1 diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
2 --- madwifi.old/ath/if_ath.c 2007-05-18 13:19:16.000000000 +0200
3 +++ madwifi.dev/ath/if_ath.c 2007-05-21 08:10:46.864754176 +0200
5 static int ath_desc_alloc(struct ath_softc *);
6 static void ath_desc_free(struct ath_softc *);
7 static void ath_desc_swap(struct ath_desc *);
8 -static struct ieee80211_node *ath_node_alloc(struct ieee80211_node_table *,
9 - struct ieee80211vap *);
10 +static struct ieee80211_node *ath_node_alloc(struct ieee80211vap *);
11 static void ath_node_cleanup(struct ieee80211_node *);
12 static void ath_node_free(struct ieee80211_node *);
13 static u_int8_t ath_node_getrssi(const struct ieee80211_node *);
15 if (ath_tx_start(sc->sc_dev, ni, bf_ff, bf_ff->bf_skb, 0) == 0)
18 - ieee80211_free_node(ni);
19 + ieee80211_unref_node(&ni);
20 if (bf_ff->bf_skb != NULL) {
21 dev_kfree_skb(bf_ff->bf_skb);
23 @@ -2525,8 +2524,10 @@
25 ATH_FF_MAGIC_PUT(skb);
28 /* decrement extra node reference made when an_tx_ffbuf[] was set */
29 - //ieee80211_free_node(ni); /* XXX where was it set ? */
30 + ieee80211_unref_node(&ni); /* XXX where was it set ? */
33 DPRINTF(sc, ATH_DEBUG_XMIT | ATH_DEBUG_FF,
34 "%s: aggregating fast-frame\n", __func__);
37 DPRINTF(sc, ATH_DEBUG_XMIT | ATH_DEBUG_FF,
38 "%s: ff stageq flush failure\n", __func__);
39 - ieee80211_free_node(ni);
40 + ieee80211_unref_node(&ni);
42 dev_kfree_skb(bf_ff->bf_skb);
48 - ieee80211_free_node(ni);
49 + ieee80211_unref_node(&ni);
51 STAILQ_INSERT_TAIL(&sc->sc_txbuf, tbf, bf_list);
57 - ieee80211_free_node(ni);
58 + ieee80211_unref_node(&ni);
64 ni = sc->sc_keyixmap[keyix];
66 - ieee80211_free_node(ni);
67 + ieee80211_unref_node(&ni);
68 sc->sc_keyixmap[keyix] = NULL;
72 ath_hal_keyreset(ah, keyix + 32); /* RX key */
73 ni = sc->sc_keyixmap[keyix + 32];
74 if (ni != NULL) { /* as above... */
75 - ieee80211_free_node(ni);
76 + ieee80211_unref_node(&ni);
77 sc->sc_keyixmap[keyix + 32] = NULL;
81 ath_hal_keyreset(ah, keyix + rxkeyoff);
82 ni = sc->sc_keyixmap[keyix + rxkeyoff];
83 if (ni != NULL) { /* as above... */
84 - ieee80211_free_node(ni);
85 + ieee80211_unref_node(&ni);
86 sc->sc_keyixmap[keyix + rxkeyoff] = NULL;
89 @@ -3764,10 +3765,8 @@
90 dev_kfree_skb(bf->bf_skb);
93 - if (bf->bf_node != NULL) {
94 - ieee80211_free_node(bf->bf_node);
97 + if (bf->bf_node != NULL)
98 + ieee80211_unref_node(&bf->bf_node);
101 * NB: the beacon data buffer must be 32-bit aligned;
102 @@ -3808,7 +3807,7 @@
103 DPRINTF(sc, ATH_DEBUG_BEACON,
104 "%s: %s beacons, bslot %d intval %u tsfadjust(Kus) %llu\n",
105 __func__, sc->sc_stagbeacons ? "stagger" : "burst",
106 - avp->av_bslot, ni->ni_intval, (unsigned long long) tuadjust);
107 + avp->av_bslot, ni->ni_intval, (long long) tuadjust);
109 wh = (struct ieee80211_frame *) skb->data;
110 memcpy(&wh[1], &tsfadjust, sizeof(tsfadjust));
111 @@ -4128,7 +4127,7 @@
112 vap = sc->sc_bslot[(slot + 1) % ATH_BCBUF];
113 DPRINTF(sc, ATH_DEBUG_BEACON_PROC,
114 "%s: slot %d [tsf %llu tsftu %u intval %u] vap %p\n",
115 - __func__, slot, (unsigned long long) tsf, tsftu, ic->ic_lintval, vap);
116 + __func__, slot, (long long) tsf, tsftu, ic->ic_lintval, vap);
119 bf = ath_beacon_generate(sc, vap, needmark);
120 @@ -4309,10 +4308,8 @@
121 dev_kfree_skb(bf->bf_skb);
124 - if (bf->bf_node != NULL) {
125 - ieee80211_free_node(bf->bf_node);
126 - bf->bf_node = NULL;
128 + if (bf->bf_node != NULL)
129 + ieee80211_unref_node(&bf->bf_node);
130 STAILQ_INSERT_TAIL(&sc->sc_bbuf, bf, bf_list);
133 @@ -4331,10 +4328,8 @@
134 dev_kfree_skb(bf->bf_skb);
137 - if (bf->bf_node != NULL) {
138 - ieee80211_free_node(bf->bf_node);
139 - bf->bf_node = NULL;
141 + if (bf->bf_node != NULL)
142 + ieee80211_unref_node(&bf->bf_node);
146 @@ -4620,7 +4615,7 @@
148 * Reclaim node reference.
150 - ieee80211_free_node(ni);
151 + ieee80211_unref_node(&ni);
155 @@ -4679,37 +4674,39 @@
158 static struct ieee80211_node *
159 -ath_node_alloc(struct ieee80211_node_table *nt,struct ieee80211vap *vap)
160 +ath_node_alloc(struct ieee80211vap *vap)
162 - struct ath_softc *sc = nt->nt_ic->ic_dev->priv;
163 + struct ath_softc *sc = vap->iv_ic->ic_dev->priv;
164 const size_t space = sizeof(struct ath_node) + sc->sc_rc->arc_space;
167 an = kmalloc(space, GFP_ATOMIC);
170 - memset(an, 0, space);
171 - an->an_decomp_index = INVALID_DECOMP_INDEX;
172 - an->an_avgrssi = ATH_RSSI_DUMMY_MARKER;
173 - an->an_halstats.ns_avgbrssi = ATH_RSSI_DUMMY_MARKER;
174 - an->an_halstats.ns_avgrssi = ATH_RSSI_DUMMY_MARKER;
175 - an->an_halstats.ns_avgtxrssi = ATH_RSSI_DUMMY_MARKER;
177 - * ath_rate_node_init needs a VAP pointer in node
178 - * to decide which mgt rate to use
180 - an->an_node.ni_vap = vap;
181 - sc->sc_rc->ops->node_init(sc, an);
184 - STAILQ_INIT(&an->an_uapsd_q);
185 - an->an_uapsd_qdepth = 0;
186 - STAILQ_INIT(&an->an_uapsd_overflowq);
187 - an->an_uapsd_overflowqdepth = 0;
188 - ATH_NODE_UAPSD_LOCK_INIT(an);
190 + memset(an, 0, space);
191 + an->an_decomp_index = INVALID_DECOMP_INDEX;
192 + an->an_avgrssi = ATH_RSSI_DUMMY_MARKER;
193 + an->an_halstats.ns_avgbrssi = ATH_RSSI_DUMMY_MARKER;
194 + an->an_halstats.ns_avgrssi = ATH_RSSI_DUMMY_MARKER;
195 + an->an_halstats.ns_avgtxrssi = ATH_RSSI_DUMMY_MARKER;
197 + * ath_rate_node_init needs a vap pointer in node
198 + * to decide which mgt rate to use
200 + an->an_node.ni_vap = vap;
201 + sc->sc_rc->ops->node_init(sc, an);
203 - DPRINTF(sc, ATH_DEBUG_NODE, "%s: an %p\n", __func__, an);
204 - return &an->an_node;
206 + STAILQ_INIT(&an->an_uapsd_q);
207 + an->an_uapsd_qdepth = 0;
208 + STAILQ_INIT(&an->an_uapsd_overflowq);
209 + an->an_uapsd_overflowqdepth = 0;
210 + ATH_NODE_UAPSD_LOCK_INIT(an);
212 + DPRINTF(sc, ATH_DEBUG_NODE, "%s: an %p\n", __func__, an);
213 + return &an->an_node;
220 @@ -4719,6 +4716,7 @@
221 struct ath_softc *sc = ni->ni_ic->ic_dev->priv;
222 struct ath_node *an = ATH_NODE(ni);
224 + struct ieee80211_cb *cb = NULL;
228 @@ -4733,15 +4731,18 @@
229 while (an->an_uapsd_qdepth) {
230 bf = STAILQ_FIRST(&an->an_uapsd_q);
231 STAILQ_REMOVE_HEAD(&an->an_uapsd_q, bf_list);
232 - bf->bf_desc->ds_link = 0;
234 + cb = (struct ieee80211_cb *) bf->bf_skb->cb;
235 + ieee80211_unref_node(&cb->ni);
236 dev_kfree_skb_any(bf->bf_skb);
238 + bf->bf_desc->ds_link = 0;
242 ATH_TXBUF_LOCK_IRQ(sc);
243 STAILQ_INSERT_TAIL(&sc->sc_txbuf, bf, bf_list);
244 ATH_TXBUF_UNLOCK_IRQ(sc);
245 - ieee80211_free_node(ni);
247 an->an_uapsd_qdepth--;
249 @@ -4749,19 +4750,25 @@
250 while (an->an_uapsd_overflowqdepth) {
251 bf = STAILQ_FIRST(&an->an_uapsd_overflowq);
252 STAILQ_REMOVE_HEAD(&an->an_uapsd_overflowq, bf_list);
253 - bf->bf_desc->ds_link = 0;
255 + cb = (struct ieee80211_cb *) bf->bf_skb->cb;
256 + ieee80211_unref_node(&cb->ni);
257 dev_kfree_skb_any(bf->bf_skb);
261 + bf->bf_desc->ds_link = 0;
263 ATH_TXBUF_LOCK_IRQ(sc);
264 STAILQ_INSERT_TAIL(&sc->sc_txbuf, bf, bf_list);
265 ATH_TXBUF_UNLOCK_IRQ(sc);
266 - ieee80211_free_node(ni);
268 an->an_uapsd_overflowqdepth--;
271 + /* Clean up node-specific rate things - this currently appears to always be a no-op */
272 + sc->sc_rc->ops->node_cleanup(sc, ATH_NODE(ni));
274 ATH_NODE_UAPSD_LOCK_IRQ(an);
275 sc->sc_node_cleanup(ni);
276 ATH_NODE_UAPSD_UNLOCK_IRQ(an);
277 @@ -4772,7 +4779,6 @@
279 struct ath_softc *sc = ni->ni_ic->ic_dev->priv;
281 - sc->sc_rc->ops->node_cleanup(sc, ATH_NODE(ni));
282 sc->sc_node_free(ni);
284 ath_grppoll_period_update(sc);
285 @@ -5660,7 +5666,7 @@
286 an = ATH_NODE(ieee80211_ref_node(ni));
287 ATH_RSSI_LPF(an->an_avgrssi, rs->rs_rssi);
288 type = ieee80211_input(ni, skb, rs->rs_rssi, rs->rs_tstamp);
289 - ieee80211_free_node(ni);
290 + ieee80211_unref_node(&ni);
293 * No key index or no entry, do a lookup and
294 @@ -5682,7 +5688,7 @@
295 if (keyix != IEEE80211_KEYIX_NONE &&
296 sc->sc_keyixmap[keyix] == NULL)
297 sc->sc_keyixmap[keyix] = ieee80211_ref_node(ni);
298 - ieee80211_free_node(ni);
299 + ieee80211_unref_node(&ni);
301 type = ieee80211_input_all(ic, skb,
302 rs->rs_rssi, rs->rs_tstamp);
303 @@ -6478,8 +6484,7 @@
304 STAILQ_REMOVE_HEAD(&an->an_uapsd_q, bf_list);
305 dev_kfree_skb(lastbuf->bf_skb);
306 lastbuf->bf_skb = NULL;
307 - ieee80211_free_node(lastbuf->bf_node);
308 - lastbuf->bf_node = NULL;
309 + ieee80211_unref_node(&lastbuf->bf_node);
310 ATH_TXBUF_LOCK_IRQ(sc);
311 STAILQ_INSERT_TAIL(&sc->sc_txbuf, lastbuf, bf_list);
312 ATH_TXBUF_UNLOCK_IRQ(sc);
313 @@ -7229,7 +7234,7 @@
314 * this is a DEAUTH message that was sent and the
315 * node was timed out due to inactivity.
