Skip to content

R
raspberrypi-kernel

openeuler / raspberrypi-kernel

通知 13
Star 1
Fork 0
R
raspberrypi-kernel
切换分支/标签
  1. 19 10月, 2013 5 次提交
    • S
      rt2x00: check if device is still available on rt2x00mac_flush() · 5671ab05
      Stanislaw Gruszka 提交于 
      Fix random kernel panic with below messages when remove dongle.

[ 2212.355447] BUG: unable to handle kernel NULL pointer dereference at 0000000000000250
[ 2212.355527] IP: [<ffffffffa02667f2>] rt2x00usb_kick_tx_entry+0x12/0x160 [rt2x00usb]
[ 2212.355599] PGD 0
[ 2212.355626] Oops: 0000 [#1] SMP
[ 2212.355664] Modules linked in: rt2800usb rt2x00usb rt2800lib crc_ccitt rt2x00lib mac80211 cfg80211 tun arc4 fuse rfcomm bnep snd_hda_codec_realtek snd_hda_intel snd_hda_codec btusb uvcvideo bluetooth snd_hwdep x86_pkg_temp_thermal snd_seq coretemp aesni_intel aes_x86_64 snd_seq_device glue_helper snd_pcm ablk_helper videobuf2_vmalloc sdhci_pci videobuf2_memops videobuf2_core sdhci videodev mmc_core serio_raw snd_page_alloc microcode i2c_i801 snd_timer hid_multitouch thinkpad_acpi lpc_ich mfd_core snd tpm_tis wmi tpm tpm_bios soundcore acpi_cpufreq i915 i2c_algo_bit drm_kms_helper drm i2c_core video [last unloaded: cfg80211]
[ 2212.356224] CPU: 0 PID: 34 Comm: khubd Not tainted 3.12.0-rc3-wl+ #3
[ 2212.356268] Hardware name: LENOVO 3444CUU/3444CUU, BIOS G6ET93WW (2.53 ) 02/04/2013
[ 2212.356319] task: ffff880212f687c0 ti: ffff880212f66000 task.ti: ffff880212f66000
[ 2212.356392] RIP: 0010:[<ffffffffa02667f2>]  [<ffffffffa02667f2>] rt2x00usb_kick_tx_entry+0x12/0x160 [rt2x00usb]
[ 2212.356481] RSP: 0018:ffff880212f67750  EFLAGS: 00010202
[ 2212.356519] RAX: 000000000000000c RBX: 000000000000000c RCX: 0000000000000293
[ 2212.356568] RDX: ffff8801f4dc219a RSI: 0000000000000000 RDI: 0000000000000240
[ 2212.356617] RBP: ffff880212f67778 R08: ffffffffa02667e0 R09: 0000000000000002
[ 2212.356665] R10: 0001f95254ab4b40 R11: ffff880212f675be R12: ffff8801f4dc2150
[ 2212.356712] R13: 0000000000000000 R14: ffffffffa02667e0 R15: 000000000000000d
[ 2212.356761] FS:  0000000000000000(0000) GS:ffff88021e200000(0000) knlGS:0000000000000000
[ 2212.356813] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2212.356852] CR2: 0000000000000250 CR3: 0000000001a0c000 CR4: 00000000001407f0
[ 2212.356899] Stack:
[ 2212.356917]  000000000000000c ffff8801f4dc2150 0000000000000000 ffffffffa02667e0
[ 2212.356980]  000000000000000d ffff880212f677b8 ffffffffa03a31ad ffff8801f4dc219a
[ 2212.357038]  ffff8801f4dc2150 0000000000000000 ffff8800b93217a0 ffff8801f49bc800
[ 2212.357099] Call Trace:
[ 2212.357122]  [<ffffffffa02667e0>] ? rt2x00usb_interrupt_txdone+0x90/0x90 [rt2x00usb]
[ 2212.357174]  [<ffffffffa03a31ad>] rt2x00queue_for_each_entry+0xed/0x170 [rt2x00lib]
[ 2212.357244]  [<ffffffffa026701c>] rt2x00usb_kick_queue+0x5c/0x60 [rt2x00usb]
[ 2212.357314]  [<ffffffffa03a3682>] rt2x00queue_flush_queue+0x62/0xa0 [rt2x00lib]
[ 2212.357386]  [<ffffffffa03a2930>] rt2x00mac_flush+0x30/0x70 [rt2x00lib]
[ 2212.357470]  [<ffffffffa04edded>] ieee80211_flush_queues+0xbd/0x140 [mac80211]
