| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
Not needed since the driver split. Eliminate redundant routine.
Signed-off-by: Don Fry <donald.h.fry@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
| |
Not needed since the driver split.
Signed-off-by: Don Fry <donald.h.fry@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
| |
Not needed since the driver split.
Signed-off-by: Don Fry <donald.h.fry@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
| |
This removes the for priv->trans.ops->...
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
| |
Not needed since the driver split.
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now, there are only two functions to send a host command:
* send_cmd that receives a iwl_host_cmd
* send_cmd_pdu that builds the iwl_host_cmd itself and received flags
The flags CMD_ASYNC / CMD_SYNC / CMD_WANT_SKB are not changed by the API
functions.
Kill the unused flags CMD_SIZE_NORMAL / CMD_NO_SKB on the way.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
| |
Code duplication was needed during the move, not needed any more.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
| |
Tx stop moves to transport layer.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
| |
Rx stop moves to transport layer.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Tx free functions move to the transport layer. Unify the functions that deal with tx queues and cmd queue.
Since the CMD queue is not fully allocated, but uses the q->n_bd / q->window trick, the release flow of TX queue and CMD queue was different.
iwlagn_txq_free_tfd receives now the index of the TFD to be freed, which allows to unify the release flow for all the queues.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
| |
It is uneeded since Johannes removed the HUGE flag. The DMA mapping is always held in the same index as the command.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |\
| |
| |
| |
| |
| |
| | |
master.kernel.org:/pub/scm/linux/kernel/git/padovan/bluetooth-next-2.6
Conflicts:
net/bluetooth/l2cap_core.c
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There can 3 reasons for the "command reject" reply produced
by the stack. Each such reply should be accompanied by the
relevand data ( as defined in spec. ). Currently there is one
instance of "command reject" reply with reason "invalid cid"
wich is fixed. Also, added clean-up definitions related to the
"command reject" replies.
Signed-off-by: Ilia Kolomisnky <iliak@ti.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This will be useful when userspace wants to restrict some kinds of
operations based on the length of the key size used to encrypt the
link.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In some cases it will be useful having the key size used for
encrypting the link. For example, some profiles may restrict
some operations depending on the key length.
The key size is stored in the key that is passed to userspace
using the pin_length field in the key structure.
For now this field is only valid for LE controllers. 3.0+HS
controllers define the Read Encryption Key Size command, this
field is intended for storing the value returned by that
command.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As the key format has changed to something that has a dynamic size,
the way that keys are received and sent must be changed.
The structure fields order is changed to make the parsing of the
information received from the Management Interface easier.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| | |
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Now that it's possible that the exchanged key is present in
the link key list, we may be able to estabilish security with
an already existing key, without need to perform any SMP
procedure.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
With this we can use only one place to store all keys, without
need to use a field in the connection structure for this
purpose.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Now when the LTK is received from the remote or generated it is stored,
so it can later be used.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Before implementing SM key distribution, the pairing features
exchange must be better negotiated, taking into account some
features of the host and connection requirements.
If we are in the "not pairable" state, it makes no sense to
exchange any key. This allows for simplification of the key
negociation method.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Now that we have methods to finding keys by its parameters we can
reject an encryption request if the key isn't found.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As the LTK (the new type of key being handled now) has more data
associated with it, we need to store this extra data and retrieve
the keys based on that data.
Methods for searching for a key and for adding a new LTK are
introduced here.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
We need these changes because SMP keys may have more information
associated with them, for example, in the LTK case, it has an
encrypted diversifier (ediv) and a random number (rand).
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds support for generating and distributing all the keys
specified in the third phase of SMP.
This will make possible to re-establish secure connections, resolve
private addresses and sign commands.
For now, the values generated are random.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The ERTM receive buffer is now handled in a way that does not require
the busy queue and the associated polling code.
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This change moves most L2CAP ERTM receive buffer handling out of the
L2CAP core and in to the socket code. It's up to the higher layer
(the socket code, in this case) to tell the core when its buffer is
full or has space available. The recv op should always accept
incoming ERTM data or else the connection will go down.
