1. 13 6月, 2012 2 次提交
    • E
      mac80211: check sdata_running on ieee80211_set_bitrate_mask · 554a43d5
      Eliad Peller 提交于
      Otherwise, we might call the driver callback before
      the interface was uploaded.
      
      Solves the following warning:
      WARNING: at net/mac80211/driver-ops.h:12 ieee80211_set_bitrate_mask+0xbc/0x18c [mac80211]()
      wlan0:  Failed check-sdata-in-driver check, flags: 0x0
      Modules linked in: wlcore_sdio wl12xx wl18xx wlcore mac80211 cfg80211 [last unloaded: cfg80211]
      [<c001b964>] (unwind_backtrace+0x0/0x12c) from [<c0495550>] (dump_stack+0x20/0x24)
      [<c0495550>] (dump_stack+0x20/0x24) from [<c003ee28>] (warn_slowpath_common+0x5c/0x74)
      [<c003ee28>] (warn_slowpath_common+0x5c/0x74) from [<c003eefc>] (warn_slowpath_fmt+0x40/0x48)
      [<c003eefc>] (warn_slowpath_fmt+0x40/0x48) from [<bf5c1ad0>] (ieee80211_set_bitrate_mask+0xbc/0x18c [mac80211])
      [<bf5c1ad0>] (ieee80211_set_bitrate_mask+0xbc/0x18c [mac80211]) from [<bf575960>] (nl80211_set_tx_bitrate_mask+0x350/0x358 [cfg80211])
      [<bf575960>] (nl80211_set_tx_bitrate_mask+0x350/0x358 [cfg80211]) from [<c03e9e94>] (genl_rcv_msg+0x1a8/0x1e8)
      [<c03e9e94>] (genl_rcv_msg+0x1a8/0x1e8) from [<c03e9164>] (netlink_rcv_skb+0x5c/0xc0)
      [<c03e9164>] (netlink_rcv_skb+0x5c/0xc0) from [<c03e9ce0>] (genl_rcv+0x28/0x34)
      [<c03e9ce0>] (genl_rcv+0x28/0x34) from [<c03e8e74>] (netlink_unicast+0x158/0x234)
      [<c03e8e74>] (netlink_unicast+0x158/0x234) from [<c03e93e0>] (netlink_sendmsg+0x218/0x298)
      [<c03e93e0>] (netlink_sendmsg+0x218/0x298) from [<c03b4e5c>] (sock_sendmsg+0xa4/0xc0)
      [<c03b4e5c>] (sock_sendmsg+0xa4/0xc0) from [<c03b5af4>] (__sys_sendmsg+0x1d8/0x254)
      [<c03b5af4>] (__sys_sendmsg+0x1d8/0x254) from [<c03b5ca8>] (sys_sendmsg+0x4c/0x70)
      [<c03b5ca8>] (sys_sendmsg+0x4c/0x70) from [<c0013980>] (ret_fast_syscall+0x0/0x3c)
      
      Note that calling the driver can also result
      in undefined behaviour since it doesn't have
      to deal with calls while down.
      Signed-off-by: NEliad Peller <eliad@wizery.com>
      [removed timestamps, added note - Johannes]
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      554a43d5
    • E
      cfg80211: fix potential deadlock in regulatory · fe20b39e
      Eliad Peller 提交于
      reg_timeout_work() calls restore_regulatory_settings() which
      takes cfg80211_mutex.
      
      reg_set_request_processed() already holds cfg80211_mutex
      before calling cancel_delayed_work_sync(reg_timeout),
      so it might deadlock.
      
      Call the async cancel_delayed_work instead, in order
      to avoid the potential deadlock.
      
      This is the relevant lockdep warning:
      
      cfg80211: Calling CRDA for country: XX
      
      ======================================================
      [ INFO: possible circular locking dependency detected ]
      3.4.0-rc5-wl+ #26 Not tainted
      -------------------------------------------------------
      kworker/0:2/1391 is trying to acquire lock:
       (cfg80211_mutex){+.+.+.}, at: [<bf28ae00>] restore_regulatory_settings+0x34/0x418 [cfg80211]
      
      but task is already holding lock:
       ((reg_timeout).work){+.+...}, at: [<c0059e94>] process_one_work+0x1f0/0x480
      
      which lock already depends on the new lock.
      
      the existing dependency chain (in reverse order) is:
      