[ 2212.357555]  [<ffffffffa0502e52>] ieee80211_set_disassoc+0x2d2/0x3d0 [mac80211]
[ 2212.357645]  [<ffffffffa0506da3>] ieee80211_mgd_deauth+0x1d3/0x240 [mac80211]
[ 2212.357718]  [<ffffffff8108b17c>] ? try_to_wake_up+0xec/0x290
[ 2212.357788]  [<ffffffffa04dbd18>] ieee80211_deauth+0x18/0x20 [mac80211]
[ 2212.357872]  [<ffffffffa0418ddc>] cfg80211_mlme_deauth+0x9c/0x140 [cfg80211]
[ 2212.357913]  [<ffffffffa041907c>] cfg80211_mlme_down+0x5c/0x60 [cfg80211]
[ 2212.357962]  [<ffffffffa041cd18>] cfg80211_disconnect+0x188/0x1a0 [cfg80211]
[ 2212.358014]  [<ffffffffa04013bc>] ? __cfg80211_stop_sched_scan+0x1c/0x130 [cfg80211]
[ 2212.358067]  [<ffffffffa03f8954>] cfg80211_leave+0xc4/0xe0 [cfg80211]
[ 2212.358124]  [<ffffffffa03f8d1b>] cfg80211_netdev_notifier_call+0x3ab/0x5e0 [cfg80211]
[ 2212.358177]  [<ffffffff815140f8>] ? inetdev_event+0x38/0x510
[ 2212.358217]  [<ffffffff81085a94>] ? __wake_up+0x44/0x50
[ 2212.358254]  [<ffffffff8155995c>] notifier_call_chain+0x4c/0x70
[ 2212.358293]  [<ffffffff81081156>] raw_notifier_call_chain+0x16/0x20
[ 2212.358361]  [<ffffffff814b6dd5>] call_netdevice_notifiers_info+0x35/0x60
[ 2212.358429]  [<ffffffff814b6ec9>] __dev_close_many+0x49/0xd0
[ 2212.358487]  [<ffffffff814b7028>] dev_close_many+0x88/0x100
[ 2212.358546]  [<ffffffff814b8150>] rollback_registered_many+0xb0/0x220
[ 2212.358612]  [<ffffffff814b8319>] unregister_netdevice_many+0x19/0x60
[ 2212.358694]  [<ffffffffa04d8eb2>] ieee80211_remove_interfaces+0x112/0x190 [mac80211]
[ 2212.358791]  [<ffffffffa04c585f>] ieee80211_unregister_hw+0x4f/0x100 [mac80211]
[ 2212.361994]  [<ffffffffa03a1221>] rt2x00lib_remove_dev+0x161/0x1a0 [rt2x00lib]
[ 2212.365240]  [<ffffffffa0266e2e>] rt2x00usb_disconnect+0x2e/0x70 [rt2x00usb]
[ 2212.368470]  [<ffffffff81419ce4>] usb_unbind_interface+0x64/0x1c0
[ 2212.371734]  [<ffffffff813b446f>] __device_release_driver+0x7f/0xf0
[ 2212.374999]  [<ffffffff813b4503>] device_release_driver+0x23/0x30
[ 2212.378131]  [<ffffffff813b3c98>] bus_remove_device+0x108/0x180
[ 2212.381358]  [<ffffffff813b0565>] device_del+0x135/0x1d0
[ 2212.384454]  [<ffffffff81417760>] usb_disable_device+0xb0/0x270
[ 2212.387451]  [<ffffffff8140d9cd>] usb_disconnect+0xad/0x1d0
[ 2212.390294]  [<ffffffff8140f6cd>] hub_thread+0x63d/0x1660
[ 2212.393034]  [<ffffffff8107c860>] ? wake_up_atomic_t+0x30/0x30
[ 2212.395728]  [<ffffffff8140f090>] ? hub_port_debounce+0x130/0x130
[ 2212.398412]  [<ffffffff8107baa0>] kthread+0xc0/0xd0
[ 2212.401058]  [<ffffffff8107b9e0>] ? insert_kthread_work+0x40/0x40
[ 2212.403639]  [<ffffffff8155de3c>] ret_from_fork+0x7c/0xb0
[ 2212.406193]  [<ffffffff8107b9e0>] ? insert_kthread_work+0x40/0x40
[ 2212.408732] Code: 24 58 08 00 00 bf 80 00 00 00 e8 3a c3 e0 e0 5b 41 5c 5d c3 0f 1f 44 00 00 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 <48> 8b 47 10 48 89 fb 4c 8b 6f 28 4c 8b 20 49 8b 04 24 4c 8b 30
[ 2212.414671] RIP  [<ffffffffa02667f2>] rt2x00usb_kick_tx_entry+0x12/0x160 [rt2x00usb]
[ 2212.417646]  RSP <ffff880212f67750>
[ 2212.420547] CR2: 0000000000000250
[ 2212.441024] ---[ end trace 5442918f33832bce ]---

