GitHub/MotorolaMobilityLLC/kernel-slsi.git
12 years agoBluetooth: AMP: Get amp_mgr reference in HS hci_conn
Andrei Emeltchenko [Thu, 18 Oct 2012 10:16:19 +0000 (13:16 +0300)]
Bluetooth: AMP: Get amp_mgr reference in HS hci_conn

When assigning amp_mgr in hci_conn (type AMP_LINK) get also reference.
In hci_conn_del those references would be put for both conn types
AMP_LINK and ACL_LINK associated with amp_mgr.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Zero bredr pointer when chan is deleted
Andrei Emeltchenko [Mon, 15 Oct 2012 08:58:44 +0000 (11:58 +0300)]
Bluetooth: Zero bredr pointer when chan is deleted

If BREDR L2CAP chan is deleted and this chan is the channel through
which High Speed traffic is routed to AMP then zero pointer to
the chan in amp_mgr to prevent accessing it.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Send EFS Conf Rsp only for BR/EDR chan
Andrei Emeltchenko [Mon, 15 Oct 2012 08:58:42 +0000 (11:58 +0300)]
Bluetooth: Send EFS Conf Rsp only for BR/EDR chan

Do not send EFS Configuration Response for High Speed channel yet.
It will be sent after receiving Logical Link Complete event.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Drop packets when no l2cap conn exist
Andrei Emeltchenko [Mon, 15 Oct 2012 08:58:41 +0000 (11:58 +0300)]
Bluetooth: AMP: Drop packets when no l2cap conn exist

High Speed hci_conn should always have l2cap_conn associated with it.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Handle complete frames in l2cap
Andrei Emeltchenko [Mon, 15 Oct 2012 08:58:40 +0000 (11:58 +0300)]
Bluetooth: AMP: Handle complete frames in l2cap

Check flags type in switch statement and handle new frame
type ACL_COMPLETE used for High Speed data over AMP.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Use Loglink handle in ACL Handle field
Andrei Emeltchenko [Mon, 15 Oct 2012 08:58:39 +0000 (11:58 +0300)]
Bluetooth: AMP: Use Loglink handle in ACL Handle field

For AMP HCI controller use Logical Link handle in HCI ACL
Handle field.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Rename __l2cap_connect() to l2cap_connect()
Gustavo Padovan [Fri, 12 Oct 2012 11:40:40 +0000 (19:40 +0800)]
Bluetooth: Rename __l2cap_connect() to l2cap_connect()

Use of "__" usually means we need to call the function with a lock held,
which is not the case here.

Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Add chan->ops->defer()
Gustavo Padovan [Fri, 12 Oct 2012 11:35:24 +0000 (19:35 +0800)]
Bluetooth: Add chan->ops->defer()

When DEFER_SETUP is set defer() will trigger an authorization
request to the userspace.

l2cap_chan_no_defer() is meant to be used when one does not want to
support DEFER_SETUP (A2MP for example).

Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Move bt_accept_enqueue() to l2cap_sock.c
Gustavo Padovan [Fri, 12 Oct 2012 11:35:23 +0000 (19:35 +0800)]
Bluetooth: Move bt_accept_enqueue() to l2cap_sock.c

This is part of the move the parent socket usage to l2cap_sock.c

The change is safe when it comes to locking, bt_accept_enqueue() is still
protected by the parent socket lock inside the
l2cap_sock_new_connection_cb() code.

Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Call ops->teardown() without checking for NULL
Gustavo Padovan [Sat, 6 Oct 2012 10:51:54 +0000 (11:51 +0100)]
Bluetooth: Call ops->teardown() without checking for NULL

Users that don't implement teardown() should use l2cap_chan_no_teardown()

Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Use locked l2cap_state_change()
Gustavo Padovan [Sat, 6 Oct 2012 10:47:38 +0000 (11:47 +0100)]
Bluetooth: Use locked l2cap_state_change()

No one was protecting the state set in l2cap_send_disconn_req()

Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: use l2cap_chan_set_err()
Gustavo Padovan [Sat, 6 Oct 2012 10:34:52 +0000 (11:34 +0100)]
Bluetooth: use l2cap_chan_set_err()

l2cap_conn_unreliable() doesn't take the sk lock, so we need to take it
using l2cap_chan_set_err().

Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Remove GFP_ATOMIC usage from l2cap_core.c
Gustavo Padovan [Mon, 28 May 2012 22:18:14 +0000 (19:18 -0300)]
Bluetooth: Remove GFP_ATOMIC usage from l2cap_core.c

Since we change the Bluetooth core to run in process context we don't need
to use GFP_ATOMIC in many of places we were using it. The we just replace
by GFP_KERNEL.

Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Fix L2CAP coding style
Gustavo Padovan [Sat, 6 Oct 2012 09:07:01 +0000 (10:07 +0100)]
Bluetooth: Fix L2CAP coding style

Follow the net subsystem coding style

Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Factor out common L2CAP connection code
Mat Martineau [Thu, 11 Oct 2012 14:48:22 +0000 (17:48 +0300)]
Bluetooth: Factor out common L2CAP connection code

L2CAP connect requests and create channel requests share a significant
amount of code.  This change moves common code to a new function.

