tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6
Conflicts:
drivers/net/wireless/ath/ath9k/init.c
+197
-205
-1
MAINTAINERS
-1
MAINTAINERS
···
3323
3323
F: include/linux/wimax/i2400m.h
3324
3324
3325
3325
INTEL WIRELESS WIFI LINK (iwlwifi)
3326
-
M: Reinette Chatre <reinette.chatre@intel.com>
3327
3326
M: Wey-Yi Guy <wey-yi.w.guy@intel.com>
3328
3327
M: Intel Linux Wireless <ilw@linux.intel.com>
3329
3328
L: linux-wireless@vger.kernel.org
+21
-56
drivers/bluetooth/ath3k.c
+21
-56
drivers/bluetooth/ath3k.c
···
47
47
#define USB_REQ_DFU_DNLOAD 1
48
48
#define BULK_SIZE 4096
49
49
50
-
struct ath3k_data {
51
-
struct usb_device *udev;
52
-
u8 *fw_data;
53
-
u32 fw_size;
54
-
u32 fw_sent;
55
-
};
56
-
57
-
static int ath3k_load_firmware(struct ath3k_data *data,
58
-
unsigned char *firmware,
59
-
int count)
50
+
static int ath3k_load_firmware(struct usb_device *udev,
51
+
const struct firmware *firmware)
60
52
{
61
53
u8 *send_buf;
62
54
int err, pipe, len, size, sent = 0;
55
+
int count = firmware->size;
63
56
64
-
BT_DBG("ath3k %p udev %p", data, data->udev);
57
+
BT_DBG("udev %p", udev);
65
58
66
-
pipe = usb_sndctrlpipe(data->udev, 0);
67
-
68
-
if ((usb_control_msg(data->udev, pipe,
69
-
USB_REQ_DFU_DNLOAD,
70
-
USB_TYPE_VENDOR, 0, 0,
71
-
firmware, 20, USB_CTRL_SET_TIMEOUT)) < 0) {
72
-
BT_ERR("Can't change to loading configuration err");
73
-
return -EBUSY;
74
-
}
75
-
sent += 20;
76
-
count -= 20;
59
+
pipe = usb_sndctrlpipe(udev, 0);
77
60
78
61
send_buf = kmalloc(BULK_SIZE, GFP_ATOMIC);
79
62
if (!send_buf) {
···
64
81
return -ENOMEM;
65
82
}
66
83
84
+
memcpy(send_buf, firmware->data, 20);
85
+
if ((err = usb_control_msg(udev, pipe,
86
+
USB_REQ_DFU_DNLOAD,
87
+
USB_TYPE_VENDOR, 0, 0,
88
+
send_buf, 20, USB_CTRL_SET_TIMEOUT)) < 0) {
89
+
BT_ERR("Can't change to loading configuration err");
90
+
goto error;
91
+
}
92
+
sent += 20;
93
+
count -= 20;
94
+
67
95
while (count) {
68
96
size = min_t(uint, count, BULK_SIZE);
69
-
pipe = usb_sndbulkpipe(data->udev, 0x02);
70
-
memcpy(send_buf, firmware + sent, size);
97
+
pipe = usb_sndbulkpipe(udev, 0x02);
98
+
memcpy(send_buf, firmware->data + sent, size);
71
99
72
-
err = usb_bulk_msg(data->udev, pipe, send_buf, size,
100
+
err = usb_bulk_msg(udev, pipe, send_buf, size,
73
101
&len, 3000);
74
102
75
103
if (err || (len != size)) {
···
106
112
{
107
113
const struct firmware *firmware;
108
114
struct usb_device *udev = interface_to_usbdev(intf);
109
-
struct ath3k_data *data;
110
-
int size;
111
115
112
116
BT_DBG("intf %p id %p", intf, id);
113
117
114
118
if (intf->cur_altsetting->desc.bInterfaceNumber != 0)
115
119
return -ENODEV;
116
120
117
-
data = kzalloc(sizeof(*data), GFP_KERNEL);
118
-
if (!data)
119
-
return -ENOMEM;
120
-
121
-
data->udev = udev;
122
-
123
121
if (request_firmware(&firmware, "ath3k-1.fw", &udev->dev) < 0) {
124
-
kfree(data);
125
122
return -EIO;
126
123
}
127
124
128
-
size = max_t(uint, firmware->size, 4096);
129
-
data->fw_data = kmalloc(size, GFP_KERNEL);
130
-
if (!data->fw_data) {
125
+
if (ath3k_load_firmware(udev, firmware)) {
131
126
release_firmware(firmware);
132
-
kfree(data);
133
-
return -ENOMEM;
134
-
}
135
-
136
-
memcpy(data->fw_data, firmware->data, firmware->size);
137
-
data->fw_size = firmware->size;
138
-
data->fw_sent = 0;
139
-
release_firmware(firmware);
140
-
141
-
usb_set_intfdata(intf, data);
142
-
if (ath3k_load_firmware(data, data->fw_data, data->fw_size)) {
143
-
usb_set_intfdata(intf, NULL);
144
-
kfree(data->fw_data);
145
-
kfree(data);
146
127
return -EIO;
147
128
}
129
+
release_firmware(firmware);
148
130
149
131
return 0;
150
132
