Commit Graph

1196 Commits

Author SHA1 Message Date
David S. Miller
13dfb3fa49 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
Just minor overlapping changes in the conflicts here.

Signed-off-by: David S. Miller <davem@davemloft.net>
2019-08-06 18:44:57 -07:00
Emmanuel Grumbach
71b256f8f7 iwlwifi: mvm: fix a use-after-free bug in iwl_mvm_tx_tso_segment
Accessing the hdr of an skb that was consumed already isn't
a good idea.
First ask if the skb is a QoS packet, then keep that data
on stack, and then consume the skb.
This was spotted by KASAN.

Cc: stable@vger.kernel.org
Fixes: 08f7d8b69a ("iwlwifi: mvm: bring back mvm GSO code")
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-30 18:34:32 +02:00
Emmanuel Grumbach
ba3224db78 iwlwifi: mvm: fix an out-of-bound access
The index for the elements of the ACPI object we dereference
was static. This means that if we called the function twice
we wouldn't start from 3 again, but rather from the latest
index we reached in the previous call.
This was dutifully reported by KASAN.

Fix this.

Cc: stable@vger.kernel.org
Fixes: 6996490501 ("iwlwifi: mvm: add support for EWRD (Dynamic SAR) ACPI table")
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-30 18:34:32 +02:00
Luca Coelho
f5a47fae6a iwlwifi: mvm: fix version check for GEO_TX_POWER_LIMIT support
We erroneously added a check for FW API version 41 before sending
GEO_TX_POWER_LIMIT, but this was already implemented in version 38.
Additionally, it was cherry-picked to older versions, namely 17, 26
and 29, so check for those as well.

Cc: stable@vger.kernel.org
Fixes: eca1e56cee ("iwlwifi: mvm: don't send GEO_TX_POWER_LIMIT to old firmwares")
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-30 18:34:30 +02:00
Gregory Greenman
514ea05b07 iwlwifi: mvm: fix possible out-of-bounds read when accessing lq_info
lq_info is an arary of size 2, active_tbl index is u8.
When accessing lq_info[1 - active_tbl], theoretically it's possible
that the access will be made to a negative index value.

Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-30 18:34:27 +02:00
Emmanuel Grumbach
ecd09ddc1d iwlwifi: mvm: fix frame drop from the reordering buffer
An earlier patch made sure that the queues are not lagging
too far behind. This means that iwl_mvm_release_frames
should not be called with a head_sn too far behind NSSN.

Don't take the risk to change completely the entry
condition to iwl_mvm_release_frames, but don't update
the head_sn is the NSSN is more than 2048 packets ahead
of us. Since this just cannot be right. This means that
the scenario described here happened. We are queue 0.

	Q:0				Q:1
	head_sn: 0    -> 2047
					head_sn: 2048

	Lots of packets arrive:
	head_sn: 2047 -> 2150

					send NSSN_SYNC notification

	Handle notification
	from the firmware and
	do NOT move the head_sn
	back to 2048

Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-30 18:34:25 +02:00
Gregory Greenman
f5d88fa334 iwlwifi: mvm: replace RS mutex with a spin_lock
The solution with the worker still had a bug, as in order
to get sta, rcu_read_lock should be used and thus no mutex
can be used inside iwl_mvm_rs_rate_init.

Also, spin_lock is a simpler solution, no need to spawn a
dedicated worker.

Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-30 18:34:24 +02:00
Gregory Greenman
cd4d6b0bcd iwlwifi: mvm: send LQ command always ASYNC
The only place where the command was sent as SYNC is during
init and this is not really critical. This change is required
for replacing RS mutex with a spinlock (in the subsequent patch),
since SYNC comamnd requres sleeping and thus the flow cannot
be done when holding a spinlock.

Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-30 18:34:20 +02:00
Colin Ian King
b6cf287967 iwlwifi: mvm: fix comparison of u32 variable with less than zero
The comparison of the u32 variable wgds_tbl_idx with less than zero is
always going to be false because it is unsigned.  Fix this by making
wgds_tbl_idx a plain signed int.

Addresses-Coverity: ("Unsigned compared against 0")
Fixes: 4fd445a2c8 ("iwlwifi: mvm: Add log information about SAR status")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-30 18:34:19 +02:00
Johannes Berg
6569e7d367 iwlwifi: fix locking in delayed GTK setting
This code clearly never could have worked, since it locks
while already locked. Add an unlocked __iwl_mvm_mac_set_key()
variant that doesn't do locking to fix that.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-30 18:34:18 +02:00
Gregory Greenman
23babdf067 iwlwifi: mvm: add a wrapper around rs_tx_status to handle locks
iwl_mvm_rs_tx_status can be called from two places in the code, but the
mutex is taken only on one of the calls. Split it into a wrapper taking
locks and an internal __iwl_mvm_rs_tx_status function.

Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-30 18:34:15 +02:00
Emmanuel Grumbach
3c514bf831 iwlwifi: mvm: add a loose synchronization of the NSSN across Rx queues
In order to support MSI-X efficiently, we want to avoid
communication across Rx queues. Each Rx queue should have
all the data it needs to process a packet.

The reordering buffer is a challenge in the MSI-X world
since we can have a single BA session whose packets are
directed to different queues. This is why each queue has
its own reordering buffer. The hardware is able to hint
the driver whether we have a hole or not, which allows
the driver to know whether it can release a packet or not.
This indication is called NSSN. Roughly, if the packet's
SN is lower than the NSSN, we can release the packet to
the stack. The NSSN is the SN of the newest packet received
without any holes + 1.

This is working as long as we don't have packets that we
release because of a timeout. When that happens, we could
have taken the decision to release a packet after we have
been waiting for its predecessor for too long. If this
predecessor comes later, we have to drop it because we
can't release packets out of order. In that case, the
hardware will give us an indication that we can we release
the packet (SN < NSSN), but the packet still needs to be
dropped.
This is why we sometimes need to ignore the NSSN and we
track the head_sn in software.
Here is a specific example of this:

1) Rx queue 1 got packets: 480, 482, 483
2) We release 480 to to the stack and wait for 481
3) NSSN is now 481
4) The timeout expires
5) We release 482 and 483, NSSN is still 480
6) 481 arrives its NSSN is 484.

We need to drop 481 even if 481 < 484. This is why we'll
update the head_sn to 484 at step 2. The flow now is:

1) Rx queue 1 got packets: 480, 482, 483
2) We release 480 to to the stack and wait for 481
3) NSSN is now 481 / head_sn is 481
4) The timeout expires
5) We release 482 and 483, NSSN is still 480 but head_sn is 484.
6) 481 arrives its NSSN is 484, but head_sn is 484 and we drop it.

This code introduces another problem in case all the traffic
goes well (no hole, no timeout):

Rx queue 1: 0   -> 483   (head_sn = 484)
Rx queue 2: 501 -> 4095  (head_sn = 0)
Rx queue 2: 0   -> 480   (head_sn = 481)
Rx queue 1: 481 but head_sn = 484 and we drop it.

At this point, the SN of queue 1 is far behind: more than
4040 packets behind. Queue 1 will consider 481 "old"
because 481 is in [501-64:501] whereas it is a very new
packet.

In order to fix that, send an Rx notification from time to
time (twice across the full set of 4096 packets) to make
sure no Rx queue is lagging too far behind.

What will happen then is:

Rx queue 1: 0    -> 483       (head_sn = 484)
Rx queue 2: 501  -> 2047      (head_sn = 2048)
Rx queue 1: Sync nofication   (head_sn = 2048)
Rx queue 2: 2048 -> 4095      (head_sn = 0)
Rx queue 1: Sync notification (head_sn = 0)
Rx queue 2: 1    -> 481       (head_sn = 482)
Rx queue 1: 481 and head_sn = 0.

In queue 1's data, head_sn is now 0, the packet coming in
is 481, it'll understand that the new packet is new and it
won't be dropped.

Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-30 18:34:14 +02:00
Emmanuel Grumbach
521dc6c7c7 iwlwiif: mvm: refactor iwl_mvm_notify_rx_queue
Instead of allocating memory for which we have an upper
limit, use a small buffer on stack.

Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-30 18:34:13 +02:00
Emmanuel Grumbach
c61b655a88 iwlwifi: mvm: add a new RSS sync notification for NSSN sync
We will soon be using a new notification that will be
initiated by the driver, sent to the firmware and sent
back to all the RSS queues by the firmware. This new
notification will be useful to synchronize the NSSN across
all the queues.

For now, don't send the notification, just add the code to
handle it. Later patch will add the code to actually send
it.

While at it, validate the baid coming from the firmware to
avoid accessing an array with a bad index in the driver.

Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-30 18:34:12 +02:00
Emmanuel Grumbach
6b2dbce549 iwlwifi: mvm: prepare the ground for more RSS notifications
We will need a new type of synchronization message going
through all the RSS queues. Prepare the ground for this.

Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-30 18:34:12 +02:00
Luca Coelho
39bd984c20 iwlwifi: mvm: don't send GEO_TX_POWER_LIMIT on version < 41
Firmware versions before 41 don't support the GEO_TX_POWER_LIMIT
command, and sending it to the firmware will cause a firmware crash.
We allow this via debugfs, so we need to return an error value in case
it's not supported.

This had already been fixed during init, when we send the command if
the ACPI WGDS table is present.  Fix it also for the other,
userspace-triggered case.

Cc: stable@vger.kernel.org
Fixes: 7fe90e0e3d ("iwlwifi: mvm: refactor geo init")
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-30 18:34:11 +02:00
Mordechay Goodstein
0f8084cdc1 iwlwifi: mvm: avoid races in rate init and rate perform
Rate perform uses the lq_sta table to calculate the next rate to scale
while rate init resets the same table,

Rate perform is done in soft irq context in parallel to rate init
that can be called in case we are doing changes like AP changes BW
or moving state for auth to assoc.

Signed-off-by: Mordechay Goodstein <mordechay.goodstein@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-30 18:34:10 +02:00
Johannes Berg
cfb21b11b8 iwlwifi: mvm: disable TX-AMSDU on older NICs
On older NICs, we occasionally see issues with A-MSDU support,
where the commands in the FIFO get confused and then we see an
assert EDC because the next command in the FIFO isn't TX.

We've tried to isolate this issue and understand where it comes
from, but haven't found any errors in building the A-MSDU in
software.

At least for now, disable A-MSDU support on older hardware so
that users can use it again without fearing the assert.

This fixes https://bugzilla.kernel.org/show_bug.cgi?id=203315.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-30 18:34:08 +02:00
Greg Kroah-Hartman
09e1946cb7 iwlwifi: mvm: remove unused .remove_sta_debugfs callback
The .remove_sta_debugfs callback was not doing anything in this driver,
so remove it as it is not needed.

Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Link: https://lore.kernel.org/r/20190612142658.12792-4-gregkh@linuxfoundation.org
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-26 13:21:06 +02:00
Emmanuel Grumbach
5db4c4b955 mac80211: pass the vif to cancel_remain_on_channel
This low level driver can find it useful to get the vif
when a remain on channel session is cancelled.

iwlwifi will need this soon.

Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Link: https://lore.kernel.org/r/20190723180001.5828-1-emmanuel.grumbach@intel.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-07-26 13:08:28 +02:00
Linus Torvalds
237f83dfbe Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
Pull networking updates from David Miller:
 "Some highlights from this development cycle:

   1) Big refactoring of ipv6 route and neigh handling to support
      nexthop objects configurable as units from userspace. From David
      Ahern.

   2) Convert explored_states in BPF verifier into a hash table,
      significantly decreased state held for programs with bpf2bpf
      calls, from Alexei Starovoitov.

   3) Implement bpf_send_signal() helper, from Yonghong Song.

   4) Various classifier enhancements to mvpp2 driver, from Maxime
      Chevallier.

   5) Add aRFS support to hns3 driver, from Jian Shen.

   6) Fix use after free in inet frags by allocating fqdirs dynamically
      and reworking how rhashtable dismantle occurs, from Eric Dumazet.

   7) Add act_ctinfo packet classifier action, from Kevin
      Darbyshire-Bryant.

   8) Add TFO key backup infrastructure, from Jason Baron.

   9) Remove several old and unused ISDN drivers, from Arnd Bergmann.

  10) Add devlink notifications for flash update status to mlxsw driver,
      from Jiri Pirko.

  11) Lots of kTLS offload infrastructure fixes, from Jakub Kicinski.

  12) Add support for mv88e6250 DSA chips, from Rasmus Villemoes.

  13) Various enhancements to ipv6 flow label handling, from Eric
      Dumazet and Willem de Bruijn.

  14) Support TLS offload in nfp driver, from Jakub Kicinski, Dirk van
      der Merwe, and others.

  15) Various improvements to axienet driver including converting it to
      phylink, from Robert Hancock.

  16) Add PTP support to sja1105 DSA driver, from Vladimir Oltean.

  17) Add mqprio qdisc offload support to dpaa2-eth, from Ioana
      Radulescu.

  18) Add devlink health reporting to mlx5, from Moshe Shemesh.

  19) Convert stmmac over to phylink, from Jose Abreu.

  20) Add PTP PHC (Physical Hardware Clock) support to mlxsw, from
      Shalom Toledo.

  21) Add nftables SYNPROXY support, from Fernando Fernandez Mancera.

  22) Convert tcp_fastopen over to use SipHash, from Ard Biesheuvel.

  23) Track spill/fill of constants in BPF verifier, from Alexei
      Starovoitov.

  24) Support bounded loops in BPF, from Alexei Starovoitov.

  25) Various page_pool API fixes and improvements, from Jesper Dangaard
      Brouer.

  26) Just like ipv4, support ref-countless ipv6 route handling. From
      Wei Wang.

  27) Support VLAN offloading in aquantia driver, from Igor Russkikh.

  28) Add AF_XDP zero-copy support to mlx5, from Maxim Mikityanskiy.

  29) Add flower GRE encap/decap support to nfp driver, from Pieter
      Jansen van Vuuren.

  30) Protect against stack overflow when using act_mirred, from John
      Hurley.

  31) Allow devmap map lookups from eBPF, from Toke Høiland-Jørgensen.

  32) Use page_pool API in netsec driver, Ilias Apalodimas.

  33) Add Google gve network driver, from Catherine Sullivan.

  34) More indirect call avoidance, from Paolo Abeni.

  35) Add kTLS TX HW offload support to mlx5, from Tariq Toukan.

  36) Add XDP_REDIRECT support to bnxt_en, from Andy Gospodarek.

  37) Add MPLS manipulation actions to TC, from John Hurley.

  38) Add sending a packet to connection tracking from TC actions, and
      then allow flower classifier matching on conntrack state. From
      Paul Blakey.

  39) Netfilter hw offload support, from Pablo Neira Ayuso"

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next: (2080 commits)
  net/mlx5e: Return in default case statement in tx_post_resync_params
  mlx5: Return -EINVAL when WARN_ON_ONCE triggers in mlx5e_tls_resync().
  net: dsa: add support for BRIDGE_MROUTER attribute
  pkt_sched: Include const.h
  net: netsec: remove static declaration for netsec_set_tx_de()
  net: netsec: remove superfluous if statement
  netfilter: nf_tables: add hardware offload support
  net: flow_offload: rename tc_cls_flower_offload to flow_cls_offload
  net: flow_offload: add flow_block_cb_is_busy() and use it
  net: sched: remove tcf block API
  drivers: net: use flow block API
  net: sched: use flow block API
  net: flow_offload: add flow_block_cb_{priv, incref, decref}()
  net: flow_offload: add list handling functions
  net: flow_offload: add flow_block_cb_alloc() and flow_block_cb_free()
  net: flow_offload: rename TCF_BLOCK_BINDER_TYPE_* to FLOW_BLOCK_BINDER_TYPE_*
  net: flow_offload: rename TC_BLOCK_{UN}BIND to FLOW_BLOCK_{UN}BIND
  net: flow_offload: add flow_block_cb_setup_simple()
  net: hisilicon: Add an tx_desc to adapt HI13X1_GMAC
  net: hisilicon: Add an rx_desc to adapt HI13X1_GMAC
  ...
2019-07-11 10:55:49 -07:00
Thomas Gleixner
3419240495 Merge branch 'timers/vdso' into timers/core
so the hyper-v clocksource update can be applied.
2019-07-03 10:50:21 +02:00
Emmanuel Grumbach
9402256286 iwlwifi: mvm: clear rfkill_safe_init_done when we start the firmware
Otherwise it'll stay set forever which is clearly buggy.

Cc: stable@vger.kernel.org
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:14:45 +03:00
Johannes Berg
c56e00a3fe iwlwifi: mvm: delay GTK setting in FW in AP mode
In AP (and IBSS) mode, we can only set GTKs to firmware after we have
sent down the multicast station, but this we can only do after we've
enabled beaconing, etc.

However, during rfkill exit, hostapd will configure the keys before
starting the AP, and cfg80211/mac80211 accept it happily.

On earlier devices, this didn't bother us as GTK TX wasn't really
handled in firmware, we just put the key material into the TX cmd
and thus it only mattered when we actually transmitted a frame.

On newer devices, however, the firmware needs to track all of this
and that doesn't work if we add the key before the (multicast) sta
it belongs to.

To fix this, keep a list of keys to add during AP enable, and call
the function there.

