aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorJohn W. Linville <linville@tuxdriver.com>2013-08-29 14:08:24 -0400
committerJohn W. Linville <linville@tuxdriver.com>2013-08-29 14:08:24 -0400
commit0d8165e9fca119b804de2cf35674e07c36c9704f (patch)
tree3d66d027b502b6fdb98666a9121c7f52b48c657d /net
parent4c9d546f6c522f541dfb01e192ab7101eca0053b (diff)
parent076f0d20b636ef0e701e21e701c0631b5757b732 (diff)
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem
Conflicts: drivers/net/wireless/iwlwifi/pcie/trans.c
Diffstat (limited to 'net')
-rw-r--r--net/bluetooth/hci_conn.c62
-rw-r--r--net/bluetooth/hci_core.c14
-rw-r--r--net/bluetooth/hci_event.c29
-rw-r--r--net/bluetooth/hidp/core.c40
-rw-r--r--net/bluetooth/l2cap_core.c3
-rw-r--r--net/bluetooth/rfcomm/tty.c271
-rw-r--r--net/bluetooth/sco.c85
-rw-r--r--net/mac80211/cfg.c15
-rw-r--r--net/mac80211/ibss.c226
-rw-r--r--net/mac80211/ieee80211_i.h3
-rw-r--r--net/mac80211/iface.c19
-rw-r--r--net/mac80211/key.c154
-rw-r--r--net/mac80211/main.c3
-rw-r--r--net/mac80211/mesh.c3
-rw-r--r--net/mac80211/mlme.c20
-rw-r--r--net/mac80211/rate.c23
-rw-r--r--net/mac80211/rc80211_minstrel_ht.c5
-rw-r--r--net/mac80211/rx.c407
-rw-r--r--net/mac80211/tx.c14
-rw-r--r--net/mac80211/util.c2
-rw-r--r--net/nfc/core.c22
-rw-r--r--net/nfc/hci/core.c2
-rw-r--r--net/nfc/netlink.c95
-rw-r--r--net/nfc/nfc.h5
-rw-r--r--net/rfkill/rfkill-regulator.c8
-rw-r--r--net/wireless/mlme.c4
-rw-r--r--net/wireless/nl80211.c80
-rw-r--r--net/wireless/nl80211.h2
-rw-r--r--net/wireless/rdev-ops.h5
-rw-r--r--net/wireless/trace.h8
30 files changed, 1046 insertions, 583 deletions
diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c
index 6c7f36379722..f0817121ec5e 100644
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -31,6 +31,24 @@
31#include <net/bluetooth/a2mp.h> 31#include <net/bluetooth/a2mp.h>
32#include <net/bluetooth/smp.h> 32#include <net/bluetooth/smp.h>
33 33
34struct sco_param {
35 u16 pkt_type;
36 u16 max_latency;
37};
38
39static const struct sco_param sco_param_cvsd[] = {
40 { EDR_ESCO_MASK & ~ESCO_2EV3, 0x000a }, /* S3 */
41 { EDR_ESCO_MASK & ~ESCO_2EV3, 0x0007 }, /* S2 */
42 { EDR_ESCO_MASK | ESCO_EV3, 0x0007 }, /* S1 */
43 { EDR_ESCO_MASK | ESCO_HV3, 0xffff }, /* D1 */
44 { EDR_ESCO_MASK | ESCO_HV1, 0xffff }, /* D0 */
45};
46
47static const struct sco_param sco_param_wideband[] = {
48 { EDR_ESCO_MASK & ~ESCO_2EV3, 0x000d }, /* T2 */
49 { EDR_ESCO_MASK | ESCO_EV3, 0x0008 }, /* T1 */
50};
51
34static void hci_le_create_connection(struct hci_conn *conn) 52static void hci_le_create_connection(struct hci_conn *conn)
35{ 53{
36 struct hci_dev *hdev = conn->hdev; 54 struct hci_dev *hdev = conn->hdev;
@@ -172,10 +190,11 @@ static void hci_add_sco(struct hci_conn *conn, __u16 handle)
172 hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp); 190 hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp);
173} 191}
174 192
175void hci_setup_sync(struct hci_conn *conn, __u16 handle) 193bool hci_setup_sync(struct hci_conn *conn, __u16 handle)
176{ 194{
177 struct hci_dev *hdev = conn->hdev; 195 struct hci_dev *hdev = conn->hdev;
178 struct hci_cp_setup_sync_conn cp; 196 struct hci_cp_setup_sync_conn cp;
197 const struct sco_param *param;
179 198
180 BT_DBG("hcon %p", conn); 199 BT_DBG("hcon %p", conn);
181 200
@@ -185,15 +204,35 @@ void hci_setup_sync(struct hci_conn *conn, __u16 handle)
185 conn->attempt++; 204 conn->attempt++;
186 205
187 cp.handle = cpu_to_le16(handle); 206 cp.handle = cpu_to_le16(handle);
188 cp.pkt_type = cpu_to_le16(conn->pkt_type);
189 207
190 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40); 208 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
191 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40); 209 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
192 cp.max_latency = __constant_cpu_to_le16(0xffff); 210 cp.voice_setting = cpu_to_le16(conn->setting);
193 cp.voice_setting = cpu_to_le16(hdev->voice_setting); 211
194 cp.retrans_effort = 0xff; 212 switch (conn->setting & SCO_AIRMODE_MASK) {
213 case SCO_AIRMODE_TRANSP:
214 if (conn->attempt > ARRAY_SIZE(sco_param_wideband))
215 return false;
216 cp.retrans_effort = 0x02;
217 param = &sco_param_wideband[conn->attempt - 1];
218 break;
219 case SCO_AIRMODE_CVSD:
220 if (conn->attempt > ARRAY_SIZE(sco_param_cvsd))
221 return false;
222 cp.retrans_effort = 0x01;
223 param = &sco_param_cvsd[conn->attempt - 1];
224 break;
225 default:
226 return false;
227 }
195 228
196 hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp); 229 cp.pkt_type = __cpu_to_le16(param->pkt_type);
230 cp.max_latency = __cpu_to_le16(param->max_latency);
231
232 if (hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp) < 0)
233 return false;
234
235 return true;
197} 236}
198 237
199void hci_le_conn_update(struct hci_conn *conn, u16 min, u16 max, 238void hci_le_conn_update(struct hci_conn *conn, u16 min, u16 max,
@@ -560,13 +599,13 @@ static struct hci_conn *hci_connect_acl(struct hci_dev *hdev, bdaddr_t *dst,
560 return acl; 599 return acl;
561} 600}
562 601
563static struct hci_conn *hci_connect_sco(struct hci_dev *hdev, int type, 602struct hci_conn *hci_connect_sco(struct hci_dev *hdev, int type, bdaddr_t *dst,
564 bdaddr_t *dst, u8 sec_level, u8 auth_type) 603 __u16 setting)
565{ 604{
566 struct hci_conn *acl; 605 struct hci_conn *acl;
567 struct hci_conn *sco; 606 struct hci_conn *sco;
568 607
569 acl = hci_connect_acl(hdev, dst, sec_level, auth_type); 608 acl = hci_connect_acl(hdev, dst, BT_SECURITY_LOW, HCI_AT_NO_BONDING);
570 if (IS_ERR(acl)) 609 if (IS_ERR(acl))
571 return acl; 610 return acl;
572 611
@@ -584,6 +623,8 @@ static struct hci_conn *hci_connect_sco(struct hci_dev *hdev, int type,
584 623
585 hci_conn_hold(sco); 624 hci_conn_hold(sco);
586 625
626 sco->setting = setting;
627
587 if (acl->state == BT_CONNECTED && 628 if (acl->state == BT_CONNECTED &&
588 (sco->state == BT_OPEN || sco->state == BT_CLOSED)) { 629 (sco->state == BT_OPEN || sco->state == BT_CLOSED)) {
589 set_bit(HCI_CONN_POWER_SAVE, &acl->flags); 630 set_bit(HCI_CONN_POWER_SAVE, &acl->flags);
@@ -612,9 +653,6 @@ struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst,
612 return hci_connect_le(hdev, dst, dst_type, sec_level, auth_type); 653 return hci_connect_le(hdev, dst, dst_type, sec_level, auth_type);
613 case ACL_LINK: 654 case ACL_LINK:
614 return hci_connect_acl(hdev, dst, sec_level, auth_type); 655 return hci_connect_acl(hdev, dst, sec_level, auth_type);
615 case SCO_LINK:
616 case ESCO_LINK:
617 return hci_connect_sco(hdev, type, dst, sec_level, auth_type);
618 } 656 }
619 657
620 return ERR_PTR(-EINVAL); 658 return ERR_PTR(-EINVAL);
diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c
index cc27297da5a9..634debab4d54 100644
--- a/net/bluetooth/hci_core.c
+++ b/net/bluetooth/hci_core.c
@@ -454,6 +454,18 @@ static void hci_setup_event_mask(struct hci_request *req)
454 events[4] |= 0x04; /* Read Remote Extended Features Complete */ 454 events[4] |= 0x04; /* Read Remote Extended Features Complete */
455 events[5] |= 0x08; /* Synchronous Connection Complete */ 455 events[5] |= 0x08; /* Synchronous Connection Complete */
456 events[5] |= 0x10; /* Synchronous Connection Changed */ 456 events[5] |= 0x10; /* Synchronous Connection Changed */
457 } else {
458 /* Use a different default for LE-only devices */
459 memset(events, 0, sizeof(events));
460 events[0] |= 0x10; /* Disconnection Complete */
461 events[0] |= 0x80; /* Encryption Change */
462 events[1] |= 0x08; /* Read Remote Version Information Complete */
463 events[1] |= 0x20; /* Command Complete */
464 events[1] |= 0x40; /* Command Status */
465 events[1] |= 0x80; /* Hardware Error */
466 events[2] |= 0x04; /* Number of Completed Packets */
467 events[3] |= 0x02; /* Data Buffer Overflow */
468 events[5] |= 0x80; /* Encryption Key Refresh Complete */
457 } 469 }
458 470
459 if (lmp_inq_rssi_capable(hdev)) 471 if (lmp_inq_rssi_capable(hdev))
@@ -608,7 +620,7 @@ static void hci_init3_req(struct hci_request *req, unsigned long opt)
608 * as supported send it. If not supported assume that the controller 620 * as supported send it. If not supported assume that the controller
609 * does not have actual support for stored link keys which makes this 621 * does not have actual support for stored link keys which makes this
610 * command redundant anyway. 622 * command redundant anyway.
611 */ 623 */
612 if (hdev->commands[6] & 0x80) { 624 if (hdev->commands[6] & 0x80) {
613 struct hci_cp_delete_stored_link_key cp; 625 struct hci_cp_delete_stored_link_key cp;
614 626
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index 0437200d92f4..94aab73f89d4 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -2904,15 +2904,16 @@ static void hci_sync_conn_complete_evt(struct hci_dev *hdev,
2904 hci_conn_add_sysfs(conn); 2904 hci_conn_add_sysfs(conn);
2905 break; 2905 break;
2906 2906
2907 case 0x0d: /* Connection Rejected due to Limited Resources */
2907 case 0x11: /* Unsupported Feature or Parameter Value */ 2908 case 0x11: /* Unsupported Feature or Parameter Value */
2908 case 0x1c: /* SCO interval rejected */ 2909 case 0x1c: /* SCO interval rejected */
2909 case 0x1a: /* Unsupported Remote Feature */ 2910 case 0x1a: /* Unsupported Remote Feature */
2910 case 0x1f: /* Unspecified error */ 2911 case 0x1f: /* Unspecified error */
2911 if (conn->out && conn->attempt < 2) { 2912 if (conn->out) {
2912 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) | 2913 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
2913 (hdev->esco_type & EDR_ESCO_MASK); 2914 (hdev->esco_type & EDR_ESCO_MASK);
2914 hci_setup_sync(conn, conn->link->handle); 2915 if (hci_setup_sync(conn, conn->link->handle))
2915 goto unlock; 2916 goto unlock;
2916 } 2917 }
2917 /* fall through */ 2918 /* fall through */
2918 2919
@@ -3024,17 +3025,20 @@ unlock:
3024static u8 hci_get_auth_req(struct hci_conn *conn) 3025static u8 hci_get_auth_req(struct hci_conn *conn)
3025{ 3026{
3026 /* If remote requests dedicated bonding follow that lead */ 3027 /* If remote requests dedicated bonding follow that lead */
3027 if (conn->remote_auth == 0x02 || conn->remote_auth == 0x03) { 3028 if (conn->remote_auth == HCI_AT_DEDICATED_BONDING ||
3029 conn->remote_auth == HCI_AT_DEDICATED_BONDING_MITM) {
3028 /* If both remote and local IO capabilities allow MITM 3030 /* If both remote and local IO capabilities allow MITM
3029 * protection then require it, otherwise don't */ 3031 * protection then require it, otherwise don't */
3030 if (conn->remote_cap == 0x03 || conn->io_capability == 0x03) 3032 if (conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT ||
3031 return 0x02; 3033 conn->io_capability == HCI_IO_NO_INPUT_OUTPUT)
3034 return HCI_AT_DEDICATED_BONDING;
3032 else 3035 else
3033 return 0x03; 3036 return HCI_AT_DEDICATED_BONDING_MITM;
3034 } 3037 }
3035 3038
3036 /* If remote requests no-bonding follow that lead */ 3039 /* If remote requests no-bonding follow that lead */
3037 if (conn->remote_auth == 0x00 || conn->remote_auth == 0x01) 3040 if (conn->remote_auth == HCI_AT_NO_BONDING ||
3041 conn->remote_auth == HCI_AT_NO_BONDING_MITM)
3038 return conn->remote_auth | (conn->auth_type & 0x01); 3042 return conn->remote_auth | (conn->auth_type & 0x01);
3039 3043
3040 return conn->auth_type; 3044 return conn->auth_type;
@@ -3066,7 +3070,7 @@ static void hci_io_capa_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
3066 /* Change the IO capability from KeyboardDisplay 3070 /* Change the IO capability from KeyboardDisplay
3067 * to DisplayYesNo as it is not supported by BT spec. */ 3071 * to DisplayYesNo as it is not supported by BT spec. */
3068 cp.capability = (conn->io_capability == 0x04) ? 3072 cp.capability = (conn->io_capability == 0x04) ?
3069 0x01 : conn->io_capability; 3073 HCI_IO_DISPLAY_YESNO : conn->io_capability;
3070 conn->auth_type = hci_get_auth_req(conn); 3074 conn->auth_type = hci_get_auth_req(conn);
3071 cp.authentication = conn->auth_type; 3075 cp.authentication = conn->auth_type;
3072 3076
@@ -3140,7 +3144,8 @@ static void hci_user_confirm_request_evt(struct hci_dev *hdev,
3140 * request. The only exception is when we're dedicated bonding 3144 * request. The only exception is when we're dedicated bonding
3141 * initiators (connect_cfm_cb set) since then we always have the MITM 3145 * initiators (connect_cfm_cb set) since then we always have the MITM
3142 * bit set. */ 3146 * bit set. */
3143 if (!conn->connect_cfm_cb && loc_mitm && conn->remote_cap == 0x03) { 3147 if (!conn->connect_cfm_cb && loc_mitm &&
3148 conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT) {
3144 BT_DBG("Rejecting request: remote device can't provide MITM"); 3149 BT_DBG("Rejecting request: remote device can't provide MITM");
3145 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY, 3150 hci_send_cmd(hdev, HCI_OP_USER_CONFIRM_NEG_REPLY,
3146 sizeof(ev->bdaddr), &ev->bdaddr); 3151 sizeof(ev->bdaddr), &ev->bdaddr);
@@ -3148,8 +3153,8 @@ static void hci_user_confirm_request_evt(struct hci_dev *hdev,
3148 } 3153 }
3149 3154
3150 /* If no side requires MITM protection; auto-accept */ 3155 /* If no side requires MITM protection; auto-accept */
3151 if ((!loc_mitm || conn->remote_cap == 0x03) && 3156 if ((!loc_mitm || conn->remote_cap == HCI_IO_NO_INPUT_OUTPUT) &&
3152 (!rem_mitm || conn->io_capability == 0x03)) { 3157 (!rem_mitm || conn->io_capability == HCI_IO_NO_INPUT_OUTPUT)) {
3153 3158
3154 /* If we're not the initiators request authorization to 3159 /* If we're not the initiators request authorization to
3155 * proceed from user space (mgmt_user_confirm with 3160 * proceed from user space (mgmt_user_confirm with
diff --git a/net/bluetooth/hidp/core.c b/net/bluetooth/hidp/core.c
index 0c699cdc3696..13863de433a4 100644
--- a/net/bluetooth/hidp/core.c
+++ b/net/bluetooth/hidp/core.c
@@ -238,6 +238,31 @@ static int hidp_send_report(struct hidp_session *session, struct hid_report *rep
238 return hidp_send_intr_message(session, hdr, buf, rsize); 238 return hidp_send_intr_message(session, hdr, buf, rsize);
239} 239}
240 240
241static int hidp_hidinput_event(struct input_dev *dev, unsigned int type,
242 unsigned int code, int value)
243{
244 struct hid_device *hid = input_get_drvdata(dev);
245 struct hidp_session *session = hid->driver_data;
246 struct hid_field *field;
247 int offset;
248
249 BT_DBG("session %p type %d code %d value %d",
250 session, type, code, value);
251
252 if (type != EV_LED)
253 return -1;
254
255 offset = hidinput_find_field(hid, type, code, &field);
256 if (offset == -1) {
257 hid_warn(dev, "event field not found\n");
258 return -1;
259 }
260
261 hid_set_field(field, offset, value);
262
263 return hidp_send_report(session, field->report);
264}
265
241static int hidp_get_raw_report(struct hid_device *hid, 266static int hidp_get_raw_report(struct hid_device *hid,
242 unsigned char report_number, 267 unsigned char report_number,
243 unsigned char *data, size_t count, 268 unsigned char *data, size_t count,
@@ -678,20 +703,6 @@ static int hidp_parse(struct hid_device *hid)
678 703
679static int hidp_start(struct hid_device *hid) 704static int hidp_start(struct hid_device *hid)
680{ 705{
681 struct hidp_session *session = hid->driver_data;
682 struct hid_report *report;
683
684 if (hid->quirks & HID_QUIRK_NO_INIT_REPORTS)
685 return 0;
686
687 list_for_each_entry(report, &hid->report_enum[HID_INPUT_REPORT].