      -> #2 ((reg_timeout).work){+.+...}:
             [<c008fd44>] validate_chain+0xb94/0x10f0
             [<c0090b68>] __lock_acquire+0x8c8/0x9b0
             [<c0090d40>] lock_acquire+0xf0/0x114
             [<c005b600>] wait_on_work+0x4c/0x154
             [<c005c000>] __cancel_work_timer+0xd4/0x11c
             [<c005c064>] cancel_delayed_work_sync+0x1c/0x20
             [<bf28b274>] reg_set_request_processed+0x50/0x78 [cfg80211]
             [<bf28bd84>] set_regdom+0x550/0x600 [cfg80211]
             [<bf294cd8>] nl80211_set_reg+0x218/0x258 [cfg80211]
             [<c03c7738>] genl_rcv_msg+0x1a8/0x1e8
             [<c03c6a00>] netlink_rcv_skb+0x5c/0xc0
             [<c03c7584>] genl_rcv+0x28/0x34
             [<c03c6720>] netlink_unicast+0x15c/0x228
             [<c03c6c7c>] netlink_sendmsg+0x218/0x298
             [<c03933c8>] sock_sendmsg+0xa4/0xc0
             [<c039406c>] __sys_sendmsg+0x1e4/0x268
             [<c0394228>] sys_sendmsg+0x4c/0x70
             [<c0013840>] ret_fast_syscall+0x0/0x3c
      
      -> #1 (reg_mutex){+.+.+.}:
             [<c008fd44>] validate_chain+0xb94/0x10f0
             [<c0090b68>] __lock_acquire+0x8c8/0x9b0
             [<c0090d40>] lock_acquire+0xf0/0x114
             [<c04734dc>] mutex_lock_nested+0x48/0x320
             [<bf28b2cc>] reg_todo+0x30/0x538 [cfg80211]
             [<c0059f44>] process_one_work+0x2a0/0x480
             [<c005a4b4>] worker_thread+0x1bc/0x2bc
             [<c0061148>] kthread+0x98/0xa4
             [<c0014af4>] kernel_thread_exit+0x0/0x8
      
      -> #0 (cfg80211_mutex){+.+.+.}:
             [<c008ed58>] print_circular_bug+0x68/0x2cc
             [<c008fb28>] validate_chain+0x978/0x10f0
             [<c0090b68>] __lock_acquire+0x8c8/0x9b0
             [<c0090d40>] lock_acquire+0xf0/0x114
             [<c04734dc>] mutex_lock_nested+0x48/0x320
             [<bf28ae00>] restore_regulatory_settings+0x34/0x418 [cfg80211]
             [<bf28b200>] reg_timeout_work+0x1c/0x20 [cfg80211]
             [<c0059f44>] process_one_work+0x2a0/0x480
             [<c005a4b4>] worker_thread+0x1bc/0x2bc
             [<c0061148>] kthread+0x98/0xa4
             [<c0014af4>] kernel_thread_exit+0x0/0x8
      
      other info that might help us debug this:
      
      Chain exists of:
        cfg80211_mutex --> reg_mutex --> (reg_timeout).work
      
       Possible unsafe locking scenario:
      
             CPU0                    CPU1
             ----                    ----
        lock((reg_timeout).work);
                                     lock(reg_mutex);
                                     lock((reg_timeout).work);
        lock(cfg80211_mutex);
      
       *** DEADLOCK ***
      
      2 locks held by kworker/0:2/1391:
       #0:  (events){.+.+.+}, at: [<c0059e94>] process_one_work+0x1f0/0x480
       #1:  ((reg_timeout).work){+.+...}, at: [<c0059e94>] process_one_work+0x1f0/0x480
      