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Process create response and connect response identically
Mat Martineau [Thu, 11 Oct 2012 14:48:21 +0000 (17:48 +0300)]
Bluetooth: Process create response and connect response identically

Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Hanlde AMP_LINK case in conn_put
Andrei Emeltchenko [Wed, 10 Oct 2012 14:38:31 +0000 (17:38 +0300)]
Bluetooth: AMP: Hanlde AMP_LINK case in conn_put

Handle AMP link when setting up disconnect timeout.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Handle AMP_LINK connection
Andrei Emeltchenko [Wed, 10 Oct 2012 14:38:30 +0000 (17:38 +0300)]
Bluetooth: AMP: Handle AMP_LINK connection

AMP_LINK represents physical link between AMP controllers.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Handle number of compl blocks for AMP_LINK
Andrei Emeltchenko [Wed, 10 Oct 2012 14:38:29 +0000 (17:38 +0300)]
Bluetooth: AMP: Handle number of compl blocks for AMP_LINK

Add handling blocks count for AMP link.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Add handle to hci_chan structure
Andrei Emeltchenko [Wed, 10 Oct 2012 14:38:28 +0000 (17:38 +0300)]
Bluetooth: AMP: Add handle to hci_chan structure

hci_chan will be identified by handle used in logical link creation
process. This handle is used in AMP ACL-U packet handle field.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Handle AMP_LINK timeout
Andrei Emeltchenko [Wed, 10 Oct 2012 14:38:27 +0000 (17:38 +0300)]
Bluetooth: AMP: Handle AMP_LINK timeout

When AMP_LINK timeouts execute HCI_OP_DISCONN_PHY_LINK as analog to
HCI_OP_DISCONNECT for ACL_LINK.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Allow to set flush timeout
Andrei Emeltchenko [Wed, 10 Oct 2012 14:38:26 +0000 (17:38 +0300)]
Bluetooth: Allow to set flush timeout

Enable setting of flush timeout via setsockopt

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Use __constant modifier for RFCOMM PSM
Syam Sidhardhan [Wed, 10 Oct 2012 16:39:29 +0000 (22:09 +0530)]
Bluetooth: Use __constant modifier for RFCOMM PSM

Since the RFCOMM_PSM is constant, __constant_cpu_to_le16() is
the right go here.

Signed-off-by: Syam Sidhardhan <s.syam@samsung.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Use __constant modifier for L2CAP SMP CID
Syam Sidhardhan [Wed, 10 Oct 2012 16:39:28 +0000 (22:09 +0530)]
Bluetooth: Use __constant modifier for L2CAP SMP CID

Since the L2CAP_CID_SMP is constant, __constant_cpu_to_le16() is
the right go here.

Signed-off-by: Syam Sidhardhan <s.syam@samsung.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: btmrv: Use %*ph specifier instead of print_hex_dump_bytes
Andrei Emeltchenko [Wed, 10 Oct 2012 14:41:33 +0000 (17:41 +0300)]
Bluetooth: btmrv: Use %*ph specifier instead of print_hex_dump_bytes

Use standard print specifier and remove print_hex_dump_bytes call.
Makes output more sensible:

...
[18809.401218] 00000000: 0b 00 00 fe 5b fc 01 f2 00 00 00    ....[......
...

would be changed to

...
[18809.401218] Bluetooth: hex: 0b 00 00 fe 5b fc 01 f2 00 00 00
...

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: don't attempt to free a channel that wasn't created
Sasha Levin [Mon, 8 Oct 2012 20:48:32 +0000 (16:48 -0400)]
Bluetooth: don't attempt to free a channel that wasn't created

We may currently attempt to free a channel which wasn't created due to
an error in the initialization path, this would cause a NULL ptr deref.

This would cause the following oops:

