TKIP countermeasures depend on devices being able to detect Michael
MIC failures on received frames and for stations to report errors to
the AP. In order to test that behavior, it is useful to be able to
send out TKIP frames with incorrect Michael MIC. This testing behavior
has minimal effect on the TX path, so it can be added to mac80211 for
convenient use.
The interface for using this functionality is a file in mac80211
netdev debugfs (tkip_mic_test). Writing a MAC address to the file
makes mac80211 generate a dummy data frame that will be sent out using
invalid Michael MIC value. In AP mode, the address needs to be for one
of the associated stations or ff:ff:ff:ff:ff:ff to use a broadcast
frame. In station mode, the address can be anything, e.g., the current
BSSID. It should be noted that this functionality works correctly only
when associated and using TKIP.
Signed-off-by: Jouni Malinen <jouni.malinen@atheros.com>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
The TKIP implementation was originally prepared to be a bit more
flexible in the way Michael MIC TX/RX keys are configured. However, we
are now taking care of the TX/RX MIC key swapping in user space, so
this code will not be needed. Similarly, there were some remaining WPA
testing code that won't be used in their current form. Remove the
unneeded extra complexity.
Signed-off-by: Jouni Malinen <jouni.malinen@atheros.com>
Reviewed-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
The below patch fixes a typo comamnd to command.
Signed-off-by: Justin P. Mattock <justinmattock@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
The beaconing vif addition is based on max beacon slot
available. So it is better to reserve a beacon slot
on interface addition and let it be configured properly
on bss_info change.
Signed-off-by: Rajkumar Manoharan <rmanoharan@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
There's no point in disallowing scanning for a
GO interface when it's not beaconing yet.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Beacons from external BSSes are required for updating overlapping BSS
info (i.e. ERP protection). Pass them up unconditionally.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
When operating in AP mode the wl1271 hardware filters out null-data
packets as well as management packets. This makes it impossible for
mac80211 to monitor the PS mode by using the PM bit of incoming frames.
Implement a HW flag to indicate that mac80211 should ignore the PM bit.
In addition, expose ieee80211_sta_ps_transition() to make low-level
drivers capable of controlling PS-mode.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
When rate-control is performed in HW, we cannot calculate frame
duration as we do not have the skb transmission rate in SW.
ieee80211_tx_h_calculate_duration() should only be called when
ieee80211_tx_h_rate_ctrl() has been called before to initialize data
in skb->cb. This doesn't happen for drivers with HW rate-control.
Fixes the following warning when operating in AP-mode
in a driver with HW rate-control.
WARNING: at net/mac80211/tx.c:57 ieee80211_duration+0x54/0x1d8 [mac80211]()
Modules linked in: wl1271_sdio wl1271 firmware_class crc7 mac80211 cfg80211
[<c0046090>] (unwind_backtrace+0x0/0x124) from [<c0064c10>] (warn_slowpath_common+0x4c/0x64)
[<c0064c10>] (warn_slowpath_common+0x4c/0x64) from [<c0064c40>] (warn_slowpath_null+0x18/0x1c)
[<c0064c40>] (warn_slowpath_null+0x18/0x1c) from [<bf040e34>] (ieee80211_duration+0x54/0x1d8 [mac80211])
[<bf040e34>] (ieee80211_duration+0x54/0x1d8 [mac80211]) from [<bf04200c>] (invoke_tx_handlers+0xfa0/0x1088 [mac80211])
[<bf04200c>] (invoke_tx_handlers+0xfa0/0x1088 [mac80211]) from [<bf042178>] (ieee80211_tx+0x84/0x248 [mac80211])
[<bf042178>] (ieee80211_tx+0x84/0x248 [mac80211]) from [<bf042f44>] (ieee80211_tx_pending+0x12c/0x278 [mac80211])
[<bf042f44>] (ieee80211_tx_pending+0x12c/0x278 [mac80211]) from [<c0069a9c>] (tasklet_action+0x68/0xbc)
[<c0069a9c>] (tasklet_action+0x68/0xbc) from [<c006a044>] (__do_softirq+0x84/0x114)
[<c006a044>] (__do_softirq+0x84/0x114) from [<c006a1b8>] (do_softirq+0x48/0x54)
[<c006a1b8>] (do_softirq+0x48/0x54) from [<c006a4f8>] (local_bh_enable+0x98/0xcc)
[<c006a4f8>] (local_bh_enable+0x98/0xcc) from [<bf074e60>] (wl1271_rx+0x2e8/0x3a4 [wl1271])
[<bf074e60>] (wl1271_rx+0x2e8/0x3a4 [wl1271]) from [<bf071ae4>] (wl1271_irq_work+0x230/0x310 [wl1271])
[<bf071ae4>] (wl1271_irq_work+0x230/0x310 [wl1271]) from [<c0076864>] (process_one_work+0x208/0x350)
[<c0076864>] (process_one_work+0x208/0x350) from [<c0076e14>] (worker_thread+0x1cc/0x300)
[<c0076e14>] (worker_thread+0x1cc/0x300) from [<c007bb88>] (kthread+0x84/0x8c)
[<c007bb88>] (kthread+0x84/0x8c) from [<c0041494>] (kernel_thread_exit+0x0/0x8)
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
When a vif goes away, it could cause the super-chan
to be recalculated differently, so do that calculation
on iface removal.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
The opmode recalculation is accessing hw registers.
