nl80211_iftype'
312 Fix it by adding the iftype argument name to the
313 cfg80211_chandef_dfs_required() function declaration.
315 Reported-and-tested-by: Masanari Iida <standby24x7@gmail.com>
316 Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
317 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
319 commit 56de850ae960f096c784ec07864ca5b71abd16e6
320 Author: Michal Kazior <michal.kazior@tieto.com>
321 Date: Thu May 8 09:10:02 2014 +0200
323 mac80211: disconnect iface if CSA unexpectedly fails
325 It doesn't make much sense to leave a crippled
328 As a side effect this will unblock tx queues with
329 CSA reason immediately after failure instead of
330 until after userspace requests interface to stop.
332 This also gives userspace an opportunity to
333 indirectly see CSA failure.
335 Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
337 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
339 commit f5894c4f19e55bb1ea6376031fe9d47d7528be9e
340 Author: Loic Poulain <loic.poulain@intel.com>
341 Date: Wed May 7 11:38:11 2014 +0200
343 rfkill-gpio: Use gpio cansleep version
345 If gpio controller requires waiting for read and write
346 GPIO values, then we have to use the gpio cansleep api.
347 Fix the rfkill_gpio_set_power which calls only the
348 nonsleep version (causing kernel warning).
349 There is no problem to use the cansleep version here
350 because we are not in IRQ handler or similar context
351 (cf rfkill_set_block).
353 Signed-off-by: Loic Poulain <loic.poulain@intel.com>
354 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
356 commit 47fdf5d4f3704d2db9d1c0f647f788edef104fc8
357 Author: Michal Kazior <michal.kazior@tieto.com>
358 Date: Wed Apr 9 15:45:36 2014 +0200
360 mac80211: ignore cqm during csa
362 It is not guaranteed that multi-vif channel
363 switching is tightly synchronized. It makes sense
364 to ignore cqm (missing beacons, et al) while csa
365 is progressing and re-check it after it completes.
367 Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
368 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
370 commit 1a8ed386e1684b266a15dacf675102ae53361ee5
371 Author: Michal Kazior <michal.kazior@tieto.com>
372 Date: Wed Apr 9 15:11:01 2014 +0200
374 cfg80211: export interface stopping function
376 This exports a new cfg80211_stop_iface() function.
378 This is intended for driver internal interface
379 combination management and channel switching.
381 Due to locking issues (it re-enters driver) the
382 call is asynchronous and uses cfg80211 event
385 Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
386 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
388 commit 573f31d6d0e572ff8186c45a1ecd9273242233e6
389 Author: Michal Kazior <michal.kazior@tieto.com>
390 Date: Wed Apr 9 15:11:00 2014 +0200
392 mac80211: split CSA finalize function
394 Improves readability and modularity.
396 Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
397 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
399 commit 2d104d52e7c7640d68f29f2136dbe3938b7bc9ba
400 Author: Michal Kazior <michal.kazior@tieto.com>
401 Date: Wed Apr 9 15:10:59 2014 +0200
403 mac80211: fix CSA tx queue stopping
405 It was possible for tx queues to be stuck stopped
406 if AP CSA finalization failed. In that case
407 neither stop_ap nor do_stop woke the queues up.
408 This means it was impossible to perform tx at all
409 until driver was reloaded or a successful CSA was
412 It was possible to solve this in a simpler manner
413 however this is more robust and future proof
414 (having multi-vif CSA in mind).
416 New sdata->csa_block_tx is introduced to keep
417 track of which interfaces requested tx to be
418 blocked for CSA. This is required because mac80211
419 stops all tx queues for that purpose. This means
420 queues must be awoken only when last tx-blocking
421 CSA interface is finished.
423 It is still possible to have tx queues stopped
424 after CSA failure but as soon as offending
425 interfaces are stopped from userspace (stop_ap or
426 ifdown) tx queues are woken up properly.
428 Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
429 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
431 commit 6be615d6d42aa7fdab6c4278031d8fa0953e594f
432 Author: Johannes Berg <johannes.berg@intel.com>
433 Date: Wed Apr 9 21:31:13 2014 +0200
435 mac80211: mark local variable __maybe_unused
437 The 'local' variable in __ieee80211_vif_copy_chanctx_to_vlans()
438 is only used/needed when lockdep is compiled in, mark it as such
439 to avoid compile warnings in the other case.
441 While at it, fix some indentation where it's used.
443 Reviewed-by: Luciano Coelho <luciano.coelho@intel.com>
444 Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
445 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
447 commit 43279e584aeb78aa0c853728db047b58156c0753
448 Author: Arik Nemtsov <arik@wizery.com>
449 Date: Thu May 1 10:17:28 2014 +0300
451 mac80211: move TDLS code to another file
453 With new additions planned, this code is getting too big for cfg.c.
455 Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
456 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
458 commit bf9c234b83c77f1ebbcbab73de2a9e4a5d4aafc6
459 Author: Arik Nemtsov <arik@wizery.com>
460 Date: Thu May 1 10:17:27 2014 +0300
462 mac80211: set an external flag for TDLS stations
464 Expose a new tdls flag for the public ieee80211_sta struct.
465 This can be used in some rate control decisions.
467 Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
468 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
470 commit 910e65141a17f645ab85dae1a497e64ebe63df70
471 Author: Johannes Berg <johannes.berg@intel.com>
472 Date: Tue Apr 29 17:55:26 2014 +0200
474 mac80211: remove BUG_ON usage
476 These BUG_ON statements should never trigger, but in the unlikely
477 event that somebody does manage don't stop everything but simply
478 exit the code path with an error.
480 Leave the one BUG_ON where changing it would result in a NULL
483 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
485 commit ff36b582a10285530351aab036087b57ddb4ae2b
486 Author: Johannes Berg <johannes.berg@intel.com>
487 Date: Tue Apr 29 17:52:36 2014 +0200
489 cfg80211: remove BUG_ON usage
491 These really can't trigger unless somebody messes up the code,
492 but don't make debugging it needlessly complicated, WARN and
493 return instead of BUG_ON().
495 Signed-off-by: Johannes Berg <johannes.berg@intel.com>
497 --- a/drivers/net/wireless/ath/ath6kl/cfg80211.c
498 +++ b/drivers/net/wireless/ath/ath6kl/cfg80211.c
499 @@ -1759,7 +1759,7 @@ static bool is_rate_ht40(s32 rate, u8 *m
502 static int ath6kl_get_station(struct wiphy *wiphy, struct net_device *dev,
503 - u8 *mac, struct station_info *sinfo)
504 + const u8 *mac, struct station_info *sinfo)
506 struct ath6kl *ar = ath6kl_priv(dev);
507 struct ath6kl_vif *vif = netdev_priv(dev);
508 @@ -2974,7 +2974,7 @@ static int ath6kl_stop_ap(struct wiphy *
509 static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
511 static int ath6kl_del_station(struct wiphy *wiphy, struct net_device *dev,
515 struct ath6kl *ar = ath6kl_priv(dev);
516 struct ath6kl_vif *vif = netdev_priv(dev);
517 @@ -2985,7 +2985,8 @@ static int ath6kl_del_station(struct wip
520 static int ath6kl_change_station(struct wiphy *wiphy, struct net_device *dev,
521 - u8 *mac, struct station_parameters *params)
523 + struct station_parameters *params)
525 struct ath6kl *ar = ath6kl_priv(dev);
526 struct ath6kl_vif *vif = netdev_priv(dev);
527 --- a/drivers/net/wireless/ath/ath6kl/wmi.c
528 +++ b/drivers/net/wireless/ath/ath6kl/wmi.c
529 @@ -2320,7 +2320,7 @@ int ath6kl_wmi_addkey_cmd(struct wmi *wm
533 -int ath6kl_wmi_add_krk_cmd(struct wmi *wmi, u8 if_idx, u8 *krk)
534 +int ath6kl_wmi_add_krk_cmd(struct wmi *wmi, u8 if_idx, const u8 *krk)
537 struct wmi_add_krk_cmd *cmd;
538 --- a/drivers/net/wireless/ath/ath6kl/wmi.h
539 +++ b/drivers/net/wireless/ath/ath6kl/wmi.h
540 @@ -2616,7 +2616,7 @@ int ath6kl_wmi_addkey_cmd(struct wmi *wm
542 u8 key_op_ctrl, u8 *mac_addr,
543 enum wmi_sync_flag sync_flag);
544 -int ath6kl_wmi_add_krk_cmd(struct wmi *wmi, u8 if_idx, u8 *krk);
545 +int ath6kl_wmi_add_krk_cmd(struct wmi *wmi, u8 if_idx, const u8 *krk);
546 int ath6kl_wmi_deletekey_cmd(struct wmi *wmi, u8 if_idx, u8 key_index);
547 int ath6kl_wmi_setpmkid_cmd(struct wmi *wmi, u8 if_idx, const u8 *bssid,
548 const u8 *pmkid, bool set);
549 --- a/drivers/net/wireless/ath/ath9k/htc.h
550 +++ b/drivers/net/wireless/ath/ath9k/htc.h
551 @@ -378,7 +378,7 @@ void ath9k_htc_get_et_stats(struct ieee8
552 #define TX_QSTAT_INC(c) do { } while (0)
554 static inline void ath9k_htc_err_stat_rx(struct ath9k_htc_priv *priv,
555 - struct ath_htc_rx_status *rxs)
556 + struct ath_rx_status *rs);
560 --- a/drivers/net/wireless/ath/wil6210/cfg80211.c
561 +++ b/drivers/net/wireless/ath/wil6210/cfg80211.c
562 @@ -172,7 +172,7 @@ static int wil_cid_fill_sinfo(struct wil
564 static int wil_cfg80211_get_station(struct wiphy *wiphy,
565 struct net_device *ndev,
566 - u8 *mac, struct station_info *sinfo)
567 + const u8 *mac, struct station_info *sinfo)
569 struct wil6210_priv *wil = wiphy_to_wil(wiphy);
571 @@ -671,7 +671,7 @@ static int wil_cfg80211_stop_ap(struct w
574 static int wil_cfg80211_del_station(struct wiphy *wiphy,
575 - struct net_device *dev, u8 *mac)
576 + struct net_device *dev, const u8 *mac)
578 struct wil6210_priv *wil = wiphy_to_wil(wiphy);
580 --- a/drivers/net/wireless/ath/wil6210/main.c
581 +++ b/drivers/net/wireless/ath/wil6210/main.c
582 @@ -81,7 +81,7 @@ static void wil_disconnect_cid(struct wi
583 memset(&sta->stats, 0, sizeof(sta->stats));
586 -static void _wil6210_disconnect(struct wil6210_priv *wil, void *bssid)
587 +static void _wil6210_disconnect(struct wil6210_priv *wil, const u8 *bssid)
590 struct net_device *ndev = wil_to_ndev(wil);
591 @@ -252,7 +252,7 @@ int wil_priv_init(struct wil6210_priv *w
595 -void wil6210_disconnect(struct wil6210_priv *wil, void *bssid)
596 +void wil6210_disconnect(struct wil6210_priv *wil, const u8 *bssid)
598 del_timer_sync(&wil->connect_timer);
599 _wil6210_disconnect(wil, bssid);
600 --- a/drivers/net/wireless/ath/wil6210/wil6210.h
601 +++ b/drivers/net/wireless/ath/wil6210/wil6210.h
602 @@ -508,7 +508,7 @@ void wil_wdev_free(struct wil6210_priv *
603 int wmi_set_mac_address(struct wil6210_priv *wil, void *addr);
604 int wmi_pcp_start(struct wil6210_priv *wil, int bi, u8 wmi_nettype, u8 chan);
605 int wmi_pcp_stop(struct wil6210_priv *wil);
606 -void wil6210_disconnect(struct wil6210_priv *wil, void *bssid);
607 +void wil6210_disconnect(struct wil6210_priv *wil, const u8 *bssid);
609 int wil_rx_init(struct wil6210_priv *wil);
610 void wil_rx_fini(struct wil6210_priv *wil);
611 --- a/drivers/net/wireless/brcm80211/brcmfmac/wl_cfg80211.c
612 +++ b/drivers/net/wireless/brcm80211/brcmfmac/wl_cfg80211.c
613 @@ -2236,7 +2236,7 @@ brcmf_cfg80211_config_default_mgmt_key(s
616 brcmf_cfg80211_get_station(struct wiphy *wiphy, struct net_device *ndev,
617 - u8 *mac, struct station_info *sinfo)
618 + const u8 *mac, struct station_info *sinfo)
620 struct brcmf_if *ifp = netdev_priv(ndev);
621 struct brcmf_cfg80211_profile *profile = &ifp->vif->profile;
622 @@ -4014,7 +4014,7 @@ brcmf_cfg80211_change_beacon(struct wiph
625 brcmf_cfg80211_del_station(struct wiphy *wiphy, struct net_device *ndev,
629 struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
630 struct brcmf_scb_val_le scbval;
631 @@ -4242,7 +4242,7 @@ static int brcmf_convert_nl80211_tdls_op
634 static int brcmf_cfg80211_tdls_oper(struct wiphy *wiphy,
635 - struct net_device *ndev, u8 *peer,
636 + struct net_device *ndev, const u8 *peer,
637 enum nl80211_tdls_operation oper)
639 struct brcmf_if *ifp;
640 --- a/drivers/net/wireless/libertas/cfg.c
641 +++ b/drivers/net/wireless/libertas/cfg.c
642 @@ -1006,9 +1006,8 @@ struct cmd_key_material {
645 static int lbs_set_key_material(struct lbs_private *priv,
648 - u8 *key, u16 key_len)
649 + int key_type, int key_info,
650 + const u8 *key, u16 key_len)
652 struct cmd_key_material cmd;
654 @@ -1610,7 +1609,7 @@ static int lbs_cfg_del_key(struct wiphy
657 static int lbs_cfg_get_station(struct wiphy *wiphy, struct net_device *dev,
658 - u8 *mac, struct station_info *sinfo)
659 + const u8 *mac, struct station_info *sinfo)
661 struct lbs_private *priv = wiphy_priv(wiphy);
663 --- a/drivers/net/wireless/libertas/defs.h
664 +++ b/drivers/net/wireless/libertas/defs.h
665 @@ -90,7 +90,8 @@ do { if ((lbs_debug & (grp)) == (grp)) \
666 #define lbs_deb_cfg80211(fmt, args...) LBS_DEB_LL(LBS_DEB_CFG80211, " cfg80211", fmt, ##args)
669 -static inline void lbs_deb_hex(unsigned int grp, const char *prompt, u8 *buf, int len)
670 +static inline void lbs_deb_hex(unsigned int grp, const char *prompt,
671 + const u8 *buf, int len)
675 --- a/drivers/net/wireless/mwifiex/11n.h
676 +++ b/drivers/net/wireless/mwifiex/11n.h
677 @@ -200,7 +200,7 @@ static inline int mwifiex_is_sta_11n_ena
681 -mwifiex_tdls_peer_11n_enabled(struct mwifiex_private *priv, u8 *ra)
682 +mwifiex_tdls_peer_11n_enabled(struct mwifiex_private *priv, const u8 *ra)
684 struct mwifiex_sta_node *node = mwifiex_get_sta_entry(priv, ra);
686 --- a/drivers/net/wireless/mwifiex/cfg80211.c
687 +++ b/drivers/net/wireless/mwifiex/cfg80211.c
688 @@ -994,7 +994,7 @@ mwifiex_dump_station_info(struct mwifiex
691 mwifiex_cfg80211_get_station(struct wiphy *wiphy, struct net_device *dev,
692 - u8 *mac, struct station_info *sinfo)
693 + const u8 *mac, struct station_info *sinfo)
695 struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev);
697 @@ -1270,7 +1270,7 @@ static int mwifiex_cfg80211_change_beaco
700 mwifiex_cfg80211_del_station(struct wiphy *wiphy, struct net_device *dev,
704 struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev);
705 struct mwifiex_sta_node *sta_node;
706 @@ -2629,7 +2629,7 @@ static int mwifiex_cfg80211_set_coalesce
709 mwifiex_cfg80211_tdls_mgmt(struct wiphy *wiphy, struct net_device *dev,
710 - u8 *peer, u8 action_code, u8 dialog_token,
711 + const u8 *peer, u8 action_code, u8 dialog_token,
712 u16 status_code, u32 peer_capability,
713 const u8 *extra_ies, size_t extra_ies_len)
715 @@ -2701,7 +2701,7 @@ mwifiex_cfg80211_tdls_mgmt(struct wiphy
718 mwifiex_cfg80211_tdls_oper(struct wiphy *wiphy, struct net_device *dev,
719 - u8 *peer, enum nl80211_tdls_operation action)
720 + const u8 *peer, enum nl80211_tdls_operation action)
722 struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev);
724 @@ -2748,9 +2748,8 @@ mwifiex_cfg80211_tdls_oper(struct wiphy
728 -mwifiex_cfg80211_add_station(struct wiphy *wiphy,
729 - struct net_device *dev,
730 - u8 *mac, struct station_parameters *params)
731 +mwifiex_cfg80211_add_station(struct wiphy *wiphy, struct net_device *dev,
732 + const u8 *mac, struct station_parameters *params)
734 struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev);
736 @@ -2765,9 +2764,9 @@ mwifiex_cfg80211_add_station(struct wiph
740 -mwifiex_cfg80211_change_station(struct wiphy *wiphy,
741 - struct net_device *dev,
742 - u8 *mac, struct station_parameters *params)
743 +mwifiex_cfg80211_change_station(struct wiphy *wiphy, struct net_device *dev,
745 + struct station_parameters *params)
748 struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev);
749 --- a/drivers/net/wireless/mwifiex/main.h
750 +++ b/drivers/net/wireless/mwifiex/main.h
751 @@ -910,8 +910,6 @@ int mwifiex_handle_uap_rx_forward(struct
752 struct sk_buff *skb);
753 int mwifiex_process_sta_event(struct mwifiex_private *);
754 int mwifiex_process_uap_event(struct mwifiex_private *);
755 -struct mwifiex_sta_node *
756 -mwifiex_get_sta_entry(struct mwifiex_private *priv, u8 *mac);
757 void mwifiex_delete_all_station_list(struct mwifiex_private *priv);
758 void *mwifiex_process_sta_txpd(struct mwifiex_private *, struct sk_buff *skb);
759 void *mwifiex_process_uap_txpd(struct mwifiex_private *, struct sk_buff *skb);
760 @@ -1220,26 +1218,26 @@ void mwifiex_dnld_txpwr_table(struct mwi