688 report_list, list)
689 hidp_send_report(session, report);
690
691 list_for_each_entry(report, &hid->report_enum[HID_FEATURE_REPORT].
692 report_list, list)
693 hidp_send_report(session, report);
694
695 return 0; 706 return 0;
696} 707}
697 708
@@ -711,6 +722,7 @@ static struct hid_ll_driver hidp_hid_driver = {
711 .stop = hidp_stop, 722 .stop = hidp_stop,
712 .open = hidp_open, 723 .open = hidp_open,
713 .close = hidp_close, 724 .close = hidp_close,
725 .hidinput_input_event = hidp_hidinput_event,
714}; 726};
715 727
716/* This function sets up the hid device. It does not add it 728/* This function sets up the hid device. It does not add it
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index 8c3499bec893..b3bb7bca8e60 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -1415,8 +1415,9 @@ static void l2cap_conn_ready(struct l2cap_conn *conn)
1415 sk->sk_state_change(sk); 1415 sk->sk_state_change(sk);
1416 release_sock(sk); 1416 release_sock(sk);
1417 1417
1418 } else if (chan->state == BT_CONNECT) 1418 } else if (chan->state == BT_CONNECT) {
1419 l2cap_do_start(chan); 1419 l2cap_do_start(chan);
1420 }
1420 1421
1421 l2cap_chan_unlock(chan); 1422 l2cap_chan_unlock(chan);
1422 } 1423 }
diff --git a/net/bluetooth/rfcomm/tty.c b/net/bluetooth/rfcomm/tty.c
index b6e44ad6cca6..6d126faf145f 100644
--- a/net/bluetooth/rfcomm/tty.c
+++ b/net/bluetooth/rfcomm/tty.c
@@ -58,7 +58,6 @@ struct rfcomm_dev {
58 uint modem_status; 58 uint modem_status;
59 59
60 struct rfcomm_dlc *dlc; 60 struct rfcomm_dlc *dlc;
61 wait_queue_head_t wait;
62 61
63 struct device *tty_dev; 62 struct device *tty_dev;
64 63
@@ -76,13 +75,6 @@ static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig);
76 75
77/* ---- Device functions ---- */ 76/* ---- Device functions ---- */
78 77
79/*
80 * The reason this isn't actually a race, as you no doubt have a little voice
81 * screaming at you in your head, is that the refcount should never actually
82 * reach zero unless the device has already been taken off the list, in
83 * rfcomm_dev_del(). And if that's not true, we'll hit the BUG() in
84 * rfcomm_dev_destruct() anyway.
85 */
86static void rfcomm_dev_destruct(struct tty_port *port) 78static void rfcomm_dev_destruct(struct tty_port *port)
87{ 79{
88 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port); 80 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
@@ -90,10 +82,9 @@ static void rfcomm_dev_destruct(struct tty_port *port)
90 82
91 BT_DBG("dev %p dlc %p", dev, dlc); 83 BT_DBG("dev %p dlc %p", dev, dlc);
92 84
93 /* Refcount should only hit zero when called from rfcomm_dev_del() 85 spin_lock(&rfcomm_dev_lock);
94 which will have taken us off the list. Everything else are 86 list_del(&dev->list);
95 refcounting bugs. */ 87 spin_unlock(&rfcomm_dev_lock);
96 BUG_ON(!list_empty(&dev->list));
97 88
98 rfcomm_dlc_lock(dlc); 89 rfcomm_dlc_lock(dlc);
99 /* Detach DLC if it's owned by this dev */ 90 /* Detach DLC if it's owned by this dev */
@@ -112,8 +103,39 @@ static void rfcomm_dev_destruct(struct tty_port *port)
112 module_put(THIS_MODULE); 103 module_put(THIS_MODULE);
113} 104}
114 105
106/* device-specific initialization: open the dlc */
107static int rfcomm_dev_activate(struct tty_port *port, struct tty_struct *tty)
108{
109 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
110
111 return rfcomm_dlc_open(dev->dlc, &dev->src, &dev->dst, dev->channel);
112}
113
114/* we block the open until the dlc->state becomes BT_CONNECTED */
115static int rfcomm_dev_carrier_raised(struct tty_port *port)
116{
117 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
118
119 return (dev->dlc->state == BT_CONNECTED);
120}
121
122/* device-specific cleanup: close the dlc */
123static void rfcomm_dev_shutdown(struct tty_port *port)
124{
125 struct rfcomm_dev *dev = container_of(port, struct rfcomm_dev, port);
126
127 if (dev->tty_dev->parent)
128 device_move(dev->tty_dev, NULL, DPM_ORDER_DEV_LAST);
129
130 /* close the dlc */
131 rfcomm_dlc_close(dev->dlc, 0);
132}
133
115static const struct tty_port_operations rfcomm_port_ops = { 134static const struct tty_port_operations rfcomm_port_ops = {
116 .destruct = rfcomm_dev_destruct, 135 .destruct = rfcomm_dev_destruct,
136 .activate = rfcomm_dev_activate,
137 .shutdown = rfcomm_dev_shutdown,
138 .carrier_raised = rfcomm_dev_carrier_raised,
117}; 139};
118 140
119static struct rfcomm_dev *__rfcomm_dev_get(int id) 141static struct rfcomm_dev *__rfcomm_dev_get(int id)
@@ -236,7 +258,6 @@ static int rfcomm_dev_add(struct rfcomm_dev_req *req, struct rfcomm_dlc *dlc)
236 258
237 tty_port_init(&dev->port); 259 tty_port_init(&dev->port);
238 dev->port.ops = &rfcomm_port_ops; 260 dev->port.ops = &rfcomm_port_ops;
239 init_waitqueue_head(&dev->wait);
240 261
241 skb_queue_head_init(&dev->pending); 262 skb_queue_head_init(&dev->pending);
242 263
@@ -282,7 +303,9 @@ out:
282 dev->id, NULL); 303 dev->id, NULL);
283 if (IS_ERR(dev->tty_dev)) { 304 if (IS_ERR(dev->tty_dev)) {
284 err = PTR_ERR(dev->tty_dev); 305 err = PTR_ERR(dev->tty_dev);
306 spin_lock(&rfcomm_dev_lock);
285 list_del(&dev->list); 307 list_del(&dev->list);
308 spin_unlock(&rfcomm_dev_lock);
286 goto free; 309 goto free;
287 } 310 }
288 311
@@ -301,27 +324,6 @@ free:
301 return err; 324 return err;
302} 325}
303 326
304static void rfcomm_dev_del(struct rfcomm_dev *dev)
305{
306 unsigned long flags;
307 BT_DBG("dev %p", dev);
308
309 BUG_ON(test_and_set_bit(RFCOMM_TTY_RELEASED, &dev->flags));
310
311 spin_lock_irqsave(&dev->port.lock, flags);
312 if (dev->port.count > 0) {
313 spin_unlock_irqrestore(&dev->port.lock, flags);
314 return;
315 }
316 spin_unlock_irqrestore(&dev->port.lock, flags);
317
318 spin_lock(&rfcomm_dev_lock);
319 list_del_init(&dev->list);
320 spin_unlock(&rfcomm_dev_lock);
321
322 tty_port_put(&dev->port);
323}
324
325/* ---- Send buffer ---- */ 327/* ---- Send buffer ---- */
326static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc) 328static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc)
327{ 329{
@@ -333,10 +335,9 @@ static inline unsigned int rfcomm_room(struct rfcomm_dlc *dlc)
333static void rfcomm_wfree(struct sk_buff *skb) 335static void rfcomm_wfree(struct sk_buff *skb)
334{ 336{
335 struct rfcomm_dev *dev = (void *) skb->sk; 337 struct rfcomm_dev *dev = (void *) skb->sk;
336 struct tty_struct *tty = dev->port.tty;
337 atomic_sub(skb->truesize, &dev->wmem_alloc); 338 atomic_sub(skb->truesize, &dev->wmem_alloc);
338 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags) && tty) 339 if (test_bit(RFCOMM_TTY_ATTACHED, &dev->flags))
339 tty_wakeup(tty); 340 tty_port_tty_wakeup(&dev->port);
340 tty_port_put(&dev->port); 341 tty_port_put(&dev->port);
341} 342}
342 343
@@ -410,6 +411,7 @@ static int rfcomm_release_dev(void __user *arg)
410{ 411{
411 struct rfcomm_dev_req req; 412 struct rfcomm_dev_req req;
412 struct rfcomm_dev *dev; 413 struct rfcomm_dev *dev;
414 struct tty_struct *tty;
413 415
414 if (copy_from_user(&req, arg, sizeof(req))) 416 if (copy_from_user(&req, arg, sizeof(req)))
415 return -EFAULT; 417 return -EFAULT;
@@ -429,11 +431,15 @@ static int rfcomm_release_dev(void __user *arg)
429 rfcomm_dlc_close(dev->dlc, 0); 431 rfcomm_dlc_close(dev->dlc, 0);
430 432
431 /* Shut down TTY synchronously before freeing rfcomm_dev */ 433 /* Shut down TTY synchronously before freeing rfcomm_dev */
432 if (dev->port.tty) 434 tty = tty_port_tty_get(&dev->port);
433 tty_vhangup(dev->port.tty); 435 if (tty) {
436 tty_vhangup(tty);
437 tty_kref_put(tty);
438 }
439
440 if (!test_and_set_bit(RFCOMM_TTY_RELEASED, &dev->flags))
441 tty_port_put(&dev->port);
434 442
435 if (!test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags))
436 rfcomm_dev_del(dev);
437 tty_port_put(&dev->port); 443 tty_port_put(&dev->port);
438 return 0; 444 return 0;
439} 445}
@@ -563,16 +569,21 @@ static void rfcomm_dev_data_ready(struct rfcomm_dlc *dlc, struct sk_buff *skb)
563static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err) 569static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err)
564{ 570{
565 struct rfcomm_dev *dev = dlc->owner; 571 struct rfcomm_dev *dev = dlc->owner;
572 struct tty_struct *tty;
566 if (!dev) 573 if (!dev)
567 return; 574 return;
568 575
569 BT_DBG("dlc %p dev %p err %d", dlc, dev, err); 576 BT_DBG("dlc %p dev %p err %d", dlc, dev, err);
570 577
571 dev->err = err; 578 dev->err = err;
572 wake_up_interruptible(&dev->wait); 579 if (dlc->state == BT_CONNECTED) {
580 device_move(dev->tty_dev, rfcomm_get_device(dev),
581 DPM_ORDER_DEV_AFTER_PARENT);
573 582
574 if (dlc->state == BT_CLOSED) { 583 wake_up_interruptible(&dev->port.open_wait);
575 if (!dev->port.tty) { 584 } else if (dlc->state == BT_CLOSED) {
585 tty = tty_port_tty_get(&dev->port);
586 if (!tty) {
576 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) { 587 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) {
577 /* Drop DLC lock here to avoid deadlock 588 /* Drop DLC lock here to avoid deadlock
578 * 1. rfcomm_dev_get will take rfcomm_dev_lock 589 * 1. rfcomm_dev_get will take rfcomm_dev_lock
@@ -580,6 +591,9 @@ static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err)
580 * rfcomm_dev_lock -> dlc lock 591 * rfcomm_dev_lock -> dlc lock
581 * 2. tty_port_put will deadlock if it's 592 * 2. tty_port_put will deadlock if it's
582 * the last reference 593 * the last reference
594 *
595 * FIXME: when we release the lock anything
596 * could happen to dev, even its destruction
583 */ 597 */
584 rfcomm_dlc_unlock(dlc); 598 rfcomm_dlc_unlock(dlc);
585 if (rfcomm_dev_get(dev->id) == NULL) { 599 if (rfcomm_dev_get(dev->id) == NULL) {
@@ -587,12 +601,17 @@ static void rfcomm_dev_state_change(struct rfcomm_dlc *dlc, int err)
587 return; 601 return;
588 } 602 }
589 603
590 rfcomm_dev_del(dev); 604 if (!test_and_set_bit(RFCOMM_TTY_RELEASED,
605 &dev->flags))
606 tty_port_put(&dev->port);
607
591 tty_port_put(&dev->port); 608 tty_port_put(&dev->port);
592 rfcomm_dlc_lock(dlc); 609 rfcomm_dlc_lock(dlc);
593 } 610 }
594 } else 611 } else {
595 tty_hangup(dev->port.tty); 612 tty_hangup(tty);
613 tty_kref_put(tty);
614 }
596 } 615 }
597} 616}
598 617
@@ -604,10 +623,8 @@ static void rfcomm_dev_modem_status(struct rfcomm_dlc *dlc, u8 v24_sig)
604 623
605 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig); 624 BT_DBG("dlc %p dev %p v24_sig 0x%02x", dlc, dev, v24_sig);
606 625
607 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV)) { 626 if ((dev->modem_status & TIOCM_CD) && !(v24_sig & RFCOMM_V24_DV))
608 if (dev->port.tty && !C_CLOCAL(dev->port.tty)) 627 tty_port_tty_hangup(&dev->port, true);
609 tty_hangup(dev->port.tty);
610 }
611 628
612 dev->modem_status = 629 dev->modem_status =
613 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) | 630 ((v24_sig & RFCOMM_V24_RTC) ? (TIOCM_DSR | TIOCM_DTR) : 0) |
@@ -638,124 +655,92 @@ static void rfcomm_tty_copy_pending(struct rfcomm_dev *dev)
638 tty_flip_buffer_push(&dev->port); 655 tty_flip_buffer_push(&dev->port);
639} 656}
640 657
641static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp) 658/* do the reverse of install, clearing the tty fields and releasing the
659 * reference to tty_port
660 */
661static void rfcomm_tty_cleanup(struct tty_struct *tty)
642{ 662{
643 DECLARE_WAITQUEUE(wait, current); 663 struct rfcomm_dev *dev = tty->driver_data;
644 struct rfcomm_dev *dev;
645 struct rfcomm_dlc *dlc;
646 unsigned long flags;
647 int err, id;
648 664
649 id = tty->index; 665 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
650 666
651 BT_DBG("tty %p id %d", tty, id); 667 rfcomm_dlc_lock(dev->dlc);
668 tty->driver_data = NULL;
669 rfcomm_dlc_unlock(dev->dlc);
652 670
653 /* We don't leak this refcount. For reasons which are not entirely 671 /*
654 clear, the TTY layer will call our ->close() method even if the 672 * purge the dlc->tx_queue to avoid circular dependencies
655 open fails. We decrease the refcount there, and decreasing it 673 * between dev and dlc
656 here too would cause breakage. */ 674 */
657 dev = rfcomm_dev_get(id); 675 skb_queue_purge(&dev->dlc->tx_queue);
658 if (!dev)
659 return -ENODEV;
660 676
661 BT_DBG("dev %p dst %pMR channel %d opened %d", dev, &dev->dst, 677 tty_port_put(&dev->port);
662 dev->channel, dev->port.count); 678}
663 679
664 spin_lock_irqsave(&dev->port.lock, flags); 680/* we acquire the tty_port reference since it's here the tty is first used
665 if (++dev->port.count > 1) { 681 * by setting the termios. We also populate the driver_data field and install
666 spin_unlock_irqrestore(&dev->port.lock, flags); 682 * the tty port
667 return 0; 683 */
668 } 684static int rfcomm_tty_install(struct tty_driver *driver, struct tty_struct *tty)
669 spin_unlock_irqrestore(&dev->port.lock, flags); 685{
686 struct rfcomm_dev *dev;
687 struct rfcomm_dlc *dlc;
688 int err;
689
690 dev = rfcomm_dev_get(tty->index);
691 if (!dev)
692 return -ENODEV;
670 693
671 dlc = dev->dlc; 694 dlc = dev->dlc;
672 695
673 /* Attach TTY and open DLC */ 696 /* Attach TTY and open DLC */
674
675 rfcomm_dlc_lock(dlc); 697 rfcomm_dlc_lock(dlc);
676 tty->driver_data = dev; 698 tty->driver_data = dev;
677 dev->port.tty = tty;
678 rfcomm_dlc_unlock(dlc); 699 rfcomm_dlc_unlock(dlc);
679 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags); 700 set_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
680 701
681 err = rfcomm_dlc_open(dlc, &dev->src, &dev->dst, dev->channel); 702 /* install the tty_port */
682 if (err < 0) 703 err = tty_port_install(&dev->port, driver, tty);
683 return err; 704 if (err)
684 705 rfcomm_tty_cleanup(tty);
685 /* Wait for DLC to connect */
686 add_wait_queue(&dev->wait, &wait);
687 while (1) {
688 set_current_state(TASK_INTERRUPTIBLE);
689 706
690 if (dlc->state == BT_CLOSED) { 707 return err;
691 err = -dev->err; 708}
692 break;
693 }
694 709
695 if (dlc->state == BT_CONNECTED) 710static int rfcomm_tty_open(struct tty_struct *tty, struct file *filp)
696 break; 711{
712 struct rfcomm_dev *dev = tty->driver_data;
713 int err;
697 714
698 if (signal_pending(current)) { 715 BT_DBG("tty %p id %d", tty, tty->index);
699 err = -EINTR;
700 break;
701 }
702 716
703 tty_unlock(tty); 717 BT_DBG("dev %p dst %pMR channel %d opened %d", dev, &dev->dst,
704 schedule(); 718 dev->channel, dev->port.count);
705 tty_lock(tty);
706 }
707 set_current_state(TASK_RUNNING);
708 remove_wait_queue(&dev->wait, &wait);
709 719
710 if (err == 0) 720 err = tty_port_open(&dev->port, tty, filp);
711 device_move(dev->tty_dev, rfcomm_get_device(dev), 721 if (err)
712 DPM_ORDER_DEV_AFTER_PARENT); 722 return err;
713 723
724 /*
725 * FIXME: rfcomm should use proper flow control for
726 * received data. This hack will be unnecessary and can
727 * be removed when that's implemented
728 */
714 rfcomm_tty_copy_pending(dev); 729 rfcomm_tty_copy_pending(dev);
715 730
