1. 13 Jun, 2012 3 commits
    • David Spinadel's avatar
      mac80211: stop polling in disassociation · 79543d8e
      David Spinadel authored
      Stop connection monitor poll during disassociation.
      This clears the polling flags and if a scan was
      deferred it will be run.
      
      Without this fix, if a scan was deferred due to
      connection monitoring while disassociation happens,
      this scan blocks further scan requests until interface
      down/up which causes problems connecting to another AP.
      Signed-off-by: default avatarDavid Spinadel <david.spinadel@intel.com>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      79543d8e
    • Eliad Peller's avatar
      mac80211: check sdata_running on ieee80211_set_bitrate_mask · 554a43d5
      Eliad Peller authored
      Otherwise, we might call the driver callback before
      the interface was uploaded.
      
      Solves the following warning:
      WARNING: at net/mac80211/driver-ops.h:12 ieee80211_set_bitrate_mask+0xbc/0x18c [mac80211]()
      wlan0:  Failed check-sdata-in-driver check, flags: 0x0
      Modules linked in: wlcore_sdio wl12xx wl18xx wlcore mac80211 cfg80211 [last unloaded: cfg80211]
      [<c001b964>] (unwind_backtrace+0x0/0x12c) from [<c0495550>] (dump_stack+0x20/0x24)
      [<c0495550>] (dump_stack+0x20/0x24) from [<c003ee28>] (warn_slowpath_common+0x5c/0x74)
      [<c003ee28>] (warn_slowpath_common+0x5c/0x74) from [<c003eefc>] (warn_slowpath_fmt+0x40/0x48)
      [<c003eefc>] (warn_slowpath_fmt+0x40/0x48) from [<bf5c1ad0>] (ieee80211_set_bitrate_mask+0xbc/0x18c [mac80211])
      [<bf5c1ad0>] (ieee80211_set_bitrate_mask+0xbc/0x18c [mac80211]) from [<bf575960>] (nl80211_set_tx_bitrate_mask+0x350/0x358 [cfg80211])
      [<bf575960>] (nl80211_set_tx_bitrate_mask+0x350/0x358 [cfg80211]) from [<c03e9e94>] (genl_rcv_msg+0x1a8/0x1e8)
      [<c03e9e94>] (genl_rcv_msg+0x1a8/0x1e8) from [<c03e9164>] (netlink_rcv_skb+0x5c/0xc0)
      [<c03e9164>] (netlink_rcv_skb+0x5c/0xc0) from [<c03e9ce0>] (genl_rcv+0x28/0x34)
      [<c03e9ce0>] (genl_rcv+0x28/0x34) from [<c03e8e74>] (netlink_unicast+0x158/0x234)
      [<c03e8e74>] (netlink_unicast+0x158/0x234) from [<c03e93e0>] (netlink_sendmsg+0x218/0x298)
      [<c03e93e0>] (netlink_sendmsg+0x218/0x298) from [<c03b4e5c>] (sock_sendmsg+0xa4/0xc0)
      [<c03b4e5c>] (sock_sendmsg+0xa4/0xc0) from [<c03b5af4>] (__sys_sendmsg+0x1d8/0x254)
      [<c03b5af4>] (__sys_sendmsg+0x1d8/0x254) from [<c03b5ca8>] (sys_sendmsg+0x4c/0x70)
      [<c03b5ca8>] (sys_sendmsg+0x4c/0x70) from [<c0013980>] (ret_fast_syscall+0x0/0x3c)
      
      Note that calling the driver can also result
      in undefined behaviour since it doesn't have
      to deal with calls while down.
      Signed-off-by: default avatarEliad Peller <eliad@wizery.com>
      [removed timestamps, added note - Johannes]
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      554a43d5
    • Eliad Peller's avatar
      cfg80211: fix potential deadlock in regulatory · fe20b39e
      Eliad Peller authored
      reg_timeout_work() calls restore_regulatory_settings() which
      takes cfg80211_mutex.
      
      reg_set_request_processed() already holds cfg80211_mutex
      before calling cancel_delayed_work_sync(reg_timeout),
      so it might deadlock.
      
      Call the async cancel_delayed_work instead, in order
      to avoid the potential deadlock.
      
