Jouni Malinen [Sat, 24 Jan 2015 17:52:06 +0000 (19:52 +0200)]
mac80111: Add GCMP and GCMP-256 ciphers
This allows mac80211 to configure GCMP and GCMP-256 to the driver and
also use software-implementation within mac80211 when the driver does
not support this with hardware accelaration.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
[remove a spurious newline]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jouni Malinen [Sat, 24 Jan 2015 17:52:05 +0000 (19:52 +0200)]
cfg80211: Add new GCMP, CCMP-256, BIP-GMAC, BIP-CMAC-256 ciphers
This makes cfg80211 aware of the GCMP, GCMP-256, CCMP-256, BIP-GMAC-128,
BIP-GMAC-256, and BIP-CMAC-256 cipher suites. These new cipher suites
were defined in IEEE Std 802.11ac-2013.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jouni Malinen [Sat, 24 Jan 2015 17:52:04 +0000 (19:52 +0200)]
cfg80211: Fix BIP (AES-CMAC) cipher validation
This cipher can be used only as a group management frame cipher and as
such, there is no point in validating that it is not used with non-zero
key-index. Instead, verify that it is not used as a pairwise cipher
regardless of the key index.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
[change code to use switch statement which is easier to extend]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Thu, 22 Jan 2015 20:38:45 +0000 (21:38 +0100)]
ath10k: use IEEE80211_HW_SW_CRYPTO_CONTROL
The ath10k driver only supports HW crypto (except for management
frames or so - CMAC needs to be done in software). Make it use
the new IEEE80211_HW_SW_CRYPTO_CONTROL flag to ensure mac80211
doesn't erroneously attempt to use software crypto.
Taking through my tree after Kalle's ACK to avoid breaking the
ath10k driver with the next crypto patches.
Acked-by: Kalle Valo <kvalo@qca.qualcomm.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Luciano Coelho [Sat, 24 Jan 2015 08:30:02 +0000 (10:30 +0200)]
mac80211: handle potential race between suspend and scan completion
If suspend starts while ieee80211_scan_completed() is running, between
the point where SCAN_COMPLETED is set and the work is queued,
ieee80211_scan_cancel() will not catch the work and we may finish
suspending before the work is actually executed, leaving the scan
running while suspended.
To fix this race, queue the scan work during resume if the
SCAN_COMPLETED flag is set and flush it immediately.
Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Wed, 21 Jan 2015 20:09:02 +0000 (21:09 +0100)]
mac80211: support beacon statistics
For drivers without beacon filtering, support beacon statistics
entirely, i.e. report the number of beacons and average signal.
For drivers with beacon filtering, give them the number of beacons
received by mac80211 -- in case the device reports only the number
of filtered beacons then driver doesn't have to count all beacons
again as mac80211 already does.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 23 Jan 2015 12:23:48 +0000 (13:23 +0100)]
mac80211: fix per-TID RX-MSDU counter
In the case of non-QoS association, the counter was actually
wrong. The right index isn't security_idx but seqno_idx, as
security_idx will be 0 for data frames, while 16 is needed.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 23 Jan 2015 10:42:14 +0000 (11:42 +0100)]
mac80211: tdls: disentangle HT supported conditions
These conditions are rather difficult to follow, for example
because "!sta" only exists to not crash in the case that we
don't have a station pointer (WLAN_TDLS_SETUP_REQUEST) in
which the additional condition (peer supports HT) doesn't
actually matter anyway.
Cleaning this up only duplicates two lines of code but makes
the rest far easier to read, so do that.
As a side effect, smatch stops complaining about the lack of
a sta pointer test after the !sta (since the !sta goes away)
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 23 Jan 2015 10:36:54 +0000 (11:36 +0100)]
mac80211: tdls: remove shadowing variable
There's no need to use another local 'sta' variable as the
original (outer scope) one isn't needed any more and has
become invalid anyway when exiting the RCU read section.
Remove the inner scope one and along with it the useless NULL
initialization.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 23 Jan 2015 10:25:20 +0000 (11:25 +0100)]
nl80211: suppress smatch warnings
smatch warns that we once checked request->ssids in two functions
and then unconditionally used it later again.
This is actually fine, because the code has a relationship between
attrs[NL80211_ATTR_SCAN_SSIDS], n_ssids and request->ssids, but
smatch isn't smart enough to realize that.
Suppress the warnings by always checking just n_ssids - that way
smatch won't know that request->ssids could be NULL, and since it
is only NULL when n_ssids is 0 we still check everything correctly.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Bob Copeland [Thu, 22 Jan 2015 21:49:53 +0000 (16:49 -0500)]
Revert "mac80211: keep sending peer candidate events while in listen state"
This reverts commit
2ae70efcea7a695a62bb47170d3fb16674b8dbea.
The new peer events that are generated by the change are causing problems
with wpa_supplicant in userspace: wpa_s tries to restart SAE authentication
with the peer when receiving the event, even though authentication may be in
progress already, and it gets very confused.
Revert back to the original operating mode, which is to only get events when
there is no corresponding station entry.
Cc: Nishikawa, Kenzoh <Kenzoh.Nishikawa@jp.sony.com>
Cc: Masashi Honma <masashi.honma@gmail.com>
Signed-off-by: Bob Copeland <me@bobcopeland.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Luciano Coelho [Thu, 22 Jan 2015 21:34:10 +0000 (23:34 +0200)]
mac80211: complete scan work immediately if quiesced or suspended
It is possible that a deferred scan is queued after the queues are
flushed in __ieee80211_suspend(). The deferred scan work may be
scheduled by ROC or ieee80211_stop_poll().
To make sure don't start a new scan while suspending, check whether
we're quiescing or suspended and complete the scan immediately if
that's the case.
Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Emmanuel Grumbach [Thu, 22 Jan 2015 21:32:46 +0000 (23:32 +0200)]
mac80211: avoid races related to suspend flow
When we go to suspend, there is complex set of states that
avoids races. The quiescing variable is set whlie
__ieee80211_suspend is running. Then suspended is set.
The code makes sure there is no window without any of these
flags.
The problem is that workers can still be enqueued while we
are quiescing. This leads to situations where the driver is
already suspending and other flows like disassociation are
handled by a worker.
To fix this, we need to check quiescing and suspended flags
in the worker itself and not only before enqueueing it.
I also add here extensive documentation to ease the
understanding of these complex issues.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Emmanuel Grumbach [Thu, 22 Jan 2015 21:30:19 +0000 (23:30 +0200)]
mac80211: synchronize_net() before flushing the queues
When mac80211 disconnects, it drops all the packets on the
queues. This happens after the net stack has been notified
that we have no link anymore (netif_carrier_off).
netif_carrier_off ensures that no new packets are sent to
xmit() callback, but we might have older packets in the
middle of the Tx path. These packets will land in the
driver's queues after the latter have been flushed.
Synchronize_net() between netif_carrier_off and drv_flush()
will fix this.
Note that we can't call synchronize_net inside
ieee80211_flush_queues since there are flows that call
ieee80211_flush_queues and don't need synchronize_net()
which is an expensive operation.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
[reword comment to be more accurate]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Luciano Coelho [Fri, 16 Jan 2015 14:04:09 +0000 (16:04 +0200)]
nl80211: add an attribute to allow delaying the first scheduled scan cycle
The userspace may want to delay the the first scheduled scan or
net-detect cycle. Add an optional attribute to the scheduled scan
configuration to pass the delay to be (optionally) used by the driver.
Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
[add the attribute to the policy to validate it]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Lorenzo Bianconi [Wed, 14 Jan 2015 11:55:08 +0000 (12:55 +0100)]
mac80211: enable TPC through mac80211 stack
Control per packet Transmit Power Control (TPC) in lower drivers
according to TX power settings configured by the user. In particular TPC is
enabled if value passed in enum nl80211_tx_power_setting is
NL80211_TX_POWER_LIMITED (allow using less than specified from userspace),
whereas TPC is disabled if nl80211_tx_power_setting is set to
NL80211_TX_POWER_FIXED (use value configured from userspace)
Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi83@gmail.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Vadim Kochan [Mon, 12 Jan 2015 14:34:05 +0000 (16:34 +0200)]
nl80211: Allow set network namespace by fd
Added new NL80211_ATTR_NETNS_FD which allows to
set namespace via nl80211 by fd.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Thu, 22 Jan 2015 17:44:19 +0000 (18:44 +0100)]
mac80211: allow drivers to control software crypto
Some drivers unfortunately cannot support software crypto, but
mac80211 currently assumes that they do.
This has the issue that if the hardware enabling fails for some
reason, the software fallback is used, which won't work. This
clearly isn't desirable, the error should be reported and the
key setting refused.
Support this in mac80211 by allowing drivers to set a new HW
flag IEEE80211_HW_SW_CRYPTO_CONTROL, in which case mac80211 will
only allow software fallback if the set_key() method returns 1.
The driver will also need to advertise supported cipher suites
so that mac80211 doesn't advertise any (future) software ciphers
that the driver can't actually do.
While at it, to make it easier to support this, refactor the
ieee80211_init_cipher_suites() code.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Wed, 21 Jan 2015 12:52:24 +0000 (13:52 +0100)]
mac80211: fix HW registration error paths
Station info state is started in allocation, so should be
destroyed on free (it's just a timer); rate control must
be freed if anything afterwards fails to initialize.
LED exit should be later, no need for locking there, but
it needs to be done also when rate init failed.
Also clean up the code by moving a label so the locking
doesn't have to be done separately.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Emmanuel Grumbach [Mon, 19 Jan 2015 14:53:06 +0000 (16:53 +0200)]
mac80211: delete the assoc/auth timer upon suspend
While suspending, we destroy the authentication /
association that might be taking place. While doing so, we
forgot to delete the timer which can be firing after
local->suspended is already set, producing the warning below.
Fix that by deleting the timer.
[66722.825487] WARNING: CPU: 2 PID: 5612 at net/mac80211/util.c:755 ieee80211_can_queue_work.isra.18+0x32/0x40 [mac80211]()
[66722.825487] queueing ieee80211 work while going to suspend
[66722.825529] CPU: 2 PID: 5612 Comm: kworker/u16:69 Tainted: G W O 3.16.1+ #24
[66722.825537] Workqueue: events_unbound async_run_entry_fn
[66722.825545] Call Trace:
[66722.825552] <IRQ> [<
ffffffff817edbb2>] dump_stack+0x4d/0x66
[66722.825556] [<
ffffffff81075cad>] warn_slowpath_common+0x7d/0xa0
[66722.825572] [<
ffffffffa06b5b90>] ? ieee80211_sta_bcn_mon_timer+0x50/0x50 [mac80211]
[66722.825573] [<
ffffffff81075d1c>] warn_slowpath_fmt+0x4c/0x50
[66722.825586] [<
ffffffffa06977a2>] ieee80211_can_queue_work.isra.18+0x32/0x40 [mac80211]
[66722.825598] [<
ffffffffa06977d5>] ieee80211_queue_work+0x25/0x50 [mac80211]
[66722.825611] [<
ffffffffa06b5bac>] ieee80211_sta_timer+0x1c/0x20 [mac80211]
[66722.825614] [<
ffffffff8108655a>] call_timer_fn+0x8a/0x300
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 19 Jan 2015 17:49:50 +0000 (18:49 +0100)]
Revert "wireless: Support of IFLA_INFO_KIND rtnl attribute"
This reverts commit
ba1debdfed974f25aa598c283567878657b292ee.
Oliver reported that it breaks network-manager, for some reason with
this patch NM decides that the device isn't wireless but "generic"
(ethernet), sees no carrier (as expected with wifi) and fails to do
anything else with it.
Revert this to unbreak userspace.
Reported-by: Oliver Hartkopp <socketcan@hartkopp.net>
Tested-by: Oliver Hartkopp <socketcan@hartkopp.net>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 16 Jan 2015 20:05:02 +0000 (21:05 +0100)]
cfg80211: fix checking nl80211_send_station() return value
The return value from nl80211_send_station() is the length of the
skb, or a negative error, so abort sending the message only when
the return value was negative.
This fixes the ibss_rsn wpa_supplicant test case.
Reported-by: Jouni Malinen <j@w1.fi>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 16 Jan 2015 12:27:56 +0000 (13:27 +0100)]
mac80211: remove doubled semicolon
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Thu, 15 Jan 2015 15:14:02 +0000 (16:14 +0100)]
cfg80211: change bandwidth reporting to explicit field
For some reason, we made the bandwidth separate flags, which
is rather confusing - a single rate cannot have different
bandwidths at the same time.
Change this to no longer be flags but use a separate field
for the bandwidth ('bw') instead.
While at it, add support for 5 and 10 MHz rates - these are
reported as regular legacy rates with their real bitrate,
but tagged as 5/10 now to make it easier to distinguish them.
In the nl80211 API, the flags are preserved, but the code
now can also clearly only set a single one of the flags.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Thu, 15 Jan 2015 15:05:21 +0000 (16:05 +0100)]
cfg80211: remove 80+80 MHz rate reporting
These rates are treated the same as 160 MHz in the spec, so
it makes no sense to distinguish them. As no driver uses them
yet, this is also not a problem, just remove them.
In the userspace API the field remains reserved to preserve
API and ABI.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Thu, 15 Jan 2015 15:02:46 +0000 (16:02 +0100)]
mac80211: remove 80+80 MHz rate reporting
These rates are treated the same as 160 MHz in the spec,
so it makes no sense to distinguish them. As no driver
uses them yet, this is also not a problem, just remove
them.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Wed, 14 Jan 2015 12:57:36 +0000 (13:57 +0100)]
cfg80211: docs: remove station_info_flags
I removed the enum earlier, but forgot to remove it from the
documentation - do that now.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Luciano Coelho [Fri, 9 Jan 2015 12:06:37 +0000 (14:06 +0200)]
nl80211: send netdetect configuration info in NL80211_CMD_GET_WOWLAN
Send the netdetect configuration information in the response to
NL8021_CMD_GET_WOWLAN commands. This includes the scan interval,
SSIDs to match and frequencies to scan.
Additionally, add the NL80211_WOWLAN_TRIG_NET_DETECT with
NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED.
Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Arik Nemtsov [Wed, 7 Jan 2015 14:47:20 +0000 (16:47 +0200)]
cfg80211: avoid reg-hints in self-managed only systems
When a system contains only self-managed regulatory devices all hints
from the regulatory core are ignored. Stop hint processing early in this
case. These systems usually don't have CRDA deployed, which results in
endless (irrelevent) logs of the form:
cfg80211: Calling CRDA to update world regulatory domain
Make sure there's at least one self-managed device before discarding a
hint, in order to prevent initial hints from disappearing on CRDA
managed systems.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Arik Nemtsov [Wed, 7 Jan 2015 14:47:19 +0000 (16:47 +0200)]
cfg80211: introduce sync regdom set API for self-managed
A self-managed device will sometimes need to set its regdomain synchronously.
Notably it should be set before usermode has a chance to query it. Expose
a new API to accomplish this which requires the RTNL.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Eliad Peller [Wed, 7 Jan 2015 15:50:11 +0000 (17:50 +0200)]
mac80211: don't defer scans in case of radar detection
Radar detection can last indefinite time. There is no
point in deferring a scan request in this case - simply
return -EBUSY.
