Do not copy the extended supported rates in 'param->supp_rates' if the
array is already full with basic rates values. The array size check
helped to avoid possible illegal memory access [1] while copying to
'param->supp_rates' array.
1. https://marc.info/?l=linux-next&m=157301720517456&w=2
Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
Addresses-Coverity-ID: 1487400 ("Memory - illegal accesses")
Fixes: 4e0b0f42c9 ("staging: wilc1000: use struct to pack join parameters for FW")
Cc: stable@vger.kernel.org
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Link: https://lore.kernel.org/r/20191106062127.3165-1-ajay.kathat@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Added defines for different types of messages received from firmware.
Removed the unnecessary comments because after the addition of macros
the message types are self-explanatory.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Link: https://lore.kernel.org/r/20191105095058.24223-7-ajay.kathat@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Remove 'wilc_' prefix from filenames, the driver is already present
inside the 'wilc1000' directory so no need to add 'wilc_' in
filenames.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Link: https://lore.kernel.org/r/20191105095058.24223-3-ajay.kathat@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Use 'u8' instead of 'bool' datatype for struct element sent to firmware
because storage of bool datatype is not guaranteed.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Link: https://lore.kernel.org/r/20191105095058.24223-2-ajay.kathat@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
When killing hostapd, the interface is closed which deinitializes the
device, then change virtual interface is called.
This change checks if the device is initialized before sending the
interface change command to the device
Signed-off-by: Adham Abozaeid <adham.abozaeid@microchip.com>
Link: https://lore.kernel.org/r/20191028184019.31194-1-adham.abozaeid@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
During concurrent mode(AP/STA + P2P), pass the mgmt frames received from
firmware to appropriate interface. Iterate the complete interface list
to pass frames on the interface which has registered to receive mgmt
frame. Added extra time for 'remain_on_ch' timer to ensure that timeout
for uncanceled remain_on_channel is not triggered & 'p2p_listen_state'
is not cleared before passing the mgmt frames to p2p interface.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Link: https://lore.kernel.org/r/20191018124511.22751-1-ajay.kathat@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
The "rates_len" value needs to be capped so that the memcpy() doesn't
copy beyond the end of the array.
Fixes: c5c77ba18e ("staging: wilc1000: Add SDIO/SPI 802.11 driver")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Adham Abozaeid <adham.abozaeid@microchip.com>
Link: https://lore.kernel.org/r/20191017091832.GB31278@mwanda
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
In a fast disconnect/connect sequence, cfg80211_connect_result() can
fail to find the bss object which the driver is connecting to. Detailed
sequence of events:
* Driver is connected in STA mode
* Disconnect request arrives from user space. Driver disconnects and
calls cfg80211_disconnected() which adds new event to the
cfg80211_wq worker thread
* Connect request arrives from user space. cfg80211_connect() stores
ssid/ssid_len and calls rdev_connect()
* __cfg80211_disconnected() runs in worker thread and zero
wdev->ssid_len
* Connect succeeds. Driver calls cfg80211_connect_result() which fails
to find the bss because wdev->ssid_len is zero
To overcome this, upon connect request, store the bss object in the
driver and upon connect completion pass it to kernel using
cfg80211_connect_bss().
Ref: bcdd49b074 ("store bss object and use cfg80211_connect_bss()")
Signed-off-by: Adham Abozaeid <adham.abozaeid@microchip.com>
Link: https://lore.kernel.org/r/20191017165105.27429-1-adham.abozaeid@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
WILC doesn't support per-vif tx power, and hence, wdev will always be
null in calls to set_tx_power.
Instead, wiphy should be used to execute the operation
Signed-off-by: Adham Abozaeid <adham.abozaeid@microchip.com>
Link: https://lore.kernel.org/r/20191004214011.7623-1-adham.abozaeid@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
If rtc_clk is provided from DT, use it and enable it.
This is optional.
The signal may be hardcoded and no need to be requested,
but if DT provides it, use it.
Signed-off-by: Adham Abozaeid <adham.abozaeid@microchip.com>
Link: https://lore.kernel.org/r/20190916193701.20755-1-adham.abozaeid@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Make use of RCU list to maintain virtual interfaces instead of an array.
