18 Apr, 2019
1 commit
-
[Patch] Pulling the following commits and some general changes
from custom v3.10 kernel for supporting qcacld2.0 on kernel v4.9.11.
1. cfg80211: Using new wiphy flag WIPHY_FLAG_DFS_OFFLOAD
When flag WIPHY_FLAG_DFS_OFFLOAD is defined, the driver would handle
all the DFS related operations. Therefore the kernel needs to ignore
the DFS state that it uses to block the userspace calls to the driver
through cfg80211 APIs. Also it should treat the userspace calls to
start radar detection as a no-op.Please note that changes in util.c is not picked up explicitly.
Kernel v4.9.11 uses wrapper cfg80211_get_chans_dfs_required which takes
care of this change.Change-Id: I9dd2076945581ca67e54dfc96dd3dbc526c6f0a2
IRs-Fixed: 2026862. New db.txt from git/sforshee/wireless-regdb.git
CONFIG_CFG80211_INTERNAL_REGDB is enabled in build. This causes
kernel warn messages as db.txt is empty. A new db.txt is added
from:
git://git.kernel.org/pub/scm/linux/kernel/git/sforshee/wireless-regdb.gitIRs-Fixed: 202686
3. Picked up the declaration and definition of the function
cfg80211_is_gratuitous_arp_unsolicited_naChange-Id: I1e4083a2327c121073226aa6b75bb6b5b97cec00
CRs-fixed: 1079453Signed-off-by: Nakul Kachhwaha
Signed-off-by: Fugang Duan
(Vipul: Fixed merge conflicts)
(TODO: checkpatch warnings)
Signed-off-by: Vipul Kumar
13 Dec, 2018
1 commit
-
commit 312ca38ddda64bac6513ec68e0ac3789b4eb44dc upstream.
This function was modified to support the information element extension
case (WLAN_EID_EXTENSION) in a manner that would result in an infinite
loop when going through set of IEs that include WLAN_EID_RIC_DATA and
contain an IE that is in the after_ric array. The only place where this
can currently happen is in mac80211 ieee80211_send_assoc() where
ieee80211_ie_split_ric() is called with after_ric[].This can be triggered by valid data from user space nl80211
association/connect request (i.e., requiring GENL_UNS_ADMIN_PERM). The
only known application having an option to include WLAN_EID_RIC_DATA in
these requests is wpa_supplicant and it had a bug that prevented this
specific contents from being used (and because of that, not triggering
this kernel bug in an automated test case ap_ft_ric) and now that this
bug is fixed, it has a workaround to avoid this kernel issue.
WLAN_EID_RIC_DATA is currently used only for testing purposes, so this
does not cause significant harm for production use cases.Fixes: 2512b1b18d07 ("mac80211: extend ieee80211_ie_split to support EXTENSION")
Cc: stable@vger.kernel.org
Signed-off-by: Jouni Malinen
Signed-off-by: Johannes Berg
Signed-off-by: Greg Kroah-Hartman
04 Sep, 2018
1 commit
-
…kernel/git/jberg/mac80211
Johannes Berg says:
====================
Here are quite a large number of fixes, notably:
* various A-MSDU building fixes (currently only affects mt76)
* syzkaller & spectre fixes in hwsim
* TXQ vs. teardown fix that was causing crashes
* embed WMM info in reg rule, bad code here had been causing crashes
* one compilation issue with fix from Arnd (rfkill-gpio includes)
* fixes for a race and bad data during/after channel switch
* nl80211: a validation fix, attribute type & unit fixes
along with other small fixes.
====================Signed-off-by: David S. Miller <davem@davemloft.net>
03 Sep, 2018
1 commit
-
The "chandef->center_freq1" variable is a u32 but "freq" is a u16 so we
are truncating away the high bits. I noticed this bug because in commit
9cf0a0b4b64a ("cfg80211: Add support for 60GHz band channels 5 and 6")
we made "freq
Signed-off-by: Johannes Berg
30 Jun, 2018
1 commit
-
…inux/kernel/git/jberg/mac80211-next
Small merge conflict in net/mac80211/scan.c, I preserved
the kcalloc() conversion. -DaveMJohannes Berg says:
====================
This round's updates:
* finally some of the promised HE code, but it turns
out to be small - but everything kept changing, so
one part I did in the driver was >30 patches for
what was ultimately <200 lines of code ... similar
here for this code.