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Eliad Peller [Wed, 7 Jan 2015 15:50:10 +0000 (17:50 +0200)]
mac80211: consider only relevant vifs for radar_required calculation
ctx->conf.radar_enabled should reflect whether radar
detection is enabled for the channel context.
When calculating it, make it consider only the vifs
that have this context assigned (instead of all the
vifs).
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Eliad Peller [Wed, 7 Jan 2015 15:50:09 +0000 (17:50 +0200)]
mac80211: remove local->radar_detect_enabled
local->radar_detect_enabled should tell whether
radar_detect is enabled on any interface belonging
to local.
However, it's not getting updated correctly
in many cases (actually, when testing with hwsim
it's never been set, even when the dfs master
is beaconing).
Instead of handling all the corner cases
(e.g. channel switch), simply check whether
radar detection is enabled only when needed,
instead of caching the result.
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Arik Nemtsov [Wed, 7 Jan 2015 14:45:07 +0000 (16:45 +0200)]
mac80211: add TDLS supported channels correctly
The function adding the supported channels IE during a TDLS connection had
several issues:
1. If the entire subband is usable, the function exitted the loop without
adding it
2. The function only checked chandef_usable, ignoring flags like RADAR
which would prevent TDLS off-channel communcation.
3. HT20 was explicitly required in the chandef, while not a requirement
for TDLS off-channel.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Emmanuel Grumbach [Wed, 7 Jan 2015 13:42:39 +0000 (15:42 +0200)]
mac80211: let flush() drop packets when possible
When roaming / suspending, it makes no sense to wait until
the transmit queues of the device are empty. In extreme
condition they can be starved (VO saturating the air), but
even in regular cases, it is pointless to delay the roaming
because the low level driver is trying to send packets to
an AP which is far away. We'd rather drop these packets and
let TCP retransmit if needed. This will allow to speed up
the roaming.
For suspend, the explanation is even more trivial.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Andrew Clausen [Fri, 9 Jan 2015 20:24:55 +0000 (20:24 +0000)]
rfkill: document rfkill module parameters
Document the rfkill module parameters default_state and
master_switch_mode.
Signed-off-by: Andrew Clausen <andrew.p.clausen@gmail.com>
[rewrite commit message]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 9 Jan 2015 10:40:39 +0000 (11:40 +0100)]
mac80211: fix handling TIM IE when stations disconnect
When a station disconnects with frames still pending, we clear
the TIM bit, but too late - it's only cleared when the station
is already removed from the driver, and thus the driver can get
confused (and hwsim will loudly complain.)
Fix this by clearing the TIM bit earlier, when the station has
been unlinked but not removed from the driver yet. To do this,
refactor the TIM recalculation to in that case ignore traffic
and simply assume no pending traffic - this is correct for the
disconnected station even though the frames haven't been freed
yet at that point.
This patch isn't needed for current drivers though as they don't
check the station argument to the set_tim() operation and thus
don't really run into the possible confusion.
Reported-by: Jouni Malinen <j@w1.fi>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 9 Jan 2015 10:29:50 +0000 (11:29 +0100)]
mac80211_hwsim: fix PS debugfs file locking
The functions called within the iterators must be called with
tasklets disabled, so use atomic iteration like the rest of
the code and disable tasklets around the whole operation.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 21 Nov 2014 13:26:31 +0000 (14:26 +0100)]
mac80211: provide per-TID RX/TX MSDU counters
Implement the new counters cfg80211 can now advertise to userspace.
The TX code is in the sequence number handler, which is a bit odd,
but that place already knows the TID and frame type, so it was
easiest and least impact there.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 19 Dec 2014 11:34:00 +0000 (12:34 +0100)]
nl80211: support per-TID station statistics
The base for the current statistics is pretty mixed up, support
exporting RX/TX statistics for MSDUs per TID. This (currently)
covers received MSDUs, transmitted MSDUs and retries/failures
thereof.
Doing it per TID for MSDUs makes more sense than say only per AC
because it's symmetric - we could export per-AC statistics for all
frames (which AC we used for transmission can be determined also
for management frames) but per TID is better and usually data
frames are really the ones we care about. Also, on RX we can't
determine the AC - but we do know the TID for any QoS MPDU we
received.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 21 Nov 2014 11:40:05 +0000 (12:40 +0100)]
nl80211: clarify packet statistics descriptions
The current statistics we keep aren't very clear, some are on
MPDUs and some on MSDUs/MMPDUs. Clarify the descriptions based
on the counters mac80211 keeps.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 17 Nov 2014 13:12:22 +0000 (14:12 +0100)]
cfg80211: add nl80211 beacon-only statistics
Add these two values:
* BEACON_RX: number of beacons received from this peer
* BEACON_SIGNAL_AVG: signal strength average for beacons only
These can then be used for Android Lollipop's statistics request.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 17 Nov 2014 13:08:11 +0000 (14:08 +0100)]
cfg80211: remove enum station_info_flags
This is really just duplicating the list of information that's
already available in the nl80211 attribute, so remove the list.
Two small changes are needed:
* remove STATION_INFO_ASSOC_REQ_IES complete, but the length
(assoc_req_ies_len) can be used instead
* add NL80211_STA_INFO_RX_DROP_MISC which exists internally
but not in nl80211 yet
This gets rid of the duplicate maintenance of the two lists.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 17 Nov 2014 10:35:23 +0000 (11:35 +0100)]
mac80211: allow drivers to provide most station statistics
In many cases, drivers can filter things like beacons that will
skew statistics reported by mac80211. To get correct statistics
in these cases, call drivers to obtain statistics and let them
override all values, filling values from mac80211 if the driver
didn't provide them. Not all of them make sense for the driver
to fill, so some are still always done by mac80211.
Note that this doesn't currently allow a driver to say "I know
this value is wrong, don't report it at all", or to sum it up
with a mac80211 value (as could be useful for "dropped misc"),
that can be added if it turns out to be needed.
This also gets rid of the get_rssi() method as is can now be
implemented using sta_statistics().
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 14 Nov 2014 19:32:57 +0000 (20:32 +0100)]
mac80211: send statistics with delete station event
Use the new cfg80211_del_sta_sinfo() function to send the
statistics about the deleted station with the delete event.
This lets userspace see how much traffic etc. the deleted
station used.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 14 Nov 2014 16:14:00 +0000 (17:14 +0100)]
cfg80211: allow including station info in delete event
When a station is removed, its statistics may be interesting to
userspace, for example for further aggregation of statistics of
all stations that ever connected to an AP.
Introduce a new cfg80211_del_sta_sinfo() function (and make the
cfg80211_del_sta() a static inline calling it) to allow passing
a struct station_info along with this, and send the data in the
nl80211 event message.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 14 Nov 2014 15:44:11 +0000 (16:44 +0100)]
cfg80211: add scan time to survey data
Add the time spent scanning to the survey data so it can be
reported by drivers that collect such information.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 14 Nov 2014 15:43:50 +0000 (16:43 +0100)]
cfg80211: allow survey data to return global data
Not all devices are able to report survey data (particularly
time spent for various operations) per channel. As all these
statistics already exist in survey data, allow such devices
to report them (if userspace requested it)
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 14 Nov 2014 15:35:34 +0000 (16:35 +0100)]
cfg80211: remove "channel" from survey names
All of the survey data is (currently) per channel anyway,
so having the word "channel" in the name does nothing. In
the next patch I'll introduce global data to the survey,
where the word "channel" is actually confusing.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Ido Yariv [Tue, 6 Jan 2015 13:39:02 +0000 (08:39 -0500)]
mac80211: Re-fix accounting of the tailroom-needed counter
When hw acceleration is enabled, the GENERATE_IV or PUT_IV_SPACE flags
only require headroom space. Therefore, the tailroom-needed counter can
safely be decremented for most drivers.
