John W. Linville [Fri, 22 Jun 2012 17:56:34 +0000 (13:56 -0400)]
Merge branch 'for-john' of git://git./linux/kernel/git/jberg/mac80211
Eliad Peller [Fri, 1 Jun 2012 08:14:03 +0000 (11:14 +0300)]
mac80211: clear ifmgd->bssid only after building DELBA
ieee80211_set_disassoc() clears ifmgd->bssid before
building DELBA frames, resulting in frames with invalid
bssid ("00:00:00:00:00:00").
Fix it by clearing ifmgd->bssid only after building
all the needed frames.
After this change, we no longer need to save the
bssid (before clearing it), so remove the local array.
Reported-by: Ido Yariv <ido@wizery.com>
Cc: stable@vger.kernel.org
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Rajkumar Manoharan [Wed, 20 Jun 2012 10:59:20 +0000 (16:29 +0530)]
ath9k_htc: configure bssid on ASSOC/IBSS change
After the change "mac80211: remove spurious BSSID change flag",
BSS_CHANGED_BSSID will not be passed on association or IBSS
status changes. So it could be better to program bssid on ASSOC
or IBSS change notification. Not doing so, is affecting the
packet transmission.
Cc: stable@vger.kernel.org [3.4+]
Reported-by: Michael Leun <lkml20120218@newton.leun.net>
Signed-off-by: Rajkumar Manoharan <rmanohar@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Wed, 20 Jun 2012 06:46:25 +0000 (08:46 +0200)]
iwlwifi: remove log_event debugfs file debugging is disabled
When debugging is disabled, the event log functions aren't
functional in the way that the debugfs file expects. This
leads to the debugfs access crashing. Since the event log
functions aren't functional then, remove the debugfs file
when CONFIG_IWLWIFI_DEBUG is not set.
Cc: stable@kernel.org
Reported-by: Lekensteyn <lekensteyn@gmail.com>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Mohammed Shafi Shajakhan [Mon, 18 Jun 2012 07:43:30 +0000 (13:13 +0530)]
ath9k_hw: avoid possible infinite loop in ar9003_get_pll_sqsum_dvc
"ath9k: Fix softlockup in AR9485" with commit id
64bc1239c790e051ff677e023435d770d2ffa174 fixed the reported
issue, yet its better to avoid the possible infinite loop
in ar9003_get_pll_sqsum_dvc by having a timeout as suggested
by ath9k maintainers.
http://www.spinics.net/lists/linux-wireless/msg92126.html.
Based on my testing PLL's locking measurement is done in
~200us (2 iterations).
Cc: stable@vger.kernel.org
Cc: Rolf Offermanns <rolf.offermanns@gmx.net>
Cc: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Cc: Senthil Balasubramanian <senthilb@qca.qualcomm.com>
Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Grazvydas Ignotas [Sat, 16 Jun 2012 19:26:48 +0000 (22:26 +0300)]
wl1251: Fix memory leaks in SPI initialization
This patch fixes two memory leaks in the SPI initialization code.
Patch based on old maemo patch by:
Yuri Ershov <ext-yuri.ershov@nokia.com>
Signed-off-by: Grazvydas Ignotas <notasas@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Grazvydas Ignotas [Sat, 16 Jun 2012 19:26:47 +0000 (22:26 +0300)]
wl1251: always report beacon loss to the stack
Always report beacon loss to the stack, not only when in powersave
state. This is because there's possibility that the driver disables
PSM before it handles old BSS_LOSE_EVENT, so beacon loss has to be
reported.
Patch based on old maemo patch by:
Janne Ylalehto <janne.ylalehto@nokia.com>
Juuso Oikarinen <juuso.oikarinen@nokia.com>
Luciano Coelho <luciano.coelho@nokia.com>
Yuri Ershov <ext-yuri.ershov@nokia.com>
Signed-off-by: Grazvydas Ignotas <notasas@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Grazvydas Ignotas [Sat, 16 Jun 2012 19:26:46 +0000 (22:26 +0300)]
wl1251: fix TSF calculation
Cast MSB part of current TSF to u64 to prevent loss of most
significant bits. MSB should also be shifted by 32.
Patch based on old maemo patch by:
Yuri Kululin <ext-yuri.kululin@nokia.com>
Yuri Ershov <ext-yuri.ershov@nokia.com>
Signed-off-by: Grazvydas Ignotas <notasas@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
John W. Linville [Tue, 19 Jun 2012 20:00:11 +0000 (16:00 -0400)]
Merge branch 'for-upstream' of git://git./linux/kernel/git/bluetooth/bluetooth
Bing Zhao [Fri, 15 Jun 2012 22:49:54 +0000 (15:49 -0700)]
mwifiex: fix wrong return values in add_virtual_intf() error cases
add_virtual_intf() needs to return an ERR_PTR(), instead of NULL,
on errors, otherwise cfg80211 will crash.
Reported-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Dan Carpenter [Mon, 18 Jun 2012 07:48:14 +0000 (10:48 +0300)]
airo: copying wrong data in airo_get_aplist()
"qual" used to be declared on the stack, but then in
998a5a7d6a ("airo:
reduce stack memory footprint") we made it dynamically allocated.
Unfortunately the memcpy() here was missed and it's still copying stack
memory instead of the data that we want. In other words, "&qual" should
be "qual".
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Avinash Patil [Fri, 15 Jun 2012 23:21:53 +0000 (16:21 -0700)]
mwifiex: fix uAP TX packet timeout issue
When running heavy traffic we stop the tx queue if the pending
packet count reaches certain threshold. Later, the tx queue should
be woken up as soon as the packet count falls below the threshold.
Current code wakes TX queue up on STA interface only. Removing the
check for STA interface will allow both STA and AP interfaces to
resume transmit when tx_pending count becomes low.
Signed-off-by: Avinash Patil <patila@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Bob Copeland [Fri, 15 Jun 2012 20:03:29 +0000 (16:03 -0400)]
ath5k: remove _bh from inner locks
spin_unlock_bh(&txq->lock) already disables softirqs so we don't want
to do it here. Fixes smatch warnings:
drivers/net/wireless/ath/ath5k/base.c:1048 ath5k_drain_tx_buffs() error: double lock 'bottom_half:'
drivers/net/wireless/ath/ath5k/base.c:1056 ath5k_drain_tx_buffs() error: double unlock 'bottom_half:'
Reported-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Bob Copeland <me@bobcopeland.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Felix Fietkau [Fri, 15 Jun 2012 01:04:53 +0000 (03:04 +0200)]
ath9k: fix invalid pointer access in the tx path
After setup_frame_info has been called, only info->control.rates is still
valid, other control fields have been overwritten by the ath_frame_info
data. Move the access to info->control.vif for checking short preamble
to setup_frame_info before it gets overwritten.
This regression was introduced in commit
d47a61aa
"ath9k: Fix multi-VIF BSS handling"
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Reported-by: Thomas Hühn <thomas@net.t-labs.tu-berlin.de>
Acked-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Cc: stable@vger.kernel.org [3.4]
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Felix Fietkau [Fri, 15 Jun 2012 01:04:52 +0000 (03:04 +0200)]
ath9k: fix a tx rate duration calculation bug
The rate pointer variable for a rate series is used in a loop before it is
initialized. This went unnoticed because it was used earlier for the RTS/CTS
rate. This bug can lead to the wrong PHY type being passed to the
duration calculation function.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Cc: stable@kernel.org
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Andrei Emeltchenko [Wed, 13 Jun 2012 10:35:44 +0000 (13:35 +0300)]
Bluetooth: btmrvl: Do not send vendor events to bluetooth stack
Vendor-specific events shall be processed in driver and not sent
to bluetooth stack where they screw up HCI command countings.
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Vishal Agarwal [Wed, 13 Jun 2012 00:02:43 +0000 (05:32 +0530)]
Bluetooth: Fix sending HCI_Disconnect only when connected
HCI_Disconnect should only be sent after connection is established.
If connection is not yet established and HCI_Disconnect is called
then disconnection complete will be received with a handle which
does not exist and hence this event will be ignored.
But as mgmt.c will not receive this event, its variable for pending
command is not cleared.This will result in future Disconnect commands
for that BD Address to be blocked with error busy.
Signed-off-by: Vishal Agarwal <vishal.agarwal@stericsson.com>
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Mohammed Shafi Shajakhan [Wed, 13 Jun 2012 15:58:09 +0000 (21:28 +0530)]
ath9k: Fix softlockup in AR9485
steps to recreate:
load latest ath9k driver with AR9485
stop the network-manager and wpa_supplicant
bring the interface up
Call Trace:
[<
ffffffffa0517490>] ? ath_hw_check+0xe0/0xe0 [ath9k]
[<
ffffffff812cd1e8>] __const_udelay+0x28/0x30
[<
ffffffffa03bae7a>] ar9003_get_pll_sqsum_dvc+0x4a/0x80 [ath9k_hw]
[<
ffffffffa05174eb>] ath_hw_pll_work+0x5b/0xe0 [ath9k]
[<
ffffffff810744fe>] process_one_work+0x11e/0x470
[<
ffffffff8107530f>] worker_thread+0x15f/0x360
[<
ffffffff810751b0>] ? manage_workers+0x230/0x230
[<
ffffffff81079af3>] kthread+0x93/0xa0
[<
ffffffff815fd3a4>] kernel_thread_helper+0x4/0x10
[<
ffffffff81079a60>] ? kthread_freezable_should_stop+0x70/0x70
[<
ffffffff815fd3a0>] ? gs_change+0x13/0x13
ensure that the PLL-WAR for AR9485/AR9340 is executed only if the STA is
associated (or) IBSS/AP mode had started beaconing. Ideally this WAR
is needed to recover from some rare beacon stuck during stress testing.
Before the STA is associated/IBSS had started beaconing, PLL4(0x1618c)
always seem to have zero even though we had configured PLL3(0x16188) to
query about PLL's locking status. When we keep on polling infinitely PLL4's
8th bit(ie check for PLL locking measurements is done), machine hangs
due to softlockup.
fixes https://bugzilla.redhat.com/show_bug.cgi?id=811142
Reported-by: Rolf Offermanns <rolf.offermanns@gmx.net>
Cc: stable@vger.kernel.org [3.0+]
Tested-by: Mohammed Shafi Shajakhan <mohammed@qca.qualcomm.com>
Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
John W. Linville [Wed, 13 Jun 2012 18:05:40 +0000 (14:05 -0400)]
Merge branch 'for-john' of git://git./linux/kernel/git/jberg/mac80211
David Spinadel [Tue, 12 Jun 2012 06:59:45 +0000 (09:59 +0300)]
mac80211: stop polling in disassociation
Stop connection monitor poll during disassociation.
This clears the polling flags and if a scan was
deferred it will be run.
Without this fix, if a scan was deferred due to
connection monitoring while disassociation happens,
this scan blocks further scan requests until interface
down/up which causes problems connecting to another AP.