317 - ieee80211_free_node(ni);
318 + ieee80211_unref_node(&ni);
321 bus_unmap_single(sc->sc_bdev, bf->bf_skbaddr,
322 @@ -7474,7 +7479,7 @@
324 #endif /* ATH_SUPERG_FF */
326 - ieee80211_free_node(bf->bf_node);
327 + ieee80211_unref_node(&bf->bf_node);
331 diff -ur madwifi.old/net80211/ieee80211_input.c madwifi.dev/net80211/ieee80211_input.c
332 --- madwifi.old/net80211/ieee80211_input.c 2007-05-18 13:19:16.000000000 +0200
333 +++ madwifi.dev/net80211/ieee80211_input.c 2007-05-21 08:10:46.865754024 +0200
336 ni_wds = ieee80211_find_wds_node(nt, wh->i_addr3);
338 - ieee80211_free_node(ni_wds); /* Decr ref count */
339 + ieee80211_unref_node(&ni_wds); /* Decr ref count */
340 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
342 "multicast echo originated from node behind me");
343 @@ -543,10 +543,12 @@
344 * the node table for the packet source address (addr4).
347 + /* XXX: Useless node mgmt API; make better */
348 if (dir == IEEE80211_FC1_DIR_DSTODS) {
349 struct ieee80211_node_table *nt;
350 struct ieee80211_frame_addr4 *wh4;
351 struct ieee80211_node *ni_wds;
353 if (!(vap->iv_flags_ext & IEEE80211_FEXT_WDS)) {
354 IEEE80211_DISCARD(vap, IEEE80211_MSG_INPUT,
355 wh, "data", "%s", "4 addr not allowed");
358 ieee80211_add_wds_addr(nt, ni, wh4->i_addr4, 0);
360 - ieee80211_free_node(ni_wds); /* Decr ref count */
361 + ieee80211_unref_node(&ni_wds); /* Decr. ref count */
367 ni = ieee80211_ref_node(vap->iv_bss);
368 type = ieee80211_input(ni, skb1, rssi, rstamp);
369 - ieee80211_free_node(ni);
370 + ieee80211_unref_node(&ni);
372 if (skb != NULL) /* no vaps, reclaim skb */
374 @@ -986,22 +988,14 @@
378 - * Use this lock to make sure ni->ni_rxfrag is
379 - * not freed by the timer process while we use it.
382 - IEEE80211_NODE_LOCK_IRQ(ni->ni_table);
385 * Update the time stamp. As a side effect, it
386 * also makes sure that the timer will not change
387 * ni->ni_rxfrag for at least 1 second, or in
388 * other words, for the remaining of this function.
389 + * XXX HUGE HORRIFIC HACK
391 ni->ni_rxfragstamp = jiffies;
393 - IEEE80211_NODE_UNLOCK_IRQ(ni->ni_table);
396 * Validate that fragment is in order and
397 * related to the previous ones.
398 @@ -1130,7 +1124,7 @@
402 - ieee80211_free_node(ni1);
403 + ieee80211_unref_node(&ni1);
407 @@ -1265,6 +1259,7 @@
408 int rssi, u_int32_t rstamp, u_int16_t seq, u_int16_t status)
410 struct ieee80211vap *vap = ni->ni_vap;
411 + unsigned int tmpnode = 0;
413 if (ni->ni_authmode == IEEE80211_AUTH_SHARED) {
414 IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_AUTH,
415 @@ -1272,22 +1267,21 @@
416 "bad sta auth mode %u", ni->ni_authmode);
417 vap->iv_stats.is_rx_bad_auth++; /* XXX maybe a unique error? */
418 if (vap->iv_opmode == IEEE80211_M_HOSTAP) {
419 - /* XXX hack to workaround calling convention */
421 - /* XXX To send the frame to the requesting STA, we have to
422 - * create a node for the station that we're going to reject.
423 - * The node will be freed automatically */
424 if (ni == vap->iv_bss) {
425 - ni = ieee80211_dup_bss(vap, wh->i_addr2);
426 + ni = ieee80211_dup_bss(vap, wh->i_addr2, 0);
430 IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE,
431 "%s: %p<%s> refcnt %d\n", __func__, ni, ether_sprintf(ni->ni_macaddr),
432 ieee80211_node_refcnt(ni));
435 IEEE80211_SEND_MGMT(ni, IEEE80211_FC0_SUBTYPE_AUTH,
436 (seq + 1) | (IEEE80211_STATUS_ALG << 16));
439 + ieee80211_unref_node(&ni);
443 @@ -1315,23 +1309,16 @@
445 /* always accept open authentication requests */
446 if (ni == vap->iv_bss) {
447 - ni = ieee80211_dup_bss(vap, wh->i_addr2);
448 + ni = ieee80211_dup_bss(vap, wh->i_addr2, 0);
452 IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE,
453 "%s: %p<%s> refcnt %d\n", __func__, ni, ether_sprintf(ni->ni_macaddr),
454 ieee80211_node_refcnt(ni));
456 - } else if ((ni->ni_flags & IEEE80211_NODE_AREF) == 0)
457 - (void) ieee80211_ref_node(ni);
459 - * Mark the node as referenced to reflect that it's
460 - * reference count has been bumped to ensure it remains
461 - * after the transaction completes.
463 - ni->ni_flags |= IEEE80211_NODE_AREF;
468 IEEE80211_SEND_MGMT(ni, IEEE80211_FC0_SUBTYPE_AUTH, seq + 1);
469 IEEE80211_NOTE(vap, IEEE80211_MSG_DEBUG | IEEE80211_MSG_AUTH,
470 ni, "station authenticated (%s)", "open");
471 @@ -1341,6 +1328,8 @@
473 if (ni->ni_authmode != IEEE80211_AUTH_8021X)
474 ieee80211_node_authorize(ni);
476 + ieee80211_unref_node(&ni);
479 case IEEE80211_M_STA:
480 @@ -1379,7 +1368,7 @@
483 if (ni == vap->iv_bss) {
484 - ni = ieee80211_tmp_node(vap, mac);
485 + ni = ieee80211_dup_bss(vap, mac, 1);
489 @@ -1389,7 +1378,7 @@
491 IEEE80211_SEND_MGMT(ni, subtype, arg);
493 - ieee80211_free_node(ni);
494 + ieee80211_unref_node(&ni);
498 @@ -1505,7 +1494,7 @@
500 case IEEE80211_AUTH_SHARED_REQUEST:
501 if (ni == vap->iv_bss) {
502 - ni = ieee80211_dup_bss(vap, wh->i_addr2);
503 + ni = ieee80211_dup_bss(vap, wh->i_addr2, 0);
505 /* NB: no way to return an error */
507 @@ -1516,17 +1505,8 @@
508 ieee80211_node_refcnt(ni));
512 - if ((ni->ni_flags & IEEE80211_NODE_AREF) == 0)
513 - (void) ieee80211_ref_node(ni);
517 - * Mark the node as referenced to reflect that it's
518 - * reference count has been bumped to ensure it remains
519 - * after the transaction completes.
521 - ni->ni_flags |= IEEE80211_NODE_AREF;
524 ni->ni_rstamp = rstamp;
525 ni->ni_last_rx = jiffies;
526 @@ -1620,14 +1600,13 @@
531 - * Send an error response; but only when operating as an AP.
533 + /* Send an error response; but only when operating as an AP. */
534 if (vap->iv_opmode == IEEE80211_M_HOSTAP) {
535 /* XXX hack to workaround calling convention */
536 ieee80211_send_error(ni, wh->i_addr2,
537 IEEE80211_FC0_SUBTYPE_AUTH,
538 (seq + 1) | (estatus<<16));
539 + ieee80211_node_leave(ni);
540 } else if (vap->iv_opmode == IEEE80211_M_STA) {
542 * Kick the state machine. This short-circuits
543 @@ -2600,7 +2579,7 @@
544 u_int8_t *frm, *efrm;
545 u_int8_t *ssid, *rates, *xrates, *wpa, *rsn, *wme, *ath;
547 - int reassoc, resp, allocbs;
548 + int reassoc, resp, allocbs = 0;
551 wh = (struct ieee80211_frame *) skb->data;
552 @@ -3008,13 +2987,13 @@
553 ni = ieee80211_fakeup_adhoc_node(vap,
556 - ni = ieee80211_tmp_node(vap, wh->i_addr2);
557 + ni = ieee80211_dup_bss(vap, wh->i_addr2, 1);
566 IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_INPUT, wh->i_addr2,
567 "%s", "recv probe req");
569 @@ -3037,7 +3016,7 @@
570 * Temporary node created just to send a
571 * response, reclaim immediately
573 - ieee80211_free_node(ni);
574 + ieee80211_unref_node(&ni);
575 } else if (ath != NULL)
576 ieee80211_saveath(ni, ath);
578 @@ -3067,6 +3046,9 @@
579 ni = vap->iv_xrvap->iv_bss;
581 ieee80211_node_leave(ni);
582 + /* This would be a stupid place to add a node to the table
583 + * XR stuff needs work anyway
585 ieee80211_node_reset(ni, vap->iv_xrvap);
588 diff -ur madwifi.old/net80211/ieee80211_linux.c madwifi.dev/net80211/ieee80211_linux.c
589 --- madwifi.old/net80211/ieee80211_linux.c 2007-05-18 13:19:16.000000000 +0200
590 +++ madwifi.dev/net80211/ieee80211_linux.c 2007-05-21 08:10:46.866753872 +0200
592 struct ieee80211_node *ni;
593 struct ieee80211_node_table *nt = (struct ieee80211_node_table *) &vap->iv_ic->ic_sta;
595 - //IEEE80211_NODE_LOCK(nt);
596 + /* IEEE80211_NODE_LOCK(nt); */
597 TAILQ_FOREACH(ni, &nt->nt_node, ni_list) {
598 /* Assume each node needs 500 bytes */
599 if (buf + space < p + 500)
604 - //IEEE80211_NODE_UNLOCK(nt);
605 + /* IEEE80211_NODE_UNLOCK(nt); */
609 diff -ur madwifi.old/net80211/ieee80211_linux.h madwifi.dev/net80211/ieee80211_linux.h
610 --- madwifi.old/net80211/ieee80211_linux.h 2007-05-04 15:45:58.000000000 +0200
611 +++ madwifi.dev/net80211/ieee80211_linux.h 2007-05-21 08:10:46.867753720 +0200
614 #define IEEE80211_RESCHEDULE schedule
617 +/* NB: beware, spin_is_locked() is not usefully defined for !(DEBUG || SMP)
618 + * because spinlocks do not exist in this configuration. Instead IRQs
619 + * or pre-emption are simply disabled, as this is all that is needed.
623 * Beacon handler locking definitions.