      This is the relevant lockdep warning:
      
      cfg80211: Calling CRDA for country: XX
      
      ======================================================
      [ INFO: possible circular locking dependency detected ]
      3.4.0-rc5-wl+ #26 Not tainted
      -------------------------------------------------------
      kworker/0:2/1391 is trying to acquire lock:
       (cfg80211_mutex){+.+.+.}, at: [<bf28ae00>] restore_regulatory_settings+0x34/0x418 [cfg80211]
      
      but task is already holding lock:
       ((reg_timeout).work){+.+...}, at: [<c0059e94>] process_one_work+0x1f0/0x480
      
      which lock already depends on the new lock.
      
      the existing dependency chain (in reverse order) is:
      
      -> #2 ((reg_timeout).work){+.+...}:
             [<c008fd44>] validate_chain+0xb94/0x10f0
             [<c0090b68>] __lock_acquire+0x8c8/0x9b0
             [<c0090d40>] lock_acquire+0xf0/0x114
             [<c005b600>] wait_on_work+0x4c/0x154
             [<c005c000>] __cancel_work_timer+0xd4/0x11c
             [<c005c064>] cancel_delayed_work_sync+0x1c/0x20
             [<bf28b274>] reg_set_request_processed+0x50/0x78 [cfg80211]
             [<bf28bd84>] set_regdom+0x550/0x600 [cfg80211]
             [<bf294cd8>] nl80211_set_reg+0x218/0x258 [cfg80211]
             [<c03c7738>] genl_rcv_msg+0x1a8/0x1e8
             [<c03c6a00>] netlink_rcv_skb+0x5c/0xc0
             [<c03c7584>] genl_rcv+0x28/0x34
             [<c03c6720>] netlink_unicast+0x15c/0x228
             [<c03c6c7c>] netlink_sendmsg+0x218/0x298
             [<c03933c8>] sock_sendmsg+0xa4/0xc0
             [<c039406c>] __sys_sendmsg+0x1e4/0x268
             [<c0394228>] sys_sendmsg+0x4c/0x70
             [<c0013840>] ret_fast_syscall+0x0/0x3c
      
      -> #1 (reg_mutex){+.+.+.}:
             [<c008fd44>] validate_chain+0xb94/0x10f0
             [<c0090b68>] __lock_acquire+0x8c8/0x9b0
             [<c0090d40>] lock_acquire+0xf0/0x114
             [<c04734dc>] mutex_lock_nested+0x48/0x320
             [<bf28b2cc>] reg_todo+0x30/0x538 [cfg80211]
             [<c0059f44>] process_one_work+0x2a0/0x480
             [<c005a4b4>] worker_thread+0x1bc/0x2bc
             [<c0061148>] kthread+0x98/0xa4
             [<c0014af4>] kernel_thread_exit+0x0/0x8
      
      -> #0 (cfg80211_mutex){+.+.+.}:
             [<c008ed58>] print_circular_bug+0x68/0x2cc
             [<c008fb28>] validate_chain+0x978/0x10f0
             [<c0090b68>] __lock_acquire+0x8c8/0x9b0
             [<c0090d40>] lock_acquire+0xf0/0x114
             [<c04734dc>] mutex_lock_nested+0x48/0x320
             [<bf28ae00>] restore_regulatory_settings+0x34/0x418 [cfg80211]
             [<bf28b200>] reg_timeout_work+0x1c/0x20 [cfg80211]
             [<c0059f44>] process_one_work+0x2a0/0x480
             [<c005a4b4>] worker_thread+0x1bc/0x2bc
             [<c0061148>] kthread+0x98/0xa4
             [<c0014af4>] kernel_thread_exit+0x0/0x8
      
      other info that might help us debug this:
      
      Chain exists of:
        cfg80211_mutex --> reg_mutex --> (reg_timeout).work
      
       Possible unsafe locking scenario:
      
             CPU0                    CPU1
             ----                    ----
        lock((reg_timeout).work);
                                     lock(reg_mutex);
                                     lock((reg_timeout).work);
        lock(cfg80211_mutex);
      