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Eliad Peller [Tue, 12 Jun 2012 09:41:15 +0000 (12:41 +0300)]
mac80211: check sdata_running on ieee80211_set_bitrate_mask
Otherwise, we might call the driver callback before
the interface was uploaded.
Solves the following warning:
WARNING: at net/mac80211/driver-ops.h:12 ieee80211_set_bitrate_mask+0xbc/0x18c [mac80211]()
wlan0: Failed check-sdata-in-driver check, flags: 0x0
Modules linked in: wlcore_sdio wl12xx wl18xx wlcore mac80211 cfg80211 [last unloaded: cfg80211]
[<
c001b964>] (unwind_backtrace+0x0/0x12c) from [<
c0495550>] (dump_stack+0x20/0x24)
[<
c0495550>] (dump_stack+0x20/0x24) from [<
c003ee28>] (warn_slowpath_common+0x5c/0x74)
[<
c003ee28>] (warn_slowpath_common+0x5c/0x74) from [<
c003eefc>] (warn_slowpath_fmt+0x40/0x48)
[<
c003eefc>] (warn_slowpath_fmt+0x40/0x48) from [<
bf5c1ad0>] (ieee80211_set_bitrate_mask+0xbc/0x18c [mac80211])
[<
bf5c1ad0>] (ieee80211_set_bitrate_mask+0xbc/0x18c [mac80211]) from [<
bf575960>] (nl80211_set_tx_bitrate_mask+0x350/0x358 [cfg80211])
[<
bf575960>] (nl80211_set_tx_bitrate_mask+0x350/0x358 [cfg80211]) from [<
c03e9e94>] (genl_rcv_msg+0x1a8/0x1e8)
[<
c03e9e94>] (genl_rcv_msg+0x1a8/0x1e8) from [<
c03e9164>] (netlink_rcv_skb+0x5c/0xc0)
[<
c03e9164>] (netlink_rcv_skb+0x5c/0xc0) from [<
c03e9ce0>] (genl_rcv+0x28/0x34)
[<
c03e9ce0>] (genl_rcv+0x28/0x34) from [<
c03e8e74>] (netlink_unicast+0x158/0x234)
[<
c03e8e74>] (netlink_unicast+0x158/0x234) from [<
c03e93e0>] (netlink_sendmsg+0x218/0x298)
[<
c03e93e0>] (netlink_sendmsg+0x218/0x298) from [<
c03b4e5c>] (sock_sendmsg+0xa4/0xc0)
[<
c03b4e5c>] (sock_sendmsg+0xa4/0xc0) from [<
c03b5af4>] (__sys_sendmsg+0x1d8/0x254)
[<
c03b5af4>] (__sys_sendmsg+0x1d8/0x254) from [<
c03b5ca8>] (sys_sendmsg+0x4c/0x70)
[<
c03b5ca8>] (sys_sendmsg+0x4c/0x70) from [<
c0013980>] (ret_fast_syscall+0x0/0x3c)
Note that calling the driver can also result
in undefined behaviour since it doesn't have
to deal with calls while down.
Signed-off-by: Eliad Peller <eliad@wizery.com>
[removed timestamps, added note - Johannes]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Eliad Peller [Tue, 12 Jun 2012 09:53:13 +0000 (12:53 +0300)]
cfg80211: fix potential deadlock in regulatory
reg_timeout_work() calls restore_regulatory_settings() which
takes cfg80211_mutex.
reg_set_request_processed() already holds cfg80211_mutex
before calling cancel_delayed_work_sync(reg_timeout),
so it might deadlock.
Call the async cancel_delayed_work instead, in order
to avoid the potential deadlock.
This is the relevant lockdep warning:
cfg80211: Calling CRDA for country: XX
======================================================
[ INFO: possible circular locking dependency detected ]
3.4.0-rc5-wl+ #26 Not tainted
-------------------------------------------------------
kworker/0:2/1391 is trying to acquire lock:
(cfg80211_mutex){+.+.+.}, at: [<
bf28ae00>] restore_regulatory_settings+0x34/0x418 [cfg80211]
but task is already holding lock:
((reg_timeout).work){+.+...}, at: [<
c0059e94>] process_one_work+0x1f0/0x480
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #2 ((reg_timeout).work){+.+...}:
[<
c008fd44>] validate_chain+0xb94/0x10f0
[<
c0090b68>] __lock_acquire+0x8c8/0x9b0
[<
c0090d40>] lock_acquire+0xf0/0x114
[<
c005b600>] wait_on_work+0x4c/0x154
[<
c005c000>] __cancel_work_timer+0xd4/0x11c
[<
c005c064>] cancel_delayed_work_sync+0x1c/0x20
[<
bf28b274>] reg_set_request_processed+0x50/0x78 [cfg80211]
[<
bf28bd84>] set_regdom+0x550/0x600 [cfg80211]
[<
bf294cd8>] nl80211_set_reg+0x218/0x258 [cfg80211]
[<
c03c7738>] genl_rcv_msg+0x1a8/0x1e8
[<
c03c6a00>] netlink_rcv_skb+0x5c/0xc0
[<
c03c7584>] genl_rcv+0x28/0x34
[<
c03c6720>] netlink_unicast+0x15c/0x228
[<
c03c6c7c>] netlink_sendmsg+0x218/0x298
[<
c03933c8>] sock_sendmsg+0xa4/0xc0
[<
c039406c>] __sys_sendmsg+0x1e4/0x268
[<
c0394228>] sys_sendmsg+0x4c/0x70
[<
c0013840>] ret_fast_syscall+0x0/0x3c
-> #1 (reg_mutex){+.+.+.}:
[<
c008fd44>] validate_chain+0xb94/0x10f0
[<
c0090b68>] __lock_acquire+0x8c8/0x9b0
[<
c0090d40>] lock_acquire+0xf0/0x114
[<
c04734dc>] mutex_lock_nested+0x48/0x320
[<
bf28b2cc>] reg_todo+0x30/0x538 [cfg80211]
[<
c0059f44>] process_one_work+0x2a0/0x480
[<
c005a4b4>] worker_thread+0x1bc/0x2bc
[<
c0061148>] kthread+0x98/0xa4
[<
c0014af4>] kernel_thread_exit+0x0/0x8
-> #0 (cfg80211_mutex){+.+.+.}:
[<
c008ed58>] print_circular_bug+0x68/0x2cc
[<
c008fb28>] validate_chain+0x978/0x10f0
[<
c0090b68>] __lock_acquire+0x8c8/0x9b0
[<
c0090d40>] lock_acquire+0xf0/0x114
[<
c04734dc>] mutex_lock_nested+0x48/0x320
[<
bf28ae00>] restore_regulatory_settings+0x34/0x418 [cfg80211]
[<
bf28b200>] reg_timeout_work+0x1c/0x20 [cfg80211]
[<
c0059f44>] process_one_work+0x2a0/0x480
[<
c005a4b4>] worker_thread+0x1bc/0x2bc
[<
c0061148>] kthread+0x98/0xa4
[<
c0014af4>] kernel_thread_exit+0x0/0x8
other info that might help us debug this:
Chain exists of:
cfg80211_mutex --> reg_mutex --> (reg_timeout).work
Possible unsafe locking scenario:
CPU0 CPU1
---- ----
lock((reg_timeout).work);
lock(reg_mutex);
lock((reg_timeout).work);
lock(cfg80211_mutex);
*** DEADLOCK ***
2 locks held by kworker/0:2/1391:
#0: (events){.+.+.+}, at: [<
c0059e94>] process_one_work+0x1f0/0x480
#1: ((reg_timeout).work){+.+...}, at: [<
c0059e94>] process_one_work+0x1f0/0x480
stack backtrace:
[<
c001b928>] (unwind_backtrace+0x0/0x12c) from [<
c0471d3c>] (dump_stack+0x20/0x24)
[<
c0471d3c>] (dump_stack+0x20/0x24) from [<
c008ef70>] (print_circular_bug+0x280/0x2cc)
[<
c008ef70>] (print_circular_bug+0x280/0x2cc) from [<
c008fb28>] (validate_chain+0x978/0x10f0)
[<
c008fb28>] (validate_chain+0x978/0x10f0) from [<
c0090b68>] (__lock_acquire+0x8c8/0x9b0)
[<
c0090b68>] (__lock_acquire+0x8c8/0x9b0) from [<
c0090d40>] (lock_acquire+0xf0/0x114)
[<
c0090d40>] (lock_acquire+0xf0/0x114) from [<
c04734dc>] (mutex_lock_nested+0x48/0x320)
[<
c04734dc>] (mutex_lock_nested+0x48/0x320) from [<
bf28ae00>] (restore_regulatory_settings+0x34/0x418 [cfg80211])
[<
bf28ae00>] (restore_regulatory_settings+0x34/0x418 [cfg80211]) from [<
bf28b200>] (reg_timeout_work+0x1c/0x20 [cfg80211])
[<
bf28b200>] (reg_timeout_work+0x1c/0x20 [cfg80211]) from [<
c0059f44>] (process_one_work+0x2a0/0x480)
[<
c0059f44>] (process_one_work+0x2a0/0x480) from [<
c005a4b4>] (worker_thread+0x1bc/0x2bc)
[<
c005a4b4>] (worker_thread+0x1bc/0x2bc) from [<
c0061148>] (kthread+0x98/0xa4)
[<
c0061148>] (kthread+0x98/0xa4) from [<
c0014af4>] (kernel_thread_exit+0x0/0x8)
cfg80211: Calling CRDA to update world regulatory domain
cfg80211: World regulatory domain updated:
cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
cfg80211: (
2402000 KHz -
2472000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
cfg80211: (
2457000 KHz -
2482000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
cfg80211: (
2474000 KHz -
2494000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
cfg80211: (
5170000 KHz -
5250000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
cfg80211: (
5735000 KHz -
5835000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
Cc: stable@kernel.org
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Avinash Patil [Tue, 12 Jun 2012 01:13:57 +0000 (18:13 -0700)]
mwifiex: fix incorrect privacy setting in beacon and probe response
Test procedure:
1. Start AP with security setting (e.g. WPA2)
2. Stop AP
3. Start AP with open security
Here it's observed that privacy is enabled in beacons and
probe responses.
This patch fixes it by checking the privacy parameter from
cfg80211_ap_settings. If privacy is not set in cfg80211_ap_settings,
set open authentication and no encryption in FW.
Signed-off-by: Avinash Patil <patila@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ashok Nagarajan [Mon, 11 Jun 2012 17:23:35 +0000 (10:23 -0700)]
mac80211: add missing kernel-doc
Add a few kernel-doc descriptions that were missed
during mesh development.
