clean up madwifi and sync with trunk
authorFelix Fietkau <nbd@openwrt.org>
Fri, 1 Jun 2007 10:29:49 +0000 (10:29 +0000)
committerFelix Fietkau <nbd@openwrt.org>
Fri, 1 Jun 2007 10:29:49 +0000 (10:29 +0000)
SVN-Revision: 7425

package/madwifi/Makefile
package/madwifi/patches/111-minstrel_crash.patch
package/madwifi/patches/119-secfix_PR_1335.patch [deleted file]
package/madwifi/patches/120-soc_fix.patch
package/madwifi/patches/121-ibss_hostap.patch
package/madwifi/patches/200-no_debug.patch
package/madwifi/patches/300-napi_polling.patch
package/madwifi/patches/305-pureg_fix.patch
package/madwifi/patches/309-micfail_detect.patch

index c6763d61c88d66f87dc5f28150460d5ad1bedade..b68dcc4d984199b20680c7d38f22bd50bcdb8ef3 100644 (file)
@@ -10,14 +10,14 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=madwifi
-PKG_VERSION:=r2377-20070526
+PKG_VERSION:=r2414-20070601
 PKG_BRANCH:=madwifi-ng
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_BRANCH)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://snapshots.madwifi.org/$(PKG_BRANCH)
 PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/$(PKG_BRANCH)-$(PKG_VERSION)
-PKG_MD5SUM:=92f73015caa4584580fb0ec474783c7b
+PKG_MD5SUM:=a6d1c884520cccf8ef407b4d0a00de72
 
 include $(INCLUDE_DIR)/package.mk
 
index 18fe896e503dbd049b7c76f117561bb4a24f96dd..cdf2fffe507c206d2f9627fc996a12c50d90552d 100644 (file)
@@ -2,12 +2,13 @@ diff -urN madwifi-ng-r2377-20070526.old/ath_rate/minstrel/minstrel.c madwifi-ng-
 --- madwifi-ng-r2377-20070526.old/ath_rate/minstrel/minstrel.c 2007-05-21 19:33:26.000000000 +0200
 +++ madwifi-ng-r2377-20070526.dev/ath_rate/minstrel/minstrel.c 2007-05-26 18:51:08.575783824 +0200
 @@ -388,6 +388,9 @@
-       int rc1, rc2, rc3;         /* Index into the rate table, so for example, it is  0..11 */
-       int rixc1, rixc2, rixc3;   /* The actual bit rate used */
+               int rc1, rc2, rc3;         /* Index into the rate table, so for example, it is  0..11 */
+               int rixc1, rixc2, rixc3;   /* The actual bit rate used */
  
-+      if (sn->num_rates <= 0)
-+              return;
++              if (sn->num_rates <= 0)
++                      return;
 +
-       if (sn->is_sampling) {
-               rc1 = sn->max_tp_rate;
-               sn->is_sampling = 0;
+               if (sn->is_sampling) {
+                       rc1 = sn->max_tp_rate;
+                       sn->is_sampling = 0;
+
diff --git a/package/madwifi/patches/119-secfix_PR_1335.patch b/package/madwifi/patches/119-secfix_PR_1335.patch
deleted file mode 100644 (file)
index ccdd43f..0000000
+++ /dev/null
@@ -1,49 +0,0 @@
-diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_input.c madwifi-ng-r2377-20070526.dev/net80211/ieee80211_input.c
---- madwifi-ng-r2377-20070526.old/net80211/ieee80211_input.c   2007-05-21 17:53:39.000000000 +0200
-+++ madwifi-ng-r2377-20070526.dev/net80211/ieee80211_input.c   2007-05-26 18:51:09.027715120 +0200
-@@ -695,13 +695,31 @@
-                       /* NB: assumes linear (i.e., non-fragmented) skb */
-+                      /* check length > header */
-+                      if (skb->len < sizeof(struct ether_header) + LLC_SNAPFRAMELEN
-+                          + roundup(sizeof(struct athl2p_tunnel_hdr) - 2, 4) + 2) {
-+                              IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_INPUT,
-+                                      ni->ni_macaddr, "data", "%s", "decap error");
-+                                      vap->iv_stats.is_rx_decap++;
-+                              IEEE80211_NODE_STAT(ni, rx_decap);
-+                              goto err;
-+                      }
-+
-                       /* get to the tunneled headers */
-                       ath_hdr = (struct athl2p_tunnel_hdr *)
-                               skb_pull(skb, sizeof(struct ether_header) + LLC_SNAPFRAMELEN);
--                      /* ignore invalid frames */
--                      if(ath_hdr == NULL)
-+                      eh_tmp = (struct ether_header *)
-+                              skb_pull(skb, roundup(sizeof(struct athl2p_tunnel_hdr) - 2, 4) + 2);
-+                      /* sanity check for malformed 802.3 length */
-+                      frame_len = ntohs(eh_tmp->ether_type);
-+                      if (skb->len < roundup(sizeof(struct ether_header) + frame_len, 4)) {
-+                              IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_INPUT,
-+                                      ni->ni_macaddr, "data", "%s", "decap error");
-+                                      vap->iv_stats.is_rx_decap++;
-+                              IEEE80211_NODE_STAT(ni, rx_decap);
-                               goto err;
--                      
-+                      }
-+
-                       /* only implementing FF now. drop all others. */
-                       if (ath_hdr->proto != ATH_L2TUNNEL_PROTO_FF) {
-                               IEEE80211_DISCARD_MAC(vap,
-@@ -714,10 +732,6 @@
-                       }
-                       vap->iv_stats.is_rx_ffcnt++;
-                       
--                      /* move past the tunneled header, with alignment */
--                      skb_pull(skb, roundup(sizeof(struct athl2p_tunnel_hdr) - 2, 4) + 2);
--                      eh_tmp = (struct ether_header *)skb->data;
--                      
-                       /* ether_type must be length as FF frames are always LLC/SNAP encap'd */
-                       frame_len = ntohs(eh_tmp->ether_type);
index d4a9a68a32ade8f8a42028a4233401d165435e9d..feebf3f56aca9d6fadc0fc9ba17f36244b3bc29e 100644 (file)
@@ -1,11 +1,9 @@
 diff -urN madwifi-ng-r2377-20070526.old/ath/if_ath_ahb.c madwifi-ng-r2377-20070526.dev/ath/if_ath_ahb.c
 --- madwifi-ng-r2377-20070526.old/ath/if_ath_ahb.c     2007-02-24 02:33:54.000000000 +0100
 +++ madwifi-ng-r2377-20070526.dev/ath/if_ath_ahb.c     2007-05-26 18:51:09.112702200 +0200
-@@ -274,12 +274,12 @@
- }
+@@ -275,11 +275,10 @@
  
  
-+
  static int
 -exit_ath_wmac(u_int16_t wlanNum)
 +exit_ath_wmac(u_int16_t wlanNum, struct ar531x_config *config)
@@ -13,16 +11,14 @@ diff -urN madwifi-ng-r2377-20070526.old/ath/if_ath_ahb.c madwifi-ng-r2377-200705
        struct ath_ahb_softc *sc = sclist[wlanNum];
        struct net_device *dev;
 -      const char *sysType;
-       u_int16_t devid;        
+       u_int16_t devid;
  
        if (sc == NULL)
-@@ -289,13 +289,17 @@
-       ath_detach(dev);
+@@ -290,12 +289,16 @@
        if (dev->irq)
                free_irq(dev->irq, dev);
--      sysType = get_system_type();
+       sysType = get_system_type();
 -      if (!strcmp(sysType, "Atheros AR5315"))
-+
 +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,19)
 +      devid = (u32) config->tag;
 +#else
@@ -30,13 +26,13 @@ diff -urN madwifi-ng-r2377-20070526.old/ath/if_ath_ahb.c madwifi-ng-r2377-200705
                devid = (u_int16_t) (sysRegRead(AR5315_SREV) &
                        (AR5315_REV_MAJ_M | AR5315_REV_MIN_M));
        else
-               devid = (u_int16_t) ((sysRegRead(AR531X_REV) >> 8) & 
+               devid = (u_int16_t) ((sysRegRead(AR531X_REV) >> 8) &
                        (AR531X_REV_MAJ | AR531X_REV_MIN));
 +#endif
-   
        ahb_disable_wmac(devid, wlanNum);
        free_netdev(dev);
-@@ -401,7 +405,7 @@
+@@ -401,7 +404,7 @@
  
  static int ahb_wmac_remove(struct platform_device *pdev)
  {
@@ -45,7 +41,7 @@ diff -urN madwifi-ng-r2377-20070526.old/ath/if_ath_ahb.c madwifi-ng-r2377-200705
  
        return 0;
  }
-@@ -439,7 +443,7 @@
+@@ -439,7 +442,7 @@
                        (AR5315_REV_MAJ_M | AR5315_REV_MIN_M));
                if (((devid & AR5315_REV_MAJ_M) == AR5315_REV_MAJ) ||
                        ((devid & AR5315_REV_MAJ_M) == AR5317_REV_MAJ))
@@ -54,7 +50,7 @@ diff -urN madwifi-ng-r2377-20070526.old/ath/if_ath_ahb.c madwifi-ng-r2377-200705
        }
  
        devid = (u_int16_t) ((sysRegRead(AR531X_REV) >>8) &
-@@ -452,11 +456,11 @@
+@@ -452,11 +455,11 @@
                ar5312BspEepromRead(2 * AR531X_RADIO_MASK_OFF, 2,
                        (char *) &radioMask);
                if ((radioMask & AR531X_RADIO0_MASK) != 0)
@@ -68,32 +64,3 @@ diff -urN madwifi-ng-r2377-20070526.old/ath/if_ath_ahb.c madwifi-ng-r2377-200705
                        return ret;
                break;
        default:
-diff -urN madwifi-ng-r2377-20070526.old/ath/if_ath.c madwifi-ng-r2377-20070526.dev/ath/if_ath.c
---- madwifi-ng-r2377-20070526.old/ath/if_ath.c 2007-05-26 18:51:09.019716336 +0200
-+++ madwifi-ng-r2377-20070526.dev/ath/if_ath.c 2007-05-26 18:51:09.116701592 +0200
-@@ -7636,9 +7636,24 @@
-               DPRINTF(sc, ATH_DEBUG_RESET, "%s: beacon queue 0x%x\n",
-                       __func__, ath_hal_gettxbuf(ah, sc->sc_bhalq));
-               for (i = 0; i < HAL_NUM_TX_QUEUES; i++)
--                      if (ATH_TXQ_SETUP(sc, i))
-+                      if (ATH_TXQ_SETUP(sc, i)) {
-                               ath_tx_stopdma(sc, &sc->sc_txq[i]);
-+
-+                              /* The TxDMA may not really be stopped.
-+                               * Double check the hal tx pending count */
-+                              npend += ath_hal_numtxpending(ah, sc->sc_txq[i].axq_qnum);
-+                      }
-       }
-+      
-+      if (npend) {
-+              HAL_STATUS status;
-+
-+              /* TxDMA not stopped, reset the hal */
-+              DPRINTF(sc, ATH_DEBUG_RESET, "%s: Unable to stop TxDMA. Reset HAL!\n", __func__);
-+              if (!ath_hal_reset(ah, sc->sc_ic.ic_opmode, &sc->sc_curchan, AH_TRUE, &status))
-+                      printk("%s: unable to reset hardware; hal status %u\n", __func__, status);
-+      }
-+
-       sc->sc_dev->trans_start = jiffies;
-       netif_start_queue(sc->sc_dev);          /* XXX move to callers */
-       for (i = 0; i < HAL_NUM_TX_QUEUES; i++)
index a4c615d1629b8de0ecf27fc2e7ac2b8226eb645a..8a843a279bca501a9804823ab0c2354785c9d99e 100644 (file)
@@ -1,7 +1,7 @@
 diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
---- madwifi.old/ath/if_ath.c   2007-05-31 02:41:28.760477696 +0200
-+++ madwifi.dev/ath/if_ath.c   2007-05-31 05:33:48.314626544 +0200
-@@ -1026,9 +1026,12 @@
+--- madwifi.old/ath/if_ath.c   2007-06-01 12:22:06.641518272 +0200
++++ madwifi.dev/ath/if_ath.c   2007-06-01 12:22:55.326117088 +0200
+@@ -1048,9 +1048,12 @@
                        ic_opmode = opmode;
                break;
        case IEEE80211_M_IBSS:
@@ -17,7 +17,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
                break;
        case IEEE80211_M_AHDEMO:
        case IEEE80211_M_MONITOR:
-@@ -1058,7 +1061,7 @@
+@@ -1080,7 +1083,7 @@
                return NULL;
        }
  