626 #define IEEE80211_LOCK(_ic) spin_lock(&(_ic)->ic_comlock)
627 #define IEEE80211_UNLOCK(_ic) spin_unlock(&(_ic)->ic_comlock)
629 -/* NB: beware, spin_is_locked() is unusable for !SMP */
630 -#if defined(CONFIG_SMP)
631 +#if (defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK)) && defined(spin_is_locked)
632 #define IEEE80211_LOCK_ASSERT(_ic) \
633 KASSERT(spin_is_locked(&(_ic)->ic_comlock),("ieee80211com not locked!"))
635 #define IEEE80211_LOCK_ASSERT(_ic)
639 #define IEEE80211_VAPS_LOCK_INIT(_ic, _name) \
640 spin_lock_init(&(_ic)->ic_vapslock)
641 #define IEEE80211_VAPS_LOCK_DESTROY(_ic)
642 @@ -108,11 +114,10 @@
644 #define IEEE80211_VAPS_UNLOCK_IRQ_EARLY(_ic) spin_unlock_irqrestore(&(_ic)->ic_vapslock, _vaps_lockflags)
647 -/* NB: beware, spin_is_locked() is unusable for !SMP */
648 -#if defined(CONFIG_SMP)
649 +#if (defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK)) && defined(spin_is_locked)
650 #define IEEE80211_VAPS_LOCK_ASSERT(_ic) \
651 - KASSERT(spin_is_locked(&(_ic)->ic_vapslock),("ieee80211com_vaps not locked!"))
652 + KASSERT(spin_is_locked(&(_ic)->ic_vapslock), \
653 + ("ieee80211com_vaps not locked!"))
655 #define IEEE80211_VAPS_LOCK_ASSERT(_ic)
657 @@ -121,29 +126,63 @@
659 * Node locking definitions.
663 typedef spinlock_t ieee80211_node_lock_t;
664 -#define IEEE80211_NODE_LOCK_INIT(_nt, _name) spin_lock_init(&(_nt)->nt_nodelock)
665 -#define IEEE80211_NODE_LOCK_DESTROY(_nt)
666 -#define IEEE80211_NODE_LOCK(_nt) spin_lock(&(_nt)->nt_nodelock)
667 -#define IEEE80211_NODE_UNLOCK(_nt) spin_unlock(&(_nt)->nt_nodelock)
668 -#define IEEE80211_NODE_LOCK_BH(_nt) spin_lock_bh(&(_nt)->nt_nodelock)
669 -#define IEEE80211_NODE_UNLOCK_BH(_nt) spin_unlock_bh(&(_nt)->nt_nodelock)
670 -#define IEEE80211_NODE_LOCK_IRQ(_nt) do { \
671 +#define IEEE80211_NODE_LOCK_INIT(_ni, _name) spin_lock_init(&(_ni)->ni_nodelock)
672 +#define IEEE80211_NODE_LOCK_DESTROY(_ni)
673 +#if 0 /* We should always be contesting in the same contexts */
674 +#define IEEE80211_NODE_LOCK(_ni) spin_lock(&(_ni)->ni_nodelock)
675 +#define IEEE80211_NODE_UNLOCK(_ni) spin_unlock(&(_ni)->ni_nodelock)
676 +#define IEEE80211_NODE_LOCK_BH(_ni) spin_lock_bh(&(_ni)->ni_nodelock)
677 +#define IEEE80211_NODE_UNLOCK_BH(_ni) spin_unlock_bh(&(_ni)->ni_nodelock)
679 +#define IEEE80211_NODE_LOCK_IRQ(_ni) do { \
680 + unsigned long __node_lockflags; \
681 + spin_lock_irqsave(&(_ni)->ni_nodelock, __node_lockflags);
682 +#define IEEE80211_NODE_UNLOCK_IRQ(_ni) \
683 + spin_unlock_irqrestore(&(_ni)->ni_nodelock, __node_lockflags); \
685 +#define IEEE80211_NODE_UNLOCK_IRQ_EARLY(_ni) \
686 + spin_unlock_irqrestore(&(_ni)->ni_nodelock, __node_lockflags);
688 +#if (defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK)) && defined(spin_is_locked)
689 +#define IEEE80211_NODE_LOCK_ASSERT(_nt) \
690 + KASSERT(spin_is_locked(&(_ni)->ni_nodelock), \
691 + ("802.11 node not locked!"))
693 +#define IEEE80211_NODE_LOCK_ASSERT(_ni)
696 +#endif /* node lock */
699 + * Node table locking definitions.
701 +typedef spinlock_t ieee80211_node_table_lock_t;
702 +#define IEEE80211_NODE_TABLE_LOCK_INIT(_nt, _name) spin_lock_init(&(_nt)->nt_nodelock)
703 +#define IEEE80211_NODE_TABLE_LOCK_DESTROY(_nt)
704 +#if 0 /* We should always be contesting in the same contexts */
705 +#define IEEE80211_NODE_TABLE_LOCK(_nt) spin_lock(&(_nt)->nt_nodelock)
706 +#define IEEE80211_NODE_TABLE_UNLOCK(_nt) spin_unlock(&(_nt)->nt_nodelock)
707 +#define IEEE80211_NODE_TABLE_LOCK_BH(_nt) spin_lock_bh(&(_nt)->nt_nodelock)
708 +#define IEEE80211_NODE_TABLE_UNLOCK_BH(_nt) spin_unlock_bh(&(_nt)->nt_nodelock)
710 +#define IEEE80211_NODE_TABLE_LOCK_IRQ(_nt) do { \
711 unsigned long __node_lockflags; \
712 spin_lock_irqsave(&(_nt)->nt_nodelock, __node_lockflags);
713 -#define IEEE80211_NODE_UNLOCK_IRQ(_nt) \
714 +#define IEEE80211_NODE_TABLE_UNLOCK_IRQ(_nt) \
715 spin_unlock_irqrestore(&(_nt)->nt_nodelock, __node_lockflags); \
717 -#define IEEE80211_NODE_UNLOCK_IRQ_EARLY(_nt) \
718 +#define IEEE80211_NODE_TABLE_UNLOCK_IRQ_EARLY(_nt) \
719 spin_unlock_irqrestore(&(_nt)->nt_nodelock, __node_lockflags);
721 -/* NB: beware, *_is_locked() are bogusly defined for UP+!PREEMPT */
722 -#if (defined(CONFIG_SMP) || defined(CONFIG_PREEMPT)) && defined(spinlock_is_locked)
723 -#define IEEE80211_NODE_LOCK_ASSERT(_nt) \
724 - KASSERT(spinlock_is_locked(&(_nt)->nt_nodelock), \
725 +#if (defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK)) && defined(spin_is_locked)
726 +#define IEEE80211_NODE_TABLE_LOCK_ASSERT(_nt) \
727 + KASSERT(spin_is_locked(&(_nt)->nt_nodelock), \
728 ("802.11 node table not locked!"))
730 -#define IEEE80211_NODE_LOCK_ASSERT(_nt)
731 +#define IEEE80211_NODE_TABLE_LOCK_ASSERT(_nt)
736 #define IEEE80211_SCAN_UNLOCK_IRQ_EARLY(_nt) \
737 spin_unlock_irqrestore(&(_nt)->nt_scanlock, __scan_lockflags);
739 -/* NB: beware, spin_is_locked() is unusable for !SMP */
740 -#if defined(CONFIG_SMP)
741 +#if (defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK)) && defined(spin_is_locked)
742 #define IEEE80211_SCAN_LOCK_ASSERT(_nt) \
743 KASSERT(spin_is_locked(&(_nt)->nt_scanlock), ("scangen not locked!"))
746 #define ACL_LOCK_BH(_as) spin_lock_bh(&(_as)->as_lock)
747 #define ACL_UNLOCK_BH(_as) spin_unlock_bh(&(_as)->as_lock)
749 -/* NB: beware, spin_is_locked() is unusable for !SMP */
750 -#if defined(CONFIG_SMP)
751 +#if (defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK)) && defined(spin_is_locked)
752 #define ACL_LOCK_ASSERT(_as) \
753 KASSERT(spin_is_locked(&(_as)->as_lock), ("ACL not locked!"))
756 * is the last reference, otherwise 0
757 * ieee80211_node_refcnt reference count for printing (only)
759 +typedef atomic_t ieee80211_node_ref_count_t;
760 #define ieee80211_node_initref(_ni) atomic_set(&(_ni)->ni_refcnt, 1)
761 #define ieee80211_node_incref(_ni) atomic_inc(&(_ni)->ni_refcnt)
762 #define ieee80211_node_decref(_ni) atomic_dec(&(_ni)->ni_refcnt)
764 /* msecs_to_jiffies appeared in 2.6.7 and 2.4.29 */
765 #include <linux/delay.h>
766 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) && \
767 - LINUX_VERSION_CODE < KERNEL_VERSION(2,6,7)) || \
768 - LINUX_VERSION_CODE < KERNEL_VERSION(2,4,29)
769 + LINUX_VERSION_CODE < KERNEL_VERSION(2,6,7)) || \
770 + LINUX_VERSION_CODE < KERNEL_VERSION(2,4,29)
772 /* The following definitions and inline functions are
773 * copied from the kernel src, include/linux/jiffies.h */
774 diff -ur madwifi.old/net80211/ieee80211_node.c madwifi.dev/net80211/ieee80211_node.c
775 --- madwifi.old/net80211/ieee80211_node.c 2007-05-18 13:19:16.000000000 +0200
776 +++ madwifi.dev/net80211/ieee80211_node.c 2007-05-21 08:10:46.868753568 +0200
778 #define IEEE80211_AID_ISSET(_vap, _b) \
779 ((_vap)->iv_aid_bitmap[IEEE80211_AID(_b) / 32] & (1 << (IEEE80211_AID(_b) % 32)))
781 +static struct ieee80211_node *ieee80211_alloc_node(struct ieee80211vap *, const u_int8_t *);
783 static int ieee80211_sta_join1(struct ieee80211_node *);
785 -static struct ieee80211_node *node_alloc(struct ieee80211_node_table *,
786 - struct ieee80211vap *);
787 +static struct ieee80211_node *node_alloc(struct ieee80211vap *);
788 static void node_cleanup(struct ieee80211_node *);
789 static void node_free(struct ieee80211_node *);
790 static u_int8_t node_getrssi(const struct ieee80211_node *);
792 -static void _ieee80211_free_node(struct ieee80211_node *);
793 -static void node_reclaim(struct ieee80211_node_table *, struct ieee80211_node*);
794 +static void _node_table_leave(struct ieee80211_node_table *, struct ieee80211_node *);
795 +static void _node_table_join(struct ieee80211_node_table *, struct ieee80211_node *);
797 static void ieee80211_node_timeout(unsigned long);
801 ieee80211_node_table_reset(&ic->ic_sta, vap);
802 if (vap->iv_bss != NULL) {
803 - ieee80211_free_node(vap->iv_bss);
804 - vap->iv_bss = NULL;
805 + ieee80211_unref_node(&vap->iv_bss);
807 if (vap->iv_aid_bitmap != NULL) {
808 FREE(vap->iv_aid_bitmap, M_DEVBUF);
810 nbss->ni_txpower = obss->ni_txpower;
811 nbss->ni_vlan = obss->ni_vlan;
812 nbss->ni_rsn = obss->ni_rsn;
813 + nbss->ni_rates = obss->ni_rates;
814 /* XXX statistics? */
817 @@ -263,17 +264,17 @@
818 "%s: creating ibss on channel %u\n", __func__,
819 ieee80211_chan2ieee(ic, chan));
821 - /* Check to see if we already have a node for this mac */
822 + /* Check to see if we already have a node for this mac
823 + * NB: we gain a node reference here
825 ni = ieee80211_find_node(&ic->ic_sta, vap->iv_myaddr);
827 - ni = ieee80211_alloc_node(&ic->ic_sta, vap, vap->iv_myaddr);
828 + ni = ieee80211_alloc_node_table(vap, vap->iv_myaddr);
835 - ieee80211_free_node(ni);
837 IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE, "%s: %p<%s> refcnt %d\n",
838 __func__, vap->iv_bss, ether_sprintf(vap->iv_bss->ni_macaddr),
840 else if (IEEE80211_IS_CHAN_QUARTER(chan))
841 ni->ni_rates = ic->ic_sup_quarter_rates;
843 - (void) ieee80211_sta_join1(ieee80211_ref_node(ni));
844 + (void) ieee80211_sta_join1(PASS_NODE(ni));
846 EXPORT_SYMBOL(ieee80211_create_ibss);
849 /* XXX multi-bss wrong */
850 ieee80211_reset_erp(ic, ic->ic_curmode);
852 - ni = ieee80211_alloc_node(&ic->ic_sta, vap, vap->iv_myaddr);
853 + ni = ieee80211_alloc_node_table(vap, vap->iv_myaddr);
854 KASSERT(ni != NULL, ("unable to setup inital BSS node"));
856 + /* New reference for caller */
857 vap->iv_bss = ieee80211_ref_node(ni);
859 IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE, "%s: new bss %p<%s> refcnt %d\n",
863 ni->ni_intval = ic->ic_lintval;
864 - ieee80211_free_node(obss);
865 + /* Caller's reference */
866 + ieee80211_unref_node(&obss);
871 vap->iv_state == IEEE80211_S_RUN && ssid_equal(obss, selbs));
874 - ieee80211_free_node(obss);
875 + ieee80211_unref_node(&obss);
876 ic->ic_bsschan = selbs->ni_chan;
877 ic->ic_curchan = ic->ic_bsschan;
878 ic->ic_curmode = ieee80211_chan2mode(ic->ic_curchan);
879 @@ -638,21 +641,20 @@
881 ni = ieee80211_find_node(&ic->ic_sta, se->se_macaddr);
883 - ni = ieee80211_alloc_node(&ic->ic_sta, vap, se->se_macaddr);
884 + ni = ieee80211_alloc_node_table(vap, se->se_macaddr);
886 IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE,
887 "%s: Unable to allocate node for BSS: %s\n", __func__,
888 ether_sprintf(ni->ni_macaddr));
892 - ieee80211_free_node(ni);
896 * Expand scan state into node's format.
