441233 Commits

Author SHA1 Message Date
Michal Kazior
ede9c8e091 ath10k: fix handling of wierd MSDU chaining cases
Apparently firmware can sometimes report a
sequence with the first rx descriptor saying it's
not the last MSDU. In that case msdu_chaining
value could be overwritten saying it's not a
chained MSDU. This in turn led to skb_push panic
as the frame could be treated as an A-MSDU instead
of a chained MSDU.

Reported-By: Avery Pennarun <apenwarr@gmail.com>
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
2014-05-14 16:41:16 +03:00
Michal Kazior
3e841fd0a5 ath10k: fix htt rx ring clean up
msdu_payId was read before txrx tasklet was killed
so it was possible to end up using an invalid
sk_buff pointer leading to a panic.

Make sure to sanitize rx ring sk_buff pointers and
make the clean up go through all possible entries
and not rely on coherent-DMA mapped u32 index
which could be (in theory) corrupted by the device
as well.

Reported-By: Avery Pennarun <apenwarr@gmail.com>
Reported-By: Ben Greear <greearb@candelatech.com>
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
2014-05-14 16:40:47 +03:00
Kalle Valo
e21353576d Merge remote-tracking branch 'wireless-next/master' into ath-next 2014-05-14 16:20:08 +03:00
Jahnavi Meher
5f407acbb7 rsi: Changed the return value to enable BA set-up
Signed-off-by: Jahnavi Meher <jahnavi.meher@redpinesignals.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:53 -04:00
Arend van Spriel
600a897d81 brcmfmac: determine chanspec from struct cfg80211_chan_def info
The struct cfg80211_chan_def contains additional info to derive the
bandwidth and side-band information of the chanspec. This patch adds
chandef_to_chanspec() function used in IBSS join and starting AP
operation.

Reviewed-by: Franky Lin <frankyl@broadcom.com>
Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:52 -04:00
Arend van Spriel
ee942ecc42 brcmfmac: handle 80MHz chanspecs in construct_reg_info() function
The device is queried about the usability of channels, but it did not
take 80MHz channels into consideration. This patch adds processing those
chanspecs and clear the NO_80MHZ flag for those control/primary channels.

Reviewed-by: Daniel (Deognyoun) Kim <dekim@broadcom.com>
Reviewed-by: Franky Lin <frankyl@broadcom.com>
Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Reviewed-by: Pieter-Paul Giesberts <pieterpg@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:52 -04:00
Arend van Spriel
06c01585ee brcmfmac: get rid of brcmf_cfg80211_set_channel() function
The function does not provide any additional functionality and is
used only once so just get rid of it.

Reviewed-by: Daniel (Deognyoun) Kim <dekim@broadcom.com>
Reviewed-by: Franky Lin <frankyl@broadcom.com>
Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Reviewed-by: Pieter-Paul Giesberts <pieterpg@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:51 -04:00
Arend van Spriel
c555ecde6c brcmfmac: enable 80Mhz in 5G custom regulatory rules
By default allow 80Mhz in custom regulatory rules of the 5G band so
the channels will not be flagged with N0_80MHZ.

Reviewed-by: Daniel (Deognyoun) Kim <dekim@broadcom.com>
Reviewed-by: Franky Lin <frankyl@broadcom.com>
Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Reviewed-by: Pieter-Paul Giesberts <pieterpg@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:50 -04:00
Arend van Spriel
18d6c535ce brcmfmac: provide VHT capability information to user-space
Although brcmfmac support several 11ac devices it did not advertise
VHT related information to cfg80211.

Reviewed-by: Daniel (Deognyoun) Kim <dekim@broadcom.com>
Reviewed-by: Franky Lin <frankyl@broadcom.com>
Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Reviewed-by: Pieter-Paul Giesberts <pieterpg@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:50 -04:00
Arend van Spriel
4439cbcd37 brcm80211: extend channel conversion functions for 80MHz support
The channel values used by firmware is handled using conversion functions
depending on the type of chip. These functions were already in place but
lacked proper support for 80MHz channel definitions. This patch adds the
support for that.

