sta_info.c revision 2c8dccc77420fb7433da5674818959d3499d35be
1/* 2 * Copyright 2002-2005, Instant802 Networks, Inc. 3 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 */ 9 10#include <linux/module.h> 11#include <linux/init.h> 12#include <linux/netdevice.h> 13#include <linux/types.h> 14#include <linux/slab.h> 15#include <linux/skbuff.h> 16#include <linux/if_arp.h> 17#include <linux/timer.h> 18#include <linux/rtnetlink.h> 19 20#include <net/mac80211.h> 21#include "ieee80211_i.h" 22#include "rate.h" 23#include "sta_info.h" 24#include "debugfs_sta.h" 25#include "mesh.h" 26 27/** 28 * DOC: STA information lifetime rules 29 * 30 * STA info structures (&struct sta_info) are managed in a hash table 31 * for faster lookup and a list for iteration. They are managed using 32 * RCU, i.e. access to the list and hash table is protected by RCU. 33 * 34 * Upon allocating a STA info structure with sta_info_alloc(), the caller owns 35 * that structure. It must then either destroy it using sta_info_destroy() 36 * (which is pretty useless) or insert it into the hash table using 37 * sta_info_insert() which demotes the reference from ownership to a regular 38 * RCU-protected reference; if the function is called without protection by an 39 * RCU critical section the reference is instantly invalidated. Note that the 40 * caller may not do much with the STA info before inserting it, in particular, 41 * it may not start any mesh peer link management or add encryption keys. 42 * 43 * When the insertion fails (sta_info_insert()) returns non-zero), the 44 * structure will have been freed by sta_info_insert()! 45 * 46 * Because there are debugfs entries for each station, and adding those 47 * must be able to sleep, it is also possible to "pin" a station entry, 48 * that means it can be removed from the hash table but not be freed. 49 * See the comment in __sta_info_unlink() for more information, this is 50 * an internal capability only. 51 * 52 * In order to remove a STA info structure, the caller needs to first 53 * unlink it (sta_info_unlink()) from the list and hash tables and 54 * then destroy it; sta_info_destroy() will wait for an RCU grace period 55 * to elapse before actually freeing it. Due to the pinning and the 56 * possibility of multiple callers trying to remove the same STA info at 57 * the same time, sta_info_unlink() can clear the STA info pointer it is 58 * passed to indicate that the STA info is owned by somebody else now. 59 * 60 * If sta_info_unlink() did not clear the pointer then the caller owns 61 * the STA info structure now and is responsible of destroying it with 62 * a call to sta_info_destroy(). 63 * 64 * In all other cases, there is no concept of ownership on a STA entry, 65 * each structure is owned by the global hash table/list until it is 66 * removed. All users of the structure need to be RCU protected so that 67 * the structure won't be freed before they are done using it. 68 */ 69 70/* Caller must hold local->sta_lock */ 71static int sta_info_hash_del(struct ieee80211_local *local, 72 struct sta_info *sta) 73{ 74 struct sta_info *s; 75 76 s = local->sta_hash[STA_HASH(sta->addr)]; 77 if (!s) 78 return -ENOENT; 79 if (s == sta) { 80 rcu_assign_pointer(local->sta_hash[STA_HASH(sta->addr)], 81 s->hnext); 82 return 0; 83 } 84 85 while (s->hnext && s->hnext != sta) 86 s = s->hnext; 87 