897 * XXX may not need all this stuff
899 - ni->ni_authmode = vap->iv_bss->ni_authmode; /* inherit authmode from iv_bss */
900 + ni->ni_authmode = vap->iv_bss->ni_authmode; /* inherit authmode from iv_bss */
901 /* inherit the WPA setup as well (structure copy!) */
902 ni->ni_rsn = vap->iv_bss->ni_rsn;
903 IEEE80211_ADDR_COPY(ni->ni_bssid, se->se_bssid);
906 IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE,
907 "%s: %p<%s> refcnt %d\n", __func__, ni, ether_sprintf(ni->ni_macaddr),
908 - ieee80211_node_refcnt(ni)+1);
909 + ieee80211_node_refcnt(ni));
911 - return ieee80211_sta_join1(ieee80211_ref_node(ni));
912 + return ieee80211_sta_join1(PASS_NODE(ni));
914 EXPORT_SYMBOL(ieee80211_sta_join);
916 @@ -700,15 +702,13 @@
917 ieee80211_sta_leave(struct ieee80211_node *ni)
919 struct ieee80211vap *vap = ni->ni_vap;
920 - struct ieee80211com *ic = vap->iv_ic;
922 /* WDS/Repeater: Stop software beacon timer for STA */
923 if (vap->iv_opmode == IEEE80211_M_STA &&
924 vap->iv_flags_ext & IEEE80211_FEXT_SWBMISS) {
925 del_timer(&vap->iv_swbmiss);
928 - ic->ic_node_cleanup(ni);
930 ieee80211_notify_node_leave(ni);
933 @@ -717,11 +717,11 @@
937 -ieee80211_node_table_init(struct ieee80211com *ic,
938 - struct ieee80211_node_table *nt, const char *name, int inact)
939 +ieee80211_node_table_init(struct ieee80211com *ic, struct ieee80211_node_table *nt,
940 + const char *name, int inact)
943 - IEEE80211_NODE_LOCK_INIT(nt, ic->ic_dev->name);
944 + IEEE80211_NODE_TABLE_LOCK_INIT(nt, ic->ic_dev->name);
945 IEEE80211_SCAN_LOCK_INIT(nt, ic->ic_dev->name);
946 TAILQ_INIT(&nt->nt_node);
948 @@ -733,11 +733,31 @@
949 mod_timer(&nt->nt_wds_aging_timer, jiffies + HZ * WDS_AGING_TIMER_VAL);
952 +static __inline void _node_table_join(struct ieee80211_node_table *nt, struct ieee80211_node *ni) {
953 + IEEE80211_NODE_TABLE_LOCK_ASSERT(nt);
956 + TAILQ_INSERT_TAIL(&nt->nt_node, ieee80211_ref_node(ni), ni_list);
957 + LIST_INSERT_HEAD(&nt->nt_hash[IEEE80211_NODE_HASH(ni->ni_macaddr)], ni, ni_hash);
960 +static __inline void _node_table_leave(struct ieee80211_node_table *nt, struct ieee80211_node *ni) {
961 + struct ieee80211_node *hni;
962 + IEEE80211_NODE_TABLE_LOCK_ASSERT(nt);
964 + TAILQ_REMOVE(&nt->nt_node, ni, ni_list);
965 + LIST_FOREACH(hni, &nt->nt_hash[IEEE80211_NODE_HASH(ni->ni_macaddr)], ni_hash) {
966 + LIST_REMOVE(ni, ni_hash);
968 + ni->ni_table = NULL;
969 + _ieee80211_unref_node(ni);
972 /* This is overridden by ath_node_alloc in ath/if_ath.c, and so
973 - * should never get called
974 + * should never get called.
976 static struct ieee80211_node *
977 -node_alloc(struct ieee80211_node_table *nt, struct ieee80211vap *vap)
978 +node_alloc(struct ieee80211vap *vap)
980 struct ieee80211_node *ni;
983 IEEE80211_UNLOCK_IRQ(ni->ni_ic);
987 - * Clear AREF flag that marks the authorization refcnt bump
988 - * has happened. This is probably not needed as the node
989 - * should always be removed from the table so not found but
990 - * do it just in case.
992 - ni->ni_flags &= ~IEEE80211_NODE_AREF;
995 * Drain power save queue and, if needed, clear TIM.
997 vap->iv_set_tim(ni, 0);
1000 - if (ni->ni_challenge != NULL) {
1001 - FREE(ni->ni_challenge, M_DEVBUF);
1002 - ni->ni_challenge = NULL;
1006 * Preserve SSID, WPA, and WME ie's so the bss node is
1007 * reusable during a re-auth/re-assoc state transition.
1008 @@ -819,9 +829,16 @@
1010 node_free(struct ieee80211_node *ni)
1013 + /* We should 'cleanup' and then free'ing should be done automatically on decref */
1014 struct ieee80211com *ic = ni->ni_ic;
1016 ic->ic_node_cleanup(ni);
1018 + KASSERT(ieee80211_node_refcnt(ni) == 0, ("node being free whilst still referenced"));
1020 + if (ni->ni_challenge != NULL)
1021 + FREE(ni->ni_challenge, M_DEVBUF);
1022 if (ni->ni_wpa_ie != NULL)
1023 FREE(ni->ni_wpa_ie, M_DEVBUF);
1024 if (ni->ni_rsn_ie != NULL)
1026 if (ni->ni_ath_ie != NULL)
1027 FREE(ni->ni_ath_ie, M_DEVBUF);
1028 IEEE80211_NODE_SAVEQ_DESTROY(ni);
1030 FREE(ni, M_80211_NODE);
1033 @@ -847,55 +865,70 @@
1034 * This interface is not intended for general use, it is
1035 * used by the routines below to create entries with a
1037 + * Dont assume a BSS?
1039 struct ieee80211_node *
1040 -ieee80211_alloc_node(struct ieee80211_node_table *nt,
1041 - struct ieee80211vap *vap, const u_int8_t *macaddr)
1042 +ieee80211_alloc_node_table(struct ieee80211vap *vap,
1043 + const u_int8_t *macaddr)
1045 - struct ieee80211com *ic = nt->nt_ic;
1046 + struct ieee80211com *ic = vap->iv_ic;
1047 + struct ieee80211_node_table *nt = &ic->ic_sta;
1048 struct ieee80211_node *ni;
1051 - ni = ic->ic_node_alloc(nt, vap);
1054 - vap->iv_stats.is_rx_nodealloc++;
1057 + ni = ieee80211_alloc_node(vap, macaddr);
1059 + ni->ni_inact = ni->ni_inact_reload = nt->nt_inact_init;
1061 - IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE,
1062 - "%s: %p<%s> in %s table, refcnt %d\n", __func__, ni,
1063 - ether_sprintf(macaddr), nt->nt_name,
1064 - ieee80211_node_refcnt(ni)+1);
1065 + WME_UAPSD_NODE_TRIGSEQINIT(ni);
1066 + IEEE80211_NODE_SAVEQ_INIT(ni, "unknown");
1068 - IEEE80211_ADDR_COPY(ni->ni_macaddr, macaddr);
1069 - hash = IEEE80211_NODE_HASH(macaddr);
1070 - ieee80211_node_initref(ni); /* mark referenced */
1071 - ni->ni_chan = IEEE80211_CHAN_ANYC;
1072 - ni->ni_authmode = IEEE80211_AUTH_OPEN;
1073 - ni->ni_txpower = ic->ic_txpowlimit; /* max power */
1074 - ieee80211_crypto_resetkey(vap, &ni->ni_ucastkey, IEEE80211_KEYIX_NONE);
1075 - ni->ni_inact_reload = nt->nt_inact_init;
1076 - ni->ni_inact = ni->ni_inact_reload;
1077 - ni->ni_ath_defkeyindex = IEEE80211_INVAL_DEFKEY;
1078 - ni->ni_rxkeyoff = 0;
1079 - IEEE80211_NODE_SAVEQ_INIT(ni, "unknown");
1080 + IEEE80211_NODE_TABLE_LOCK_IRQ(nt);
1081 + _node_table_join(nt, ni);
1082 + IEEE80211_NODE_TABLE_UNLOCK_IRQ(nt);
1085 - IEEE80211_NODE_LOCK_IRQ(nt);
1088 - ni->ni_table = nt;
1089 - TAILQ_INSERT_TAIL(&nt->nt_node, ni, ni_list);
1090 - LIST_INSERT_HEAD(&nt->nt_hash[hash], ni, ni_hash);
1091 - ni->ni_rxfrag = NULL;
1092 - ni->ni_challenge = NULL;
1093 - IEEE80211_NODE_UNLOCK_IRQ(nt);
1096 +EXPORT_SYMBOL(ieee80211_alloc_node_table);
1098 +/* Allocate a node structure and initialise specialised structures
1099 + * This function does not add the node to the node table, thus this
1100 + * node will not be found using ieee80211_find_*node.
1101 + * This is useful when sending one off errors or request denials.