761 extern const struct ethtool_ops mwifiex_ethtool_ops;
763 void mwifiex_del_all_sta_list(struct mwifiex_private *priv);
764 -void mwifiex_del_sta_entry(struct mwifiex_private *priv, u8 *mac);
765 +void mwifiex_del_sta_entry(struct mwifiex_private *priv, const u8 *mac);
767 mwifiex_set_sta_ht_cap(struct mwifiex_private *priv, const u8 *ies,
768 int ies_len, struct mwifiex_sta_node *node);
769 struct mwifiex_sta_node *
770 -mwifiex_add_sta_entry(struct mwifiex_private *priv, u8 *mac);
771 +mwifiex_add_sta_entry(struct mwifiex_private *priv, const u8 *mac);
772 struct mwifiex_sta_node *
773 -mwifiex_get_sta_entry(struct mwifiex_private *priv, u8 *mac);
774 -int mwifiex_send_tdls_data_frame(struct mwifiex_private *priv, u8 *peer,
775 +mwifiex_get_sta_entry(struct mwifiex_private *priv, const u8 *mac);
776 +int mwifiex_send_tdls_data_frame(struct mwifiex_private *priv, const u8 *peer,
777 u8 action_code, u8 dialog_token,
778 u16 status_code, const u8 *extra_ies,
779 size_t extra_ies_len);
780 -int mwifiex_send_tdls_action_frame(struct mwifiex_private *priv,
781 - u8 *peer, u8 action_code, u8 dialog_token,
782 - u16 status_code, const u8 *extra_ies,
783 - size_t extra_ies_len);
784 +int mwifiex_send_tdls_action_frame(struct mwifiex_private *priv, const u8 *peer,
785 + u8 action_code, u8 dialog_token,
786 + u16 status_code, const u8 *extra_ies,
787 + size_t extra_ies_len);
788 void mwifiex_process_tdls_action_frame(struct mwifiex_private *priv,
790 -int mwifiex_tdls_oper(struct mwifiex_private *priv, u8 *peer, u8 action);
791 -int mwifiex_get_tdls_link_status(struct mwifiex_private *priv, u8 *mac);
792 +int mwifiex_tdls_oper(struct mwifiex_private *priv, const u8 *peer, u8 action);
793 +int mwifiex_get_tdls_link_status(struct mwifiex_private *priv, const u8 *mac);
794 void mwifiex_disable_all_tdls_links(struct mwifiex_private *priv);
795 bool mwifiex_is_bss_in_11ac_mode(struct mwifiex_private *priv);
796 u8 mwifiex_get_center_freq_index(struct mwifiex_private *priv, u8 band,
797 --- a/drivers/net/wireless/mwifiex/tdls.c
798 +++ b/drivers/net/wireless/mwifiex/tdls.c
800 #define TDLS_RESP_FIX_LEN 8
801 #define TDLS_CONFIRM_FIX_LEN 6
804 -mwifiex_restore_tdls_packets(struct mwifiex_private *priv, u8 *mac, u8 status)
805 +static void mwifiex_restore_tdls_packets(struct mwifiex_private *priv,
806 + const u8 *mac, u8 status)
808 struct mwifiex_ra_list_tbl *ra_list;
809 struct list_head *tid_list;
810 @@ -84,7 +84,8 @@ mwifiex_restore_tdls_packets(struct mwif
814 -static void mwifiex_hold_tdls_packets(struct mwifiex_private *priv, u8 *mac)
815 +static void mwifiex_hold_tdls_packets(struct mwifiex_private *priv,
818 struct mwifiex_ra_list_tbl *ra_list;
819 struct list_head *ra_list_head;
820 @@ -228,7 +229,7 @@ mwifiex_tdls_add_ht_oper(struct mwifiex_
823 static int mwifiex_tdls_add_vht_oper(struct mwifiex_private *priv,
824 - u8 *mac, struct sk_buff *skb)
825 + const u8 *mac, struct sk_buff *skb)
827 struct mwifiex_bssdescriptor *bss_desc;
828 struct ieee80211_vht_operation *vht_oper;
829 @@ -367,8 +368,9 @@ static void mwifiex_tdls_add_qos_capab(s
832 static int mwifiex_prep_tdls_encap_data(struct mwifiex_private *priv,
833 - u8 *peer, u8 action_code, u8 dialog_token,
834 - u16 status_code, struct sk_buff *skb)
835 + const u8 *peer, u8 action_code,
837 + u16 status_code, struct sk_buff *skb)
839 struct ieee80211_tdls_data *tf;
841 @@ -506,7 +508,8 @@ static int mwifiex_prep_tdls_encap_data(
845 -mwifiex_tdls_add_link_ie(struct sk_buff *skb, u8 *src_addr, u8 *peer, u8 *bssid)
846 +mwifiex_tdls_add_link_ie(struct sk_buff *skb, const u8 *src_addr,
847 + const u8 *peer, const u8 *bssid)
849 struct ieee80211_tdls_lnkie *lnkid;
851 @@ -520,8 +523,8 @@ mwifiex_tdls_add_link_ie(struct sk_buff
852 memcpy(lnkid->resp_sta, peer, ETH_ALEN);
855 -int mwifiex_send_tdls_data_frame(struct mwifiex_private *priv,
856 - u8 *peer, u8 action_code, u8 dialog_token,
857 +int mwifiex_send_tdls_data_frame(struct mwifiex_private *priv, const u8 *peer,
858 + u8 action_code, u8 dialog_token,
859 u16 status_code, const u8 *extra_ies,
860 size_t extra_ies_len)
862 @@ -613,7 +616,8 @@ int mwifiex_send_tdls_data_frame(struct
866 -mwifiex_construct_tdls_action_frame(struct mwifiex_private *priv, u8 *peer,
867 +mwifiex_construct_tdls_action_frame(struct mwifiex_private *priv,
869 u8 action_code, u8 dialog_token,
870 u16 status_code, struct sk_buff *skb)
872 @@ -691,10 +695,10 @@ mwifiex_construct_tdls_action_frame(stru
876 -int mwifiex_send_tdls_action_frame(struct mwifiex_private *priv,
877 - u8 *peer, u8 action_code, u8 dialog_token,
878 - u16 status_code, const u8 *extra_ies,
879 - size_t extra_ies_len)
880 +int mwifiex_send_tdls_action_frame(struct mwifiex_private *priv, const u8 *peer,
881 + u8 action_code, u8 dialog_token,
882 + u16 status_code, const u8 *extra_ies,
883 + size_t extra_ies_len)
886 struct mwifiex_txinfo *tx_info;
887 @@ -901,7 +905,7 @@ void mwifiex_process_tdls_action_frame(s
891 -mwifiex_tdls_process_config_link(struct mwifiex_private *priv, u8 *peer)
892 +mwifiex_tdls_process_config_link(struct mwifiex_private *priv, const u8 *peer)
894 struct mwifiex_sta_node *sta_ptr;
895 struct mwifiex_ds_tdls_oper tdls_oper;
896 @@ -922,7 +926,7 @@ mwifiex_tdls_process_config_link(struct
900 -mwifiex_tdls_process_create_link(struct mwifiex_private *priv, u8 *peer)
901 +mwifiex_tdls_process_create_link(struct mwifiex_private *priv, const u8 *peer)
903 struct mwifiex_sta_node *sta_ptr;
904 struct mwifiex_ds_tdls_oper tdls_oper;
905 @@ -949,7 +953,7 @@ mwifiex_tdls_process_create_link(struct
909 -mwifiex_tdls_process_disable_link(struct mwifiex_private *priv, u8 *peer)
910 +mwifiex_tdls_process_disable_link(struct mwifiex_private *priv, const u8 *peer)
912 struct mwifiex_sta_node *sta_ptr;
913 struct mwifiex_ds_tdls_oper tdls_oper;
914 @@ -978,7 +982,7 @@ mwifiex_tdls_process_disable_link(struct
918 -mwifiex_tdls_process_enable_link(struct mwifiex_private *priv, u8 *peer)
919 +mwifiex_tdls_process_enable_link(struct mwifiex_private *priv, const u8 *peer)
921 struct mwifiex_sta_node *sta_ptr;
922 struct ieee80211_mcs_info mcs;
923 @@ -1035,7 +1039,7 @@ mwifiex_tdls_process_enable_link(struct
927 -int mwifiex_tdls_oper(struct mwifiex_private *priv, u8 *peer, u8 action)
928 +int mwifiex_tdls_oper(struct mwifiex_private *priv, const u8 *peer, u8 action)
931 case MWIFIEX_TDLS_ENABLE_LINK:
932 @@ -1050,7 +1054,7 @@ int mwifiex_tdls_oper(struct mwifiex_pri
936 -int mwifiex_get_tdls_link_status(struct mwifiex_private *priv, u8 *mac)
937 +int mwifiex_get_tdls_link_status(struct mwifiex_private *priv, const u8 *mac)
939 struct mwifiex_sta_node *sta_ptr;
941 --- a/drivers/net/wireless/mwifiex/util.c
942 +++ b/drivers/net/wireless/mwifiex/util.c
943 @@ -259,7 +259,7 @@ int mwifiex_complete_cmd(struct mwifiex_
944 * NULL is returned if station entry is not found in associated STA list.
946 struct mwifiex_sta_node *
947 -mwifiex_get_sta_entry(struct mwifiex_private *priv, u8 *mac)
948 +mwifiex_get_sta_entry(struct mwifiex_private *priv, const u8 *mac)
950 struct mwifiex_sta_node *node;
952 @@ -280,7 +280,7 @@ mwifiex_get_sta_entry(struct mwifiex_pri
953 * If received mac address is NULL, NULL is returned.
955 struct mwifiex_sta_node *
956 -mwifiex_add_sta_entry(struct mwifiex_private *priv, u8 *mac)
957 +mwifiex_add_sta_entry(struct mwifiex_private *priv, const u8 *mac)
959 struct mwifiex_sta_node *node;
961 @@ -332,7 +332,7 @@ mwifiex_set_sta_ht_cap(struct mwifiex_pr
964 /* This function will delete a station entry from station list */
965 -void mwifiex_del_sta_entry(struct mwifiex_private *priv, u8 *mac)
966 +void mwifiex_del_sta_entry(struct mwifiex_private *priv, const u8 *mac)
968 struct mwifiex_sta_node *node;
970 --- a/drivers/net/wireless/mwifiex/wmm.c
971 +++ b/drivers/net/wireless/mwifiex/wmm.c
972 @@ -92,7 +92,7 @@ mwifiex_wmm_ac_debug_print(const struct
973 * The function also initializes the list with the provided RA.
975 static struct mwifiex_ra_list_tbl *
976 -mwifiex_wmm_allocate_ralist_node(struct mwifiex_adapter *adapter, u8 *ra)
977 +mwifiex_wmm_allocate_ralist_node(struct mwifiex_adapter *adapter, const u8 *ra)
979 struct mwifiex_ra_list_tbl *ra_list;
981 @@ -139,8 +139,7 @@ static u8 mwifiex_get_random_ba_threshol
982 * This function allocates and adds a RA list for all TIDs
986 -mwifiex_ralist_add(struct mwifiex_private *priv, u8 *ra)
987 +void mwifiex_ralist_add(struct mwifiex_private *priv, const u8 *ra)
990 struct mwifiex_ra_list_tbl *ra_list;
991 @@ -566,7 +565,7 @@ mwifiex_clean_txrx(struct mwifiex_privat
993 static struct mwifiex_ra_list_tbl *
994 mwifiex_wmm_get_ralist_node(struct mwifiex_private *priv, u8 tid,
998 struct mwifiex_ra_list_tbl *ra_list;
1000 @@ -587,7 +586,8 @@ mwifiex_wmm_get_ralist_node(struct mwifi
1003 struct mwifiex_ra_list_tbl *
1004 -mwifiex_wmm_get_queue_raptr(struct mwifiex_private *priv, u8 tid, u8 *ra_addr)
1005 +mwifiex_wmm_get_queue_raptr(struct mwifiex_private *priv, u8 tid,
1006 + const u8 *ra_addr)
1008 struct mwifiex_ra_list_tbl *ra_list;
1010 --- a/drivers/net/wireless/mwifiex/wmm.h
1011 +++ b/drivers/net/wireless/mwifiex/wmm.h
1012 @@ -99,7 +99,7 @@ mwifiex_wmm_is_ra_list_empty(struct list
1014 void mwifiex_wmm_add_buf_txqueue(struct mwifiex_private *priv,
1015 struct sk_buff *skb);
1016 -void mwifiex_ralist_add(struct mwifiex_private *priv, u8 *ra);
1017 +void mwifiex_ralist_add(struct mwifiex_private *priv, const u8 *ra);
1018 void mwifiex_rotate_priolists(struct mwifiex_private *priv,
1019 struct mwifiex_ra_list_tbl *ra, int tid);
1021 @@ -123,7 +123,8 @@ void mwifiex_wmm_setup_ac_downgrade(stru
1022 int mwifiex_ret_wmm_get_status(struct mwifiex_private *priv,
1023 const struct host_cmd_ds_command *resp);
1024 struct mwifiex_ra_list_tbl *
1025 -mwifiex_wmm_get_queue_raptr(struct mwifiex_private *priv, u8 tid, u8 *ra_addr);
1026 +mwifiex_wmm_get_queue_raptr(struct mwifiex_private *priv, u8 tid,
1027 + const u8 *ra_addr);
1028 u8 mwifiex_wmm_downgrade_tid(struct mwifiex_private *priv, u32 tid);
1030 #endif /* !_MWIFIEX_WMM_H_ */
1031 --- a/drivers/net/wireless/orinoco/hw.c
1032 +++ b/drivers/net/wireless/orinoco/hw.c
1033 @@ -988,8 +988,8 @@ int __orinoco_hw_setup_enc(struct orinoc
1034 * tsc must be NULL or up to 8 bytes
1036 int __orinoco_hw_set_tkip_key(struct orinoco_private *priv, int key_idx,
1037 - int set_tx, u8 *key, u8 *rsc, size_t rsc_len,
1038 - u8 *tsc, size_t tsc_len)
1039 + int set_tx, const u8 *key, const u8 *rsc,
1040 + size_t rsc_len, const u8 *tsc, size_t tsc_len)
1044 --- a/drivers/net/wireless/orinoco/hw.h
1045 +++ b/drivers/net/wireless/orinoco/hw.h
1046 @@ -38,8 +38,8 @@ int __orinoco_hw_set_wap(struct orinoco_
1047 int __orinoco_hw_setup_wepkeys(struct orinoco_private *priv);
1048 int __orinoco_hw_setup_enc(struct orinoco_private *priv);
1049 int __orinoco_hw_set_tkip_key(struct orinoco_private *priv, int key_idx,
1050 - int set_tx, u8 *key, u8 *rsc, size_t rsc_len,
1051 - u8 *tsc, size_t tsc_len);
1052 + int set_tx, const u8 *key, const u8 *rsc,
1053 + size_t rsc_len, const u8 *tsc, size_t tsc_len);
1054 int orinoco_clear_tkip_key(struct orinoco_private *priv, int key_idx);
1055 int __orinoco_hw_set_multicast_list(struct orinoco_private *priv,
1056 struct net_device *dev,
1057 --- a/drivers/net/wireless/orinoco/wext.c
1058 +++ b/drivers/net/wireless/orinoco/wext.c
1059 @@ -52,9 +52,9 @@ static int orinoco_set_key(struct orinoc
1060 priv->keys[index].seq_len = seq_len;
1063 - memcpy(priv->keys[index].key, key, key_len);
1064 + memcpy((void *)priv->keys[index].key, key, key_len);
1066 - memcpy(priv->keys[index].seq, seq, seq_len);
1067 + memcpy((void *)priv->keys[index].seq, seq, seq_len);
1070 case ORINOCO_ALG_TKIP:
1071 --- a/drivers/net/wireless/rndis_wlan.c
1072 +++ b/drivers/net/wireless/rndis_wlan.c
1073 @@ -517,7 +517,7 @@ static int rndis_set_default_key(struct
1074 u8 key_index, bool unicast, bool multicast);
1076 static int rndis_get_station(struct wiphy *wiphy, struct net_device *dev,
1077 - u8 *mac, struct station_info *sinfo);
1078 + const u8 *mac, struct station_info *sinfo);
1080 static int rndis_dump_station(struct wiphy *wiphy, struct net_device *dev,
1081 int idx, u8 *mac, struct station_info *sinfo);
1082 @@ -2490,7 +2490,7 @@ static void rndis_fill_station_info(stru
1085 static int rndis_get_station(struct wiphy *wiphy, struct net_device *dev,
1086 - u8 *mac, struct station_info *sinfo)
1087 + const u8 *mac, struct station_info *sinfo)
1089 struct rndis_wlan_private *priv = wiphy_priv(wiphy);
1090 struct usbnet *usbdev = priv->usbdev;
1091 --- a/drivers/net/wireless/ti/wlcore/main.c
1092 +++ b/drivers/net/wireless/ti/wlcore/main.c
1093 @@ -1416,7 +1416,7 @@ void wl1271_rx_filter_free(struct wl12xx
1095 int wl1271_rx_filter_alloc_field(struct wl12xx_rx_filter *filter,
1096 u16 offset, u8 flags,
1097 - u8 *pattern, u8 len)
1098 + const u8 *pattern, u8 len)
1100 struct wl12xx_rx_filter_field *field;
1102 --- a/drivers/net/wireless/ti/wlcore/wlcore_i.h
1103 +++ b/drivers/net/wireless/ti/wlcore/wlcore_i.h
1104 @@ -512,8 +512,8 @@ int wl1271_recalc_rx_streaming(struct wl
1105 void wl12xx_queue_recovery_work(struct wl1271 *wl);
1106 size_t wl12xx_copy_fwlog(struct wl1271 *wl, u8 *memblock, size_t maxlen);
1107 int wl1271_rx_filter_alloc_field(struct wl12xx_rx_filter *filter,
1108 - u16 offset, u8 flags,
1109 - u8 *pattern, u8 len);
1110 + u16 offset, u8 flags,
1111 + const u8 *pattern, u8 len);
1112 void wl1271_rx_filter_free(struct wl12xx_rx_filter *filter);
1113 struct wl12xx_rx_filter *wl1271_rx_filter_alloc(void);
1114 int wl1271_rx_filter_get_fields_size(struct wl12xx_rx_filter *filter);
1115 --- a/include/net/cfg80211.h
1116 +++ b/include/net/cfg80211.h
1117 @@ -341,8 +341,8 @@ struct vif_params {
1118 * @seq_len: length of @seq.
1128 @@ -458,7 +458,7 @@ bool cfg80211_chandef_usable(struct wiph
1130 int cfg80211_chandef_dfs_required(struct wiphy *wiphy,
1131 const struct cfg80211_chan_def *chandef,
1132 - enum nl80211_iftype);
1133 + enum nl80211_iftype iftype);
1136 * ieee80211_chandef_rate_flags - returns rate flags for a channel
1137 @@ -694,8 +694,10 @@ struct cfg80211_ap_settings {
1139 * @chandef: defines the channel to use after the switch
1140 * @beacon_csa: beacon data while performing the switch
1141 - * @counter_offset_beacon: offset for the counter within the beacon (tail)
1142 - * @counter_offset_presp: offset for the counter within the probe response
1143 + * @counter_offsets_beacon: offsets of the counters within the beacon (tail)
1144 + * @counter_offsets_presp: offsets of the counters within the probe response
1145 + * @n_counter_offsets_beacon: number of csa counters the beacon (tail)
1146 + * @n_counter_offsets_presp: number of csa counters in the probe response
1147 * @beacon_after: beacon data to be used on the new channel
1148 * @radar_required: whether radar detection is required on the new channel
1149 * @block_tx: whether transmissions should be blocked while changing
1150 @@ -704,7 +706,10 @@ struct cfg80211_ap_settings {
1151 struct cfg80211_csa_settings {
1152 struct cfg80211_chan_def chandef;
1153 struct cfg80211_beacon_data beacon_csa;
1154 - u16 counter_offset_beacon, counter_offset_presp;
1155 + const u16 *counter_offsets_beacon;
1156 + const u16 *counter_offsets_presp;
1157 + unsigned int n_counter_offsets_beacon;
1158 + unsigned int n_counter_offsets_presp;
1159 struct cfg80211_beacon_data beacon_after;
1160 bool radar_required;
1162 @@ -1164,7 +1169,7 @@ struct bss_parameters {
1164 int use_short_preamble;
1165 int use_short_slot_time;
1167 + const u8 *basic_rates;
1171 @@ -1694,10 +1699,10 @@ struct cfg80211_disassoc_request {
1172 * @ht_capa_mask: The bits of ht_capa which are to be used.
1174 struct cfg80211_ibss_params {
1179 struct cfg80211_chan_def chandef;
1182 u8 ssid_len, ie_len;
1183 u16 beacon_interval;
1185 @@ -1806,8 +1811,8 @@ struct cfg80211_bitrate_mask {
1186 * @pmkid: The PMK material itself.
1188 struct cfg80211_pmksa {
1196 @@ -1822,7 +1827,7 @@ struct cfg80211_pmksa {
1197 * memory, free @mask only!