       *** DEADLOCK ***
      
      2 locks held by kworker/0:2/1391:
       #0:  (events){.+.+.+}, at: [<c0059e94>] process_one_work+0x1f0/0x480
       #1:  ((reg_timeout).work){+.+...}, at: [<c0059e94>] process_one_work+0x1f0/0x480
      
      stack backtrace:
      [<c001b928>] (unwind_backtrace+0x0/0x12c) from [<c0471d3c>] (dump_stack+0x20/0x24)
      [<c0471d3c>] (dump_stack+0x20/0x24) from [<c008ef70>] (print_circular_bug+0x280/0x2cc)
      [<c008ef70>] (print_circular_bug+0x280/0x2cc) from [<c008fb28>] (validate_chain+0x978/0x10f0)
      [<c008fb28>] (validate_chain+0x978/0x10f0) from [<c0090b68>] (__lock_acquire+0x8c8/0x9b0)
      [<c0090b68>] (__lock_acquire+0x8c8/0x9b0) from [<c0090d40>] (lock_acquire+0xf0/0x114)
      [<c0090d40>] (lock_acquire+0xf0/0x114) from [<c04734dc>] (mutex_lock_nested+0x48/0x320)
      [<c04734dc>] (mutex_lock_nested+0x48/0x320) from [<bf28ae00>] (restore_regulatory_settings+0x34/0x418 [cfg80211])
      [<bf28ae00>] (restore_regulatory_settings+0x34/0x418 [cfg80211]) from [<bf28b200>] (reg_timeout_work+0x1c/0x20 [cfg80211])
      [<bf28b200>] (reg_timeout_work+0x1c/0x20 [cfg80211]) from [<c0059f44>] (process_one_work+0x2a0/0x480)
      [<c0059f44>] (process_one_work+0x2a0/0x480) from [<c005a4b4>] (worker_thread+0x1bc/0x2bc)
      [<c005a4b4>] (worker_thread+0x1bc/0x2bc) from [<c0061148>] (kthread+0x98/0xa4)
      [<c0061148>] (kthread+0x98/0xa4) from [<c0014af4>] (kernel_thread_exit+0x0/0x8)
      cfg80211: Calling CRDA to update world regulatory domain
      cfg80211: World regulatory domain updated:
      cfg80211:   (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
      cfg80211:   (2402000 KHz - 2472000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
      cfg80211:   (2457000 KHz - 2482000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
      cfg80211:   (2474000 KHz - 2494000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
      cfg80211:   (5170000 KHz - 5250000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
      cfg80211:   (5735000 KHz - 5835000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
      
      Cc: stable@kernel.org
      Signed-off-by: default avatarEliad Peller <eliad@wizery.com>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      fe20b39e
  2. 12 Jun, 2012 1 commit
  3. 09 Jun, 2012 2 commits
  4. 08 Jun, 2012 11 commits
  5. 06 Jun, 2012 1 commit
  6. 05 Jun, 2012 4 commits
  7. 04 Jun, 2012 16 commits
    • Johannes Berg's avatar
      iwlwifi: disable WoWLAN if !CONFIG_PM_SLEEP · fcb6ff5e
      Johannes Berg authored
      If CONFIG_PM_SLEEP is disabled, then iwlwifi doesn't
      support suspend/resume handlers and thus mac80211
      (correctly) refuses advertising WoWLAN. Disable
      WoWLAN in the driver in this case.
      
      Cc: stable@kernel.org
      Reported-by: default avatarSebastian Kemper <sebastian_ml@gmx.net>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      fcb6ff5e
    • Arik Nemtsov's avatar
      mac80211: fix non RCU-safe sta_list manipulation · 794454ce
      Arik Nemtsov authored
      sta_info_cleanup locks the sta_list using rcu_read_lock however
      the delete operation isn't rcu safe. A race between sta_info_cleanup
      timer being called and a STA being removed can occur which leads
      to a panic while traversing sta_list. Fix this by switching to the
      RCU-safe versions.
      
      Cc: stable@vger.kernel.org
      Reported-by: default avatarEyal Shapira <eyal@wizery.com>
      Signed-off-by: default avatarArik Nemtsov <arik@wizery.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      794454ce
    • Seth Forshee's avatar
      bcma: add ext PA workaround for BCM4331 and BCM43431 · 69aaedd3
      Seth Forshee authored
      MacBook Pro models with BCM4331 wireless have been found to have the ext
      PA lines disabled after resuming from S3 without external power attach.
      This causes them to be unable to transmit. Add a workaround to ensure
      that the ext PA lines are enabled on BCM4331. Also extend all handling
      of ext PA line muxing to BCM43431 as is done in the Broadcom SDK.
      