The older incarnation of this patch (
ca34e3b5) assumed that the above
holds true for all drivers. As reported by Christopher Chavez and
researched by Christian Lamparter and Larry Finger, this isn't a valid
assumption for p54 and cw1200.
Drivers that still require tailroom for ICV/MIC even when HW encryption
is enabled can use IEEE80211_KEY_FLAG_RESERVE_TAILROOM to indicate it.
Signed-off-by: Ido Yariv <idox.yariv@intel.com>
Cc: Christopher Chavez <chrischavez@gmx.us>
Cc: Christian Lamparter <chunkeey@googlemail.com>
Cc: Larry Finger <Larry.Finger@lwfinger.net>
Cc: Solomon Peachy <pizza@shaftnet.org>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Wed, 7 Jan 2015 13:39:02 +0000 (14:39 +0100)]
Merge branch 'mac80211' into mac80211-next
Merge mac80211.git to get some changes that would otherwise
cause conflicts with new changes coming here.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Arik Nemtsov [Thu, 1 Jan 2015 11:43:17 +0000 (13:43 +0200)]
mac80211: skip disabled channels in VHT check
The patch "
40a11ca mac80211: check if channels allow 80 MHz for VHT
probe requests" considered disabled channels as VHT enabled, and
mistakenly sent out probe-requests with the VHT IE.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Tue, 23 Dec 2014 16:17:38 +0000 (17:17 +0100)]
nl80211: define multicast group names in header
Put the group names into the userspace API header file so that
userspace clients can use symbolic names from there instead of
hardcoding the actual names. This doesn't really change much,
but seems somewhat cleaner.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Gautam Kumar Shukla [Tue, 23 Dec 2014 15:55:19 +0000 (16:55 +0100)]
cfg80211: add extensible feature flag attribute
With the wiphy::features flag being used up this patch adds a
new field wiphy::ext_features. Considering extensibility this
new field is declared as a byte array. This extensible flag is
exposed to user-space by NL80211_ATTR_EXT_FEATURES.
Cc: Avinash Patil <patila@marvell.com>
Signed-off-by: Gautam (Gautam Kumar) Shukla <gautams@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 5 Jan 2015 10:16:42 +0000 (11:16 +0100)]
nl80211: document NL80211_BSS_STATUS_AUTHENTICATED isn't used
The flag is no longer used (and hasn't been for a long time)
since trying to track authentication (and make decisions based
on state) was just causing issues all over - see commit
95de817b9034d50860319f6033ec85d25024694c.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 5 Jan 2015 09:28:49 +0000 (10:28 +0100)]
Revert "mac80211: Fix accounting of the tailroom-needed counter"
This reverts commit
ca34e3b5c808385b175650605faa29e71e91991b.
It turns out that the p54 and cw2100 drivers assume that there's
tailroom even when they don't say they really need it. However,
there's currently no way for them to explicitly say they do need
it, so for now revert this.
This fixes https://bugzilla.kernel.org/show_bug.cgi?id=90331.
Cc: stable@vger.kernel.org
Fixes: ca34e3b5c808 ("mac80211: Fix accounting of the tailroom-needed counter")
Reported-by: Christopher Chavez <chrischavez@gmx.us>
Bisected-by: Larry Finger <Larry.Finger@lwfinger.net>
Debugged-by: Christian Lamparter <chunkeey@googlemail.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Eliad Peller [Sun, 21 Dec 2014 13:25:28 +0000 (15:25 +0200)]
mac80211: fix dot11MulticastTransmittedFrameCount tested address
dot11MulticastTransmittedFrameCount should be updated according
to the DA, which might be different from A1. Checking A1 results
in the counter being 0 in case of station, as to-DS data frames
use A1 for the BSSID.
This behaviour is defined in state machines, specifically in the
sta_tx_dcf_3.1d(10) description of 802.11-2012.
Signed-off-by: Eliad Peller <eliad@wizery.com>
[rewrite commit message]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 22 Dec 2014 11:51:25 +0000 (12:51 +0100)]
mac80211_hwsim: fix check for custom world regdom array size
David Binderman reports that the conditions in the first loop
are the wrong way around - checking the array contents before
the size.
Instead of leaving the empty loop there and reordering the two
checks unify it into a single loop that skips over non-matches
and exits after the first match.
Reported-by: David Binderman <dcb314@hotmail.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Felix Fietkau [Wed, 17 Dec 2014 12:38:34 +0000 (13:38 +0100)]
mac80211: minstrel: reduce size of struct minstrel_rate_stats
On minstrel_ht, the size of the per-sta struct is almost 18k, making it
an order-3 allocation.
A few fields inside the per-rate statistics are bigger than they need to
be. This patch reduces the size enough to cut down the per-sta struct to
about 13k (order-2 allocation).
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Arik Nemtsov [Wed, 17 Dec 2014 16:00:44 +0000 (18:00 +0200)]
nl80211: increase the max number of rules in regdomain
Some network cards (Intel) produce per-channel regdomains and rely on
cfg80211 to merge rules as needed. This hits the max rules limit and
fails.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jukka Rissanen [Mon, 15 Dec 2014 11:25:39 +0000 (13:25 +0200)]
nl80211: Stop scheduled scan if netlink client disappears
An attribute NL80211_ATTR_SOCKET_OWNER can be set by the scan initiator.
If present, the attribute will cause the scan to be stopped if the client
dies.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jukka Rissanen [Mon, 15 Dec 2014 11:25:38 +0000 (13:25 +0200)]
nl80211: Convert sched_scan_req pointer to RCU pointer
Because of possible races when accessing sched_scan_req pointer in
rdev, the sched_scan_req is converted to RCU pointer.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Eliad Peller [Sun, 14 Dec 2014 09:05:53 +0000 (11:05 +0200)]
mac80211: avoid reconfig if no interfaces are up
If there are no interfaces up, there is no reason
to continue the reconfig flow.
The current code might end up calling driver
callbacks (e.g. resume(), reconfig_complete())
while the driver is already stopped.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Luciano Coelho [Sun, 14 Dec 2014 09:05:52 +0000 (11:05 +0200)]
mac80211: remove unused variable in ieee80211_parse_ch_switch_ie()
The ht_oper variable is assigned a value, but never used in
ieee80211_parse_ch_switch_ie(). Remove it.
Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Eliad Peller [Sun, 14 Dec 2014 09:05:51 +0000 (11:05 +0200)]
mac80211: update sta bw on ht chanwidth action frame
Commit
e1a0c6b ("mac80211: stop toggling IEEE80211_HT_CAP_SUP_WIDTH_20_40")
mistakenly removed the actual update of sta->sta.bandwidth.
Refactor ieee80211_sta_cur_vht_bw() into multiple functions
(calculate caps-bw and chandef-bw separately, and min them
with cur_max_bandwidth).
On ht chanwidth action frame set only cur_max_bandwidth
(according to the sta capabilities) and recalc the sta bw.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Moshe Benji [Sun, 14 Dec 2014 09:05:50 +0000 (11:05 +0200)]
mac80211: handle power constraint and country IEs in RRM
In beacons, handle the Country IE even if no Power Constraint IE
is present, and, capability wise, also in case that the Radio
Measurements capability is enabled.
In cases where the Country IE should be handled and that the
Power Constraint IE is not present, the Country IE alone will
set the power limit (and not both Country and Power Constraint
IEs).