Within the socket layer, an skb that does not fit in the socket
receive buffer will be temporarily stored. When the socket is read
from, that skb will be placed in the receive buffer if possible. Once
adequate buffer space becomes available, the L2CAP core is informed
and the ERTM local busy state is cleared.
Receive buffer management for non-ERTM modes is unchanged.
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The local busy state is entered and exited based on buffer status in
the socket layer (or other upper layer). This change is in
preparation for general buffer status reports from the socket layer,
which will then be used to change the local busy status.
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
All threads running in process context should disable local bottom
halve before locking hdev->lock.
This patch fix the following message generated when Bluetooh module
is loaded with enable_mgmt=y (CONFIG_PROVE_LOCKING enabled).
[ 107.880781] =================================
[ 107.881631] [ INFO: inconsistent lock state ]
[ 107.881631] 2.6.39+ #1
[ 107.881631] ---------------------------------
[ 107.881631] inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage.
[ 107.881631] rcuc0/7 [HC0[0]:SC1[3]:HE1:SE0] takes:
[ 107.881631] (&(&hdev->lock)->rlock){+.?...}, at: [<ffffffffa0012c8d>] mgmt_set_local_name_complete+0x84/0x10b [bluetooth]
[ 107.881631] {SOFTIRQ-ON-W} state was registered at:
[ 107.881631] [<ffffffff8105188b>] __lock_acquire+0x347/0xd52
[ 107.881631] [<ffffffff810526ac>] lock_acquire+0x8a/0xa7
[ 107.881631] [<ffffffff812b3758>] _raw_spin_lock+0x2c/0x3b
[ 107.881631] [<ffffffffa0011cc2>] mgmt_control+0xd4d/0x175b [bluetooth]
[ 107.881631] [<ffffffffa0013275>] hci_sock_sendmsg+0x97/0x293 [bluetooth]
[ 107.881631] [<ffffffff8121940c>] sock_aio_write+0x126/0x13a
[ 107.881631] [<ffffffff810a35fa>] do_sync_write+0xba/0xfa
[ 107.881631] [<ffffffff810a3beb>] vfs_write+0xaa/0xca
[ 107.881631] [<ffffffff810a3d80>] sys_write+0x45/0x69
[ 107.881631] [<ffffffff812b4892>] system_call_fastpath+0x16/0x1b
[ 107.881631] irq event stamp: 2100876
[ 107.881631] hardirqs last enabled at (2100876): [<ffffffff812b40d4>] restore_args+0x0/0x30
[ 107.881631] hardirqs last disabled at (2100875): [<ffffffff812b3f6a>] save_args+0x6a/0x70
[ 107.881631] softirqs last enabled at (2100862): [<ffffffff8106a805>] rcu_cpu_kthread+0x2b5/0x2e2
[ 107.881631] softirqs last disabled at (2100863): [<ffffffff812b56bc>] call_softirq+0x1c/0x26
[ 107.881631]
[ 107.881631] other info that might help us debug this:
[ 107.881631] Possible unsafe locking scenario:
[ 107.881631]
[ 107.881631] CPU0
[ 107.881631] ----
[ 107.881631] lock(&(&hdev->lock)->rlock);
[ 107.881631] <Interrupt>
[ 107.881631] lock(&(&hdev->lock)->rlock);
[ 107.881631]
[ 107.881631] *** DEADLOCK ***
[ 107.881631]
[ 107.881631] 1 lock held by rcuc0/7:
[ 107.881631] #0: (hci_task_lock){++.-..}, at: [<ffffffffa0008353>] hci_rx_task+0x49/0x2f3 [bluetooth]
[ 107.881631]
