summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-04-22Merge branch 'for-john' of ↵John W. Linville
git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next
2013-04-22Merge branch 'for-upstream' of ↵John W. Linville
git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next
2013-04-22Merge tag 'nfc-next-3.10-2' of ↵John W. Linville
git://git.kernel.org/pub/scm/linux/kernel/git/sameo/nfc-next Samuel Ortiz <sameo@linux.intel.com> says: "This is the 2nd NFC pull request for 3.10. With this one we have: - A major pn533 update. The pn533 framing support has been changed in order to easily support all pn533 derivatives. For example we now support the ACR122 USB dongle. - An NFC MEI physical layer code factorization through the mei_phy NFC API. Both the microread and the pn544 drivers now use it. - LLCP aggregation support. This allows NFC p2p devices to send aggregated frames containing all sort of LLCP frames except SYMM and aggregation frames. - More LLCP socket options for getting the remote device link parameters. - Fixes for the LLCP socket option code added with the first pull request for 3.10. - Some support for LLCP corner cases like 0 length SDUs and general DISC (tagged with a 0,0 dsap ssap couple) handling. - RFKILL support for NFC." Signed-off-by: John W. Linville <linville@tuxdriver.com>
2013-04-22mac80211_hwsim: handle IEEE80211_HW_SUPPORTS_RC_TABLEKarl Beldan
Signed-off-by: Karl Beldan <karl.beldan@rivierawaves.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-22mac80211/minstrel: use the new rate control APIFelix Fietkau
Pass the rate selection table to mac80211 from minstrel_update_stats. Only rates for sample attempts are set in info->control.rates, with deferred sampling, only the second slot gets changed. Signed-off-by: Felix Fietkau <nbd@openwrt.org> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-22mac80211/minstrel_ht: use the new rate control APIFelix Fietkau
Pass the rate selection table to mac80211 from minstrel_ht_update_stats. Only rates for sample attempts are set in info->control.rates. Signed-off-by: Felix Fietkau <nbd@openwrt.org> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-22mac80211: improve the rate control APIFelix Fietkau
Allow rate control modules to pass a rate selection table to mac80211 and the driver. This allows drivers to fetch the most recent rate selection from the sta pointer for already buffered frames. This allows rate control to respond faster to sudden link changes and it is also a step towards adding minstrel_ht support to drivers like iwlwifi. When a driver sets IEEE80211_HW_SUPPORTS_RC_TABLE, mac80211 will not fill info->control.rates with rates from the rate table (to preserve explicit overrides by the rate control module). The driver then explicitly calls ieee80211_get_tx_rates to merge overrides from info->control.rates with defaults from the sta rate table. Signed-off-by: Felix Fietkau <nbd@openwrt.org> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-22cfg80211: introduce critical protocol indication from user-spaceArend van Spriel
Some protocols need a more reliable connection to complete successful in reasonable time. This patch adds a user-space API to indicate the wireless driver that a critical protocol is about to commence and when it is done, using nl80211 primitives NL80211_CMD_CRIT_PROTOCOL_START and NL80211_CRIT_PROTOCOL_STOP. There can be only on critical protocol session started per registered cfg80211 device. The driver can support this by implementing the cfg80211 callbacks .crit_proto_start() and .crit_proto_stop(). Examples of protocols that can benefit from this are DHCP, EAPOL, APIPA. Exactly how the link can/should be made more reliable is up to the driver. Things to consider are avoid scanning, no multi-channel operations, and alter coexistence schemes. Reviewed-by: Pieter-Paul Giesberts <pieterpg@broadcom.com> Reviewed-by: Franky (Zhenhui) Lin <frankyl@broadcom.com> Signed-off-by: Arend van Spriel <arend@broadcom.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-22mac80211: minstrel_ht: initialize rates selectionKarl Beldan
Initialize {mp,mi}->{max_tp_rate,max_tp_rate2,max_prob_rate} in minstrel_ht's rate_init and rate_update. Signed-off-by: Karl Beldan <karl.beldan@rivierawaves.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-22mac80211: minstrel_ht: pick only supported rates for sta and group max*ratesKarl Beldan
