| Age | Commit message (Collapse) | Author |
|---|
|
git://git.kernel.org/pub/scm/linux/kernel/git/sameo/nfc-next
Samuel Ortiz <sameo@linux.intel.com> says:
"This is the first NFC patchset targeted at the 3.9 merge window.
It brings the following goodies:
- LLCP socket timestamping (To be used e.g with the recently released nfctool
application for a more efficient skb timestamping when sniffing).
- A pretty big pn533 rework from Waldemar, preparing the driver to support
more flavours of pn533 based devices.
- HCI changes from Eric in preparation for the microread driver support.
- Some LLCP memory leak fixes, cleanups and slight improvements.
- pn544 and nfcwilink move to the devm_kzalloc API.
- An initial Secure Element (SE) API.
- An nfc.h license change from the original author, allowing non GPL
application code to safely include it."
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
|
Safer and more robust than than memcpy_toiovec.
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
|
We can cast msg_name to a sockaddr_nfc_llcp pointer directly.
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
|
Each NFC adapter can have several links to different secure elements and
that property needs to be exported by the drivers.
A secure element link can be enabled and disabled, and card emulation will
be handled by the currently active one. Otherwise card emulation will be
host implemented.
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
|
Some chips diverge from the HCI spec in their implementation of standard
features. This adds a new quirks parameter to
nfc_hci_allocate_device() to let the driver indicate its divergence.
Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
|
Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
|
Some chips use a standard HCI event code, destined to a proprietary
gate, with a different meaning. Therefore, the HCI driver must always
have a chance to intercept the event before standard processing is
attempted.
The new semantic specifies that the result value "1" means that the
driver doesn't especially handle the event. result <= 0 means it was
handled.
Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
|
There is no use to return an error if the caller doesn't get it.
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
|
When an adapter is removed, it will unregister itself from hci and/or
nfc core. In order to do that safely, work tasks must first be canceled
and prevented to be scheduled again, before the hci or nfc device can be
destroyed.
Signed-off-by: Eric Lapuyade <eric.lapuyade@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
|
The reference count bump on the llcp Rx path is leading to a memory leak
whenever we're not receiving an I frame.
We fix that by removing the refcount bump (drivers must not free their
received skb) and using it only in the I frame path, when the frame is
actually queued. In that case, the skb will only be freed when someone
fetches it from userspace. in all other cases, LLCP received frames will
be freed when leaving the Rx work queue.
Reported-by: Eric Lapuyade <eric.lapuyade@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
|
Not only it was improperly use to queue backlogged RX skbuffs, but it was
also not processed at all.
If the socket receive queue is full we simply drop the incoming packets.
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
|
Set timestamp in sent and received sk_buffs. timestamp is then put in
msghdr structure in llcp_sock_recvmsg().
Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
|
My commit 379b82f4c9dc6e67bf61aa61b096c06a2f320f60
("regulatory: pass new regdomain to reset function")
broke the restore_regulatory_settings() function due
to a logic change. Consider this change:
- reset_regdomains(true);
- cfg80211_regdomain = cfg80211_world_regdom;
+ reset_regdomains(true, cfg80211_world_regdom);
This looks innocent enough, until you realise that the
called function (reset_regdomains) also resets the
cfg80211_world_regdom pointer, so that the old version
of the code would use the new object it pointed to and
the new version of the code uses the old object. This
lead to a double-free of this object.
Since reset_regdomains() sets it to &world_regdom, use
that directly.
Reported-by: Sujith Manoharan <sujith@msujith.org>
Tested-by: Sujith Manoharan <sujith@msujith.org>
Reported-by: Bob Copeland <me@bobcopeland.com>
Reported-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
The uevent callback doesn't protect its access to
last_request, which now causes a warning since
the conversion to get_last_request(). Fix this by
allowing to use RCU protection for last_request.
Reported-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
One of the function names was wrong and some parameters were
missing.
Signed-off-by: Bob Copeland <me@bobcopeland.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
The following changes are invalid and should be
disallowed when a station already exists:
* supported rates changes, except for TDLS peers
* listen interval changes
* HT capability changes
Disallow them and also update a mac80211 comment
explaining how they would be racy.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
When an interface is configured to a 20 MHz channel
and the device as well as the peer are 40 MHz capable
the HT capabilities of the peer are not restricted to
20 MHz, even though they're supposed to be restricted
to the currently possible capabilities.
