Commit Graph

426823 Commits

Author SHA1 Message Date
Johan Hedberg
9747a9f317 Bluetooth: Track not yet received keys in SMP
To make is easier to track which keys we've received and which ones
we're still waiting for simply clear the corresponding key bits from
smp->remote_key_dist as they get received. This will allow us to
simplify the code for checking for SMP completion in subsequent patches.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-02-26 13:46:03 -08:00
Johan Hedberg
a9a58f8612 Bluetooth: Ignore IRKs with no Identity Address
The Core Specification (4.1) leaves room for sending an SMP Identity
Address Information PDU with an all-zeros BD_ADDR value. This
essentially means that we would not have an Identity Address for the
device and the only means of identifying it would be the IRK value
itself.

Due to lack of any known implementations behaving like this it's best to
keep our implementation as simple as possible as far as handling such
situations is concerned. This patch updates the Identity Address
Information handler function to simply ignore the IRK received from such
a device.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-02-25 12:30:41 -08:00
Felix Fietkau
b7b146c9c9 ath9k: fix invalid descriptor discarding
Only set sc->rx.discard_next to rx_stats->rs_more when actually
discarding the current descriptor.

Also, fix a detection of broken descriptors:
First the code checks if the current descriptor is not done.
Then it checks if the next descriptor is done.
Add a check that afterwards checks the first descriptor again, because
it might have been completed in the mean time.

This fixes a regression introduced in
commit 723e711356
"ath9k: fix handling of broken descriptors"

Cc: stable@vger.kernel.org
Reported-by: Marco André Dinis <marcoandredinis@gmail.com>
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-25 14:54:11 -05:00
Felix Fietkau
d31a36a6d8 ath9k: reduce baseband hang detection false positive rate
Check if the baseband state remains stable, and add a small delay
between register reads.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-25 14:54:11 -05:00
Johan Hedberg
a4858cb942 Bluetooth: Fix advertising address type when toggling connectable
When the connectable setting is toggled using mgmt_set_connectable the
HCI_CONNECTABLE flag will only be set once the related HCI commands
succeed. When determining what kind of advertising to do we need to
therefore also check whether there is a pending Set Connectable command
in addition to the current flag value.

The enable_advertising function was already taking care of this for the
advertising type with the help of the get_adv_type function, but was
failing to do the same for the address type selection. This patch
converts the get_adv_type function to be more generic in that it returns
the expected connectable state and updates the enable_advertising
function to use the return value both for the advertising type as well
as the advertising address type.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-02-25 10:02:53 -08:00
Andrzej Kaczmarek
ede81a2a12 Bluetooth: Fix NULL pointer dereference when sending data
When trying to allocate skb for new PDU, l2cap_chan is unlocked so we
can sleep waiting for memory as otherwise there's possible deadlock as
fixed in e454c84464. However, in a6a5568c03 lock was moved from socket
to channel level and it's no longer safe to just unlock and lock again
without checking l2cap_chan state since channel can be disconnected
when lock is not held.

This patch adds missing checks for l2cap_chan state when returning from
call which allocates skb.

Scenario is easily reproducible by running rfcomm-tester in a loop.