}
151
133
152
134
static void ath3k_disconnect(struct usb_interface *intf)
153
135
{
154
-
struct ath3k_data *data = usb_get_intfdata(intf);
155
-
156
136
BT_DBG("ath3k_disconnect intf %p", intf);
157
-
158
-
kfree(data->fw_data);
159
-
kfree(data);
160
137
}
161
138
162
139
static struct usb_driver ath3k_driver = {
+4
drivers/net/wireless/ath/ath5k/base.c
+4
drivers/net/wireless/ath/ath5k/base.c
···
2280
2280
int i;
2281
2281
bool needreset = false;
2282
2282
2283
+
mutex_lock(&sc->lock);
2284
+
2283
2285
for (i = 0; i < ARRAY_SIZE(sc->txqs); i++) {
2284
2286
if (sc->txqs[i].setup) {
2285
2287
txq = &sc->txqs[i];
···
2308
2306
"TX queues stuck, resetting\n");
2309
2307
ath5k_reset(sc, NULL, true);
2310
2308
}
2309
+
2310
+
mutex_unlock(&sc->lock);
2311
2311
2312
2312
ieee80211_queue_delayed_work(sc->hw, &sc->tx_complete_work,
2313
2313
msecs_to_jiffies(ATH5K_TX_COMPLETE_POLL_INT));
+2
-2
drivers/net/wireless/ath/ath5k/dma.c
+2
-2
drivers/net/wireless/ath/ath5k/dma.c
+1
-3
drivers/net/wireless/ath/ath5k/pcu.c
+1
-3
drivers/net/wireless/ath/ath5k/pcu.c
···
86
86
if (!ah->ah_bwmode) {
87
87
dur = ieee80211_generic_frame_duration(sc->hw,
88
88
NULL, len, rate);
89
-
return dur;
89
+
return le16_to_cpu(dur);
90
90
}
91
91
92
92
bitrate = rate->bitrate;
···
264
264
* ieee80211_duration() for a brief description of
265
265
* what rate we should choose to TX ACKs. */
266
266
tx_time = ath5k_hw_get_frame_duration(ah, 10, rate);
267
-
268
-
tx_time = le16_to_cpu(tx_time);
269
267
270
268
ath5k_hw_reg_write(ah, tx_time, reg);
271
269
+5
-5
drivers/net/wireless/ath/ath9k/ar9002_calib.c
+5
-5
drivers/net/wireless/ath/ath9k/ar9002_calib.c
···
679
679
680
680
/* Do NF cal only at longer intervals */
681
681
if (longcal || nfcal_pending) {
682
-
/* Do periodic PAOffset Cal */
683
-
ar9002_hw_pa_cal(ah, false);
684
-
ar9002_hw_olc_temp_compensation(ah);
685
-
686
682
/*
687
683
* Get the value from the previous NF cal and update
688
684
* history buffer.
···
693
697
ath9k_hw_loadnf(ah, ah->curchan);
694
698
}
695
699
696
-
if (longcal)
700
+
if (longcal) {
697
701
ath9k_hw_start_nfcal(ah, false);
702
+
/* Do periodic PAOffset Cal */
703
+
ar9002_hw_pa_cal(ah, false);
704
+
ar9002_hw_olc_temp_compensation(ah);
705
+
}
698
706
}
699
707
700
708
return iscaldone;
+1
-2
drivers/net/wireless/ath/ath9k/ar9002_hw.c
+1
-2
drivers/net/wireless/ath/ath9k/ar9002_hw.c
+1
-1
drivers/net/wireless/ath/ath9k/ar9003_2p2_initvals.h
+1
-1
drivers/net/wireless/ath/ath9k/ar9003_2p2_initvals.h
+2
-2
drivers/net/wireless/ath/ath9k/ar9003_hw.c
+2
-2
drivers/net/wireless/ath/ath9k/ar9003_hw.c
···
146
146
/* Sleep Setting */
147
147
148
148
INIT_INI_ARRAY(&ah->iniPcieSerdesLowPower,
149
-
ar9300PciePhy_clkreq_enable_L1_2p2,
150
-
ARRAY_SIZE(ar9300PciePhy_clkreq_enable_L1_2p2),
149
+
ar9300PciePhy_pll_on_clkreq_disable_L1_2p2,
150
+
ARRAY_SIZE(ar9300PciePhy_pll_on_clkreq_disable_L1_2p2),
151
151
2);
152
152
153
153
/* Fast clock modal settings */
+1
-1
drivers/net/wireless/ath/ath9k/htc.h
+1
-1
drivers/net/wireless/ath/ath9k/htc.h
-3
drivers/net/wireless/ath/ath9k/htc_drv_init.c
-3
drivers/net/wireless/ath/ath9k/htc_drv_init.c
+15
-6
drivers/net/wireless/ath/ath9k/htc_drv_main.c
+15
-6
drivers/net/wireless/ath/ath9k/htc_drv_main.c
···
1026
1026
int ret = 0;
1027
1027
u8 cmd_rsp;
1028
1028
1029
-
/* Cancel all the running timers/work .. */
1030
-
cancel_work_sync(&priv->fatal_work);
1031
-
cancel_work_sync(&priv->ps_work);
1032
-
cancel_delayed_work_sync(&priv->ath9k_led_blink_work);
1033
-
ath9k_led_stop_brightness(priv);
1034
-
1035
1029
mutex_lock(&priv->mutex);
1036
1030
1037
1031