[ 107.881631] stack backtrace:
[ 107.881631] Pid: 7, comm: rcuc0 Not tainted 2.6.39+ #1
[ 107.881631] Call Trace:
[ 107.881631] <IRQ> [<ffffffff812ae901>] print_usage_bug+0x1e7/0x1f8
[ 107.881631] [<ffffffff8100a796>] ? save_stack_trace+0x27/0x44
[ 107.881631] [<ffffffff8104fc3f>] ? print_irq_inversion_bug.part.26+0x19a/0x19a
[ 107.881631] [<ffffffff810504bb>] mark_lock+0x106/0x258
[ 107.881631] [<ffffffff81051817>] __lock_acquire+0x2d3/0xd52
[ 107.881631] [<ffffffff8102be73>] ? vprintk+0x3ab/0x3d7
[ 107.881631] [<ffffffff810526ac>] lock_acquire+0x8a/0xa7
[ 107.881631] [<ffffffffa0012c8d>] ? mgmt_set_local_name_complete+0x84/0x10b [bluetooth]
[ 107.881631] [<ffffffff81052615>] ? lock_release+0x16c/0x179
[ 107.881631] [<ffffffff812b3952>] _raw_spin_lock_bh+0x31/0x40
[ 107.881631] [<ffffffffa0012c8d>] ? mgmt_set_local_name_complete+0x84/0x10b [bluetooth]
[ 107.881631] [<ffffffffa0012c8d>] mgmt_set_local_name_complete+0x84/0x10b [bluetooth]
[ 107.881631] [<ffffffffa000d3fe>] hci_event_packet+0x122b/0x3e12 [bluetooth]
[ 107.881631] [<ffffffff81050658>] ? mark_held_locks+0x4b/0x6d
[ 107.881631] [<ffffffff812b3cff>] ? _raw_spin_unlock_irqrestore+0x40/0x4d
[ 107.881631] [<ffffffff810507b9>] ? trace_hardirqs_on_caller+0x13f/0x172
[ 107.881631] [<ffffffff812b3d07>] ? _raw_spin_unlock_irqrestore+0x48/0x4d
[ 107.881631] [<ffffffffa00083d2>] hci_rx_task+0xc8/0x2f3 [bluetooth]
[ 107.881631] [<ffffffff8102f836>] ? __local_bh_enable+0x90/0xa4
[ 107.881631] [<ffffffff8102f5a9>] tasklet_action+0x87/0xe6
[ 107.881631] [<ffffffff8102fa11>] __do_softirq+0x9f/0x13f
[ 107.881631] [<ffffffff812b56bc>] call_softirq+0x1c/0x26
[ 107.881631] <EOI> [<ffffffff810033b8>] ? do_softirq+0x46/0x9a
[ 107.881631] [<ffffffff8106a805>] ? rcu_cpu_kthread+0x2b5/0x2e2
[ 107.881631] [<ffffffff8102f906>] _local_bh_enable_ip+0xac/0xc9
[ 107.881631] [<ffffffff8102f93b>] local_bh_enable+0xd/0xf
[ 107.881631] [<ffffffff8106a805>] rcu_cpu_kthread+0x2b5/0x2e2
[ 107.881631] [<ffffffff81041586>] ? __init_waitqueue_head+0x46/0x46
[ 107.881631] [<ffffffff8106a550>] ? rcu_yield.constprop.42+0x98/0x98
[ 107.881631] [<ffffffff81040f0a>] kthread+0x7f/0x87
[ 107.881631] [<ffffffff812b55c4>] kernel_thread_helper+0x4/0x10
[ 107.881631] [<ffffffff812b40d4>] ? retint_restore_args+0x13/0x13
[ 107.881631] [<ffffffff81040e8b>] ? __init_kthread_worker+0x53/0x53
[ 107.881631] [<ffffffff812b55c0>] ? gs_change+0x13/0x13
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since hdev->lock may be acquired by threads runnning in interrupt
context, all threads running in process context should disable
local bottom halve before locking hdev->lock. This can be done by
using hci_dev_lock_bh macro.
This way, we avoid potencial deadlocks like this one reported by
CONFIG_PROVE_LOCKING=y.
[ 304.788780] =================================
[ 304.789686] [ INFO: inconsistent lock state ]
[ 304.789686] 2.6.39+ #1
[ 304.789686] ---------------------------------
[ 304.789686] inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage.