BUG: unable to handle kernel NULL pointer dereference at         (null)
IP: [<ffffffffa0442169>] l2cap_do_send+0x29/0x120 [bluetooth]
PGD 0
Oops: 0000 [#1] SMP
Modules linked in:
CPU: 7 PID: 4038 Comm: krfcommd Not tainted 3.14.0-rc2+ #15
Hardware name: Dell Inc. OptiPlex 790/0HY9JP, BIOS A10 11/24/2011
task: ffff8802bdd731c0 ti: ffff8801ec986000 task.ti: ffff8801ec986000
RIP: 0010:[<ffffffffa0442169>]  [<ffffffffa0442169>] l2cap_do_send+0x29/0x120
RSP: 0018:ffff8801ec987ad8  EFLAGS: 00010202
RAX: 0000000000000000 RBX: ffff8800c5796800 RCX: 0000000000000000
RDX: ffff880410e7a800 RSI: ffff8802b6c1da00 RDI: ffff8800c5796800
RBP: ffff8801ec987af8 R08: 00000000000000c0 R09: 0000000000000300
R10: 000000000000573b R11: 000000000000573a R12: ffff8802b6c1da00
R13: 0000000000000000 R14: ffff8802b6c1da00 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff88042dce0000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 000000041257c000 CR4: 00000000000407e0
Stack:
 ffff8801ec987d78 ffff8800c5796800 ffff8801ec987d78 0000000000000000
 ffff8801ec987ba8 ffffffffa0449e37 0000000000000004 ffff8801ec987af0
 ffff8801ec987d40 0000000000000282 0000000000000000 ffffffff00000004
Call Trace:
 [<ffffffffa0449e37>] l2cap_chan_send+0xaa7/0x1120 [bluetooth]
 [<ffffffff81770100>] ? _raw_spin_unlock_bh+0x20/0x40
 [<ffffffffa045188b>] l2cap_sock_sendmsg+0xcb/0x110 [bluetooth]
 [<ffffffff81652b0f>] sock_sendmsg+0xaf/0xc0
 [<ffffffff810a8381>] ? update_curr+0x141/0x200
 [<ffffffff810a8961>] ? dequeue_entity+0x181/0x520
 [<ffffffff81652b60>] kernel_sendmsg+0x40/0x60
 [<ffffffffa04a8505>] rfcomm_send_frame+0x45/0x70 [rfcomm]
 [<ffffffff810766f0>] ? internal_add_timer+0x20/0x50
 [<ffffffffa04a8564>] rfcomm_send_cmd+0x34/0x60 [rfcomm]
 [<ffffffffa04a8605>] rfcomm_send_disc+0x75/0xa0 [rfcomm]
 [<ffffffffa04aacec>] rfcomm_run+0x8cc/0x1a30 [rfcomm]
 [<ffffffffa04aa420>] ? rfcomm_check_accept+0xc0/0xc0 [rfcomm]
 [<ffffffff8108e3a9>] kthread+0xc9/0xe0
 [<ffffffff8108e2e0>] ? flush_kthread_worker+0xb0/0xb0
 [<ffffffff817795fc>] ret_from_fork+0x7c/0xb0
 [<ffffffff8108e2e0>] ? flush_kthread_worker+0xb0/0xb0
Code: 00 00 66 66 66 66 90 55 48 89 e5 48 83 ec 20 f6 05 d6 a3 02 00 04
RIP  [<ffffffffa0442169>] l2cap_do_send+0x29/0x120 [bluetooth]
 RSP <ffff8801ec987ad8>
CR2: 0000000000000000

Signed-off-by: Andrzej Kaczmarek <andrzej.kaczmarek@tieto.com>
Acked-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-02-25 10:02:53 -08:00
Janusz Dziedzic
092008abee cfg80211: regulatory: reset regdomain in case of error
Reset regdomain to world regdomain in case
of errors in set_regdom() function.

This will fix a problem with such scenario:
- iw reg set US
- iw reg set 00
- iw reg set US
The last step always fail and we get deadlock
in kernel regulatory code. Next setting new
regulatory wasn't possible due to:

Pending regulatory request, waiting for it to be processed...

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Acked-by: Luis R. Rodriguez <mcgrof@do-not-panic.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-02-25 16:27:04 +01:00
Felix Fietkau
ef1b4141d0 ath5k: set SURVEY_INFO_IN_USE on get_survey
Only one channel is returned - the one currently being used.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:38:39 -05:00
Felix Fietkau
affad456f2 ath9k: make some hardware reset log messages debug-only
On some chips, baseband watchdog hangs are more common than others, and
the driver has support for handling them.
Interrupts even after a watchdog hang are also quite common, so there's
not much point in spamming the user's logfiles.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:38:39 -05:00
Felix Fietkau
cd6cfd7311 ath9k: do not set half/quarter channel flags in AR_PHY_MODE
5/10 MHz channel bandwidth is configured via the PLL clock, instead of
the AR_PHY_MODE register. Using that register is AR93xx specific, and
makes the mode incompatible with earlier chipsets.

