Avinash Patil [Fri, 29 Jun 2012 03:30:25 +0000 (20:30 -0700)]
mwifiex: pass cfg80211_beacon_data to mwifiex_set_mgmt_ie()
Pass cfg80211_beacon_data pointer instead of cfg80211_ap_settings.
While setting management IEs we only need cfg80211_beacon_data of
cfg80211_ap_settings which has Tail IE, Head IE and other IE elements.
Signed-off-by: Avinash Patil <patila@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
John W. Linville [Mon, 9 Jul 2012 20:35:18 +0000 (16:35 -0400)]
Merge branch 'for-john' of git://git./linux/kernel/git/iwlwifi/iwlwifi-next
John W. Linville [Mon, 9 Jul 2012 20:34:39 +0000 (16:34 -0400)]
Merge branch 'for-john' of git://git.sipsolutions.net/mac80211-next
John W. Linville [Mon, 9 Jul 2012 20:34:34 +0000 (16:34 -0400)]
Merge branch 'master' of git://git./linux/kernel/git/linville/wireless
Conflicts:
net/mac80211/mlme.c
Emmanuel Grumbach [Wed, 4 Jul 2012 11:59:08 +0000 (13:59 +0200)]
iwlegacy: don't mess up the SCD when removing a key
When we remove a key, we put a key index which was supposed
to tell the fw that we are actually removing the key. But
instead the fw took that index as a valid index and messed
up the SRAM of the device.
This memory corruption on the device mangled the data of
the SCD. The impact on the user is that SCD queue 2 got
stuck after having removed keys.
Reported-by: Paul Bolle <pebolle@tiscali.nl>
Cc: stable@vger.kernel.org
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Stanislaw Gruszka [Wed, 4 Jul 2012 11:20:20 +0000 (13:20 +0200)]
iwlegacy: always monitor for stuck queues
This is iwlegacy version of:
commit
342bbf3fee2fa9a18147e74b2e3c4229a4564912
Author: Johannes Berg <johannes.berg@intel.com>
Date: Sun Mar 4 08:50:46 2012 -0800
iwlwifi: always monitor for stuck queues
If we only monitor while associated, the following
can happen:
- we're associated, and the queue stuck check
runs, setting the queue "touch" time to X
- we disassociate, stopping the monitoring,
which leaves the time set to X
- almost 2s later, we associate, and enqueue
a frame
- before the frame is transmitted, we monitor
for stuck queues, and find the time set to
X, although it is now later than X + 2000ms,
so we decide that the queue is stuck and
erroneously restart the device
Cc: stable@vger.kernel.org
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Stanislaw Gruszka [Wed, 4 Jul 2012 11:10:02 +0000 (13:10 +0200)]
rt2x00usb: fix indexes ordering on RX queue kick
On rt2x00_dmastart() we increase index specified by Q_INDEX and on
rt2x00_dmadone() we increase index specified by Q_INDEX_DONE. So entries
between Q_INDEX_DONE and Q_INDEX are those we currently process in the
hardware. Entries between Q_INDEX and Q_INDEX_DONE are those we can
submit to the hardware.
According to that fix rt2x00usb_kick_queue(), as we need to submit RX
entries that are not processed by the hardware. It worked before only
for empty queue, otherwise was broken.
Note that for TX queues indexes ordering are ok. We need to kick entries
that have filled skb, but was not submitted to the hardware, i.e.
started from Q_INDEX_DONE and have ENTRY_DATA_PENDING bit set.
From practical standpoint this fixes RX queue stall, usually reproducible
in AP mode, like for example reported here:
https://bugzilla.redhat.com/show_bug.cgi?id=828824
Reported-and-tested-by: Franco Miceli <fmiceli@plan.ceibal.edu.uy>
Reported-and-tested-by: Tom Horsley <horsley1953@gmail.com>
Cc: stable@vger.kernel.org
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Bing Zhao [Tue, 3 Jul 2012 22:53:13 +0000 (15:53 -0700)]
mwifiex: fix Coverity SCAN CID 709078: Resource leak (RESOURCE_LEAK)
> *. CID 709078: Resource leak (RESOURCE_LEAK)
> - drivers/net/wireless/mwifiex/cfg80211.c, line: 935
> Assigning: "bss_cfg" = storage returned from "kzalloc(132UL, 208U)"
> - but was not free
> drivers/net/wireless/mwifiex/cfg80211.c:935
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Eliad Peller [Mon, 2 Jul 2012 11:42:03 +0000 (14:42 +0300)]
mac80211: destroy assoc_data correctly if assoc fails
If association failed due to internal error (e.g. no
supported rates IE), we call ieee80211_destroy_assoc_data()
with assoc=true, while we actually reject the association.
This results in the BSSID not being zeroed out.
After passing assoc=false, we no longer have to call
sta_info_destroy_addr() explicitly. While on it, move
the "associated" message after the assoc_success check.
Cc: stable@vger.kernel.org [3.4+]
Signed-off-by: Eliad Peller <eliad@wizery.com>
Reviewed-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Sasha Levin [Sat, 30 Jun 2012 09:56:47 +0000 (11:56 +0200)]
NFC: Prevent NULL deref when getting socket name
llcp_sock_getname can be called without a device attached to the nfc_llcp_sock.
This would lead to the following BUG:
[ 362.341807] BUG: unable to handle kernel NULL pointer dereference at (null)
[ 362.341815] IP: [<
ffffffff836258e5>] llcp_sock_getname+0x75/0xc0
[ 362.341818] PGD
31b35067 PUD
30631067 PMD 0
[ 362.341821] Oops: 0000 [#627] PREEMPT SMP DEBUG_PAGEALLOC
[ 362.341826] CPU 3
[ 362.341827] Pid: 7816, comm: trinity-child55 Tainted: G D W
3.5.0-rc4-next-20120628-sasha-00005-g9f23eb7 #479
[ 362.341831] RIP: 0010:[<
ffffffff836258e5>] [<
ffffffff836258e5>] llcp_sock_getname+0x75/0xc0
[ 362.341832] RSP: 0018:
ffff8800304fde88 EFLAGS:
00010286
[ 362.341834] RAX:
0000000000000000 RBX:
ffff880033cb8000 RCX:
0000000000000001
[ 362.341835] RDX:
ffff8800304fdec4 RSI:
ffff8800304fdec8 RDI:
ffff8800304fdeda
[ 362.341836] RBP:
ffff8800304fdea8 R08:
7ebcebcb772b7ffb R09:
5fbfcb9c35bdfd53
[ 362.341838] R10:
4220020c54326244 R11:
0000000000000246 R12:
ffff8800304fdec8
[ 362.341839] R13:
ffff8800304fdec4 R14:
ffff8800304fdec8 R15:
0000000000000044
[ 362.341841] FS:
00007effa376e700(0000) GS:
ffff880035a00000(0000) knlGS:
0000000000000000
[ 362.341843] CS: 0010 DS: 0000 ES: 0000 CR0:
0000000080050033
[ 362.341844] CR2:
0000000000000000 CR3:
0000000030438000 CR4:
00000000000406e0
[ 362.341851] DR0:
0000000000000000 DR1:
0000000000000000 DR2:
0000000000000000
[ 362.341856] DR3:
0000000000000000 DR6:
00000000ffff0ff0 DR7:
0000000000000400
[ 362.341858] Process trinity-child55 (pid: 7816, threadinfo
ffff8800304fc000, task
ffff880031270000)
[ 362.341858] Stack:
[ 362.341862]
ffff8800304fdea8 ffff880035156780 0000000000000000 0000000000001000
[ 362.341865]
ffff8800304fdf78 ffffffff83183b40 00000000304fdec8 0000006000000000
[ 362.341868]
ffff8800304f0027 ffffffff83729649 ffff8800304fdee8 ffff8800304fdf48
[ 362.341869] Call Trace:
[ 362.341874] [<
ffffffff83183b40>] sys_getpeername+0xa0/0x110
[ 362.341877] [<
ffffffff83729649>] ? _raw_spin_unlock_irq+0x59/0x80
[ 362.341882] [<
ffffffff810f342b>] ? do_setitimer+0x23b/0x290
[ 362.341886] [<
ffffffff81985ede>] ? trace_hardirqs_on_thunk+0x3a/0x3f
[ 362.341889] [<
ffffffff8372a539>] system_call_fastpath+0x16/0x1b
[ 362.341921] Code: 84 00 00 00 00 00 b8 b3 ff ff ff 48 85 db 74 54 66 41 c7 04 24 27 00 49 8d 7c 24 12 41 c7 45 00 60 00 00 00 48 8b 83 28 05 00 00 <8b> 00 41 89 44 24 04 0f b6 83 41 05 00 00 41 88 44 24 10 0f b6
[ 362.341924] RIP [<
ffffffff836258e5>] llcp_sock_getname+0x75/0xc0
[ 362.341925] RSP <
ffff8800304fde88>
[ 362.341926] CR2:
0000000000000000
[ 362.341928] ---[ end trace
6d450e935ee18bf3 ]---
Signed-off-by: Sasha Levin <levinsasha928@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Thomas Huehn [Fri, 29 Jun 2012 13:26:27 +0000 (06:26 -0700)]
mac80211: correct size the argument to kzalloc in minstrel_ht
msp has type struct minstrel_ht_sta_priv not struct minstrel_ht_sta.
