10 Jul, 2012
19 commits
-
This patch is based on a recent version of the Broadcom SDK.
Signed-off-by: Hauke Mehrtens
Signed-off-by: John W. Linville -
Some register values of bit shifts are corrected in order to support the upcoming
transmission power control (tpc) for control packets as well.Signed-off-by: Thomas Huehn
Signed-off-by: John W. Linville -
BTCOEX flags are set/cleared by atomic operations.
We got to do the same in ath9k_btcoex_timer_resume,
while clearing those BTCOEX flags.Acked-by: Sujith Manoharan
Signed-off-by: Mohammed Shafi Shajakhan
Signed-off-by: John W. Linville -
Parse WPS IEs from start_ap as well as change_beacon handlers
and set them to FW. Beacon IEs, Probe Response IEs and Assoc
Response IEs are parsed from beacon_data and set to FW with
related masks.Signed-off-by: Avinash Patil
Signed-off-by: Kiran Divekar
Signed-off-by: Bing Zhao
Signed-off-by: John W. Linville -
Being a fullmac driver, mwifiex takes care of populating
beacon, probe response, association response WPS IEs to firmware.
And firmware is responsible for constructing these frames.
Advertise this to cfg80211.Signed-off-by: Avinash Patil
Signed-off-by: Bing Zhao
Signed-off-by: John W. Linville -
This patch adds support for change_beacon handler which is needed
for setting modified management IEs to driver and FW.Signed-off-by: Avinash Patil
Signed-off-by: Bing Zhao
Signed-off-by: John W. Linville -
All IE buffers are freshly supplied. In such case, there is no need
to preserve earlier buffers with same management mask and index.Signed-off-by: Avinash Patil
Signed-off-by: Bing Zhao
Signed-off-by: John W. Linville -
While Head/Tail IEs may contain RSN/WPA IEs which needs to be set
for all mgmt subtypes, beacon_ies, probe_resp_ies, assoc_resp_ies
are for specific mgmt subtypes. Move them to separate function.Signed-off-by: Avinash Patil
Signed-off-by: Bing Zhao
Signed-off-by: John W. Linville -
Pass cfg80211_beacon_data pointer instead of cfg80211_ap_settings.
While setting management IEs we only need cfg80211_beacon_data of
cfg80211_ap_settings which has Tail IE, Head IE and other IE elements.Signed-off-by: Avinash Patil
Signed-off-by: Bing Zhao
Signed-off-by: John W. Linville -
Conflicts:
net/mac80211/mlme.c -
When we remove a key, we put a key index which was supposed
to tell the fw that we are actually removing the key. But
instead the fw took that index as a valid index and messed
up the SRAM of the device.This memory corruption on the device mangled the data of
the SCD. The impact on the user is that SCD queue 2 got
stuck after having removed keys.Reported-by: Paul Bolle
Cc: stable@vger.kernel.org
Signed-off-by: Emmanuel Grumbach
Signed-off-by: Stanislaw Gruszka
Signed-off-by: John W. Linville -
This is iwlegacy version of:
commit 342bbf3fee2fa9a18147e74b2e3c4229a4564912
Author: Johannes Berg
Date: Sun Mar 4 08:50:46 2012 -0800iwlwifi: always monitor for stuck queues
If we only monitor while associated, the following
can happen:
- we're associated, and the queue stuck check
runs, setting the queue "touch" time to X
- we disassociate, stopping the monitoring,
which leaves the time set to X
- almost 2s later, we associate, and enqueue
a frame
- before the frame is transmitted, we monitor
for stuck queues, and find the time set to
X, although it is now later than X + 2000ms,
so we decide that the queue is stuck and
erroneously restart the deviceCc: stable@vger.kernel.org
Signed-off-by: Stanislaw Gruszka
Signed-off-by: John W. Linville -
On rt2x00_dmastart() we increase index specified by Q_INDEX and on
rt2x00_dmadone() we increase index specified by Q_INDEX_DONE. So entries
between Q_INDEX_DONE and Q_INDEX are those we currently process in the
hardware. Entries between Q_INDEX and Q_INDEX_DONE are those we can
submit to the hardware.According to that fix rt2x00usb_kick_queue(), as we need to submit RX
entries that are not processed by the hardware. It worked before only
for empty queue, otherwise was broken.Note that for TX queues indexes ordering are ok. We need to kick entries
that have filled skb, but was not submitted to the hardware, i.e.
