Linux wireless drivers development
 help / color / mirror / Atom feed
* [PATCH] drivers/wireless: qtnfmac: Convert timers to use timer_setup()
From: Kees Cook @ 2017-10-24  9:28 UTC (permalink / raw)
  To: Kalle Valo
  Cc: Igor Mitsyanko, Avinash Patil, Sergey Matyukevich, Kamlesh Rath,
	linux-wireless, netdev, linux-kernel

In preparation for unconditionally passing the struct timer_list pointer to
all timer callbacks, switch to using the new timer_setup() and from_timer()
to pass the timer pointer explicitly.

Cc: Kalle Valo <kvalo@codeaurora.org>
Cc: Igor Mitsyanko <imitsyanko@quantenna.com>
Cc: Avinash Patil <avinashp@quantenna.com>
Cc: Sergey Matyukevich <smatyukevich@quantenna.com>
Cc: Kamlesh Rath <krath@quantenna.com>
Cc: linux-wireless@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 drivers/net/wireless/quantenna/qtnfmac/cfg80211.c | 7 +++----
 drivers/net/wireless/quantenna/qtnfmac/core.c     | 2 +-
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/drivers/net/wireless/quantenna/qtnfmac/cfg80211.c b/drivers/net/wireless/quantenna/qtnfmac/cfg80211.c
index 32bf72c0399f..ac1b9bd5ed90 100644
--- a/drivers/net/wireless/quantenna/qtnfmac/cfg80211.c
+++ b/drivers/net/wireless/quantenna/qtnfmac/cfg80211.c
@@ -581,9 +581,9 @@ qtnf_del_station(struct wiphy *wiphy, struct net_device *dev,
 	return ret;
 }
 
-static void qtnf_scan_timeout(unsigned long data)
+static void qtnf_scan_timeout(struct timer_list *t)
 {
-	struct qtnf_wmac *mac = (struct qtnf_wmac *)data;
+	struct qtnf_wmac *mac = from_timer(mac, t, scan_timeout);
 
 	pr_warn("mac%d scan timed out\n", mac->macid);
 	qtnf_scan_done(mac, true);
@@ -602,8 +602,7 @@ qtnf_scan(struct wiphy *wiphy, struct cfg80211_scan_request *request)
 		return -EFAULT;
 	}
 
-	mac->scan_timeout.data = (unsigned long)mac;
-	mac->scan_timeout.function = qtnf_scan_timeout;
+	mac->scan_timeout.function = (TIMER_FUNC_TYPE)qtnf_scan_timeout;
 	mod_timer(&mac->scan_timeout,
 		  jiffies + QTNF_SCAN_TIMEOUT_SEC * HZ);
 
diff --git a/drivers/net/wireless/quantenna/qtnfmac/core.c b/drivers/net/wireless/quantenna/qtnfmac/core.c
index 5e60180482d1..aa7f146278a7 100644
--- a/drivers/net/wireless/quantenna/qtnfmac/core.c
+++ b/drivers/net/wireless/quantenna/qtnfmac/core.c
@@ -289,7 +289,7 @@ static struct qtnf_wmac *qtnf_core_mac_alloc(struct qtnf_bus *bus,
 		mac->iflist[i].vifid = i;
 		qtnf_sta_list_init(&mac->iflist[i].sta_list);
 		mutex_init(&mac->mac_lock);
-		init_timer(&mac->scan_timeout);
+		setup_timer(&mac->scan_timeout, NULL, 0);
 	}
 
 	qtnf_mac_init_primary_intf(mac);
-- 
2.7.4


-- 
Kees Cook
Pixel Security

^ permalink raw reply related

* [PATCH] drivers/wireless: iwlegacy: Convert timers to use timer_setup()
From: Kees Cook @ 2017-10-24  9:28 UTC (permalink / raw)
  To: Kalle Valo; +Cc: Stanislaw Gruszka, linux-wireless, netdev, linux-kernel

In preparation for unconditionally passing the struct timer_list pointer to
all timer callbacks, switch to using the new timer_setup() and from_timer()
to pass the timer pointer explicitly.

Cc: Kalle Valo <kvalo@codeaurora.org>
Cc: Stanislaw Gruszka <sgruszka@redhat.com>
Cc: linux-wireless@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 drivers/net/wireless/intel/iwlegacy/3945-mac.c |  2 +-
 drivers/net/wireless/intel/iwlegacy/3945-rs.c  | 10 +++-------
 drivers/net/wireless/intel/iwlegacy/4965-mac.c |  9 ++++-----
 drivers/net/wireless/intel/iwlegacy/common.c   |  4 ++--
 drivers/net/wireless/intel/iwlegacy/common.h   |  2 +-
 5 files changed, 11 insertions(+), 16 deletions(-)

diff --git a/drivers/net/wireless/intel/iwlegacy/3945-mac.c b/drivers/net/wireless/intel/iwlegacy/3945-mac.c
index 329f3a63dadd..4b53ebf00c7f 100644
--- a/drivers/net/wireless/intel/iwlegacy/3945-mac.c
+++ b/drivers/net/wireless/intel/iwlegacy/3945-mac.c
@@ -3429,7 +3429,7 @@ il3945_setup_deferred_work(struct il_priv *il)
 
 	il3945_hw_setup_deferred_work(il);
 
-	setup_timer(&il->watchdog, il_bg_watchdog, (unsigned long)il);
+	timer_setup(&il->watchdog, il_bg_watchdog, 0);
 
 	tasklet_init(&il->irq_tasklet,
 		     (void (*)(unsigned long))il3945_irq_tasklet,
diff --git a/drivers/net/wireless/intel/iwlegacy/3945-rs.c b/drivers/net/wireless/intel/iwlegacy/3945-rs.c
index b2f35dfbc01b..e8983c6a2b7b 100644
--- a/drivers/net/wireless/intel/iwlegacy/3945-rs.c
+++ b/drivers/net/wireless/intel/iwlegacy/3945-rs.c
@@ -181,9 +181,9 @@ il3945_rate_scale_flush_wins(struct il3945_rs_sta *rs_sta)
 #define IL_AVERAGE_PACKETS             1500
 
 static void
-il3945_bg_rate_scale_flush(unsigned long data)
+il3945_bg_rate_scale_flush(struct timer_list *t)
 {
-	struct il3945_rs_sta *rs_sta = (void *)data;
+	struct il3945_rs_sta *rs_sta = from_timer(rs_sta, t, rate_scale_flush);
 	struct il_priv *il __maybe_unused = rs_sta->il;
 	int unflushed = 0;
 	unsigned long flags;
@@ -360,9 +360,6 @@ il3945_rs_rate_init(struct il_priv *il, struct ieee80211_sta *sta, u8 sta_id)
 	rs_sta->flush_time = RATE_FLUSH;
 	rs_sta->last_tx_packets = 0;
 
-	rs_sta->rate_scale_flush.data = (unsigned long)rs_sta;
-	rs_sta->rate_scale_flush.function = il3945_bg_rate_scale_flush;
-
 	for (i = 0; i < RATE_COUNT_3945; i++)
 		il3945_clear_win(&rs_sta->win[i]);
 
@@ -415,8 +412,7 @@ il3945_rs_alloc_sta(void *il_priv, struct ieee80211_sta *sta, gfp_t gfp)
 	rs_sta = &psta->rs_sta;
 
 	spin_lock_init(&rs_sta->lock);
-	init_timer(&rs_sta->rate_scale_flush);
-
+	timer_setup(&rs_sta->rate_scale_flush, il3945_bg_rate_scale_flush, 0);
 	D_RATE("leave\n");
 
 	return rs_sta;
diff --git a/drivers/net/wireless/intel/iwlegacy/4965-mac.c b/drivers/net/wireless/intel/iwlegacy/4965-mac.c
index 65eba2c24292..de63f2518f23 100644
--- a/drivers/net/wireless/intel/iwlegacy/4965-mac.c
+++ b/drivers/net/wireless/intel/iwlegacy/4965-mac.c
@@ -4074,9 +4074,9 @@ il4965_hdl_alive(struct il_priv *il, struct il_rx_buf *rxb)
  * used for calibrating the TXPOWER.
  */
 static void
-il4965_bg_stats_periodic(unsigned long data)
+il4965_bg_stats_periodic(struct timer_list *t)
 {
-	struct il_priv *il = (struct il_priv *)data;
+	struct il_priv *il = from_timer(il, t, stats_periodic);
 
 	if (test_bit(S_EXIT_PENDING, &il->status))
 		return;
@@ -6258,10 +6258,9 @@ il4965_setup_deferred_work(struct il_priv *il)
 
 	INIT_WORK(&il->txpower_work, il4965_bg_txpower_work);
 
-	setup_timer(&il->stats_periodic, il4965_bg_stats_periodic,
-		    (unsigned long)il);
+	timer_setup(&il->stats_periodic, il4965_bg_stats_periodic, 0);
 
-	setup_timer(&il->watchdog, il_bg_watchdog, (unsigned long)il);
+	timer_setup(&il->watchdog, il_bg_watchdog, 0);
 
 	tasklet_init(&il->irq_tasklet,
 		     (void (*)(unsigned long))il4965_irq_tasklet,
diff --git a/drivers/net/wireless/intel/iwlegacy/common.c b/drivers/net/wireless/intel/iwlegacy/common.c
index 8d5acda92a9b..558bb16bfd46 100644
--- a/drivers/net/wireless/intel/iwlegacy/common.c
+++ b/drivers/net/wireless/intel/iwlegacy/common.c
@@ -4844,9 +4844,9 @@ il_check_stuck_queue(struct il_priv *il, int cnt)
  * we reset the firmware. If everything is fine just rearm the timer.
  */
 void
-il_bg_watchdog(unsigned long data)
+il_bg_watchdog(struct timer_list *t)
 {
-	struct il_priv *il = (struct il_priv *)data;
+	struct il_priv *il = from_timer(il, t, watchdog);
 	int cnt;
 	unsigned long timeout;
 
diff --git a/drivers/net/wireless/intel/iwlegacy/common.h b/drivers/net/wireless/intel/iwlegacy/common.h
index 18c60c92e3a3..dc6a74a05983 100644
--- a/drivers/net/wireless/intel/iwlegacy/common.h
+++ b/drivers/net/wireless/intel/iwlegacy/common.h
@@ -1832,7 +1832,7 @@ int il_enqueue_hcmd(struct il_priv *il, struct il_host_cmd *cmd);
  * PCI						     *
  *****************************************************/
 
-void il_bg_watchdog(unsigned long data);
+void il_bg_watchdog(struct timer_list *t);
 u32 il_usecs_to_beacons(struct il_priv *il, u32 usec, u32 beacon_interval);
 __le32 il_add_beacon_time(struct il_priv *il, u32 base, u32 addon,
 			  u32 beacon_interval);
-- 
2.7.4


-- 
Kees Cook
Pixel Security

^ permalink raw reply related

* [PATCH] drivers/wireless: atmel: Convert timers to use timer_setup()
From: Kees Cook @ 2017-10-24  9:28 UTC (permalink / raw)
  To: Kalle Valo; +Cc: Simon Kelley, linux-wireless, netdev, linux-kernel

In preparation for unconditionally passing the struct timer_list pointer to
all timer callbacks, switch to using the new timer_setup() and from_timer()
to pass the timer pointer explicitly.