Cc: stable@vger.kernel.org
Signed-off-by: NStanislaw Gruszka <stf_xl@wp.pl>
Acked-by: NHelmut Schaa <helmut.schaa@googlemail.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      5671ab05
    • S
      rt2400pci: fix RSSI read · 2bf127a5
      Stanislaw Gruszka 提交于 
      RSSI value is provided on word3 not on word2.

Cc: stable@vger.kernel.org
Signed-off-by: NStanislaw Gruszka <stf_xl@wp.pl>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      2bf127a5
    • F
      ath5k: fix regression in tx status processing · 7ede612f
      Felix Fietkau 提交于 
      The regression was introduced in the following commit:

0967e01e
"ath5k: make use of the new rate control API"

ath5k_tx_frame_completed saves the intended per-rate retry counts before
they are cleared by ieee80211_tx_info_clear_status, however at this
point the information in info->status.rates is incomplete.

This causes significant throughput degradation and excessive packet loss
on links where high bit rates don't work properly.

Move the copy from bf->rates a few lines up to ensure that the saved
retry counts are updated, and that they are really cleared in
info->status.rates after the call to ieee80211_tx_info_clear_status.

Cc: stable@vger.kernel.org # 3.10+
Cc: Thomas Huehn <thomas@net.t-labs.tu-berlin.de>
Cc: Benjamin Vahl <bvahl@net.t-labs.tu-berlin.de>
Reported-by: NBen West <ben@gowasabi.net>
Signed-off-by: NFelix Fietkau <nbd@openwrt.org>
Acked-by: NThomas Huehn <thomas@net.t-labs.tu-berlin.de>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      7ede612f
    • J
      Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211 · 334300f2
      John W. Linville 提交于
      334300f2
    • J
      Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/iwlwifi-fixes · 8245d023
      John W. Linville 提交于
      8245d023
  3. 18 10月, 2013 1 次提交
    • E
      iwlwifi: dvm: don't override mac80211's queue setting · f6b12952
      Emmanuel Grumbach 提交于 
      Since we set IEEE80211_HW_QUEUE_CONTROL, we can let
mac80211 do the queue assignement and don't need to
override its decisions.
While reassiging the same values is harmless of course,
it triggered  a WARNING when iwlwifi and mac80211 came
to different conclusions. This happened when mac80211 set
IEEE80211_TX_CTL_SEND_AFTER_DTIM, but didn't route the
packet to the cab_queue because no stations were asleep.

iwlwifi should not override mac80211's decicions for
offchannel packets and packets to  be sent after DTIM,
but it should override mac80211's decision for AMPDUs
since we have a special queue for them. So for AMPDU,
we still override info->hw_queue by the AMPDU queue.

