20 Mar, 2020
16 commits
-
Drivers that trigger roaming need to know the lifetime of the configured
PMKSA for deciding whether to trigger the full or PMKSA cache based
authentication. The configured PMKSA is invalid after the PMK lifetime
has expired and must not be used after that and the STA needs to
disassociate if the PMK expires. Hence the STA is expected to refresh
the PMK with a full authentication before this happens (e.g., when
reassociating to a new BSS the next time or by performing EAPOL
reauthentication depending on the AKM) to avoid unnecessary
disconnection.The PMK reauthentication threshold is the percentage of the PMK lifetime
value and indicates to the driver to trigger a full authentication roam
(without PMKSA caching) after the reauthentication threshold time, but
before the PMK timer has expired. Authentication methods like SAE need
to be able to generate a new PMKSA entry without having to force a
disconnection after this threshold timeout. If no roaming occurs between
the reauthentication threshold time and PMK lifetime expiration,
disassociation is still forced.The new attributes for providing these values correspond to the dot11
MIB variables dot11RSNAConfigPMKLifetime and
dot11RSNAConfigPMKReauthThreshold.This type of functionality is already available in cases where user
space component is in control of roaming. This commit extends that same
capability into cases where parts or all of this functionality is
offloaded to the driver.Signed-off-by: Veerendranath Jakkam
Signed-off-by: Jouni Malinen
Link: https://lore.kernel.org/r/20200312235903.18462-1-jouni@codeaurora.org
Signed-off-by: Johannes Berg -
Use perCPU pointers to get rx_stats in sta_set_sinfo
when RSS is enabledSigned-off-by: Seevalamuthu Mariappan
Link: https://lore.kernel.org/r/1584526555-25960-1-git-send-email-seevalam@codeaurora.org
Signed-off-by: Johannes Berg -
->ndo_get_iflink() is useful for finding lower interface.
Test commands:
ip link add dummy0 type dummy
ip link add vw1 link dummy0 type virt_wifi
ip link show vw1Before:
9: vw1: ...
After:
9: vw1@dummy0: ...Signed-off-by: Taehee Yoo
Link: https://lore.kernel.org/r/20200305090636.28221-1-ap420073@gmail.com
Signed-off-by: Johannes Berg -
Set the NL80211_EXT_FEATURE_DEL_IBSS_STA if the interface support IBSS
mode, so that stations can be reset from user space.mac80211 already deletes stations by itself, so mac80211 drivers must
already support this.This has been successfully tested with ath9k.
Signed-off-by: Nicolas Cavallari
Link: https://lore.kernel.org/r/20200305135754.12094-2-cavallar@lri.fr
Signed-off-by: Johannes Berg -
Sometimes, userspace is able to detect that a peer silently lost its
state (like, if the peer reboots). wpa_supplicant does this for IBSS-RSN
by registering for auth/deauth frames, but when it detects this, it is
only able to remove the encryption keys of the peer and close its port.However, the kernel also hold other state about the station, such as BA
sessions, probe response parameters and the like. They also need to be
resetted correctly.This patch adds the NL80211_EXT_FEATURE_DEL_IBSS_STA feature flag
indicating the driver accepts deleting stations in IBSS mode, which
should send a deauth and reset the state of the station, just like in
mesh point mode.Signed-off-by: Nicolas Cavallari
Link: https://lore.kernel.org/r/20200305135754.12094-1-cavallar@lri.fr
[preserve -EINVAL return]
Signed-off-by: Johannes Berg -
We use the parsing CRC for checking if the beacon changed, and
if the WLAN_EID_EXT_HE_OPERATION extended element changes we
need to track it so we can react to that. Include it in the CRC
calculation.Link: https://lore.kernel.org/r/20200131111300.891737-22-luca@coelho.fi
Signed-off-by: Johannes Berg -
Add API for telling whether the driver supports protected TWT.
The protected_twt capability in the RSNXE will be based on this.Signed-off-by: Shaul Triebitz
Signed-off-by: Luca Coelho
Link: https://lore.kernel.org/r/20200131111300.891737-23-luca@coelho.fi
Signed-off-by: Johannes Berg -
In AP mode, set htc_trig_based_pkt_ext and frame_time_rts_th
for driver use.Signed-off-by: Shaul Triebitz
Signed-off-by: Luca Coelho
Link: https://lore.kernel.org/r/20200131111300.891737-19-luca@coelho.fi
Signed-off-by: Johannes Berg -
Pass the AP's HE operation element to the driver.