if (priv->op_flags & OP_INVALID) {
···
1039
1045
WMI_CMD(WMI_DISABLE_INTR_CMDID);
1040
1046
WMI_CMD(WMI_DRAIN_TXQ_ALL_CMDID);
1041
1047
WMI_CMD(WMI_STOP_RECV_CMDID);
1048
+
1049
+
tasklet_kill(&priv->swba_tasklet);
1050
+
tasklet_kill(&priv->rx_tasklet);
1051
+
tasklet_kill(&priv->tx_tasklet);
1052
+
1042
1053
skb_queue_purge(&priv->tx_queue);
1054
+
1055
+
mutex_unlock(&priv->mutex);
1056
+
1057
+
/* Cancel all the running timers/work .. */
1058
+
cancel_work_sync(&priv->fatal_work);
1059
+
cancel_work_sync(&priv->ps_work);
1060
+
cancel_delayed_work_sync(&priv->ath9k_led_blink_work);
1061
+
ath9k_led_stop_brightness(priv);
1062
+
1063
+
mutex_lock(&priv->mutex);
1043
1064
1044
1065
/* Remove monitor interface here */
1045
1066
if (ah->opmode == NL80211_IFTYPE_MONITOR) {
+5
-3
drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
+5
-3
drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
···
113
113
114
114
if (ieee80211_is_data(fc)) {
115
115
struct tx_frame_hdr tx_hdr;
116
+
u32 flags = 0;
116
117
u8 *qc;
117
118
118
119
memset(&tx_hdr, 0, sizeof(struct tx_frame_hdr));
···
137
136
/* Check for RTS protection */
138
137
if (priv->hw->wiphy->rts_threshold != (u32) -1)
139
138
if (skb->len > priv->hw->wiphy->rts_threshold)
140
-
tx_hdr.flags |= ATH9K_HTC_TX_RTSCTS;
139
+
flags |= ATH9K_HTC_TX_RTSCTS;
141
140
142
141
/* CTS-to-self */
143
-
if (!(tx_hdr.flags & ATH9K_HTC_TX_RTSCTS) &&
142
+
if (!(flags & ATH9K_HTC_TX_RTSCTS) &&
144
143
(priv->op_flags & OP_PROTECT_ENABLE))
145
-
tx_hdr.flags |= ATH9K_HTC_TX_CTSONLY;
144
+
flags |= ATH9K_HTC_TX_CTSONLY;
146
145
146
+
tx_hdr.flags = cpu_to_be32(flags);
147
147
tx_hdr.key_type = ath9k_cmn_get_hw_crypto_keytype(skb);
148
148
if (tx_hdr.key_type == ATH9K_KEY_TYPE_CLEAR)
149
149
tx_hdr.keyix = (u8) ATH9K_TXKEYIX_INVALID;
+5
-1
drivers/net/wireless/ath/ath9k/hw.c
+5
-1
drivers/net/wireless/ath/ath9k/hw.c
···
369
369
else
370
370
ah->config.ht_enable = 0;
371
371
372
+
/* PAPRD needs some more work to be enabled */
373
+
ah->config.paprd_disable = 1;
374
+
372
375
ah->config.rx_intr_mitigation = true;
373
376
ah->config.pcieSerDesWrite = true;
374
377
···
1974
1971
pCap->rx_status_len = sizeof(struct ar9003_rxs);
1975
1972
pCap->tx_desc_len = sizeof(struct ar9003_txc);
1976
1973
pCap->txs_len = sizeof(struct ar9003_txs);
1977
-
if (ah->eep_ops->get_eeprom(ah, EEP_PAPRD))
1974
+
if (!ah->config.paprd_disable &&
1975
+
ah->eep_ops->get_eeprom(ah, EEP_PAPRD))
1978
1976
pCap->hw_caps |= ATH9K_HW_CAP_PAPRD;
1979
1977
} else {
1980
1978
pCap->tx_desc_len = sizeof(struct ath_desc);
+1
drivers/net/wireless/ath/ath9k/hw.h
+1
drivers/net/wireless/ath/ath9k/hw.h
+2
-5
drivers/net/wireless/ath/ath9k/init.c
+2
-5
drivers/net/wireless/ath/ath9k/init.c
···
600
600
err_queues:
601
601
ath9k_hw_deinit(ah);
602
602
err_hw:
603
-
tasklet_kill(&sc->intr_tq);
604
-
tasklet_kill(&sc->bcon_tasklet);
605
603
606
604
kfree(ah);
607
605
sc->sc_ah = NULL;
···
803
805
804
806
ath9k_hw_deinit(sc->sc_ah);
805
807
806
-
tasklet_kill(&sc->intr_tq);
807
-
tasklet_kill(&sc->bcon_tasklet);
808
-
809
808
kfree(sc->sc_ah);
810
809
sc->sc_ah = NULL;
811
810
}
···
815
820
816
821
wiphy_rfkill_stop_polling(sc->hw->wiphy);
817
822
ath_deinit_leds(sc);
823
+
824
+
ath9k_ps_restore(sc);
818
825
819
826
ieee80211_unregister_hw(hw);
820
827
pm_qos_remove_request(&sc->pm_qos_req);
+14
-5
drivers/net/wireless/ath/ath9k/main.c
+14
-5
drivers/net/wireless/ath/ath9k/main.c
···
611
611
u32 status = sc->intrstatus;
612
612
u32 rxmask;
613
613
614
-
ath9k_ps_wakeup(sc);
615
-
616
614
if (status & ATH9K_INT_FATAL) {
617
615
ath_reset(sc, true);
618
-
ath9k_ps_restore(sc);