(This incorporates the fixup originally posted as "mac80211: fix kzalloc
memory corruption introduced in minstrel_ht". -- JWL)
Reported-by: Fengguang Wu <wfg@linux.intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Thomas Huehn <thomas@net.t-labs.tu-berlin.de>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Wed, 4 Jul 2012 10:58:40 +0000 (12:58 +0200)]
mac80211_hwsim: add testmode code to stop/wake queues
This was useful for debugging the queue stop/wake
issues and is pretty small so let's just put it in.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Wed, 4 Jul 2012 10:49:59 +0000 (12:49 +0200)]
mac80211: fix crash with single-queue drivers
Larry (and some others I think) reported that with
single-queue drivers mac80211 crashes when waking
the queues. This happens because we allocate just
a single queue for each virtual interface in case
the driver doesn't have at least 4 queues, but the
code stopping/waking the virtual interface queues
wasn't taking this into account.
Reported-by: Larry Finger <Larry.Finger@lwfinger.net>
Tested-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Eliad Peller [Mon, 2 Jul 2012 12:08:25 +0000 (15:08 +0300)]
mac80211: always set in_reconfig=false on wakeup
If the interfaces were removed just before a restart
work was started, open_count will be 0, and most of
the reconfig work will be skipped, including the
resetting of local->in_reconfig to false.
Leaving local->inconfig = true will result in
dropping any incoming packet.
Fix it by always setting local->in_reconfig = false
(even if there are no active interfaces).
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Thu, 5 Jul 2012 19:37:05 +0000 (21:37 +0200)]
mac80211: fix debugfs default key links
Due to the way the default key links are created,
it happens that a link is left dangling:
* both unicast/multicast links are created
* unicast link is destroyed, and the links
are updated
* during this update, adding the multicast
link again fails because it is present,
destroying the debugfs pointer
* removing the multicast link won't work as
the pointer has been destroyed
Fix this by always removing the links and then
re-creating them if needed.
Reported-by: Marek Lindner <lindner_marek@yahoo.de>
Reported-by: Antonio Quartulli <ordex@autistici.org>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Vladimir Kondratiev [Thu, 5 Jul 2012 11:25:50 +0000 (14:25 +0300)]
cfg80211: bitrate calculation for 60g
60g band uses different from .11n MCS scheme, so bitrate
should be calculated differently
Signed-off-by: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Vladimir Kondratiev [Thu, 5 Jul 2012 11:25:49 +0000 (14:25 +0300)]
{nl,cfg}80211: support high bitrates
Until now, a u16 value was used to represent bitrate value.
With VHT bitrates this becomes too small.
Introduce a new 32-bit bitrate attribute. nl80211 will report
both the new and the old attribute, unless the bitrate doesn't
fit into the old u16 attribute in which case only the new one
will be reported.
User space tools encouraged to prefer the 32-bit attribute, if
available (since it won't be available on older kernels.)
Signed-off-by: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com>
[reword commit message and comments a bit]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Wed, 4 Jul 2012 11:28:18 +0000 (13:28 +0200)]
cfg80211: fix locking regression in monitor channel tracking
Michal's monitor channel tracking introduce a locking problem
as it locked the rdev lock inside the netdev notifier which
isn't allowed as we might already hold it if we get there by
removing an interface that is up.
Fix this by relying only on the RTNL to protect the interface
counters, the RTNL is always held in these code paths anyway.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Richard A. Griffiths [Thu, 28 Jun 2012 20:14:11 +0000 (13:14 -0700)]
iwlwifi: disallow log_event access if interface down
'echo 1 > log_event' generates the bogus "MAC is in deep sleep"
or "Timeout waiting for hardware access" log messages when
the interface is down, we should just disallow accessing the
device through debugfs when it is down.
Signed-off-by: Richard A. Griffiths <richardx.a.griffiths@intel.com>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 29 Jun 2012 12:24:12 +0000 (14:24 +0200)]
iwlwifi: remove unneeded NULL check
There's no need to check trans for non-null
here as it has already been checked in the
caller. This fixes an smatch warning that we
check after having dereferenced it.
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Wed, 27 Jun 2012 11:18:36 +0000 (13:18 +0200)]
mac80211: add TX prepare API
Some drivers require setup before being able to send
management frames in managed mode, in particular in
multi-channel cases.
Introduce API to allow the drivers to do such setup
while being able to sleep waiting for the setup to
finish in the device. This isn't possible inside the
TX call since that can't sleep.
A future patch may also restructure the TX retry to
wait for the driver to report the frame status, as
suggested by Arik in
http://mid.gmane.org/CA+XVXffKSEL6ZQPQ98x-zO-NL2=TNF1uN==mprRyUmAaRn254g@mail.gmail.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Tue, 3 Jul 2012 11:14:49 +0000 (13:14 +0200)]
mac80211_hwsim: fix NUM_BANDS usage
Due to the recent change of NUM_BANDS from 2 to 3 hwsim
broke. Fix the code by using the right constant but don't
support bands other than 2.4 and 5 GHz.
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Thomas Huehn [Mon, 2 Jul 2012 17:46:16 +0000 (19:46 +0200)]
mac80211: reduce IEEE80211_TX_MAX_RATES
IEEE80211_TX_MAX_RATES can be reduced from 5 to 4 as there
is no current hardware supporting a rate chain with 5 multi
rate stages (mrr), so 4 mrr stages are sufficient.
