1. 30 Mar, 2015 2 commits
  2. 06 Mar, 2015 1 commit
    • Ilan peer's avatar
      cfg80211: Add API to change the indoor regulatory setting · 05050753
      Ilan peer authored
      Previously, the indoor setting configuration assumed that as
      long as a station interface is connected, the indoor environment
      setting does not change. However, this assumption is problematic
      as:
      
      - It is possible that a station interface is connected to a mobile
        AP, e.g., softAP or a P2P GO, where it is possible that both the
        station and the mobile AP move out of the indoor environment making
        the indoor setting invalid. In such a case, user space has no way to
        invalidate the setting.
      - A station interface disconnection does not necessarily imply that
        the device is no longer operating in an indoor environment, e.g.,
        it is possible that the station interface is roaming but is still
        stays indoor.
      
      To handle the above, extend the indoor configuration API to allow
      user space to indicate a change of indoor settings, and allow it to
      indicate weather it controls the indoor setting, such that:
      
      1. If the user space process explicitly indicates that it is going
         to control the indoor setting, do not clear the indoor setting
         internally, unless the socket is released. The user space process
         should use the NL80211_ATTR_SOCKET_OWNER attribute in the command
         to state that it is going to control the indoor setting.
      2. Reset the indoor setting when restoring the regulatory settings in
         case it is not owned by a user space process.
      
      Based on the above, a user space tool that continuously monitors the
      indoor settings, i.e., tracking power setting, location etc., can
      indicate environment changes to the regulatory core.
      
      It should be noted that currently user space is the only provided mechanism
      used to hint to the regulatory core over the indoor/outdoor environment --
      while the country IEs do have an environment setting this has been completely
      ignored by the regulatory core by design for a while now since country IEs
      typically can contain bogus data.
      Acked-by: default avatarLuis R. Rodriguez <mcgrof@suse.com>
      Signed-off-by: default avatarArikX Nemtsov <arik@wizery.com>
      Signed-off-by: default avatarIlan Peer <ilan.peer@intel.com>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      05050753
  3. 04 Mar, 2015 1 commit
    • Johannes Berg's avatar
      nl80211: prohibit mixing 'any' and regular wowlan triggers · 98fc4386
      Johannes Berg authored
      If the device supports waking up on 'any' signal - i.e. it continues
      operating as usual and wakes up the host on pretty much anything that
      happens, then it makes no sense to also configure the more restricted
      WoWLAN mode where the device operates more autonomously but also in a
      more restricted fashion.
      
      Currently only cw2100 supports both 'any' and other triggers, but it
      seems to be broken as it doesn't configure anything to the device, so
      we can't currently get into a situation where both even can correctly
      be configured. This is about to change (Intel devices are going to
      support both and have different behaviour depending on configuration)
      so make sure the conflicting modes cannot be configured.
      
      (It seems that cw2100 advertises 'any' and 'disconnect' as a means of
      saying that's what it will always do, but that isn't really the way
      this API was meant to be used nor does it actually mean anything as
      'any' always implies 'disconnect' already, and the driver doesn't
      change device configuration in any way depending on the settings.)
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      98fc4386
  4. 03 Mar, 2015 2 commits
  5. 28 Feb, 2015 1 commit
    • Masashi Honma's avatar
      nl/mac80211: allow zero plink timeout to disable STA expiration · 31f909a2
      Masashi Honma authored
      Both wpa_supplicant and mac80211 have and inactivity timer. By default
      wpa_supplicant will be timed out in 5 minutes and mac80211's it is 30
      minutes. If wpa_supplicant uses a longer timer than mac80211, it will
      get unexpected disconnection by mac80211.
      
      Using 0xffffffff instead as the configured value could solve this w/o
      changing the code, but due to integer overflow in the expression used
      this doesn't work. The expression is:
      
      (current jiffies) > (frame Rx jiffies + NL80211_MESHCONF_PLINK_TIMEOUT * 250)
      
      On 32bit system, the right side would overflow and be a very small
      value if NL80211_MESHCONF_PLINK_TIMEOUT is sufficiently large,
      causing unexpectedly early disconnections.
      