if (s->hnext) { 88 rcu_assign_pointer(s->hnext, sta->hnext); 89 return 0; 90 } 91 92 return -ENOENT; 93} 94 95/* protected by RCU */ 96static struct sta_info *__sta_info_find(struct ieee80211_local *local, 97 u8 *addr) 98{ 99 struct sta_info *sta; 100 101 sta = rcu_dereference(local->sta_hash[STA_HASH(addr)]); 102 while (sta) { 103 if (compare_ether_addr(sta->addr, addr) == 0) 104 break; 105 sta = rcu_dereference(sta->hnext); 106 } 107 return sta; 108} 109 110struct sta_info *sta_info_get(struct ieee80211_local *local, u8 *addr) 111{ 112 return __sta_info_find(local, addr); 113} 114EXPORT_SYMBOL(sta_info_get); 115 116struct sta_info *sta_info_get_by_idx(struct ieee80211_local *local, int idx, 117 struct net_device *dev) 118{ 119 struct sta_info *sta; 120 int i = 0; 121 122 list_for_each_entry_rcu(sta, &local->sta_list, list) { 123 if (dev && dev != sta->sdata->dev) 124 continue; 125 if (i < idx) { 126 ++i; 127 continue; 128 } 129 return sta; 130 } 131 132 return NULL; 133} 134 135/** 136 * __sta_info_free - internal STA free helper 137 * 138 * @sta: STA info to free 139 * 140 * This function must undo everything done by sta_info_alloc() 141 * that may happen before sta_info_insert(). 142 */ 143static void __sta_info_free(struct ieee80211_local *local, 144 struct sta_info *sta) 145{ 146 DECLARE_MAC_BUF(mbuf); 147 148 rate_control_free_sta(sta->rate_ctrl, sta->rate_ctrl_priv); 149 rate_control_put(sta->rate_ctrl); 150 151#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 152 printk(KERN_DEBUG "%s: Destroyed STA %s\n", 153 wiphy_name(local->hw.wiphy), print_mac(mbuf, sta->addr)); 154#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */ 155 156 kfree(sta); 157} 158 159void sta_info_destroy(struct sta_info *sta) 160{ 161 struct ieee80211_local *local; 162 struct sk_buff *skb; 163 int i; 164 165 might_sleep(); 166 167 if (!sta) 168 return; 169 170 local = sta->local; 171 172 rate_control_remove_sta_debugfs(sta); 173 ieee80211_sta_debugfs_remove(sta); 174 175#ifdef CONFIG_MAC80211_MESH 176 if (ieee80211_vif_is_mesh(&sta->sdata->vif)) 177 mesh_plink_deactivate(sta); 178#endif 179 180 /* 181 * We have only unlinked the key, and actually destroying it 182 * may mean it is removed from hardware which requires that 183 * the key->sta pointer is still valid, so flush the key todo 184 * list here. 185 * 186 * ieee80211_key_todo() will synchronize_rcu() so after this 187 * nothing can reference this sta struct any more. 188 */ 189 ieee80211_key_todo(); 190 191#ifdef CONFIG_MAC80211_MESH 192 if (ieee80211_vif_is_mesh(&sta->sdata->vif)) 193 del_timer_sync(&sta->plink_timer); 194#endif 195 196 while ((skb = skb_dequeue(&sta->ps_tx_buf)) != NULL) { 197 local->total_ps_buffered--; 198 dev_kfree_skb_any(skb); 199 } 200 201 while ((skb = skb_dequeue(&sta->tx_filtered)) != NULL) 202 dev_kfree_skb_any(skb); 203 204 for (i = 0; i < STA_TID_NUM; i++) { 205 spin_lock_bh(&sta->ampdu_mlme.ampdu_rx); 206 if (sta->ampdu_mlme.tid_rx[i]) 207 del_timer_sync(&sta->ampdu_mlme.tid_rx[i]->session_timer); 208 spin_unlock_bh(&sta->ampdu_mlme.ampdu_rx); 209 spin_lock_bh(&sta->ampdu_mlme.ampdu_tx); 210 if (sta->ampdu_mlme.tid_tx[i]) 211 del_timer_sync(&sta->ampdu_mlme.tid_tx[i]->addba_resp_timer); 212 spin_unlock_bh(&sta->ampdu_mlme.ampdu_tx); 213 } 214 215 __sta_info_free(local, sta); 216} 217 218 219/* Caller must hold