Commit graph

453 commits

Author SHA1 Message Date
Senthil Balasubramanian
c97c23e386 mac80211: fix alignment issue with compare_ether_addr()
This addresses an alignment issue with compare_ether_addr().
The addresses passed to compare_ether_addr should be two bytes aligned.
It may function properly in x86 platform. However may not work properly
on IA-64 or ARM processor.

This also fixes a typo in mlme.c where the sk_buff struct name is incorect.
Though sizeof() works for any incorrect structure pointer name as its just
a pointer length that we want, lets just fix it.

Signed-off-by: Senthil Balasubramanian <senthilkumar@atheros.com>
Signed-off-by: Luis R. Rodriguez <lrodriguez@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-28 16:43:50 -04:00
Senthil Balasubramanian
70d251b24c mac80211: Fix for NULL pointer dereference in sta_info_get()
This addresses a NULL pointer dereference in sta_info_get().
TID and sta_info are extracted in ADDBA Timer expiry function
through the timer handler's argument.

The problem is extracging the TID (which was stored in
timer_to_tid[] array of type "u8") through "int *" typecast which
may also yield unwanted bytes for the MSB of TID that results
in incorrect sta_info and ieee80211_local pointers.

ieee80211_local pointer is NULL as illustrated below, it crashes in
sta_info_get(). The problem started when extracting ieee80211_local
pointer out of sta_info iteself and eventually crashed in
stat_info_get().

The proper way to fix is to change the data type of TID to u8
instead of u16. However changing all the occurences requires
some prototype changes as well. We should fix this in upcoming
patches.

Signed-off-by: Senthil Balasubramanian <senthilkumar@atheros.com>
Signed-off-by: Luis Rodriguez <lrodriguez@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-28 16:43:49 -04:00
Yi Zhu
f6d9710489 mac80211: fix a typo in ieee80211_handle_filtered_frame comment
fix a typo in ieee80211_handle_filtered_frame comment

Signed-off-by: Yi Zhu <yi.zhu@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-28 16:43:49 -04:00
Abhijeet Kolekar
d4231ca3e1 mac80211 : Fixes the status message for iwconfig
iwconfig was showing incorrect status messages when disassociated.
Patch fixes this by always checking for association status in
ioctl calls for getting ap address.

Signed-off-by: Abhijeet Kolekar <abhijeet.kolekar@intel.com>
Acked-by: Dan Williams <dcbw@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-28 16:43:46 -04:00
Tomas Winkler
9381be059b mac80211: reorder channel and freq reporting in wext scan report
This patch switch order of channel and freq (SIOCGIWFREQ) reports
in scan results in order to overcome wpa_supplicant inability
to handle channel numbers in 5.2Ghz band.
Wext reporting channel number is ambiguous as channels 7-12 (802.11j)
exist on both bands.

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Acked-by: Dan Williams <dcbw@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-28 16:43:43 -04:00
Tomas Winkler
167ad6f7a2 mac80211: fix ieee80211_rx_bss_put/get imbalance
This patch fixes iee80211_rx_bss_put/get imbalance
introduced by 'mac80211: enable IBSS merging' patch.

Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-28 16:43:42 -04:00
Nicolas Kaiser
679fda1aa4 net/mac80211: always true conditionals
Correct always true conditionals.

Signed-off-by: Nicolas Kaiser <nikai@nikai.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-28 16:43:41 -04:00
Helmut Schaa
0d580a774b mac80211: fix NULL pointer dereference in ieee80211_compatible_rates
Fix a possible NULL pointer dereference in ieee80211_compatible_rates
introduced in the patch "mac80211: fix association with some APs". If no bss
is available just use all supported rates in the association request.

Signed-off-by: Helmut Schaa <hschaa@suse.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-20 22:40:30 -04:00
Johannes Berg
51e779f0da mac80211: don't claim iwspy support
We removed iwspy support a very long time ago because it is useless, but
forgot to stop claiming to support it. Apparently, nobody cares, but
remove it nonetheless.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-20 17:55:30 -04:00
Ivo van Doorn
2f561feb38 mac80211: Add RTNL version of ieee80211_iterate_active_interfaces
Since commit e38bad4766
	mac80211: make ieee80211_iterate_active_interfaces not need rtnl
rt2500usb and rt73usb broke down due to attempting register access
in atomic context (which is not possible for USB hardware).