@@ -26,31 +26,31 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
                printk(KERN_WARNING "too many virtual ap's (already got %d)\n", sc->sc_nvaps);
                return NULL;
        }
-@@ -1093,8 +1096,8 @@
+@@ -1115,8 +1118,9 @@
         */
        if (opmode == IEEE80211_M_MONITOR)
                dev->type = ARPHRD_IEEE80211_RADIOTAP;
 -      if ((flags & IEEE80211_CLONE_BSSID) &&
 -          sc->sc_nvaps != 0 && opmode != IEEE80211_M_WDS && sc->sc_hasbmask) {
++      avp->av_bslot = -1;
 +      if ((flags & IEEE80211_CLONE_BSSID) && sc->sc_hasbmask && 
 +          (opmode == IEEE80211_M_HOSTAP || opmode == IEEE80211_M_IBSS)) {
                struct ieee80211vap *v;
                unsigned int id_mask, id;
-               
-@@ -1107,18 +1110,22 @@
-               
+@@ -1129,18 +1133,22 @@
                /* do a full search to mark all the allocated VAPs */
                id_mask = 0;
 -              TAILQ_FOREACH(v, &ic->ic_vaps, iv_next)
 -                      id_mask |= (1 << ATH_GET_VAP_ID(v->iv_myaddr));
--              
--              for (id = 0; id < ATH_BCBUF; id++) {
 +              TAILQ_FOREACH(v, &ic->ic_vaps, iv_next) {
 +                      struct ath_vap *a = (struct ath_vap *) v->iv_dev->priv;
 +                      if (a->av_bslot >= 0)
 +                              id_mask |= (1 << a->av_bslot);
 +              }
-+      
+-              for (id = 0; id < ATH_BCBUF; id++) {
 +              /* IBSS mode has local always set, so don't hand out beacon slot 0 to an IBSS vap */
 +              for (id = (opmode == IEEE80211_M_IBSS ? 1 : 0); id < ATH_BCBUF; id++) {
                        /* get the first available slot */
@@ -65,7 +65,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
        STAILQ_INIT(&avp->av_mcastq.axq_q);
        ATH_TXQ_LOCK_INIT(&avp->av_mcastq);
        if (opmode == IEEE80211_M_HOSTAP || opmode == IEEE80211_M_IBSS) {
-@@ -1128,33 +1135,14 @@
+@@ -1150,33 +1158,14 @@
                 */
                avp->av_bcbuf = STAILQ_FIRST(&sc->sc_bbuf);
                STAILQ_REMOVE_HEAD(&sc->sc_bbuf, bf_list);
@@ -101,18 +101,18 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
                        /*
                         * Multiple VAPs are to transmit beacons and we
                         * have h/w support for TSF adjusting; enable use
-@@ -1263,7 +1251,9 @@
-               if (sc->sc_nbcnvaps == 0)
+@@ -1286,7 +1275,9 @@
                        sc->sc_stagbeacons = 0;
        }
 -      if (vap->iv_opmode == IEEE80211_M_STA) {
 +      if (vap->iv_opmode == IEEE80211_M_IBSS) {
 +              sc->sc_nibssvaps--;     
-+      } if (vap->iv_opmode == IEEE80211_M_STA) {
++      } else if (vap->iv_opmode == IEEE80211_M_STA) {
                sc->sc_nstavaps--;
-               if (sc->sc_nostabeacons)
-                       sc->sc_nostabeacons = 0;
-@@ -3379,7 +3369,8 @@
+               sc->sc_nostabeacons = 0;
+       } else if (vap->iv_opmode == IEEE80211_M_MONITOR)
+@@ -3356,7 +3347,8 @@
                 HAL_RX_FILTER_MCAST;
        if (ic->ic_opmode != IEEE80211_M_STA)
                rfilt |= HAL_RX_FILTER_PROBEREQ;
@@ -122,16 +122,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
                rfilt |= HAL_RX_FILTER_PROM;
        if (ic->ic_opmode == IEEE80211_M_STA ||
            sc->sc_opmode == HAL_M_IBSS ||      /* NB: AHDEMO too */
-@@ -3387,7 +3378,7 @@
-               ((ic->ic_opmode == IEEE80211_M_HOSTAP) &&
-                (ic->ic_protmode != IEEE80211_PROT_NONE)))
-               rfilt |= HAL_RX_FILTER_BEACON;
--      if (sc->sc_nmonvaps > 0) 
-+      if (sc->sc_nmonvaps > 0)
-               rfilt |= (HAL_RX_FILTER_CONTROL | HAL_RX_FILTER_BEACON | 
-                         HAL_RX_FILTER_PROBEREQ | HAL_RX_FILTER_PROM);
-       return rfilt;
-@@ -5830,12 +5821,20 @@
+@@ -5809,12 +5801,19 @@
                        type = ieee80211_input(ni, skb, rs->rs_rssi, rs->rs_tstamp);
                        ieee80211_unref_node(&ni);
                } else {
@@ -140,9 +131,8 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
                         * No key index or no entry, do a lookup and
                         * add the node to the mapping table if possible.
                         */
--                      ni = ieee80211_find_rxnode(ic, 
+-                      ni = ieee80211_find_rxnode(ic,
 -                              (const struct ieee80211_frame_min *) skb->data);
-+
 +                      if ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) == IEEE80211_FC0_SUBTYPE_PROBE_REQ)
 +                              /* if this is a probe request, send it to all vaps
 +                               * when looking up nodes, hostap will be preferred over ibss,
@@ -155,9 +145,9 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
                                struct ath_node *an = ATH_NODE(ni);
                                ieee80211_keyix_t keyix;
 diff -ur madwifi.old/ath/if_athvar.h madwifi.dev/ath/if_athvar.h
---- madwifi.old/ath/if_athvar.h        2007-05-31 02:41:28.730482256 +0200
-+++ madwifi.dev/ath/if_athvar.h        2007-05-31 04:36:20.707742456 +0200
-@@ -203,7 +203,7 @@
+--- madwifi.old/ath/if_athvar.h        2007-06-01 12:22:06.642518120 +0200
++++ madwifi.dev/ath/if_athvar.h        2007-06-01 12:21:54.640342728 +0200
+@@ -199,7 +199,7 @@
  #define       ATH_RXBUF       40              /* number of RX buffers */
  #define       ATH_TXBUF       200             /* number of TX buffers */
  
@@ -165,8 +155,8 @@ diff -ur madwifi.old/ath/if_athvar.h madwifi.dev/ath/if_athvar.h
 +#define       ATH_BCBUF       8               /* number of beacon buffers */
  
  /* free buffer threshold to restart net dev */
- #define       ATH_TXBUF_FREE_THRESHOLD  (ATH_TXBUF / 20) 
-@@ -605,6 +605,7 @@
+ #define       ATH_TXBUF_FREE_THRESHOLD  (ATH_TXBUF / 20)
+@@ -594,6 +594,7 @@
        u_int16_t sc_nvaps;                     /* # of active virtual ap's */
        u_int8_t sc_nstavaps;                   /* # of active station vaps */
        u_int8_t sc_nmonvaps;                   /* # of monitor vaps */
@@ -175,8 +165,8 @@ diff -ur madwifi.old/ath/if_athvar.h madwifi.dev/ath/if_athvar.h
        u_int sc_fftxqmin;                      /* aggregation threshold */
        HAL_INT sc_imask;                       /* interrupt mask copy */
 diff -ur madwifi.old/net80211/ieee80211_beacon.c madwifi.dev/net80211/ieee80211_beacon.c
---- madwifi.old/net80211/ieee80211_beacon.c    2007-05-31 02:41:28.781474504 +0200
-+++ madwifi.dev/net80211/ieee80211_beacon.c    2007-05-31 03:29:12.197169152 +0200
+--- madwifi.old/net80211/ieee80211_beacon.c    2007-06-01 12:22:06.642518120 +0200
++++ madwifi.dev/net80211/ieee80211_beacon.c    2007-06-01 12:21:54.640342728 +0200
 @@ -111,7 +111,7 @@
        bo->bo_tim = frm;
  
@@ -187,9 +177,9 @@ diff -ur madwifi.old/net80211/ieee80211_beacon.c madwifi.dev/net80211/ieee80211_
                *frm++ = 2;
                *frm++ = 0; *frm++ = 0;         /* TODO: ATIM window */
 diff -ur madwifi.old/net80211/ieee80211_input.c madwifi.dev/net80211/ieee80211_input.c
---- madwifi.old/net80211/ieee80211_input.c     2007-05-31 02:41:28.784474048 +0200
-+++ madwifi.dev/net80211/ieee80211_input.c     2007-05-31 05:36:08.577303376 +0200
-@@ -3020,7 +3020,13 @@
+--- madwifi.old/net80211/ieee80211_input.c     2007-06-01 12:22:06.645517664 +0200
++++ madwifi.dev/net80211/ieee80211_input.c     2007-06-01 12:21:54.642342424 +0200
+@@ -2953,7 +2953,13 @@
                        return;
                }
                if (ni == vap->iv_bss) {
@@ -204,7 +194,7 @@ diff -ur madwifi.old/net80211/ieee80211_input.c madwifi.dev/net80211/ieee80211_i
                                /*
                                 * XXX Cannot tell if the sender is operating
                                 * in ibss mode.  But we need a new node to
-@@ -3029,12 +3035,13 @@
+@@ -2962,12 +2968,13 @@
                                 */
                                ni = ieee80211_fakeup_adhoc_node(vap,
                                        wh->i_addr2);
@@ -220,15 +210,16 @@ diff -ur madwifi.old/net80211/ieee80211_input.c madwifi.dev/net80211/ieee80211_i
  
                IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_INPUT, wh->i_addr2,
 diff -ur madwifi.old/net80211/ieee80211_node.c madwifi.dev/net80211/ieee80211_node.c
---- madwifi.old/net80211/ieee80211_node.c      2007-05-31 02:41:28.752478912 +0200
-+++ madwifi.dev/net80211/ieee80211_node.c      2007-05-31 05:15:24.717398824 +0200
-@@ -1088,8 +1088,25 @@
+--- madwifi.old/net80211/ieee80211_node.c      2007-06-01 12:22:06.646517512 +0200
++++ madwifi.dev/net80211/ieee80211_node.c      2007-06-01 12:21:54.644342120 +0200
+@@ -1082,8 +1082,25 @@
        IEEE80211_NODE_TABLE_LOCK_ASSERT(nt);
  
        hash = IEEE80211_NODE_HASH(macaddr);
 +      
 +      /* look for non-ibss nodes first */
-+      LIST_FOREACH(ni, &nt->nt_hash[hash], ni_hash) {
+       LIST_FOREACH(ni, &nt->nt_hash[hash], ni_hash) {
+-              if (IEEE80211_ADDR_EQ(ni->ni_macaddr, macaddr)) {
 +              if (IEEE80211_ADDR_EQ(ni->ni_macaddr, macaddr) && ni->ni_vap->iv_opmode != IEEE80211_M_IBSS) {
 +                      ieee80211_ref_node(ni); /* mark referenced */
 +#ifdef IEEE80211_DEBUG_REFCNT
@@ -243,8 +234,7 @@ diff -ur madwifi.old/net80211/ieee80211_node.c madwifi.dev/net80211/ieee80211_no
 +      }
 +
 +      /* now look for ibss nodes */
-       LIST_FOREACH(ni, &nt->nt_hash[hash], ni_hash) {
--              if (IEEE80211_ADDR_EQ(ni->ni_macaddr, macaddr)) {
++      LIST_FOREACH(ni, &nt->nt_hash[hash], ni_hash) {
 +              if (IEEE80211_ADDR_EQ(ni->ni_macaddr, macaddr) && ni->ni_vap->iv_opmode == IEEE80211_M_IBSS) {
                        ieee80211_ref_node(ni); /* mark referenced */
  #ifdef IEEE80211_DEBUG_REFCNT
index 6a739294208fb4e6a1449ac43ffb5bf0d98256cb..fda9d3e557046c8d6e9a61e90295503bedaf64a1 100644 (file)
@@ -38,11 +38,11 @@ diff -urN madwifi-ng-r2377-20070526.old/ath_rate/minstrel/minstrel.c madwifi-ng-
  
  #include "minstrel.h"
  
--#define       MINSTREL_DEBUG 
-+#undef        MINSTREL_DEBUG 
+-#define       MINSTREL_DEBUG
++#undef        MINSTREL_DEBUG
  #ifdef MINSTREL_DEBUG
  enum {
-       ATH_DEBUG_RATE          = 0x00000010    /* rate control */
+               ATH_DEBUG_RATE          = 0x00000010    /* rate control */
 diff -urN madwifi-ng-r2377-20070526.old/ath_rate/onoe/onoe.c madwifi-ng-r2377-20070526.dev/ath_rate/onoe/onoe.c
 --- madwifi-ng-r2377-20070526.old/ath_rate/onoe/onoe.c 2007-05-21 19:33:26.000000000 +0200
 +++ madwifi-ng-r2377-20070526.dev/ath_rate/onoe/onoe.c 2007-05-26 18:51:09.209687456 +0200
@@ -160,3 +160,4 @@ diff -urN madwifi-ng-r2377-20070526.old/tools/Makefile madwifi-ng-r2377-20070526
        ln -s -f madwifi_multi $$i; \
        done
  
+
index 69e2b106bbbe5d5486fb2b643190602f6206c3b9..f8135710e4d7b182131def9f20c5db1dfe3f0bd4 100644 (file)
@@ -1,6 +1,6 @@
 diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
---- madwifi.old/ath/if_ath.c   2007-05-31 06:48:28.561525488 +0200
-+++ madwifi.dev/ath/if_ath.c   2007-05-31 06:50:07.143538744 +0200
+--- madwifi.old/ath/if_ath.c   2007-06-01 11:26:04.181689864 +0200
++++ madwifi.dev/ath/if_ath.c   2007-06-01 11:39:53.078678368 +0200
 @@ -167,7 +167,7 @@
        int, u_int32_t);
  static void ath_setdefantenna(struct ath_softc *, u_int);
@@ -10,7 +10,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
  static int ath_hardstart(struct sk_buff *, struct net_device *);
  static int ath_mgtstart(struct ieee80211com *, struct sk_buff *);
  #ifdef ATH_SUPERG_COMP
-@@ -429,7 +429,6 @@
+@@ -443,7 +443,6 @@
        ATH_TXBUF_LOCK_INIT(sc);
        ATH_RXBUF_LOCK_INIT(sc);
  
@@ -18,7 +18,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
        ATH_INIT_TQUEUE(&sc->sc_txtq,     ath_tx_tasklet,       dev);
        ATH_INIT_TQUEUE(&sc->sc_bmisstq,  ath_bmiss_tasklet,    dev);
        ATH_INIT_TQUEUE(&sc->sc_bstucktq, ath_bstuck_tasklet,   dev);
-@@ -685,6 +684,8 @@
+@@ -700,6 +699,8 @@
        dev->set_mac_address = ath_set_mac_address;
        dev->change_mtu = ath_change_mtu;
        dev->tx_queue_len = ATH_TXBUF - 1;              /* 1 for mgmt frame */
@@ -27,7 +27,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
  #ifdef USE_HEADERLEN_RESV
        dev->hard_header_len += sizeof(struct ieee80211_qosframe) +
                                sizeof(struct llc) +
-@@ -1643,6 +1644,7 @@
+@@ -1665,6 +1666,7 @@
         */
        ath_hal_getisr(ah, &status);            /* NB: clears ISR too */
        DPRINTF(sc, ATH_DEBUG_INTR, "%s: status 0x%x\n", __func__, status);
@@ -35,7 +35,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
        status &= sc->sc_imask;                 /* discard unasked for bits */
        if (status & HAL_INT_FATAL) {
                sc->sc_stats.ast_hardware++;
-@@ -1678,7 +1680,12 @@
+@@ -1700,7 +1702,12 @@
                if (status & HAL_INT_RX) {
                        sc->sc_tsf = ath_hal_gettsf64(ah);
                        ath_uapsd_processtriggers(sc);
@@ -49,9 +49,9 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
                }
                if (status & HAL_INT_TX) {
  #ifdef ATH_SUPERG_DYNTURBO
-@@ -1704,6 +1711,11 @@
+@@ -1726,6 +1733,11 @@
                                }
-                       } 
+                       }
  #endif
 +                      /* disable transmit interrupt */
 +                      sc->sc_isr &= ~HAL_INT_TX;
@@ -61,278 +61,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
                        ATH_SCHEDULE_TQUEUE(&sc->sc_txtq, &needmark);
                }
                if (status & HAL_INT_BMISS) {
-@@ -2166,12 +2178,13 @@
-        * Insert the frame on the outbound list and
-        * pass it on to the hardware.
-        */
--      ATH_TXQ_LOCK(txq);
-+      ATH_TXQ_LOCK_IRQ(txq);
-       if (ni && ni->ni_vap && txq == &ATH_VAP(ni->ni_vap)->av_mcastq) {
-               /*
-                * The CAB queue is started from the SWBA handler since
-                * frames only go out on DTIM and to avoid possible races.
-                */
-+              sc->sc_imask &= ~HAL_INT_SWBA;
-               ath_hal_intrset(ah, sc->sc_imask & ~HAL_INT_SWBA);
-               ATH_TXQ_INSERT_TAIL(txq, bf, bf_list);
-               DPRINTF(sc, ATH_DEBUG_TX_PROC, "%s: txq depth = %d\n", __func__, txq->axq_depth);
-@@ -2187,6 +2200,7 @@
-                               ito64(bf->bf_daddr), bf->bf_desc);
-               }
-               txq->axq_link = &lastds->ds_link;
-+              sc->sc_imask |= HAL_INT_SWBA;
-               ath_hal_intrset(ah, sc->sc_imask);
-       } else {
-               ATH_TXQ_INSERT_TAIL(txq, bf, bf_list);
-@@ -2222,7 +2236,7 @@
-                       }
-               }
-       }
--      ATH_TXQ_UNLOCK(txq);
-+      ATH_TXQ_UNLOCK_IRQ(txq);
-       sc->sc_devstats.tx_packets++;
-       sc->sc_devstats.tx_bytes += framelen;
-@@ -2373,12 +2387,18 @@
-       unsigned int pktlen;
-       int framecnt;
-+      /*
-+       * NB: using _BH style locking even though this function may be called
-+       *     at interrupt time (within tasklet or bh). This should be harmless
-+       *     and this function calls others (i.e., ath_tx_start()) which do
-+       *     the same.
-+       */
-       for (;;) {
--              ATH_TXQ_LOCK(txq);
-+              ATH_TXQ_LOCK_BH(txq);
-               bf_ff = TAILQ_LAST(&txq->axq_stageq, axq_headtype);
-               if ((!bf_ff) || ath_ff_flushdonetest(txq, bf_ff)) {
--                      ATH_TXQ_UNLOCK(txq);
-+                      ATH_TXQ_UNLOCK_BH(txq);
-                       break;
-               }
-@@ -2388,7 +2408,7 @@
-               ATH_NODE(ni)->an_tx_ffbuf[bf_ff->bf_skb->priority] = NULL;
-               TAILQ_REMOVE(&txq->axq_stageq, bf_ff, bf_stagelist);
--              ATH_TXQ_UNLOCK(txq);
-+              ATH_TXQ_UNLOCK_BH(txq);
-               /* encap and xmit */
-               bf_ff->bf_skb = ieee80211_encap(ni, bf_ff->bf_skb, &framecnt);
-@@ -2409,15 +2429,16 @@
-               }
-               bf_ff->bf_node = NULL;
--              ATH_TXBUF_LOCK_IRQ(sc);
-+              ATH_TXBUF_LOCK_BH(sc);
-               STAILQ_INSERT_TAIL(&sc->sc_txbuf, bf_ff, bf_list);
--              ATH_TXBUF_UNLOCK_IRQ(sc);
-+              ATH_TXBUF_UNLOCK_BH(sc);
-       }
-+      ATH_TXQ_UNLOCK_BH(txq);
- }
- #endif
- #define ATH_HARDSTART_GET_TX_BUF_WITH_LOCK                            \
--      ATH_TXBUF_LOCK_IRQ(sc);                                         \
-+      ATH_TXBUF_LOCK_BH(sc);                                          \
-       bf = STAILQ_FIRST(&sc->sc_txbuf);                               \
-       if (bf != NULL) {                                               \
-               STAILQ_REMOVE_HEAD(&sc->sc_txbuf, bf_list);             \
-@@ -2432,11 +2453,23 @@
-               sc->sc_devstopped = 1;                                  \
-               ATH_SCHEDULE_TQUEUE(&sc->sc_txtq, NULL);                \
-       }                                                               \
--      ATH_TXBUF_UNLOCK_IRQ(sc);                                       \
-+
-+#define ATH_HARDSTART_REL_TX_BUF_WITH_TXQLOCK_OFF                     \
-+      ATH_TXBUF_UNLOCK_BH(sc);                                        \
-+      if (bf == NULL) {               /* NB: should not happen */     \
-+          DPRINTF(sc,ATH_DEBUG_XMIT,"%s: discard, no xmit buf\n", __func__);                                                                          \
-+          sc->sc_stats.ast_tx_nobuf++;                                \
-+          goto hardstart_fail;                                        \
-+      }
-+
-+#define ATH_HARDSTART_REL_TX_BUF_WITH_TXQLOCK_ON                      \
-+      ATH_TXBUF_UNLOCK_BH(sc);                                        \
-       if (bf == NULL) {               /* NB: should not happen */     \
-               DPRINTF(sc,ATH_DEBUG_XMIT,                              \
-                       "%s: discard, no xmit buf\n", __func__);        \
-+          ATH_TXQ_UNLOCK_BH(txq);                                     \
-               sc->sc_stats.ast_tx_nobuf++;                            \
-+              goto hardstart_fail;                                    \
-       }
- /*
-@@ -2498,6 +2531,7 @@
-       if (M_FLAG_GET(skb, M_UAPSD)) {
-               /* bypass FF handling */
-               ATH_HARDSTART_GET_TX_BUF_WITH_LOCK;
-+              ATH_HARDSTART_REL_TX_BUF_WITH_TXQLOCK_OFF;
-               if (bf == NULL)
-                       goto hardstart_fail;
-               goto ff_bypass;
-@@ -2519,7 +2553,7 @@
-       /* NB: use this lock to protect an->an_ff_txbuf in athff_can_aggregate()
-        *     call too.
-        */
--      ATH_TXQ_LOCK(txq);
-+      ATH_TXQ_LOCK_BH(txq);
-       if (athff_can_aggregate(sc, eh, an, skb, vap->iv_fragthreshold, &ff_flush)) {
-               if (an->an_tx_ffbuf[skb->priority]) { /* i.e., frame on the staging queue */
-@@ -2529,7 +2563,7 @@
-                       TAILQ_REMOVE(&txq->axq_stageq, bf, bf_stagelist);
-                       an->an_tx_ffbuf[skb->priority] = NULL;
--                      ATH_TXQ_UNLOCK(txq);
-+                      ATH_TXQ_UNLOCK_BH(txq);
-                       /*
-                        * chain skbs and add FF magic
-@@ -2556,8 +2590,9 @@
-                        *     to give the buffer back.
-                        */
-                       ATH_HARDSTART_GET_TX_BUF_WITH_LOCK;
-+                      ATH_HARDSTART_REL_TX_BUF_WITH_TXQLOCK_ON;
-                       if (bf == NULL) {
--                              ATH_TXQ_UNLOCK(txq);
-+                              ATH_TXQ_UNLOCK_BH(txq);
-                               goto hardstart_fail;
-                       }
-                       DPRINTF(sc, ATH_DEBUG_XMIT | ATH_DEBUG_FF,
-@@ -2570,7 +2605,7 @@
-                       TAILQ_INSERT_HEAD(&txq->axq_stageq, bf, bf_stagelist);
--                      ATH_TXQ_UNLOCK(txq);
-+                      ATH_TXQ_UNLOCK_BH(txq);
-                       return 0;
-               }
-@@ -2581,7 +2616,7 @@
-                       TAILQ_REMOVE(&txq->axq_stageq, bf_ff, bf_stagelist);
-                       an->an_tx_ffbuf[skb->priority] = NULL;
--                      ATH_TXQ_UNLOCK(txq);
-+                      ATH_TXQ_UNLOCK_BH(txq);
-                       /* encap and xmit */
-                       bf_ff->bf_skb = ieee80211_encap(ni, bf_ff->bf_skb, &framecnt);
-@@ -2611,9 +2646,9 @@
-                       }
-                       bf_ff->bf_node = NULL;
--                      ATH_TXBUF_LOCK(sc);
-+                      ATH_TXBUF_LOCK_BH(sc);
-                       STAILQ_INSERT_TAIL(&sc->sc_txbuf, bf_ff, bf_list);
--                      ATH_TXBUF_UNLOCK(sc);
-+                      ATH_TXBUF_UNLOCK_BH(sc);
-                       goto ff_flushdone;
-               }
-               /*
-@@ -2623,14 +2658,13 @@
-               else if (an->an_tx_ffbuf[skb->priority]) {
-                       DPRINTF(sc, ATH_DEBUG_XMIT | ATH_DEBUG_FF,
-                               "%s: Out-Of-Order fast-frame\n", __func__);
--                      ATH_TXQ_UNLOCK(txq);
-+                      ATH_TXQ_UNLOCK_BH(txq);
-               } else
--                      ATH_TXQ_UNLOCK(txq);
-+                      ATH_TXQ_UNLOCK_BH(txq);
-       ff_flushdone:
-               ATH_HARDSTART_GET_TX_BUF_WITH_LOCK;
--              if (bf == NULL)
--                      goto hardstart_fail;
-+              ATH_HARDSTART_REL_TX_BUF_WITH_TXQLOCK_OFF;
-       }
- ff_bypass:
-@@ -2638,6 +2672,7 @@
- #else /* ATH_SUPERG_FF */
-       ATH_HARDSTART_GET_TX_BUF_WITH_LOCK;
-+      ATH_HARDSTART_REL_TX_BUF_WITH_TXQLOCK_OFF;
- #endif /* ATH_SUPERG_FF */
-@@ -2659,7 +2694,7 @@
-                *  Allocate 1 ath_buf for each frame given 1 was 
-                *  already alloc'd
-                */
--              ATH_TXBUF_LOCK(sc);
-+              ATH_TXBUF_LOCK_BH(sc);
-               for (bfcnt = 1; bfcnt < framecnt; ++bfcnt) {
-                       if ((tbf = STAILQ_FIRST(&sc->sc_txbuf)) != NULL) {
-                               STAILQ_REMOVE_HEAD(&sc->sc_txbuf, bf_list);
-@@ -2680,11 +2715,11 @@
-                                       STAILQ_INSERT_TAIL(&sc->sc_txbuf, tbf, bf_list);
-                               }
-                       }
--                      ATH_TXBUF_UNLOCK(sc);
-+                      ATH_TXBUF_UNLOCK_BH(sc);
-                       STAILQ_INIT(&bf_head);
-                       goto hardstart_fail;
-               }
--              ATH_TXBUF_UNLOCK(sc);
-+              ATH_TXBUF_UNLOCK_BH(sc);
-               while ((bf = STAILQ_FIRST(&bf_head)) != NULL && skb != NULL) {
-                       unsigned int nextfraglen = 0;
-@@ -2720,7 +2755,7 @@
- hardstart_fail:
-       if (!STAILQ_EMPTY(&bf_head)) {
--              ATH_TXBUF_LOCK(sc);
-+              ATH_TXBUF_LOCK_BH(sc);
-               STAILQ_FOREACH_SAFE(tbf, &bf_head, bf_list, tempbf) {
-                       tbf->bf_skb = NULL;
-                       tbf->bf_node = NULL;
-@@ -2730,7 +2765,7 @@
-                       STAILQ_INSERT_TAIL(&sc->sc_txbuf, tbf, bf_list);
-               }
--              ATH_TXBUF_UNLOCK(sc);
-+              ATH_TXBUF_UNLOCK_BH(sc);
-       }
-       /* free sk_buffs */
-@@ -2773,7 +2808,7 @@
-       /*
-        * Grab a TX buffer and associated resources.
-        */
--      ATH_TXBUF_LOCK_IRQ(sc);
-+      ATH_TXBUF_LOCK_BH(sc);
-       bf = STAILQ_FIRST(&sc->sc_txbuf);
-       if (bf != NULL)
-               STAILQ_REMOVE_HEAD(&sc->sc_txbuf, bf_list);
-@@ -2784,7 +2819,7 @@
-               sc->sc_devstopped=1;
-               ATH_SCHEDULE_TQUEUE(&sc->sc_txtq, NULL);
-       }
--      ATH_TXBUF_UNLOCK_IRQ(sc);
-+      ATH_TXBUF_UNLOCK_BH(sc);
-       if (bf == NULL) {
-               printk("ath_mgtstart: discard, no xmit buf\n");
-               sc->sc_stats.ast_tx_nobufmgt++;
-@@ -2813,9 +2848,9 @@
-               bf->bf_skb = NULL;
-               bf->bf_node = NULL;
--              ATH_TXBUF_LOCK_IRQ(sc);
-+              ATH_TXBUF_LOCK_BH(sc);
-               STAILQ_INSERT_TAIL(&sc->sc_txbuf, bf, bf_list);
--              ATH_TXBUF_UNLOCK_IRQ(sc);
-+              ATH_TXBUF_UNLOCK_BH(sc);
-       }
-       dev_kfree_skb_any(skb);
-       skb = NULL;
-@@ -3283,10 +3318,10 @@
+@@ -3296,10 +3308,10 @@
         *
         * XXX Using in_softirq is not right since we might
         * be called from other soft irq contexts than
@@ -345,7 +74,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
        netif_stop_queue(dev);
  }
  