local->sta_lock */ 220static void sta_info_hash_add(struct ieee80211_local *local, 221 struct sta_info *sta) 222{ 223 sta->hnext = local->sta_hash[STA_HASH(sta->addr)]; 224 rcu_assign_pointer(local->sta_hash[STA_HASH(sta->addr)], sta); 225} 226 227struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata, 228 u8 *addr, gfp_t gfp) 229{ 230 struct ieee80211_local *local = sdata->local; 231 struct sta_info *sta; 232 int i; 233 DECLARE_MAC_BUF(mbuf); 234 235 sta = kzalloc(sizeof(*sta), gfp); 236 if (!sta) 237 return NULL; 238 239 memcpy(sta->addr, addr, ETH_ALEN); 240 sta->local = local; 241 sta->sdata = sdata; 242 243 sta->rate_ctrl = rate_control_get(local->rate_ctrl); 244 sta->rate_ctrl_priv = rate_control_alloc_sta(sta->rate_ctrl, 245 gfp); 246 if (!sta->rate_ctrl_priv) { 247 rate_control_put(sta->rate_ctrl); 248 kfree(sta); 249 return NULL; 250 } 251 252 spin_lock_init(&sta->ampdu_mlme.ampdu_rx); 253 spin_lock_init(&sta->ampdu_mlme.ampdu_tx); 254 for (i = 0; i < STA_TID_NUM; i++) { 255 /* timer_to_tid must be initialized with identity mapping to 256 * enable session_timer's data differentiation. refer to 257 * sta_rx_agg_session_timer_expired for useage */ 258 sta->timer_to_tid[i] = i; 259 /* tid to tx queue: initialize according to HW (0 is valid) */ 260 sta->tid_to_tx_q[i] = local->hw.queues; 261 /* rx */ 262 sta->ampdu_mlme.tid_state_rx[i] = HT_AGG_STATE_IDLE; 263 sta->ampdu_mlme.tid_rx[i] = NULL; 264 /* tx */ 265 sta->ampdu_mlme.tid_state_tx[i] = HT_AGG_STATE_IDLE; 266 sta->ampdu_mlme.tid_tx[i] = NULL; 267 sta->ampdu_mlme.addba_req_num[i] = 0; 268 } 269 skb_queue_head_init(&sta->ps_tx_buf); 270 skb_queue_head_init(&sta->tx_filtered); 271 272#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 273 printk(KERN_DEBUG "%s: Allocated STA %s\n", 274 wiphy_name(local->hw.wiphy), print_mac(mbuf, sta->addr)); 275#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */ 276 277#ifdef CONFIG_MAC80211_MESH 278 sta->plink_state = PLINK_LISTEN; 279 spin_lock_init(&sta->plink_lock); 280 init_timer(&sta->plink_timer); 281#endif 282 283 return sta; 284} 285 286int sta_info_insert(struct sta_info *sta) 287{ 288 struct ieee80211_local *local = sta->local; 289 struct ieee80211_sub_if_data *sdata = sta->sdata; 290 unsigned long flags; 291 int err = 0; 292 DECLARE_MAC_BUF(mac); 293 294 /* 295 * Can't be a WARN_ON because it can be triggered through a race: 296 * something inserts a STA (on one CPU) without holding the RTNL 297 * and another CPU turns off the net device. 298 */ 299 if (unlikely(!netif_running(sdata->dev))) { 300 err = -ENETDOWN; 301 goto out_free; 302 } 303 304 if (WARN_ON(compare_ether_addr(sta->addr, sdata->dev->dev_addr) == 0 || 305 is_multicast_ether_addr(sta->addr))) { 306 err = -EINVAL; 307 goto out_free; 308 } 309 310 spin_lock_irqsave(&local->sta_lock, flags); 311 /* check if STA exists already */ 312 if (__sta_info_find(local, sta->addr)) { 313 spin_unlock_irqrestore(&local->sta_lock, flags); 314 err = -EEXIST; 315 goto out_free; 316 } 317 list_add(&sta->list, &local->sta_list); 318 local->num_sta++; 319 sta_info_hash_add(local, sta); 320 321 /* notify driver */ 322 if (local->ops->sta_notify) { 323 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN) 324 sdata = sdata->u.vlan.ap; 325 326 local->ops->sta_notify(local_to_hw(local), &sdata->vif, 327 STA_NOTIFY_ADD, sta->addr); 328 } 