Cc: stable@vger.kernel.org
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:13:54 +03:00
Luca Coelho
5b7d678538 iwlwifi: mvm: remove MAC_FILTER_IN_11AX for AP mode
The FW API was clarified saying that this flag should only be set in
BSS client mode.  Remove it from the MAC_CTXT command we send in AP
and GO modes.

Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Fixes: 3b5ee8dd8b ("iwlwifi: mvm: set MAC_FILTER_IN_11AX in AP mode")
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:09:44 +03:00
Shahar S Matityahu
6c7f708778 iwlwifi: dbg: debug recording stop and restart command remove
The 0xF6 command used to start and stop the recording from 22560 devices
was removed. This is causing an assert when the driver tries to alter
the recording state.
Remove the use of the command.

Signed-off-by: Shahar S Matityahu <shahar.s.matityahu@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:09:44 +03:00
Shahar S Matityahu
c040fe8342 iwlwifi: dbg: don't stop dbg recording before entering D3 from 9000 devices
From 9000 device family the FW automatically stops the debug
recording and the driver should not stop it as well.

Signed-off-by: Shahar S Matityahu <shahar.s.matityahu@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:09:43 +03:00
Emmanuel Grumbach
d374f3157f iwlwifi: mvm: make the usage of TWT configurable
TWT is still very new and we expect issues. Make its usage
configurable and disable it by default.

Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:09:43 +03:00
Shahar S Matityahu
91c28b83da iwlwifi: dbg: move trans debug fields to a separate struct
Unite iwl_trans debug related fields under iwl_trans_debug struct to
increase readability and keep iwl_trans clean.

Signed-off-by: Shahar S Matityahu <shahar.s.matityahu@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:09:42 +03:00
Andrei Otcheretianski
ac70499ee9 iwlwifi: mvm: Drop large non sta frames
In some buggy scenarios we could possible attempt to transmit frames larger
than maximum MSDU size. Since our devices don't know how to handle this,
it may result in asserts, hangs etc.
This can happen, for example, when we receive a large multicast frame
and try to transmit it back to the air in AP mode.
Since in a legal scenario this should never happen, drop such frames and
warn about it.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:09:41 +03:00
Haim Dreyfuss
4fd445a2c8 iwlwifi: mvm: Add log information about SAR status
Inform users when SAR status is changing.

Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:09:40 +03:00
Haim Dreyfuss
0c3d728223 iwlwifi: Add support for SAR South Korea limitation
South Korea is adding a more strict SAR limit called "Limb SAR".
Currently, WGDS SAR offset group 3 is not used (not mapped to any country).
In order to be able to comply with South Korea new restriction:
- OEM will use WGDS SAR offset group 3 to South Korea limitation.
- OEM will change WGDS revision to 1 (currently latest revision is 0)
	to notify that Korea Limb SAR applied.
- Driver will read the WGDS table and pass the values to FW (as usual)
- Driver will pass to FW an indication that Korea Limb SAR is applied
	in case table revision is 1.

Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:09:40 +03:00
Shaul Triebitz
5cc74f65a9 iwlwifi: mvm: convert to FW AC when configuring MU EDCA
The AC numbers used by mac80211 differ from those used
by the firmware.  When setting MU EDCA params for each
AC, use the correct FW AC numbers.

Signed-off-by: Shaul Triebitz <shaul.triebitz@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:09:39 +03:00
Naftali Goldstein
b5e2fe356e iwlwifi: mvm: correctly fill the ac array in the iwl_mac_ctx_cmd
The indexes into the ac array in the iwl_mac_ctx_cmd are from the iwl_ac
enum and not the txfs.  The current code therefore puts the edca params
in the wrong indexes of the array, causing wrong priority for
data-streams of different ACs.
Fix this.

Note that this bug only occurs in NICs that use the new tx api, since in
the old tx api the txf number is equal to the corresponding ac in the
iwl_ac enum.

Signed-off-by: Naftali Goldstein <naftali.goldstein@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:09:39 +03:00
Dan Carpenter
bd9c519785 iwlwifi: remove some unnecessary NULL checks
These pointers are an offset into the "sta" struct.  They're assigned
like this:

	const struct ieee80211_sta_vht_cap *vht_cap = &sta->vht_cap;

They're not the first member of the struct (->supp_rates[] is first) so
they can't be NULL.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:09:38 +03:00
Gustavo A. R. Silva
e344896723 iwlwifi: d3: Use struct_size() helper
Make use of the struct_size() helper instead of an open-coded version
in order to avoid any potential type mistakes, in particular in the
context in which this code is being used.

So, change the following form:

sizeof(*pattern_cmd) +
               wowlan->n_patterns * sizeof(struct iwlagn_wowlan_pattern)

 to :

struct_size(pattern_cmd, patterns, wowlan->n_patterns)

This code was detected with the help of Coccinelle.

Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:09:38 +03:00
Shahar S Matityahu
3e832fd10f iwlwifi: fw api: support adwell HB default APs number api
Support adaptive dwell high band default number of APs new api.

Signed-off-by: Shahar S Matityahu <shahar.s.matityahu@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:09:37 +03:00
Mordechay Goodstein
d6882e586f iwlwifi: mvm: remove multiple debugfs entries
Now that we have per station control over amsdu size no need for
multiple entries, especially that the old one is misleading due to not
setting it for all protocols as a limit.

Signed-off-by: Mordechay Goodstein <mordechay.goodstein@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:09:37 +03:00
Shahar S Matityahu
0a3a3e9ec5 iwlwifi: dbg_ini: implement dump info collection
The info struct contains data about the FW, HW, RF and the debug
configuration.

Signed-off-by: Shahar S Matityahu <shahar.s.matityahu@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:09:31 +03:00
Mordechay Goodstein
af2984e9e6 iwlwifi: mvm: add a debugfs entry to set a fixed size AMSDU for all TX packets
The current debugfs entry only limits the max AMSDU for TCP.  Add a new
debugfs entry to allow setting a fixed AMSDU size for all TX packets,
including UDP and ICMP

Signed-off-by: Mordechay Goodstein <mordechay.goodstein@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:08:06 +03:00
Shahar S Matityahu
c7ab138eb1 iwlwifi: dbg_ini: add consecutive trigger firing support
When a dump trigger is fired, the driver sets IWL_FWRT_STATUS_DUMPING and
aborts any consecutive dump collection.
To allow consecutive triggers firing, use 5 dump workers and allocate
them upon incoming dump collection requests.

This functionality is needed since in ini debug mode each trigger may
have entirely different memory regions to collect unlike the legacy
mode in which all the triggers dump the same memory regions.

Signed-off-by: Shahar S Matityahu <shahar.s.matityahu@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:08:05 +03:00
Jiri Kosina
9ae3b870a8 iwlwifi: iwl_mvm_tx_mpdu() must be called with BH disabled
As iwl_mvm_tx_mpdu() is not disabling BH while obtaining iwl_mvm_sta->lock
(which is being taken from BH context as well), it has to be always
invoked with BH disabled. Make that clear in a comment.

Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-06-29 10:08:03 +03:00
Jason A. Donenfeld
9285ec4c8b timekeeping: Use proper clock specifier names in functions
This makes boot uniformly boottime and tai uniformly clocktai, to
address the remaining oversights.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Link: https://lkml.kernel.org/r/20190621203249.3909-2-Jason@zx2c4.com
2019-06-22 12:11:27 +02:00
David S. Miller
13091aa305 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Honestly all the conflicts were simple overlapping changes,
nothing really interesting to report.

Signed-off-by: David S. Miller <davem@davemloft.net>
2019-06-17 20:20:36 -07:00
Linus Torvalds
da0f382029 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking fixes from David Miller:
 "Lots of bug fixes here:

   1) Out of bounds access in __bpf_skc_lookup, from Lorenz Bauer.

   2) Fix rate reporting in cfg80211_calculate_bitrate_he(), from John
      Crispin.

   3) Use after free in psock backlog workqueue, from John Fastabend.

   4) Fix source port matching in fdb peer flow rule of mlx5, from Raed
      Salem.

   5) Use atomic_inc_not_zero() in fl6_sock_lookup(), from Eric Dumazet.

   6) Network header needs to be set for packet redirect in nfp, from
      John Hurley.

   7) Fix udp zerocopy refcnt, from Willem de Bruijn.

   8) Don't assume linear buffers in vxlan and geneve error handlers,
      from Stefano Brivio.

   9) Fix TOS matching in mlxsw, from Jiri Pirko.

  10) More SCTP cookie memory leak fixes, from Neil Horman.

  11) Fix VLAN filtering in rtl8366, from Linus Walluij.

  12) Various TCP SACK payload size and fragmentation memory limit fixes
      from Eric Dumazet.

  13) Use after free in pneigh_get_next(), also from Eric Dumazet.

