1. 06 7月, 2016 2 次提交
    • A
      nl80211: Add API to support VHT MU-MIMO air sniffer · c6e6a0c8
      Aviya Erenfeld 提交于
      add API to support VHT MU-MIMO air sniffer.
      in MU-MIMO there are parallel frames on the air while the HW
      has only one RX.
      add the capability to sniff one of the MU-MIMO parallel frames by
      giving the sniffer additional information so it'll know which
      of the parallel frames it shall follow.
      
      Add attribute - NL80211_ATTR_MU_MIMO_GROUP_DATA - for getting
      a MU-MIMO groupID in order to monitor packets from that group
      using VHT MU-MIMO.
      And add attribute -NL80211_ATTR_MU_MIMO_FOLLOW_ADDR - for passing
      MAC address to monitor mode.
      that option will be used by VHT MU-MIMO air sniffer to follow a
      station according to it's MAC address using VHT MU-MIMO.
      Signed-off-by: NAviya Erenfeld <aviya.erenfeld@intel.com>
      Signed-off-by: NLuca Coelho <luciano.coelho@intel.com>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      c6e6a0c8
    • J
      mac80211: agg-rx: refuse ADDBA Request with timeout update · f89e07d4
      Johannes Berg 提交于
      The current implementation of handling ADDBA Request while a session
      is already active with the peer is wrong - in case the peer is using
      the existing session's dialog token this should be treated as update
      to the session, which can update the timeout value.
      
      We don't really have a good way of supporting that, so reject, but
      implement the required behaviour in the spec of "Even if the updated
      ADDBA Request frame is not accepted, the original Block ACK setup
      remains active." (802.11-2012 10.5.4)
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      f89e07d4
  2. 30 6月, 2016 14 次提交
    • M
      mac80211: fix fq lockdep warnings · 59a7c828
      Michal Kazior 提交于
      Some lockdep assertions were not fulfilled and
      resulted in a kernel warning/call trace if driver
      used intermediate software queues (e.g. ath10k).
      
      Existing code sequences should've guaranteed safety
      but it's always good to be extra careful.
      
      The call trace could look like this:
      
       [ 237.335805] ------------[ cut here ]------------
       [ 237.335852] WARNING: CPU: 3 PID: 1921 at include/net/fq_impl.h:22 fq_flow_dequeue+0xed/0x140 [mac80211]
       [ 237.335855] Modules linked in: ath10k_pci(E-) ath10k_core(E) ath(E) mac80211(E) cfg80211(E)
       [ 237.335913] CPU: 3 PID: 1921 Comm: rmmod Tainted: G        W   E   4.7.0-rc4-wt-ath+ #1377
       [ 237.335916] Hardware name: Hewlett-Packard HP ProBook 6540b/1722, BIOS 68CDD Ver. F.04 01/27/2010
       [ 237.335918]  00200286 00200286 eff85dac c14151e2 f901574e 00000000 eff85de0 c1081075
       [ 237.335928]  c1ab91f0 00000003 00000781 f901574e 00000016 f8fbabad f8fbabad 00000016
       [ 237.335938]  eb24ff60 00000000 ef3886c0 eff85df4 c10810ba 00000009 00000000 00000000
       [ 237.335948] Call Trace:
       [ 237.335953]  [<c14151e2>] dump_stack+0x76/0xb4
       [ 237.335957]  [<c1081075>] __warn+0xe5/0x100
       [ 237.336002]  [<f8fbabad>] ? fq_flow_dequeue+0xed/0x140 [mac80211]
       [ 237.336046]  [<f8fbabad>] ? fq_flow_dequeue+0xed/0x140 [mac80211]
       [ 237.336053]  [<c10810ba>] warn_slowpath_null+0x2a/0x30
       [ 237.336095]  [<f8fbabad>] fq_flow_dequeue+0xed/0x140 [mac80211]
       [ 237.336137]  [<f8fbc67a>] fq_flow_reset.constprop.56+0x2a/0x90 [mac80211]
       [ 237.336180]  [<f8fbc79a>] fq_reset.constprop.59+0x2a/0x50 [mac80211]
       [ 237.336222]  [<f8fc04e8>] ieee80211_txq_teardown_flows+0x38/0x40 [mac80211]
       [ 237.336258]  [<f8f7c1a4>] ieee80211_unregister_hw+0xe4/0x120 [mac80211]
       [ 237.336275]  [<f933f536>] ath10k_mac_unregister+0x16/0x50 [ath10k_core]
       [ 237.336292]  [<f934592d>] ath10k_core_unregister+0x3d/0x90 [ath10k_core]
       [ 237.336301]  [<f85f8836>] ath10k_pci_remove+0x36/0xa0 [ath10k_pci]
       [ 237.336307]  [<c1470388>] pci_device_remove+0x38/0xb0
       ...
      
