user/sven/linux.git/net/wireless, branch v4.9.5Linux Kernel
https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v4.9.52017-01-19T19:18:00Znl80211: fix sched scan netlink socket owner destruction2017-01-19T19:18:00ZJohannes Bergjohannes.berg@intel.com2017-01-05T09:57:14Zurn:sha1:0a28f5393689576a7667a7ef42cb79eafe16b019
commit 753aacfd2e95df6a0caf23c03dc309020765bea9 upstream.
A single netlink socket might own multiple interfaces *and* a
scheduled scan request (which might belong to another interface),
so when it goes away both may need to be destroyed.
Remove the schedule_scan_stop indirection to fix this - it's only
needed for interface destruction because of the way this works
right now, with a single work taking care of all interfaces.
Fixes: 93a1e86ce10e4 ("nl80211: Stop scheduled scan if netlink client disappears")
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
nl80211: Use different attrs for BSSID and random MAC addr in scan req2017-01-12T10:39:23ZVamsi Krishnavamsin@qti.qualcomm.com2016-12-02T21:59:08Zurn:sha1:45816391e1a5f32e25b8eb2f0c18033ea4b4b6a4
commit 2fa436b3a2a7009c11a3bc03fe0ff4c26e80fd87 upstream.
NL80211_ATTR_MAC was used to set both the specific BSSID to be scanned
and the random MAC address to be used when privacy is enabled. When both
the features are enabled, both the BSSID and the local MAC address were
getting same value causing Probe Request frames to go with unintended
DA. Hence, this has been fixed by using a different NL80211_ATTR_BSSID
attribute to set the specific BSSID (which was the more recent addition
in cfg80211) for a scan.
Backwards compatibility with old userspace software is maintained to
some extent by allowing NL80211_ATTR_MAC to be used to set the specific
BSSID when scanning without enabling random MAC address use.
Scanning with random source MAC address was introduced by commit
ad2b26abc157 ("cfg80211: allow drivers to support random MAC addresses
for scan") and the issue was introduced with the addition of the second
user for the same attribute in commit 818965d39177 ("cfg80211: Allow a
scan request for a specific BSSID").
Fixes: 818965d39177 ("cfg80211: Allow a scan request for a specific BSSID")
Signed-off-by: Vamsi Krishna <vamsin@qti.qualcomm.com>
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
cfg80211/mac80211: fix BSS leaks when abandoning assoc attempts2017-01-09T07:32:17ZJohannes Bergjohannes.berg@intel.com2016-12-08T16:22:09Zurn:sha1:1976c7689a58405e076d7443e4f9f4805d86d935
commit e6f462df9acd2a3295e5d34eb29e2823220cf129 upstream.
When mac80211 abandons an association attempt, it may free
all the data structures, but inform cfg80211 and userspace
about it only by sending the deauth frame it received, in
which case cfg80211 has no link to the BSS struct that was
used and will not cfg80211_unhold_bss() it.
Fix this by providing a way to inform cfg80211 of this with
the BSS entry passed, so that it can clean up properly, and
use this ability in the appropriate places in mac80211.
This isn't ideal: some code is more or less duplicated and
tracing is missing. However, it's a fairly small change and
it's thus easier to backport - cleanups can come later.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
cfg80211: limit scan results cache size2016-11-18T07:44:44ZJohannes Bergjohannes.berg@intel.com2016-11-15T11:05:11Zurn:sha1:9853a55ef1bb66d7411136046060bbfb69c714fa
It's possible to make scanning consume almost arbitrary amounts
of memory, e.g. by sending beacon frames with random BSSIDs at
high rates while somebody is scanning.
Limit the number of BSS table entries we're willing to cache to
1000, limiting maximum memory usage to maybe 4-5MB, but lower
in practice - that would be the case for having both full-sized
beacon and probe response frames for each entry; this seems not
possible in practice, so a limit of 1000 entries will likely be
closer to 0.5 MB.
Cc: stable@vger.kernel.org
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
cfg80211: add bitrate for 20MHz MCS 92016-11-15T13:34:00ZPedersen, Thomastwp@qca.qualcomm.com2016-10-31T18:28:40Zurn:sha1:8fdd136f2200e6b7237e7e48453f4a591d768e3e
Some drivers (ath10k) report MCS 9 @ 20MHz, which
technically isn't defined. To get more meaningful value
than 0 out of this however, just extrapolate a bitrate
from ratio of MCS 7 and 9 in channels where it is allowed.
Signed-off-by: Thomas Pedersen <twp@qca.qualcomm.com>
[add a comment about it in the code]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
cfg80211: process events caused by suspend before suspending2016-10-26T05:59:52ZJohannes Bergjohannes.berg@intel.com2016-10-26T05:56:59Zurn:sha1:e1957dba5b54b9c9b1d16f9d5f3f8d41d82bee41
When suspending without WoWLAN, cfg80211 will ask drivers to
disconnect. Even when the driver does this synchronously, and
immediately returns with a notification, cfg80211 schedules
the handling thereof to a workqueue, and may then call back
into the driver when the driver was already suspended/ing.
Fix this by processing all events caused by cfg80211_leave_all()
directly after that function returns. The driver still needs to
do the right thing here and wait for the firmware response, but
that is - at least - true for mwifiex where this occurred.
Reported-by: Amitkumar Karwar <akarwar@marvell.com>
Tested-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
cfg80211: add ability to check DA/SA in A-MSDU decapsulation2016-10-12T07:19:10ZJohannes Bergjohannes.berg@intel.com2016-10-05T14:17:01Zurn:sha1:8b935ee2ea17db720d70f6420f77f594c0c93f75
We should not accept arbitrary DA/SA inside A-MSDUs, it could be used
to circumvent protections, like allowing a station to send frames and
make them seem to come from somewhere else.
Add the necessary infrastructure in cfg80211 to allow such checks, in
further patches we'll start using them.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
cfg80211: let ieee80211_amsdu_to_8023s() take only header-less SKB2016-10-12T07:19:10ZJohannes Bergjohannes.berg@intel.com2016-10-05T13:29:49Zurn:sha1:7f6990c830f3e8d703f13d7963acf51936c52ad2
There's only a single case where has_80211_header is passed as true,
which is in mac80211. Given that there's only simple code that needs
to be done before calling it, export that function from cfg80211
instead and let mac80211 call it itself.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Merge remote-tracking branch 'net-next/master' into mac80211-next2016-10-04T07:46:44ZJohannes Bergjohannes.berg@intel.com2016-10-04T07:22:19Zurn:sha1:1e1430d5282bc3a572465ef3261eea793d98a653
Resolve the merge conflict between Felix's/my and Toke's patches
coming into the tree through net and mac80211-next respectively.
Most of Felix's changes go away due to Toke's new infrastructure
work, my patch changes to "goto begin" (the label wasn't there
before) instead of returning NULL so flow control towards drivers
is preserved better.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
cfg80211: Provide an API to report NAN function termination2016-09-30T11:21:37ZAyala Bekerayala.beker@intel.com2016-09-20T14:31:18Zurn:sha1:368e5a7b4ecb71b3d347799cb9351b0dce5dec70
Provide a function that reports NAN DE function termination. The function
may be terminated due to one of the following reasons: user request,
ttl expiration or failure.
If the NAN instance is tied to the owner, the notification will be
sent to the socket that started the NAN interface only
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>