-@@ -3299,7 +3334,7 @@
+@@ -3312,7 +3324,7 @@
        DPRINTF(sc, ATH_DEBUG_KEYCACHE, "%s:\n", __func__);
        netif_start_queue(dev);
        if (!in_softirq())              /* NB: see above */
@@ -354,19 +83,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
  }
  
  /*
-@@ -4866,9 +4901,9 @@
-               bf->bf_node = NULL;
-               bf->bf_desc->ds_link = 0;
-               
--              ATH_TXBUF_LOCK_IRQ(sc);
-+              ATH_TXBUF_LOCK_BH(sc);
-               STAILQ_INSERT_TAIL(&sc->sc_txbuf, bf, bf_list);
--              ATH_TXBUF_UNLOCK_IRQ(sc);
-+              ATH_TXBUF_UNLOCK_BH(sc);
-               an->an_uapsd_overflowqdepth--;
-       }
-@@ -5544,13 +5579,12 @@
+@@ -5573,13 +5585,12 @@
        sc->sc_rxotherant = 0;
  }
  
@@ -382,7 +99,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
        struct ath_buf *bf;
        struct ath_softc *sc = dev->priv;
        struct ieee80211com *ic = &sc->sc_ic;
-@@ -5562,12 +5596,15 @@
+@@ -5591,12 +5602,15 @@
        unsigned int len;
        int type;
        u_int phyerr;
@@ -392,13 +109,13 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
        /* Let the 802.11 layer know about the new noise floor */
        sc->sc_channoise = ath_hal_get_channel_noise(ah, &(sc->sc_curchan));
        ic->ic_channoise = sc->sc_channoise;
-       
        DPRINTF(sc, ATH_DEBUG_RX_PROC, "%s\n", __func__);
 +process_rx_again:
        do {
                bf = STAILQ_FIRST(&sc->sc_rxbuf);
                if (bf == NULL) {               /* XXX ??? can this happen */
-@@ -5591,6 +5628,13 @@
+@@ -5620,6 +5634,13 @@
                        /* NB: never process the self-linked entry at the end */
                        break;
                }
@@ -411,8 +128,8 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
 +
                skb = bf->bf_skb;
                if (skb == NULL) {              /* XXX ??? can this happen */
-                       printk("%s: no skbuff (%s)\n", dev->name, __func__);
-@@ -5629,6 +5673,7 @@
+                       printk("%s: no skbuff (%s)\n", DEV_NAME(dev), __func__);
+@@ -5658,6 +5679,7 @@
                                sc->sc_stats.ast_rx_phyerr++;
                                phyerr = rs->rs_phyerr & 0x1f;
                                sc->sc_stats.ast_rx_phy[phyerr]++;
@@ -420,7 +137,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
                        }
                        if (rs->rs_status & HAL_RXERR_DECRYPT) {
                                /*
-@@ -5840,9 +5885,29 @@
+@@ -5868,9 +5890,29 @@
                STAILQ_INSERT_TAIL(&sc->sc_rxbuf, bf, bf_list);
                ATH_RXBUF_UNLOCK_IRQ(sc);
        } while (ath_rxbuf_init(sc, bf) == 0);
@@ -443,63 +160,14 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
 +      }
 +
 +      *budget -= processed;
-       
        /* rx signal state monitoring */
        ath_hal_rxmonitor(ah, &sc->sc_halstats, &sc->sc_curchan);
 +      return early_stop;
  #undef PA2DESC
  }
  