started from Q_INDEX_DONE and have ENTRY_DATA_PENDING bit set.From practical standpoint this fixes RX queue stall, usually reproducible
in AP mode, like for example reported here:
https://bugzilla.redhat.com/show_bug.cgi?id=828824Reported-and-tested-by: Franco Miceli
Reported-and-tested-by: Tom Horsley
Cc: stable@vger.kernel.org
Signed-off-by: Stanislaw Gruszka
Signed-off-by: John W. Linville -
> *. CID 709078: Resource leak (RESOURCE_LEAK)
> - drivers/net/wireless/mwifiex/cfg80211.c, line: 935
> Assigning: "bss_cfg" = storage returned from "kzalloc(132UL, 208U)"
> - but was not free
> drivers/net/wireless/mwifiex/cfg80211.c:935Signed-off-by: Bing Zhao
Signed-off-by: John W. Linville -
If association failed due to internal error (e.g. no
supported rates IE), we call ieee80211_destroy_assoc_data()
with assoc=true, while we actually reject the association.This results in the BSSID not being zeroed out.
After passing assoc=false, we no longer have to call
sta_info_destroy_addr() explicitly. While on it, move
the "associated" message after the assoc_success check.Cc: stable@vger.kernel.org [3.4+]
Signed-off-by: Eliad Peller
Reviewed-by: Johannes Berg
Signed-off-by: John W. Linville -
llcp_sock_getname can be called without a device attached to the nfc_llcp_sock.
This would lead to the following BUG:
[ 362.341807] BUG: unable to handle kernel NULL pointer dereference at (null)
[ 362.341815] IP: [] llcp_sock_getname+0x75/0xc0
[ 362.341818] PGD 31b35067 PUD 30631067 PMD 0
[ 362.341821] Oops: 0000 [#627] PREEMPT SMP DEBUG_PAGEALLOC
[ 362.341826] CPU 3
[ 362.341827] Pid: 7816, comm: trinity-child55 Tainted: G D W 3.5.0-rc4-next-20120628-sasha-00005-g9f23eb7 #479
[ 362.341831] RIP: 0010:[] [] llcp_sock_getname+0x75/0xc0
[ 362.341832] RSP: 0018:ffff8800304fde88 EFLAGS: 00010286
[ 362.341834] RAX: 0000000000000000 RBX: ffff880033cb8000 RCX: 0000000000000001
[ 362.341835] RDX: ffff8800304fdec4 RSI: ffff8800304fdec8 RDI: ffff8800304fdeda
[ 362.341836] RBP: ffff8800304fdea8 R08: 7ebcebcb772b7ffb R09: 5fbfcb9c35bdfd53
[ 362.341838] R10: 4220020c54326244 R11: 0000000000000246 R12: ffff8800304fdec8
[ 362.341839] R13: ffff8800304fdec4 R14: ffff8800304fdec8 R15: 0000000000000044
[ 362.341841] FS: 00007effa376e700(0000) GS:ffff880035a00000(0000) knlGS:0000000000000000
[ 362.341843] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 362.341844] CR2: 0000000000000000 CR3: 0000000030438000 CR4: 00000000000406e0
[ 362.341851] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 362.341856] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 362.341858] Process trinity-child55 (pid: 7816, threadinfo ffff8800304fc000, task ffff880031270000)
[ 362.341858] Stack:
[ 362.341862] ffff8800304fdea8 ffff880035156780 0000000000000000 0000000000001000
[ 362.341865] ffff8800304fdf78 ffffffff83183b40 00000000304fdec8 0000006000000000