Reported-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: Ashok Nagarajan <ashok@cozybit.com>
Acked-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Giancarlo Formicuccia [Sun, 10 Jun 2012 06:33:11 +0000 (08:33 +0200)]
Bluetooth: add support for atheros 0930:0219
Add support for the AR3012 chip found on the Toshiba Sallite M840-1000-XQ.
usb-devices shows:
T: Bus=01 Lev=02 Prnt=02 Port=02 Cnt=01 Dev#= 5 Spd=12 MxCh= 0
D: Ver= 1.10 Cls=e0(wlcon) Sub=01 Prot=01 MxPS=64 #Cfgs= 1
P: Vendor=0930 ProdID=0219 Rev=00.02
S: Manufacturer=Atheros Communications
S: Product=Bluetooth USB Host Controller
S: SerialNumber=Alaska Day 2006
C: #Ifs= 2 Cfg#= 1 Atr=e0 MxPwr=100mA
I: If#= 0 Alt= 0 #EPs= 3 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb
I: If#= 1 Alt= 0 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb
Signed-off-by: Giancarlo Formicuccia <giancarlo.formicuccia@gmail.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Szymon Janc [Fri, 8 Jun 2012 09:33:33 +0000 (11:33 +0200)]
Bluetooth: Fix using uninitialized option in RFCMode
If remote device sends bogus RFC option with invalid length,
undefined options values are used. Fix this by using defaults when
remote misbehaves.
This also fixes the following warning reported by gcc 4.7.0:
net/bluetooth/l2cap_core.c: In function 'l2cap_config_rsp':
net/bluetooth/l2cap_core.c:3302:13: warning: 'rfc.max_pdu_size' may be used uninitialized in this function [-Wmaybe-uninitialized]
net/bluetooth/l2cap_core.c:3266:24: note: 'rfc.max_pdu_size' was declared here
net/bluetooth/l2cap_core.c:3298:25: warning: 'rfc.monitor_timeout' may be used uninitialized in this function [-Wmaybe-uninitialized]
net/bluetooth/l2cap_core.c:3266:24: note: 'rfc.monitor_timeout' was declared here
net/bluetooth/l2cap_core.c:3297:25: warning: 'rfc.retrans_timeout' may be used uninitialized in this function [-Wmaybe-uninitialized]
net/bluetooth/l2cap_core.c:3266:24: note: 'rfc.retrans_timeout' was declared here
net/bluetooth/l2cap_core.c:3295:2: warning: 'rfc.mode' may be used uninitialized in this function [-Wmaybe-uninitialized]
net/bluetooth/l2cap_core.c:3266:24: note: 'rfc.mode' was declared here
Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
John W. Linville [Mon, 11 Jun 2012 18:32:24 +0000 (14:32 -0400)]
Merge branch 'for-upstream' of git://git./linux/kernel/git/bluetooth/bluetooth
Jussi Kivilinna [Sat, 9 Jun 2012 15:45:20 +0000 (18:45 +0300)]
rndis_wlan: fix matching bssid check in rndis_check_bssid_list()
rndis_check_bssid_list() originally tried to check if bssid->mac and
match_bssid are equal using compare_ether_addr() when it should use
!compare_ether_addr(). This check was added by commit
b5257c952dda24df7078c74b7b811b44c6e49206 as part of workaround for
hardware issue.
Commit
2e42e4747ea72943c21551d8a206b51a9893b1e0 that replaced
compare_ether_addr with ether_addr_equal relieved that this compare
to be inverse of what it should be.
Compare was added as response to hardware bug, where bssid-list does
not contain BSSID and other information of currently connected AP
(spec insists that device must provide this information in the list
when connected). Lack bssid-data on current connection then causes
WARN_ON somewhere in cfg80211. Workaround was to check if bssid-list
returns current bssid and if it does not, manually construct bssid
information in other ways. And this workaround worked, with inverse
check. Which must mean that when hardware is experiencing the problem,
it's actually returning empty bssid-list and this check didn't make
any difference for workaround.
However inverse check causes workaround be activated when bssid-list
returns only entry, currently connected BSSID. That does not cause
problems in itself, just slightly more inaccurate information in
scan-list.
Cc: Joe Perches <joe@perches.com>
Cc: David S. Miller <davem@davemloft.net>
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@mbnet.fi>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Mohammed Shafi Shajakhan [Wed, 6 Jun 2012 05:03:42 +0000 (10:33 +0530)]
ath9k: remove incompatible IBSS interface check in change_iface
'cfg80211: fix interface combinations' ensures that if an interface
type is not advertised by the driver in any of the interface combinations
(via ieee80211_iface_combination) then it shall be treated as a single
incompatible interface. if there are more than one interfaces present
and changing them to incompatible interface type is not possible.
These checks will be properly handled by cfg80211_change_iface ->
cfg80211_can_change_interface.
this patch is dependent on 'cfg80211: fix interface combinations'
Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Mohammed Shafi Shajakhan [Wed, 6 Jun 2012 05:03:10 +0000 (10:33 +0530)]
ath9k: Fix a WARNING on suspend/resume with IBSS
this patch is dependent on the patch "cfg80211: fix interface
combinations"
In ath9k currently we have ADHOC interface as a single incompatible
interface. when drv_add_interface is called during resume we got to
consider number of vifs already present in addition to checking the
drivers 'opmode' information about ADHOC. we incorrectly assume
an ADHOC interface is already present. Then we may miss some driver
specific data for the ADHOC interface after resume.
The above mentioned checks can be removed from the driver,
as the patch 'cfg80211: fix interface combinations' ensures that
if an interface type is not advertised by the driver in any of the
interface combinations(via ieee80211_iface_combination) then it shall
be treated as a single incompatible interface. Fixes the following
warning on suspend/resume with ibss interface.
ath: phy0: Cannot create ADHOC interface when other
interfaces already exist.
WARNING: at net/mac80211/driver-ops.h:12
ieee80211_reconfig+0x1882/0x1ca0 [mac80211]()
Hardware name: 2842RK1
wlan2: Failed check-sdata-in-driver check, flags: 0x0
Call Trace:
[<
c01361b2>] warn_slowpath_common+0x72/0xa0
[<
f8aaa7c2>] ? ieee80211_reconfig+0x1882/0x1ca0
[mac80211]
[<
f8aaa7c2>] ? ieee80211_reconfig+0x1882/0x1ca0
[mac80211]
[<
c0136283>] warn_slowpath_fmt+0x33/0x40
[<
f8aaa7c2>] ieee80211_reconfig+0x1882/0x1ca0 [mac80211]
[<
c06c1d1a>] ? mutex_lock_nested+0x23a/0x2f0
[<
f8a95097>] ieee80211_resume+0x27/0x70 [mac80211]
[<
fd177edf>] wiphy_resume+0x8f/0xa0 [cfg80211]
Cc: stable@vger.kernel.org
Cc: Rajkumar Manoharan <rmanohar@qca.qualcomm.com>
Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Marek Vasut [Fri, 8 Jun 2012 12:32:50 +0000 (14:32 +0200)]
Bluetooth: Support AR3011 in Acer Iconia Tab W500
Acer used this chip connected via USB:
Bus 005 Device 005: ID 0cf3:3005 Atheros Communications, Inc. AR3011 Bluetooth
Device Descriptor:
bLength 18
bDescriptorType 1
bcdUSB 1.10
bDeviceClass 224 Wireless
bDeviceSubClass 1 Radio Frequency
bDeviceProtocol 1 Bluetooth
bMaxPacketSize0 64
idVendor 0x0cf3 Atheros Communications, Inc.
idProduct 0x3005 AR3011 Bluetooth
bcdDevice 0.01
iManufacturer 0
iProduct 0
iSerial 0
bNumConfigurations 1
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Gustavo Padovan <gustavo@padovan.org>
Cc: Johan Hedberg <johan.hedberg@gmail.com>
Cc: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Michal Kazior [Fri, 8 Jun 2012 08:55:44 +0000 (10:55 +0200)]
cfg80211: check iface combinations only when iface is running
Don't validate interface combinations on a stopped
interface. Otherwise we might end up being able to
create a new interface with a certain type, but
won't be able to change an existing interface
into that type.
This also skips some other functions when
interface is stopped and changing interface type.
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Sat, 9 Jun 2012 08:31:09 +0000 (10:31 +0200)]
mac80211: add some missing kernel-doc
Add a few kernel-doc descriptions that were missed
during development.
Reported-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johan Hedberg [Fri, 8 Jun 2012 15:31:13 +0000 (23:31 +0800)]
Bluetooth: Add support for encryption key refresh
With LE/SMP the completion of a security level elavation from medium to
high is indicated by a HCI Encryption Key Refresh Complete event. The
necessary behavior upon receiving this event is a mix of what's done for
auth_complete and encryption_change, which is also where most of the
event handling code has been copied from.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Stanislaw Gruszka [Thu, 7 Jun 2012 12:47:21 +0000 (14:47 +0200)]
mac80211: add back channel change flag
commit
24398e39c8ee4a9d9123eed322b859ece4d16cac
Author: Johannes Berg <johannes.berg@intel.com>
Date: Wed Mar 28 10:58:36 2012 +0200
mac80211: set HT channel before association
removed IEEE80211_CONF_CHANGE_CHANNEL argument from ieee80211_hw_config,
which is required by iwl4965 driver, otherwise that driver does not
configure channel properly and is not able to associate.
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Sasha Levin [Wed, 6 Jun 2012 21:02:55 +0000 (23:02 +0200)]
NFC: Fix possible NULL ptr deref when getting the name of a socket
llcp_sock_getname() might get called before the LLCP socket was created.
This condition isn't checked, and llcp_sock_getname will simply deref a
NULL ptr in that case.
This exists starting with
d646960 ("NFC: Initial LLCP support").
Signed-off-by: Sasha Levin <levinsasha928@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Emmanuel Grumbach [Wed, 6 Jun 2012 11:55:02 +0000 (13:55 +0200)]
iwlwifi: disable the buggy chain extension feature in HW
This feature has been reported to be buggy and enabled by
default. We therefore need to disable it manually.
Cc: stable@vger.kernel.org
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Emmanuel Grumbach [Wed, 6 Jun 2012 07:13:36 +0000 (09:13 +0200)]
iwlwifi: don't mess up the SCD when removing a key
When we remove a key, we put a key index which was supposed
to tell the fw that we are actually removing the key. But
instead the fw took that index as a valid index and messed
up the SRAM of the device.
This memory corruption on the device mangled the data of
the SCD. The impact on the user is that SCD queue 2 got
stuck after having removed keys.
The message is the log that was printed is:
Queue 2 stuck for 10000ms
This doesn't seem to fix the higher queues that get stuck
from time to time.
Cc: stable@vger.kernel.org [2.6.27+]
Reviewed-by: Meenakshi Venkataraman <meenakshi.venkataraman@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Hauke Mehrtens [Tue, 5 Jun 2012 18:58:20 +0000 (20:58 +0200)]
bcma: fix null pointer in bcma_core_pci_irq_ctl
pc could be null if hosttype != BCMA_HOSTTYPE_PCI.