329 330#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 331 printk(KERN_DEBUG "%s: Inserted STA %s\n", 332 wiphy_name(local->hw.wiphy), print_mac(mac, sta->addr)); 333#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */ 334 335 spin_unlock_irqrestore(&local->sta_lock, flags); 336 337#ifdef CONFIG_MAC80211_DEBUGFS 338 /* 339 * Debugfs entry adding might sleep, so schedule process 340 * context task for adding entry for STAs that do not yet 341 * have one. 342 * NOTE: due to auto-freeing semantics this may only be done 343 * if the insertion is successful! 344 */ 345 schedule_work(&local->sta_debugfs_add); 346#endif 347 348 if (ieee80211_vif_is_mesh(&sdata->vif)) 349 mesh_accept_plinks_update(sdata); 350 351 return 0; 352 out_free: 353 BUG_ON(!err); 354 __sta_info_free(local, sta); 355 return err; 356} 357 358static inline void __bss_tim_set(struct ieee80211_if_ap *bss, u16 aid) 359{ 360 /* 361 * This format has been mandated by the IEEE specifications, 362 * so this line may not be changed to use the __set_bit() format. 363 */ 364 bss->tim[aid / 8] |= (1 << (aid % 8)); 365} 366 367static inline void __bss_tim_clear(struct ieee80211_if_ap *bss, u16 aid) 368{ 369 /* 370 * This format has been mandated by the IEEE specifications, 371 * so this line may not be changed to use the __clear_bit() format. 372 */ 373 bss->tim[aid / 8] &= ~(1 << (aid % 8)); 374} 375 376static void __sta_info_set_tim_bit(struct ieee80211_if_ap *bss, 377 struct sta_info *sta) 378{ 379 if (bss) 380 __bss_tim_set(bss, sta->aid); 381 if (sta->local->ops->set_tim) { 382 sta->local->tim_in_locked_section = true; 383 sta->local->ops->set_tim(local_to_hw(sta->local), sta->aid, 1); 384 sta->local->tim_in_locked_section = false; 385 } 386} 387 388void sta_info_set_tim_bit(struct sta_info *sta) 389{ 390 unsigned long flags; 391 392 spin_lock_irqsave(&sta->local->sta_lock, flags); 393 __sta_info_set_tim_bit(sta->sdata->bss, sta); 394 spin_unlock_irqrestore(&sta->local->sta_lock, flags); 395} 396 397static void __sta_info_clear_tim_bit(struct ieee80211_if_ap *bss, 398 struct sta_info *sta) 399{ 400 if (bss) 401 __bss_tim_clear(bss, sta->aid); 402 if (sta->local->ops->set_tim) { 403 sta->local->tim_in_locked_section = true; 404 sta->local->ops->set_tim(local_to_hw(sta->local), sta->aid, 0); 405 sta->local->tim_in_locked_section = false; 406 } 407} 408 409void sta_info_clear_tim_bit(struct sta_info *sta) 410{ 411 unsigned long flags; 412 413 spin_lock_irqsave(&sta->local->sta_lock, flags); 414 __sta_info_clear_tim_bit(sta->sdata->bss, sta); 415 spin_unlock_irqrestore(&sta->local->sta_lock, flags); 416} 417 418void __sta_info_unlink(struct sta_info **sta) 419{ 420 struct ieee80211_local *local = (*sta)->local; 421 struct ieee80211_sub_if_data *sdata = (*sta)->sdata; 422#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 423 DECLARE_MAC_BUF(mbuf); 424#endif 425 /* 426 * pull caller's reference if we're already gone. 427 */ 428 if (sta_info_hash_del(local, *sta)) { 429 *sta = NULL; 430 return; 431 } 432 433 if ((*sta)->key) { 434 ieee80211_key_free((*sta)->key); 435 WARN_ON((*sta)->key); 436 } 437 438 list_del(&(*sta)->list); 439 440 if ((*sta)->flags & WLAN_STA_PS) { 441 (*sta)->flags &= ~WLAN_STA_PS; 442 if (sdata->bss) 443 atomic_dec(&sdata->bss->num_sta_ps); 444 __sta_info_clear_tim_bit(sdata->bss, *sta); 445 } 446 447 