Reviewed-by: Daniel (Deognyoun) Kim <dekim@broadcom.com>
Reviewed-by: Franky Lin <frankyl@broadcom.com>
Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Reviewed-by: Pieter-Paul Giesberts <pieterpg@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:49 -04:00
Arend van Spriel
a9a56878a7 brcmfmac: remove usage of cfg80211_get_chandef_type()
In the .start_ap callback cfg80211_get_chandef_type() was used to
provide debug log info. However, this causes a warning when the
chandef contains VHT channel with 80MHz bandwidth. Avoid the warning
by just printing the channel and bandwidth instead.

Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Reviewed-by: Pieter-Paul Giesberts <pieterpg@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:48 -04:00
Daniel Kim
b8d2e87839 brcmfmac: Fix reconnect failure after beacon timeout
The DISASSOC command needs to be sent to firmware when a connection
loss is detected by firmware (e.g., beacon timeout). Otherwise the
next connect request fails due to a lingering LINK(down) event from
firmware. This patch resolves the issue by using brcmf_link_down()
handler, instead of the incomplete duplicated codes.

Reviewed-by: Arend Van Spriel <arend@broadcom.com>
Reviewed-by: Pieter-Paul Giesberts <pieterpg@broadcom.com>
Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Daniel Kim <dekim@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:48 -04:00
Arend van Spriel
3e99b08ab5 brcmfmac: enhance nvram processing
The driver serializes the nvram firmware file before sending it
to the device. This patch enhances this to assure serialized data
is properly formatted and provide warnings on syntax failures.

Reviewed-by: Daniel (Deognyoun) Kim <dekim@broadcom.com>
Reviewed-by: Franky Lin <frankyl@broadcom.com>
Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Reviewed-by: Pieter-Paul Giesberts <pieterpg@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:47 -04:00
Hante Meuleman
9cd18359d3 brcmfmac: Make FWS queueing configurable.
FWS is always queuing frames and using a worker for de-queueing,
this is not always efficient for all bus layer. For example SDIO
has an internal queue and worker making the queueing of FWS
unnecessary. Make it possible to bypass the worker if fws mode
is none using a bus interface configuration. For USB bus layer
this configuration is set true to have fws provide queueing
regardless the fws mode.

Reviewed-by: Arend Van Spriel <arend@broadcom.com>
Reviewed-by: Franky (Zhenhui) Lin <frankyl@broadcom.com>
Reviewed-by: Pieter-Paul Giesberts <pieterpg@broadcom.com>
Reviewed-by: Daniel (Deognyoun) Kim <dekim@broadcom.com>
Signed-off-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:46 -04:00
Hante Meuleman
55929443c8 brcmfmac: Move handling 802.1x frames to dhd_linux.
Tracking and handling of 802.1x frames is done in two modules, it
is more logical and clear to move this to dhd_linux module.

Reviewed-by: Arend Van Spriel <arend@broadcom.com>
Reviewed-by: Franky (Zhenhui) Lin <frankyl@broadcom.com>
Reviewed-by: Pieter-Paul Giesberts <pieterpg@broadcom.com>
Reviewed-by: Daniel (Deognyoun) Kim <dekim@broadcom.com>
Signed-off-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:45 -04:00
Hante Meuleman
53e30ea420 brcmfmac: Move out hdrpull from tx_finalize.
In tx_finalize the hdrpull is performed. For the new protocol
msgbuf this is complex, because it does not use protocol headers
in front of payload anymore and therefor can not determine interface
index in the hdr pulll operation. Move out the hdrpull operation
from tx_finalize to make msgbuf implementation easier.