716 rfcomm_dlc_unthrottle(dev->dlc); 731 rfcomm_dlc_unthrottle(dev->dlc);
717 732
718 return err; 733 return 0;
719} 734}
720 735
721static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp) 736static void rfcomm_tty_close(struct tty_struct *tty, struct file *filp)
722{ 737{
723 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data; 738 struct rfcomm_dev *dev = (struct rfcomm_dev *) tty->driver_data;
724 unsigned long flags;
725
726 if (!dev)
727 return;
728 739
729 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc, 740 BT_DBG("tty %p dev %p dlc %p opened %d", tty, dev, dev->dlc,
730 dev->port.count); 741 dev->port.count);
731 742
732 spin_lock_irqsave(&dev->port.lock, flags); 743 tty_port_close(&dev->port, tty, filp);
733 if (!--dev->port.count) {
734 spin_unlock_irqrestore(&dev->port.lock, flags);
735 if (dev->tty_dev->parent)
736 device_move(dev->tty_dev, NULL, DPM_ORDER_DEV_LAST);
737
738 /* Close DLC and dettach TTY */
739 rfcomm_dlc_close(dev->dlc, 0);
740
741 clear_bit(RFCOMM_TTY_ATTACHED, &dev->flags);
742
743 rfcomm_dlc_lock(dev->dlc);
744 tty->driver_data = NULL;
745 dev->port.tty = NULL;
746 rfcomm_dlc_unlock(dev->dlc);
747
748 if (test_bit(RFCOMM_TTY_RELEASED, &dev->flags)) {
749 spin_lock(&rfcomm_dev_lock);
750 list_del_init(&dev->list);
751 spin_unlock(&rfcomm_dev_lock);
752
753 tty_port_put(&dev->port);
754 }
755 } else
756 spin_unlock_irqrestore(&dev->port.lock, flags);
757
758 tty_port_put(&dev->port);
759} 744}
760 745
761static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count) 746static int rfcomm_tty_write(struct tty_struct *tty, const unsigned char *buf, int count)
@@ -1055,17 +1040,11 @@ static void rfcomm_tty_hangup(struct tty_struct *tty)
1055 1040
1056 BT_DBG("tty %p dev %p", tty, dev); 1041 BT_DBG("tty %p dev %p", tty, dev);
1057 1042
1058 if (!dev) 1043 tty_port_hangup(&dev->port);
1059 return;
1060
1061 rfcomm_tty_flush_buffer(tty);
1062 1044
1063 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags)) { 1045 if (test_bit(RFCOMM_RELEASE_ONHUP, &dev->flags) &&
1064 if (rfcomm_dev_get(dev->id) == NULL) 1046 !test_and_set_bit(RFCOMM_TTY_RELEASED, &dev->flags))
1065 return;
1066 rfcomm_dev_del(dev);
1067 tty_port_put(&dev->port); 1047 tty_port_put(&dev->port);
1068 }
1069} 1048}
1070 1049
1071static int rfcomm_tty_tiocmget(struct tty_struct *tty) 1050static int rfcomm_tty_tiocmget(struct tty_struct *tty)
@@ -1128,6 +1107,8 @@ static const struct tty_operations rfcomm_ops = {
1128 .wait_until_sent = rfcomm_tty_wait_until_sent, 1107 .wait_until_sent = rfcomm_tty_wait_until_sent,
1129 .tiocmget = rfcomm_tty_tiocmget, 1108 .tiocmget = rfcomm_tty_tiocmget,
1130 .tiocmset = rfcomm_tty_tiocmset, 1109 .tiocmset = rfcomm_tty_tiocmset,
1110 .install = rfcomm_tty_install,
1111 .cleanup = rfcomm_tty_cleanup,
1131}; 1112};
1132 1113
1133int __init rfcomm_init_ttys(void) 1114int __init rfcomm_init_ttys(void)
@@ -1146,7 +1127,7 @@ int __init rfcomm_init_ttys(void)
1146 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL; 1127 rfcomm_tty_driver->subtype = SERIAL_TYPE_NORMAL;
1147 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV; 1128 rfcomm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_DYNAMIC_DEV;
1148 rfcomm_tty_driver->init_termios = tty_std_termios; 1129 rfcomm_tty_driver->init_termios = tty_std_termios;
1149 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL | CLOCAL; 1130 rfcomm_tty_driver->init_termios.c_cflag = B9600 | CS8 | CREAD | HUPCL;
1150 rfcomm_tty_driver->init_termios.c_lflag &= ~ICANON; 1131 rfcomm_tty_driver->init_termios.c_lflag &= ~ICANON;
1151 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops); 1132 tty_set_operations(rfcomm_tty_driver, &rfcomm_ops);
1152 1133
diff --git a/net/bluetooth/sco.c b/net/bluetooth/sco.c
index e7bd4eea575c..96bd388d93a4 100644
--- a/net/bluetooth/sco.c
+++ b/net/bluetooth/sco.c
@@ -176,8 +176,13 @@ static int sco_connect(struct sock *sk)
176 else 176 else
177 type = SCO_LINK; 177 type = SCO_LINK;
178 178
179 hcon = hci_connect(hdev, type, dst, BDADDR_BREDR, BT_SECURITY_LOW, 179 if (sco_pi(sk)->setting == BT_VOICE_TRANSPARENT &&
180 HCI_AT_NO_BONDING); 180 (!lmp_transp_capable(hdev) || !lmp_esco_capable(hdev))) {
181 err = -EOPNOTSUPP;
182 goto done;
183 }
184
185 hcon = hci_connect_sco(hdev, type, dst, sco_pi(sk)->setting);
181 if (IS_ERR(hcon)) { 186 if (IS_ERR(hcon)) {
182 err = PTR_ERR(hcon); 187 err = PTR_ERR(hcon);
183 goto done; 188 goto done;
@@ -417,6 +422,8 @@ static struct sock *sco_sock_alloc(struct net *net, struct socket *sock, int pro
417 sk->sk_protocol = proto; 422 sk->sk_protocol = proto;
418 sk->sk_state = BT_OPEN; 423 sk->sk_state = BT_OPEN;
419 424
425 sco_pi(sk)->setting = BT_VOICE_CVSD_16BIT;
426
420 setup_timer(&sk->sk_timer, sco_sock_timeout, (unsigned long)sk); 427 setup_timer(&sk->sk_timer, sco_sock_timeout, (unsigned long)sk);
421 428
422 bt_sock_link(&sco_sk_list, sk); 429 bt_sock_link(&sco_sk_list, sk);
@@ -652,7 +659,7 @@ static int sco_sock_sendmsg(struct kiocb *iocb, struct socket *sock,
652 return err; 659 return err;
653} 660}
654 661
655static void sco_conn_defer_accept(struct hci_conn *conn, int mask) 662static void sco_conn_defer_accept(struct hci_conn *conn, u16 setting)
656{ 663{
657 struct hci_dev *hdev = conn->hdev; 664 struct hci_dev *hdev = conn->hdev;
658 665
@@ -664,11 +671,7 @@ static void sco_conn_defer_accept(struct hci_conn *conn, int mask)
664 struct hci_cp_accept_conn_req cp; 671 struct hci_cp_accept_conn_req cp;
665 672
666 bacpy(&cp.bdaddr, &conn->dst); 673 bacpy(&cp.bdaddr, &conn->dst);
667 674 cp.role = 0x00; /* Ignored */
668 if (lmp_rswitch_capable(hdev) && (mask & HCI_LM_MASTER))
669 cp.role = 0x00; /* Become master */
670 else
671 cp.role = 0x01; /* Remain slave */
672 675
673 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), &cp); 676 hci_send_cmd(hdev, HCI_OP_ACCEPT_CONN_REQ, sizeof(cp), &cp);
674 } else { 677 } else {
@@ -679,9 +682,21 @@ static void sco_conn_defer_accept(struct hci_conn *conn, int mask)
679 682
680 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40); 683 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
681 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40); 684 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
682 cp.max_latency = __constant_cpu_to_le16(0xffff); 685 cp.content_format = cpu_to_le16(setting);
683 cp.content_format = cpu_to_le16(hdev->voice_setting); 686
684 cp.retrans_effort = 0xff; 687 switch (setting & SCO_AIRMODE_MASK) {
688 case SCO_AIRMODE_TRANSP:
689 if (conn->pkt_type & ESCO_2EV3)
690 cp.max_latency = __constant_cpu_to_le16(0x0008);
691 else
692 cp.max_latency = __constant_cpu_to_le16(0x000D);
693 cp.retrans_effort = 0x02;
694 break;
695 case SCO_AIRMODE_CVSD:
696 cp.max_latency = __constant_cpu_to_le16(0xffff);
697 cp.retrans_effort = 0xff;
698 break;
699 }
685 700
686 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ, 701 hci_send_cmd(hdev, HCI_OP_ACCEPT_SYNC_CONN_REQ,
687 sizeof(cp), &cp); 702 sizeof(cp), &cp);
@@ -698,7 +713,7 @@ static int sco_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
698 713
699 if (sk->sk_state == BT_CONNECT2 && 714 if (sk->sk_state == BT_CONNECT2 &&
700 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) { 715 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
701 sco_conn_defer_accept(pi->conn->hcon, 0); 716 sco_conn_defer_accept(pi->conn->hcon, pi->setting);
702 sk->sk_state = BT_CONFIG; 717 sk->sk_state = BT_CONFIG;
703 msg->msg_namelen = 0; 718 msg->msg_namelen = 0;
704 719
@@ -714,7 +729,8 @@ static int sco_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
714static int sco_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen) 729static int sco_sock_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen)
715{ 730{
716 struct sock *sk = sock->sk; 731 struct sock *sk = sock->sk;
717 int err = 0; 732 int len, err = 0;
733 struct bt_voice voice;
718 u32 opt; 734 u32 opt;
719 735
720 BT_DBG("sk %p", sk); 736 BT_DBG("sk %p", sk);
@@ -740,6 +756,31 @@ static int sco_sock_setsockopt(struct socket *sock, int level, int optname, char
740 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags); 756 clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags);
741 break; 757 break;
742 758
759 case BT_VOICE:
760 if (sk->sk_state != BT_OPEN && sk->sk_state != BT_BOUND &&
761 sk->sk_state != BT_CONNECT2) {
762 err = -EINVAL;
763 break;
764 }
765
766 voice.setting = sco_pi(sk)->setting;
767
768 len = min_t(unsigned int, sizeof(voice), optlen);
769 if (copy_from_user((char *) &voice, optval, len)) {
770 err = -EFAULT;
771 break;
772 }
773
774 /* Explicitly check for these values */
775 if (voice.setting != BT_VOICE_TRANSPARENT &&
776 voice.setting != BT_VOICE_CVSD_16BIT) {
777 err = -EINVAL;
778 break;
779 }
780
781 sco_pi(sk)->setting = voice.setting;
782 break;
783
743 default: 784 default:
744 err = -ENOPROTOOPT; 785 err = -ENOPROTOOPT;
745 break; 786 break;
@@ -765,7 +806,9 @@ static int sco_sock_getsockopt_old(struct socket *sock, int optname, char __user
765 806
766 switch (optname) { 807 switch (optname) {
767 case SCO_OPTIONS: 808 case SCO_OPTIONS:
768 if (sk->sk_state != BT_CONNECTED) { 809 if (sk->sk_state != BT_CONNECTED &&
810 !(sk->sk_state == BT_CONNECT2 &&
811 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
769 err = -ENOTCONN; 812 err = -ENOTCONN;
770 break; 813 break;
771 } 814 }
@@ -781,7 +824,9 @@ static int sco_sock_getsockopt_old(struct socket *sock, int optname, char __user
781 break; 824 break;
782 825
783 case SCO_CONNINFO: 826 case SCO_CONNINFO:
784 if (sk->sk_state != BT_CONNECTED) { 827 if (sk->sk_state != BT_CONNECTED &&
828 !(sk->sk_state == BT_CONNECT2 &&
829 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags))) {
785 err = -ENOTCONN; 830 err = -ENOTCONN;
786 break; 831 break;
787 } 832 }
@@ -809,6 +854,7 @@ static int sco_sock_getsockopt(struct socket *sock, int level, int optname, char
809{ 854{
810 struct sock *sk = sock->sk; 855 struct sock *sk = sock->sk;
811 int len, err = 0; 856 int len, err = 0;
857 struct bt_voice voice;
812 858
813 BT_DBG("sk %p", sk); 859 BT_DBG("sk %p", sk);
814 860
@@ -834,6 +880,15 @@ static int sco_sock_getsockopt(struct socket *sock, int level, int optname, char
834 880
835 break; 881 break;
836 882
883 case BT_VOICE:
884 voice.setting = sco_pi(sk)->setting;
885
886 len = min_t(unsigned int, len, sizeof(voice));
887 if (copy_to_user(optval, (char *)&voice, len))
888 err = -EFAULT;
889
890 break;
891
837 default: 892 default:
838 err = -ENOPROTOOPT; 893 err = -ENOPROTOOPT;
839 break; 894 break;
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index 31fc2247bc37..2e7855a1b10d 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -2302,14 +2302,25 @@ static void ieee80211_rfkill_poll(struct wiphy *wiphy)
2302} 2302}
2303 2303
2304#ifdef CONFIG_NL80211_TESTMODE 2304#ifdef CONFIG_NL80211_TESTMODE
2305static int ieee80211_testmode_cmd(struct wiphy *wiphy, void *data, int len) 2305static int ieee80211_testmode_cmd(struct wiphy *wiphy,
2306 struct wireless_dev *wdev,
2307 void *data, int len)
2306{ 2308{
2307 struct ieee80211_local *local = wiphy_priv(wiphy); 2309 struct ieee80211_local *local = wiphy_priv(wiphy);
2310 struct ieee80211_vif *vif = NULL;
2308 2311
2309 if (!local->ops->testmode_cmd) 2312 if (!local->ops->testmode_cmd)
2310 return -EOPNOTSUPP; 2313 return -EOPNOTSUPP;
2311 2314
2312 return local->ops->testmode_cmd(&local->hw, data, len); 2315 if (wdev) {
2316 struct ieee80211_sub_if_data *sdata;
2317
2318 sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
2319 if (sdata->flags & IEEE80211_SDATA_IN_DRIVER)
2320 vif = &sdata->vif;
2321 }
2322
2323 return local->ops->testmode_cmd(&local->hw, vif, data, len);
2313} 2324}
2314 2325
2315static int ieee80211_testmode_dump(struct wiphy *wiphy, 2326static int ieee80211_testmode_dump(struct wiphy *wiphy,
diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c
index e08387cdc8fd..a12afe77bb26 100644
--- a/net/mac80211/ibss.c
+++ b/net/mac80211/ibss.c
@@ -34,13 +34,12 @@
34 34
35#define IEEE80211_IBSS_MAX_STA_ENTRIES 128 35#define IEEE80211_IBSS_MAX_STA_ENTRIES 128
36 36
37 37static struct beacon_data *
38static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata, 38ieee80211_ibss_build_presp(struct ieee80211_sub_if_data *sdata,
39 const u8 *bssid, const int beacon_int, 39 const int beacon_int, const u32 basic_rates,
40 struct ieee80211_channel *chan, 40 const u16 capability, u64 tsf,
41 const u32 basic_rates, 41 struct cfg80211_chan_def *chandef,
42 const u16 capability, u64 tsf, 42 bool *have_higher_than_11mbit)
43 bool creator)
44{ 43{
45 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; 44 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
46 struct ieee80211_local *local = sdata->local; 45 struct ieee80211_local *local = sdata->local;
@@ -48,70 +47,11 @@ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
48 struct ieee80211_mgmt *mgmt; 47 struct ieee80211_mgmt *mgmt;
49 u8 *pos; 48 u8 *pos;
50 struct ieee80211_supported_band *sband; 49 struct ieee80211_supported_band *sband;
51 struct cfg80211_bss *bss; 50 u32 rate_flags, rates = 0, rates_added = 0;
52 u32 bss_change, rate_flags, rates = 0, rates_added = 0;
53 struct cfg80211_chan_def chandef;
54 enum nl80211_bss_scan_width scan_width;
55 bool have_higher_than_11mbit = false;
56 struct beacon_data *presp; 51 struct beacon_data *presp;
57 int frame_len; 52 int frame_len;
58 int shift; 53 int shift;
59 54
60 sdata_assert_lock(sdata);
61
62 /* Reset own TSF to allow time synchronization work. */
63 drv_reset_tsf(local, sdata);
64
65 if (!ether_addr_equal(ifibss->bssid, bssid))
66 sta_info_flush(sdata);
67
68 /* if merging, indicate to driver that we leave the old IBSS */
69 if (sdata->vif.bss_conf.ibss_joined) {
70 sdata->vif.bss_conf.ibss_joined = false;
71 sdata->vif.bss_conf.ibss_creator = false;
72 sdata->vif.bss_conf.enable_beacon = false;
73 netif_carrier_off(sdata->dev);
74 ieee80211_bss_info_change_notify(sdata,
75 BSS_CHANGED_IBSS |
76 BSS_CHANGED_BEACON_ENABLED);
77 }
78
79 presp = rcu_dereference_protected(ifibss->presp,
80 lockdep_is_held(&sdata->wdev.mtx));
81 rcu_assign_pointer(ifibss->presp, NULL);
82 if (presp)
83 kfree_rcu(presp, rcu_head);
84
85 sdata->drop_unencrypted = capability & WLAN_CAPABILITY_PRIVACY ? 1 : 0;
86
87 chandef = ifibss->chandef;
88 if (!cfg80211_reg_can_beacon(local->hw.wiphy, &chandef)) {
89 if (chandef.width == NL80211_CHAN_WIDTH_5 ||
90 chandef.width == NL80211_CHAN_WIDTH_10 ||
91 chandef.width == NL80211_CHAN_WIDTH_20_NOHT ||
92 chandef.width == NL80211_CHAN_WIDTH_20) {
93 sdata_info(sdata,
94 "Failed to join IBSS, beacons forbidden\n");
95 return;
96 }
97 chandef.width = NL80211_CHAN_WIDTH_20;
98 chandef.center_freq1 = chan->center_freq;
99 }
100
101 ieee80211_vif_release_channel(sdata);
102 if (ieee80211_vif_use_channel(sdata, &chandef,
103 ifibss->fixed_channel ?