In some early versions, these flags were apparently applied at the wrong
point in time and thus did not cause connectivity issues, however now
they are causing problems, as pointed out in this OpenWrt ticket:

https://dev.openwrt.org/ticket/14916

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:38:38 -05:00
Joe Perches
2120ac9674 ath9k: Use static const
Trivially reduces text size too.

$ size drivers/net/wireless/ath/ath9k/debug.o*
   text	   data	    bss	    dec	    hex	filename
  34436	   2528	   5128	  42092	   a46c	drivers/net/wireless/ath/ath9k/debug.o.new
  34464	   2528	   5128	  42120	   a488	drivers/net/wireless/ath/ath9k/debug.o.old

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:38:38 -05:00
Felix Fietkau
443626e5a9 ath9k: list more reset causes in debugfs
Number of MAC hangs and stuck beacons were missing

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:38:37 -05:00
Tejun Heo
434bb46c36 wireless/rt2x00: don't use PREPARE_WORK in rt2800usb.c
PREPARE_[DELAYED_]WORK() are being phased out.  They have few users
and a nasty surprise in terms of reentrancy guarantee as workqueue
considers work items to be different if they don't have the same work
function.

Update rt2800usb.c to use INIT_WORK() instead of PREPARE_WORK().  As
the work item isn't in active use during rt2800usb_probe_hw(), this
doesn't cause any behavior difference.

It would probably be best to route this with other related updates
through the workqueue tree.

Only compile tested.

Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Ivo van Doorn <IvDoorn@gmail.com>
Cc: Gertjan van Wingerde <gwingerde@gmail.com>
Cc: Helmut Schaa <helmut.schaa@googlemail.com>
Cc: linux-wireless@vger.kernel.org
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:38:36 -05:00
Stanislaw Gruszka
dbdac2b581 iwlegacy: properly enable power saving
Even if we mark PS on, device still worked in normal mode. Patch
corrects that and now we send proper powertable command to device,
which put it in sleep mode when PS is on.

Reported-and-tested-by: Tino Keitel <tino.keitel@tikei.de>
Tested-by: Pedro Francisco <pedrogfrancisco@gmail.com>
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:21:55 -05:00
Stanislaw Gruszka
8e67427aca iwlegacy: merge reclaim check
Merge reclaim check for 3945 & 4965. This add some more checks for
3945, most importantly N_RX notify.

Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:21:55 -05:00
Stanislaw Gruszka
59f01183a7 iwl3945: fix wakeup interrupt
We have only 5 tx queues on 3945, updating il->txq[5] results in
writing random value to HBUS_TARG_WRPTR register.

Additionally use spin lock to protect txq->write_ptr and
txq->need_update fields also modified in TX path.

Tested-by: Pedro Francisco <pedrogfrancisco@gmail.com>
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:21:55 -05:00
Amitkumar Karwar
e3c91683b5 mwifiex: enable obss scan offload feature flag
We don't perform OBSS scan internally. As we intend to use
corresponding feature in application, we will enable this flag.

Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:21:55 -05:00
Avinash Patil
c1c2ce0ce3 mwifiex: remove redundant del_timer
While modifying timer, we need not delete timer.

Signed-off-by: Avinash Patil <patila@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:21:54 -05:00
Avinash Patil
629873f22e mwifiex: use del_timer_sync instead of del_timer
Use SMP safe del_timer_sync instead of del_timer for cancelling
timers.

Signed-off-by: Avinash Patil <patila@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:21:54 -05:00
Jouni Malinen
7b4f663ee6 ath9k: Enable U-APSD AP mode support
mac80211 handles the actual operations, so ath9k can just indicate
support for this. Based on initial tests, this combination seems to
work fine.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:21:54 -05:00
Avinash kumar
16847f47ba drivers:net:wireless:airo.c:checkpatch.pl cleanup
removed following warnings-
drivers/net/wireless/airo.c:39: WARNING: Use #include <linux/io.h> instead of <asm/io.h>
drivers/net/wireless/airo.c:48: WARNING: Use #include <linux/uaccess.h> instead of <asm/uaccess.h>

Signed-off-by: Avinash Kumar <avi.kp.137@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:21:54 -05:00
Cédric Le Goater
0867c8874e hostap: add Netgear MA401 card
This is a relatively old Prism2 card which is correctly supported
by the hostap driver.