If we are on a device without a pci core this function is called with
pc = null by b43 and brcmsmac. If the host type is PCI we have a pci
core as well and pc can not be null.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Oleksij Rempel [Tue, 5 Jun 2012 18:39:32 +0000 (20:39 +0200)]
b43: do not call ieee80211_unregister_hw if we are not registred
this patch fixes kernel Oops on "rmmod b43" if firmware was not loaded:
BUG: unable to handle kernel NULL pointer dereference at
0000000000000088
IP: [<
ffffffff8104e988>] drain_workqueue+0x25/0x142
PGD
153ac6067 PUD
153b82067 PMD 0
Oops: 0000 [#1] SMP
Signed-off-by: Oleksij Rempel <bug-track@fisher-privat.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Meenakshi Venkataraman [Tue, 5 Jun 2012 18:24:37 +0000 (20:24 +0200)]
iwlwifi: use correct supported firmware for 6035 and 6000g2
My patch
iwlwifi: use correct released ucode version
did not correctly report supported firmware
for the 6035 device. This patch fixes it. The
minimum supported firmware version for 6035
is v6.
Also correct the minimum supported firmware
version for the 6000g2 series of devices.
Cc: stable@kernel.org
Signed-off-by: Meenakshi Venkataraman <meenakshi.venkataraman@intel.com>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Tue, 5 Jun 2012 13:42:55 +0000 (15:42 +0200)]
wireless: add my new trees to MAINTAINERS
Add my new trees to the MAINTAINERS file
for the components that I maintain in the
new trees.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Qasim Javed [Tue, 5 Jun 2012 06:25:44 +0000 (01:25 -0500)]
mac80211_hwsim: Set IEEE80211_STAT_ACK flag when userspace indicates that the frame has been acknowledged.
The station fail average is not updated correctly since the
IEEE80211_STAT_ACK flag is not set when using wmediumd with
mac80211_hwsim. Set this flag when wmediumd indicates that the frame
was successfully transmitted (eventually).
Signed-off-by: Qasim Javed <qasimj@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Stanislaw Gruszka [Wed, 16 May 2012 09:06:21 +0000 (11:06 +0200)]
rtl8187: ->brightness_set can not sleep
Fix:
BUG: sleeping function called from invalid context at kernel/workqueue.c:2547
in_atomic(): 1, irqs_disabled(): 0, pid: 629, name: wpa_supplicant
2 locks held by wpa_supplicant/629:
#0: (rtnl_mutex){+.+.+.}, at: [<
c08b2b84>] rtnl_lock+0x14/0x20
#1: (&trigger->leddev_list_lock){.+.?..}, at: [<
c0867f41>] led_trigger_event+0x21/0x80
Pid: 629, comm: wpa_supplicant Not tainted 3.3.0-0.rc3.git5.1.fc17.i686
Call Trace:
[<
c046a9f6>] __might_sleep+0x126/0x1d0
[<
c0457d6c>] wait_on_work+0x2c/0x1d0
[<
c045a09a>] __cancel_work_timer+0x6a/0x120
[<
c045a160>] cancel_delayed_work_sync+0x10/0x20
[<
f7dd3c22>] rtl8187_led_brightness_set+0x82/0xf0 [rtl8187]
[<
c0867f7c>] led_trigger_event+0x5c/0x80
[<
f7ff5e6d>] ieee80211_led_radio+0x1d/0x40 [mac80211]
[<
f7ff3583>] ieee80211_stop_device+0x13/0x230 [mac80211]
Removing _sync is ok, because if led_on work is currently running
it will be finished before led_off work start to perform, since
they are always queued on the same mac80211 local->workqueue.
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=795176
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Acked-by: Larry Finger <Larry.Finger@lwfinger.net>
Acked-by: Hin-Tak Leung <htl10@users.sourceforge.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Stanislav Yakovlev [Mon, 14 May 2012 23:06:19 +0000 (19:06 -0400)]
net/wireless: ipw2100: Fix WARN_ON occurring in wiphy_register called by ipw2100_pci_init_one
The problem was found by Larry Finger:
http://marc.info/?l=linux-wireless&m=
133702401700614&w=2
The problem is identical to the one for ipw2200 which is already fixed:
http://marc.info/?l=linux-wireless&m=
133457257407196&w=2
[ 17.766431] ------------[ cut here ]------------
[ 17.766467] WARNING: at net/wireless/core.c:562 wiphy_register+0x34c/0x3c0 [cfg80211]()
[ 17.766471] Hardware name: Latitude D600
[ 17.766474] Modules linked in: ipw2100(+) libipw pcmcia cfg80211 ppdev parport_pc yenta_socket sr_mod pcmcia_rsrc parport iTCO_wdt cdrom sg rfkill pcmcia_
core lib80211 tg3 video button battery ac iTCO_vendor_support joydev shpchp pcspkr pciehp pci_hotplug autofs4 radeon ttm drm_kms_helper uhci_hcd ehci_hcd rtc
_cmos thermal drm hwmon i2c_algo_bit i2c_core processor usbcore usb_common ata_generic ata_piix ahci libahci libata
[ 17.766525] Pid: 474, comm: modprobe Not tainted 3.4.0-rc7-wl+ #6
[ 17.766528] Call Trace:
[ 17.766541] [<
c066ad08>] ? printk+0x28/0x2a
[ 17.766552] [<
c0230edd>] warn_slowpath_common+0x6d/0xa0
[ 17.766563] [<
e0b253bc>] ? wiphy_register+0x34c/0x3c0 [cfg80211]
[ 17.766573] [<
e0b253bc>] ? wiphy_register+0x34c/0x3c0 [cfg80211]
[ 17.766578] [<
c0230f2d>] warn_slowpath_null+0x1d/0x20
[ 17.766588] [<
e0b253bc>] wiphy_register+0x34c/0x3c0 [cfg80211]
[ 17.766605] [<
e0b5b0d6>] ipw2100_wdev_init+0x196/0x1c0 [ipw2100]
[ 17.766616] [<
e0b5d962>] ipw2100_pci_init_one+0x2b2/0x694 [ipw2100]
[ 17.766632] [<
c047ce52>] local_pci_probe+0x42/0xb0
[ 17.766637] [<
c047e2b0>] pci_device_probe+0x60/0x90
[ 17.766645] [<
c0376de2>] ? sysfs_create_link+0x12/0x20
[ 17.766654] [<
c050f1f6>] really_probe+0x56/0x2e0
[ 17.766659] [<
c037636d>] ? create_dir+0x5d/0xa0
[ 17.766667] [<
c0518c6b>] ? pm_runtime_barrier+0x3b/0xa0
[ 17.766672] [<
c050f5e4>] driver_probe_device+0x44/0xa0
[ 17.766677] [<
c047e227>] ? pci_match_device+0x97/0xa0
[ 17.766681] [<
c050f6c9>] __driver_attach+0x89/0x90
[ 17.766686] [<
c050f640>] ? driver_probe_device+0xa0/0xa0
[ 17.766691] [<
c050da2a>] bus_for_each_dev+0x3a/0x70
[ 17.766695] [<
c050ee6c>] driver_attach+0x1c/0x30
[ 17.766699] [<
c050f640>] ? driver_probe_device+0xa0/0xa0
[ 17.766704] [<
c050ea77>] bus_add_driver+0x187/0x280
[ 17.766710] [<
c045b9cd>] ? kset_find_obj+0x2d/0x60
[ 17.766715] [<
c047e2e0>] ? pci_device_probe+0x90/0x90
[ 17.766719] [<
c047e2e0>] ? pci_device_probe+0x90/0x90
[ 17.766724] [<
c050fb85>] driver_register+0x65/0x110
[ 17.766729] [<
c047e09d>] __pci_register_driver+0x3d/0xa0
[ 17.766738] [<
e09f705c>] ipw2100_init+0x5c/0x1000 [ipw2100]
[ 17.766743] [<
c020110f>] do_one_initcall+0x2f/0x170
[ 17.766749] [<
e09f7000>] ? 0xe09f6fff
[ 17.766757] [<
c0287ce8>] sys_init_module+0xa8/0x210
[ 17.766766] [<
c067a075>] syscall_call+0x7/0xb
[ 17.766769] ---[ end trace
559898c6bb0d1c75 ]---
[ 17.767093] ipw2100: probe of 0000:02:03.0 failed with error -5
This warning appears only if we apply Ben Hutchings' fix
http://marc.info/?l=linux-wireless&m=
132720204412667&w=2
for the bug reported by Cesare Leonardi
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=656813
with cfg80211 warning during device registration
("cfg80211: failed to add phy80211 symlink to netdev!").
We separate device bring up and registration with network stack
to avoid the problem.
Signed-off-by: Stanislav Yakovlev <stas.yakovlev@gmail.com>
Tested-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johan Hedberg [Thu, 7 Jun 2012 06:58:37 +0000 (14:58 +0800)]
Bluetooth: Fix SMP security elevation from medium to high
If we have an unauthenticated key it is not sufficient to acheive high
security. Therefore, when deciding whether to encrypt the link or
request pairing, it is essential to in addition to checking the
existence of a key to also check whether it is authenticated or not.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Johan Hedberg [Wed, 6 Jun 2012 10:44:11 +0000 (18:44 +0800)]
Bluetooth: Fix deadlock and crash when SMP pairing times out
The l2cap_conn_del function tries to cancel_sync the security timer, but
when it's called from the timeout function itself a deadlock occurs.
Subsequently the "hcon->l2cap_data = NULL" that's supposed to protect
multiple calls to l2cap_conn_del never gets cleared and when the
connection finally drops we double free's etc which will crash the
kernel.
This patch fixes the issue by using the HCI_CONN_LE_SMP_PEND for
protecting against this. The same flag is also used for the same purpose
in other places in the SMP code.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Vishal Agarwal [Thu, 7 Jun 2012 14:57:35 +0000 (20:27 +0530)]
Bluetooth: Fix LE pairing completion on connection failure
For BR/EDR pairing is assumed to be finished when connection is
done. For LE if connection is successful it did not necessarily
mean that pairing is also done but if the connection is unsuccessful
it should be assumed that pairing procedure is also finished.
This patch registers a new function with connect_cfm_cb callback for
LE link which sends the pairing complete signal to user space if
connection is unsuccessful.
Signed-off-by: Vishal Agarwal <vishal.agarwal@stericsson.com>
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Johan Hedberg [Wed, 6 Jun 2012 10:54:15 +0000 (18:54 +0800)]
Bluetooth: Fix SMP pairing method selection
The tk_request function takes the local IO capability as the second last
parameter and the remote IO capability as the last parameter. They were
previously swapped: when we receive a pairing response
req->io_capability contains the local one and rsp->io_capability the
remote one.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
John W. Linville [Wed, 6 Jun 2012 17:57:05 +0000 (13:57 -0400)]
Merge branch 'master' of git://git./linux/kernel/git/bluetooth/bluetooth
Johannes Berg [Tue, 5 Jun 2012 10:16:50 +0000 (12:16 +0200)]
cfg80211: fix interface combinations check
If a given interface combination doesn't contain
a required interface type then we missed checking
that and erroneously allowed it even though iface
type wasn't there at all. Add a check that makes
sure that all interface types are accounted for.
Cc: stable@kernel.org
Reported-by: Mohammed Shafi Shajakhan <mohammed@qca.qualcomm.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Tue, 5 Jun 2012 07:38:35 +0000 (09:38 +0200)]
iwlwifi: unregister LEDs if mac80211 registration fails
Otherwise the LEDs stick around and cause issues the
next time around since they're still there but not
really hooked up.