This patch restores ieee80211_iterate_active_interfaces() to use RTNL lock,
and provides the non-RTNL version under a new name:
	ieee80211_iterate_active_interfaces_atomic()

So far only rt2x00 uses ieee80211_iterate_active_interfaces(), and those
drivers require the RTNL version of ieee80211_iterate_active_interfaces().
Since they already call that function directly, this patch will automatically
fix the USB rt2x00 drivers.

v2: Rename ieee80211_iterate_active_interfaces_rtnl

Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-16 17:15:09 -04:00
Abhijeet Kolekar
34a961f7db mac80211 : Association with 11n hidden ssid ap.
This patch fixes the association problem with 11n hidden ssid ap.
Patch fixes the problem of associating with hidden ssid when
all three parameters ap,essid and channel are given to iwconfig.
This patch removes the condition of checking three parameters
and always checks for bss in bss list while associating.

Signed-off-by: Abhijeet Kolekar <abhijeet.kolekar@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-16 17:14:44 -04:00
David S. Miller
608961a5ec mac80211: Use skb_header_cloned() on TX path.
When skb_header_cloned() returns false you can change the
headers however you like.

Signed-off-by: David S. Miller <davem@davemloft.net>
2008-05-12 21:59:32 -07:00
Johannes Berg
f3994eceeb mac80211: assign needed_headroom/tailroom for netdevs
This assigns the netdev's needed_headroom/tailroom members to take
advantage of pre-allocated space for 802.11 headers.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-05-12 20:51:44 -07:00
Pavel Roskin
a4278e18e7 mac80211: add missing newlines in printk()
Signed-off-by: Pavel Roskin <proski@gnu.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-12 21:44:41 -04:00
Helmut Schaa
36d16ae73b mac80211: fix association with some APs
Some APs refuse association if the supported rates contained in the
association request do not match its own supported rates. This patch
introduces a new function which builds the intersection between the AP's
supported rates and the client's supported rates to work around such
problems. The same approach is already used in ipw2200 for example.

Signed-off-by: Helmut Schaa <hschaa@suse.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-12 21:22:19 -04:00
Pavel Emelyanov
6d6936e2ea Fix potential scheduling while atomic in mesh_path_add.
Calling synchronize_rcu() under write-lock-ed pathtbl_resize_lock may
result in this warning (and other side effects).

It looks safe just dropping this lock before calling synchronize_rcu.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-12 21:22:19 -04:00
Pavel Emelyanov
0eb03d5a14 Fix not checked kmalloc() result.
The new_node kmallocation is not checked for success, so add
this check.

BTW, it also happens under the read_lock.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-12 21:22:19 -04:00
Pavel Emelyanov
f84e71a94c Fix GFP_KERNEL allocation under read lock.
The mesh_path_add() read-locks the pathtbl_resize_lock and calls
kmalloc with GFP_KERNEL mask.

Fix it and move the endadd2 label lower. It should be _before_ the
if() beyond, but it makes no sense for it being there, so I move it
right after this if().

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-12 21:22:18 -04:00
Patrick McHardy
812714d741 mac80211: mesh hwmp: fix kfree(skb)
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-12 21:22:18 -04:00
Luis Carlos Cobo
69687a0b99 mac80211: fix access to null skb
Without this patch, if xmit_skb is null but net_ratelimit() returns 0 we would
go to the else branch and access the null xmit_skb. Pointed out by Johannes
Berg.

Signed-off-by: Luis Carlos Cobo <luisca@cozybit.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-12 21:22:18 -04:00
Luis Carlos Cobo
ef26925477 mac80211: fix incorrect mesh header length
This should have been updated at the same time we were transitioning from 3 byte
to 4 byte mesh sequence number. Pointed out by Johannes Berg.

Signed-off-by: Luis Carlos Cobo <luisca@cozybit.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-12 21:22:18 -04:00
Ivo van Doorn
df44205455 mac80211: Don't encrypt beacons
mac80211 should set the IEEE80211_TX_CTL_DO_NOT_ENCRYPT flag in tx_control
structure to inform drivers not to encrypt the beacon. Drivers that only check
for that flag before accessing the hw_key field, will otherwise cause a NULL
pointer dereference since that field is not configured for beacons.

Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-12 21:22:18 -04:00
Johannes Berg
78520cad4b mac80211: fix debugfs default key oops
Under certain circumstances (in AP mode) the debugfs function
that is supposed to add the default key symlink can encounter
a NULL default_key pointer. This patch makes it handle that
situtation gracefully.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-12 21:18:05 -04:00
Steven Rostedt
bb55bdd512 fix irq flags in mac80211 code
A file in the net/mac80211 directory uses "int" for flags.  This can cause
hard to find bugs on some architectures.  This patch converts the flags to use
"long" instead.

This bug was discovered by doing an allyesconfig make on the -rt kernel where
checks are done to ensure all flags are of size sizeof(long).

Signed-off-by: Steven Rostedt <srostedt@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-05-12 21:18:04 -04:00
Pavel Emelyanov
339a7c41c9 mac80211: Do not free net device after it is unregistered.
The error path in ieee80211_register_hw() may call the unregister_netdev()
and right after it - the free_netdev(), which is wrong, since the
unregister releases the device itself.

