| Age | Commit message (Collapse) | Author |
|---|
|
Use kmemdup when some other buffer is immediately copied into allocated
region. It replaces call to allocation followed by memcpy, by a single
call to kmemdup.
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
Acked-by: Arend van Spriel <arend.vanspriel@broadcom.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
|
|
gcc-6 warns about code in il3945_hw_txq_ctx_free() being
somewhat ambiguous:
drivers/net/wireless/intel/iwlegacy/3945.c:1022:5: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses]
This adds a set of curly braces to avoid the warning.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
|
|
The action 'check for winner' and 'download firmware' should be an
atomic action. This is true for btmrvl driver but not mwmfiex, which
cause firmware download to fail when the following senerio happens:
1) mwifiex check winner status: true
2) btmrvl check winner status: true, and start downloading firmware
3) mwfieix tries to download firmware, but failed because btmrvl is
already downloading.
This won't happen if 1) and 3) is an atomic action. This patch adds
sdio_claim/release_host call around those two actions to make sure it's
atomic.
Signed-off-by: Wei-Ning Huang <wnhuang@chromium.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
|
|
Simplify assignment in wlc_phy_rxcal_gainctrl_nphy_rev5.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Acked-by: Arend van Spriel <arend.vanspriel@broadcom.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
|
|
Simplify _rtl92ee_phy_path_adda_on.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Acked-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
|
|
Do not dereference card before checking against NULL value.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
|
|
Do not return undefined value for transmission power
if the rate is invalid.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Acked-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
|
|
Variable adapter is incorrectly initialized.
Fixes: bf00dc22bc7a ("mwifiex: AMSDU Rx frame handling in AP mode")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Acked-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
|
|
msg is dereferenced before checking against NULL, e.g.
when assigning pad_bytes.
Remove the superfluous check in function rsi_mgmt_pkt_to_core.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
|
|
The incorrect GPIO mask cause kernel warning, when AR9462 access GPIO11.
Also fix the mask for AR9565.
WARNING: CPU: 1 PID: 199 at ../drivers/net/wireless/ath/ath9k/hw.c:2778 ath9k_hw_gpio_get+0x1a9/0x1b0 [ath9k_hw]
CPU: 1 PID: 199 Comm: kworker/u16:9 Not tainted 4.7.0-rc1-next-20160530+ #5
Hardware name: Acer TravelMate P243/BA40_HC, BIOS V1.01 04/20/2012
Workqueue: events_power_efficient rfkill_poll
0000000000000000 ffff88002cf73d28 ffffffff813b8ddc 0000000000000000
0000000000000000 ffff88002cf73d68 ffffffff8107a331 00000ada00000086
ffff880148d9c018 000000000000000b ffff880147e68720 0000000000000200
Call Trace:
[<ffffffff813b8ddc>] dump_stack+0x63/0x87
[<ffffffff8107a331>] __warn+0xd1/0xf0
[<ffffffff8107a41d>] warn_slowpath_null+0x1d/0x20
[<ffffffffc0775b19>] ath9k_hw_gpio_get+0x1a9/0x1b0 [ath9k_hw]
[<ffffffffc047f3e4>] ath9k_rfkill_poll_state+0x34/0x60 [ath9k]
[<ffffffffc06dbb53>] ieee80211_rfkill_poll+0x33/0x40 [mac80211]
[<ffffffffc03ad65a>] cfg80211_rfkill_poll+0x2a/0xc0 [cfg80211]
[<ffffffff817c5514>] rfkill_poll+0x24/0x50
[<ffffffff81093183>] process_one_work+0x153/0x3f0
[<ffffffff8109393b>] worker_thread+0x12b/0x4b0
[<ffffffff81093810>] ? rescuer_thread+0x340/0x340
[<ffffffff81099129>] kthread+0xc9/0xe0
[<ffffffff817d8f1f>] ret_from_fork+0x1f/0x40
[<ffffffff81099060>] ? kthread_park+0x60/0x60
Fixes: a01ab81b09c5 ("ath9k: define correct GPIO numbers and bits mask")
Reported-by: Sudip Mukherjee <sudip.mukherjee@codethink.co.uk>
Tested-by: Sudip Mukherjee <sudip.mukherjee@codethink.co.uk>
Signed-off-by: Miaoqing Pan <miaoqing@codeaurora.org>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
The nl80211 layer expects P2P search operation to be aborted
if needed when stopping P2P device. If the P2P search operation
is still running after returning from stop_p2p_device
it causes a WARN_ON and possibly a kernel crash.