Cc: stable@kernel.org
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Tue, 5 Jun 2012 17:56:06 +0000 (19:56 +0200)]
iwlwifi: fix double free/complete in firmware loading
Linus reported that due to mac80211 failing to register
the device (due to WoWLAN) his machine crashed etc. as
we double-freed the vmalloc() firmware area. His patch
to fix it was very similar to this one but I noticed
that there's another bug in the area: we complete the
completion before starting, so since we're running in
a work struct context stop() could be called while in
the middle of start() which will almost certainly lead
to issues.
Make a modification similar to his to avoid the double-
free but also move the completion to another spot so it
is only done after start() either finished or failed so
that stop() can have a consistent state.
Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Vinicius Costa Gomes [Fri, 1 Jun 2012 01:53:39 +0000 (22:53 -0300)]
Bluetooth: Fix checking the wrong flag when accepting a socket
Most probably a typo, the check should have been for BT_SK_DEFER_SETUP
instead of BT_DEFER_SETUP (which right now only represents a socket
option).
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Acked-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Johannes Berg [Mon, 4 Jun 2012 11:43:11 +0000 (13:43 +0200)]
iwlwifi: disable WoWLAN if !CONFIG_PM_SLEEP
If CONFIG_PM_SLEEP is disabled, then iwlwifi doesn't
support suspend/resume handlers and thus mac80211
(correctly) refuses advertising WoWLAN. Disable
WoWLAN in the driver in this case.
Cc: stable@kernel.org
Reported-by: Sebastian Kemper <sebastian_ml@gmx.net>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Arik Nemtsov [Sun, 3 Jun 2012 20:32:32 +0000 (23:32 +0300)]
mac80211: fix non RCU-safe sta_list manipulation
sta_info_cleanup locks the sta_list using rcu_read_lock however
the delete operation isn't rcu safe. A race between sta_info_cleanup
timer being called and a STA being removed can occur which leads
to a panic while traversing sta_list. Fix this by switching to the
RCU-safe versions.
Cc: stable@vger.kernel.org
Reported-by: Eyal Shapira <eyal@wizery.com>
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Seth Forshee [Fri, 1 Jun 2012 14:13:17 +0000 (09:13 -0500)]
bcma: add ext PA workaround for BCM4331 and BCM43431
MacBook Pro models with BCM4331 wireless have been found to have the ext
PA lines disabled after resuming from S3 without external power attach.
This causes them to be unable to transmit. Add a workaround to ensure
that the ext PA lines are enabled on BCM4331. Also extend all handling
of ext PA line muxing to BCM43431 as is done in the Broadcom SDK.
BugLink: http://bugs.launchpad.net/bugs/925577
Cc: Arend van Spriel <arend@broadcom.com>
Cc: Hauke Mehrtens <hauke@hauke-m.de>
Cc: stable@vger.kernel.org
Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Stanislaw Gruszka [Fri, 1 Jun 2012 09:29:40 +0000 (11:29 +0200)]
rt2x00: use atomic variable for seqno
Remove spinlock as atomic_t can be used instead. Note we use only 16
lower bits, upper bits are changed but we impilcilty cast to u16.
This fix possible deadlock on IBSS mode reproted by lockdep:
=================================
[ INFO: inconsistent lock state ]
3.4.0-wl+ #4 Not tainted
---------------------------------
inconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage.
kworker/u:2/30374 [HC0[0]:SC0[0]:HE1:SE1] takes:
(&(&intf->seqlock)->rlock){+.?...}, at: [<
f9979a20>] rt2x00queue_create_tx_descriptor+0x380/0x490 [rt2x00lib]
{IN-SOFTIRQ-W} state was registered at:
[<
c04978ab>] __lock_acquire+0x47b/0x1050
[<
c0498504>] lock_acquire+0x84/0xf0
[<
c0835733>] _raw_spin_lock+0x33/0x40
[<
f9979a20>] rt2x00queue_create_tx_descriptor+0x380/0x490 [rt2x00lib]
[<
f9979f2a>] rt2x00queue_write_tx_frame+0x1a/0x300 [rt2x00lib]
[<
f997834f>] rt2x00mac_tx+0x7f/0x380 [rt2x00lib]
[<
f98fe363>] __ieee80211_tx+0x1b3/0x300 [mac80211]
[<
f98ffdf5>] ieee80211_tx+0x105/0x130 [mac80211]
[<
f99000dd>] ieee80211_xmit+0xad/0x100 [mac80211]
[<
f9900519>] ieee80211_subif_start_xmit+0x2d9/0x930 [mac80211]
[<
c0782e87>] dev_hard_start_xmit+0x307/0x660
[<
c079bb71>] sch_direct_xmit+0xa1/0x1e0
[<
c0784bb3>] dev_queue_xmit+0x183/0x730
[<
c078c27a>] neigh_resolve_output+0xfa/0x1e0
[<
c07b436a>] ip_finish_output+0x24a/0x460
[<
c07b4897>] ip_output+0xb7/0x100
[<
c07b2d60>] ip_local_out+0x20/0x60
[<
c07e01ff>] igmpv3_sendpack+0x4f/0x60
[<
c07e108f>] igmp_ifc_timer_expire+0x29f/0x330
[<
c04520fc>] run_timer_softirq+0x15c/0x2f0
[<
c0449e3e>] __do_softirq+0xae/0x1e0
irq event stamp:
18380437
hardirqs last enabled at (
18380437): [<
c0526027>] __slab_alloc.clone.3+0x67/0x5f0
hardirqs last disabled at (
18380436): [<
c0525ff3>] __slab_alloc.clone.3+0x33/0x5f0
softirqs last enabled at (
18377616): [<
c0449eb3>] __do_softirq+0x123/0x1e0
softirqs last disabled at (
18377611): [<
c041278d>] do_softirq+0x9d/0xe0
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(&(&intf->seqlock)->rlock);
<Interrupt>
lock(&(&intf->seqlock)->rlock);
*** DEADLOCK ***
4 locks held by kworker/u:2/30374:
#0: (wiphy_name(local->hw.wiphy)){++++.+}, at: [<
c045cf99>] process_one_work+0x109/0x3f0
#1: ((&sdata->work)){+.+.+.}, at: [<
c045cf99>] process_one_work+0x109/0x3f0
#2: (&ifibss->mtx){+.+.+.}, at: [<
f98f005b>] ieee80211_ibss_work+0x1b/0x470 [mac80211]
#3: (&intf->beacon_skb_mutex){+.+...}, at: [<
f997a644>] rt2x00queue_update_beacon+0x24/0x50 [rt2x00lib]
stack backtrace:
Pid: 30374, comm: kworker/u:2 Not tainted 3.4.0-wl+ #4
Call Trace:
[<
c04962a6>] print_usage_bug+0x1f6/0x220
[<
c0496a12>] mark_lock+0x2c2/0x300
[<
c0495ff0>] ? check_usage_forwards+0xc0/0xc0
[<
c04978ec>] __lock_acquire+0x4bc/0x1050
[<
c0527890>] ? __kmalloc_track_caller+0x1c0/0x1d0
[<
c0777fb6>] ? copy_skb_header+0x26/0x90
[<
c0498504>] lock_acquire+0x84/0xf0
[<
f9979a20>] ? rt2x00queue_create_tx_descriptor+0x380/0x490 [rt2x00lib]
[<
c0835733>] _raw_spin_lock+0x33/0x40
[<
f9979a20>] ? rt2x00queue_create_tx_descriptor+0x380/0x490 [rt2x00lib]
[<
f9979a20>] rt2x00queue_create_tx_descriptor+0x380/0x490 [rt2x00lib]
[<
f997a5cf>] rt2x00queue_update_beacon_locked+0x5f/0xb0 [rt2x00lib]
[<
f997a64d>] rt2x00queue_update_beacon+0x2d/0x50 [rt2x00lib]
[<
f9977e3a>] rt2x00mac_bss_info_changed+0x1ca/0x200 [rt2x00lib]
[<
f9977c70>] ? rt2x00mac_remove_interface+0x70/0x70 [rt2x00lib]
[<
f98e4dd0>] ieee80211_bss_info_change_notify+0xe0/0x1d0 [mac80211]
[<
f98ef7b8>] __ieee80211_sta_join_ibss+0x3b8/0x610 [mac80211]
[<
c0496ab4>] ? mark_held_locks+0x64/0xc0
[<
c0440012>] ? virt_efi_query_capsule_caps+0x12/0x50
[<
f98efb09>] ieee80211_sta_join_ibss+0xf9/0x140 [mac80211]
[<
f98f0456>] ieee80211_ibss_work+0x416/0x470 [mac80211]
[<
c0496d8b>] ? trace_hardirqs_on+0xb/0x10
[<
c077683b>] ? skb_dequeue+0x4b/0x70
[<
f98f207f>] ieee80211_iface_work+0x13f/0x230 [mac80211]
[<
c045cf99>] ? process_one_work+0x109/0x3f0
[<
c045d015>] process_one_work+0x185/0x3f0
[<
c045cf99>] ? process_one_work+0x109/0x3f0
[<
f98f1f40>] ? ieee80211_teardown_sdata+0xa0/0xa0 [mac80211]
[<
c045ed86>] worker_thread+0x116/0x270
[<
c045ec70>] ? manage_workers+0x1e0/0x1e0
[<
c0462f64>] kthread+0x84/0x90
[<
c0462ee0>] ? __init_kthread_worker+0x60/0x60
[<
c083d382>] kernel_thread_helper+0x6/0x10
Cc: stable@vger.kernel.org
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Acked-by: Helmut Schaa <helmut.schaa@googlemail.com>
Acked-by: Gertjan van Wingerde <gwingerde@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Joe Perches [Wed, 30 May 2012 20:25:56 +0000 (13:25 -0700)]
brcmfmac: Fix likely misuse of | for &
Using | with a constant is always true.
Likely this should have be &.
Signed-off-by: Joe Perches <joe@perches.com>
Acked-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Joe Perches [Wed, 30 May 2012 20:25:54 +0000 (13:25 -0700)]
mac80211: Fix likely misuse of | for &
Using | with a constant is always true.