      Fixes: 5caa328e ("mac80211: implement codel on fair queuing flows")
      Fixes: fa962b92 ("mac80211: implement fair queueing per txq")
      Tested-by: NKalle Valo <kvalo@qca.qualcomm.com>
      Reported-by: NKalle Valo <kvalo@qca.qualcomm.com>
      Signed-off-by: NMichal Kazior <michal.kazior@tieto.com>
      Signed-off-by: NJohannes Berg <johannes@sipsolutions.net>
      59a7c828
    • B
      mac80211: use common cleanup for user/!user_mpm · efc401f4
      Bob Copeland 提交于
      We've accumulated a couple of different fixes now to mesh_sta_cleanup()
      due to the different paths that user_mpm and !user_mpm cases take -- one
      fix to flush nexthop paths and one to fix the counting.
      
      The only caller of mesh_plink_deactivate() is mesh_sta_cleanup(), so we
      can push the user_mpm checks down into there in order to share more
      code.
      
      In doing so, we can remove an extra call to mesh_path_flush_by_nexthop()
      and the (unnecessary) call to mesh_accept_plinks_update().  This will
      also ensure the powersaving state code gets called in the user_mpm case.
      
      The only cleanup tasks we need to avoid when MPM is in user-space
      are sending the peering frames and stopping the plink timer, so wrap
      those in the appropriate check.
      Signed-off-by: NBob Copeland <me@bobcopeland.com>
      Signed-off-by: NJohannes Berg <johannes@sipsolutions.net>
      efc401f4
    • M
      mac80211: Encrypt "Group addressed privacy" action frames · 46f6b060
      Masashi Honma 提交于
      Previously, the action frames to group address was not encrypted. But
      [1] "Table 8-38 Category values" indicates "Mesh" and "Multihop" category
      action frames should be encrypted (Group addressed privacy == yes). And the
      encyption key should be MGTK ([1] 10.13 Group addressed robust management frame
      procedures). So this patch modifies the code to make it suitable for spec.
      
      [1] IEEE Std 802.11-2012
      Signed-off-by: NMasashi Honma <masashi.honma@gmail.com>
      Signed-off-by: NJohannes Berg <johannes@sipsolutions.net>
      46f6b060
    • D
      mac80211: silence an uninitialized variable warning · 49708e37
      Dan Carpenter 提交于
      We normally return an uninitialized value, but no one checks it so it
      doesn't matter.  Anyway, let's silence the static checker warning.
      Signed-off-by: NDan Carpenter <dan.carpenter@oracle.com>
      Signed-off-by: NJohannes Berg <johannes@sipsolutions.net>
      49708e37
    • M
      wireless: Use macro instead of number · e98e915e
      Masashi Honma 提交于
      Use IEEE80211_MIN_ACTION_SIZE macro for robust management frame check.
      Signed-off-by: NMasashi Honma <masashi.honma@gmail.com>
      Signed-off-by: NJohannes Berg <johannes@sipsolutions.net>
      e98e915e
    • A
      nl80211: improve nl80211_parse_mesh_config type checking · f151d9db
      Arnd Bergmann 提交于
      When building a kernel with W=1, the nl80211.c file causes a number of
      warnings, all about the same problem:
      