* improved scan privacy support - can now specify scan
flags for randomizing the sequence number as well as
reducing the probe request element content
* rfkill cleanups
* a timekeeping cleanup from Arnd
* various other cleanups
====================Signed-off-by: David S. Miller <davem@davemloft.net>
15 Jun, 2018
3 commits
-
Add support for the HE in cfg80211 and also add userspace API to
nl80211 to send rate information out, conforming with P802.11ax_D2.0.Signed-off-by: Liad Kaufman
Signed-off-by: Johannes Berg
Signed-off-by: Ilan Peer
Signed-off-by: Ido Yariv
Signed-off-by: Luca Coelho
Signed-off-by: Johannes Berg -
The arguments should be (# of elements, size of each) instead
of the other way around, which really ends up being mostly
equivalent but smatch complains about it, so swap them.Signed-off-by: Johannes Berg
Signed-off-by: Johannes Berg -
Most of the implementations behind cfg80211_get_station will not initialize
sinfo to zero before manipulating it. For example, the member "filled",
which indicates the filled in parts of this struct, is often only modified
by enabling certain bits in the bitfield while keeping the remaining bits
in their original state. A caller without a preinitialized sinfo.filled can
then no longer decide which parts of sinfo were filled in by
cfg80211_get_station (or actually the underlying implementations).cfg80211_get_station must therefore take care that sinfo is initialized to
zero. Otherwise, the caller may tries to read information which was not
filled in and which must therefore also be considered uninitialized. In
batadv_v_elp_get_throughput's case, an invalid "random" expected throughput
may be stored for this neighbor and thus the B.A.T.M.A.N V algorithm may
switch to non-optimal neighbors for certain destinations.Fixes: 7406353d43c8 ("cfg80211: implement cfg80211_get_station cfg80211 API")
Reported-by: Thomas Lauer
Reported-by: Marcel Schmidt
Cc: b.a.t.m.a.n@lists.open-mesh.org
Signed-off-by: Sven Eckelmann
Signed-off-by: Johannes Berg
18 May, 2018
1 commit
-
With the addition of TXQ stats in the per-tid statistics the struct
station_info grew significantly. This resulted in stack size warnings
due to the structure itself being above the limit for the warnings.Add an allocation function that those who want to provide per-tid
stats should use to allocate the tid array, i.e.
struct station_info::pertid.Cc: Toke Høiland-Jørgensen
Fixes: 52539ca89f36 ("cfg80211: Expose TXQ stats and parameters to userspace")
Signed-off-by: Arend van Spriel
[johannes: fix missing BIT() and logic by removing]
Signed-off-by: Johannes Berg
27 Feb, 2018
1 commit
-
Only works if the IV was stripped from packets. Create a smaller
variant of ieee80211_rx_h_amsdu, which bypasses checks already done
within the fast-rx context.In order to do so, update cfg80211's ieee80211_data_to_8023_exthdr()
to take the offset between header and snap.Signed-off-by: Felix Fietkau
Signed-off-by: Johannes Berg
04 Nov, 2017
1 commit
-
Files removed in 'net-next' had their license header updated
in 'net'. We take the remove from 'net-next'.Signed-off-by: David S. Miller
02 Nov, 2017
1 commit
-
Many source files in the tree are missing licensing information, which
makes it harder for compliance tools to determine the correct license.By default all files without license information are under the default
license of the kernel, which is GPL version 2.Update the files which contain no license information with the 'GPL-2.0'
SPDX license identifier. The SPDX identifier is a legally binding
shorthand, which can be used instead of the full boiler plate text.This patch is based on work done by Thomas Gleixner and Kate Stewart and
Philippe Ombredanne.How this work was done:
Patches were generated and checked against linux-4.14-rc6 for a subset of
the use cases:
- file had no licensing information it it.
- file was a */uapi/* one with no licensing information in it,
- file was a */uapi/* one with existing licensing information,Further patches will be generated in subsequent months to fix up cases
where non-standard license headers were used, and references to license
had to be inferred by heuristics based on keywords.The analysis to determine which SPDX License Identifier to be applied to
a file was done in a spreadsheet of side by side results from of the
output of two independent scanners (ScanCode & Windriver) producing SPDX
tag:value files created by Philippe Ombredanne. Philippe prepared the
base worksheet, and did an initial spot review of a few 1000 files.The 4.13 kernel was the starting point of the analysis with 60,537 files
assessed. Kate Stewart did a file by file comparison of the scanner
results in the spreadsheet to determine which SPDX license identifier(s)
to be applied to the file. She confirmed any determination that was not
immediately clear with lawyers working with the Linux Foundation.Criteria used to select files for SPDX license identifier tagging was:
- Files considered eligible had to be source code files.
