1. 29 6月, 2017 2 次提交
  2. 21 6月, 2017 2 次提交
    • S
      mwifiex: debugfs: remove redunant check of mwifiex_dfs_dir · 7c26029f
      Shawn Lin 提交于
      debugfs_remove already check mwifiex_dfs_dir, so remove it.
      Signed-off-by: NShawn Lin <shawn.lin@rock-chips.com>
      Signed-off-by: NKalle Valo <kvalo@codeaurora.org>
      7c26029f
    • C
      mwifiex: fixes the unexpected be printed log by default · 421ba82c
      Caesar Wang 提交于
      This patch uses WARN level is not printed by default.
      
      In some cases, some boards have always met the unused log be printed as
      follows.
      ...
      [23193.523182] mwifiex_pcie 0000:01:00.0: mwifiex_get_cfp:
      cannot find cfp by band 2    & channel=13 freq=0
      [23378.633684] mwifiex_pcie 0000:01:00.0: mwifiex_get_cfp:
      cannot find cfp by band 2    & channel=13 freq=0
      
      Due to we used the wifi default area was US and didn't support 12~14
      channels. As Frequencies:
      * 2412 MHz [1] (30.0 dBm)
      * 2417 MHz [2] (30.0 dBm)
      * 2422 MHz [3] (30.0 dBm)
      * 2427 MHz [4] (30.0 dBm)
      * 2432 MHz [5] (30.0 dBm)
      * 2437 MHz [6] (30.0 dBm)
      * 2442 MHz [7] (30.0 dBm)
      * 2447 MHz [8] (30.0 dBm)
      * 2452 MHz [9] (30.0 dBm)
      * 2457 MHz [10] (30.0 dBm)
      * 2462 MHz [11] (30.0 dBm)
      * 2467 MHz [12] (disabled)
      * 2472 MHz [13] (disabled)
      * 2484 MHz [14] (disabled)
      
      Also, as the commit 1b499cb7
      ("mwifiex: disable channel filtering feature in firmware"), it proved to
      be a feature to get better scan result from overlapping channel.
      
      Even there could be AP from overlapping channel (might be 12/13/14
      in this case), it will be filtered depend on reg domain rules.
      e.g:
      ...
      if (ch->flags & IEEE80211_CHAN_DISABLED)
              continue;
      
      So it should not been an ERROR, use the WARN level to instead it for now.
      Signed-off-by: NCaesar Wang <wxt@rock-chips.com>
      Acked-by: NXinming Hu <huxm@marvell.com>
      Signed-off-by: NKalle Valo <kvalo@codeaurora.org>
      421ba82c
  3. 16 6月, 2017 3 次提交
    • J
      networking: make skb_put & friends return void pointers · 4df864c1
      Johannes Berg 提交于
      It seems like a historic accident that these return unsigned char *,
      and in many places that means casts are required, more often than not.
      
      Make these functions (skb_put, __skb_put and pskb_put) return void *
      and remove all the casts across the tree, adding a (u8 *) cast only
      where the unsigned char pointer was used directly, all done with the
      following spatch:
      
          @@
          expression SKB, LEN;
          typedef u8;
          identifier fn = { skb_put, __skb_put };
          @@
          - *(fn(SKB, LEN))
          + *(u8 *)fn(SKB, LEN)
      
          @@
          expression E, SKB, LEN;
          identifier fn = { skb_put, __skb_put };
          type T;
          @@
          - E = ((T *)(fn(SKB, LEN)))
          + E = fn(SKB, LEN)
      
      which actually doesn't cover pskb_put since there are only three
      users overall.
      
      A handful of stragglers were converted manually, notably a macro in
      drivers/isdn/i4l/isdn_bsdcomp.c and, oddly enough, one of the many
      instances in net/bluetooth/hci_sock.c. In the former file, I also
      had to fix one whitespace problem spatch introduced.
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      4df864c1
    • J
      networking: introduce and use skb_put_data() · 59ae1d12
      Johannes Berg 提交于
      A common pattern with skb_put() is to just want to memcpy()
      some data into the new space, introduce skb_put_data() for
      this.
      