      stack backtrace:
      [<c001b928>] (unwind_backtrace+0x0/0x12c) from [<c0471d3c>] (dump_stack+0x20/0x24)
      [<c0471d3c>] (dump_stack+0x20/0x24) from [<c008ef70>] (print_circular_bug+0x280/0x2cc)
      [<c008ef70>] (print_circular_bug+0x280/0x2cc) from [<c008fb28>] (validate_chain+0x978/0x10f0)
      [<c008fb28>] (validate_chain+0x978/0x10f0) from [<c0090b68>] (__lock_acquire+0x8c8/0x9b0)
      [<c0090b68>] (__lock_acquire+0x8c8/0x9b0) from [<c0090d40>] (lock_acquire+0xf0/0x114)
      [<c0090d40>] (lock_acquire+0xf0/0x114) from [<c04734dc>] (mutex_lock_nested+0x48/0x320)
      [<c04734dc>] (mutex_lock_nested+0x48/0x320) from [<bf28ae00>] (restore_regulatory_settings+0x34/0x418 [cfg80211])
      [<bf28ae00>] (restore_regulatory_settings+0x34/0x418 [cfg80211]) from [<bf28b200>] (reg_timeout_work+0x1c/0x20 [cfg80211])
      [<bf28b200>] (reg_timeout_work+0x1c/0x20 [cfg80211]) from [<c0059f44>] (process_one_work+0x2a0/0x480)
      [<c0059f44>] (process_one_work+0x2a0/0x480) from [<c005a4b4>] (worker_thread+0x1bc/0x2bc)
      [<c005a4b4>] (worker_thread+0x1bc/0x2bc) from [<c0061148>] (kthread+0x98/0xa4)
      [<c0061148>] (kthread+0x98/0xa4) from [<c0014af4>] (kernel_thread_exit+0x0/0x8)
      cfg80211: Calling CRDA to update world regulatory domain
      cfg80211: World regulatory domain updated:
      cfg80211:   (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
      cfg80211:   (2402000 KHz - 2472000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
      cfg80211:   (2457000 KHz - 2482000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
      cfg80211:   (2474000 KHz - 2494000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
      cfg80211:   (5170000 KHz - 5250000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
      cfg80211:   (5735000 KHz - 5835000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
      
      Cc: stable@kernel.org
      Signed-off-by: NEliad Peller <eliad@wizery.com>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      fe20b39e
  2. 12 6月, 2012 1 次提交
  3. 09 6月, 2012 13 次提交
  4. 07 6月, 2012 1 次提交
  5. 06 6月, 2012 3 次提交
  6. 05 6月, 2012 17 次提交
    • V
      Bluetooth: Fix checking the wrong flag when accepting a socket · ddcd0f41
      Vinicius Costa Gomes 提交于
      Most probably a typo, the check should have been for BT_SK_DEFER_SETUP
      instead of BT_DEFER_SETUP (which right now only represents a socket
      option).
      Signed-off-by: NVinicius Costa Gomes <vinicius.gomes@openbossa.org>
      Acked-by: NAndrei Emeltchenko <andrei.emeltchenko@intel.com>
      Signed-off-by: NGustavo Padovan <gustavo.padovan@collabora.co.uk>
      ddcd0f41
    • J
      iwlwifi: disable WoWLAN if !CONFIG_PM_SLEEP · fcb6ff5e
      Johannes Berg 提交于
      If CONFIG_PM_SLEEP is disabled, then iwlwifi doesn't
      support suspend/resume handlers and thus mac80211
      (correctly) refuses advertising WoWLAN. Disable
      WoWLAN in the driver in this case.
      
      Cc: stable@kernel.org
      Reported-by: NSebastian Kemper <sebastian_ml@gmx.net>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      fcb6ff5e
    • A
      mac80211: fix non RCU-safe sta_list manipulation · 794454ce
      Arik Nemtsov 提交于
      sta_info_cleanup locks the sta_list using rcu_read_lock however
      the delete operation isn't rcu safe. A race between sta_info_cleanup
      timer being called and a STA being removed can occur which leads
      to a panic while traversing sta_list. Fix this by switching to the
      RCU-safe versions.
      
      Cc: stable@vger.kernel.org
      Reported-by: NEyal Shapira <eyal@wizery.com>
      Signed-off-by: NArik Nemtsov <arik@wizery.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      794454ce
    • S
      bcma: add ext PA workaround for BCM4331 and BCM43431 · 69aaedd3
      Seth Forshee 提交于
      MacBook Pro models with BCM4331 wireless have been found to have the ext
      PA lines disabled after resuming from S3 without external power attach.
      This causes them to be unable to transmit. Add a workaround to ensure
      that the ext PA lines are enabled on BCM4331. Also extend all handling
      of ext PA line muxing to BCM43431 as is done in the Broadcom SDK.
      
