1. 30 Jul, 2014 1 commit
    • Johan Hedberg's avatar
      Bluetooth: Fix SMP context tracking leading to a kernel crash · 616d55be
      Johan Hedberg authored
      The HCI_CONN_LE_SMP_PEND flag is supposed to indicate whether we have an
      SMP context or not. If the context creation fails, or some other error
      is indicated between setting the flag and creating the context the flag
      must be cleared first.
      
      This patch ensures that smp_chan_create() clears the flag in case of
      allocation failure as well as reorders code in smp_cmd_security_req()
      that could lead to returning an error between setting the flag and
      creating the context.
      
      Without the patch the following kind of kernel crash could be observed
      (this one because of unacceptable authentication requirements in a
      Security Request):
      
      [  +0.000855] kernel BUG at net/bluetooth/smp.c:606!
      [  +0.000000] invalid opcode: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
      [  +0.000000] CPU: 0 PID: 58 Comm: kworker/u5:2 Tainted: G        W     3.16.0-rc1+ #785
      [  +0.008391] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
      [  +0.000000] Workqueue: hci0 hci_rx_work
      [  +0.000000] task: f4dc8f90 ti: f4ef0000 task.ti: f4ef0000
      [  +0.000000] EIP: 0060:[<c13432b6>] EFLAGS: 00010246 CPU: 0
      [  +0.000000] EIP is at smp_chan_destroy+0x1e/0x145
      [  +0.000709] EAX: f46db870 EBX: 00000000 ECX: 00000000 EDX: 00000005
      [  +0.000000] ESI: f46db870 EDI: f46db870 EBP: f4ef1dc0 ESP: f4ef1db0
      [  +0.000000]  DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
      [  +0.000000] CR0: 8005003b CR2: b666b0b0 CR3: 00022000 CR4: 00000690
      [  +0.000000] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
      [  +0.000000] DR6: fffe0ff0 DR7: 00000400
      [  +0.000000] Stack:
      [  +0.000000]  00000005 f17b7840 f46db870 f4ef1dd4 f4ef1de4 c1343441 c134342e 00000000
      [  +0.000000]  c1343441 00000005 00000002 00000000 f17b7840 f4ef1e38 c134452a 00002aae
      [  +0.000000]  01ef1e00 00002aae f46bd980 f46db870 00000039 ffffffff 00000007 f4ef1e34
      [  +0.000000] Call Trace:
      [  +0.000000]  [<c1343441>] smp_failure+0x64/0x6c
      [  +0.000000]  [<c134342e>] ? smp_failure+0x51/0x6c
      [  +0.000000]  [<c1343441>] ? smp_failure+0x64/0x6c
      [  +0.000000]  [<c134452a>] smp_sig_channel+0xad6/0xafc
      [  +0.000000]  [<c1053b61>] ? vprintk_emit+0x343/0x366
      [  +0.000000]  [<c133f34e>] l2cap_recv_frame+0x1337/0x1ac4
      [  +0.000000]  [<c133f34e>] ? l2cap_recv_frame+0x1337/0x1ac4
      [  +0.000000]  [<c1172307>] ? __dynamic_pr_debug+0x3e/0x40
      [  +0.000000]  [<c11702a1>] ? debug_smp_processor_id+0x12/0x14
      [  +0.000000]  [<c1340bc9>] l2cap_recv_acldata+0xe8/0x239
      [  +0.000000]  [<c1340bc9>] ? l2cap_recv_acldata+0xe8/0x239
      [  +0.000000]  [<c1169931>] ? __const_udelay+0x1a/0x1c
      [  +0.000000]  [<c131f120>] hci_rx_work+0x1a1/0x286
      [  +0.000000]  [<c137244e>] ? mutex_unlock+0x8/0xa
      [  +0.000000]  [<c131f120>] ? hci_rx_work+0x1a1/0x286
      [  +0.000000]  [<c1038fe5>] process_one_work+0x128/0x1df
      [  +0.000000]  [<c1038fe5>] ? process_one_work+0x128/0x1df
      [  +0.000000]  [<c10392df>] worker_thread+0x222/0x2de
      [  +0.000000]  [<c10390bd>] ? process_scheduled_works+0x21/0x21
      [  +0.000000]  [<c103d34c>] kthread+0x82/0x87
      [  +0.000000]  [<c1040000>] ? create_new_namespaces+0x90/0x105
      [  +0.000000]  [<c13738e1>] ret_from_kernel_thread+0x21/0x30
      [  +0.000000]  [<c103d2ca>] ? __kthread_parkme+0x50/0x50
      [  +0.000000] Code: 65 f4 89 f0 5b 5e 5f 5d 8d 67 f8 5f c3 57 8d 7c 24 08 83 e4 f8 ff 77 fc 55 89 e5 57 89 c7 56 53 52 8b 98 e0 00 00 00 85 db 75 02 <0f> 0b 8b b3 80 00 00 00 8b 00 c1 ee 03 83 e6 01 89 f2 e8 ef 09
      [  +0.000000] EIP: [<c13432b6>] smp_chan_destroy+0x1e/0x145 SS:ESP 0068:f4ef1db0
      Signed-off-by: default avatarJohan Hedberg <johan.hedberg@intel.com>
      Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
      616d55be
  2. 29 Jul, 2014 10 commits
  3. 28 Jul, 2014 3 commits
  4. 27 Jul, 2014 1 commit
  5. 26 Jul, 2014 4 commits
  6. 25 Jul, 2014 4 commits
    • John W. Linville's avatar
      9a244409
    • Janusz Dziedzic's avatar
      ath10k: handle attention flags correctly when using A-MSDU · 0ccb7a34
      Janusz Dziedzic authored
      In case of A-MSDU RX we should check attention flags
      correctly to be sure we report correct FCS status for
      A-MSDU subframes. Without a patch we could report A-MSDU
      subframes with wrong FCS as a correct to the stack, next
      get a lot of DUP ACK TCP packets. Finally TP drop is seen
      and this drop depends on FCS errors ratio for A-MSDU frame.
      
