Bluetooth: Add new structures for supporting SM key distribution
We need these changes because SMP keys may have more information
associated with them, for example, in the LTK case, it has an
encrypted diversifier (ediv) and a random number (rand).
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Mat Martineau [Thu, 7 Jul 2011 16:39:02 +0000 (09:39 -0700)]
Bluetooth: Use event-driven approach for handling ERTM receive buffer
This change moves most L2CAP ERTM receive buffer handling out of the
L2CAP core and in to the socket code. It's up to the higher layer
(the socket code, in this case) to tell the core when its buffer is
full or has space available. The recv op should always accept
incoming ERTM data or else the connection will go down.
Within the socket layer, an skb that does not fit in the socket
receive buffer will be temporarily stored. When the socket is read
from, that skb will be placed in the receive buffer if possible. Once
adequate buffer space becomes available, the L2CAP core is informed
and the ERTM local busy state is cleared.
Receive buffer management for non-ERTM modes is unchanged.
Signed-off-by: Mat Martineau <mathewm@codeaurora.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Mat Martineau [Thu, 7 Jul 2011 16:39:01 +0000 (09:39 -0700)]
Bluetooth: Move code for ERTM local busy state to separate functions
The local busy state is entered and exited based on buffer status in
the socket layer (or other upper layer). This change is in
preparation for general buffer status reports from the socket layer,
which will then be used to change the local busy status.
Signed-off-by: Mat Martineau <mathewm@codeaurora.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Andre Guedes [Thu, 7 Jul 2011 13:30:35 +0000 (10:30 -0300)]
Bluetooth: Fix potential deadlock in hci_core
Since hdev->lock may be acquired by threads runnning in interrupt
context, all threads running in process context should disable
local bottom halve before locking hdev->lock. This can be done by
using hci_dev_lock_bh macro.
This way, we avoid potencial deadlocks like this one reported by
CONFIG_PROVE_LOCKING=y.
Andre Guedes [Thu, 30 Jun 2011 22:20:53 +0000 (19:20 -0300)]
Bluetooth: Write LE Host Supported command
This patch adds a handler to Write LE Host Supported command complete
events. Once this commands has completed successfully, we should
read the extended LMP features and update the extfeatures field in
hci_dev.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Andre Guedes [Thu, 30 Jun 2011 22:20:52 +0000 (19:20 -0300)]
Bluetooth: Add extfeatures to struct hci_dev
This new field holds the extended LMP features value. Some LE
mechanism such as discovery procedure needs to read the extended
LMP features to work properly.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Mat Martineau [Wed, 29 Jun 2011 21:35:19 +0000 (14:35 -0700)]
Bluetooth: Check earlier for L2CAP ERTM frames to drop
Even when the received tx_seq is expected, the frame still needs to be
dropped if the TX window is exceeded or the receiver is in the local
busy state.
Signed-off-by: Mat Martineau <mathewm@codeaurora.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Bluetooth: Add Atheros AR3012 one PID/VID supported
The new Ath3k needs to download patch and radio table,
and it keeps same PID/VID even after downloading the patch and radio
table. This patch is to use the bcdDevice (Device Release Number) to
judge whether the chip has been patched or not. The init bcdDevice
value of the chip is 0x0001, this value increases after patch and
radio table downloading.
Signed-off-by: Steven.Li <yongli@qca.qualcomm.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Joe Perches [Thu, 30 Jun 2011 22:15:37 +0000 (19:15 -0300)]
Bluetooth: Add bt_printk
Add a local logging function to emit bluetooth specific
messages. Using vsprintf extension %pV saves code/text
space.
Convert the current BT_INFO and BT_ERR macros to use bt_printk.
Remove __func__ from BT_ERR macro (and the uses).
Prefix "Bluetooth: " to BT_ERR
Remove __func__ from BT_DBG as function can be prefixed when
using dynamic_debug.
Randy Dunlap [Wed, 22 Jun 2011 17:08:11 +0000 (10:08 -0700)]
Bluetooth: uses crypto interfaces, select CRYPTO
Recent changes to hci_core.c use crypto interfaces, so select CRYPTO
to make sure that those interfaces are present.