1199 struct cfg80211_pkt_pattern {
1200 - u8 *mask, *pattern;
1201 + const u8 *mask, *pattern;
1205 @@ -1986,6 +1991,8 @@ struct cfg80211_update_ft_ies_params {
1206 * @len: buffer length
1207 * @no_cck: don't use cck rates for this frame
1208 * @dont_wait_for_ack: tells the low level not to wait for an ack
1209 + * @n_csa_offsets: length of csa_offsets array
1210 + * @csa_offsets: array of all the csa offsets in the frame
1212 struct cfg80211_mgmt_tx_params {
1213 struct ieee80211_channel *chan;
1214 @@ -1995,6 +2002,8 @@ struct cfg80211_mgmt_tx_params {
1217 bool dont_wait_for_ack;
1218 + int n_csa_offsets;
1219 + const u16 *csa_offsets;
1223 @@ -2336,28 +2345,29 @@ struct cfg80211_ops {
1226 int (*add_station)(struct wiphy *wiphy, struct net_device *dev,
1227 - u8 *mac, struct station_parameters *params);
1229 + struct station_parameters *params);
1230 int (*del_station)(struct wiphy *wiphy, struct net_device *dev,
1233 int (*change_station)(struct wiphy *wiphy, struct net_device *dev,
1234 - u8 *mac, struct station_parameters *params);
1236 + struct station_parameters *params);
1237 int (*get_station)(struct wiphy *wiphy, struct net_device *dev,
1238 - u8 *mac, struct station_info *sinfo);
1239 + const u8 *mac, struct station_info *sinfo);
1240 int (*dump_station)(struct wiphy *wiphy, struct net_device *dev,
1241 - int idx, u8 *mac, struct station_info *sinfo);
1242 + int idx, u8 *mac, struct station_info *sinfo);
1244 int (*add_mpath)(struct wiphy *wiphy, struct net_device *dev,
1245 - u8 *dst, u8 *next_hop);
1246 + const u8 *dst, const u8 *next_hop);
1247 int (*del_mpath)(struct wiphy *wiphy, struct net_device *dev,
1250 int (*change_mpath)(struct wiphy *wiphy, struct net_device *dev,
1251 - u8 *dst, u8 *next_hop);
1252 + const u8 *dst, const u8 *next_hop);
1253 int (*get_mpath)(struct wiphy *wiphy, struct net_device *dev,
1254 - u8 *dst, u8 *next_hop,
1255 - struct mpath_info *pinfo);
1256 + u8 *dst, u8 *next_hop, struct mpath_info *pinfo);
1257 int (*dump_mpath)(struct wiphy *wiphy, struct net_device *dev,
1258 - int idx, u8 *dst, u8 *next_hop,
1259 - struct mpath_info *pinfo);
1260 + int idx, u8 *dst, u8 *next_hop,
1261 + struct mpath_info *pinfo);
1262 int (*get_mesh_config)(struct wiphy *wiphy,
1263 struct net_device *dev,
1264 struct mesh_config *conf);
1265 @@ -2487,11 +2497,11 @@ struct cfg80211_ops {
1266 struct cfg80211_gtk_rekey_data *data);
1268 int (*tdls_mgmt)(struct wiphy *wiphy, struct net_device *dev,
1269 - u8 *peer, u8 action_code, u8 dialog_token,
1270 + const u8 *peer, u8 action_code, u8 dialog_token,
1271 u16 status_code, u32 peer_capability,
1272 const u8 *buf, size_t len);
1273 int (*tdls_oper)(struct wiphy *wiphy, struct net_device *dev,
1274 - u8 *peer, enum nl80211_tdls_operation oper);
1275 + const u8 *peer, enum nl80211_tdls_operation oper);
1277 int (*probe_client)(struct wiphy *wiphy, struct net_device *dev,
1278 const u8 *peer, u64 *cookie);
1279 @@ -2638,6 +2648,7 @@ struct ieee80211_iface_limit {
1280 * between infrastructure and AP types must match. This is required
1281 * only in special cases.
1282 * @radar_detect_widths: bitmap of channel widths supported for radar detection
1283 + * @radar_detect_regions: bitmap of regions supported for radar detection
1285 * With this structure the driver can describe which interface
1286 * combinations it supports concurrently.
1287 @@ -2695,6 +2706,7 @@ struct ieee80211_iface_combination {
1289 bool beacon_int_infra_match;
1290 u8 radar_detect_widths;
1291 + u8 radar_detect_regions;
1294 struct ieee80211_txrx_stypes {
1295 @@ -2925,6 +2937,11 @@ struct wiphy_vendor_command {
1296 * (including P2P GO) or 0 to indicate no such limit is advertised. The
1297 * driver is allowed to advertise a theoretical limit that it can reach in
1298 * some cases, but may not always reach.
1300 + * @max_num_csa_counters: Number of supported csa_counters in beacons
1301 + * and probe responses. This value should be set if the driver
1302 + * wishes to limit the number of csa counters. Default (0) means
1306 /* assign these fields before you register the wiphy */
1307 @@ -3045,6 +3062,8 @@ struct wiphy {
1309 u16 max_ap_assoc_sta;
1311 + u8 max_num_csa_counters;
1313 char priv[0] __aligned(NETDEV_ALIGN);
1316 @@ -3273,7 +3292,7 @@ struct wireless_dev {
1317 struct cfg80211_ibss_params ibss;
1318 struct cfg80211_connect_params connect;
1319 struct cfg80211_cached_keys *keys;
1323 u8 bssid[ETH_ALEN], prev_bssid[ETH_ALEN];
1324 u8 ssid[IEEE80211_MAX_SSID_LEN];
1325 @@ -3514,7 +3533,8 @@ int ieee80211_data_to_8023(struct sk_buf
1326 * Return: 0 on success, or a negative error code.
1328 int ieee80211_data_from_8023(struct sk_buff *skb, const u8 *addr,
1329 - enum nl80211_iftype iftype, u8 *bssid, bool qos);
1330 + enum nl80211_iftype iftype, const u8 *bssid,
1334 * ieee80211_amsdu_to_8023s - decode an IEEE 802.11n A-MSDU frame
1335 @@ -4315,7 +4335,7 @@ void cfg80211_roamed_bss(struct net_devi
1336 * and not try to connect to any AP any more.
1338 void cfg80211_disconnected(struct net_device *dev, u16 reason,
1339 - u8 *ie, size_t ie_len, gfp_t gfp);
1340 + const u8 *ie, size_t ie_len, gfp_t gfp);
1343 * cfg80211_ready_on_channel - notification of remain_on_channel start
1344 @@ -4771,6 +4791,35 @@ int cfg80211_iter_combinations(struct wi
1349 + * cfg80211_stop_iface - trigger interface disconnection
1351 + * @wiphy: the wiphy
1352 + * @wdev: wireless device
1353 + * @gfp: context flags
1355 + * Trigger interface to be stopped as if AP was stopped, IBSS/mesh left, STA
1358 + * Note: This doesn't need any locks and is asynchronous.
1360 +void cfg80211_stop_iface(struct wiphy *wiphy, struct wireless_dev *wdev,
1364 + * cfg80211_shutdown_all_interfaces - shut down all interfaces for a wiphy
1365 + * @wiphy: the wiphy to shut down
1367 + * This function shuts down all interfaces belonging to this wiphy by
1368 + * calling dev_close() (and treating non-netdev interfaces as needed).
1369 + * It shouldn't really be used unless there are some fatal device errors
1370 + * that really can't be recovered in any other way.
1372 + * Callers must hold the RTNL and be able to deal with callbacks into
1373 + * the driver while the function is running.
1375 +void cfg80211_shutdown_all_interfaces(struct wiphy *wiphy);
1377 /* Logging, debugging and troubleshooting/diagnostic helpers. */
1379 /* wiphy_printk helpers, similar to dev_printk */
1380 --- a/include/net/mac80211.h
1381 +++ b/include/net/mac80211.h
1382 @@ -1113,7 +1113,9 @@ enum ieee80211_vif_flags {
1383 * @addr: address of this interface
1384 * @p2p: indicates whether this AP or STA interface is a p2p
1385 * interface, i.e. a GO or p2p-sta respectively
1386 - * @csa_active: marks whether a channel switch is going on
1387 + * @csa_active: marks whether a channel switch is going on. Internally it is
1388 + * write-protected by sdata_lock and local->mtx so holding either is fine
1389 + * for read access.
1390 * @driver_flags: flags/capabilities the driver has for this interface,
1391 * these need to be set (or cleared) when the interface is added
1392 * or, if supported by the driver, the interface type is changed
1393 @@ -1374,6 +1376,7 @@ struct ieee80211_sta_rates {
1394 * the station moves to associated state.
1395 * @smps_mode: current SMPS mode (off, static or dynamic)
1396 * @rates: rate control selection table
1397 + * @tdls: indicates whether the STA is a TDLS peer
1399 struct ieee80211_sta {
1400 u32 supp_rates[IEEE80211_NUM_BANDS];
1401 @@ -1388,6 +1391,7 @@ struct ieee80211_sta {
1402 enum ieee80211_sta_rx_bandwidth bandwidth;
1403 enum ieee80211_smps_mode smps_mode;
1404 struct ieee80211_sta_rates __rcu *rates;
1408 u8 drv_priv[0] __aligned(sizeof(void *));
1409 @@ -3407,6 +3411,47 @@ void ieee80211_tx_status_irqsafe(struct
1411 void ieee80211_report_low_ack(struct ieee80211_sta *sta, u32 num_packets);
1413 +#define IEEE80211_MAX_CSA_COUNTERS_NUM 2
1416 + * struct ieee80211_mutable_offsets - mutable beacon offsets
1417 + * @tim_offset: position of TIM element
1418 + * @tim_length: size of TIM element
1419 + * @csa_counter_offs: array of IEEE80211_MAX_CSA_COUNTERS_NUM offsets
1420 + * to CSA counters. This array can contain zero values which
1421 + * should be ignored.
1423 +struct ieee80211_mutable_offsets {
1427 + u16 csa_counter_offs[IEEE80211_MAX_CSA_COUNTERS_NUM];
1431 + * ieee80211_beacon_get_template - beacon template generation function
1432 + * @hw: pointer obtained from ieee80211_alloc_hw().
1433 + * @vif: &struct ieee80211_vif pointer from the add_interface callback.
1434 + * @offs: &struct ieee80211_mutable_offsets pointer to struct that will
1435 + * receive the offsets that may be updated by the driver.
1437 + * If the driver implements beaconing modes, it must use this function to
1438 + * obtain the beacon template.
1440 + * This function should be used if the beacon frames are generated by the
1441 + * device, and then the driver must use the returned beacon as the template
1442 + * The driver or the device are responsible to update the DTIM and, when
1443 + * applicable, the CSA count.
1445 + * The driver is responsible for freeing the returned skb.
1447 + * Return: The beacon template. %NULL on error.
1450 +ieee80211_beacon_get_template(struct ieee80211_hw *hw,
1451 + struct ieee80211_vif *vif,
1452 + struct ieee80211_mutable_offsets *offs);
1455 * ieee80211_beacon_get_tim - beacon generation function
1456 * @hw: pointer obtained from ieee80211_alloc_hw().
1457 @@ -3418,16 +3463,12 @@ void ieee80211_report_low_ack(struct iee
1458 * Set to 0 if invalid (in non-AP modes).
1460 * If the driver implements beaconing modes, it must use this function to
1461 - * obtain the beacon frame/template.
1462 + * obtain the beacon frame.
1464 * If the beacon frames are generated by the host system (i.e., not in
1465 * hardware/firmware), the driver uses this function to get each beacon
1466 - * frame from mac80211 -- it is responsible for calling this function
1467 - * before the beacon is needed (e.g. based on hardware interrupt).
1469 - * If the beacon frames are generated by the device, then the driver
1470 - * must use the returned beacon as the template and change the TIM IE
1471 - * according to the current DTIM parameters/TIM bitmap.
1472 + * frame from mac80211 -- it is responsible for calling this function exactly
1473 + * once before the beacon is needed (e.g. based on hardware interrupt).
1475 * The driver is responsible for freeing the returned skb.
1477 @@ -3453,6 +3494,20 @@ static inline struct sk_buff *ieee80211_
1481 + * ieee80211_csa_update_counter - request mac80211 to decrement the csa counter
1482 + * @vif: &struct ieee80211_vif pointer from the add_interface callback.
1484 + * The csa counter should be updated after each beacon transmission.
1485 + * This function is called implicitly when
1486 + * ieee80211_beacon_get/ieee80211_beacon_get_tim are called, however if the
1487 + * beacon frames are generated by the device, the driver should call this
1488 + * function after each beacon transmission to sync mac80211's csa counters.
1490 + * Return: new csa counter value
1492 +u8 ieee80211_csa_update_counter(struct ieee80211_vif *vif);
1495 * ieee80211_csa_finish - notify mac80211 about channel switch
1496 * @vif: &struct ieee80211_vif pointer from the add_interface callback.
1498 --- a/include/uapi/linux/nl80211.h
1499 +++ b/include/uapi/linux/nl80211.h
1501 * TX status event pertaining to the TX request.
1502 * %NL80211_ATTR_TX_NO_CCK_RATE is used to decide whether to send the
1503 * management frames at CCK rate or not in 2GHz band.
1504 + * %NL80211_ATTR_CSA_C_OFFSETS_TX is an array of offsets to CSA
1505 + * counters which will be updated to the current value. This attribute
1506 + * is used during CSA period.
1507 * @NL80211_CMD_FRAME_WAIT_CANCEL: When an off-channel TX was requested, this
1508 * command may be used with the corresponding cookie to cancel the wait
1509 * time if it is known that it is no longer necessary.
1510 @@ -1525,10 +1528,10 @@ enum nl80211_commands {
1512 * @NL80211_ATTR_CSA_IES: Nested set of attributes containing the IE information
1513 * for the time while performing a channel switch.
1514 - * @NL80211_ATTR_CSA_C_OFF_BEACON: Offset of the channel switch counter
1515 - * field in the beacons tail (%NL80211_ATTR_BEACON_TAIL).
1516 - * @NL80211_ATTR_CSA_C_OFF_PRESP: Offset of the channel switch counter
1517 - * field in the probe response (%NL80211_ATTR_PROBE_RESP).
1518 + * @NL80211_ATTR_CSA_C_OFF_BEACON: An array of offsets (u16) to the channel
1519 + * switch counters in the beacons tail (%NL80211_ATTR_BEACON_TAIL).
1520 + * @NL80211_ATTR_CSA_C_OFF_PRESP: An array of offsets (u16) to the channel
1521 + * switch counters in the probe response (%NL80211_ATTR_PROBE_RESP).
1523 * @NL80211_ATTR_RXMGMT_FLAGS: flags for nl80211_send_mgmt(), u32.
1524 * As specified in the &enum nl80211_rxmgmt_flags.
1525 @@ -1576,6 +1579,11 @@ enum nl80211_commands {
1526 * advertise values that cannot always be met. In such cases, an attempt
1527 * to add a new station entry with @NL80211_CMD_NEW_STATION may fail.
1529 + * @NL80211_ATTR_CSA_C_OFFSETS_TX: An array of csa counter offsets (u16) which
1530 + * should be updated when the frame is transmitted.
1531 + * @NL80211_ATTR_MAX_CSA_COUNTERS: U8 attribute used to advertise the maximum
1532 + * supported number of csa counters.
1534 * @NL80211_ATTR_TDLS_PEER_CAPABILITY: flags for TDLS peer capabilities, u32.
1535 * As specified in the &enum nl80211_tdls_peer_capability.
1537 @@ -1920,6 +1928,9 @@ enum nl80211_attrs {
1539 NL80211_ATTR_IFACE_SOCKET_OWNER,
1541 + NL80211_ATTR_CSA_C_OFFSETS_TX,
1542 + NL80211_ATTR_MAX_CSA_COUNTERS,
1544 /* add attributes here, update the policy in nl80211.c */
1546 __NL80211_ATTR_AFTER_LAST,
1547 @@ -3688,6 +3699,8 @@ enum nl80211_iface_limit_attrs {
1548 * different channels may be used within this group.
1549 * @NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS: u32 attribute containing the bitmap
1550 * of supported channel widths for radar detection.
1551 + * @NL80211_IFACE_COMB_RADAR_DETECT_REGIONS: u32 attribute containing the bitmap
1552 + * of supported regulatory regions for radar detection.