[   12.919073] BUG: unable to handle kernel NULL pointer dereference at 0000000000000010
[   12.919131] IP: [<ffffffff836645c4>] l2cap_chan_put+0x34/0x50
[   12.919135] PGD 0
[   12.919138] Oops: 0002 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[   12.919193] Dumping ftrace buffer:
[   12.919242]    (ftrace buffer empty)
[   12.919314] Modules linked in:
[   12.919318] CPU 1
[   12.919319] Pid: 6210, comm: krfcommd Tainted: G        W    3.6.0-next-20121004-sasha-00005-gb010653-dirty #30
[   12.919374] RIP: 0010:[<ffffffff836645c4>]  [<ffffffff836645c4>] l2cap_chan_put+0x34/0x50
[   12.919377] RSP: 0000:ffff880066933c38  EFLAGS: 00010246
[   12.919378] RAX: ffffffff8366c780 RBX: 0000000000000000 RCX: 6666666666666667
[   12.919379] RDX: 0000000000000fa0 RSI: ffffffff84d3f79e RDI: 0000000000000010
[   12.919381] RBP: ffff880066933c48 R08: ffffffff859989f8 R09: 0000000000000001
[   12.919382] R10: 0000000000000000 R11: 7fffffffffffffff R12: 0000000000000000
[   12.919383] R13: ffff88009b00a200 R14: ffff88009b00a200 R15: 0000000000000001
[   12.919385] FS:  0000000000000000(0000) GS:ffff880033600000(0000) knlGS:0000000000000000
[   12.919437] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   12.919440] CR2: 0000000000000010 CR3: 0000000005026000 CR4: 00000000000406e0
[   12.919446] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   12.919451] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[   12.919504] Process krfcommd (pid: 6210, threadinfo ffff880066932000, task ffff880065c4b000)
[   12.919506] Stack:
[   12.919510]  ffff88009b00a200 ffff880032084000 ffff880066933c68 ffffffff8366c7bc
[   12.919513]  7fffffffffffffff ffff880032084000 ffff880066933c98 ffffffff833ae0ae
[   12.919516]  ffff880066933ca8 0000000000000000 0000000000000000 ffff88009b00a200
[   12.919517] Call Trace:
[   12.919522]  [<ffffffff8366c7bc>] l2cap_sock_destruct+0x3c/0x80
[   12.919527]  [<ffffffff833ae0ae>] __sk_free+0x1e/0x1f0
[   12.919530]  [<ffffffff833ae2f7>] sk_free+0x17/0x20
[   12.919585]  [<ffffffff8366ca4e>] l2cap_sock_alloc.constprop.5+0x9e/0xd0
[   12.919591]  [<ffffffff8366cb9e>] l2cap_sock_create+0x7e/0x100
[   12.919652]  [<ffffffff83a4f32a>] ? _raw_read_lock+0x6a/0x80
[   12.919658]  [<ffffffff836402c4>] ? bt_sock_create+0x74/0x110
[   12.919660]  [<ffffffff83640308>] bt_sock_create+0xb8/0x110
[   12.919664]  [<ffffffff833aa232>] __sock_create+0x282/0x3b0
[   12.919720]  [<ffffffff833aa0b0>] ? __sock_create+0x100/0x3b0
[   12.919725]  [<ffffffff836785b0>] ? rfcomm_process_sessions+0x17e0/0x17e0
[   12.919779]  [<ffffffff833aa37f>] sock_create_kern+0x1f/0x30
[   12.919784]  [<ffffffff83675714>] rfcomm_l2sock_create+0x44/0x70
[   12.919787]  [<ffffffff836785b0>] ? rfcomm_process_sessions+0x17e0/0x17e0
[   12.919790]  [<ffffffff836785fe>] rfcomm_run+0x4e/0x1f0
[   12.919846]  [<ffffffff836785b0>] ? rfcomm_process_sessions+0x17e0/0x17e0
[   12.919852]  [<ffffffff81138ee3>] kthread+0xe3/0xf0
[   12.919908]  [<ffffffff8117b12e>] ? put_lock_stats.isra.14+0xe/0x40
[   12.919914]  [<ffffffff81138e00>] ? flush_kthread_work+0x1f0/0x1f0
[   12.919968]  [<ffffffff83a5077c>] ret_from_fork+0x7c/0x90
[   12.919973]  [<ffffffff81138e00>] ? flush_kthread_work+0x1f0/0x1f0
[   12.920161] Code: 83 ec 08 f6 05 ff 58 44 02 04 74 1b 8b 4f 10 48 89 fa 48 c7 c6 d9 d7 d4 84 48 c7 c7 80 9e aa 85 31 c0 e8 80
ac 3a fe 48 8d 7b 10 <f0> 83 6b 10 01 0f 94 c0 84 c0 74 05 e8 8b e0 ff ff 48 83 c4 08
[   12.920165] RIP  [<ffffffff836645c4>] l2cap_chan_put+0x34/0x50
[   12.920166]  RSP <ffff880066933c38>
[   12.920167] CR2: 0000000000000010
[   12.920417] ---[ end trace 5a9114e8a158ab84 ]---

Introduced in commit 61d6ef3e ("Bluetooth: Make better use of l2cap_chan
reference counting").

Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: L2CAP: Fix using default Flush Timeout for EFS
Andrei Emeltchenko [Mon, 8 Oct 2012 08:14:41 +0000 (11:14 +0300)]
Bluetooth: L2CAP: Fix using default Flush Timeout for EFS

There are two Flush Timeouts: one is old Flush Timeot Option
which is 2 octets and the second is Flush Timeout inside EFS
which is 4 octets long.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Adjust L2CAP Max PDU size for AMP packets
Andrei Emeltchenko [Fri, 5 Oct 2012 13:56:58 +0000 (16:56 +0300)]
Bluetooth: Adjust L2CAP Max PDU size for AMP packets

Maximum PDU size is defined by new BT Spec as 1492 octets.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Reviewed-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Use block_mtu for AMP controller
Andrei Emeltchenko [Fri, 5 Oct 2012 13:56:57 +0000 (16:56 +0300)]
Bluetooth: AMP: Use block_mtu for AMP controller

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Factor out phylink_add
Andrei Emeltchenko [Fri, 5 Oct 2012 13:56:56 +0000 (16:56 +0300)]
Bluetooth: AMP: Factor out phylink_add

Add direction parameter to phylink_add since it is anyway set later.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Factor out amp_ctrl_add
Andrei Emeltchenko [Fri, 5 Oct 2012 13:56:55 +0000 (16:56 +0300)]
Bluetooth: AMP: Factor out amp_ctrl_add

Add ctrl_id parameter to amp_ctrl_add since we always set it
after function ctrl is created.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Fix dereference after NULL check
Andrei Emeltchenko [Fri, 5 Oct 2012 13:56:54 +0000 (16:56 +0300)]
Bluetooth: Fix dereference after NULL check

Move code dereferencing possible NULL pointer to the check branch.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Fix possible NULL dereference
Andrei Emeltchenko [Fri, 5 Oct 2012 13:56:53 +0000 (16:56 +0300)]
Bluetooth: AMP: Fix possible NULL dereference

Check that link key exist before accessing.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: remove unused member of hci_dev.
Rami Rosen [Mon, 1 Oct 2012 17:37:31 +0000 (19:37 +0200)]
Bluetooth: remove unused member of hci_dev.