minstrel_ht initializes max_tp_rate max_tp_rate2 and max_prob_rate to zero both for minstrel_ht_sta and minstrel_mcs_group_data. This is wrong since there is no guarantee that the 1st rate of any group is supported. Signed-off-by: Karl Beldan <karl.beldan@rivierawaves.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-22rfkill: fix error return code in rfkill_gpio_probe()Wei Yongjun
Fix to return a negative error code from the error handling case instead of 0, as returned elsewhere in this function. Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn> [fix some indentation on the way] Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-22mac80211: use synchronize_rcu() with rcu_barrier()Bob Copeland
The RCU docs used to state that rcu_barrier() included a wait for an RCU grace period; however the comments for rcu_barrier() as of commit f0a0e6f... "rcu: Clarify memory-ordering properties of grace-period primitives" contradict this. So add back synchronize_{rcu,net}() to where they once were, but keep the rcu_barrier()s for the call_rcu() callbacks. Cc: stable <stable@vger.kernel.org> Signed-off-by: Bob Copeland <bob@cozybit.com> Reviewed-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-22mac80211: indicate admission control in TX queue parametersAlexander Bondar
Some driver implementations need to know whether mandatory admission control is required by the AP for some ACs. Add a parameter to the TX queue parameters indicating this. As there's currently no support for admission control in mac80211's AP implementation, it's only ever set for the client implementation. Signed-off-by: Alexander Bondar <alexander.bondar@intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-22cfg80211: invert P2P-Device vs. netdev check orderingJohannes Berg
In cfg80211_can_use_iftype_chan(), check for P2P Device first, and then for netdevs. This doesn't really change anything but makes the code a bit easier to read since it may not be obvious for everyone at first that a P2P device has no netdev. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-22cfg80211: fix P2P-Device stop lockingJohannes Berg
cfg80211_stop_p2p_device() requires the devlist_mtx to be held, but nl80211_stop_p2p_device() doesn't acquire it which is a locking error and causes a warning (when lockdep is enabled). Fix this. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-22Merge remote-tracking branch 'wireless-next/master' into mac80211-nextJohannes Berg
2013-04-19nl80211: allow using wdev identifiers to get scan resultsJohannes Berg
Most dump callbacks, including the scan results one, use the netdev to identify what to do, which is incorrect for the P2P_DEVICE support, it needs to be able to get the scan result from the wdev. Change all dumps to unify the code, but ones other than scan don't really support being executed on a wdev that has no netdev. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-18mac80211: fix P2P-Device management frame RXJohannes Berg
There's an issue in receiving broadcast management frames on P2P Device virtual interfaces, such frames have the RX flag IEEE80211_RX_RA_MATCH cleared and are thus dropped in ieee80211_rx_h_mgmt_check(). They should be let through to make it to ieee80211_rx_h_userspace_mgmt() and then to userspace. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-18Bluetooth: Rename LE_SCANNING_* macrosAndre Guedes
This patch renames LE_SCANNING_ENABLED and LE_SCANNING_DISABLED macros to LE_SCAN_ENABLE and LE_SCAN_DISABLE in order to keep the same prefix others LE scan macros have. It also fixes le_scan_enable_req function so it uses the LE_SCAN_ ENABLE macro instead of a magic number. Signed-off-by: Andre Guedes <andre.guedes@openbossa.org> Acked-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-18Bluetooth: Add macros for filter duplicates valuesAndre Guedes
This patch adds macros for filter_duplicates parameter values from HCI LE Set Scan Enable command. It also fixes le_scan_enable_req function so it uses the LE_SCAN_FILTER_DUP_ENABLE macro instead of a magic number. The LE_SCAN_FILTER_DUP_DISABLE was also defined since it will be required to properly support the GAP Observer Role. Signed-off-by: Andre Guedes <andre.guedes@openbossa.org> Acked-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-18Bluetooth: Add LE scan type macrosAndre Guedes
This patch adds macros for active and passive LE scan type values. The LE_SCAN_PASSIVE was also defined since it will be used in future by LE connection routine and GAP Observer Role support. Signed-off-by: Andre Guedes <andre.guedes@openbossa.org> Acked-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-18Bluetooth: Change LE scanning timeout macrosAndre Guedes