[ 304.789686] ksoftirqd/0/3 [HC0[0]:SC1[1]:HE1:SE0] takes:
[ 304.789686] (&(&hdev->lock)->rlock){+.?...}, at: [<ffffffffa000bbfe>] hci_conn_check_pending+0x38/0x76 [bluetooth]
[ 304.789686] {SOFTIRQ-ON-W} state was registered at:
[ 304.789686] [<ffffffff8105188b>] __lock_acquire+0x347/0xd52
[ 304.789686] [<ffffffff810526ac>] lock_acquire+0x8a/0xa7
[ 304.789686] [<ffffffff812b3758>] _raw_spin_lock+0x2c/0x3b
[ 304.789686] [<ffffffffa0009cf0>] hci_blacklist_del+0x1f/0x8a [bluetooth]
[ 304.789686] [<ffffffffa00139fd>] hci_sock_ioctl+0x2d9/0x314 [bluetooth]
[ 304.789686] [<ffffffff812197d8>] sock_ioctl+0x1f2/0x214
[ 304.789686] [<ffffffff810b0fd6>] do_vfs_ioctl+0x46c/0x4ad
[ 304.789686] [<ffffffff810b1059>] sys_ioctl+0x42/0x65
[ 304.789686] [<ffffffff812b4892>] system_call_fastpath+0x16/0x1b
[ 304.789686] irq event stamp: 9768
[ 304.789686] hardirqs last enabled at (9768): [<ffffffff812b40d4>] restore_args+0x0/0x30
[ 304.789686] hardirqs last disabled at (9767): [<ffffffff812b3f6a>] save_args+0x6a/0x70
[ 304.789686] softirqs last enabled at (9726): [<ffffffff8102fa9b>] __do_softirq+0x129/0x13f
[ 304.789686] softirqs last disabled at (9739): [<ffffffff8102fb33>] run_ksoftirqd+0x82/0x133
[ 304.789686]
[ 304.789686] other info that might help us debug this:
[ 304.789686] Possible unsafe locking scenario:
[ 304.789686]
[ 304.789686] CPU0
[ 304.789686] ----
[ 304.789686] lock(&(&hdev->lock)->rlock);
[ 304.789686] <Interrupt>
[ 304.789686] lock(&(&hdev->lock)->rlock);
[ 304.789686]
[ 304.789686] *** DEADLOCK ***
[ 304.789686]
[ 304.789686] 1 lock held by ksoftirqd/0/3:
[ 304.789686] #0: (hci_task_lock){++.-..}, at: [<ffffffffa0008353>] hci_rx_task+0x49/0x2f3 [bluetooth]
[ 304.789686]
[ 304.789686] stack backtrace:
[ 304.789686] Pid: 3, comm: ksoftirqd/0 Not tainted 2.6.39+ #1
[ 304.789686] Call Trace:
[ 304.789686] [<ffffffff812ae901>] print_usage_bug+0x1e7/0x1f8
[ 304.789686] [<ffffffff8100a796>] ? save_stack_trace+0x27/0x44
[ 304.789686] [<ffffffff8104fc3f>] ? print_irq_inversion_bug.part.26+0x19a/0x19a
[ 304.789686] [<ffffffff810504bb>] mark_lock+0x106/0x258
[ 304.789686] [<ffffffff812b40d4>] ? retint_restore_args+0x13/0x13
[ 304.789686] [<ffffffff81051817>] __lock_acquire+0x2d3/0xd52
[ 304.789686] [<ffffffff8102be73>] ? vprintk+0x3ab/0x3d7
[ 304.789686] [<ffffffff812ae126>] ? printk+0x3c/0x3e
[ 304.789686] [<ffffffff810526ac>] lock_acquire+0x8a/0xa7
[ 304.789686] [<ffffffffa000bbfe>] ? hci_conn_check_pending+0x38/0x76 [bluetooth]
[ 304.789686] [<ffffffff811601c6>] ? __dynamic_pr_debug+0x10c/0x11a
[ 304.789686] [<ffffffff812b3758>] _raw_spin_lock+0x2c/0x3b
[ 304.789686] [<ffffffffa000bbfe>] ? hci_conn_check_pending+0x38/0x76 [bluetooth]
[ 304.789686] [<ffffffffa000bbfe>] hci_conn_check_pending+0x38/0x76 [bluetooth]
[ 304.789686] [<ffffffffa000c561>] hci_event_packet+0x38e/0x3e12 [bluetooth]
[ 304.789686] [<ffffffff81052615>] ? lock_release+0x16c/0x179
[ 304.789686] [<ffffffff812b3b41>] ? _raw_read_unlock+0x23/0x27
[ 304.789686] [<ffffffffa0013e7f>] ? hci_send_to_sock+0x179/0x188 [bluetooth]
[ 304.789686] [<ffffffffa00083d2>] hci_rx_task+0xc8/0x2f3 [bluetooth]
[ 304.789686] [<ffffffff8102f5a9>] tasklet_action+0x87/0xe6
[ 304.789686] [<ffffffff8102fa11>] __do_softirq+0x9f/0x13f
[ 304.789686] [<ffffffff8102fb33>] run_ksoftirqd+0x82/0x133
[ 304.789686] [<ffffffff8102fab1>] ? __do_softirq+0x13f/0x13f
[ 304.789686] [<ffffffff81040f0a>] kthread+0x7f/0x87
[ 304.789686] [<ffffffff812b55c4>] kernel_thread_helper+0x4/0x10
[ 304.789686] [<ffffffff812b40d4>] ? retint_restore_args+0x13/0x13