      net/wireless/nl80211.c: In function 'nl80211_parse_mesh_config':
      net/wireless/nl80211.c:5287:103: error: comparison is always false due to limited range of data type [-Werror=type-limits]
      net/wireless/nl80211.c:5290:96: error: comparison is always false due to limited range of data type [-Werror=type-limits]
      net/wireless/nl80211.c:5293:124: error: comparison is always false due to limited range of data type [-Werror=type-limits]
      net/wireless/nl80211.c:5295:148: error: comparison is always false due to limited range of data type [-Werror=type-limits]
      net/wireless/nl80211.c:5298:106: error: comparison is always false due to limited range of data type [-Werror=type-limits]
      net/wireless/nl80211.c:5305:116: error: comparison is always false due to limited range of data type [-Werror=type-limits]
      
      The problem is that gcc does not notice that the check is generate
      by a macro, so it complains about comparing an unsigned type against 0.
      
      I've tried to come up with a way to rephrase that code in a way that
      avoids the warnings and otherwise improves the code as well.
      
      This uses a set of new helper functions that perform the range checking,
      and should provide slightly better type safety than the older patch,
      at the expense of adding 44 lines to the code. Binary code size is
      basically unchanged though (20 bytes added to 126561 bytes .text).
      Signed-off-by: NArnd Bergmann <arnd@arndb.de>
      Signed-off-by: NJohannes Berg <johannes@sipsolutions.net>
      f151d9db
    • M
      mac80211_hwsim: Allow wmediumd to attach to radios created in its netns · f21e4d8e
      Martin Willi 提交于
      Registering wmediumd is currently limited to the initial network
      namespace. This patch enables wmediumd to attach from non-initial
      network namespaces using a user namespace having CAP_NET_ADMIN. A
      registered wmediumd can forward frames on radios that have been created
      in the same network namespace, even if they have been moved to other
      network namespaces.
      
      The wmediumd Netlink portid is tracked per net namespace. Additionally,
      the portid is stored on all radios created in that net namespace to
      simplify the portid lookup in the data path.
      Signed-off-by: NMartin Willi <martin@strongswan.org>
      Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
      f21e4d8e
    • D
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · ee58b571
      David S. Miller 提交于
      Several cases of overlapping changes, except the packet scheduler
      conflicts which deal with the addition of the free list parameter
      to qdisc_enqueue().
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      ee58b571
    • L
      Merge tag 'nfs-for-4.7-2' of git://git.linux-nfs.org/projects/anna/linux-nfs · e7bdea77
      Linus Torvalds 提交于
      Pull NFS client bugfixes from Anna Schumaker:
       "Stable bugfixes:
         - Fix _cancel_empty_pagelist
         - Fix a double page unlock
         - Make nfs_atomic_open() call d_drop() on all ->open_context() errors.
         - Fix another OPEN_DOWNGRADE bug
      
        Other bugfixes:
         - Ensure we handle delegation errors in nfs4_proc_layoutget()
         - Layout stateids start out as being invalid
         - Add sparse lock annotations for pnfs_find_alloc_layout
         - Handle bad delegation stateids in nfs4_layoutget_handle_exception
         - Fix up O_DIRECT results
         - Fix potential use after free of state in nfs4_do_reclaim.
         - Mark the layout stateid invalid when all segments are removed
         - Don't let readdirplus revalidate an inode that was marked as stale
         - Fix potential race in nfs_fhget()
         - Fix an unused variable warning"
      