Define LE scanning timeout macros in jiffies just like we do for others timeout macros. Signed-off-by: Andre Guedes <andre.guedes@openbossa.org> Acked-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-18Bluetooth: Add reading of all local feature pagesJohan Hedberg
With the introduction of CSA4 there is now also a features page number 2 available. This patch increments the maximum supported page number to 2 and adds code for reading all available pages (as long as we have support for them - indicated by HCI_MAX_PAGES). Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-18Bluetooth: Track feature pages in a single tableJohan Hedberg
The local and remote features are organized by page number. Page 0 are the LMP features, page 1 the host features, and any pages beyond 1 features that future core specification versions may define. So far we've only had the first two pages and two separate variables has been convenient enough, however with the introduction of Core Specification Addendum 4 there are features defined on page 2. Instead of requiring the addition of a new variable each time a new page number is defined, this patch refactors the code to use a single table for the features. The patch needs to update both the hci_dev and hci_conn structures since there are macros that depend on the features being represented in the same way in both of them. Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-18Bluetooth: Move and rename hci_conn_acceptFrédéric Dalleau
Since this function is only used by sco, move it from hci_event.c to sco.c and rename to sco_conn_defer_accept. Make it static. Signed-off-by: Frédéric Dalleau <frederic.dalleau@linux.intel.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-18Bluetooth: Fix incorrect SSP mode bit for non SSP devicesJaganath Kanakkassery
Some faulty non SSP devices send extended inquiry response during device discovery which is a violation of 2.1 specification. So for these devices we set SSP bit during acl connection initiation thinking that it is an SSP device. But for these devices, in remote host features event SSP supported bit will be off. But we are not clearing the SSP bit in that case and eventually SSP bit in conn flag will be incorrectly set for these devices. The software which has caused this issue is MecApp http://www.mecel.se/products/bluetooth/downloads/MecApp_download This patch does a workaround by clearing the SSP bit if it is not supported in remote host features event hcidump log ---------- < HCI Command: Inquiry (0x01|0x0001) plen 5 lap 0x9e8b33 len 4 num 0 > HCI Event: Command Status (0x0f) plen 4 Inquiry (0x01|0x0001) status 0x00 ncmd 1 > HCI Event: Extended Inquiry Result (0x2f) plen 255 bdaddr 00:1B:DC:05:B5:25 mode 1 clkoffset 0x3263 class 0x3c0000 rssi -77 Unknown type 0x42 with 8 bytes data Unknown type 0x1e with 2 bytes data > HCI Event: Inquiry Complete (0x01) plen 1 status 0x00 < HCI Command: Create Connection (0x01|0x0005) plen 13 bdaddr 00:1B:DC:05:B5:25 ptype 0xcc18 rswitch 0x01 clkoffset 0x0000 Packet type: DM1 DM3 DM5 DH1 DH3 DH5 > HCI Event: Command Status (0x0f) plen 4 Create Connection (0x01|0x0005) status 0x00 ncmd 1 > HCI Event: Connect Complete (0x03) plen 11 status 0x00 handle 12 bdaddr 00:1B:DC:05:B5:25 type ACL encrypt 0x00 < HCI Command: Read Remote Supported Features (0x01|0x001b) plen 2 handle 12 > HCI Event: Command Status (0x0f) plen 4 Read Remote Supported Features (0x01|0x001b) status 0x00 ncmd 1 > HCI Event: Read Remote Supported Features (0x0b) plen 11 status 0x00 handle 12 Features: 0xff 0xff 0x8f 0x7e 0xd8 0x1f 0x5b 0x87 < HCI Command: Read Remote Extended Features (0x01|0x001c) plen 3 handle 12 page 1 > HCI Event: Command Status (0x0f) plen 4 Read Remote Extended Features (0x01|0x001c) status 0x00 ncmd 1 > HCI Event: Page Scan Repetition Mode Change (0x20) plen 7 bdaddr 00:1B:DC:05:B5:25 mode 1 > HCI Event: Max Slots Change (0x1b) plen 3 handle 12 slots 5 > HCI Event: Read Remote Extended Features (0x23) plen 13 status 0x00 handle 12 page 1 max 0 Features: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 < HCI Command: Remote Name Request (0x01|0x0019) plen 10 bdaddr 00:1B:DC:05:B5:25 mode 2 clkoffset 0x0000 > HCI Event: Command Status (0x0f) plen 4 Remote Name Request (0x01|0x0019) status 0x00 ncmd 1 > HCI Event: Remote Name Req Complete (0x07) plen 255 status 0x00 