[ 304.789686] [<ffffffff81040e8b>] ? __init_kthread_worker+0x53/0x53
[ 304.789686] [<ffffffff812b55c0>] ? gs_change+0x13/0x13
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The enable_smp parameter is no longer needed. It can be replaced by
checking lmp_host_le_capable.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Since we have the extended LMP features properly implemented, we
should check the LMP_HOST_LE bit to know if the host supports LE.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This patch adds a new module parameter to enable/disable host LE
support. By default host LE support is disabled.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch adds a handler to Write LE Host Supported command complete
events. Once this commands has completed successfully, we should
read the extended LMP features and update the extfeatures field in
hci_dev.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This new field holds the extended LMP features value. Some LE
mechanism such as discovery procedure needs to read the extended
LMP features to work properly.
Signed-off-by: Andre Guedes <andre.guedes@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Even when the received tx_seq is expected, the frame still needs to be
dropped if the TX window is exceeded or the receiver is in the local
busy state.
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| | |
priv and lock are never used
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| | |
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The new Ath3k needs to download patch and radio table,
and it keeps same PID/VID even after downloading the patch and radio
table. This patch is to use the bcdDevice (Device Release Number) to
judge whether the chip has been patched or not. The init bcdDevice
value of the chip is 0x0001, this value increases after patch and
radio table downloading.
Signed-off-by: Steven.Li <yongli@qca.qualcomm.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a local logging function to emit bluetooth specific
messages. Using vsprintf extension %pV saves code/text
space.
Convert the current BT_INFO and BT_ERR macros to use bt_printk.
Remove __func__ from BT_ERR macro (and the uses).
Prefix "Bluetooth: " to BT_ERR
Remove __func__ from BT_DBG as function can be prefixed when
using dynamic_debug.
With allyesconfig:
text data bss dec hex filename
129956 8632 36096 174684 2aa5c drivers/bluetooth/built-in.o.new2
134402 8632 36064 179098 2bb9a drivers/bluetooth/built-in.o.old
14778 1012 3408 19198 4afe net/bluetooth/bnep/built-in.o.new2
15067 1012 3408 19487 4c1f net/bluetooth/bnep/built-in.o.old
346595 19163 86080 451838 6e4fe net/bluetooth/built-in.o.new2
353751 19163 86064 458978 700e2 net/bluetooth/built-in.o.old
18483 1172 4264 23919 5d6f net/bluetooth/cmtp/built-in.o.new2
18927 1172 4264 24363 5f2b net/bluetooth/cmtp/built-in.o.old
19237 1172 5152 25561 63d9 net/bluetooth/hidp/built-in.o.new2
19581 1172 5152 25905 6531 net/bluetooth/hidp/built-in.o.old
59461 3884 14464 77809 12ff1 net/bluetooth/rfcomm/built-in.o.new2
61206 3884 14464 79554 136c2 net/bluetooth/rfcomm/built-in.o.old
with x86 defconfig (and just bluetooth):
$ size net/bluetooth/built-in.o.defconfig.*
text data bss dec hex filename
66358 933 100 67391 1073f net/bluetooth/built-in.o.defconfig.new
66643 933 100 67676 1085c net/bluetooth/built-in.o.defconfig.old
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| | |
Make it easier to use more normal logging styles later.