Fixes these build errors when CRYPTO is not enabled:
net/built-in.o: In function `hci_register_dev':
(.text+0x4cf86): undefined reference to `crypto_alloc_base'
net/built-in.o: In function `hci_unregister_dev':
(.text+0x4f912): undefined reference to `crypto_destroy_tfm'
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Stephen Rothwell [Thu, 23 Jun 2011 02:58:55 +0000 (12:58 +1000)]
Bluetooth: include scatterlist.h where needed
net/bluetooth/smp.c: In function 'smp_e':
net/bluetooth/smp.c:49:21: error: storage size of 'sg' isn't known
net/bluetooth/smp.c:67:2: error: implicit declaration of function 'sg_init_one'
net/bluetooth/smp.c:49:21: warning: unused variable 'sg'
Caused by commit d22ef0bc83c5 ("Bluetooth: Add LE SMP Cryptoolbox
functions"). Missing include file, presumably. This batch has been in
the bluetooth tree since June 14, so it may have been exposed by the
removal of linux/mm.h from netdevice.h ...
Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Hauke Mehrtens [Tue, 21 Jun 2011 18:57:16 +0000 (20:57 +0200)]
ssb: add __devinit to some functions
Two functions in ssb are using register_pci_controller() which is
__devinit. The functions ssb_pcicore_init_hostmode() and
ssb_gige_probe() should also be __devinit.
This fixes the following warning:
WARNING: vmlinux.o(.text+0x2727b8): Section mismatch in reference from the function ssb_pcicore_init_hostmode() to the function .devinit.text:register_pci_controller()
The function ssb_pcicore_init_hostmode() references
the function __devinit register_pci_controller().
This is often because ssb_pcicore_init_hostmode lacks a __devinit
annotation or the annotation of register_pci_controller is wrong.
WARNING: vmlinux.o(.text+0x273398): Section mismatch in reference from the function ssb_gige_probe() to the function .devinit.text:register_pci_controller()
The function ssb_gige_probe() references
the function __devinit register_pci_controller().
This is often because ssb_gige_probe lacks a __devinit
annotation or the annotation of register_pci_controller is wrong.
Reported-by: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Gabor Juhos [Tue, 21 Jun 2011 09:23:23 +0000 (11:23 +0200)]
ath9k: add MAC revision detection for AR9330
The AR9330 1.0 and 1.1 are using the same revision,
thus it is not possible to distinguish the two chips.
The platform setup code can distinguish the chips based
on the SoC revision.
Add a callback function to ath9k_platform_data in order
to allow getting the revision number from the platform code.
Signed-off-by: Gabor Juhos <juhosg@openwrt.org> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Tue, 21 Jun 2011 07:45:33 +0000 (09:45 +0200)]
nl80211: use netlink consistent dump feature for BSS dumps
Use the new consistent dump feature from (generic) netlink
to advertise when dumps are incomplete.
Readers may note that this does not initialize the
rdev->bss_generation counter to a non-zero value. This is
still OK since the value is modified only under spinlock
when the list is modified. Since the dump code holds the
spinlock, the value will either be > 0 already, or the
list will still be empty in which case a consistent dump
will actually be made (and be empty).
Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Jussi Kivilinna [Mon, 20 Jun 2011 11:42:54 +0000 (14:42 +0300)]
zd1211rw: detect stalled beacon interrupt faster
As USB_INT_ID_RETRY_FAILED can override USB_INT_ID_REGS, beacon interrupt
(CR_INTERRUPT) might be lost. Problem is that when device trigger CR_INTERRUPT
it disables HW interrupt. Now if USB_INT_ID_REGS with CR_INTERRUPT gets lost,
beacon interrupt stays disabled until beacon watchdog notices the stall. This
happen very often on heavy TX. Improve watchdog to trigger earlier, after three
missing beacon interrupts.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@mbnet.fi> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Jussi Kivilinna [Mon, 20 Jun 2011 11:42:49 +0000 (14:42 +0300)]
zd1211rw: don't let zd_mac_config_beacon() run too long from beacon interrupt handler
zd_mac_config_beacon() has only limited time to set up beacon when called from
beacon interrupt handler/worker. So do not let it retry acquiring beacon fifo
semaphore in interrupt handler. Beacon fifo semaphore should not be locked by
firmware anyway at this time, it's only locked when device is using/txing
beacon.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@mbnet.fi> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Jussi Kivilinna [Mon, 20 Jun 2011 11:42:44 +0000 (14:42 +0300)]
zd1211rw: handle lost read-reg interrupts
Device losses read-reg interrupts. By looking at usbmon it appears that
USB_INT_ID_RETRY_FAILED can override USB_INT_ID_REGS. This causes read
command to timeout, usually under heavy TX.
Fix by retrying read registers again if USB_INT_ID_RETRY_FAILED is received
while waiting for USB_INT_ID_REGS.