Cc: Simon Kelley <simon@thekelleys.org.uk>
Cc: Kalle Valo <kvalo@codeaurora.org>
Cc: linux-wireless@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 drivers/net/wireless/atmel/atmel.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/drivers/net/wireless/atmel/atmel.c b/drivers/net/wireless/atmel/atmel.c
index e816d53c2c05..c9dd5e44c9c6 100644
--- a/drivers/net/wireless/atmel/atmel.c
+++ b/drivers/net/wireless/atmel/atmel.c
@@ -586,7 +586,7 @@ static int atmel_validate_channel(struct atmel_private *priv, int channel);
 static void atmel_management_frame(struct atmel_private *priv,
 				   struct ieee80211_hdr *header,
 				   u16 frame_len, u8 rssi);
-static void atmel_management_timer(u_long a);
+static void atmel_management_timer(struct timer_list *t);
 static void atmel_send_command(struct atmel_private *priv, int command,
 			       void *cmd, int cmd_size);
 static int atmel_send_command_wait(struct atmel_private *priv, int command,
@@ -1579,8 +1579,7 @@ struct net_device *init_atmel_card(unsigned short irq, unsigned long port,
 	priv->default_beacon_period = priv->beacon_period = 100;
 	priv->listen_interval = 1;
 
-	setup_timer(&priv->management_timer, atmel_management_timer,
-		    (unsigned long)dev);
+	timer_setup(&priv->management_timer, atmel_management_timer, 0);
 	spin_lock_init(&priv->irqlock);
 	spin_lock_init(&priv->timerlock);
 
@@ -3434,10 +3433,9 @@ static void atmel_management_frame(struct atmel_private *priv,
 }
 
 /* run when timer expires */
-static void atmel_management_timer(u_long a)
+static void atmel_management_timer(struct timer_list *t)
 {
-	struct net_device *dev = (struct net_device *) a;
-	struct atmel_private *priv = netdev_priv(dev);
+	struct atmel_private *priv = from_timer(priv, t, management_timer);
 	unsigned long flags;
 
 	/* Check if the card has been yanked. */
-- 
2.7.4


-- 
Kees Cook
Pixel Security

^ permalink raw reply related

* [PATCH] drivers/wireless: cw1200: Convert timers to use timer_setup()
From: Kees Cook @ 2017-10-24  9:29 UTC (permalink / raw)
  To: Kalle Valo; +Cc: Solomon Peachy, linux-wireless, netdev, linux-kernel

In preparation for unconditionally passing the struct timer_list pointer to
all timer callbacks, switch to using the new timer_setup() and from_timer()
to pass the timer pointer explicitly.

Cc: Solomon Peachy <pizza@shaftnet.org>
Cc: Kalle Valo <kvalo@codeaurora.org>
Cc: linux-wireless@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 drivers/net/wireless/st/cw1200/main.c  | 3 +--
 drivers/net/wireless/st/cw1200/queue.c | 6 +++---
 drivers/net/wireless/st/cw1200/sta.c   | 5 ++---
 drivers/net/wireless/st/cw1200/sta.h   | 2 +-
 4 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/drivers/net/wireless/st/cw1200/main.c b/drivers/net/wireless/st/cw1200/main.c
index dc478cedbde0..a186d1df1f29 100644
--- a/drivers/net/wireless/st/cw1200/main.c
+++ b/drivers/net/wireless/st/cw1200/main.c
@@ -373,8 +373,7 @@ static struct ieee80211_hw *cw1200_init_common(const u8 *macaddr,
 	INIT_WORK(&priv->update_filtering_work, cw1200_update_filtering_work);
 	INIT_WORK(&priv->set_beacon_wakeup_period_work,
 		  cw1200_set_beacon_wakeup_period_work);
-	setup_timer(&priv->mcast_timeout, cw1200_mcast_timeout,
-		    (unsigned long)priv);
+	timer_setup(&priv->mcast_timeout, cw1200_mcast_timeout, 0);
 
 	if (cw1200_queue_stats_init(&priv->tx_queue_stats,
 				    CW1200_LINK_ID_MAX,
diff --git a/drivers/net/wireless/st/cw1200/queue.c b/drivers/net/wireless/st/cw1200/queue.c
index 0ba5ef9b3e7b..5153d2cfd991 100644
--- a/drivers/net/wireless/st/cw1200/queue.c
+++ b/drivers/net/wireless/st/cw1200/queue.c
@@ -130,11 +130,11 @@ static void __cw1200_queue_gc(struct cw1200_queue *queue,
 	}
 }
 
-static void cw1200_queue_gc(unsigned long arg)
+static void cw1200_queue_gc(struct timer_list *t)
 {
 	LIST_HEAD(list);
 	struct cw1200_queue *queue =
-		(struct cw1200_queue *)arg;
+		from_timer(queue, t, gc);
 
 	spin_lock_bh(&queue->lock);
 	__cw1200_queue_gc(queue, &list, true);
@@ -179,7 +179,7 @@ int cw1200_queue_init(struct cw1200_queue *queue,
 	INIT_LIST_HEAD(&queue->pending);
 	INIT_LIST_HEAD(&queue->free_pool);
 	spin_lock_init(&queue->lock);
-	setup_timer(&queue->gc, cw1200_queue_gc, (unsigned long)queue);
+	timer_setup(&queue->gc, cw1200_queue_gc, 0);
 
 	queue->pool = kzalloc(sizeof(struct cw1200_queue_item) * capacity,
 			GFP_KERNEL);
diff --git a/drivers/net/wireless/st/cw1200/sta.c b/drivers/net/wireless/st/cw1200/sta.c
index a52224836a2b..03687a80d6e9 100644
--- a/drivers/net/wireless/st/cw1200/sta.c
+++ b/drivers/net/wireless/st/cw1200/sta.c
@@ -2112,10 +2112,9 @@ void cw1200_multicast_stop_work(struct work_struct *work)
 	}
 }
 
-void cw1200_mcast_timeout(unsigned long arg)
+void cw1200_mcast_timeout(struct timer_list *t)
 {
-	struct cw1200_common *priv =
-		(struct cw1200_common *)arg;
+	struct cw1200_common *priv = from_timer(priv, t, mcast_timeout);
 
 	wiphy_warn(priv->hw->wiphy,
 		   "Multicast delivery timeout.\n");
diff --git a/drivers/net/wireless/st/cw1200/sta.h b/drivers/net/wireless/st/cw1200/sta.h
index a0bacaa39b31..719de34dcbfe 100644
--- a/drivers/net/wireless/st/cw1200/sta.h
+++ b/drivers/net/wireless/st/cw1200/sta.h
@@ -117,6 +117,6 @@ void cw1200_set_tim_work(struct work_struct *work);
 void cw1200_set_cts_work(struct work_struct *work);
 void cw1200_multicast_start_work(struct work_struct *work);
 void cw1200_multicast_stop_work(struct work_struct *work);
-void cw1200_mcast_timeout(unsigned long arg);
+void cw1200_mcast_timeout(struct timer_list *t);
 
 #endif
-- 
2.7.4


-- 
Kees Cook
Pixel Security

^ permalink raw reply related

* [PATCH] drivers/wireless: rsi: Convert timers to use timer_setup()
From: Kees Cook @ 2017-10-24  9:29 UTC (permalink / raw)
  To: Kalle Valo
  Cc: Amitkumar Karwar, Prameela Rani Garnepudi, Pavani Muthyala,
	Karun Eagalapati, linux-wireless, netdev, linux-kernel

In preparation for unconditionally passing the struct timer_list pointer to
all timer callbacks, switch to using the new timer_setup() and from_timer()
to pass the timer pointer explicitly.

Cc: Kalle Valo <kvalo@codeaurora.org>
Cc: Amitkumar Karwar <amit.karwar@redpinesignals.com>
Cc: Prameela Rani Garnepudi <prameela.j04cs@gmail.com>
Cc: Pavani Muthyala <pavani.muthyala@redpinesignals.com>
Cc: Karun Eagalapati <karun256@gmail.com>
Cc: linux-wireless@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 drivers/net/wireless/rsi/rsi_91x_hal.c      | 7 +++----
 drivers/net/wireless/rsi/rsi_91x_mac80211.c | 4 ++--
 drivers/net/wireless/rsi/rsi_91x_main.c     | 4 +---
 drivers/net/wireless/rsi/rsi_common.h       | 2 +-
 4 files changed, 7 insertions(+), 10 deletions(-)

diff --git a/drivers/net/wireless/rsi/rsi_91x_hal.c b/drivers/net/wireless/rsi/rsi_91x_hal.c
index 689527d7007a..1176de646942 100644
--- a/drivers/net/wireless/rsi/rsi_91x_hal.c
+++ b/drivers/net/wireless/rsi/rsi_91x_hal.c
@@ -418,9 +418,9 @@ int rsi_prepare_beacon(struct rsi_common *common, struct sk_buff *skb)
 	return 0;
 }
 
-static void bl_cmd_timeout(unsigned long priv)
+static void bl_cmd_timeout(struct timer_list *t)
 {
-	struct rsi_hw *adapter = (struct rsi_hw *)priv;
+	struct rsi_hw *adapter = from_timer(adapter, t, bl_cmd_timer);
 
 	adapter->blcmd_timer_expired = true;
 	del_timer(&adapter->bl_cmd_timer);
@@ -428,8 +428,7 @@ static void bl_cmd_timeout(unsigned long priv)
 
 static int bl_start_cmd_timer(struct rsi_hw *adapter, u32 timeout)
 {
-	setup_timer(&adapter->bl_cmd_timer, (void *)&bl_cmd_timeout,
-		    (unsigned long)adapter);
+	timer_setup(&adapter->bl_cmd_timer, bl_cmd_timeout, 0);
 	adapter->bl_cmd_timer.expires = (msecs_to_jiffies(timeout) + jiffies);
 
 	adapter->blcmd_timer_expired = false;
diff --git a/drivers/net/wireless/rsi/rsi_91x_mac80211.c b/drivers/net/wireless/rsi/rsi_91x_mac80211.c
index b1f5dbbde3cb..9427c9d7c9c7 100644
--- a/drivers/net/wireless/rsi/rsi_91x_mac80211.c
+++ b/drivers/net/wireless/rsi/rsi_91x_mac80211.c
@@ -1663,9 +1663,9 @@ static void rsi_resume_conn_channel(struct rsi_common *common)
 	}
 }
 