1553 * @NUM_NL80211_IFACE_COMB: number of attributes
1554 * @MAX_NL80211_IFACE_COMB: highest attribute number
1556 @@ -3721,6 +3734,7 @@ enum nl80211_if_combination_attrs {
1557 NL80211_IFACE_COMB_STA_AP_BI_MATCH,
1558 NL80211_IFACE_COMB_NUM_CHANNELS,
1559 NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS,
1560 + NL80211_IFACE_COMB_RADAR_DETECT_REGIONS,
1563 NUM_NL80211_IFACE_COMB,
1564 --- a/net/mac80211/Makefile
1565 +++ b/net/mac80211/Makefile
1566 @@ -25,7 +25,8 @@ mac80211-y := \
1574 mac80211-$(CPTCFG_MAC80211_LEDS) += led.o
1575 mac80211-$(CPTCFG_MAC80211_DEBUGFS) += \
1576 --- a/net/mac80211/cfg.c
1577 +++ b/net/mac80211/cfg.c
1578 @@ -777,7 +777,7 @@ static void ieee80211_get_et_strings(str
1581 static int ieee80211_dump_station(struct wiphy *wiphy, struct net_device *dev,
1582 - int idx, u8 *mac, struct station_info *sinfo)
1583 + int idx, u8 *mac, struct station_info *sinfo)
1585 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1586 struct ieee80211_local *local = sdata->local;
1587 @@ -807,7 +807,7 @@ static int ieee80211_dump_survey(struct
1590 static int ieee80211_get_station(struct wiphy *wiphy, struct net_device *dev,
1591 - u8 *mac, struct station_info *sinfo)
1592 + const u8 *mac, struct station_info *sinfo)
1594 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1595 struct ieee80211_local *local = sdata->local;
1596 @@ -1084,6 +1084,31 @@ static int ieee80211_change_beacon(struc
1600 +bool ieee80211_csa_needs_block_tx(struct ieee80211_local *local)
1602 + struct ieee80211_sub_if_data *sdata;
1604 + lockdep_assert_held(&local->mtx);
1607 + list_for_each_entry_rcu(sdata, &local->interfaces, list) {
1608 + if (!ieee80211_sdata_running(sdata))
1611 + if (!sdata->vif.csa_active)
1614 + if (!sdata->csa_block_tx)
1617 + rcu_read_unlock();
1620 + rcu_read_unlock();
1625 static int ieee80211_stop_ap(struct wiphy *wiphy, struct net_device *dev)
1627 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1628 @@ -1101,7 +1126,14 @@ static int ieee80211_stop_ap(struct wiph
1629 old_probe_resp = sdata_dereference(sdata->u.ap.probe_resp, sdata);
1631 /* abort any running channel switch */
1632 + mutex_lock(&local->mtx);
1633 sdata->vif.csa_active = false;
1634 + if (!ieee80211_csa_needs_block_tx(local))
1635 + ieee80211_wake_queues_by_reason(&local->hw,
1636 + IEEE80211_MAX_QUEUE_MAP,
1637 + IEEE80211_QUEUE_STOP_REASON_CSA);
1638 + mutex_unlock(&local->mtx);
1640 kfree(sdata->u.ap.next_beacon);
1641 sdata->u.ap.next_beacon = NULL;
1643 @@ -1425,7 +1457,8 @@ static int sta_apply_parameters(struct i
1646 static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
1647 - u8 *mac, struct station_parameters *params)
1649 + struct station_parameters *params)
1651 struct ieee80211_local *local = wiphy_priv(wiphy);
1652 struct sta_info *sta;
1653 @@ -1459,6 +1492,8 @@ static int ieee80211_add_station(struct
1654 if (!(params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))) {
1655 sta_info_pre_move_state(sta, IEEE80211_STA_AUTH);
1656 sta_info_pre_move_state(sta, IEEE80211_STA_ASSOC);
1658 + sta->sta.tdls = true;
1661 err = sta_apply_parameters(local, sta, params);
1662 @@ -1492,7 +1527,7 @@ static int ieee80211_add_station(struct
1665 static int ieee80211_del_station(struct wiphy *wiphy, struct net_device *dev,
1669 struct ieee80211_sub_if_data *sdata;
1671 @@ -1506,7 +1541,7 @@ static int ieee80211_del_station(struct
1674 static int ieee80211_change_station(struct wiphy *wiphy,
1675 - struct net_device *dev, u8 *mac,
1676 + struct net_device *dev, const u8 *mac,
1677 struct station_parameters *params)
1679 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1680 @@ -1631,7 +1666,7 @@ out_err:
1682 #ifdef CPTCFG_MAC80211_MESH
1683 static int ieee80211_add_mpath(struct wiphy *wiphy, struct net_device *dev,
1684 - u8 *dst, u8 *next_hop)
1685 + const u8 *dst, const u8 *next_hop)
1687 struct ieee80211_sub_if_data *sdata;
1688 struct mesh_path *mpath;
1689 @@ -1659,7 +1694,7 @@ static int ieee80211_add_mpath(struct wi
1692 static int ieee80211_del_mpath(struct wiphy *wiphy, struct net_device *dev,
1696 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1698 @@ -1670,9 +1705,8 @@ static int ieee80211_del_mpath(struct wi
1702 -static int ieee80211_change_mpath(struct wiphy *wiphy,
1703 - struct net_device *dev,
1704 - u8 *dst, u8 *next_hop)
1705 +static int ieee80211_change_mpath(struct wiphy *wiphy, struct net_device *dev,
1706 + const u8 *dst, const u8 *next_hop)
1708 struct ieee80211_sub_if_data *sdata;
1709 struct mesh_path *mpath;
1710 @@ -1764,8 +1798,8 @@ static int ieee80211_get_mpath(struct wi
1713 static int ieee80211_dump_mpath(struct wiphy *wiphy, struct net_device *dev,
1714 - int idx, u8 *dst, u8 *next_hop,
1715 - struct mpath_info *pinfo)
1716 + int idx, u8 *dst, u8 *next_hop,
1717 + struct mpath_info *pinfo)
1719 struct ieee80211_sub_if_data *sdata;
1720 struct mesh_path *mpath;
1721 @@ -3019,26 +3053,11 @@ void ieee80211_csa_finish(struct ieee802
1723 EXPORT_SYMBOL(ieee80211_csa_finish);
1725 -static void ieee80211_csa_finalize(struct ieee80211_sub_if_data *sdata)
1726 +static int ieee80211_set_after_csa_beacon(struct ieee80211_sub_if_data *sdata,
1729 - struct ieee80211_local *local = sdata->local;
1730 - int err, changed = 0;
1732 - sdata_assert_lock(sdata);
1734 - mutex_lock(&local->mtx);
1735 - sdata->radar_required = sdata->csa_radar_required;
1736 - err = ieee80211_vif_change_channel(sdata, &changed);
1737 - mutex_unlock(&local->mtx);
1738 - if (WARN_ON(err < 0))
1741 - if (!local->use_chanctx) {
1742 - local->_oper_chandef = sdata->csa_chandef;
1743 - ieee80211_hw_config(local, 0);
1747 - sdata->vif.csa_active = false;
1748 switch (sdata->vif.type) {
1749 case NL80211_IFTYPE_AP:
1750 err = ieee80211_assign_beacon(sdata, sdata->u.ap.next_beacon);
1751 @@ -3046,35 +3065,75 @@ static void ieee80211_csa_finalize(struc
1752 sdata->u.ap.next_beacon = NULL;
1760 case NL80211_IFTYPE_ADHOC:
1761 err = ieee80211_ibss_finish_csa(sdata);
1768 #ifdef CPTCFG_MAC80211_MESH
1769 case NL80211_IFTYPE_MESH_POINT:
1770 err = ieee80211_mesh_finish_csa(sdata);
1788 +static int __ieee80211_csa_finalize(struct ieee80211_sub_if_data *sdata)
1790 + struct ieee80211_local *local = sdata->local;
1794 + sdata_assert_lock(sdata);
1795 + lockdep_assert_held(&local->mtx);
1797 + sdata->radar_required = sdata->csa_radar_required;
1798 + err = ieee80211_vif_change_channel(sdata, &changed);
1802 + if (!local->use_chanctx) {
1803 + local->_oper_chandef = sdata->csa_chandef;
1804 + ieee80211_hw_config(local, 0);
1807 + sdata->vif.csa_active = false;
1809 + err = ieee80211_set_after_csa_beacon(sdata, &changed);
1813 ieee80211_bss_info_change_notify(sdata, changed);
1814 + cfg80211_ch_switch_notify(sdata->dev, &sdata->csa_chandef);
1816 - ieee80211_wake_queues_by_reason(&sdata->local->hw,
1817 + if (!ieee80211_csa_needs_block_tx(local))
1818 + ieee80211_wake_queues_by_reason(&local->hw,
1819 IEEE80211_MAX_QUEUE_MAP,
1820 IEEE80211_QUEUE_STOP_REASON_CSA);
1822 - cfg80211_ch_switch_notify(sdata->dev, &sdata->csa_chandef);
1826 +static void ieee80211_csa_finalize(struct ieee80211_sub_if_data *sdata)
1828 + if (__ieee80211_csa_finalize(sdata)) {
1829 + sdata_info(sdata, "failed to finalize CSA, disconnecting\n");
1830 + cfg80211_stop_iface(sdata->local->hw.wiphy, &sdata->wdev,
1835 void ieee80211_csa_finalize_work(struct work_struct *work)
1836 @@ -3082,8 +3141,11 @@ void ieee80211_csa_finalize_work(struct
1837 struct ieee80211_sub_if_data *sdata =
1838 container_of(work, struct ieee80211_sub_if_data,
1840 + struct ieee80211_local *local = sdata->local;
1843 + mutex_lock(&local->mtx);
1845 /* AP might have been stopped while waiting for the lock. */
1846 if (!sdata->vif.csa_active)
1848 @@ -3094,6 +3156,7 @@ void ieee80211_csa_finalize_work(struct
1849 ieee80211_csa_finalize(sdata);
1852 + mutex_unlock(&local->mtx);
1853 sdata_unlock(sdata);
1856 @@ -3129,9 +3192,25 @@ static int ieee80211_set_csa_beacon(stru
1857 if (params->count <= 1)
1860 - sdata->csa_counter_offset_beacon =
1861 - params->counter_offset_beacon;
1862 - sdata->csa_counter_offset_presp = params->counter_offset_presp;
1863 + if ((params->n_counter_offsets_beacon >
1864 + IEEE80211_MAX_CSA_COUNTERS_NUM) ||
1865 + (params->n_counter_offsets_presp >
1866 + IEEE80211_MAX_CSA_COUNTERS_NUM))
1869 + /* make sure we don't have garbage in other counters */
1870 + memset(sdata->csa_counter_offset_beacon, 0,
1871 + sizeof(sdata->csa_counter_offset_beacon));
1872 + memset(sdata->csa_counter_offset_presp, 0,
1873 + sizeof(sdata->csa_counter_offset_presp));
1875 + memcpy(sdata->csa_counter_offset_beacon,
1876 + params->counter_offsets_beacon,
1877 + params->n_counter_offsets_beacon * sizeof(u16));
1878 + memcpy(sdata->csa_counter_offset_presp,
1879 + params->counter_offsets_presp,
1880 + params->n_counter_offsets_presp * sizeof(u16));
1882 err = ieee80211_assign_beacon(sdata, ¶ms->beacon_csa);
1884 kfree(sdata->u.ap.next_beacon);
1885 @@ -3220,8 +3299,9 @@ static int ieee80211_set_csa_beacon(stru
1889 -int ieee80211_channel_switch(struct wiphy *wiphy, struct net_device *dev,
1890 - struct cfg80211_csa_settings *params)
1892 +__ieee80211_channel_switch(struct wiphy *wiphy, struct net_device *dev,
1893 + struct cfg80211_csa_settings *params)
1895 struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1896 struct ieee80211_local *local = sdata->local;
1897 @@ -3230,6 +3310,7 @@ int ieee80211_channel_switch(struct wiph
1898 int err, num_chanctx, changed = 0;
1900 sdata_assert_lock(sdata);
1901 + lockdep_assert_held(&local->mtx);
1903 if (!list_empty(&local->roc_list) || local->scanning)
1905 @@ -3272,15 +3353,16 @@ int ieee80211_channel_switch(struct wiph
1908 sdata->csa_radar_required = params->radar_required;
1910 - if (params->block_tx)
1911 - ieee80211_stop_queues_by_reason(&local->hw,
1912 - IEEE80211_MAX_QUEUE_MAP,
1913 - IEEE80211_QUEUE_STOP_REASON_CSA);
1915 sdata->csa_chandef = params->chandef;
1916 + sdata->csa_block_tx = params->block_tx;
1917 + sdata->csa_current_counter = params->count;
1918 sdata->vif.csa_active = true;
1920 + if (sdata->csa_block_tx)
1921 + ieee80211_stop_queues_by_reason(&local->hw,
1922 + IEEE80211_MAX_QUEUE_MAP,
1923 + IEEE80211_QUEUE_STOP_REASON_CSA);
1926 ieee80211_bss_info_change_notify(sdata, changed);
1927 drv_channel_switch_beacon(sdata, ¶ms->chandef);
1928 @@ -3292,6 +3374,20 @@ int ieee80211_channel_switch(struct wiph
1932 +int ieee80211_channel_switch(struct wiphy *wiphy, struct net_device *dev,
1933 + struct cfg80211_csa_settings *params)
1935 + struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1936 + struct ieee80211_local *local = sdata->local;
1939 + mutex_lock(&local->mtx);
1940 + err = __ieee80211_channel_switch(wiphy, dev, params);
1941 + mutex_unlock(&local->mtx);
1946 static int ieee80211_mgmt_tx(struct wiphy *wiphy, struct wireless_dev *wdev,
1947 struct cfg80211_mgmt_tx_params *params,
1949 @@ -3304,6 +3400,7 @@ static int ieee80211_mgmt_tx(struct wiph
1950 bool need_offchan = false;
1955 if (params->dont_wait_for_ack)
1956 flags = IEEE80211_TX_CTL_NO_ACK;
1957 @@ -3397,7 +3494,20 @@ static int ieee80211_mgmt_tx(struct wiph
1959 skb_reserve(skb, local->hw.extra_tx_headroom);
1961 - memcpy(skb_put(skb, params->len), params->buf, params->len);
1962 + data = skb_put(skb, params->len);
1963 + memcpy(data, params->buf, params->len);
1965 + /* Update CSA counters */
1966 + if (sdata->vif.csa_active &&
1967 + (sdata->vif.type == NL80211_IFTYPE_AP ||
1968 + sdata->vif.type == NL80211_IFTYPE_ADHOC) &&
1969 + params->n_csa_offsets) {
1971 + u8 c = sdata->csa_current_counter;
1973 + for (i = 0; i < params->n_csa_offsets; i++)
1974 + data[params->csa_offsets[i]] = c;
1977 IEEE80211_SKB_CB(skb)->flags = flags;
1979 @@ -3506,320 +3616,6 @@ static int ieee80211_set_rekey_data(stru
1983 -static void ieee80211_tdls_add_ext_capab(struct sk_buff *skb)
1985 - u8 *pos = (void *)skb_put(skb, 7);
1987 - *pos++ = WLAN_EID_EXT_CAPABILITY;
1988 - *pos++ = 5; /* len */
1993 - *pos++ = WLAN_EXT_CAPA5_TDLS_ENABLED;
1996 -static u16 ieee80211_get_tdls_sta_capab(struct ieee80211_sub_if_data *sdata)
1998 - struct ieee80211_local *local = sdata->local;
2002 - if (ieee80211_get_sdata_band(sdata) != IEEE80211_BAND_2GHZ)
2005 - if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
2006 - capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
2007 - if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
2008 - capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
2013 -static void ieee80211_tdls_add_link_ie(struct sk_buff *skb, u8 *src_addr,
2014 - u8 *peer, u8 *bssid)
2016 - struct ieee80211_tdls_lnkie *lnkid;
2018 - lnkid = (void *)skb_put(skb, sizeof(struct ieee80211_tdls_lnkie));
2020 - lnkid->ie_type = WLAN_EID_LINK_ID;
2021 - lnkid->ie_len = sizeof(struct ieee80211_tdls_lnkie) - 2;
2023 - memcpy(lnkid->bssid, bssid, ETH_ALEN);
2024 - memcpy(lnkid->init_sta, src_addr, ETH_ALEN);
2025 - memcpy(lnkid->resp_sta, peer, ETH_ALEN);
2029 -ieee80211_prep_tdls_encap_data(struct wiphy *wiphy, struct net_device *dev,
2030 - u8 *peer, u8 action_code, u8 dialog_token,
2031 - u16 status_code, struct sk_buff *skb)
2033 - struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2034 - enum ieee80211_band band = ieee80211_get_sdata_band(sdata);
2035 - struct ieee80211_tdls_data *tf;
2037 - tf = (void *)skb_put(skb, offsetof(struct ieee80211_tdls_data, u));
2039 - memcpy(tf->da, peer, ETH_ALEN);
2040 - memcpy(tf->sa, sdata->vif.addr, ETH_ALEN);
2041 - tf->ether_type = cpu_to_be16(ETH_P_TDLS);
2042 - tf->payload_type = WLAN_TDLS_SNAP_RFTYPE;
2044 - switch (action_code) {
2045 - case WLAN_TDLS_SETUP_REQUEST:
2046 - tf->category = WLAN_CATEGORY_TDLS;
2047 - tf->action_code = WLAN_TDLS_SETUP_REQUEST;
2049 - skb_put(skb, sizeof(tf->u.setup_req));
2050 - tf->u.setup_req.dialog_token = dialog_token;
2051 - tf->u.setup_req.capability =
2052 - cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
2054 - ieee80211_add_srates_ie(sdata, skb, false, band);
2055 - ieee80211_add_ext_srates_ie(sdata, skb, false, band);
2056 - ieee80211_tdls_add_ext_capab(skb);
2058 - case WLAN_TDLS_SETUP_RESPONSE:
2059 - tf->category = WLAN_CATEGORY_TDLS;
2060 - tf->action_code = WLAN_TDLS_SETUP_RESPONSE;
2062 - skb_put(skb, sizeof(tf->u.setup_resp));
2063 - tf->u.setup_resp.status_code = cpu_to_le16(status_code);
2064 - tf->u.setup_resp.dialog_token = dialog_token;
2065 - tf->u.setup_resp.capability =
2066 - cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
2068 - ieee80211_add_srates_ie(sdata, skb, false, band);
2069 - ieee80211_add_ext_srates_ie(sdata, skb, false, band);
2070 - ieee80211_tdls_add_ext_capab(skb);
2072 - case WLAN_TDLS_SETUP_CONFIRM:
2073 - tf->category = WLAN_CATEGORY_TDLS;
2074 - tf->action_code = WLAN_TDLS_SETUP_CONFIRM;
2076 - skb_put(skb, sizeof(tf->u.setup_cfm));
2077 - tf->u.setup_cfm.status_code = cpu_to_le16(status_code);
2078 - tf->u.setup_cfm.dialog_token = dialog_token;
2080 - case WLAN_TDLS_TEARDOWN:
2081 - tf->category = WLAN_CATEGORY_TDLS;
2082 - tf->action_code = WLAN_TDLS_TEARDOWN;
2084 - skb_put(skb, sizeof(tf->u.teardown));
2085 - tf->u.teardown.reason_code = cpu_to_le16(status_code);
2087 - case WLAN_TDLS_DISCOVERY_REQUEST:
2088 - tf->category = WLAN_CATEGORY_TDLS;
2089 - tf->action_code = WLAN_TDLS_DISCOVERY_REQUEST;
2091 - skb_put(skb, sizeof(tf->u.discover_req));
2092 - tf->u.discover_req.dialog_token = dialog_token;
2102 -ieee80211_prep_tdls_direct(struct wiphy *wiphy, struct net_device *dev,
2103 - u8 *peer, u8 action_code, u8 dialog_token,
2104 - u16 status_code, struct sk_buff *skb)
2106 - struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2107 - enum ieee80211_band band = ieee80211_get_sdata_band(sdata);
2108 - struct ieee80211_mgmt *mgmt;
2110 - mgmt = (void *)skb_put(skb, 24);
2111 - memset(mgmt, 0, 24);
2112 - memcpy(mgmt->da, peer, ETH_ALEN);
2113 - memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
2114 - memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
2116 - mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
2117 - IEEE80211_STYPE_ACTION);
2119 - switch (action_code) {
2120 - case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
2121 - skb_put(skb, 1 + sizeof(mgmt->u.action.u.tdls_discover_resp));
2122 - mgmt->u.action.category = WLAN_CATEGORY_PUBLIC;
2123 - mgmt->u.action.u.tdls_discover_resp.action_code =
2124 - WLAN_PUB_ACTION_TDLS_DISCOVER_RES;
2125 - mgmt->u.action.u.tdls_discover_resp.dialog_token =
2127 - mgmt->u.action.u.tdls_discover_resp.capability =
2128 - cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
2130 - ieee80211_add_srates_ie(sdata, skb, false, band);
2131 - ieee80211_add_ext_srates_ie(sdata, skb, false, band);
2132 - ieee80211_tdls_add_ext_capab(skb);
2141 -static int ieee80211_tdls_mgmt(struct wiphy *wiphy, struct net_device *dev,
2142 - u8 *peer, u8 action_code, u8 dialog_token,
2143 - u16 status_code, u32 peer_capability,
2144 - const u8 *extra_ies, size_t extra_ies_len)
2146 - struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2147 - struct ieee80211_local *local = sdata->local;
2148 - struct sk_buff *skb = NULL;
2152 - if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
2155 - /* make sure we are in managed mode, and associated */
2156 - if (sdata->vif.type != NL80211_IFTYPE_STATION ||
2157 - !sdata->u.mgd.associated)
2160 - tdls_dbg(sdata, "TDLS mgmt action %d peer %pM\n",
2161 - action_code, peer);
2163 - skb = dev_alloc_skb(local->hw.extra_tx_headroom +
2164 - max(sizeof(struct ieee80211_mgmt),
2165 - sizeof(struct ieee80211_tdls_data)) +
2166 - 50 + /* supported rates */
2167 - 7 + /* ext capab */
2169 - sizeof(struct ieee80211_tdls_lnkie));
2173 - skb_reserve(skb, local->hw.extra_tx_headroom);
2175 - switch (action_code) {
2176 - case WLAN_TDLS_SETUP_REQUEST:
2177 - case WLAN_TDLS_SETUP_RESPONSE:
2178 - case WLAN_TDLS_SETUP_CONFIRM:
2179 - case WLAN_TDLS_TEARDOWN:
2180 - case WLAN_TDLS_DISCOVERY_REQUEST:
2181 - ret = ieee80211_prep_tdls_encap_data(wiphy, dev, peer,
2182 - action_code, dialog_token,
2183 - status_code, skb);
2184 - send_direct = false;
2186 - case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
2187 - ret = ieee80211_prep_tdls_direct(wiphy, dev, peer, action_code,
2188 - dialog_token, status_code,
2190 - send_direct = true;
2200 - if (extra_ies_len)
2201 - memcpy(skb_put(skb, extra_ies_len), extra_ies, extra_ies_len);
2203 - /* the TDLS link IE is always added last */
2204 - switch (action_code) {
2205 - case WLAN_TDLS_SETUP_REQUEST:
2206 - case WLAN_TDLS_SETUP_CONFIRM:
2207 - case WLAN_TDLS_TEARDOWN:
2208 - case WLAN_TDLS_DISCOVERY_REQUEST:
2209 - /* we are the initiator */
2210 - ieee80211_tdls_add_link_ie(skb, sdata->vif.addr, peer,
2211 - sdata->u.mgd.bssid);
2213 - case WLAN_TDLS_SETUP_RESPONSE:
2214 - case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
2215 - /* we are the responder */
2216 - ieee80211_tdls_add_link_ie(skb, peer, sdata->vif.addr,
2217 - sdata->u.mgd.bssid);
2224 - if (send_direct) {
2225 - ieee80211_tx_skb(sdata, skb);
2230 - * According to 802.11z: Setup req/resp are sent in AC_BK, otherwise
2231 - * we should default to AC_VI.
2233 - switch (action_code) {
2234 - case WLAN_TDLS_SETUP_REQUEST:
2235 - case WLAN_TDLS_SETUP_RESPONSE:
2236 - skb_set_queue_mapping(skb, IEEE80211_AC_BK);
2237 - skb->priority = 2;
2240 - skb_set_queue_mapping(skb, IEEE80211_AC_VI);
2241 - skb->priority = 5;
2245 - /* disable bottom halves when entering the Tx path */
2246 - local_bh_disable();
2247 - ret = ieee80211_subif_start_xmit(skb, dev);
2248 - local_bh_enable();
2253 - dev_kfree_skb(skb);
2257 -static int ieee80211_tdls_oper(struct wiphy *wiphy, struct net_device *dev,
2258 - u8 *peer, enum nl80211_tdls_operation oper)
2260 - struct sta_info *sta;
2261 - struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2263 - if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
2266 - if (sdata->vif.type != NL80211_IFTYPE_STATION)
2269 - tdls_dbg(sdata, "TDLS oper %d peer %pM\n", oper, peer);
2272 - case NL80211_TDLS_ENABLE_LINK:
2274 - sta = sta_info_get(sdata, peer);
2276 - rcu_read_unlock();
2280 - set_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH);
2281 - rcu_read_unlock();
2283 - case NL80211_TDLS_DISABLE_LINK:
2284 - return sta_info_destroy_addr(sdata, peer);
2285 - case NL80211_TDLS_TEARDOWN:
2286 - case NL80211_TDLS_SETUP:
2287 - case NL80211_TDLS_DISCOVERY_REQ:
2288 - /* We don't support in-driver setup/teardown/discovery */
2297 static int ieee80211_probe_client(struct wiphy *wiphy, struct net_device *dev,
2298 const u8 *peer, u64 *cookie)
2300 --- a/net/mac80211/chan.c
2301 +++ b/net/mac80211/chan.c
2302 @@ -855,7 +855,7 @@ static void
2303 __ieee80211_vif_copy_chanctx_to_vlans(struct ieee80211_sub_if_data *sdata,
2306 - struct ieee80211_local *local = sdata->local;
2307 + struct ieee80211_local *local __maybe_unused = sdata->local;
2308 struct ieee80211_sub_if_data *vlan;
2309 struct ieee80211_chanctx_conf *conf;
2311 @@ -871,7 +871,7 @@ __ieee80211_vif_copy_chanctx_to_vlans(st
2312 * to a channel context that has already been freed.