local->num_sta--; 448 449 if (local->ops->sta_notify) { 450 if (sdata->vif.type == IEEE80211_IF_TYPE_VLAN) 451 sdata = sdata->u.vlan.ap; 452 453 local->ops->sta_notify(local_to_hw(local), &sdata->vif, 454 STA_NOTIFY_REMOVE, (*sta)->addr); 455 } 456 457 if (ieee80211_vif_is_mesh(&sdata->vif)) { 458 mesh_accept_plinks_update(sdata); 459#ifdef CONFIG_MAC80211_MESH 460 del_timer(&(*sta)->plink_timer); 461#endif 462 } 463 464#ifdef CONFIG_MAC80211_VERBOSE_DEBUG 465 printk(KERN_DEBUG "%s: Removed STA %s\n", 466 wiphy_name(local->hw.wiphy), print_mac(mbuf, (*sta)->addr)); 467#endif /* CONFIG_MAC80211_VERBOSE_DEBUG */ 468 469 /* 470 * Finally, pull caller's reference if the STA is pinned by the 471 * task that is adding the debugfs entries. In that case, we 472 * leave the STA "to be freed". 473 * 474 * The rules are not trivial, but not too complex either: 475 * (1) pin_status is only modified under the sta_lock 476 * (2) STAs may only be pinned under the RTNL so that 477 * sta_info_flush() is guaranteed to actually destroy 478 * all STAs that are active for a given interface, this 479 * is required for correctness because otherwise we 480 * could notify a driver that an interface is going 481 * away and only after that (!) notify it about a STA 482 * on that interface going away. 483 * (3) sta_info_debugfs_add_work() will set the status 484 * to PINNED when it found an item that needs a new 485 * debugfs directory created. In that case, that item 486 * must not be freed although all *RCU* users are done 487 * with it. Hence, we tell the caller of _unlink() 488 * that the item is already gone (as can happen when 489 * two tasks try to unlink/destroy at the same time) 490 * (4) We set the pin_status to DESTROY here when we 491 * find such an item. 492 * (5) sta_info_debugfs_add_work() will reset the pin_status 493 * from PINNED to NORMAL when it is done with the item, 494 * but will check for DESTROY before resetting it in 495 * which case it will free the item. 496 */ 497 if ((*sta)->pin_status == STA_INFO_PIN_STAT_PINNED) { 498 (*sta)->pin_status = STA_INFO_PIN_STAT_DESTROY; 499 *sta = NULL; 500 return; 501 } 502} 503 504void sta_info_unlink(struct sta_info **sta) 505{ 506 struct ieee80211_local *local = (*sta)->local; 507 unsigned long flags; 508 509 spin_lock_irqsave(&local->sta_lock, flags); 510 __sta_info_unlink(sta); 511 spin_unlock_irqrestore(&local->sta_lock, flags); 512} 513 514static inline int sta_info_buffer_expired(struct ieee80211_local *local, 515 struct sta_info *sta, 516 struct sk_buff *skb) 517{ 518 struct ieee80211_tx_packet_data *pkt_data; 519 int timeout; 520 521 if (!skb) 522 return 0; 523 524 pkt_data = (struct ieee80211_tx_packet_data *) skb->cb; 525 526 /* Timeout: (2 * listen_interval * beacon_int * 1024 / 1000000) sec */ 527 timeout = (sta->listen_interval * local->hw.conf.beacon_int * 32 / 528 15625) * HZ; 529 if (timeout < STA_TX_BUFFER_EXPIRE) 530 timeout = STA_TX_BUFFER_EXPIRE; 531 return time_after(jiffies, pkt_data->jiffies + timeout); 532} 533 534 535static void sta_info_cleanup_expire_buffered(struct ieee80211_local *local, 536 struct sta_info *sta) 537{ 538 unsigned long flags; 539 struct sk_buff *skb; 540 struct ieee80211_sub_if_data *sdata; 541 DECLARE_MAC_BUF(mac); 542 543 if (skb_queue_empty(&sta->ps_tx_buf)) 544 return; 545 546 for (;;) { 547 