-@@ -6118,22 +6183,22 @@
-                               }
-                       }
--                      ATH_TXBUF_LOCK_IRQ(sc);                                 
-+                      ATH_TXBUF_LOCK_BH(sc);                                  
-                       bf = STAILQ_FIRST(&sc->sc_grppollbuf);
-                       if (bf != NULL)
-                               STAILQ_REMOVE_HEAD(&sc->sc_grppollbuf, bf_list);
-                       else {
-                               DPRINTF(sc, ATH_DEBUG_XMIT, "%s: No more TxBufs\n", __func__);
--                              ATH_TXBUF_UNLOCK_IRQ_EARLY(sc);
-+                              ATH_TXBUF_UNLOCK_BH(sc);
-                               return;
-                       }
-                       /* XXX use a counter and leave at least one for mgmt frames */
-                       if (STAILQ_EMPTY(&sc->sc_grppollbuf)) {                         
-                               DPRINTF(sc, ATH_DEBUG_XMIT, "%s: No more TxBufs left\n", __func__);
--                              ATH_TXBUF_UNLOCK_IRQ_EARLY(sc);
-+                              ATH_TXBUF_UNLOCK_BH(sc);
-                               return;
-                       }                                       
--                      ATH_TXBUF_UNLOCK_IRQ(sc);
-+                      ATH_TXBUF_UNLOCK_BH(sc);
-                       bf->bf_skbaddr = bus_map_single(sc->sc_bdev,
-                               skb->data, skb->len, BUS_DMA_TODEVICE);
-@@ -6599,9 +6664,9 @@
-               dev_kfree_skb(lastbuf->bf_skb);
-               lastbuf->bf_skb = NULL;
-               ieee80211_unref_node(&lastbuf->bf_node);
--              ATH_TXBUF_LOCK_IRQ(sc);
-+              ATH_TXBUF_LOCK_BH(sc);
-               STAILQ_INSERT_TAIL(&sc->sc_txbuf, lastbuf, bf_list);
--              ATH_TXBUF_UNLOCK_IRQ(sc);
-+              ATH_TXBUF_UNLOCK_BH(sc);
-               
-               /*
-                *  move oldest from overflow to delivery
-@@ -7426,9 +7491,6 @@
-                       if (sc->sc_reapcount > ATH_TXBUF_FREE_THRESHOLD) {
-                               if (!sc->sc_dfswait)
-                                       netif_start_queue(sc->sc_dev);
--                              DPRINTF(sc, ATH_DEBUG_TX_PROC,
--                                      "%s: tx tasklet restart the queue\n",
--                                      __func__);
-                               sc->sc_reapcount = 0;
-                               sc->sc_devstopped = 0;
-                       } else
-@@ -7463,11 +7525,22 @@
+@@ -7487,11 +7529,22 @@
        struct net_device *dev = (struct net_device *)data;
        struct ath_softc *sc = dev->priv;
  
@@ -522,7 +190,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
        netif_wake_queue(dev);
  
        if (sc->sc_softled)
-@@ -7484,6 +7557,7 @@
+@@ -7508,6 +7561,7 @@
        struct net_device *dev = (struct net_device *)data;
        struct ath_softc *sc = dev->priv;
  
@@ -530,7 +198,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
        /*
         * Process each active queue.
         */
-@@ -7504,6 +7578,16 @@
+@@ -7528,6 +7582,16 @@
        if (sc->sc_uapsdq && txqactive(sc->sc_ah, sc->sc_uapsdq->axq_qnum))
                ath_tx_processq(sc, sc->sc_uapsdq);
  
@@ -547,7 +215,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
        netif_wake_queue(dev);
  
        if (sc->sc_softled)
-@@ -7521,6 +7605,7 @@
+@@ -7545,6 +7609,7 @@
        unsigned int i;
  
        /* Process each active queue. */
@@ -555,7 +223,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
        for (i = 0; i < HAL_NUM_TX_QUEUES; i++)
                if (ATH_TXQ_SETUP(sc, i) && txqactive(sc->sc_ah, i))
                        ath_tx_processq(sc, &sc->sc_txq[i]);
-@@ -7529,6 +7614,16 @@
+@@ -7553,6 +7618,16 @@
                ath_tx_processq(sc, sc->sc_xrtxq);
  #endif
  
@@ -572,7 +240,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
        netif_wake_queue(dev);
  
        if (sc->sc_softled)
-@@ -7627,6 +7722,7 @@
+@@ -7651,6 +7726,7 @@
  ath_draintxq(struct ath_softc *sc)
  {
        struct ath_hal *ah = sc->sc_ah;
@@ -580,7 +248,7 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
        unsigned int i;
  
        /* XXX return value */
-@@ -9160,9 +9256,9 @@
+@@ -9170,9 +9246,9 @@
        dev->mtu = mtu;
        if ((dev->flags & IFF_RUNNING) && !sc->sc_invalid) {
                /* NB: the rx buffers may need to be reallocated */
@@ -592,10 +260,9 @@ diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
        }
        ATH_UNLOCK(sc);
  
-Only in madwifi.dev/ath: if_ath.c.orig
 diff -ur madwifi.old/ath/if_athvar.h madwifi.dev/ath/if_athvar.h
---- madwifi.old/ath/if_athvar.h        2007-05-31 06:48:28.555526400 +0200
-+++ madwifi.dev/ath/if_athvar.h        2007-05-31 06:48:57.847073408 +0200
+--- madwifi.old/ath/if_athvar.h        2007-06-01 11:26:04.158693360 +0200
++++ madwifi.dev/ath/if_athvar.h        2007-06-01 11:33:26.549439744 +0200
 @@ -48,6 +48,10 @@
  #include "if_athioctl.h"
  #include "net80211/ieee80211.h"               /* XXX for WME_NUM_AC */
@@ -607,102 +274,35 @@ diff -ur madwifi.old/ath/if_athvar.h madwifi.dev/ath/if_athvar.h
  /*
   * Deduce if tasklets are available.  If not then
   * fall back to using the immediate work queue.
-@@ -478,8 +482,12 @@
- #define       ATH_TXQ_LOCK_DESTROY(_tq)       
- #define       ATH_TXQ_LOCK(_tq)               spin_lock(&(_tq)->axq_lock)
- #define       ATH_TXQ_UNLOCK(_tq)             spin_unlock(&(_tq)->axq_lock)
--#define       ATH_TXQ_LOCK_BH(_tq)            spin_lock_bh(&(_tq)->axq_lock)
--#define       ATH_TXQ_UNLOCK_BH(_tq)          spin_unlock_bh(&(_tq)->axq_lock)
-+#define       ATH_TXQ_LOCK_BH(_tq) \
-+      if (!irqs_disabled()) \
-+              spin_lock_bh(&(_tq)->axq_lock)
-+#define       ATH_TXQ_UNLOCK_BH(_tq) \
-+      if (!irqs_disabled()) \
-+              spin_unlock_bh(&(_tq)->axq_lock)
- #define ATH_TXQ_LOCK_IRQ(_tq)         do {    \
-       unsigned long __axq_lockflags;          \
-       spin_lock_irqsave(&(_tq)->axq_lock, __axq_lockflags);
-@@ -624,7 +632,6 @@
+@@ -621,7 +625,6 @@
        struct ath_buf *sc_rxbufcur;            /* current rx buffer */
        u_int32_t *sc_rxlink;                   /* link ptr in last RX desc */
-       spinlock_t sc_rxbuflock; 
+       spinlock_t sc_rxbuflock;
 -      struct ATH_TQ_STRUCT sc_rxtq;           /* rx intr tasklet */
        struct ATH_TQ_STRUCT sc_rxorntq;        /* rxorn intr tasklet */
        u_int8_t sc_defant;                     /* current default antenna */
        u_int8_t sc_rxotherant;                 /* rx's on non-default antenna*/
-@@ -637,6 +644,7 @@
+@@ -634,6 +637,7 @@
        u_int sc_txintrperiod;                  /* tx interrupt batching */
        struct ath_txq sc_txq[HAL_NUM_TX_QUEUES];
-       struct ath_txq *sc_ac2q[WME_NUM_AC];    /* WME AC -> h/w qnum */ 
+       struct ath_txq *sc_ac2q[WME_NUM_AC];    /* WME AC -> h/w qnum */
 +      HAL_INT sc_isr;                         /* unmasked ISR state */
        struct ATH_TQ_STRUCT sc_txtq;           /* tx intr tasklet */
-       u_int8_t sc_grppoll_str[GRPPOLL_RATE_STR_LEN];  
+       u_int8_t sc_grppoll_str[GRPPOLL_RATE_STR_LEN];
        struct ath_descdma sc_bdma;             /* beacon descriptors */
-@@ -703,8 +711,12 @@
- #define       ATH_TXBUF_LOCK_DESTROY(_sc)
- #define       ATH_TXBUF_LOCK(_sc)             spin_lock(&(_sc)->sc_txbuflock)
- #define       ATH_TXBUF_UNLOCK(_sc)           spin_unlock(&(_sc)->sc_txbuflock)
--#define       ATH_TXBUF_LOCK_BH(_sc)          spin_lock_bh(&(_sc)->sc_txbuflock)
--#define       ATH_TXBUF_UNLOCK_BH(_sc)        spin_unlock_bh(&(_sc)->sc_txbuflock)
-+#define       ATH_TXBUF_LOCK_BH(_sc) \
-+      if (!irqs_disabled()) \
-+              spin_lock_bh(&(_sc)->sc_txbuflock)
-+#define       ATH_TXBUF_UNLOCK_BH(_sc) \
-+      if (!irqs_disabled()) \
-+              spin_unlock_bh(&(_sc)->sc_txbuflock)
- #define       ATH_TXBUF_LOCK_IRQ(_sc)         do {    \
-       unsigned long __txbuflockflags;         \
-       spin_lock_irqsave(&(_sc)->sc_txbuflock, __txbuflockflags);
-@@ -722,8 +734,12 @@
- #define       ATH_RXBUF_LOCK_DESTROY(_sc)
- #define       ATH_RXBUF_LOCK(_sc)             spin_lock(&(_sc)->sc_rxbuflock)
- #define       ATH_RXBUF_UNLOCK(_sc)           spin_unlock(&(_sc)->sc_rxbuflock)
--#define       ATH_RXBUF_LOCK_BH(_sc)          spin_lock_bh(&(_sc)->sc_rxbuflock)
--#define       ATH_RXBUF_UNLOCK_BH(_sc)        spin_unlock_bh(&(_sc)->sc_rxbuflock)
-+#define       ATH_RXBUF_LOCK_BH(_sc) \
-+      if (!irqs_disabled()) \
-+              spin_lock_bh(&(_sc)->sc_rxbuflock)
-+#define       ATH_RXBUF_UNLOCK_BH(_sc) \
-+      if (!irqs_disabled()) \
-+              spin_unlock_bh(&(_sc)->sc_rxbuflock)
- #define       ATH_RXBUF_LOCK_IRQ(_sc)         do {    \
-       unsigned long __rxbuflockflags;         \
-       spin_lock_irqsave(&(_sc)->sc_rxbuflock, __rxbuflockflags);
-@@ -733,6 +749,8 @@
- #define       ATH_RXBUF_UNLOCK_IRQ_EARLY(_sc)         \
-       spin_unlock_irqrestore(&(_sc)->sc_rxbuflock, __rxbuflockflags);
+@@ -714,6 +718,8 @@
+ #define       ATH_TXBUF_LOCK_ASSERT(_sc) \
+       KASSERT(spin_is_locked(&(_sc)->sc_txbuflock), ("txbuf not locked!"))
  
