firefly-linux-kernel-4.4.55.git
10 years agoBluetooth: Fix setting conn->pending_sec_level value from link key
Johan Hedberg [Wed, 19 Nov 2014 12:53:04 +0000 (14:53 +0200)]
Bluetooth: Fix setting conn->pending_sec_level value from link key

When a connection is requested the conn->pending_sec_level value gets
set to whatever level the user requested the connection to be. During
the pairing process there are various sanity checks to try to ensure
that the right length PIN or right IO Capability is used to satisfy the
target security level. However, when we finally get hold of the link key
that is to be used we should still set the actual final security level
from the key type.

This way when we eventually get an Encrypt Change event the correct
value gets copied to conn->sec_level.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix setting state back to TASK_RUNNING
Johan Hedberg [Wed, 19 Nov 2014 11:16:41 +0000 (13:16 +0200)]
Bluetooth: Fix setting state back to TASK_RUNNING

In __hci_cmd_sync_ev() and __hci_req_sync() if the hci_req_run() call
fails and we return from the functions we should ensure that the state
doesn't remain in TASK_INTERRUPTIBLE that we just set it to. This patch
fixes missing calls to set_current_state(TASK_RUNNING) in both places.

Reported-by: Kirill A. Shutemov <kirill@shutemov.name>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Tested-by: Kirill A. Shutemov <kirill@shutemov.name>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Add support for Broadcom BCM20702A1 variant
Fabio K [Tue, 18 Nov 2014 02:46:28 +0000 (00:46 -0200)]
Bluetooth: Add support for Broadcom BCM20702A1 variant

This variant requires the flag BTUSB_BCM_PATCHRAM to work.

Relevant details from /sys/kernel/debug/usb/devices:

T:  Bus=01 Lev=02 Prnt=02 Port=04 Cnt=01 Dev#=  3 Spd=12   MxCh= 0
D:  Ver= 2.00 Cls=ff(vend.) Sub=01 Prot=01 MxPS=64 #Cfgs=  1
P:  Vendor=13d3 ProdID=3404 Rev= 1.12
S:  Manufacturer=Broadcom Corp
S:  Product=BCM20702A0
S:  SerialNumber=240A646F1XXX
C:* #Ifs= 4 Cfg#= 1 Atr=e0 MxPwr=  0mA
I:* If#= 0 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=01 Prot=01 Driver=btusb
E:  Ad=81(I) Atr=03(Int.) MxPS=  16 Ivl=1ms
E:  Ad=82(I) Atr=02(Bulk) MxPS=  64 Ivl=0ms
E:  Ad=02(O) Atr=02(Bulk) MxPS=  64 Ivl=0ms
I:* If#= 1 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=01 Prot=01 Driver=btusb
E:  Ad=83(I) Atr=01(Isoc) MxPS=   0 Ivl=1ms
E:  Ad=03(O) Atr=01(Isoc) MxPS=   0 Ivl=1ms
I:  If#= 1 Alt= 1 #EPs= 2 Cls=ff(vend.) Sub=01 Prot=01 Driver=btusb
E:  Ad=83(I) Atr=01(Isoc) MxPS=   9 Ivl=1ms
E:  Ad=03(O) Atr=01(Isoc) MxPS=   9 Ivl=1ms
I:  If#= 1 Alt= 2 #EPs= 2 Cls=ff(vend.) Sub=01 Prot=01 Driver=btusb
E:  Ad=83(I) Atr=01(Isoc) MxPS=  17 Ivl=1ms
E:  Ad=03(O) Atr=01(Isoc) MxPS=  17 Ivl=1ms
I:  If#= 1 Alt= 3 #EPs= 2 Cls=ff(vend.) Sub=01 Prot=01 Driver=btusb
E:  Ad=83(I) Atr=01(Isoc) MxPS=  25 Ivl=1ms
E:  Ad=03(O) Atr=01(Isoc) MxPS=  25 Ivl=1ms
I:  If#= 1 Alt= 4 #EPs= 2 Cls=ff(vend.) Sub=01 Prot=01 Driver=btusb
E:  Ad=83(I) Atr=01(Isoc) MxPS=  33 Ivl=1ms
E:  Ad=03(O) Atr=01(Isoc) MxPS=  33 Ivl=1ms
I:  If#= 1 Alt= 5 #EPs= 2 Cls=ff(vend.) Sub=01 Prot=01 Driver=btusb
E:  Ad=83(I) Atr=01(Isoc) MxPS=  49 Ivl=1ms
E:  Ad=03(O) Atr=01(Isoc) MxPS=  49 Ivl=1ms
I:* If#= 2 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=ff Driver=(none)
E:  Ad=84(I) Atr=02(Bulk) MxPS=  32 Ivl=0ms
E:  Ad=04(O) Atr=02(Bulk) MxPS=  32 Ivl=0ms
I:* If#= 3 Alt= 0 #EPs= 0 Cls=fe(app. ) Sub=01 Prot=01 Driver=(none)

The firmware was extracted from a Windows 8.1 64-bit installation
and converted from 'hex' to 'hcd' for use in Linux.

Under Windows it also identifies itself as BCM20702A0,
but the firmware is named "BCM20702A1_001.002.014.1315.1356.hex"
and is located in "%SYSTEMROOT%\system32\drivers\"
(md5 67cf6bfdae61c4bb819a66da984f7913)
(sha1 5f74cc6a9a3bf19ee0f8c3d01e4be34c609b188f)

The same firmware file is also available as a download at
http://www.asrock.com/mb/Intel/Z87E-ITX/?cat=Download&os=All
marked as "Bluetooth driver ver:12.0.0.7820"

'hcd' file should be placed at "brcm/BCM20702A0-13d3-3404.hcd"
inside the firmware directory (e.g. "/lib/firmware")

Signed-off-by: Fabio K <healthkit@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Call drain_workqueue() before resetting state
Johan Hedberg [Tue, 18 Nov 2014 07:00:14 +0000 (09:00 +0200)]
Bluetooth: Call drain_workqueue() before resetting state

Doing things like hci_conn_hash_flush() while holding the hdev lock is
risky since its synchronous pending work cancellation could cause the
L2CAP layer to try to reacquire the hdev lock. Right now there doesn't
seem to be any obvious places where this would for certain happen but
it's already enough to cause lockdep to start warning against the hdev
and the work struct locks being taken in the "wrong" order:

[  +0.000373] mgmt-tester/1603 is trying to acquire lock:
[  +0.000292]  ((&conn->pending_rx_work)){+.+.+.}, at: [<c104266d>] flush_work+0x0/0x181
[  +0.000270]
but task is already holding lock:
[  +0.000000]  (&hdev->lock){+.+.+.}, at: [<c13b9a80>] hci_dev_do_close+0x166/0x359
[  +0.000000]
which lock already depends on the new lock.