Fix this by aborting the P2P search in wil_cfg80211_stop_p2p_device
and preventing P2P search from being started on a stopped P2P
device.
Note, the fix does not cover the case where a regular scan
is started on the P2P device. It will be completed in the
future when support is added for aborting a scan operation.
Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
Signed-off-by: Maya Erez <qca_merez@qca.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
In wil_p2p_listen chan is checked to protect against NULL
pointer access only before setting channel = chan->hw_value.
Add a global parameter check to cover all accesses to chan.
Signed-off-by: Maya Erez <qca_merez@qca.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
In this switch statement, the default case does not always assign
sifs. In practice, ah->ah_bwmode cannot take values besides the
other labels, so this is not an actual problem, but it looks odd
and smatch complains thus:
ath5k_hw_get_default_sifs() warn: missing break? reassigning 'sifs'
Silence the warning by moving default label up a line.
Signed-off-by: Bob Copeland <me@bobcopeland.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
commit 5c86d97bcc1d ("ath10k: combine txrx and replenish task")
introduced deadlock while processing rx in order indication message
for qca6174 based devices. While merging replenish and txrx tasklets,
replenish task should be called out of htt rx ring locking since it
is also try to acquire the same lock.
Unfortunately this issue is not exposed by other solutions (qca988x,
qca99x0 & qca4019), as rx_in_ord_ind message is specific to qca6174
based devices. This patch fixes
=============================================
[ INFO: possible recursive locking detected ]
4.7.0-rc2-wt-ath+ #1353 Tainted: G E
---------------------------------------------
swapper/3/0 is trying to acquire lock:
(&(&htt->rx_ring.lock)->rlock){+.-...}, at: [<f8d7ef19>]
ath10k_htt_rx_msdu_buff_replenish+0x29/0x90 [ath10k_core]
but task is already holding lock:
(&(&htt->rx_ring.lock)->rlock){+.-...}, at: [<f8d82cab>]
ath10k_htt_txrx_compl_task+0x21b/0x250 [ath10k_core]
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(&(&htt->rx_ring.lock)->rlock);
lock(&(&htt->rx_ring.lock)->rlock);
*** DEADLOCK ***
May be due to missing lock nesting notation
1 lock held by swapper/3/0:
#0: (&(&htt->rx_ring.lock)->rlock){+.-...}, at: [<f8d82cab>]
ath10k_htt_txrx_compl_task+0x21b/0x250 [ath10k_core]
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=119151
Fixes: 5c86d97bcc1d ("ath10k: combine txrx and replenish task")
Reported-by: Mike Lothian <mike@fireburn.co.uk>
Signed-off-by: Rajkumar Manoharan <rmanohar@qti.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
In QCA4019, cycle counter wraparound is not tied to rx
clear counter. Each counter would wraparound individually
and after wraparound the respective counter will be reset
to 0x7fffffff while other counter still running unaffected.
Define a new wraparound type for this behaviour and handle
it separately so that rx clear counter wraparound is also
handled just like cycle counter. With this type of
wraparound we can accurately compute and report channel
active/busy time when any of the counter overflows.
Fixes: ee9ca147c59 ("ath10k: Fix survey reporting with QCA4019")
Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
QCA988X hw implements a different cycle counter wraparound
behaviour when compared to QCA4019. To properly handle different
wraparound logic for these chipsets replace already available
bool hw_params member, has_shifted_cc_wraparound, with an
enum which could be extended to handle different wraparound
behaviour. This patch keeps the existing logic functionally
same and a prepares cycle counter wraparound handling to
extend for other chips.
Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
[kvalo@qca.qualcomm.com: change also QCA9887 wrap type]
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
CCK hardware table mapping from QCA99X0 onwards got revised.