- Make and config files were included as candidates if they contained >5
lines of source
- File already had some variant of a license header in it (even if
Reviewed-by: Philippe Ombredanne
Reviewed-by: Thomas Gleixner
Signed-off-by: Greg Kroah-Hartman
02 Oct, 2017
1 commit
-
Add an event that indicates that a connection is authorized
(i.e. the 4 way handshake was performed by the driver). This event
should be sent by the driver after sending a connect/roamed event.This is useful for networks that require 802.1X authentication.
In cases that the driver supports 4 way handshake offload, but the
802.1X authentication is managed by user space, the driver needs to
inform user space right after the 802.11 association was completed
so user space can initialize its 802.1X state machine etc.
However, it is also possible that the AP will choose to skip the
802.1X authentication (e.g. when PMKSA caching is used) and proceed
with the 4 way handshake immediately. In this case the driver needs
to inform user space that 802.1X authentication is no longer required
(e.g. to prevent user space from disconnecting since it did not get
any EAPOLs from the AP).This is also useful for roaming, in which case it is possible that
the driver used the Fast Transition protocol so 802.1X is not
required.Since there will now be a dedicated notification indicating that the
connection is authorized, the authorized flag can be removed from the
roamed event. Drivers can send the new port authorized event right
after sending the roamed event to indicate the new AP is already
authorized. This therefore reserves the old PORT_AUTHORIZED attribute.Signed-off-by: Avraham Stern
Signed-off-by: Johannes Berg
21 Sep, 2017
3 commits
-
According to IEEE Std 802.11-2016 (16.2.3.4 Long PHY SIGNAL field) all of
the following rates are mandatory for a HR/DSSS PHY: 1 Mb/s, 2 Mb/s,
5.5 Mb/s and 11 Mb/s. Set IEEE80211_RATE_MANDATORY_B flag for all of these
instead of just 1 Mb/s to correctly reflect this.Signed-off-by: Richard Schütz
[johannes: use switch statement]
Signed-off-by: Johannes Berg -
This function hasn't been used since the removal of iwmc3200wifi
in 2012. It also appears to have a bug when qos=True, since then
it'll copy uninitialized stack memory to the SKB.Just remove the function entirely.
Reported-by: Jouni Malinen
Signed-off-by: Johannes Berg -
Current ieee80211_ie_split() implementation doesn't
account for elements that are sub-elements of the
EXTENSION IE. To extend support to these IEs as well,
treat the WLAN_EID_EXTENSION ids in the %ids array
as indicating that the next id in the array is a
sub-element of the EXTENSION IE.Signed-off-by: Liad Kaufman
Signed-off-by: Luca Coelho
Signed-off-by: Johannes Berg
16 Jun, 2017
1 commit
-
It seems like a historic accident that these return unsigned char *,
and in many places that means casts are required, more often than not.Make these functions return void * and remove all the casts across
the tree, adding a (u8 *) cast only where the unsigned char pointer
was used directly, all done with the following spatch:@@
expression SKB, LEN;
typedef u8;
identifier fn = { skb_push, __skb_push, skb_push_rcsum };
@@
- *(fn(SKB, LEN))
+ *(u8 *)fn(SKB, LEN)@@
expression E, SKB, LEN;
identifier fn = { skb_push, __skb_push, skb_push_rcsum };
type T;
@@
- E = ((T *)(fn(SKB, LEN)))
+ E = fn(SKB, LEN)@@
expression SKB, LEN;
identifier fn = { skb_push, __skb_push, skb_push_rcsum };
@@
- fn(SKB, LEN)[0]
+ *(u8 *)fn(SKB, LEN)Note that the last part there converts from push(...)[0] to the
more idiomatic *(u8 *)push(...).Signed-off-by: Johannes Berg
Signed-off-by: David S. Miller
08 Jun, 2017
1 commit
-
This brings in commit 7a7c0a6438b8 ("mac80211: fix TX aggregation
start/stop callback race") to allow the follow-up cleanup.Signed-off-by: Johannes Berg
17 May, 2017
2 commits