Signed-off-by: Moshe Benji <moshe.benji@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Chaya Rachel Ivgi [Sun, 14 Dec 2014 08:38:59 +0000 (10:38 +0200)]
mac80211: Fix ignored HT override configurations
HT override configurations was ignored when choosing the channel
(until now, the override configuration affected only the
capabilities shown in the IEs).
The override configurations received only on association time,
so in this case we should determine the channel again.
Signed-off-by: Chaya Rachel Ivgi <chaya.rachel.ivgi@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Wed, 17 Dec 2014 12:55:49 +0000 (13:55 +0100)]
mac80211: free management frame keys when removing station
When writing the code to allow per-station GTKs, I neglected to
take into account the management frame keys (index 4 and 5) when
freeing the station and only added code to free the first four
data frame keys.
Fix this by iterating the array of keys over the right length.
Cc: stable@vger.kernel.org
Fixes: e31b82136d1a ("cfg80211/mac80211: allow per-station GTKs")
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Arik Nemtsov [Mon, 15 Dec 2014 17:26:02 +0000 (19:26 +0200)]
cfg80211: avoid intersection when applying self-managed reg
The custom-reg handling function can currently only add flags to a given
channel. This results in stale flags being left applied. In some cases
a channel was disabled and even the orig_flags were changed to reflect
this.
Previously the API was designed for a single invocation before wiphy
registration, so this didn't matter. The previous approach doesn't scale
well to self-managed regulatory devices, particularly when a more
permissive regdom is applied after a restrictive one.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Arik Nemtsov [Mon, 15 Dec 2014 17:26:01 +0000 (19:26 +0200)]
cfg80211: return private regdom for self-managed devices
If a device has self-managed regulatory, insist on returning the wiphy
specific regdomain if a wiphy-idx is specified. The global regdomain is
meaningless for such devices.
Also add an attribute for self-managed devices, so usermode can
distinguish them as such.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Reviewed-by: Luis R. Rodriguez <mcgrof@suse.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jonathan Doron [Mon, 15 Dec 2014 17:26:00 +0000 (19:26 +0200)]
cfg80211: allow wiphy specific regdomain management
Add a new regulatory flag that allows a driver to manage regdomain
changes/updates for its own wiphy.
A self-managed wiphys only employs regulatory information obtained from
the FW and driver and does not use other cfg80211 sources like
beacon-hints, country-code IEs and hints from other devices on the same
system. Conversely, a self-managed wiphy does not share its regulatory
hints with other devices in the system. If a system contains several
devices, one or more of which are self-managed, there might be
contradictory regulatory settings between them. Usage of flag is
generally discouraged. Only use it if the FW/driver is incompatible
with non-locally originated hints.
A new API lets the driver send a complete regdomain, to be applied on
its wiphy only.
After a wiphy-specific regdomain change takes place, usermode will get
a new type of change notification. The regulatory core also takes care
enforce regulatory restrictions, in case some interfaces are on
forbidden channels.
Signed-off-by: Jonathan Doron <jonathanx.doron@intel.com>
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Reviewed-by: Luis R. Rodriguez <mcgrof@suse.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Arik Nemtsov [Mon, 15 Dec 2014 17:25:59 +0000 (19:25 +0200)]
cfg80211: allow usermode to query wiphy specific regdom
If a wiphy-idx is specified, the kernel will return the wiphy specific
regdomain, if such exists. Otherwise return the global regdom.
When no wiphy-idx is specified, return the global regdomain as well as
all wiphy-specific regulatory domains in the system, via a new nested
list of attributes.
Add a new attribute for each wiphy-specific regdomain, for usermode to
identify it as such.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Nishikawa, Kenzoh [Tue, 16 Dec 2014 01:41:06 +0000 (01:41 +0000)]
mac80211: keep sending peer candidate events while in listen state
Instead of sending peer candidate events just once, send them as long
as the peer remains in the LISTEN state in the peering state machine,
when userspace is implementing the peering manager.
Userspace may silence the events from a peer by progressing the state
machine or by setting the link state to BLOCKED.
Fixes the problem that a mesh peering process won't be fired again after
the previous first peering trial fails due to like air propagation error
if the peering is managed by user space such as wpa_supplicant.
This patch works with another patch for wpa_supplicant described here
which fires a peering process again triggered by the notice from kernel.
http://lists.shmoo.com/pipermail/hostap/2014-November/031235.html
Signed-off-by: Kenzoh Nishikawa <Kenzoh.Nishikawa@jp.sony.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Luciano Coelho [Tue, 16 Dec 2014 14:01:39 +0000 (16:01 +0200)]
mac80211: notify channel switch at the end of ieee80211_chswitch_post_beacon()
The call to cfg80211_ch_switch_notify() should be at the end of the
ieee80211_chswitch_post_beacon() function, because it should only be
sent if everything succeeded.
Fixes: d04b5ac9e70b ("cfg80211/mac80211: allow any interface to send channel switch notifications")
Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Janusz Dziedzic [Wed, 17 Dec 2014 09:00:52 +0000 (10:00 +0100)]
mac80211: notify NSS changed when IBSS and HT
When using IBSS in HT mode, we always get NSS=1
in rc_update callback. Force NSS recalculation when
rates updated and notify driver that NSS changed.
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Tue, 11 Nov 2014 11:48:42 +0000 (12:48 +0100)]
mac80211: move U-APSD enablement to vif flags
In order to let drivers have more dynamic U-APSD support,
move the enablement flag to the virtual interface driver
flags. This lets drivers not only set it up differently
for different interfaces, but also enable/disable on the
fly if needed.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Thu, 13 Nov 2014 10:23:53 +0000 (11:23 +0100)]
mac80211: ask driver to look at power level when starting AP
The power level might have been set, but as the interface was idle
it might not have taken effect yet. Ask the driver to check the
power level when starting up an AP so that in this case the correct
power level is used in case the device/driver can only set it when
the interface is actually active.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Sujith Manoharan [Wed, 10 Dec 2014 15:56:11 +0000 (21:26 +0530)]
mac80211: Fix accounting of multicast frames
Since multicast frames are marked as no-ack, using
IEEE80211_TX_STAT_ACK to check if they have been
successfully transmitted by the driver is incorrect
since a driver can choose to ignore transmission status
for no-ack frames. This results in incorrect accounting
for such frames.
To fix this issue, this patch introduces a new flag
that can be used by drivers to indicate error-free
transmission of no-ack frames.
Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
[add a note about not setting the flag for non-no-ack frames]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Sujith Manoharan [Wed, 10 Dec 2014 15:56:10 +0000 (21:26 +0530)]
mac80211: Move IEEE80211_TX_CTL_PS_RESPONSE
Move IEEE80211_TX_CTL_PS_RESPONSE to info->control.flags since
this is used only in the TX path (by ath9k). This frees up
a bit which can be used for other purposes.
Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Vadim Kochan [Tue, 9 Dec 2014 22:21:06 +0000 (00:21 +0200)]
wireless: Support of IFLA_INFO_KIND rtnl attribute
It allows to identify the wlan kind of device for the user application,
e.g.:
# ip -d link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 promiscuity 0
2: enp0s25: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000
link/ether XX:XX:XX:XX:XX:XX brd ff:ff:ff:ff:ff:ff promiscuity 0
3: wlp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
link/ether XX:XX:XX:XX:XX:XX brd ff:ff:ff:ff:ff:ff promiscuity 0
wlan
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
[make wireless_link_ops const]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Arik Nemtsov [Wed, 3 Dec 2014 16:08:17 +0000 (18:08 +0200)]
cfg80211: correctly check ad-hoc channels
Ad-hoc requires beaconing for regulatory purposes. Validate that the
channel is valid for beaconing, and not only enabled.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Reviewed-by: Luis R. Rodriguez <mcgrof@suse.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Emmanuel Grumbach [Tue, 2 Dec 2014 07:53:25 +0000 (09:53 +0200)]
cfg80211: don't WARN about two consecutive Country IE hint
This can happen and there is no point in added more
detection code lower in the stack. Catching these in one
single point (cfg80211) is enough. Stop WARNING about this
case.