The update operation on 'vif' list is less compare to the read
operations. Mostly the 'vif' list elements are accessed for the read
operation, so RCU list is more suited for this requirement.
The shifting of interface index id's during the delete interface is not
required. As the firmware only supports 2 interfaces so make use of
available free slot index id during add interface.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Link: https://lore.kernel.org/r/20190926151436.27819-3-ajay.kathat@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Move deinitialization of lock during the module remove and the
initialization of lock wilc_cfg80211_init(). This to ensure locks are
available during module load and gets free during unload.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Link: https://lore.kernel.org/r/20190926151436.27819-2-ajay.kathat@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Removed unnecessary check to compare vif interface with zeroth index
element in vif array. Already the caller takes care of passing the
appropriate netdev handler during the del key operation.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Link: https://lore.kernel.org/r/20190926151436.27819-1-ajay.kathat@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
The IRQ handler(isr_bh_routine()) was called twice for each interrupt
from firmware. The data was read completely during the first call and
the second call was doing nothing.
Now changed the IRQ flag from ‘level’ to ‘edge’ trigger i.e
IRQF_TRIGGER_LOW to IRQF_TRIGGER_FALLING to avoid extra interrupt
trigger.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Link: https://lore.kernel.org/r/20190910074514.3073-2-ajay.kathat@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Remove interrupt handling for unused interrupt status(PLL update and
Sleep). The firmware only initiates the interrupt for the data transfer
to host and rest are not used anymore.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Link: https://lore.kernel.org/r/20190910074514.3073-1-ajay.kathat@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
If rtc_clk is provided from DT, use it and enable it.
This is optional.
The signal may be hardcoded and no need to be requested,
but if DT provides it, use it.
Signed-off-by: Eugen Hristev <eugen.hristev@microchip.com>
Acked-by: Ajay Singh <ajay.kathat@microchip.com>
Link: https://lore.kernel.org/r/1568037993-4646-2-git-send-email-eugen.hristev@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Send abort request to WILC from wilc_wlan_stop instead of resetting the
CPU.
The abort request was being sent from wilc_wlan_cleanup after the CPU
was reset which wasn't the correct order. The abort request handler
in the chip will take care of resetting the CPU.
Signed-off-by: Adham Abozaeid <adham.abozaeid@microchip.com>
Link: https://lore.kernel.org/r/20190809182510.22443-2-adham.abozaeid@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
wilc_set_wfi_drv_handler and wilc_set_operation_mode sends the same
parameters to the FW, so it's better to combine them together.
Kept wilc_set_wfi_drv_handler implementation since it sends all the
required parameters, and renamed it to wilc_set_operation_mode to be
more descriptive.
Signed-off-by: Adham Abozaeid <adham.abozaeid@microchip.com>
Link: https://lore.kernel.org/r/20190801200909.12605-2-adham.abozaeid@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
manual sleep mode was used to put the wilc1000 chip in sleep while in
disconnected state. This is taken care of in the firmware
Signed-off-by: Adham Abozaeid <adham.abozaeid@microchip.com>
Link: https://lore.kernel.org/r/20190725213125.2810-7-adham.abozaeid@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Don't override powersave state with respect to the open interfaces and
let the firmware take care of when it's appropriate to do so
Signed-off-by: Adham Abozaeid <adham.abozaeid@microchip.com>
Link: https://lore.kernel.org/r/20190725213125.2810-5-adham.abozaeid@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
during_ip_timer is not required after removing the code that disables
powersave while the ip is being obtained.
Its handler clear_during_ip is also removed
Signed-off-by: Adham Abozaeid <adham.abozaeid@microchip.com>
Link: https://lore.kernel.org/r/20190725213125.2810-3-adham.abozaeid@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Driver registers an inetaddr notifier to disable powersave while the ip
address is being obtained which should be controlled only by cfg80211.
Signed-off-by: Adham Abozaeid <adham.abozaeid@microchip.com>
Link: https://lore.kernel.org/r/20190725213125.2810-2-adham.abozaeid@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Merge the combo use of memcpy and le32_to_cpus.