Likely this should have be &.
cc: Ben Greear <greearb@candelatech.com>
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Felix Fietkau [Wed, 30 May 2012 13:32:24 +0000 (15:32 +0200)]
mac80211: add missing rcu_read_lock/unlock in agg-rx session timer
Fixes a lockdep warning:
===================================================
[ INFO: suspicious rcu_dereference_check() usage. ]
---------------------------------------------------
net/mac80211/agg-rx.c:148 invoked rcu_dereference_check() without protection!
other info that might help us debug this:
rcu_scheduler_active = 1, debug_locks = 1
1 lock held by arecord/11226:
#0: (&tid_agg_rx->session_timer){+.-...}, at: [<
ffffffff81066bb0>] call_timer_fn+0x0/0x360
stack backtrace:
Pid: 11226, comm: arecord Not tainted 3.1.0-kml #16
Call Trace:
<IRQ> [<
ffffffff81093454>] lockdep_rcu_dereference+0xa4/0xc0
[<
ffffffffa02778c9>] sta_rx_agg_session_timer_expired+0xc9/0x110 [mac80211]
[<
ffffffffa0277800>] ? ieee80211_process_addba_resp+0x220/0x220 [mac80211]
[<
ffffffff81066c3a>] call_timer_fn+0x8a/0x360
[<
ffffffff81066bb0>] ? init_timer_deferrable_key+0x30/0x30
[<
ffffffff81477bb0>] ? _raw_spin_unlock_irq+0x30/0x70
[<
ffffffff81067049>] run_timer_softirq+0x139/0x310
[<
ffffffff81091d5e>] ? put_lock_stats.isra.25+0xe/0x40
[<
ffffffff810922ac>] ? lock_release_holdtime.part.26+0xdc/0x160
[<
ffffffffa0277800>] ? ieee80211_process_addba_resp+0x220/0x220 [mac80211]
[<
ffffffff8105cb78>] __do_softirq+0xc8/0x3c0
[<
ffffffff8108f088>] ? tick_dev_program_event+0x48/0x110
[<
ffffffff8108f16f>] ? tick_program_event+0x1f/0x30
[<
ffffffff81153b15>] ? putname+0x35/0x50
[<
ffffffff8147a43c>] call_softirq+0x1c/0x30
[<
ffffffff81004c55>] do_softirq+0xa5/0xe0
[<
ffffffff8105d1ee>] irq_exit+0xae/0xe0
[<
ffffffff8147ac6b>] smp_apic_timer_interrupt+0x6b/0x98
[<
ffffffff81479ab3>] apic_timer_interrupt+0x73/0x80
<EOI> [<
ffffffff8146aac6>] ? free_debug_processing+0x1a1/0x1d5
[<
ffffffff81153b15>] ? putname+0x35/0x50
[<
ffffffff8146ab2b>] __slab_free+0x31/0x2ca
[<
ffffffff81477c3a>] ? _raw_spin_unlock_irqrestore+0x4a/0x90
[<
ffffffff81253b8f>] ? __debug_check_no_obj_freed+0x15f/0x210
[<
ffffffff81097054>] ? lock_release_nested+0x84/0xc0
[<
ffffffff8113ec55>] ? kmem_cache_free+0x105/0x250
[<
ffffffff81153b15>] ? putname+0x35/0x50
[<
ffffffff81153b15>] ? putname+0x35/0x50
[<
ffffffff8113ed8f>] kmem_cache_free+0x23f/0x250
[<
ffffffff81153b15>] putname+0x35/0x50
[<
ffffffff81146d8d>] do_sys_open+0x16d/0x1d0
[<
ffffffff81146e10>] sys_open+0x20/0x30
[<
ffffffff81478f42>] system_call_fastpath+0x16/0x1b
Reported-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Thu, 31 May 2012 13:09:27 +0000 (15:09 +0200)]
mac80211: clean up remain-on-channel on interface stop
When any interface goes down, it could be the one that we
were doing a remain-on-channel with. We therefore need to
cancel the remain-on-channel and flush the related work
structs so they don't run after the interface has been
removed or even destroyed.
It's also possible in this case that an off-channel SKB
was never transmitted, so free it if this is the case.
Note that this can also happen if the driver finishes
the off-channel period without ever starting it.
Cc: stable@kernel.org
Reported-by: Nirav Shah <nirav.j2.shah@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Wed, 30 May 2012 12:59:36 +0000 (14:59 +0200)]
mac80211_hwsim: advertise interface combinations
Enforcing interface combinations broke uses of hwsim
with multiple virtual interfaces. Advertise that all
combinations are possible to fix this.
Reported-by: Nirav Shah <nirav.j2.shah@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Meenakshi Venkataraman [Wed, 30 May 2012 09:39:33 +0000 (11:39 +0200)]
mac80211: fix error in station state transitions during reconfig
As part of hardware reconfig mac80211 tries
to restore the station state to its values
before the hardware reconfig, but it only
goes to the last-state - 1. Fix this
off-by-one error.
Cc: stable@kernel.org [3.4]
Signed-off-by: Meenakshi Venkataraman <meenakshi.venkataraman@intel.com>
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Wed, 30 May 2012 08:36:12 +0000 (10:36 +0200)]
iwlwifi: fix TX power antenna access
Since my commit
iwlwifi: use valid TX/RX antenna from hw_params
the config values are pure overrides, not the
real values for all hardware. Therefore, the
EEPROM TX power reading code checks the wrong
values, it should check the hw_params values.
Cc: stable@kernel.org [3.4]
Reviewed-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Chun-Yeow Yeoh [Wed, 30 May 2012 01:30:41 +0000 (09:30 +0800)]
mac80211: Fix Unreachable Mesh Station Problem when joining to another MBSS
Mesh station that joins an MBSS is reachable using mesh portal with 6
address frame by mesh stations from another MBSS if these two different
MBSSes are bridged. However, if the mesh station later moves into the
same MBSS of those mesh stations, it is unreachable by mesh stations
in the MBSS due to the mpp_paths table is not deleted. A quick fix
is to perform mesh_path_lookup, if it is available for the target
destination, mpp_path_lookup is not performed. When the mesh station
moves back to its original MBSS, the mesh_paths will be deleted once
expired. So, it will be reachable using mpp_path_lookup again.
Signed-off-by: Chun-Yeow Yeoh <yeohchunyeow@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Amitkumar Karwar [Tue, 29 May 2012 22:39:06 +0000 (15:39 -0700)]
cfg80211: use sme_state in ibss start/join path
CFG80211_DEV_WARN_ON() at "net/wireless/ibss.c line 63"
is unnecessarily triggered even after successful connection,
when cfg80211_ibss_joined() is called by driver inside
.join_ibss handler.
This patch fixes the problem by changing 'sme_state' in ibss path
and having WARN_ON() check for 'sme_state' similar to infra
association.
Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Avinash Patil [Tue, 29 May 2012 22:39:05 +0000 (15:39 -0700)]
mwifiex: support NL80211_HIDDEN_SSID_ZERO_LEN for uAP
mwifiex uAP supports NL80211_HIDDEN_SSID_ZERO_LEN type of hidden
SSID only. NL80211_HIDDEN_SSID_ZERO_CONTENTS is not supported.
Signed-off-by: Avinash Patil <patila@marvell.com>
Signed-off-by: Kiran Divekar <dkiran@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Avinash Patil [Tue, 29 May 2012 22:39:04 +0000 (15:39 -0700)]
mwifiex: invalidate bss config before setting channel for uAP
Mark bss_config parameters as invalid before setting AP channel.
This prevents from setting invalid parameters while setting AP
channel to FW.
Signed-off-by: Avinash Patil <patila@marvell.com>
Signed-off-by: Kiran Divekar <dkiran@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Stanislaw Gruszka [Wed, 16 May 2012 13:27:20 +0000 (15:27 +0200)]
mac80211: run scan after finish connection monitoring
commit
133d40f9a22bdfd2617a446f1e3209537c5415ec
Author: Stanislaw Gruszka <sgruszka@redhat.com>
Date: Wed Mar 28 16:01:19 2012 +0200
mac80211: do not scan and monitor connection in parallel
add bug, which make possible to start a scan and never finish it, so
make every new scanning request finish with -EBUSY error. This can
happen on code paths where we finish connection monitoring and clear
IEEE80211_STA_*_POLL flags, but do not check if scan was deferred.
This patch fixes those code paths.
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Linus Torvalds [Sun, 3 Jun 2012 01:29:26 +0000 (18:29 -0700)]
Linux 3.5-rc1
Linus Torvalds [Sun, 3 Jun 2012 00:39:40 +0000 (17:39 -0700)]
Merge tag 'dm-3.5-changes-1' of git://git./linux/kernel/git/agk/linux-dm
Pull device-mapper updates from Alasdair G Kergon:
"Improve multipath's retrying mechanism in some defined circumstances
and provide a simple reserve/release mechanism for userspace tools to
access thin provisioning metadata while the pool is in use."
* tag 'dm-3.5-changes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/agk/linux-dm:
dm thin: provide userspace access to pool metadata
dm thin: use slab mempools
dm mpath: allow ioctls to trigger pg init
dm mpath: delay retry of bypassed pg
dm mpath: reduce size of struct multipath
Joe Thornber [Sat, 2 Jun 2012 23:30:01 +0000 (00:30 +0100)]
dm thin: provide userspace access to pool metadata
This patch implements two new messages that can be sent to the thin
pool target allowing it to take a snapshot of the _metadata_. This,
read-only snapshot can be accessed by userland, concurrently with the
live target.
Only one metadata snapshot can be held at a time. The pool's status
line will give the block location for the current msnap.
Since version 0.1.5 of the userland thin provisioning tools, the
thin_dump program displays the msnap as follows:
thin_dump -m <msnap root> <metadata dev>
Available here: https://github.com/jthornber/thin-provisioning-tools
Now that userland can access the metadata we can do various things
that have traditionally been kernel side tasks:
i) Incremental backups.
By using metadata snapshots we can work out what blocks have
changed over time. Combined with data snapshots we can ensure
the data doesn't change while we back it up.
A short proof of concept script can be found here:
https://github.com/jthornber/thinp-test-suite/blob/master/incremental_backup_example.rb
ii) Migration of thin devices from one pool to another.
iii) Merging snapshots back into an external origin.
iv) Asyncronous replication.
Signed-off-by: Joe Thornber <ejt@redhat.com>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
Mike Snitzer [Sat, 2 Jun 2012 23:30:00 +0000 (00:30 +0100)]
dm thin: use slab mempools
Use dedicated caches prefixed with a "dm_" name rather than relying on
kmalloc mempools backed by generic slab caches so the memory usage of
thin provisioning (and any leaks) can be accounted for independently.
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
Mikulas Patocka [Sat, 2 Jun 2012 23:29:58 +0000 (00:29 +0100)]
dm mpath: allow ioctls to trigger pg init
After the failure of a group of paths, any alternative paths that
need initialising do not become available until further I/O is sent to
the device. Until this has happened, ioctls return -EAGAIN.
With this patch, new paths are made available in response to an ioctl
too. The processing of the ioctl gets delayed until this has happened.
Instead of returning an error, we submit a work item to kmultipathd
(that will potentially activate the new path) and retry in ten
milliseconds.
Note that the patch doesn't retry an ioctl if the ioctl itself fails due
to a path failure. Such retries should be handled intelligently by the
code that generated the ioctl in the first place, noting that some SCSI
commands should not be retried because they are not idempotent (XOR write
commands). For commands that could be retried, there is a danger that
if the device rejected the SCSI command, the path could be errorneously
marked as failed, and the request would be retried on another path which
might fail too. It can be determined if the failure happens on the
device or on the SCSI controller, but there is no guarantee that all
SCSI drivers set these flags correctly.
Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
Mike Christie [Sat, 2 Jun 2012 23:29:45 +0000 (00:29 +0100)]
dm mpath: delay retry of bypassed pg
If I/O needs retrying and only bypassed priority groups are available,
set the pg_init_delay_retry flag to wait before retrying.
If, for example, the reason for the bypass is that the controller is
getting reset or there is a firmware upgrade happening, retrying right
away would cause a flood of log messages and retries for what could be a
few seconds or even several minutes.
Signed-off-by: Mike Christie <michaelc@cs.wisc.edu>
Acked-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
Mike Snitzer [Sat, 2 Jun 2012 23:29:43 +0000 (00:29 +0100)]
dm mpath: reduce size of struct multipath
Move multipath structure's 'lock' and 'queue_size' members to eliminate
two 4-byte holes. Also use a bit within a single unsigned int for each
existing flag (saves 8-bytes). This allows future flags to be added
without each consuming an unsigned int.
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Acked-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
Linus Torvalds [Sat, 2 Jun 2012 23:22:51 +0000 (16:22 -0700)]
Merge git://git./linux/kernel/git/davem/net
Pull networking updates from David Miller:
1) Make syn floods consume significantly less resources by
a) Not pre-COW'ing routing metrics for SYN/ACKs
b) Mirroring the device queue mapping of the SYN for the SYN/ACK
reply.
Both from Eric Dumazet.
2) Fix calculation errors in Byte Queue Limiting, from Hiroaki SHIMODA.
3) Validate the length requested when building a paged SKB for a
socket, so we don't overrun the page vector accidently. From Jason
Wang.
4) When netlabel is disabled, we abort all IP option processing when we
see a CIPSO option. This isn't the right thing to do, we should
simply skip over it and continue processing the remaining options
(if any). Fix from Paul Moore.
5) SRIOV fixes for the mellanox driver from Jack orgenstein and Marcel
Apfelbaum.
6) 8139cp enables the receiver before the ring address is properly
programmed, which potentially lets the device crap over random
memory. Fix from Jason Wang.
7) e1000/e1000e fixes for i217 RST handling, and an improper buffer
address reference in jumbo RX frame processing from Bruce Allan and
Sebastian Andrzej Siewior, respectively.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
fec_mpc52xx: fix timestamp filtering
mcs7830: Implement link state detection
e1000e: fix Rapid Start Technology support for i217
e1000: look into the page instead of skb->data for e1000_tbi_adjust_stats()
r8169: call netif_napi_del at errpaths and at driver unload
tcp: reflect SYN queue_mapping into SYNACK packets
tcp: do not create inetpeer on SYNACK message
8139cp/8139too: terminate the eeprom access with the right opmode
8139cp: set ring address before enabling receiver
cipso: handle CIPSO options correctly when NetLabel is disabled
net: sock: validate data_len before allocating skb in sock_alloc_send_pskb()
bql: Avoid possible inconsistent calculation.
bql: Avoid unneeded limit decrement.
bql: Fix POSDIFF() to integer overflow aware.
net/mlx4_core: Fix obscure mlx4_cmd_box parameter in QUERY_DEV_CAP
net/mlx4_core: Check port out-of-range before using in mlx4_slave_cap
net/mlx4_core: Fixes for VF / Guest startup flow
net/mlx4_en: Fix improper use of "port" parameter in mlx4_en_event
net/mlx4_core: Fix number of EQs used in ICM initialisation
net/mlx4_core: Fix the slave_id out-of-range test in mlx4_eq_int
Linus Torvalds [Sat, 2 Jun 2012 23:17:03 +0000 (16:17 -0700)]
Merge branch 'x86-urgent-for-linus' of git://git./linux/kernel/git/tip/tip
Pull straggler x86 fixes from Peter Anvin:
"Three groups of patches:
- EFI boot stub documentation and the ability to print error messages;
- Removal for PTRACE_ARCH_PRCTL for x32 (obsolete interface which
should never have been ported, and the port is broken and
potentially dangerous.)
- ftrace stack corruption fixes. I'm not super-happy about the
technical implementation, but it is probably the least invasive in
the short term. In the future I would like a single method for
nesting the debug stack, however."
* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86, x32, ptrace: Remove PTRACE_ARCH_PRCTL for x32
x86, efi: Add EFI boot stub documentation
x86, efi; Add EFI boot stub console support
x86, efi: Only close open files in error path
ftrace/x86: Do not change stacks in DEBUG when calling lockdep
x86: Allow nesting of the debug stack IDT setting
x86: Reset the debug_stack update counter
ftrace: Use breakpoint method to update ftrace caller
ftrace: Synchronize variable setting with breakpoints
Linus Torvalds [Sat, 2 Jun 2012 22:21:43 +0000 (15:21 -0700)]
tty: Revert the tty locking series, it needs more work
This reverts the tty layer change to use per-tty locking, because it's
not correct yet, and fixing it will require some more deep surgery.
The main revert is
d29f3ef39be4 ("tty_lock: Localise the lock"), but
there are several smaller commits that built upon it, they also get
reverted here. The list of reverted commits is:
fde86d310886 - tty: add lockdep annotations
8f6576ad476b - tty: fix ldisc lock inversion trace
d3ca8b64b97e - pty: Fix lock inversion
b1d679afd766 - tty: drop the pty lock during hangup
abcefe5fc357 - tty/amiserial: Add missing argument for tty_unlock()
fd11b42e3598 - cris: fix missing tty arg in wait_event_interruptible_tty call
d29f3ef39be4 - tty_lock: Localise the lock
The revert had a trivial conflict in the 68360serial.c staging driver
that got removed in the meantime.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Stephan Gatzka [Sat, 2 Jun 2012 03:04:06 +0000 (03:04 +0000)]
fec_mpc52xx: fix timestamp filtering
skb_defer_rx_timestamp was called with a freshly allocated skb but must
be called with rskb instead.
Signed-off-by: Stephan Gatzka <stephan@gatzka.org>
Cc: stable <stable@vger.kernel.org>
Acked-by: Richard Cochran <richardcochran@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Ondrej Zary [Fri, 1 Jun 2012 10:29:08 +0000 (10:29 +0000)]
mcs7830: Implement link state detection
Add .status callback that detects link state changes.
Tested with MCS7832CV-AA chip (9710:7830, identified as rev.C by the driver).
Fixes https://bugzilla.kernel.org/show_bug.cgi?id=28532
Signed-off-by: Ondrej Zary <linux@rainbow-software.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Linus Torvalds [Sat, 2 Jun 2012 16:03:54 +0000 (09:03 -0700)]
Merge 'for-linus' branches from git://git./linux/kernel/git/viro/{vfs,signal}
Pull vfs fix and a fix from the signal changes for frv from Al Viro.
The __kernel_nlink_t for powerpc got scrogged because 64-bit powerpc
actually depended on the default "unsigned long", while 32-bit powerpc
had an explicit override to "unsigned short". Al didn't notice, and
made both of them be the unsigned short.
The frv signal fix is fallout from simplifying the do_notify_resume()
code, and leaving an extra parenthesis.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
powerpc: Fix size of st_nlink on 64bit
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/signal:
frv: Remove bogus closing parenthesis
Anton Blanchard [Sat, 2 Jun 2012 11:34:52 +0000 (21:34 +1000)]
powerpc: Fix size of st_nlink on 64bit
commit
e57f93cc53b7 (powerpc: get rid of nlink_t uses, switch to
explicitly-sized type) changed the size of st_nlink on ppc64 from
a long to a short, resulting in boot failures.
Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Geert Uytterhoeven [Sat, 2 Jun 2012 11:08:39 +0000 (13:08 +0200)]
frv: Remove bogus closing parenthesis
Introduced by commit
6fd84c0831ec78d98736b76dc5e9b849f1dbfc9e
("TIF_RESTORE_SIGMASK can be set only when TIF_SIGPENDING is set")
Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Bruce Allan [Thu, 10 May 2012 02:51:17 +0000 (02:51 +0000)]
e1000e: fix Rapid Start Technology support for i217
The definition of I217_PROXY_CTRL must use the BM_PHY_REG() macro instead
of the PHY_REG() macro for PHY page 800 register 70 since it is for a PHY
register greater than the maximum allowed by the latter macro, and fix a
typo setting the I217_MEMPWR register in e1000_suspend_workarounds_ich8lan.
Also for clarity, rename a few defines as bit definitions instead of masks.
Signed-off-by: Bruce Allan <bruce.w.allan@intel.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Sebastian Andrzej Siewior [Tue, 15 May 2012 09:18:55 +0000 (09:18 +0000)]
e1000: look into the page instead of skb->data for e1000_tbi_adjust_stats()
This is another fixup where the data is not transfered into buffer
addressed by skb->data but into a page.
Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Linus Torvalds [Sat, 2 Jun 2012 02:56:23 +0000 (19:56 -0700)]
Merge branch 'akpm' (Fixups for Andrew's patchbomb)
Merge fixups for the mac NLS tables from Andrew.
* emailed from Andrew Morton, and one cleanup by me:
nls: fix (and rename) mac NLS table files and config options
fs/nls/Makefile: remove bogus CONFIG_ assignments
Linus Torvalds [Sat, 2 Jun 2012 02:51:22 +0000 (19:51 -0700)]
nls: fix (and rename) mac NLS table files and config options
The config options in the Kconfig file (with _CODEPAGE_ in the name)
didn't match the config option name in the Makefile (no _CODEPAGE_).
And both of them were of the hard-to-read MACXYZZY variety, which made
them hard to parse for normal humans: MACROMAN easily reads as "macro
man", not as "Mac Roman".
So rename the options to be consistent, and be NLS_MAC_xyzzy. Rename
the files to be mac-xyzzy.c too, and drop the "nls" part entirely (it's
already in the directory name).
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Andrew Morton [Fri, 1 Jun 2012 21:57:41 +0000 (14:57 -0700)]
fs/nls/Makefile: remove bogus CONFIG_ assignments
These were debug things which snuck through.
Reported-by: Yinghai Lu <yinghai@kernel.org>
Cc: Vladimir Serbinenko <phcoder@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Linus Torvalds [Fri, 1 Jun 2012 23:57:51 +0000 (16:57 -0700)]
Merge tag 'fbdev-updates-for-3.5' of git://github.com/schandinat/linux-2.6
Pull fbdev updates from Florian Tobias Schandinat:
- driver for AUO-K1900 and AUO-K1901 epaper controller
- large updates for OMAP (e.g. decouple HDMI audio and video)
- some updates for Exynos and SH Mobile
- various other small fixes and cleanups
* tag 'fbdev-updates-for-3.5' of git://github.com/schandinat/linux-2.6: (130 commits)
video: bfin_adv7393fb: Fix cleanup code
video: exynos_dp: reduce delay time when configuring video setting
video: exynos_dp: move sw reset prioir to enabling sw defined function
video: exynos_dp: use devm_ functions
fb: handle NULL pointers in framebuffer release
OMAPDSS: HDMI: OMAP4: Update IRQ flags for the HPD IRQ request
OMAPDSS: Apply VENC timings even if panel is disabled
OMAPDSS: VENC/DISPC: Delay dividing Y resolution for managers connected to VENC
OMAPDSS: DISPC: Support rotation through TILER
OMAPDSS: VRFB: remove compiler warnings when CONFIG_BUG=n
OMAPFB: remove compiler warnings when CONFIG_BUG=n
OMAPDSS: remove compiler warnings when CONFIG_BUG=n
OMAPDSS: DISPC: fix usage of dispc_ovl_set_accu_uv
OMAPDSS: use DSI_FIFO_BUG workaround only for manual update displays
OMAPDSS: DSI: Support command mode interleaving during video mode blanking periods
OMAPDSS: DISPC: Update Accumulator configuration for chroma plane
drivers/video: fsl-diu-fb: don't initialize the THRESHOLDS registers
video: exynos mipi dsi: support reverse panel type
video: exynos mipi dsi: Properly interpret the interrupt source flags
video: exynos mipi dsi: Avoid races in probe()
...