This fixes:
https://bugzilla.kernel.org/show_bug.cgi?id=89001
Cc: stable@vger.kernel.org
Fixes: 2f1c6c572d7b ("cfg80211: process non country IE conflicting first")
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Emmanuel Grumbach [Sun, 30 Nov 2014 15:17:26 +0000 (17:17 +0200)]
mac80211: update the channel context after channel switch
When the channel switch has been made, a vif is now using
the channel context which was reserved. When that happens,
we need to update the channel context since its parameters
may change.
I hit a case in which I switched to a 40Mhz channel but the
reserved channel context was still on 20Mhz. The rate control
would try to send 40Mhz packets on a 20Mhz channel context and
that made iwlwifi's firmware unhappy.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Luciano Coelho [Mon, 1 Dec 2014 09:32:09 +0000 (11:32 +0200)]
nl80211: check matches array length before acessing it
If the userspace passes a malformed sched scan request (or a net
detect wowlan configuration) by adding a NL80211_ATTR_SCHED_SCAN_MATCH
attribute without any nested matchsets, a NULL pointer dereference
will occur. Fix this by checking that we do have matchsets in our
array before trying to access it.
BUG: unable to handle kernel NULL pointer dereference at
0000000000000024
IP: [<
ffffffffa002fd69>] nl80211_parse_sched_scan.part.67+0x6e9/0x900 [cfg80211]
PGD
865c067 PUD
865b067 PMD 0
Oops: 0002 [#1] SMP
Modules linked in: iwlmvm(O) iwlwifi(O) mac80211(O) cfg80211(O) compat(O) [last unloaded: compat]
CPU: 2 PID: 2442 Comm: iw Tainted: G O 3.17.2 #31
Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
task:
ffff880013800790 ti:
ffff880008d80000 task.ti:
ffff880008d80000
RIP: 0010:[<
ffffffffa002fd69>] [<
ffffffffa002fd69>] nl80211_parse_sched_scan.part.67+0x6e9/0x900 [cfg80211]
RSP: 0018:
ffff880008d838d0 EFLAGS:
00010293
RAX:
0000000000000000 RBX:
0000000000000000 RCX:
0000000000000000
RDX:
000000000000143c RSI:
0000000000000000 RDI:
ffff880008ee8dd0
RBP:
ffff880008d83948 R08:
0000000000000002 R09:
0000000000000019
R10:
ffff88001d1b3c40 R11:
0000000000000002 R12:
ffff880019e85e00
R13:
00000000fffffed4 R14:
ffff880009757800 R15:
0000000000001388
FS:
00007fa3b6d13700(0000) GS:
ffff88003e200000(0000) knlGS:
0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0:
0000000080050033
CR2:
0000000000000024 CR3:
0000000008670000 CR4:
00000000000006e0
Stack:
ffff880009757800 ffff880000000001 0000000000000000 ffff880008ee84e0
0000000000000000 ffff880009757800 00000000fffffed4 ffff880008d83948
ffffffff814689c9 ffff880009757800 ffff880008ee8000 0000000000000000
Call Trace:
[<
ffffffff814689c9>] ? nla_parse+0xb9/0x120
[<
ffffffffa00306de>] nl80211_set_wowlan+0x75e/0x960 [cfg80211]
[<
ffffffff810bf3d5>] ? mark_held_locks+0x75/0xa0
[<
ffffffff8161a77b>] genl_family_rcv_msg+0x18b/0x360
[<
ffffffff810bf66d>] ? trace_hardirqs_on+0xd/0x10
[<
ffffffff8161a9d4>] genl_rcv_msg+0x84/0xc0
[<
ffffffff8161a950>] ? genl_family_rcv_msg+0x360/0x360
[<
ffffffff81618e79>] netlink_rcv_skb+0xa9/0xd0
[<
ffffffff81619458>] genl_rcv+0x28/0x40
[<
ffffffff816184a5>] netlink_unicast+0x105/0x180
[<
ffffffff8161886f>] netlink_sendmsg+0x34f/0x7a0
[<
ffffffff8105a097>] ? kvm_clock_read+0x27/0x40
[<
ffffffff815c644d>] sock_sendmsg+0x8d/0xc0
[<
ffffffff811a75c9>] ? might_fault+0xb9/0xc0
[<
ffffffff811a756e>] ? might_fault+0x5e/0xc0
[<
ffffffff815d5d26>] ? verify_iovec+0x56/0xe0
[<
ffffffff815c73e0>] ___sys_sendmsg+0x3d0/0x3e0
[<
ffffffff810a7be8>] ? sched_clock_cpu+0x98/0xd0
[<
ffffffff810611b4>] ? __do_page_fault+0x254/0x580
[<
ffffffff810bb39f>] ? up_read+0x1f/0x40
[<
ffffffff810611b4>] ? __do_page_fault+0x254/0x580
[<
ffffffff812146ed>] ? __fget_light+0x13d/0x160
[<
ffffffff815c7b02>] __sys_sendmsg+0x42/0x80
[<
ffffffff815c7b52>] SyS_sendmsg+0x12/0x20
[<
ffffffff81751f69>] system_call_fastpath+0x16/0x1b
Fixes: ea73cbce4e1f ("nl80211: fix scheduled scan RSSI matchset attribute confusion")
Cc: stable@vger.kernel.org [3.15+]
Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 12 Dec 2014 11:26:25 +0000 (12:26 +0100)]
cfg80211: use __force __rcu to suppress sparse warning
The code assigns a constant value (a pointer to a static variable)
to an RCU pointer, which results in a sparse warning:
reg.c:112:10: warning: cast adds address space to expression (<asn:4>)
Suppress this warning by using __force.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Arik Nemtsov [Thu, 4 Dec 2014 10:22:16 +0000 (12:22 +0200)]
cfg80211: avoid mem leak on driver hint set
In the already-set and intersect case of a driver-hint, the previous
wiphy regdomain was not freed before being reset with a copy of the
cfg80211 regdomain.
Cc: stable@vger.kernel.org
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Acked-by: Luis R. Rodriguez <mcgrof@suse.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jouni Malinen [Thu, 11 Dec 2014 21:48:55 +0000 (23:48 +0200)]
cfg80211: Fix 160 MHz channels with 80+80 and 160 MHz drivers
The VHT supported channel width field is a two bit integer, not a
bitfield. cfg80211_chandef_usable() was interpreting it incorrectly and
ended up rejecting 160 MHz channel width if the driver indicated support
for both 160 and 80+80 MHz channels.
Cc: stable@vger.kernel.org (3.16+)
Fixes: 3d9d1d6656a73 ("nl80211/cfg80211: support VHT channel configuration")
(however, no real drivers had 160 MHz support it until 3.16)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Andreas Müller [Fri, 12 Dec 2014 11:11:11 +0000 (12:11 +0100)]
mac80211: fix multicast LED blinking and counter
As multicast-frames can't be fragmented, "dot11MulticastReceivedFrameCount"
stopped being incremented after the use-after-free fix. Furthermore, the
RX-LED will be triggered by every multicast frame (which wouldn't happen
before) which wouldn't allow the LED to rest at all.
Fixes https://bugzilla.kernel.org/show_bug.cgi?id=89431 which also had the
patch.