      BugLink: http://bugs.launchpad.net/bugs/925577
      Cc: Arend van Spriel <arend@broadcom.com>
      Cc: Hauke Mehrtens <hauke@hauke-m.de>
      Cc: stable@vger.kernel.org
      Signed-off-by: NSeth Forshee <seth.forshee@canonical.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      69aaedd3
    • S
      rt2x00: use atomic variable for seqno · e5851dac
      Stanislaw Gruszka 提交于
      Remove spinlock as atomic_t can be used instead. Note we use only 16
      lower bits, upper bits are changed but we impilcilty cast to u16.
      
      This fix possible deadlock on IBSS mode reproted by lockdep:
      
      =================================
      [ INFO: inconsistent lock state ]
      3.4.0-wl+ #4 Not tainted
      ---------------------------------
      inconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage.
      kworker/u:2/30374 [HC0[0]:SC0[0]:HE1:SE1] takes:
       (&(&intf->seqlock)->rlock){+.?...}, at: [<f9979a20>] rt2x00queue_create_tx_descriptor+0x380/0x490 [rt2x00lib]
      {IN-SOFTIRQ-W} state was registered at:
        [<c04978ab>] __lock_acquire+0x47b/0x1050
        [<c0498504>] lock_acquire+0x84/0xf0
        [<c0835733>] _raw_spin_lock+0x33/0x40
        [<f9979a20>] rt2x00queue_create_tx_descriptor+0x380/0x490 [rt2x00lib]
        [<f9979f2a>] rt2x00queue_write_tx_frame+0x1a/0x300 [rt2x00lib]
        [<f997834f>] rt2x00mac_tx+0x7f/0x380 [rt2x00lib]
        [<f98fe363>] __ieee80211_tx+0x1b3/0x300 [mac80211]
        [<f98ffdf5>] ieee80211_tx+0x105/0x130 [mac80211]
        [<f99000dd>] ieee80211_xmit+0xad/0x100 [mac80211]
        [<f9900519>] ieee80211_subif_start_xmit+0x2d9/0x930 [mac80211]
        [<c0782e87>] dev_hard_start_xmit+0x307/0x660
        [<c079bb71>] sch_direct_xmit+0xa1/0x1e0
        [<c0784bb3>] dev_queue_xmit+0x183/0x730
        [<c078c27a>] neigh_resolve_output+0xfa/0x1e0
        [<c07b436a>] ip_finish_output+0x24a/0x460
        [<c07b4897>] ip_output+0xb7/0x100
        [<c07b2d60>] ip_local_out+0x20/0x60
        [<c07e01ff>] igmpv3_sendpack+0x4f/0x60
        [<c07e108f>] igmp_ifc_timer_expire+0x29f/0x330
        [<c04520fc>] run_timer_softirq+0x15c/0x2f0
        [<c0449e3e>] __do_softirq+0xae/0x1e0
      irq event stamp: 18380437
      hardirqs last  enabled at (18380437): [<c0526027>] __slab_alloc.clone.3+0x67/0x5f0
      hardirqs last disabled at (18380436): [<c0525ff3>] __slab_alloc.clone.3+0x33/0x5f0
      softirqs last  enabled at (18377616): [<c0449eb3>] __do_softirq+0x123/0x1e0
      softirqs last disabled at (18377611): [<c041278d>] do_softirq+0x9d/0xe0
      
      other info that might help us debug this:
       Possible unsafe locking scenario:
      
             CPU0
             ----
        lock(&(&intf->seqlock)->rlock);
        <Interrupt>
          lock(&(&intf->seqlock)->rlock);
      
       *** DEADLOCK ***
      
      4 locks held by kworker/u:2/30374:
       #0:  (wiphy_name(local->hw.wiphy)){++++.+}, at: [<c045cf99>] process_one_work+0x109/0x3f0
       #1:  ((&sdata->work)){+.+.+.}, at: [<c045cf99>] process_one_work+0x109/0x3f0
       #2:  (&ifibss->mtx){+.+.+.}, at: [<f98f005b>] ieee80211_ibss_work+0x1b/0x470 [mac80211]
       #3:  (&intf->beacon_skb_mutex){+.+...}, at: [<f997a644>] rt2x00queue_update_beacon+0x24/0x50 [rt2x00lib]
      