This patch removes core_data member from hci_dev struct as it is unused.

Signed-off-by: Rami Rosen <ramirose@gmail.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: A2MP: Fix potential NULL dereference
Andrei Emeltchenko [Fri, 28 Sep 2012 11:28:50 +0000 (14:28 +0300)]
Bluetooth: A2MP: Fix potential NULL dereference

Return INVALID_CTRL_ID for unknown AMP controller and for BR/EDR
controller and fixes dereference possible NULL pointer.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: btmrvl: Fix skb buffer overflow
Andrei Emeltchenko [Fri, 28 Sep 2012 11:36:10 +0000 (14:36 +0300)]
Bluetooth: btmrvl: Fix skb buffer overflow

Add extra check to avoid skb buffer overflow. Fixes crash below:

 [  101.030427] ------------[ cut here ]------------
 [  101.030459] kernel BUG at net/core/skbuff.c:127!
 [  101.030486] invalid opcode: 0000 [#1] SMP
...
 [  101.030806] Pid: 2010, comm: btmrvl_main_ser Not tainted 3.5.0+ #80 Laptop
 [  101.030859] EIP: 0060:[<c14f2ba9>] EFLAGS: 00010282 CPU: 0
 [  101.030894] EIP is at skb_put+0x99/0xa0
 [  101.030919] EAX: 00000080 EBX: f129380b ECX: ef923540 EDX: 00000001
 [  101.030956] ESI: f00a4000 EDI: 00001003 EBP: ed4a5efc ESP: ed4a5ecc
 [  101.030992]  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
 [  101.031024] CR0: 8005003b CR2: 08fca014 CR3: 30960000 CR4: 000407f0
 [  101.031062] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
 [  101.031100] DR6: ffff0ff0 DR7: 00000400
 [  101.031125] Process btmrvl_main_ser (pid: 2010, ti=ed4a4000 task=ef923540 task.ti=ed4a4000)
 [  101.031174] Stack:
 [  101.031188]  c18126f8 c1651938 f853f8d2 00001003 00001003 f1292800 f1292808 f129380b
 [  101.031250]  f1292940 f00a4000 eddb1280 efc0f9c0 ed4a5f44 f853f8d2 00000040 00000000
 [  101.031312]  ef923540 c15ee096 ef923540 eddb12d4 00000004 f00a4000 00000040 00000000
 [  101.031376] Call Trace:
 [  101.031396]  [<f853f8d2>] ? btmrvl_sdio_process_int_status+0x272/0x3d0 [btmrvl_sdio]
 [  101.031444]  [<f853f8d2>] btmrvl_sdio_process_int_status+0x272/0x3d0 [btmrvl_sdio]
 [  101.031488]  [<c15ee096>] ? _raw_spin_unlock_irqrestore+0x36/0x70
 [  101.031526]  [<f85a46e4>] btmrvl_service_main_thread+0x244/0x300 [btmrvl]
 [  101.031568]  [<f853fb50>] ? btmrvl_sdio_poll_card_status.isra.6.constprop.7+0x90/0x90 [btmrvl_sdio]
 [  101.031619]  [<c107eda0>] ? try_to_wake_up+0x270/0x270
 [  101.031648]  [<f85a44a0>] ? btmrvl_process_event+0x3b0/0x3b0 [btmrvl]
 [  101.031686]  [<c106d19d>] kthread+0x7d/0x90
 [  101.031713]  [<c106d120>] ? flush_kthread_work+0x150/0x150
 [  101.031745]  [<c15f5a82>] kernel_thread_helper+0x6/0x10
...
 [  101.032008] EIP: [<c14f2ba9>] skb_put+0x99/0xa0 SS:ESP 0068:ed4a5ecc
 [  101.056125] ---[ end trace a0bd01d1a9a796c8 ]---

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: btmrvl: Use DIV_ROUND_UP macro
Andrei Emeltchenko [Fri, 28 Sep 2012 11:36:09 +0000 (14:36 +0300)]
Bluetooth: btmrvl: Use DIV_ROUND_UP macro

The kernel.h macro DIV_ROUND_UP performs the computation
(((n) + (d) - 1) / (d))

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: btmrvl: Correct num_block name
Andrei Emeltchenko [Fri, 28 Sep 2012 11:36:08 +0000 (14:36 +0300)]
Bluetooth: btmrvl: Correct num_block name

Make code readable by correcting name from buf_block_len to num_blocks
since it represent number of blocks; NOT a length of a block buffer.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: A2MP: Correct assoc_len size
Andrei Emeltchenko [Fri, 28 Sep 2012 13:55:00 +0000 (16:55 +0300)]
Bluetooth: A2MP: Correct assoc_len size

Correct assoc_len and fix warning for x86-64 by using %zu specifier.

Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Use %zu print specifier for size_t type
Andrei Emeltchenko [Fri, 28 Sep 2012 11:44:23 +0000 (14:44 +0300)]
Bluetooth: Use %zu print specifier for size_t type

Correct warnings

Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Factor out Create Configuration Response
Andrei Emeltchenko [Fri, 21 Sep 2012 09:30:05 +0000 (12:30 +0300)]
Bluetooth: Factor out Create Configuration Response

Use function to factor out similar code. For BR/EDR send EFS
Configuration Response immediately, for HS response will be sent
after receiving HCI Logical Link Complete event in the following
patches.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Factor out hci_queue_acl
Andrei Emeltchenko [Fri, 21 Sep 2012 09:30:04 +0000 (12:30 +0300)]
Bluetooth: Factor out hci_queue_acl

Use hci_chan as parameter instead of hci_conn as we need logical
handle from hci_chan for AMP link.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agobluetooth: Remove unneeded batostr function
Andrei Emeltchenko [Tue, 25 Sep 2012 09:49:46 +0000 (12:49 +0300)]
bluetooth: Remove unneeded batostr function

batostr is not needed anymore since for printing Bluetooth
addresses we use %pMR specifier.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Use %pMR instead of baswap in seq_show
Andrei Emeltchenko [Tue, 25 Sep 2012 09:49:45 +0000 (12:49 +0300)]
Bluetooth: Use %pMR instead of baswap in seq_show

Use new bluetooth address print specifier %pMR for printing
bluetooth addresses instead of dedicated variable and baswap.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Use %pMR in sprintf/seq_printf instead of batostr
Andrei Emeltchenko [Tue, 25 Sep 2012 09:49:44 +0000 (12:49 +0300)]
Bluetooth: Use %pMR in sprintf/seq_printf instead of batostr

Instead of old unsafe batostr function use %pMR print specifier
for printing Bluetooth addresses in sprintf and seq_printf
statements.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Use %pMR in debug instead of batostr
Andrei Emeltchenko [Tue, 25 Sep 2012 09:49:43 +0000 (12:49 +0300)]
Bluetooth: Use %pMR in debug instead of batostr

Instead of old unsafe batostr function use %pMR print specifier
for printing Bluetooth addresses in debug and error statements.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Force the process of unpair command if disconnect failed
Jefferson Delfes [Tue, 18 Sep 2012 17:36:54 +0000 (13:36 -0400)]
Bluetooth: Force the process of unpair command if disconnect failed

The unpair process tries to disconnect any connection pending with
remote. If there are some connection in connecting state, disconnect
command will fail and unpair mgmt command will stay pending.

That pending mgmt command can cause strange behavior like automatic
unpair after a lost connection.

Signed-off-by: Jefferson Delfes <jefferson.delfes@openbossa.org>
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Fix two warnings in BT_DBG
Gustavo Padovan [Thu, 27 Sep 2012 20:42:07 +0000 (17:42 -0300)]
Bluetooth: Fix two warnings in BT_DBG

We just need to use the right modifiers

Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Handle Accept phylink command status evt
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:24 +0000 (17:26 +0300)]
Bluetooth: AMP: Handle Accept phylink command status evt

When receiving HCI Command Status event for Accept Physical Link
execute HCI Write Remote AMP Assoc with data saved from A2MP Create
Physical Link Request.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Accept Physical Link
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:23 +0000 (17:26 +0300)]
Bluetooth: AMP: Accept Physical Link

When receiving A2MP Create Physical Link message execute HCI
Accept Physical Link command to AMP controller.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Process Chan Selected event
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:22 +0000 (17:26 +0300)]
Bluetooth: AMP: Process Chan Selected event

Channel Selected event indicates that link information data is available.
Read it with Read Local AMP Assoc command. The data shall be sent in the
A2MP Create Physical Link Request.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: A2MP: Add fallback to normal l2cap init sequence
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:21 +0000 (17:26 +0300)]
Bluetooth: A2MP: Add fallback to normal l2cap init sequence

When there is no remote AMP controller found fallback to normal
L2CAP sequence.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Write remote AMP Assoc
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:20 +0000 (17:26 +0300)]
Bluetooth: AMP: Write remote AMP Assoc

When receiving HCI Command Status after HCI Create Physical Link
execute HCI Write Remote AMP Assoc command to AMP controller.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Create Physical Link
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:19 +0000 (17:26 +0300)]
Bluetooth: AMP: Create Physical Link

When receiving A2MP Get AMP Assoc Response execute HCI Create Physical
Link to AMP controller. Define function which will run when receiving
HCI Command Status.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Add AMP key calculation
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:18 +0000 (17:26 +0300)]
Bluetooth: AMP: Add AMP key calculation

Function calculates AMP keys using hmac_sha256 helper. Calculated keys
are Generic AMP Link Key (gamp) and Dedicated AMP Link Key with
keyID "802b" for 802.11 PAL.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Add function to derive AMP key using hmac
Dmitry Kasatkin [Thu, 27 Sep 2012 14:26:17 +0000 (17:26 +0300)]
Bluetooth: Add function to derive AMP key using hmac

hmac(sha256) will be used for AMP key generation.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Choose connection based on capabilities
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:16 +0000 (17:26 +0300)]
Bluetooth: Choose connection based on capabilities