      BugLink: http://bugs.launchpad.net/bugs/925577
      Cc: Arend van Spriel <arend@broadcom.com>
      Cc: Hauke Mehrtens <hauke@hauke-m.de>
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarSeth Forshee <seth.forshee@canonical.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      69aaedd3
    • Stanislaw Gruszka's avatar
      rt2x00: use atomic variable for seqno · e5851dac
      Stanislaw Gruszka authored
      Remove spinlock as atomic_t can be used instead. Note we use only 16
      lower bits, upper bits are changed but we impilcilty cast to u16.
      
      This fix possible deadlock on IBSS mode reproted by lockdep:
      
      =================================
      [ INFO: inconsistent lock state ]
      3.4.0-wl+ #4 Not tainted
      ---------------------------------
      inconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage.
      kworker/u:2/30374 [HC0[0]:SC0[0]:HE1:SE1] takes:
       (&(&intf->seqlock)->rlock){+.?...}, at: [<f9979a20>] rt2x00queue_create_tx_descriptor+0x380/0x490 [rt2x00lib]
      {IN-SOFTIRQ-W} state was registered at:
        [<c04978ab>] __lock_acquire+0x47b/0x1050
        [<c0498504>] lock_acquire+0x84/0xf0
        [<c0835733>] _raw_spin_lock+0x33/0x40
        [<f9979a20>] rt2x00queue_create_tx_descriptor+0x380/0x490 [rt2x00lib]
        [<f9979f2a>] rt2x00queue_write_tx_frame+0x1a/0x300 [rt2x00lib]
        [<f997834f>] rt2x00mac_tx+0x7f/0x380 [rt2x00lib]
        [<f98fe363>] __ieee80211_tx+0x1b3/0x300 [mac80211]
        [<f98ffdf5>] ieee80211_tx+0x105/0x130 [mac80211]
        [<f99000dd>] ieee80211_xmit+0xad/0x100 [mac80211]
        [<f9900519>] ieee80211_subif_start_xmit+0x2d9/0x930 [mac80211]
        [<c0782e87>] dev_hard_start_xmit+0x307/0x660
        [<c079bb71>] sch_direct_xmit+0xa1/0x1e0
        [<c0784bb3>] dev_queue_xmit+0x183/0x730
        [<c078c27a>] neigh_resolve_output+0xfa/0x1e0
        [<c07b436a>] ip_finish_output+0x24a/0x460
        [<c07b4897>] ip_output+0xb7/0x100
        [<c07b2d60>] ip_local_out+0x20/0x60
        [<c07e01ff>] igmpv3_sendpack+0x4f/0x60
        [<c07e108f>] igmp_ifc_timer_expire+0x29f/0x330
        [<c04520fc>] run_timer_softirq+0x15c/0x2f0
        [<c0449e3e>] __do_softirq+0xae/0x1e0
      irq event stamp: 18380437
      hardirqs last  enabled at (18380437): [<c0526027>] __slab_alloc.clone.3+0x67/0x5f0
      hardirqs last disabled at (18380436): [<c0525ff3>] __slab_alloc.clone.3+0x33/0x5f0
      softirqs last  enabled at (18377616): [<c0449eb3>] __do_softirq+0x123/0x1e0
      softirqs last disabled at (18377611): [<c041278d>] do_softirq+0x9d/0xe0
      
      other info that might help us debug this:
       Possible unsafe locking scenario:
      
             CPU0
             ----
        lock(&(&intf->seqlock)->rlock);
        <Interrupt>
          lock(&(&intf->seqlock)->rlock);
      
       *** DEADLOCK ***
      
      4 locks held by kworker/u:2/30374:
       #0:  (wiphy_name(local->hw.wiphy)){++++.+}, at: [<c045cf99>] process_one_work+0x109/0x3f0
       #1:  ((&sdata->work)){+.+.+.}, at: [<c045cf99>] process_one_work+0x109/0x3f0
       #2:  (&ifibss->mtx){+.+.+.}, at: [<f98f005b>] ieee80211_ibss_work+0x1b/0x470 [mac80211]
       #3:  (&intf->beacon_skb_mutex){+.+...}, at: [<f997a644>] rt2x00queue_update_beacon+0x24/0x50 [rt2x00lib]
      