Cc: stable@vger.kernel.org
Fixes: b8fff407a180 ("mac80211: fix use-after-free in defragmentation")
Signed-off-by: Andreas Müller <goo@stapelspeicher.org>
[rewrite commit message]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jes Sorensen [Wed, 10 Dec 2014 19:14:07 +0000 (14:14 -0500)]
mac80211: avoid using uninitialized stack data
Avoid a case where we would access uninitialized stack data if the AP
advertises HT support without 40MHz channel support.
Cc: stable@vger.kernel.org
Fixes: f3000e1b43f1 ("mac80211: fix broken use of VHT/20Mhz with some APs")
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Chun-Hao Lin [Wed, 10 Dec 2014 13:28:38 +0000 (21:28 +0800)]
r8169:update rtl8168g pcie ephy parameter
Add ephy parameter to rtl8168g.
Also change the common function of rtl8168g from "rtl_hw_start_8168g_1" to
"rtl_hw_start_8168g". And function "rtl_hw_start_8168g_1" is used for
setting rtl8168g hardware parameters.
Following is the explanation of what hardware parameter change for.
rtl8168g may erroneous judge the PCIe signal quality and show the error bit
on PCI configuration space when in PCIe low power mode.
The following ephy parameters are for above issue.
{ 0x00, 0x0000, 0x0008 }
{ 0x0c, 0x37d0, 0x0820 }
{ 0x1e, 0x0000, 0x0001 }
rtl8168g may return to PCIe L0 from PCIe L0s low power mode too slow.
The following ephy parameter is for above issue.
{ 0x19, 0x8000, 0x0000 }
Signed-off-by: Chunhao Lin <hau@realtek.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Florian Fainelli [Fri, 12 Dec 2014 02:12:42 +0000 (18:12 -0800)]
net: dsa: bcm_sf2: force link for all fixed PHY devices
For ports of the switch that we define as "fixed PHYs" such as MoCA, we
would have our Port 7 special handling that would allow us to assert the
link status indication.
For other ports, such as e.g: RGMII_1 connected to a cable modem, we
would rely on whatever the bootloader has left configured, which is a
bad assumption to make, we really need to force the link status
indication here.
Fixes: 246d7f773c13 ("net: dsa: add Broadcom SF2 switch driver")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Fri, 12 Dec 2014 02:15:37 +0000 (21:15 -0500)]
Merge branch 'dma_mb'
Alexander Duyck says:
====================
arch: Add lightweight memory barriers for coherent memory access
These patches introduce two new primitives for synchronizing cache coherent
memory writes and reads. These two new primitives are:
dma_rmb()
dma_wmb()
The first patch cleans up some unnecessary overhead related to the
definition of read_barrier_depends, smp_read_barrier_depends, and comments
related to the barrier.
The second patch adds the primitives for the applicable architectures and
asm-generic.
The third patch adds the barriers to r8169 which turns out to be a good
example of where the new barriers might be useful as they have full
rmb()/wmb() barriers ordering accesses to the descriptors and the DescOwn
bit.
The fourth patch adds support for coherent_rmb() to the Intel fm10k, igb,
and ixgbe drivers. Testing with the ixgbe driver has shown a processing
time reduction of at least 7ns per 64B frame on a Core i7-4930K.
This patch series is essentially the v7 for:
v4-7: Add lightweight memory barriers for coherent memory access
v3: Add lightweight memory barriers fast_rmb() and fast_wmb()
v2: Introduce load_acquire() and store_release()
v1: Introduce read_acquire()
The key changes in this patch series versus the earlier patches are:
v7 resubmit:
- Added Acked-by: Ben Herrenschmidt from v5 to dma_rmb/wmb patch
- No code changes from previous set, still applies cleanly and builds.
v7:
- Dropped test/debug patch that was accidentally slipped in
v6:
- Replaced "memory based device I/O" with "consistent memory" in
docs
- Added reference to DMA-API.txt to explain consistent memory
v5:
- Renamed barriers dma_rmb and dma_wmb
- Undid smp_wmb changes in x86 and PowerPC
- Defined smp_rmb as __lwsync for SMP case on PowerPC
v4:
- Renamed barriers coherent_rmb and coherent_wmb
- Added smp_lwsync for use in smp_load_acquire/smp_store_release
v3:
- Moved away from acquire()/store() and instead focused on barriers
- Added cleanup of read_barrier_depends
- Added change in r8169 to fix cur_tx/DescOwn ordering
- Simplified changes to just replacing/moving barriers in r8169
- Added update to documentation with code example
v2:
- Renamed read_acquire() to be consistent with smp_load_acquire()
- Changed barrier used to be consistent with smp_load_acquire()
- Updated PowerPC code to use __lwsync based on IBM article
- Added store_release() as this is a viable use case for drivers
- Added r8169 patch which is able to fully use primitives
- Added fm10k/igb/ixgbe patch which is able to test performance
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Alexander Duyck [Thu, 11 Dec 2014 23:02:28 +0000 (15:02 -0800)]
fm10k/igb/ixgbe: Use dma_rmb on Rx descriptor reads
This change makes it so that dma_rmb is used when reading the Rx
descriptor. The advantage of dma_rmb is that it allows for a much
lower cost barrier on x86, powerpc, arm, and arm64 architectures than a
traditional memory barrier when dealing with reads that only have to
synchronize to coherent memory.
In addition I have updated the code so that it just checks to see if any
bits have been set instead of just the DD bit since the DD bit will always
be set as a part of a descriptor write-back so we just need to check for a
non-zero value being present at that memory location rather than just
checking for any specific bit. This allows the code itself to appear much
cleaner and allows the compiler more room to optimize.
Cc: Matthew Vick <matthew.vick@intel.com>
Cc: Don Skidmore <donald.c.skidmore@intel.com>
Acked-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: Alexander Duyck <alexander.h.duyck@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Alexander Duyck [Thu, 11 Dec 2014 23:02:17 +0000 (15:02 -0800)]
r8169: Use dma_rmb() and dma_wmb() for DescOwn checks
The r8169 use a pair of wmb() calls when setting up the descriptor rings.
The first is to synchronize the descriptor data with the descriptor status,
and the second is to synchronize the descriptor status with the use of the
MMIO doorbell to notify the device that descriptors are ready. This can
come at a heavy price on some systems, and is not really necessary on
systems such as x86 as a simple barrier() would suffice to order store/store
accesses. As such we can replace the first memory barrier with
dma_wmb() to reduce the cost for these accesses.
In addition the r8169 uses a rmb() to prevent compiler optimization in the
cleanup paths, however by moving the barrier down a few lines and replacing
it with a dma_rmb() we should be able to use it to guarantee
descriptor accesses do not occur until the device has updated the DescOwn
bit from its end.
One last change I made is to move the update of cur_tx in the xmit path to
after the wmb. This way we can guarantee the device and all CPUs should
see the DescOwn update before they see the cur_tx value update.
Cc: Realtek linux nic maintainers <nic_swsd@realtek.com>
Cc: Francois Romieu <romieu@fr.zoreil.com>
Signed-off-by: Alexander Duyck <alexander.h.duyck@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Alexander Duyck [Thu, 11 Dec 2014 23:02:06 +0000 (15:02 -0800)]
arch: Add lightweight memory barriers dma_rmb() and dma_wmb()
There are a number of situations where the mandatory barriers rmb() and
wmb() are used to order memory/memory operations in the device drivers
and those barriers are much heavier than they actually need to be. For
example in the case of PowerPC wmb() calls the heavy-weight sync
instruction when for coherent memory operations all that is really needed
is an lsync or eieio instruction.