Linus Torvalds [Fri, 1 Jun 2012 23:55:42 +0000 (16:55 -0700)]
Merge tag 'for-linus-3.5-
20120601' of git://git.infradead.org/linux-mtd
Pull mtd update from David Woodhouse:
- More robust parsing especially of xattr data in JFFS2
- Updates to mxc_nand and gpmi drivers to support new boards and device tree
- Improve consistency of information about ECC strength in NAND devices
- Clean up partition handling of plat_nand
- Support NAND drivers without dedicated access to OOB area
- BCH hardware ECC support for OMAP
- Other fixes and cleanups, and a few new device IDs
Fixed trivial conflict in drivers/mtd/nand/gpmi-nand/gpmi-nand.c due to
added include files next to each other.
* tag 'for-linus-3.5-
20120601' of git://git.infradead.org/linux-mtd: (75 commits)
mtd: mxc_nand: move ecc strengh setup before nand_scan_tail
mtd: block2mtd: fix recursive call of mtd_writev
mtd: gpmi-nand: define ecc.strength
mtd: of_parts: fix breakage in Kconfig
mtd: nand: fix scan_read_raw_oob
mtd: docg3 fix in-middle of blocks reads
mtd: cfi_cmdset_0002: Slight cleanup of fixup messages
mtd: add fixup for S29NS512P NOR flash.
jffs2: allow to complete xattr integrity check on first GC scan
jffs2: allow to discriminate between recoverable and non-recoverable errors
mtd: nand: omap: add support for hardware BCH ecc
ARM: OMAP3: gpmc: add BCH ecc api and modes
mtd: nand: check the return code of 'read_oob/read_oob_raw'
mtd: nand: remove 'sndcmd' parameter of 'read_oob/read_oob_raw'
mtd: m25p80: Add support for Winbond W25Q80BW
jffs2: get rid of jffs2_sync_super
jffs2: remove unnecessary GC pass on sync
jffs2: remove unnecessary GC pass on umount
jffs2: remove lock_super
mtd: gpmi: add gpmi support for mx6q
...
Linus Torvalds [Fri, 1 Jun 2012 23:51:37 +0000 (16:51 -0700)]
Merge branch 'for_linus' of git://cavan.codon.org.uk/platform-drivers-x86
Pull x86 platform driver updates from Matthew Garrett:
"Some significant improvements for the Sony driver on newer machines,
but other than that mostly just minor fixes and a patch to remove the
broken rfkill code from the Dell driver."
* 'for_linus' of git://cavan.codon.org.uk/platform-drivers-x86: (35 commits)
apple-gmux: Fix up the suspend/resume patch
dell-laptop: Remove rfkill code
toshiba_acpi: Fix mis-merge
dell-laptop: Add touchpad led support for Dell V3450
acer-wmi: add 3 laptops to video backlight vendor mode quirk table
sony-laptop: add touchpad enable/disable function
sony-laptop: add missing Fn key combos for 0x100 handlers
sony-laptop: add support for more WWAN modems
sony-laptop: new keyboard backlight handle
sony-laptop: add high speed battery charging function
sony-laptop: support automatic resume on lid open
sony-laptop: adjust error handling in finding SNC handles
sony-laptop: add thermal profiles support
sony-laptop: support battery care functions
sony-laptop: additional debug statements
sony-laptop: improve SNC initialization and acpi notify callback code
sony-laptop: use kstrtoul to parse sysfs values
sony-laptop: generalise ACPI calls into SNC functions
sony-laptop: fix return path when no ACPI buffer is allocated
sony-laptop: use soft rfkill status stored in hw
...
Linus Torvalds [Fri, 1 Jun 2012 23:50:23 +0000 (16:50 -0700)]
Merge branch 'slab/for-linus' of git://git./linux/kernel/git/penberg/linux
Pull slab updates from Pekka Enberg:
"Mainly a bunch of SLUB fixes from Joonsoo Kim"
* 'slab/for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/penberg/linux:
slub: use __SetPageSlab function to set PG_slab flag
slub: fix a memory leak in get_partial_node()
slub: remove unused argument of init_kmem_cache_node()
slub: fix a possible memory leak
Documentations: Fix slabinfo.c directory in vm/slub.txt
slub: fix incorrect return type of get_any_partial()
H. Peter Anvin [Fri, 1 Jun 2012 22:55:31 +0000 (15:55 -0700)]
Merge remote-tracking branch 'rostedt/tip/perf/urgent-2' into x86-urgent-for-linus
Linus Torvalds [Fri, 1 Jun 2012 22:46:46 +0000 (15:46 -0700)]
Merge branch 'ux500/hickup' of git://git./linux/kernel/git/arm/arm-soc
Pull arm fixes for ux500 mismerge mishap from Arnd Bergmann:
"The device tree conversion for arm/ux500 in 3.5 turns out to be
incomplete because of a mismerge done by Linus Walleij that I failed
to notice early enough and that Lee Jones as the original author of
those patches did not manage to fix during the -next cycle. While we
originally to get a much larger set of ux500 device tree enablement
patches merged, this did not happen in time.
After some discussion at Linaro Connect conference this week, Lee has
been able to do damage control and provide a series to put the broken
platform back into usable shape for both DT and non-DT based booting.
This series has not been part of linux-next and is based on top of the
current state of the upstream kernel rather than an -rc, but this is
the best we could manage given the earlier breakage."
* 'ux500/hickup' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
ARM: ux500: Enable probing of pinctrl through Device Tree
ARM: ux500: Add support for ab8500 regulators into the Device Tree
ARM: ux500: Provide regulator support for SMSC911x via Device Tree
ARM: ux500: Allow PRCMU regulator to be probed during a DT enabled boot
ARM: ux500: Apply db8500-prcmu regulator information to db8500 Device Tree
ARM: ux500: Only initialise STE's UIBs on boards which support them
ARM: ux500: Disable platform setup of the ab8500 when DT is enabled
ARM: ux500: Use correct format for dynamic IRQ assignment
ARM: ux500: Re-enable SMSC911x platform code registration during non-DT boots
ARM: ux500: PRCMU related configuration and layout corrections for Device Tree
ARM: ux500: Remove DB8500 PRCMU platform registration when DT is enabled
ARM: ux500: Disable SMSC911x platform code registration when DT is enabled
ARM: ux500: New DT:ed u8500_init_devices for one-by-one device enablement
ARM: ux500: New DT:ed snowball_platform_devs for one-by-one device enablement
pinctrl-nomadik: Allow Device Tree driver probing
Devendra Naga [Thu, 31 May 2012 01:51:20 +0000 (01:51 +0000)]
r8169: call netif_napi_del at errpaths and at driver unload
when register_netdev fails, the init'ed NAPIs by netif_napi_add must be
deleted with netif_napi_del, and also when driver unloads, it should
delete the NAPI before unregistering netdevice using unregister_netdev.
Signed-off-by: Devendra Naga <devendra.aaru@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Linus Torvalds [Fri, 1 Jun 2012 22:40:29 +0000 (15:40 -0700)]
Merge branch 'drm-fixes' of git://people.freedesktop.org/~airlied/linux
Pull drm fixes from Dave Airlie:
"A bunch of fixes:
- vmware memory corruption
- ttm spinlock balance
- cirrus/mgag200 work in the presence of efifb
and finally Alex and Jerome managed to track down a magic set of bits
that on certain rv740 and evergreen cards allow the correct use of the
complete set of render backends, this makes the cards operate
correctly in a number of scenarios we had issues in before, it also
manages to boost speed on benchmarks my large amounts on these
specific gpus."
* 'drm-fixes' of git://people.freedesktop.org/~airlied/linux:
drm/edid: Make the header fixup threshold tunable
drm/radeon: fix regression in UMS CS ioctl
drm/vmwgfx: Fix nasty write past alloced memory area
drm/ttm: Fix spinlock imbalance
drm/radeon: fixup tiling group size and backendmap on r6xx-r9xx (v4)
drm/radeon: fix HD6790, HD6570 backend programming
drm/radeon: properly program gart on rv740, juniper, cypress, barts, hemlock
drm/radeon: fix bank information in tiling config
drm/mgag200: kick off conflicting framebuffers earlier.
drm/cirrus: kick out conflicting framebuffers earlier
cirrus: avoid crash if driver fails to load
Linus Torvalds [Fri, 1 Jun 2012 22:39:26 +0000 (15:39 -0700)]
Merge tag 'sound-3.5' of git://git./linux/kernel/git/tiwai/sound
Pull sound fixes from Takashi Iwai:
"Just a few trivial driver-specific fixes."
* tag 'sound-3.5' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
ALSA: hdspm - Work around broken DDS value on PCI RME MADI
ALSA: usb-audio: fix rate_list memory leak
ASoC: fsi: bugfix: ensure dma is terminated
ASoC: fsi: bugfix: correct dma area
ASoC: fsi: bugfix: enable master clock control on DMA stream
ASoC: imx-ssi: Use clk_prepare_enable/clk_disable_unprepare
H.J. Lu [Tue, 22 May 2012 03:29:45 +0000 (20:29 -0700)]
x86, x32, ptrace: Remove PTRACE_ARCH_PRCTL for x32
When I added x32 ptrace to 3.4 kernel, I also include PTRACE_ARCH_PRCTL
support for x32 GDB For ARCH_GET_FS/GS, it takes a pointer to int64. But
at user level, ARCH_GET_FS/GS takes a pointer to int32. So I have to add
x32 ptrace to glibc to handle it with a temporary int64 passed to kernel and
copy it back to GDB as int32. Roland suggested that PTRACE_ARCH_PRCTL
is obsolete and x32 GDB should use fs_base and gs_base fields of
user_regs_struct instead.
Accordingly, remove PTRACE_ARCH_PRCTL completely from the x32 code to
avoid possible memory overrun when pointer to int32 is passed to
kernel.
Link: http://lkml.kernel.org/r/CAMe9rOpDzHfS7NH7m1vmD9QRw8SSj4Sc%2BaNOgcWm_WJME2eRsQ@mail.gmail.com
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Cc: <stable@vger.kernel.org> v3.4