1103 +static struct ieee80211_node *
1104 +ieee80211_alloc_node(struct ieee80211vap *vap, const u_int8_t *macaddr)
1106 + struct ieee80211com *ic = vap->iv_ic;
1107 + struct ieee80211_node *ni;
1109 + /* This always allocates zeroed memoery */
1110 + ni = ic->ic_node_alloc(vap);
1112 + IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE,
1113 + "%s: %p<%s> refcnt %d\n", __func__, ni, ether_sprintf(macaddr),
1114 + ieee80211_node_refcnt(ni)+1);
1116 - WME_UAPSD_NODE_TRIGSEQINIT(ni);
1117 + ieee80211_node_initref(ni); /* mark referenced */
1119 + IEEE80211_ADDR_COPY(ni->ni_macaddr, macaddr);
1121 + ni->ni_chan = IEEE80211_CHAN_ANYC;
1122 + ni->ni_authmode = IEEE80211_AUTH_OPEN;
1123 + ni->ni_txpower = ic->ic_txpowlimit;
1125 + ieee80211_crypto_resetkey(vap, &ni->ni_ucastkey,
1126 + IEEE80211_KEYIX_NONE);
1127 + ni->ni_ath_defkeyindex = IEEE80211_INVAL_DEFKEY;
1133 + vap->iv_stats.is_rx_nodealloc++;
1137 -EXPORT_SYMBOL(ieee80211_alloc_node);
1139 /* Add wds address to the node table */
1141 @@ -917,11 +950,11 @@
1142 wds->wds_agingcount = WDS_AGING_COUNT;
1143 hash = IEEE80211_NODE_HASH(macaddr);
1144 IEEE80211_ADDR_COPY(wds->wds_macaddr, macaddr);
1145 - ieee80211_ref_node(ni); /* Reference node */
1147 - IEEE80211_NODE_LOCK_IRQ(nt);
1149 + IEEE80211_NODE_TABLE_LOCK_IRQ(nt);
1150 + wds->wds_ni = ieee80211_ref_node(ni);
1151 LIST_INSERT_HEAD(&nt->nt_wds_hash[hash], wds, wds_hash);
1152 - IEEE80211_NODE_UNLOCK_IRQ(nt);
1153 + IEEE80211_NODE_TABLE_UNLOCK_IRQ(nt);
1156 EXPORT_SYMBOL(ieee80211_add_wds_addr);
1157 @@ -934,22 +967,19 @@
1158 struct ieee80211_wds_addr *wds, *twds;
1160 hash = IEEE80211_NODE_HASH(macaddr);
1161 - IEEE80211_NODE_LOCK_IRQ(nt);
1162 + IEEE80211_NODE_TABLE_LOCK_IRQ(nt);
1163 LIST_FOREACH_SAFE(wds, &nt->nt_wds_hash[hash], wds_hash, twds) {
1164 if (IEEE80211_ADDR_EQ(wds->wds_macaddr, macaddr)) {
1165 - if (ieee80211_node_dectestref(wds->wds_ni)) {
1166 - _ieee80211_free_node(wds->wds_ni);
1167 - LIST_REMOVE(wds, wds_hash);
1168 - FREE(wds, M_80211_WDS);
1171 + LIST_REMOVE(wds, wds_hash);
1172 + ieee80211_unref_node(&wds->wds_ni);
1173 + FREE(wds, M_80211_WDS);
1177 - IEEE80211_NODE_UNLOCK_IRQ(nt);
1178 + IEEE80211_NODE_TABLE_UNLOCK_IRQ(nt);
1180 EXPORT_SYMBOL(ieee80211_remove_wds_addr);
1183 /* Remove node references from wds table */
1185 ieee80211_del_wds_node(struct ieee80211_node_table *nt, struct ieee80211_node *ni)
1186 @@ -957,19 +987,17 @@
1188 struct ieee80211_wds_addr *wds, *twds;
1190 - IEEE80211_NODE_LOCK_IRQ(nt);
1191 + IEEE80211_NODE_TABLE_LOCK_IRQ(nt);
1192 for (hash = 0; hash < IEEE80211_NODE_HASHSIZE; hash++) {
1193 LIST_FOREACH_SAFE(wds, &nt->nt_wds_hash[hash], wds_hash, twds) {
1194 if (wds->wds_ni == ni) {
1195 - if (ieee80211_node_dectestref(ni)) {
1196 - _ieee80211_free_node(ni);
1197 - LIST_REMOVE(wds, wds_hash);
1198 - FREE(wds, M_80211_WDS);
1200 + LIST_REMOVE(wds, wds_hash);
1201 + ieee80211_unref_node(&wds->wds_ni);
1202 + FREE(wds, M_80211_WDS);
1206 - IEEE80211_NODE_UNLOCK_IRQ(nt);
1207 + IEEE80211_NODE_TABLE_UNLOCK_IRQ(nt);
1209 EXPORT_SYMBOL(ieee80211_del_wds_node);
1211 @@ -980,88 +1008,46 @@
1213 struct ieee80211_wds_addr *wds, *twds;
1215 - IEEE80211_NODE_LOCK_IRQ(nt);
1216 + IEEE80211_NODE_TABLE_LOCK_IRQ(nt);
1217 for (hash = 0; hash < IEEE80211_NODE_HASHSIZE; hash++) {
1218 LIST_FOREACH_SAFE(wds, &nt->nt_wds_hash[hash], wds_hash, twds) {
1219 if (wds->wds_agingcount != WDS_AGING_STATIC) {
1220 if (!wds->wds_agingcount) {
1221 - if (ieee80211_node_dectestref(wds->wds_ni)) {
1222 - _ieee80211_free_node(wds->wds_ni);
1223 - LIST_REMOVE(wds, wds_hash);
1224 - FREE(wds, M_80211_WDS);
1226 + LIST_REMOVE(wds, wds_hash);
1227 + ieee80211_unref_node(&wds->wds_ni);
1228 + FREE(wds, M_80211_WDS);
1230 wds->wds_agingcount--;
1234 - IEEE80211_NODE_UNLOCK_IRQ(nt);
1235 + IEEE80211_NODE_TABLE_UNLOCK_IRQ(nt);
1236 mod_timer(&nt->nt_wds_aging_timer, jiffies + HZ * WDS_AGING_TIMER_VAL);
1241 - * Craft a temporary node suitable for sending a management frame
1242 - * to the specified station. We craft only as much state as we
1243 - * need to do the work since the node will be immediately reclaimed
1244 - * once the send completes.
1246 -struct ieee80211_node *
1247 -ieee80211_tmp_node(struct ieee80211vap *vap, const u_int8_t *macaddr)
1249 - struct ieee80211com *ic = vap->iv_ic;
1250 - struct ieee80211_node *ni;
1252 - ni = ic->ic_node_alloc(&ic->ic_sta,vap);
1254 - IEEE80211_DPRINTF(vap, IEEE80211_MSG_NODE,
1255 - "%s: %p<%s> refcnt %d\n", __func__, ni, ether_sprintf(macaddr),
1256 - ieee80211_node_refcnt(ni)+1);
1258 - IEEE80211_ADDR_COPY(ni->ni_macaddr, macaddr);
1259 - IEEE80211_ADDR_COPY(ni->ni_bssid, vap->iv_bss->ni_bssid);
1260 - ieee80211_node_initref(ni); /* mark referenced */
1261 - ni->ni_txpower = vap->iv_bss->ni_txpower;
1263 - /* NB: required by ieee80211_fix_rate */
1264 - ieee80211_node_set_chan(ic, ni);
1265 - ieee80211_crypto_resetkey(vap, &ni->ni_ucastkey,
1266 - IEEE80211_KEYIX_NONE);
1267 - /* XXX optimize away */
1268 - IEEE80211_NODE_SAVEQ_INIT(ni, "unknown");
1270 - ni->ni_table = NULL; /* NB: pedantic */
1272 - ni->ni_rxfrag = NULL;
1273 - ni->ni_challenge = NULL;
1276 - vap->iv_stats.is_rx_nodealloc++;
1282 * Add the specified station to the station table.
1284 struct ieee80211_node *
1285 -ieee80211_dup_bss(struct ieee80211vap *vap, const u_int8_t *macaddr)
1286 +ieee80211_dup_bss(struct ieee80211vap *vap, const u_int8_t *macaddr,
1287 + unsigned char tmp)
1289 - struct ieee80211com *ic = vap->iv_ic;
1290 struct ieee80211_node *ni;
1294 + ni = ieee80211_alloc_node(vap, macaddr);
1296 + ni = ieee80211_alloc_node_table(vap, macaddr);
1298 - ni = ieee80211_alloc_node(&ic->ic_sta, vap, macaddr);
1301 - * Inherit from iv_bss.
1303 - ni->ni_authmode = vap->iv_bss->ni_authmode;
1304 - ni->ni_txpower = vap->iv_bss->ni_txpower;
1305 - ni->ni_vlan = vap->iv_bss->ni_vlan; /* XXX?? */
1306 + copy_bss(ni, vap->iv_bss);
1307 IEEE80211_ADDR_COPY(ni->ni_bssid, vap->iv_bss->ni_bssid);
1308 - ieee80211_node_set_chan(ic, ni);
1309 - ni->ni_rsn = vap->iv_bss->ni_rsn;
1310 - ni->ni_rxfrag = NULL;
1311 + /* Do this only for nodes that already have a BSS. Otherwise
1312 + * ic_bsschan is not set and we get a KASSERT failure.
1313 + * Required by ieee80211_fix_rate */
1314 + ieee80211_node_set_chan(vap->iv_ic, ni);
1318 @@ -1069,19 +1055,16 @@
1319 static struct ieee80211_node *
1320 _ieee80211_find_wds_node(struct ieee80211_node_table *nt, const u_int8_t *macaddr)
1322 - struct ieee80211_node *ni;
1323 struct ieee80211_wds_addr *wds;
1325 - IEEE80211_NODE_LOCK_ASSERT(nt);
1326 + IEEE80211_NODE_TABLE_LOCK_ASSERT(nt);
1328 hash = IEEE80211_NODE_HASH(macaddr);
1329 LIST_FOREACH(wds, &nt->nt_wds_hash[hash], wds_hash) {
1330 if (IEEE80211_ADDR_EQ(wds->wds_macaddr, macaddr)) {
1332 if (wds->wds_agingcount != WDS_AGING_STATIC)
1333 wds->wds_agingcount = WDS_AGING_COUNT; /* reset the aging count */
1334 - ieee80211_ref_node(ni);
1336 + return ieee80211_ref_node(wds->wds_ni);
1340 @@ -1099,7 +1082,7 @@
1342 struct ieee80211_wds_addr *wds;
1344 - IEEE80211_NODE_LOCK_ASSERT(nt);
1345 + IEEE80211_NODE_TABLE_LOCK_ASSERT(nt);
1347 hash = IEEE80211_NODE_HASH(macaddr);
1348 LIST_FOREACH(ni, &nt->nt_hash[hash], ni_hash) {
1349 @@ -1120,9 +1103,7 @@
1351 LIST_FOREACH(wds, &nt->nt_wds_hash[hash], wds_hash) {
1352 if (IEEE80211_ADDR_EQ(wds->wds_macaddr, macaddr)) {
1354 - ieee80211_ref_node(ni);
1356 + return ieee80211_ref_node(wds->wds_ni);
1360 @@ -1137,9 +1118,9 @@
1362 struct ieee80211_node *ni;
1364 - IEEE80211_NODE_LOCK_IRQ(nt);
1365 + IEEE80211_NODE_TABLE_LOCK_IRQ(nt);
1366 ni = _ieee80211_find_wds_node(nt, macaddr);
1367 - IEEE80211_NODE_UNLOCK_IRQ(nt);
1368 + IEEE80211_NODE_TABLE_UNLOCK_IRQ(nt);
1371 EXPORT_SYMBOL(ieee80211_find_wds_node);
1372 @@ -1154,9 +1135,9 @@
1374 struct ieee80211_node *ni;
1376 - IEEE80211_NODE_LOCK_IRQ(nt);
1377 + IEEE80211_NODE_TABLE_LOCK_IRQ(nt);
1378 ni = _ieee80211_find_node(nt, macaddr);
1379 - IEEE80211_NODE_UNLOCK_IRQ(nt);
1380 + IEEE80211_NODE_TABLE_UNLOCK_IRQ(nt);
1383 #ifdef IEEE80211_DEBUG_REFCNT
1384 @@ -1179,7 +1160,7 @@
1386 struct ieee80211_node *ni;
1388 - ni = ieee80211_dup_bss(vap, macaddr);
1389 + ni = ieee80211_dup_bss(vap, macaddr, 0);
1391 /* XXX no rate negotiation; just dup */
1392 ni->ni_rates = vap->iv_bss->ni_rates;
1393 @@ -1202,14 +1183,13 @@
1394 * driver has an opportunity to setup it's private state.