104 IEEE80211_CHANCTX_SHARED :
105 IEEE80211_CHANCTX_EXCLUSIVE)) {
106 sdata_info(sdata, "Failed to join IBSS, no channel context\n");
107 return;
108 }
109
110 memcpy(ifibss->bssid, bssid, ETH_ALEN);
111
112 sband = local->hw.wiphy->bands[chan->band];
113 shift = ieee80211_vif_get_shift(&sdata->vif);
114
115 /* Build IBSS probe response */ 55 /* Build IBSS probe response */
116 frame_len = sizeof(struct ieee80211_hdr_3addr) + 56 frame_len = sizeof(struct ieee80211_hdr_3addr) +
117 12 /* struct ieee80211_mgmt.u.beacon */ + 57 12 /* struct ieee80211_mgmt.u.beacon */ +
@@ -125,7 +65,7 @@ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
125 ifibss->ie_len; 65 ifibss->ie_len;
126 presp = kzalloc(sizeof(*presp) + frame_len, GFP_KERNEL); 66 presp = kzalloc(sizeof(*presp) + frame_len, GFP_KERNEL);
127 if (!presp) 67 if (!presp)
128 return; 68 return NULL;
129 69
130 presp->head = (void *)(presp + 1); 70 presp->head = (void *)(presp + 1);
131 71
@@ -146,12 +86,19 @@ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
146 memcpy(pos, ifibss->ssid, ifibss->ssid_len); 86 memcpy(pos, ifibss->ssid, ifibss->ssid_len);
147 pos += ifibss->ssid_len; 87 pos += ifibss->ssid_len;
148 88
149 rate_flags = ieee80211_chandef_rate_flags(&chandef); 89 sband = local->hw.wiphy->bands[chandef->chan->band];
90 rate_flags = ieee80211_chandef_rate_flags(chandef);
91 shift = ieee80211_chandef_get_shift(chandef);
92 rates_n = 0;
93 if (have_higher_than_11mbit)
94 *have_higher_than_11mbit = false;
95
150 for (i = 0; i < sband->n_bitrates; i++) { 96 for (i = 0; i < sband->n_bitrates; i++) {
151 if ((rate_flags & sband->bitrates[i].flags) != rate_flags) 97 if ((rate_flags & sband->bitrates[i].flags) != rate_flags)
152 continue; 98 continue;
153 if (sband->bitrates[i].bitrate > 110) 99 if (sband->bitrates[i].bitrate > 110 &&
154 have_higher_than_11mbit = true; 100 have_higher_than_11mbit)
101 *have_higher_than_11mbit = true;
155 102
156 rates |= BIT(i); 103 rates |= BIT(i);
157 rates_n++; 104 rates_n++;
@@ -178,7 +125,8 @@ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
178 if (sband->band == IEEE80211_BAND_2GHZ) { 125 if (sband->band == IEEE80211_BAND_2GHZ) {
179 *pos++ = WLAN_EID_DS_PARAMS; 126 *pos++ = WLAN_EID_DS_PARAMS;
180 *pos++ = 1; 127 *pos++ = 1;
181 *pos++ = ieee80211_frequency_to_channel(chan->center_freq); 128 *pos++ = ieee80211_frequency_to_channel(
129 chandef->chan->center_freq);
182 } 130 }
183 131
184 *pos++ = WLAN_EID_IBSS_PARAMS; 132 *pos++ = WLAN_EID_IBSS_PARAMS;
@@ -210,9 +158,9 @@ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
210 } 158 }
211 159
212 /* add HT capability and information IEs */ 160 /* add HT capability and information IEs */
213 if (chandef.width != NL80211_CHAN_WIDTH_20_NOHT && 161 if (chandef->width != NL80211_CHAN_WIDTH_20_NOHT &&
214 chandef.width != NL80211_CHAN_WIDTH_5 && 162 chandef->width != NL80211_CHAN_WIDTH_5 &&
215 chandef.width != NL80211_CHAN_WIDTH_10 && 163 chandef->width != NL80211_CHAN_WIDTH_10 &&
216 sband->ht_cap.ht_supported) { 164 sband->ht_cap.ht_supported) {
217 struct ieee80211_sta_ht_cap ht_cap; 165 struct ieee80211_sta_ht_cap ht_cap;
218 166
@@ -226,7 +174,7 @@ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
226 * keep them at 0 174 * keep them at 0
227 */ 175 */
228 pos = ieee80211_ie_build_ht_oper(pos, &sband->ht_cap, 176 pos = ieee80211_ie_build_ht_oper(pos, &sband->ht_cap,
229 &chandef, 0); 177 chandef, 0);
230 } 178 }
231 179
232 if (local->hw.queues >= IEEE80211_NUM_ACS) { 180 if (local->hw.queues >= IEEE80211_NUM_ACS) {
@@ -243,9 +191,97 @@ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
243 191
244 presp->head_len = pos - presp->head; 192 presp->head_len = pos - presp->head;
245 if (WARN_ON(presp->head_len > frame_len)) 193 if (WARN_ON(presp->head_len > frame_len))
194 goto error;
195
196 return presp;
197error:
198 kfree(presp);
199 return NULL;
200}
201
202static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
203 const u8 *bssid, const int beacon_int,
204 struct cfg80211_chan_def *req_chandef,
205 const u32 basic_rates,
206 const u16 capability, u64 tsf,
207 bool creator)
208{
209 struct ieee80211_if_ibss *ifibss = &sdata->u.ibss;
210 struct ieee80211_local *local = sdata->local;
211 struct ieee80211_supported_band *sband;
212 struct ieee80211_mgmt *mgmt;
213 struct cfg80211_bss *bss;
214 u32 bss_change;
215 struct cfg80211_chan_def chandef;
216 struct ieee80211_channel *chan;
217 struct beacon_data *presp;
218 enum nl80211_bss_scan_width scan_width;
219 bool have_higher_than_11mbit;
220
221 sdata_assert_lock(sdata);
222
223 /* Reset own TSF to allow time synchronization work. */
224 drv_reset_tsf(local, sdata);
225
226 if (!ether_addr_equal(ifibss->bssid, bssid))
227 sta_info_flush(sdata);
228
229 /* if merging, indicate to driver that we leave the old IBSS */
230 if (sdata->vif.bss_conf.ibss_joined) {
231 sdata->vif.bss_conf.ibss_joined = false;
232 sdata->vif.bss_conf.ibss_creator = false;
233 sdata->vif.bss_conf.enable_beacon = false;
234 netif_carrier_off(sdata->dev);
235 ieee80211_bss_info_change_notify(sdata,
236 BSS_CHANGED_IBSS |
237 BSS_CHANGED_BEACON_ENABLED);
238 }
239
240 presp = rcu_dereference_protected(ifibss->presp,
241 lockdep_is_held(&sdata->wdev.mtx));
242 rcu_assign_pointer(ifibss->presp, NULL);
243 if (presp)
244 kfree_rcu(presp, rcu_head);
245
246 sdata->drop_unencrypted = capability & WLAN_CAPABILITY_PRIVACY ? 1 : 0;
247
248 /* make a copy of the chandef, it could be modified below. */
249 chandef = *req_chandef;
250 chan = chandef.chan;
251 if (!cfg80211_reg_can_beacon(local->hw.wiphy, &chandef)) {
252 if (chandef.width == NL80211_CHAN_WIDTH_5 ||
253 chandef.width == NL80211_CHAN_WIDTH_10 ||
254 chandef.width == NL80211_CHAN_WIDTH_20_NOHT ||
255 chandef.width == NL80211_CHAN_WIDTH_20) {
256 sdata_info(sdata,
257 "Failed to join IBSS, beacons forbidden\n");
258 return;
259 }
260 chandef.width = NL80211_CHAN_WIDTH_20;
261 chandef.center_freq1 = chan->center_freq;
262 }
263
264 ieee80211_vif_release_channel(sdata);
265 if (ieee80211_vif_use_channel(sdata, &chandef,
266 ifibss->fixed_channel ?
267 IEEE80211_CHANCTX_SHARED :
268 IEEE80211_CHANCTX_EXCLUSIVE)) {
269 sdata_info(sdata, "Failed to join IBSS, no channel context\n");
270 return;
271 }
272
273 memcpy(ifibss->bssid, bssid, ETH_ALEN);
274
275 sband = local->hw.wiphy->bands[chan->band];
276
277 presp = ieee80211_ibss_build_presp(sdata, beacon_int, basic_rates,
278 capability, tsf, &chandef,
279 &have_higher_than_11mbit);
280 if (!presp)
246 return; 281 return;
247 282
248 rcu_assign_pointer(ifibss->presp, presp); 283 rcu_assign_pointer(ifibss->presp, presp);
284 mgmt = (void *)presp->head;
249 285
250 sdata->vif.bss_conf.enable_beacon = true; 286 sdata->vif.bss_conf.enable_beacon = true;
251 sdata->vif.bss_conf.beacon_int = beacon_int; 287 sdata->vif.bss_conf.beacon_int = beacon_int;
@@ -306,10 +342,12 @@ static void ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
306 struct cfg80211_bss *cbss = 342 struct cfg80211_bss *cbss =
307 container_of((void *)bss, struct cfg80211_bss, priv); 343 container_of((void *)bss, struct cfg80211_bss, priv);
308 struct ieee80211_supported_band *sband; 344 struct ieee80211_supported_band *sband;
345 struct cfg80211_chan_def chandef;
309 u32 basic_rates; 346 u32 basic_rates;
310 int i, j; 347 int i, j;
311 u16 beacon_int = cbss->beacon_interval; 348 u16 beacon_int = cbss->beacon_interval;
312 const struct cfg80211_bss_ies *ies; 349 const struct cfg80211_bss_ies *ies;
350 enum nl80211_channel_type chan_type;
313 u64 tsf; 351 u64 tsf;
314 u32 rate_flags; 352 u32 rate_flags;
315 int shift; 353 int shift;
@@ -319,6 +357,26 @@ static void ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
319 if (beacon_int < 10) 357 if (beacon_int < 10)
320 beacon_int = 10; 358 beacon_int = 10;
321 359
360 switch (sdata->u.ibss.chandef.width) {
361 case NL80211_CHAN_WIDTH_20_NOHT:
362 case NL80211_CHAN_WIDTH_20:
363 case NL80211_CHAN_WIDTH_40:
364 chan_type = cfg80211_get_chandef_type(&sdata->u.ibss.chandef);
365 cfg80211_chandef_create(&chandef, cbss->channel, chan_type);
366 break;
367 case NL80211_CHAN_WIDTH_5:
368 case NL80211_CHAN_WIDTH_10:
369 cfg80211_chandef_create(&chandef, cbss->channel,
370 NL80211_CHAN_WIDTH_20_NOHT);
371 chandef.width = sdata->u.ibss.chandef.width;
372 break;
373 default:
374 /* fall back to 20 MHz for unsupported modes */
375 cfg80211_chandef_create(&chandef, cbss->channel,
376 NL80211_CHAN_WIDTH_20_NOHT);
377 break;
378 }
379
322 sband = sdata->local->hw.wiphy->bands[cbss->channel->band]; 380 sband = sdata->local->hw.wiphy->bands[cbss->channel->band];
323 rate_flags = ieee80211_chandef_rate_flags(&sdata->u.ibss.chandef); 381 rate_flags = ieee80211_chandef_rate_flags(&sdata->u.ibss.chandef);
324 shift = ieee80211_vif_get_shift(&sdata->vif); 382 shift = ieee80211_vif_get_shift(&sdata->vif);
@@ -352,7 +410,7 @@ static void ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata,
352 410
353 __ieee80211_sta_join_ibss(sdata, cbss->bssid, 411 __ieee80211_sta_join_ibss(sdata, cbss->bssid,
354 beacon_int, 412 beacon_int,
355 cbss->channel, 413 &chandef,
356 basic_rates, 414 basic_rates,
357 cbss->capability, 415 cbss->capability,
358 tsf, false); 416 tsf, false);
@@ -834,7 +892,7 @@ static void ieee80211_sta_create_ibss(struct ieee80211_sub_if_data *sdata)
834 sdata->drop_unencrypted = 0; 892 sdata->drop_unencrypted = 0;
835 893
836 __ieee80211_sta_join_ibss(sdata, bssid, sdata->vif.bss_conf.beacon_int, 894 __ieee80211_sta_join_ibss(sdata, bssid, sdata->vif.bss_conf.beacon_int,
837 ifibss->chandef.chan, ifibss->basic_rates, 895 &ifibss->chandef, ifibss->basic_rates,
838 capability, 0, true); 896 capability, 0, true);
839} 897}
840 898
@@ -891,6 +949,17 @@ static void ieee80211_sta_find_ibss(struct ieee80211_sub_if_data *sdata)
891 return; 949 return;
892 } 950 }
893 951
952 /* if a fixed bssid and a fixed freq have been provided create the IBSS
953 * directly and do not waste time scanning
954 */
955 if (ifibss->fixed_bssid && ifibss->fixed_channel) {
956 sdata_info(sdata, "Created IBSS using preconfigured BSSID %pM\n",
957 bssid);
958 ieee80211_sta_create_ibss(sdata);
959 return;
960 }
961
962
894 ibss_dbg(sdata, "sta_find_ibss: did not try to join ibss\n"); 963 ibss_dbg(sdata, "sta_find_ibss: did not try to join ibss\n");
895 964
896 /* Selected IBSS not found in current scan results - try to scan */ 965 /* Selected IBSS not found in current scan results - try to scan */
@@ -1260,6 +1329,7 @@ int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata)
1260 clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state); 1329 clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state);
1261 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED | 1330 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED |
1262 BSS_CHANGED_IBSS); 1331 BSS_CHANGED_IBSS);
1332 ieee80211_vif_release_channel(sdata);
1263 synchronize_rcu(); 1333 synchronize_rcu();
1264 kfree(presp); 1334 kfree(presp);
1265 1335
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index e94c84050e9c..b6186517ec56 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -53,9 +53,6 @@ struct ieee80211_local;
53 * increased memory use (about 2 kB of RAM per entry). */ 53 * increased memory use (about 2 kB of RAM per entry). */
54#define IEEE80211_FRAGMENT_MAX 4 54#define IEEE80211_FRAGMENT_MAX 4
55 55
56#define TU_TO_JIFFIES(x) (usecs_to_jiffies((x) * 1024))
57#define TU_TO_EXP_TIME(x) (jiffies + TU_TO_JIFFIES(x))
58
59/* power level hasn't been configured (or set to automatic) */ 56/* power level hasn't been configured (or set to automatic) */
60#define IEEE80211_UNSET_POWER_LEVEL INT_MIN 57#define IEEE80211_UNSET_POWER_LEVEL INT_MIN
61 58
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index 7ca534bf4cea..fcecd633514e 100644
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -308,12 +308,13 @@ static int ieee80211_check_concurrent_iface(struct ieee80211_sub_if_data *sdata,
308 return 0; 308 return 0;
309} 309}
310 310
311static int ieee80211_check_queues(struct ieee80211_sub_if_data *sdata) 311static int ieee80211_check_queues(struct ieee80211_sub_if_data *sdata,
312 enum nl80211_iftype iftype)
312{ 313{
313 int n_queues = sdata->local->hw.queues; 314 int n_queues = sdata->local->hw.queues;
314 int i; 315 int i;
315 316
316 if (sdata->vif.type != NL80211_IFTYPE_P2P_DEVICE) { 317 if (iftype != NL80211_IFTYPE_P2P_DEVICE) {
317 for (i = 0; i < IEEE80211_NUM_ACS; i++) { 318 for (i = 0; i < IEEE80211_NUM_ACS; i++) {
318 if (WARN_ON_ONCE(sdata->vif.hw_queue[i] == 319 if (WARN_ON_ONCE(sdata->vif.hw_queue[i] ==
319 IEEE80211_INVAL_HW_QUEUE)) 320 IEEE80211_INVAL_HW_QUEUE))
@@ -324,8 +325,9 @@ static int ieee80211_check_queues(struct ieee80211_sub_if_data *sdata)
324 } 325 }
325 } 326 }
326 327
327 if ((sdata->vif.type != NL80211_IFTYPE_AP && 328 if ((iftype != NL80211_IFTYPE_AP &&
328 sdata->vif.type != NL80211_IFTYPE_MESH_POINT) || 329 iftype != NL80211_IFTYPE_P2P_GO &&
330 iftype != NL80211_IFTYPE_MESH_POINT) ||
329 !(sdata->local->hw.flags & IEEE80211_HW_QUEUE_CONTROL)) { 331 !(sdata->local->hw.flags & IEEE80211_HW_QUEUE_CONTROL)) {
330 sdata->vif.cab_queue = IEEE80211_INVAL_HW_QUEUE; 332 sdata->vif.cab_queue = IEEE80211_INVAL_HW_QUEUE;
331 return 0; 333 return 0;
@@ -408,7 +410,7 @@ int ieee80211_add_virtual_monitor(struct ieee80211_local *local)
408 return ret; 410 return ret;
409 } 411 }
410 412
411 ret = ieee80211_check_queues(sdata); 413 ret = ieee80211_check_queues(sdata, NL80211_IFTYPE_MONITOR);
412 if (ret) { 414 if (ret) {
413 kfree(sdata); 415 kfree(sdata);
414 return ret; 416 return ret;
@@ -592,7 +594,8 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up)
592 res = drv_add_interface(local, sdata); 594 res = drv_add_interface(local, sdata);
593 if (res) 595 if (res)
594 goto err_stop; 596 goto err_stop;
595 res = ieee80211_check_queues(sdata); 597 res = ieee80211_check_queues(sdata,
598 ieee80211_vif_type_p2p(&sdata->vif));
596 if (res) 599 if (res)
597 goto err_del_interface; 600 goto err_del_interface;
598 } 601 }
@@ -1389,14 +1392,14 @@ static int ieee80211_runtime_change_iftype(struct ieee80211_sub_if_data *sdata,
1389 1392
1390 ret = drv_change_interface(local, sdata, internal_type, p2p); 1393 ret = drv_change_interface(local, sdata, internal_type, p2p);
1391 if (ret) 1394 if (ret)
1392 type = sdata->vif.type; 1395 type = ieee80211_vif_type_p2p(&sdata->vif);
1393 1396
1394 /* 1397 /*
1395 * Ignore return value here, there's not much we can do since 1398 * Ignore return value here, there's not much we can do since
1396 * the driver changed the interface type internally already. 1399 * the driver changed the interface type internally already.