-void rsi_roc_timeout(unsigned long data)
+void rsi_roc_timeout(struct timer_list *t)
 {
-	struct rsi_common *common = (struct rsi_common *)data;
+	struct rsi_common *common = from_timer(common, t, roc_timer);
 
 	rsi_dbg(INFO_ZONE, "Remain on channel expired\n");
 
diff --git a/drivers/net/wireless/rsi/rsi_91x_main.c b/drivers/net/wireless/rsi/rsi_91x_main.c
index 71b8cfb8252e..2a1fbb7db6c4 100644
--- a/drivers/net/wireless/rsi/rsi_91x_main.c
+++ b/drivers/net/wireless/rsi/rsi_91x_main.c
@@ -262,9 +262,7 @@ struct rsi_hw *rsi_91x_init(void)
 
 	rsi_default_ps_params(adapter);
 	spin_lock_init(&adapter->ps_lock);
-	common->roc_timer.data = (unsigned long)common;
-	common->roc_timer.function = (void *)&rsi_roc_timeout;
-	init_timer(&common->roc_timer);
+	timer_setup(&common->roc_timer, rsi_roc_timeout, 0);
 	common->init_done = true;
 	return adapter;
 
diff --git a/drivers/net/wireless/rsi/rsi_common.h b/drivers/net/wireless/rsi/rsi_common.h
index 272e18d750ff..29acaea3636d 100644
--- a/drivers/net/wireless/rsi/rsi_common.h
+++ b/drivers/net/wireless/rsi/rsi_common.h
@@ -85,5 +85,5 @@ void rsi_91x_deinit(struct rsi_hw *adapter);
 int rsi_read_pkt(struct rsi_common *common, s32 rcv_pkt_len);
 struct rsi_sta *rsi_find_sta(struct rsi_common *common, u8 *mac_addr);
 struct ieee80211_vif *rsi_get_vif(struct rsi_hw *adapter, u8 *mac);
-void rsi_roc_timeout(unsigned long data);
+void rsi_roc_timeout(struct timer_list *t);
 #endif
-- 
2.7.4


-- 
Kees Cook
Pixel Security

^ permalink raw reply related

* [PATCH] drivers/wireless: marvell/mwifiex: Convert timers to use timer_setup()
From: Kees Cook @ 2017-10-24  9:29 UTC (permalink / raw)
  To: Kalle Valo
  Cc: Amitkumar Karwar, Nishant Sarmukadam, Ganapathi Bhat, Xinming Hu,
	Arvind Yadav, Ingo Molnar, Johannes Berg, David S. Miller,
	Andrew Zaborowski, libertas-dev, linux-wireless, netdev,
	linux-kernel

In preparation for unconditionally passing the struct timer_list pointer to
all timer callbacks, switch to using the new timer_setup() and from_timer()
to pass the timer pointer explicitly.

Cc: Kalle Valo <kvalo@codeaurora.org>
Cc: Amitkumar Karwar <amitkarwar@gmail.com>
Cc: Nishant Sarmukadam <nishants@marvell.com>
Cc: Ganapathi Bhat <gbhat@marvell.com>
Cc: Xinming Hu <huxm@marvell.com>
Cc: Arvind Yadav <arvind.yadav.cs@gmail.com>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Johannes Berg <johannes.berg@intel.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Andrew Zaborowski <andrew.zaborowski@intel.com>
Cc: libertas-dev@lists.infradead.org
Cc: linux-wireless@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 drivers/net/wireless/marvell/mwifiex/11n_rxreorder.c | 7 +++----
 drivers/net/wireless/marvell/mwifiex/cmdevt.c        | 5 ++---
 drivers/net/wireless/marvell/mwifiex/init.c          | 7 +++----
 drivers/net/wireless/marvell/mwifiex/main.c          | 3 +--
 drivers/net/wireless/marvell/mwifiex/main.h          | 4 ++--
 drivers/net/wireless/marvell/mwifiex/tdls.c          | 7 +++----
 drivers/net/wireless/marvell/mwifiex/usb.c           | 9 ++++-----
 7 files changed, 18 insertions(+), 24 deletions(-)

diff --git a/drivers/net/wireless/marvell/mwifiex/11n_rxreorder.c b/drivers/net/wireless/marvell/mwifiex/11n_rxreorder.c
index 274dd5a1574a..fd58157d69fb 100644
--- a/drivers/net/wireless/marvell/mwifiex/11n_rxreorder.c
+++ b/drivers/net/wireless/marvell/mwifiex/11n_rxreorder.c
@@ -312,10 +312,10 @@ mwifiex_11n_find_last_seq_num(struct reorder_tmr_cnxt *ctx)
  * them and then dumps the Rx reordering table.
  */
 static void
-mwifiex_flush_data(unsigned long context)
+mwifiex_flush_data(struct timer_list *t)
 {
 	struct reorder_tmr_cnxt *ctx =
-		(struct reorder_tmr_cnxt *) context;
+		from_timer(ctx, t, timer);
 	int start_win, seq_num;
 
 	ctx->timer_is_set = false;
@@ -412,8 +412,7 @@ mwifiex_11n_create_rx_reorder_tbl(struct mwifiex_private *priv, u8 *ta,
 	new_node->timer_context.priv = priv;
 	new_node->timer_context.timer_is_set = false;
 
-	setup_timer(&new_node->timer_context.timer, mwifiex_flush_data,
-		    (unsigned long)&new_node->timer_context);
+	timer_setup(&new_node->timer_context.timer, mwifiex_flush_data, 0);
 
 	for (i = 0; i < win_size; ++i)
 		new_node->rx_reorder_ptr[i] = NULL;
diff --git a/drivers/net/wireless/marvell/mwifiex/cmdevt.c b/drivers/net/wireless/marvell/mwifiex/cmdevt.c
index 0edc5d621304..57c6a880e757 100644
--- a/drivers/net/wireless/marvell/mwifiex/cmdevt.c
+++ b/drivers/net/wireless/marvell/mwifiex/cmdevt.c
@@ -922,10 +922,9 @@ int mwifiex_process_cmdresp(struct mwifiex_adapter *adapter)
  * It will re-send the same command again.
  */
 void
-mwifiex_cmd_timeout_func(unsigned long function_context)
+mwifiex_cmd_timeout_func(struct timer_list *t)
 {
-	struct mwifiex_adapter *adapter =
-		(struct mwifiex_adapter *) function_context;
+	struct mwifiex_adapter *adapter = from_timer(adapter, t, cmd_timer);
 	struct cmd_ctrl_node *cmd_node;
 
 	adapter->is_cmd_timedout = 1;
diff --git a/drivers/net/wireless/marvell/mwifiex/init.c b/drivers/net/wireless/marvell/mwifiex/init.c
index e11919db7818..9005c4129a51 100644
--- a/drivers/net/wireless/marvell/mwifiex/init.c
+++ b/drivers/net/wireless/marvell/mwifiex/init.c
@@ -52,9 +52,9 @@ static int mwifiex_add_bss_prio_tbl(struct mwifiex_private *priv)
 	return 0;
 }
 
-static void wakeup_timer_fn(unsigned long data)
+static void wakeup_timer_fn(struct timer_list *t)
 {
-	struct mwifiex_adapter *adapter = (struct mwifiex_adapter *)data;
+	struct mwifiex_adapter *adapter = from_timer(adapter, t, wakeup_timer);
 
 	mwifiex_dbg(adapter, ERROR, "Firmware wakeup failed\n");
 	adapter->hw_status = MWIFIEX_HW_STATUS_RESET;
@@ -313,8 +313,7 @@ static void mwifiex_init_adapter(struct mwifiex_adapter *adapter)
 	adapter->iface_limit.uap_intf = MWIFIEX_MAX_UAP_NUM;
 	adapter->iface_limit.p2p_intf = MWIFIEX_MAX_P2P_NUM;
 	adapter->active_scan_triggered = false;
-	setup_timer(&adapter->wakeup_timer, wakeup_timer_fn,
-		    (unsigned long)adapter);
+	timer_setup(&adapter->wakeup_timer, wakeup_timer_fn, 0);
 }
 
 /*
diff --git a/drivers/net/wireless/marvell/mwifiex/main.c b/drivers/net/wireless/marvell/mwifiex/main.c
index ee40b739b289..a96bd7e653bf 100644
--- a/drivers/net/wireless/marvell/mwifiex/main.c
+++ b/drivers/net/wireless/marvell/mwifiex/main.c
@@ -100,8 +100,7 @@ static int mwifiex_register(void *card, struct device *dev,
 	}
 	mwifiex_init_lock_list(adapter);
 
-	setup_timer(&adapter->cmd_timer, mwifiex_cmd_timeout_func,
-		    (unsigned long)adapter);
+	timer_setup(&adapter->cmd_timer, mwifiex_cmd_timeout_func, 0);
 
 	return 0;
 
diff --git a/drivers/net/wireless/marvell/mwifiex/main.h b/drivers/net/wireless/marvell/mwifiex/main.h
index a34de8582e91..154c0796c0c5 100644
--- a/drivers/net/wireless/marvell/mwifiex/main.h
+++ b/drivers/net/wireless/marvell/mwifiex/main.h
@@ -1072,7 +1072,7 @@ int mwifiex_complete_cmd(struct mwifiex_adapter *adapter,
 int mwifiex_send_cmd(struct mwifiex_private *priv, u16 cmd_no,
 		     u16 cmd_action, u32 cmd_oid, void *data_buf, bool sync);
 
-void mwifiex_cmd_timeout_func(unsigned long function_context);
+void mwifiex_cmd_timeout_func(struct timer_list *t);
 
 int mwifiex_get_debug_info(struct mwifiex_private *,
 			   struct mwifiex_debug_info *);
@@ -1617,7 +1617,7 @@ void mwifiex_auto_tdls_update_peer_status(struct mwifiex_private *priv,
 					  const u8 *mac, u8 link_status);
 void mwifiex_auto_tdls_update_peer_signal(struct mwifiex_private *priv,
 					  u8 *mac, s8 snr, s8 nflr);
-void mwifiex_check_auto_tdls(unsigned long context);
+void mwifiex_check_auto_tdls(struct timer_list *t);
 void mwifiex_add_auto_tdls_peer(struct mwifiex_private *priv, const u8 *mac);
 void mwifiex_setup_auto_tdls_timer(struct mwifiex_private *priv);
 void mwifiex_clean_auto_tdls(struct mwifiex_private *priv);
diff --git a/drivers/net/wireless/marvell/mwifiex/tdls.c b/drivers/net/wireless/marvell/mwifiex/tdls.c
index e76af2866a19..528fd1fc19d2 100644
--- a/drivers/net/wireless/marvell/mwifiex/tdls.c
+++ b/drivers/net/wireless/marvell/mwifiex/tdls.c
@@ -1389,9 +1389,9 @@ void mwifiex_auto_tdls_update_peer_signal(struct mwifiex_private *priv,
 	spin_unlock_irqrestore(&priv->auto_tdls_lock, flags);
 }
 