619
616
return;
620
617
}
621
618
619
+
ath9k_ps_wakeup(sc);
622
620
spin_lock(&sc->sc_pcu_lock);
623
621
624
622
/*
···
937
939
938
940
spin_unlock_bh(&sc->sc_pcu_lock);
939
941
ath9k_ps_restore(sc);
940
-
941
-
ath9k_setpower(sc, ATH9K_PM_FULL_SLEEP);
942
942
}
943
943
944
944
int ath_reset(struct ath_softc *sc, bool retry_tx)
···
949
953
/* Stop ANI */
950
954
del_timer_sync(&common->ani.timer);
951
955
956
+
ath9k_ps_wakeup(sc);
952
957
spin_lock_bh(&sc->sc_pcu_lock);
953
958
954
959
ieee80211_stop_queues(hw);
···
996
999
997
1000
/* Start ANI */
998
1001
ath_start_ani(common);
1002
+
ath9k_ps_restore(sc);
999
1003
1000
1004
return r;
1001
1005
}
···
1218
1220
1219
1221
spin_lock_bh(&sc->sc_pcu_lock);
1220
1222
1223
+
/* prevent tasklets to enable interrupts once we disable them */
1224
+
ah->imask &= ~ATH9K_INT_GLOBAL;
1225
+
1221
1226
/* make sure h/w will not generate any interrupt
1222
1227
* before setting the invalid flag. */
1223
1228
ath9k_hw_disable_interrupts(ah);
···
1242
1241
ath9k_hw_configpcipowersave(ah, 1, 1);
1243
1242
1244
1243
spin_unlock_bh(&sc->sc_pcu_lock);
1244
+
1245
+
/* we can now sync irq and kill any running tasklets, since we already
1246
+
* disabled interrupts and not holding a spin lock */
1247
+
synchronize_irq(sc->irq);
1248
+
tasklet_kill(&sc->intr_tq);
1249
+
tasklet_kill(&sc->bcon_tasklet);
1245
1250
1246
1251
ath9k_ps_restore(sc);
1247
1252
···
1713
1706
1714
1707
if (changed & IEEE80211_CONF_CHANGE_POWER) {
1715
1708
sc->config.txpowlimit = 2 * conf->power_level;
1709
+
ath9k_ps_wakeup(sc);
1716
1710
ath_update_txpow(sc);
1711
+
ath9k_ps_restore(sc);
1717
1712
}
1718
1713
1719
1714
if (disable_radio) {
-2
drivers/net/wireless/ath/ath9k/xmit.c
-2
drivers/net/wireless/ath/ath9k/xmit.c
···
2173
2173
if (needreset) {
2174
2174
ath_dbg(ath9k_hw_common(sc->sc_ah), ATH_DBG_RESET,
2175
2175
"tx hung, resetting the chip\n");
2176
-
ath9k_ps_wakeup(sc);
2177
2176
ath_reset(sc, true);
2178
-
ath9k_ps_restore(sc);
2179
2177
}
2180
2178
2181
2179
ieee80211_queue_delayed_work(sc->hw, &sc->tx_complete_work,
+1
drivers/net/wireless/iwlwifi/iwl-4965.c
+1
drivers/net/wireless/iwlwifi/iwl-4965.c
···
2629
2629
.fw_name_pre = IWL4965_FW_PRE,
2630
2630
.ucode_api_max = IWL4965_UCODE_API_MAX,
2631
2631
.ucode_api_min = IWL4965_UCODE_API_MIN,
2632
+
.sku = IWL_SKU_A|IWL_SKU_G|IWL_SKU_N,
2632
2633
.valid_tx_ant = ANT_AB,
2633
2634
.valid_rx_ant = ANT_ABC,
2634
2635
.eeprom_ver = EEPROM_4965_EEPROM_VERSION,
+8
-5
drivers/net/wireless/iwlwifi/iwl-agn-eeprom.c
+8
-5
drivers/net/wireless/iwlwifi/iwl-agn-eeprom.c
···
152
152
153
153
eeprom_sku = iwl_eeprom_query16(priv, EEPROM_SKU_CAP);
154
154
155
-
priv->cfg->sku = ((eeprom_sku & EEPROM_SKU_CAP_BAND_SELECTION) >>
155
+
if (!priv->cfg->sku) {
156
+
/* not using sku overwrite */
157
+
priv->cfg->sku =
158
+
((eeprom_sku & EEPROM_SKU_CAP_BAND_SELECTION) >>
156
159
EEPROM_SKU_CAP_BAND_POS);
157
-
if (eeprom_sku & EEPROM_SKU_CAP_11N_ENABLE)
158
-
priv->cfg->sku |= IWL_SKU_N;
159
-
160
+
if (eeprom_sku & EEPROM_SKU_CAP_11N_ENABLE)
161
+
priv->cfg->sku |= IWL_SKU_N;
162
+
}
160
163
if (!priv->cfg->sku) {
161
164
IWL_ERR(priv, "Invalid device sku\n");
162
165
return -EINVAL;
···
171
168
/* not using .cfg overwrite */
172
169
radio_cfg = iwl_eeprom_query16(priv, EEPROM_RADIO_CONFIG);
173
170
priv->cfg->valid_tx_ant = EEPROM_RF_CFG_TX_ANT_MSK(radio_cfg);
174
-
priv->cfg->valid_rx_ant = EEPROM_RF_CFG_TX_ANT_MSK(radio_cfg);
171
+
priv->cfg->valid_rx_ant = EEPROM_RF_CFG_RX_ANT_MSK(radio_cfg);
175
172
if (!priv->cfg->valid_tx_ant || !priv->cfg->valid_rx_ant) {
176
173