bdaddr 00:1B:DC:05:B5:25 name 'Bluetooth PTS Radio v4' < HCI Command: Authentication Requested (0x01|0x0011) plen 2 handle 12 > HCI Event: Command Status (0x0f) plen 4 Authentication Requested (0x01|0x0011) status 0x00 ncmd 1 > HCI Event: Link Key Request (0x17) plen 6 bdaddr 00:1B:DC:05:B5:25 < HCI Command: Link Key Request Negative Reply (0x01|0x000c) plen 6 bdaddr 00:1B:DC:05:B5:25 > HCI Event: Command Complete (0x0e) plen 10 Link Key Request Negative Reply (0x01|0x000c) ncmd 1 status 0x00 bdaddr 00:1B:DC:05:B5:25 > HCI Event: PIN Code Request (0x16) plen 6 bdaddr 00:1B:DC:05:B5:25 Signed-off-by: Jaganath Kanakkassery <jaganath.k@samsung.com> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-17mac80211: optimize minstrel_ewmaKarl Beldan
Use powers of two in ewma of minstrel. This changes : - EWMA_DIV from 100 to 2^7 - EWMA_LEVEL from 75 (/EWMA_DIV=100) to 2^6 + 2^5 (/EWMA_DIV=128) Note that this changes EWMA_DIV - EWMA_LEVEL from 25 to 2^5 and keeps EWMA_LEVEL / EWMA_DIV == 0.75. Signed-off-by: Karl Beldan <karl.beldan@rivierawaves.com> Acked-by: Felix Fietkau <nbd@openwrt.org> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-17mac80211: cosmetics for minstrel_debugfsKarl Beldan
This changes the minstrel stats ouput from: rate throughput ewma prob this prob this succ/attempt success attempts BCD 6 0.0 0.0 0.0 0( 0) 0 0 to: rate throughput ewma prob this prob this succ/attempt success attempts BCD 6 0.0 0.0 0.0 0( 0) 0 0 Signed-off-by: Karl Beldan <karl.beldan@rivierawaves.com> Acked-by: Felix Fietkau <nbd@openwrt.org> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-17mac80211: fix station entry leak/warning while suspendingJohannes Berg
Since Stanislaw's patches, when suspending while connected, cfg80211 will disconnect. This causes the AP station to be removed, which uses call_rcu() to clean up. Due to needing process context, this queues a work struct on the mac80211 workqueue. This will warn and fail when already suspended, which can happen if the rcu call doesn't happen quickly. To fix this, replace the synchronize_net() which is really just synchronize_rcu_expedited() with rcu_barrier(), which unlike synchronize_rcu() waits until RCU callback have run and thus avoids this issue. In theory, this can even happen without Stanislaw's change to disconnect on suspend since userspace might disconnect just before suspending, though then it's unlikely that the call_rcu() will be delayed long enough. Cc: stable@vger.kernel.org [3.7+] Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-17Bluetooth: hidp: fix sending output reports on intr channelDavid Herrmann
According to the specifications, data output reports must be sent on the interrupt channel. See also usbhid implementation. Sending these reports on the control channel breaks newer Wii Remotes. Note that this will make output reports asynchronous. However, that's how hid_output_raw_report() is supposed to work with HID_OUTPUT_REPORT as report type. There are no responses to output reports. Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-17Bluetooth: hidp: don't send boot-protocol messages as HID-reportsDavid Herrmann
If a device is registered as HID device, it is always in Report-Mode. Therefore, we must not send Boot-Protocol messages on hidinput_input_event() callbacks. This confuses devices and may cause disconnects on protocol errors. We disable the hidinput_input_event() callback for now. We can implement it properly later, but lets first fix the current code by disabling it. Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-17Bluetooth: hidp: merge 'send' functions into hidp_send_message()David Herrmann
We handle skb buffers all over the place, even though we have hidp_send_*_message() helpers. This creates a more generic hidp_send_message() helper and uses it instead of dealing with transmit queues directly everywhere. Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-17Bluetooth: hidp: merge hidp_process_{ctrl,intr}_transmit()David Herrmann
Both hidp_process_ctrl_transmit() and hidp_process_intr_transmit() are exactly the same apart from the transmit-queue and socket pointers. Therefore, pass them as argument and merge both functions into one so we avoid 25 lines of code-duplication. Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-17Bluetooth: hidp: handle kernel_sendmsg() errors correctlyDavid Herrmann