  14) LAPB control block leak fix from Jeremy Sowden"

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (145 commits)
  lapb: fixed leak of control-blocks.
  tipc: purge deferredq list for each grp member in tipc_group_delete
  ax25: fix inconsistent lock state in ax25_destroy_timer
  neigh: fix use-after-free read in pneigh_get_next
  tcp: fix compile error if !CONFIG_SYSCTL
  hv_sock: Suppress bogus "may be used uninitialized" warnings
  be2net: Fix number of Rx queues used for flow hashing
  net: handle 802.1P vlan 0 packets properly
  tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()
  tcp: add tcp_min_snd_mss sysctl
  tcp: tcp_fragment() should apply sane memory limits
  tcp: limit payload size of sacked skbs
  Revert "net: phylink: set the autoneg state in phylink_phy_change"
  bpf: fix nested bpf tracepoints with per-cpu data
  bpf: Fix out of bounds memory access in bpf_sk_storage
  vsock/virtio: set SOCK_DONE on peer shutdown
  net: dsa: rtl8366: Fix up VLAN filtering
  net: phylink: set the autoneg state in phylink_phy_change
  net: add high_order_alloc_disable sysctl/static key
  tcp: add tcp_tx_skb_cache sysctl
  ...
2019-06-17 15:55:34 -07:00
Johannes Berg
1e87fec9fa mac80211: call rate_control_send_low() internally
There's no rate control algorithm that *doesn't* want to call
it internally, and calling it internally will let us modify
its behaviour in the future.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-06-14 14:17:37 +02:00
Thomas Gleixner
4273a380f2 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 322
Based on 1 normalized pattern(s):

  this program is free software you can redistribute it and or modify
  it under the terms of version 2 of the gnu general public license as
  published by the free software foundation this program is
  distributed in the hope that it will be useful but without any
  warranty without even the implied warranty of merchantability or
  fitness for a particular purpose see the gnu general public license
  for more details the full gnu general public license is included in
  this distribution in the file called license

extracted by the scancode license scanner the SPDX license identifier

  GPL-2.0-only

has been chosen to replace the boilerplate/reference in 29 file(s).

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Allison Randal <allison@lohutok.net>
Reviewed-by: Alexios Zavras <alexios.zavras@intel.com>
Reviewed-by: Kate Stewart <kstewart@linuxfoundation.org>
Cc: linux-spdx@vger.kernel.org
Link: https://lkml.kernel.org/r/20190530000435.438503728@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-06-05 17:37:05 +02:00
Lior Cohen
5f4d55d579 iwlwifi: mvm: change TLC config cmd sent by rs to be async
The TLC_MNG_CONFIG sync cmd sent by the rs leads to a kernel warning
of sleeping while in rcu read-side critical section. The fix is to
change the command to be ASYNC (not blocking for the response anymore).

Signed-off-by: Lior Cohen <lior2.cohen@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
2019-06-01 08:04:51 +03:00
Shahar S Matityahu
cc5470df44 iwlwifi: print fseq info upon fw assert
Read fseq info from FW registers and print it upon fw assert.
The print is needed since the fseq version coming from the TLV might
not be the actual version that is used.

Signed-off-by: Shahar S Matityahu <shahar.s.matityahu@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
2019-06-01 08:04:48 +03:00
Emmanuel Grumbach
b3500b472c iwlwifi: fix load in rfkill flow for unified firmware
When we have a single image (same firmware image for INIT and
OPERATIONAL), we couldn't load the driver and register to the
stack if we had hardware RF-Kill asserted.

Fix this. This required a few changes:

1) Run the firmware as part of the INIT phase even if its
   ucode_type is not IWL_UCODE_INIT.
2) Send the commands that are sent to the unified image in
   INIT flow even in RF-Kill.
3) Don't ask the transport to stop the hardware upon RF-Kill
   interrupt if the RF-Kill is asserted.
4) Allow the RF-Kill interrupt to take us out of L1A so that
   the RF-Kill interrupt will be received by the host (to
   enable the radio).

Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
2019-06-01 08:04:46 +03:00
Johannes Berg
23f57bfac7 iwlwifi: mvm: remove d3_sram debugfs file
This debugfs file is really old, and cannot work properly since
the unified image support. Rather than trying to make it work,
which is difficult now due to multiple images (LMAC/UMAC etc.)
just remove it - we no longer need it since we properly do a FW
coredump even in D3 cases.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
2019-06-01 08:04:43 +03:00
David S. Miller
6ffe0acc93 wireless-drivers-next patches for 5.2
Most likely the last patchset of new feature for 5.2, and this time we
 have quite a lot of new features. Most obvious being rtw88 from
 Realtek which supports RTL8822BE and RTL8822CE 802.11ac devices. We
 have also new hardware support for existing drivers and improvements.
 
 There's one conflict in iwlwifi, my example conflict resolution below.
 
 Major changes:
 
 iwlwifi
 
 * bump the 20000-series FW API version
 
 * work on new hardware continues
 
 * RTT confidence indication support for Fine Timing Measurement (FTM)
 
 * an improvement in HE (802.11ax) rate-scaling
 
 * add command version parsing from the fimware TLVs
 
 * add support for a new WoWLAN patterns firmware API
 
 rsi
 
 * add support for rs9116
 
 mwifiex
 
 * add support for SD8987
 
 brcmfmac
 
 * add quirk for ACEPC T8 and T11 mini PCs
 
 rt2x00
 
 * add RT3883 support
 
 qtnfmac
 
 * fix debugfs interface to support multiple cards
 
 rtw88
 
 * new driver
 
 mt76
 
 * share more code across drivers
 
 * add support for MT7615 chipset
 
 * rework DMA API
 
 * tx/rx performance optimizations
 
 * use NAPI for tx cleanup on mt76x02
 
 * AP mode support for USB devices
 
 * USB stability fixes
 
 * tx power handling fixes for 76x2
 
 * endian fixes
 
 Conflicts:
 
 There's a trivial conflict in
 drivers/net/wireless/intel/iwlwifi/fw/file.h, just leave
 IWL_UCODE_TLV_FW_FSEQ_VERSION to the file. 'git diff' output should be
 just empty:
 
 diff --cc drivers/net/wireless/intel/iwlwifi/fw/file.h
 index cd622af90077,b0671e16e1ce..000000000000
 --- a/drivers/net/wireless/intel/iwlwifi/fw/file.h
 +++ b/drivers/net/wireless/intel/iwlwifi/fw/file.h
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJczDAZAAoJEG4XJFUm622blLgH/jdBKEq9i1m5dtLi48u4sgPV
 NsnPhR5XQjpbYpmvgPslKLxWzZq6A0P+lo9QqTXkP/QRyJLu7RnoY1c2wVsQbWaK
 VTXc0cROzWt0ihAt8Mc/rEsZpISVnQ9mJbTd/kSJM9WlDeIg0jcJvnEAdQiEmM5t
 2t+zZ5CupUXYbGE3zWHL1GSjBD9f0v7zyrNxYNGfvqhDEXhTFWAmVuRtfoAVlRU+
 dt1HMv+qdxgoF6Uvaw/kgY09mDvdrfy2EVL0q7S3TKceute60SWf7de2sToI/rMQ
 snUnVqTIIUnWPl6g+C3Bp2TbdZhy6XCSRsMFOVa2i1Lt+z1qe3dTr3hjxTQWRhE=
 =uLaP
 -----END PGP SIGNATURE-----

Merge tag 'wireless-drivers-next-for-davem-2019-05-03' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers-next

Kalle Valo says:

====================
wireless-drivers-next patches for 5.2

Most likely the last patchset of new feature for 5.2, and this time we
have quite a lot of new features. Most obvious being rtw88 from
Realtek which supports RTL8822BE and RTL8822CE 802.11ac devices. We
have also new hardware support for existing drivers and improvements.

There's one conflict in iwlwifi, my example conflict resolution below.

Major changes:

iwlwifi

* bump the 20000-series FW API version

* work on new hardware continues

* RTT confidence indication support for Fine Timing Measurement (FTM)

* an improvement in HE (802.11ax) rate-scaling

* add command version parsing from the fimware TLVs

* add support for a new WoWLAN patterns firmware API

rsi

* add support for rs9116

mwifiex

* add support for SD8987

brcmfmac

* add quirk for ACEPC T8 and T11 mini PCs

rt2x00

* add RT3883 support

qtnfmac

* fix debugfs interface to support multiple cards

rtw88

* new driver

mt76

* share more code across drivers

* add support for MT7615 chipset

* rework DMA API

* tx/rx performance optimizations

* use NAPI for tx cleanup on mt76x02

* AP mode support for USB devices

* USB stability fixes

* tx power handling fixes for 76x2

* endian fixes

Conflicts:

There's a trivial conflict in
drivers/net/wireless/intel/iwlwifi/fw/file.h, just leave
IWL_UCODE_TLV_FW_FSEQ_VERSION to the file. 'git diff' output should be
just empty:

diff --cc drivers/net/wireless/intel/iwlwifi/fw/file.h
index cd622af90077,b0671e16e1ce..000000000000
--- a/drivers/net/wireless/intel/iwlwifi/fw/file.h
+++ b/drivers/net/wireless/intel/iwlwifi/fw/file.h
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2019-05-05 10:20:53 -07:00
David S. Miller
ff24e4980a Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Three trivial overlapping conflicts.