1397 * The warnings will hopefully make driver authors fix it :-) 1400 * The warnings will hopefully make driver authors fix it :-)
1398 */ 1401 */
1399 ieee80211_check_queues(sdata); 1402 ieee80211_check_queues(sdata, type);
1400 1403
1401 ieee80211_setup_sdata(sdata, type); 1404 ieee80211_setup_sdata(sdata, type);
1402 1405
diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index e39cc91d0cf1..620677e897bd 100644
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -93,6 +93,9 @@ static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key)
93 93
94 might_sleep(); 94 might_sleep();
95 95
96 if (key->flags & KEY_FLAG_TAINTED)
97 return -EINVAL;
98
96 if (!key->local->ops->set_key) 99 if (!key->local->ops->set_key)
97 goto out_unsupported; 100 goto out_unsupported;
98 101
@@ -455,6 +458,7 @@ int ieee80211_key_link(struct ieee80211_key *key,
455 struct ieee80211_sub_if_data *sdata, 458 struct ieee80211_sub_if_data *sdata,
456 struct sta_info *sta) 459 struct sta_info *sta)
457{ 460{
461 struct ieee80211_local *local = sdata->local;
458 struct ieee80211_key *old_key; 462 struct ieee80211_key *old_key;
459 int idx, ret; 463 int idx, ret;
460 bool pairwise; 464 bool pairwise;
@@ -484,10 +488,13 @@ int ieee80211_key_link(struct ieee80211_key *key,
484 488
485 ieee80211_debugfs_key_add(key); 489 ieee80211_debugfs_key_add(key);
486 490
487 ret = ieee80211_key_enable_hw_accel(key); 491 if (!local->wowlan) {
488 492 ret = ieee80211_key_enable_hw_accel(key);
489 if (ret) 493 if (ret)
490 ieee80211_key_free(key, true); 494 ieee80211_key_free(key, true);
495 } else {
496 ret = 0;
497 }
491 498
492 mutex_unlock(&sdata->local->key_mtx); 499 mutex_unlock(&sdata->local->key_mtx);
493 500
@@ -540,7 +547,7 @@ void ieee80211_iter_keys(struct ieee80211_hw *hw,
540 void *iter_data) 547 void *iter_data)
541{ 548{
542 struct ieee80211_local *local = hw_to_local(hw); 549 struct ieee80211_local *local = hw_to_local(hw);
543 struct ieee80211_key *key; 550 struct ieee80211_key *key, *tmp;
544 struct ieee80211_sub_if_data *sdata; 551 struct ieee80211_sub_if_data *sdata;
545 552
546 ASSERT_RTNL(); 553 ASSERT_RTNL();
@@ -548,13 +555,14 @@ void ieee80211_iter_keys(struct ieee80211_hw *hw,
548 mutex_lock(&local->key_mtx); 555 mutex_lock(&local->key_mtx);
549 if (vif) { 556 if (vif) {
550 sdata = vif_to_sdata(vif); 557 sdata = vif_to_sdata(vif);
551 list_for_each_entry(key, &sdata->key_list, list) 558 list_for_each_entry_safe(key, tmp, &sdata->key_list, list)
552 iter(hw, &sdata->vif, 559 iter(hw, &sdata->vif,
553 key->sta ? &key->sta->sta : NULL, 560 key->sta ? &key->sta->sta : NULL,
554 &key->conf, iter_data); 561 &key->conf, iter_data);
555 } else { 562 } else {
556 list_for_each_entry(sdata, &local->interfaces, list) 563 list_for_each_entry(sdata, &local->interfaces, list)
557 list_for_each_entry(key, &sdata->key_list, list) 564 list_for_each_entry_safe(key, tmp,
565 &sdata->key_list, list)
558 iter(hw, &sdata->vif, 566 iter(hw, &sdata->vif,
559 key->sta ? &key->sta->sta : NULL, 567 key->sta ? &key->sta->sta : NULL,
560 &key->conf, iter_data); 568 &key->conf, iter_data);
@@ -751,3 +759,135 @@ void ieee80211_get_key_rx_seq(struct ieee80211_key_conf *keyconf,
751 } 759 }
752} 760}
753EXPORT_SYMBOL(ieee80211_get_key_rx_seq); 761EXPORT_SYMBOL(ieee80211_get_key_rx_seq);
762
763void ieee80211_set_key_tx_seq(struct ieee80211_key_conf *keyconf,
764 struct ieee80211_key_seq *seq)
765{
766 struct ieee80211_key *key;
767 u64 pn64;
768
769 key = container_of(keyconf, struct ieee80211_key, conf);
770
771 switch (key->conf.cipher) {
772 case WLAN_CIPHER_SUITE_TKIP:
773 key->u.tkip.tx.iv32 = seq->tkip.iv32;
774 key->u.tkip.tx.iv16 = seq->tkip.iv16;
775 break;
776 case WLAN_CIPHER_SUITE_CCMP:
777 pn64 = (u64)seq->ccmp.pn[5] |
778 ((u64)seq->ccmp.pn[4] << 8) |
779 ((u64)seq->ccmp.pn[3] << 16) |
780 ((u64)seq->ccmp.pn[2] << 24) |
781 ((u64)seq->ccmp.pn[1] << 32) |
782 ((u64)seq->ccmp.pn[0] << 40);
783 atomic64_set(&key->u.ccmp.tx_pn, pn64);
784 break;
785 case WLAN_CIPHER_SUITE_AES_CMAC:
786 pn64 = (u64)seq->aes_cmac.pn[5] |
787 ((u64)seq->aes_cmac.pn[4] << 8) |
788 ((u64)seq->aes_cmac.pn[3] << 16) |
789 ((u64)seq->aes_cmac.pn[2] << 24) |
790 ((u64)seq->aes_cmac.pn[1] << 32) |
791 ((u64)seq->aes_cmac.pn[0] << 40);
792 atomic64_set(&key->u.aes_cmac.tx_pn, pn64);
793 break;
794 default:
795 WARN_ON(1);
796 break;
797 }
798}
799EXPORT_SYMBOL_GPL(ieee80211_set_key_tx_seq);
800
801void ieee80211_set_key_rx_seq(struct ieee80211_key_conf *keyconf,
802 int tid, struct ieee80211_key_seq *seq)
803{
804 struct ieee80211_key *key;
805 u8 *pn;
806
807 key = container_of(keyconf, struct ieee80211_key, conf);
808
809 switch (key->conf.cipher) {
810 case WLAN_CIPHER_SUITE_TKIP:
811 if (WARN_ON(tid < 0 || tid >= IEEE80211_NUM_TIDS))
812 return;
813 key->u.tkip.rx[tid].iv32 = seq->tkip.iv32;
814 key->u.tkip.rx[tid].iv16 = seq->tkip.iv16;
815 break;
816 case WLAN_CIPHER_SUITE_CCMP:
817 if (WARN_ON(tid < -1 || tid >= IEEE80211_NUM_TIDS))
818 return;
819 if (tid < 0)
820 pn = key->u.ccmp.rx_pn[IEEE80211_NUM_TIDS];
821 else
822 pn = key->u.ccmp.rx_pn[tid];
823 memcpy(pn, seq->ccmp.pn, IEEE80211_CCMP_PN_LEN);
824 break;
825 case WLAN_CIPHER_SUITE_AES_CMAC:
826 if (WARN_ON(tid != 0))
827 return;
828 pn = key->u.aes_cmac.rx_pn;
829 memcpy(pn, seq->aes_cmac.pn, IEEE80211_CMAC_PN_LEN);
830 break;
831 default:
832 WARN_ON(1);
833 break;
834 }
835}
836EXPORT_SYMBOL_GPL(ieee80211_set_key_rx_seq);
837
838void ieee80211_remove_key(struct ieee80211_key_conf *keyconf)
839{
840 struct ieee80211_key *key;
841
842 key = container_of(keyconf, struct ieee80211_key, conf);
843
844 assert_key_lock(key->local);
845
846 /*
847 * if key was uploaded, we assume the driver will/has remove(d)
848 * it, so adjust bookkeeping accordingly
849 */
850 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE) {
851 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE;
852
853 if (!((key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_MMIC) ||
854 (key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV) ||
855 (key->conf.flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE)))
856 increment_tailroom_need_count(key->sdata);
857 }
858
859 ieee80211_key_free(key, false);
860}
861EXPORT_SYMBOL_GPL(ieee80211_remove_key);
862
863struct ieee80211_key_conf *
864ieee80211_gtk_rekey_add(struct ieee80211_vif *vif,
865 struct ieee80211_key_conf *keyconf)
866{
867 struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
868 struct ieee80211_local *local = sdata->local;
869 struct ieee80211_key *key;
870 int err;
871
872 if (WARN_ON(!local->wowlan))
873 return ERR_PTR(-EINVAL);
874
875 if (WARN_ON(vif->type != NL80211_IFTYPE_STATION))
876 return ERR_PTR(-EINVAL);
877
878 key = ieee80211_key_alloc(keyconf->cipher, keyconf->keyidx,
879 keyconf->keylen, keyconf->key,
880 0, NULL);
881 if (IS_ERR(key))
882 return ERR_PTR(PTR_ERR(key));
883
884 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED)
885 key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
886
887 err = ieee80211_key_link(key, sdata, NULL);
888 if (err)
889 return ERR_PTR(err);
890
891 return &key->conf;
892}
893EXPORT_SYMBOL_GPL(ieee80211_gtk_rekey_add);
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index 25eb35b01938..21d5d44444d0 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -892,9 +892,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
892 if (!local->ops->remain_on_channel) 892 if (!local->ops->remain_on_channel)
893 local->hw.wiphy->max_remain_on_channel_duration = 5000; 893 local->hw.wiphy->max_remain_on_channel_duration = 5000;
894 894
895 if (local->ops->sched_scan_start)
896 local->hw.wiphy->flags |= WIPHY_FLAG_SUPPORTS_SCHED_SCAN;
897
898 /* mac80211 based drivers don't support internal TDLS setup */ 895 /* mac80211 based drivers don't support internal TDLS setup */
899 if (local->hw.wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS) 896 if (local->hw.wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS)
900 local->hw.wiphy->flags |= WIPHY_FLAG_TDLS_EXTERNAL_SETUP; 897 local->hw.wiphy->flags |= WIPHY_FLAG_TDLS_EXTERNAL_SETUP;
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
index 885a5f6e2c21..707ac61d63e5 100644
--- a/net/mac80211/mesh.c
+++ b/net/mac80211/mesh.c
@@ -832,6 +832,9 @@ ieee80211_mesh_rx_probe_req(struct ieee80211_sub_if_data *sdata,
832 832
833 ieee802_11_parse_elems(pos, len - baselen, false, &elems); 833 ieee802_11_parse_elems(pos, len - baselen, false, &elems);
834 834
835 if (!elems.mesh_id)
836 return;
837
835 /* 802.11-2012 10.1.4.3.2 */ 838 /* 802.11-2012 10.1.4.3.2 */
836 if ((!ether_addr_equal(mgmt->da, sdata->vif.addr) && 839 if ((!ether_addr_equal(mgmt->da, sdata->vif.addr) &&
837 !is_broadcast_ether_addr(mgmt->da)) || 840 !is_broadcast_ether_addr(mgmt->da)) ||
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 21bccd849b3f..86e4ad56b573 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -1113,6 +1113,15 @@ ieee80211_sta_process_chanswitch(struct ieee80211_sub_if_data *sdata,
1113 case -1: 1113 case -1:
1114 cfg80211_chandef_create(&new_chandef, new_chan, 1114 cfg80211_chandef_create(&new_chandef, new_chan,
1115 NL80211_CHAN_NO_HT); 1115 NL80211_CHAN_NO_HT);
1116 /* keep width for 5/10 MHz channels */
1117 switch (sdata->vif.bss_conf.chandef.width) {
1118 case NL80211_CHAN_WIDTH_5:
1119 case NL80211_CHAN_WIDTH_10:
1120 new_chandef.width = sdata->vif.bss_conf.chandef.width;
1121 break;
1122 default:
1123 break;
1124 }
1116 break; 1125 break;
1117 } 1126 }
1118 1127
@@ -2852,14 +2861,6 @@ static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata,
2852 ieee80211_rx_bss_put(local, bss); 2861 ieee80211_rx_bss_put(local, bss);
2853 sdata->vif.bss_conf.beacon_rate = bss->beacon_rate; 2862 sdata->vif.bss_conf.beacon_rate = bss->beacon_rate;
2854 } 2863 }
2855
2856 if (!sdata->u.mgd.associated ||
2857 !ether_addr_equal(mgmt->bssid, sdata->u.mgd.associated->bssid))
2858 return;
2859
2860 ieee80211_sta_process_chanswitch(sdata, rx_status->mactime,
2861 elems, true);
2862
2863} 2864}
2864 2865
2865 2866
@@ -3148,6 +3149,9 @@ static void ieee80211_rx_mgmt_beacon(struct ieee80211_sub_if_data *sdata,
3148 3149
3149 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems); 3150 ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems);
3150 3151
3152 ieee80211_sta_process_chanswitch(sdata, rx_status->mactime,
3153 &elems, true);
3154
3151 if (ieee80211_sta_wmm_params(local, sdata, elems.wmm_param, 3155 if (ieee80211_sta_wmm_params(local, sdata, elems.wmm_param,
3152 elems.wmm_param_len)) 3156 elems.wmm_param_len))
3153 changed |= BSS_CHANGED_QOS; 3157 changed |= BSS_CHANGED_QOS;
diff --git a/net/mac80211/rate.c b/net/mac80211/rate.c
index ba63ac851c2b..e126605cec66 100644
--- a/net/mac80211/rate.c
+++ b/net/mac80211/rate.c
@@ -210,7 +210,7 @@ static bool rc_no_data_or_no_ack_use_min(struct ieee80211_tx_rate_control *txrc)
210 !ieee80211_is_data(fc); 210 !ieee80211_is_data(fc);
211} 211}
212 212
213static void rc_send_low_broadcast(s8 *idx, u32 basic_rates, 213static void rc_send_low_basicrate(s8 *idx, u32 basic_rates,
214 struct ieee80211_supported_band *sband) 214 struct ieee80211_supported_band *sband)
215{ 215{
216 u8 i; 216 u8 i;
@@ -263,28 +263,37 @@ static void __rate_control_send_low(struct ieee80211_hw *hw,
263} 263}
264 264
265 265
266bool rate_control_send_low(struct ieee80211_sta *sta, 266bool rate_control_send_low(struct ieee80211_sta *pubsta,
267 void *priv_sta, 267 void *priv_sta,
268 struct ieee80211_tx_rate_control *txrc) 268 struct ieee80211_tx_rate_control *txrc)
269{ 269{
270 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(txrc->skb); 270 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(txrc->skb);
271 struct ieee80211_supported_band *sband = txrc->sband; 271 struct ieee80211_supported_band *sband = txrc->sband;
272 struct sta_info *sta;
272 int mcast_rate; 273 int mcast_rate;
274 bool use_basicrate = false;
273 275
274 if (!sta || !priv_sta || rc_no_data_or_no_ack_use_min(txrc)) { 276 if (!pubsta || !priv_sta || rc_no_data_or_no_ack_use_min(txrc)) {
275 __rate_control_send_low(txrc->hw, sband, sta, info); 277 __rate_control_send_low(txrc->hw, sband, pubsta, info);
276 278
277 if (!sta && txrc->bss) { 279 if (!pubsta && txrc->bss) {
278 mcast_rate = txrc->bss_conf->mcast_rate[sband->band]; 280 mcast_rate = txrc->bss_conf->mcast_rate[sband->band];
279 if (mcast_rate > 0) { 281 if (mcast_rate > 0) {