Choose which L2CAP connection to establish by checking support
for HS and remote side supported features.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: A2MP: Process A2MP Get AMP Assoc Rsp
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:15 +0000 (17:26 +0300)]
Bluetooth: A2MP: Process A2MP Get AMP Assoc Rsp

When receiving A2MP Get AMP Assoc Response save assoc data to remote
AMP controller list and prepare for creating physical link.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: A2MP: Process A2MP Getinfo Rsp
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:14 +0000 (17:26 +0300)]
Bluetooth: A2MP: Process A2MP Getinfo Rsp

Process A2MP Getinfo Response, send Get AMP Assoc Req.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Handle create / disc phylink req
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:13 +0000 (17:26 +0300)]
Bluetooth: AMP: Handle create / disc phylink req

Use hci_conn structure to keep track about AMP physical connections.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Remote AMP ctrl definitions
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:12 +0000 (17:26 +0300)]
Bluetooth: AMP: Remote AMP ctrl definitions

Create remote AMP controllers structure. It is used to keep information
about discovered remote AMP controllers by A2MP protocol.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Physical link struct and helpers
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:11 +0000 (17:26 +0300)]
Bluetooth: AMP: Physical link struct and helpers

Define physical link structures. Physical links are represented by
hci_conn structure. For BR/EDR we use type ACL_LINK and for AMP
we use AMP_LINK.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: A2MP: Process Discover Response
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:10 +0000 (17:26 +0300)]
Bluetooth: A2MP: Process Discover Response

When receiving A2MP Discover Response send A2MP Get Info Request
for each AMP controller in the discovery list.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Use HCI cmd to Read Loc AMP Assoc
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:09 +0000 (17:26 +0300)]
Bluetooth: AMP: Use HCI cmd to Read Loc AMP Assoc

When receiving A2MP Get AMP Assoc Request execute Read Local AMP Assoc
HCI command to AMP controller. If the AMP Assoc data is larger than it
can fit to HCI event only fragment is read. When all fragments are read
send A2MP Get AMP Assoc Response.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: AMP: Use HCI cmd to Read AMP Info
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:08 +0000 (17:26 +0300)]
Bluetooth: AMP: Use HCI cmd to Read AMP Info

When receiving A2MP Get Info Request execute Read Local AMP Info HCI
command to AMP controller with function to be executed upon receiving
command complete event. Function will handle A2MP Get Info Response.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: A2MP: Create amp_mgr global list
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:07 +0000 (17:26 +0300)]
Bluetooth: A2MP: Create amp_mgr global list

Create amp_mgr_list global list which will be used by different
hci devices to find amp_mgr.

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoBluetooth: Add HCI logical link cmds definitions
Andrei Emeltchenko [Thu, 27 Sep 2012 14:26:06 +0000 (17:26 +0300)]
Bluetooth: Add HCI logical link cmds definitions

Add a few definitions to hci.h

Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
12 years agoath5k: disable HW crypto in management frame
Chun-Yeow Yeoh [Fri, 14 Sep 2012 10:26:11 +0000 (18:26 +0800)]
ath5k: disable HW crypto in management frame

Hardware support for MFP is not available in ath5k. Thus,
this implementation allows the mac80211 stack to do the
actuall crypto operation.

Signed-off-by: Chun-Yeow Yeoh <yeohchunyeow@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agocarl9170: connect to 11w protected networks
Christian Lamparter [Sun, 2 Sep 2012 12:25:50 +0000 (14:25 +0200)]
carl9170: connect to 11w protected networks

Previously, it was not possible to connect to
networks which requires 11w to be supported by
the stations.

While the documentation hints that there's some
hardware support for offloading MFP "decryption",
this simple implementation relies on the mac80211
stack to do the actual crypto operations.

Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agop54: connect to 11w protected networks
Christian Lamparter [Fri, 7 Sep 2012 23:48:19 +0000 (01:48 +0200)]
p54: connect to 11w protected networks

Previously, it was not possible to connect to
networks which requires 11w to be supported by
the stations.

Note:

As all current (and old) firmwares corrupt
incoming, protected management frames, the
decryption offloading needs to be disabled.
This will be done automatically if needed.

Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agoiwlegacy: use eth_broadcast_addr
Johannes Berg [Wed, 19 Sep 2012 09:57:17 +0000 (11:57 +0200)]
iwlegacy: use eth_broadcast_addr

Instead of copying from a constant array
(which is still needed for other purposes)

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agoipw2x00: silence GCC warning for unused variable 'dev'
Paul Bolle [Fri, 21 Sep 2012 10:02:02 +0000 (12:02 +0200)]
ipw2x00: silence GCC warning for unused variable 'dev'

Building the libipw component without CONFIG_LIBIPW_DEBUG set triggers this GCC
warning:
    drivers/net/wireless/ipw2x00/libipw_wx.c:526:21: warning: unused variable 'dev' [-Wunused-variable]

The cause of this warning is that, without CONFIG_LIBIPW_DEBUG set,
LIBIPW_DEBUG_WX compiles away. Fix it by substituting ieee->dev for (its
equivalent) dev.

