This reverts commit 608961a5.

The problem is that the mac80211 stack not only needs to be able to
muck with the link-level headers, it also might need to mangle all of
the packet data if doing sw wireless encryption.

This fixes kernel bugzilla #10903.  Thanks to Didier Raboud (for the
bugzilla report), Andrew Prince (for bisecting), Johannes Berg (for
bringing this bisection analysis to my attention), and Ilpo (for
trying to analyze this purely from the TCP side).

In 2.6.27 we can take another stab at this, by using something like
skb_cow_data() when the TX path of mac80211 ends up with a non-NULL
tx->key.  The ESP protocol code in the IPSEC stack can be used as a
model for implementation.
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

This patch adds '\n' in debug printk (wme.c HT DEBUG)
Signed-off-by: NTomas Winkler <tomas.winkler@intel.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

The patch checks interface status, if it is in IBSS_JOINED mode
show cell id it is associated with.
Signed-off-by: NAbhijeet Kolekar <abhijeet.kolekar@intel.com>
Signed-off-by: NZhu Yi <yi.zhu@intel.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

This patch adds a check to the set_channel flow. When attempting to change
the channel while in IBSS mode, and the new channel does not support IBSS
mode, the flow return with an error value with no consequences on the
mac80211 and driver state.
Signed-off-by: NAssaf Krauss <assaf.krauss@intel.com>
Signed-off-by: NEmmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: NTomas Winkler <tomas.winkler@intel.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

Sufficient scans (at least 2 or 3) should have been done within 7
seconds to find an existing IBSS to join.  This should improve IBSS
creation latency; and since IBSS merging is still in effect, shouldn't
have detrimental effects on eventual IBSS convergence.
Signed-off-by: NDan Williams <dcbw@redhat.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

This patch fixes the issue of slow reconnection to an IBSS cell after
disconnection from it. Now the interface's bssid is reset upon ifdown.

ieee80211_sta_find_ibss:
if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0 &&
	    (bss = ieee80211_rx_bss_get(dev, bssid,
					local->hw.conf.channel->center_freq,
					ifsta->ssid, ifsta->ssid_len)))

Note:
In general disconnection is still not handled properly in mac80211
Signed-off-by: NAssaf Krauss <assaf.krauss@intel.com>
Signed-off-by: NTomas Winkler <tomas.winkler@intel.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

Otherwise userspace has no idea the IBSS creation succeeded.
Signed-off-by: NDan Williams <dcbw@redhat.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

This addresses an alignment issue with compare_ether_addr().
The addresses passed to compare_ether_addr should be two bytes aligned.
It may function properly in x86 platform. However may not work properly
on IA-64 or ARM processor.

This also fixes a typo in mlme.c where the sk_buff struct name is incorect.
Though sizeof() works for any incorrect structure pointer name as its just
a pointer length that we want, lets just fix it.
Signed-off-by: NSenthil Balasubramanian <senthilkumar@atheros.com>
Signed-off-by: NLuis R. Rodriguez <lrodriguez@atheros.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

This addresses a NULL pointer dereference in sta_info_get().
TID and sta_info are extracted in ADDBA Timer expiry function
through the timer handler's argument.

The problem is extracging the TID (which was stored in
timer_to_tid[] array of type "u8") through "int *" typecast which
may also yield unwanted bytes for the MSB of TID that results
in incorrect sta_info and ieee80211_local pointers.

ieee80211_local pointer is NULL as illustrated below, it crashes in
sta_info_get(). The problem started when extracting ieee80211_local
pointer out of sta_info iteself and eventually crashed in
stat_info_get().