280 info->control.rates[0].idx = mcast_rate - 1; 282 info->control.rates[0].idx = mcast_rate - 1;
281 return true; 283 return true;
282 } 284 }
285 use_basicrate = true;
286 } else if (pubsta) {
287 sta = container_of(pubsta, struct sta_info, sta);
288 if (ieee80211_vif_is_mesh(&sta->sdata->vif))
289 use_basicrate = true;
290 }
283 291
284 rc_send_low_broadcast(&info->control.rates[0].idx, 292 if (use_basicrate)
293 rc_send_low_basicrate(&info->control.rates[0].idx,
285 txrc->bss_conf->basic_rates, 294 txrc->bss_conf->basic_rates,
286 sband); 295 sband);
287 } 296
288 return true; 297 return true;
289 } 298 }
290 return false; 299 return false;
diff --git a/net/mac80211/rc80211_minstrel_ht.c b/net/mac80211/rc80211_minstrel_ht.c
index 61569425b723..7c323f27ba23 100644
--- a/net/mac80211/rc80211_minstrel_ht.c
+++ b/net/mac80211/rc80211_minstrel_ht.c
@@ -776,7 +776,7 @@ minstrel_ht_get_rate(void *priv, struct ieee80211_sta *sta, void *priv_sta,
776 776
777 /* Don't use EAPOL frames for sampling on non-mrr hw */ 777 /* Don't use EAPOL frames for sampling on non-mrr hw */
778 if (mp->hw->max_rates == 1 && 778 if (mp->hw->max_rates == 1 &&
779 txrc->skb->protocol == cpu_to_be16(ETH_P_PAE)) 779 (info->control.flags & IEEE80211_TX_CTRL_PORT_CTRL_PROTO))
780 sample_idx = -1; 780 sample_idx = -1;
781 else 781 else
782 sample_idx = minstrel_get_sample_rate(mp, mi); 782 sample_idx = minstrel_get_sample_rate(mp, mi);
@@ -828,6 +828,9 @@ minstrel_ht_update_cck(struct minstrel_priv *mp, struct minstrel_ht_sta *mi,
828 if (sband->band != IEEE80211_BAND_2GHZ) 828 if (sband->band != IEEE80211_BAND_2GHZ)
829 return; 829 return;
830 830
831 if (!(mp->hw->flags & IEEE80211_HW_SUPPORTS_HT_CCK_RATES))
832 return;
833
831 mi->cck_supported = 0; 834 mi->cck_supported = 0;
832 mi->cck_supported_short = 0; 835 mi->cck_supported_short = 0;
833 for (i = 0; i < 4; i++) { 836 for (i = 0; i < 4; i++) {
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 6b85f95b9ba1..54395d7583ba 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -1055,207 +1055,6 @@ ieee80211_rx_h_check(struct ieee80211_rx_data *rx)
1055 1055
1056 1056
1057static ieee80211_rx_result debug_noinline 1057static ieee80211_rx_result debug_noinline
1058ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
1059{
1060 struct sk_buff *skb = rx->skb;
1061 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
1062 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1063 int keyidx;
1064 int hdrlen;
1065 ieee80211_rx_result result = RX_DROP_UNUSABLE;
1066 struct ieee80211_key *sta_ptk = NULL;
1067 int mmie_keyidx = -1;
1068 __le16 fc;
1069
1070 /*
1071 * Key selection 101
1072 *
1073 * There are four types of keys:
1074 * - GTK (group keys)
1075 * - IGTK (group keys for management frames)
1076 * - PTK (pairwise keys)
1077 * - STK (station-to-station pairwise keys)
1078 *
1079 * When selecting a key, we have to distinguish between multicast
1080 * (including broadcast) and unicast frames, the latter can only
1081 * use PTKs and STKs while the former always use GTKs and IGTKs.
1082 * Unless, of course, actual WEP keys ("pre-RSNA") are used, then
1083 * unicast frames can also use key indices like GTKs. Hence, if we
1084 * don't have a PTK/STK we check the key index for a WEP key.
1085 *
1086 * Note that in a regular BSS, multicast frames are sent by the
1087 * AP only, associated stations unicast the frame to the AP first
1088 * which then multicasts it on their behalf.
1089 *
1090 * There is also a slight problem in IBSS mode: GTKs are negotiated
1091 * with each station, that is something we don't currently handle.
1092 * The spec seems to expect that one negotiates the same key with
1093 * every station but there's no such requirement; VLANs could be
1094 * possible.
1095 */
1096
1097 /*
1098 * No point in finding a key and decrypting if the frame is neither
1099 * addressed to us nor a multicast frame.
1100 */
1101 if (!(status->rx_flags & IEEE80211_RX_RA_MATCH))
1102 return RX_CONTINUE;
1103
1104 /* start without a key */
1105 rx->key = NULL;
1106
1107 if (rx->sta)
1108 sta_ptk = rcu_dereference(rx->sta->ptk);
1109
1110 fc = hdr->frame_control;
1111
1112 if (!ieee80211_has_protected(fc))
1113 mmie_keyidx = ieee80211_get_mmie_keyidx(rx->skb);
1114
1115 if (!is_multicast_ether_addr(hdr->addr1) && sta_ptk) {
1116 rx->key = sta_ptk;
1117 if ((status->flag & RX_FLAG_DECRYPTED) &&
1118 (status->flag & RX_FLAG_IV_STRIPPED))
1119 return RX_CONTINUE;
1120 /* Skip decryption if the frame is not protected. */
1121 if (!ieee80211_has_protected(fc))
1122 return RX_CONTINUE;
1123 } else if (mmie_keyidx >= 0) {
1124 /* Broadcast/multicast robust management frame / BIP */
1125 if ((status->flag & RX_FLAG_DECRYPTED) &&
1126 (status->flag & RX_FLAG_IV_STRIPPED))
1127 return RX_CONTINUE;
1128
1129 if (mmie_keyidx < NUM_DEFAULT_KEYS ||
1130 mmie_keyidx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
1131 return RX_DROP_MONITOR; /* unexpected BIP keyidx */
1132 if (rx->sta)
1133 rx->key = rcu_dereference(rx->sta->gtk[mmie_keyidx]);
1134 if (!rx->key)
1135 rx->key = rcu_dereference(rx->sdata->keys[mmie_keyidx]);
1136 } else if (!ieee80211_has_protected(fc)) {
1137 /*
1138 * The frame was not protected, so skip decryption. However, we
1139 * need to set rx->key if there is a key that could have been
1140 * used so that the frame may be dropped if encryption would
1141 * have been expected.
1142 */
1143 struct ieee80211_key *key = NULL;
1144 struct ieee80211_sub_if_data *sdata = rx->sdata;
1145 int i;
1146
1147 if (ieee80211_is_mgmt(fc) &&
1148 is_multicast_ether_addr(hdr->addr1) &&
1149 (key = rcu_dereference(rx->sdata->default_mgmt_key)))
1150 rx->key = key;
1151 else {
1152 if (rx->sta) {
1153 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1154 key = rcu_dereference(rx->sta->gtk[i]);
1155 if (key)
1156 break;
1157 }
1158 }
1159 if (!key) {
1160 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1161 key = rcu_dereference(sdata->keys[i]);
1162 if (key)
1163 break;
1164 }
1165 }
1166 if (key)
1167 rx->key = key;
1168 }
1169 return RX_CONTINUE;
1170 } else {
1171 u8 keyid;
1172 /*
1173 * The device doesn't give us the IV so we won't be
1174 * able to look up the key. That's ok though, we
1175 * don't need to decrypt the frame, we just won't
1176 * be able to keep statistics accurate.
1177 * Except for key threshold notifications, should
1178 * we somehow allow the driver to tell us which key
1179 * the hardware used if this flag is set?
1180 */
1181 if ((status->flag & RX_FLAG_DECRYPTED) &&
1182 (status->flag & RX_FLAG_IV_STRIPPED))
1183 return RX_CONTINUE;
1184
1185 hdrlen = ieee80211_hdrlen(fc);
1186
1187 if (rx->skb->len < 8 + hdrlen)
1188 return RX_DROP_UNUSABLE; /* TODO: count this? */
1189
1190 /*
1191 * no need to call ieee80211_wep_get_keyidx,
1192 * it verifies a bunch of things we've done already
1193 */
1194 skb_copy_bits(rx->skb, hdrlen + 3, &keyid, 1);
1195 keyidx = keyid >> 6;
1196
1197 /* check per-station GTK first, if multicast packet */
1198 if (is_multicast_ether_addr(hdr->addr1) && rx->sta)
1199 rx->key = rcu_dereference(rx->sta->gtk[keyidx]);
1200
1201 /* if not found, try default key */
1202 if (!rx->key) {
1203 rx->key = rcu_dereference(rx->sdata->keys[keyidx]);
1204
1205 /*
1206 * RSNA-protected unicast frames should always be
1207 * sent with pairwise or station-to-station keys,
1208 * but for WEP we allow using a key index as well.
1209 */
1210 if (rx->key &&
1211 rx->key->conf.cipher != WLAN_CIPHER_SUITE_WEP40 &&
1212 rx->key->conf.cipher != WLAN_CIPHER_SUITE_WEP104 &&
1213 !is_multicast_ether_addr(hdr->addr1))
1214 rx->key = NULL;
1215 }
1216 }
1217
1218 if (rx->key) {
1219 if (unlikely(rx->key->flags & KEY_FLAG_TAINTED))
1220 return RX_DROP_MONITOR;
1221
1222 rx->key->tx_rx_count++;
1223 /* TODO: add threshold stuff again */
1224 } else {
1225 return RX_DROP_MONITOR;
1226 }
1227
1228 switch (rx->key->conf.cipher) {
1229 case WLAN_CIPHER_SUITE_WEP40:
1230 case WLAN_CIPHER_SUITE_WEP104:
1231 result = ieee80211_crypto_wep_decrypt(rx);
1232 break;
1233 case WLAN_CIPHER_SUITE_TKIP:
1234 result = ieee80211_crypto_tkip_decrypt(rx);
1235 break;
1236 case WLAN_CIPHER_SUITE_CCMP:
1237 result = ieee80211_crypto_ccmp_decrypt(rx);
1238 break;
1239 case WLAN_CIPHER_SUITE_AES_CMAC:
1240 result = ieee80211_crypto_aes_cmac_decrypt(rx);
1241 break;
1242 default:
1243 /*
1244 * We can reach here only with HW-only algorithms
1245 * but why didn't it decrypt the frame?!
1246 */
1247 return RX_DROP_UNUSABLE;
1248 }
1249
1250 /* the hdr variable is invalid after the decrypt handlers */
1251
1252 /* either the frame has been decrypted or will be dropped */
1253 status->flag |= RX_FLAG_DECRYPTED;
1254
1255 return result;
1256}
1257
1258static ieee80211_rx_result debug_noinline
1259ieee80211_rx_h_check_more_data(struct ieee80211_rx_data *rx) 1058ieee80211_rx_h_check_more_data(struct ieee80211_rx_data *rx)
1260{ 1059{
1261 struct ieee80211_local *local; 1060 struct ieee80211_local *local;
@@ -1556,6 +1355,207 @@ ieee80211_rx_h_sta_process(struct ieee80211_rx_data *rx)
1556 return RX_CONTINUE; 1355 return RX_CONTINUE;
1557} /* ieee80211_rx_h_sta_process */ 1356} /* ieee80211_rx_h_sta_process */
1558 1357
1358static ieee80211_rx_result debug_noinline
1359ieee80211_rx_h_decrypt(struct ieee80211_rx_data *rx)
1360{
1361 struct sk_buff *skb = rx->skb;
1362 struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
1363 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
1364 int keyidx;
1365 int hdrlen;
1366 ieee80211_rx_result result = RX_DROP_UNUSABLE;
1367 struct ieee80211_key *sta_ptk = NULL;
1368 int mmie_keyidx = -1;
1369 __le16 fc;
1370
1371 /*
1372 * Key selection 101
1373 *
1374 * There are four types of keys:
1375 * - GTK (group keys)
1376 * - IGTK (group keys for management frames)
1377 * - PTK (pairwise keys)
1378 * - STK (station-to-station pairwise keys)
1379 *
1380 * When selecting a key, we have to distinguish between multicast
1381 * (including broadcast) and unicast frames, the latter can only
1382 * use PTKs and STKs while the former always use GTKs and IGTKs.
1383 * Unless, of course, actual WEP keys ("pre-RSNA") are used, then
1384 * unicast frames can also use key indices like GTKs. Hence, if we
1385 * don't have a PTK/STK we check the key index for a WEP key.
1386 *
1387 * Note that in a regular BSS, multicast frames are sent by the
1388 * AP only, associated stations unicast the frame to the AP first
1389 * which then multicasts it on their behalf.
1390 *
1391 * There is also a slight problem in IBSS mode: GTKs are negotiated
1392 * with each station, that is something we don't currently handle.
1393 * The spec seems to expect that one negotiates the same key with
1394 * every station but there's no such requirement; VLANs could be
1395 * possible.
1396 */
1397
1398 /*
1399 * No point in finding a key and decrypting if the frame is neither
1400 * addressed to us nor a multicast frame.
1401 */
1402 if (!(status->rx_flags & IEEE80211_RX_RA_MATCH))
1403 return RX_CONTINUE;
1404
1405 /* start without a key */
1406 rx->key = NULL;
1407
1408 if (rx->sta)
1409 sta_ptk = rcu_dereference(rx->sta->ptk);
1410
1411 fc = hdr->frame_control;
1412
1413 if (!ieee80211_has_protected(fc))
1414 mmie_keyidx = ieee80211_get_mmie_keyidx(rx->skb);
1415
1416 if (!is_multicast_ether_addr(hdr->addr1) && sta_ptk) {
1417 rx->key = sta_ptk;
1418 if ((status->flag & RX_FLAG_DECRYPTED) &&
1419 (status->flag & RX_FLAG_IV_STRIPPED))
1420 return RX_CONTINUE;
1421 /* Skip decryption if the frame is not protected. */
1422 if (!ieee80211_has_protected(fc))
1423 return RX_CONTINUE;
1424 } else if (mmie_keyidx >= 0) {
1425 /* Broadcast/multicast robust management frame / BIP */
1426 if ((status->flag & RX_FLAG_DECRYPTED) &&
1427 (status->flag & RX_FLAG_IV_STRIPPED))
1428 return RX_CONTINUE;
1429
1430 if (mmie_keyidx < NUM_DEFAULT_KEYS ||
1431 mmie_keyidx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
1432 return RX_DROP_MONITOR; /* unexpected BIP keyidx */
1433 if (rx->sta)
1434 rx->key = rcu_dereference(rx->sta->gtk[mmie_keyidx]);
1435 if (!rx->key)
1436 rx->key = rcu_dereference(rx->sdata->keys[mmie_keyidx]);
1437 } else if (!ieee80211_has_protected(fc)) {
1438 /*
1439 * The frame was not protected, so skip decryption. However, we
1440 * need to set rx->key if there is a key that could have been
1441 * used so that the frame may be dropped if encryption would
1442 * have been expected.