When it is called from remove interface callback and
if there are no vifs present then hw is moved to FULL SLEEP
by radio disable. So use power save wrappers before
accessing hw registers in calculating opmode state.
Signed-off-by: Rajkumar Manoharan <rmanoharan@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
move ath_update_txpow to common to remove code duplication
in both ath9k & ath9k_htc.
Signed-off-by: Rajkumar Manoharan <rmanoharan@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
ani work is cancelled in dissaoctiation. But in some cases
during suspend, deauthention never be called. So we failed
to stop ani work which was identified by the following
warning.
Call Trace:
[<ffffffffa0454a1d>] ieee80211_can_queue_work.clone.17+0x2d/0x40 [mac80211]
[<ffffffffa0454a60>] ieee80211_queue_delayed_work+0x30/0x60 [mac80211]
[<ffffffffa0567f82>] ath9k_ani_work+0x142/0x250 [ath9k_htc]
[<ffffffff81073c70>] async_run_entry_fn+0x0/0x180
[<ffffffffa0567e40>] ath9k_ani_work+0x0/0x250 [ath9k_htc]
Signed-off-by: Rajkumar Manoharan <rmanoharan@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Currently cfg80211 only configures the PSM state to the driver upon creation
of a new virtual interface, but not after interface type change. The mac80211
on the other hand reinitializes its sdata structure every time the interface
type is changed, losing the PSM configuration.
Hence, if the interface type is changed to, say, ad-hoc and then back to
managed, "iw wlan0 get power_save" will claim that PSM is enabled, when in
fact on mac80211 level it is not.
Fix this in cfg80211 by configuring the PSM state to the driver each time
the interface is brought up instead of just when the interface is created.
Signed-off-by: Juuso Oikarinen <juuso.oikarinen@nokia.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Set the rate index rate_idx and preamble flag RX_FLAG_SHORTPRE on received
packets.
Signed-off-by: David Gnedt <david.gnedt@davizone.at>
Acked-by: Kalle Valo <kvalo@adurom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Enable adhoc support in wl1251 driver.
Signed-off-by: David Gnedt <david.gnedt@davizone.at>
Acked-by: Kalle Valo <kvalo@adurom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Implement connection quality monitoring similar to the wl1271 driver.
It triggers ieee80211_cqm_rssi_notify with the corresponding event when
RSSI drops blow RSSI threshold or rises again above the RSSI threshold.
It should be noted that wl1251 doesn't support RSSI hysteresis, instead it
uses RSSI averageing and delays events until a certain count of frames
proved RSSI change.
Signed-off-by: David Gnedt <david.gnedt@davizone.at>
Acked-by: Kalle Valo <kvalo@adurom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Port the beacon early termination feature from wl1251 driver version
included in the Maemo Fremantle kernel.
It is enabled when going to power-saving mode and disabled when leaving
power-saving mode.
Signed-off-by: David Gnedt <david.gnedt@davizone.at>
Acked-by: Kalle Valo <kvalo@adurom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
This implements TX buffer alignment for cloned or too small skb by
copying and replacing the original skb.
Recent changes in wireless-testing seems to make this really necessary.
Signed-off-by: David Gnedt <david.gnedt@davizone.at>
Acked-by: Kalle Valo <kvalo@adurom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
The queue stopping/waking functionality was broken in a way that could
cause the TX to stall if the right circumstances are met.
The problem was caused by tx_work, which is scheduled on each TX operation.
If the firmware buffer is full, tx_work does nothing. In combinition with
stopped queues or non-continues transfers, tx_work is never scheduled again.
Moreover the low watermark introduced by
9df86e2e70 never takes effect because of some
old code.
Solve this by scheduling tx_work every time tx_queue is non-empty and
firmware buffer is freed on tx_complete.
This also solves a possible but unlikely case: If less frames than the high
watermark are queued, but more than firmware buffer can hold. This results
in queues staying awake but the only scheduled tx_work doesn't transfer all
frames, so the remaining frames are stuck in the queue until more frames
get queued and tx_work is scheduled again.
Signed-off-by: David Gnedt <david.gnedt@davizone.at>
Acked-by: Kalle Valo <kvalo@adurom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
I have a netgear WNDR3700 that appears to have an off-by-four
bug in how it fills out the hti->control_chan (I configure the
AP to channel 11, it reports 15 as control_chan).
Poke a message into the kernel logs to give users a
clue as to why they are not getting the expected
channel-type or rate.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
If we cannot set the channel type, set the channel back to the
original.