Reviewed-by: Arend Van Spriel <arend@broadcom.com>
Reviewed-by: Franky (Zhenhui) Lin <frankyl@broadcom.com>
Reviewed-by: Pieter-Paul Giesberts <pieterpg@broadcom.com>
Reviewed-by: Daniel (Deognyoun) Kim <dekim@broadcom.com>
Signed-off-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:45 -04:00
Daniel Kim
604bf237cb brcmfmac: Report the support of firmware roaming
Currently firmware roaming support is not reported to cfg80211.
This patch reports the support of firmware based roaming when
it is enabled.

Reviewed-by: Pieter-Paul Giesberts <pieterpg@broadcom.com>
Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Reviewed-by: Arend Van Spriel <arend@broadcom.com>
Signed-off-by: Daniel Kim <dekim@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:44 -04:00
Daniel Kim
e09cc63dc3 brcmfmac: Give priority to 5GHz band in selecting target BSS
When a BSS provides both 2.4GHz and 5GHz bands, in many cases it
makes sense to choose 5GHz. Typically a 5GHz channel is less crowded
and has less interference and therefore its performance will be
better than a crowded 2.4 GHz channel. This patch configures
'join_pref' to induce firmware to preferably select 5GHz BSS.

Reviewed-by: Arend Van Spriel <arend@broadcom.com>
Signed-off-by: Daniel Kim <dekim@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:43 -04:00
Oleksij Rempel
3eb6ed2357 ath9k_htc: use ath9k_cmn_debug_phy_err
Signed-off-by: Oleksij Rempel <linux@rempel-privat.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:43 -04:00
Oleksij Rempel
e02912cdd6 ath9k: move phy_err to ath9k_cmn_debug_phy_err
Signed-off-by: Oleksij Rempel <linux@rempel-privat.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:42 -04:00
Oleksij Rempel
f14c17cc5c ath9k_htc: use ath9k_cmn_debug_recv
Signed-off-by: Oleksij Rempel <linux@rempel-privat.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:41 -04:00
Oleksij Rempel
87ea9b0b3c ath9k: move recv to ath9k_cmn_debug_recv
Signed-off-by: Oleksij Rempel <linux@rempel-privat.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:41 -04:00
Oleksij Rempel
b5a0c86a56 ath9k & ath9k_htc: move ath_rx_stats to cmn
and use it. This move need changes in both drivers.

Signed-off-by: Oleksij Rempel <linux@rempel-privat.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:40 -04:00
Oleksij Rempel
9d83cd5cd2 ath9k: reorder or remove some includes
to fix compile errors

Signed-off-by: Oleksij Rempel <linux@rempel-privat.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:39 -04:00
Oleksij Rempel
df73820961 ath9k_htc: use ath9k_cmn_debug_base_eeprom
Signed-off-by: Oleksij Rempel <linux@rempel-privat.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:39 -04:00
Oleksij Rempel
29bf801e04 ath9k: move base_eeprom debug code to ath9k_cmn_debug_base_eeprom
Signed-off-by: Oleksij Rempel <linux@rempel-privat.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:38 -04:00
Oleksij Rempel
7e9bed7125 ath9k_htc: use ath9k_cmn_debug_modal_eeprom
Signed-off-by: Oleksij Rempel <linux@rempel-privat.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:37 -04:00
Oleksij Rempel
f2c3c952a5 ath9k-common: create common-debug and move modal_eeprom to cmn
Signed-off-by: Oleksij Rempel <linux@rempel-privat.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:36 -04:00
Rafał Miłecki
fbe057d8a1 b43: drop SSB dependency
This adds choice submenu "Supported bus types" as two simple bool
configs would allow user to compile b43 without any bus support
(prety useless).