1396 struct ieee80211_node *
1397 -ieee80211_add_neighbor(struct ieee80211vap *vap, const struct ieee80211_frame *wh,
1398 +ieee80211_add_neighbor(struct ieee80211vap *vap, const struct ieee80211_frame *wh,
1399 const struct ieee80211_scanparams *sp)
1401 struct ieee80211com *ic = vap->iv_ic;
1402 struct ieee80211_node *ni;
1404 - ni = ieee80211_dup_bss(vap, wh->i_addr2); /* XXX alloc_node? */
1405 - /* TODO: not really putting itself in a table */
1406 + ni = ieee80211_dup_bss(vap, wh->i_addr2, 1);
1408 ni->ni_esslen = sp->ssid[1];
1409 memcpy(ni->ni_essid, sp->ssid + 2, sp->ssid[1]);
1410 @@ -1284,12 +1264,12 @@
1411 /* XXX check ic_bss first in station mode */
1412 /* XXX 4-address frames? */
1414 - IEEE80211_NODE_LOCK_IRQ(nt);
1415 + IEEE80211_NODE_TABLE_LOCK_IRQ(nt);
1416 if (IS_CTL(wh) && !IS_PSPOLL(wh) /*&& !IS_RTS(ah)*/)
1417 ni = _ieee80211_find_node(nt, wh->i_addr1);
1419 ni = _ieee80211_find_node(nt, wh->i_addr2);
1420 - IEEE80211_NODE_UNLOCK_IRQ(nt);
1421 + IEEE80211_NODE_TABLE_UNLOCK_IRQ(nt);
1425 @@ -1326,9 +1306,9 @@
1427 /* XXX can't hold lock across dup_bss due to recursive locking */
1428 nt = &vap->iv_ic->ic_sta;
1429 - IEEE80211_NODE_LOCK_IRQ(nt);
1430 + IEEE80211_NODE_TABLE_LOCK_IRQ(nt);
1431 ni = _ieee80211_find_node(nt, mac);
1432 - IEEE80211_NODE_UNLOCK_IRQ(nt);
1433 + IEEE80211_NODE_TABLE_UNLOCK_IRQ(nt);
1436 if (vap->iv_opmode == IEEE80211_M_IBSS ||
1437 @@ -1355,11 +1335,9 @@
1438 EXPORT_SYMBOL(ieee80211_find_txnode);
1441 -/* Caller must lock the IEEE80211_NODE_LOCK
1443 - * Context: hwIRQ, softIRQ and process context
1444 +/* Context: hwIRQ, softIRQ and process context
1448 _ieee80211_free_node(struct ieee80211_node *ni)
1450 struct ieee80211vap *vap = ni->ni_vap;
1451 @@ -1373,117 +1351,36 @@
1453 if (vap->iv_aid_bitmap != NULL)
1454 IEEE80211_AID_CLR(vap, ni->ni_associd);
1456 - TAILQ_REMOVE(&nt->nt_node, ni, ni_list);
1457 - LIST_REMOVE(ni, ni_hash);
1460 vap->iv_ic->ic_node_free(ni);
1462 +EXPORT_SYMBOL(_ieee80211_free_node);
1465 -#ifdef IEEE80211_DEBUG_REFCNT
1466 -ieee80211_free_node_debug(struct ieee80211_node *ni, const char *func, int line)
1468 -ieee80211_free_node(struct ieee80211_node *ni)
1470 +static void _reset_node(void *arg, struct ieee80211_node *ni)
1472 - struct ieee80211_node_table *nt = ni->ni_table;
1473 - struct ieee80211com *ic = ni->ni_ic;
1474 + if (ni->ni_associd != 0) {
1475 + struct ieee80211vap *vap = ni->ni_vap;
1477 -#ifdef IEEE80211_DEBUG_REFCNT
1478 - IEEE80211_DPRINTF(ni->ni_vap, IEEE80211_MSG_NODE,
1479 - "%s (%s:%u) %p<%s> refcnt %d\n", __func__, func, line, ni,
1480 - ether_sprintf(ni->ni_macaddr), ieee80211_node_refcnt(ni) - 1);
1483 - * XXX: may need to lock out the following race. we dectestref
1484 - * and determine it's time to free the node. between the if()
1485 - * and lock, we take an rx intr to receive a frame from this
1486 - * node. the rx path (tasklet or intr) bumps this node's
1487 - * refcnt and xmits a response frame. eventually that response
1488 - * will get reaped, and the reaping code will attempt to use
1489 - * the node. the code below will delete the node prior
1490 - * to the reap and we could get a crash.
1492 - * as a stopgap before delving deeper, lock intrs to
1493 - * prevent this case.
1495 - IEEE80211_LOCK_IRQ(ic);
1496 - if (ieee80211_node_dectestref(ni)) {
1498 - * Beware; if the node is marked gone then it's already
1499 - * been removed from the table and we cannot assume the
1500 - * table still exists. Regardless, there's no need to lock
1503 - if (ni->ni_table != NULL) {
1504 - IEEE80211_NODE_LOCK(nt);
1505 - _ieee80211_free_node(ni);
1506 - IEEE80211_NODE_UNLOCK(nt);
1508 - _ieee80211_free_node(ni);
1509 + if (vap->iv_auth->ia_node_leave != NULL)
1510 + vap->iv_auth->ia_node_leave(ni);
1511 + if (vap->iv_aid_bitmap != NULL)
1512 + IEEE80211_AID_CLR(vap, ni->ni_associd);
1514 - IEEE80211_UNLOCK_IRQ(ic);
1516 -#ifdef IEEE80211_DEBUG_REFCNT
1517 -EXPORT_SYMBOL(ieee80211_free_node_debug);
1519 -EXPORT_SYMBOL(ieee80211_free_node);
1523 - * Reclaim a node. If this is the last reference count then
1524 - * do the normal free work. Otherwise remove it from the node
1525 - * table and mark it gone by clearing the back-reference.
1528 -node_reclaim(struct ieee80211_node_table *nt, struct ieee80211_node *ni)
1531 - IEEE80211_DPRINTF(ni->ni_vap, IEEE80211_MSG_NODE,
1532 - "%s: remove %p<%s> from %s table, refcnt %d\n",
1533 - __func__, ni, ether_sprintf(ni->ni_macaddr),
1534 - nt->nt_name, ieee80211_node_refcnt(ni)-1);
1535 - if (!ieee80211_node_dectestref(ni)) {
1537 - * Other references are present, just remove the
1538 - * node from the table so it cannot be found. When
1539 - * the references are dropped storage will be
1540 - * reclaimed. This normally only happens for ic_bss.
1542 - TAILQ_REMOVE(&nt->nt_node, ni, ni_list);
1543 - LIST_REMOVE(ni, ni_hash);
1544 - ni->ni_table = NULL; /* clear reference */
1546 - _ieee80211_free_node(ni);
1547 + ieee80211_node_leave(ni);
1551 ieee80211_node_table_reset(struct ieee80211_node_table *nt,
1552 - struct ieee80211vap *match)
1553 + struct ieee80211vap *vap)
1555 - struct ieee80211_node *ni, *next;
1557 - IEEE80211_NODE_LOCK_IRQ(nt);
1558 - TAILQ_FOREACH_SAFE(ni, &nt->nt_node, ni_list, next) {
1559 - if (match != NULL && ni->ni_vap != match)
1561 - if (ni->ni_associd != 0) {
1562 - struct ieee80211vap *vap = ni->ni_vap;
1564 - if (vap->iv_auth->ia_node_leave != NULL)
1565 - vap->iv_auth->ia_node_leave(ni);
1566 - if (vap->iv_aid_bitmap != NULL)
1567 - IEEE80211_AID_CLR(vap, ni->ni_associd);
1569 - node_reclaim(nt, ni);
1571 - IEEE80211_NODE_UNLOCK_IRQ(nt);
1572 + ieee80211_iterate_dev_nodes(vap->iv_dev, nt, _reset_node, NULL);
1576 ieee80211_node_table_cleanup(struct ieee80211_node_table *nt)
1578 + struct ieee80211com *ic = nt->nt_ic;
1579 struct ieee80211_node *ni, *next;
1581 TAILQ_FOREACH_SAFE(ni, &nt->nt_node, ni_list, next) {
1582 @@ -1495,11 +1392,11 @@
1583 if (vap->iv_aid_bitmap != NULL)
1584 IEEE80211_AID_CLR(vap, ni->ni_associd);
1586 - node_reclaim(nt, ni);
1587 + ic->ic_node_cleanup(ni);
1589 del_timer(&nt->nt_wds_aging_timer);
1590 IEEE80211_SCAN_LOCK_DESTROY(nt);
1591 - IEEE80211_NODE_LOCK_DESTROY(nt);
1592 + IEEE80211_NODE_TABLE_LOCK_DESTROY(nt);
1596 @@ -1527,19 +1424,22 @@
1597 IEEE80211_SCAN_LOCK_IRQ(nt);
1598 gen = ++nt->nt_scangen;
1600 - IEEE80211_NODE_LOCK_IRQ(nt);
1601 + IEEE80211_NODE_TABLE_LOCK_IRQ(nt);
1602 TAILQ_FOREACH(ni, &nt->nt_node, ni_list) {
1603 if (ni->ni_scangen == gen) /* previously handled */
1605 + /* Temporary entries should no longer be in the node table */
1607 * Ignore entries for which have yet to receive an
1608 * authentication frame. These are transient and
1609 * will be reclaimed when the last reference to them
1610 * goes away (when frame xmits complete).
1612 - if (ic->ic_opmode == IEEE80211_M_HOSTAP &&
1613 - (ni->ni_flags & IEEE80211_NODE_AREF) == 0)
1616 + *if (ic->ic_opmode == IEEE80211_M_HOSTAP &&
1617 + * (ni->ni_flags & IEEE80211_NODE_AREF) == 0)
1620 ni->ni_scangen = gen;
1622 * Free fragment if not needed anymore
1623 @@ -1591,7 +1491,7 @@
1624 * ref for us as needed.
1626 ieee80211_ref_node(ni);
1627 - IEEE80211_NODE_UNLOCK_IRQ_EARLY(nt);
1628 + IEEE80211_NODE_TABLE_UNLOCK_IRQ_EARLY(nt);
1629 ieee80211_send_nulldata(ni);
1632 @@ -1614,18 +1514,18 @@
1634 ni->ni_vap->iv_stats.is_node_timeout++;
1635 ieee80211_ref_node(ni);
1636 - IEEE80211_NODE_UNLOCK_IRQ_EARLY(nt);
1637 + IEEE80211_NODE_TABLE_UNLOCK_IRQ_EARLY(nt);
1638 if (ni->ni_associd != 0) {
1639 IEEE80211_SEND_MGMT(ni,
1640 IEEE80211_FC0_SUBTYPE_DEAUTH,
1641 IEEE80211_REASON_AUTH_EXPIRE);
1643 ieee80211_node_leave(ni);
1644 - ieee80211_free_node(ni);
1645 + ieee80211_unref_node(&ni);
1649 - IEEE80211_NODE_UNLOCK_IRQ(nt);
1650 + IEEE80211_NODE_TABLE_UNLOCK_IRQ(nt);
1652 IEEE80211_SCAN_UNLOCK_IRQ(nt);
1654 @@ -1660,21 +1560,23 @@
1656 IEEE80211_SCAN_LOCK_IRQ(nt);
1657 gen = ++nt->nt_scangen;
1660 - IEEE80211_NODE_LOCK(nt);
1661 + IEEE80211_NODE_TABLE_LOCK_IRQ(nt);
1662 TAILQ_FOREACH(ni, &nt->nt_node, ni_list) {
1663 if (dev != NULL && ni->ni_vap->iv_dev != dev)
1664 continue; /* skip node not for this vap */
1665 if (ni->ni_scangen != gen) {
1666 ni->ni_scangen = gen;
1667 (void) ieee80211_ref_node(ni);
1668 - IEEE80211_NODE_UNLOCK(nt);
1669 + IEEE80211_NODE_TABLE_UNLOCK_IRQ_EARLY(nt);
1671 - ieee80211_free_node(ni);
1673 + ieee80211_unref_node(&ni);
1677 - IEEE80211_NODE_UNLOCK(nt);
1678 + IEEE80211_NODE_TABLE_UNLOCK_IRQ(nt);
1680 IEEE80211_SCAN_UNLOCK_IRQ(nt);
1682 @@ -1948,9 +1850,20 @@
1683 "station with aid %d leaves (refcnt %u)",
1684 IEEE80211_NODE_AID(ni), ieee80211_node_refcnt(ni));
1686 + /* From this point onwards we can no longer find the node,
1687 + * so no more references are generated
1689 + ieee80211_remove_wds_addr(nt, ni->ni_macaddr);
1690 + ieee80211_del_wds_node(nt, ni);
1691 + IEEE80211_NODE_TABLE_LOCK_IRQ(nt);
1692 + _node_table_leave(nt, ni);
1693 + IEEE80211_NODE_TABLE_UNLOCK_IRQ(nt);
1696 * If node wasn't previously associated all
1697 * we need to do is reclaim the reference.