Signed-off-by: Cédric Le Goater <clg@fr.ibm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:21:54 -05:00
Sachin Kamat
da1bc3c488 net: wireless: wl3501_cs: Remove duplicate include
linux/etherdevice.h was included twice.

Signed-off-by: Sachin Kamat <sachin.kamat@linaro.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:21:54 -05:00
Zhao, Gang
1a2b250bfe b43: return true / false instead of numbers in functions which return bool value
Signed-off-by: Zhao, Gang <gamerh2o@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:21:54 -05:00
Zhao, Gang
cc1ad9d267 b43: Kconfig: let config B43_BCMA_PIO depends on B43
Logically, config B43_BCMA_PIO should depend on B43. This also solves
the problem that sub options of b43 driver didn't indent correctly in
make menuconfig's ncurses window.

Signed-off-by: Zhao, Gang <gamerh2o@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:21:53 -05:00
Peter Wu
711f145ad0 rtlwifi: properly apply filter flags
commit 0baa0fd76f
("rtlwifi: Convert core routines for addition of rtl8192se and
rtl8192de") removed setting HW_VAR_RCR, HW_VAR_MGT_FILTER and
HW_VAR_CTRL_FILTER. The last two are probably done because some hardware
does not support them. The first is probably a mistake. This patch adds
the missing set_hw_reg call.

For PCI support, rx_conf is not touched directly. Instead, get_hw_reg is
used to abstract between receive_config (for PCI) and rx_conf (for USB).

This was tested on a 10ec:8176 Realtek RTL8188CE (according to the
label on the mini-PCIe card). Before this patch, `iw wlan0 set monitor
otherbss` did not capture frames from other BSS's. After this patch, it
does print packets.

Tested-by: Peter Wu <lekensteyn@gmail.com>
Signed-off-by: Peter Wu <lekensteyn@gmail.com>
Acked-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:21:53 -05:00
Peter Wu
e51048cdf0 rtlwifi: avoid accessing RCR directly
The rtl*_set_check_bssid functions are mostly the same, but access the
RCR register in different ways. Use the get_hw_reg abstraction layer
(which reads rtlpci->receive_config for PCI devices and mac->rx_conf for
USB).

There is no functional change for cases where receive_config was
accessed directly. For rtl8192ce, there is still no change because
nothing modifies REG_RCR or receive_config. For rtl8192cu, it now also
applies changes to rx_conf from configure_filter, but that can be
considered a bug which is fixed later.

Signed-off-by: Peter Wu <lekensteyn@gmail.com>
Acked-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:21:53 -05:00
Dan Carpenter
c42c65c1d5 mwifiex: memory corruption in mwifiex_tdls_add_vht_capab()
There is a typo here because the names are confusingly similar.  The
intent was sizeof(struct ieee80211_vht_cap) (size 12) but sizeof(struct
ieee80211_ht_cap) (size 32) was used.

Anway, it's cleaner to just specify the variable instead of the type.

Fixes: 5f6d598339 ('mwifiex: add VHT support for TDLS')
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 15:21:53 -05:00
John W. Linville
0971f7d991 Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/iwlwifi-next 2014-02-24 15:05:42 -05:00
John W. Linville
db18014f65 Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next 2014-02-24 15:04:35 -05:00
John W. Linville
c77986c78a Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next 2014-02-24 15:03:32 -05:00
John W. Linville
9e4b4269ec Merge branch 'for-linville' of git://github.com/kvalo/ath 2014-02-24 15:02:36 -05:00
Felix Fietkau
558ff225de ath9k: fix ps-poll responses under a-mpdu sessions
When passing tx frames to the U-APSD queue for powersave poll responses,
the ath_atx_tid pointer needs to be passed to ath_tx_setup_buffer for
proper sequence number accounting.

This fixes high latency and connection stability issues with ath9k
running as AP and a few kinds of mobile phones as client, when PS-Poll
is heavily used

Cc: stable@vger.kernel.org
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 14:55:27 -05:00
Bing Zhao
e4ceb0f40d mwifiex: rename usb driver name registerring to usb core
Both libertas USB driver and mwifiex_usb driver are registerring
with name 'usb8xxx'. The following conflict happens while trying
to load both drivers.