      stack backtrace:
      Pid: 30374, comm: kworker/u:2 Not tainted 3.4.0-wl+ #4
      Call Trace:
       [<c04962a6>] print_usage_bug+0x1f6/0x220
       [<c0496a12>] mark_lock+0x2c2/0x300
       [<c0495ff0>] ? check_usage_forwards+0xc0/0xc0
       [<c04978ec>] __lock_acquire+0x4bc/0x1050
       [<c0527890>] ? __kmalloc_track_caller+0x1c0/0x1d0
       [<c0777fb6>] ? copy_skb_header+0x26/0x90
       [<c0498504>] lock_acquire+0x84/0xf0
       [<f9979a20>] ? rt2x00queue_create_tx_descriptor+0x380/0x490 [rt2x00lib]
       [<c0835733>] _raw_spin_lock+0x33/0x40
       [<f9979a20>] ? rt2x00queue_create_tx_descriptor+0x380/0x490 [rt2x00lib]
       [<f9979a20>] rt2x00queue_create_tx_descriptor+0x380/0x490 [rt2x00lib]
       [<f997a5cf>] rt2x00queue_update_beacon_locked+0x5f/0xb0 [rt2x00lib]
       [<f997a64d>] rt2x00queue_update_beacon+0x2d/0x50 [rt2x00lib]
       [<f9977e3a>] rt2x00mac_bss_info_changed+0x1ca/0x200 [rt2x00lib]
       [<f9977c70>] ? rt2x00mac_remove_interface+0x70/0x70 [rt2x00lib]
       [<f98e4dd0>] ieee80211_bss_info_change_notify+0xe0/0x1d0 [mac80211]
       [<f98ef7b8>] __ieee80211_sta_join_ibss+0x3b8/0x610 [mac80211]
       [<c0496ab4>] ? mark_held_locks+0x64/0xc0
       [<c0440012>] ? virt_efi_query_capsule_caps+0x12/0x50
       [<f98efb09>] ieee80211_sta_join_ibss+0xf9/0x140 [mac80211]
       [<f98f0456>] ieee80211_ibss_work+0x416/0x470 [mac80211]
       [<c0496d8b>] ? trace_hardirqs_on+0xb/0x10
       [<c077683b>] ? skb_dequeue+0x4b/0x70
       [<f98f207f>] ieee80211_iface_work+0x13f/0x230 [mac80211]
       [<c045cf99>] ? process_one_work+0x109/0x3f0
       [<c045d015>] process_one_work+0x185/0x3f0
       [<c045cf99>] ? process_one_work+0x109/0x3f0
       [<f98f1f40>] ? ieee80211_teardown_sdata+0xa0/0xa0 [mac80211]
       [<c045ed86>] worker_thread+0x116/0x270
       [<c045ec70>] ? manage_workers+0x1e0/0x1e0
       [<c0462f64>] kthread+0x84/0x90
       [<c0462ee0>] ? __init_kthread_worker+0x60/0x60
       [<c083d382>] kernel_thread_helper+0x6/0x10
      
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarStanislaw Gruszka <sgruszka@redhat.com>
      Acked-by: default avatarHelmut Schaa <helmut.schaa@googlemail.com>
      Acked-by: default avatarGertjan van Wingerde <gwingerde@gmail.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      e5851dac
    • Joe Perches's avatar
      brcmfmac: Fix likely misuse of | for & · f304a993
      Joe Perches authored
      Using | with a constant is always true.
      Likely this should have be &.
      Signed-off-by: default avatarJoe Perches <joe@perches.com>
      Acked-by: default avatarArend van Spriel <arend@broadcom.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      f304a993
    • Joe Perches's avatar
      mac80211: Fix likely misuse of | for & · 5204267d
      Joe Perches authored
      Using | with a constant is always true.
      Likely this should have be &.
      
      cc: Ben Greear <greearb@candelatech.com>
      Signed-off-by: default avatarJoe Perches <joe@perches.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      5204267d
    • Felix Fietkau's avatar
      mac80211: add missing rcu_read_lock/unlock in agg-rx session timer · d8c7aae6
      Felix Fietkau authored
      Fixes a lockdep warning:
      
      ===================================================
      [ INFO: suspicious rcu_dereference_check() usage. ]
      ---------------------------------------------------
      net/mac80211/agg-rx.c:148 invoked rcu_dereference_check() without protection!
      