      stack backtrace:
      Pid: 30374, comm: kworker/u:2 Not tainted 3.4.0-wl+ #4
      Call Trace:
       [<c04962a6>] print_usage_bug+0x1f6/0x220
       [<c0496a12>] mark_lock+0x2c2/0x300
       [<c0495ff0>] ? check_usage_forwards+0xc0/0xc0
       [<c04978ec>] __lock_acquire+0x4bc/0x1050
       [<c0527890>] ? __kmalloc_track_caller+0x1c0/0x1d0
       [<c0777fb6>] ? copy_skb_header+0x26/0x90
       [<c0498504>] lock_acquire+0x84/0xf0
       [<f9979a20>] ? rt2x00queue_create_tx_descriptor+0x380/0x490 [rt2x00lib]
       [<c0835733>] _raw_spin_lock+0x33/0x40
       [<f9979a20>] ? rt2x00queue_create_tx_descriptor+0x380/0x490 [rt2x00lib]
       [<f9979a20>] rt2x00queue_create_tx_descriptor+0x380/0x490 [rt2x00lib]
       [<f997a5cf>] rt2x00queue_update_beacon_locked+0x5f/0xb0 [rt2x00lib]
       [<f997a64d>] rt2x00queue_update_beacon+0x2d/0x50 [rt2x00lib]
       [<f9977e3a>] rt2x00mac_bss_info_changed+0x1ca/0x200 [rt2x00lib]
       [<f9977c70>] ? rt2x00mac_remove_interface+0x70/0x70 [rt2x00lib]
       [<f98e4dd0>] ieee80211_bss_info_change_notify+0xe0/0x1d0 [mac80211]
       [<f98ef7b8>] __ieee80211_sta_join_ibss+0x3b8/0x610 [mac80211]
       [<c0496ab4>] ? mark_held_locks+0x64/0xc0
       [<c0440012>] ? virt_efi_query_capsule_caps+0x12/0x50
       [<f98efb09>] ieee80211_sta_join_ibss+0xf9/0x140 [mac80211]
       [<f98f0456>] ieee80211_ibss_work+0x416/0x470 [mac80211]
       [<c0496d8b>] ? trace_hardirqs_on+0xb/0x10
       [<c077683b>] ? skb_dequeue+0x4b/0x70
       [<f98f207f>] ieee80211_iface_work+0x13f/0x230 [mac80211]
       [<c045cf99>] ? process_one_work+0x109/0x3f0
       [<c045d015>] process_one_work+0x185/0x3f0
       [<c045cf99>] ? process_one_work+0x109/0x3f0
       [<f98f1f40>] ? ieee80211_teardown_sdata+0xa0/0xa0 [mac80211]
       [<c045ed86>] worker_thread+0x116/0x270
       [<c045ec70>] ? manage_workers+0x1e0/0x1e0
       [<c0462f64>] kthread+0x84/0x90
       [<c0462ee0>] ? __init_kthread_worker+0x60/0x60
       [<c083d382>] kernel_thread_helper+0x6/0x10
      
      Cc: stable@vger.kernel.org
      Signed-off-by: NStanislaw Gruszka <sgruszka@redhat.com>
      Acked-by: NHelmut Schaa <helmut.schaa@googlemail.com>
      Acked-by: NGertjan van Wingerde <gwingerde@gmail.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      e5851dac
    • J
      brcmfmac: Fix likely misuse of | for & · f304a993
      Joe Perches 提交于
      Using | with a constant is always true.
      Likely this should have be &.
      Signed-off-by: NJoe Perches <joe@perches.com>
      Acked-by: NArend van Spriel <arend@broadcom.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      f304a993
    • J
      mac80211: Fix likely misuse of | for & · 5204267d
      Joe Perches 提交于
      Using | with a constant is always true.
      Likely this should have be &.
      
      cc: Ben Greear <greearb@candelatech.com>
      Signed-off-by: NJoe Perches <joe@perches.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      5204267d
    • F
      mac80211: add missing rcu_read_lock/unlock in agg-rx session timer · d8c7aae6
      Felix Fietkau 提交于
      Fixes a lockdep warning:
      
      ===================================================
      [ INFO: suspicious rcu_dereference_check() usage. ]
      ---------------------------------------------------
      net/mac80211/agg-rx.c:148 invoked rcu_dereference_check() without protection!
      