Signed-off-by: Shaul Triebitz
Signed-off-by: Luca Coelho
Link: https://lore.kernel.org/r/20200131111300.891737-18-luca@coelho.fi
Signed-off-by: Johannes Berg -
Add support for requesting that the ranging measurement will use
the trigger-based / non trigger-based flow instead of the EDCA based
flow.Signed-off-by: Avraham Stern
Signed-off-by: Luca Coelho
Link: https://lore.kernel.org/r/20200131111300.891737-2-luca@coelho.fi
Signed-off-by: Johannes Berg -
In beacon protection, don't leave skb->next/prev pointing to the
on-stack list, even if that's actually harmless since we don't use
them again afterwards.While at it, check that the SKB on the list is still the same, as
that's required here. If not, the encryption (protection) code is
buggy.Fixes: 0a3a84360b37 ("mac80211: Beacon protection using the new BIGTK (AP)")
Signed-off-by: Johannes Berg
Link: https://lore.kernel.org/r/20200320102021.1be7823fc05e.Ia89fb79a0469d32137c9a04315a1d2dfc7b7d6f5@changeid
Signed-off-by: Johannes Berg -
The structure member added at some point, but the kernel-doc was not
updated.Signed-off-by: Qiujun Huang
Link: https://lore.kernel.org/r/20200312144424.3023-1-hqjagain@gmail.com
Signed-off-by: Johannes Berg -
This patch adds support for disabling pre-auth rx over the nl80211 control
port for mac80211.Signed-off-by: Markus Theil
Link: https://lore.kernel.org/r/20200312091055.54257-3-markus.theil@tu-ilmenau.de
[fix indentation slightly, squash feature enablement]
Signed-off-by: Johannes Berg -
If the nl80211 control port is used before this patch, pre-auth frames
(0x88c7) are send to userspace uncoditionally. While this enables userspace
to only use nl80211 on the station side, it is not always useful for APs.
Furthermore, pre-auth frames are ordinary data frames and not related to
the control port. Therefore it should for example be possible for pre-auth
frames to be bridged onto a wired network on AP side without touching
userspace.For backwards compatibility to code already using pre-auth over nl80211,
this patch adds a feature flag to disable this behavior, while it remains
enabled by default. An additional ext. feature flag is added to detect this
from userspace.Thanks to Jouni for pointing out, that pre-auth frames should be handled as
ordinary data frames.Signed-off-by: Markus Theil
Link: https://lore.kernel.org/r/20200312091055.54257-2-markus.theil@tu-ilmenau.de
Signed-off-by: Johannes Berg -
This allows communication with external entities.
It also required fixing up the netlink policy, since NLA_UNSPEC
attributes are no longer accepted.Signed-off-by: Erel Geron
[port to backports, inline the ID, use 29 as the ID as requested,
drop != NULL checks, reduce ifdefs]
Link: https://lore.kernel.org/r/20200305143212.c6e4c87d225b.I7ce60bf143e863dcdf0fb8040aab7168ba549b99@changeid
Signed-off-by: Johannes Berg -
Kernel-doc complains if the line isn't prefixed with an
asterisk, fix that.Reported-by: Stephen Rothwell
Signed-off-by: Johannes Berg
Link: https://lore.kernel.org/r/20200320144110.2786ad5fb234.I369d103d11c71e39e3a3f97ed68a528c5b875f1e@changeid
Signed-off-by: Johannes Berg
16 Mar, 2020
19 commits
-
For a single pedit action, multiple offload entries may be used. Set the
hw_stats_type to all of them.Fixes: 44f865801741 ("sched: act: allow user to specify type of HW stats for a filter")
Signed-off-by: Jiri Pirko
Signed-off-by: David S. Miller -
Dejin Zheng says:
====================
net: stmmac: Use readl_poll_timeout() to simplify the codeThis patch sets just for replace the open-coded loop to the
readl_poll_timeout() helper macro for simplify the code in
stmmac driver.v2 -> v3:
- return whatever error code by readl_poll_timeout() returned.
v1 -> v2:
- no changed. I am a newbie and sent this patch a month
ago (February 6th). So far, I have not received any comments or
suggestion. I think it may be lost somewhere in the world, so
resend it.
====================Signed-off-by: David S. Miller
-
The dwmac4_dma_reset() function use an open coded of readl_poll_timeout().
Replace the open coded handling with the proper function.Signed-off-by: Dejin Zheng
Signed-off-by: David S. Miller -
The init_systime() function use an open coded of readl_poll_timeout().