The memory that is freed within the ieee80211_tx_info struct
will be used in the upcoming Transmission Power Control (TPC)
implementation.
Suggested-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: Thomas Huehn <thomas@net.t-labs.tu-berlin.de>
[reword commit message]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 2 Jul 2012 13:40:18 +0000 (15:40 +0200)]
mac80211: remove tx_frags driver callback
The implementation of tx_frags is buggy due to
not handling queue stop, and there's no driver
implementing it so remove it.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Mahesh Palivela [Mon, 2 Jul 2012 11:25:12 +0000 (11:25 +0000)]
mac80211: include VHT capability IE in probe requests
Insert the VHT capability IE into probe requests.
Signed-off-by: Mahesh Palivela <maheshp@posedge.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Vladimir Kondratiev [Mon, 2 Jul 2012 06:32:35 +0000 (09:32 +0300)]
wireless: 60g protocol constants
Provide various constants as defined by the 802.11ad:
frame types, IE's, capability bits, action categories
Introduce GCMP cipher, mandatory by 802.11ad
Signed-off-by: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Vladimir Kondratiev [Mon, 2 Jul 2012 06:32:34 +0000 (09:32 +0300)]
wireless: regulatory for 60g
Add regulatory rule for the 60g band
Signed-off-by: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Vladimir Kondratiev [Mon, 2 Jul 2012 06:32:32 +0000 (09:32 +0300)]
cfg80211: add 802.11ad (60gHz band) support
Add enumerations for both cfg80211 and nl80211.
This expands wiphy.bands etc. arrays.
Extend channel <-> frequency translation to cover 60g band
and modify the rate check logic since there are no legacy
mandatory rates (only MCS is used.)
Signed-off-by: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Eliad Peller [Thu, 28 Jun 2012 12:03:13 +0000 (15:03 +0300)]
mac80211: allow calling ieee80211_ap_probereq_get() during auth/assoc
Drivers might need getting the probe request
(e.g. in order to extract the ssid) even during
auth/assoc.
Make ieee80211_ap_probereq_get() support it
by considering auth_data/assoc_data as well.
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Thu, 28 Jun 2012 16:45:38 +0000 (18:45 +0200)]
iwlwifi: fix debug message level
Debug messages should be printed using dev_dbg() not
dev_err() which requires DEBUG to be defined.
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Thu, 28 Jun 2012 14:49:29 +0000 (16:49 +0200)]
iwlwifi: add trailing newline to some messages
Some messages were missing a trailing newline, add it.
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Michal Kazior [Fri, 29 Jun 2012 10:47:08 +0000 (12:47 +0200)]
cfg80211: respect iface combinations when starting operation
devlist_mtx locking is changed to accomodate changes.
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Michal Kazior [Fri, 29 Jun 2012 10:47:07 +0000 (12:47 +0200)]
cfg80211: add channel checking for iface combinations
.connect cannot be handled since the driver scans
and connects on its own. It is up to the driver
then to refuse a connection (with -EBUSY for
example).
Non-fixed channel IBSSes always take a single
channel resource. For example two non-fixed
channel IBSSes always take up 2
num_different_channels, even if they operate on
the same channel at a given point of time.
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Michal Kazior [Fri, 29 Jun 2012 10:47:06 +0000 (12:47 +0200)]
cfg80211/mac80211: remove .get_channel
We do not need it anymore since cfg80211 tracks
monitor channel and monitor channel type.
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Michal Kazior [Fri, 29 Jun 2012 10:47:05 +0000 (12:47 +0200)]
cfg80211: set initial monitor channel
Implements behaviour seen in mac80211. A running
monitor always has a channel - even before
.set_channel. This way we won't break current
behaviour.
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Michal Kazior [Fri, 29 Jun 2012 10:47:04 +0000 (12:47 +0200)]
cfg80211: track monitor channel
Make it even more obvious we support single
monitor channel. This will allow us to remove
.get_channel.
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Michal Kazior [Fri, 29 Jun 2012 10:47:03 +0000 (12:47 +0200)]
cfg80211: refuse to .set_monitor_channel when non-monitors are present
Having .set_monitor_channel work with non-monitor
interfaces running would make interface
combinations accounting ambiguous.
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Michal Kazior [Fri, 29 Jun 2012 10:47:02 +0000 (12:47 +0200)]
mac80211: refactor virtual monitor code
Use cfg80211 the new .set_monitor_enabled instead
of tracking it inside mac80211.
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Michal Kazior [Fri, 29 Jun 2012 10:47:01 +0000 (12:47 +0200)]
cfg80211: track monitor interfaces count
Implements .set_monitor_enabled(wiphy, enabled).
Notifies driver upon change of interface layout.
If only monitor interfaces become present it is
called with 2nd argument being true. If
non-monitor interface appears then 2nd argument
is false. Driver is notified only upon change.
This makes it more obvious about the fact that
cfg80211 supports single monitor channel. Once we
implement multi-channel we don't want to allow
setting monitor channel while other interface
types are running. Otherwise it would be ambiguous
once we start considering num_different_channels.
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Michal Kazior [Fri, 29 Jun 2012 10:47:00 +0000 (12:47 +0200)]
cfg80211: introduce cfg80211_get_chan_state
Helper function for finding out which channel is
used by a given interface.
An exclusive channel can be used only by a single
interface. This is mainly for non-fixed channel
IBSS handling.
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Michal Kazior [Fri, 29 Jun 2012 10:46:59 +0000 (12:46 +0200)]
cfg80211: track ibss fixed channel
IBSS may hop between channels. It is necessary to
account this special case when considering
interface combinations.
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Michal Kazior [Fri, 29 Jun 2012 10:46:58 +0000 (12:46 +0200)]
cfg80211: add channel tracking for AP and mesh
We need to know which channel is used by a running
AP and mesh for channel context accounting and
finding matching/active interface combination.
STA/IBSS have current_bss already which allows us
to check which channel a vif is tuned to.
Non-fixed channel IBSS can be handled with
additional changes.
Monitor mode is going to be handled differently.
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Michal Kazior [Fri, 29 Jun 2012 10:46:57 +0000 (12:46 +0200)]
cfg80211: .stop_ap when interface is going down
We'll need this for proper channel tracking (which
is going to be needed for channel context
accounting and finding matching/active interface
combination).
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Michal Kazior [Fri, 29 Jun 2012 10:46:56 +0000 (12:46 +0200)]
cfg80211: introduce cfg80211_stop_ap
This functionality will be reused when interface
is going down. Avoids code duplication. Also adds
missing wdev locking.
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Amitkumar Karwar [Thu, 28 Jun 2012 02:57:59 +0000 (19:57 -0700)]
mwifiex: retrieve correct max_power information in reg_notifier handler
As we don't provide custom regulatory rules to cfg80211,
"chan->max_power" remains uninitialized (0dbm) and
"chan->max_reg_power" will contain maximum power for a channel
extracted from regulatory rules provided by CRDA; hence use
"chan->max_reg_power" in reg_notifier handler instead of
"chan->max_power" to set max_power in firmware.
Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Amitkumar Karwar [Thu, 28 Jun 2012 02:57:58 +0000 (19:57 -0700)]
mwifiex: do not advertise custom regulatory domain capability
Since we don't support custom regulatory domains,
WIPHY_FLAG_CUSTOM_REGULATORY should not be enabled during wiphy
registration.
Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Amitkumar Karwar [Thu, 28 Jun 2012 02:57:57 +0000 (19:57 -0700)]
mwifiex: use correct firmware command to get power limits
"priv->max_tx_power_level" and "priv->min_tx_power_level" variables
are initialized to maximum and minimum power levels supported by
hardware by sending correct firmware command.
Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Amitkumar Karwar [Thu, 28 Jun 2012 02:57:56 +0000 (19:57 -0700)]
mwifiex: wakeup main thread to handle command queued
We miss to wakeup main thread after adding command to cmd pending
queue at follwing places. These commands are handled later when
main thread is woken up for handling an interrupt for sleep event
from firmware. This adds worst case delay of 50msec.
1) We don't wakeup main thread when asynchronous command is added
to cmd pending queue. Move queue_work() call from
mwifiex_wait_queue_complete() to mwifiex_send_cmd_async() to wakeup
main thread for sync as well as async commands.
2) Scan operation is triggered due to following reasons
a) request from user (ex. "iw scan" command)
b) Scan performed by driver internally.
In first case main thread is woken up when first scan command is
queued in cmd pending queue (we don't need to wakeup main thread for
subsequent scan commands, because they are queued in scan command
response handler), but it is not done for second case. queue_work()
is moved inside mwifiex_scan_networks() to handle both the cases.
Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Avinash Patil <patila@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Felix Fietkau [Thu, 28 Jun 2012 00:33:41 +0000 (02:33 +0200)]
ath9k: de-duplicate initvals
The initvals tool from https://github.com/mcgrof/qca-swiss-army-knife has
been modified to detect identical initval tables and replace them with
macros. This patch contains the generated changes.
On MIPS this reduces the binary size by 24 KB with no runtime changes.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Felix Fietkau [Thu, 28 Jun 2012 00:33:40 +0000 (02:33 +0200)]
ath9k: update AR934x initvals to latest version
Generated using the initvals tool from the qca-swiss-army-knife repository
from https://github.com/mcgrof/qca-swiss-army-knife
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Mohammed Shafi Shajakhan [Wed, 27 Jun 2012 14:30:27 +0000 (20:00 +0530)]
ath9k: Fix signedness in a MCI debug message
seems i got a message like this
ath: phy0: BT_Status_Update: is_link=0, linkId=2,
state=1, SEQ=-
2085766476 initially.
Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Mohammed Shafi Shajakhan [Wed, 27 Jun 2012 14:30:26 +0000 (20:00 +0530)]
ath9k_hw: make use of the wrapper to check for MCI init
ath9k_hw_mci_is_enabled wrapper also takes care of
ATH9K_HW_CAP_MCI being set for the AR9462 under test.
Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Felix Fietkau [Wed, 27 Jun 2012 12:58:19 +0000 (14:58 +0200)]
ath9k: fix ANI operation in AP mode
ath9k_ani_reset (which is called at reset time) uses a state variable
ani->update_ani to prevent the ANI noise immunity state on the operating
channel from being overwritten by background scans. Unfortunately this
is also being set for AP mode, since it's mixed with code that is only
supposed to change the default settings after a reset.
In AP mode this has the side effect of having ANI run, but being unable to
change its runtime noise immunity level, making it effectively useless.
Fix this by getting rid of ani->update_ani and passing a parameter to
ath9k_hw_set_ofdm_nil and ath9k_hw_set_cck_nil instead.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Cc: Rajkumar Manoharan <rmanohar@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Paul Bolle [Wed, 27 Jun 2012 08:36:27 +0000 (10:36 +0200)]
iwlegacy: print how long queue was actually stuck
Every now and then, after resuming from suspend, the iwlegacy driver
prints
iwl4965 0000:03:00.0: Queue 2 stuck for 2000 ms.
iwl4965 0000:03:00.0: On demand firmware reload
I have no idea what causes these errors. But the code currently uses
wd_timeout in the first error. wd_timeout will generally be set at
IL_DEF_WD_TIMEOUT (ie, 2000). Perhaps printing for how long the queue
was actually stuck can clarify the cause of these errors.
Signed-off-by: Paul Bolle <pebolle@tiscali.nl>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Thu, 28 Jun 2012 11:45:58 +0000 (13:45 +0200)]
Merge remote-tracking branch 'wireless-next/master' into mac80211-next
Mahesh Palivela [Fri, 22 Jun 2012 07:27:46 +0000 (07:27 +0000)]
cfg80211: allow advertising VHT capabilities
Allow drivers to advertise their VHT capabilities
and export them to userspace via nl80211.
Signed-off-by: Mahesh Palivela <maheshp@posedge.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Mahesh Palivela [Fri, 22 Jun 2012 07:27:46 +0000 (07:27 +0000)]
wireless: add VHT (802.11ac) definitions
Add the VHT definitions to be used by drivers supporting it.
Signed-off-by: Mahesh Palivela <maheshp@posedge.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Eliad Peller [Mon, 25 Jun 2012 07:48:25 +0000 (10:48 +0300)]
mac80211: don't require associated->beacon_ies for ps
beacon_ies is needed only in order to extract the dtim
period. However, even if it's missing we can still enter
ps with dtim=1 (which also happens if the TIM ie is invalid).
Most drivers don't use conf.max_sleep_period/ps_dtim_period
anyway, and this check prevents them from entering ps if
they don't have beacon (but only probe response), even though
the beacon is not needed at all.
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Eliad Peller [Wed, 27 Jun 2012 11:18:22 +0000 (14:18 +0300)]
mac80211: flush queues before deauth/disassoc
On deauth/disassoc we tear down all BA sessions. These
DELBA packets are sent on the appropriate TID, while
deauth/disassoc is always sent on VO. This sometimes
ends with the DELBA being sent after the deauth was
already sent.
Fix it by flushing all the pending frames before
sending deauth/disassoc.
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Thu, 28 Jun 2012 08:33:25 +0000 (10:33 +0200)]
mac80211: don't expose ieee80211_add_srates_ie()
This and ieee80211_add_ext_srates_ie() aren't
exported, so can't be used by drivers anyway,
but there's also no reason that they should be
so make them private to mac80211 and use sdata
instead of vif arguments.
Acked-by: Arik Nemtsov <arik@wizery.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Avinash Patil [Wed, 27 Jun 2012 19:46:24 +0000 (12:46 -0700)]
mwifiex: fix memory leak associated with IE manamgement
Free ap_custom_ie before return from function.
Signed-off-by: Avinash Patil <patila@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Sujith Manoharan [Wed, 27 Jun 2012 08:45:59 +0000 (14:15 +0530)]
ath9k: Fix compilation breakage
Wrap the MCI-work canceling with CONFIG_ATH9K_BTCOEX_SUPPORT.
Reported-by: Emmanuel Benisty <benisty.e@gmail.com>
Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Arend van Spriel [Tue, 26 Jun 2012 19:26:40 +0000 (21:26 +0200)]
brcmfmac: fix sparse warning introduced with checkdied patch
The commit "brcmfmac: introduce checkdied debugfs functionality"
also introduced a sparse warning:
..../brcmfmac/dhd_sdio.c:3147:45: sparse: cast to restricted __le32
This patch fixes this sparse warning.