-
Linus reported hitting the bandwidth warning, but it is indeed
pretty useless - improve it by printing the rate configuration
and make it only warn once, for both warnings here.Reported-by: Linus Torvalds
Signed-off-by: Johannes Berg -
Mesh forwarding path checks for address extension mode to fetch
appropriate proxied address and MPP address. Existing condition
that looks for 6 address format is not strict enough so that
frames with improper values are processed and invalid entries
are added into MPP table. Fix that by adding a stricter check before
processing the packet.Per IEEE Std 802.11s-2011 spec. Table 7-6g1 lists address extension
mode 0x3 as reserved one. And also Table Table 9-13 does not specify
0x3 as valid address field.Fixes: 9b395bc3be1c ("mac80211: verify that skb data is present")
Signed-off-by: Rajkumar Manoharan
Signed-off-by: Johannes Berg
28 Apr, 2017
1 commit
-
cfg80211_roamed() and cfg80211_roamed_bss() take the same arguments
except that cfg80211_roamed() requires the BSSID and
cfg80211_roamed_bss() requires the bss entry.Unify the two functions by using a struct for driver initiated
roaming information so that either the BSSID or the bss entry can be
passed as an argument to the unified function.Signed-off-by: Avraham Stern
[modified the ath6k, brcm80211, rndis and wlan-ng drivers accordingly]
Signed-off-by: Luca Coelho
[modify brcmfmac to remove the useless cast, spotted by Arend]
Signed-off-by: Johannes Berg
18 Apr, 2017
1 commit
-
__ieee80211_amsdu_copy_frag intentionally initializes a pointer to
array[-1] to increment it later to valid values. clang rightfully
generates an array-bounds warning on the initialization statement.Initialize the pointer to array[0] and change the algorithm from
increment before to increment after consume.Signed-off-by: Matthias Kaehlcke
Signed-off-by: Johannes Berg
13 Apr, 2017
1 commit
-
Instead passing both flags, which can be NULL, and vif_params,
which are never NULL, move the flags into the vif_params and
use BIT(0), which is invalid from userspace, to indicate that
the flags were changed.While updating all drivers, fix a small bug in wil6210 where
it was setting the flags to 0 instead of leaving them unchanged.Signed-off-by: Johannes Berg
31 Mar, 2017
1 commit
-
Currently the connect event from driver takes all the connection
response parameters as arguments. With support for new features these
response parameters can grow. Use a structure to pass these parameters
rather than passing them as function arguments.Signed-off-by: Vidyullatha Kanchanapally
Signed-off-by: Jouni Malinen
[add to documentation]
Signed-off-by: Johannes Berg
06 Mar, 2017
2 commits
-
This function contains the HT calculations, which makes no
sense - split that out into a separate function. As a side
effect, this makes the 60G flag independent from HT_MCS so
remove the MCS one from wil6210 (also deleting a duplicate
assignment.)Signed-off-by: Johannes Berg
-
Combine two instances of having two nested if statements
into a single one with a combined condition to reduce the
indentation.Signed-off-by: Johannes Berg
28 Jan, 2017
1 commit
-
Slava Shwartsman reported a warning in skb_try_coalesce(), when we
detect skb->truesize is completely wrong.In his case, issue came from IPv6 reassembly coping with malicious
datagrams, that forced various pskb_may_pull() to reallocate a bigger
skb->head than the one allocated by NIC driver before entering GRO
layer.Current code does not change skb->truesize, leaving this burden to
callers if they care enough.Blindly changing skb->truesize in pskb_expand_head() is not
easy, as some producers might track skb->truesize, for example
in xmit path for back pressure feedback (sk->sk_wmem_alloc)We can detect the cases where it should be safe to change
skb->truesize :1) skb is not attached to a socket.