Signed-off-by: Paul Bolle <pebolle@tiscali.nl>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agobcma: handle BCM43227
Rafał Miłecki [Fri, 21 Sep 2012 06:38:38 +0000 (08:38 +0200)]
bcma: handle BCM43227

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Tested-by: Jack <x6719620@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agomwifiex: block scan request during heavy Tx traffic
Amitkumar Karwar [Fri, 21 Sep 2012 03:23:18 +0000 (20:23 -0700)]
mwifiex: block scan request during heavy Tx traffic

Currently scan operation is delayed/aborted based on Tx traffic
consistency. This decision is taken after receiving scan
response of first scan command from FW. But when heavy traffic
is running, we can not even afford to send first scan command
and go off channel for 30msec. We will block scan request in
this case.

Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agomwifiex: disconnect the device before entering suspend state
Amitkumar Karwar [Fri, 21 Sep 2012 03:23:17 +0000 (20:23 -0700)]
mwifiex: disconnect the device before entering suspend state

By default, device is disconnected before entering suspend state.
User can keep the connection alive by using module parameter
"disconect_on_suspend=0".

Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agobrcmfmac: get rid of void pointer in struct brcmf_cfg80211_priv
Arend van Spriel [Wed, 19 Sep 2012 20:21:18 +0000 (22:21 +0200)]
brcmfmac: get rid of void pointer in struct brcmf_cfg80211_priv

Field 'pub' in struct brcmf_cfg80211_priv was types as void pointer
and filled with parameter passed in brcmf_cfg80211_attach(). This
patch makes the type specific, ie. struct brcmf_pub.

Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agobrcmfmac: change struct brcmf_cfg80211_priv comments to kernel-doc
Arend van Spriel [Wed, 19 Sep 2012 20:21:17 +0000 (22:21 +0200)]
brcmfmac: change struct brcmf_cfg80211_priv comments to kernel-doc

Small step to fix structure commenting using kernel-doc syntax.

Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agobrcmfmac: clear control lock on usb error.
Hante Meuleman [Wed, 19 Sep 2012 20:21:16 +0000 (22:21 +0200)]
brcmfmac: clear control lock on usb error.

On a usb error the lock bit should be cleared.

Reviewed-by: Arend Van Spriel <arend@broadcom.com>
Signed-off-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agobrcmsmac: don't start device when RfKill is engaged
Piotr Haber [Wed, 19 Sep 2012 20:21:15 +0000 (22:21 +0200)]
brcmsmac: don't start device when RfKill is engaged

This patch fixes a bug when device is being started
while RfKill switch is engaged, leading to hang
due to partial initialization of hardware.

Tested-by: <dragonn@op.pl>
Reviewed-by: Arend van Spriel <arend@broadcom.com>
Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Piotr Haber <phaber@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agobrcmfmac: remove unused usb bmac model code.
Hante Meuleman [Wed, 19 Sep 2012 20:21:14 +0000 (22:21 +0200)]
brcmfmac: remove unused usb bmac model code.

clean up code.

Reviewed-by: Arend Van Spriel <arend@broadcom.com>
Signed-off-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agobrcmfmac: fix bug in determining phy bands.
Hante Meuleman [Wed, 19 Sep 2012 20:21:13 +0000 (22:21 +0200)]
brcmfmac: fix bug in determining phy bands.

This patch fixes a bug in routine where phy bands are determined.

Reviewed-by: Arend Van Spriel <arend@broadcom.com>
Signed-off-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agobrcmfmac: remove unused function.
Hante Meuleman [Wed, 19 Sep 2012 20:21:12 +0000 (22:21 +0200)]
brcmfmac: remove unused function.

clean up code.

Reviewed-by: Arend Van Spriel <arend@broadcom.com>
Signed-off-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agobrcmfmac: streamline SDIO read frame routine
Franky Lin [Wed, 19 Sep 2012 20:21:11 +0000 (22:21 +0200)]
brcmfmac: streamline SDIO read frame routine

SDIO read non-glomming frame routine handles first frame and
follow up frame read separately. But they share a lot of common
code. This patch abstracts a brcmf_sdio_hdparser function and
optimize the code flow for better readability and future
optimization.

Reviewed-by: Arend van Spriel <arend@broadcom.com>
Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Franky Lin <frankyl@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agobrcmfmac: store usb fw images in local linked list.
Hante Meuleman [Wed, 19 Sep 2012 20:21:10 +0000 (22:21 +0200)]
brcmfmac: store usb fw images in local linked list.

For suspend/resume it is necessary to store firmware in memory.
In order to support multiple usb dongles at the same time a linked
list of firmwares was created.

Reviewed-by: Arend Van Spriel <arend@broadcom.com>
Reviewed-by: Pieter-Paul Giesberts <pieterpg@broadcom.com>
Signed-off-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agobrcmfmac: fix debug printout of event data.
Hante Meuleman [Wed, 19 Sep 2012 20:21:09 +0000 (22:21 +0200)]
brcmfmac: fix debug printout of event data.

Some events result in printing of the buffer when debug is
enabled. This printing was not very efficient. Changed to
macro so it comes out nice and clean without filling log buffer.

Reviewed-by: Arend Van Spriel <arend@broadcom.com>
Signed-off-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agobrcmfmac: introduce scheduled scan support
Arend van Spriel [Wed, 19 Sep 2012 20:21:08 +0000 (22:21 +0200)]
brcmfmac: introduce scheduled scan support

This change add support for NL80211 scheduled scan. This may be used to
offload scanning to the device, which may give the host opportunity to
sleep. The newer versions of wpa_supplicant have support for this
functionality.