Replace the open coded handling with the proper function.Signed-off-by: Dejin Zheng
Signed-off-by: David S. Miller -
drivers/crypto/chelsio/chcr_ktls.c: In function chcr_ktls_cpl_set_tcb_rpl:
drivers/crypto/chelsio/chcr_ktls.c:662:11: warning:
variable status set but not used [-Wunused-but-set-variable]commit 8a30923e1598 ("cxgb4/chcr: Save tx keys and handle HW response")
involved this unused variable, remove it.Reported-by: Hulk Robot
Signed-off-by: YueHaibing
Signed-off-by: David S. Miller -
Netlink support of extended packet number cipher suites,
allows adding and updating XPN macsec interfaces.Added support in:
* Creating interfaces with GCM-AES-XPN-128 and GCM-AES-XPN-256 suites.
* Setting and getting 64bit packet numbers with of SAs.
* Setting (only on SA creation) and getting ssci of SAs.
* Setting salt when installing a SAK.Added 2 cipher suite identifiers according to 802.1AE-2018 table 14-1:
* MACSEC_CIPHER_ID_GCM_AES_XPN_128
* MACSEC_CIPHER_ID_GCM_AES_XPN_256In addition, added 2 new netlink attribute types:
* MACSEC_SA_ATTR_SSCI
* MACSEC_SA_ATTR_SALTDepends on: macsec: Support XPN frame handling - IEEE 802.1AEbw.
Signed-off-by: Era Mayflower
Signed-off-by: David S. Miller -
Support extended packet number cipher suites (802.1AEbw) frames handling.
This does not include the needed netlink patches.* Added xpn boolean field to `struct macsec_secy`.
* Added ssci field to `struct_macsec_tx_sa` (802.1AE figure 10-5).
* Added ssci field to `struct_macsec_rx_sa` (802.1AE figure 10-5).
* Added salt field to `struct macsec_key` (802.1AE 10.7 NOTE 1).
* Created pn_t type for easy access to lower and upper halves.
* Created salt_t type for easy access to the "ssci" and "pn" parts.
* Created `macsec_fill_iv_xpn` function to create IV in XPN mode.
* Support in PN recovery and preliminary replay check in XPN mode.In addition, according to IEEE 802.1AEbw figure 10-5, the PN of incoming
frame can be 0 when XPN cipher suite is used, so fixed the function
`macsec_validate_skb` to fail on PN=0 only if XPN is off.Signed-off-by: Era Mayflower
Signed-off-by: David S. Miller -
Russell King says:
====================
net: dsa: improve serdes integrationDepends on "net: mii clause 37 helpers".
Andrew Lunn mentioned that the Serdes PCS found in Marvell DSA switches
does not automatically update the switch MACs with the link parameters.
Currently, the DSA code implements a work-around for this.This series improves the Serdes integration, making use of the recent
phylink changes to support split MAC/PCS setups. One noticable
improvement for userspace is that ethtool can now report the link
partner's advertisement.This repost has no changes compared to the previous posting; however,
the regression Andrew had found which exists even without this patch
set has now been fixed by Andrew and merged into the net-next tree.
====================Signed-off-by: David S. Miller
-
Use the status of the PHY_DETECT bit to determine whether we need to
force the MAC settings in mac_link_up() and mac_link_down().Signed-off-by: Russell King
Reviewed-by: Andrew Lunn
Signed-off-by: David S. Miller -
The port_link_state method is only used by mv88e6xxx_port_setup_mac(),
which is now only called during port setup, rather than also being
called via phylink's mac_config method.Remove this now unnecessary optimisation, which allows us to remove the
port_link_state methods as well.Signed-off-by: Russell King
Reviewed-by: Andrew Lunn
Signed-off-by: David S. Miller -
Setting the speed independently of duplex makes little sense; the two
parameters result from negotiation or fixed setup, and may have inter-
dependencies. Moreover, they are always controlled via the same
register - having them split means we have to read-modify-write this
register twice.Combine the two operations into a single port_set_speed_duplex()
operation. Not only is this more efficient, it reduces the size of the
code as well.Signed-off-by: Russell King
Reviewed-by: Andrew Lunn
Signed-off-by: David S. Miller -
phylink_mac_change() is supposed to be called with a 'false' argument
if the link has gone down since it was last reported up; this is to
ensure that link events along with renegotiation events are always
correctly reported to userspace.Read the BMSR once when we have an interrupt, and report the link
latched status to phylink via phylink_mac_change(). phylink will deal
automatically with re-reading the link state once it has processed the
link-down event.Signed-off-by: Russell King
Reviewed-by: Andrew Lunn
Signed-off-by: David S. Miller -
Extend the mv88e6xxx phylink implementation down to Serdes PHYs, which
handle the PCS layer of such links.- Implement phylink PCS link state reading, so that we can provide
ethtool with the linkmodes and link speed in the expected manner.