 +#define ATH_DISABLE_INTR              local_irq_disable
 +#define ATH_ENABLE_INTR               local_irq_enable
  
- /* Protects the device from concurrent accesses */
- #define       ATH_LOCK_INIT(_sc)              init_MUTEX(&(_sc)->sc_lock)
-Only in madwifi.dev/ath: if_athvar.h.orig
-diff -ur madwifi.old/net80211/ieee80211_beacon.c madwifi.dev/net80211/ieee80211_beacon.c
---- madwifi.old/net80211/ieee80211_beacon.c    2007-05-31 06:48:28.555526400 +0200
-+++ madwifi.dev/net80211/ieee80211_beacon.c    2007-05-31 06:48:57.847073408 +0200
-@@ -286,7 +286,7 @@
-       int len_changed = 0;
-       u_int16_t capinfo;
--      IEEE80211_LOCK(ic);
-+      IEEE80211_BEACON_LOCK(ic);
-       if ((ic->ic_flags & IEEE80211_F_DOTH) &&
-           (vap->iv_flags & IEEE80211_F_CHANSWITCH) &&
-@@ -547,7 +547,7 @@
-               vap->iv_flags_ext &= ~IEEE80211_FEXT_APPIE_UPDATE;
-       }
--      IEEE80211_UNLOCK(ic);
-+      IEEE80211_BEACON_UNLOCK(ic);
-       return len_changed;
- }
+ #define       ATH_RXBUF_LOCK_INIT(_sc)        spin_lock_init(&(_sc)->sc_rxbuflock)
+ #define       ATH_RXBUF_LOCK_DESTROY(_sc)
 diff -ur madwifi.old/net80211/ieee80211_input.c madwifi.dev/net80211/ieee80211_input.c
---- madwifi.old/net80211/ieee80211_input.c     2007-05-31 06:48:28.557526096 +0200
-+++ madwifi.dev/net80211/ieee80211_input.c     2007-05-31 06:48:57.849073104 +0200
-@@ -1169,8 +1169,9 @@
+--- madwifi.old/net80211/ieee80211_input.c     2007-06-01 11:26:04.183689560 +0200
++++ madwifi.dev/net80211/ieee80211_input.c     2007-06-01 11:31:46.931583960 +0200
+@@ -1144,8 +1144,9 @@
                if (ni->ni_vlan != 0 && vap->iv_vlgrp != NULL) {
                        /* attach vlan tag */
                        vlan_hwaccel_receive_skb(skb, vap->iv_vlgrp, ni->ni_vlan);
@@ -714,317 +314,3 @@ diff -ur madwifi.old/net80211/ieee80211_input.c madwifi.dev/net80211/ieee80211_i
                dev->last_rx = jiffies;
        }
  }
-@@ -3675,9 +3676,9 @@
-       }
-       /* Okay, take the first queued packet and put it out... */
--      IEEE80211_NODE_SAVEQ_LOCK(ni);
-+      IEEE80211_NODE_SAVEQ_LOCK_IRQ(ni);
-       IEEE80211_NODE_SAVEQ_DEQUEUE(ni, skb, qlen);
--      IEEE80211_NODE_SAVEQ_UNLOCK(ni);
-+      IEEE80211_NODE_SAVEQ_UNLOCK_IRQ(ni);
-       if (skb == NULL) {
-               IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_POWER, wh->i_addr2,
-                       "%s", "recv ps-poll, but queue empty");
-Only in madwifi.dev/net80211: ieee80211_input.c.orig
-diff -ur madwifi.old/net80211/ieee80211_linux.h madwifi.dev/net80211/ieee80211_linux.h
---- madwifi.old/net80211/ieee80211_linux.h     2007-05-24 19:31:37.000000000 +0200
-+++ madwifi.dev/net80211/ieee80211_linux.h     2007-05-31 06:48:57.849073104 +0200
-@@ -31,6 +31,10 @@
- #include <linux/wireless.h>
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
-+#define irqs_disabled()                       0
-+#endif
-+
- /*
-  * Task deferral
-  *
-@@ -86,8 +90,12 @@
- } while (0)
- #define       IEEE80211_UNLOCK_IRQ_EARLY(_ic)                                 \
-       spin_unlock_irqrestore(&(_ic)->ic_comlock, __ilockflags);
--#define IEEE80211_LOCK_BH(_ic)        spin_lock_bh(&(_ic)->ic_comlock)
--#define IEEE80211_UNLOCK_BH(_ic) spin_unlock_bh(&(_ic)->ic_comlock)
-+#define IEEE80211_LOCK_BH(_ic)        \
-+      if (!irqs_disabled()) \
-+              spin_lock_bh(&(_ic)->ic_comlock)
-+#define IEEE80211_UNLOCK_BH(_ic) \
-+      if (!irqs_disabled()) \
-+              spin_unlock_bh(&(_ic)->ic_comlock)
- #define IEEE80211_LOCK(_ic)   spin_lock(&(_ic)->ic_comlock)
- #define IEEE80211_UNLOCK(_ic) spin_unlock(&(_ic)->ic_comlock)
-@@ -104,15 +112,22 @@
- #define IEEE80211_VAPS_LOCK_DESTROY(_ic)
- #define IEEE80211_VAPS_LOCK(_ic)      spin_lock(&(_ic)->ic_vapslock);
- #define IEEE80211_VAPS_UNLOCK(_ic)    spin_unlock(&(_ic)->ic_vapslock);
--#define IEEE80211_VAPS_LOCK_BH(_ic)   spin_lock_bh(&(_ic)->ic_vapslock);
--#define IEEE80211_VAPS_UNLOCK_BH(_ic) spin_unlock_bh(&(_ic)->ic_vapslock);
--#define IEEE80211_VAPS_LOCK_IRQ(_ic)  do {    \
--      int _vaps_lockflags;                    \
--      spin_lock_irqsave(&(_ic)->ic_vapslock, _vaps_lockflags);
--#define IEEE80211_VAPS_UNLOCK_IRQ(_ic)        \
--      spin_unlock_irqrestore(&(_ic)->ic_vapslock, _vaps_lockflags); \
--} while (0)
--#define IEEE80211_VAPS_UNLOCK_IRQ_EARLY(_ic)  spin_unlock_irqrestore(&(_ic)->ic_vapslock, _vaps_lockflags)
-+#define IEEE80211_VAPS_LOCK_BH(_ic) \
-+      if (!irqs_disabled()) \
-+              spin_lock_bh(&(_ic)->ic_vapslock);
-+#define IEEE80211_VAPS_UNLOCK_BH(_ic) \
-+      if (!irqs_disabled()) \
-+              spin_unlock_bh(&(_ic)->ic_vapslock);
-+#define IEEE80211_VAPS_LOCK_IRQ(_ic) do {                             \
-+      unsigned long __vlockflags=0;                           \
-+      unsigned int __vlocked=0;                               \
-+      __vlocked=spin_is_locked(&(_ic)->ic_vapslock);          \
-+      if(!__vlocked) spin_lock_irqsave(&(_ic)->ic_vapslock, __vlockflags);
-+#define IEEE80211_VAPS_UNLOCK_IRQ(_ic)                                        \
-+      if(!__vlocked) spin_unlock_irqrestore(&(_ic)->ic_vapslock, __vlockflags);       \
-+} while (0);
-+#define IEEE80211_VAPS_UNLOCK_IRQ_EARLY(_ic) \
-+      if (!__vlocked) spin_unlock_irqrestore(&(_ic)->ic_vapslock, _vaps_lockflags)
- #if (defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK)) && defined(spin_is_locked)
- #define IEEE80211_VAPS_LOCK_ASSERT(_ic) \
-@@ -122,6 +137,11 @@
- #define IEEE80211_VAPS_LOCK_ASSERT(_ic)
- #endif
-+/*
-+ * Beacon locking definitions; piggyback on com lock.
-+ */
-+#define       IEEE80211_BEACON_LOCK(_ic)         IEEE80211_LOCK_IRQ(_ic)
-+#define       IEEE80211_BEACON_UNLOCK(_ic)       IEEE80211_UNLOCK_IRQ(_ic)
- /*
-  * Node locking definitions.
-@@ -191,8 +211,12 @@
- typedef spinlock_t ieee80211_scan_lock_t;
- #define       IEEE80211_SCAN_LOCK_INIT(_nt, _name) spin_lock_init(&(_nt)->nt_scanlock)
- #define       IEEE80211_SCAN_LOCK_DESTROY(_nt)
--#define       IEEE80211_SCAN_LOCK_BH(_nt)     spin_lock_bh(&(_nt)->nt_scanlock)
--#define       IEEE80211_SCAN_UNLOCK_BH(_nt)   spin_unlock_bh(&(_nt)->nt_scanlock)
-+#define       IEEE80211_SCAN_LOCK_BH(_nt) \
-+      if (!irqs_disabled()) \
-+              spin_lock_bh(&(_nt)->nt_scanlock)
-+#define       IEEE80211_SCAN_UNLOCK_BH(_nt) \
-+      if (!irqs_disabled()) \
-+              spin_unlock_bh(&(_nt)->nt_scanlock)
- #define       IEEE80211_SCAN_LOCK_IRQ(_nt)    do {    \
-       unsigned long __scan_lockflags;         \
-       spin_lock_irqsave(&(_nt)->nt_scanlock, __scan_lockflags);
-@@ -217,8 +241,12 @@
- #define       ACL_LOCK_DESTROY(_as)
- #define       ACL_LOCK(_as)                   spin_lock(&(_as)->as_lock)
- #define       ACL_UNLOCK(_as)                 spin_unlock(&(_as)->as_lock)
--#define       ACL_LOCK_BH(_as)                spin_lock_bh(&(_as)->as_lock)
--#define       ACL_UNLOCK_BH(_as)              spin_unlock_bh(&(_as)->as_lock)
-+#define       ACL_LOCK_BH(_as) \
-+      if (!irqs_disabled()) \
-+              spin_lock_bh(&(_as)->as_lock)
-+#define       ACL_UNLOCK_BH(_as) \
-+      if (!irqs_disabled()) \
-+              spin_unlock_bh(&(_as)->as_lock)
- #if (defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK)) && defined(spin_is_locked)
- #define       ACL_LOCK_ASSERT(_as) \
-diff -ur madwifi.old/net80211/ieee80211_node.c madwifi.dev/net80211/ieee80211_node.c
---- madwifi.old/net80211/ieee80211_node.c      2007-05-31 06:48:28.558525944 +0200
-+++ madwifi.dev/net80211/ieee80211_node.c      2007-05-31 06:48:57.868070216 +0200
-@@ -1584,7 +1584,7 @@
-       struct ieee80211_node *ni;
-       u_int gen;
--      IEEE80211_SCAN_LOCK_IRQ(nt);
-+      IEEE80211_SCAN_LOCK_BH(nt);
-       gen = ++nt->nt_scangen;
-       
- restart:
-@@ -1604,7 +1604,7 @@
-       }
-       IEEE80211_NODE_TABLE_UNLOCK_IRQ(nt);
--      IEEE80211_SCAN_UNLOCK_IRQ(nt);
-+      IEEE80211_SCAN_UNLOCK_BH(nt);
- }
- EXPORT_SYMBOL(ieee80211_iterate_dev_nodes);
-Only in madwifi.dev/net80211: ieee80211_node.c.orig
-diff -ur madwifi.old/net80211/ieee80211_power.c madwifi.dev/net80211/ieee80211_power.c
---- madwifi.old/net80211/ieee80211_power.c     2007-05-24 19:31:37.000000000 +0200
-+++ madwifi.dev/net80211/ieee80211_power.c     2007-05-31 06:48:57.868070216 +0200
-@@ -147,7 +147,7 @@
- #endif
-               struct sk_buff *skb;
--              IEEE80211_NODE_SAVEQ_LOCK(ni);
-+              IEEE80211_NODE_SAVEQ_LOCK_IRQ(ni);
-               while ((skb = skb_peek(&ni->ni_savedq)) != NULL &&
-                    M_AGE_GET(skb) < IEEE80211_INACT_WAIT) {
-                       IEEE80211_NOTE(vap, IEEE80211_MSG_POWER, ni,
-@@ -159,7 +159,7 @@
-               }
-               if (skb != NULL)
-                       M_AGE_SUB(skb, IEEE80211_INACT_WAIT);
--              IEEE80211_NODE_SAVEQ_UNLOCK(ni);
-+              IEEE80211_NODE_SAVEQ_UNLOCK_IRQ(ni);
-               IEEE80211_NOTE(vap, IEEE80211_MSG_POWER, ni,
-                       "discard %u frames for age", discard);
-@@ -185,7 +185,7 @@
-       KASSERT(aid < vap->iv_max_aid,
-               ("bogus aid %u, max %u", aid, vap->iv_max_aid));
--      IEEE80211_LOCK(ni->ni_ic);
-+      IEEE80211_BEACON_LOCK(ni->ni_ic);
-       if (set != (isset(vap->iv_tim_bitmap, aid) != 0)) {
-               if (set) {
-                       setbit(vap->iv_tim_bitmap, aid);
-@@ -196,7 +196,7 @@
-               }
-               vap->iv_flags |= IEEE80211_F_TIMUPDATE;
-       }
--      IEEE80211_UNLOCK(ni->ni_ic);
-+      IEEE80211_BEACON_UNLOCK(ni->ni_ic);
- }
- /*
-@@ -295,9 +295,9 @@
-                       struct sk_buff *skb;
-                       int qlen;
--                      IEEE80211_NODE_SAVEQ_LOCK(ni);
-+                      IEEE80211_NODE_SAVEQ_LOCK_IRQ(ni);
-                       IEEE80211_NODE_SAVEQ_DEQUEUE(ni, skb, qlen);
--                      IEEE80211_NODE_SAVEQ_UNLOCK(ni);
-+                      IEEE80211_NODE_SAVEQ_UNLOCK_IRQ(ni);
-                       if (skb == NULL)
-                               break;
-                       /* 
-@@ -362,9 +362,9 @@
-                       for (;;) {
-                               struct sk_buff *skb;
--                              IEEE80211_NODE_SAVEQ_LOCK(ni);
-+                              IEEE80211_NODE_SAVEQ_LOCK_IRQ(ni);
-                               skb = __skb_dequeue(&ni->ni_savedq);
--                              IEEE80211_NODE_SAVEQ_UNLOCK(ni);
-+                              IEEE80211_NODE_SAVEQ_UNLOCK_IRQ(ni);
-                               if (skb == NULL)
-                                       break;
-                               ieee80211_parent_queue_xmit(skb);
-diff -ur madwifi.old/net80211/ieee80211_proto.c madwifi.dev/net80211/ieee80211_proto.c
---- madwifi.old/net80211/ieee80211_proto.c     2007-05-31 06:48:28.564525032 +0200
-+++ madwifi.dev/net80211/ieee80211_proto.c     2007-05-31 06:48:57.869070064 +0200
-@@ -635,9 +635,9 @@
- {
-       struct ieee80211com *ic = vap->iv_ic;
--      IEEE80211_LOCK(ic);
-+      IEEE80211_BEACON_LOCK(ic);
-       ieee80211_wme_initparams_locked(vap);
--      IEEE80211_UNLOCK(ic);
-+      IEEE80211_BEACON_UNLOCK(ic);
- }
- void
-@@ -920,9 +920,9 @@
-       struct ieee80211com *ic = vap->iv_ic;
-       if (ic->ic_caps & IEEE80211_C_WME) {
--              IEEE80211_LOCK(ic);
-+              IEEE80211_BEACON_LOCK(ic);
-               ieee80211_wme_updateparams_locked(vap);
--              IEEE80211_UNLOCK(ic);
-+              IEEE80211_BEACON_UNLOCK(ic);
-       }
- }
-diff -ur madwifi.old/net80211/ieee80211_scan_sta.c madwifi.dev/net80211/ieee80211_scan_sta.c
---- madwifi.old/net80211/ieee80211_scan_sta.c  2007-05-21 17:53:39.000000000 +0200
-+++ madwifi.dev/net80211/ieee80211_scan_sta.c  2007-05-31 06:48:57.870069912 +0200
-@@ -163,9 +163,11 @@
- {
-       struct sta_table *st = ss->ss_priv;
--      spin_lock(&st->st_lock);
-+      if (!irqs_disabled())
-+              spin_lock_bh(&st->st_lock);
-       sta_flush_table(st);
--      spin_unlock(&st->st_lock);
-+      if (!irqs_disabled())
-+              spin_unlock_bh(&st->st_lock);
-       ss->ss_last = 0;
-       return 0;
- }
-@@ -215,7 +217,8 @@
-       int hash;
-       hash = STA_HASH(macaddr);
--      spin_lock(&st->st_lock);  
-+      if (!irqs_disabled())
-+              spin_lock_bh(&st->st_lock);  
-       LIST_FOREACH(se, &st->st_hash[hash], se_hash)
-               if (IEEE80211_ADDR_EQ(se->base.se_macaddr, macaddr) &&
-                   sp->ssid[1] == se->base.se_ssid[1] && 
-@@ -225,7 +228,7 @@
-       MALLOC(se, struct sta_entry *, sizeof(struct sta_entry),
-               M_80211_SCAN, M_NOWAIT | M_ZERO);
-       if (se == NULL) {
--              spin_unlock(&st->st_lock);
-+              spin_unlock_bh(&st->st_lock);
-               return 0;
-       }
-       se->se_scangen = st->st_scangen-1;
-@@ -287,7 +290,8 @@
-       se->se_seen = 1;
-       se->se_notseen = 0;
--      spin_unlock(&st->st_lock);
-+      if (!irqs_disabled())
-+              spin_unlock_bh(&st->st_lock);
-       /*
-        * If looking for a quick choice and nothing's
-@@ -1063,7 +1067,8 @@
-       u_int gen;
-       int res = 0;
--      spin_lock(&st->st_scanlock);
-+      if (!irqs_disabled())
-+              spin_lock_bh(&st->st_scanlock);
-       gen = st->st_scangen++;
- restart:
-       spin_lock(&st->st_lock);
-@@ -1086,7 +1091,8 @@
-       spin_unlock(&st->st_lock);
-  done:
--      spin_unlock(&st->st_scanlock);
-+      if (!irqs_disabled())
-+              spin_unlock_bh(&st->st_scanlock);
-       return res;
- }
-@@ -1235,7 +1241,8 @@
-       bestchan = NULL;
-       bestrssi = -1;
--      spin_lock(&st->st_lock);
-+      if (!irqs_disabled())
-+              spin_lock_bh(&st->st_lock);
-       for (i = 0; i < ss->ss_last; i++) {
-               c = ss->ss_chans[i];
-               maxrssi = 0;
-@@ -1248,7 +1255,8 @@
-               if (bestchan == NULL || maxrssi < bestrssi)
-                       bestchan = c;
-       }
--      spin_unlock(&st->st_lock);
-+      if (!irqs_disabled())
-+              spin_unlock_bh(&st->st_lock);
-       return bestchan;
- }
index cbe98e0ca937e67c4df69898e29f20f9b11c444c..4193821877ab8fded3d2b0c1426c63a8025b6068 100644 (file)
@@ -15,7 +15,7 @@ diff -urN madwifi-ng-r2377-20070526.old/ath/if_ath.c madwifi-ng-r2377-20070526.d
 diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_input.c madwifi-ng-r2377-20070526.dev/net80211/ieee80211_input.c
 --- madwifi-ng-r2377-20070526.old/net80211/ieee80211_input.c   2007-05-26 18:51:09.429654016 +0200
 +++ madwifi-ng-r2377-20070526.dev/net80211/ieee80211_input.c   2007-05-26 18:51:09.443651888 +0200
-@@ -343,11 +343,12 @@
+@@ -321,11 +321,12 @@
                                bssid = wh->i_addr3;
                        }
                        /*
@@ -30,7 +30,7 @@ diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_input.c madwifi-ng-r2
                                /*
                                 * allow MGT frames to vap->iv_xrvap.
                                 * this will allow roaming between  XR and normal vaps
-@@ -366,7 +367,8 @@
+@@ -344,7 +345,8 @@
                        }
  #else
                        if (!IEEE80211_ADDR_EQ(bssid, vap->iv_bss->ni_bssid) &&
@@ -40,7 +40,7 @@ diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_input.c madwifi-ng-r2
                                /* not interested in */
                                IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_INPUT,
                                        bssid, NULL, "%s", "not to bss");
-@@ -2593,7 +2595,7 @@
+@@ -2555,7 +2557,7 @@
        u_int8_t *frm, *efrm;
        u_int8_t *ssid, *rates, *xrates, *wpa, *rsn, *wme, *ath;
        u_int8_t rate;
@@ -49,13 +49,13 @@ diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_input.c madwifi-ng-r2
        u_int8_t qosinfo;
  