Signed-off-by: David S. Miller <davem@davemloft.net>
2019-05-02 22:14:21 -04:00
Shahar S Matityahu
bfd8e3dade iwlwifi: dbg_ini: add periodic trigger support
Allows to configure a periodic data collection

Signed-off-by: Shahar S Matityahu <shahar.s.matityahu@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-29 18:42:47 +03:00
Andrei Otcheretianski
11af74ad1d iwlwifi: mvm: Don't sleep in RX path
Don't use cancel_delayed_work_sync() inside the channel switch
notifications as they are handled synchronously as part of the RX path.
Fix that by replacing it with cancel_delayed_work(). This should be safe
as we don't really care whether the work is already started and in such
case we would disconnect anyway.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-29 18:42:46 +03:00
Liad Kaufman
529281bdf0 iwlwifi: mvm: limit TLC according to our HE capabilities
Instead of setting the TLC config command according to the
rates the peer supports, make sure that we aren't also
limited by our own rates, so take the minimum between the
peer's supported RX rates and our supported TX rates.

Signed-off-by: Liad Kaufman <liad.kaufman@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-29 18:42:45 +03:00
Avraham Stern
cec2d4f6b4 iwlwifi: mvm: report FTM start time TSF when applicable
When the interface that is requesting an FTM measurement is connected
to a BSS, it is possible that the FTM request was originated by an
RRM request from the AP. In this case the station needs to report
the measurement start time in terms of the TSF of the AP.

Since there is no indication in the FTM request itself if the TSF
is needed, always report the TSF if the station is associated.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-29 18:42:45 +03:00
Luca Coelho
0c546fb6f9 iwlwifi: mvm: support v2 of the WoWLAN patterns command
Add new definitions for the WoWLAN patterns API version 2 and support
for version 2 of the WoWLAN patterns command without implementing the
new features.  With this commit we only supporting the existing
bitmask pattern match.  Use the new version only if the TLV is set.

Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-29 18:42:45 +03:00
Luca Coelho
d156e67d3f iwlwifi: mvm: fix merge damage in iwl_mvm_vif_dbgfs_register()
When I rebased Greg's patch, I accidentally left the old if block that
was already there.  Remove it.

Fixes: 154d4899e4 ("iwlwifi: mvm: properly check debugfs dentry before using it")
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-28 09:59:59 +03:00
Luca Coelho
de1887c064 iwlwifi: mvm: check for length correctness in iwl_mvm_create_skb()
We don't check for the validity of the lengths in the packet received
from the firmware.  If the MPDU length received in the rx descriptor
is too short to contain the header length and the crypt length
together, we may end up trying to copy a negative number of bytes
(headlen - hdrlen < 0) which will underflow and cause us to try to
copy a huge amount of data.  This causes oopses such as this one:

BUG: unable to handle kernel paging request at ffff896be2970000
PGD 5e201067 P4D 5e201067 PUD 5e205067 PMD 16110d063 PTE 8000000162970161
Oops: 0003 [#1] PREEMPT SMP NOPTI
CPU: 2 PID: 1824 Comm: irq/134-iwlwifi Not tainted 4.19.33-04308-geea41cf4930f #1
Hardware name: [...]
RIP: 0010:memcpy_erms+0x6/0x10
Code: 90 90 90 90 eb 1e 0f 1f 00 48 89 f8 48 89 d1 48 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 c3 66 0f 1f 44 00 00 48 89 f8 48 89 d1 <f3> a4 c3
 0f 1f 80 00 00 00 00 48 89 f8 48 83 fa 20 72 7e 40 38 fe
RSP: 0018:ffffa4630196fc60 EFLAGS: 00010287
RAX: ffff896be2924618 RBX: ffff896bc8ecc600 RCX: 00000000fffb4610
RDX: 00000000fffffff8 RSI: ffff896a835e2a38 RDI: ffff896be2970000
RBP: ffffa4630196fd30 R08: ffff896bc8ecc600 R09: ffff896a83597000
R10: ffff896bd6998400 R11: 000000000200407f R12: ffff896a83597050
R13: 00000000fffffff8 R14: 0000000000000010 R15: ffff896a83597038
FS:  0000000000000000(0000) GS:ffff896be8280000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff896be2970000 CR3: 000000005dc12002 CR4: 00000000003606e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 iwl_mvm_rx_mpdu_mq+0xb51/0x121b [iwlmvm]
 iwl_pcie_rx_handle+0x58c/0xa89 [iwlwifi]
 iwl_pcie_irq_rx_msix_handler+0xd9/0x12a [iwlwifi]
 irq_thread_fn+0x24/0x49
 irq_thread+0xb0/0x122
 kthread+0x138/0x140
 ret_from_fork+0x1f/0x40

Fix that by checking the lengths for correctness and trigger a warning
to show that we have received wrong data.

Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-28 09:59:59 +03:00
Johannes Berg
8cb081746c netlink: make validation more configurable for future strictness
We currently have two levels of strict validation:

 1) liberal (default)
     - undefined (type >= max) & NLA_UNSPEC attributes accepted
     - attribute length >= expected accepted
     - garbage at end of message accepted
 2) strict (opt-in)
     - NLA_UNSPEC attributes accepted
     - attribute length >= expected accepted

Split out parsing strictness into four different options:
 * TRAILING     - check that there's no trailing data after parsing
                  attributes (in message or nested)
 * MAXTYPE      - reject attrs > max known type
 * UNSPEC       - reject attributes with NLA_UNSPEC policy entries
 * STRICT_ATTRS - strictly validate attribute size

The default for future things should be *everything*.
The current *_strict() is a combination of TRAILING and MAXTYPE,
and is renamed to _deprecated_strict().
The current regular parsing has none of this, and is renamed to
*_parse_deprecated().

Additionally it allows us to selectively set one of the new flags
even on old policies. Notably, the UNSPEC flag could be useful in
this case, since it can be arranged (by filling in the policy) to
not be an incompatible userspace ABI change, but would then going
forward prevent forgetting attribute entries. Similar can apply
to the POLICY flag.

We end up with the following renames:
 * nla_parse           -> nla_parse_deprecated
 * nla_parse_strict    -> nla_parse_deprecated_strict
 * nlmsg_parse         -> nlmsg_parse_deprecated
 * nlmsg_parse_strict  -> nlmsg_parse_deprecated_strict
 * nla_parse_nested    -> nla_parse_nested_deprecated
 * nla_validate_nested -> nla_validate_nested_deprecated

Using spatch, of course:
    @@
    expression TB, MAX, HEAD, LEN, POL, EXT;
    @@
    -nla_parse(TB, MAX, HEAD, LEN, POL, EXT)
    +nla_parse_deprecated(TB, MAX, HEAD, LEN, POL, EXT)

    @@
    expression NLH, HDRLEN, TB, MAX, POL, EXT;
    @@
    -nlmsg_parse(NLH, HDRLEN, TB, MAX, POL, EXT)
    +nlmsg_parse_deprecated(NLH, HDRLEN, TB, MAX, POL, EXT)

    @@
    expression NLH, HDRLEN, TB, MAX, POL, EXT;
    @@
    -nlmsg_parse_strict(NLH, HDRLEN, TB, MAX, POL, EXT)
    +nlmsg_parse_deprecated_strict(NLH, HDRLEN, TB, MAX, POL, EXT)

    @@
    expression TB, MAX, NLA, POL, EXT;
    @@
    -nla_parse_nested(TB, MAX, NLA, POL, EXT)
    +nla_parse_nested_deprecated(TB, MAX, NLA, POL, EXT)

    @@
    expression START, MAX, POL, EXT;
    @@
    -nla_validate_nested(START, MAX, POL, EXT)
    +nla_validate_nested_deprecated(START, MAX, POL, EXT)

    @@
    expression NLH, HDRLEN, MAX, POL, EXT;
    @@
    -nlmsg_validate(NLH, HDRLEN, MAX, POL, EXT)
    +nlmsg_validate_deprecated(NLH, HDRLEN, MAX, POL, EXT)

For this patch, don't actually add the strict, non-renamed versions
yet so that it breaks compile if I get it wrong.