      Example test case when TP drop is seen:
      - ath10k configured as an AP
      - used ath10k station
      - forced A-MSDU (7 frames) on STA
      - other traffic on channel (often FCS errors)
      - monitor iface added on AP
      - TCP STA -> AP traffic (iperf)
      
      a) Iperf logs for case without the patch:
      
      echo "1 64" > htt_max_amsdu_ampdu // disable A-MSDU
      [ ID] Interval       Transfer     Bandwidth
      [  3]  0.0- 5.0 sec  56.6 MBytes  95.0 Mbits/sec
      [  3]  5.0-10.0 sec  60.4 MBytes   101 Mbits/sec
      [  3] 10.0-15.0 sec  60.2 MBytes   101 Mbits/sec
      [  3] 15.0-20.0 sec  60.2 MBytes   101 Mbits/sec
      [  3] 20.0-25.0 sec  63.8 MBytes   107 Mbits/sec
      [  3] 25.0-30.0 sec  64.9 MBytes   109 Mbits/sec
      
      echo "7 64" > htt_max_amsdu_ampdu  // set 7 A-MSDU subframes
      [  3] 30.0-35.0 sec  40.0 MBytes  67.1 Mbits/sec
      [  3] 35.0-40.0 sec  35.9 MBytes  60.2 Mbits/sec
      [  3] 40.0-45.0 sec  36.9 MBytes  61.9 Mbits/sec
      [  3] 45.0-50.0 sec  37.9 MBytes  63.5 Mbits/sec
      [  3] 50.0-55.0 sec  34.5 MBytes  57.9 Mbits/sec
      [  3] 55.0-60.0 sec  25.4 MBytes  42.6 Mbits/sec
      [  3] 60.0-65.0 sec  48.2 MBytes  81.0 Mbits/sec
      [  3] 65.0-70.0 sec  28.8 MBytes  48.2 Mbits/sec
      [  3] 70.0-75.0 sec  29.2 MBytes  49.1 Mbits/sec
      [  3] 75.0-80.0 sec  22.9 MBytes  38.4 Mbits/sec
      [  3] 80.0-85.0 sec  26.4 MBytes  44.2 Mbits/sec
      [  3] 85.0-90.0 sec  31.5 MBytes  52.8 Mbits/sec
      
      b) Iperf logs for case with patch:
      
      echo "1 64" > htt_max_amsdu_ampdu // disable A-MSDU
      [  3] local 192.168.12.2 port 57512 connected with 192.168.12.1 port 5001
      [ ID] Interval       Transfer     Bandwidth
      [  3]  0.0- 5.0 sec  60.8 MBytes   102 Mbits/sec
      [  3]  5.0-10.0 sec  62.2 MBytes   104 Mbits/sec
      [  3] 10.0-15.0 sec  60.9 MBytes   102 Mbits/sec
      
      echo "7 64" > htt_max_amsdu_ampdu  // set 7 A-MSDU subframes
      [  3] 15.0-20.0 sec  68.1 MBytes   114 Mbits/sec
      [  3] 20.0-25.0 sec  80.5 MBytes   135 Mbits/sec
      [  3] 25.0-30.0 sec  83.0 MBytes   139 Mbits/sec
      [  3] 30.0-35.0 sec  79.1 MBytes   133 Mbits/sec
      [  3] 35.0-40.0 sec  77.1 MBytes   129 Mbits/sec
      [  3] 40.0-45.0 sec  77.4 MBytes   130 Mbits/sec
      Reported-by: default avatarDenton Gentry <denton.gentry@gmail.com>
      Signed-off-by: default avatarJanusz Dziedzic <janusz.dziedzic@tieto.com>
      Signed-off-by: default avatarKalle Valo <kvalo@qca.qualcomm.com>
      0ccb7a34
    • Michal Kazior's avatar
      ath10k: don't advertise IBSS iftype for 10.x · cf850d1d
      Michal Kazior authored
      The 10.x firmware does not support IBSS mode at
      all. It can't beacon and it crashes when trying to
      scan.
      Signed-off-by: default avatarMichal Kazior <michal.kazior@tieto.com>
      Signed-off-by: default avatarKalle Valo <kvalo@qca.qualcomm.com>
      cf850d1d
    • Michal Kazior's avatar
      ath10k: fix Rx aggregation reordering · aa5b4fbc
      Michal Kazior authored
      Firmware doesn't perform Rx reordering so it is
      left to the host driver to do that.
      
      Use mac80211 to perform reordering instead of
      re-inventing the wheel.
      
      This fixes TCP throughput issues in some
      environments.
      Reported-by: default avatarDenton Gentry <denton.gentry@gmail.com>
      Signed-off-by: default avatarMichal Kazior <michal.kazior@tieto.com>
      Signed-off-by: default avatarKalle Valo <kvalo@qca.qualcomm.com>
      aa5b4fbc
  7. 24 Jul, 2014 1 commit
  8. 23 Jul, 2014 13 commits
  9. 22 Jul, 2014 3 commits