The CCK hardware rate values are in a proper order wrt. to
rate and preamble as below
ATH10K_HW_RATE_REV2_CCK_LP_1M = 1,
ATH10K_HW_RATE_REV2_CCK_LP_2M = 2,
ATH10K_HW_RATE_REV2_CCK_LP_5_5M = 3,
ATH10K_HW_RATE_REV2_CCK_LP_11M = 4,
ATH10K_HW_RATE_REV2_CCK_SP_2M = 5,
ATH10K_HW_RATE_REV2_CCK_SP_5_5M = 6,
ATH10K_HW_RATE_REV2_CCK_SP_11M = 7,
This results in reporting of rx frames (with CCK rates)
totally wrong for QCA99X0, QCA4019. Fix this by having
separate CCK rate table for these chipsets with rev2 suffix
and registering the correct rate mapping to mac80211 based on
the new hw_param (introduced) 'cck_rate_map_rev2' which shall
be true for any newchipsets from QCA99X0 onwards
Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qti.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
All these flags are not used and their use is completely
covered by 'ath10k_hw_rate_ofdm', 'ath10k_hw_rate_cck',
and RX_PPDU_START_RATE_FLAG
Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qti.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
Only five bits are defined to pass tid information in HTT_RX_IND
message, so the mask which can be used to extract tid should be 0x1f
instead of the current 0x3f. Also, macros which can be used to extract
flush_valid and release_valid bits have to be left shifted one bit less
because these information follow the tid right after. This patch does
not really fix anything functionally because these macros are not used
currently.
Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next
Johannes Berg says:
====================
For the next cycle, we have the following:
* the biggest change is Michał's work on integrating FQ/codel
with the mac80211 internal software queues
* cfg80211 connect result gets clarified for the
"no connection at all" case
* advertisement of per-interface type capabilities, in case
they differ (which makes a lot of sense for some capabilities)
* most of the nl80211 & hwsim unprivileged namespace operation
changes
* human-readable VHT capabilities in debugfs
* some other cleanups, like spelling
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
My cleanup in "iwlwifi: prepare for higher API/CAPA bits" accidentally
inverted a few tests - fix them.
Fixes: 859d914c8f5c ("iwlwifi: prepare for higher API/CAPA bits")
Reported-by: Sara Sharon <sara.sharon@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
|
|
The FW expect the driver to set the encryption algorithm type when
installing the IGTK key in the HW.
Currently when installing CMAC IGTK key we don't set the algorithm type
and as a result the FW fails to calculate the MIC of multicast management
frames.
Fix it.
Signed-off-by: Ayala Beker <ayala.beker@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
|
|
We try to access sta before we check for IS_ERR_OR_NULL(), so we may
end up accessing a NULL pointer. To prevent that, move the conversion
from sta to mvm_sta below the check.
Fixes: b915c10174fb ("iwlwifi: mvm: add reorder buffer per queue")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
|
|
The commit below mistakenly changed an rcu_dereference_check
to a rcu_dereference_protected which introduced the
following RCU warning:
[ INFO: suspicious RCU usage. ]
4.6.0-rc7-next-20160513-dbg-00004-g8de8b92-dirty #655 Not tainted
-------------------------------
drivers/net/wireless/intel/iwlwifi/mvm/mvm.h:1069 suspicious rcu_dereference_protected() usage!
Call Trace:
[<ffffffff8106b836>] lockdep_rcu_suspicious+0xf7/0x100
[<ffffffffa03b2321>] iwl_mvm_get_key_sta.part.0+0x5d/0x80 [iwlmvm]
[<ffffffffa03b4acb>] iwl_mvm_update_tkip_key+0xd3/0x162 [iwlmvm]
[<ffffffffa03a2b60>] iwl_mvm_mac_update_tkip_key+0x17/0x19 [iwlmvm]
[<ffffffffa0329646>] ieee80211_tkip_decrypt_data+0x22c/0x24b [mac80211]
[<ffffffffa0318bb1>] ieee80211_crypto_tkip_decrypt+0xc5/0x110 [mac80211]
[<ffffffffa033102e>] ieee80211_rx_handlers+0x9bb/0x1fe1 [mac80211]
Fixes: 13303c0fb148 ("iwlwifi: mvm: use helpers to get iwl_mvm_sta")
Reported-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
|
|
The 16 seconds timeout we were using turned out to be too short.
Recalculations by system show that the total time in both bands should
be < 18.5 seconds, even in the slowest cases (e.g. DCM P2P with
DTIM=2). Rounding it up to 20 seconds for a bit more safety.
Fixes: 728e825f81b1 ("iwlwifi: mvm: add a scan timeout for regular scans")
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
|
|
The old implementation was overcomplicated and slightly bugged in some
corner cases.