[6.211307] Error: Driver 'usb8xxx' is already registered...
[6.217261] mwifiex_usb: Driver register failed!

Fix it by renaming mwifiex_usb driver's name.

Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 14:55:27 -05:00
John W. Linville
1076182240 NFC: 3.14: First pull request
We only have one candidate for 3.14 fixes, and this is a NCI NULL
 pointer dereference introduced during the 3.14 merge window.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJTCnXcAAoJEIqAPN1PVmxKYX8QAJn1zeChcoM4lWJlfZ3NI/Eb
 MyOqXxiqUnhor3WAe68ZJLOjRo0/pixd0DNTOol1vHgbzYdWpxsMVJfXO0ZYdfAW
 N2+4MspqkLZpQuWgjuyyMYoT0Oh50z+Z0J4WjslkMzP0HG0lqpg2cgZBLVkSrnmm
 ArB3a/Q2pS7VkXlX3Ukruat3+F+7FEHKvAvg46/bqrN8V6siz82ReKV7j8cyHUXu
 r3URmeLoLdv7noTl2bshfGfyjg1nzEywV+aVSxFbf/vIt27/QmtRwBLbJ13CUhlA
 TdT5WIMSq09usVubPNaBeL1YpwdRDWCBTfGTVf9KS8ptQYiagtfIaKZ+5UZb+5HI
 72wdeqCyh/xXjxahTvCl2g5WV7aHR12T1aIwgdQ4rmgQ4OeeHGUNJBibmQjfAvpo
 lZdJEexfYOF9KehRYkm5F3RNsLXwXBtmD0lYELSjotkM9BXej3aGdKHn1srwo0xW
 c9fb67GaNMK/4GZQQ5DD7NtF9ObvxVbtN3RrisZsI2jkSN4Uce4c6hgUBuf5WzIx
 GMGsxja0UHcGOVIEZ3kwl3+V8vW0ZoKzUG3cnDX3tJwHuVjtj3rsr1SHJMzOOQ13
 3lMlCzKx9kMaIyOrTiR+bVvxEMHsov/iO1b+hVEOp8am19Ycpo10a9h8WA8bemwP
 WdHL1iPAyvZwmC5WjCV8
 =mfxv
 -----END PGP SIGNATURE-----

Merge tag 'nfc-fixes-3.14-1' of git://git.kernel.org/pub/scm/linux/kernel/git/sameo/nfc-fixes

Samuel Ortiz <sameo@linux.intel.com> says:

"NFC: 3.14: First pull request

We only have one candidate for 3.14 fixes, and this is a NCI NULL
pointer dereference introduced during the 3.14 merge window."

Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 14:42:54 -05:00
John W. Linville
694d82d913 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/iwlwifi-fixes 2014-02-24 14:41:35 -05:00
John W. Linville
161d785554 Revert "Staging: rtl8812ae: remove modules field of rate_control_ops"
This reverts commit 35582ad9d3.

This should not have been merged through this tree...

Signed-off-by: John W. Linville <linville@tuxdriver.com>
2014-02-24 14:35:46 -05:00
Johan Hedberg
8b064a3ad3 Bluetooth: Clean up HCI state when doing power off
To be friendly to user space and to behave well with controllers that
lack a proper internal power off procedure we should try to clean up as
much state as possible before requesting the HCI driver to power off.

This patch updates the power off procedure that's triggered by
mgmt_set_powered to clean any scan modes, stop LE scanning and
advertising and to disconnect any open connections.