Also, while at it, make nla_validate and nla_parse go down to a
common __nla_validate_parse() function to avoid code duplication.

Ultimately, this allows us to have very strict validation for every
new caller of nla_parse()/nlmsg_parse() etc as re-introduced in the
next patch, while existing things will continue to work as is.

In effect then, this adds fully strict validation for any new command.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-04-27 17:07:21 -04:00
Nathan Chancellor
f8510d67d6 iwlwifi: mvm: Change an 'else if' into an 'else' in iwl_mvm_send_add_bcast_sta
When building with -Wsometimes-uninitialized, Clang warns:

drivers/net/wireless/intel/iwlwifi/mvm/sta.c:2114:12: warning: variable
'queue' is used uninitialized whenever 'if' condition is false
[-Wsometimes-uninitialized]

Clang can't evaluate at this point that WARN(1, ...) always returns true
because __ret_warn_on is defined as !!(condition), which isn't
immediately evaluated as 1. Change this branch to else so that it's
clear to Clang that we intend to bail out here.

Link: https://github.com/ClangBuiltLinux/linux/issues/399
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
[added a few more braces]
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-19 10:27:33 +03:00
Avraham Stern
957a67c828 iwlwifi: mvm: support rtt confidence indication
The range response notification API has changed to add a value that
indicates the confidence of the rtt result.
Support the new API and print the rtt confidence for debug.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-19 10:26:23 +03:00
Gregory Greenman
befebbb30a iwlwifi: rs: consider LDPC capability in case of HE
When building TLC configuration command, consider in case of HE,
if LDPC support is turned on in our capabilities.

Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-19 10:26:23 +03:00
Shaul Triebitz
9a16ee0c6b iwlwifi: mvm: set 512 TX queue slots for AX210 devices
AX210 devices support 256 BA (256 MPDUs in an AMPDU).
The firmware requires that the number of TFDs will be
minimum twice as big as the BA size (2 * 256 = 512).

Signed-off-by: Shaul Triebitz <shaul.triebitz@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-19 10:26:21 +03:00
David S. Miller
f9a904efca wireless-drivers-next patches for 5.2
Nothing really special standing out this time, iwlwifi being the most
 active driver.
 
 Major changes:
 
 iwlwifi
 
 * send NO_DATA events so they can be captured in radiotap
 
 * support for multiple BSSID
 
 * support for some new FW API versions
 
 * support new hardware
 
 * debugfs cleanups by Greg-KH
 
 qtnfmac
 
 * allow each MAC to specify its own regulatory rules
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJcuHgsAAoJEG4XJFUm622bfo8H/3uRRxsQBHGg6e3NpELaxpNV
 IfrPDtvxyfILzIepBBhnZYUY0OrlTHKfMmzFBD9FFMojsxBYddnLZ/0iKUNKfwLm
 KzToW/64YJ784dc+tw85gjh8I3MB+RRoD0l01M1HuOkzQ4hDNEGK3IsMHsBs/oTZ
 huiqTYsTxStOj53vOpQiBFZ1pYBtvGLMxBdSepDcR27bgT1gwriynCSkSNglDH8z
 /t3m6hDGtZa6uVkoIVH+BAMu6+vt+vIkU/TOdmiW/zqBL2JYq6cDE0uIb3bLAzN6
 uvS1Rj42P3OwHUwFavlUBdr5Rdcj6P24S5ZhtVaGGWCBjMZI5/nO7IjzwyQnQuQ=
 =/6q9
 -----END PGP SIGNATURE-----

Merge tag 'wireless-drivers-next-for-davem-2019-04-18' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers-next

Kalle Valo says:

====================
wireless-drivers-next patches for 5.2

Nothing really special standing out this time, iwlwifi being the most
active driver.

Major changes:

iwlwifi

* send NO_DATA events so they can be captured in radiotap

* support for multiple BSSID

* support for some new FW API versions

* support new hardware

* debugfs cleanups by Greg-KH

qtnfmac

* allow each MAC to specify its own regulatory rules
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2019-04-18 11:07:55 -07:00
Greg Kroah-Hartman
154d4899e4 iwlwifi: mvm: properly check debugfs dentry before using it
debugfs can now report an error code if something went wrong instead of
just NULL.  So if the return value is to be used as a "real" dentry, it
needs to be checked if it is an error before dereferencing it.

This is now happening because of ff9fb72bc0 ("debugfs: return error
values, not NULL").  If multiple iwlwifi devices are in the system, this
can cause problems when the driver attempts to create the main debugfs
directory again.  Later on in the code we fail horribly by trying to
dereference a pointer that is an error value.

Reported-by: Laura Abbott <labbott@redhat.com>
Reported-by: Gabriel Ramirez <gabriello.ramirez@gmail.com>
Cc: Johannes Berg <johannes.berg@intel.com>
Cc: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Cc: Luca Coelho <luciano.coelho@intel.com>
Cc: Intel Linux Wireless <linuxwifi@intel.com>
Cc: Kalle Valo <kvalo@codeaurora.org>
Cc: stable <stable@vger.kernel.org> # 5.0
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-18 15:06:44 +03:00
Johannes Berg
72d3c7bbc9 iwlwifi: mvm: don't attempt debug collection in rfkill
If we fail to initialize because rfkill is enabled, then trying
to do debug collection currently just fails. Prevent that in the
high-level code, although we should probably also fix the lower
level code to do things more carefully.

It's not 100% clear that it fixes this commit, as the original
dump code at the time might've been more careful. In any case,
we don't really need to dump anything in this expected scenario.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Fixes: 7125648074 ("iwlwifi: add fw dump upon RT ucode start failure")
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-18 14:07:39 +03:00
Sara Sharon
d14ae796f8 iwlwifi: mvm: support HE context cmd API change
Support API change to pass all mbssid parameters to the firmware.

Signed-off-by: Sara Sharon <sara.sharon@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-03 11:20:05 +03:00
Avraham Stern
afc1e3b4fc iwlwifi: mvm: use correct GP2 register address for 22000 family
The device time register address has changed for 22000 devices.
Add a util function for getting the GP2 time and use the correct
register address depending on the device family.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-03 11:20:04 +03:00
Greg Kroah-Hartman
c9af7528c3 iwlwifi: mvm: no need to check return value of debugfs_create functions
When calling debugfs functions, there is no need to ever check the
return value.  The function can work or not, but the code logic should
never do something different based on this.

Cc: Johannes Berg <johannes.berg@intel.com>
Cc: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Cc: Luca Coelho <luciano.coelho@intel.com>
Cc: Intel Linux Wireless <linuxwifi@intel.com>
Cc: Kalle Valo <kvalo@codeaurora.org>
Cc: linux-wireless@vger.kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-03 11:20:03 +03:00
Johannes Berg
3f7fbc8cc1 iwlwifi: mvm: remove buggy and unnecessary hw_queue initialization
After converting the driver to TXQs, it no longer has any reason
to initialize vif->hw_queue/vif->cab_queue since it no longer sets
the HW_QUEUE_CONTROL flag. Remove the code that initialized those,
it was broken due to relying on an uninitialized stack value in
used_hw_queues, as Colin reported.

Reported-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-03 11:20:02 +03:00
Liad Kaufman
0bfefe2f41 iwlwifi: mvm: fix pointer reference when setting HE QAM thres
Pointer referencing when setting HE QAM thresholds (when nominal
packet padding bit is on) caused kernel crash due to bad
referencing. Fix that.

Signed-off-by: Liad Kaufman <liad.kaufman@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-03 11:20:01 +03:00
Johannes Berg
192a7e1f73 iwlwifi: mvm: IBSS: use BE FIFO for multicast
Back in commit 4d339989ac ("iwlwifi: mvm: support ibss in dqa mode")
we changed queue selection for IBSS to be:

    if (ieee80211_is_probe_resp(fc) || ieee80211_is_auth(fc) ||
        ieee80211_is_deauth(fc))
            return IWL_MVM_DQA_AP_PROBE_RESP_QUEUE;
    if (info->hw_queue == info->control.vif->cab_queue)
            return info->hw_queue;
    return IWL_MVM_DQA_AP_PROBE_RESP_QUEUE;

Clearly, the thought at the time must've been that mac80211 will
select the hw_queue as the cab_queue, so that we'll return and use
that, where we store the multicast queue for IBSS. This, however,
isn't true because mac80211 doesn't implement powersave for IBSS
and thus selects the normal IBSS interface AC queue (best effort).

This therefore always used the probe response queue, which maps to
the BE FIFO.

In commit cfbc6c4c5b ("iwlwifi: mvm: support mac80211 TXQs model")
we rethought this code, and as a consequence now started mapping the
multicast traffic to the multicast hardware queue since we no longer
relied on mac80211 selecting the queue, doing it ourselves instead.
This queue is mapped to the MCAST FIFO. however, this isn't actually
enabled/controlled by the firmware in IBSS mode because we don't
implement powersave, and frames from this queue can never go out in
this case.