Consider following state of BSS-es (limited to 6 for simplification):
drvr->iflist[0]: { bsscfgidx:0, ndev->name:wlan1, }
drvr->iflist[1]: (null)
drvr->iflist[2]: { bsscfgidx:2, ndev->name:wlan1-1, }
drvr->iflist[3]: { bsscfgidx:3, ndev->name:wlan1-2, }
drvr->iflist[4]: (null)
drvr->iflist[5]: (null)
In such case the next AP interface should bsscfgidx 4 (we don't use 1 as
it's reserved for P2P).
With old code the loop iterations were following:
[ifidx = 0] [bsscfgidx = 2] [highest = 2]
[ifidx = 1] [bsscfgidx = 2] [highest = 2] available = true
[ifidx = 2] [bsscfgidx = 2] [highest = 2] bsscfgidx = highest + 1
[ifidx = 3] [bsscfgidx = 3] [highest = 2] bsscfgidx = highest + 1
[ifidx = 4] [bsscfgidx = 3] [highest = 2] available = true
[ifidx = 5] [bsscfgidx = 3] [highest = 2] available = true
There were 2 obvious problems:
1) Having empty BSS at index 1 was resulting in available being always
set to true, even if we would run out of BSS-es.
2) Calculated bsscfgidx was invalid (3 instead of 4) resulting in driver
not being able to create the 4th AP interface.
New code is simpler, placed in file where it's really used, handles
running out of free BSS-es and allows using 4 interfaces at the same
time. It also looks for the first free BSS instead of one after the last
in use. It works well with current driver (which doesn't allow deleting
interfaces) and should be future proof (if we ever allow deleting).
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
|
|
This looks like a regression from commit c4cdf753ed42 ("ath10k: move
fw_features to struct ath10k_fw_file"), we were printing the features from a
wrong struct.
Fixes: c4cdf753ed42 ("ath10k: move fw_features to struct ath10k_fw_file")
Signed-off-by: Ben Greear <greearb@candelatech.com>
[kvalo@qca.qualcomm.com: improve commit log]
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
The QCA9887 stores its calibration data (board.bin) inside the EEPROM of
the target. This has to be downloaded manually to allow the device to
initialize correctly.
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
[kvalo@qca.qualcomm.com: handle -EOPNOTSUPP and s/fetch_board_data/fetch_cal_eeprom]
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
Add the hardware name, revision, firmware names and update the pci_id
table.
QA9887 HW1.0 is supposed to be similar to QCA988X HW2.0 . Details about
he firmware interface are currently unknown.
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
[kvalo@qca.qualcomm.com: add a warning about experimental support]
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
We must not attempt to send WMI packets while holding the data-lock,
as it may deadlock:
BUG: sleeping function called from invalid context at drivers/net/wireless/ath/ath10k/wmi.c:1824
in_atomic(): 1, irqs_disabled(): 0, pid: 2878, name: wpa_supplicant
=============================================
[ INFO: possible recursive locking detected ]
4.4.6+ #21 Tainted: G W O
---------------------------------------------
wpa_supplicant/2878 is trying to acquire lock:
(&(&ar->data_lock)->rlock){+.-...}, at: [<ffffffffa0721511>] ath10k_wmi_tx_beacons_iter+0x26/0x11a [ath10k_core]
but task is already holding lock:
(&(&ar->data_lock)->rlock){+.-...}, at: [<ffffffffa070251b>] ath10k_peer_create+0x122/0x1ae [ath10k_core]
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(&(&ar->data_lock)->rlock);
lock(&(&ar->data_lock)->rlock);
*** DEADLOCK ***
May be due to missing lock nesting notation
4 locks held by wpa_supplicant/2878:
#0: (rtnl_mutex){+.+.+.}, at: [<ffffffff816493ca>] rtnl_lock+0x12/0x14