We shouldn't push back the skbs if kernel_sendmsg() fails. Instead, we terminate the connection and drop the skb. Only on EAGAIN we push it back and return. l2cap doesn't return EAGAIN, yet, but this guarantees we're safe if it will at some time in the future. Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-17Bluetooth: hidp: remove old session-managementDavid Herrmann
We have the full new session-management now available so lets switch over and remove all the old code. Few semantics changed, so we need to adjust the sock.c callers a bit. But this mostly simplifies the logic. Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-17Bluetooth: hidp: add new session-management helpersDavid Herrmann
This is a rewrite of the HIDP session management. It implements HIDP as an l2cap_user sub-module so we get proper notification when the underlying connection goes away. The helpers are not yet used but only added in this commit. The old session management is still used and will be removed in a following patch. The old session-management was flawed. Hotplugging is horribly broken and we have no way of getting notified when the underlying connection goes down. The whole idea of removing the HID/input sub-devices from within the session itself is broken and suffers from major dead-locks. We never can guarantee that the session can unregister itself as long as we use synchronous shutdowns. This can only work with asynchronous shutdowns. However, in this case we _must_ be able to unregister the session from the outside as otherwise the l2cap_conn object might be unlinked before we are. The new session-management is based on l2cap_user. There is only one way how to add a session and how to delete a session: "probe" and "remove" callbacks from l2cap_user. This guarantees that the session can be registered and unregistered at _any_ time without any synchronous shutdown. On the other hand, much work has been put into proper session-refcounting. We can unregister/unlink the session only if we can guarantee that it will stay alive. But for asynchronous shutdowns we never know when the last user goes away so we must use proper ref-counting. The old ->conn field has been renamed to ->hconn so we can reuse ->conn in the new session management. No other existing HIDP code is modified. Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-17Bluetooth: l2cap: add l2cap_user sub-modulesDavid Herrmann
Several sub-modules like HIDP, rfcomm, ... need to track l2cap connections. The l2cap_conn->hcon->dev object is used as parent for sysfs devices so the sub-modules need to be notified when the hci_conn object is removed from sysfs. As submodules normally use the l2cap layer, the l2cap_user objects are registered there instead of on the underlying hci_conn object. This avoids any direct dependency on the HCI layer and lets the l2cap core handle any specifics. This patch introduces l2cap_user objects which contain a "probe" and "remove" callback. You can register them on any l2cap_conn object and if it is active, the "probe" callback will get called. Otherwise, an error is returned. The l2cap_conn object will call your "remove" callback directly before it is removed from user-space. This allows you to remove your submodules _before_ the parent l2cap_conn and hci_conn object is removed. At any time you can asynchronously unregister your l2cap_user object if your submodule vanishes before the l2cap_conn object does. There is no way around l2cap_user. If we want wire-protocols in the kernel, we always want the hci_conn object as parent in the sysfs tree. We cannot use a channel here since we might need multiple channels for a single protocol. But the problem is, we _must_ get notified when an l2cap_conn object is removed. We cannot use reference-counting for object-removal! This is not how it works. If a hardware is removed, we should immediately remove the object from sysfs. Any other behavior would be inconsistent with the rest of the system. Also note that device_del() might sleep, but it doesn't wait for user-space or block very long. It only _unlinks_ the object from sysfs and the whole device-tree. Everything else is handled by ref-counts! This is exactly what the other sub-modules must do: unlink their devices when the "remove" l2cap_user callback is called. They should not do any cleanup or synchronous shutdowns. Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-17Bluetooth: l2cap: introduce l2cap_conn ref-countingDavid Herrmann