spin_lock_irqsave(&sta->ps_tx_buf.lock, flags); 548 skb = skb_peek(&sta->ps_tx_buf); 549 if (sta_info_buffer_expired(local, sta, skb)) 550 skb = __skb_dequeue(&sta->ps_tx_buf); 551 else 552 skb = NULL; 553 spin_unlock_irqrestore(&sta->ps_tx_buf.lock, flags); 554 555 if (!skb) 556 break; 557 558 sdata = sta->sdata; 559 local->total_ps_buffered--; 560 printk(KERN_DEBUG "Buffered frame expired (STA " 561 "%s)\n", print_mac(mac, sta->addr)); 562 dev_kfree_skb(skb); 563 564 if (skb_queue_empty(&sta->ps_tx_buf)) 565 sta_info_clear_tim_bit(sta); 566 } 567} 568 569 570static void sta_info_cleanup(unsigned long data) 571{ 572 struct ieee80211_local *local = (struct ieee80211_local *) data; 573 struct sta_info *sta; 574 575 rcu_read_lock(); 576 list_for_each_entry_rcu(sta, &local->sta_list, list) 577 sta_info_cleanup_expire_buffered(local, sta); 578 rcu_read_unlock(); 579 580 local->sta_cleanup.expires = 581 round_jiffies(jiffies + STA_INFO_CLEANUP_INTERVAL); 582 add_timer(&local->sta_cleanup); 583} 584 585#ifdef CONFIG_MAC80211_DEBUGFS 586/* 587 * See comment in __sta_info_unlink, 588 * caller must hold local->sta_lock. 589 */ 590static void __sta_info_pin(struct sta_info *sta) 591{ 592 WARN_ON(sta->pin_status != STA_INFO_PIN_STAT_NORMAL); 593 sta->pin_status = STA_INFO_PIN_STAT_PINNED; 594} 595 596/* 597 * See comment in __sta_info_unlink, returns sta if it 598 * needs to be destroyed. 599 */ 600static struct sta_info *__sta_info_unpin(struct sta_info *sta) 601{ 602 struct sta_info *ret = NULL; 603 unsigned long flags; 604 605 spin_lock_irqsave(&sta->local->sta_lock, flags); 606 WARN_ON(sta->pin_status != STA_INFO_PIN_STAT_DESTROY && 607 sta->pin_status != STA_INFO_PIN_STAT_PINNED); 608 if (sta->pin_status == STA_INFO_PIN_STAT_DESTROY) 609 ret = sta; 610 sta->pin_status = STA_INFO_PIN_STAT_NORMAL; 611 spin_unlock_irqrestore(&sta->local->sta_lock, flags); 612 613 return ret; 614} 615 616static void sta_info_debugfs_add_work(struct work_struct *work) 617{ 618 struct ieee80211_local *local = 619 container_of(work, struct ieee80211_local, sta_debugfs_add); 620 struct sta_info *sta, *tmp; 621 unsigned long flags; 622 623 /* We need to keep the RTNL across the whole pinned status. */ 624 rtnl_lock(); 625 while (1) { 626 sta = NULL; 627 628 spin_lock_irqsave(&local->sta_lock, flags); 629 list_for_each_entry(tmp, &local->sta_list, list) { 630 if (!tmp->debugfs.dir) { 631 sta = tmp; 632 __sta_info_pin(sta); 633 break; 634 } 635 } 636 spin_unlock_irqrestore(&local->sta_lock, flags); 637 638 if (!sta) 639 break; 640 641 ieee80211_sta_debugfs_add(sta); 642 rate_control_add_sta_debugfs(sta); 643 644 sta = __sta_info_unpin(sta); 645 sta_info_destroy(sta); 646 } 647 rtnl_unlock(); 648} 649#endif 650 651static void __ieee80211_run_pending_flush(struct ieee80211_local *local) 652{ 653 struct sta_info *sta; 654 unsigned long flags; 655 656 ASSERT_RTNL(); 657 658 spin_lock_irqsave(&local->sta_lock, flags); 659 while (!list_empty(&local->sta_flush_list)) { 660 sta = list_first_entry(&local->sta_flush_list, 661 struct sta_info, list); 662 list_del(&sta->list); 663 spin_unlock_irqrestore(&local->sta_lock, flags); 664 sta_info_destroy(sta); 665 spin_lock_irqsave(&local->sta_lock, flags); 666 } 667 spin_unlock_irqrestore(&local->sta_lock, flags); 668} 669 670static void ieee80211_sta_flush_work(struct work_struct *work) 671{ 672 struct