#1: (&ar->conf_mutex){+.+.+.}, at: [<ffffffffa0706932>] ath10k_add_interface+0x3b/0xbda [ath10k_core]
#2: (&(&ar->data_lock)->rlock){+.-...}, at: [<ffffffffa070251b>] ath10k_peer_create+0x122/0x1ae [ath10k_core]
#3: (rcu_read_lock){......}, at: [<ffffffffa062f304>] rcu_read_lock+0x0/0x66 [mac80211]
stack backtrace:
CPU: 3 PID: 2878 Comm: wpa_supplicant Tainted: G W O 4.4.6+ #21
Hardware name: To be filled by O.E.M. To be filled by O.E.M./ChiefRiver, BIOS 4.6.5 06/07/2013
0000000000000000 ffff8801fcadf8f0 ffffffff8137086d ffffffff82681720
ffffffff82681720 ffff8801fcadf9b0 ffffffff8112e3be ffff8801fcadf920
0000000100000000 ffffffff82681720 ffffffffa0721500 ffff8801fcb8d348
Call Trace:
[<ffffffff8137086d>] dump_stack+0x81/0xb6
[<ffffffff8112e3be>] __lock_acquire+0xc5b/0xde7
[<ffffffffa0721500>] ? ath10k_wmi_tx_beacons_iter+0x15/0x11a [ath10k_core]
[<ffffffff8112d0d0>] ? mark_lock+0x24/0x201
[<ffffffff8112e908>] lock_acquire+0x132/0x1cb
[<ffffffff8112e908>] ? lock_acquire+0x132/0x1cb
[<ffffffffa0721511>] ? ath10k_wmi_tx_beacons_iter+0x26/0x11a [ath10k_core]
[<ffffffffa07214eb>] ? ath10k_wmi_cmd_send_nowait+0x1ce/0x1ce [ath10k_core]
[<ffffffff816f9e2b>] _raw_spin_lock_bh+0x31/0x40
[<ffffffffa0721511>] ? ath10k_wmi_tx_beacons_iter+0x26/0x11a [ath10k_core]
[<ffffffffa0721511>] ath10k_wmi_tx_beacons_iter+0x26/0x11a [ath10k_core]
[<ffffffffa07214eb>] ? ath10k_wmi_cmd_send_nowait+0x1ce/0x1ce [ath10k_core]
[<ffffffffa062eb18>] __iterate_interfaces+0x9d/0x13d [mac80211]
[<ffffffffa062f609>] ieee80211_iterate_active_interfaces_atomic+0x32/0x3e [mac80211]
[<ffffffffa07214eb>] ? ath10k_wmi_cmd_send_nowait+0x1ce/0x1ce [ath10k_core]
[<ffffffffa071fa9f>] ath10k_wmi_tx_beacons_nowait.isra.13+0x14/0x16 [ath10k_core]
[<ffffffffa0721676>] ath10k_wmi_cmd_send+0x71/0x242 [ath10k_core]
[<ffffffffa07023f6>] ath10k_wmi_peer_delete+0x3f/0x42 [ath10k_core]
[<ffffffffa0702557>] ath10k_peer_create+0x15e/0x1ae [ath10k_core]
[<ffffffffa0707004>] ath10k_add_interface+0x70d/0xbda [ath10k_core]
[<ffffffffa05fffcc>] drv_add_interface+0x123/0x1a5 [mac80211]
[<ffffffffa061554b>] ieee80211_do_open+0x351/0x667 [mac80211]
[<ffffffffa06158aa>] ieee80211_open+0x49/0x4c [mac80211]
[<ffffffff8163ecf9>] __dev_open+0x88/0xde
[<ffffffff8163ef6e>] __dev_change_flags+0xa4/0x13a
[<ffffffff8163f023>] dev_change_flags+0x1f/0x54
[<ffffffff816a5532>] devinet_ioctl+0x2b9/0x5c9
[<ffffffff816514dd>] ? copy_to_user+0x32/0x38
[<ffffffff816a6115>] inet_ioctl+0x81/0x9d
[<ffffffff816a6115>] ? inet_ioctl+0x81/0x9d
[<ffffffff81621cf8>] sock_do_ioctl+0x20/0x3d
[<ffffffff816223c4>] sock_ioctl+0x222/0x22e
[<ffffffff8121cf95>] do_vfs_ioctl+0x453/0x4d7
[<ffffffff81625603>] ? __sys_recvmsg+0x4c/0x5b
[<ffffffff81225af1>] ? __fget_light+0x48/0x6c
[<ffffffff8121d06b>] SyS_ioctl+0x52/0x74
[<ffffffff816fa736>] entry_SYSCALL_64_fastpath+0x16/0x7a
Signed-off-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers
Kalle Valo says:
====================
wireless-drivers fixes for 4.7
brcmfmac
* add fallback RSSI report for devices that do not report per-chain values
* fix a null pointer derefence regression on PCIe full dongle devices
rtlwifi
* fix scheduling while atomic regression from commit 49f86ec21c01
MAINTAINERS
* add file patterns for wireless device tree bindings
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
firmare -> firmware
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
|
|
Check the current PHY operating mode (gmode) to see if we should
fall back from 6MB OFDM to 11MB CCK. For 5GHz operation this isn't
allowed.