-void mwifiex_check_auto_tdls(unsigned long context)
+void mwifiex_check_auto_tdls(struct timer_list *t)
 {
-	struct mwifiex_private *priv = (struct mwifiex_private *)context;
+	struct mwifiex_private *priv = from_timer(priv, t, auto_tdls_timer);
 	struct mwifiex_auto_tdls_peer *tdls_peer;
 	unsigned long flags;
 	u16 reason = WLAN_REASON_TDLS_TEARDOWN_UNSPECIFIED;
@@ -1463,8 +1463,7 @@ void mwifiex_check_auto_tdls(unsigned long context)
 
 void mwifiex_setup_auto_tdls_timer(struct mwifiex_private *priv)
 {
-	setup_timer(&priv->auto_tdls_timer, mwifiex_check_auto_tdls,
-		    (unsigned long)priv);
+	timer_setup(&priv->auto_tdls_timer, mwifiex_check_auto_tdls, 0);
 	priv->auto_tdls_timer_active = true;
 	mod_timer(&priv->auto_tdls_timer,
 		  jiffies + msecs_to_jiffies(MWIFIEX_TIMER_10S));
diff --git a/drivers/net/wireless/marvell/mwifiex/usb.c b/drivers/net/wireless/marvell/mwifiex/usb.c
index f4f2b9b27e32..4bc244801636 100644
--- a/drivers/net/wireless/marvell/mwifiex/usb.c
+++ b/drivers/net/wireless/marvell/mwifiex/usb.c
@@ -1096,12 +1096,12 @@ static int mwifiex_usb_aggr_tx_data(struct mwifiex_adapter *adapter, u8 ep,
 	return -EINPROGRESS;
 }
 
-static void mwifiex_usb_tx_aggr_tmo(unsigned long context)
+static void mwifiex_usb_tx_aggr_tmo(struct timer_list *t)
 {
 	struct urb_context *urb_cnxt = NULL;
 	struct sk_buff *skb_send = NULL;
 	struct tx_aggr_tmr_cnxt *timer_context =
-		(struct tx_aggr_tmr_cnxt *)context;
+		from_timer(timer_context, t, hold_timer);
 	struct mwifiex_adapter *adapter = timer_context->adapter;
 	struct usb_tx_data_port *port = timer_context->port;
 	unsigned long flags;
@@ -1236,9 +1236,8 @@ static int mwifiex_usb_tx_init(struct mwifiex_adapter *adapter)
 		port->tx_aggr.timer_cnxt.port = port;
 		port->tx_aggr.timer_cnxt.is_hold_timer_set = false;
 		port->tx_aggr.timer_cnxt.hold_tmo_msecs = 0;
-		setup_timer(&port->tx_aggr.timer_cnxt.hold_timer,
-			    mwifiex_usb_tx_aggr_tmo,
-			    (unsigned long)&port->tx_aggr.timer_cnxt);
+		timer_setup(&port->tx_aggr.timer_cnxt.hold_timer,
+			    mwifiex_usb_tx_aggr_tmo, 0);
 	}
 
 	return 0;
-- 
2.7.4


-- 
Kees Cook
Pixel Security

^ permalink raw reply related

* [PATCH] drivers/wireless: marvell/libertas: Convert timers to use timer_setup()
From: Kees Cook @ 2017-10-24  9:29 UTC (permalink / raw)
  To: Kalle Valo
  Cc: Arvind Yadav, Ingo Molnar, Johannes Berg, David S. Miller,
	Andrew Zaborowski, libertas-dev, linux-wireless, netdev,
	linux-kernel

In preparation for unconditionally passing the struct timer_list pointer to
all timer callbacks, switch to using the new timer_setup() and from_timer()
to pass the timer pointer explicitly.

Cc: Kalle Valo <kvalo@codeaurora.org>
Cc: Arvind Yadav <arvind.yadav.cs@gmail.com>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Johannes Berg <johannes.berg@intel.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Andrew Zaborowski <andrew.zaborowski@intel.com>
Cc: libertas-dev@lists.infradead.org
Cc: linux-wireless@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 drivers/net/wireless/marvell/libertas/if_usb.c    |  6 +++---
 drivers/net/wireless/marvell/libertas/main.c      | 21 +++++++++------------
 drivers/net/wireless/marvell/libertas_tf/if_usb.c |  6 +++---
 drivers/net/wireless/marvell/libertas_tf/main.c   |  7 +++----
 4 files changed, 18 insertions(+), 22 deletions(-)

diff --git a/drivers/net/wireless/marvell/libertas/if_usb.c b/drivers/net/wireless/marvell/libertas/if_usb.c
index 16e54c757dd0..ffea610f67e2 100644
--- a/drivers/net/wireless/marvell/libertas/if_usb.c
+++ b/drivers/net/wireless/marvell/libertas/if_usb.c
@@ -161,9 +161,9 @@ static void if_usb_setup_firmware(struct lbs_private *priv)
 	}
 }
 
-static void if_usb_fw_timeo(unsigned long priv)
+static void if_usb_fw_timeo(struct timer_list *t)
 {
-	struct if_usb_card *cardp = (void *)priv;
+	struct if_usb_card *cardp = from_timer(cardp, t, fw_timeout);
 
 	if (cardp->fwdnldover) {
 		lbs_deb_usb("Download complete, no event. Assuming success\n");
@@ -205,7 +205,7 @@ static int if_usb_probe(struct usb_interface *intf,
 	if (!cardp)
 		goto error;
 
-	setup_timer(&cardp->fw_timeout, if_usb_fw_timeo, (unsigned long)cardp);
+	timer_setup(&cardp->fw_timeout, if_usb_fw_timeo, 0);
 	init_waitqueue_head(&cardp->fw_wq);
 
 	cardp->udev = udev;
diff --git a/drivers/net/wireless/marvell/libertas/main.c b/drivers/net/wireless/marvell/libertas/main.c
index aefa88f4f29c..f22e1c220cba 100644
--- a/drivers/net/wireless/marvell/libertas/main.c
+++ b/drivers/net/wireless/marvell/libertas/main.c
@@ -722,9 +722,9 @@ EXPORT_SYMBOL_GPL(lbs_resume);
  *
  * @data: &struct lbs_private pointer
  */
-static void lbs_cmd_timeout_handler(unsigned long data)
+static void lbs_cmd_timeout_handler(struct timer_list *t)
 {
-	struct lbs_private *priv = (struct lbs_private *)data;
+	struct lbs_private *priv = from_timer(priv, t, command_timer);
 	unsigned long flags;
 
 	spin_lock_irqsave(&priv->driver_lock, flags);
@@ -756,9 +756,9 @@ static void lbs_cmd_timeout_handler(unsigned long data)
  *
  * @data: &struct lbs_private pointer
  */
-static void lbs_tx_lockup_handler(unsigned long data)
+static void lbs_tx_lockup_handler(struct timer_list *t)
 {
-	struct lbs_private *priv = (struct lbs_private *)data;
+	struct lbs_private *priv = from_timer(priv, t, tx_lockup_timer);
 	unsigned long flags;
 
 	spin_lock_irqsave(&priv->driver_lock, flags);
@@ -779,9 +779,9 @@ static void lbs_tx_lockup_handler(unsigned long data)
  * @data:	&struct lbs_private pointer
  * returns:	N/A
  */
-static void auto_deepsleep_timer_fn(unsigned long data)
+static void auto_deepsleep_timer_fn(struct timer_list *t)
 {
-	struct lbs_private *priv = (struct lbs_private *)data;
+	struct lbs_private *priv = from_timer(priv, t, auto_deepsleep_timer);
 
 	if (priv->is_activity_detected) {
 		priv->is_activity_detected = 0;
@@ -847,12 +847,9 @@ static int lbs_init_adapter(struct lbs_private *priv)
 	init_waitqueue_head(&priv->fw_waitq);
 	mutex_init(&priv->lock);
 
-	setup_timer(&priv->command_timer, lbs_cmd_timeout_handler,
-		(unsigned long)priv);
-	setup_timer(&priv->tx_lockup_timer, lbs_tx_lockup_handler,
-		(unsigned long)priv);
-	setup_timer(&priv->auto_deepsleep_timer, auto_deepsleep_timer_fn,
-			(unsigned long)priv);
+	timer_setup(&priv->command_timer, lbs_cmd_timeout_handler, 0);
+	timer_setup(&priv->tx_lockup_timer, lbs_tx_lockup_handler, 0);
+	timer_setup(&priv->auto_deepsleep_timer, auto_deepsleep_timer_fn, 0);
 
 	INIT_LIST_HEAD(&priv->cmdfreeq);
 	INIT_LIST_HEAD(&priv->cmdpendingq);
diff --git a/drivers/net/wireless/marvell/libertas_tf/if_usb.c b/drivers/net/wireless/marvell/libertas_tf/if_usb.c
index e9104eca327b..5153922e7ce1 100644
--- a/drivers/net/wireless/marvell/libertas_tf/if_usb.c
+++ b/drivers/net/wireless/marvell/libertas_tf/if_usb.c
@@ -115,9 +115,9 @@ static void if_usb_setup_firmware(struct lbtf_private *priv)
 	lbtf_deb_leave(LBTF_DEB_USB);
 }
 
-static void if_usb_fw_timeo(unsigned long priv)
+static void if_usb_fw_timeo(struct timer_list *t)
 {
-	struct if_usb_card *cardp = (void *)priv;
+	struct if_usb_card *cardp = from_timer(cardp, t, fw_timeout);
 
 	lbtf_deb_enter(LBTF_DEB_USB);
 	if (!cardp->fwdnldover) {
@@ -156,7 +156,7 @@ static int if_usb_probe(struct usb_interface *intf,
 	if (!cardp)
 		goto error;
 
-	setup_timer(&cardp->fw_timeout, if_usb_fw_timeo, (unsigned long)cardp);
+	timer_setup(&cardp->fw_timeout, if_usb_fw_timeo, 0);
 	init_waitqueue_head(&cardp->fw_wq);
 
 	cardp->udev = udev;
diff --git a/drivers/net/wireless/marvell/libertas_tf/main.c b/drivers/net/wireless/marvell/libertas_tf/main.c
index 81228bf73043..1d45da187b9b 100644
--- a/drivers/net/wireless/marvell/libertas_tf/main.c
+++ b/drivers/net/wireless/marvell/libertas_tf/main.c
@@ -165,9 +165,9 @@ static int lbtf_setup_firmware(struct lbtf_private *priv)
  *  This function handles the timeout of command sending.
  *  It will re-send the same command again.
  */
-static void command_timer_fn(unsigned long data)
+static void command_timer_fn(struct timer_list *t)
 {
-	struct lbtf_private *priv = (struct lbtf_private *)data;
+	struct lbtf_private *priv = from_timer(priv, t, command_timer);
 	unsigned long flags;
 	lbtf_deb_enter(LBTF_DEB_CMD);
 