IWL_ERR(priv, "Invalid chain (0X%x, 0X%x)\n",
177
174
priv->cfg->valid_tx_ant,
+2
drivers/net/wireless/iwmc3200wifi/netdev.c
+2
drivers/net/wireless/iwmc3200wifi/netdev.c
···
126
126
ndev = alloc_netdev_mq(0, "wlan%d", ether_setup, IWM_TX_QUEUES);
127
127
if (!ndev) {
128
128
dev_err(dev, "no memory for network device instance\n");
129
+
ret = -ENOMEM;
129
130
goto out_priv;
130
131
}
131
132
···
139
138
GFP_KERNEL);
140
139
if (!iwm->umac_profile) {
141
140
dev_err(dev, "Couldn't alloc memory for profile\n");
141
+
ret = -ENOMEM;
142
142
goto out_profile;
143
143
}
144
144
+1
drivers/net/wireless/rt2x00/rt2x00firmware.c
+1
drivers/net/wireless/rt2x00/rt2x00firmware.c
+1
drivers/net/wireless/rt2x00/rt73usb.c
+1
drivers/net/wireless/rt2x00/rt73usb.c
···
2446
2446
{ USB_DEVICE(0x04bb, 0x093d), USB_DEVICE_DATA(&rt73usb_ops) },
2447
2447
{ USB_DEVICE(0x148f, 0x2573), USB_DEVICE_DATA(&rt73usb_ops) },
2448
2448
{ USB_DEVICE(0x148f, 0x2671), USB_DEVICE_DATA(&rt73usb_ops) },
2449
+
{ USB_DEVICE(0x0812, 0x3101), USB_DEVICE_DATA(&rt73usb_ops) },
2449
2450
/* Qcom */
2450
2451
{ USB_DEVICE(0x18e8, 0x6196), USB_DEVICE_DATA(&rt73usb_ops) },
2451
2452
{ USB_DEVICE(0x18e8, 0x6229), USB_DEVICE_DATA(&rt73usb_ops) },
+20
-20
drivers/net/wireless/rtlwifi/efuse.c
+20
-20
drivers/net/wireless/rtlwifi/efuse.c
···
726
726
}
727
727
728
728
static void efuse_write_data_case1(struct ieee80211_hw *hw, u16 *efuse_addr,
729
-
u8 efuse_data, u8 offset, int *bcontinual,
730
-
u8 *write_state, struct pgpkt_struct target_pkt,
731
-
int *repeat_times, int *bresult, u8 word_en)
729
+
u8 efuse_data, u8 offset, int *bcontinual,
730
+
u8 *write_state, struct pgpkt_struct *target_pkt,
731
+
int *repeat_times, int *bresult, u8 word_en)
732
732
{
733
733
struct rtl_priv *rtlpriv = rtl_priv(hw);
734
734
struct pgpkt_struct tmp_pkt;
···
744
744
tmp_pkt.word_en = tmp_header & 0x0F;
745
745
tmp_word_cnts = efuse_calculate_word_cnts(tmp_pkt.word_en);
746
746
747
-
if (tmp_pkt.offset != target_pkt.offset) {
748
-
efuse_addr = efuse_addr + (tmp_word_cnts * 2) + 1;
747
+
if (tmp_pkt.offset != target_pkt->offset) {
748
+
*efuse_addr = *efuse_addr + (tmp_word_cnts * 2) + 1;
749
749
*write_state = PG_STATE_HEADER;
750
750
} else {
751
751
for (tmpindex = 0; tmpindex < (tmp_word_cnts * 2); tmpindex++) {
···
756
756
}
757
757
758
758
if (bdataempty == false) {
759
-
efuse_addr = efuse_addr + (tmp_word_cnts * 2) + 1;
759
+
*efuse_addr = *efuse_addr + (tmp_word_cnts * 2) + 1;
760
760
*write_state = PG_STATE_HEADER;
761
761
} else {
762
762
match_word_en = 0x0F;
763
-
if (!((target_pkt.word_en & BIT(0)) |
763
+
if (!((target_pkt->word_en & BIT(0)) |
764
764
(tmp_pkt.word_en & BIT(0))))
765
765
match_word_en &= (~BIT(0));
766
766
767
-
if (!((target_pkt.word_en & BIT(1)) |
767
+
if (!((target_pkt->word_en & BIT(1)) |
768
768
(tmp_pkt.word_en & BIT(1))))
769
769
match_word_en &= (~BIT(1));
770
770
771
-
if (!((target_pkt.word_en & BIT(2)) |
771
+
if (!((target_pkt->word_en & BIT(2)) |
772
772
(tmp_pkt.word_en & BIT(2))))
773
773
match_word_en &= (~BIT(2));
774
774
775
-
if (!((target_pkt.word_en & BIT(3)) |
775
+
if (!((target_pkt->word_en & BIT(3)) |
776
776
(tmp_pkt.word_en & BIT(3))))
777
777
match_word_en &= (~BIT(3));
778
778
···
780
780
badworden = efuse_word_enable_data_write(
781
781
hw, *efuse_addr + 1,
782
782
tmp_pkt.word_en,
783
-
target_pkt.data);
783
+
target_pkt->data);
784
784
785
785
if (0x0F != (badworden & 0x0F)) {
786
786
u8 reorg_offset = offset;
···
791
791
}
792
792
793
793
tmp_word_en = 0x0F;
794
-
if ((target_pkt.word_en & BIT(0)) ^
794
+
if ((target_pkt->word_en & BIT(0)) ^
795
795
(match_word_en & BIT(0)))