However USB_INT_ID_REGS is not always lost but is received after
USB_INT_ID_RETRY_FAILED and is usually received by the retried read
command. USB_INT_ID_REGS of the retry is then left unhandled and might
be received by next read command. Handle this by ignoring previous
USB_INT_ID_REGS that doesn't match current read command request.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@mbnet.fi> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Jussi Kivilinna [Mon, 20 Jun 2011 11:42:28 +0000 (14:42 +0300)]
zd1211rw: fix invalid signal values from device
Driver uses IEEE80211_HW_SIGNAL_UNSPEC and so signal values reported to
mac80211 should be in range 0..100. Sometimes device return out of range
values. These out of range values can then trigger warning in
cfg80211_inform_bss_frame.
This patch adds checks to enforce range returned from driver to
mac80211 be in 0..100 range.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@mbnet.fi> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Mon, 20 Jun 2011 11:40:46 +0000 (13:40 +0200)]
netlink: advertise incomplete dumps
Consider the following situation:
* a dump that would show 8 entries, four in the first
round, and four in the second
* between the first and second rounds, 6 entries are
removed
* now the second round will not show any entry, and
even if there is a sequence/generation counter the
application will not know
To solve this problem, add a new flag NLM_F_DUMP_INTR
to the netlink header that indicates the dump wasn't
consistent, this flag can also be set on the MSG_DONE
message that terminates the dump, and as such above
situation can be detected.
To achieve this, add a sequence counter to the netlink
callback struct. Of course, netlink code still needs
to use this new functionality. The correct way to do
that is to always set cb->seq when a dumpit callback
is invoked and call nl_dump_check_consistent() for
each new message. The core code will also call this
function for the final MSG_DONE message.
To make it usable with generic netlink, a new function
genlmsg_nlhdr() is needed to obtain the netlink header
from the genetlink user header.
Signed-off-by: Johannes Berg <johannes.berg@intel.com> Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Rafał Miłecki [Mon, 20 Jun 2011 01:12:19 +0000 (03:12 +0200)]
b43: HT-PHY: calibrate radio after switching channel
After uploading radio values calibration goes in. In MMIO dump it is:
radio_read(0x002b) -> 0x0008
radio_write(0x002b) <- 0x0008
radio_read(0x002e) -> 0x0004
radio_write(0x002e) <- 0x0000
radio_read(0x002e) -> 0x0000
radio_write(0x002e) <- 0x0004
radio_read(0x002b) -> 0x0008
radio_write(0x002b) <- 0x0009
To find masks and sets, MMIO hacks were used to fool closed driver.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
When module is reloaded, device may fail to work, with messages:
[ 342.211926] phy40 -> rt2x00lib_rxdone_read_signal: Warning - Frame received with unrecognized signal, mode=0x0000, signal=0x0059, type=2.
[ 342.314254] phy40 -> rt2x00lib_rxdone_read_signal: Warning - Frame received with unrecognized signal, mode=0x0000, signal=0x004a, type=2.
[ 342.416458] phy40 -> rt2x00lib_rxdone: Warning - Wrong frame size 3183 max 2432.
[ 342.518605] phy40 -> rt2x00lib_rxdone_read_signal: Warning - Frame received with unrecognized signal, mode=0x0000, signal=0x00c9, type=2.
[ 342.620836] phy40 -> rt2x00lib_rxdone_read_signal: Warning - Frame received with unrecognized signal, mode=0x0000, signal=0x00ae, type=1.
[ 342.723201] phy40 -> rt2x00lib_rxdone: Warning - Wrong frame size 0 max 2432.
[ 342.825399] phy40 -> rt2x00lib_rxdone: Warning - Wrong frame size 0 max 2432.
[ 342.927624] phy40 -> rt2x00lib_rxdone: Warning - Wrong frame size 0 max 2432.
[ 343.029804] phy40 -> rt2x00lib_rxdone: Warning - Wrong frame size 2491 max 2432.
[ 343.132008] phy40 -> rt2x00lib_rxdone: Warning - Wrong frame size 2576 max 2432.
[ 343.234326] phy40 -> rt2x00lib_rxdone_read_signal: Warning - Frame received with unrecognized signal, mode=0x0000, signal=0x004c, type=1.
[ 343.438723] phy40 -> rt2x00lib_rxdone_read_signal: Warning - Frame received with unrecognized signal, mode=0x0000, signal=0x00e6, type=1.
Whereas replugging device make it functional. To solve that problem
force reset device during probe.
With patch messages are gone. Unfortunately device may sometimes
still does not operate correctly after module reload (fail to receive
data after associate), but such cases are rarer than without the patch.
Signed-off-by: Stanislaw Gruszka <stf_xl@wp.pl> Acked-by: Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
rt2x00: fix possible memory corruption in case of invalid rxdesc.size
Sometimes rxdesc descriptor provided by hardware contains invalid
(random) data. For example rxdesc.size can be bigger than actual
size of the buffer. When this happen rt2x00crypto_rx_insert_iv()
corrupt memory doing memmove outside of buffer boundaries.
