Commit Graph

16012 Commits

Author SHA1 Message Date
Luis R. Rodriguez
a0daa0e759 Revert "mac80211: fix sw scan bracketing"
This reverts this commit. While in theory the change is
correct the patch does not address current assumptions made
by some drivers, one which is definitley affected is ath9k.

Prior to this change the scan complete callback would be
called after we returned to the home channel and configured
the hardware RX filters. After this change we call the scan
complete callback prior to both the hw config and the config
filter. At least for ath9k this breaks quite a few assumptions
on the callback, leading to disconnects to the AP after every scan
making the driver pretty useless on STA mode. The goal behind
this commit was to address the now understood spurious warnings
from ath9k and mac80211_hwsim on scanning on two wiphys at the
same time but we have now supressed these and will address this
issue in the next kernel release.

When fixing this for good next we must first review the other
driver's dependence on this logic and perhaps consider removal
of the scan complete callback all together.

Cc: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luis R. Rodriguez <lrodriguez@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-07-28 16:24:02 -04:00
Yuri Ershov
c4c322941c cfg80211: Update of regulatory request initiator handling
In some cases there could be possible dereferencing freed pointer. The
update is intended to avoid this issue.

Signed-off-by: Yuri Ershov <ext-yuri.ershov@nokia.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-07-28 16:24:01 -04:00
Yuri Ershov
d080e2755d nl80211: Fix memory leaks
In case of errors during message composing msg should be freed after canceling.

Signed-off-by: Yuri Kululin <ext-yuri.kululin@nokia.com>
Signed-off-by: Yuri Ershov <ext-yuri.ershov@nokia.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-07-28 16:24:01 -04:00
Yuri Ershov
e4ab7eb0ae mac80211: Put some code under MESH macro
In the function ieee80211_subif_start_xmit the logic related with
meshdrlen is under CONFIG_MAC80211_MESH macro, but in one place it isn't.
This is some update for this

Signed-off-by: Yuri Ershov <ext-yuri.ershov@nokia.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-07-28 16:24:01 -04:00
John W. Linville
099284bdec Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/holtmann/bluetooth-next-2.6 2010-07-28 16:17:49 -04:00
Gustavo F. Padovan
2f8362afcd Bluetooth: Add __init and __exit marks to RFCOMM
Those annotation save memory and space on the binary. __init code is
discarded just after execute and __exit code is discarded if the module
is built into the kernel image or unload of modules is not allowed.

Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-27 12:37:27 -07:00
Gustavo F. Padovan
da5f6c37ee Bluetooth: Test 'count' value before enter the loop
Testing first we avoid enter the loop when count = 0.

Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-27 12:33:49 -07:00
Marcel Holtmann
e73439d8c0 Bluetooth: Defer SCO setup if mode change is pending
Certain headsets such as the Motorola H350 will reject SCO and eSCO
connection requests while the ACL is transitioning from sniff mode
to active mode. Add synchronization so that SCO and eSCO connection
requests will wait until the ACL has fully transitioned to active mode.

< HCI Command: Exit Sniff Mode (0x02|0x0004) plen 2
    handle 12
> HCI Event: Command Status (0x0f) plen 4
    Exit Sniff Mode (0x02|0x0004) status 0x00 ncmd 1
< HCI Command:  Setup Synchronous Connection (0x01|0x0028) plen 17
    handle 12 voice setting 0x0040
> HCI Event: Command Status (0x0f) plen 4
    Setup Synchronous Connection (0x01|0x0028) status 0x00 ncmd 1
> HCI Event: Number of Completed Packets (0x13) plen 5
    handle 12 packets 1
> HCI Event: Mode Change (0x14) plen 6
    status 0x00 handle 12 mode 0x00 interval 0
    Mode: Active
> HCI Event: Synchronous Connect Complete (0x2c) plen 17
    status 0x10 handle 14 bdaddr 00:1A:0E:50:28:A4 type SCO
    Error: Connection Accept Timeout Exceeded

Signed-off-by: Ron Shaffer <rshaffer@codeaurora.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-27 12:29:04 -07:00
Joe Perches
073730d771 wireless: Convert wiphy_debug macro to function
Save a few bytes of text

(allyesconfig)
$ size drivers/net/wireless/built-in.o*
   text	   data	    bss	    dec	    hex	filename
3924568	 100548	 871056	4896172	 4ab5ac	drivers/net/wireless/built-in.o.new
3926520	 100548	 871464	4898532	 4abee4	drivers/net/wireless/built-in.o.old