The asynchronous cleanup procedure uses the HCI request framework,
however since HCI_Disconnect is only covered until its Command Status
event we need some extra tracking/waiting of disconnections. This is
done by monitoring when hci_conn_count() indicates that there are no
more connections.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-02-24 11:10:36 -08:00
Johan Hedberg
7c4cfab808 Bluetooth: Don't clear HCI_ADVERTISING when powering off
Once mgmt_set_powered(off) is updated to clear the scan mode we should
not just blindly clear the HCI_ADVERTISING flag in mgmt_advertising()
but first check if there is a pending set_powered operation.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-02-24 11:10:36 -08:00
Johan Hedberg
ce3f24cfb2 Bluetooth: Don't clear HCI_CONNECTABLE when powering off
Once mgmt_set_powered(off) is updated to clear the scan mode we should
not just blindly clear the HCI_CONNECTABLE flag in mgmt_connectable()
but first check if there is a pending set_powered operation.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-02-24 11:10:36 -08:00
Johan Hedberg
bd10799933 Bluetooth: Don't clear HCI_DISCOVERABLE when powering off
Once mgmt_set_powered(off) is updated to clear the scan mode we should
not just blindly clear the HCI_DISCOVERABLE flag in mgmt_discoverable()
but first check if there is a pending set_powered operation.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-02-24 11:10:36 -08:00
Johan Hedberg
12d4a3b2cc Bluetooth: Move check for MGMT_CONNECTED flag into mgmt.c
Once mgmt_set_powered(off) starts doing disconnections we'll need to
care about any disconnections in mgmt.c and not just those with the
MGMT_CONNECTED flag set. Therefore, move the check into mgmt.c from
hci_event.c.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-02-24 11:10:36 -08:00
Johan Hedberg
778b235a3b Bluetooth: Move HCI_ADVERTISING handling into mgmt.c
We'll soon need to make decisions on toggling the HCI_ADVERTISING flag
based on pending mgmt_set_powered commands. Therefore, move the handling
from hci_event.c into mgmt.c.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-02-24 11:10:36 -08:00
Johan Hedberg
f4f0750500 Bluetooth: Add convenience function for getting total connection count
This patch adds a convenience function to return the number of
connections in the conn_hash list. This will be useful once we update
the power off procedure to disconnect any open connections.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-02-24 11:10:35 -08:00
Johan Hedberg
4518bb0fb5 Bluetooth: Fix canceling RPA expiry timer
The RPA expiry timer is only initialized inside mgmt.c when we receive
the first command from user space. This action also involves setting the
HCI_MGMT flag for the first time so that flag acts as a good indicator
of whether the delayed work variable can be touched or not. This patch
fixes hci_dev_do_close to first check the flag.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-02-24 11:05:26 -08:00
Johan Hedberg
c21c0ea07b Bluetooth: Enable RPA resolving if mgmt_set_privacy is called
A user space that supports the Set Privacy command is also expected to
be able to handle New IRK events. Therefore, set the HCI_RPA_RESOLVING
flag whenever the Set Privacy command is received.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2014-02-24 01:17:47 -08:00
Johannes Berg
963a1852fb mac80211: don't validate unchanged AP bandwidth while tracking
The MLME code in mac80211 must track whether or not the AP changed
bandwidth, but if there's no change while tracking it shouldn't do
anything, otherwise regulatory updates can make it impossible to
connect to certain APs if the regulatory database doesn't match the
information from the AP. See the precise scenario described in the
code.

This still leaves some possible problems with CSA or if the AP
actually changed bandwidth, but those cases are less common and
won't completely prevent using it.

This fixes https://bugzilla.kernel.org/show_bug.cgi?id=70881

Cc: stable@vger.kernel.org
Reported-and-tested-by: Nate Carlson <kernel@natecarlson.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-02-24 10:16:40 +01:00
Marcel Holtmann
473deef2c9 Bluetooth: Export current local RPA with identity information
The identity information in debugfs currently do not include the
current in use local RPA. Since the RPA is now stored in the
controller information, include it in the debugfs as well.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2014-02-24 08:50:06 +02:00
Marcel Holtmann
2b5224dca5 Bluetooth: Store current RPA and update it if needed
The RPA needs to be stored to know which is the current one. Otherwise
it is impossible to ensure that always the correct RPA can be programmed
into the controller when it is needed.

Current code checks if the address in the controller is a RPA, but that
can potentially lead to using a RPA that can not be resolved with the
IRK that has been distributed.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2014-02-24 08:49:31 +02:00
Marcel Holtmann
41c90c186a Bluetooth: Use privacy mode for non-connectable advertising
When enabling non-connectable advertising, there is no need to advertise
with a public address or static address. In case LE privacy has not been
enabled a unresolvable private address will be used.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2014-02-24 08:48:02 +02:00