Reported-by: Fengguang Wu <wfg@linux.intel.com>
Reviewed-by: Franky (Zhenhui) Lin <frankyl@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Franky Lin [Tue, 26 Jun 2012 19:26:39 +0000 (21:26 +0200)]
brcmfmac: add BCM4334 support
BCM4334 is a dualband a/b/g/n WiFi chip support 20MHz/40MHz
channels. This patch adds support for its SDIO interface.
Reviewed-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: Franky Lin <frankyl@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Arend van Spriel [Tue, 26 Jun 2012 19:26:38 +0000 (21:26 +0200)]
brcmfmac: reduce allocations needed during nvram data download
The nvram data is preprocessed before being sent to the device
and just before sending an additional allocation was done that
assured word alignment of the data. This has moved to the
preprocessing step to reduce allocations and subsequent copying
of the nvram data.
Reviewed-by: Franky Lin <frankyl@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Franky Lin [Tue, 26 Jun 2012 19:26:37 +0000 (21:26 +0200)]
brcmfmac: use firmware data buffer directly for nvram
The nvram file could be parsed directly in the data buffer in the
firmware structure passed by request_firmware function. This patch
gets rid of the redundant memcpy.
Reviewed-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: Franky Lin <frankyl@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Franky Lin [Tue, 26 Jun 2012 19:26:36 +0000 (21:26 +0200)]
brcmfmac: move glom alignment setting to SDIO bus layer
txglomming alignment is a SDIO bus specific feature. It is more
appropriate to place it in SDIO bus layer instead of common layer.
Reviewed-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: Franky Lin <frankyl@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Franky Lin [Tue, 26 Jun 2012 19:26:35 +0000 (21:26 +0200)]
brcmfmac: restrict dongle txglom disable to old SDIO core
txglomming is a firmware feature for sdio bus interface. For SDIO
device cores newer than revision 11, the default setting of
firmware should be used instead of disabling it from the host side.
Reviewed-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: Franky Lin <frankyl@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Franky Lin [Tue, 26 Jun 2012 19:26:34 +0000 (21:26 +0200)]
brcmfmac: add support for bus specific data command
brcmfmac need to support data command setting for dongle's bus
core. A list must be placed at brcmf_bus structure before calling
brcmf_bus_start in order to be sent by brcmf_c_preinit_dcmds.
Reviewed-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: Franky Lin <frankyl@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Rafał Miłecki [Mon, 25 Jun 2012 20:12:20 +0000 (22:12 +0200)]
bcma: define some additional cores IDs
Some of them are BCM4706 specific AFAWK. Most of them was confirmed on
Netgear WNDR450.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Tom Hughes [Wed, 27 Jun 2012 17:21:15 +0000 (18:21 +0100)]
ath9k: fix panic caused by returning a descriptor we have queued for reuse
Commit
3a2923e83c introduced a bug when a corrupt descriptor
is encountered - although the following descriptor is discarded
and returned to the queue for reuse the associated frame is
also returned for processing. This leads to a panic:
BUG: unable to handle kernel NULL pointer dereference at
000000000000003a
IP: [<
ffffffffa02599a5>] ath_rx_tasklet+0x165/0x1b00 [ath9k]
Call Trace:
<IRQ>
[<
ffffffff812d7fa0>] ? map_single+0x60/0x60
[<
ffffffffa028f044>] ? ath9k_ioread32+0x34/0x90 [ath9k]
[<
ffffffffa0292eec>] athk9k_tasklet+0xdc/0x160 [ath9k]
[<
ffffffff8105e133>] tasklet_action+0x63/0xd0
[<
ffffffff8105dbc0>] __do_softirq+0xc0/0x1e0
[<
ffffffff8101a873>] ? native_sched_clock+0x13/0x80
[<
ffffffff815f9d5c>] call_softirq+0x1c/0x30
[<
ffffffff810151f5>] do_softirq+0x75/0xb0
[<
ffffffff8105df95>] irq_exit+0xb5/0xc0
[<
ffffffff815fa5b3>] do_IRQ+0x63/0xe0
[<
ffffffff815f0cea>] common_interrupt+0x6a/0x6a
<EOI>
[<
ffffffff8131840a>] ? intel_idle+0xea/0x150
[<
ffffffff813183eb>] ? intel_idle+0xcb/0x150
[<
ffffffff814a1db9>] cpuidle_enter+0x19/0x20
[<
ffffffff814a23d9>] cpuidle_idle_call+0xa9/0x240
[<
ffffffff8101c4bf>] cpu_idle+0xaf/0x120
[<
ffffffff815cda8e>] rest_init+0x72/0x74
[<
ffffffff81cf4c1a>] start_kernel+0x3b7/0x3c4
[<
ffffffff81cf4662>] ? repair_env_string+0x5e/0x5e
[<
ffffffff81cf4346>] x86_64_start_reservations+0x131/0x135
[<
ffffffff81cf444a>] x86_64_start_kernel+0x100/0x10f
Making sure bf is cleared to NULL in this case restores the
old behaviour.
Signed-off-by: Tom Hughes <tom@compton.nu>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Wed, 27 Jun 2012 13:38:56 +0000 (15:38 +0200)]
mac80211: correct behaviour on unrecognised action frames
When receiving an "individually addressed" action frame, the
receiver is required to return it to the sender. mac80211
gets this wrong as it also returns group addressed (mcast)
frames to the sender. Fix this and update the reference to
the new 802.11 standards version since things were shuffled
around significantly.
Cc: stable@kernel.org
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Panayiotis Karabassis [Tue, 26 Jun 2012 20:37:17 +0000 (23:37 +0300)]
ath9k: enable serialize_regmode for non-PCIE AR9287
https://bugzilla.kernel.org/show_bug.cgi?id=42903
Based on the work of <fynivx@gmail.com>
Signed-off-by: Panayiotis Karabassis <panayk@gmail.com>
Cc: stable@vger.kernel.org
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Larry Finger [Mon, 25 Jun 2012 23:01:12 +0000 (18:01 -0500)]
rtlwifi: rtl8192cu: New USB IDs
The latest Realtek driver for the RTL8188CU and RTL8192CU chips adds three
new USB IDs.
Reported-by: Xose Vazquez Perez <xose.vazquez@gmail.com>
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Cc: Stable <stable@vger.kernel.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Wed, 27 Jun 2012 07:23:48 +0000 (09:23 +0200)]
cfg80211: don't allow WoWLAN support without CONFIG_PM
When CONFIG_PM is disabled, no device can possibly
support WoWLAN since it can't go to sleep to start
with. Due to this, mac80211 had even rejected the
hardware registration. By making all the code and
data for WoWLAN depend on CONFIG_PM we can promote
this runtime error to a compile-time error.
Add #ifdef around all WoWLAN code to remove it in
systems that don't need it as they never suspend.
Cc: Kalle Valo <kvalo@qca.qualcomm.com>
Acked-by: Luciano Coelho <coelho@ti.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Luciano Coelho [Tue, 26 Jun 2012 19:43:29 +0000 (22:43 +0300)]
Merge branch 'wl12xx-next' into for-linville
Sujith Manoharan [Mon, 25 Jun 2012 08:24:49 +0000 (13:54 +0530)]
ath9k_htc: Fix IDLE power save
Remove the radio enable/disable stuff and fix the
transition to FULL_SLEEP mode when the device is idle.
Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Sujith Manoharan [Mon, 25 Jun 2012 08:24:41 +0000 (13:54 +0530)]
ath9k_htc: Use atomic operations for op_flags
Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Sujith Manoharan [Mon, 25 Jun 2012 08:24:30 +0000 (13:54 +0530)]
ath9k_htc: Change default listen interval to 1
Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Sujith Manoharan [Mon, 25 Jun 2012 08:24:22 +0000 (13:54 +0530)]
ath9k: Fix lockdep splat
Cancel the MCI work only when MCI is actually enabled.
Fixes this:
[96833.124051] Call Trace:
[96833.124060] [<
ffffffff810afaf8>] __lock_acquire+0x1518/0x1e40
[96833.124065] [<
ffffffff810ad126>] ? mark_held_locks+0x86/0x110
[96833.124069] [<
ffffffff810ad3ad>] ? trace_hardirqs_on+0xd/0x10
[96833.124073] [<
ffffffff814464f0>] ? _raw_spin_unlock_irq+0x30/0x70
[96833.124078] [<
ffffffff81072968>] ? wait_on_cpu_work+0x98/0xc0
[96833.124082] [<
ffffffff810b0a11>] lock_acquire+0xa1/0x150
[96833.124085] [<
ffffffff81072990>] ? wait_on_cpu_work+0xc0/0xc0
[96833.124088] [<
ffffffff81072990>] ? wait_on_cpu_work+0xc0/0xc0
[96833.124092] [<
ffffffff810729e2>] wait_on_work+0x52/0x120
[96833.124095] [<
ffffffff81072990>] ? wait_on_cpu_work+0xc0/0xc0
[96833.124099] [<
ffffffff81063b3f>] ? del_timer+0x7f/0x110
[96833.124102] [<
ffffffff81072c13>] __cancel_work_timer+0x83/0x130
[96833.124106] [<
ffffffff81072cf0>] cancel_work_sync+0x10/0x20
[96833.124113] [<
ffffffffa065b5cd>] __ath_cancel_work+0x4d/0x60 [ath9k]
[96833.124119] [<
ffffffffa065cf28>] ath9k_config+0x458/0x680 [ath9k]
[96833.124125] [<
ffffffffa065dd1e>] ? ath9k_flush+0x6e/0x1d0 [ath9k]
[96833.124129] [<
ffffffff8144394d>] ? __mutex_unlock_slowpath+0x10d/0x190
[96833.124146] [<
ffffffffa056c7b5>] ieee80211_hw_config+0x135/0x2a0 [mac80211]
[96833.124163] [<
ffffffffa057ebbb>] ieee80211_do_open+0x67b/0xc50 [mac80211]
[96833.124178] [<
ffffffffa057f1fd>] ieee80211_open+0x6d/0x80 [mac80211]
[96833.124183] [<
ffffffff8137a44f>] __dev_open+0x9f/0xf0
[96833.124187] [<
ffffffff8137a701>] __dev_change_flags+0xa1/0x180
[96833.124190] [<
ffffffff8137a898>] dev_change_flags+0x28/0x70
[96833.124195] [<
ffffffff813e1179>] devinet_ioctl+0x659/0x780
[96833.124199] [<
ffffffff8137aea0>] ? dev_ioctl+0x210/0x6d0
[96833.124203] [<
ffffffff813e1db5>] inet_ioctl+0x75/0x90
[96833.124208] [<
ffffffff8135e0e0>] sock_do_ioctl+0x30/0x70
[96833.124211] [<
ffffffff8135e3dd>] sock_ioctl+0x7d/0x2c0
[96833.124218] [<
ffffffff81193c39>] do_vfs_ioctl+0x99/0x580
[96833.124222] [<
ffffffff81447415>] ? sysret_check+0x22/0x5d
[96833.124226] [<
ffffffff811941b9>] sys_ioctl+0x99/0xa0
[96833.124230] [<
ffffffff814473e9>] system_call_fastpath+0x16/0x1b
Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Sven Eckelmann [Mon, 25 Jun 2012 05:15:22 +0000 (07:15 +0200)]
ath9k: raise aggregation limit to 64k for HT IBSS
mac80211 adds stations in HT IBSS as soon as a frame comes by,
even if the HT capabilities are not known yet (they are often
received later, e.g. in beacons). So far, ampdu factor/density
are only calculated when the station is initially added.
This patch changes this to update ampdu factor/density settings
when starting a blockack session.
Using this patch, we had performance boosts from 60 to 150 MBit/s
between two 2x2 Atheros devices in 5 GHz HT IBSS mode.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Simon Wunderlich <siwu@hrz.tu-chemnitz.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Larry Finger [Sun, 24 Jun 2012 19:44:36 +0000 (14:44 -0500)]
rtlwifi: rtl8192se: Fix double inclusion of header pci.h
The command "make includecheck" yields the following for the rtlwifi tree:
/home/finger/linux-2.6/drivers/net/wireless/rtlwifi/rtl8192se/sw.c: ../pci.h is included more than once.
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Larry Finger [Sun, 24 Jun 2012 16:06:29 +0000 (11:06 -0500)]
rtlwifi: Fix IRQ disabled warning
The PCI-based drivers can generate the following warning:
[ 9497.776350] ------------[ cut here ]------------
[ 9497.776366] WARNING: at kernel/softirq.c:159 local_bh_enable_ip+0x7a/0xa0()
[ 9497.776370] Hardware name: 05794NC
[ 9497.776597] Pid: 6413, comm: hostapd Not tainted 3.3.0-4.fc16.x86_64 #1
[ 9497.776601] Call Trace:
[ 9497.776612] [<
ffffffff81057b1f>] warn_slowpath_common+0x7f/0xc0
[ 9497.776633] [<
ffffffffa034a099>] ? rtl_pci_reset_trx_ring+0x199/0x230
[rtlwifi]
[ 9497.776640] [<
ffffffff81057b7a>] warn_slowpath_null+0x1a/0x20
[ 9497.776646] [<
ffffffff8105f06a>] local_bh_enable_ip+0x7a/0xa0
[ 9497.776654] [<
ffffffff815f3ef6>] _raw_spin_unlock_bh+0x16/0x20
[ 9497.776671] [<
ffffffffa03e50de>] destroy_conntrack+0x9e/0x120
[nf_conntrack]
[ 9497.776681] [<
ffffffff81511847>] nf_conntrack_destroy+0x17/0x20
[ 9497.776689] [<
ffffffff814d9c85>] skb_release_head_state+0xe5/0x120
[ 9497.776695] [<
ffffffff814d98b6>] __kfree_skb+0x16/0xa0
[ 9497.776700] [<
ffffffff814d9a35>] kfree_skb+0x45/0xc0
[ 9497.776717] [<
ffffffffa034a099>] rtl_pci_reset_trx_ring+0x199/0x230
[rtlwifi]
[ 9497.776734] [<
ffffffffa034a155>] rtl_pci_start+0x25/0x1d0 [rtlwifi]
[ 9497.776750] [<
ffffffffa03440b5>] rtl_op_start+0x55/0x90 [rtlwifi]
[ 9497.776785] [<
ffffffffa02c4956>] ieee80211_do_open+0x296/0xa10 [mac80211]
[ 9497.776794] [<
ffffffff815f7ddd>] ? notifier_call_chain+0x4d/0x70
[ 9497.776828] [<
ffffffffa02c513d>] ieee80211_open+0x6d/0x80 [mac80211]
[ 9497.776836] [<
ffffffff814e8b3f>] __dev_open+0x8f/0xe0
[ 9497.776842] [<
ffffffff814e8de1>] __dev_change_flags+0xa1/0x180
[ 9497.776847] [<
ffffffff814e8f78>] dev_change_flags+0x28/0x70
[ 9497.776856] [<
ffffffff8154e99d>] devinet_ioctl+0x61d/0x7b0
[ 9497.776863] [<
ffffffff8154ef55>] inet_ioctl+0x75/0x90
[ 9497.776870] [<
ffffffff814cdd50>] sock_do_ioctl+0x30/0x70
[ 9497.776876] [<
ffffffff814cee09>] sock_ioctl+0x79/0x2f0
[ 9497.776885] [<
ffffffff81193498>] do_vfs_ioctl+0x98/0x550
[ 9497.776891] [<
ffffffff811939e1>] sys_ioctl+0x91/0xa0
[ 9497.776897] [<
ffffffff815fc029>] system_call_fastpath+0x16/0x1b
[ 9497.776902] ---[ end trace
22886c442489082d ]---
The cause is due to calling kfree_skb() with interrupts disabled.