Therefore, we got queue hang reports such as
https://bugzilla.kernel.org/show_bug.cgi?id=201707

Fix this by mapping the multicast queue to the BE FIFO in IBSS so
that all the frames can go out.

Fixes: cfbc6c4c5b ("iwlwifi: mvm: support mac80211 TXQs model")
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-03 11:19:59 +03:00
Shahar S Matityahu
4b1831e489 iwlwifi: dbg_ini: support HW error trigger
Differentiate between SW and HW error interrupts and support ini HW
error trigger.

Signed-off-by: Shahar S Matityahu <shahar.s.matityahu@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-03 11:19:56 +03:00
Johannes Berg
dcfe3b103d iwlwifi: mvm: update offloaded rate control on changes
With offloaded rate control, if the station parameters (rates, NSS,
bandwidth) change (sta_rc_update method), call iwl_mvm_rs_rate_init()
to propagate those change to the firmware.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-03 11:13:06 +03:00
Johannes Berg
f5ae2f932e iwlwifi: mvm: avoid possible deadlock in TX path
iwl_mvm_tx_mpdu() may run from iwl_mvm_add_new_dqa_stream_wk(), where
soft-IRQs aren't disabled. In this case, it may hold the station lock
and be interrupted by a soft-IRQ that also wants to acquire said lock,
leading to a deadlock.

Fix it by disabling soft-IRQs in iwl_mvm_add_new_dqa_stream_wk().

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-04-03 11:13:05 +03:00
Kalle Valo
8db32fa400 First batch of patches intended for v5.2
* Send NO_DATA events so they can be captured in radiotap;
 * Some channel-switch changes;
 * Support for multiple BSSID;
 * Continued work and bugfixes for the new debugging infra;
 * Support for some new FW API versions;
 * Some work to support new hardware;
 * General bugfixes;
 * Other cleanups;
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEF3LNfgb2BPWm68smoUecoho8xfoFAlyU0OwACgkQoUecoho8
 xfpOOQ/6A+gMe6x7+Mz1Cu6ipjc9ODmGKvDr/CpKUeG1XBedgEJpX9/iR5gFHJVw
 ho8ScEiN54pvktFJptjHIqY+6fPndygvnuYTKWoxN6GnQmairav7l83Vp7cI8P0s
 MHF42EVGvlBc+BwEFC747lgy29B3BFewq50nWFgycGYj+JaV18DxYFXV4+VPXXZ0
 CshNC1WbdX0jI+Qzbbm3oeYA/YrjlU7iIzrri8zD3DVPKwWeYMm/kJ6OkA7RyGcW
 LYSl28BXSZzEl5rtQ763vIoZMGtUmnhtLSLgrxNbzT5u40NGLipU51iApOY4NV9T
 nZUY3XjcBbWbWKhuMuv35wx0HzV6/346D0NPBDPCNmikJHXJFF0zhnZ3WY58ho8C
 8iKZXm8gQIaEl4oqucOIFeMHXjablvtabePinifMluXv8E4kHbjYpNzpFsnSDZyN
 2HNkyW4H7yn9R0GL0XxBt6d+NI5XYB/NkvgywzxGtouyLuav/M5X5lOaxJVDWe79
 8hdAPIlesu85cPTfoOPjtRSaHBpXpcyjnUq11XkznCbbO2PLgEc85cd3sQnhYF3t
 wmUxLgfUTy/PjmemEOau2bGpCYRAfjkfQE9aJFjqn2fsn5R65ADLyxgQ1fbUlLrq
 GvYN/WARDCeRudM5i2CMQwXGIcXKay3MKVCups0U2/xUb+DZWsM=
 =wFO2
 -----END PGP SIGNATURE-----

Merge tag 'iwlwifi-next-for-kalle-2019-03-22' of git://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/iwlwifi-next

First batch of patches intended for v5.2

* Send NO_DATA events so they can be captured in radiotap;
* Some channel-switch changes;
* Support for multiple BSSID;
* Continued work and bugfixes for the new debugging infra;
* Support for some new FW API versions;
* Some work to support new hardware;
* General bugfixes;
* Other cleanups;
2019-03-30 08:37:38 +02:00
Shahar S Matityahu
4b49e34e58 iwlwifi: dbg_ini: separate between ini and legacy dump flows
Separate between ini and legacy dump flows to allow adding ini triggers
that are not supported in the legacy flow and to increase readabilty.

iwl_fw_dbg_ini_collect function is now called with legacy trigger id and
_iwl_fw_dbg_ini_collect is called with ini trigger id.

Also make the actual dumping function static so that any dump collection
will go through iwl_fw_dbg_collect_sync.

Signed-off-by: Shahar S Matityahu <shahar.s.matityahu@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-03-22 12:59:41 +02:00
Mordechay Goodstein
a15d4f3b3c iwlwifi: mvm: set max amsdu for TLC offload
mac80211 sets max amsdu to min supported ht vs vht but TLC only works
with one mode so we can set to the exact mode used (vht/ht)
and enable larger amsdu sizes for vht.

Signed-off-by: Mordechay Goodstein <mordechay.goodstein@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-03-22 12:59:41 +02:00
Shahar S Matityahu
fd1190b68a iwlwifi: mvm: use dump worker during restart instead of sync dump
In restart flow, the driver requests HW restart from mac80211
and then mac80211 uses a worker to do the restart flow. In that flow a
sync dump is performed. Instead, schedule the dump worker before
requesting HW restart from mac80211. This approach simplifies the
restart flow.
Also, it is neeeded in order to differentiate between the handling of SW
and HW errors in a future commit.

Signed-off-by: Shahar S Matityahu <shahar.s.matityahu@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-03-22 12:59:41 +02:00
Ilan Peer
e4fe5d4b10 iwlwifi: mvm: Support new format of SCAN_OFFLOAD_PROFILES_QUERY_RSP
Newer FWs use a new format of the SCAN_OFFLOAD_PROFILES_QUERY_RSP,
which now supports indicating match on an higher number of channels.

Modify the code to support both the old format and the newer one,
based on a FW TLV.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-03-22 12:59:41 +02:00
Shaul Triebitz
8636ca769c iwlwifi: mvm: be more forgiving if num of channels is too big
If number of channels in the driver is greater than
number of scan channels given by firmware TLV, do not
fail scan config, but adjust to firmware's number of channels.
This is helpful for supporting in driver new channels before
it being supported by firmware scan.

Signed-off-by: Shaul Triebitz <shaul.triebitz@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-03-22 12:59:40 +02:00
Johannes Berg
e47df5bd51 iwlwifi: mvm: enable HT/VHT IBSS
For some reason we never enabled it, but it appears to work fine.
Enable it now.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-03-22 12:59:40 +02:00
Sara Sharon
918cbf39ac iwlwifi: mvm: support multiple BSSID
Set the capabilities flags and inform firmware

Signed-off-by: Sara Sharon <sara.sharon@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-03-22 12:59:40 +02:00
Sara Sharon
81b4e44e41 iwlwifi: mvm: track changes in beacon count during channel switch
There are some buggy APs that keeps changing the count while forcing
us to block TX. This eventually results in queue hang, assert, and
disconnection. Detect such APs and disconnect gracefully in advance.

Signed-off-by: Sara Sharon <sara.sharon@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-03-22 12:59:40 +02:00
Sara Sharon
f678061402 iwlwifi: mvm: disconnect in case of bad channel switch parameters
In case we receive channel switch announcement with immediate
quiet and unknown switching time, we will switch when FW identifies
AP left channel. However, if AP remains on channel, we will
eventually get TX queue hang. Init a work to disconnect if
switch doesn't occur within 1500 milliseconds. Do it also
for a too long channel switch.

Signed-off-by: Sara Sharon <sara.sharon@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-03-22 12:59:40 +02:00
Sara Sharon
77738865eb iwlwifi: mvm: notify FW on quiet mode in CSA
Let FW know if quiet mode is on or not. This is needed
in order to disable it in FW when CSA is complete.

Signed-off-by: Sara Sharon <sara.sharon@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-03-22 12:59:40 +02:00
Sara Sharon
c37763d22d iwlwifi: mvm: track CSA beacons
Send to FW modify command for every beacon we receive during channel
switch. FW will track the count, and make sure the event is scheduled
in time even if AP changed count.