      Instead allow disabling the inactivity timer to avoid this situation,
      by passing the (previously invalid and useless) value 0.
      Signed-off-by: default avatarMasashi Honma <masashi.honma@gmail.com>
      [reword/rewrap commit log]
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      31f909a2
  6. 23 Jan, 2015 4 commits
  7. 17 Jan, 2015 1 commit
    • Johannes Berg's avatar
      netlink: make nlmsg_end() and genlmsg_end() void · 053c095a
      Johannes Berg authored
      Contrary to common expectations for an "int" return, these functions
      return only a positive value -- if used correctly they cannot even
      return 0 because the message header will necessarily be in the skb.
      
      This makes the very common pattern of
      
        if (genlmsg_end(...) < 0) { ... }
      
      be a whole bunch of dead code. Many places also simply do
      
        return nlmsg_end(...);
      
      and the caller is expected to deal with it.
      
      This also commonly (at least for me) causes errors, because it is very
      common to write
      
        if (my_function(...))
          /* error condition */
      
      and if my_function() does "return nlmsg_end()" this is of course wrong.
      
      Additionally, there's not a single place in the kernel that actually
      needs the message length returned, and if anyone needs it later then
      it'll be very easy to just use skb->len there.
      
      Remove this, and make the functions void. This removes a bunch of dead
      code as described above. The patch adds lines because I did
      
      -	return nlmsg_end(...);
      +	nlmsg_end(...);
      +	return 0;
      
      I could have preserved all the function's return values by returning
      skb->len, but instead I've audited all the places calling the affected
      functions and found that none cared. A few places actually compared
      the return value with <= 0 in dump functionality, but that could just
      be changed to < 0 with no change in behaviour, so I opted for the more
      efficient version.
      
      One instance of the error I've made numerous times now is also present
      in net/phonet/pn_netlink.c in the route_dumpit() function - it didn't
      check for <0 or <=0 and thus broke out of the loop every single time.
      I've preserved this since it will (I think) have caused the messages to
      userspace to be formatted differently with just a single message for
      every SKB returned to userspace. It's possible that this isn't needed
      for the tools that actually use this, but I don't even know what they
      are so couldn't test that changing this behaviour would be acceptable.
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      053c095a
  8. 16 Jan, 2015 1 commit
  9. 15 Jan, 2015 2 commits
    • Johannes Berg's avatar
      cfg80211: change bandwidth reporting to explicit field · b51f3bee
      Johannes Berg authored
      For some reason, we made the bandwidth separate flags, which
      is rather confusing - a single rate cannot have different
      bandwidths at the same time.
      
      Change this to no longer be flags but use a separate field
      for the bandwidth ('bw') instead.
      
      While at it, add support for 5 and 10 MHz rates - these are
      reported as regular legacy rates with their real bitrate,
      but tagged as 5/10 now to make it easier to distinguish them.
      
      In the nl80211 API, the flags are preserved, but the code
      now can also clearly only set a single one of the flags.
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      b51f3bee
    • Johannes Berg's avatar
      cfg80211: remove 80+80 MHz rate reporting · 97d910d0
      Johannes Berg authored
      These rates are treated the same as 160 MHz in the spec, so
      it makes no sense to distinguish them. As no driver uses them
      yet, this is also not a problem, just remove them.
      
      In the userspace API the field remains reserved to preserve
      API and ABI.
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      97d910d0
  10. 14 Jan, 2015 1 commit
  11. 08 Jan, 2015 7 commits
  12. 06 Jan, 2015 2 commits
  13. 18 Dec, 2014 2 commits
  14. 17 Dec, 2014 3 commits
  15. 12 Dec, 2014 1 commit
    • Luciano Coelho's avatar
      nl80211: check matches array length before acessing it · f89f46cf
      Luciano Coelho authored
      If the userspace passes a malformed sched scan request (or a net
      detect wowlan configuration) by adding a NL80211_ATTR_SCHED_SCAN_MATCH
      attribute without any nested matchsets, a NULL pointer dereference
      will occur.  Fix this by checking that we do have matchsets in our
      array before trying to access it.
      