[  +0.000000]
the existing dependency chain (in reverse order) is:
[  +0.000000]
-> #1 (&hdev->lock){+.+.+.}:
[  +0.000000]        [<c105ea8f>] lock_acquire+0xe3/0x156
[  +0.000000]        [<c140c663>] mutex_lock_nested+0x54/0x375
[  +0.000000]        [<c13d644b>] l2cap_recv_frame+0x293/0x1a9c
[  +0.000000]        [<c13d7ca4>] process_pending_rx+0x50/0x5e
[  +0.000000]        [<c1041a3f>] process_one_work+0x21c/0x436
[  +0.000000]        [<c1041e3d>] worker_thread+0x1be/0x251
[  +0.000000]        [<c1045a22>] kthread+0x94/0x99
[  +0.000000]        [<c140f801>] ret_from_kernel_thread+0x21/0x30
[  +0.000000]
-> #0 ((&conn->pending_rx_work)){+.+.+.}:
[  +0.000000]        [<c105e158>] __lock_acquire+0xa07/0xc89
[  +0.000000]        [<c105ea8f>] lock_acquire+0xe3/0x156
[  +0.000000]        [<c1042696>] flush_work+0x29/0x181
[  +0.000000]        [<c1042864>] __cancel_work_timer+0x76/0x8f
[  +0.000000]        [<c104288c>] cancel_work_sync+0xf/0x11
[  +0.000000]        [<c13d4c18>] l2cap_conn_del+0x72/0x183
[  +0.000000]        [<c13d8953>] l2cap_disconn_cfm+0x49/0x55
[  +0.000000]        [<c13be37a>] hci_conn_hash_flush+0x7a/0xc3
[  +0.000000]        [<c13b9af6>] hci_dev_do_close+0x1dc/0x359
[  +0.012038]        [<c13bbe38>] hci_unregister_dev+0x6e/0x1a3
[  +0.000000]        [<c12d33c1>] vhci_release+0x28/0x47
[  +0.000000]        [<c10dd6a9>] __fput+0xd6/0x154
[  +0.000000]        [<c10dd757>] ____fput+0xd/0xf
[  +0.000000]        [<c1044bb2>] task_work_run+0x6b/0x8d
[  +0.000000]        [<c1001bd2>] do_notify_resume+0x3c/0x3f
[  +0.000000]        [<c140fa70>] work_notifysig+0x29/0x31
[  +0.000000]
other info that might help us debug this:

[  +0.000000]  Possible unsafe locking scenario:

[  +0.000000]        CPU0                    CPU1
[  +0.000000]        ----                    ----
[  +0.000000]   lock(&hdev->lock);
[  +0.000000]                                lock((&conn->pending_rx_work));
[  +0.000000]                                lock(&hdev->lock);
[  +0.000000]   lock((&conn->pending_rx_work));
[  +0.000000]
 *** DEADLOCK ***

Fully fixing this would require some quite heavy refactoring to change
how the hdev lock and hci_conn instances are handled together. A simpler
solution for now which this patch takes is to try ensure that the hdev
workqueue is empty before proceeding with the various cleanup calls,
including hci_conn_hash_flush().

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Use shorter "rand" name for "randomizer"
Johan Hedberg [Mon, 17 Nov 2014 18:52:20 +0000 (20:52 +0200)]
Bluetooth: Use shorter "rand" name for "randomizer"

The common short form of "randomizer" is "rand" in many places
(including the Bluetooth specification). The shorter version also makes
for easier to read code with less forced line breaks. This patch renames
all occurences of "randomizer" to "rand" in the Bluetooth subsystem
code.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix BR/EDR-only address checks for remote OOB data
Johan Hedberg [Mon, 17 Nov 2014 18:52:19 +0000 (20:52 +0200)]
Bluetooth: Fix BR/EDR-only address checks for remote OOB data

For now the mgmt commands dealing with remote OOB data are strictly
BR/EDR-only. This patch fixes missing checks for the passed address type
so that any non-BR/EDR value triggers the appropriate error response.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: fix byteorder for short address and panid
Alexander Aring [Mon, 17 Nov 2014 07:20:55 +0000 (08:20 +0100)]
ieee802154: fix byteorder for short address and panid

This patch changes the byteorder handling for short and panid handling.
We now except to get little endian in nl802154 for these attributes.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: rename and move WPAN_NUM_ defines
Alexander Aring [Mon, 17 Nov 2014 07:20:54 +0000 (08:20 +0100)]
ieee802154: rename and move WPAN_NUM_ defines

This patch moves the 802.15.4 constraints WPAN_NUM_ defines into
"net/ieee802154.h" which should contain all necessary 802.15.4 related
information. Also rename these defines to a common name which is
IEEE802154_MAX_CHANNEL and IEEE802154_MAX_PAGE.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: add del interface command
Alexander Aring [Mon, 17 Nov 2014 07:20:53 +0000 (08:20 +0100)]
ieee802154: add del interface command

This patch adds support for deleting a wpan interface via nl802154.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: setting extended address while iface add
Alexander Aring [Mon, 17 Nov 2014 07:20:52 +0000 (08:20 +0100)]
ieee802154: setting extended address while iface add

This patch adds support for setting an extended address while
registration a new interface. If ieee802154_is_valid_extended_addr
getting as parameter and invalid extended address then the perm address
is fallback. This is useful to make some default handling while for
example default registration of a wpan interface while phy registration.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: add new interface command
Alexander Aring [Mon, 17 Nov 2014 07:20:51 +0000 (08:20 +0100)]
ieee802154: add new interface command

This patch adds a new nl802154 command for adding a new interface
according to a wpan phy via nl802154.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: remove wpan_dev parameter in if_add
Alexander Aring [Mon, 17 Nov 2014 07:20:50 +0000 (08:20 +0100)]
mac802154: remove wpan_dev parameter in if_add

This parameter was grabbed from wireless implementation with the
identically wireless dev struct. We don't need this right now and so we
remove it. Maybe we will add it later again if we found any real reason
to have such parameter.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: use new nl802154 iftype types
Alexander Aring [Mon, 17 Nov 2014 07:20:49 +0000 (08:20 +0100)]
mac802154: use new nl802154 iftype types