1443 */
1444 struct ieee80211_key *key = NULL;
1445 struct ieee80211_sub_if_data *sdata = rx->sdata;
1446 int i;
1447
1448 if (ieee80211_is_mgmt(fc) &&
1449 is_multicast_ether_addr(hdr->addr1) &&
1450 (key = rcu_dereference(rx->sdata->default_mgmt_key)))
1451 rx->key = key;
1452 else {
1453 if (rx->sta) {
1454 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1455 key = rcu_dereference(rx->sta->gtk[i]);
1456 if (key)
1457 break;
1458 }
1459 }
1460 if (!key) {
1461 for (i = 0; i < NUM_DEFAULT_KEYS; i++) {
1462 key = rcu_dereference(sdata->keys[i]);
1463 if (key)
1464 break;
1465 }
1466 }
1467 if (key)
1468 rx->key = key;
1469 }
1470 return RX_CONTINUE;
1471 } else {
1472 u8 keyid;
1473 /*
1474 * The device doesn't give us the IV so we won't be
1475 * able to look up the key. That's ok though, we
1476 * don't need to decrypt the frame, we just won't
1477 * be able to keep statistics accurate.
1478 * Except for key threshold notifications, should
1479 * we somehow allow the driver to tell us which key
1480 * the hardware used if this flag is set?
1481 */
1482 if ((status->flag & RX_FLAG_DECRYPTED) &&
1483 (status->flag & RX_FLAG_IV_STRIPPED))
1484 return RX_CONTINUE;
1485
1486 hdrlen = ieee80211_hdrlen(fc);
1487
1488 if (rx->skb->len < 8 + hdrlen)
1489 return RX_DROP_UNUSABLE; /* TODO: count this? */
1490
1491 /*
1492 * no need to call ieee80211_wep_get_keyidx,
1493 * it verifies a bunch of things we've done already
1494 */
1495 skb_copy_bits(rx->skb, hdrlen + 3, &keyid, 1);
1496 keyidx = keyid >> 6;
1497
1498 /* check per-station GTK first, if multicast packet */
1499 if (is_multicast_ether_addr(hdr->addr1) && rx->sta)
1500 rx->key = rcu_dereference(rx->sta->gtk[keyidx]);
1501
1502 /* if not found, try default key */
1503 if (!rx->key) {
1504 rx->key = rcu_dereference(rx->sdata->keys[keyidx]);
1505
1506 /*
1507 * RSNA-protected unicast frames should always be
1508 * sent with pairwise or station-to-station keys,
1509 * but for WEP we allow using a key index as well.
1510 */
1511 if (rx->key &&
1512 rx->key->conf.cipher != WLAN_CIPHER_SUITE_WEP40 &&
1513 rx->key->conf.cipher != WLAN_CIPHER_SUITE_WEP104 &&
1514 !is_multicast_ether_addr(hdr->addr1))
1515 rx->key = NULL;
1516 }
1517 }
1518
1519 if (rx->key) {
1520 if (unlikely(rx->key->flags & KEY_FLAG_TAINTED))
1521 return RX_DROP_MONITOR;
1522
1523 rx->key->tx_rx_count++;
1524 /* TODO: add threshold stuff again */
1525 } else {
1526 return RX_DROP_MONITOR;
1527 }
1528
1529 switch (rx->key->conf.cipher) {
1530 case WLAN_CIPHER_SUITE_WEP40:
1531 case WLAN_CIPHER_SUITE_WEP104:
1532 result = ieee80211_crypto_wep_decrypt(rx);
1533 break;
1534 case WLAN_CIPHER_SUITE_TKIP:
1535 result = ieee80211_crypto_tkip_decrypt(rx);
1536 break;
1537 case WLAN_CIPHER_SUITE_CCMP:
1538 result = ieee80211_crypto_ccmp_decrypt(rx);
1539 break;
1540 case WLAN_CIPHER_SUITE_AES_CMAC:
1541 result = ieee80211_crypto_aes_cmac_decrypt(rx);
1542 break;
1543 default:
1544 /*
1545 * We can reach here only with HW-only algorithms
1546 * but why didn't it decrypt the frame?!
1547 */
1548 return RX_DROP_UNUSABLE;
1549 }
1550
1551 /* the hdr variable is invalid after the decrypt handlers */
1552
1553 /* either the frame has been decrypted or will be dropped */
1554 status->flag |= RX_FLAG_DECRYPTED;
1555
1556 return result;
1557}
1558
1559static inline struct ieee80211_fragment_entry * 1559static inline struct ieee80211_fragment_entry *
1560ieee80211_reassemble_add(struct ieee80211_sub_if_data *sdata, 1560ieee80211_reassemble_add(struct ieee80211_sub_if_data *sdata,
1561 unsigned int frag, unsigned int seq, int rx_queue, 1561 unsigned int frag, unsigned int seq, int rx_queue,
@@ -2684,8 +2684,7 @@ ieee80211_rx_h_userspace_mgmt(struct ieee80211_rx_data *rx)
2684 sig = status->signal; 2684 sig = status->signal;
2685 2685
2686 if (cfg80211_rx_mgmt(&rx->sdata->wdev, status->freq, sig, 2686 if (cfg80211_rx_mgmt(&rx->sdata->wdev, status->freq, sig,
2687 rx->skb->data, rx->skb->len, 2687 rx->skb->data, rx->skb->len, 0, GFP_ATOMIC)) {
2688 GFP_ATOMIC)) {
2689 if (rx->sta) 2688 if (rx->sta)
2690 rx->sta->rx_packets++; 2689 rx->sta->rx_packets++;
2691 dev_kfree_skb(rx->skb); 2690 dev_kfree_skb(rx->skb);
@@ -2939,10 +2938,10 @@ static void ieee80211_rx_handlers(struct ieee80211_rx_data *rx,
2939 */ 2938 */
2940 rx->skb = skb; 2939 rx->skb = skb;
2941 2940
2942 CALL_RXH(ieee80211_rx_h_decrypt)
2943 CALL_RXH(ieee80211_rx_h_check_more_data) 2941 CALL_RXH(ieee80211_rx_h_check_more_data)
2944 CALL_RXH(ieee80211_rx_h_uapsd_and_pspoll) 2942 CALL_RXH(ieee80211_rx_h_uapsd_and_pspoll)
2945 CALL_RXH(ieee80211_rx_h_sta_process) 2943 CALL_RXH(ieee80211_rx_h_sta_process)
2944 CALL_RXH(ieee80211_rx_h_decrypt)
2946 CALL_RXH(ieee80211_rx_h_defragment) 2945 CALL_RXH(ieee80211_rx_h_defragment)
2947 CALL_RXH(ieee80211_rx_h_michael_mic_verify) 2946 CALL_RXH(ieee80211_rx_h_michael_mic_verify)
2948 /* must be after MMIC verify so header is counted in MPDU mic */ 2947 /* must be after MMIC verify so header is counted in MPDU mic */
diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index 0e42322aa6b1..3456c0486b48 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -539,9 +539,11 @@ ieee80211_tx_h_check_control_port_protocol(struct ieee80211_tx_data *tx)
539{ 539{
540 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb); 540 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx->skb);
541 541
542 if (unlikely(tx->sdata->control_port_protocol == tx->skb->protocol && 542 if (unlikely(tx->sdata->control_port_protocol == tx->skb->protocol)) {
543 tx->sdata->control_port_no_encrypt)) 543 if (tx->sdata->control_port_no_encrypt)
544 info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; 544 info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT;
545 info->control.flags |= IEEE80211_TX_CTRL_PORT_CTRL_PROTO;
546 }
545 547
546 return TX_CONTINUE; 548 return TX_CONTINUE;
547} 549}
@@ -779,9 +781,11 @@ ieee80211_tx_h_sequence(struct ieee80211_tx_data *tx)
779 /* 781 /*
780 * Anything but QoS data that has a sequence number field 782 * Anything but QoS data that has a sequence number field
781 * (is long enough) gets a sequence number from the global 783 * (is long enough) gets a sequence number from the global
782 * counter. 784 * counter. QoS data frames with a multicast destination
785 * also use the global counter (802.11-2012 9.3.2.10).
783 */ 786 */
784 if (!ieee80211_is_data_qos(hdr->frame_control)) { 787 if (!ieee80211_is_data_qos(hdr->frame_control) ||
788 is_multicast_ether_addr(hdr->addr1)) {
785 /* driver should assign sequence number */ 789 /* driver should assign sequence number */
786 info->flags |= IEEE80211_TX_CTL_ASSIGN_SEQ; 790 info->flags |= IEEE80211_TX_CTL_ASSIGN_SEQ;
787 /* for pure STA mode without beacons, we can do it */ 791 /* for pure STA mode without beacons, we can do it */
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index d23c5a705a68..e1b34a18b243 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -1453,8 +1453,8 @@ int ieee80211_reconfig(struct ieee80211_local *local)
1453 local->resuming = true; 1453 local->resuming = true;
1454 1454
1455 if (local->wowlan) { 1455 if (local->wowlan) {
1456 local->wowlan = false;
1457 res = drv_resume(local); 1456 res = drv_resume(local);
1457 local->wowlan = false;
1458 if (res < 0) { 1458 if (res < 0) {
1459 local->resuming = false; 1459 local->resuming = false;
1460 return res; 1460 return res;
diff --git a/net/nfc/core.c b/net/nfc/core.c
index 1d074dd1650f..e92923cf3e03 100644
--- a/net/nfc/core.c
+++ b/net/nfc/core.c
@@ -77,11 +77,19 @@ error:
77 return rc; 77 return rc;
78} 78}
79 79
80int nfc_fw_download_done(struct nfc_dev *dev, const char *firmware_name) 80/**
81 * nfc_fw_download_done - inform that a firmware download was completed
82 *
83 * @dev: The nfc device to which firmware was downloaded
84 * @firmware_name: The firmware filename
85 * @result: The positive value of a standard errno value
86 */
87int nfc_fw_download_done(struct nfc_dev *dev, const char *firmware_name,
88 u32 result)
81{ 89{
82 dev->fw_download_in_progress = false; 90 dev->fw_download_in_progress = false;
83 91
84 return nfc_genl_fw_download_done(dev, firmware_name); 92 return nfc_genl_fw_download_done(dev, firmware_name, result);
85} 93}
86EXPORT_SYMBOL(nfc_fw_download_done); 94EXPORT_SYMBOL(nfc_fw_download_done);
87 95
@@ -129,7 +137,7 @@ int nfc_dev_up(struct nfc_dev *dev)
129 /* We have to enable the device before discovering SEs */ 137 /* We have to enable the device before discovering SEs */
130 if (dev->ops->discover_se) { 138 if (dev->ops->discover_se) {
131 rc = dev->ops->discover_se(dev); 139 rc = dev->ops->discover_se(dev);
132 if (!rc) 140 if (rc)
133 pr_warn("SE discovery failed\n"); 141 pr_warn("SE discovery failed\n");
134 } 142 }
135 143
@@ -575,12 +583,14 @@ int nfc_enable_se(struct nfc_dev *dev, u32 se_idx)
575 goto error; 583 goto error;
576 } 584 }
577 585
578 if (se->type == NFC_SE_ENABLED) { 586 if (se->state == NFC_SE_ENABLED) {
579 rc = -EALREADY; 587 rc = -EALREADY;
580 goto error; 588 goto error;
581 } 589 }
582 590
583 rc = dev->ops->enable_se(dev, se_idx); 591 rc = dev->ops->enable_se(dev, se_idx);
592 if (rc >= 0)
593 se->state = NFC_SE_ENABLED;
584 594
585error: 595error:
586 device_unlock(&dev->dev); 596 device_unlock(&dev->dev);
@@ -618,12 +628,14 @@ int nfc_disable_se(struct nfc_dev *dev, u32 se_idx)
618 goto error; 628 goto error;
619 } 629 }
620 630
621 if (se->type == NFC_SE_DISABLED) { 631 if (se->state == NFC_SE_DISABLED) {
622 rc = -EALREADY; 632 rc = -EALREADY;
623 goto error; 633 goto error;
624 } 634 }
625 635
626 rc = dev->ops->disable_se(dev, se_idx); 636 rc = dev->ops->disable_se(dev, se_idx);
637 if (rc >= 0)
638 se->state = NFC_SE_DISABLED;
627 639
628error: 640error:
629 device_unlock(&dev->dev); 641 device_unlock(&dev->dev);
diff --git a/net/nfc/hci/core.c b/net/nfc/hci/core.c
index fe66908401f5..d07ca4c5cf8c 100644
--- a/net/nfc/hci/core.c
+++ b/net/nfc/hci/core.c
@@ -717,7 +717,7 @@ static int hci_disable_se(struct nfc_dev *nfc_dev, u32 se_idx)
717 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev); 717 struct nfc_hci_dev *hdev = nfc_get_drvdata(nfc_dev);
718 718
719 if (hdev->ops->disable_se) 719 if (hdev->ops->disable_se)
720 return hdev->ops->enable_se(hdev, se_idx); 720 return hdev->ops->disable_se(hdev, se_idx);
721 721
722 return 0; 722 return 0;
723} 723}
diff --git a/net/nfc/netlink.c b/net/nfc/netlink.c
index f16fd59d4160..68063b2025da 100644
--- a/net/nfc/netlink.c
+++ b/net/nfc/netlink.c
@@ -1114,7 +1114,8 @@ static int nfc_genl_fw_download(struct sk_buff *skb, struct genl_info *info)
1114 return rc; 1114 return rc;
1115} 1115}
1116 1116
1117int nfc_genl_fw_download_done(struct nfc_dev *dev, const char *firmware_name) 1117int nfc_genl_fw_download_done(struct nfc_dev *dev, const char *firmware_name,
1118 u32 result)
1118{ 1119{
1119 struct sk_buff *msg; 1120 struct sk_buff *msg;
1120 void *hdr; 1121 void *hdr;
@@ -1129,6 +1130,7 @@ int nfc_genl_fw_download_done(struct nfc_dev *dev, const char *firmware_name)
1129 goto free_msg; 1130 goto free_msg;
1130 1131
1131 if (nla_put_string(msg, NFC_ATTR_FIRMWARE_NAME, firmware_name) || 1132 if (nla_put_string(msg, NFC_ATTR_FIRMWARE_NAME, firmware_name) ||
1133 nla_put_u32(msg, NFC_ATTR_FIRMWARE_DOWNLOAD_STATUS, result) ||
1132 nla_put_u32(msg, NFC_ATTR_DEVICE_INDEX, dev->idx)) 1134 nla_put_u32(msg, NFC_ATTR_DEVICE_INDEX, dev->idx))
1133 goto nla_put_failure; 1135 goto nla_put_failure;
1134 1136
@@ -1191,6 +1193,91 @@ static int nfc_genl_disable_se(struct sk_buff *skb, struct genl_info *info)
1191 return rc; 1193 return rc;
1192} 1194}
1193 1195
1196static int nfc_genl_send_se(struct sk_buff *msg, struct nfc_dev *dev,
1197 u32 portid, u32 seq,
1198 struct netlink_callback *cb,
1199 int flags)
1200{
1201 void *hdr;
1202 struct nfc_se *se, *n;
1203
1204 list_for_each_entry_safe(se, n, &dev->secure_elements, list) {
1205 hdr = genlmsg_put(msg, portid, seq, &nfc_genl_family, flags,
1206 NFC_CMD_GET_SE);
1207 if (!hdr)
1208 goto nla_put_failure;
1209
1210 if (cb)
1211 genl_dump_check_consistent(cb, hdr, &nfc_genl_family);
1212
1213 if (nla_put_u32(msg, NFC_ATTR_DEVICE_INDEX, dev->idx) ||
1214 nla_put_u32(msg, NFC_ATTR_SE_INDEX, se->idx) ||
1215 nla_put_u8(msg, NFC_ATTR_SE_TYPE, se->type))
1216 goto nla_put_failure;
1217
1218 if (genlmsg_end(msg, hdr) < 0)
1219 goto nla_put_failure;
1220 }
1221
1222 return 0;
1223
1224nla_put_failure:
1225 genlmsg_cancel(msg, hdr);
1226 return -EMSGSIZE;
1227}
1228
1229static int nfc_genl_dump_ses(struct sk_buff *skb,
1230 struct netlink_callback *cb)
1231{
1232 struct class_dev_iter *iter = (struct class_dev_iter *) cb->args[0];
1233 struct nfc_dev *dev = (struct nfc_dev *) cb->args[1];
1234 bool first_call = false;
1235
1236 if (!iter) {
1237 first_call = true;
1238 iter = kmalloc(sizeof(struct class_dev_iter), GFP_KERNEL);
1239 if (!iter)
1240 return -ENOMEM;
1241 cb->args[0] = (long) iter;
1242 }
1243
1244 mutex_lock(&nfc_devlist_mutex);
1245
1246 cb->seq = nfc_devlist_generation;
1247
1248 if (first_call) {
1249 nfc_device_iter_init(iter);
1250 dev = nfc_device_iter_next(iter);
1251 }
1252
1253 while (dev) {
1254 int rc;
1255
1256 rc = nfc_genl_send_se(skb, dev, NETLINK_CB(cb->skb).portid,
1257 cb->nlh->nlmsg_seq, cb, NLM_F_MULTI);
1258 if (rc < 0)
1259 break;
1260
1261 dev = nfc_device_iter_next(iter);
1262 }
1263
1264 mutex_unlock(&nfc_devlist_mutex);
1265
1266 cb->args[1] = (long) dev;
1267
1268 return skb->len;
1269}
1270
1271static int nfc_genl_dump_ses_done(struct netlink_callback *cb)
1272{
1273 struct class_dev_iter *iter = (struct class_dev_iter *) cb->args[0];