      other info that might help us debug this:
      
      rcu_scheduler_active = 1, debug_locks = 1
      1 lock held by arecord/11226:
       #0:  (&tid_agg_rx->session_timer){+.-...}, at: [<ffffffff81066bb0>] call_timer_fn+0x0/0x360
      
      stack backtrace:
      Pid: 11226, comm: arecord Not tainted 3.1.0-kml #16
      Call Trace:
       <IRQ>  [<ffffffff81093454>] lockdep_rcu_dereference+0xa4/0xc0
       [<ffffffffa02778c9>] sta_rx_agg_session_timer_expired+0xc9/0x110 [mac80211]
       [<ffffffffa0277800>] ? ieee80211_process_addba_resp+0x220/0x220 [mac80211]
       [<ffffffff81066c3a>] call_timer_fn+0x8a/0x360
       [<ffffffff81066bb0>] ? init_timer_deferrable_key+0x30/0x30
       [<ffffffff81477bb0>] ? _raw_spin_unlock_irq+0x30/0x70
       [<ffffffff81067049>] run_timer_softirq+0x139/0x310
       [<ffffffff81091d5e>] ? put_lock_stats.isra.25+0xe/0x40
       [<ffffffff810922ac>] ? lock_release_holdtime.part.26+0xdc/0x160
       [<ffffffffa0277800>] ? ieee80211_process_addba_resp+0x220/0x220 [mac80211]
       [<ffffffff8105cb78>] __do_softirq+0xc8/0x3c0
       [<ffffffff8108f088>] ? tick_dev_program_event+0x48/0x110
       [<ffffffff8108f16f>] ? tick_program_event+0x1f/0x30
       [<ffffffff81153b15>] ? putname+0x35/0x50
       [<ffffffff8147a43c>] call_softirq+0x1c/0x30
       [<ffffffff81004c55>] do_softirq+0xa5/0xe0
       [<ffffffff8105d1ee>] irq_exit+0xae/0xe0
       [<ffffffff8147ac6b>] smp_apic_timer_interrupt+0x6b/0x98
       [<ffffffff81479ab3>] apic_timer_interrupt+0x73/0x80
       <EOI>  [<ffffffff8146aac6>] ? free_debug_processing+0x1a1/0x1d5
       [<ffffffff81153b15>] ? putname+0x35/0x50
       [<ffffffff8146ab2b>] __slab_free+0x31/0x2ca
       [<ffffffff81477c3a>] ? _raw_spin_unlock_irqrestore+0x4a/0x90
       [<ffffffff81253b8f>] ? __debug_check_no_obj_freed+0x15f/0x210
       [<ffffffff81097054>] ? lock_release_nested+0x84/0xc0
       [<ffffffff8113ec55>] ? kmem_cache_free+0x105/0x250
       [<ffffffff81153b15>] ? putname+0x35/0x50
       [<ffffffff81153b15>] ? putname+0x35/0x50
       [<ffffffff8113ed8f>] kmem_cache_free+0x23f/0x250
       [<ffffffff81153b15>] putname+0x35/0x50
       [<ffffffff81146d8d>] do_sys_open+0x16d/0x1d0
       [<ffffffff81146e10>] sys_open+0x20/0x30
       [<ffffffff81478f42>] system_call_fastpath+0x16/0x1b
      Reported-by: NJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: NFelix Fietkau <nbd@openwrt.org>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      d8c7aae6
    • J
      mac80211: clean up remain-on-channel on interface stop · 71ecfa18
      Johannes Berg 提交于
      When any interface goes down, it could be the one that we
      were doing a remain-on-channel with. We therefore need to
      cancel the remain-on-channel and flush the related work
      structs so they don't run after the interface has been
      removed or even destroyed.
      
      It's also possible in this case that an off-channel SKB
      was never transmitted, so free it if this is the case.
      Note that this can also happen if the driver finishes
      the off-channel period without ever starting it.
      
      Cc: stable@kernel.org
      Reported-by: NNirav Shah <nirav.j2.shah@intel.com>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      71ecfa18
    • J
      mac80211_hwsim: advertise interface combinations · 1ae2fc25
      Johannes Berg 提交于
      Enforcing interface combinations broke uses of hwsim
      with multiple virtual interfaces. Advertise that all
      combinations are possible to fix this.
      Reported-by: NNirav Shah <nirav.j2.shah@intel.com>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      1ae2fc25
    • M
      mac80211: fix error in station state transitions during reconfig · bd34ab62
      Meenakshi Venkataraman 提交于
      As part of hardware reconfig mac80211 tries
      to restore the station state to its values
      before the hardware reconfig, but it only
      goes to the last-state - 1. Fix this
      off-by-one error.
      