      other info that might help us debug this:
      
      rcu_scheduler_active = 1, debug_locks = 1
      1 lock held by arecord/11226:
       #0:  (&tid_agg_rx->session_timer){+.-...}, at: [<ffffffff81066bb0>] call_timer_fn+0x0/0x360
      
      stack backtrace:
      Pid: 11226, comm: arecord Not tainted 3.1.0-kml #16
      Call Trace:
       <IRQ>  [<ffffffff81093454>] lockdep_rcu_dereference+0xa4/0xc0
       [<ffffffffa02778c9>] sta_rx_agg_session_timer_expired+0xc9/0x110 [mac80211]
       [<ffffffffa0277800>] ? ieee80211_process_addba_resp+0x220/0x220 [mac80211]
       [<ffffffff81066c3a>] call_timer_fn+0x8a/0x360
       [<ffffffff81066bb0>] ? init_timer_deferrable_key+0x30/0x30
       [<ffffffff81477bb0>] ? _raw_spin_unlock_irq+0x30/0x70
       [<ffffffff81067049>] run_timer_softirq+0x139/0x310
       [<ffffffff81091d5e>] ? put_lock_stats.isra.25+0xe/0x40
       [<ffffffff810922ac>] ? lock_release_holdtime.part.26+0xdc/0x160
       [<ffffffffa0277800>] ? ieee80211_process_addba_resp+0x220/0x220 [mac80211]
       [<ffffffff8105cb78>] __do_softirq+0xc8/0x3c0
       [<ffffffff8108f088>] ? tick_dev_program_event+0x48/0x110
       [<ffffffff8108f16f>] ? tick_program_event+0x1f/0x30
       [<ffffffff81153b15>] ? putname+0x35/0x50
       [<ffffffff8147a43c>] call_softirq+0x1c/0x30
       [<ffffffff81004c55>] do_softirq+0xa5/0xe0
       [<ffffffff8105d1ee>] irq_exit+0xae/0xe0
       [<ffffffff8147ac6b>] smp_apic_timer_interrupt+0x6b/0x98
       [<ffffffff81479ab3>] apic_timer_interrupt+0x73/0x80
       <EOI>  [<ffffffff8146aac6>] ? free_debug_processing+0x1a1/0x1d5
       [<ffffffff81153b15>] ? putname+0x35/0x50
       [<ffffffff8146ab2b>] __slab_free+0x31/0x2ca
       [<ffffffff81477c3a>] ? _raw_spin_unlock_irqrestore+0x4a/0x90
       [<ffffffff81253b8f>] ? __debug_check_no_obj_freed+0x15f/0x210
       [<ffffffff81097054>] ? lock_release_nested+0x84/0xc0
       [<ffffffff8113ec55>] ? kmem_cache_free+0x105/0x250
       [<ffffffff81153b15>] ? putname+0x35/0x50
       [<ffffffff81153b15>] ? putname+0x35/0x50
       [<ffffffff8113ed8f>] kmem_cache_free+0x23f/0x250
       [<ffffffff81153b15>] putname+0x35/0x50
       [<ffffffff81146d8d>] do_sys_open+0x16d/0x1d0
       [<ffffffff81146e10>] sys_open+0x20/0x30
       [<ffffffff81478f42>] system_call_fastpath+0x16/0x1b
      Reported-by: default avatarJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: default avatarFelix Fietkau <nbd@openwrt.org>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      d8c7aae6
    • Johannes Berg's avatar
      mac80211: clean up remain-on-channel on interface stop · 71ecfa18
      Johannes Berg authored
      When any interface goes down, it could be the one that we
      were doing a remain-on-channel with. We therefore need to
      cancel the remain-on-channel and flush the related work
      structs so they don't run after the interface has been
      removed or even destroyed.
      
      It's also possible in this case that an off-channel SKB
      was never transmitted, so free it if this is the case.
      Note that this can also happen if the driver finishes
      the off-channel period without ever starting it.
      
      Cc: stable@kernel.org
      Reported-by: default avatarNirav Shah <nirav.j2.shah@intel.com>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      71ecfa18
    • Johannes Berg's avatar
      mac80211_hwsim: advertise interface combinations · 1ae2fc25
      Johannes Berg authored
      Enforcing interface combinations broke uses of hwsim
      with multiple virtual interfaces. Advertise that all
      combinations are possible to fix this.
      Reported-by: default avatarNirav Shah <nirav.j2.shah@intel.com>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      1ae2fc25
    • Meenakshi Venkataraman's avatar
      mac80211: fix error in station state transitions during reconfig · bd34ab62
      Meenakshi Venkataraman authored
      As part of hardware reconfig mac80211 tries
      to restore the station state to its values
      before the hardware reconfig, but it only
      goes to the last-state - 1. Fix this
      off-by-one error.
      