2314 conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
2315 - lockdep_is_held(&local->chanctx_mtx));
2316 + lockdep_is_held(&local->chanctx_mtx));
2320 --- a/net/mac80211/driver-ops.h
2321 +++ b/net/mac80211/driver-ops.h
2323 #include "ieee80211_i.h"
2326 -static inline void check_sdata_in_driver(struct ieee80211_sub_if_data *sdata)
2327 +static inline bool check_sdata_in_driver(struct ieee80211_sub_if_data *sdata)
2329 - WARN(!(sdata->flags & IEEE80211_SDATA_IN_DRIVER),
2330 - "%s: Failed check-sdata-in-driver check, flags: 0x%x\n",
2331 - sdata->dev ? sdata->dev->name : sdata->name, sdata->flags);
2332 + return !WARN(!(sdata->flags & IEEE80211_SDATA_IN_DRIVER),
2333 + "%s: Failed check-sdata-in-driver check, flags: 0x%x\n",
2334 + sdata->dev ? sdata->dev->name : sdata->name, sdata->flags);
2337 static inline struct ieee80211_sub_if_data *
2338 @@ -168,7 +168,8 @@ static inline int drv_change_interface(s
2342 - check_sdata_in_driver(sdata);
2343 + if (!check_sdata_in_driver(sdata))
2346 trace_drv_change_interface(local, sdata, type, p2p);
2347 ret = local->ops->change_interface(&local->hw, &sdata->vif, type, p2p);
2348 @@ -181,7 +182,8 @@ static inline void drv_remove_interface(
2352 - check_sdata_in_driver(sdata);
2353 + if (!check_sdata_in_driver(sdata))
2356 trace_drv_remove_interface(local, sdata);
2357 local->ops->remove_interface(&local->hw, &sdata->vif);
2358 @@ -219,7 +221,8 @@ static inline void drv_bss_info_changed(
2359 sdata->vif.type == NL80211_IFTYPE_MONITOR))
2362 - check_sdata_in_driver(sdata);
2363 + if (!check_sdata_in_driver(sdata))
2366 trace_drv_bss_info_changed(local, sdata, info, changed);
2367 if (local->ops->bss_info_changed)
2368 @@ -278,7 +281,8 @@ static inline int drv_set_key(struct iee
2371 sdata = get_bss_sdata(sdata);
2372 - check_sdata_in_driver(sdata);
2373 + if (!check_sdata_in_driver(sdata))
2376 trace_drv_set_key(local, cmd, sdata, sta, key);
2377 ret = local->ops->set_key(&local->hw, cmd, &sdata->vif, sta, key);
2378 @@ -298,7 +302,8 @@ static inline void drv_update_tkip_key(s
2381 sdata = get_bss_sdata(sdata);
2382 - check_sdata_in_driver(sdata);
2383 + if (!check_sdata_in_driver(sdata))
2386 trace_drv_update_tkip_key(local, sdata, conf, ista, iv32);
2387 if (local->ops->update_tkip_key)
2388 @@ -315,7 +320,8 @@ static inline int drv_hw_scan(struct iee
2392 - check_sdata_in_driver(sdata);
2393 + if (!check_sdata_in_driver(sdata))
2396 trace_drv_hw_scan(local, sdata);
2397 ret = local->ops->hw_scan(&local->hw, &sdata->vif, req);
2398 @@ -328,7 +334,8 @@ static inline void drv_cancel_hw_scan(st
2402 - check_sdata_in_driver(sdata);
2403 + if (!check_sdata_in_driver(sdata))
2406 trace_drv_cancel_hw_scan(local, sdata);
2407 local->ops->cancel_hw_scan(&local->hw, &sdata->vif);
2408 @@ -345,7 +352,8 @@ drv_sched_scan_start(struct ieee80211_lo
2412 - check_sdata_in_driver(sdata);
2413 + if (!check_sdata_in_driver(sdata))
2416 trace_drv_sched_scan_start(local, sdata);
2417 ret = local->ops->sched_scan_start(&local->hw, &sdata->vif,
2418 @@ -361,7 +369,8 @@ static inline int drv_sched_scan_stop(st
2422 - check_sdata_in_driver(sdata);
2423 + if (!check_sdata_in_driver(sdata))
2426 trace_drv_sched_scan_stop(local, sdata);
2427 ret = local->ops->sched_scan_stop(&local->hw, &sdata->vif);
2428 @@ -462,7 +471,8 @@ static inline void drv_sta_notify(struct
2429 struct ieee80211_sta *sta)
2431 sdata = get_bss_sdata(sdata);
2432 - check_sdata_in_driver(sdata);
2433 + if (!check_sdata_in_driver(sdata))
2436 trace_drv_sta_notify(local, sdata, cmd, sta);
2437 if (local->ops->sta_notify)
2438 @@ -479,7 +489,8 @@ static inline int drv_sta_add(struct iee
2441 sdata = get_bss_sdata(sdata);
2442 - check_sdata_in_driver(sdata);
2443 + if (!check_sdata_in_driver(sdata))
2446 trace_drv_sta_add(local, sdata, sta);
2447 if (local->ops->sta_add)
2448 @@ -497,7 +508,8 @@ static inline void drv_sta_remove(struct
2451 sdata = get_bss_sdata(sdata);
2452 - check_sdata_in_driver(sdata);
2453 + if (!check_sdata_in_driver(sdata))
2456 trace_drv_sta_remove(local, sdata, sta);
2457 if (local->ops->sta_remove)
2458 @@ -515,7 +527,8 @@ static inline void drv_sta_add_debugfs(s
2461 sdata = get_bss_sdata(sdata);
2462 - check_sdata_in_driver(sdata);
2463 + if (!check_sdata_in_driver(sdata))
2466 if (local->ops->sta_add_debugfs)
2467 local->ops->sta_add_debugfs(&local->hw, &sdata->vif,
2468 @@ -545,7 +558,8 @@ static inline void drv_sta_pre_rcu_remov
2471 sdata = get_bss_sdata(sdata);
2472 - check_sdata_in_driver(sdata);
2473 + if (!check_sdata_in_driver(sdata))
2476 trace_drv_sta_pre_rcu_remove(local, sdata, &sta->sta);
2477 if (local->ops->sta_pre_rcu_remove)
2478 @@ -566,7 +580,8 @@ int drv_sta_state(struct ieee80211_local
2481 sdata = get_bss_sdata(sdata);
2482 - check_sdata_in_driver(sdata);
2483 + if (!check_sdata_in_driver(sdata))
2486 trace_drv_sta_state(local, sdata, &sta->sta, old_state, new_state);
2487 if (local->ops->sta_state) {
2488 @@ -590,7 +605,8 @@ static inline void drv_sta_rc_update(str
2489 struct ieee80211_sta *sta, u32 changed)
2491 sdata = get_bss_sdata(sdata);
2492 - check_sdata_in_driver(sdata);
2493 + if (!check_sdata_in_driver(sdata))
2496 WARN_ON(changed & IEEE80211_RC_SUPP_RATES_CHANGED &&
2497 (sdata->vif.type != NL80211_IFTYPE_ADHOC &&
2498 @@ -612,7 +628,8 @@ static inline int drv_conf_tx(struct iee
2502 - check_sdata_in_driver(sdata);
2503 + if (!check_sdata_in_driver(sdata))
2506 trace_drv_conf_tx(local, sdata, ac, params);
2507 if (local->ops->conf_tx)
2508 @@ -629,7 +646,8 @@ static inline u64 drv_get_tsf(struct iee
2512 - check_sdata_in_driver(sdata);
2513 + if (!check_sdata_in_driver(sdata))
2516 trace_drv_get_tsf(local, sdata);
2517 if (local->ops->get_tsf)
2518 @@ -644,7 +662,8 @@ static inline void drv_set_tsf(struct ie
2522 - check_sdata_in_driver(sdata);
2523 + if (!check_sdata_in_driver(sdata))
2526 trace_drv_set_tsf(local, sdata, tsf);
2527 if (local->ops->set_tsf)
2528 @@ -657,7 +676,8 @@ static inline void drv_reset_tsf(struct
2532 - check_sdata_in_driver(sdata);
2533 + if (!check_sdata_in_driver(sdata))
2536 trace_drv_reset_tsf(local, sdata);
2537 if (local->ops->reset_tsf)
2538 @@ -689,7 +709,8 @@ static inline int drv_ampdu_action(struc
2541 sdata = get_bss_sdata(sdata);
2542 - check_sdata_in_driver(sdata);
2543 + if (!check_sdata_in_driver(sdata))
2546 trace_drv_ampdu_action(local, sdata, action, sta, tid, ssn, buf_size);
2548 @@ -733,8 +754,8 @@ static inline void drv_flush(struct ieee
2553 - check_sdata_in_driver(sdata);
2554 + if (sdata && !check_sdata_in_driver(sdata))
2557 trace_drv_flush(local, queues, drop);
2558 if (local->ops->flush)
2559 @@ -854,7 +875,8 @@ static inline int drv_set_bitrate_mask(s
2563 - check_sdata_in_driver(sdata);
2564 + if (!check_sdata_in_driver(sdata))
2567 trace_drv_set_bitrate_mask(local, sdata, mask);
2568 if (local->ops->set_bitrate_mask)
2569 @@ -869,7 +891,8 @@ static inline void drv_set_rekey_data(st
2570 struct ieee80211_sub_if_data *sdata,
2571 struct cfg80211_gtk_rekey_data *data)
2573 - check_sdata_in_driver(sdata);
2574 + if (!check_sdata_in_driver(sdata))
2577 trace_drv_set_rekey_data(local, sdata, data);
2578 if (local->ops->set_rekey_data)
2579 @@ -937,7 +960,8 @@ static inline void drv_mgd_prepare_tx(st
2583 - check_sdata_in_driver(sdata);
2584 + if (!check_sdata_in_driver(sdata))
2586 WARN_ON_ONCE(sdata->vif.type != NL80211_IFTYPE_STATION);
2588 trace_drv_mgd_prepare_tx(local, sdata);
2589 @@ -964,6 +988,9 @@ static inline int drv_add_chanctx(struct
2590 static inline void drv_remove_chanctx(struct ieee80211_local *local,
2591 struct ieee80211_chanctx *ctx)
2593 + if (WARN_ON(!ctx->driver_present))
2596 trace_drv_remove_chanctx(local, ctx);
2597 if (local->ops->remove_chanctx)
2598 local->ops->remove_chanctx(&local->hw, &ctx->conf);
2599 @@ -989,7 +1016,8 @@ static inline int drv_assign_vif_chanctx
2603 - check_sdata_in_driver(sdata);
2604 + if (!check_sdata_in_driver(sdata))
2607 trace_drv_assign_vif_chanctx(local, sdata, ctx);
2608 if (local->ops->assign_vif_chanctx) {
2609 @@ -1007,7 +1035,8 @@ static inline void drv_unassign_vif_chan
2610 struct ieee80211_sub_if_data *sdata,
2611 struct ieee80211_chanctx *ctx)
2613 - check_sdata_in_driver(sdata);
2614 + if (!check_sdata_in_driver(sdata))
2617 trace_drv_unassign_vif_chanctx(local, sdata, ctx);
2618 if (local->ops->unassign_vif_chanctx) {
2619 @@ -1024,7 +1053,8 @@ static inline int drv_start_ap(struct ie
2623 - check_sdata_in_driver(sdata);
2624 + if (!check_sdata_in_driver(sdata))
2627 trace_drv_start_ap(local, sdata, &sdata->vif.bss_conf);
2628 if (local->ops->start_ap)
2629 @@ -1036,7 +1066,8 @@ static inline int drv_start_ap(struct ie
2630 static inline void drv_stop_ap(struct ieee80211_local *local,
2631 struct ieee80211_sub_if_data *sdata)
2633 - check_sdata_in_driver(sdata);
2634 + if (!check_sdata_in_driver(sdata))
2637 trace_drv_stop_ap(local, sdata);
2638 if (local->ops->stop_ap)
2639 @@ -1059,7 +1090,8 @@ drv_set_default_unicast_key(struct ieee8
2640 struct ieee80211_sub_if_data *sdata,
2643 - check_sdata_in_driver(sdata);
2644 + if (!check_sdata_in_driver(sdata))
2647 WARN_ON_ONCE(key_idx < -1 || key_idx > 3);
2649 @@ -1101,7 +1133,8 @@ static inline int drv_join_ibss(struct i
2653 - check_sdata_in_driver(sdata);
2654 + if (!check_sdata_in_driver(sdata))
2657 trace_drv_join_ibss(local, sdata, &sdata->vif.bss_conf);
2658 if (local->ops->join_ibss)
2659 @@ -1114,7 +1147,8 @@ static inline void drv_leave_ibss(struct
2660 struct ieee80211_sub_if_data *sdata)
2663 - check_sdata_in_driver(sdata);
2664 + if (!check_sdata_in_driver(sdata))
2667 trace_drv_leave_ibss(local, sdata);
2668 if (local->ops->leave_ibss)
2669 --- a/net/mac80211/ibss.c
2670 +++ b/net/mac80211/ibss.c
2671 @@ -143,7 +143,7 @@ ieee80211_ibss_build_presp(struct ieee80
2672 *pos++ = csa_settings->block_tx ? 1 : 0;
2673 *pos++ = ieee80211_frequency_to_channel(
2674 csa_settings->chandef.chan->center_freq);
2675 - sdata->csa_counter_offset_beacon = (pos - presp->head);
2676 + sdata->csa_counter_offset_beacon[0] = (pos - presp->head);
2677 *pos++ = csa_settings->count;
2680 --- a/net/mac80211/ieee80211_i.h
2681 +++ b/net/mac80211/ieee80211_i.h
2682 @@ -754,9 +754,10 @@ struct ieee80211_sub_if_data {
2683 struct mac80211_qos_map __rcu *qos_map;
2685 struct work_struct csa_finalize_work;
2686 - int csa_counter_offset_beacon;
2687 - int csa_counter_offset_presp;
2688 + u16 csa_counter_offset_beacon[IEEE80211_MAX_CSA_COUNTERS_NUM];
2689 + u16 csa_counter_offset_presp[IEEE80211_MAX_CSA_COUNTERS_NUM];
2690 bool csa_radar_required;
2691 + bool csa_block_tx; /* write-protected by sdata_lock and local->mtx */
2692 struct cfg80211_chan_def csa_chandef;
2694 struct list_head assigned_chanctx_list; /* protected by chanctx_mtx */
2695 @@ -766,6 +767,7 @@ struct ieee80211_sub_if_data {
2696 struct ieee80211_chanctx *reserved_chanctx;
2697 struct cfg80211_chan_def reserved_chandef;
2698 bool reserved_radar_required;
2699 + u8 csa_current_counter;
2701 /* used to reconfigure hardware SM PS */
2702 struct work_struct recalc_smps;
2703 @@ -1462,6 +1464,7 @@ __ieee80211_request_sched_scan_start(str
2704 int ieee80211_request_sched_scan_start(struct ieee80211_sub_if_data *sdata,
2705 struct cfg80211_sched_scan_request *req);
2706 int ieee80211_request_sched_scan_stop(struct ieee80211_sub_if_data *sdata);
2707 +void ieee80211_sched_scan_end(struct ieee80211_local *local);
2708 void ieee80211_sched_scan_stopped_work(struct work_struct *work);
2710 /* off-channel helpers */
2711 @@ -1476,6 +1479,7 @@ void ieee80211_sw_roc_work(struct work_s
2712 void ieee80211_handle_roc_started(struct ieee80211_roc_work *roc);
2714 /* channel switch handling */
2715 +bool ieee80211_csa_needs_block_tx(struct ieee80211_local *local);
2716 void ieee80211_csa_finalize_work(struct work_struct *work);
2717 int ieee80211_channel_switch(struct wiphy *wiphy, struct net_device *dev,
2718 struct cfg80211_csa_settings *params);
2719 @@ -1837,6 +1841,15 @@ int ieee80211_check_combinations(struct
2721 int ieee80211_max_num_channels(struct ieee80211_local *local);
2724 +int ieee80211_tdls_mgmt(struct wiphy *wiphy, struct net_device *dev,
2725 + const u8 *peer, u8 action_code, u8 dialog_token,
2726 + u16 status_code, u32 peer_capability,
2727 + const u8 *extra_ies, size_t extra_ies_len);
2728 +int ieee80211_tdls_oper(struct wiphy *wiphy, struct net_device *dev,
2729 + const u8 *peer, enum nl80211_tdls_operation oper);
2732 #ifdef CPTCFG_MAC80211_NOINLINE
2733 #define debug_noinline noinline
2735 --- a/net/mac80211/iface.c
2736 +++ b/net/mac80211/iface.c
2737 @@ -838,8 +838,15 @@ static void ieee80211_do_stop(struct iee
2739 cancel_work_sync(&sdata->recalc_smps);
2741 + mutex_lock(&local->mtx);
2742 sdata->vif.csa_active = false;
2743 + if (!ieee80211_csa_needs_block_tx(local))
2744 + ieee80211_wake_queues_by_reason(&local->hw,
2745 + IEEE80211_MAX_QUEUE_MAP,
2746 + IEEE80211_QUEUE_STOP_REASON_CSA);
2747 + mutex_unlock(&local->mtx);
2748 sdata_unlock(sdata);
2750 cancel_work_sync(&sdata->csa_finalize_work);
2752 cancel_delayed_work_sync(&sdata->dfs_cac_timer_work);
2753 --- a/net/mac80211/key.c
2754 +++ b/net/mac80211/key.c
2755 @@ -325,7 +325,8 @@ ieee80211_key_alloc(u32 cipher, int idx,
2756 struct ieee80211_key *key;
2759 - BUG_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS);
2760 + if (WARN_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS))
2761 + return ERR_PTR(-EINVAL);
2763 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL);
2765 @@ -481,8 +482,8 @@ int ieee80211_key_link(struct ieee80211_
2771 + if (WARN_ON(!sdata || !key))
2774 pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
2775 idx = key->conf.keyidx;
2776 --- a/net/mac80211/main.c
2777 +++ b/net/mac80211/main.c
2778 @@ -956,6 +956,8 @@ int ieee80211_register_hw(struct ieee802
2779 if (local->hw.wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS)
2780 local->hw.wiphy->flags |= WIPHY_FLAG_TDLS_EXTERNAL_SETUP;
2782 + local->hw.wiphy->max_num_csa_counters = IEEE80211_MAX_CSA_COUNTERS_NUM;
2784 result = wiphy_register(local->hw.wiphy);
2786 goto fail_wiphy_register;
2787 --- a/net/mac80211/mesh.c
2788 +++ b/net/mac80211/mesh.c
2789 @@ -679,7 +679,7 @@ ieee80211_mesh_build_beacon(struct ieee8
2791 *pos++ = ieee80211_frequency_to_channel(
2792 csa->settings.chandef.chan->center_freq);
2793 - sdata->csa_counter_offset_beacon = hdr_len + 6;
2794 + sdata->csa_counter_offset_beacon[0] = hdr_len + 6;
2795 *pos++ = csa->settings.count;
2796 *pos++ = WLAN_EID_CHAN_SWITCH_PARAM;
2798 --- a/net/mac80211/mesh_pathtbl.c
2799 +++ b/net/mac80211/mesh_pathtbl.c
2800 @@ -287,8 +287,10 @@ static void mesh_path_move_to_queue(stru
2801 struct sk_buff_head failq;
2802 unsigned long flags;
2804 - BUG_ON(gate_mpath == from_mpath);
2805 - BUG_ON(!gate_mpath->next_hop);
2806 + if (WARN_ON(gate_mpath == from_mpath))
2808 + if (WARN_ON(!gate_mpath->next_hop))
2811 __skb_queue_head_init(&failq);
2813 --- a/net/mac80211/mesh_sync.c
2814 +++ b/net/mac80211/mesh_sync.c
2815 @@ -171,7 +171,7 @@ static void mesh_sync_offset_adjust_tbtt
2818 WARN_ON(ifmsh->mesh_sp_id != IEEE80211_SYNC_METHOD_NEIGHBOR_OFFSET);
2819 - BUG_ON(!rcu_read_lock_held());
2820 + WARN_ON(!rcu_read_lock_held());
2821 cap = beacon->meshconf->meshconf_cap;
2823 spin_lock_bh(&ifmsh->sync_offset_lock);
2824 --- a/net/mac80211/mlme.c
2825 +++ b/net/mac80211/mlme.c