796
796
tmp_word_en &= (~BIT(0));
797
797
798
-
if ((target_pkt.word_en & BIT(1)) ^
798
+
if ((target_pkt->word_en & BIT(1)) ^
799
799
(match_word_en & BIT(1)))
800
800
tmp_word_en &= (~BIT(1));
801
801
802
-
if ((target_pkt.word_en & BIT(2)) ^
802
+
if ((target_pkt->word_en & BIT(2)) ^
803
803
(match_word_en & BIT(2)))
804
804
tmp_word_en &= (~BIT(2));
805
805
806
-
if ((target_pkt.word_en & BIT(3)) ^
806
+
if ((target_pkt->word_en & BIT(3)) ^
807
807
(match_word_en & BIT(3)))
808
808
tmp_word_en &= (~BIT(3));
809
809
810
810
if ((tmp_word_en & 0x0F) != 0x0F) {
811
811
*efuse_addr = efuse_get_current_size(hw);
812
-
target_pkt.offset = offset;
813
-
target_pkt.word_en = tmp_word_en;
812
+
target_pkt->offset = offset;
813
+
target_pkt->word_en = tmp_word_en;
814
814
} else
815
815
*bcontinual = false;
816
816
*write_state = PG_STATE_HEADER;
···
821
821
}
822
822
} else {
823
823
*efuse_addr += (2 * tmp_word_cnts) + 1;
824
-
target_pkt.offset = offset;
825
-
target_pkt.word_en = word_en;
824
+
target_pkt->offset = offset;
825
+
target_pkt->word_en = word_en;
826
826
*write_state = PG_STATE_HEADER;
827
827
}
828
828
}
···
938
938
efuse_write_data_case1(hw, &efuse_addr,
939
939
efuse_data, offset,
940
940
&bcontinual,
941
-
&write_state, target_pkt,
941
+
&write_state, &target_pkt,
942
942
&repeat_times, &bresult,
943
943
word_en);
944
944
else
+9
-2
drivers/net/wireless/rtlwifi/pci.c
+9
-2
drivers/net/wireless/rtlwifi/pci.c
···
619
619
struct sk_buff *uskb = NULL;
620
620
u8 *pdata;
621
621
uskb = dev_alloc_skb(skb->len + 128);
622
+
if (!uskb) {
623
+
RT_TRACE(rtlpriv,
624
+
(COMP_INTR | COMP_RECV),
625
+
DBG_EMERG,
626
+
("can't alloc rx skb\n"));
627
+
goto done;
628
+
}
622
629
memcpy(IEEE80211_SKB_RXCB(uskb),
623
630
&rx_status,
624
631
sizeof(rx_status));
···
648
641
new_skb = dev_alloc_skb(rtlpci->rxbuffersize);
649
642
if (unlikely(!new_skb)) {
650
643
RT_TRACE(rtlpriv, (COMP_INTR | COMP_RECV),
651
-
DBG_DMESG,
644
+
DBG_EMERG,
652
645
("can't alloc skb for rx\n"));
653
646
goto done;
654
647
}
···
1073
1066
struct sk_buff *skb =
1074
1067
dev_alloc_skb(rtlpci->rxbuffersize);
1075
1068
u32 bufferaddress;
1076
-
entry = &rtlpci->rx_ring[rx_queue_idx].desc[i];
1077
1069
if (!skb)
1078
1070
return 0;
1071
+
entry = &rtlpci->rx_ring[rx_queue_idx].desc[i];
1079
1072
1080
1073
/*skb->dev = dev; */
1081
1074
+1
-1
include/linux/ieee80211.h
+1
-1
include/linux/ieee80211.h
···
959
959
/* block-ack parameters */
960
960
#define IEEE80211_ADDBA_PARAM_POLICY_MASK 0x0002
961
961
#define IEEE80211_ADDBA_PARAM_TID_MASK 0x003C
962
-
#define IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK 0xFFA0
962
+
#define IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK 0xFFC0
963
963
#define IEEE80211_DELBA_PARAM_TID_MASK 0xF000
964
964
#define IEEE80211_DELBA_PARAM_INITIATOR_MASK 0x0800
965
965
+1
include/net/bluetooth/hci_core.h
+1
include/net/bluetooth/hci_core.h
+9
-7
net/bluetooth/hci_conn.c
+9
-7
net/bluetooth/hci_conn.c
···
379
379
hci_conn_hold(acl);
380
380
381
381
if (acl->state == BT_OPEN || acl->state == BT_CLOSED) {
382
-
acl->sec_level = sec_level;
382
+
acl->sec_level = BT_SECURITY_LOW;
383
+
acl->pending_sec_level = sec_level;
383
384
acl->auth_type = auth_type;
384
385
hci_acl_connect(acl);
385
-
} else {
386
-
if (acl->sec_level < sec_level)
387
-
acl->sec_level = sec_level;
388
-
if (acl->auth_type < auth_type)
389
-
acl->auth_type = auth_type;
390
386
}
391
387
392
388
if (type == ACL_LINK)
···
438
442
{
439
443
BT_DBG("conn %p", conn);
440
444
445
+
if (conn->pending_sec_level > sec_level)
446
+
sec_level = conn->pending_sec_level;