This avoids:
------------[ cut here ]------------
WARNING: CPU: 0 PID: 2531 at drivers/net/wireless/iwlwifi/dvm/tx.c:456 iwlagn_tx_skb+0x6c5/0x883()
Modules linked in:
CPU: 0 PID: 2531 Comm: hostapd Not tainted 3.12.0-rc5+ #1
Hardware name:                  /D53427RKE, BIOS RKPPT10H.86A.0017.2013.0425.1251 04/25/2013
 0000000000000000 0000000000000009 ffffffff8189aa62 0000000000000000
 ffffffff8105a4f2 ffff880058339a48 ffffffff815f8a04 0000000000000000
 ffff8800560097b0 0000000000000208 0000000000000000 ffff8800561a9e5e
Call Trace:
 [<ffffffff8189aa62>] ? dump_stack+0x41/0x51
 [<ffffffff8105a4f2>] ? warn_slowpath_common+0x78/0x90
 [<ffffffff815f8a04>] ? iwlagn_tx_skb+0x6c5/0x883
 [<ffffffff815f8a04>] ? iwlagn_tx_skb+0x6c5/0x883
 [<ffffffff818a0040>] ? put_cred+0x15/0x15
 [<ffffffff815f6db4>] ? iwlagn_mac_tx+0x19/0x2f
 [<ffffffff8186cc45>] ? __ieee80211_tx+0x226/0x29b
 [<ffffffff8186e6bd>] ? ieee80211_tx+0xa6/0xb5
 [<ffffffff8186e98b>] ? ieee80211_monitor_start_xmit+0x1e9/0x204
 [<ffffffff8171ce5f>] ? dev_hard_start_xmit+0x271/0x3ec
 [<ffffffff817351ac>] ? sch_direct_xmit+0x66/0x164
 [<ffffffff8171d1bf>] ? dev_queue_xmit+0x1e5/0x3c8
 [<ffffffff817fac5a>] ? packet_sendmsg+0xac5/0xb3d
 [<ffffffff81709a09>] ? sock_sendmsg+0x37/0x52
 [<ffffffff810f9e0c>] ? __do_fault+0x338/0x36b
 [<ffffffff81713820>] ? verify_iovec+0x44/0x94
 [<ffffffff81709e63>] ? ___sys_sendmsg+0x1f1/0x283
 [<ffffffff81140a73>] ? __inode_wait_for_writeback+0x67/0xae
 [<ffffffff8111735e>] ? __cache_free.isra.46+0x178/0x187
 [<ffffffff811173b1>] ? kmem_cache_free+0x44/0x84
 [<ffffffff81132c22>] ? dentry_kill+0x13d/0x149
 [<ffffffff81132f6f>] ? dput+0xe5/0xef
 [<ffffffff81136e04>] ? fget_light+0x2e/0x7c
 [<ffffffff8170ae62>] ? __sys_sendmsg+0x39/0x57
 [<ffffffff818a7e39>] ? system_call_fastpath+0x16/0x1b
---[ end trace 1b3eb79359c1d1e6 ]---
Reported-by: NSander Eikelenboom <linux@eikelenboom.it>
Reviewed-by: NJohannes Berg <johannes.berg@intel.com>
Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      f6b12952
  5. 17 10月, 2013 1 次提交
    • J
      mac80211: disable WMM with invalid parameters · 095d81ce
      Johannes Berg 提交于 
      Some APs (notably a Sitecom WL-153 v1 with firmware 1.45) are sending
invalid WMM parameters setting AIFSN, ECWmin and ECWmax to zero. The
spec mandates that the value of AIFSN is at least 2, and some cards
(e.g. Intel with the iwldvm driver) can't transmit when the invalid
QoS parameters are actually uploaded to the firmware.