Don't update the driver hardware if nothing actually changed.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
To support suspend/resume in if_spi we need two things:
- re-setup fw in lbs_resume(), because if_spi powercycles card;
- don't touch hwaddr on second lbs_update_hw_spec() call for same
reason;
Signed-off-by: Vasily Khoruzhick <anarsoul@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Use workqueue to perform SPI xfers, it's necessary to fix
nasty "BUG: scheduling while atomic", because
spu_write() calls spi_sync() and spi_sync() may sleep, but
hw_host_to_card() callback can be called from atomic context.
Remove kthread completely, workqueue now does its job.
Restore intermediate buffers which were removed in commit
86c34fe89e that introduced
mentioned bug.
Signed-off-by: Vasily Khoruzhick <anarsoul@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
free the skb's when the Tx of PAPRD frames fails and also add a debug
message indicating that.
Signed-off-by: Mohammed Shafi Shajakhan <mshajakhan@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
During the period of BT coex changes, REPLY_BT_COEX_SCO host command
is no longer needed to support SCO/eSCO type of traffic. delete it.
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
The beacon notification changed between 4965 and
agn because the embedded TX response changed, but
iwlwifi was never updated to know about this.
Update it now so the IBSS manager status will be
tracked correctly.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Use the values from the peer to set up the ucode
for the right maximum number of subframes in an
aggregate. Since the ucode only tracks this per
station, use the minimum across all aggregation
sessions with this peer.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Allow peers to size their reorder buffer more
accurately by advertising that we'll never send
aggregates longer than the default (31).
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
In order to support RSN IBSS, we need to
(ok actually maybe it's just easiest to)
disable group key programming so that any
group-addressed frames will be decrypted
in software which handles the per-station
keys for this easily. We could keep the
encryption in the device, but that takes
more work and seems unnecessary.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
The I/Q swapping is extremely important and should be dealt with extra care.
It will affects OFDM and CCK differently.
For 6000/6005/6030 series devices, the I/Q were swapped, and for 2000 series
devices, it is in non-swapped status (but its swapped with respected to 6000/6005/6030).
so the CSR_GP_DRIVER_REG_BIT_RADIO_IQ_INVER register need to be set to support
the correct behavior.
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Driver check alive message from ucode, if it is not ok, then need
to restart the loading process. instead of checking multiple places
for failure, only need to check in once place when receive alive
message from uCode.
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Commit 0b01f030d3 added a new argument
to the ampdu_action operation. The ampdu_action operation in the
wl12xx driver currently doesn't have that argument and this generates
a warning. This happened during merging of the latest mac80211
patches with the wl12xx BA patches.
CC [M] drivers/net/wireless/wl12xx/main.o
drivers/net/wireless/wl12xx/main.c:3035: warning: initialization from incompatible pointer type
The wl12xx driver doesn't need to do anything about the buf_size
argument since the AMPDU TX is fully handled by the firmware.
Signed-off-by: Luciano Coelho <coelho@ti.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
PS should not be enabled if an infra AP vif exists in
the interface list. So while recalculating PS,
AP vif type should be taken into account.
Reviewed-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Rajkumar Manoharan <rmanoharan@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
After commit 59eb21a650
"cfg80211: Extend channel to frequency mapping for 802.11j"
we use uninitialized sband->band when assign channel frequencies, what
results that 5GHz channels have erroneous (zero) center_freq value.
Patch fixes problem and simplifies code a bit.
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Reviewed-by: Johannes Berg <johannes@sipsolutions.net>
Acked-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
The TX/RX work structures must be able to run independently
of other workqueues. This is because mac80211 might use
the flush() callback function from various context, which depends
on the TX/RX work to complete while the main thread is blocked
(until the the TX queues are empty).
This should reduce the number of 'Queue %d failed to flush' warnings.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Acked-by: Gertjan van Wingerde <gwingerde@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
During device removal all pending work and tasklets must
be guaranteed to be halted. So far only the txstatus_tasklet
was killed.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Acked-by: Helmut Schaa <helmut.schaa@googlemail.com>
Acked-by: Gertjan van Wingerde <gwingerde@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Both rt61pci and rt73usb check the Michael MIC in hardware and strip the
Michael MIC from received frames. This is perfectly allowed by mac80211 as
long as this is properly reported to mac80211.
Both these drivers reported the Michael MIC handling properly to mac80211, but
still contained a FIXME comment on this, which is not needed to be handled, since
mac80211 doesn't really need the Michael MIC in this case.
Signed-off-by: Gertjan van Wingerde <gwingerde@gmail.com>
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Use the specific mac field of the wcid_entry structure to copy the MAC
address to, instead of just overwriting the structure.
Previous code resulted in the same, but this form is cleaner.
Signed-off-by: Gertjan van Wingerde <gwingerde@gmail.com>
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
As reported and found by Johannes Stezenbach:
rt2800{pci,usb} do not report the Michael MIC in RXed frames, but do check
the Michael MIC in hardware. Therefore we have to report to mac80211 that the
received frame does not include the Michael MIC.
Signed-off-by: Gertjan van Wingerde <gwingerde@gmail.com>
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>