This patch replace the depracted IEEE802154_DEV to the new introduced
NL802154_IFTYPE_NODE types. There is a backwards compatibility to have
the identical types for both enum definitions. Also remove some inlcude
issue with "linux/nl802154.h", because the export nl_policy inside this
header it was always necessary to have an include of "net/rtnetlink.h"
before. The reason for this is more complicated. Nevertheless we removed
this now, because "linux/nl802154.h" is the depracted netlink interface.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: remove deprecated linux-zigbee info
Alexander Aring [Mon, 17 Nov 2014 07:20:48 +0000 (08:20 +0100)]
mac802154: remove deprecated linux-zigbee info

We don't and we can't name it zigbee anymore. This patch removes
deprecated information for project website.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: remove const for non pointer in rdev-ops
Alexander Aring [Mon, 17 Nov 2014 07:20:47 +0000 (08:20 +0100)]
mac802154: remove const for non pointer in rdev-ops

This patches removes the const keyword in variables which are non
pointers. There is no sense to declare call by value parameters as
const.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Reported-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: remove const for non pointer in cfg ops
Alexander Aring [Mon, 17 Nov 2014 07:20:46 +0000 (08:20 +0100)]
mac802154: remove const for non pointer in cfg ops

This patches removes the const keyword in variables which are non
pointers. There is no sense to declare call by value parameters as
const.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Reported-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: remove const for non pointer in driver-ops
Alexander Aring [Mon, 17 Nov 2014 07:20:45 +0000 (08:20 +0100)]
mac802154: remove const for non pointer in driver-ops

This patches removes the const keyword in variables which are non
pointers. There is no sense to declare call by value parameters as const.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Reported-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoat86rf230: fix commentation for symbol duration
Alexander Aring [Mon, 17 Nov 2014 07:20:44 +0000 (08:20 +0100)]
at86rf230: fix commentation for symbol duration

This patch fix an copy&paste issue in the comment of setting symbol
duration. These comments are more correct according the at86rf212 datasheet
now.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: remove unused prototypes
Alexander Aring [Mon, 17 Nov 2014 07:20:43 +0000 (08:20 +0100)]
mac802154: remove unused prototypes

This patch removes some prototypes which are not used anymore.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix clearing remote OOB data through mgmt
Johan Hedberg [Sat, 15 Nov 2014 07:34:23 +0000 (09:34 +0200)]
Bluetooth: Fix clearing remote OOB data through mgmt

When passed BDADDR_ANY the Remove Remote OOB Data comand is specified to
clear all entries. This patch adds the necessary check and calls
hci_remote_oob_data_clear() when necessary.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Add debug logs to help track locking issues
Johan Hedberg [Thu, 13 Nov 2014 12:37:50 +0000 (14:37 +0200)]
Bluetooth: Add debug logs to help track locking issues

This patch adds some extra debug logs to L2CAP related code. These are
mainly to help track locking issues but will probably be useful for
debugging other types of issues as well.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Remove unnecessary hdev locking in smp.c
Johan Hedberg [Thu, 13 Nov 2014 12:37:49 +0000 (14:37 +0200)]
Bluetooth: Remove unnecessary hdev locking in smp.c

Now that the SMP related key lists are converted to RCU there is nothing
in smp_cmd_sign_info() or smp_cmd_ident_addr_info() that would require
taking the hdev lock (including the smp_distribute_keys call). This
patch removes this unnecessary locking.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Convert IRK list to RCU
Johan Hedberg [Thu, 13 Nov 2014 12:37:48 +0000 (14:37 +0200)]
Bluetooth: Convert IRK list to RCU

This patch set converts the hdev->identity_resolving_keys list to use
RCU to eliminate the need to use hci_dev_lock/unlock.

An additional change that must be done is to remove use of
CRYPTO_ALG_ASYNC for the hdev-specific AES crypto context. The reason is
that this context is used for matching RPAs and the loop that does the
matching is under the RCU read lock, i.e. is an atomic section which
cannot sleep.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Convert LTK list to RCU
Johan Hedberg [Thu, 13 Nov 2014 12:37:47 +0000 (14:37 +0200)]
Bluetooth: Convert LTK list to RCU

This patch set converts the hdev->long_term_keys list to use RCU to
eliminate the need to use hci_dev_lock/unlock.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Trigger SMP for the appropriate LE CoC errors
Johan Hedberg [Thu, 13 Nov 2014 08:55:19 +0000 (10:55 +0200)]
Bluetooth: Trigger SMP for the appropriate LE CoC errors

The insufficient authentication/encryption errors indicate to the L2CAP
client that it should try to elevate the security level. Since there
really isn't any exception to this rule it makes sense to fully handle
it on the kernel side instead of pushing the responsibility to user
space.

This patch adds special handling of these two error codes and calls
smp_conn_security() with the elevated security level if necessary.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Add key preference parameter to smp_sufficient_security
Johan Hedberg [Thu, 13 Nov 2014 08:55:18 +0000 (10:55 +0200)]
Bluetooth: Add key preference parameter to smp_sufficient_security

So far smp_sufficient_security() has returned false if we're encrypted
with an STK but do have an LTK available. However, for the sake of LE
CoC servers we do want to let the incoming connection through even
though we're only encrypted with the STK.

This patch adds a key preference parameter to smp_sufficient_security()
with two possible values (enum used instead of bool for readability).

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix sending incorrect LE CoC PDU in BT_CONNECT2 state
Johan Hedberg [Thu, 13 Nov 2014 08:55:17 +0000 (10:55 +0200)]
Bluetooth: Fix sending incorrect LE CoC PDU in BT_CONNECT2 state

For LE CoC L2CAP servers we don't do security level elevation during the
BT_CONNECT2 state (instead LE CoC simply sends an immediate error
response if the security level isn't high enough). Therefore if we get a
security level change while an LE CoC channel is in the BT_CONNECT2
state we should simply do nothing.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: hidp: replace kzalloc/copy_from_user by memdup_user
Fabian Frederick [Fri, 14 Nov 2014 18:35:05 +0000 (19:35 +0100)]
Bluetooth: hidp: replace kzalloc/copy_from_user by memdup_user

use memdup_user for rd_data import.