      An spatch similar to the one for skb_put_zero() converts many
      of the places using it:
      
          @@
          identifier p, p2;
          expression len, skb, data;
          type t, t2;
          @@
          (
          -p = skb_put(skb, len);
          +p = skb_put_data(skb, data, len);
          |
          -p = (t)skb_put(skb, len);
          +p = skb_put_data(skb, data, len);
          )
          (
          p2 = (t2)p;
          -memcpy(p2, data, len);
          |
          -memcpy(p, data, len);
          )
      
          @@
          type t, t2;
          identifier p, p2;
          expression skb, data;
          @@
          t *p;
          ...
          (
          -p = skb_put(skb, sizeof(t));
          +p = skb_put_data(skb, data, sizeof(t));
          |
          -p = (t *)skb_put(skb, sizeof(t));
          +p = skb_put_data(skb, data, sizeof(t));
          )
          (
          p2 = (t2)p;
          -memcpy(p2, data, sizeof(*p));
          |
          -memcpy(p, data, sizeof(*p));
          )
      
          @@
          expression skb, len, data;
          @@
          -memcpy(skb_put(skb, len), data, len);
          +skb_put_data(skb, data, len);
      
      (again, manually post-processed to retain some comments)
      Reviewed-by: NStephen Hemminger <stephen@networkplumber.org>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      59ae1d12
    • J
      networking: convert many more places to skb_put_zero() · b080db58
      Johannes Berg 提交于
      There were many places that my previous spatch didn't find,
      as pointed out by yuan linyu in various patches.
      
      The following spatch found many more and also removes the
      now unnecessary casts:
      
          @@
          identifier p, p2;
          expression len;
          expression skb;
          type t, t2;
          @@
          (
          -p = skb_put(skb, len);
          +p = skb_put_zero(skb, len);
          |
          -p = (t)skb_put(skb, len);
          +p = skb_put_zero(skb, len);
          )
          ... when != p
          (
          p2 = (t2)p;
          -memset(p2, 0, len);
          |
          -memset(p, 0, len);
          )
      
          @@
          type t, t2;
          identifier p, p2;
          expression skb;
          @@
          t *p;
          ...
          (
          -p = skb_put(skb, sizeof(t));
          +p = skb_put_zero(skb, sizeof(t));
          |
          -p = (t *)skb_put(skb, sizeof(t));
          +p = skb_put_zero(skb, sizeof(t));
          )
          ... when != p
          (
          p2 = (t2)p;
          -memset(p2, 0, sizeof(*p));
          |
          -memset(p, 0, sizeof(*p));
          )
      
          @@
          expression skb, len;
          @@
          -memset(skb_put(skb, len), 0, len);
          +skb_put_zero(skb, len);
      
      Apply it to the tree (with one manual fixup to keep the
      comment in vxlan.c, which spatch removed.)
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      b080db58
  4. 14 6月, 2017 1 次提交
  5. 13 6月, 2017 2 次提交
  6. 08 6月, 2017 1 次提交
    • D
      net: Fix inconsistent teardown and release of private netdev state. · cf124db5
      David S. Miller 提交于
      Network devices can allocate reasources and private memory using
      netdev_ops->ndo_init().  However, the release of these resources
      can occur in one of two different places.
      
      Either netdev_ops->ndo_uninit() or netdev->destructor().
      
      The decision of which operation frees the resources depends upon
      whether it is necessary for all netdev refs to be released before it
      is safe to perform the freeing.
      
      netdev_ops->ndo_uninit() presumably can occur right after the
      NETDEV_UNREGISTER notifier completes and the unicast and multicast
      address lists are flushed.
      
      netdev->destructor(), on the other hand, does not run until the
      netdev references all go away.
      
      Further complicating the situation is that netdev->destructor()
      almost universally does also a free_netdev().
      
      This creates a problem for the logic in register_netdevice().
      Because all callers of register_netdevice() manage the freeing
      of the netdev, and invoke free_netdev(dev) if register_netdevice()
      fails.
      
      If netdev_ops->ndo_init() succeeds, but something else fails inside
      of register_netdevice(), it does call ndo_ops->ndo_uninit().  But
      it is not able to invoke netdev->destructor().
      
      This is because netdev->destructor() will do a free_netdev() and
      then the caller of register_netdevice() will do the same.
      
      However, this means that the resources that would normally be released
      by netdev->destructor() will not be.
      
      Over the years drivers have added local hacks to deal with this, by
      invoking their destructor parts by hand when register_netdevice()
      fails.
      
      Many drivers do not try to deal with this, and instead we have leaks.
      
      Let's close this hole by formalizing the distinction between what
      private things need to be freed up by netdev->destructor() and whether
      the driver needs unregister_netdevice() to perform the free_netdev().
      
      netdev->priv_destructor() performs all actions to free up the private
      resources that used to be freed by netdev->destructor(), except for
      free_netdev().
      
      netdev->needs_free_netdev is a boolean that indicates whether
      free_netdev() should be done at the end of unregister_netdevice().
      