Note: this will only be called for in-band negotiation, which is
only supported by the serdes interfaces.
- Implement phylink PCS configuration, so that the in-band AN and
advertisement can be configured.
- Implement phylink PCS negotiation restart, so that the in-band AN
can be restarted.
- Implement phylink PCS link up, so that when operating out-of-band,
the Serdes can be configured for the appropriate fixed speed mode.Signed-off-by: Russell King
Reviewed-by: Andrew Lunn
Signed-off-by: David S. Miller -
Only configure the interface settings in mac_config(), leaving the
speed and duplex settings to mac_link_up to deal with.Signed-off-by: Russell King
Reviewed-by: Andrew Lunn
Signed-off-by: David S. Miller -
The SGMII/1000base-X serdes register set is a clause 22 register set
offset at 0x2000 in the PHYXS device. Rather than inventing our own
defintions, use those that already exist, and name the register
MV88E6390_SGMII_BMCR. Also remove the unused MV88E6390_SGMII_STATUS
definitions.Signed-off-by: Russell King
Reviewed-by: Andrew Lunn
Signed-off-by: David S. Miller -
Issue a warning to the kernel log if phylink_mac_link_state() returns
an error. This should not occur, but let's make it visible.Signed-off-by: Russell King
Reviewed-by: Andrew Lunn
Signed-off-by: David S. Miller -
Russell King says:
====================
net: mii clause 37 helpersThis is a re-post of two patches that are common to two series that
I've sent in recent weeks; I'm re-posting them separately in the hope
that they can be merged. No changes from either of the previous
postings.These patches:
1. convert the existing (unused) mii_lpa_to_ethtool_lpa_x() function
to a linkmode variant.2. add a helper for clause 37 advertisements, supporting both the
1000baseX and defacto 2500baseX variants. Note that ethtool does
not support half duplex for either of these, and we make no effort
to do so.
====================Signed-off-by: David S. Miller
-
Add a helper to convert a linkmode advertisement to a clause 37
advertisement value for 1000base-x and 2500base-x.Signed-off-by: Russell King
Reviewed-by: Andrew Lunn
Signed-off-by: David S. Miller -
Add a LPA to linkmode decoder for 1000BASE-X protocols; this decoder
only provides the modify semantics similar to other such decoders.
This replaces the unused mii_lpa_to_ethtool_lpa_x() helper.Signed-off-by: Russell King
Reviewed-by: Andrew Lunn
Signed-off-by: David S. Miller
15 Mar, 2020
5 commits
-
The ndp32->wLength is two bytes long, so replace cpu_to_le32 with cpu_to_le16.
Fixes: 0fa81b304a79 ("cdc_ncm: Implement the 32-bit version of NCM Transfer Block")
Signed-off-by: Alexander Bersenev
Signed-off-by: David S. Miller -
Paolo Abeni says:
====================
mptcp: simplify mptcp_accept()Currently we allocate the MPTCP master socket at accept time.
The above makes mptcp_accept() quite complex, and requires checks is several
places for NULL MPTCP master socket.These series simplify the MPTCP accept implementation, moving the master socket
allocation at syn-ack time, so that we drop unneeded checks with the follow-up
patch.v1 -> v2:
- rebased on top of 2398e3991bda7caa6b112a6f650fbab92f732b91
====================Signed-off-by: David S. Miller
-
After the previous patch subflow->conn is always != NULL and
is never changed. We can drop a bunch of now unneeded checks.v1 -> v2:
- rebased on top of commit 2398e3991bda ("mptcp: always
include dack if possible.")Signed-off-by: Paolo Abeni
Reviewed-by: Matthieu Baerts
Signed-off-by: David S. Miller -
This change moves the mptcp socket allocation from mptcp_accept() to
subflow_syn_recv_sock(), so that subflow->conn is now always set
for the non fallback scenario.It allows cleaning up a bit mptcp_accept() reducing the additional
locking and will allow fourther cleanup in the next patch.Signed-off-by: Paolo Abeni
Reviewed-by: Matthieu Baerts
Signed-off-by: David S. Miller -
Use devm_platform_ioremap_resource() to simplify code, which
contains platform_get_resource and devm_ioremap_resource.Signed-off-by: Dejin Zheng
Signed-off-by: David S. Miller