$ size net/wireless/core.o*
   text	   data	    bss	    dec	    hex	filename
  12843	    216	   3768	  16827	   41bb	net/wireless/core.o.new
  12328	    216	   3656	  16200	   3f48	net/wireless/core.o

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-07-27 15:14:13 -04:00
Jouni Malinen
32162a4dab mac80211: Fix key freeing to handle unlinked keys
Key locking simplification removed key->sdata != NULL verification from
ieee80211_key_free(). While that is fine for most use cases, there is one
path where this function can be called with an unlinked key (i.e.,
key->sdata == NULL && key->local == NULL). This results in a NULL pointer
dereference with the current implementation. This is known to happen at
least with FT protocol when wpa_supplicant tries to configure the key
before association.

Avoid the issue by passing in the local pointer to
ieee80211_key_free(). In addition, do not clear the key from hw_accel
or debugfs if it has not yet been added. At least the hw_accel one could
trigger another NULL pointer dereference.

Signed-off-by: Jouni Malinen <j@w1.fi>
Reviewed-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-07-27 14:59:58 -04:00
John W. Linville
800f65bba8 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/holtmann/bluetooth-next-2.6
Conflicts:
	drivers/net/wireless/iwlwifi/iwl-commands.h
2010-07-27 11:59:19 -04:00
Sujith
d97349797f mac80211: Don't set per-BSS QoS for monitor interfaces
In AP mode, there is no need to notify the driver about QoS
changes for the monitor interface that is created. The warning
in ieee80211_bss_info_change_notify() would be hit otherwise.

Signed-off-by: Sujith <Sujith.Manoharan@atheros.com>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-07-26 15:32:42 -04:00
Johannes Berg
ec25acc46a mac80211: fix sta assignment
I just had the following:
WARNING: at drivers/net/wireless/iwlwifi/iwl-agn-tx.c:574 iwlagn_tx_skb+0x1576/0x15f0 [iwlagn]()
Call Trace:
 <IRQ>  [<ffffffff8105c5df>] warn_slowpath_common+0x7f/0xc0
 [<ffffffff8105c63a>] warn_slowpath_null+0x1a/0x20
 [<ffffffffa0290b46>] iwlagn_tx_skb+0x1576/0x15f0 [iwlagn]
 [<ffffffffa027076c>] iwl_mac_tx+0x5c/0x260 [iwlagn]
 [<ffffffffa01bdf5b>] __ieee80211_tx+0x10b/0x1a0 [mac80211]
 [<ffffffffa01bfb86>] ieee80211_tx_pending+0x186/0x2d0 [mac80211]
 [<ffffffff81062ea5>] tasklet_action+0x125/0x130
 [<ffffffff810634a6>] __do_softirq+0x106/0x270
 [<ffffffff8100c09c>] call_softirq+0x1c/0x30
iwlagn 0000:02:00.0: Attempting to modify non-existing station 107

Note that 107 == 0x6b which is slab poison.

The reason is that mac80211 passed a freed station
pointer to mac80211, because as it happened iwlwifi
reset itself while mac80211 was disconnecting from
the network.

It turns out that we do take care to look up the
station pointer in ieee80211_tx_pending_skb, but
then don't use it, which obviously is a bug. Fix
this by removing the ieee80211_tx_h_sta handler
and assigning the station pointer directly.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-07-26 15:32:42 -04:00
Johannes Berg
3be61a3851 cfg80211: fix IBSS default management key
When wireless extensions are used to control
an encrypted IBSS, we erroneously can try to
set the default management key. Fix this.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-07-26 15:32:41 -04:00
Johannes Berg
66c524210a mac80211: remove bogus rcu_read_lock()
Another remnant of the previous key locking scheme
needs to be removed -- this causes a warning
otherwise as ieee80211_set_default_mgmt_key will
acquire a mutex.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-07-26 15:32:41 -04:00
Dan Carpenter
f9f9b6e3e3 wireless: remove unneeded variable from regulatory_hint_11d()
The "rd" variable isn't needed any more since 4f366c5dab
"wireless: only use alpha2 regulatory information from country IE"

Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-07-26 15:32:41 -04:00
Dan Carpenter
7e988014cd mac80211: freeing the wrong variable
The intent was to free "msp->ratelist" here.  "msp->sample_table" is
always NULL at this point.

Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-07-26 15:32:41 -04:00
John W. Linville
3289a8368c lib80211: remove unused host_build_iv option
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-07-26 15:09:04 -04:00
John W. Linville
ea65145da8 minstrel: don't complain about feedback for unrequested rates
"It's not problematic if minstrel gets feedback for rates that it
doesn't have in its list, it should just ignore it. - Felix"

Signed-off-by: John W. Linville <linville@tuxdriver.com>
Cc: Felix Fietkau <nbd@openwrt.org>
2010-07-26 15:09:04 -04:00
John W. Linville
00fc90c886 minstrel_ht: remove unnecessary NULL check in minstrel_ht_update_caps
If sta is NULL, we will have problems long before we get here...

Reported-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Cc: Felix Fietkau <nbd@openwrt.org>
2010-07-26 15:09:04 -04:00
Johannes Berg
7a17a33c0d mac80211: proper IBSS locking
IBSS has never had locking, instead relying on some
memory barriers etc. That's hard to get right, and
I think we had it wrong too until the previous patch.
Since this is not performance sensitive, it doesn't
make sense to have the maintenance overhead of that,
so add proper locking.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-07-21 15:13:42 -04:00
Johannes Berg
bc05d19f4b mac80211: fix IBSS lockdep complaint
Bob reported a lockdep complaint originating in
the mac80211 IBSS code due to the common work
struct patch. The reason is that the IBSS and
station mode code have different locking orders
for the cfg80211 wdev lock and the work struct
(where "locking" implies running/canceling).

Fix this by simply not canceling the work in
the IBSS code, it is not necessary since when
the REQ_RUN bit is cleared, the work will run
without effect if it runs. When the interface
is set down, it is flushed anyway, so there's
no concern about it running after memory has
been invalidated either.

This fixes
https://bugzilla.kernel.org/show_bug.cgi?id=16419

Additionally, looking into this I noticed that
there's a small window while the IBSS is torn
down in which the work may be rescheduled and
the REQ_RUN bit be set again after leave() has
cleared it when a scan finishes at exactly the
same time. Avoid that by setting the ssid_len
to zero before clearing REQ_RUN which signals
to the scan finish code that this interface is
not active.

Reported-by: Bob Copeland <me@bobcopeland.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-07-21 15:13:42 -04:00
Johannes Berg
9dca9c4901 mac80211: refuse shared key auth when WEP is unavailable
When WEP is not available, we should reject shared
key authentication because it could never succeed.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-07-21 15:13:42 -04:00
Maxime Bizon
5a652052fe cfg80211: fix race between sysfs and cfg80211
device_add() is called before adding the phy to the cfg80211 device
list.

So if a userspace program uses sysfs uevents to detect new phy
devices, and queries nl80211 to get phy info, it can get ENODEV even
though the phy exists in sysfs.

An easy workaround is to hold the cfg80211 mutex until the phy is
present in sysfs/cfg80211/debugfs.

Signed-off-by: Maxime Bizon <mbizon@freebox.fr>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-07-21 15:13:42 -04:00
Gustavo F. Padovan
d1c4a17d58 Bluetooth: Enable L2CAP Extended features by default
Change the enable_ertm param to disable_ertm and default value to 0. That
means that L2CAP Extended features are enabled by default now.

Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:13 -07:00
Gustavo F. Padovan
893ef97112 Bluetooth: Fix typo in hci_event.c
memmory -> memory

Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:13 -07:00
Gustavo F. Padovan
5d8868ff3d Bluetooth: Add Google's copyright to L2CAP
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:12 -07:00
Suraj Sumangala
9981151086 Bluetooth: Implemented HCI frame reassembly for RX from stream
Implemented frame reassembly implementation for reassembling fragments
received from stream.

Signed-off-by: Suraj Sumangala <suraj@atheros.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:12 -07:00
Suraj Sumangala
f39a3c0640 Bluetooth: Modified hci_recv_fragment() to use hci_reassembly helper
Modified packet based reassembly function hci_recv_fragment() to use
hci_reassembly()

Signed-off-by: Suraj Sumangala <suraj@atheros.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:12 -07:00
Suraj Sumangala
33e882a5f2 Bluetooth: Implement hci_reassembly helper to reassemble RX packets
Implements feature to reassemble received HCI frames from any input stream

Signed-off-by: Suraj Sumangala <suraj@atheros.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:12 -07:00
Suraj Sumangala
cd4c53919e Bluetooth: Add one more buffer for HCI stream reassembly
Additional reassembly buffer to keep track of stream reasembly

Signed-off-by: Suraj Sumangala <suraj@atheros.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:12 -07:00
Gustavo F. Padovan
dd135240e8 Bluetooth: Update L2CAP version information
We did some changes on the L2CAP configuration process and its behaviour
is bit different now. That justifies a updated on the L2CAP version.

Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:12 -07:00
Gustavo F. Padovan
ce5706bd69 Bluetooth: Add Copyright notice to L2CAP
Copyright for the time I worked on L2CAP during the Google Summer of Code
program.

Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:11 -07:00
Gustavo F. Padovan
47731de789 Bluetooth: Keep code under column 80
Purely a cosmetic change, it doesn't change the code flow.

Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:11 -07:00
Gustavo F. Padovan
89746b856c Bluetooth: Fix bug in kzalloc allocation size
Probably a typo error. We were using the wrong struct to get size.

Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:11 -07:00
Gustavo F. Padovan
e9aeb2ddd4 Bluetooth: Send ConfigReq after send a ConnectionRsp
The extended L2CAP features requires that one should initiate a
ConfigReq after send the ConnectionRsp. This patch changes the behaviour
of the configuration process of our stack.

Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:11 -07:00
João Paulo Rechi Vita
963cf687e8 Bluetooth: Fix error return on L2CAP-HCI interface.
L2CAP only deals with ACL links. EINVAL should be returned otherwise.

Signed-off-by: João Paulo Rechi Vita <jprvita@profusion.mobi>
Acked-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:10 -07:00
João Paulo Rechi Vita
7a560e5c99 Bluetooth: Fix error value for wrong FCS.
Signed-off-by: João Paulo Rechi Vita <jprvita@profusion.mobi>
Acked-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:10 -07:00
João Paulo Rechi Vita
57d3b22bf5 Bluetooth: Fix error return for l2cap_connect_rsp().
Signed-off-by: João Paulo Rechi Vita <jprvita@profusion.mobi>
Acked-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:10 -07:00
João Paulo Rechi Vita
bc766db2ef Bluetooth: Fix error return value on sendmsg.
When the socket is in a bad state EBADFD is more appropriate then EINVAL.

Signed-off-by: João Paulo Rechi Vita <jprvita@profusion.mobi>
Acked-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:10 -07:00
João Paulo Rechi Vita
f9dd11b03c Bluetooth: Fix error return value on sendmsg.
When we try to send a message bigger than the outgoing MTU value
EMSGSIZE (message too long) should be returned.

Signed-off-by: João Paulo Rechi Vita <jprvita@profusion.mobi>
Acked-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:10 -07:00
João Paulo Rechi Vita
305682e837 Bluetooth: Make l2cap_streaming_send() void.
It doesn't make sense to have a return value since we always set it
to 0.

Signed-off-by: João Paulo Rechi Vita <jprvita@profusion.mobi>
Acked-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:10 -07:00
João Paulo Rechi Vita
8b0dc6dc82 Bluetooth: Fix l2cap_sock_connect error return.
Return a proper error value if socket is already connected.

Signed-off-by: João Paulo Rechi Vita <jprvita@profusion.mobi>
Acked-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:10 -07:00
Gustavo F. Padovan
712132eb54 Bluetooth: Improve ERTM local busy handling
Now we also check if can push skb userspace just after receive a new
skb instead of only wait the l2cap_busy_work wake up from time to time
to check the local busy condition.

Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:09 -07:00
Gustavo F. Padovan
218bb9dfd2 Bluetooth: Add backlog queue to ERTM code
backlog queue is the canonical mechanism to avoid race conditions due
interrupts in bottom half context. After the socket lock is released the
net core take care of push all skb in its backlog queue.

Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:09 -07:00
Gustavo F. Padovan
e0f66218b3 Bluetooth: Remove the send_lock spinlock from ERTM
Using a lock to deal with the ERTM race condition - interruption with
new data from the hci layer - is wrong. We should use the native skb
backlog queue.

Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:09 -07:00
Gustavo F. Padovan
8cb8e6f168 Bluetooth: Don't accept ConfigReq if we aren't in the BT_CONFIG state
If such event happens we shall reply with a Command Reject, because we are
not expecting any configure request.

Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:09 -07:00
Gustavo F. Padovan
cf6c2c0b9f Bluetooth: Disconnect early if mode is not supported
When mode is mandatory we shall not send connect request and report this
to the userspace as well.

Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:09 -07:00
Gustavo F. Padovan
2ba13ed678 Bluetooth: Remove check for supported mode
Since now we have checks for the supported mode before on
l2cap_info_rsp we can remove the check for it here.

Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:08 -07:00
Gustavo F. Padovan
6c2ea7a8f5 Bluetooth: Refuse ConfigRsp with different mode
If our mode is Basic Mode we have to refuse any ConfigRsp that proposes
a different mode.

Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2010-07-21 10:39:08 -07:00