Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211

	clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state);

	ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED);

	if (sdata->wdev.cac_started) {

		cancel_delayed_work_sync(&sdata->dfs_cac_timer_work);

		cfg80211_cac_event(sdata->dev, NL80211_RADAR_CAC_ABORTED,

				   GFP_KERNEL);

	}

	drv_stop_ap(sdata->local, sdata);

	/* free all potentially still buffered bcast frames */

	ieee80211_tx_skb_tid(sdata, skb, 7);

}

u32 ieee802_11_parse_elems_crc(u8 *start, size_t len, bool action,

u32 ieee802_11_parse_elems_crc(const u8 *start, size_t len, bool action,

			       struct ieee802_11_elems *elems,

			       u64 filter, u32 crc);

static inline void ieee802_11_parse_elems(u8 *start, size_t len, bool action,

static inline void ieee802_11_parse_elems(const u8 *start, size_t len,

					  bool action,

					  struct ieee802_11_elems *elems)

{

	ieee802_11_parse_elems_crc(start, len, action, elems, 0, 0);

	u16 capab_info, aid;

	struct ieee802_11_elems elems;

	struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf;

	const struct cfg80211_bss_ies *bss_ies = NULL;

	struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data;

	u32 changed = 0;

	int err;

	bool ret;

	/* AssocResp and ReassocResp have identical structure */

	ifmgd->aid = aid;

	/*

	 * Some APs are erroneously not including some information in their

	 * (re)association response frames. Try to recover by using the data

	 * from the beacon or probe response. This seems to afflict mobile

	 * 2G/3G/4G wifi routers, reported models include the "Onda PN51T",

	 * "Vodafone PocketWiFi 2", "ZTE MF60" and a similar T-Mobile device.

	 */

	if ((assoc_data->wmm && !elems.wmm_param) ||

	    (!(ifmgd->flags & IEEE80211_STA_DISABLE_HT) &&

	     (!elems.ht_cap_elem || !elems.ht_operation)) ||

	    (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT) &&

	     (!elems.vht_cap_elem || !elems.vht_operation))) {

		const struct cfg80211_bss_ies *ies;

		struct ieee802_11_elems bss_elems;

		rcu_read_lock();

		ies = rcu_dereference(cbss->ies);

		if (ies)

			bss_ies = kmemdup(ies, sizeof(*ies) + ies->len,

					  GFP_ATOMIC);

		rcu_read_unlock();

		if (!bss_ies)

			return false;

		ieee802_11_parse_elems(bss_ies->data, bss_ies->len,

				       false, &bss_elems);

		if (assoc_data->wmm &&

		    !elems.wmm_param && bss_elems.wmm_param) {

			elems.wmm_param = bss_elems.wmm_param;

			sdata_info(sdata,

				   "AP bug: WMM param missing from AssocResp\n");

		}

		/*

		 * Also check if we requested HT/VHT, otherwise the AP doesn't

		 * have to include the IEs in the (re)association response.

		 */

		if (!elems.ht_cap_elem && bss_elems.ht_cap_elem &&

		    !(ifmgd->flags & IEEE80211_STA_DISABLE_HT)) {

			elems.ht_cap_elem = bss_elems.ht_cap_elem;

			sdata_info(sdata,

				   "AP bug: HT capability missing from AssocResp\n");

		}

		if (!elems.ht_operation && bss_elems.ht_operation &&

		    !(ifmgd->flags & IEEE80211_STA_DISABLE_HT)) {

			elems.ht_operation = bss_elems.ht_operation;

			sdata_info(sdata,

				   "AP bug: HT operation missing from AssocResp\n");

		}

		if (!elems.vht_cap_elem && bss_elems.vht_cap_elem &&

		    !(ifmgd->flags & IEEE80211_STA_DISABLE_VHT)) {

			elems.vht_cap_elem = bss_elems.vht_cap_elem;

			sdata_info(sdata,

				   "AP bug: VHT capa missing from AssocResp\n");

		}

		if (!elems.vht_operation && bss_elems.vht_operation &&

		    !(ifmgd->flags & IEEE80211_STA_DISABLE_VHT)) {

			elems.vht_operation = bss_elems.vht_operation;

			sdata_info(sdata,

				   "AP bug: VHT operation missing from AssocResp\n");

		}

	}

	/*

	 * We previously checked these in the beacon/probe response, so

	 * they should be present here. This is just a safety net.

	if (!(ifmgd->flags & IEEE80211_STA_DISABLE_HT) &&

	    (!elems.wmm_param || !elems.ht_cap_elem || !elems.ht_operation)) {

		sdata_info(sdata,

			   "HT AP is missing WMM params or HT capability/operation in AssocResp\n");

		return false;

			   "HT AP is missing WMM params or HT capability/operation\n");

		ret = false;

		goto out;

	}

	if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT) &&

	    (!elems.vht_cap_elem || !elems.vht_operation)) {

		sdata_info(sdata,

			   "VHT AP is missing VHT capability/operation in AssocResp\n");

		return false;

			   "VHT AP is missing VHT capability/operation\n");

		ret = false;

		goto out;

	}

	mutex_lock(&sdata->local->sta_mtx);

	sta = sta_info_get(sdata, cbss->bssid);

	if (WARN_ON(!sta)) {

		mutex_unlock(&sdata->local->sta_mtx);

		return false;

		ret = false;

		goto out;

	}

	sband = local->hw.wiphy->bands[ieee80211_get_sdata_band(sdata)];

			   sta->sta.addr);

		WARN_ON(__sta_info_destroy(sta));

		mutex_unlock(&sdata->local->sta_mtx);

		return false;

		ret = false;

		goto out;

	}

	mutex_unlock(&sdata->local->sta_mtx);

	ieee80211_sta_rx_notify(sdata, (struct ieee80211_hdr *)mgmt);

	ieee80211_sta_reset_beacon_monitor(sdata);

	return true;

	ret = true;

 out:

	kfree(bss_ies);

	return ret;

}

static enum rx_mgmt_action __must_check

		if (rates[i].idx < 0)

			break;

		rate_idx_match_mask(&rates[i], sband, mask, chan_width,

		rate_idx_match_mask(&rates[i], sband, chan_width, mask,

				    mcs_mask);

	}

}

}

EXPORT_SYMBOL(ieee80211_queue_delayed_work);

u32 ieee802_11_parse_elems_crc(u8 *start, size_t len, bool action,

u32 ieee802_11_parse_elems_crc(const u8 *start, size_t len, bool action,

			       struct ieee802_11_elems *elems,

			       u64 filter, u32 crc)

{

	size_t left = len;

	u8 *pos = start;

	const u8 *pos = start;

	bool calc_crc = filter != 0;

	DECLARE_BITMAP(seen_elems, 256);

	const u8 *ie;