447
+
441
448
if (sec_level > conn->sec_level)
442
-
conn->sec_level = sec_level;
449
+
conn->pending_sec_level = sec_level;
443
450
else if (conn->link_mode & HCI_LM_AUTH)
444
451
return 1;
452
+
453
+
/* Make sure we preserve an existing MITM requirement*/
454
+
auth_type |= (conn->auth_type & 0x01);
445
455
446
456
conn->auth_type = auth_type;
447
457
+4
net/bluetooth/hci_core.c
+4
net/bluetooth/hci_core.c
+5
-4
net/bluetooth/hci_event.c
+5
-4
net/bluetooth/hci_event.c
···
692
692
if (conn->state != BT_CONFIG || !conn->out)
693
693
return 0;
694
694
695
-
if (conn->sec_level == BT_SECURITY_SDP)
695
+
if (conn->pending_sec_level == BT_SECURITY_SDP)
696
696
return 0;
697
697
698
698
/* Only request authentication for SSP connections or non-SSP
699
699
* devices with sec_level HIGH */
700
700
if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
701
-
conn->sec_level != BT_SECURITY_HIGH)
701
+
conn->pending_sec_level != BT_SECURITY_HIGH)
702
702
return 0;
703
703
704
704
return 1;
···
1095
1095
1096
1096
conn = hci_conn_hash_lookup_handle(hdev, __le16_to_cpu(ev->handle));
1097
1097
if (conn) {
1098
-
if (!ev->status)
1098
+
if (!ev->status) {
1099
1099
conn->link_mode |= HCI_LM_AUTH;
1100
-
else
1100
+
conn->sec_level = conn->pending_sec_level;
1101
+
} else
1101
1102
conn->sec_level = BT_SECURITY_LOW;
1102
1103
1103
1104
clear_bit(HCI_CONN_AUTH_PEND, &conn->pend);
+37
-57
net/bluetooth/l2cap.c
+37
-57
net/bluetooth/l2cap.c
···
305
305
}
306
306
}
307
307
308
+
static inline u8 l2cap_get_auth_type(struct sock *sk)
309
+
{
310
+
if (sk->sk_type == SOCK_RAW) {
311
+
switch (l2cap_pi(sk)->sec_level) {
312
+
case BT_SECURITY_HIGH:
313
+
return HCI_AT_DEDICATED_BONDING_MITM;
314
+
case BT_SECURITY_MEDIUM:
315
+
return HCI_AT_DEDICATED_BONDING;
316
+
default:
317
+
return HCI_AT_NO_BONDING;
318
+
}
319
+
} else if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) {
320
+
if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW)
321
+
l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;
322
+
323
+
if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)
324
+
return HCI_AT_NO_BONDING_MITM;
325
+
else
326
+
return HCI_AT_NO_BONDING;
327
+
} else {
328
+
switch (l2cap_pi(sk)->sec_level) {
329
+
case BT_SECURITY_HIGH:
330
+
return HCI_AT_GENERAL_BONDING_MITM;
331
+
case BT_SECURITY_MEDIUM:
332
+
return HCI_AT_GENERAL_BONDING;
333
+
default:
334
+
return HCI_AT_NO_BONDING;
335
+
}
336
+
}
337
+
}
338
+
308
339
/* Service level security */
309
340
static inline int l2cap_check_security(struct sock *sk)
310
341
{
311
342
struct l2cap_conn *conn = l2cap_pi(sk)->conn;
312
343
__u8 auth_type;
313
344
314
-
if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) {
315
-
if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)
316
-
auth_type = HCI_AT_NO_BONDING_MITM;
317
-
else
318
-
auth_type = HCI_AT_NO_BONDING;
319
-
320
-
if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW)
321
-
l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;
322
-
} else {
323
-
switch (l2cap_pi(sk)->sec_level) {
324
-
case BT_SECURITY_HIGH:
325
-
auth_type = HCI_AT_GENERAL_BONDING_MITM;
326
-
break;
327
-
case BT_SECURITY_MEDIUM:
328
-
auth_type = HCI_AT_GENERAL_BONDING;
329
-
break;
330
-
default:
331
-
auth_type = HCI_AT_NO_BONDING;
332
-
break;
333
-
}
334
-
}
345
+
auth_type = l2cap_get_auth_type(sk);
335
346
336
347
return hci_conn_security(conn->hcon, l2cap_pi(sk)->sec_level,
337
348
auth_type);
···
1079
1068
1080
1069
err = -ENOMEM;
1081
1070
1082
-
if (sk->sk_type == SOCK_RAW) {
1083
-
switch (l2cap_pi(sk)->sec_level) {
1084
-
case BT_SECURITY_HIGH:
1085
-