This commit adds a coherent only version of the mandatory memory barriers
rmb() and wmb(). In most cases this should result in the barrier being the
same as the SMP barriers for the SMP case, however in some cases we use a
barrier that is somewhere in between rmb() and smp_rmb(). For example on
ARM the rmb barriers break down as follows:
Barrier Call Explanation
--------- -------- ----------------------------------
rmb() dsb() Data synchronization barrier - system
dma_rmb() dmb(osh) data memory barrier - outer sharable
smp_rmb() dmb(ish) data memory barrier - inner sharable
These new barriers are not as safe as the standard rmb() and wmb().
Specifically they do not guarantee ordering between coherent and incoherent
memories. The primary use case for these would be to enforce ordering of
reads and writes when accessing coherent memory that is shared between the
CPU and a device.
It may also be noted that there is no dma_mb(). Most architectures don't
provide a good mechanism for performing a coherent only full barrier without
resorting to the same mechanism used in mb(). As such there isn't much to
be gained in trying to define such a function.
Cc: Frederic Weisbecker <fweisbec@gmail.com>
Cc: Mathieu Desnoyers <mathieu.desnoyers@polymtl.ca>
Cc: Michael Ellerman <michael@ellerman.id.au>
Cc: Michael Neuling <mikey@neuling.org>
Cc: Russell King <linux@arm.linux.org.uk>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: David Miller <davem@davemloft.net>
Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Alexander Duyck <alexander.h.duyck@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Alexander Duyck [Thu, 11 Dec 2014 23:01:55 +0000 (15:01 -0800)]
arch: Cleanup read_barrier_depends() and comments
This patch is meant to cleanup the handling of read_barrier_depends and
smp_read_barrier_depends. In multiple spots in the kernel headers
read_barrier_depends is defined as "do {} while (0)", however we then go
into the SMP vs non-SMP sections and have the SMP version reference
read_barrier_depends, and the non-SMP define it as yet another empty
do/while.
With this commit I went through and cleaned out the duplicate definitions
and reduced the number of definitions down to 2 per header. In addition I
moved the 50 line comments for the macro from the x86 and mips headers that
defined it as an empty do/while to those that were actually defining the
macro, alpha and blackfin.
Signed-off-by: Alexander Duyck <alexander.h.duyck@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Fri, 12 Dec 2014 02:00:13 +0000 (21:00 -0500)]
Merge branch 'dsa'
Florian Fainelli says:
====================
net: dsa: two small bug fixes
Here are two small fixes for the DSA slave interface creation code:
- first patch fixes a null pointer de-reference with an invalid PHY
device pointer while calling phy_connect_direct()
- second path propagates the dsa_slave_phy_setup() error code down to
its caller: dsa_slave_create
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Florian Fainelli [Thu, 11 Dec 2014 20:49:16 +0000 (12:49 -0800)]
net: dsa: propagate error code from dsa_slave_phy_setup
In case we cannot attach to our slave netdevice PHY, error out and
propagate that error up to the caller: dsa_slave_create().
Fixes: 0d8bcdd383b8 ("net: dsa: allow for more complex PHY setups")
Signed-off-by: Andrey Volkov <andrey.volkov@nexvision.fr>
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Florian Fainelli [Thu, 11 Dec 2014 20:49:15 +0000 (12:49 -0800)]
net: dsa: handle non-existing PHYs on switch internal bus
In case there is no PHY at the designated address on the internal
switch, we would basically de-reference a null pointer here:
dsa_slave_phy_setup(...)
{
p->phy = ds->slave_mii_bus->phy_map[p->port];
phy_connect_direct(slave_dev, p->phy, dsa_slave_adjust_link,
^------
This can be triggered when the platform configuration (platform_data or
Device Tree) indicates there should be a PHY device at this address, but
the HW is non-responsive, such that we cannot attach a PHY device at
this specific location.
Fix this by checking the return value prior to calling
phy_connect_direct().
CC: Andrew Lunn <andrew@lunn.ch>
Fixes: b31f65fb4383 ("net: dsa: slave: Fix autoneg for phys on switch MDIO bus")
Reported-by: Brian Norris <computersforpeace@gmail.com>
Signed-off-by: Andrey Volkov <andrey.volkov@nexvision.fr>
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Linus Torvalds [Thu, 11 Dec 2014 22:27:06 +0000 (14:27 -0800)]
Merge git://git./linux/kernel/git/davem/net-next
Pull networking updates from David Miller:
1) New offloading infrastructure and example 'rocker' driver for
offloading of switching and routing to hardware.
This work was done by a large group of dedicated individuals, not
limited to: Scott Feldman, Jiri Pirko, Thomas Graf, John Fastabend,
Jamal Hadi Salim, Andy Gospodarek, Florian Fainelli, Roopa Prabhu
2) Start making the networking operate on IOV iterators instead of
modifying iov objects in-situ during transfers. Thanks to Al Viro
and Herbert Xu.
3) A set of new netlink interfaces for the TIPC stack, from Richard
Alpe.
4) Remove unnecessary looping during ipv6 routing lookups, from Martin
KaFai Lau.
5) Add PAUSE frame generation support to gianfar driver, from Matei
Pavaluca.
6) Allow for larger reordering levels in TCP, which are easily
achievable in the real world right now, from Eric Dumazet.
7) Add a variable of napi_schedule that doesn't need to disable cpu
interrupts, from Eric Dumazet.
8) Use a doubly linked list to optimize neigh_parms_release(), from
Nicolas Dichtel.
9) Various enhancements to the kernel BPF verifier, and allow eBPF
programs to actually be attached to sockets. From Alexei
Starovoitov.
10) Support TSO/LSO in sunvnet driver, from David L Stevens.
11) Allow controlling ECN usage via routing metrics, from Florian
Westphal.
12) Remote checksum offload, from Tom Herbert.
13) Add split-header receive, BQL, and xmit_more support to amd-xgbe
driver, from Thomas Lendacky.
14) Add MPLS support to openvswitch, from Simon Horman.
15) Support wildcard tunnel endpoints in ipv6 tunnels, from Steffen
Klassert.
16) Do gro flushes on a per-device basis using a timer, from Eric
Dumazet. This tries to resolve the conflicting goals between the
desired handling of bulk vs. RPC-like traffic.
17) Allow userspace to ask for the CPU upon what a packet was
received/steered, via SO_INCOMING_CPU. From Eric Dumazet.
18) Limit GSO packets to half the current congestion window, from Eric
Dumazet.
19) Add a generic helper so that all drivers set their RSS keys in a
consistent way, from Eric Dumazet.
20) Add xmit_more support to enic driver, from Govindarajulu
Varadarajan.
21) Add VLAN packet scheduler action, from Jiri Pirko.
22) Support configurable RSS hash functions via ethtool, from Eyal
Perry.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next: (1820 commits)
Fix race condition between vxlan_sock_add and vxlan_sock_release
net/macb: fix compilation warning for print_hex_dump() called with skb->mac_header
net/mlx4: Add support for A0 steering
net/mlx4: Refactor QUERY_PORT
net/mlx4_core: Add explicit error message when rule doesn't meet configuration
net/mlx4: Add A0 hybrid steering
net/mlx4: Add mlx4_bitmap zone allocator
net/mlx4: Add a check if there are too many reserved QPs
net/mlx4: Change QP allocation scheme
net/mlx4_core: Use tasklet for user-space CQ completion events
net/mlx4_core: Mask out host side virtualization features for guests
net/mlx4_en: Set csum level for encapsulated packets
be2net: Export tunnel offloads only when a VxLAN tunnel is created
gianfar: Fix dma check map error when DMA_API_DEBUG is enabled
cxgb4/csiostor: Don't use MASTER_MUST for fw_hello call
net: fec: only enable mdio interrupt before phy device link up
net: fec: clear all interrupt events to support i.MX6SX
net: fec: reset fep link status in suspend function
net: sock: fix access via invalid file descriptor
net: introduce helper macro for_each_cmsghdr
...