Unset the 40 MHz HT capability bits in this case.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
Use __aligned(...) instead of __attribute__((aligned(...)))
in mac80211 and cfg80211.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
Support the HT notify channel width action frame
to update the rate scaling about the bandwidth
the peer can receive in.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
When TX aggregation is stopped, there are a few
different cases:
- connection with the peer was dropped
- session stop was requested locally
- session stop was requested by the peer
- connection was dropped while a session is stopping
The behaviour in these cases should be different, if
the connection is dropped then the driver should drop
all frames, otherwise the frames may continue to be
transmitted, aggregated in the case of a locally
requested session stop or unaggregated in the case of
the peer requesting session stop.
Split these different cases so that the driver can
act accordingly; however, treat local and remote stop
the same way and ask the driver to not send frames as
aggregated packets any more.
In the case of connection drop, the stop callback the
driver is otherwise supposed to call is no longer
required.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
To call it from ___ieee80211_stop_tx_ba_session,
move the function and dependencies up.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
Create the function ieee80211_remove_tid_tx to call
it from ___ieee80211_stop_tx_ba_session later.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
The initiator/tx doesn't really identify why an
aggregation session is stopped, give a reason
for stopping that more clearly identifies what's
going on. This will help tell the driver clearly
what is expected of it.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
Today, stations are added already associated. That is
inefficient if, for example, the driver has no room
for stations any more because then the station will
go through the entire auth/assoc handshake, only to
be kicked out afterwards.
To address this a bit better, at least with drivers
using the new station state callback, allow hostapd
to add stations in unauthenticated mode, just after
receiving the AUTH frame, before even replying. Thus
if there's no more space at that point, it can send
a negative auth frame back. It still needs to handle
later state transition errors though, of course.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
Some AP code ended up in mlme.c as ap.c didn't
exist when it was written, move it now.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
In interoperability testing some APs showed bad behaviour
if some of the VHT capabilities of the station are better
than their own. Restrict the assoc request parameters
- beamformee capabable,
- RX STBC and
- RX MCS set
to the subset that the AP can support.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
We should not add new beacon hints even if the wiphy
is not world roaming. Without this we were always adding
a beacon hint if not world roaming for every non world
roaming wiphy interface.
Tested-by: Ben Greear <greearb@candelatech.com>
Reported-by: Ben Greear <greearb@candelatech.com>
Reported-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Luis R. Rodriguez <mcgrof@do-not-panic.com>
[fix locking]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
This will be used later by other code. This has no
functional change.
Tested-by: Ben Greear <greearb@candelatech.com>
Reported-by: Ben Greear <greearb@candelatech.com>
Reported-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Luis R. Rodriguez <mcgrof@do-not-panic.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
Regulatory beacon hints are used to help with world roaming
and as it is right now we learn from a beacon hint processed
on one wiphy to all other wiphys. The processing of beacon
hints however is scheduled and if we have a lot of interfaces
we may hit the case that we'll queue a the same beacon hint
many times until its processed.
To avoid this do a lookup on the queued up beacon hints prior
to adding a new beacon hint. If the beacon hint is removed
from the pending reg beacon hint list then it would be processed
and we'd ensure all wiphys would have learned from it, if its
on the pending reg beacon list we'd now find it prior to it
being processed.
Tested-by: Ben Greear <greearb@candelatech.com>
Reported-by: Ben Greear <greearb@candelatech.com>
Reported-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Luis R. Rodriguez <mcgrof@do-not-panic.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
Instead of checking every time bss_info_changed is called,
assign the pointer once depending on the interface type
and then leave it untouched until the interface type is
changed. This makes the ieee80211_bss_info_change_notify()
now a simple wrapper to call the driver only.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
The special case in the function isn't really needed,
instead make the suspend code a bit better and also
easier to understand and move the warning into the
driver op wrapper inline.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
For AP/IBSS/mesh interfaces, call the driver to reconfigure
bss_info_changed only if the interface was beaconing before
suspend, otherwise we call the driver and it might interpret
the change as going from enabled to disabled.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
Instead of calculating in ieee80211_bss_info_change_notify()
whether beaconing should be enabled or not, set it in the
correct places in the callers. This simplifies the logic in
this function at the expense of offchannel, but is also more
robust.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
During suspend/resume channel contexts might be
iterated even if they haven't been re-added to
the driver, keep track of this and skip them in
iteration. Also use the new status for sanity
checks.