Use get_unaligned_le32 instead.
This simplifies the code.
Signed-off-by: Chuhong Yuan <hslester96@gmail.com>
Link: https://lore.kernel.org/r/20190725025203.8772-1-hslester96@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Before deinitializing the host interface, the workqueue should be flushed
to handle any pending deferred work
Signed-off-by: Adham Abozaeid <adham.abozaeid@microchip.com>
Cc: stable <stable@vger.kernel.org>
Link: https://lore.kernel.org/r/20190722213837.21952-1-adham.abozaeid@microchip.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Include wilc_wlan_cfg.h in wilc_netdev.c to enable it to call functions
in wilc_wlan_cfg.c.
Remove function wilc_wlan_cfg_get_val as all it does is call
wilc_wlan_cfg_get_wid_value in file wilc_wlan_cfg.c.
Rename function wilc_wlan_cfg_get_wid_value to wilc_wlan_cfg_get_val to
maintain compatibility with call sites (including in wilc_netdev.c).
Issue found with Coccinelle.
Signed-off-by: Nishka Dasgupta <nishkadg.linux@gmail.com>
Link: https://lore.kernel.org/r/20190712072009.2550-1-nishkadg.linux@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Rename 'host_interface' source and header file to include the 'wilc_'
prefix in its name.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cleanup patch to remove the passing of driver handler, get the 'idx'
value inside the called function.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Remove use of 'src_addr' element in wilc_vif, as the same information
already copied to net_device->dev_addr.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cleanup patch to avoid loop to traverse the interfaces instead make use
of vif received from net_device priv data.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Removed the 'driver_handler_id' & 'ifc_id' elements and used 'idx' to
identify the handler.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Removed the use of two hardcoded interfaces and added support to
add/remove the network interfaces dynamically.
Now the driver will have single default interface with name 'wlan0' and
later other interface can be added from user space application e.g
using 'iw add' command.
Also taken care to maintain 'wilc_vif' as part of 'net_device'
private data and 'wilc' struct as 'wiphy' private data.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
For the error path in wilc_wlan_initialize(), the resources are not
cleanup in the correct order. Reverted the previous changes and use the
correct order to free during error condition.
Fixes: b46d68825c ("staging: wilc1000: remove COMPLEMENT_BOOT")
Cc: <stable@vger.kernel.org>
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Moved the handling of p2p related operation in the caller context instead
of using workqueue.
Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Add passive scan support to the driver by passing the scan type to the
HW and configure the HW scan time if configured by the cfg80211.
Signed-off-by: Adham Abozaeid <adham.abozaeid@microchip.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
alloc_etherdev function internally calls kvzalloc . So we may not need
explicit memset after this call.
Signed-off-by: Hariprasad Kelam <hariprasad.kelam@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
The masking update of pkg_offset is redundant as the updated
value is never read and pkg_offset is re-assigned on the next
iteration of the loop. Clean this up by removing the redundant
assignment.
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Reviewed-by: Adham Abozaeid <adham.abozaeid@microchip.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
If ->hif_read_reg() or ->hif_write_reg() fail then the code unlocks
and keeps executing. It should just return.
Fixes: c5c77ba18e ("staging: wilc1000: Add SDIO/SPI 802.11 driver")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
txq_add_mgmt_pkt allocates memory while being called from atomic context
so needs to use GFP_ATOMIC
Signed-off-by: Adham Abozaeid <adham.abozaeid@microchip.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
'default n' is the default value for any bool or tristate Kconfig
setting so there is no need to write it explicitly.
Also since commit f467c5640c ("kconfig: only write '# CONFIG_FOO
is not set' for visible symbols") the Kconfig behavior is the same
regardless of 'default n' being present or not:
...
One side effect of (and the main motivation for) this change is making
the following two definitions behave exactly the same:
config FOO
bool
config FOO
bool
default n
With this change, neither of these will generate a
'# CONFIG_FOO is not set' line (assuming FOO isn't selected/implied).
That might make it clearer to people that a bare 'default n' is
redundant.
...
Signed-off-by: Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>