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:36 -04:00
Rafał Miłecki
bd7c8a5937 b43: adjust code to compile without SSB
Users of new (BCMA based) wireless chipsets may not want to enable SSB.
This is hopefully the last code patch for dropping SSB dependency.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:35 -04:00
Ondrej Zary
fe5d96246e orinoco_usb: Fix broken firmware load error checking
The check of ezusb_firmware_download() return value (added by commit
488ec878034eccb852267b0e27ce9d511f75c587) is broken because
ezusb_firmware_download() returns 1 on success.
This causes the driver not to work with the following error:
orinoco_usb: probe of 3-3:1.0 failed with error -14

Check the return value only for negative values.

This fix should be applied to -stable kernels too.

Signed-off-by: Ondrej Zary <linux@rainbow-software.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:35 -04:00
Zefir Kurtisi
e515e9cb64 ath9k: non-functional: calculate DFS pulse interval per-wiphy
Systems with multiple DFS channel detectors need to track
timestamp of previous pulse per instance to display the
correct pulse interval.

Since the interval value is used for debug printing only,
this is a non-functional modification.

Signed-off-by: Zefir Kurtisi <zefir.kurtisi@neratec.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:34 -04:00
Helmut Schaa
4f15754735 amend "ath9k: Allow platform override without EEPROM override"
Originally Helmut posted a v2 of the "ath9k: Allow platform override
without EEPROM override", but I had prematurely commited the original
as commit 552a515707a.  This commit restores the tree to what Helmut
intended with his v2 submission. -- JWL

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:33 -04:00
Adam Lee
3924e338d5 rtlwifi: rtl8723be: add msi module parameter
The msi module parameter offers an option to enable or disable MSI
interrupts mode, for debugging and workaround(in case) convenience.

Signed-off-by: Adam Lee <adam.lee@canonical.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:33 -04:00
Adam Lee
3513d0043c rtlwifi: rtl8188ee: add msi module parameter
The msi module parameter offers an option to enable or disable MSI
interrupts mode. For now, some users report RTL8188EE works only with
MSI on their certain platforms, some others report it works only without
MSI, this parameter will help.

Signed-off-by: Adam Lee <adam.lee@canonical.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:32 -04:00
Adam Lee
73070c45d5 rtlwifi: make MSI support a module parameter
This makes MSI support a module parameter, for debugging and workaround
convenience.

Signed-off-by: Adam Lee <adam.lee@canonical.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:31 -04:00
Grazvydas Ignotas
e5b02f649b wl1251: only call ieee80211_beacon_loss in managed mode
ieee80211_beacon_loss() is only to be called in managed mode,
but the firmware may send the sync timeout event at any time,
so do a check before calling.

Signed-off-by: Grazvydas Ignotas <notasas@gmail.com>
Tested-by: Pali Rohár <pali.rohar@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:27 -04:00
Grazvydas Ignotas
863bdbc918 wl1251: fix mixed up args for join
The join arguments are mixed up, passing beacon_interval instead of
channel and channel instead of beacon_interval. Fix them.

Signed-off-by: Grazvydas Ignotas <notasas@gmail.com>
Tested-by: Pali Rohár <pali.rohar@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:22 -04:00
Grazvydas Ignotas
a5640612cf wl1251: fix null data for IBSS
Fix the WARN below by not calling ieee80211_nullfunc_get() in IBSS mode,
but setting up empty template the same way wl12xx driver does.

WARNING: CPU: 0 PID: 914 at net/mac80211/tx.c:2750 ieee80211_nullfunc_get+0xc0/0xd0 [mac80211]()
Modules linked in: wl1251_sdio wl1251 mac80211 cfg80211
...
[<c00439c0>] (warn_slowpath_null)
[<bf0bdfdc>] (ieee80211_nullfunc_get [mac80211])
[<bf134774>] (wl1251_op_bss_info_changed [wl1251])
[<bf099e14>] (ieee80211_bss_info_change_notify [mac80211])
...

Also perform join command regardless of bss_type as that seems to be
required for proper operation.