This bug is discussed in https://bugzilla.redhat.com/show_bug.cgi?id=797709.
Reported-and-Tested by: Ivan Ivanovich <iivanich@gmail.com>
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
John W. Linville [Tue, 26 Jun 2012 18:27:34 +0000 (14:27 -0400)]
Merge branch 'for-john' of git://git.sipsolutions.net/mac80211-next
John W. Linville [Tue, 26 Jun 2012 18:23:41 +0000 (14:23 -0400)]
Merge branch 'for-wireless' of git://git./linux/kernel/git/sameo/nfc-3.0
Eyal Shapira [Tue, 26 Jun 2012 07:41:17 +0000 (10:41 +0300)]
wlcore: print stack trace in every recovery
As recovery queuing can now occur from multiple code paths
it's convenient to know what triggered it in all cases
other than an intended recovery which is part of the
switch between single role to multi role.
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Signed-off-by: Luciano Coelho <coelho@ti.com>
Eyal Shapira [Tue, 26 Jun 2012 07:41:16 +0000 (10:41 +0300)]
wlcore: queue recovery in case of bus errors during cmd_remove_peer
Following the addition of propagating errors from the bus ops
there's a need to distinguish between bus errors (including timeout)
and a legitimate timeout occuring in cmd_wait_for_event_or_timeout.
In case of real bus errors we need to queue recovery even in cases
where a timeout on a response from the FW to a command is acceptable.
Reported-by: Arik Nemtsov <arik@wizery.com>
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Signed-off-by: Luciano Coelho <coelho@ti.com>
Eyal Shapira [Tue, 26 Jun 2012 07:41:15 +0000 (10:41 +0300)]
wlcore: fix broken TX due to wrong queuing of recovery
commit
14bba17b "wl12xx: Propagate errors from wl1271_raw_write32"
breaks down TX in certain scenarios. wl1271_irq_locked() propagates
errors from wl1271_tx_work_locked however it may return -EBUSY
when the FW queues are full which is a legitimate case and not a
a real error. In this case a recovery is triggered by wl1271_irq
and this keeps repeating itself so TX is completely broken.
Fix it by avoiding propagating return values as errors even if they
aren't. Only bus (SDIO or SPI) ops failures would be progagated
as only these should trigger recovery.
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Signed-off-by: Luciano Coelho <coelho@ti.com>
Luciano Coelho [Mon, 25 Jun 2012 11:41:20 +0000 (14:41 +0300)]
wlcore: fix some failure cases in wlcore_probe()
We need to release the IRQ if hw_info() or identify_chip() fails. And
we need unregister the HW with mac80211 if there are any failures
after it's registered.
Signed-off-by: Luciano Coelho <coelho@ti.com>
Luciano Coelho [Mon, 25 Jun 2012 11:15:55 +0000 (14:15 +0300)]
wl18xx: deprecate PG1 support
The new PG2 version of the chip has a few differences in terms of FW
API if compared to PG1. PG1 is just a sample that shouldn't be used
in real life, so to avoid having to handle both separately, mark the
PG1 version as deprecated and bail out during probe.
Signed-off-by: Luciano Coelho <coelho@ti.com>
Johannes Berg [Thu, 21 Jun 2012 20:30:52 +0000 (22:30 +0200)]
mac80211: make __ieee80211_recalc_idle static
Since it's not called from any file outside where
it's defined, the function can be static if moved
up in the file before the callers.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Tue, 19 Jun 2012 13:54:05 +0000 (15:54 +0200)]
mac80211: make ieee80211_check_concurrent_iface netdev-independent
ieee80211_check_concurrent_iface() need not use the
netdev. Remove the use of the netdev here to prepare
the function for P2P device addition.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Tue, 19 Jun 2012 14:16:22 +0000 (16:16 +0200)]
mac80211: remove unused function
Remove the unused function is_ieee80211_device().
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Thomas Pedersen [Thu, 21 Jun 2012 18:09:54 +0000 (11:09 -0700)]
nl80211: specify RSSI threshold in scheduled scan
Support configuring an RSSI threshold in dBm (s32) when requesting
scheduled scan, below which a BSS won't be reported by the cfg80211
driver.