@@ -196,8 +196,7 @@ static int lbtf_init_adapter(struct lbtf_private *priv)
 	mutex_init(&priv->lock);
 
 	priv->vif = NULL;
-	setup_timer(&priv->command_timer, command_timer_fn,
-		(unsigned long)priv);
+	timer_setup(&priv->command_timer, command_timer_fn, 0);
 
 	INIT_LIST_HEAD(&priv->cmdfreeq);
 	INIT_LIST_HEAD(&priv->cmdpendingq);
-- 
2.7.4


-- 
Kees Cook
Pixel Security

^ permalink raw reply related

* [PATCH] drivers/wireless: iwlwifi/mvm: Convert timers to use timer_setup()
From: Kees Cook @ 2017-10-24  9:29 UTC (permalink / raw)
  To: Kalle Valo
  Cc: Johannes Berg, Emmanuel Grumbach, Luca Coelho,
	Intel Linux Wireless, Sara Sharon, linux-wireless, netdev,
	linux-kernel

In preparation for unconditionally passing the struct timer_list pointer to
all timer callbacks, switch to using the new timer_setup() and from_timer()
to pass the timer pointer explicitly.

The RCU lifetime on baid_data is unclear, so this adds a direct copy of the
rcu_ptr passed to the original callback. It may be possible to improve this
to just use baid_data->mvm->baid_map[baid_data->baid] instead.

Cc: Johannes Berg <johannes.berg@intel.com>
Cc: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Cc: Luca Coelho <luciano.coelho@intel.com>
Cc: Intel Linux Wireless <linuxwifi@intel.com>
Cc: Kalle Valo <kvalo@codeaurora.org>
Cc: Sara Sharon <sara.sharon@intel.com>
Cc: linux-wireless@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 drivers/net/wireless/intel/iwlwifi/mvm/mvm.h  |  3 ++-
 drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c |  4 ++--
 drivers/net/wireless/intel/iwlwifi/mvm/sta.c  | 18 +++++++++---------
 3 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/drivers/net/wireless/intel/iwlwifi/mvm/mvm.h b/drivers/net/wireless/intel/iwlwifi/mvm/mvm.h
index bf25c3ce7c95..a22c0ecff324 100644
--- a/drivers/net/wireless/intel/iwlwifi/mvm/mvm.h
+++ b/drivers/net/wireless/intel/iwlwifi/mvm/mvm.h
@@ -636,6 +636,7 @@ struct iwl_mvm_baid_data {
 	u16 timeout;
 	unsigned long last_rx;
 	struct timer_list session_timer;
+	struct iwl_mvm_baid_data __rcu **rcu_ptr;
 	struct iwl_mvm *mvm;
 	struct iwl_mvm_reorder_buffer reorder_buf[];
 };
@@ -1829,7 +1830,7 @@ void iwl_mvm_tdls_ch_switch_work(struct work_struct *work);
 void iwl_mvm_sync_rx_queues_internal(struct iwl_mvm *mvm,
 				     struct iwl_mvm_internal_rxq_notif *notif,
 				     u32 size);
-void iwl_mvm_reorder_timer_expired(unsigned long data);
+void iwl_mvm_reorder_timer_expired(struct timer_list *t);
 struct ieee80211_vif *iwl_mvm_get_bss_vif(struct iwl_mvm *mvm);
 bool iwl_mvm_is_vif_assoc(struct iwl_mvm *mvm);
 
diff --git a/drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c b/drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c
index 5e679859f948..53485dc096b3 100644
--- a/drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c
+++ b/drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c
@@ -456,9 +456,9 @@ static void iwl_mvm_release_frames(struct iwl_mvm *mvm,
 	}
 }
 
-void iwl_mvm_reorder_timer_expired(unsigned long data)
+void iwl_mvm_reorder_timer_expired(struct timer_list *t)
 {
-	struct iwl_mvm_reorder_buffer *buf = (void *)data;
+	struct iwl_mvm_reorder_buffer *buf = from_timer(buf, t, reorder_timer);
 	int i;
 	u16 sn = 0, index = 0;
 	bool expired = false;
diff --git a/drivers/net/wireless/intel/iwlwifi/mvm/sta.c b/drivers/net/wireless/intel/iwlwifi/mvm/sta.c
index 282424f40c43..b95b24a03959 100644
--- a/drivers/net/wireless/intel/iwlwifi/mvm/sta.c
+++ b/drivers/net/wireless/intel/iwlwifi/mvm/sta.c
@@ -252,9 +252,11 @@ int iwl_mvm_sta_send_to_fw(struct iwl_mvm *mvm, struct ieee80211_sta *sta,
 	return ret;
 }
 
-static void iwl_mvm_rx_agg_session_expired(unsigned long data)
+static void iwl_mvm_rx_agg_session_expired(struct timer_list *t)
 {
-	struct iwl_mvm_baid_data __rcu **rcu_ptr = (void *)data;
+	struct iwl_mvm_baid_data *data =
+		from_timer(data, t, session_timer);
+	struct iwl_mvm_baid_data __rcu **rcu_ptr = data->rcu_ptr;
 	struct iwl_mvm_baid_data *ba_data;
 	struct ieee80211_sta *sta;
 	struct iwl_mvm_sta *mvm_sta;
@@ -2150,10 +2152,8 @@ static void iwl_mvm_init_reorder_buffer(struct iwl_mvm *mvm,
 		reorder_buf->head_sn = ssn;
 		reorder_buf->buf_size = buf_size;
 		/* rx reorder timer */
-		reorder_buf->reorder_timer.function =
-			iwl_mvm_reorder_timer_expired;
-		reorder_buf->reorder_timer.data = (unsigned long)reorder_buf;
-		init_timer(&reorder_buf->reorder_timer);
+		timer_setup(&reorder_buf->reorder_timer,
+			    iwl_mvm_reorder_timer_expired, 0);
 		spin_lock_init(&reorder_buf->lock);
 		reorder_buf->mvm = mvm;
 		reorder_buf->queue = i;
@@ -2250,9 +2250,9 @@ int iwl_mvm_sta_rx_agg(struct iwl_mvm *mvm, struct ieee80211_sta *sta,
 		baid_data->baid = baid;
 		baid_data->timeout = timeout;
 		baid_data->last_rx = jiffies;
-		setup_timer(&baid_data->session_timer,
-			    iwl_mvm_rx_agg_session_expired,
-			    (unsigned long)&mvm->baid_map[baid]);
+		baid_data->rcu_ptr = &mvm->baid_map[baid];
+		timer_setup(&baid_data->session_timer,
+			    iwl_mvm_rx_agg_session_expired, 0);
 		baid_data->mvm = mvm;
 		baid_data->tid = tid;
 		baid_data->sta_id = mvm_sta->sta_id;
-- 
2.7.4


-- 
Kees Cook
Pixel Security

^ permalink raw reply related

* [PATCH] drivers/wireless: ath: Convert timers to use timer_setup()
From: Kees Cook @ 2017-10-24  9:29 UTC (permalink / raw)
  To: Kalle Valo; +Cc: Kalle Valo, linux-wireless, netdev, linux-kernel

In preparation for unconditionally passing the struct timer_list pointer to
all timer callbacks, switch to using the new timer_setup() and from_timer()
to pass the timer pointer explicitly.

Cc: Kalle Valo <kvalo@qca.qualcomm.com>
Cc: linux-wireless@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 drivers/net/wireless/ath/ar5523/ar5523.c      |  7 +++----
 drivers/net/wireless/ath/ath10k/htt_rx.c      |  6 +++---
 drivers/net/wireless/ath/ath10k/pci.c         | 17 ++++++++---------
 drivers/net/wireless/ath/ath10k/pci.h         |  2 +-
 drivers/net/wireless/ath/ath6kl/cfg80211.c    |  6 ++----
 drivers/net/wireless/ath/ath6kl/core.h        |  2 +-
 drivers/net/wireless/ath/ath6kl/main.c        |  5 ++---
 drivers/net/wireless/ath/ath6kl/txrx.c        |  6 +++---
 drivers/net/wireless/ath/ath6kl/wmi.c         |  4 ++--
 drivers/net/wireless/ath/ath6kl/wmi.h         |  2 +-
 drivers/net/wireless/ath/ath9k/ath9k.h        |  4 ++--
 drivers/net/wireless/ath/ath9k/channel.c      | 14 ++++++--------
 drivers/net/wireless/ath/ath9k/gpio.c         | 14 ++++++--------
 drivers/net/wireless/ath/ath9k/htc.h          |  2 +-
 drivers/net/wireless/ath/ath9k/htc_drv_init.c |  3 +--
 drivers/net/wireless/ath/ath9k/htc_drv_txrx.c |  4 ++--
 drivers/net/wireless/ath/ath9k/init.c         |  4 ++--
 drivers/net/wireless/ath/ath9k/link.c         |  6 +++---
 drivers/net/wireless/ath/ath9k/main.c         |  4 ++--
 drivers/net/wireless/ath/wil6210/main.c       | 15 +++++++--------
 drivers/net/wireless/ath/wil6210/p2p.c        |  4 ++--
 drivers/net/wireless/ath/wil6210/wil6210.h    |  2 +-
 22 files changed, 61 insertions(+), 72 deletions(-)

diff --git a/drivers/net/wireless/ath/ar5523/ar5523.c b/drivers/net/wireless/ath/ar5523/ar5523.c
index 68f0463ed8df..b94759daeacc 100644
--- a/drivers/net/wireless/ath/ar5523/ar5523.c
+++ b/drivers/net/wireless/ath/ar5523/ar5523.c
@@ -889,9 +889,9 @@ static void ar5523_tx_work(struct work_struct *work)
 	mutex_unlock(&ar->mutex);
 }
 
-static void ar5523_tx_wd_timer(unsigned long arg)
+static void ar5523_tx_wd_timer(struct timer_list *t)
 {
-	struct ar5523 *ar = (struct ar5523 *) arg;
+	struct ar5523 *ar = from_timer(ar, t, tx_wd_timer);
 
 	ar5523_dbg(ar, "TX watchdog timer triggered\n");
 	ieee80211_queue_work(ar->hw, &ar->tx_wd_work);
@@ -1599,8 +1599,7 @@ static int ar5523_probe(struct usb_interface *intf,
 	mutex_init(&ar->mutex);
 