Signed-off-by: Grazvydas Ignotas <notasas@gmail.com>
Tested-by: Pali Rohár <pali.rohar@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:56:16 -04:00
Grazvydas Ignotas
d5738b41e5 Revert "wl1251: enforce changed hw encryption support on monitor state change"
This reverts commit b90a1165a72fabdc260abaa9eeadcbfd29e267eb.

That commit (or rather, hack) triggers a scary WARN in IBSS (ad-hoc) mode.
Steps to reproduce:
    ifconfig wlan0 down
    iwconfig wlan0 mode ad-hoc
    ifconfig wlan0 up
------------[ cut here ]------------
WARNING: CPU: 0 PID: 905 at kernel/workqueue.c:1400 __queue_work+0x21c/0x2f4()
Modules linked in: wl1251_sdio wl1251 mac80211 cfg80211
CPU: 0 PID: 905 Comm: ifconfig Not tainted 3.15.0-rc2#233
[<c0015f38>] (unwind_backtrace) from [<c0012938>]
[<c0012938>] (show_stack) from [<c05d4034>]
[<c05d4034>] (dump_stack) from [<c0043984>]
[<c0043984>] (warn_slowpath_common) from [<c00439c0>]
[<c00439c0>] (warn_slowpath_null) from [<c005b6c8>]
[<c005b6c8>] (__queue_work) from [<c005b820>]
[<c005b820>] (queue_work_on) from [<bf134ac0>]
[<bf134ac0>] (wl1251_op_config [wl1251])
[<bf099a70>] (ieee80211_hw_config [mac80211])
...
This happens because ieee80211_connection_loss() is not expected to be
called in IBSS mode (mac80211 ends up queuing uninitialized work
in that case).

Signed-off-by: Grazvydas Ignotas <notasas@gmail.com>
Tested-by: Pali Rohár <pali.rohar@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-13 15:55:56 -04:00
John W. Linville
3231d65ffe Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless 2014-05-13 15:27:44 -04:00
John W. Linville
209f6c3754 Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/iwlwifi-fixes 2014-05-13 14:52:34 -04:00
David Spinadel
b538b8ce76 iwlwifi: mvm: prevent sched scan while not idle
Prevent sched scan while not idle (including during association or in AP
mode) instead of while associated only.

This fixes my previous commit which was incomplete:

commit bd5e4744a6ca64299b57a2682c720d00a475a734
Author: David Spinadel <david.spinadel@intel.com>
Date:   Thu Apr 24 13:15:29 2014 +0300

    iwlwifi: mvm: do no sched scan while associated

    Currently the FW doesn't support sched scan while associated,
    Prevent it.

Signed-off-by: David Spinadel <david.spinadel@intel.com>
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
2014-05-13 15:05:32 +03:00
Eliad Peller
64793110ad iwlwifi: mvm: fix off-by-one in scan channels configuration
tail should be equal to the last valid index, so
decrease it by one.

This error causes in "a gap" in some cases (as well as
some possible out-of-bound write), finally resulting in
ucode assertion.

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
2014-05-13 14:04:55 +03:00
Daniel Kim
03e5da151b brcmfmac: Fix iovar 'bw_cap' set command failure
Fix iovar 'bw_cap' set command failure introduced by

  commit ff3b0fba6f25555ef59c55d138a467d0f81d82d7
  Author: Arend van Spriel <arend@broadcom.com>
  Date:   Sat Mar 15 12:00:57 2014 +0100

      brcmfmac: fallback to mimo_bw_cap for older firmwares

This resulted in disabling 20MHz operation in the firmware.

Reviewed-by: Arend Van Spriel <arend@broadcom.com>
Signed-off-by: Daniel Kim <dekim@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-05-12 14:15:10 -04:00
John W. Linville
c5e64d6b70 Merge git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211 2014-05-12 14:12:19 -04:00
Emmanuel Grumbach
1c4abec0ba iwlwifi: mvm: fix setting channel in monitor mode
There was a deadlock in monitor mode when we were setting the
channel if the channel was not 1.