        wh = (struct ieee80211_frame *) skb->data;
-@@ -2615,11 +2617,15 @@
+@@ -2577,11 +2579,15 @@
                 *    o station mode when associated (to collect state
                 *      updates such as 802.11g slot time), or
                 *    o adhoc mode (to discover neighbors)
 +               *    o ap mode in protection mode (beacons only)
                 * Frames otherwise received are discarded.
-                */ 
+                */
                if (!((ic->ic_flags & IEEE80211_F_SCAN) ||
                    (vap->iv_opmode == IEEE80211_M_STA && ni->ni_associd) ||
 -                  vap->iv_opmode == IEEE80211_M_IBSS)) {
@@ -66,7 +66,7 @@ diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_input.c madwifi-ng-r2
                        vap->iv_stats.is_rx_mgtdiscard++;
                        return;
                }
-@@ -2702,6 +2708,7 @@
+@@ -2664,6 +2670,7 @@
                                        break;
                                }
                                scan.erp = frm[2];
@@ -74,16 +74,7 @@ diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_input.c madwifi-ng-r2
                                break;
                        case IEEE80211_ELEMID_RSN:
                                scan.rsn = frm;
-@@ -2855,7 +2862,7 @@
-                           vap->iv_flags_ext & IEEE80211_FEXT_SWBMISS) {
-                               mod_timer(&vap->iv_swbmiss, jiffies + vap->iv_swbmiss_period);
-                       }
--                      
-+
-                       /*
-                        * If scanning, pass the info to the scan module.
-                        * Otherwise, check if it's the right time to do
-@@ -2877,6 +2884,20 @@
+@@ -2839,6 +2846,20 @@
                                ieee80211_bg_scan(vap);
                        return;
                }
@@ -170,3 +161,4 @@ diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_var.h madwifi-ng-r237
  
  /* Key update synchronization methods.  XXX should not be visible. */
  static __inline void
+
index f0c85d198ae61f4dbb3b1c7996c91ebc402277b9..8355c275dc86a51066eea007c06341b4c80d9822 100644 (file)
@@ -1,7 +1,7 @@
-diff -urN madwifi-ng-r2377-20070526.old/ath/if_ath.c madwifi-ng-r2377-20070526.dev/ath/if_ath.c
---- madwifi-ng-r2377-20070526.old/ath/if_ath.c 2007-05-26 18:51:09.532638360 +0200
-+++ madwifi-ng-r2377-20070526.dev/ath/if_ath.c 2007-05-26 18:51:09.544636536 +0200
-@@ -5609,6 +5609,7 @@
+diff -ur madwifi.old/ath/if_ath.c madwifi.dev/ath/if_ath.c
+--- madwifi.old/ath/if_ath.c   2007-06-01 11:39:53.078678000 +0200
++++ madwifi.dev/ath/if_ath.c   2007-06-01 11:50:32.819422992 +0200
+@@ -5604,6 +5604,7 @@
        u_int phyerr;
        u_int processed = 0, early_stop = 0;
        u_int rx_limit = dev->quota;
@@ -9,7 +9,7 @@ diff -urN madwifi-ng-r2377-20070526.old/ath/if_ath.c madwifi-ng-r2377-20070526.d
  