 	INIT_DELAYED_WORK(&ar->stat_work, ar5523_stat_work);
-	init_timer(&ar->tx_wd_timer);
-	setup_timer(&ar->tx_wd_timer, ar5523_tx_wd_timer, (unsigned long) ar);
+	timer_setup(&ar->tx_wd_timer, ar5523_tx_wd_timer, 0);
 	INIT_WORK(&ar->tx_wd_work, ar5523_tx_wd_work);
 	INIT_WORK(&ar->tx_work, ar5523_tx_work);
 	INIT_LIST_HEAD(&ar->tx_queue_pending);
diff --git a/drivers/net/wireless/ath/ath10k/htt_rx.c b/drivers/net/wireless/ath/ath10k/htt_rx.c
index a3f5dc78353f..f068376ec565 100644
--- a/drivers/net/wireless/ath/ath10k/htt_rx.c
+++ b/drivers/net/wireless/ath/ath10k/htt_rx.c
@@ -200,9 +200,9 @@ static void ath10k_htt_rx_msdu_buff_replenish(struct ath10k_htt *htt)
 	spin_unlock_bh(&htt->rx_ring.lock);
 }
 
-static void ath10k_htt_rx_ring_refill_retry(unsigned long arg)
+static void ath10k_htt_rx_ring_refill_retry(struct timer_list *t)
 {
-	struct ath10k_htt *htt = (struct ath10k_htt *)arg;
+	struct ath10k_htt *htt = from_timer(htt, t, rx_ring.refill_retry_timer);
 
 	ath10k_htt_rx_msdu_buff_replenish(htt);
 }
@@ -507,7 +507,7 @@ int ath10k_htt_rx_alloc(struct ath10k_htt *htt)
 	*htt->rx_ring.alloc_idx.vaddr = 0;
 
 	/* Initialize the Rx refill retry timer */
-	setup_timer(timer, ath10k_htt_rx_ring_refill_retry, (unsigned long)htt);
+	timer_setup(timer, ath10k_htt_rx_ring_refill_retry, 0);
 
 	spin_lock_init(&htt->rx_ring.lock);
 
diff --git a/drivers/net/wireless/ath/ath10k/pci.c b/drivers/net/wireless/ath/ath10k/pci.c
index 195dafb98131..2b975bb3f67e 100644
--- a/drivers/net/wireless/ath/ath10k/pci.c
+++ b/drivers/net/wireless/ath/ath10k/pci.c
@@ -585,10 +585,10 @@ static void ath10k_pci_sleep(struct ath10k *ar)
 	spin_unlock_irqrestore(&ar_pci->ps_lock, flags);
 }
 
-static void ath10k_pci_ps_timer(unsigned long ptr)
+static void ath10k_pci_ps_timer(struct timer_list *t)
 {
-	struct ath10k *ar = (void *)ptr;
-	struct ath10k_pci *ar_pci = ath10k_pci_priv(ar);
+	struct ath10k_pci *ar_pci = from_timer(ar_pci, t, ps_timer);
+	struct ath10k *ar = ar_pci->ar;
 	unsigned long flags;
 
 	spin_lock_irqsave(&ar_pci->ps_lock, flags);
@@ -838,9 +838,10 @@ void ath10k_pci_rx_post(struct ath10k *ar)
 		ath10k_pci_rx_post_pipe(&ar_pci->pipe_info[i]);
 }
 
-void ath10k_pci_rx_replenish_retry(unsigned long ptr)
+void ath10k_pci_rx_replenish_retry(struct timer_list *t)
 {
-	struct ath10k *ar = (void *)ptr;
+	struct ath10k_pci *ar_pci = from_timer(ar_pci, t, rx_post_retry);
+	struct ath10k *ar = ar_pci->ar;
 
 	ath10k_pci_rx_post(ar);
 }
@@ -3157,8 +3158,7 @@ int ath10k_pci_setup_resource(struct ath10k *ar)
 	spin_lock_init(&ce->ce_lock);
 	spin_lock_init(&ar_pci->ps_lock);
 
-	setup_timer(&ar_pci->rx_post_retry, ath10k_pci_rx_replenish_retry,
-		    (unsigned long)ar);
+	timer_setup(&ar_pci->rx_post_retry, ath10k_pci_rx_replenish_retry, 0);
 
 	if (QCA_REV_6174(ar) || QCA_REV_9377(ar))
 		ath10k_pci_override_ce_config(ar);
@@ -3284,8 +3284,7 @@ static int ath10k_pci_probe(struct pci_dev *pdev,
 	ar->id.subsystem_vendor = pdev->subsystem_vendor;
 	ar->id.subsystem_device = pdev->subsystem_device;
 
-	setup_timer(&ar_pci->ps_timer, ath10k_pci_ps_timer,
-		    (unsigned long)ar);
+	timer_setup(&ar_pci->ps_timer, ath10k_pci_ps_timer, 0);
 
 	ret = ath10k_pci_setup_resource(ar);
 	if (ret) {
diff --git a/drivers/net/wireless/ath/ath10k/pci.h b/drivers/net/wireless/ath/ath10k/pci.h
index 424ff323b2dc..08704fbc11e3 100644
--- a/drivers/net/wireless/ath/ath10k/pci.h
+++ b/drivers/net/wireless/ath/ath10k/pci.h
@@ -278,7 +278,7 @@ void ath10k_pci_hif_power_down(struct ath10k *ar);
 int ath10k_pci_alloc_pipes(struct ath10k *ar);
 void ath10k_pci_free_pipes(struct ath10k *ar);
 void ath10k_pci_free_pipes(struct ath10k *ar);
-void ath10k_pci_rx_replenish_retry(unsigned long ptr);
+void ath10k_pci_rx_replenish_retry(struct timer_list *t);
 void ath10k_pci_ce_deinit(struct ath10k *ar);
 void ath10k_pci_init_napi(struct ath10k *ar);
 int ath10k_pci_init_pipes(struct ath10k *ar);
diff --git a/drivers/net/wireless/ath/ath6kl/cfg80211.c b/drivers/net/wireless/ath/ath6kl/cfg80211.c
index 414b5b596efc..b53eb2b85f02 100644
--- a/drivers/net/wireless/ath/ath6kl/cfg80211.c
+++ b/drivers/net/wireless/ath/ath6kl/cfg80211.c
@@ -3589,10 +3589,8 @@ static int ath6kl_cfg80211_vif_init(struct ath6kl_vif *vif)
 		return -ENOMEM;
 	}
 
-	setup_timer(&vif->disconnect_timer, disconnect_timer_handler,
-		    (unsigned long) vif->ndev);
-	setup_timer(&vif->sched_scan_timer, ath6kl_wmi_sscan_timer,
-		    (unsigned long) vif);
+	timer_setup(&vif->disconnect_timer, disconnect_timer_handler, 0);
+	timer_setup(&vif->sched_scan_timer, ath6kl_wmi_sscan_timer, 0);
 
 	set_bit(WMM_ENABLED, &vif->flags);
 	spin_lock_init(&vif->if_lock);
diff --git a/drivers/net/wireless/ath/ath6kl/core.h b/drivers/net/wireless/ath/ath6kl/core.h
index 87e99c12d4ba..e23d450babd2 100644
--- a/drivers/net/wireless/ath/ath6kl/core.h
+++ b/drivers/net/wireless/ath/ath6kl/core.h
@@ -893,7 +893,7 @@ static inline u32 ath6kl_get_hi_item_addr(struct ath6kl *ar,
 
 int ath6kl_configure_target(struct ath6kl *ar);
 void ath6kl_detect_error(unsigned long ptr);
-void disconnect_timer_handler(unsigned long ptr);
+void disconnect_timer_handler(struct timer_list *t);
 void init_netdev(struct net_device *dev);
 void ath6kl_cookie_init(struct ath6kl *ar);
 void ath6kl_cookie_cleanup(struct ath6kl *ar);
diff --git a/drivers/net/wireless/ath/ath6kl/main.c b/drivers/net/wireless/ath/ath6kl/main.c
index b90c77ef792e..db95f85751e3 100644
--- a/drivers/net/wireless/ath/ath6kl/main.c
+++ b/drivers/net/wireless/ath/ath6kl/main.c
@@ -494,10 +494,9 @@ void ath6kl_connect_ap_mode_sta(struct ath6kl_vif *vif, u16 aid, u8 *mac_addr,
 	netif_wake_queue(vif->ndev);
 }
 
-void disconnect_timer_handler(unsigned long ptr)
+void disconnect_timer_handler(struct timer_list *t)
 {
-	struct net_device *dev = (struct net_device *)ptr;
-	struct ath6kl_vif *vif = netdev_priv(dev);
+	struct ath6kl_vif *vif = from_timer(vif, t, disconnect_timer);
 
 	ath6kl_init_profile_info(vif);
 	ath6kl_disconnect(vif);
diff --git a/drivers/net/wireless/ath/ath6kl/txrx.c b/drivers/net/wireless/ath/ath6kl/txrx.c
index 4e5cc2b7045a..1379906bf849 100644
--- a/drivers/net/wireless/ath/ath6kl/txrx.c
+++ b/drivers/net/wireless/ath/ath6kl/txrx.c
@@ -1620,10 +1620,10 @@ void ath6kl_rx(struct htc_target *target, struct htc_packet *packet)
 	ath6kl_deliver_frames_to_nw_stack(vif->ndev, skb);
 }
 
-static void aggr_timeout(unsigned long arg)
+static void aggr_timeout(struct timer_list *t)
 {
 	u8 i, j;
-	struct aggr_info_conn *aggr_conn = (struct aggr_info_conn *) arg;
+	struct aggr_info_conn *aggr_conn = from_timer(aggr_conn, t, timer);
 	struct rxtid *rxtid;
 	struct rxtid_stats *stats;
 
@@ -1753,7 +1753,7 @@ void aggr_conn_init(struct ath6kl_vif *vif, struct aggr_info *aggr_info,
 
 	aggr_conn->aggr_sz = AGGR_SZ_DEFAULT;
 	aggr_conn->dev = vif->ndev;
-	setup_timer(&aggr_conn->timer, aggr_timeout, (unsigned long)aggr_conn);
+	timer_setup(&aggr_conn->timer, aggr_timeout, 0);
 	aggr_conn->aggr_info = aggr_info;
 
 	aggr_conn->timer_scheduled = false;
diff --git a/drivers/net/wireless/ath/ath6kl/wmi.c b/drivers/net/wireless/ath/ath6kl/wmi.c
index bfc20b45b806..777acc564ac9 100644
--- a/drivers/net/wireless/ath/ath6kl/wmi.c
+++ b/drivers/net/wireless/ath/ath6kl/wmi.c
@@ -1078,9 +1078,9 @@ static int ath6kl_wmi_tkip_micerr_event_rx(struct wmi *wmi, u8 *datap, int len,
 	return 0;
 }
 