======================================================
[ INFO: possible circular locking dependency detected ]
3.14.3 #4 Not tainted
-------------------------------------------------------
iw/3323 is trying to acquire lock:
 (&local->chanctx_mtx){+.+.+.}, at: [<ffffffffa062e2f2>] ieee80211_vif_release_channel+0x42/0xb0 [mac80211]

but task is already holding lock:
 (&local->iflist_mtx){+.+...}, at: [<ffffffffa0609e0a>] ieee80211_set_monitor_channel+0x5a/0x1b0 [mac80211]

which lock already depends on the new lock.

the existing dependency chain (in reverse order) is:

-> #2 (&local->iflist_mtx){+.+...}:
       [<ffffffff810d95bb>] __lock_acquire+0xb3b/0x13b0
       [<ffffffff810d9ee0>] lock_acquire+0xb0/0x1f0
       [<ffffffff817eb9c8>] mutex_lock_nested+0x78/0x4f0
       [<ffffffffa06225cf>] ieee80211_iterate_active_interfaces+0x2f/0x60 [mac80211]
       [<ffffffffa0518189>] iwl_mvm_recalc_multicast+0x49/0xa0 [iwlmvm]
       [<ffffffffa051822e>] iwl_mvm_configure_filter+0x4e/0x70 [iwlmvm]
       [<ffffffffa05e6d43>] ieee80211_configure_filter+0x153/0x5f0 [mac80211]
       [<ffffffffa05e71f5>] ieee80211_reconfig_filter+0x15/0x20 [mac80211]
       [snip]

-> #1 (&mvm->mutex){+.+.+.}:
       [<ffffffff810d95bb>] __lock_acquire+0xb3b/0x13b0
       [<ffffffff810d9ee0>] lock_acquire+0xb0/0x1f0
       [<ffffffff817eb9c8>] mutex_lock_nested+0x78/0x4f0
       [<ffffffffa0517246>] iwl_mvm_add_chanctx+0x56/0xe0 [iwlmvm]
       [<ffffffffa062ca1e>] ieee80211_new_chanctx+0x13e/0x410 [mac80211]
       [<ffffffffa062d953>] ieee80211_vif_use_channel+0x1c3/0x5a0 [mac80211]
       [<ffffffffa06035ab>] ieee80211_add_virtual_monitor+0x1ab/0x6b0 [mac80211]
       [<ffffffffa06052ea>] ieee80211_do_open+0xe6a/0x15a0 [mac80211]
       [<ffffffffa0605a79>] ieee80211_open+0x59/0x60 [mac80211]
       [snip]

-> #0 (&local->chanctx_mtx){+.+.+.}:
       [<ffffffff810d6cb7>] check_prevs_add+0x977/0x980
       [<ffffffff810d95bb>] __lock_acquire+0xb3b/0x13b0
       [<ffffffff810d9ee0>] lock_acquire+0xb0/0x1f0
       [<ffffffff817eb9c8>] mutex_lock_nested+0x78/0x4f0
       [<ffffffffa062e2f2>] ieee80211_vif_release_channel+0x42/0xb0 [mac80211]
       [<ffffffffa0609ec3>] ieee80211_set_monitor_channel+0x113/0x1b0 [mac80211]
       [<ffffffffa058fb37>] cfg80211_set_monitor_channel+0x77/0x2b0 [cfg80211]
       [<ffffffffa056e0b2>] __nl80211_set_channel+0x122/0x140 [cfg80211]
       [<ffffffffa0581374>] nl80211_set_wiphy+0x284/0xaf0 [cfg80211]
       [snip]

other info that might help us debug this:

Chain exists of:
  &local->chanctx_mtx --> &mvm->mutex --> &local->iflist_mtx

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(&local->iflist_mtx);
                               lock(&mvm->mutex);
                               lock(&local->iflist_mtx);
  lock(&local->chanctx_mtx);