1274
1275 nfc_device_iter_exit(iter);
1276 kfree(iter);
1277
1278 return 0;
1279}
1280
1194static struct genl_ops nfc_genl_ops[] = { 1281static struct genl_ops nfc_genl_ops[] = {
1195 { 1282 {
1196 .cmd = NFC_CMD_GET_DEVICE, 1283 .cmd = NFC_CMD_GET_DEVICE,
@@ -1265,6 +1352,12 @@ static struct genl_ops nfc_genl_ops[] = {
1265 .doit = nfc_genl_disable_se, 1352 .doit = nfc_genl_disable_se,
1266 .policy = nfc_genl_policy, 1353 .policy = nfc_genl_policy,
1267 }, 1354 },
1355 {
1356 .cmd = NFC_CMD_GET_SE,
1357 .dumpit = nfc_genl_dump_ses,
1358 .done = nfc_genl_dump_ses_done,
1359 .policy = nfc_genl_policy,
1360 },
1268}; 1361};
1269 1362
1270 1363
diff --git a/net/nfc/nfc.h b/net/nfc/nfc.h
index 820a7850c36a..aaf606fc1faa 100644
--- a/net/nfc/nfc.h
+++ b/net/nfc/nfc.h
@@ -124,9 +124,8 @@ static inline void nfc_device_iter_exit(struct class_dev_iter *iter)
124} 124}
125 125
126int nfc_fw_download(struct nfc_dev *dev, const char *firmware_name); 126int nfc_fw_download(struct nfc_dev *dev, const char *firmware_name);
127int nfc_genl_fw_download_done(struct nfc_dev *dev, const char *firmware_name); 127int nfc_genl_fw_download_done(struct nfc_dev *dev, const char *firmware_name,
128 128 u32 result);
129int nfc_fw_download_done(struct nfc_dev *dev, const char *firmware_name);
130 129
131int nfc_dev_up(struct nfc_dev *dev); 130int nfc_dev_up(struct nfc_dev *dev);
132 131
diff --git a/net/rfkill/rfkill-regulator.c b/net/rfkill/rfkill-regulator.c
index d11ac79246e4..cf5b145902e5 100644
--- a/net/rfkill/rfkill-regulator.c
+++ b/net/rfkill/rfkill-regulator.c
@@ -30,6 +30,7 @@ struct rfkill_regulator_data {
30static int rfkill_regulator_set_block(void *data, bool blocked) 30static int rfkill_regulator_set_block(void *data, bool blocked)
31{ 31{
32 struct rfkill_regulator_data *rfkill_data = data; 32 struct rfkill_regulator_data *rfkill_data = data;
33 int ret = 0;
33 34
34 pr_debug("%s: blocked: %d\n", __func__, blocked); 35 pr_debug("%s: blocked: %d\n", __func__, blocked);
35 36
@@ -40,15 +41,16 @@ static int rfkill_regulator_set_block(void *data, bool blocked)
40 } 41 }
41 } else { 42 } else {
42 if (!rfkill_data->reg_enabled) { 43 if (!rfkill_data->reg_enabled) {
43 regulator_enable(rfkill_data->vcc); 44 ret = regulator_enable(rfkill_data->vcc);
44 rfkill_data->reg_enabled = true; 45 if (!ret)
46 rfkill_data->reg_enabled = true;
45 } 47 }
46 } 48 }
47 49
48 pr_debug("%s: regulator_is_enabled after set_block: %d\n", __func__, 50 pr_debug("%s: regulator_is_enabled after set_block: %d\n", __func__,
49 regulator_is_enabled(rfkill_data->vcc)); 51 regulator_is_enabled(rfkill_data->vcc));
50 52
51 return 0; 53 return ret;
52} 54}
53 55
54static struct rfkill_ops rfkill_regulator_ops = { 56static struct rfkill_ops rfkill_regulator_ops = {
diff --git a/net/wireless/mlme.c b/net/wireless/mlme.c
index bfac5e186f57..8d49c1ce3dea 100644
--- a/net/wireless/mlme.c
+++ b/net/wireless/mlme.c
@@ -621,7 +621,7 @@ int cfg80211_mlme_mgmt_tx(struct cfg80211_registered_device *rdev,
621} 621}
622 622
623bool cfg80211_rx_mgmt(struct wireless_dev *wdev, int freq, int sig_mbm, 623bool cfg80211_rx_mgmt(struct wireless_dev *wdev, int freq, int sig_mbm,
624 const u8 *buf, size_t len, gfp_t gfp) 624 const u8 *buf, size_t len, u32 flags, gfp_t gfp)
625{ 625{
626 struct wiphy *wiphy = wdev->wiphy; 626 struct wiphy *wiphy = wdev->wiphy;
627 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 627 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
@@ -664,7 +664,7 @@ bool cfg80211_rx_mgmt(struct wireless_dev *wdev, int freq, int sig_mbm,
664 /* Indicate the received Action frame to user space */ 664 /* Indicate the received Action frame to user space */
665 if (nl80211_send_mgmt(rdev, wdev, reg->nlportid, 665 if (nl80211_send_mgmt(rdev, wdev, reg->nlportid,
666 freq, sig_mbm, 666 freq, sig_mbm,
667 buf, len, gfp)) 667 buf, len, flags, gfp))
668 continue; 668 continue;
669 669
670 result = true; 670 result = true;
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 170c0abd2a01..af8d84a4a5b2 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -6593,19 +6593,30 @@ static struct genl_multicast_group nl80211_testmode_mcgrp = {
6593static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info) 6593static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info)
6594{ 6594{
6595 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 6595 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6596 struct wireless_dev *wdev =
6597 __cfg80211_wdev_from_attrs(genl_info_net(info), info->attrs);
6596 int err; 6598 int err;
6597 6599
6600 if (!rdev->ops->testmode_cmd)
6601 return -EOPNOTSUPP;
6602
6603 if (IS_ERR(wdev)) {
6604 err = PTR_ERR(wdev);
6605 if (err != -EINVAL)
6606 return err;
6607 wdev = NULL;
6608 } else if (wdev->wiphy != &rdev->wiphy) {
6609 return -EINVAL;
6610 }
6611
6598 if (!info->attrs[NL80211_ATTR_TESTDATA]) 6612 if (!info->attrs[NL80211_ATTR_TESTDATA])
6599 return -EINVAL; 6613 return -EINVAL;
6600 6614
6601 err = -EOPNOTSUPP; 6615 rdev->testmode_info = info;
6602 if (rdev->ops->testmode_cmd) { 6616 err = rdev_testmode_cmd(rdev, wdev,
6603 rdev->testmode_info = info;
6604 err = rdev_testmode_cmd(rdev,
6605 nla_data(info->attrs[NL80211_ATTR_TESTDATA]), 6617 nla_data(info->attrs[NL80211_ATTR_TESTDATA]),
6606 nla_len(info->attrs[NL80211_ATTR_TESTDATA])); 6618 nla_len(info->attrs[NL80211_ATTR_TESTDATA]));
6607 rdev->testmode_info = NULL; 6619 rdev->testmode_info = NULL;
6608 }
6609 6620
6610 return err; 6621 return err;
6611} 6622}
@@ -7567,14 +7578,12 @@ static int nl80211_set_cqm_txe(struct genl_info *info,
7567 u32 rate, u32 pkts, u32 intvl) 7578 u32 rate, u32 pkts, u32 intvl)
7568{ 7579{
7569 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 7580 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7570 struct wireless_dev *wdev;
7571 struct net_device *dev = info->user_ptr[1]; 7581 struct net_device *dev = info->user_ptr[1];
7582 struct wireless_dev *wdev = dev->ieee80211_ptr;
7572 7583
7573 if (rate > 100 || intvl > NL80211_CQM_TXE_MAX_INTVL) 7584 if (rate > 100 || intvl > NL80211_CQM_TXE_MAX_INTVL)
7574 return -EINVAL; 7585 return -EINVAL;
7575 7586
7576 wdev = dev->ieee80211_ptr;
7577
7578 if (!rdev->ops->set_cqm_txe_config) 7587 if (!rdev->ops->set_cqm_txe_config)
7579 return -EOPNOTSUPP; 7588 return -EOPNOTSUPP;
7580 7589
@@ -7589,13 +7598,15 @@ static int nl80211_set_cqm_rssi(struct genl_info *info,
7589 s32 threshold, u32 hysteresis) 7598 s32 threshold, u32 hysteresis)
7590{ 7599{
7591 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 7600 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7592 struct wireless_dev *wdev;
7593 struct net_device *dev = info->user_ptr[1]; 7601 struct net_device *dev = info->user_ptr[1];
7602 struct wireless_dev *wdev = dev->ieee80211_ptr;
7594 7603
7595 if (threshold > 0) 7604 if (threshold > 0)
7596 return -EINVAL; 7605 return -EINVAL;
7597 7606
7598 wdev = dev->ieee80211_ptr; 7607 /* disabling - hysteresis should also be zero then */
7608 if (threshold == 0)
7609 hysteresis = 0;
7599 7610
7600 if (!rdev->ops->set_cqm_rssi_config) 7611 if (!rdev->ops->set_cqm_rssi_config)
7601 return -EOPNOTSUPP; 7612 return -EOPNOTSUPP;
@@ -7614,36 +7625,33 @@ static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info)
7614 int err; 7625 int err;
7615 7626
7616 cqm = info->attrs[NL80211_ATTR_CQM]; 7627 cqm = info->attrs[NL80211_ATTR_CQM];
7617 if (!cqm) { 7628 if (!cqm)
7618 err = -EINVAL; 7629 return -EINVAL;
7619 goto out;
7620 }
7621 7630
7622 err = nla_parse_nested(attrs, NL80211_ATTR_CQM_MAX, cqm, 7631 err = nla_parse_nested(attrs, NL80211_ATTR_CQM_MAX, cqm,
7623 nl80211_attr_cqm_policy); 7632 nl80211_attr_cqm_policy);
7624 if (err) 7633 if (err)
7625 goto out; 7634 return err;
7626 7635
7627 if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] && 7636 if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] &&
7628 attrs[NL80211_ATTR_CQM_RSSI_HYST]) { 7637 attrs[NL80211_ATTR_CQM_RSSI_HYST]) {
7629 s32 threshold; 7638 s32 threshold = nla_get_s32(attrs[NL80211_ATTR_CQM_RSSI_THOLD]);
7630 u32 hysteresis; 7639 u32 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]);
7631 threshold = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_THOLD]);
7632 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]);
7633 err = nl80211_set_cqm_rssi(info, threshold, hysteresis);
7634 } else if (attrs[NL80211_ATTR_CQM_TXE_RATE] &&
7635 attrs[NL80211_ATTR_CQM_TXE_PKTS] &&
7636 attrs[NL80211_ATTR_CQM_TXE_INTVL]) {
7637 u32 rate, pkts, intvl;
7638 rate = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_RATE]);
7639 pkts = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_PKTS]);
7640 intvl = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_INTVL]);
7641 err = nl80211_set_cqm_txe(info, rate, pkts, intvl);
7642 } else
7643 err = -EINVAL;
7644 7640
7645out: 7641 return nl80211_set_cqm_rssi(info, threshold, hysteresis);
7646 return err; 7642 }
7643
7644 if (attrs[NL80211_ATTR_CQM_TXE_RATE] &&
7645 attrs[NL80211_ATTR_CQM_TXE_PKTS] &&
7646 attrs[NL80211_ATTR_CQM_TXE_INTVL]) {
7647 u32 rate = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_RATE]);
7648 u32 pkts = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_PKTS]);
7649 u32 intvl = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_INTVL]);
7650
7651 return nl80211_set_cqm_txe(info, rate, pkts, intvl);
7652 }
7653
7654 return -EINVAL;
7647} 7655}
7648 7656
7649static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info) 7657static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info)
@@ -10442,7 +10450,7 @@ EXPORT_SYMBOL(cfg80211_rx_unexpected_4addr_frame);
10442int nl80211_send_mgmt(struct cfg80211_registered_device *rdev, 10450int nl80211_send_mgmt(struct cfg80211_registered_device *rdev,
10443 struct wireless_dev *wdev, u32 nlportid, 10451 struct wireless_dev *wdev, u32 nlportid,
10444 int freq, int sig_dbm, 10452 int freq, int sig_dbm,
10445 const u8 *buf, size_t len, gfp_t gfp) 10453 const u8 *buf, size_t len, u32 flags, gfp_t gfp)
10446{ 10454{
10447 struct net_device *netdev = wdev->netdev; 10455 struct net_device *netdev = wdev->netdev;
10448 struct sk_buff *msg; 10456 struct sk_buff *msg;
@@ -10465,7 +10473,9 @@ int nl80211_send_mgmt(struct cfg80211_registered_device *rdev,
10465 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq) || 10473 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq) ||
10466 (sig_dbm && 10474 (sig_dbm &&
10467 nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm)) || 10475 nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm)) ||
10468 nla_put(msg, NL80211_ATTR_FRAME, len, buf)) 10476 nla_put(msg, NL80211_ATTR_FRAME, len, buf) ||
10477 (flags &&
10478 nla_put_u32(msg, NL80211_ATTR_RXMGMT_FLAGS, flags)))
10469 goto nla_put_failure; 10479 goto nla_put_failure;
10470 10480
10471 genlmsg_end(msg, hdr); 10481 genlmsg_end(msg, hdr);
diff --git a/net/wireless/nl80211.h b/net/wireless/nl80211.h
index 44341bf53cfc..2c0f2b3c07cb 100644
--- a/net/wireless/nl80211.h
+++ b/net/wireless/nl80211.h
@@ -66,7 +66,7 @@ void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev,
66int nl80211_send_mgmt(struct cfg80211_registered_device *rdev, 66int nl80211_send_mgmt(struct cfg80211_registered_device *rdev,
67 struct wireless_dev *wdev, u32 nlpid, 67 struct wireless_dev *wdev, u32 nlpid,
68 int freq, int sig_dbm, 68 int freq, int sig_dbm,
69 const u8 *buf, size_t len, gfp_t gfp); 69 const u8 *buf, size_t len, u32 flags, gfp_t gfp);
70 70
71void 71void
72nl80211_radar_notify(struct cfg80211_registered_device *rdev, 72nl80211_radar_notify(struct cfg80211_registered_device *rdev,
diff --git a/net/wireless/rdev-ops.h b/net/wireless/rdev-ops.h
index de870d4d0bcc..37ce9fdfe934 100644
--- a/net/wireless/rdev-ops.h
+++ b/net/wireless/rdev-ops.h
@@ -516,11 +516,12 @@ static inline void rdev_rfkill_poll(struct cfg80211_registered_device *rdev)
516 516
517#ifdef CONFIG_NL80211_TESTMODE 517#ifdef CONFIG_NL80211_TESTMODE
518static inline int rdev_testmode_cmd(struct cfg80211_registered_device *rdev, 518static inline int rdev_testmode_cmd(struct cfg80211_registered_device *rdev,
519 struct wireless_dev *wdev,
519 void *data, int len) 520 void *data, int len)
520{ 521{
521 int ret; 522 int ret;
522 trace_rdev_testmode_cmd(&rdev->wiphy); 523 trace_rdev_testmode_cmd(&rdev->wiphy, wdev);
523 ret = rdev->ops->testmode_cmd(&rdev->wiphy, data, len); 524 ret = rdev->ops->testmode_cmd(&rdev->wiphy, wdev, data, len);
524 trace_rdev_return_int(&rdev->wiphy, ret); 525 trace_rdev_return_int(&rdev->wiphy, ret);
525 return ret; 526 return ret;
526} 527}
diff --git a/net/wireless/trace.h b/net/wireless/trace.h
index f0ebdcd394ef..ba5f0d6614d5 100644
--- a/net/wireless/trace.h
+++ b/net/wireless/trace.h
@@ -1293,15 +1293,17 @@ TRACE_EVENT(rdev_return_int_int,
1293 1293
1294#ifdef CONFIG_NL80211_TESTMODE 1294#ifdef CONFIG_NL80211_TESTMODE
1295TRACE_EVENT(rdev_testmode_cmd, 1295TRACE_EVENT(rdev_testmode_cmd,
1296 TP_PROTO(struct wiphy *wiphy), 1296 TP_PROTO(struct wiphy *wiphy, struct wireless_dev *wdev),
1297 TP_ARGS(wiphy), 1297 TP_ARGS(wiphy, wdev),
1298 TP_STRUCT__entry( 1298 TP_STRUCT__entry(
1299 WIPHY_ENTRY 1299 WIPHY_ENTRY
1300 WDEV_ENTRY
1300 ), 1301 ),
1301 TP_fast_assign( 1302 TP_fast_assign(
1302 WIPHY_ASSIGN; 1303 WIPHY_ASSIGN;
1304 WDEV_ASSIGN;
1303 ), 1305 ),
1304 TP_printk(WIPHY_PR_FMT, WIPHY_PR_ARG) 1306 TP_printk(WIPHY_PR_FMT WDEV_PR_FMT, WIPHY_PR_ARG, WDEV_PR_ARG)
1305); 1307);
1306 1308
1307TRACE_EVENT(rdev_testmode_dump, 1309TRACE_EVENT(rdev_testmode_dump,
generated by cgit v1.2.2 (git 2.25.0) at 2025-02-10 03:33:23 -0500