ieee80211_local *local = 673 container_of(work, struct ieee80211_local, sta_flush_work); 674 675 rtnl_lock(); 676 __ieee80211_run_pending_flush(local); 677 rtnl_unlock(); 678} 679 680void sta_info_init(struct ieee80211_local *local) 681{ 682 spin_lock_init(&local->sta_lock); 683 INIT_LIST_HEAD(&local->sta_list); 684 INIT_LIST_HEAD(&local->sta_flush_list); 685 INIT_WORK(&local->sta_flush_work, ieee80211_sta_flush_work); 686 687 setup_timer(&local->sta_cleanup, sta_info_cleanup, 688 (unsigned long)local); 689 local->sta_cleanup.expires = 690 round_jiffies(jiffies + STA_INFO_CLEANUP_INTERVAL); 691 692#ifdef CONFIG_MAC80211_DEBUGFS 693 INIT_WORK(&local->sta_debugfs_add, sta_info_debugfs_add_work); 694#endif 695} 696 697int sta_info_start(struct ieee80211_local *local) 698{ 699 add_timer(&local->sta_cleanup); 700 return 0; 701} 702 703void sta_info_stop(struct ieee80211_local *local) 704{ 705 del_timer(&local->sta_cleanup); 706 cancel_work_sync(&local->sta_flush_work); 707#ifdef CONFIG_MAC80211_DEBUGFS 708 /* 709 * Make sure the debugfs adding work isn't pending after this 710 * because we're about to be destroyed. It doesn't matter 711 * whether it ran or not since we're going to flush all STAs 712 * anyway. 713 */ 714 cancel_work_sync(&local->sta_debugfs_add); 715#endif 716 717 rtnl_lock(); 718 sta_info_flush(local, NULL); 719 __ieee80211_run_pending_flush(local); 720 rtnl_unlock(); 721} 722 723/** 724 * sta_info_flush - flush matching STA entries from the STA table 725 * 726 * Returns the number of removed STA entries. 727 * 728 * @local: local interface data 729 * @sdata: matching rule for the net device (sta->dev) or %NULL to match all STAs 730 */ 731int sta_info_flush(struct ieee80211_local *local, 732 struct ieee80211_sub_if_data *sdata) 733{ 734 struct sta_info *sta, *tmp; 735 LIST_HEAD(tmp_list); 736 int ret = 0; 737 unsigned long flags; 738 739 might_sleep(); 740 ASSERT_RTNL(); 741 742 spin_lock_irqsave(&local->sta_lock, flags); 743 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) { 744 if (!sdata || sdata == sta->sdata) { 745 __sta_info_unlink(&sta); 746 if (sta) { 747 list_add_tail(&sta->list, &tmp_list); 748 ret++; 749 } 750 } 751 } 752 spin_unlock_irqrestore(&local->sta_lock, flags); 753 754 list_for_each_entry_safe(sta, tmp, &tmp_list, list) 755 sta_info_destroy(sta); 756 757 return ret; 758} 759 760/** 761 * sta_info_flush_delayed - flush matching STA entries from the STA table 762 * 763 * This function unlinks all stations for a given interface and queues 764 * them for freeing. Note that the workqueue function scheduled here has 765 * to run before any new keys can be added to the system to avoid set_key() 766 * callback ordering issues. 767 * 768 * @sdata: the interface 769 */ 770void sta_info_flush_delayed(struct ieee80211_sub_if_data *sdata) 771{ 772 struct ieee80211_local *local = sdata->local; 773 struct sta_info *sta, *tmp; 774 unsigned long flags; 775 bool work = false; 776 777 spin_lock_irqsave(&local->sta_lock, flags); 778 list_for_each_entry_safe(sta, tmp, &local->sta_list, list) { 779 if (sdata == sta->sdata) { 780 __sta_info_unlink(&sta); 781 if (sta) { 782 list_add_tail(&sta->list, 783 &local->sta_flush_list); 784 work = true; 785 } 786 } 787 } 788 if (work) 789 schedule_work(&local->sta_flush_work); 790 spin_unlock_irqrestore(&local->sta_lock, flags); 791} 792