      Now, register_netdevice() can sanely release all resources after
      ndo_ops->ndo_init() succeeds, by invoking both ndo_ops->ndo_uninit()
      and netdev->priv_destructor().
      
      And at the end of unregister_netdevice(), we invoke
      netdev->priv_destructor() and optionally call free_netdev().
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      cf124db5
  7. 01 6月, 2017 2 次提交
  8. 31 5月, 2017 5 次提交
  9. 19 5月, 2017 13 次提交
  10. 18 5月, 2017 3 次提交
  11. 28 4月, 2017 1 次提交
  12. 27 4月, 2017 2 次提交
  13. 20 4月, 2017 3 次提交
    • B
      mwifiex: don't leak 'chan_stats' on reset · fb9e67be
      Brian Norris 提交于
      'chan_stats' is (re)allocated in _mwifiex_fw_dpc() ->
      mwifiex_init_channel_scan_gap(), which is called whenever the device is
      initialized -- at probe or at reset.
      
      But we only free it in we completely unregister the adapter, meaning we
      leak a copy of it during every reset.
      
      Let's free it in the shutdown / removal paths instead (and in the
      error-handling path), to avoid the leak.
      
      Ideally, we can eventually unify much of mwifiex_shutdown_sw() and
      mwifiex_remove_card() (way too much copy-and-paste) to reduce the burden
      on bugfixes like this. But that's work for tomorrow.
      Signed-off-by: NBrian Norris <briannorris@chromium.org>
      Signed-off-by: NKalle Valo <kvalo@codeaurora.org>
      fb9e67be
    • B
      mwifiex: pcie: clear outstanding work when resetting · 35e67d3d
      Brian Norris 提交于
      When we shut down the device (i.e., during 'reset'), we cancel any
      outstanding work, but we don't clear any work-related flags. This can
      cause problems if, e.g., we begin to queue a new firmware dump or card
      reset while the other one is in progress. That might leave work_flags
      with a stale value, and we might begin one of these *after* we've
      completely reset the device. That doesn't make sense, because all
      firmware context will have been lost by then.
      
      This fixes some forms of cascading failures, where I:
      
      (a) force a firmware dump (cat /sys/kernel/debug/mwifiex/mlan0/device_dump)
      (b) run a Wifi scan in parallel (iw mlan0 scan)
      (c) the scan times out due to (a) hogging the interface
      (d) the command timeout triggers another firmware dump and a reset [*]
      (e) the 2nd firmware dump flag persists across the reset
      (f) as soon as the interface comes back up, we trigger the pending
          firmware dump
      (g) subsequent commands time out again, while we are processing the
          firmware dump; return to (d)
      
      [*] Note that automatic card_reset() support is not yet implemented for
      the mwifiex PCIe driver, so we won't hit *exactly* this behavior yet.
      But we can see similarly-confusing behaviors today.
      Signed-off-by: NBrian Norris <briannorris@chromium.org>
      Signed-off-by: NKalle Valo <kvalo@codeaurora.org>
      35e67d3d
    • B
      mwifiex: reset timeout flag when resetting device · 9ae3fbd1
      Brian Norris 提交于
      If we reset because of a command timeout, we should reset this flag.
      Otherwise, we might erroneously think the next command after reset is
      timing out, and trigger another reset.
      
      The above behavior effectively neuters the automatic card_reset()
      behavior, as it means we will never recover from a command timeout
      properly (and in fact, we might enter an infinite loop:
      
        timeout -> reset -> (fake) timeout -> reset -> ...
      
      This fixes a bug introduced with introduction of PCIe function level
      reset support, but it was carried into the SDIO driver when it was
      converted to use the same codepaths. And this is currently mostly a
      problem only in the SDIO driver, because it's the only one with
      automatic card_reset() support (e.g., on command timeout). But it will
      be a problem for PCIe too, as I'm working on supporting automatic
      card_reset() for PCIe.
      
      Fixes: c742e623 ("mwifiex: sdio card reset enhancement")
      Fixes: 4c5dae59 ("mwifiex: add PCIe function level reset support")
      Signed-off-by: NBrian Norris <briannorris@chromium.org>
      Signed-off-by: NKalle Valo <kvalo@codeaurora.org>
      9ae3fbd1