Note, the fallback lookup is only done for RTS rates; normal fallback
rates are done via mac80211 and aren't affected by this change.
Signed-off-by: Adrian Chadd <adrian@freebsd.org>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
|
|
brcmf_sdiod_intr_unregister call that removes both func1 and
func2 interrupt handlers only called when brcmf_ops_sdio_remove
is called for func 1 (which is the 2nd call) but sdio is expecting
it to be removed at the end of each sdio_remove call.
This is causing 'rmmod bcmrfmac' on a 4356-sdio chip to complain
with:
WARNING: driver brcmfmac did not remove its interrupt handler!
The modification makes calling brcmf_sdiod_intr_unregister multiple
times harmless by clearing the variables that track if interrupt
handlers have been installed, and then calls it on every
brcmf_ops_sdio_remove call instead of just remove for func 1.
Signed-off-by: Christian Daudt <csd@broadcom.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
|
|
When chip attach fails, brcmf_sdiod_intr_unregister is being called
but that is too early as sdiodev->settings has not been set yet
nor has brcmf_sdiod_intr_register been called.
Change to use oob_irq_requested + newly created sd_irq_requested
to decide on what to unregister at intr_unregister time.
Steps to reproduce problem:
- modprobe brcmfmac using buggy FW
- rmmod brcmfmac
- modprobe brcmfmac again.
If done with a buggy firmware, brcm_chip_attach will fail on the
2nd modprobe triggering the call to intr_unregister and the
kernel oops when attempting to de-reference sdiodev->settings->bus.sdio
which has not yet been set.
Signed-off-by: Christian Daudt <csd@broadcom.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
|
|
The previous text was confusing, leading readers to think this
driver was a duplicate, and so didn't need to be enabled.
After the removal of the older staging driver, this is the only
driver in mainline for these devices.
Signed-off-by: Lauri Kasanen <cand@gmx.com>
Acked-by: Christian Lamparter <chunkeey@googlemail.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
|
|
A regression was introduced in commit 9c349892ccc9 ("brcmfmac: revise
handling events in receive path") which moves eth_type_trans() call
to brcmf_rx_frame(). Msgbuf layer doesn't use brcmf_rx_frame() but invokes
brcmf_netif_rx() directly. In such case the Ethernet header was not
stripped out resulting in null pointer dereference in the networking
stack.
BUG: unable to handle kernel NULL pointer dereference at 0000000000000048
IP: [<ffffffff814c3ce6>] enqueue_to_backlog+0x56/0x260
PGD 0
Oops: 0000 [#1] PREEMPT SMP
Modules linked in: fuse ipt_MASQUERADE nf_nat_masquerade_ipv4
iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 xt_addrtype
[...]