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
ERTM timeouts are defined in milliseconds, but need to be converted
to jiffies when passed to mod_timer().
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| | |
Signed-off-by: Mat Martineau <mathewm@codeaurora.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Recent changes to hci_core.c use crypto interfaces, so select CRYPTO
to make sure that those interfaces are present.
Fixes these build errors when CRYPTO is not enabled:
net/built-in.o: In function `hci_register_dev':
(.text+0x4cf86): undefined reference to `crypto_alloc_base'
net/built-in.o: In function `hci_unregister_dev':
(.text+0x4f912): undefined reference to `crypto_destroy_tfm'
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6
Conflicts:
drivers/net/wireless/ath/ath5k/sysfs.c
net/bluetooth/l2cap_core.c
net/mac80211/wpa.c
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Unlike CCMP, the presence or absence of the QoS
field doesn't change the encryption, only the
TID is used. When no QoS field is present, zero
is used as the TID value. This means that it is
possible for an attacker to take a QoS packet
with TID 0 and replay it as a non-QoS packet.
Unfortunately, mac80211 uses different IVs for
checking the validity of the packet's TKIP IV
when it checks TID 0 and when it checks non-QoS
packets. This means it is vulnerable to this
replay attack.
To fix this, use the same replay counter for
TID 0 and non-QoS packets by overriding the
rx->queue value to 0 if it is 16 (non-QoS).
This is a minimal fix for now. I caused this
issue in
commit 1411f9b531f0a910cd1c85a337737c1e6ffbae6a
Author: Johannes Berg <johannes@sipsolutions.net>
Date: Thu Jul 10 10:11:02 2008 +0200
mac80211: fix RX sequence number check
while fixing a sequence number issue (there,
a separate counter needs to be used).
Cc: stable@kernel.org
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We were not allocating memory for the IEs passed in the scheduled_scan
request and this was causing memory corruption (buffer overflow).
Signed-off-by: Luciano Coelho <coelho@ti.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Our workarounds seem to be clientmode PCI specific. Using SPROM
workaround on SoC resulted in Oops:
Data bus error, epc == 8017ed58, ra == 80225838
Oops[#1]:
Cpu 0
$ 0 : 00000000 10008000 b8000000 00000001
$ 4 : 80293b5c 00000caa ffffffff 00000000
$ 8 : 0000000a 00000003 00000001 696d6d20
$12 : ffffffff 00000000 00000000 ffffffff
$16 : 802d0140 b8004800 802c0000 00000000
$20 : 00000000 802c0000 00000000 802d04d4
$24 : 00000018 80151a00
$28 : 81816000 81817df8 8029bda0 80225838
Hi : 00000000
Lo : 00000000
epc : 8017ed58 ssb_ssb_read16+0x48/0x60
Not tainted
ra : 80225838 ssb_pcicore_init+0x54/0x3b4
Reported-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Tested-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Signed-off-by: Yoann DI-RUZZA <y.diruzza@lim.eu>
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Cc: Stable <stable@kernel.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
While sending aggregated frames in AES, the AR5416 chips
required additional padding b/w subframes. This workaround
is not needed for edma (AR9003 family) chips. With this patch
~4Mbps thoughput improvement was observed in clear environment.
Cc: stable@kernel.org
Signed-off-by: Rajkumar Manoharan <rmanohar@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