2) If it is attached to a socket, destructor is sock_edemux()My audit gave only two callers doing their own skb->truesize
manipulation.I had to remove skb parameter in sock_edemux macro when
CONFIG_INET is not set to avoid a compile error.Signed-off-by: Eric Dumazet
Reported-by: Slava Shwartsman
Signed-off-by: David S. Miller
13 Jan, 2017
1 commit
-
This enhances the connect timeout API to also carry the reason for the
timeout. These reason codes for the connect time out are represented by
enum nl80211_timeout_reason and are passed to user space through a new
attribute NL80211_ATTR_TIMEOUT_REASON (u32).Signed-off-by: Purushottam Kushwaha
Signed-off-by: Jouni Malinen
[keep gfp_t argument last]
Signed-off-by: Johannes Berg
06 Jan, 2017
1 commit
-
It is needed for another cfg80211 helper that will be out of reg.c so
move it to common util.c file and make it non-static.Signed-off-by: Rafał Miłecki
Signed-off-by: Johannes Berg
05 Jan, 2017
1 commit
-
The supported band structure contains the band is applies to
so no need to pass it separately. Also added a default case
to the switch for completeness. The current code base does not
call this function with NUM_NL80211_BANDS but kept that case
statement although default case would cover that.Signed-off-by: Arend van Spriel
Signed-off-by: Johannes Berg
13 Dec, 2016
1 commit
-
The comment on the name indirection suggested an issue but turned out
to be untrue. Digging in older kernel version showed issue with ipw2x00
but that is no longer true so get rid on the name indirection.Signed-off-by: Arend van Spriel
Signed-off-by: Johannes Berg
23 Nov, 2016
1 commit
-
All conflicts were simple overlapping changes except perhaps
for the Thunder driver.That driver has a change_mtu method explicitly for sending
a message to the hardware. If that fails it returns an
error.Normally a driver doesn't need an ndo_change_mtu method becuase those
are usually just range changes, which are now handled generically.
But since this extra operation is needed in the Thunder driver, it has
to stay.However, if the message send fails we have to restore the original
MTU before the change because the entire call chain expects that if
an error is thrown by ndo_change_mtu then the MTU did not change.
Therefore code is added to nicvf_change_mtu to remember the original
MTU, and to restore it upon nicvf_update_hw_max_frs() failue.Signed-off-by: David S. Miller
15 Nov, 2016
1 commit
-
Some drivers (ath10k) report MCS 9 @ 20MHz, which
technically isn't defined. To get more meaningful value
than 0 out of this however, just extrapolate a bitrate
from ratio of MCS 7 and 9 in channels where it is allowed.Signed-off-by: Thomas Pedersen
[add a comment about it in the code]
Signed-off-by: Johannes Berg
31 Oct, 2016
1 commit
-
Mostly simple overlapping changes.
For example, David Ahern's adjacency list revamp in 'net-next'
conflicted with an adjacency list traversal bug fix in 'net'.Signed-off-by: David S. Miller
27 Oct, 2016
3 commits
-
The IEs "output" can sometimes combine IEs coming from userspace
with IEs generated in the kernel - in particular mac80211 does
this for association frames.Add support in this code for the 802.11 IE fragmentation.
Signed-off-by: Johannes Berg
-
Remove the pointless checking against interface combinations in
the initial basic beacon interval validation, that currently isn't
taking into account radar detection or channels properly. Instead,
just validate the basic range there, and then delay real checking
to the interface combination validation that drivers must do.This means that drivers wanting to use the beacon_int_min_gcd will
now have to pass the new_beacon_int when validating the AP/mesh
start.Signed-off-by: Johannes Berg
-
We shouldn't abort the iteration with an error when one of the
potential combinations can't accomodate the beacon interval
request, we should just skip that particular combination. Fix
the code to do so.Signed-off-by: Johannes Berg
18 Oct, 2016
1 commit
-
'limits' is malloced in cfg80211_iter_combinations() and should be freed
before leaving from the error handling cases, otherwise it will cause
memory leak.Fixes: 0c317a02ca98 ("cfg80211: support virtual interfaces with different beacon intervals")
Signed-off-by: Wei Yongjun
Signed-off-by: Johannes Berg
13 Oct, 2016
2 commits
-
This commit provides a mechanism for the host drivers to advertise the
support for different beacon intervals among the respective interface
combinations in a group, through NL80211_IFACE_COMB_BI_MIN_GCD (u32).This value will be compared against GCD of all beaconing interfaces of
matching combinations.If the driver doesn't advertise this value, the old behaviour where
all beacon intervals must be identical is retained.If it is specified, then any beacon interval for an interface in the
interface combination as well as the GCD of all active beacon intervals
in the combination must be greater or equal to this value.Signed-off-by: Purushottam Kushwaha
[change commit message, some variable names, small other things]
Signed-off-by: Johannes Berg -
Move the growing parameter list to a structure for the interface
combination check and iteration functions in cfg80211 and mac80211
to make the code easier to understand.Signed-off-by: Purushottam Kushwaha
[edit commit message]
Signed-off-by: Johannes Berg