Signed-off-by: Sara Sharon <sara.sharon@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-03-22 12:59:39 +02:00
Johannes Berg
d47cdb884a iwlwifi: mvm: report all NO_DATA events to mac80211
Report all NO_DATA events to mac80211 so they get captured
in radiotap for usage in sniffer scenarios; map the info
type to a reasonable radiotap type for this.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-03-22 12:59:39 +02:00
Sara Sharon
7922112663 iwlwifi: mvm: implement CSA abort
In case we receive abort operation for CSA, clean up
our state.

Signed-off-by: Sara Sharon <sara.sharon@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-03-22 12:59:39 +02:00
Sara Sharon
9cfcf71ce6 iwlwifi: mvm: report delayed beacon count to FW
Support passing to FW delayed beacon count. This
represents the delay the AP can have when moving to
the new channel.

Signed-off-by: Sara Sharon <sara.sharon@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-03-22 12:59:39 +02:00
Johannes Berg
475c6bde72 iwlwifi: mvm: fix TX crypto on 22560+ devices
In the old days, we could transmit with HW crypto with an arbitrary
key by filling it into TX_CMD. This was broken first with the advent
of CCMP/GCMP-256 keys which don't fit there.

This was broken *again* with the newer TX_CMD format on 22560+,
where we simply cannot pass key material anymore. However, we forgot
to update all the cases when we get a key from mac80211 and don't
program it into the hardware but still return 0 for HW crypto on TX.

In AP mode with WEP, we tried to fix this by programming the keys
separately for each station later, but this ultimately turns out to
be buggy, for example now it leaks memory when we have more than one
WEP key.

Fix this by simply using only SW crypto for WEP in newer devices by
returning -EOPNOTSUPP instead of trying to program WEP keys later.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-03-22 12:49:03 +02:00
Arnd Bergmann
688cd8bd2c iwlwifi: fix 64-bit division
do_div() expects unsigned operands and otherwise triggers a warning like:

drivers/net/wireless/intel/iwlwifi/mvm/ftm-initiator.c:465:2: error: comparison of distinct pointer types ('typeof ((rtt_avg)) *' (aka 'long long *') and 'uint64_t *' (aka 'unsigned long long *')) [-Werror,-Wcompare-distinct-pointer-types]
        do_div(rtt_avg, 6666);
        ^~~~~~~~~~~~~~~~~~~~~
include/asm-generic/div64.h:222:28: note: expanded from macro 'do_div'
        (void)(((typeof((n)) *)0) == ((uint64_t *)0));  \
               ~~~~~~~~~~~~~~~~~~ ^  ~~~~~~~~~~~~~~~
1 error generated.

Change the do_div() to the simpler div_s64() that can handle
negative inputs correctly.

Fixes: 937b10c0de ("iwlwifi: mvm: add debug prints for FTM")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
2019-03-07 19:15:06 +02:00
David S. Miller
1a25660856 wireless-drivers-next patches for 5.1
Most likely the last set of patches for 5.1. WPA3 support to ath10k
 and qtnfmac. FTM support to iwlwifi and ath10k. And of course other
 new features and bugfixes.
 
 wireless-drivers was merged due to dependency in mt76.
 
 Major changes:
 
 iwlwifi
 
 * HE radiotap
 
 * FTM (Fine Timing Measurement) initiator and responder implementation
 
 * bump supported firmware API to 46
 
 * VHT extended NSS support
 
 * new PCI IDs for 9260 and 22000 series
 
 ath10k
 
 * change QMI interface to support the new (and backwards incompatible)
   interface from HL3.1 and used in recent HL2.0 branch firmware
   releases
 
 * support WPA3 with WCN3990
 
 * support for mac80211 airtime fairness based on transmit rate
   estimation, the firmware needs to support WMI_SERVICE_PEER_STATS to
   enable this
 
 * report transmit airtime to mac80211 with firmwares having
   WMI_SERVICE_REPORT_AIRTIME feature, this to have more accurate
   airtime fairness based on real transmit time (instead of just
   estimated from transmit rate)
 
 * support Fine Timing Measurement (FTM) responder role
 
 * add dynamic VLAN support with firmware having WMI_SERVICE_PER_PACKET_SW_ENCRYPT
 
 * switch to use SPDX license identifiers
 
 ath
 
 * add new country codes for US
 
 brcmfmac
 
 * support monitor frames with the hardware/ucode header
 
 qtnfmac
 
 * enable WPA3 SAE and OWE support
 
 mt76
 
 * beacon support for USB devices (mesh+ad-hoc only)
 
 rtlwifi
 
 * convert to use SPDX license identifiers
 
 libertas_tf
 
 * get the MAC address before registering the device
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJccAnlAAoJEG4XJFUm622bxxMH/2cz2GEuDQXOwfYLnCUwFES8
 vqTdMWnlfqGQvsTyvtSp91KqsL3hE2FB1Cu3n6/vzND3C7afT0V2/QlU7Pmgr8sR
 1gnJnu0NJT5SZfzcTsqwt8rFw9lQZ3HcvEcfNo6T5KUyyY7FGCNGR5H27nvoKOP3
 ea1h7U80loPV40sGTI8jj963wa9LNHUrjHTK4wY+KMWECgZuD/fHeE9YPB9MTdff
 lJ5bWCoQmuJddvTtC+X0tOAsCkxgdbbw6ieKqzep8H4gtUjerZD+V8uUdbtpr7IL
 sWPoaqrrADMv9cZtDVj+pEtNIJ3mpfuHYFKSON9jy/uxygeFTfVzLu43RFreDp8=
 =D15/
 -----END PGP SIGNATURE-----

Merge tag 'wireless-drivers-next-for-davem-2019-02-22' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers-next

Kalle Valo says:

====================
wireless-drivers-next patches for 5.1

Most likely the last set of patches for 5.1. WPA3 support to ath10k
and qtnfmac. FTM support to iwlwifi and ath10k. And of course other
new features and bugfixes.

wireless-drivers was merged due to dependency in mt76.

Major changes:

iwlwifi

* HE radiotap

* FTM (Fine Timing Measurement) initiator and responder implementation

* bump supported firmware API to 46

* VHT extended NSS support

* new PCI IDs for 9260 and 22000 series

ath10k

* change QMI interface to support the new (and backwards incompatible)
  interface from HL3.1 and used in recent HL2.0 branch firmware
  releases

* support WPA3 with WCN3990

* support for mac80211 airtime fairness based on transmit rate
  estimation, the firmware needs to support WMI_SERVICE_PEER_STATS to
  enable this

* report transmit airtime to mac80211 with firmwares having
  WMI_SERVICE_REPORT_AIRTIME feature, this to have more accurate
  airtime fairness based on real transmit time (instead of just
  estimated from transmit rate)

* support Fine Timing Measurement (FTM) responder role

* add dynamic VLAN support with firmware having WMI_SERVICE_PER_PACKET_SW_ENCRYPT

* switch to use SPDX license identifiers

ath

* add new country codes for US

brcmfmac

* support monitor frames with the hardware/ucode header

qtnfmac

* enable WPA3 SAE and OWE support

mt76

* beacon support for USB devices (mesh+ad-hoc only)

rtlwifi

* convert to use SPDX license identifiers

libertas_tf

* get the MAC address before registering the device
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2019-02-22 12:56:24 -08:00
Johannes Berg
b7b14ec1eb Merge remote-tracking branch 'net-next/master' into mac80211-next
Merge net-next to resolve a conflict and to get the mac80211
rhashtable fixes so further patches can be applied on top.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-22 13:48:13 +01:00
Liad Kaufman
77ff2c6b49 mac80211: update HE IEs to D3.3
Update element names and new fields according to D3.3 of
the HE spec.

Signed-off-by: Liad Kaufman <liad.kaufman@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-22 13:46:55 +01:00
Sara Sharon
f50d693b9f iwlwifi: mvm: add some debug data to TX path
This helps debugging when things go wrong.

Signed-off-by: Sara Sharon <sara.sharon@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-02-20 20:47:59 +02:00
Johannes Berg
a53b2a0b12 iwlwifi: mvm: implement VHT extended NSS support in rs.c
For non-offloaded rate control, implement VHT extended NSS
support by just ignoring 160 MHz on transmit if the peer
doesn't support the full NSS (2). This is pretty unlikely
and gets us 160 MHz RX as well as TX in most cases, since
the typical case for this workaround is 4x4 AP only doing
2x2 on 160 MHz.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-02-20 20:47:59 +02:00
Ilan Peer
8c739d8d79 iwlwifi: mvm: Allow retries for probe responses
When hostapd sends a probe response, it does not request an
acknowledgment on the probe response. This setting is propagated
to the driver and FW from mac80211, and as a result probe responses
are transmitted only once without retries. In congested
environments, this reduces the likelihood for finding the AP.

To overcome this, enable acknowledgment and retries for probe
responses, even in case no acknowledgment is requested. In such
a case the retry limit is set to 3.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
2019-02-20 20:47:58 +02:00