Signed-off-by: Fabian Frederick <fabf@skynet.be>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix correct nesting for 6lowpan server channel
Johan Hedberg [Thu, 13 Nov 2014 07:46:05 +0000 (09:46 +0200)]
Bluetooth: Fix correct nesting for 6lowpan server channel

Server channels in BT_LISTEN state should use L2CAP_NESTING_PARENT. This
patch fixes the nesting value for the 6lowpan channel.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix L2CAP nesting level initialization location
Johan Hedberg [Thu, 13 Nov 2014 07:46:04 +0000 (09:46 +0200)]
Bluetooth: Fix L2CAP nesting level initialization location

There's no reason why all users of L2CAP would need to worry about
initializing chan->nesting to L2CAP_NESTING_NORMAL (which is important
since 0 is the same as NESTING_SMP). This patch moves the initialization
to the common place that's used to create all new channels, i.e. the
l2cap_chan_create() function.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix L2CAP socket lock nesting level
Johan Hedberg [Wed, 12 Nov 2014 20:22:22 +0000 (22:22 +0200)]
Bluetooth: Fix L2CAP socket lock nesting level

The teardown callback for L2CAP channels is problematic in that it is
explicitly called for all types of channels from l2cap_chan_del(),
meaning it's not possible to hard-code a nesting level when taking the
socket lock. The simplest way to have a correct nesting level for the
socket locking is to use the same value as for the chan. This also means
that the other places trying to lock parent sockets need to be update to
use the chan value (since L2CAP_NESTING_PARENT is defined as 2 whereas
SINGLE_DEPTH_NESTING has the value 1).

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Use proper nesting annotation for l2cap_chan lock
Johan Hedberg [Wed, 12 Nov 2014 20:22:21 +0000 (22:22 +0200)]
Bluetooth: Use proper nesting annotation for l2cap_chan lock

By default lockdep considers all L2CAP channels equal. This would mean
that we get warnings if a channel is locked when another one's lock is
tried to be acquired in the same thread. This kind of inter-channel
locking dependencies exist in the form of parent-child channels as well
as any channel wishing to elevate the security by requesting procedures
on the SMP channel.

To eliminate the chance for these lockdep warnings we introduce a
nesting level for each channel and use that when acquiring the channel
lock. For now there exists the earlier mentioned three identified
categories: SMP, "normal" channels and parent channels (i.e. those in
BT_LISTEN state). The nesting level is defined as atomic_t since we need
access to it before the lock is actually acquired.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoat86rf230: remove interframe spacing time workaround
Alexander Aring [Wed, 12 Nov 2014 18:51:57 +0000 (19:51 +0100)]
at86rf230: remove interframe spacing time workaround

This patch removes the interframe spacing time workaround from at86rf230
driver and use the mac802154 one. The interframe spacing time differs at
at86rf212 and channel setting. This patch fix this handling which is also
a new workaround and should be moved into mac802154 while channel
setting.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: add interframe spacing time handling
Alexander Aring [Wed, 12 Nov 2014 18:51:56 +0000 (19:51 +0100)]
mac802154: add interframe spacing time handling

This patch adds a new interframe spacing time handling into mac802154
layer. Interframe spacing time is a time period between each transmit.
This patch adds a high resolution timer into mac802154 and starts on
xmit complete with corresponding interframe spacing expire time if
ifs_handling is true. We make it variable because it depends if
interframe spacing time is handled by transceiver or mac802154. At the
timer complete function we wake the netdev queue again. This avoids
new frame transmit in range of interframe spacing time.

For synced driver we add no handling of interframe spacing time. This
is currently a lack of support in all synced xmit drivers. I suppose
it's working because the latency of workqueue which is needed to call
spi_sync.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Remove unnecessary hci_dev_lock/unlock in smp.c
Johan Hedberg [Wed, 12 Nov 2014 07:17:08 +0000 (09:17 +0200)]
Bluetooth: Remove unnecessary hci_dev_lock/unlock in smp.c

The mgmt_user_passkey_request and related functions do not do anything
else except read access to hdev->id. This member never changes after the
hdev creation so there is no need to acquire a lock to read it.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix l2cap_sock_teardown_cb lockdep warning
Johan Hedberg [Wed, 12 Nov 2014 07:15:50 +0000 (09:15 +0200)]
Bluetooth: Fix l2cap_sock_teardown_cb lockdep warning

Any code calling bt_accept_dequeue() to get a new child socket from a
server socket should use lock_sock_nested to avoid lockdep warnings due
to the parent and child sockets being locked at the same time. The
l2cap_sock_accept() function is already doing this correctly but a
second place calling bt_accept_dequeue() is the code path from
l2cap_sock_teardown_cb() that calls l2cap_sock_cleanup_listen().

This patch fixes the proper nested locking annotation and thereby avoids
the following style of lockdep warning.

[  +0.000224] [ INFO: possible recursive locking detected ]
[  +0.000222] 3.17.0+ #1153 Not tainted
[  +0.000130] ---------------------------------------------
[  +0.000227] l2cap-tester/562 is trying to acquire lock:
[  +0.000210]  (sk_lock-AF_BLUETOOTH-BTPROTO_L2CAP){+.+...}, at: [<c1393f47>] bt_accept_dequeue+0x68/0x11b
[  +0.000467]
but task is already holding lock:
[  +0.000186]  (sk_lock-AF_BLUETOOTH-BTPROTO_L2CAP){+.+...}, at: [<c13b949a>] lock_sock+0xa/0xc
[  +0.000421]
other info that might help us debug this:
[  +0.000199]  Possible unsafe locking scenario:

[  +0.000117]        CPU0
[  +0.000000]        ----
[  +0.000000]   lock(sk_lock-AF_BLUETOOTH-BTPROTO_L2CAP);
[  +0.000000]   lock(sk_lock-AF_BLUETOOTH-BTPROTO_L2CAP);
[  +0.000000]
 *** DEADLOCK ***

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee820154: add lbt setting support
Alexander Aring [Wed, 12 Nov 2014 02:37:05 +0000 (03:37 +0100)]
ieee820154: add lbt setting support

This patch adds support for setting listen before transmit mode via
nl802154 framework.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoat86rf230: remove invalid max frame retries check
Alexander Aring [Wed, 12 Nov 2014 02:37:04 +0000 (03:37 +0100)]
at86rf230: remove invalid max frame retries check

This patch removes the invalid max frame retries check from driver
layer. This is already handled by nl802154 framework. Also the IEEE
802.15.4 standard doesn't allow a frame retries setting above 7. This
seems to be valid for the at86rf230 transceiver but the chip running out
of spec then. We only allow settings according 802.15.4 right now.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee820154: add max frame retries setting support
Alexander Aring [Wed, 12 Nov 2014 02:37:03 +0000 (03:37 +0100)]
ieee820154: add max frame retries setting support