[ 362.341868] ffff8800304f0027 ffffffff83729649 ffff8800304fdee8 ffff8800304fdf48
[ 362.341869] Call Trace:
[ 362.341874] [] sys_getpeername+0xa0/0x110
[ 362.341877] [] ? _raw_spin_unlock_irq+0x59/0x80
[ 362.341882] [] ? do_setitimer+0x23b/0x290
[ 362.341886] [] ? trace_hardirqs_on_thunk+0x3a/0x3f
[ 362.341889] [] system_call_fastpath+0x16/0x1b
[ 362.341921] Code: 84 00 00 00 00 00 b8 b3 ff ff ff 48 85 db 74 54 66 41 c7 04 24 27 00 49 8d 7c 24 12 41 c7 45 00 60 00 00 00 48 8b 83 28 05 00 00 00 41 89 44 24 04 0f b6 83 41 05 00 00 41 88 44 24 10 0f b6
[ 362.341924] RIP [] llcp_sock_getname+0x75/0xc0
[ 362.341925] RSP
[ 362.341926] CR2: 0000000000000000
[ 362.341928] ---[ end trace 6d450e935ee18bf3 ]---Signed-off-by: Sasha Levin
Signed-off-by: John W. Linville -
msp has type struct minstrel_ht_sta_priv not struct minstrel_ht_sta.
(This incorporates the fixup originally posted as "mac80211: fix kzalloc
memory corruption introduced in minstrel_ht". -- JWL)Reported-by: Fengguang Wu
Reported-by: Dan Carpenter
Signed-off-by: Thomas Huehn
Acked-by: Johannes Berg
Signed-off-by: John W. Linville
06 Jul, 2012
4 commits
-
This was useful for debugging the queue stop/wake
issues and is pretty small so let's just put it in.Signed-off-by: Johannes Berg
-
Larry (and some others I think) reported that with
single-queue drivers mac80211 crashes when waking
the queues. This happens because we allocate just
a single queue for each virtual interface in case
the driver doesn't have at least 4 queues, but the
code stopping/waking the virtual interface queues
wasn't taking this into account.Reported-by: Larry Finger
Tested-by: Larry Finger
Signed-off-by: Johannes Berg -
If the interfaces were removed just before a restart
work was started, open_count will be 0, and most of
the reconfig work will be skipped, including the
resetting of local->in_reconfig to false.Leaving local->inconfig = true will result in
dropping any incoming packet.Fix it by always setting local->in_reconfig = false
(even if there are no active interfaces).Signed-off-by: Eliad Peller
Signed-off-by: Johannes Berg -
Due to the way the default key links are created,
it happens that a link is left dangling:
* both unicast/multicast links are created
* unicast link is destroyed, and the links
are updated
* during this update, adding the multicast
link again fails because it is present,
destroying the debugfs pointer
* removing the multicast link won't work as
the pointer has been destroyedFix this by always removing the links and then
re-creating them if needed.Reported-by: Marek Lindner
Reported-by: Antonio Quartulli
Signed-off-by: Johannes Berg
05 Jul, 2012
2 commits
-
60g band uses different from .11n MCS scheme, so bitrate
should be calculated differentlySigned-off-by: Vladimir Kondratiev
Signed-off-by: Johannes Berg -
Until now, a u16 value was used to represent bitrate value.