      BUG: unable to handle kernel NULL pointer dereference at 0000000000000024
      IP: [<ffffffffa002fd69>] nl80211_parse_sched_scan.part.67+0x6e9/0x900 [cfg80211]
      PGD 865c067 PUD 865b067 PMD 0
      Oops: 0002 [#1] SMP
      Modules linked in: iwlmvm(O) iwlwifi(O) mac80211(O) cfg80211(O) compat(O) [last unloaded: compat]
      CPU: 2 PID: 2442 Comm: iw Tainted: G           O   3.17.2 #31
      Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
      task: ffff880013800790 ti: ffff880008d80000 task.ti: ffff880008d80000
      RIP: 0010:[<ffffffffa002fd69>]  [<ffffffffa002fd69>] nl80211_parse_sched_scan.part.67+0x6e9/0x900 [cfg80211]
      RSP: 0018:ffff880008d838d0  EFLAGS: 00010293
      RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
      RDX: 000000000000143c RSI: 0000000000000000 RDI: ffff880008ee8dd0
      RBP: ffff880008d83948 R08: 0000000000000002 R09: 0000000000000019
      R10: ffff88001d1b3c40 R11: 0000000000000002 R12: ffff880019e85e00
      R13: 00000000fffffed4 R14: ffff880009757800 R15: 0000000000001388
      FS:  00007fa3b6d13700(0000) GS:ffff88003e200000(0000) knlGS:0000000000000000
      CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
      CR2: 0000000000000024 CR3: 0000000008670000 CR4: 00000000000006e0
      Stack:
       ffff880009757800 ffff880000000001 0000000000000000 ffff880008ee84e0
       0000000000000000 ffff880009757800 00000000fffffed4 ffff880008d83948
       ffffffff814689c9 ffff880009757800 ffff880008ee8000 0000000000000000
      Call Trace:
       [<ffffffff814689c9>] ? nla_parse+0xb9/0x120
       [<ffffffffa00306de>] nl80211_set_wowlan+0x75e/0x960 [cfg80211]
       [<ffffffff810bf3d5>] ? mark_held_locks+0x75/0xa0
       [<ffffffff8161a77b>] genl_family_rcv_msg+0x18b/0x360
       [<ffffffff810bf66d>] ? trace_hardirqs_on+0xd/0x10
       [<ffffffff8161a9d4>] genl_rcv_msg+0x84/0xc0
       [<ffffffff8161a950>] ? genl_family_rcv_msg+0x360/0x360
       [<ffffffff81618e79>] netlink_rcv_skb+0xa9/0xd0
       [<ffffffff81619458>] genl_rcv+0x28/0x40
       [<ffffffff816184a5>] netlink_unicast+0x105/0x180
       [<ffffffff8161886f>] netlink_sendmsg+0x34f/0x7a0
       [<ffffffff8105a097>] ? kvm_clock_read+0x27/0x40
       [<ffffffff815c644d>] sock_sendmsg+0x8d/0xc0
       [<ffffffff811a75c9>] ? might_fault+0xb9/0xc0
       [<ffffffff811a756e>] ? might_fault+0x5e/0xc0
       [<ffffffff815d5d26>] ? verify_iovec+0x56/0xe0
       [<ffffffff815c73e0>] ___sys_sendmsg+0x3d0/0x3e0
       [<ffffffff810a7be8>] ? sched_clock_cpu+0x98/0xd0
       [<ffffffff810611b4>] ? __do_page_fault+0x254/0x580
       [<ffffffff810bb39f>] ? up_read+0x1f/0x40
       [<ffffffff810611b4>] ? __do_page_fault+0x254/0x580
       [<ffffffff812146ed>] ? __fget_light+0x13d/0x160
       [<ffffffff815c7b02>] __sys_sendmsg+0x42/0x80
       [<ffffffff815c7b52>] SyS_sendmsg+0x12/0x20
       [<ffffffff81751f69>] system_call_fastpath+0x16/0x1b
      
      Fixes: ea73cbce ("nl80211: fix scheduled scan RSSI matchset attribute confusion")
      Cc: stable@vger.kernel.org [3.15+]
      Signed-off-by: default avatarLuciano Coelho <luciano.coelho@intel.com>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      f89f46cf
  16. 28 Nov, 2014 1 commit
  17. 27 Nov, 2014 1 commit
  18. 26 Nov, 2014 2 commits
  19. 25 Nov, 2014 1 commit
  20. 19 Nov, 2014 4 commits