2826 @@ -975,16 +975,23 @@ static void ieee80211_chswitch_work(stru
2827 /* XXX: shouldn't really modify cfg80211-owned data! */
2828 ifmgd->associated->channel = sdata->csa_chandef.chan;
2830 + ieee80211_bss_info_change_notify(sdata, changed);
2832 + mutex_lock(&local->mtx);
2833 + sdata->vif.csa_active = false;
2834 /* XXX: wait for a beacon first? */
2835 - ieee80211_wake_queues_by_reason(&local->hw,
2836 + if (!ieee80211_csa_needs_block_tx(local))
2837 + ieee80211_wake_queues_by_reason(&local->hw,
2838 IEEE80211_MAX_QUEUE_MAP,
2839 IEEE80211_QUEUE_STOP_REASON_CSA);
2840 + mutex_unlock(&local->mtx);
2842 - ieee80211_bss_info_change_notify(sdata, changed);
2845 - sdata->vif.csa_active = false;
2846 ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED;
2848 + ieee80211_sta_reset_beacon_monitor(sdata);
2849 + ieee80211_sta_reset_conn_monitor(sdata);
2852 sdata_unlock(sdata);
2855 @@ -1100,12 +1107,16 @@ ieee80211_sta_process_chanswitch(struct
2856 mutex_unlock(&local->chanctx_mtx);
2858 sdata->csa_chandef = csa_ie.chandef;
2860 + mutex_lock(&local->mtx);
2861 sdata->vif.csa_active = true;
2862 + sdata->csa_block_tx = csa_ie.mode;
2865 + if (sdata->csa_block_tx)
2866 ieee80211_stop_queues_by_reason(&local->hw,
2867 - IEEE80211_MAX_QUEUE_MAP,
2868 - IEEE80211_QUEUE_STOP_REASON_CSA);
2869 + IEEE80211_MAX_QUEUE_MAP,
2870 + IEEE80211_QUEUE_STOP_REASON_CSA);
2871 + mutex_unlock(&local->mtx);
2873 if (local->ops->channel_switch) {
2874 /* use driver's channel switch callback */
2875 @@ -1817,6 +1828,12 @@ static void ieee80211_set_disassoc(struc
2877 mutex_lock(&local->mtx);
2878 ieee80211_vif_release_channel(sdata);
2880 + sdata->vif.csa_active = false;
2881 + if (!ieee80211_csa_needs_block_tx(local))
2882 + ieee80211_wake_queues_by_reason(&local->hw,
2883 + IEEE80211_MAX_QUEUE_MAP,
2884 + IEEE80211_QUEUE_STOP_REASON_CSA);
2885 mutex_unlock(&local->mtx);
2887 sdata->encrypt_headroom = IEEE80211_ENCRYPT_HEADROOM;
2888 @@ -2045,6 +2062,7 @@ EXPORT_SYMBOL(ieee80211_ap_probereq_get)
2890 static void __ieee80211_disconnect(struct ieee80211_sub_if_data *sdata)
2892 + struct ieee80211_local *local = sdata->local;
2893 struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
2894 u8 frame_buf[IEEE80211_DEAUTH_FRAME_LEN];
2896 @@ -2058,10 +2076,14 @@ static void __ieee80211_disconnect(struc
2897 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY,
2899 ifmgd->flags &= ~IEEE80211_STA_CSA_RECEIVED;
2901 + mutex_lock(&local->mtx);
2902 sdata->vif.csa_active = false;
2903 - ieee80211_wake_queues_by_reason(&sdata->local->hw,
2904 + if (!ieee80211_csa_needs_block_tx(local))
2905 + ieee80211_wake_queues_by_reason(&local->hw,
2906 IEEE80211_MAX_QUEUE_MAP,
2907 IEEE80211_QUEUE_STOP_REASON_CSA);
2908 + mutex_unlock(&local->mtx);
2910 cfg80211_tx_mlme_mgmt(sdata->dev, frame_buf,
2911 IEEE80211_DEAUTH_FRAME_LEN);
2912 @@ -3546,6 +3568,9 @@ static void ieee80211_sta_bcn_mon_timer(
2913 if (local->quiescing)
2916 + if (sdata->vif.csa_active)
2919 sdata->u.mgd.connection_loss = false;
2920 ieee80211_queue_work(&sdata->local->hw,
2921 &sdata->u.mgd.beacon_connection_loss_work);
2922 @@ -3561,6 +3586,9 @@ static void ieee80211_sta_conn_mon_timer
2923 if (local->quiescing)
2926 + if (sdata->vif.csa_active)
2929 ieee80211_queue_work(&local->hw, &ifmgd->monitor_work);
2932 --- a/net/mac80211/rc80211_minstrel_ht.c
2933 +++ b/net/mac80211/rc80211_minstrel_ht.c
2935 #define MCS_NBITS (AVG_PKT_SIZE << 3)
2937 /* Number of symbols for a packet with (bps) bits per symbol */
2938 -#define MCS_NSYMS(bps) ((MCS_NBITS + (bps) - 1) / (bps))
2939 +#define MCS_NSYMS(bps) DIV_ROUND_UP(MCS_NBITS, (bps))
2941 /* Transmission time (nanoseconds) for a packet containing (syms) symbols */
2942 #define MCS_SYMBOL_TIME(sgi, syms) \
2943 @@ -226,8 +226,9 @@ minstrel_ht_calc_tp(struct minstrel_ht_s
2944 nsecs = 1000 * mi->overhead / MINSTREL_TRUNC(mi->avg_ampdu_len);
2946 nsecs += minstrel_mcs_groups[group].duration[rate];
2947 - tp = 1000000 * ((prob * 1000) / nsecs);
2949 + /* prob is scaled - see MINSTREL_FRAC above */
2950 + tp = 1000000 * ((prob * 1000) / nsecs);
2951 mr->cur_tp = MINSTREL_TRUNC(tp);
2954 --- a/net/mac80211/scan.c
2955 +++ b/net/mac80211/scan.c
2956 @@ -1076,12 +1076,8 @@ void ieee80211_sched_scan_results(struct
2958 EXPORT_SYMBOL(ieee80211_sched_scan_results);
2960 -void ieee80211_sched_scan_stopped_work(struct work_struct *work)
2961 +void ieee80211_sched_scan_end(struct ieee80211_local *local)
2963 - struct ieee80211_local *local =
2964 - container_of(work, struct ieee80211_local,
2965 - sched_scan_stopped_work);
2967 mutex_lock(&local->mtx);
2969 if (!rcu_access_pointer(local->sched_scan_sdata)) {
2970 @@ -1099,6 +1095,15 @@ void ieee80211_sched_scan_stopped_work(s
2971 cfg80211_sched_scan_stopped(local->hw.wiphy);
2974 +void ieee80211_sched_scan_stopped_work(struct work_struct *work)
2976 + struct ieee80211_local *local =
2977 + container_of(work, struct ieee80211_local,
2978 + sched_scan_stopped_work);
2980 + ieee80211_sched_scan_end(local);
2983 void ieee80211_sched_scan_stopped(struct ieee80211_hw *hw)
2985 struct ieee80211_local *local = hw_to_local(hw);
2987 +++ b/net/mac80211/tdls.c
2990 + * mac80211 TDLS handling code
2992 + * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net>
2993 + * Copyright 2014, Intel Corporation
2995 + * This file is GPLv2 as found in COPYING.
2998 +#include <linux/ieee80211.h>
2999 +#include "ieee80211_i.h"
3001 +static void ieee80211_tdls_add_ext_capab(struct sk_buff *skb)
3003 + u8 *pos = (void *)skb_put(skb, 7);
3005 + *pos++ = WLAN_EID_EXT_CAPABILITY;
3006 + *pos++ = 5; /* len */
3011 + *pos++ = WLAN_EXT_CAPA5_TDLS_ENABLED;
3014 +static u16 ieee80211_get_tdls_sta_capab(struct ieee80211_sub_if_data *sdata)
3016 + struct ieee80211_local *local = sdata->local;
3020 + if (ieee80211_get_sdata_band(sdata) != IEEE80211_BAND_2GHZ)
3023 + if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_SLOT_INCAPABLE))
3024 + capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
3025 + if (!(local->hw.flags & IEEE80211_HW_2GHZ_SHORT_PREAMBLE_INCAPABLE))
3026 + capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
3031 +static void ieee80211_tdls_add_link_ie(struct sk_buff *skb, const u8 *src_addr,
3032 + const u8 *peer, const u8 *bssid)
3034 + struct ieee80211_tdls_lnkie *lnkid;
3036 + lnkid = (void *)skb_put(skb, sizeof(struct ieee80211_tdls_lnkie));
3038 + lnkid->ie_type = WLAN_EID_LINK_ID;
3039 + lnkid->ie_len = sizeof(struct ieee80211_tdls_lnkie) - 2;
3041 + memcpy(lnkid->bssid, bssid, ETH_ALEN);
3042 + memcpy(lnkid->init_sta, src_addr, ETH_ALEN);
3043 + memcpy(lnkid->resp_sta, peer, ETH_ALEN);
3047 +ieee80211_prep_tdls_encap_data(struct wiphy *wiphy, struct net_device *dev,
3048 + const u8 *peer, u8 action_code, u8 dialog_token,
3049 + u16 status_code, struct sk_buff *skb)
3051 + struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3052 + enum ieee80211_band band = ieee80211_get_sdata_band(sdata);
3053 + struct ieee80211_tdls_data *tf;
3055 + tf = (void *)skb_put(skb, offsetof(struct ieee80211_tdls_data, u));
3057 + memcpy(tf->da, peer, ETH_ALEN);
3058 + memcpy(tf->sa, sdata->vif.addr, ETH_ALEN);
3059 + tf->ether_type = cpu_to_be16(ETH_P_TDLS);
3060 + tf->payload_type = WLAN_TDLS_SNAP_RFTYPE;
3062 + switch (action_code) {
3063 + case WLAN_TDLS_SETUP_REQUEST:
3064 + tf->category = WLAN_CATEGORY_TDLS;
3065 + tf->action_code = WLAN_TDLS_SETUP_REQUEST;
3067 + skb_put(skb, sizeof(tf->u.setup_req));
3068 + tf->u.setup_req.dialog_token = dialog_token;
3069 + tf->u.setup_req.capability =
3070 + cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
3072 + ieee80211_add_srates_ie(sdata, skb, false, band);
3073 + ieee80211_add_ext_srates_ie(sdata, skb, false, band);
3074 + ieee80211_tdls_add_ext_capab(skb);
3076 + case WLAN_TDLS_SETUP_RESPONSE:
3077 + tf->category = WLAN_CATEGORY_TDLS;
3078 + tf->action_code = WLAN_TDLS_SETUP_RESPONSE;
3080 + skb_put(skb, sizeof(tf->u.setup_resp));
3081 + tf->u.setup_resp.status_code = cpu_to_le16(status_code);
3082 + tf->u.setup_resp.dialog_token = dialog_token;
3083 + tf->u.setup_resp.capability =
3084 + cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
3086 + ieee80211_add_srates_ie(sdata, skb, false, band);
3087 + ieee80211_add_ext_srates_ie(sdata, skb, false, band);
3088 + ieee80211_tdls_add_ext_capab(skb);
3090 + case WLAN_TDLS_SETUP_CONFIRM:
3091 + tf->category = WLAN_CATEGORY_TDLS;
3092 + tf->action_code = WLAN_TDLS_SETUP_CONFIRM;
3094 + skb_put(skb, sizeof(tf->u.setup_cfm));
3095 + tf->u.setup_cfm.status_code = cpu_to_le16(status_code);
3096 + tf->u.setup_cfm.dialog_token = dialog_token;
3098 + case WLAN_TDLS_TEARDOWN:
3099 + tf->category = WLAN_CATEGORY_TDLS;
3100 + tf->action_code = WLAN_TDLS_TEARDOWN;
3102 + skb_put(skb, sizeof(tf->u.teardown));
3103 + tf->u.teardown.reason_code = cpu_to_le16(status_code);
3105 + case WLAN_TDLS_DISCOVERY_REQUEST:
3106 + tf->category = WLAN_CATEGORY_TDLS;
3107 + tf->action_code = WLAN_TDLS_DISCOVERY_REQUEST;
3109 + skb_put(skb, sizeof(tf->u.discover_req));
3110 + tf->u.discover_req.dialog_token = dialog_token;
3120 +ieee80211_prep_tdls_direct(struct wiphy *wiphy, struct net_device *dev,
3121 + const u8 *peer, u8 action_code, u8 dialog_token,
3122 + u16 status_code, struct sk_buff *skb)
3124 + struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3125 + enum ieee80211_band band = ieee80211_get_sdata_band(sdata);
3126 + struct ieee80211_mgmt *mgmt;
3128 + mgmt = (void *)skb_put(skb, 24);
3129 + memset(mgmt, 0, 24);
3130 + memcpy(mgmt->da, peer, ETH_ALEN);
3131 + memcpy(mgmt->sa, sdata->vif.addr, ETH_ALEN);
3132 + memcpy(mgmt->bssid, sdata->u.mgd.bssid, ETH_ALEN);
3134 + mgmt->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
3135 + IEEE80211_STYPE_ACTION);
3137 + switch (action_code) {
3138 + case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
3139 + skb_put(skb, 1 + sizeof(mgmt->u.action.u.tdls_discover_resp));
3140 + mgmt->u.action.category = WLAN_CATEGORY_PUBLIC;
3141 + mgmt->u.action.u.tdls_discover_resp.action_code =
3142 + WLAN_PUB_ACTION_TDLS_DISCOVER_RES;
3143 + mgmt->u.action.u.tdls_discover_resp.dialog_token =
3145 + mgmt->u.action.u.tdls_discover_resp.capability =
3146 + cpu_to_le16(ieee80211_get_tdls_sta_capab(sdata));
3148 + ieee80211_add_srates_ie(sdata, skb, false, band);
3149 + ieee80211_add_ext_srates_ie(sdata, skb, false, band);
3150 + ieee80211_tdls_add_ext_capab(skb);
3159 +int ieee80211_tdls_mgmt(struct wiphy *wiphy, struct net_device *dev,
3160 + const u8 *peer, u8 action_code, u8 dialog_token,
3161 + u16 status_code, u32 peer_capability,
3162 + const u8 *extra_ies, size_t extra_ies_len)
3164 + struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3165 + struct ieee80211_local *local = sdata->local;
3166 + struct sk_buff *skb = NULL;
3170 + if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
3173 + /* make sure we are in managed mode, and associated */
3174 + if (sdata->vif.type != NL80211_IFTYPE_STATION ||
3175 + !sdata->u.mgd.associated)
3178 + tdls_dbg(sdata, "TDLS mgmt action %d peer %pM\n",
3179 + action_code, peer);
3181 + skb = dev_alloc_skb(local->hw.extra_tx_headroom +
3182 + max(sizeof(struct ieee80211_mgmt),
3183 + sizeof(struct ieee80211_tdls_data)) +
3184 + 50 + /* supported rates */
3185 + 7 + /* ext capab */
3187 + sizeof(struct ieee80211_tdls_lnkie));
3191 + skb_reserve(skb, local->hw.extra_tx_headroom);
3193 + switch (action_code) {
3194 + case WLAN_TDLS_SETUP_REQUEST:
3195 + case WLAN_TDLS_SETUP_RESPONSE:
3196 + case WLAN_TDLS_SETUP_CONFIRM:
3197 + case WLAN_TDLS_TEARDOWN:
3198 + case WLAN_TDLS_DISCOVERY_REQUEST:
3199 + ret = ieee80211_prep_tdls_encap_data(wiphy, dev, peer,
3200 + action_code, dialog_token,
3201 + status_code, skb);
3202 + send_direct = false;
3204 + case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
3205 + ret = ieee80211_prep_tdls_direct(wiphy, dev, peer, action_code,
3206 + dialog_token, status_code,
3208 + send_direct = true;
3218 + if (extra_ies_len)
3219 + memcpy(skb_put(skb, extra_ies_len), extra_ies, extra_ies_len);
3221 + /* the TDLS link IE is always added last */
3222 + switch (action_code) {
3223 + case WLAN_TDLS_SETUP_REQUEST:
3224 + case WLAN_TDLS_SETUP_CONFIRM:
3225 + case WLAN_TDLS_TEARDOWN:
3226 + case WLAN_TDLS_DISCOVERY_REQUEST:
3227 + /* we are the initiator */
3228 + ieee80211_tdls_add_link_ie(skb, sdata->vif.addr, peer,
3229 + sdata->u.mgd.bssid);
3231 + case WLAN_TDLS_SETUP_RESPONSE:
3232 + case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
3233 + /* we are the responder */
3234 + ieee80211_tdls_add_link_ie(skb, peer, sdata->vif.addr,
3235 + sdata->u.mgd.bssid);
3242 + if (send_direct) {
3243 + ieee80211_tx_skb(sdata, skb);
3248 + * According to 802.11z: Setup req/resp are sent in AC_BK, otherwise
3249 + * we should default to AC_VI.
3251 + switch (action_code) {
3252 + case WLAN_TDLS_SETUP_REQUEST:
3253 + case WLAN_TDLS_SETUP_RESPONSE:
3254 + skb_set_queue_mapping(skb, IEEE80211_AC_BK);
3255 + skb->priority = 2;
3258 + skb_set_queue_mapping(skb, IEEE80211_AC_VI);
3259 + skb->priority = 5;
3263 + /* disable bottom halves when entering the Tx path */
3264 + local_bh_disable();
3265 + ret = ieee80211_subif_start_xmit(skb, dev);
3266 + local_bh_enable();
3271 + dev_kfree_skb(skb);
3275 +int ieee80211_tdls_oper(struct wiphy *wiphy, struct net_device *dev,
3276 + const u8 *peer, enum nl80211_tdls_operation oper)
3278 + struct sta_info *sta;
3279 + struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3281 + if (!(wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS))
3284 + if (sdata->vif.type != NL80211_IFTYPE_STATION)
3287 + tdls_dbg(sdata, "TDLS oper %d peer %pM\n", oper, peer);
3290 + case NL80211_TDLS_ENABLE_LINK:
3292 + sta = sta_info_get(sdata, peer);
3294 + rcu_read_unlock();
3298 + set_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH);
3299 + rcu_read_unlock();
3301 + case NL80211_TDLS_DISABLE_LINK:
3302 + return sta_info_destroy_addr(sdata, peer);
3303 + case NL80211_TDLS_TEARDOWN:
3304 + case NL80211_TDLS_SETUP:
3305 + case NL80211_TDLS_DISCOVERY_REQ:
3306 + /* We don't support in-driver setup/teardown/discovery */
3314 --- a/net/mac80211/tx.c
3315 +++ b/net/mac80211/tx.c
3316 @@ -2330,7 +2330,8 @@ void ieee80211_tx_pending(unsigned long
3317 /* functions for drivers to get certain frames */
3319 static void __ieee80211_beacon_add_tim(struct ieee80211_sub_if_data *sdata,
3320 - struct ps_data *ps, struct sk_buff *skb)
3321 + struct ps_data *ps, struct sk_buff *skb,
3326 @@ -2343,11 +2344,12 @@ static void __ieee80211_beacon_add_tim(s
3327 * checking byte-for-byte */
3328 have_bits = !bitmap_empty((unsigned long *)ps->tim,
3329 IEEE80211_MAX_AID+1);
3331 - if (ps->dtim_count == 0)
3332 - ps->dtim_count = sdata->vif.bss_conf.dtim_period - 1;
3335 + if (!is_template) {
3336 + if (ps->dtim_count == 0)
3337 + ps->dtim_count = sdata->vif.bss_conf.dtim_period - 1;
3342 tim = pos = (u8 *) skb_put(skb, 6);
3343 *pos++ = WLAN_EID_TIM;
3344 @@ -2393,7 +2395,8 @@ static void __ieee80211_beacon_add_tim(s
3347 static int ieee80211_beacon_add_tim(struct ieee80211_sub_if_data *sdata,
3348 - struct ps_data *ps, struct sk_buff *skb)
3349 + struct ps_data *ps, struct sk_buff *skb,
3352 struct ieee80211_local *local = sdata->local;
3354 @@ -2405,24 +2408,24 @@ static int ieee80211_beacon_add_tim(stru
3355 * of the tim bitmap in mac80211 and the driver.