      * tag 'nfs-for-4.7-2' of git://git.linux-nfs.org/projects/anna/linux-nfs:
        NFS: Fix another OPEN_DOWNGRADE bug
        make nfs_atomic_open() call d_drop() on all ->open_context() errors.
        NFS: Fix an unused variable warning
        NFS: Fix potential race in nfs_fhget()
        NFS: Don't let readdirplus revalidate an inode that was marked as stale
        NFSv4.1/pnfs: Mark the layout stateid invalid when all segments are removed
        NFS: Fix a double page unlock
        pnfs_nfs: fix _cancel_empty_pagelist
        nfs4: Fix potential use after free of state in nfs4_do_reclaim.
        NFS: Fix up O_DIRECT results
        NFS/pnfs: handle bad delegation stateids in nfs4_layoutget_handle_exception
        NFSv4.1/pnfs: Add sparse lock annotations for pnfs_find_alloc_layout
        NFSv4.1/pnfs: Layout stateids start out as being invalid
        NFSv4.1/pnfs: Ensure we handle delegation errors in nfs4_proc_layoutget()
      e7bdea77
    • L
      Merge branch 'stable-4.7' of git://git.infradead.org/users/pcmoore/audit · 89a82a92
      Linus Torvalds 提交于
      Pull audit fixes from Paul Moore:
       "Two small patches to fix audit problems in 4.7-rcX: the first fixes a
        potential kref leak, the second removes some header file noise.
      
        The first is an important bug fix that really should go in before 4.7
        is released, the second is not critical, but falls into the very-nice-
        to-have category so I'm including in the pull request.
      
        Both patches are straightforward, self-contained, and pass our
        testsuite without problem"
      
      * 'stable-4.7' of git://git.infradead.org/users/pcmoore/audit:
        audit: move audit_get_tty to reduce scope and kabi changes
        audit: move calcs after alloc and check when logging set loginuid
      89a82a92
    • L
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · 32826ac4
      Linus Torvalds 提交于
      Pull networking fixes from David Miller:
       "I've been traveling so this accumulates more than week or so of bug
        fixing.  It perhaps looks a little worse than it really is.
      
         1) Fix deadlock in ath10k driver, from Ben Greear.
      
         2) Increase scan timeout in iwlwifi, from Luca Coelho.
      
         3) Unbreak STP by properly reinjecting STP packets back into the
            stack.  Regression fix from Ido Schimmel.
      
         4) Mediatek driver fixes (missing malloc failure checks, leaking of
            scratch memory, wrong indexing when mapping TX buffers, etc.) from
            John Crispin.
      
         5) Fix endianness bug in icmpv6_err() handler, from Hannes Frederic
            Sowa.
      
         6) Fix hashing of flows in UDP in the ruseport case, from Xuemin Su.
      
         7) Fix netlink notifications in ovs for tunnels, delete link messages
            are never emitted because of how the device registry state is
            handled.  From Nicolas Dichtel.
      
         8) Conntrack module leaks kmemcache on unload, from Florian Westphal.
      
         9) Prevent endless jump loops in nft rules, from Liping Zhang and
            Pablo Neira Ayuso.
      
        10) Not early enough spinlock initialization in mlx4, from Eric
            Dumazet.
      
        11) Bind refcount leak in act_ipt, from Cong WANG.
      
        12) Missing RCU locking in HTB scheduler, from Florian Westphal.
      
        13) Several small MACSEC bug fixes from Sabrina Dubroca (missing RCU
            barrier, using heap for SG and IV, and erroneous use of async flag
            when allocating AEAD conext.)
      
        14) RCU handling fix in TIPC, from Ying Xue.
      
        15) Pass correct protocol down into ipv4_{update_pmtu,redirect}() in
            SIT driver, from Simon Horman.
      
        16) Socket timer deadlock fix in TIPC from Jon Paul Maloy.
      
        17) Fix potential deadlock in team enslave, from Ido Schimmel.
      
        18) Memory leak in KCM procfs handling, from Jiri Slaby.
      
        19) ESN generation fix in ipv4 ESP, from Herbert Xu.
      
        20) Fix GFP_KERNEL allocations with locks held in act_ife, from Cong
            WANG.
      