If we want to use l2cap_conn outside of l2cap_core.c, we need refcounting for these objects. Otherwise, we cannot synchronize l2cap locks with outside locks and end up with deadlocks. Hence, introduce ref-counting for l2cap_conn objects. This doesn't affect l2cap internals at all, as they use a direct synchronization. We also keep a reference to the parent hci_conn for locking purposes as l2cap_conn depends on this. This doesn't affect the connection itself but only the lifetime of the (dead) object. Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-17Bluetooth: hidp: move hidp_schedule() to core.cDavid Herrmann
There is no reason to keep this helper in the header file. No other file depends on it so move it into hidp/core.c where it belongs. Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-17Bluetooth: allow constant arguments for bacmp()/bacpy()David Herrmann
There is no reason to require the source arguments to be writeable so fix this to allow constant source addresses. Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-17Bluetooth: hidp: test "terminate" before sleepingDavid Herrmann
The "terminate" flag is guaranteed to be set before the session terminates and the handlers are woken up. Hence, we need to add it to the sleep-condition. Note that testing the flags is not enough as nothing prevents us from setting the flags again after the session-handler terminated. Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-17Bluetooth: hidp: remove unused session->state fieldDavid Herrmann
This field is always BT_CONNECTED. Remove it and set it to BT_CONNECTED in hidp_copy_session() unconditionally. Also note that this field is totally bogus. Userspace can query an hidp-session for its state. However, whenever user-space queries us, this field should be BT_CONNECTED. If it wasn't BT_CONNECTED, then we would be currently cleaning up the session and the session itself would exit in the next few milliseconds. Hence, there is no reason to let user-space know that the session will exit now if they cannot make _any_ use of that. Thus, remove the field and let user-space think that a session is always BT_CONNECTED as long as they can query it. Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-17Bluetooth: introduce hci_conn ref-countingDavid Herrmann
We currently do not allow using hci_conn from outside of HCI-core. However, several other users could make great use of it. This includes HIDP, rfcomm and all other sub-protocols that rely on an active connection. Hence, we now introduce hci_conn ref-counting. We currently never call get_device(). put_device() is exclusively used in hci_conn_del_sysfs(). Hence, we currently never have a greater device-refcnt than 1. Therefore, it is safe to move the put_device() call from hci_conn_del_sysfs() to hci_conn_del() (it's the only caller). In fact, this even fixes a "use-after-free" bug as we access hci_conn after calling hci_conn_del_sysfs() in hci_conn_del(). From now on we can add references to hci_conn objects in other layers (like l2cap_sock, HIDP, rfcomm, ...) and grab a reference via hci_conn_get(). This does _not_ guarantee, that the connection is still alive. But, this isn't what we want. We can simply lock the hci_conn device and use "device_is_registered(hci_conn->dev)" to test that. However, this is hardly necessary as outside users should never rely on the HCI connection to be alive, anyway. Instead, they should solely rely on the device-object to be available. But if sub-devices want the hci_conn object as sysfs parent, they need to be notified when the connection drops. This will be introduced in later patches with l2cap_users. Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-17Bluetooth: remove unneeded hci_conn_hold/put_device()David Herrmann
hci_conn_hold/put_device() is used to control when hci_conn->dev is no longer needed and can be deleted from the system. Lets first look how they are currently used throughout the code (excluding HIDP!). All code that uses hci_conn_hold_device() looks like this: ... hci_conn_hold_device(); hci_conn_add_sysfs(); ... On the other side, hci_conn_put_device() is exclusively used in hci_conn_del(). So, considering that hci_conn_del() must not be called twice (which would fail horribly), we know that hci_conn_put_device() is only called _once_ (which is in hci_conn_del()). On the other hand, hci_conn_add_sysfs() must not be called twice, either (it would call device_add twice, which breaks the device, see drivers/base/core.c). So we know that hci_conn_hold_device() is also called only once (it's only called directly before