rtsx_pci scsi_mod usbcore usb_common i8042 serio nvme nvme_core
CPU: 7 PID: 1340 Comm: irq/136-brcmf_p Not tainted 4.7.0-rc1-mainline #1
Hardware name: Dell Inc. XPS 15 9550/0N7TVV, BIOS 01.02.00 04/07/2016
task: ffff8804a0c5bd00 ti: ffff88049e124000 task.ti: ffff88049e124000
RIP: 0010:[<ffffffff814c3ce6>] [<ffffffff814c3ce6>]
enqueue_to_backlog+0x56/0x260
RSP: 0018:ffff88049e127ca0 EFLAGS: 00010046
RAX: 0000000000000000 RBX: ffff8804bddd7c40 RCX: 000000000000002f
RDX: 0000000000000000 RSI: 0000000000000007 RDI: ffff8804bddd7d4c
RBP: ffff88049e127ce8 R08: 0000000000000000 R09: 0000000000000000
R10: ffff8804bddd12c0 R11: 000000000000149e R12: 0000000000017c40
R13: ffff88049e127d08 R14: ffff8804a9bd6d00 R15: ffff8804bddd7d4c
FS: 0000000000000000(0000) GS:ffff8804bddc0000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000048 CR3: 0000000001806000 CR4: 00000000003406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Stack:
ffff8804bdddad00 ffff8804ad089e00 0000000000000000 0000000000000282
0000000000000000 ffff8804a9bd6d00 ffff8804a1b27e00 ffff8804a9bd6d00
ffff88002ee88000 ffff88049e127d28 ffffffff814c3f3b ffffffff81311fc3
Call Trace:
[<ffffffff814c3f3b>] netif_rx_internal+0x4b/0x170
[<ffffffff81311fc3>] ? swiotlb_tbl_unmap_single+0xf3/0x120
[<ffffffff814c5467>] netif_rx_ni+0x27/0xc0
[<ffffffffa08519e9>] brcmf_netif_rx+0x49/0x70 [brcmfmac]
[<ffffffffa08564d4>] brcmf_msgbuf_process_rx+0x2b4/0x570 [brcmfmac]
[<ffffffff81020017>] ? __xen_set_pgd_hyper+0x57/0xd0
[<ffffffff810d60b0>] ? irq_forced_thread_fn+0x70/0x70
[<ffffffffa0857381>] brcmf_proto_msgbuf_rx_trigger+0x31/0xe0 [brcmfmac]
[<ffffffffa0861e8f>] brcmf_pcie_isr_thread+0x7f/0x110 [brcmfmac]
[<ffffffff810d60d0>] irq_thread_fn+0x20/0x50
[<ffffffff810d63ad>] irq_thread+0x12d/0x1c0
[<ffffffff815d07d5>] ? __schedule+0x2f5/0x7a0
[<ffffffff810d61d0>] ? wake_threads_waitq+0x30/0x30
[<ffffffff810d6280>] ? irq_thread_dtor+0xb0/0xb0
[<ffffffff81098ea8>] kthread+0xd8/0xf0
[<ffffffff815d4b7f>] ret_from_fork+0x1f/0x40
[<ffffffff81098dd0>] ? kthread_worker_fn+0x170/0x170
Code: 1c f5 60 9a 8e 81 9c 58 0f 1f 44 00 00 48 89 45 d0 fa 66 0f 1f
44 00 00 4c 8d bb 0c 01 00 00 4c 89 ff e8 5e 08 11 00 49 8b 56 20 <48>
8b 52 48 83 e2 01 74 10 8b 8b 08 01 00 00 8b 15 59 c5 42 00
RIP [<ffffffff814c3ce6>] enqueue_to_backlog+0x56/0x260
RSP <ffff88049e127ca0>
CR2: 0000000000000048
Fixes: 9c349892ccc9 ("brcmfmac: revise handling events in receive path")
Reported-by: Rafal Milecki <zajec5@gmail.com>
Reported-by: Grey Christoforo <grey@christoforo.net>
Reviewed-by: Pieter-Paul Giesberts <pieter-paul.giesberts@broadcom.com>
Reviewed-by: Arend Van Spriel <arend@broadcom.com>
Reviewed-by: Hante Meuleman <hante.meuleman@broadcom.com>
Signed-off-by: Franky Lin <franky.lin@broadcom.com>
[arend@broadcom.com: rephrased the commit message]
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
|
|
All the necessary patches to make wifi running (over AHB)
on ipq4019 SoC are ready now. It's good to enable
ipq4019 wifi device probing in ahb module and
remove work in progress debug print.
Device tree change is there in the public review by
below commit message
"qcom: ipq4019: add wifi nodes to ipq4019 SoC device tree"
Signed-off-by: Tamizh chelvam <c_traja@qti.qualcomm.com>
Signed-off-by: Raja Mani <rmani@qti.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
10.4 firmware has support to enable or disable btcoex functionality
without reloading firmware via wmi pdev param. Add provision to send
pdev param command via existing btcoex knob.
Signed-off-by: Rajkumar Manoharan <rmanohar@qti.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
This feature flag will be used for firmware to support BT-Coex feature
without reloading firmware via WMI pdev param. To support Bluetooth
coexistence pdev param, WMI_COEX_GPIO_SUPPORT of extended resource
config should be enabled always. This firmware IE is used to configure
WMI_COEX_GPIO_SUPPORT.