        /* Let the 802.11 layer know about the new noise floor */
        sc->sc_channoise = ath_hal_get_channel_noise(ah, &(sc->sc_curchan));
-@@ -5703,31 +5704,16 @@
+@@ -5698,25 +5699,7 @@
                        }
                        if (rs->rs_status & HAL_RXERR_MIC) {
                                sc->sc_stats.ast_rx_badmic++;
@@ -36,19 +36,20 @@ diff -urN madwifi-ng-r2377-20070526.old/ath/if_ath.c madwifi-ng-r2377-20070526.d
                        }
                        /*
                         * Reject error frames if we have no vaps that 
-                        * are operating in monitor mode.
-                        */
--                      if(sc->sc_nmonvaps == 0) goto rx_next;
-+                      if ((rs->rs_status & ~HAL_RXERR_MIC) &&
-+                              ((rs->rs_status &~ HAL_RXERR_DECRYPT) ||
-+                           (sc->sc_ic.ic_opmode != IEEE80211_M_MONITOR)))
-+                                      goto rx_next;
-               }
- rx_accept:
+@@ -5774,8 +5757,9 @@
                /*
-@@ -5811,6 +5797,20 @@
+                * Finished monitor mode handling, now reject
+                * error frames before passing to other vaps
++               * Ignore MIC failures here, as we need to recheck them
+                */
+-              if (rs->rs_status != 0) {
++              if (rs->rs_status & ~(HAL_RXERR_MIC | HAL_RXERR_DECRYPT)) {
+                       dev_kfree_skb(skb);
+                       skb = NULL;
+                       goto rx_next;
+@@ -5806,6 +5790,20 @@
+                                  sc->sc_hwmap[rs->rs_rate].ieeerate,
                                   rs->rs_rssi);
-               }
  
 +              /* MIC failure. Drop the packet in any case */
 +              if (mic_fail) {
@@ -67,9 +68,9 @@ diff -urN madwifi-ng-r2377-20070526.old/ath/if_ath.c madwifi-ng-r2377-20070526.d
                /*
                 * Locate the node for sender, track state, and then
                 * pass the (referenced) node up to the 802.11 layer
-diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_crypto_ccmp.c madwifi-ng-r2377-20070526.dev/net80211/ieee80211_crypto_ccmp.c
---- madwifi-ng-r2377-20070526.old/net80211/ieee80211_crypto_ccmp.c     2007-05-17 00:13:10.000000000 +0200
-+++ madwifi-ng-r2377-20070526.dev/net80211/ieee80211_crypto_ccmp.c     2007-05-26 18:51:09.545636384 +0200
+diff -ur madwifi.old/net80211/ieee80211_crypto_ccmp.c madwifi.dev/net80211/ieee80211_crypto_ccmp.c
+--- madwifi.old/net80211/ieee80211_crypto_ccmp.c       2007-05-30 03:41:18.000000000 +0200
++++ madwifi.dev/net80211/ieee80211_crypto_ccmp.c       2007-06-01 11:45:05.000259080 +0200
 @@ -78,7 +78,7 @@
  static int ccmp_encap(struct ieee80211_key *, struct sk_buff *, u_int8_t);
  static int ccmp_decap(struct ieee80211_key *, struct sk_buff *, int);
@@ -88,9 +89,9 @@ diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_crypto_ccmp.c madwifi
  {
        return 1;
  }
-diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_crypto.h madwifi-ng-r2377-20070526.dev/net80211/ieee80211_crypto.h
---- madwifi-ng-r2377-20070526.old/net80211/ieee80211_crypto.h  2007-04-16 14:32:29.000000000 +0200
-+++ madwifi-ng-r2377-20070526.dev/net80211/ieee80211_crypto.h  2007-05-26 18:51:09.545636384 +0200
+diff -ur madwifi.old/net80211/ieee80211_crypto.h madwifi.dev/net80211/ieee80211_crypto.h
+--- madwifi.old/net80211/ieee80211_crypto.h    2007-04-16 14:32:29.000000000 +0200
++++ madwifi.dev/net80211/ieee80211_crypto.h    2007-06-01 11:45:05.000259080 +0200
 @@ -145,7 +145,7 @@
        int (*ic_encap)(struct ieee80211_key *, struct sk_buff *, u_int8_t);
        int (*ic_decap)(struct ieee80211_key *, struct sk_buff *, int);
@@ -113,9 +114,9 @@ diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_crypto.h madwifi-ng-r
  }
  
  /*
-diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_crypto_none.c madwifi-ng-r2377-20070526.dev/net80211/ieee80211_crypto_none.c
---- madwifi-ng-r2377-20070526.old/net80211/ieee80211_crypto_none.c     2006-09-20 10:45:13.000000000 +0200
-+++ madwifi-ng-r2377-20070526.dev/net80211/ieee80211_crypto_none.c     2007-05-26 18:51:09.545636384 +0200
+diff -ur madwifi.old/net80211/ieee80211_crypto_none.c madwifi.dev/net80211/ieee80211_crypto_none.c
+--- madwifi.old/net80211/ieee80211_crypto_none.c       2006-09-20 10:45:13.000000000 +0200
++++ madwifi.dev/net80211/ieee80211_crypto_none.c       2007-06-01 11:45:05.000259080 +0200
 @@ -52,7 +52,7 @@
  static int none_encap(struct ieee80211_key *, struct sk_buff *, u_int8_t);
  static int none_decap(struct ieee80211_key *, struct sk_buff *, int);
@@ -134,9 +135,9 @@ diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_crypto_none.c madwifi
  {
        struct ieee80211vap *vap = k->wk_private;
  
-diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_crypto_tkip.c madwifi-ng-r2377-20070526.dev/net80211/ieee80211_crypto_tkip.c
---- madwifi-ng-r2377-20070526.old/net80211/ieee80211_crypto_tkip.c     2007-05-17 00:13:10.000000000 +0200
-+++ madwifi-ng-r2377-20070526.dev/net80211/ieee80211_crypto_tkip.c     2007-05-26 18:51:09.546636232 +0200
+diff -ur madwifi.old/net80211/ieee80211_crypto_tkip.c madwifi.dev/net80211/ieee80211_crypto_tkip.c
+--- madwifi.old/net80211/ieee80211_crypto_tkip.c       2007-05-30 03:41:18.000000000 +0200
++++ madwifi.dev/net80211/ieee80211_crypto_tkip.c       2007-06-01 11:45:05.001258928 +0200
 @@ -57,7 +57,7 @@
  static int tkip_encap(struct ieee80211_key *, struct sk_buff *, u_int8_t);
  static int tkip_enmic(struct ieee80211_key *, struct sk_buff *, int);
@@ -164,9 +165,9 @@ diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_crypto_tkip.c madwifi
                struct ieee80211vap *vap = ctx->tc_vap;
                u8 mic[IEEE80211_WEP_MICLEN];
                u8 mic0[IEEE80211_WEP_MICLEN];
-diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_crypto_wep.c madwifi-ng-r2377-20070526.dev/net80211/ieee80211_crypto_wep.c
---- madwifi-ng-r2377-20070526.old/net80211/ieee80211_crypto_wep.c      2006-09-20 10:45:13.000000000 +0200
-+++ madwifi-ng-r2377-20070526.dev/net80211/ieee80211_crypto_wep.c      2007-05-26 18:51:09.547636080 +0200
+diff -ur madwifi.old/net80211/ieee80211_crypto_wep.c madwifi.dev/net80211/ieee80211_crypto_wep.c
+--- madwifi.old/net80211/ieee80211_crypto_wep.c        2007-05-29 23:55:25.000000000 +0200
++++ madwifi.dev/net80211/ieee80211_crypto_wep.c        2007-06-01 11:45:05.001258928 +0200
 @@ -54,7 +54,7 @@
  static int wep_encap(struct ieee80211_key *, struct sk_buff *, u_int8_t);
  static int wep_decap(struct ieee80211_key *, struct sk_buff *, int);
@@ -185,10 +186,10 @@ diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_crypto_wep.c madwifi-
  {
        return 1;
  }
-diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_input.c madwifi-ng-r2377-20070526.dev/net80211/ieee80211_input.c
---- madwifi-ng-r2377-20070526.old/net80211/ieee80211_input.c   2007-05-26 18:51:09.534638056 +0200
-+++ madwifi-ng-r2377-20070526.dev/net80211/ieee80211_input.c   2007-05-26 18:51:09.548635928 +0200
-@@ -654,7 +654,7 @@
+diff -ur madwifi.old/net80211/ieee80211_input.c madwifi.dev/net80211/ieee80211_input.c
+--- madwifi.old/net80211/ieee80211_input.c     2007-06-01 11:31:46.931583000 +0200
++++ madwifi.dev/net80211/ieee80211_input.c     2007-06-01 11:45:05.003258624 +0200
+@@ -632,7 +632,7 @@
                 * Next strip any MSDU crypto bits.
                 */
                if (key != NULL &&
@@ -197,7 +198,7 @@ diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_input.c madwifi-ng-r2
                        IEEE80211_DISCARD_MAC(vap, IEEE80211_MSG_INPUT,
                                ni->ni_macaddr, "data", "%s", "demic error");
                        IEEE80211_NODE_STAT(ni, rx_demicfail);
-@@ -3789,6 +3789,47 @@
+@@ -3744,6 +3744,47 @@
  }
  #endif
  
@@ -245,9 +246,9 @@ diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_input.c madwifi-ng-r2
  #ifdef IEEE80211_DEBUG
  /*
   * Debugging support.
-diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_linux.c madwifi-ng-r2377-20070526.dev/net80211/ieee80211_linux.c
---- madwifi-ng-r2377-20070526.old/net80211/ieee80211_linux.c   2007-05-21 17:53:39.000000000 +0200
-+++ madwifi-ng-r2377-20070526.dev/net80211/ieee80211_linux.c   2007-05-26 18:51:09.549635776 +0200
+diff -ur madwifi.old/net80211/ieee80211_linux.c madwifi.dev/net80211/ieee80211_linux.c
+--- madwifi.old/net80211/ieee80211_linux.c     2007-05-30 03:41:18.000000000 +0200
++++ madwifi.dev/net80211/ieee80211_linux.c     2007-06-01 11:45:05.003258624 +0200
 @@ -311,8 +311,8 @@
  
        /* TODO: needed parameters: count, keyid, key type, src address, TSC */
@@ -259,9 +260,9 @@ diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_linux.c madwifi-ng-r2
        memset(&wrqu, 0, sizeof(wrqu));
        wrqu.data.length = strlen(buf);
        wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf);
-diff -urN madwifi-ng-r2377-20070526.old/net80211/ieee80211_proto.h madwifi-ng-r2377-20070526.dev/net80211/ieee80211_proto.h
---- madwifi-ng-r2377-20070526.old/net80211/ieee80211_proto.h   2007-05-26 18:51:09.321670432 +0200
-+++ madwifi-ng-r2377-20070526.dev/net80211/ieee80211_proto.h   2007-05-26 18:51:09.549635776 +0200
+diff -ur madwifi.old/net80211/ieee80211_proto.h madwifi.dev/net80211/ieee80211_proto.h
+--- madwifi.old/net80211/ieee80211_proto.h     2007-06-01 11:26:04.172691000 +0200
++++ madwifi.dev/net80211/ieee80211_proto.h     2007-06-01 11:45:05.004258472 +0200
 @@ -91,6 +91,7 @@
  void ieee80211_set11gbasicrates(struct ieee80211_rateset *, enum ieee80211_phymode);
  enum ieee80211_phymode ieee80211_get11gbasicrates(struct ieee80211_rateset *);