-void ath6kl_wmi_sscan_timer(unsigned long ptr)
+void ath6kl_wmi_sscan_timer(struct timer_list *t)
 {
-	struct ath6kl_vif *vif = (struct ath6kl_vif *) ptr;
+	struct ath6kl_vif *vif = from_timer(vif, t, sched_scan_timer);
 
 	cfg80211_sched_scan_results(vif->ar->wiphy, 0);
 }
diff --git a/drivers/net/wireless/ath/ath6kl/wmi.h b/drivers/net/wireless/ath/ath6kl/wmi.h
index 3af464a73b58..a60bb49fe920 100644
--- a/drivers/net/wireless/ath/ath6kl/wmi.h
+++ b/drivers/net/wireless/ath/ath6kl/wmi.h
@@ -2719,7 +2719,7 @@ int ath6kl_wmi_set_appie_cmd(struct wmi *wmi, u8 if_idx, u8 mgmt_frm_type,
 
 int ath6kl_wmi_set_inact_period(struct wmi *wmi, u8 if_idx, int inact_timeout);
 
-void ath6kl_wmi_sscan_timer(unsigned long ptr);
+void ath6kl_wmi_sscan_timer(struct timer_list *t);
 
 int ath6kl_wmi_get_challenge_resp_cmd(struct wmi *wmi, u32 cookie, u32 source);
 
diff --git a/drivers/net/wireless/ath/ath9k/ath9k.h b/drivers/net/wireless/ath/ath9k/ath9k.h
index cf076719c27e..ef0de4f1312c 100644
--- a/drivers/net/wireless/ath/ath9k/ath9k.h
+++ b/drivers/net/wireless/ath/ath9k/ath9k.h
@@ -750,14 +750,14 @@ void ath_reset_work(struct work_struct *work);
 bool ath_hw_check(struct ath_softc *sc);
 void ath_hw_pll_work(struct work_struct *work);
 void ath_paprd_calibrate(struct work_struct *work);
-void ath_ani_calibrate(unsigned long data);
+void ath_ani_calibrate(struct timer_list *t);
 void ath_start_ani(struct ath_softc *sc);
 void ath_stop_ani(struct ath_softc *sc);
 void ath_check_ani(struct ath_softc *sc);
 int ath_update_survey_stats(struct ath_softc *sc);
 void ath_update_survey_nf(struct ath_softc *sc, int channel);
 void ath9k_queue_reset(struct ath_softc *sc, enum ath_reset_type type);
-void ath_ps_full_sleep(unsigned long data);
+void ath_ps_full_sleep(struct timer_list *t);
 void __ath9k_flush(struct ieee80211_hw *hw, u32 queues, bool drop,
 		   bool sw_pending, bool timeout_override);
 
diff --git a/drivers/net/wireless/ath/ath9k/channel.c b/drivers/net/wireless/ath/ath9k/channel.c
index f0439f2d566b..6cdba5a71095 100644
--- a/drivers/net/wireless/ath/ath9k/channel.c
+++ b/drivers/net/wireless/ath/ath9k/channel.c
@@ -1042,9 +1042,9 @@ static void ath_scan_channel_start(struct ath_softc *sc)
 	mod_timer(&sc->offchannel.timer, jiffies + sc->offchannel.duration);
 }
 
-static void ath_chanctx_timer(unsigned long data)
+static void ath_chanctx_timer(struct timer_list *t)
 {
-	struct ath_softc *sc = (struct ath_softc *) data;
+	struct ath_softc *sc = from_timer(sc, t, sched.timer);
 	struct ath_common *common = ath9k_hw_common(sc->sc_ah);
 
 	ath_dbg(common, CHAN_CTX,
@@ -1053,9 +1053,9 @@ static void ath_chanctx_timer(unsigned long data)
 	ath_chanctx_event(sc, NULL, ATH_CHANCTX_EVENT_TSF_TIMER);
 }
 
-static void ath_offchannel_timer(unsigned long data)
+static void ath_offchannel_timer(struct timer_list *t)
 {
-	struct ath_softc *sc = (struct ath_softc *)data;
+	struct ath_softc *sc = from_timer(sc, t, offchannel.timer);
 	struct ath_chanctx *ctx;
 	struct ath_common *common = ath9k_hw_common(sc->sc_ah);
 
@@ -1361,10 +1361,8 @@ void ath9k_init_channel_context(struct ath_softc *sc)
 {
 	INIT_WORK(&sc->chanctx_work, ath_chanctx_work);
 
-	setup_timer(&sc->offchannel.timer, ath_offchannel_timer,
-		    (unsigned long)sc);
-	setup_timer(&sc->sched.timer, ath_chanctx_timer,
-		    (unsigned long)sc);
+	timer_setup(&sc->offchannel.timer, ath_offchannel_timer, 0);
+	timer_setup(&sc->sched.timer, ath_chanctx_timer, 0);
 
 	init_completion(&sc->go_beacon);
 }
diff --git a/drivers/net/wireless/ath/ath9k/gpio.c b/drivers/net/wireless/ath/ath9k/gpio.c
index ddb28861e7fe..b457e52dd365 100644
--- a/drivers/net/wireless/ath/ath9k/gpio.c
+++ b/drivers/net/wireless/ath/ath9k/gpio.c
@@ -191,9 +191,9 @@ static void ath_mci_ftp_adjust(struct ath_softc *sc)
  * 45ms, bt traffic will be given priority during 55% of this
  * period while wlan gets remaining 45%
  */
-static void ath_btcoex_period_timer(unsigned long data)
+static void ath_btcoex_period_timer(struct timer_list *t)
 {
-	struct ath_softc *sc = (struct ath_softc *) data;
+	struct ath_softc *sc = from_timer(sc, t, btcoex.period_timer);
 	struct ath_hw *ah = sc->sc_ah;
 	struct ath_btcoex *btcoex = &sc->btcoex;
 	enum ath_stomp_type stomp_type;
@@ -252,9 +252,9 @@ static void ath_btcoex_period_timer(unsigned long data)
  * Generic tsf based hw timer which configures weight
  * registers to time slice between wlan and bt traffic
  */
-static void ath_btcoex_no_stomp_timer(unsigned long arg)
+static void ath_btcoex_no_stomp_timer(struct timer_list *t)
 {
-	struct ath_softc *sc = (struct ath_softc *)arg;
+	struct ath_softc *sc = from_timer(sc, t, btcoex.no_stomp_timer);
 	struct ath_hw *ah = sc->sc_ah;
 	struct ath_btcoex *btcoex = &sc->btcoex;
 
@@ -284,10 +284,8 @@ static void ath_init_btcoex_timer(struct ath_softc *sc)
 				   btcoex->btcoex_period / 100;
 	btcoex->bt_stomp_type = ATH_BTCOEX_STOMP_LOW;
 
-	setup_timer(&btcoex->period_timer, ath_btcoex_period_timer,
-			(unsigned long) sc);
-	setup_timer(&btcoex->no_stomp_timer, ath_btcoex_no_stomp_timer,
-			(unsigned long) sc);
+	timer_setup(&btcoex->period_timer, ath_btcoex_period_timer, 0);
+	timer_setup(&btcoex->no_stomp_timer, ath_btcoex_no_stomp_timer, 0);
 
 	spin_lock_init(&btcoex->btcoex_lock);
 }
diff --git a/drivers/net/wireless/ath/ath9k/htc.h b/drivers/net/wireless/ath/ath9k/htc.h
index 16dff4b89a86..9f64e32381f9 100644
--- a/drivers/net/wireless/ath/ath9k/htc.h
+++ b/drivers/net/wireless/ath/ath9k/htc.h
@@ -584,7 +584,7 @@ void ath9k_htc_tx_clear_slot(struct ath9k_htc_priv *priv, int slot);
 void ath9k_htc_tx_drain(struct ath9k_htc_priv *priv);
 void ath9k_htc_txstatus(struct ath9k_htc_priv *priv, void *wmi_event);
 void ath9k_tx_failed_tasklet(unsigned long data);
-void ath9k_htc_tx_cleanup_timer(unsigned long data);
+void ath9k_htc_tx_cleanup_timer(struct timer_list *t);
 bool ath9k_htc_csa_is_finished(struct ath9k_htc_priv *priv);
 
 int ath9k_rx_init(struct ath9k_htc_priv *priv);
diff --git a/drivers/net/wireless/ath/ath9k/htc_drv_init.c b/drivers/net/wireless/ath/ath9k/htc_drv_init.c
index da2164b0cccc..a5cb796f114d 100644
--- a/drivers/net/wireless/ath/ath9k/htc_drv_init.c
+++ b/drivers/net/wireless/ath/ath9k/htc_drv_init.c
@@ -654,8 +654,7 @@ static int ath9k_init_priv(struct ath9k_htc_priv *priv,
 	INIT_DELAYED_WORK(&priv->ani_work, ath9k_htc_ani_work);
 	INIT_WORK(&priv->ps_work, ath9k_ps_work);
 	INIT_WORK(&priv->fatal_work, ath9k_fatal_work);
-	setup_timer(&priv->tx.cleanup_timer, ath9k_htc_tx_cleanup_timer,
-		    (unsigned long)priv);
+	timer_setup(&priv->tx.cleanup_timer, ath9k_htc_tx_cleanup_timer, 0);
 
 	/*
 	 * Cache line size is used to size and align various
diff --git a/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c b/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
index b38a586ea59a..242304eb8798 100644
--- a/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
+++ b/drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
@@ -752,9 +752,9 @@ static void ath9k_htc_tx_cleanup_queue(struct ath9k_htc_priv *priv,
 	}
 }
 
-void ath9k_htc_tx_cleanup_timer(unsigned long data)
+void ath9k_htc_tx_cleanup_timer(struct timer_list *t)
 {
-	struct ath9k_htc_priv *priv = (struct ath9k_htc_priv *) data;
+	struct ath9k_htc_priv *priv = from_timer(priv, t, tx.cleanup_timer);
 	struct ath_common *common = ath9k_hw_common(priv->ah);
 	struct ath9k_htc_tx_event *event, *tmp;
 	struct sk_buff *skb;
diff --git a/drivers/net/wireless/ath/ath9k/init.c b/drivers/net/wireless/ath/ath9k/init.c
index bb7936090b91..7beba4e1a8a4 100644
--- a/drivers/net/wireless/ath/ath9k/init.c
+++ b/drivers/net/wireless/ath/ath9k/init.c
@@ -369,7 +369,7 @@ static void ath9k_init_misc(struct ath_softc *sc)
 	struct ath_common *common = ath9k_hw_common(sc->sc_ah);
 	int i = 0;
 