So the proposed fix is to NULL the local->mdev after unregister is done
and check this before calling free_netdev().

I checked - no code uses the local->mdev after unregister in this error
path (but even if some did this would be a BUG).

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-05-04 17:59:30 -07:00
David S. Miller
c2a3b23345 Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/linville/wireless-2.6 2008-05-01 02:06:32 -07:00
Harvey Harrison
17f830459d mac80211: incorrect shift direction
Looks like  5d2cdcd4e8 ("mac80211: get a
TKIP phase key from skb") got the shifts wrong.

Noticed by sparse:
net/mac80211/tkip.c:234:25: warning: right shift by bigger than source value
net/mac80211/tkip.c:235:25: warning: right shift by bigger than source value
net/mac80211/tkip.c:236:25: warning: right shift by bigger than source value

Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-30 20:34:26 -04:00
Johannes Berg
636c5d488b mac80211: insert WDS peer after adding interface
This reorders the open code so that WDS peer STA info entries
are added after the corresponding interface is added to the
driver so that driver callbacks aren't invoked out of order.
Also make any master device startup fatal.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-30 20:34:26 -04:00
Johannes Berg
e94e106831 mac80211: don't allow invalid WDS peer addresses
Rather than just disallowing the zero address, disallow all
invalid ones.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-30 20:34:26 -04:00
Johannes Berg
8b808bf29b mac80211: assign conf.beacon_control for mesh
Drivers can rightfully assume that they get a beacon_control
if the beacon is set.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-30 20:34:26 -04:00
Luis Carlos Cobo
51ceddade0 mac80211: use 4-byte mesh sequence number
This follows the new 802.11s/D2.0 draft.

Signed-off-by: Luis Carlos Cobo <luisca@cozybit.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-30 20:34:26 -04:00
Linus Torvalds
77a50df2b1 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6:
  iwlwifi: Allow building iwl3945 without iwl4965.
  wireless: Fix compile error with wifi & leds
  tcp: Fix slab corruption with ipv6 and tcp6fuzz
  ipv4/ipv6 compat: Fix SSM applications on 64bit kernels.
  [IPSEC]: Use digest_null directly for auth
  sunrpc: fix missing kernel-doc
  can: Fix copy_from_user() results interpretation
  Revert "ipv6: Fix typo in net/ipv6/Kconfig"
  tipc: endianness annotations
  ipv6: result of csum_fold() is already 16bit, no need to cast
  [XFRM] AUDIT: Fix flowlabel text format ambibuity.
2008-04-28 09:44:11 -07:00
Luca Tettamanti
bd8fd21dfd wireless: Fix compile error with wifi & leds
Fix build error caused by commit
e82404ad61 ("iwlwifi: Select
LEDS_CLASS.") from David Miller:

Since MAC80211_LEDS is selected by wireless drivers it must select its
own dependencies otherwise a build error may occur (kbuild will select
the symbol regardless of "depends" constraints).

Signed-off-By: Luca Tettamanti <kronos.it@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-27 15:34:55 -07:00
Al Viro
f375d5588f asm/unaligned.h doesn't work well as the very first include
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-04-27 10:09:32 -07:00
Ron Rindjunsky
0da926f057 mac80211: fix use before check of Qdisc length
This patch fixes use of Qdisc length in requeue function, before we checked
the reference is valid. (Adrian Bunk's catch)

Signed-off-by: Ron Rindjunsky <ron.rindjunsky@intel.com>
Signed-off-by: Adrian Bunk <bunk@kernel.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-23 21:25:35 -04:00
Adrian Bunk
13d8fd2d15 net/mac80211/rx.c: fix off-by-one
This patch fixes an off-by-one in net/mac80211/rx.c introduced by
commit 8318d78a44
(cfg80211 API for channels/bitrates, mac80211 and driver conversion)
and spotted by the Coverity checker.

Signed-off-by: Adrian Bunk <bunk@kernel.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-23 21:25:35 -04:00
Pavel Emelyanov
1ebebea8e8 mac80211: Fix race between ieee80211_rx_bss_put and lookup routines.
The put routine first decrements the users counter and then
(if it is zero) locks the sta_bss_lock and removes one from
the list and the hash.

Thus, any of ieee80211_sta_config_auth, ieee80211_rx_bss_get
or ieee80211_rx_mesh_bss_get can race with it by finding a
bss that is about to get kfree-ed.