The proper way to fix is to change the data type of TID to u8
instead of u16. However changing all the occurences requires
some prototype changes as well. We should fix this in upcoming
patches.
Signed-off-by: NSenthil Balasubramanian <senthilkumar@atheros.com>
Signed-off-by: NLuis Rodriguez <lrodriguez@atheros.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

fix a typo in ieee80211_handle_filtered_frame comment
Signed-off-by: NYi Zhu <yi.zhu@intel.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

iwconfig was showing incorrect status messages when disassociated.
Patch fixes this by always checking for association status in
ioctl calls for getting ap address.
Signed-off-by: NAbhijeet Kolekar <abhijeet.kolekar@intel.com>
Acked-by: NDan Williams <dcbw@redhat.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

This patch switch order of channel and freq (SIOCGIWFREQ) reports
in scan results in order to overcome wpa_supplicant inability
to handle channel numbers in 5.2Ghz band.
Wext reporting channel number is ambiguous as channels 7-12 (802.11j)
exist on both bands.
Signed-off-by: NTomas Winkler <tomas.winkler@intel.com>
Signed-off-by: NEmmanuel Grumbach <emmanuel.grumbach@intel.com>
Acked-by: NDan Williams <dcbw@redhat.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

This patch fixes iee80211_rx_bss_put/get imbalance
introduced by 'mac80211: enable IBSS merging' patch.
Signed-off-by: NTomas Winkler <tomas.winkler@intel.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

Correct always true conditionals.
Signed-off-by: NNicolas Kaiser <nikai@nikai.net>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

Fix a possible NULL pointer dereference in ieee80211_compatible_rates
introduced in the patch "mac80211: fix association with some APs". If no bss
is available just use all supported rates in the association request.
Signed-off-by: NHelmut Schaa <hschaa@suse.de>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

We removed iwspy support a very long time ago because it is useless, but
forgot to stop claiming to support it. Apparently, nobody cares, but
remove it nonetheless.
Signed-off-by: NJohannes Berg <johannes@sipsolutions.net>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

Since commit e38bad47
	mac80211: make ieee80211_iterate_active_interfaces not need rtnl
rt2500usb and rt73usb broke down due to attempting register access
in atomic context (which is not possible for USB hardware).

This patch restores ieee80211_iterate_active_interfaces() to use RTNL lock,
and provides the non-RTNL version under a new name:
	ieee80211_iterate_active_interfaces_atomic()

So far only rt2x00 uses ieee80211_iterate_active_interfaces(), and those
drivers require the RTNL version of ieee80211_iterate_active_interfaces().
Since they already call that function directly, this patch will automatically
fix the USB rt2x00 drivers.

v2: Rename ieee80211_iterate_active_interfaces_rtnl
Signed-off-by: NIvo van Doorn <IvDoorn@gmail.com>
Acked-by: NJohannes Berg <johannes@sipsolutions.net>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

This patch fixes the association problem with 11n hidden ssid ap.
Patch fixes the problem of associating with hidden ssid when
all three parameters ap,essid and channel are given to iwconfig.
This patch removes the condition of checking three parameters
and always checks for bss in bss list while associating.
Signed-off-by: NAbhijeet Kolekar <abhijeet.kolekar@intel.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

When skb_header_cloned() returns false you can change the
headers however you like.
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

This assigns the netdev's needed_headroom/tailroom members to take
advantage of pre-allocated space for 802.11 headers.
Signed-off-by: NJohannes Berg <johannes@sipsolutions.net>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Signed-off-by: NPavel Roskin <proski@gnu.org>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

Some APs refuse association if the supported rates contained in the
association request do not match its own supported rates. This patch
introduces a new function which builds the intersection between the AP's
supported rates and the client's supported rates to work around such
problems. The same approach is already used in ipw2200 for example.
Signed-off-by: NHelmut Schaa <hschaa@suse.de>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

Calling synchronize_rcu() under write-lock-ed pathtbl_resize_lock may
result in this warning (and other side effects).

It looks safe just dropping this lock before calling synchronize_rcu.
Signed-off-by: NPavel Emelyanov <xemul@openvz.org>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

The new_node kmallocation is not checked for success, so add
this check.

BTW, it also happens under the read_lock.
Signed-off-by: NPavel Emelyanov <xemul@openvz.org>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

The mesh_path_add() read-locks the pathtbl_resize_lock and calls
kmalloc with GFP_KERNEL mask.