3357 if (local->tim_in_locked_section) {
3358 - __ieee80211_beacon_add_tim(sdata, ps, skb);
3359 + __ieee80211_beacon_add_tim(sdata, ps, skb, is_template);
3361 spin_lock_bh(&local->tim_lock);
3362 - __ieee80211_beacon_add_tim(sdata, ps, skb);
3363 + __ieee80211_beacon_add_tim(sdata, ps, skb, is_template);
3364 spin_unlock_bh(&local->tim_lock);
3370 -static void ieee80211_update_csa(struct ieee80211_sub_if_data *sdata,
3371 - struct beacon_data *beacon)
3372 +static void ieee80211_set_csa(struct ieee80211_sub_if_data *sdata,
3373 + struct beacon_data *beacon)
3375 struct probe_resp *resp;
3376 - int counter_offset_beacon = sdata->csa_counter_offset_beacon;
3377 - int counter_offset_presp = sdata->csa_counter_offset_presp;
3379 size_t beacon_data_len;
3381 + u8 count = sdata->csa_current_counter;
3383 switch (sdata->vif.type) {
3384 case NL80211_IFTYPE_AP:
3385 @@ -2440,40 +2443,57 @@ static void ieee80211_update_csa(struct
3389 - if (WARN_ON(counter_offset_beacon >= beacon_data_len))
3392 - /* Warn if the driver did not check for/react to csa
3393 - * completeness. A beacon with CSA counter set to 0 should
3394 - * never occur, because a counter of 1 means switch just
3395 - * before the next beacon.
3397 - if (WARN_ON(beacon_data[counter_offset_beacon] == 1))
3399 + for (i = 0; i < IEEE80211_MAX_CSA_COUNTERS_NUM; ++i) {
3400 + u16 counter_offset_beacon =
3401 + sdata->csa_counter_offset_beacon[i];
3402 + u16 counter_offset_presp = sdata->csa_counter_offset_presp[i];
3404 + if (counter_offset_beacon) {
3405 + if (WARN_ON(counter_offset_beacon >= beacon_data_len))
3408 - beacon_data[counter_offset_beacon]--;
3409 + beacon_data[counter_offset_beacon] = count;
3412 - if (sdata->vif.type == NL80211_IFTYPE_AP && counter_offset_presp) {
3414 - resp = rcu_dereference(sdata->u.ap.probe_resp);
3415 + if (sdata->vif.type == NL80211_IFTYPE_AP &&
3416 + counter_offset_presp) {
3418 + resp = rcu_dereference(sdata->u.ap.probe_resp);
3420 - /* if nl80211 accepted the offset, this should not happen. */
3421 - if (WARN_ON(!resp)) {
3422 + /* If nl80211 accepted the offset, this should
3425 + if (WARN_ON(!resp)) {
3426 + rcu_read_unlock();
3429 + resp->data[counter_offset_presp] = count;
3433 - resp->data[counter_offset_presp]--;
3434 - rcu_read_unlock();
3438 +u8 ieee80211_csa_update_counter(struct ieee80211_vif *vif)
3440 + struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
3442 + sdata->csa_current_counter--;
3444 + /* the counter should never reach 0 */
3445 + WARN_ON(!sdata->csa_current_counter);
3447 + return sdata->csa_current_counter;
3449 +EXPORT_SYMBOL(ieee80211_csa_update_counter);
3451 bool ieee80211_csa_is_complete(struct ieee80211_vif *vif)
3453 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
3454 struct beacon_data *beacon = NULL;
3456 size_t beacon_data_len;
3457 - int counter_beacon = sdata->csa_counter_offset_beacon;
3458 + int counter_beacon = sdata->csa_counter_offset_beacon[0];
3461 if (!ieee80211_sdata_running(sdata))
3462 @@ -2523,9 +2543,11 @@ bool ieee80211_csa_is_complete(struct ie
3464 EXPORT_SYMBOL(ieee80211_csa_is_complete);
3466 -struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw,
3467 - struct ieee80211_vif *vif,
3468 - u16 *tim_offset, u16 *tim_length)
3469 +static struct sk_buff *
3470 +__ieee80211_beacon_get(struct ieee80211_hw *hw,
3471 + struct ieee80211_vif *vif,
3472 + struct ieee80211_mutable_offsets *offs,
3475 struct ieee80211_local *local = hw_to_local(hw);
3476 struct sk_buff *skb = NULL;
3477 @@ -2534,6 +2556,7 @@ struct sk_buff *ieee80211_beacon_get_tim
3478 enum ieee80211_band band;
3479 struct ieee80211_tx_rate_control txrc;
3480 struct ieee80211_chanctx_conf *chanctx_conf;
3481 + int csa_off_base = 0;
3485 @@ -2543,18 +2566,20 @@ struct sk_buff *ieee80211_beacon_get_tim
3486 if (!ieee80211_sdata_running(sdata) || !chanctx_conf)
3494 + memset(offs, 0, sizeof(*offs));
3496 if (sdata->vif.type == NL80211_IFTYPE_AP) {
3497 struct ieee80211_if_ap *ap = &sdata->u.ap;
3498 struct beacon_data *beacon = rcu_dereference(ap->beacon);
3501 - if (sdata->vif.csa_active)
3502 - ieee80211_update_csa(sdata, beacon);
3503 + if (sdata->vif.csa_active) {
3505 + ieee80211_csa_update_counter(vif);
3507 + ieee80211_set_csa(sdata, beacon);
3511 * headroom, head length,
3512 @@ -2571,12 +2596,16 @@ struct sk_buff *ieee80211_beacon_get_tim
3513 memcpy(skb_put(skb, beacon->head_len), beacon->head,
3516 - ieee80211_beacon_add_tim(sdata, &ap->ps, skb);
3517 + ieee80211_beacon_add_tim(sdata, &ap->ps, skb,
3521 + offs->tim_offset = beacon->head_len;
3522 + offs->tim_length = skb->len - beacon->head_len;
3525 - *tim_offset = beacon->head_len;
3527 - *tim_length = skb->len - beacon->head_len;
3528 + /* for AP the csa offsets are from tail */
3529 + csa_off_base = skb->len;
3533 memcpy(skb_put(skb, beacon->tail_len),
3534 @@ -2591,9 +2620,12 @@ struct sk_buff *ieee80211_beacon_get_tim
3538 - if (sdata->vif.csa_active)
3539 - ieee80211_update_csa(sdata, presp);
3540 + if (sdata->vif.csa_active) {
3542 + ieee80211_csa_update_counter(vif);
3544 + ieee80211_set_csa(sdata, presp);
3547 skb = dev_alloc_skb(local->tx_headroom + presp->head_len +
3548 local->hw.extra_beacon_tailroom);
3549 @@ -2613,8 +2645,17 @@ struct sk_buff *ieee80211_beacon_get_tim
3553 - if (sdata->vif.csa_active)
3554 - ieee80211_update_csa(sdata, bcn);
3555 + if (sdata->vif.csa_active) {
3557 + /* TODO: For mesh csa_counter is in TU, so
3558 + * decrementing it by one isn't correct, but
3559 + * for now we leave it consistent with overall
3560 + * mac80211's behavior.
3562 + ieee80211_csa_update_counter(vif);
3564 + ieee80211_set_csa(sdata, bcn);
3567 if (ifmsh->sync_ops)
3568 ifmsh->sync_ops->adjust_tbtt(sdata, bcn);
3569 @@ -2628,13 +2669,33 @@ struct sk_buff *ieee80211_beacon_get_tim
3571 skb_reserve(skb, local->tx_headroom);
3572 memcpy(skb_put(skb, bcn->head_len), bcn->head, bcn->head_len);
3573 - ieee80211_beacon_add_tim(sdata, &ifmsh->ps, skb);
3574 + ieee80211_beacon_add_tim(sdata, &ifmsh->ps, skb, is_template);
3577 + offs->tim_offset = bcn->head_len;
3578 + offs->tim_length = skb->len - bcn->head_len;
3581 memcpy(skb_put(skb, bcn->tail_len), bcn->tail, bcn->tail_len);
3591 + for (i = 0; i < IEEE80211_MAX_CSA_COUNTERS_NUM; i++) {
3592 + u16 csa_off = sdata->csa_counter_offset_beacon[i];
3597 + offs->csa_counter_offs[i] = csa_off_base + csa_off;
3601 band = chanctx_conf->def.chan->band;
3603 info = IEEE80211_SKB_CB(skb);
3604 @@ -2665,6 +2726,32 @@ struct sk_buff *ieee80211_beacon_get_tim
3612 +ieee80211_beacon_get_template(struct ieee80211_hw *hw,
3613 + struct ieee80211_vif *vif,
3614 + struct ieee80211_mutable_offsets *offs)
3616 + return __ieee80211_beacon_get(hw, vif, offs, true);
3618 +EXPORT_SYMBOL(ieee80211_beacon_get_template);
3620 +struct sk_buff *ieee80211_beacon_get_tim(struct ieee80211_hw *hw,
3621 + struct ieee80211_vif *vif,
3622 + u16 *tim_offset, u16 *tim_length)
3624 + struct ieee80211_mutable_offsets offs = {};
3625 + struct sk_buff *bcn = __ieee80211_beacon_get(hw, vif, &offs, false);
3628 + *tim_offset = offs.tim_offset;
3631 + *tim_length = offs.tim_length;
3635 EXPORT_SYMBOL(ieee80211_beacon_get_tim);
3637 --- a/net/mac80211/util.c
3638 +++ b/net/mac80211/util.c
3639 @@ -1457,6 +1457,44 @@ void ieee80211_stop_device(struct ieee80
3643 +static void ieee80211_handle_reconfig_failure(struct ieee80211_local *local)
3645 + struct ieee80211_sub_if_data *sdata;
3646 + struct ieee80211_chanctx *ctx;
3649 + * We get here if during resume the device can't be restarted properly.
3650 + * We might also get here if this happens during HW reset, which is a
3651 + * slightly different situation and we need to drop all connections in
3652 + * the latter case.
3654 + * Ask cfg80211 to turn off all interfaces, this will result in more
3655 + * warnings but at least we'll then get into a clean stopped state.
3658 + local->resuming = false;
3659 + local->suspended = false;
3660 + local->started = false;
3662 + /* scheduled scan clearly can't be running any more, but tell
3663 + * cfg80211 and clear local state
3665 + ieee80211_sched_scan_end(local);
3667 + list_for_each_entry(sdata, &local->interfaces, list)
3668 + sdata->flags &= ~IEEE80211_SDATA_IN_DRIVER;
3670 + /* Mark channel contexts as not being in the driver any more to avoid
3671 + * removing them from the driver during the shutdown process...
3673 + mutex_lock(&local->chanctx_mtx);
3674 + list_for_each_entry(ctx, &local->chanctx_list, list)
3675 + ctx->driver_present = false;
3676 + mutex_unlock(&local->chanctx_mtx);
3678 + cfg80211_shutdown_all_interfaces(local->hw.wiphy);
3681 static void ieee80211_assign_chanctx(struct ieee80211_local *local,
3682 struct ieee80211_sub_if_data *sdata)
3684 @@ -1520,9 +1558,11 @@ int ieee80211_reconfig(struct ieee80211_
3686 res = drv_start(local);
3688 - WARN(local->suspended, "Hardware became unavailable "
3689 - "upon resume. This could be a software issue "
3690 - "prior to suspend or a hardware issue.\n");
3691 + if (local->suspended)
3692 + WARN(1, "Hardware became unavailable upon resume. This could be a software issue prior to suspend or a hardware issue.\n");
3694 + WARN(1, "Hardware became unavailable during restart.\n");
3695 + ieee80211_handle_reconfig_failure(local);
3699 --- a/net/wireless/ap.c
3700 +++ b/net/wireless/ap.c
3702 #include "rdev-ops.h"
3705 -static int __cfg80211_stop_ap(struct cfg80211_registered_device *rdev,
3706 - struct net_device *dev, bool notify)
3707 +int __cfg80211_stop_ap(struct cfg80211_registered_device *rdev,
3708 + struct net_device *dev, bool notify)
3710 struct wireless_dev *wdev = dev->ieee80211_ptr;
3712 --- a/net/wireless/chan.c
3713 +++ b/net/wireless/chan.c
3714 @@ -370,8 +370,8 @@ int cfg80211_chandef_dfs_required(struct
3715 case NL80211_IFTYPE_AP_VLAN:
3716 case NL80211_IFTYPE_WDS:
3717 case NL80211_IFTYPE_P2P_DEVICE:
3718 - case NL80211_IFTYPE_UNSPECIFIED:
3720 + case NL80211_IFTYPE_UNSPECIFIED:
3721 case NUM_NL80211_IFTYPES:
3724 @@ -796,8 +796,7 @@ bool cfg80211_reg_can_beacon(struct wiph
3725 !cfg80211_go_permissive_chan(rdev, chandef->chan))
3726 prohibited_flags |= IEEE80211_CHAN_NO_IR;
3728 - if (cfg80211_chandef_dfs_required(wiphy, chandef,
3729 - NL80211_IFTYPE_UNSPECIFIED) > 0 &&
3730 + if (cfg80211_chandef_dfs_required(wiphy, chandef, iftype) > 0 &&
3731 cfg80211_chandef_dfs_available(wiphy, chandef)) {
3732 /* We can skip IEEE80211_CHAN_NO_IR if chandef dfs available */
3733 prohibited_flags = IEEE80211_CHAN_DISABLED;
3734 --- a/net/wireless/core.c
3735 +++ b/net/wireless/core.c
3736 @@ -210,15 +210,12 @@ void cfg80211_stop_p2p_device(struct cfg
3740 -static int cfg80211_rfkill_set_block(void *data, bool blocked)
3741 +void cfg80211_shutdown_all_interfaces(struct wiphy *wiphy)
3743 - struct cfg80211_registered_device *rdev = data;
3744 + struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
3745 struct wireless_dev *wdev;
3753 list_for_each_entry(wdev, &rdev->wdev_list, list) {
3755 @@ -234,7 +231,18 @@ static int cfg80211_rfkill_set_block(voi
3760 +EXPORT_SYMBOL_GPL(cfg80211_shutdown_all_interfaces);
3762 +static int cfg80211_rfkill_set_block(void *data, bool blocked)
3764 + struct cfg80211_registered_device *rdev = data;
3770 + cfg80211_shutdown_all_interfaces(&rdev->wiphy);
3774 @@ -401,6 +409,8 @@ struct wiphy *wiphy_new(const struct cfg
3775 rdev->wiphy.rts_threshold = (u32) -1;
3776 rdev->wiphy.coverage_class = 0;
3778 + rdev->wiphy.max_num_csa_counters = 1;
3780 return &rdev->wiphy;
3782 EXPORT_SYMBOL(wiphy_new);
3783 @@ -697,7 +707,7 @@ void wiphy_unregister(struct wiphy *wiph
3785 rdev->wiphy.registered = false;
3787 - BUG_ON(!list_empty(&rdev->wdev_list));
3788 + WARN_ON(!list_empty(&rdev->wdev_list));
3791 * First remove the hardware from everywhere, this makes
3792 @@ -799,23 +809,23 @@ void cfg80211_update_iface_num(struct cf
3793 rdev->num_running_monitor_ifaces += num;
3796 -void cfg80211_leave(struct cfg80211_registered_device *rdev,
3797 - struct wireless_dev *wdev)
3798 +void __cfg80211_leave(struct cfg80211_registered_device *rdev,
3799 + struct wireless_dev *wdev)
3801 struct net_device *dev = wdev->netdev;
3804 + ASSERT_WDEV_LOCK(wdev);
3806 switch (wdev->iftype) {
3807 case NL80211_IFTYPE_ADHOC:
3808 - cfg80211_leave_ibss(rdev, dev, true);
3809 + __cfg80211_leave_ibss(rdev, dev, true);
3811 case NL80211_IFTYPE_P2P_CLIENT:
3812 case NL80211_IFTYPE_STATION:
3813 if (rdev->sched_scan_req && dev == rdev->sched_scan_req->dev)
3814 __cfg80211_stop_sched_scan(rdev, false);
3817 #ifdef CPTCFG_CFG80211_WEXT
3818 kfree(wdev->wext.ie);
3819 wdev->wext.ie = NULL;
3820 @@ -824,20 +834,49 @@ void cfg80211_leave(struct cfg80211_regi
3822 cfg80211_disconnect(rdev, dev,
3823 WLAN_REASON_DEAUTH_LEAVING, true);
3824 - wdev_unlock(wdev);
3826 case NL80211_IFTYPE_MESH_POINT:
3827 - cfg80211_leave_mesh(rdev, dev);
3828 + __cfg80211_leave_mesh(rdev, dev);
3830 case NL80211_IFTYPE_AP:
3831 case NL80211_IFTYPE_P2P_GO:
3832 - cfg80211_stop_ap(rdev, dev, true);
3833 + __cfg80211_stop_ap(rdev, dev, true);
3840 +void cfg80211_leave(struct cfg80211_registered_device *rdev,
3841 + struct wireless_dev *wdev)
3844 + __cfg80211_leave(rdev, wdev);
3845 + wdev_unlock(wdev);
3848 +void cfg80211_stop_iface(struct wiphy *wiphy, struct wireless_dev *wdev,
3851 + struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
3852 + struct cfg80211_event *ev;
3853 + unsigned long flags;
3855 + trace_cfg80211_stop_iface(wiphy, wdev);
3857 + ev = kzalloc(sizeof(*ev), gfp);
3861 + ev->type = EVENT_STOPPED;
3863 + spin_lock_irqsave(&wdev->event_lock, flags);
3864 + list_add_tail(&ev->list, &wdev->event_list);
3865 + spin_unlock_irqrestore(&wdev->event_lock, flags);
3866 + queue_work(cfg80211_wq, &rdev->event_work);
3868 +EXPORT_SYMBOL(cfg80211_stop_iface);
3870 static int cfg80211_netdev_notifier_call(struct notifier_block *nb,
3871 unsigned long state, void *ptr)
3873 --- a/net/wireless/core.h
3874 +++ b/net/wireless/core.h
3875 @@ -185,6 +185,7 @@ enum cfg80211_event_type {
3882 struct cfg80211_event {
3883 @@ -281,6 +282,8 @@ int cfg80211_join_mesh(struct cfg80211_r
3884 struct net_device *dev,
3885 struct mesh_setup *setup,
3886 const struct mesh_config *conf);
3887 +int __cfg80211_leave_mesh(struct cfg80211_registered_device *rdev,
3888 + struct net_device *dev);
3889 int cfg80211_leave_mesh(struct cfg80211_registered_device *rdev,
3890 struct net_device *dev);
3891 int cfg80211_set_mesh_channel(struct cfg80211_registered_device *rdev,
3892 @@ -288,6 +291,8 @@ int cfg80211_set_mesh_channel(struct cfg
3893 struct cfg80211_chan_def *chandef);
3896 +int __cfg80211_stop_ap(struct cfg80211_registered_device *rdev,
3897 + struct net_device *dev, bool notify);
3898 int cfg80211_stop_ap(struct cfg80211_registered_device *rdev,
3899 struct net_device *dev, bool notify);
3901 @@ -441,6 +446,8 @@ int cfg80211_validate_beacon_int(struct
3902 void cfg80211_update_iface_num(struct cfg80211_registered_device *rdev,
3903 enum nl80211_iftype iftype, int num);
3905 +void __cfg80211_leave(struct cfg80211_registered_device *rdev,
3906 + struct wireless_dev *wdev);
3907 void cfg80211_leave(struct cfg80211_registered_device *rdev,
3908 struct wireless_dev *wdev);
3910 --- a/net/wireless/ibss.c
3911 +++ b/net/wireless/ibss.c
3912 @@ -420,8 +420,8 @@ int cfg80211_ibss_wext_siwessid(struct n
3913 if (len > 0 && ssid[len - 1] == '\0')
3916 + memcpy(wdev->ssid, ssid, len);
3917 wdev->wext.ibss.ssid = wdev->ssid;
3918 - memcpy(wdev->wext.ibss.ssid, ssid, len);
3919 wdev->wext.ibss.ssid_len = len;
3922 --- a/net/wireless/mesh.c
3923 +++ b/net/wireless/mesh.c
3924 @@ -238,8 +238,8 @@ int cfg80211_set_mesh_channel(struct cfg
3928 -static int __cfg80211_leave_mesh(struct cfg80211_registered_device *rdev,
3929 - struct net_device *dev)
3930 +int __cfg80211_leave_mesh(struct cfg80211_registered_device *rdev,
3931 + struct net_device *dev)
3933 struct wireless_dev *wdev = dev->ieee80211_ptr;