hci_conn_add_sysfs()). So hold and put are known to be called only once. That means we can safely remove them and directly call hci_conn_del_sysfs() in hci_conn_del(). But there is one issue left: HIDP also uses hci_conn_hold/put_device(). However, this case can be ignored and simply removed as it is totally broken. The issue is, the only thing HIDP delays with hci_conn_hold_device() is the removal of the hci_conn->dev from sysfs. But, the hci_conn device has no mechanism to get notified when its own parent (hci_dev) gets removed from sysfs. hci_dev_hold/put() does _not_ control when it is removed but only when the device object is created and destroyed. And hci_dev calls hci_conn_flush_*() when it removes itself from sysfs, which itself causes hci_conn_del() to be called, but it does _not_ cause hci_conn_del_sysfs() to be called, which is wrong. Hence, we fix it to call hci_conn_del_sysfs() in hci_conn_del(). This guarantees that a hci_conn object is removed from sysfs _before_ its parent hci_dev is removed. The changes to HIDP look scary, wrong and broken. However, if you look at the HIDP session management, you will notice they're already broken in the exact _same_ way (ever tried "unplugging" HIDP devices? Breaks _all_ the time). So this patch only makes HIDP look _scary_ and _obviously broken_. It does not break HIDP itself, it already is! See later patches in this series which fix HIDP to use proper session-management. Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
2013-04-16mac80211: fix CTS protection handlingFelix Fietkau
The rates[0] CTS and RTS flags are only set after rate control has been called, so minstrel cannot use them to for setting the number of retries. This patch adds two new flags to explicitly indicate RTS/CTS use. Signed-off-by: Felix Fietkau <nbd@openwrt.org> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-16mac80211: fix and optimize MCS mask handlingFelix Fietkau
Currently the code always copies the configured MCS mask (even if it is set to default), but only uses it if legacy rates were also masked out. Fix this by adding a flag that tracks whether the configured MCS mask is set to default or not. Optimize the code further by storing a pointer to the configured rate mask in txrc instead of using memcpy. Signed-off-by: Felix Fietkau <nbd@openwrt.org> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-16mac80211_hwsim: handle VHT rates in rx_statusKarl Beldan
Signed-off-by: Karl Beldan <karl.beldan@rivierawaves.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-16mac80211: VHT off-by-one NSSKarl Beldan
The number of VHT spatial streams (NSS) is found in: - s8 ieee80211_tx_rate.rate.idx[6:4] (tx - filled by rate control) - u8 ieee80211_rx_status.vht_nss (rx - filled by driver) Tx discriminates valid rates indexes with the sign bit and encodes NSS starting from 0 to 7 (note this matches some hw encodings e.g IWLMVM). Rx does not have the same constraints, and encodes NSS starting from 1 to 8 (note this matches what wireshark expects in the radiotap header). To handle ieee80211_tx_rate.rate.idx[6:4] ieee80211_rate_set_vht() and ieee80211_rate_get_vht_nss() assume their nss parameter and return value respectively runs from 0 to 7. ATM, there are only 2 users of these: cfg.c:sta_set_rate_info_t() and iwlwifi/mvm/tx.c:iwl_mvm_hwrate_to_tx_control(), but both assume nss runs from 1 to 8. This patch fixes this inconsistency by making ieee80211_rate_set_vht() and ieee80211_rate_get_vht_nss() handle an nss running from 1 to 8. Signed-off-by: Karl Beldan <karl.beldan@rivierawaves.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-16mac80211: adjust initial chandefs assignments in ieee80211_register_hwKarl Beldan
I noticed that monitor interfaces by default would start on 5GHz while STA/AP ones would start 2GHZ - It stems from the fact that ieee80211_register_hw unnecessarily adjusts the local->monitor_chandef for each band. This avoids this and while at it uses a single dflt_chandef to initialize in one go local->{hw.conf.chandef,_oper_chandef,monitor_chandef} Signed-off-by: Karl Beldan <karl.beldan@rivierawaves.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-04-16mac80211: fix rate control tx handler for VHT ratesKarl Beldan
Handle VHT rates like HT ones, otherwise we easily trigger the pre-HT rates WARN_ON(rc_rate->idx >= sband->n_bitrates) which will set rc_rate->idx to -1. Signed-off-by: Karl Beldan <karl.beldan@rivierawaves.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>