Using atomic_dec_and_lock in ieee80211_rx_bss_put takes care
of this race.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-23 21:25:35 -04:00
Abhijeet Kolekar
a46f025d05 mac80211: Fix n-band association problem
There are two structures named wmm_info and wmm_param, they are used while
parsing the beacon frame. (Check the function ieee802_11_parse_elems).
Certain APs like D-link does not set the fifth bit in WMM IE.
While sending the association request to n-only ap it checks for wmm_ie.
If it is set then only ieee80211_ht_cap is sent during association request.
So n-only association fails.
And this patch fixes this problem by copying the wmm_info to wmm_ie,
which enables the "wmm" flag in iee80211_send_assoc.

Signed-off-by: Abhijeet Kolekar <abhijeet.kolekar@intel.com>
Acked-by: Ron Rindjunsky <ron.rindjunsky@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-23 21:25:34 -04:00
David S. Miller
1e42198609 Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/torvalds/linux-2.6 2008-04-17 23:56:30 -07:00
Johannes Berg
30b89b0f5e mac80211: rework scanning to account for probe response/beacon difference
This patch reworks the scanning code (ieee80211_rx_bss_info) to take
more parameters from beacons and keep a BSS info structure alive when
only beacons for it are received. This fixes a problem with iwlwifi
drivers (where we don't understand the root cause of the problem yet)
and another driver for some broken hardware (which cannot send probe
requests unless associated, so can't always actively scan.)

Signed-off-by: Bill Moss <bmoss@clemson.edu>
[jmberg: reformatted comments, make probe_resp a bool]
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-16 16:00:03 -04:00
Johannes Berg
b454048cb9 mac80211: allow WDS mode
This allows creating interfaces in WDS mode or switching
existing ones into WDS mode (both via cfg80211 and wext.)

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-16 15:59:57 -04:00
Johannes Berg
245cbe7a65 mac80211: fix key todo list order
When we add multiple todo entries, we rely on them being executed
mostly in the right order, especially when a key is being replaced.
But when a default key is replaced, the todo list order will differ
from the order when the key being replaced is not a default key, so
problems will happen. Hence, just move each todo item to the end of
the list when it is added so we can in the other code ensure that
hw accel for a key will be disabled before it is enabled for the
replacement.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-16 15:59:57 -04:00
Johannes Berg
b16bd15c37 mac80211: fix spinlock recursion
When STAs are expired, we need to hold the sta_lock. Using
the same lock for keys too would then mean we'd need another
key free function, and that'll just lead to confusion, so just
use a new spinlock for all key lists.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-16 15:59:57 -04:00
Reinette Chatre
d18ef29f34 mac80211: no BSS changes to driver from beacons processed during scanning
There is no need to send BSS changes to driver from beacons processed
during scanning. We are more interested in beacons from an AP with which
we are associated - these will still be used to send updates to driver as
the beacons are received without scanning.

This change·removes the requirement that bss_info_changed needs to be atomic.
The beacons received during scanning are processed from a tasklet, but if we
do not call bss_info_changed for these beacons there is no need for it to be
atomic. This function (bss_info_changed) is called either from workqueue or
ioctl in all other instances.

Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Acked-by: Tomas Winkler <tomas.winkler@intel.com>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-16 15:59:56 -04:00
Johannes Berg
98dd6a5759 mac80211: further RCU fixes
There were a few more instances of sta_info_get calls not being
protected by RCU, fix them.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-16 14:53:22 -04:00
Johannes Berg
3a24576690 mac80211: fix key hwaccel race
The previous key locking patch left a small race: it would be possible
to add a key and take the interface down before the key todo is run so
that hwaccel for that key is enabled on an interface that is down. Avoid
this by running the todo list when an interface is brought up or down.

This patch also fixes a small bug: before this change, a few functions
used the key list without the lock that protects it.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-16 14:53:22 -04:00
John W. Linville
50c4afb991 mlme.c: fixup some merge damage
This one got renamed, complicating the merge a bit...this should restore
it to its intended state.

Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-16 11:42:59 -04:00
Johannes Berg
b3fc9c6c58 mac80211: remove message on receiving unexpected unencrypted frames
Some people are getting this message a lot, and we have traced it to
broken access points that much too often send completely empty frames
(all bytes zeroed, which they shouldn't do at all.)

Since we cannot do anything about such frames in any case except the
special case where we're debugging an AP, just remove the message.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-15 15:04:36 -04:00
Vladimir Koutny
216bce90b8 mac80211: use short_preamble mode from capability if ERP IE not present
When associating to a b-only AP where there is no ERP IE, short preamble
mode is left at previous state (probably also protection mode). In this
case, disable protection and use short preamble mode as specified in
capability field. The same is done if capability field is changed on-the-fly.

Signed-off-by: Vladimir Koutny <vlado@ksp.sk>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-09 10:33:49 -04:00
Johannes Berg
d9c58f30b0 mac80211: fix key debugfs default_key link
The default_key symlink points to the key index rather than
they key counter, fix it.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-08 16:46:36 -04:00