This patch add support for setting mac frame retries setting via
nl802154 framework.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoat86rf230: remove invalid max csma backoffs check
Alexander Aring [Wed, 12 Nov 2014 02:37:02 +0000 (03:37 +0100)]
at86rf230: remove invalid max csma backoffs check

This patch removes the invalid check on max csma backoffs in driver
layer. This is already handled by nl802154 framework.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee820154: add max csma backoffs setting support
Alexander Aring [Wed, 12 Nov 2014 02:37:01 +0000 (03:37 +0100)]
ieee820154: add max csma backoffs setting support

This patch add support for max csma backoffs setting via nl802154
framework.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoat86rf230: remove invalid backoff exponent check
Alexander Aring [Wed, 12 Nov 2014 02:37:00 +0000 (03:37 +0100)]
at86rf230: remove invalid backoff exponent check

This patch removes the invalid backoff exponent check from driver layer.
This is already handled by nl802154.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee820154: add backoff exponent setting support
Alexander Aring [Wed, 12 Nov 2014 02:36:59 +0000 (03:36 +0100)]
ieee820154: add backoff exponent setting support

This patch adds support for setting backoff exponents via nl802154
framework.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee820154: add short_addr setting support
Alexander Aring [Wed, 12 Nov 2014 02:36:58 +0000 (03:36 +0100)]
ieee820154: add short_addr setting support

This patch adds support for setting short address via nl802154 framework.
Also added a comment because a 0xffff seems to be valid address that we
don't have a short address. This is a valid setting but we need
more checks in upper layers to don't allow this address as source address.
Also the current netlink interface doesn't allow to set the short_addr
to 0xffff. Same for the 0xfffe short address which describes a not
allocated short address.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee820154: add pan_id setting support
Alexander Aring [Wed, 12 Nov 2014 02:36:57 +0000 (03:36 +0100)]
ieee820154: add pan_id setting support

This patch adds support for setting pan_id via nl802154 framework.
Adding a comment because setting 0xffff as pan_id seems to be valid
setting. The pan_id 0xffff as source pan is invalid. I am not sure now
about this setting but for the current netlink interface this is an
invalid setting, so we do the same now. Maybe we need to change that
when we have coordinator support and association support.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee820154: remove valid page and channel checks
Alexander Aring [Wed, 12 Nov 2014 02:36:56 +0000 (03:36 +0100)]
ieee820154: remove valid page and channel checks

This patch removes validation of page and channel while setting from
driver layer. This is already handled by nl802154 and mac802154.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee820154: add channel set support
Alexander Aring [Wed, 12 Nov 2014 02:36:55 +0000 (03:36 +0100)]
ieee820154: add channel set support

This patch adds page and channel setting support to nl802154 framework.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: cleanup cfg802154 intendation
Alexander Aring [Wed, 12 Nov 2014 02:36:54 +0000 (03:36 +0100)]
ieee802154: cleanup cfg802154 intendation

This is patch is cleanup to have a similar indentation like cfg80211
implementation.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: add ifname change notifier
Alexander Aring [Wed, 12 Nov 2014 02:36:53 +0000 (03:36 +0100)]
mac802154: add ifname change notifier

This patch adds a netdev notifier for interface renaming. We have a name
attribute inside of subif data struct. This is needed to have always the
actual netdev name in sdata name attribute.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: change module description
Alexander Aring [Wed, 12 Nov 2014 02:36:52 +0000 (03:36 +0100)]
mac802154: change module description

This patch changes the module description like wireless which is IEEE
802.11 "subsystem" and not "implementation".

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: add wpan_phy priv id
Alexander Aring [Wed, 12 Nov 2014 02:36:51 +0000 (03:36 +0100)]
mac802154: add wpan_phy priv id

This patch adds an unique id for an wpan_phy. This behaviour is mostly
grabbed from wireless stack. This is needed for upcomming patches which
identify the wpan netdev while NETDEV_CHANGENAME in netdev notify function.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac820154: move mutex locks out of loop
Alexander Aring [Wed, 12 Nov 2014 02:36:50 +0000 (03:36 +0100)]
mac820154: move mutex locks out of loop

Instead of always re-lock the iflist_mtx at multiple interfaces we lock
the complete for each loop at start and at the end.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac820154: rename sdata next to tmp
Alexander Aring [Wed, 12 Nov 2014 02:36:49 +0000 (03:36 +0100)]
mac820154: rename sdata next to tmp

This patch is just a cleanup to name the temporary variable for
protected list for each loop as tmp.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac820154: move interface unregistration into iface
Alexander Aring [Wed, 12 Nov 2014 02:36:48 +0000 (03:36 +0100)]
mac820154: move interface unregistration into iface

This patch move the iface unregistration into iface.c file to have
a behaviour which is similar like mac80211. Also iface handling should
be inside iface.c file only.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: 6lowpan: Remove unnecessary RCU callback
Johan Hedberg [Tue, 11 Nov 2014 12:16:29 +0000 (14:16 +0200)]
Bluetooth: 6lowpan: Remove unnecessary RCU callback

When kfree() is all that's needed to free an object protected by RCU
there's a kfree_rcu() convenience function that can be used. This patch
updates the 6lowpan code to use this, thereby eliminating the need for
the separate peer_free() function.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix mgmt connected notification
Johan Hedberg [Tue, 11 Nov 2014 09:33:24 +0000 (11:33 +0200)]
Bluetooth: Fix mgmt connected notification

This patch fixes a regression that was introduced by commit
cb77c3ec075a50e9f956f62dc2e4c0394df1d578. In addition to BT_CONFIG,
BT_CONNECTED is also a state in which we may get a remote name and need
to indicate over mgmt the connection status. This scenario is
particularly likely to happen for incoming connections that do not need
authentication since there the hci_conn state will reach BT_CONNECTED
before the remote name is received.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: hci-uart-ath: Correct the comments in this driver
Fugang Duan [Mon, 10 Nov 2014 06:51:49 +0000 (14:51 +0800)]
Bluetooth: hci-uart-ath: Correct the comments in this driver

Correct the comments in this driver. Set the CRTSCTS flag means
automatic flow control is enabled.