Signed-off-by: Rajkumar Manoharan <rmanohar@qti.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
Update module description to advertise all supported QCA 802.11ac devices.
Signed-off-by: Rajkumar Manoharan <rmanohar@qti.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
Remove unused inline function phy_mode_to_band.
Signed-off-by: Rajkumar Manoharan <rmanohar@qti.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
Earlier when operating irq mode is legacy, interrupts are disabled
and re-enabled based on num_msi_intrs. commit cfe9011a05a8 ("ath10k:
remove MSI range support") replaced num_msi_intrs by oper_irq_mode.
Since oper_irq_mode is not initialized for ahb devices (i.e qca4019),
device boot up is failed during probe.
Fixes: cfe9011a05a8 ("ath10k: remove MSI range support")
Signed-off-by: Rajkumar Manoharan <rmanohar@qti.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
Fix invalid argument error while writing 'simulate_fw_crash',
though the funcionality is working fine we get an error 'invalid
argument' because 'count' value is not returned properly
(no reason to reduce the count value for removing the newline)
Fixes the below write error:
/sys/kernel/debug/ieee80211/phy0/ath10k# echo hw-restart >
simulate_fw_crash
-bash: echo: write error: Invalid argument
Also move the 'conf_mutex' as it is really not required for
fetching the userspace buffer.
Reported-by: Maharaja Kennadyrajan <c_mkenna@qti.qualcomm.com>
Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qti.qualcomm.com>
Signed-off-by: Maharaja Kennadyrajan <c_mkenna@qti.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
diag_read uses dma_alloc_coherent to allocate memory requested by the
caller. If this memory requested is larger, more than DIAG_TRANSFER_LIMIT
(2K), then it is likely that we may not get the requested memory and we
would fail.
To solve this, request dma_alloc_coherent for only DIAG_TRANSFER_LIMIT, and
reuse this buffer multiple times as needed to copy the data requested in
smaller chunks of size not more than DIAG_TRANSFER_LIMIT. Previously we
were reading into the caller's only after getting the complete requested
data.
Fixes: 68c03249f388 ('ath10k: convert pci_alloc_consistent() to dma_alloc_coherent()')
Signed-off-by: Ashok Raj Nagarajan <arnagara@qti.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211
Johannes Berg says:
====================
Three small fixes for the current cycle:
* missing netlink attribute check in hwsim wmediumd (Martin)
* fast xmit structure alignment fix (Felix)
* mesh path flush/synchronisation fix (Bob)
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
A wmediumd that does not send this attribute causes a NULL pointer
dereference, as the attribute is accessed even if it does not exist.
The attribute was required but never checked ever since userspace frame
forwarding has been introduced. The issue gets more problematic once we
allow wmediumd registration from user namespaces.
Cc: stable@vger.kernel.org
Fixes: 7882513bacb1 ("mac80211_hwsim driver support userspace frame tx/rx")
Signed-off-by: Martin Willi <martin@strongswan.org>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
While wiphys can be moved into network namespaces over nl80211, the
creation and removal of hwsim radios is currently limited to the initial
namespace. This patch allows management of namespaced radios from the
owning namespace by setting genetlink netnsok.
To prevent two arbitrary namespaces to communicate over the simulated
shared medium, radios are separated by netgroups. Each radio created in
the same namespace lives in the same netgroup and hence can communicate
with other radios in that group. When moving radios to other namespaces,
the netgroup is preserved, so two radios having the same netgroup can
communicate even if not in the same namespace; This allows a controlling
namespace to create radios and move them to other namespaces for
communication.
When a net namespace owning a radio exits, the radio is destroyed unless
it was created in the initial network namespace. This keeps the previous
behavior by returning them to the init namespace, but prevents unprivileged
users from creating radios in the initial namespace.
Signed-off-by: Martin Willi <martin@strongswan.org>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
|
On TX99 mode, instead of assuming interrupt mask non ATH9K_INT_GLOBAL,
let ath9k_hw_disable_interrupts proper set interrupt ref count.
This prevents some PCI PERR occurring specialy when setting 11b and n rates.
Signed-off-by: Eduardo Abinader <eduardo.abinader@riverbed.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
|
x <= 7 implies x < 8.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
|