3935 --- a/net/wireless/nl80211.c
3936 +++ b/net/wireless/nl80211.c
3937 @@ -371,8 +371,8 @@ static const struct nla_policy nl80211_p
3938 [NL80211_ATTR_CH_SWITCH_COUNT] = { .type = NLA_U32 },
3939 [NL80211_ATTR_CH_SWITCH_BLOCK_TX] = { .type = NLA_FLAG },
3940 [NL80211_ATTR_CSA_IES] = { .type = NLA_NESTED },
3941 - [NL80211_ATTR_CSA_C_OFF_BEACON] = { .type = NLA_U16 },
3942 - [NL80211_ATTR_CSA_C_OFF_PRESP] = { .type = NLA_U16 },
3943 + [NL80211_ATTR_CSA_C_OFF_BEACON] = { .type = NLA_BINARY },
3944 + [NL80211_ATTR_CSA_C_OFF_PRESP] = { .type = NLA_BINARY },
3945 [NL80211_ATTR_STA_SUPPORTED_CHANNELS] = { .type = NLA_BINARY },
3946 [NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES] = { .type = NLA_BINARY },
3947 [NL80211_ATTR_HANDLE_DFS] = { .type = NLA_FLAG },
3948 @@ -386,6 +386,7 @@ static const struct nla_policy nl80211_p
3949 [NL80211_ATTR_WIPHY_FREQ_HINT] = { .type = NLA_U32 },
3950 [NL80211_ATTR_TDLS_PEER_CAPABILITY] = { .type = NLA_U32 },
3951 [NL80211_ATTR_IFACE_SOCKET_OWNER] = { .type = NLA_FLAG },
3952 + [NL80211_ATTR_CSA_C_OFFSETS_TX] = { .type = NLA_BINARY },
3955 /* policy for the key attributes */
3956 @@ -970,8 +971,10 @@ static int nl80211_put_iface_combination
3958 goto nla_put_failure;
3960 - nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS,
3961 - c->radar_detect_widths))
3962 + (nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS,
3963 + c->radar_detect_widths) ||
3964 + nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_REGIONS,
3965 + c->radar_detect_regions)))
3966 goto nla_put_failure;
3968 nla_nest_end(msg, nl_combi);
3969 @@ -1667,6 +1670,13 @@ static int nl80211_send_wiphy(struct cfg
3971 nla_nest_end(msg, nested);
3973 + state->split_start++;
3976 + if (rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH &&
3977 + nla_put_u8(msg, NL80211_ATTR_MAX_CSA_COUNTERS,
3978 + rdev->wiphy.max_num_csa_counters))
3979 + goto nla_put_failure;
3982 state->split_start = 0;
3983 @@ -5825,7 +5835,7 @@ static int nl80211_start_radar_detection
3986 err = cfg80211_chandef_dfs_required(wdev->wiphy, &chandef,
3987 - NL80211_IFTYPE_UNSPECIFIED);
3992 @@ -5866,6 +5876,7 @@ static int nl80211_channel_switch(struct
3993 u8 radar_detect_width = 0;
3995 bool need_new_beacon = false;
3998 if (!rdev->ops->channel_switch ||
3999 !(rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH))
4000 @@ -5924,26 +5935,55 @@ static int nl80211_channel_switch(struct
4001 if (!csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON])
4004 - params.counter_offset_beacon =
4005 - nla_get_u16(csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON]);
4006 - if (params.counter_offset_beacon >= params.beacon_csa.tail_len)
4007 + len = nla_len(csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON]);
4008 + if (!len || (len % sizeof(u16)))
4011 - /* sanity check - counters should be the same */
4012 - if (params.beacon_csa.tail[params.counter_offset_beacon] !=
4014 + params.n_counter_offsets_beacon = len / sizeof(u16);
4015 + if (rdev->wiphy.max_num_csa_counters &&
4016 + (params.n_counter_offsets_beacon >
4017 + rdev->wiphy.max_num_csa_counters))
4020 + params.counter_offsets_beacon =
4021 + nla_data(csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON]);
4023 + /* sanity checks - counters should fit and be the same */
4024 + for (i = 0; i < params.n_counter_offsets_beacon; i++) {
4025 + u16 offset = params.counter_offsets_beacon[i];
4027 + if (offset >= params.beacon_csa.tail_len)
4030 + if (params.beacon_csa.tail[offset] != params.count)
4034 if (csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]) {
4035 - params.counter_offset_presp =
4036 - nla_get_u16(csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]);
4037 - if (params.counter_offset_presp >=
4038 - params.beacon_csa.probe_resp_len)
4039 + len = nla_len(csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]);
4040 + if (!len || (len % sizeof(u16)))
4043 - if (params.beacon_csa.probe_resp[params.counter_offset_presp] !=
4045 + params.n_counter_offsets_presp = len / sizeof(u16);
4046 + if (rdev->wiphy.max_num_csa_counters &&
4047 + (params.n_counter_offsets_beacon >
4048 + rdev->wiphy.max_num_csa_counters))
4051 + params.counter_offsets_presp =
4052 + nla_data(csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]);
4054 + /* sanity checks - counters should fit and be the same */
4055 + for (i = 0; i < params.n_counter_offsets_presp; i++) {
4056 + u16 offset = params.counter_offsets_presp[i];
4058 + if (offset >= params.beacon_csa.probe_resp_len)
4061 + if (params.beacon_csa.probe_resp[offset] !=
4068 @@ -7793,6 +7833,27 @@ static int nl80211_tx_mgmt(struct sk_buf
4069 if (!chandef.chan && params.offchan)
4072 + params.buf = nla_data(info->attrs[NL80211_ATTR_FRAME]);
4073 + params.len = nla_len(info->attrs[NL80211_ATTR_FRAME]);
4075 + if (info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]) {
4076 + int len = nla_len(info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]);
4079 + if (len % sizeof(u16))
4082 + params.n_csa_offsets = len / sizeof(u16);
4083 + params.csa_offsets =
4084 + nla_data(info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]);
4086 + /* check that all the offsets fit the frame */
4087 + for (i = 0; i < params.n_csa_offsets; i++) {
4088 + if (params.csa_offsets[i] >= params.len)
4093 if (!params.dont_wait_for_ack) {
4094 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
4096 @@ -7807,8 +7868,6 @@ static int nl80211_tx_mgmt(struct sk_buf
4100 - params.buf = nla_data(info->attrs[NL80211_ATTR_FRAME]);
4101 - params.len = nla_len(info->attrs[NL80211_ATTR_FRAME]);
4102 params.chan = chandef.chan;
4103 err = cfg80211_mlme_mgmt_tx(rdev, wdev, ¶ms, &cookie);
4105 @@ -8507,6 +8566,8 @@ static int nl80211_set_wowlan(struct sk_
4107 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
4111 nla_parse(pat_tb, MAX_NL80211_PKTPAT, nla_data(pat),
4112 nla_len(pat), NULL);
4114 @@ -8530,19 +8591,18 @@ static int nl80211_set_wowlan(struct sk_
4116 new_triggers.patterns[i].pkt_offset = pkt_offset;
4118 - new_triggers.patterns[i].mask =
4119 - kmalloc(mask_len + pat_len, GFP_KERNEL);
4120 - if (!new_triggers.patterns[i].mask) {
4121 + mask_pat = kmalloc(mask_len + pat_len, GFP_KERNEL);
4126 - new_triggers.patterns[i].pattern =
4127 - new_triggers.patterns[i].mask + mask_len;
4128 - memcpy(new_triggers.patterns[i].mask,
4129 - nla_data(pat_tb[NL80211_PKTPAT_MASK]),
4130 + new_triggers.patterns[i].mask = mask_pat;
4131 + memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_MASK]),
4133 + mask_pat += mask_len;
4134 + new_triggers.patterns[i].pattern = mask_pat;
4135 new_triggers.patterns[i].pattern_len = pat_len;
4136 - memcpy(new_triggers.patterns[i].pattern,
4138 nla_data(pat_tb[NL80211_PKTPAT_PATTERN]),
4141 @@ -8735,6 +8795,8 @@ static int nl80211_parse_coalesce_rule(s
4143 nla_for_each_nested(pat, tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN],
4147 nla_parse(pat_tb, MAX_NL80211_PKTPAT, nla_data(pat),
4148 nla_len(pat), NULL);
4149 if (!pat_tb[NL80211_PKTPAT_MASK] ||
4150 @@ -8756,17 +8818,19 @@ static int nl80211_parse_coalesce_rule(s
4152 new_rule->patterns[i].pkt_offset = pkt_offset;
4154 - new_rule->patterns[i].mask =
4155 - kmalloc(mask_len + pat_len, GFP_KERNEL);
4156 - if (!new_rule->patterns[i].mask)
4157 + mask_pat = kmalloc(mask_len + pat_len, GFP_KERNEL);
4160 - new_rule->patterns[i].pattern =
4161 - new_rule->patterns[i].mask + mask_len;
4162 - memcpy(new_rule->patterns[i].mask,
4163 - nla_data(pat_tb[NL80211_PKTPAT_MASK]), mask_len);
4165 + new_rule->patterns[i].mask = mask_pat;
4166 + memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_MASK]),
4169 + mask_pat += mask_len;
4170 + new_rule->patterns[i].pattern = mask_pat;
4171 new_rule->patterns[i].pattern_len = pat_len;
4172 - memcpy(new_rule->patterns[i].pattern,
4173 - nla_data(pat_tb[NL80211_PKTPAT_PATTERN]), pat_len);
4174 + memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_PATTERN]),
4179 --- a/net/wireless/sme.c
4180 +++ b/net/wireless/sme.c
4181 @@ -149,7 +149,8 @@ static int cfg80211_conn_do_work(struct
4182 case CFG80211_CONN_SCAN_AGAIN:
4183 return cfg80211_conn_scan(wdev);
4184 case CFG80211_CONN_AUTHENTICATE_NEXT:
4185 - BUG_ON(!rdev->ops->auth);
4186 + if (WARN_ON(!rdev->ops->auth))
4187 + return -EOPNOTSUPP;
4188 wdev->conn->state = CFG80211_CONN_AUTHENTICATING;
4189 return cfg80211_mlme_auth(rdev, wdev->netdev,
4190 params->channel, params->auth_type,
4191 @@ -161,7 +162,8 @@ static int cfg80211_conn_do_work(struct
4192 case CFG80211_CONN_AUTH_FAILED:
4194 case CFG80211_CONN_ASSOCIATE_NEXT:
4195 - BUG_ON(!rdev->ops->assoc);
4196 + if (WARN_ON(!rdev->ops->assoc))
4197 + return -EOPNOTSUPP;
4198 wdev->conn->state = CFG80211_CONN_ASSOCIATING;
4199 if (wdev->conn->prev_bssid_valid)
4200 req.prev_bssid = wdev->conn->prev_bssid;
4201 @@ -877,7 +879,7 @@ void __cfg80211_disconnected(struct net_
4204 void cfg80211_disconnected(struct net_device *dev, u16 reason,
4205 - u8 *ie, size_t ie_len, gfp_t gfp)
4206 + const u8 *ie, size_t ie_len, gfp_t gfp)
4208 struct wireless_dev *wdev = dev->ieee80211_ptr;
4209 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
4210 --- a/net/wireless/trace.h
4211 +++ b/net/wireless/trace.h
4212 @@ -1876,29 +1876,33 @@ TRACE_EVENT(rdev_channel_switch,
4216 - __field(u16, counter_offset_beacon)
4217 - __field(u16, counter_offset_presp)
4218 __field(bool, radar_required)
4219 __field(bool, block_tx)
4221 + __dynamic_array(u16, bcn_ofs, params->n_counter_offsets_beacon)
4222 + __dynamic_array(u16, pres_ofs, params->n_counter_offsets_presp)
4227 CHAN_DEF_ASSIGN(¶ms->chandef);
4228 - __entry->counter_offset_beacon = params->counter_offset_beacon;
4229 - __entry->counter_offset_presp = params->counter_offset_presp;
4230 __entry->radar_required = params->radar_required;
4231 __entry->block_tx = params->block_tx;
4232 __entry->count = params->count;
4233 + memcpy(__get_dynamic_array(bcn_ofs),
4234 + params->counter_offsets_beacon,
4235 + params->n_counter_offsets_beacon * sizeof(u16));
4237 + /* probe response offsets are optional */
4238 + if (params->n_counter_offsets_presp)
4239 + memcpy(__get_dynamic_array(pres_ofs),
4240 + params->counter_offsets_presp,
4241 + params->n_counter_offsets_presp * sizeof(u16));
4243 TP_printk(WIPHY_PR_FMT ", " NETDEV_PR_FMT ", " CHAN_DEF_PR_FMT
4244 - ", block_tx: %d, count: %u, radar_required: %d"
4245 - ", counter offsets (beacon/presp): %u/%u",
4246 + ", block_tx: %d, count: %u, radar_required: %d",
4247 WIPHY_PR_ARG, NETDEV_PR_ARG, CHAN_DEF_PR_ARG,
4248 - __entry->block_tx, __entry->count, __entry->radar_required,
4249 - __entry->counter_offset_beacon,
4250 - __entry->counter_offset_presp)
4251 + __entry->block_tx, __entry->count, __entry->radar_required)
4254 TRACE_EVENT(rdev_set_qos_map,
4255 @@ -2636,6 +2640,21 @@ TRACE_EVENT(cfg80211_ft_event,
4256 WIPHY_PR_ARG, NETDEV_PR_ARG, MAC_PR_ARG(target_ap))
4259 +TRACE_EVENT(cfg80211_stop_iface,
4260 + TP_PROTO(struct wiphy *wiphy, struct wireless_dev *wdev),
4261 + TP_ARGS(wiphy, wdev),
4270 + TP_printk(WIPHY_PR_FMT ", " WDEV_PR_FMT,
4271 + WIPHY_PR_ARG, WDEV_PR_ARG)
4274 #endif /* !__RDEV_OPS_TRACE || TRACE_HEADER_MULTI_READ */
4276 #undef TRACE_INCLUDE_PATH
4277 --- a/net/wireless/util.c
4278 +++ b/net/wireless/util.c
4279 @@ -476,7 +476,8 @@ int ieee80211_data_to_8023(struct sk_buf
4280 EXPORT_SYMBOL(ieee80211_data_to_8023);
4282 int ieee80211_data_from_8023(struct sk_buff *skb, const u8 *addr,
4283 - enum nl80211_iftype iftype, u8 *bssid, bool qos)
4284 + enum nl80211_iftype iftype,
4285 + const u8 *bssid, bool qos)
4287 struct ieee80211_hdr hdr;
4288 u16 hdrlen, ethertype;
4289 @@ -839,6 +840,9 @@ void cfg80211_process_wdev_events(struct
4290 __cfg80211_ibss_joined(wdev->netdev, ev->ij.bssid,
4293 + case EVENT_STOPPED:
4294 + __cfg80211_leave(wiphy_to_rdev(wdev->wiphy), wdev);
4299 @@ -1271,10 +1275,20 @@ int cfg80211_iter_combinations(struct wi
4303 + const struct ieee80211_regdomain *regdom;
4304 + enum nl80211_dfs_regions region = 0;
4306 int num_interfaces = 0;
4307 u32 used_iftypes = 0;
4309 + if (radar_detect) {
4311 + regdom = rcu_dereference(cfg80211_regdomain);
4313 + region = regdom->dfs_region;
4314 + rcu_read_unlock();
4317 for (iftype = 0; iftype < NUM_NL80211_IFTYPES; iftype++) {
4318 num_interfaces += iftype_num[iftype];
4319 if (iftype_num[iftype] > 0 &&
4320 @@ -1315,6 +1329,10 @@ int cfg80211_iter_combinations(struct wi
4321 if (radar_detect != (c->radar_detect_widths & radar_detect))
4324 + if (radar_detect && c->radar_detect_regions &&
4325 + !(c->radar_detect_regions & BIT(region)))
4328 /* Finally check that all iftypes that we're currently
4329 * using are actually part of this combination. If they
4330 * aren't then we can't use this combination and have
4331 --- a/drivers/net/wireless/ath/ath9k/main.c
4332 +++ b/drivers/net/wireless/ath/ath9k/main.c
4333 @@ -444,6 +444,8 @@ void ath9k_tasklet(unsigned long data)
4334 ath9k_ps_wakeup(sc);
4335 spin_lock(&sc->sc_pcu_lock);
4337 + sc->intrstatus = 0;
4339 if (status & ATH9K_INT_FATAL) {
4340 type = RESET_TYPE_FATAL_INT;
4341 ath9k_queue_reset(sc, type);
4342 @@ -512,10 +514,12 @@ void ath9k_tasklet(unsigned long data)
4343 if (status & rxmask) {
4344 /* Check for high priority Rx first */
4345 if ((ah->caps.hw_caps & ATH9K_HW_CAP_EDMA) &&
4346 - (status & ATH9K_INT_RXHP))
4347 - ath_rx_tasklet(sc, 0, true);
4348 + (status & ATH9K_INT_RXHP) &&
4349 + ath_rx_tasklet(sc, 0, true))
4350 + sc->intrstatus |= ATH9K_INT_RXHP;
4352 - ath_rx_tasklet(sc, 0, false);
4353 + if (ath_rx_tasklet(sc, 0, false))
4354 + sc->intrstatus |= ATH9K_INT_RXLP;
4357 if (status & ATH9K_INT_TX) {
4358 @@ -543,6 +547,9 @@ void ath9k_tasklet(unsigned long data)
4360 /* re-enable hardware interrupt */
4361 ath9k_hw_enable_interrupts(ah);
4362 + if (sc->intrstatus)
4363 + tasklet_schedule(&sc->intr_tq);
4366 spin_unlock(&sc->sc_pcu_lock);
4367 ath9k_ps_restore(sc);
4368 @@ -609,7 +616,7 @@ irqreturn_t ath_isr(int irq, void *dev)
4371 /* Cache the status */
4372 - sc->intrstatus = status;
4373 + sc->intrstatus |= status;
4375 if (status & SCHED_INTR)
4377 --- a/drivers/net/wireless/ath/ath9k/recv.c
4378 +++ b/drivers/net/wireless/ath/ath9k/recv.c
4379 @@ -34,7 +34,8 @@ static inline bool ath9k_check_auto_slee
4380 * buffer (or rx fifo). This can incorrectly acknowledge packets
4381 * to a sender if last desc is self-linked.
4383 -static void ath_rx_buf_link(struct ath_softc *sc, struct ath_rxbuf *bf)
4384 +static void ath_rx_buf_link(struct ath_softc *sc, struct ath_rxbuf *bf,
4387 struct ath_hw *ah = sc->sc_ah;
4388 struct ath_common *common = ath9k_hw_common(ah);
4389 @@ -59,18 +60,19 @@ static void ath_rx_buf_link(struct ath_s
4393 - if (sc->rx.rxlink == NULL)
4394 - ath9k_hw_putrxbuf(ah, bf->bf_daddr);
4396 + if (sc->rx.rxlink)
4397 *sc->rx.rxlink = bf->bf_daddr;
4399 + ath9k_hw_putrxbuf(ah, bf->bf_daddr);
4401 sc->rx.rxlink = &ds->ds_link;
4404 -static void ath_rx_buf_relink(struct ath_softc *sc, struct ath_rxbuf *bf)
4405 +static void ath_rx_buf_relink(struct ath_softc *sc, struct ath_rxbuf *bf,
4408 if (sc->rx.buf_hold)
4409 - ath_rx_buf_link(sc, sc->rx.buf_hold);
4410 + ath_rx_buf_link(sc, sc->rx.buf_hold, flush);
4412 sc->rx.buf_hold = bf;
4414 @@ -442,7 +444,7 @@ int ath_startrecv(struct ath_softc *sc)
4415 sc->rx.buf_hold = NULL;
4416 sc->rx.rxlink = NULL;
4417 list_for_each_entry_safe(bf, tbf, &sc->rx.rxbuf, list) {
4418 - ath_rx_buf_link(sc, bf);
4419 + ath_rx_buf_link(sc, bf, false);
4422 /* We could have deleted elements so the list may be empty now */
4423 @@ -1118,12 +1120,12 @@ requeue_drop_frag:
4425 list_add_tail(&bf->list, &sc->rx.rxbuf);
4428 - ath_rx_edma_buf_link(sc, qtype);
4430 - ath_rx_buf_relink(sc, bf);
4432 + ath_rx_buf_relink(sc, bf, flush);
4435 + } else if (!flush) {
4436 + ath_rx_edma_buf_link(sc, qtype);
4440 @@ -1135,5 +1137,5 @@ requeue:
4441 ath9k_hw_set_interrupts(ah);