With VHT bitrates this becomes too small.Introduce a new 32-bit bitrate attribute. nl80211 will report
both the new and the old attribute, unless the bitrate doesn't
fit into the old u16 attribute in which case only the new one
will be reported.User space tools encouraged to prefer the 32-bit attribute, if
available (since it won't be available on older kernels.)Signed-off-by: Vladimir Kondratiev
[reword commit message and comments a bit]
Signed-off-by: Johannes Berg
04 Jul, 2012
1 commit
-
Michal's monitor channel tracking introduce a locking problem
as it locked the rdev lock inside the netdev notifier which
isn't allowed as we might already hold it if we get there by
removing an interface that is up.Fix this by relying only on the RTNL to protect the interface
counters, the RTNL is always held in these code paths anyway.Signed-off-by: Johannes Berg
03 Jul, 2012
5 commits
-
'echo 1 > log_event' generates the bogus "MAC is in deep sleep"
or "Timeout waiting for hardware access" log messages when
the interface is down, we should just disallow accessing the
device through debugfs when it is down.Signed-off-by: Richard A. Griffiths
Reviewed-by: Emmanuel Grumbach
Signed-off-by: Johannes Berg -
There's no need to check trans for non-null
here as it has already been checked in the
caller. This fixes an smatch warning that we
check after having dereferenced it.Reviewed-by: Emmanuel Grumbach
Signed-off-by: Johannes Berg -
Some drivers require setup before being able to send
management frames in managed mode, in particular in
multi-channel cases.Introduce API to allow the drivers to do such setup
while being able to sleep waiting for the setup to
finish in the device. This isn't possible inside the
TX call since that can't sleep.A future patch may also restructure the TX retry to
wait for the driver to report the frame status, as
suggested by Arik in
http://mid.gmane.org/CA+XVXffKSEL6ZQPQ98x-zO-NL2=TNF1uN==mprRyUmAaRn254g@mail.gmail.comSigned-off-by: Johannes Berg
-
Due to the recent change of NUM_BANDS from 2 to 3 hwsim
broke. Fix the code by using the right constant but don't
support bands other than 2.4 and 5 GHz.Reported-by: Dan Carpenter
Signed-off-by: Johannes Berg -
IEEE80211_TX_MAX_RATES can be reduced from 5 to 4 as there
is no current hardware supporting a rate chain with 5 multi
rate stages (mrr), so 4 mrr stages are sufficient.The memory that is freed within the ieee80211_tx_info struct
will be used in the upcoming Transmission Power Control (TPC)
implementation.Suggested-by: Felix Fietkau
Signed-off-by: Thomas Huehn
[reword commit message]
Signed-off-by: Johannes Berg
02 Jul, 2012
6 commits
-
The implementation of tx_frags is buggy due to
not handling queue stop, and there's no driver
implementing it so remove it.Signed-off-by: Johannes Berg
-
Insert the VHT capability IE into probe requests.
Signed-off-by: Mahesh Palivela
Signed-off-by: Johannes Berg -
Provide various constants as defined by the 802.11ad:
frame types, IE's, capability bits, action categoriesIntroduce GCMP cipher, mandatory by 802.11ad
Signed-off-by: Vladimir Kondratiev
Signed-off-by: Johannes Berg -
Add regulatory rule for the 60g band
Signed-off-by: Vladimir Kondratiev
Signed-off-by: Johannes Berg -
Add enumerations for both cfg80211 and nl80211.
This expands wiphy.bands etc. arrays.Extend channel frequency translation to cover 60g band
and modify the rate check logic since there are no legacy
mandatory rates (only MCS is used.)Signed-off-by: Vladimir Kondratiev
Signed-off-by: Johannes Berg -
Drivers might need getting the probe request
(e.g. in order to extract the ssid) even during
auth/assoc.Make ieee80211_ap_probereq_get() support it
by considering auth_data/assoc_data as well.Signed-off-by: Eliad Peller
Signed-off-by: Johannes Berg
29 Jun, 2012
3 commits
-
Debug messages should be printed using dev_dbg() not
dev_err() which requires DEBUG to be defined.Reviewed-by: Emmanuel Grumbach
Signed-off-by: Johannes Berg -
Some messages were missing a trailing newline, add it.
Reviewed-by: Emmanuel Grumbach
Signed-off-by: Johannes Berg -
devlist_mtx locking is changed to accomodate changes.
Signed-off-by: Michal Kazior
Signed-off-by: Johannes Berg