      Cc: stable@kernel.org [3.4]
      Signed-off-by: NMeenakshi Venkataraman <meenakshi.venkataraman@intel.com>
      Reviewed-by: NEmmanuel Grumbach <emmanuel.grumbach@intel.com>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      bd34ab62
    • J
      iwlwifi: fix TX power antenna access · a5fdde28
      Johannes Berg 提交于
      Since my commit
        iwlwifi: use valid TX/RX antenna from hw_params
      the config values are pure overrides, not the
      real values for all hardware. Therefore, the
      EEPROM TX power reading code checks the wrong
      values, it should check the hw_params values.
      
      Cc: stable@kernel.org [3.4]
      Reviewed-by: NEmmanuel Grumbach <emmanuel.grumbach@intel.com>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      a5fdde28
    • C
      mac80211: Fix Unreachable Mesh Station Problem when joining to another MBSS · b8bacc18
      Chun-Yeow Yeoh 提交于
      Mesh station that joins an MBSS is reachable using mesh portal with 6
      address frame by mesh stations from another MBSS if these two different
      MBSSes are bridged. However, if the mesh station later moves into the
      same MBSS of those mesh stations, it is unreachable by mesh stations
      in the MBSS due to the mpp_paths table is not deleted. A quick fix
      is to perform mesh_path_lookup, if it is available for the target
      destination, mpp_path_lookup is not performed. When the mesh station
      moves back to its original MBSS, the mesh_paths will be deleted once
      expired. So, it will be reachable using mpp_path_lookup again.
      Signed-off-by: NChun-Yeow Yeoh <yeohchunyeow@gmail.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      b8bacc18
    • A
      cfg80211: use sme_state in ibss start/join path · 28f33366
      Amitkumar Karwar 提交于
      CFG80211_DEV_WARN_ON() at "net/wireless/ibss.c line 63"
      is unnecessarily triggered even after successful connection,
      when cfg80211_ibss_joined() is called by driver inside
      .join_ibss handler.
      
      This patch fixes the problem by changing 'sme_state' in ibss path
      and having WARN_ON() check for 'sme_state' similar to infra
      association.
      Signed-off-by: NAmitkumar Karwar <akarwar@marvell.com>
      Signed-off-by: NBing Zhao <bzhao@marvell.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      28f33366
    • A
      mwifiex: support NL80211_HIDDEN_SSID_ZERO_LEN for uAP · 7a1c9934
      Avinash Patil 提交于
      mwifiex uAP supports NL80211_HIDDEN_SSID_ZERO_LEN type of hidden
      SSID only. NL80211_HIDDEN_SSID_ZERO_CONTENTS is not supported.
      Signed-off-by: NAvinash Patil <patila@marvell.com>
      Signed-off-by: NKiran Divekar <dkiran@marvell.com>
      Signed-off-by: NBing Zhao <bzhao@marvell.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      7a1c9934
    • A
      mwifiex: invalidate bss config before setting channel for uAP · f0e3bd23
      Avinash Patil 提交于
      Mark bss_config parameters as invalid before setting AP channel.
      This prevents from setting invalid parameters while setting AP
      channel to FW.
      Signed-off-by: NAvinash Patil <patila@marvell.com>
      Signed-off-by: NKiran Divekar <dkiran@marvell.com>
      Signed-off-by: NBing Zhao <bzhao@marvell.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      f0e3bd23
    • S
      mac80211: run scan after finish connection monitoring · 925e64c3
      Stanislaw Gruszka 提交于
      commit 133d40f9
      Author: Stanislaw Gruszka <sgruszka@redhat.com>
      Date:   Wed Mar 28 16:01:19 2012 +0200
      
          mac80211: do not scan and monitor connection in parallel
      
      add bug, which make possible to start a scan and never finish it, so
      make every new scanning request finish with -EBUSY error. This can
      happen on code paths where we finish connection monitoring and clear
      IEEE80211_STA_*_POLL flags, but do not check if scan was deferred.
      This patch fixes those code paths.
      Signed-off-by: NStanislaw Gruszka <sgruszka@redhat.com>
      Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      925e64c3
  7. 03 6月, 2012 3 次提交