Also clarify the fact that during HW restart all
contexts are iterated over (thanks Eliad.)
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
When suspending, bss_info_changed() is called to
disable beacons, but managed mode interfaces are
simply removed (bss_info_changed() is called with
"no change" only). This can lead to problems.
To fix this and copy the BSS configuration, clear
it during suspend and restore it on resume.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
It's a bit odd that there's a return value that only
depends on the iftype, move that logic out of the
function into the only caller that needs it.
Also, since the quiescing could stop timers that
trigger the sdata work, move the sdata work cancel
into the function and after the actual quiesce.
Finally, there's no need to call it on interfaces
that are down, so don't.
Change-Id: I1632d46d21ba3558ea713d035184f1939905f2f1
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
The probe response/beacon management frame RX code passes a
bool parameter to differentiate beacons and probe responses.
This is useless since we have the frame and can thus use its
frame control field. Moreover it is buggy since there is one
call to ieee80211_rx_bss_info with a beacon frame that is
indicated as a probe response, which is also fixed by using
the frame control field, so do that.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
In that case, it's really a 160 MHz channel, so disallow
this configuration.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
If there are VLANs, stopping an AP is inefficient as it
calls rcu_barrier() once for each interface (the VLANs
and the AP itself). Optimise this by moving rcu_barrier()
out of the station cleanups and calling it only once for
all interfaces combined.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
Instead of returning an error and filling a pointer
return the pointer and an ERR_PTR value in error cases.
Acked-by: Luis R. Rodriguez <mcgrof@do-not-panic.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
This will allow making freq_reg_info() lock-free.
Acked-by: Luis R. Rodriguez <mcgrof@do-not-panic.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
To simplify the locking and not require cfg80211_mutex
(which nl80211 uses to access the global regdomain) and
also to make it possible for drivers to access their
wiphy->regd safely, use RCU to protect these pointers.
Acked-by: Luis R. Rodriguez <mcgrof@do-not-panic.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
Instead of assigning after calling the function do
it inside the function. This will later avoid a
period of time where the pointer is NULL.
Acked-by: Luis R. Rodriguez <mcgrof@do-not-panic.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
The channel bandwidth handling isn't really quite right,
it assumes that a 40 MHz channel is really two 20 MHz
channels, which isn't strictly true. This is the way the
regulatory database handling is defined right now though
so remove the logic to handle other channel widths.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
There's a bug with the world regulatory domain, it
can be updated any time which is different from all
other regdomains that can only be updated once after
a request for them. Fix this by adding a check for
"processed" to the reg_is_valid_request() function
and clear that when doing a request.
While looking at this I also found another locking
bug, last_request is protected by the reg_mutex not
the cfg80211_mutex so the code in nl80211 is racy.
Remove that code as it only tries to prevent an
allocation in an error case, which isn't necessary.
Then the function can also become static and locking
in nl80211 can have a smaller scope.
Also change __set_regdom() to do the checks earlier
and not different for world/other regdomains.
Acked-by: Luis R. Rodriguez <mcgrof@do-not-panic.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
wiphy_apply_custom_regulatory() doesn't have to hold
the regulatory mutex as it only modifies the given
wiphy with the given regulatory domain, it doesn't
access any global regulatory data.
Acked-by: Luis R. Rodriguez <mcgrof@do-not-panic.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
Many places that currently check that cfg80211_mutex
is held don't actually use any data protected by it.
The functions that need to hold the cfg80211_mutex
are the ones using the cfg80211_regdomain variable,
so add the lock assertion to those and clarify this
in the comments.
The reason for this is that nl80211 uses the regdom
without being able to hold reg_mutex.
Acked-by: Luis R. Rodriguez <mcgrof@do-not-panic.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
The function itself has dual-purpose: it can
retrieve from a given regdomain or from the
globally installed one. Change it to have a
single purpose only: to look up from a given
regdomain. Pass the correct regdomain in the
freq_reg_info() function instead.
This also changes the locking rules for it,
no locking is required any more.
Acked-by: Luis R. Rodriguez <mcgrof@do-not-panic.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
Even if it never happens and is hidden behind the
debug config option, it's completely useless: the
calltrace will only show module loading.
Acked-by: Luis R. Rodriguez <mcgrof@do-not-panic.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