Signed-off-by: Thomas Pedersen <c_tpeder@qca.qualcomm.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Eric Dumazet [Mon, 11 Jun 2012 22:47:58 +0000 (00:47 +0200)]
NFC: Return from rawsock_release when sk is NULL
Sasha Levin reported following panic :
[ 2136.383310] BUG: unable to handle kernel NULL pointer dereference at
00000000000003b0
[ 2136.384022] IP: [<
ffffffff8114e400>] __lock_acquire+0xc0/0x4b0
[ 2136.384022] PGD
131c4067 PUD
11c0c067 PMD 0
[ 2136.388106] Oops: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[ 2136.388106] CPU 1
[ 2136.388106] Pid: 24855, comm: trinity-child1 Tainted: G W
3.5.0-rc2-sasha-00015-g7b268f7 #374
[ 2136.388106] RIP: 0010:[<
ffffffff8114e400>] [<
ffffffff8114e400>]
__lock_acquire+0xc0/0x4b0
[ 2136.388106] RSP: 0018:
ffff8800130b3ca8 EFLAGS:
00010046
[ 2136.388106] RAX:
0000000000000086 RBX:
ffff88001186b000 RCX:
0000000000000000
[ 2136.388106] RDX:
0000000000000000 RSI:
0000000000000000 RDI:
0000000000000000
[ 2136.388106] RBP:
ffff8800130b3d08 R08:
0000000000000001 R09:
0000000000000000
[ 2136.388106] R10:
0000000000000000 R11:
0000000000000001 R12:
0000000000000002
[ 2136.388106] R13:
00000000000003b0 R14:
0000000000000000 R15:
0000000000000000
[ 2136.388106] FS:
00007fa5b1bd4700(0000) GS:
ffff88001b800000(0000)
knlGS:
0000000000000000
[ 2136.388106] CS: 0010 DS: 0000 ES: 0000 CR0:
0000000080050033
[ 2136.388106] CR2:
00000000000003b0 CR3:
0000000011d1f000 CR4:
00000000000406e0
[ 2136.388106] DR0:
0000000000000000 DR1:
0000000000000000 DR2:
0000000000000000
[ 2136.388106] DR3:
0000000000000000 DR6:
00000000ffff0ff0 DR7:
0000000000000400
[ 2136.388106] Process trinity-child1 (pid: 24855, threadinfo
ffff8800130b2000, task
ffff88001186b000)
[ 2136.388106] Stack:
[ 2136.388106]
ffff8800130b3cd8 ffffffff81121785 ffffffff81236774
000080d000000001
[ 2136.388106]
ffff88001b9d6c00 00000000001d6c00 ffffffff130b3d08
ffff88001186b000
[ 2136.388106]
0000000000000000 0000000000000002 0000000000000000
0000000000000000
[ 2136.388106] Call Trace:
[ 2136.388106] [<
ffffffff81121785>] ? sched_clock_local+0x25/0x90
[ 2136.388106] [<
ffffffff81236774>] ? get_empty_filp+0x74/0x220
[ 2136.388106] [<
ffffffff8114e97a>] lock_acquire+0x18a/0x1e0
[ 2136.388106] [<
ffffffff836b37df>] ? rawsock_release+0x4f/0xa0
[ 2136.388106] [<
ffffffff837c0ef0>] _raw_write_lock_bh+0x40/0x80
[ 2136.388106] [<
ffffffff836b37df>] ? rawsock_release+0x4f/0xa0
[ 2136.388106] [<
ffffffff836b37df>] rawsock_release+0x4f/0xa0
[ 2136.388106] [<
ffffffff8321cfe8>] sock_release+0x18/0x70
[ 2136.388106] [<
ffffffff8321d069>] sock_close+0x29/0x30
[ 2136.388106] [<
ffffffff81236bca>] __fput+0x11a/0x2c0
[ 2136.388106] [<
ffffffff81236d85>] fput+0x15/0x20
[ 2136.388106] [<
ffffffff8321de34>] sys_accept4+0x1b4/0x200
[ 2136.388106] [<
ffffffff837c165c>] ? _raw_spin_unlock_irq+0x4c/0x80
[ 2136.388106] [<
ffffffff837c1669>] ? _raw_spin_unlock_irq+0x59/0x80
[ 2136.388106] [<
ffffffff837c2565>] ? sysret_check+0x22/0x5d
[ 2136.388106] [<
ffffffff8321de8b>] sys_accept+0xb/0x10
[ 2136.388106] [<
ffffffff837c2539>] system_call_fastpath+0x16/0x1b
[ 2136.388106] Code: ec 04 00 0f 85 ea 03 00 00 be d5 0b 00 00 48 c7 c7
8a c1 40 84 e8 b1 a5 f8 ff 31 c0 e9 d4 03 00 00 66 2e 0f 1f 84 00 00 00
00 00 <49> 81 7d 00 60 73 5e 85 b8 01 00 00 00 44 0f 44 e0 83 fe 01 77
[ 2136.388106] RIP [<
ffffffff8114e400>] __lock_acquire+0xc0/0x4b0
[ 2136.388106] RSP <
ffff8800130b3ca8>
[ 2136.388106] CR2:
00000000000003b0
[ 2136.388106] ---[ end trace
6d450e935ee18982 ]---
[ 2136.388106] Kernel panic - not syncing: Fatal exception in interrupt
rawsock_release() should test if sock->sk is NULL before calling
sock_orphan()/sock_put()
Reported-by: Sasha Levin <levinsasha928@gmail.com>
Tested-by: Sasha Levin <levinsasha928@gmail.com>
Cc: stable@kernel.org
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Johannes Berg [Mon, 25 Jun 2012 07:36:41 +0000 (09:36 +0200)]
iwlwifi: fix activating inactive stations
When authentication/association timed out, the driver would
complain bitterly, printing the message
ACTIVATE a non DRIVER active station id ... addr ...
The cause turns out to be that when the AP station is added
but we don't associate, the IWL_STA_UCODE_INPROGRESS is set
but never cleared. This then causes iwl_restore_stations()
to attempt to resend it because it uses the flag internally
and uploads even if it didn't set it itself.
To fix this issue and not upload the station again when it
has already been removed by mac80211, clear the flag after
adding it in case we add it only for association.
Cc: stable@vger.kernel.org
Reviewed-by: Meenakshi Venkataraman <meenakshi.venkataraman@intel.com>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Randy Dunlap [Mon, 25 Jun 2012 02:17:00 +0000 (19:17 -0700)]
wlcore: drop INET dependency
Mainline build reports:
warning: (WL12XX) selects WLCORE which has unmet direct dependencies (NETDEVICES && WLAN && WL_TI && GENERIC_HARDIRQS && MAC80211 && INET)
The INET dependency was added in commit
3c6af5b54fe74b6e56efadc22927e4055d00e9fc:
wl1271_main.c:(.text+0x271052): undefined reference to `unregister_inetaddr_
notifier'
wl1271_main.c:(.text+0x2714d7): undefined reference to `register_inetaddr_no
tifier'
Driver is doing some filtering based on IP addresses...
but this driver no longer has that code and it builds fine even when
CONFIG_INET is not enabled, so drop that dependency and eliminate the
kconfig warning message.
Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Cc: Luciano Coelho <luciano.coelho@nokia.com>
Cc: John W. Linville <linville@tuxdriver.com>
Acked-by: Luciano Coelho <coelho@ti.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Felix Fietkau [Sat, 23 Jun 2012 17:23:31 +0000 (19:23 +0200)]
ath9k: fix dynamic WEP related regression
commit
7a532fe7131216a02c81a6c1b1f8632da1195a58
ath9k_hw: fix interpretation of the rx KeyMiss flag
This commit used the rx key miss indication to detect packets that were
passed from the hardware without being decrypted, however it seems that
this bit is not only undefined in the static WEP case, but also for
dynamically allocated WEP keys. This caused a regression when using
WEP-LEAP.
This patch fixes the regression by keeping track of which key indexes
refer to CCMP keys and only using the key miss indication for those.
Reported-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Cc: stable@vger.kernel.org
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Dan Rosenberg [Mon, 25 Jun 2012 14:05:27 +0000 (16:05 +0200)]
NFC: Prevent multiple buffer overflows in NCI
Fix multiple remotely-exploitable stack-based buffer overflows due to
the NCI code pulling length fields directly from incoming frames and
copying too much data into statically-sized arrays.
Signed-off-by: Dan Rosenberg <dan.j.rosenberg@gmail.com>
Cc: stable@kernel.org
Cc: security@kernel.org
Cc: Lauro Ramos Venancio <lauro.venancio@openbossa.org>
Cc: Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
Cc: Samuel Ortiz <sameo@linux.intel.com>
Cc: David S. Miller <davem@davemloft.net>
Acked-by: Ilan Elias <ilane@ti.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
Johannes Berg [Mon, 25 Jun 2012 12:46:44 +0000 (14:46 +0200)]
mac80211_hwsim: fix smatch/sparse complaints
The code is fine in both cases as-is, but we can
write it slightly differently to fix smatch/sparse
complaints:
* compare the skb pointer (which we use as a cookie)
by casting the skb to unsigned long rather than the
cookie to a pointer (fixes "different address spaces")
* when transmitting, data->channel must be assigned,
don't check it (fixes "dereferenced before check")
Signed-off-by: Johannes Berg <johannes.berg@intel.com>