      Cc: stable@kernel.org [3.4]
      Signed-off-by: default avatarMeenakshi Venkataraman <meenakshi.venkataraman@intel.com>
      Reviewed-by: default avatarEmmanuel Grumbach <emmanuel.grumbach@intel.com>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      bd34ab62
    • Johannes Berg's avatar
      iwlwifi: fix TX power antenna access · a5fdde28
      Johannes Berg authored
      Since my commit
        iwlwifi: use valid TX/RX antenna from hw_params
      the config values are pure overrides, not the
      real values for all hardware. Therefore, the
      EEPROM TX power reading code checks the wrong
      values, it should check the hw_params values.
      
      Cc: stable@kernel.org [3.4]
      Reviewed-by: default avatarEmmanuel Grumbach <emmanuel.grumbach@intel.com>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      a5fdde28
    • Chun-Yeow Yeoh's avatar
      mac80211: Fix Unreachable Mesh Station Problem when joining to another MBSS · b8bacc18
      Chun-Yeow Yeoh authored
      Mesh station that joins an MBSS is reachable using mesh portal with 6
      address frame by mesh stations from another MBSS if these two different
      MBSSes are bridged. However, if the mesh station later moves into the
      same MBSS of those mesh stations, it is unreachable by mesh stations
      in the MBSS due to the mpp_paths table is not deleted. A quick fix
      is to perform mesh_path_lookup, if it is available for the target
      destination, mpp_path_lookup is not performed. When the mesh station
      moves back to its original MBSS, the mesh_paths will be deleted once
      expired. So, it will be reachable using mpp_path_lookup again.
      Signed-off-by: default avatarChun-Yeow Yeoh <yeohchunyeow@gmail.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      b8bacc18
    • Amitkumar Karwar's avatar
      cfg80211: use sme_state in ibss start/join path · 28f33366
      Amitkumar Karwar authored
      CFG80211_DEV_WARN_ON() at "net/wireless/ibss.c line 63"
      is unnecessarily triggered even after successful connection,
      when cfg80211_ibss_joined() is called by driver inside
      .join_ibss handler.
      
      This patch fixes the problem by changing 'sme_state' in ibss path
      and having WARN_ON() check for 'sme_state' similar to infra
      association.
      Signed-off-by: default avatarAmitkumar Karwar <akarwar@marvell.com>
      Signed-off-by: default avatarBing Zhao <bzhao@marvell.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      28f33366
    • Avinash Patil's avatar
      mwifiex: support NL80211_HIDDEN_SSID_ZERO_LEN for uAP · 7a1c9934
      Avinash Patil authored
      mwifiex uAP supports NL80211_HIDDEN_SSID_ZERO_LEN type of hidden
      SSID only. NL80211_HIDDEN_SSID_ZERO_CONTENTS is not supported.
      Signed-off-by: default avatarAvinash Patil <patila@marvell.com>
      Signed-off-by: default avatarKiran Divekar <dkiran@marvell.com>
      Signed-off-by: default avatarBing Zhao <bzhao@marvell.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      7a1c9934
    • Avinash Patil's avatar
      mwifiex: invalidate bss config before setting channel for uAP · f0e3bd23
      Avinash Patil authored
      Mark bss_config parameters as invalid before setting AP channel.
      This prevents from setting invalid parameters while setting AP
      channel to FW.
      Signed-off-by: default avatarAvinash Patil <patila@marvell.com>
      Signed-off-by: default avatarKiran Divekar <dkiran@marvell.com>
      Signed-off-by: default avatarBing Zhao <bzhao@marvell.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      f0e3bd23
    • Stanislaw Gruszka's avatar
      mac80211: run scan after finish connection monitoring · 925e64c3
      Stanislaw Gruszka authored
      commit 133d40f9
      Author: Stanislaw Gruszka <sgruszka@redhat.com>
      Date:   Wed Mar 28 16:01:19 2012 +0200
      
          mac80211: do not scan and monitor connection in parallel
      
      add bug, which make possible to start a scan and never finish it, so
      make every new scanning request finish with -EBUSY error. This can
      happen on code paths where we finish connection monitoring and clear
      IEEE80211_STA_*_POLL flags, but do not check if scan was deferred.
      This patch fixes those code paths.
      Signed-off-by: default avatarStanislaw Gruszka <sgruszka@redhat.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      925e64c3
  8. 03 Jun, 2012 2 commits