auth_type = HCI_AT_DEDICATED_BONDING_MITM;
1086
-
break;
1087
-
case BT_SECURITY_MEDIUM:
1088
-
auth_type = HCI_AT_DEDICATED_BONDING;
1089
-
break;
1090
-
default:
1091
-
auth_type = HCI_AT_NO_BONDING;
1092
-
break;
1093
-
}
1094
-
} else if (l2cap_pi(sk)->psm == cpu_to_le16(0x0001)) {
1095
-
if (l2cap_pi(sk)->sec_level == BT_SECURITY_HIGH)
1096
-
auth_type = HCI_AT_NO_BONDING_MITM;
1097
-
else
1098
-
auth_type = HCI_AT_NO_BONDING;
1099
-
1100
-
if (l2cap_pi(sk)->sec_level == BT_SECURITY_LOW)
1101
-
l2cap_pi(sk)->sec_level = BT_SECURITY_SDP;
1102
-
} else {
1103
-
switch (l2cap_pi(sk)->sec_level) {
1104
-
case BT_SECURITY_HIGH:
1105
-
auth_type = HCI_AT_GENERAL_BONDING_MITM;
1106
-
break;
1107
-
case BT_SECURITY_MEDIUM:
1108
-
auth_type = HCI_AT_GENERAL_BONDING;
1109
-
break;
1110
-
default:
1111
-
auth_type = HCI_AT_NO_BONDING;
1112
-
break;
1113
-
}
1114
-
}
1071
+
auth_type = l2cap_get_auth_type(sk);
1115
1072
1116
1073
hcon = hci_connect(hdev, ACL_LINK, dst,
1117
1074
l2cap_pi(sk)->sec_level, auth_type);
···
1106
1127
if (sk->sk_type != SOCK_SEQPACKET &&
1107
1128
sk->sk_type != SOCK_STREAM) {
1108
1129
l2cap_sock_clear_timer(sk);
1109
-
sk->sk_state = BT_CONNECTED;
1130
+
if (l2cap_check_security(sk))
1131
+
sk->sk_state = BT_CONNECTED;
1110
1132
} else
1111
1133
l2cap_do_start(sk);
1112
1134
}
···
1873
1893
if (pi->mode == L2CAP_MODE_STREAMING) {
1874
1894
l2cap_streaming_send(sk);
1875
1895
} else {
1876
-
if (pi->conn_state & L2CAP_CONN_REMOTE_BUSY &&
1877
-
pi->conn_state && L2CAP_CONN_WAIT_F) {
1896
+
if ((pi->conn_state & L2CAP_CONN_REMOTE_BUSY) &&
1897
+
(pi->conn_state & L2CAP_CONN_WAIT_F)) {
1878
1898
err = len;
1879
1899
break;
1880
1900
}
+2
-1
net/bluetooth/rfcomm/core.c
+2
-1
net/bluetooth/rfcomm/core.c
+2
-9
net/mac80211/agg-rx.c
+2
-9
net/mac80211/agg-rx.c
···
185
185
struct ieee80211_mgmt *mgmt,
186
186
size_t len)
187
187
{
188
-
struct ieee80211_hw *hw = &local->hw;
189
-
struct ieee80211_conf *conf = &hw->conf;
190
188
struct tid_ampdu_rx *tid_agg_rx;
191
189
u16 capab, tid, timeout, ba_policy, buf_size, start_seq_num, status;
192
190
u8 dialog_token;
···
229
231
goto end_no_lock;
230
232
}
231
233
/* determine default buffer size */
232
-
if (buf_size == 0) {
233
-
struct ieee80211_supported_band *sband;
234
-
235
-
sband = local->hw.wiphy->bands[conf->channel->band];
236
-
buf_size = IEEE80211_MIN_AMPDU_BUF;
237
-
buf_size = buf_size << sband->ht_cap.ampdu_factor;
238
-
}
234
+
if (buf_size == 0)
235
+
buf_size = IEEE80211_MAX_AMPDU_BUF;
239
236
240
237
/* make sure the size doesn't exceed the maximum supported by the hw */
241
238
if (buf_size > local->hw.max_rx_aggregation_subframes)
+11
-1
net/mac80211/main.c
+11
-1
net/mac80211/main.c
···
39
39
MODULE_PARM_DESC(ieee80211_disable_40mhz_24ghz,
40
40
"Disable 40MHz support in the 2.4GHz band");
41
41
42
+
static struct lock_class_key ieee80211_rx_skb_queue_class;
43
+
42
44
void ieee80211_configure_filter(struct ieee80211_local *local)
43
45
{
44
46
u64 mc;
···
572
570
spin_lock_init(&local->filter_lock);
573
571
spin_lock_init(&local->queue_stop_reason_lock);
574
572
575
-
skb_queue_head_init(&local->rx_skb_queue);
573
+
/*
574
+
* The rx_skb_queue is only accessed from tasklets,
575
+
* but other SKB queues are used from within IRQ
576
+
* context. Therefore, this one needs a different
577
+
* locking class so our direct, non-irq-safe use of
578
+
* the queue's lock doesn't throw lockdep warnings.
579
+
*/
580
+
skb_queue_head_init_class(&local->rx_skb_queue,
581
+
&ieee80211_rx_skb_queue_class);
576
582
577
583
INIT_DELAYED_WORK(&local->scan_work, ieee80211_scan_work);
578
584