        21) Use after free in netem, from Eric Dumazet.
      
        22) Uninitialized last assert time in multicast router code, from Tom
            Goff.
      
        23) Skip raw sockets in sock_diag destruction broadcast, from Willem
            de Bruijn.
      
        24) Fix link status reporting in thunderx, from Sunil Goutham.
      
        25) Limit resegmentation of retransmit queue so that we do not
            retransmit too large GSO frames.  From Eric Dumazet.
      
        26) Delay bpf program release after grace period, from Daniel
            Borkmann"
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (141 commits)
        openvswitch: fix conntrack netlink event delivery
        qed: Protect the doorbell BAR with the write barriers.
        neigh: Explicitly declare RCU-bh read side critical section in neigh_xmit()
        e1000e: keep VLAN interfaces functional after rxvlan off
        cfg80211: fix proto in ieee80211_data_to_8023 for frames without LLC header
        qlcnic: use the correct ring in qlcnic_83xx_process_rcv_ring_diag()
        bpf, perf: delay release of BPF prog after grace period
        net: bridge: fix vlan stats continue counter
        tcp: do not send too big packets at retransmit time
        ibmvnic: fix to use list_for_each_safe() when delete items
        net: thunderx: Fix TL4 configuration for secondary Qsets
        net: thunderx: Fix link status reporting
        net/mlx5e: Reorganize ethtool statistics
        net/mlx5e: Fix number of PFC counters reported to ethtool
        net/mlx5e: Prevent adding the same vxlan port
        net/mlx5e: Check for BlueFlame capability before allocating SQ uar
        net/mlx5e: Change enum to better reflect usage
        net/mlx5: Add ConnectX-5 PCIe 4.0 to list of supported devices
        net/mlx5: Update command strings
        net: marvell: Add separate config ANEG function for Marvell 88E1111
        ...
      32826ac4
    • L
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux · 653c574a
      Linus Torvalds 提交于
      Pull s390 fixes from Martin Schwidefsky:
       "Another two bug fixes for 4.7:
      
         - The revert of patch which removed boot information for systems
           using an intermediate boot kernel, e.g. the SLES12 grub setup.
      
         - A fix for an incorrect inline assembly constraint that causes
           broken code to be generated with gcc 4.8.5"
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
        s390: fix test_fp_ctl inline assembly contraints
        Revert "s390/kdump: Clear subchannel ID to signal non-CCW/SCSI IPL"
      653c574a
    • L
      Merge tag 'pinctrl-v4.7-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl · 00bf377d
      Linus Torvalds 提交于
      Pull pin control fixes from Linus Walleij:
       "Here are a bunch of fixes for pin control.  Just drivers and a
        MAINTAINERS fixup:
      
         - Driver fixes for i.MX, single register, Tegra and BayTrail.
      
         - MAINTAINERS entry for the documentation"
      
      * tag 'pinctrl-v4.7-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl:
        pinctrl: baytrail: Fix mingled clock pins
        MAINTAINERS: belong Documentation/pinctrl.txt properly
        pinctrl: tegra: Fix build dependency
        gpio: tegra: Make lockdep class file-scoped
        pinctrl: single: Fix missing flush of posted write for a wakeirq
        pinctrl: imx: Do not treat a PIN without MUX register as an error
      00bf377d
    • L
      Merge branch 'for-4.7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup · 52827f38
      Linus Torvalds 提交于
      Pull cgroup fixes from Tejun Heo:
       "Three fix patches.  Two are for cgroup / css init failure path.  The
        last one makes css_set_lock irq-safe as the deadline scheduler ends up
        calling put_css_set() from irq context"
      
      * 'for-4.7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup:
        cgroup: Disable IRQs while holding css_set_lock
        cgroup: set css->id to -1 during init
        cgroup: remove redundant cleanup in css_create
      52827f38
  3. 29 6月, 2016 24 次提交