Reviewed-by: Franky (Zhenhui) Lin <frankyl@broadcom.com>
Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agobrcmfmac: extend brcmf_term_iscan() to abort e-scan
Arend van Spriel [Wed, 19 Sep 2012 20:21:07 +0000 (22:21 +0200)]
brcmfmac: extend brcmf_term_iscan() to abort e-scan

With the introduction of E-Scan there are two scan mechanisms
in the driver. I-Scan was aborted on suspend and bringing down
the device using brcmf_term_iscan(). The function has been
renamed to brcmf_abort_scanning() and covers e-scan abort as
well.

Reviewed-by: Franky (Zhenhui) Lin <frankyl@broadcom.com>
Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agobrcmfmac: fix sparse warnings in e-scan related code
Arend van Spriel [Wed, 19 Sep 2012 20:21:06 +0000 (22:21 +0200)]
brcmfmac: fix sparse warnings in e-scan related code

With the introduction of e-scan mechanism in brcmfmac
(e756af5 brcmfmac: add e-scan support.) a couple of sparse
warnings were introduced. This patch resolves those.

Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Reviewed-by: Franky (Zhenhui) Lin <frankyl@broadcom.com>
Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agomwifiex: fix issue in resumed scan operation
Amitkumar Karwar [Tue, 18 Sep 2012 22:33:32 +0000 (15:33 -0700)]
mwifiex: fix issue in resumed scan operation

When delayed scan operation is resumed, we just add next scan
command in queue but don't wakeup main thread to process the
command. Hence the command is downloaded to firmware only after
waking up the main thread by any other means.

This bug which was introduced after "mwifiex: improve scan delay
logic.." patch is fixed here.

Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agort2x00: Clean up RFCSR1 programming in rt2800_config_channel_rf3xxx.
Gertjan van Wingerde [Sun, 16 Sep 2012 20:29:53 +0000 (22:29 +0200)]
rt2x00: Clean up RFCSR1 programming in rt2800_config_channel_rf3xxx.

Setting of the individual fields of the RF register can be simplified.

Signed-off-by: Gertjan van Wingerde <gwingerde@gmail.com>
Acked-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agort2x00: Code style cleanup in rt2800lib.c
Gertjan van Wingerde [Sun, 16 Sep 2012 20:29:52 +0000 (22:29 +0200)]
rt2x00: Code style cleanup in rt2800lib.c

Signed-off-by: Gertjan van Wingerde <gwingerde@gmail.com>
Acked-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agort2x00: rt2800lib - code cleanup.
Gertjan van Wingerde [Sun, 16 Sep 2012 20:29:51 +0000 (22:29 +0200)]
rt2x00: rt2800lib - code cleanup.

Move RT3290 BBP initialization sequence (part) to the right place in the code.

This is just a code style change, no functional changes.

Signed-off-by: Gertjan van Wingerde <gwingerde@gmail.com>
Acked-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agort2x00: rt2800 - Fix default vgc values for RT3572
Gertjan van Wingerde [Sun, 16 Sep 2012 20:29:50 +0000 (22:29 +0200)]
rt2x00: rt2800 - Fix default vgc values for RT3572

Align with the values used by the RT3572 Ralink vendor driver v2.5.0.0.

Signed-off-by: Gertjan van Wingerde <gwingerde@gmail.com>
Acked-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agort2x00: Code clean up in rt2800lib.
Gertjan van Wingerde [Sun, 16 Sep 2012 20:29:49 +0000 (22:29 +0200)]
rt2x00: Code clean up in rt2800lib.

Make the code in rt2800_get_default_vgc more understandable and
readable, especially for the 5GHz band values.

Signed-off-by: Gertjan van Wingerde <gwingerde@gmail.com>
Acked-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agoath9k_hw: Enable WLAN RX diversity for AR9565
Sujith Manoharan [Sun, 16 Sep 2012 02:37:12 +0000 (08:07 +0530)]
ath9k_hw: Enable WLAN RX diversity for AR9565

Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agoath9k: Add a module parameter to enable diversity
Sujith Manoharan [Sun, 16 Sep 2012 02:36:56 +0000 (08:06 +0530)]
ath9k: Add a module parameter to enable diversity

Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agoath9k_hw: Add a HW callback to set diversity
Sujith Manoharan [Sun, 16 Sep 2012 02:36:36 +0000 (08:06 +0530)]
ath9k_hw: Add a HW callback to set diversity

This patch adds a new callback to handle WLAN RX diversity for
AR9565.

Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agoath9k_hw: Update AR9565 initvals
Sujith Manoharan [Sun, 16 Sep 2012 02:36:22 +0000 (08:06 +0530)]
ath9k_hw: Update AR9565 initvals

Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agoath9k_hw: Add antenna diversity group for AR9565
Sujith Manoharan [Sun, 16 Sep 2012 02:36:08 +0000 (08:06 +0530)]
ath9k_hw: Add antenna diversity group for AR9565

Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
12 years agoath9k: Remove a couple of unused variables
Sujith Manoharan [Sun, 16 Sep 2012 02:35:54 +0000 (08:05 +0530)]
ath9k: Remove a couple of unused variables

Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>