Fix it and move the endadd2 label lower. It should be _before_ the
if() beyond, but it makes no sense for it being there, so I move it
right after this if().
Signed-off-by: NPavel Emelyanov <xemul@openvz.org>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

Signed-off-by: NPatrick McHardy <kaber@trash.net>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

Without this patch, if xmit_skb is null but net_ratelimit() returns 0 we would
go to the else branch and access the null xmit_skb. Pointed out by Johannes
Berg.
Signed-off-by: NLuis Carlos Cobo <luisca@cozybit.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

This should have been updated at the same time we were transitioning from 3 byte
to 4 byte mesh sequence number. Pointed out by Johannes Berg.
Signed-off-by: NLuis Carlos Cobo <luisca@cozybit.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

mac80211 should set the IEEE80211_TX_CTL_DO_NOT_ENCRYPT flag in tx_control
structure to inform drivers not to encrypt the beacon. Drivers that only check
for that flag before accessing the hw_key field, will otherwise cause a NULL
pointer dereference since that field is not configured for beacons.
Signed-off-by: NIvo van Doorn <IvDoorn@gmail.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

Under certain circumstances (in AP mode) the debugfs function
that is supposed to add the default key symlink can encounter
a NULL default_key pointer. This patch makes it handle that
situtation gracefully.
Signed-off-by: NJohannes Berg <johannes@sipsolutions.net>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

A file in the net/mac80211 directory uses "int" for flags.  This can cause
hard to find bugs on some architectures.  This patch converts the flags to use
"long" instead.

This bug was discovered by doing an allyesconfig make on the -rt kernel where
checks are done to ensure all flags are of size sizeof(long).
Signed-off-by: NSteven Rostedt <srostedt@redhat.com>
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

A file in the net/mac80211 directory uses "int" for flags.  This can cause
hard to find bugs on some architectures.  This patch converts the flags to use
"long" instead.

This bug was discovered by doing an allyesconfig make on the -rt kernel where
checks are done to ensure all flags are of size sizeof(long).
Signed-off-by: NSteven Rostedt <srostedt@redhat.com>
Cc: "John W. Linville" <linville@tuxdriver.com>
Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

The error path in ieee80211_register_hw() may call the unregister_netdev()
and right after it - the free_netdev(), which is wrong, since the
unregister releases the device itself.

So the proposed fix is to NULL the local->mdev after unregister is done
and check this before calling free_netdev().

I checked - no code uses the local->mdev after unregister in this error
path (but even if some did this would be a BUG).
Signed-off-by: NPavel Emelyanov <xemul@openvz.org>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Looks like  5d2cdcd4 ("mac80211: get a
TKIP phase key from skb") got the shifts wrong.

Noticed by sparse:
net/mac80211/tkip.c:234:25: warning: right shift by bigger than source value
net/mac80211/tkip.c:235:25: warning: right shift by bigger than source value
net/mac80211/tkip.c:236:25: warning: right shift by bigger than source value
Signed-off-by: NHarvey Harrison <harvey.harrison@gmail.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

This reorders the open code so that WDS peer STA info entries
are added after the corresponding interface is added to the
driver so that driver callbacks aren't invoked out of order.
Also make any master device startup fatal.
Signed-off-by: NJohannes Berg <johannes@sipsolutions.net>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

Rather than just disallowing the zero address, disallow all
invalid ones.
Signed-off-by: NJohannes Berg <johannes@sipsolutions.net>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

Drivers can rightfully assume that they get a beacon_control
if the beacon is set.
Signed-off-by: NJohannes Berg <johannes@sipsolutions.net>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

This follows the new 802.11s/D2.0 draft.
Signed-off-by: NLuis Carlos Cobo <luisca@cozybit.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>

Fix build error caused by commit
e82404ad ("iwlwifi: Select
LEDS_CLASS.") from David Miller:

Since MAC80211_LEDS is selected by wireless drivers it must select its
own dependencies otherwise a build error may occur (kbuild will select
the symbol regardless of "depends" constraints).
Signed-off-By: NLuca Tettamanti <kronos.it@gmail.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>