Signed-off-by: Fugang Duan <B38611@freescale.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix sparse warning in amp.c
Johan Hedberg [Mon, 10 Nov 2014 13:53:45 +0000 (15:53 +0200)]
Bluetooth: Fix sparse warning in amp.c

This fixes the following sparse warning:

net/bluetooth/amp.c:152:53: warning: Variable length array is used.

The warning itself is probably harmless since this kind of usage of
shash_desc is present also in other places in the kernel (there's even a
convenience macro SHASH_DESC_ON_STACK available for defining such stack
variables). However, dynamically allocated versions are also used in
several places of the kernel (e.g. kernel/kexec.c and lib/digsig.c)
which have the benefit of not exhibiting the sparse warning.

Since there are no more sparse warnings in the Bluetooth subsystem after
fixing this one it is now easier to spot whenever new ones might get
introduced by future patches.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: protect address changes via ioctl
Alexander Aring [Sun, 9 Nov 2014 07:36:59 +0000 (08:36 +0100)]
mac802154: protect address changes via ioctl

This patch adds a netif_running check while trying to change the address
attributes via ioctl. While netif_running is true these attributes
should be only readable.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: fix iface dump with lowpan
Alexander Aring [Sun, 9 Nov 2014 07:36:58 +0000 (08:36 +0100)]
ieee802154: fix iface dump with lowpan

This patch adds a hacked solution for an interface dump with a running
lowpan interface. This will crash because lowpan and wpan interface use
the same arphdr. To change the arphdr will change the UAPI, this patch
checks on mtu which should on lowpan interface always different than
IEEE802154_MTU.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: netlink add rtnl lock
Alexander Aring [Sun, 9 Nov 2014 07:36:57 +0000 (08:36 +0100)]
ieee802154: netlink add rtnl lock

This patch adds rtnl lock hold mechanism while accessing wpan_dev
attributes. Furthermore these attributes should be protected by rtnl
lock and netif_running only.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac820154: don't set monitor dev_addr
Alexander Aring [Sun, 9 Nov 2014 07:36:56 +0000 (08:36 +0100)]
mac820154: don't set monitor dev_addr

This patch removes the setting of dev_addr on a monitor device. This
address should be zero. A monitor should only sniff and send raw frames
out. The address should be never used by upper layers and receiving
frame parsing.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: add wpan_dev dump support
Alexander Aring [Sun, 9 Nov 2014 07:36:55 +0000 (08:36 +0100)]
ieee802154: add wpan_dev dump support

This patch adds support for wpan_dev dump via nl802154 framework.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: add wpan_phy dump support
Alexander Aring [Sun, 9 Nov 2014 07:36:54 +0000 (08:36 +0100)]
ieee802154: add wpan_phy dump support

This patch adds support for dumping wpan_phy attributes via nl802154.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: add nl802154 framework
Alexander Aring [Sun, 9 Nov 2014 07:36:53 +0000 (08:36 +0100)]
ieee802154: add nl802154 framework

This patch adds a basic nl802154 framework. Most of this code was
grabbed from nl80211 framework.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: add new nl802154 header
Alexander Aring [Sun, 9 Nov 2014 07:36:52 +0000 (08:36 +0100)]
ieee802154: add new nl802154 header

This patch adds the new userspace header for nl802154. We don't place
this header in include/uapi now. This header could be modified in the
next time.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: sysfs add wpan_phy index and name
Alexander Aring [Sun, 9 Nov 2014 07:36:51 +0000 (08:36 +0100)]
ieee802154: sysfs add wpan_phy index and name

This patch adds new sysfs entries for wpan_phy index and name. This
needed for the new 802.15.4 userspace tool.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: add wpan_dev_list
Alexander Aring [Sun, 9 Nov 2014 07:36:50 +0000 (08:36 +0100)]
ieee802154: add wpan_dev_list

This patch adds a wpan_dev_list list into cfg802154_registered_device
struct. Also adding new wpan_dev into this list while
cfg802154_netdev_notifier_call. This behaviour is mostly grab from
wireless core.c implementation and is needed for preparing nl802154
framework.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: add iftype to wpan_dev
Alexander Aring [Sun, 9 Nov 2014 07:36:49 +0000 (08:36 +0100)]
ieee802154: add iftype to wpan_dev

This patch adds an iftype argument to the wpan_dev. This is needed to
get the interface type from netdev ieee802154_ptr. The subif data struct
can only accessible in mac802154 branch.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: add cfg802154_registered_device list
Alexander Aring [Sun, 9 Nov 2014 07:36:48 +0000 (08:36 +0100)]
ieee802154: add cfg802154_registered_device list

This patch adds a new cfg802154_rdev_list to remember all registered
cfg802154_registered_device structs. This is needed to prepare the
upcomming nl802154 framework.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: rename wpan_phy_alloc
Alexander Aring [Sun, 9 Nov 2014 07:36:47 +0000 (08:36 +0100)]
ieee802154: rename wpan_phy_alloc

This patch renames the wpan_phy_alloc function to wpan_phy_new. This
naming convention is like wireless and "wiphy_new" function.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: remove mac_params in sdata
Alexander Aring [Sun, 9 Nov 2014 07:36:46 +0000 (08:36 +0100)]
mac802154: remove mac_params in sdata

This patch removes the mac_params from subif data struct. Instead we
manipulate the wpan attributes directly.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: move mac pib attributes into wpan_dev
Alexander Aring [Sun, 9 Nov 2014 07:36:45 +0000 (08:36 +0100)]
mac802154: move mac pib attributes into wpan_dev

This patch moves all mac pib attributes into the wpan_dev struct.
Furthermore we can easier access these attributes over the netdev
802154_ptr pointer. Currently this is only possible over a complicated
callback structure in mac802154 because subif data structure is
accessable inside mac802154 only.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: 6lowpan: fix skb_unshare behaviour
Alexander Aring [Wed, 8 Oct 2014 08:24:53 +0000 (10:24 +0200)]
Bluetooth: 6lowpan: fix skb_unshare behaviour

This patch reverts commit:

a7807d73 ("Bluetooth: 6lowpan: Avoid memory leak if memory allocation
fails")

which was wrong suggested by Alexander Aring. The function skb_unshare
run also kfree_skb on failure.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Cc: stable@vger.kernel.org # 3.18.x
10 years agoBluetooth: Send mgmt_connected only if state is BT_CONFIG
Jaganath Kanakkassery [Fri, 7 Nov 2014 11:09:09 +0000 (16:39 +0530)]
Bluetooth: Send mgmt_connected only if state is BT_CONFIG

If a remote name request is initiated while acl connection is going on,
and if it fails then mgmt_connected will be sent. Evetually after acl
connection, authentication will not be initiated and userspace will
never get pairing reply.