1698 + * This also goes for nodes that are auth'ed but
1701 /* XXX ibss mode bypasses 11g and notification */
1702 if (ni->ni_associd == 0)
1703 @@ -1968,9 +1881,11 @@
1704 IEEE80211_LOCK_IRQ(ic);
1705 if (vap->iv_aid_bitmap != NULL)
1706 IEEE80211_AID_CLR(vap, ni->ni_associd);
1709 vap->iv_sta_assoc--;
1712 #ifdef ATH_SUPERG_XR
1713 if (ni->ni_vap->iv_flags & IEEE80211_F_XR)
1714 ic->ic_xr_sta_assoc--;
1715 @@ -1981,6 +1896,7 @@
1716 if (IEEE80211_IS_CHAN_ANYG(ic->ic_bsschan))
1717 ieee80211_node_leave_11g(ni);
1718 IEEE80211_UNLOCK_IRQ(ic);
1721 * Cleanup station state. In particular clear various
1722 * state that might otherwise be reused if the node
1723 @@ -1990,19 +1906,10 @@
1724 ieee80211_sta_leave(ni);
1727 - * Remove the node from any table it's recorded in and
1728 - * drop the caller's reference. Removal from the table
1729 - * is important to ensure the node is not reprocessed
1733 - IEEE80211_NODE_LOCK_IRQ(nt);
1734 - node_reclaim(nt, ni);
1735 - IEEE80211_NODE_UNLOCK_IRQ(nt);
1736 - ieee80211_remove_wds_addr(nt,ni->ni_macaddr);
1737 - ieee80211_del_wds_node(nt,ni);
1739 - ieee80211_free_node(ni);
1740 + * Run a cleanup and then drop the caller's reference
1742 + ic->ic_node_cleanup(ni);
1743 + ieee80211_unref_node(&ni);
1745 EXPORT_SYMBOL(ieee80211_node_leave);
1747 @@ -2062,25 +1969,8 @@
1749 ieee80211_node_reset(struct ieee80211_node *ni, struct ieee80211vap *vap)
1752 - struct ieee80211_node_table *nt = ni->ni_table;
1754 - nt = &vap->iv_ic->ic_sta;
1755 - IEEE80211_ADDR_COPY(ni->ni_bssid, vap->iv_bss->ni_bssid);
1756 - ni->ni_prev_vap = ni->ni_vap;
1758 - ni->ni_ic = vap->iv_ic;
1760 - * if node not found in the node table
1761 - * add it to the node table .
1763 - if(nt && ieee80211_find_node(nt, ni->ni_macaddr) != ni) {
1764 - int hash = IEEE80211_NODE_HASH(ni->ni_macaddr);
1765 - IEEE80211_NODE_LOCK_IRQ(nt);
1766 - TAILQ_INSERT_TAIL(&nt->nt_node, ni, ni_list);
1767 - LIST_INSERT_HEAD(&nt->nt_hash[hash], ni, ni_hash);
1768 - ni->ni_table = nt;
1769 - IEEE80211_NODE_UNLOCK_IRQ(nt);
1772 + IEEE80211_ADDR_COPY(ni->ni_bssid, vap->iv_bss->ni_bssid);
1773 + ni->ni_prev_vap = ni->ni_vap;
1775 + ni->ni_ic = vap->iv_ic;
1777 diff -ur madwifi.old/net80211/ieee80211_node.h madwifi.dev/net80211/ieee80211_node.h
1778 --- madwifi.old/net80211/ieee80211_node.h 2007-03-06 11:59:28.000000000 +0100
1779 +++ madwifi.dev/net80211/ieee80211_node.h 2007-05-21 08:10:46.869753416 +0200
1781 * authorized. The latter timeout is shorter to more aggressively
1782 * reclaim nodes that leave part way through the 802.1x exchange.
1784 -#define IEEE80211_INACT_WAIT 15 /* inactivity interval (secs) */
1785 +#define IEEE80211_INACT_WAIT 15 /* inactivity interval (secs) */
1786 #define IEEE80211_INACT_INIT (30/IEEE80211_INACT_WAIT) /* initial */
1787 #define IEEE80211_INACT_AUTH (180/IEEE80211_INACT_WAIT) /* associated but not authorized */
1788 #define IEEE80211_INACT_RUN (300/IEEE80211_INACT_WAIT) /* authorized */
1789 #define IEEE80211_INACT_PROBE (30/IEEE80211_INACT_WAIT) /* probe */
1790 #define IEEE80211_INACT_SCAN (300/IEEE80211_INACT_WAIT) /* scanned */
1792 -#define IEEE80211_TRANS_WAIT 5 /* mgt frame tx timer (secs) */
1793 +#define IEEE80211_TRANS_WAIT 5 /* mgt frame tx timer (secs) */
1795 #define IEEE80211_NODE_HASHSIZE 32
1796 /* simple hash is enough for variation of macaddr */
1798 struct ieee80211_node_table *ni_table;
1799 TAILQ_ENTRY(ieee80211_node) ni_list;
1800 LIST_ENTRY(ieee80211_node) ni_hash;
1801 - atomic_t ni_refcnt;
1802 + // ieee80211_node_lock_t ni_nodelock; /* on node - notably for ref counting */
1803 + ieee80211_node_ref_count_t ni_refcnt;
1804 u_int ni_scangen; /* gen# for timeout scan */
1805 u_int8_t ni_authmode; /* authentication algorithm */
1806 u_int16_t ni_flags; /* special-purpose state */
1807 @@ -121,13 +122,13 @@
1808 u_int16_t ni_associd; /* assoc response */
1809 u_int16_t ni_txpower; /* current transmit power (in 0.5 dBm) */
1810 u_int16_t ni_vlan; /* vlan tag */
1811 - u_int32_t *ni_challenge; /* shared-key challenge */
1812 + u_int32_t *ni_challenge; /* shared-key challenge */
1813 u_int8_t *ni_wpa_ie; /* captured WPA ie */
1814 u_int8_t *ni_rsn_ie; /* captured RSN ie */
1815 u_int8_t *ni_wme_ie; /* captured WME ie */
1816 u_int8_t *ni_ath_ie; /* captured Atheros ie */
1817 - u_int16_t ni_txseqs[17]; /* tx seq per-tid */
1818 - u_int16_t ni_rxseqs[17]; /* rx seq previous per-tid*/
1819 + u_int16_t ni_txseqs[17]; /* tx seq per-tid */
1820 + u_int16_t ni_rxseqs[17]; /* rx seq previous per-tid*/
1821 u_int32_t ni_rxfragstamp; /* time stamp of last rx frag */
1822 struct sk_buff *ni_rxfrag; /* rx frag reassembly */
1823 struct ieee80211_rsnparms ni_rsn; /* RSN/WPA parameters */
1825 struct ieee80211_channel *ni_chan;
1826 u_int16_t ni_fhdwell; /* FH only */
1827 u_int8_t ni_fhindex; /* FH only */
1828 - u_int8_t ni_erp; /* ERP from beacon/probe resp */
1829 + u_int8_t ni_erp; /* ERP from beacon/probe resp */
1830 u_int16_t ni_timoff; /* byte offset to TIM ie */
1834 struct ieee80211vap *ni_prev_vap; /* previously associated vap */
1835 u_int8_t ni_uapsd; /* U-APSD per-node flags matching WMM STA Qos Info field */
1836 u_int8_t ni_uapsd_maxsp; /* maxsp from flags above */
1837 - u_int16_t ni_uapsd_trigseq[WME_NUM_AC]; /* trigger suppression on retry */
1838 + u_int16_t ni_uapsd_trigseq[WME_NUM_AC]; /* trigger suppression on retry */
1839 __le16 ni_pschangeseq;
1841 MALLOC_DECLARE(M_80211_NODE);
1842 @@ -186,20 +187,6 @@
1843 #define WME_UAPSD_NODE_INVALIDSEQ 0xffff
1844 #define WME_UAPSD_NODE_TRIGSEQINIT(_ni) (memset(&(_ni)->ni_uapsd_trigseq[0], 0xff, sizeof((_ni)->ni_uapsd_trigseq)))
1846 -static __inline struct ieee80211_node *
1847 -ieee80211_ref_node(struct ieee80211_node *ni)
1849 - ieee80211_node_incref(ni);
1853 -static __inline void
1854 -ieee80211_unref_node(struct ieee80211_node **ni)
1856 - ieee80211_node_decref(*ni);
1857 - *ni = NULL; /* guard against use */
1860 void ieee80211_node_attach(struct ieee80211com *);
1861 void ieee80211_node_detach(struct ieee80211com *);
1862 void ieee80211_node_vattach(struct ieee80211vap *);
1863 @@ -242,43 +229,39 @@
1864 * is a second table for associated stations or neighbors.