Since there's little chance of being able to guess the values that
the AP actually meant, disable WMM if such an invalid case is found.
Since ECWmin/ECWmax are allowed to be zero, only verify AIFSN >= 2
and ECWmin <= ECWmax.
Reviewed-by: NEliad Peller <eliad@wizery.com>
Reported-by: NAntonio Quartulli <antonio@meshcoding.com>
Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      095d81ce
  7. 15 10月, 2013 5 次提交
  9. 14 10月, 2013 2 次提交
    • J
      mac80211: fix crash if bitrate calculation goes wrong · d86aa4f8
      Johannes Berg 提交于 
      If a frame's timestamp is calculated, and the bitrate
calculation goes wrong and returns zero, the system
will attempt to divide by zero and crash. Catch this
case and print the rate information that the driver
reported when this happens.

Cc: stable@vger.kernel.org
Reported-by: NThomas Lindroth <thomas.lindroth@gmail.com>
Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      d86aa4f8
    • J
      wireless: radiotap: fix parsing buffer overrun · f5563318
      Johannes Berg 提交于 
      When parsing an invalid radiotap header, the parser can overrun
the buffer that is passed in because it doesn't correctly check
 1) the minimum radiotap header size
 2) the space for extended bitmaps

The first issue doesn't affect any in-kernel user as they all
check the minimum size before calling the radiotap function.
The second issue could potentially affect the kernel if an skb
is passed in that consists only of the radiotap header with a
lot of extended bitmaps that extend past the SKB. In that case
a read-only buffer overrun by at most 4 bytes is possible.

Fix this by adding the appropriate checks to the parser.

Cc: stable@vger.kernel.org
Reported-by: NEvan Huus <eapache@gmail.com>
Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      f5563318
  11. 11 10月, 2013 6 次提交
  13. 10 10月, 2013 2 次提交
  15. 08 10月, 2013 3 次提交
  17. 02 10月, 2013 6 次提交
  19. 01 10月, 2013 4 次提交
  21. 30 9月, 2013 3 次提交
  23. 27 9月, 2013 2 次提交
    • J
      cfg80211: fix sysfs registration race · aa5f66d5
      Johannes Berg 提交于 
      My locking rework/race fixes caused a regression in the
registration, causing uevent notifications for wireless
devices before the device is really fully registered and
available in nl80211.

Fix this by moving the device_add() under rtnl and move
the rfkill to afterwards (it can't be under rtnl.)
Reported-and-tested-by: NMaxime Bizon <mbizon@freebox.fr>
Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      aa5f66d5
    • A
      brcmsmac: call bcma_core_pci_power_save() from non-atomic context · c7515d23
      Arend van Spriel 提交于 
      This patch adds explicit call to bcma_core_pci_power_save() from
a non-atomic context resolving 'scheduling while atomic' issue.