< HCI Command: Create Connection (0x01|0x0005) plen 13
    bdaddr AA:BB:CC:DD:EE:FF ptype 0xcc18 rswitch 0x01 clkoffset 0x2306 (valid)
    Packet type: DM1 DM3 DM5 DH1 DH3 DH5
> HCI Event: Command Status (0x0f) plen 4
    Create Connection (0x01|0x0005) status 0x00 ncmd 1
> HCI Event: Inquiry Complete (0x01) plen 1
    status 0x00
< HCI Command: Remote Name Request (0x01|0x0019) plen 10
    bdaddr AA:BB:CC:DD:EE:FF mode 1 clkoffset 0x2306
> HCI Event: Command Status (0x0f) plen 4
    Remote Name Request (0x01|0x0019) status 0x0c ncmd 1
    Error: Command Disallowed
> HCI Event: Connect Complete (0x03) plen 11
    status 0x00 handle 50 bdaddr 00:0D:FD:47:53:B2 type ACL encrypt 0x00
< HCI Command: Read Remote Supported Features (0x01|0x001b) plen 2
    handle 50
> HCI Event: Command Status (0x0f) plen 4
    Read Remote Supported Features (0x01|0x001b) status 0x00 ncmd 1
> HCI Event: Max Slots Change (0x1b) plen 3
    handle 50 slots 5
> HCI Event: Read Remote Supported Features (0x0b) plen 11
    status 0x00 handle 50
    Features: 0xff 0xff 0x8f 0xfe 0x9b 0xff 0x59 0x83
< HCI Command: Read Remote Extended Features (0x01|0x001c) plen 3
    handle 50 page 1
> HCI Event: Command Status (0x0f) plen 4
    Read Remote Extended Features (0x01|0x001c) status 0x00 ncmd 1
> HCI Event: Read Remote Extended Features (0x23) plen 13
    status 0x00 handle 50 page 1 max 1
    Features: 0x01 0x00 0x00 0x00 0x00 0x00 0x00 0x00

This patch sends mgmt_connected in remote name command status only if
conn->state is BT_CONFIG

Signed-off-by: Jaganath Kanakkassery <jaganath.k@samsung.com>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
10 years ago6lowpan: move skb_free from error paths in decompression
Martin Townsend [Thu, 6 Nov 2014 19:15:13 +0000 (19:15 +0000)]
6lowpan: move skb_free from error paths in decompression

Currently we ensure that the skb is freed on every error path in IPHC
decompression which makes it easy to introduce skb leaks.  By centralising
the skb_free into the receive function it makes future decompression routines
easier to maintain.  It does come at the expense of ensuring that the skb
passed into the decompression routine must not be copied.

Signed-off-by: Martin Townsend <mtownsend1973@gmail.com>
Acked-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Acked-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Sort switch cases by opcode's numeric value
Kuba Pawlak [Thu, 6 Nov 2014 18:36:53 +0000 (19:36 +0100)]
Bluetooth: Sort switch cases by opcode's numeric value

Opcodes in switch/case in hci_cmd_status_evt are not sorted
by value. This patch restores proper ordering.

Signed-off-by: Kuba Pawlak <kubax.t.pawlak@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Clear role switch pending flag
Kuba Pawlak [Thu, 6 Nov 2014 18:36:52 +0000 (19:36 +0100)]
Bluetooth: Clear role switch pending flag

If role switch was rejected by the controller and HCI Event: Command Status
returned with status "Command Disallowed" (0x0C) the flag
HCI_CONN_RSWITCH_PEND remains set. No further role switches are
possible as this flag prevents us from sending any new HCI Switch Role
requests and the only way to clear it is to receive a valid
HCI Event Switch Role.

This patch clears the flag if command was rejected.

2013-01-01 00:03:44.209913 < HCI Command: Switch Role (0x02|0x000b) plen 7
    bdaddr BC:C6:DB:C4:6F:79 role 0x00
    Role: Master
2013-01-01 00:03:44.210867 > HCI Event: Command Status (0x0f) plen 4
    Switch Role (0x02|0x000b) status 0x0c ncmd 1
    Error: Command Disallowed

Signed-off-by: Kuba Pawlak <kubax.t.pawlak@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoat86rf230: fix simple_return.cocci warnings
Fengguang Wu [Thu, 6 Nov 2014 07:31:57 +0000 (15:31 +0800)]
at86rf230: fix simple_return.cocci warnings

drivers/net/ieee802154/at86rf230.c:1365:1-3: WARNING: end returns can be simpified

 Simplify a trivial if-return sequence.  Possibly combine with a
 preceding function call.
Generated by: scripts/coccinelle/misc/simple_return.cocci

Signed-off-by: Fengguang Wu <fengguang.wu@intel.com>
Acked-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: fix typo promisuous to promiscuous
Alexander Aring [Wed, 5 Nov 2014 19:51:29 +0000 (20:51 +0100)]
mac802154: fix typo promisuous to promiscuous

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: use IEEE802154_EXTENDED_ADDR_LEN
Alexander Aring [Wed, 5 Nov 2014 19:51:28 +0000 (20:51 +0100)]
mac802154: use IEEE802154_EXTENDED_ADDR_LEN

This patch removes the af_ieee802154 defines and use the
IEEE802154_EXTENDED_ADDR_LEN. We should do this everywhere in the
802.15.4 subsystem because af_ieee802154 should be normally an uapi
header.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoat86rf230: add force slotted operation bit
Alexander Aring [Wed, 5 Nov 2014 19:51:27 +0000 (20:51 +0100)]
at86rf230: add force slotted operation bit

This patch adds a force setting of slotted operation bit. The atben
chips sometimes set these bit. The reason is unknown. Nevertheless we
don't support slotted operation so we set this bit now force while
probing.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoat86rf230: generate random perm extended address
Alexander Aring [Wed, 5 Nov 2014 19:51:26 +0000 (20:51 +0100)]
at86rf230: generate random perm extended address

This patch adds support for a random generated perm extended address for
the at86rf230 driver.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: add support for perm_extended_addr
Alexander Aring [Wed, 5 Nov 2014 19:51:25 +0000 (20:51 +0100)]
mac802154: add support for perm_extended_addr