 *** DEADLOCK ***

This deadlock actually occurs:
INFO: task iw:3323 blocked for more than 120 seconds.
      Not tainted 3.14.3 #4
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
iw              D ffff8800c8afcd80  4192  3323   3322 0x00000000
 ffff880078fdb7e0 0000000000000046 ffff8800c8afcd80 ffff880078fdbfd8
 00000000001d5540 00000000001d5540 ffff8801141b0000 ffff8800c8afcd80
 ffff880078ff9e38 ffff880078ff9e38 ffff880078ff9e40 0000000000000246
Call Trace:
 [<ffffffff817ea841>] schedule_preempt_disabled+0x31/0x80
 [<ffffffff817ebaed>] mutex_lock_nested+0x19d/0x4f0
 [<ffffffffa06225cf>] ? ieee80211_iterate_active_interfaces+0x2f/0x60 [mac80211]
 [<ffffffffa06225cf>] ? ieee80211_iterate_active_interfaces+0x2f/0x60 [mac80211]
 [<ffffffffa052a680>] ? iwl_mvm_power_mac_update_mode+0xc0/0xc0 [iwlmvm]
 [<ffffffffa06225cf>] ieee80211_iterate_active_interfaces+0x2f/0x60 [mac80211]
 [<ffffffffa0529357>] _iwl_mvm_power_update_binding+0x27/0x80 [iwlmvm]
 [<ffffffffa0516eb1>] iwl_mvm_unassign_vif_chanctx+0x81/0xc0 [iwlmvm]
 [<ffffffffa062d3ff>] __ieee80211_vif_release_channel+0xdf/0x470 [mac80211]
 [<ffffffffa062e2fa>] ieee80211_vif_release_channel+0x4a/0xb0 [mac80211]
 [<ffffffffa0609ec3>] ieee80211_set_monitor_channel+0x113/0x1b0 [mac80211]
 [<ffffffffa058fb37>] cfg80211_set_monitor_channel+0x77/0x2b0 [cfg80211]
 [<ffffffffa056e0b2>] __nl80211_set_channel+0x122/0x140 [cfg80211]
 [<ffffffffa0581374>] nl80211_set_wiphy+0x284/0xaf0 [cfg80211]

This fixes https://bugzilla.kernel.org/show_bug.cgi?id=75541

Cc: <stable@vger.kernel.org> [3.13+]
Reviewed-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
2014-05-11 13:10:08 +03:00
Eliad Peller
f9ac71bfcc mac80211: fix vif name tracing
If sdata doesn't have a valid dev (e.g. in case of monitor
vif), the vif_name field was initialized with (a length of)
some short string, but later was set to a different,
potentially larger one.

This resulted in out-of-bounds write, which usually
appeared as garbage in the trace log.

Simply trace sdata->name, as it should always have the
correct name for both cases.

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-05-09 14:35:40 +02:00
Johannes Berg
4a817aa78f mac80211: allow VHT with peers not capable of 40MHz
There are two (related) issues with this.

One case, reported by Michal, is related to hostap: it unsets the
20/40 capability bit for stations that associate when it's in 20
MHz mode.

The other case, reported by Eyal, is that some APs like Netgear
R6300v2 and probably others based on the BCM4360 chipset can be
configured for doing VHT at 20Mhz. In this case the beacon has
a VHT IE but the HT cap indicates transmitter only support 20Mhz.

In both of these cases, we currently avoid VHT and use only HT
this means we can't use the highest rates (MCS8), so fixing this
leads to throughput improvements.

Reported-by: Michal Kazior <michal.kazior@tieto.com>
Reported-by: Eyal Shapira <eyal@wizery.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-05-09 09:56:53 +02:00
John W. Linville
0d770a82ad Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/iwlwifi-next 2014-05-08 11:36:40 -04:00