1866 struct ieee80211_node_table {
1867 + const char *nt_name; /* for debugging */
1868 struct ieee80211com *nt_ic; /* back reference */
1869 - ieee80211_node_lock_t nt_nodelock; /* on node table */
1870 + ieee80211_node_table_lock_t nt_nodelock; /* on node table */
1871 TAILQ_HEAD(, ieee80211_node) nt_node; /* information of all nodes */
1872 ATH_LIST_HEAD(, ieee80211_node) nt_hash[IEEE80211_NODE_HASHSIZE];
1873 ATH_LIST_HEAD(, ieee80211_wds_addr) nt_wds_hash[IEEE80211_NODE_HASHSIZE];
1874 - const char *nt_name; /* for debugging */
1875 ieee80211_scan_lock_t nt_scanlock; /* on nt_scangen */
1876 u_int nt_scangen; /* gen# for timeout scan */
1877 int nt_inact_init; /* initial node inact setting */
1878 struct timer_list nt_wds_aging_timer; /* timer to age out wds entries */
1881 -struct ieee80211_node *ieee80211_alloc_node(struct ieee80211_node_table *,
1882 - struct ieee80211vap *, const u_int8_t *);
1883 -struct ieee80211_node *ieee80211_tmp_node(struct ieee80211vap *,
1884 - const u_int8_t *);
1885 -struct ieee80211_node *ieee80211_dup_bss(struct ieee80211vap *,
1886 +struct ieee80211_node *ieee80211_alloc_node_table(struct ieee80211vap *,
1888 +struct ieee80211_node *ieee80211_dup_bss(struct ieee80211vap *,
1889 + const u_int8_t *, unsigned char);
1890 void ieee80211_node_reset(struct ieee80211_node *, struct ieee80211vap *);
1891 #ifdef IEEE80211_DEBUG_REFCNT
1892 -void ieee80211_free_node_debug(struct ieee80211_node *, const char *, int);
1893 struct ieee80211_node *ieee80211_find_node_debug(struct ieee80211_node_table *,
1894 const u_int8_t *, const char *, int);
1895 struct ieee80211_node *ieee80211_find_rxnode_debug(struct ieee80211com *,
1896 const struct ieee80211_frame_min *, const char *, int);
1897 struct ieee80211_node *ieee80211_find_txnode_debug(struct ieee80211vap *,
1898 const u_int8_t *, const char *, int);
1899 -#define ieee80211_free_node(ni) \
1900 - ieee80211_free_node_debug(ni, __func__, __LINE__)
1901 -#define ieee80211_find_node(nt, mac) \
1902 - ieee80211_find_node_debug(nt, mac, __func__, __LINE__)
1903 -#define ieee80211_find_rxnode(nt, wh) \
1904 - ieee80211_find_rxnode_debug(nt, wh, __func__, __LINE__)
1905 -#define ieee80211_find_txnode(nt, mac) \
1906 - ieee80211_find_txnode_debug(nt, mac, __func__, __LINE__)
1907 +#define ieee80211_unref_node(_ni) \
1908 + ieee80211_unref_node_debug(_ni, __func__, __LINE__)
1909 +#define ieee80211_find_node(_nt, _mac) \
1910 + ieee80211_find_node_debug(_nt, _mac, __func__, __LINE__)
1911 +#define ieee80211_find_rxnode(_nt, _wh) \
1912 + ieee80211_find_rxnode_debug(_nt, _wh, __func__, __LINE__)
1913 +#define ieee80211_find_txnode(_nt, _mac) \
1914 + ieee80211_find_txnode_debug(_nt, _mac, __func__, __LINE__)
1916 -void ieee80211_free_node(struct ieee80211_node *);
1918 struct ieee80211_node *ieee80211_find_node(struct ieee80211_node_table *,
1920 @@ -287,6 +270,53 @@
1921 struct ieee80211_node *ieee80211_find_txnode(struct ieee80211vap *,
1925 +void _ieee80211_free_node(struct ieee80211_node *);
1927 +static __inline struct ieee80211_node *
1928 +ieee80211_ref_node(struct ieee80211_node *ni)
1930 + ieee80211_node_incref(ni);
1934 +static __inline struct ieee80211_node *
1935 +_ieee80211_pass_node(struct ieee80211_node **pni) {
1936 + struct ieee80211_node *tmp = *pni;
1941 +#define PASS_NODE(_ni) \
1942 + _ieee80211_pass_node(&_ni)
1944 +static __inline int
1945 +_ieee80211_unref_node(struct ieee80211_node *ni) {
1946 + if (ieee80211_node_dectestref(ni)) {
1947 + _ieee80211_free_node(ni);
1954 +static __inline void
1955 +#ifdef IEEE80211_DEBUG_REFCNT
1956 +ieee80211_unref_node_debug(struct ieee80211_node **pni, const char *func, int line)
1958 +ieee80211_unref_node(struct ieee80211_node **pni)
1961 + struct ieee80211_node *ni = *pni;
1962 +#ifdef IEEE80211_DEBUG_REFCNT
1963 + IEEE80211_DPRINTF(ni->ni_vap, IEEE80211_MSG_NODE,
1964 + "%s (%s:%u) %p<%s> refcnt %d\n", __func__, func, line, ni,
1965 + ether_sprintf(ni->ni_macaddr), ieee80211_node_refcnt(ni) - 1);
1967 + _ieee80211_unref_node(ni);
1968 + *pni = NULL; /* guard against use */
1971 int ieee80211_add_wds_addr(struct ieee80211_node_table *, struct ieee80211_node *,
1972 const u_int8_t *, u_int8_t);
1973 void ieee80211_remove_wds_addr(struct ieee80211_node_table *, const u_int8_t *);
1974 diff -ur madwifi.old/net80211/ieee80211_output.c madwifi.dev/net80211/ieee80211_output.c
1975 --- madwifi.old/net80211/ieee80211_output.c 2007-05-18 13:19:16.000000000 +0200
1976 +++ madwifi.dev/net80211/ieee80211_output.c 2007-05-21 08:10:46.870753264 +0200
1982 + cb->ni = ieee80211_ref_node(ni);
1984 /* power-save checks */
1985 if (WME_UAPSD_AC_CAN_TRIGGER(skb->priority, ni)) {
1986 @@ -293,13 +293,14 @@
1989 ieee80211_parent_queue_xmit(skb);
1990 + ieee80211_unref_node(&ni);
1997 - ieee80211_free_node(ni);
1998 + ieee80211_unref_node(&ni);
2005 vap->iv_stats.is_tx_nobuf++;
2006 - ieee80211_free_node(ni);
2007 + ieee80211_unref_node(&ni);
2010 cb = (struct ieee80211_cb *)skb->cb;
2011 @@ -507,16 +508,14 @@
2015 - ieee80211_ref_node(ni);
2016 skb = ieee80211_getmgtframe(&frm, 2);
2019 vap->iv_stats.is_tx_nobuf++;
2020 - ieee80211_free_node(ni);
2023 cb = (struct ieee80211_cb *)skb->cb;
2025 + cb->ni = ieee80211_ref_node(ni);
2028 qwh = (struct ieee80211_qosframe *)skb_push(skb, sizeof(struct ieee80211_qosframe));
2031 ni_wds = ieee80211_find_wds_node(nt, eh.ether_shost);
2033 - ieee80211_free_node(ni_wds); /* Decr ref count */
2034 + ieee80211_unref_node(&ni_wds); /* Decr ref count */
2036 ieee80211_add_wds_addr(nt, ni, eh.ether_shost, 0);
2038 @@ -1719,7 +1718,6 @@
2040 ni, ether_sprintf(ni->ni_macaddr),
2041 ieee80211_node_refcnt(ni) + 1);
2042 - ieee80211_ref_node(ni);
2045 * prreq frame format
2046 @@ -1735,7 +1733,6 @@
2047 vap->app_ie[IEEE80211_APPIE_FRAME_PROBE_REQ].length);
2049 vap->iv_stats.is_tx_nobuf++;
2050 - ieee80211_free_node(ni);
2054 @@ -1758,7 +1755,7 @@
2055 skb_trim(skb, frm - skb->data);
2057 cb = (struct ieee80211_cb *)skb->cb;
2059 + cb->ni = ieee80211_ref_node(ni);
2061 wh = (struct ieee80211_frame *)
2062 skb_push(skb, sizeof(struct ieee80211_frame));
2063 @@ -2234,7 +2231,7 @@
2064 mod_timer(&vap->iv_mgtsend, jiffies + timer * HZ);
2067 - ieee80211_free_node(ni);
2068 + ieee80211_unref_node(&ni);
2072 diff -ur madwifi.old/net80211/ieee80211_power.c madwifi.dev/net80211/ieee80211_power.c
2073 --- madwifi.old/net80211/ieee80211_power.c 2007-05-18 13:19:16.000000000 +0200
2074 +++ madwifi.dev/net80211/ieee80211_power.c 2007-05-21 08:10:46.870753264 +0200
2075 @@ -109,13 +109,15 @@
2077 ieee80211_node_saveq_drain(struct ieee80211_node *ni)
2079 + struct ieee80211_cb *cb = NULL;
2080 struct sk_buff *skb;
2083 IEEE80211_NODE_SAVEQ_LOCK(ni);
2084 qlen = skb_queue_len(&ni->ni_savedq);
2085 while ((skb = __skb_dequeue(&ni->ni_savedq)) != NULL) {
2086 - ieee80211_free_node(ni);
2087 + cb = (struct ieee80211_cb *) skb->cb;
2088 + ieee80211_unref_node(&cb->ni);
2089 dev_kfree_skb_any(skb);
2091 IEEE80211_NODE_SAVEQ_UNLOCK(ni);
2092 diff -ur madwifi.old/net80211/ieee80211_proto.c madwifi.dev/net80211/ieee80211_proto.c
2093 --- madwifi.old/net80211/ieee80211_proto.c 2006-12-08 18:20:08.000000000 +0100
2094 +++ madwifi.dev/net80211/ieee80211_proto.c 2007-05-21 08:10:46.871753112 +0200
2095 @@ -1456,7 +1456,7 @@
2097 if (vap->iv_opmode == IEEE80211_M_WDS) {
2098 struct ieee80211_node *wds_ni;
2099 - wds_ni = ieee80211_alloc_node(&ic->ic_sta, vap, vap->wds_mac);
2100 + wds_ni = ieee80211_alloc_node_table(vap, vap->wds_mac);
2101 if (wds_ni != NULL) {
2102 if (ieee80211_add_wds_addr(&ic->ic_sta, wds_ni, vap->wds_mac, 1) == 0) {
2103 ieee80211_node_authorize(wds_ni);
2104 diff -ur madwifi.old/net80211/ieee80211_var.h madwifi.dev/net80211/ieee80211_var.h
2105 --- madwifi.old/net80211/ieee80211_var.h 2007-05-18 13:19:16.000000000 +0200
2106 +++ madwifi.dev/net80211/ieee80211_var.h 2007-05-21 08:12:01.499407984 +0200
2109 #include <sys/queue.h>
2111 +struct ieee80211vap;
2113 #include <net80211/_ieee80211.h>
2114 #include <net80211/ieee80211.h>
2115 #include <net80211/ieee80211_crypto.h>
2117 * the underlying device and the net80211 layer is exposed here;
2118 * e.g. device-specific callbacks.
2120 -struct ieee80211vap;
2122 struct ieee80211com {
2123 struct net_device *ic_dev; /* associated device */
2125 /* new station association callback/notification */
2126 void (*ic_newassoc)(struct ieee80211_node *, int);
2127 /* node state management */
2128 - struct ieee80211_node *(*ic_node_alloc)(struct ieee80211_node_table *,
2129 - struct ieee80211vap *);
2130 + struct ieee80211_node *(*ic_node_alloc)(struct ieee80211vap *);
2131 void (*ic_node_free)(struct ieee80211_node *);
2132 void (*ic_node_cleanup)(struct ieee80211_node *);
2133 u_int8_t (*ic_node_getrssi)(const struct ieee80211_node *);
2134 diff -ur madwifi.old/net80211/ieee80211_wireless.c madwifi.dev/net80211/ieee80211_wireless.c
2135 --- madwifi.old/net80211/ieee80211_wireless.c 2007-05-18 13:19:16.000000000 +0200
2136 +++ madwifi.dev/net80211/ieee80211_wireless.c 2007-05-21 08:10:46.874752656 +0200
2137 @@ -3186,7 +3186,7 @@
2139 ieee80211_key_update_end(vap);
2141 - ieee80211_free_node(ni);
2142 + ieee80211_unref_node(&ni);
2143 #ifdef ATH_SUPERG_XR
2144 /* set the same params on the xr vap device if exists */
2145 if (vap->iv_xrvap && !(vap->iv_flags & IEEE80211_F_XR))
2146 @@ -3246,7 +3246,7 @@
2147 memset(ik.ik_keydata, 0, sizeof(ik.ik_keydata));
2150 - ieee80211_free_node(ni);
2151 + ieee80211_unref_node(&ni);
2152 return (copy_to_user(iwr->u.data.pointer, &ik, sizeof(ik)) ? -EFAULT : 0);
2155 @@ -3271,7 +3271,7 @@
2156 return -ENOENT; /* No such entity is a more appropriate error */
2157 /* XXX error return */
2158 ieee80211_crypto_delkey(vap, &ni->ni_ucastkey, ni);
2159 - ieee80211_free_node(ni);
2160 + ieee80211_unref_node(&ni);
2162 if (kix >= IEEE80211_WEP_NKID)
2164 @@ -3382,7 +3382,7 @@
2166 if (dev == ni->ni_vap->iv_dev)
2168 - ieee80211_free_node(ni);
2169 + ieee80211_unref_node(&ni);
2171 ieee80211_iterate_dev_nodes(dev, &ic->ic_sta, domlme, mlme);
2173 @@ -3401,7 +3401,7 @@
2174 ieee80211_node_authorize(ni);
2176 ieee80211_node_unauthorize(ni);
2177 - ieee80211_free_node(ni);
2178 + ieee80211_unref_node(&ni);
2180 case IEEE80211_MLME_CLEAR_STATS:
2181 if (vap->iv_opmode != IEEE80211_M_HOSTAP)
2182 @@ -3412,7 +3412,7 @@
2184 /* clear statistics */
2185 memset(&ni->ni_stats, 0, sizeof(struct ieee80211_nodestats));
2186 - ieee80211_free_node(ni);
2187 + ieee80211_unref_node(&ni);
2191 @@ -3785,7 +3785,7 @@
2192 ielen = sizeof(wpaie.rsn_ie);
2193 memcpy(wpaie.rsn_ie, ni->ni_rsn_ie, ielen);
2195 - ieee80211_free_node(ni);
2196 + ieee80211_unref_node(&ni);
2197 return (copy_to_user(iwr->u.data.pointer, &wpaie, sizeof(wpaie)) ?
2200 @@ -3813,7 +3813,7 @@
2201 /* NB: copy out only the statistics */
2202 error = copy_to_user(iwr->u.data.pointer + off, &ni->ni_stats,
2203 iwr->u.data.length - off);
2204 - ieee80211_free_node(ni);
2205 + ieee80211_unref_node(&ni);
2206 return (error ? -EFAULT : 0);
projects / openwrt.git / blob