Signed-off-by: Stanislaw Gruszka <stf_xl@wp.pl> Acked-by: Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Rafał Miłecki [Sun, 19 Jun 2011 10:17:21 +0000 (12:17 +0200)]
b43: HT-PHY: switch radio to requested channel
Switching channel happens after specific SHM write to B43_SHM_SH_CHAN.
This is the way we found it in BCM4331 MMIO dumps. By comparing with
N-PHY code we noticed there is routing used for SYN and TX/RX.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Rafał Miłecki [Sun, 19 Jun 2011 00:18:11 +0000 (02:18 +0200)]
b43: HT-PHY: implement killing radio
Closed drivers kill radio right after reading radio version and MACCTL,
so it was easy to find related PHY ops:
phy_read(0x0810) -> 0x0000
phy_write(0x0810) <- 0x0000
To find out the mask of above OP, MMIO hack was used to fake read val:
phy_read(0x0810) -> 0xffff
phy_write(0x0810) <- 0x0000
Signed-off-by: Rafał Miłecki <zajec5@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Mike McCormack [Mon, 20 Jun 2011 01:47:51 +0000 (10:47 +0900)]
rtlwifi: rtl8192{c,ce,cu,se}: Remove comparisons of booleans with true
These are a potential source of confusion, as most C code treats all
non-zero values as true.
Signed-off-by: Mike McCormack <mikem@ring3k.org> Acked-by: Larry Finger <Larry.Finger@lwfinger.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Mike McCormack [Mon, 20 Jun 2011 01:46:05 +0000 (10:46 +0900)]
rtlwifi: rtl8192cu: Remove unused parameter
rtl_ps_set_rf_state's protect_or_not parameter is not set to
true anywhere, except for commented out code.
It enables some legacy locking code, which is no longer used,
so delete the parameter and the old locking code.
Signed-off-by: Mike McCormack <mikem@ring3k.org> Acked-by: Larry Finger <Larry.Finger@lwfinger.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Mike McCormack [Mon, 20 Jun 2011 01:44:58 +0000 (10:44 +0900)]
rtlwifi: Fix typo in variable name
offchan_deley should be offchan_delay
Signed-off-by: Mike McCormack <mikem@ring3k.org> Acked-by: Larry Finger <Larry.Finger@lwfinger.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Rafał Miłecki [Fri, 17 Jun 2011 23:01:59 +0000 (01:01 +0200)]
bcma: clean exports of functions
Function managing IRQs is needed for external drivers like b43.
On the other side we do not expect writing any hosts drivers outside of
bcma, so this is safe to do not export functions related to this.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
ath9k_hw: make sure PAPRD training is properly done
checking the status of PAPRD_AGC2_POWER(Log(ADC_power) measured after
last gain-change in dB) field suggests whether the PAPRD is completely/properly
done. This is an additional check apart from polling for PAPRD done bit being set.
Susinder suggests that the ideal power range value should be
0xf0 to 0xfe. With AR9382 we do have the values in this range. to have a
common check for all platforms we take agc2_power should be atleast greater
than 0xe0
Cc: susinder@qca.qualcomm.com Cc: senthilb@qca.qualcomm.com Cc: kmuthusa@qca.qualcomm.com Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qca.qualcomm.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
ath9k: Fix a corner case failure in sending PAPRD frames in HT40
when the AP is configured with HT40/2.4GHz and when PAPRD is enabled in station
we have PAPRD training frames never sent out because of the following
failure "PAPRD target power delta out of range". This consistently happens
in channel 10,11 in Over The Air testing and rarely in channel 6 under wired
setup.
the reason behind this issue is all the HT40 rates target power
are 0 when we operate in channel 10/11 at 2.4GHz
Signed-off-by: Mohammed Shafi Shajakhan <mshajakhan@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Kalle Valo [Mon, 13 Jun 2011 22:35:04 +0000 (01:35 +0300)]
rtlwifi: include mac80211.h from core.h
core.h references ieee80211_ops but doesn't include mac80211.h, which issues
a warning once mac80211-compat.h is taken into use.
Acked-by: Larry Finger <Larry.Finger@lwfinger.net> Signed-off-by: Kalle Valo <kvalo@adurom.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Kalle Valo [Mon, 13 Jun 2011 22:34:57 +0000 (01:34 +0300)]
zd1211rw: include mac80211.h from zd_chip.h
zd_chip.h contains one function with a pointer to ieee80211_hw but doesn't
include mac80211.h. As a temporary solution include mac80211.h to avoid
a warning.
Signed-off-by: Kalle Valo <kvalo@adurom.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>