[   13.224317] BUG: scheduling while atomic: dhcpcd/1800/0x00000202
[   13.224322] Modules linked in: brcmsmac nouveau coretemp kvm_intel kvm cordic brcmutil bcma dell_wmi atl1c ttm mxm_wmi wmi
[   13.224354] CPU: 0 PID: 1800 Comm: dhcpcd Tainted: G        W    3.11.0-wl #1
[   13.224359] Hardware name: Alienware M11x R2/M11x R2, BIOS A04 11/23/2010
[   13.224363]  ffff880177c12c40 ffff880170fd1968 ffffffff8169af5b 0000000000000007
[   13.224374]  ffff880170fd1ad0 ffff880170fd1978 ffffffff81697ee2 ffff880170fd19f8
[   13.224383]  ffffffff816a19f5 00000000000f4240 000000000000d080 ffff880170fd1fd8
[   13.224391] Call Trace:
[   13.224399]  [<ffffffff8169af5b>] dump_stack+0x4f/0x84
[   13.224403]  [<ffffffff81697ee2>] __schedule_bug+0x43/0x51
[   13.224409]  [<ffffffff816a19f5>] __schedule+0x6e5/0x810
[   13.224412]  [<ffffffff816a1c34>] schedule+0x24/0x70
[   13.224416]  [<ffffffff816a04fc>] schedule_hrtimeout_range_clock+0x10c/0x150
[   13.224420]  [<ffffffff810684e0>] ? update_rmtp+0x60/0x60
[   13.224424]  [<ffffffff8106915f>] ? hrtimer_start_range_ns+0xf/0x20
[   13.224429]  [<ffffffff816a054e>] schedule_hrtimeout_range+0xe/0x10
[   13.224432]  [<ffffffff8104f6fb>] usleep_range+0x3b/0x40
[   13.224437]  [<ffffffffa003733a>] bcma_pcie_mdio_read.isra.5+0x8a/0x100 [bcma]
[   13.224442]  [<ffffffffa00374a5>] bcma_pcie_mdio_writeread.isra.6.constprop.13+0x25/0x30 [bcma]
[   13.224448]  [<ffffffffa00374f9>] bcma_core_pci_power_save+0x49/0x80 [bcma]
[   13.224452]  [<ffffffffa003765d>] bcma_core_pci_up+0x2d/0x60 [bcma]
[   13.224460]  [<ffffffffa03dc17c>] brcms_c_up+0xfc/0x430 [brcmsmac]
[   13.224467]  [<ffffffffa03d1a7d>] brcms_up+0x1d/0x20 [brcmsmac]
[   13.224473]  [<ffffffffa03d2498>] brcms_ops_start+0x298/0x340 [brcmsmac]
[   13.224478]  [<ffffffff81600a12>] ? cfg80211_netdev_notifier_call+0xd2/0x5f0
[   13.224483]  [<ffffffff815fa53d>] ? packet_notifier+0xad/0x1d0
[   13.224487]  [<ffffffff81656e75>] ieee80211_do_open+0x325/0xf80
[   13.224491]  [<ffffffff8106ac09>] ? __raw_notifier_call_chain+0x9/0x10
[   13.224495]  [<ffffffff81657b41>] ieee80211_open+0x71/0x80
[   13.224498]  [<ffffffff81526267>] __dev_open+0x87/0xe0
[   13.224502]  [<ffffffff8152650c>] __dev_change_flags+0x9c/0x180
[   13.224505]  [<ffffffff815266a3>] dev_change_flags+0x23/0x70
[   13.224509]  [<ffffffff8158cd68>] devinet_ioctl+0x5b8/0x6a0
[   13.224512]  [<ffffffff8158d5c5>] inet_ioctl+0x75/0x90
[   13.224516]  [<ffffffff8150b38b>] sock_do_ioctl+0x2b/0x70
[   13.224519]  [<ffffffff8150b681>] sock_ioctl+0x71/0x2a0
[   13.224523]  [<ffffffff8114ed47>] do_vfs_ioctl+0x87/0x520
[   13.224528]  [<ffffffff8113f159>] ? ____fput+0x9/0x10
[   13.224533]  [<ffffffff8106228c>] ? task_work_run+0x9c/0xd0
[   13.224537]  [<ffffffff8114f271>] SyS_ioctl+0x91/0xb0
[   13.224541]  [<ffffffff816aa252>] system_call_fastpath+0x16/0x1b

Cc: <stable@vger.kernel.org> # 3.11.x
Cc: Tod Jackson <tod.jackson@gmail.com>
Cc: Joe Perches <joe@perches.com>
Cc: Rafal Milecki <zajec5@gmail.com>
Cc: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-by: NHante Meuleman <meuleman@broadcom.com>
Signed-off-by: NArend van Spriel <arend@broadcom.com>
Signed-off-by: NJohn W. Linville <linville@tuxdriver.com>
      c7515d23