This patch adding support for a perm extended address. This is useful
when a device supports an eeprom with a programmed static extended address.
If a device doesn't support such eeprom or serial registers then the
driver should generate a random extended address.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: cleanup ieee802154_netdev_to_extended_addr
Alexander Aring [Wed, 5 Nov 2014 19:51:24 +0000 (20:51 +0100)]
mac802154: cleanup ieee802154_netdev_to_extended_addr

This patch cleanups the ieee802154_be64_to_le64 to have a similar
function like ieee802154_le64_to_be64 only with switched source and
destionation types.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: add ieee802154_le64_to_be64
Alexander Aring [Wed, 5 Nov 2014 19:51:23 +0000 (20:51 +0100)]
mac802154: add ieee802154_le64_to_be64

This patch adds a new function to convert a le64 to a be64. This is
useful to translate an extended address to a netdev dev_addr.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: add ieee802154_random_extended_addr
Alexander Aring [Wed, 5 Nov 2014 19:51:22 +0000 (20:51 +0100)]
ieee802154: add ieee802154_random_extended_addr

This patch adds a new function to generate a random IEEE 802.15.4
extended address.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: add IEEE802154_EXTENDED_ADDR_LEN
Alexander Aring [Wed, 5 Nov 2014 19:51:21 +0000 (20:51 +0100)]
ieee802154: add IEEE802154_EXTENDED_ADDR_LEN

This patch adds a new define for getting the length of an extended
address.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: add ieee802154_vif struct
Alexander Aring [Wed, 5 Nov 2014 19:51:20 +0000 (20:51 +0100)]
mac802154: add ieee802154_vif struct

This patch adds an ieee802154_vif similar like the ieee80211_vif which
holds the interface type and maybe further more attributes like the
ieee80211_vif structure.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Cc: Varka Bhadram <varkabhadram@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: add default interface registration
Alexander Aring [Wed, 5 Nov 2014 19:51:19 +0000 (20:51 +0100)]
mac802154: add default interface registration

This patch adds a default interface registration for a wpan interface
type. Currently the 802.15.4 subsystem need to call userspace tools to
add an interface. This patch is like mac80211 handling for registration
a station interface type by default.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: remove mlme get_phy callback
Alexander Aring [Wed, 5 Nov 2014 19:51:18 +0000 (20:51 +0100)]
ieee802154: remove mlme get_phy callback

This patch removes the get_phy callback from mlme ops structure. Instead
we doing a dereference via ieee802154_ptr dev pointer. For backwards
compatibility we need to run get_device after dereference wpan_phy via
ieee802154_ptr.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: rework interface registration
Alexander Aring [Wed, 5 Nov 2014 19:51:17 +0000 (20:51 +0100)]
ieee802154: rework interface registration

This patch meld mac802154_netdev_register into ieee802154_if_add
function. Also we have now only one alloc_netdev call with one interface
setup routine "ieee802154_if_setup" instead two different one for each
interface type. This patch checks via runtime the interface type and do
different handling now. Additional we add the wpan_dev struct in
ieee802154_sub_if_data and set the new ieee802154_ptr while netdev
registration. This behaviour is very similar the mac80211 netdev
registration functionality.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: move dev_hold out of ieee802154_if_add
Alexander Aring [Wed, 5 Nov 2014 19:51:16 +0000 (20:51 +0100)]
mac802154: move dev_hold out of ieee802154_if_add

This patch moves the dev_hold call inside of nl-phy ieee802154_add_iface
function. The ieee802154_add_iface is the only one function which use the
ieee802154_if_add function and contains the corresponding dev_put call.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: move interface add handling in iface
Alexander Aring [Wed, 5 Nov 2014 19:51:15 +0000 (20:51 +0100)]
mac802154: move interface add handling in iface

This patch moves and renames the mac802154_add_iface and
mac802154_netdev_register functions into iface.c. The function
mac802154_add_iface is renamed to ieee802154_if_add which is a similar naming
convention like mac80211.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agomac802154: move interface del handling in iface
Alexander Aring [Wed, 5 Nov 2014 19:51:14 +0000 (20:51 +0100)]
mac802154: move interface del handling in iface

This patch moves and rename the mac802154_del_iface function into
iface.c and rename the function to ieee802154_if_remove which is a similar
naming convention like mac80211.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: remove nl802154 unused functions
Alexander Aring [Wed, 5 Nov 2014 19:51:13 +0000 (20:51 +0100)]
ieee802154: remove nl802154 unused functions

The include/net/nl802154.h file contains a lot of prototypes which are
not used inside of ieee802154 subsystem. This patch removes this file
and make the only one used prototype "ieee802154_nl_start_confirm" as
static declaration in ieee802154/nl-mac.c

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: rework wpan_phy index assignment
Alexander Aring [Wed, 5 Nov 2014 19:51:12 +0000 (20:51 +0100)]
ieee802154: rework wpan_phy index assignment

This patch reworks the wpan_phy index incrementation. It's now similar
like wireless wiphy index incrementation. We move the wpan_phy index
attribute inside of cfg802154_registered_device and use atomic
operations instead locking mechanism via wpan_phy_mutex.

Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoieee802154: || vs && in ieee802154_is_valid_extended_addr()
Dan Carpenter [Tue, 4 Nov 2014 08:55:09 +0000 (11:55 +0300)]
ieee802154: || vs && in ieee802154_is_valid_extended_addr()

The ieee802154_is_valid_extended_addr() always returns true because
there is a typo.  The || should be &&.  Neither 0x0000000000000000ULL
nor 0xffffffffffffffffULL are valid addresses.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years ago6lowpan: fix udp header compression when using raw sockets
Simon Vincent [Tue, 4 Nov 2014 15:29:51 +0000 (15:29 +0000)]
6lowpan: fix udp header compression when using raw sockets

If you use RAW sockets the transport header offset is not set by the
ipv6 stack so when we get to the udp header compression it does not
compress the right part of the packet.

This patch adds a check for this scenario and sets the transport
header offset.

Signed-off-by: Simon Vincent <simon.vincent@xsilon.com>
Acked-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
10 years agoBluetooth: Fix sparse warnings in RFCOMM
Johan Hedberg [Tue, 4 Nov 2014 06:45:45 +0000 (08:45 +0200)]
Bluetooth: Fix sparse warnings in RFCOMM

This patch fixes the following sparse warnings in rfcomm/core.c:

net/bluetooth/rfcomm/core.c:391:16: warning: dubious: x | !y
net/bluetooth/rfcomm/core.c:546:24: warning: dubious: x | !y

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>