-	setup_timer(&common->ani.timer, ath_ani_calibrate, (unsigned long)sc);
+	timer_setup(&common->ani.timer, ath_ani_calibrate, 0);
 
 	common->last_rssi = ATH_RSSI_DUMMY_MARKER;
 	memcpy(common->bssidmask, ath_bcast_mac, ETH_ALEN);
@@ -678,7 +678,7 @@ static int ath9k_init_softc(u16 devid, struct ath_softc *sc,
 	tasklet_init(&sc->bcon_tasklet, ath9k_beacon_tasklet,
 		     (unsigned long)sc);
 
-	setup_timer(&sc->sleep_timer, ath_ps_full_sleep, (unsigned long)sc);
+	timer_setup(&sc->sleep_timer, ath_ps_full_sleep, 0);
 	INIT_WORK(&sc->hw_reset_work, ath_reset_work);
 	INIT_WORK(&sc->paprd_work, ath_paprd_calibrate);
 	INIT_DELAYED_WORK(&sc->hw_pll_work, ath_hw_pll_work);
diff --git a/drivers/net/wireless/ath/ath9k/link.c b/drivers/net/wireless/ath/ath9k/link.c
index 27c50562dc47..7d2462781bb8 100644
--- a/drivers/net/wireless/ath/ath9k/link.c
+++ b/drivers/net/wireless/ath/ath9k/link.c
@@ -301,11 +301,11 @@ void ath_paprd_calibrate(struct work_struct *work)
  *  When the task is complete, it reschedules itself depending on the
  *  appropriate interval that was calculated.
  */
-void ath_ani_calibrate(unsigned long data)
+void ath_ani_calibrate(struct timer_list *t)
 {
-	struct ath_softc *sc = (struct ath_softc *)data;
+	struct ath_common *common = from_timer(common, t, ani.timer);
+	struct ath_softc *sc = (struct ath_softc *)common->priv;
 	struct ath_hw *ah = sc->sc_ah;
-	struct ath_common *common = ath9k_hw_common(ah);
 	bool longcal = false;
 	bool shortcal = false;
 	bool aniflag = false;
diff --git a/drivers/net/wireless/ath/ath9k/main.c b/drivers/net/wireless/ath/ath9k/main.c
index 8b4ac7f0a09b..22ac9cf2d3f2 100644
--- a/drivers/net/wireless/ath/ath9k/main.c
+++ b/drivers/net/wireless/ath/ath9k/main.c
@@ -93,9 +93,9 @@ static bool ath9k_setpower(struct ath_softc *sc, enum ath9k_power_mode mode)
 	return ret;
 }
 
-void ath_ps_full_sleep(unsigned long data)
+void ath_ps_full_sleep(struct timer_list *t)
 {
-	struct ath_softc *sc = (struct ath_softc *) data;
+	struct ath_softc *sc = from_timer(sc, t, sleep_timer);
 	struct ath_common *common = ath9k_hw_common(sc->sc_ah);
 	bool reset;
 
diff --git a/drivers/net/wireless/ath/wil6210/main.c b/drivers/net/wireless/ath/wil6210/main.c
index bac829aa950d..885924abf61c 100644
--- a/drivers/net/wireless/ath/wil6210/main.c
+++ b/drivers/net/wireless/ath/wil6210/main.c
@@ -336,9 +336,9 @@ static void wil_disconnect_worker(struct work_struct *work)
 	clear_bit(wil_status_fwconnecting, wil->status);
 }
 
-static void wil_connect_timer_fn(ulong x)
+static void wil_connect_timer_fn(struct timer_list *t)
 {
-	struct wil6210_priv *wil = (void *)x;
+	struct wil6210_priv *wil = from_timer(wil, t, connect_timer);
 	bool q;
 
 	wil_err(wil, "Connect timeout detected, disconnect station\n");
@@ -351,9 +351,9 @@ static void wil_connect_timer_fn(ulong x)
 	wil_dbg_wmi(wil, "queue_work of disconnect_worker -> %d\n", q);
 }
 
-static void wil_scan_timer_fn(ulong x)
+static void wil_scan_timer_fn(struct timer_list *t)
 {
-	struct wil6210_priv *wil = (void *)x;
+	struct wil6210_priv *wil = from_timer(wil, t, scan_timer);
 
 	clear_bit(wil_status_fwready, wil->status);
 	wil_err(wil, "Scan timeout detected, start fw error recovery\n");
@@ -540,10 +540,9 @@ int wil_priv_init(struct wil6210_priv *wil)
 	init_completion(&wil->halp.comp);
 
 	wil->bcast_vring = -1;
-	setup_timer(&wil->connect_timer, wil_connect_timer_fn, (ulong)wil);
-	setup_timer(&wil->scan_timer, wil_scan_timer_fn, (ulong)wil);
-	setup_timer(&wil->p2p.discovery_timer, wil_p2p_discovery_timer_fn,
-		    (ulong)wil);
+	timer_setup(&wil->connect_timer, wil_connect_timer_fn, 0);
+	timer_setup(&wil->scan_timer, wil_scan_timer_fn, 0);
+	timer_setup(&wil->p2p.discovery_timer, wil_p2p_discovery_timer_fn, 0);
 
 	INIT_WORK(&wil->disconnect_worker, wil_disconnect_worker);
 	INIT_WORK(&wil->wmi_event_worker, wmi_event_worker);
diff --git a/drivers/net/wireless/ath/wil6210/p2p.c b/drivers/net/wireless/ath/wil6210/p2p.c
index 792484756654..7dbee2c3e482 100644
--- a/drivers/net/wireless/ath/wil6210/p2p.c
+++ b/drivers/net/wireless/ath/wil6210/p2p.c
@@ -65,9 +65,9 @@ bool wil_p2p_is_social_scan(struct cfg80211_scan_request *request)
 	       (request->channels[0]->hw_value == P2P_DMG_SOCIAL_CHANNEL);
 }
 
-void wil_p2p_discovery_timer_fn(ulong x)
+void wil_p2p_discovery_timer_fn(struct timer_list *t)
 {
-	struct wil6210_priv *wil = (void *)x;
+	struct wil6210_priv *wil = from_timer(wil, t, p2p.discovery_timer);
 
 	wil_dbg_misc(wil, "p2p_discovery_timer_fn\n");
 
diff --git a/drivers/net/wireless/ath/wil6210/wil6210.h b/drivers/net/wireless/ath/wil6210/wil6210.h
index 315ec8b59662..1e340d04bd70 100644
--- a/drivers/net/wireless/ath/wil6210/wil6210.h
+++ b/drivers/net/wireless/ath/wil6210/wil6210.h
@@ -918,7 +918,7 @@ void wil6210_mask_halp(struct wil6210_priv *wil);
 
 /* P2P */
 bool wil_p2p_is_social_scan(struct cfg80211_scan_request *request);
-void wil_p2p_discovery_timer_fn(ulong x);
+void wil_p2p_discovery_timer_fn(struct timer_list *t);
 int wil_p2p_search(struct wil6210_priv *wil,
 		   struct cfg80211_scan_request *request);
 int wil_p2p_listen(struct wil6210_priv *wil, struct wireless_dev *wdev,
-- 
2.7.4


-- 
Kees Cook
Pixel Security

^ permalink raw reply related

* Searching help for Linux support for RTL8812AU
From: txt.file @ 2017-10-24 13:24 UTC (permalink / raw)
  To: linux-wireless, driverdev-devel


[-- Attachment #1.1: Type: text/plain, Size: 406 bytes --]

Hey Linux wireless list,

A while ago I bought an ALFA Network AWUS036AC[0] which does not yet
seem to be supported in Linux mainline. I would like to get it supported.

The problem is that I have not that much experience doing software
development.

kind regards
txt.file

PS: Please keep me in CC as I am not subscribed to the lists.

[0] https://wikidevi.com/wiki/ALFA_Network_AWUS036AC


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply

* Re: A good way to get CSI info to user-space?
From: Ben Greear @ 2017-10-24 13:36 UTC (permalink / raw)
  To: Johannes Berg, linux-wireless@vger.kernel.org
In-Reply-To: <1508824462.2639.25.camel@sipsolutions.net>



On 10/23/2017 10:54 PM, Johannes Berg wrote:
> On Mon, 2017-10-23 at 13:59 -0700, Ben Greear wrote:
>
>>> The CSI data has variable length [1] but it's fundamentally always tied
>>> to a specific frame and as such we've always attached it to that frame
>>> using a radiotap vendor namespace.
>>>
>>> You can easily implement that in a mac80211 driver since it has support
>>> for that via RX_FLAG_RADIOTAP_VENDOR_DATA and the associated struct
>>> ieee80211_vendor_radiotap that you put into the skb's head.
>>>
>>> Why should anything else be needed?
>>
>> So this would only show up in user-space in something like a pkt-capture?
>
> Sure. But since you can easily add virtual monitor interfaces at any
> time, that doesn't really mean anything.

Adding a monitor device is a pretty big hammer on ath10k, at least, and
probably not something one would want running continuously in a production
environment.

The CSI data is one part, but tx-beamforming is another area of interest.

If I get a chance, I'll try to add a way to pass some of this opaque
info up through netlink events.  I'm thinking something like:

mac80211_nl_send_opaque_event(mac80211-handle, int data-type, u8* data, int data_len);

data-type would be:
NLD_ATH_CSI_DATA = 0,
NLD_ATH_TXBF_DATA = 1,
NLD_PRIVATE_START = 5000,
....


'iw events' could be made to dump raw hex for external programs to decode, or maybe
decode it a bit itself in some cases.  And, third-party programs can open a netlink
monitor socket and get the data directly.

Thanks,
Ben


-- 
Ben Greear <greearb@candelatech.com>
Candela Technologies Inc  http://www.candelatech.com

^ permalink raw reply

* Re: A good way to get CSI info to user-space?
From: Johannes Berg @ 2017-10-24 13:38 UTC (permalink / raw)
  To: Ben Greear, linux-wireless@vger.kernel.org
In-Reply-To: <d1746cd6-d889-a253-3638-8011d1ebd4fb@candelatech.com>

On Tue, 2017-10-24 at 06:36 -0700, Ben Greear wrote:
> 
> On 10/23/2017 10:54 PM, Johannes Berg wrote:
> > On Mon, 2017-10-23 at 13:59 -0700, Ben Greear wrote:
> > 
> > > > The CSI data has variable length [1] but it's fundamentally always tied
> > > > to a specific frame and as such we've always attached it to that frame
> > > > using a radiotap vendor namespace.
> > > > 
> > > > You can easily implement that in a mac80211 driver since it has support
> > > > for that via RX_FLAG_RADIOTAP_VENDOR_DATA and the associated struct
> > > > ieee80211_vendor_radiotap that you put into the skb's head.
> > > > 
> > > > Why should anything else be needed?
> > > 
> > > So this would only show up in user-space in something like a pkt-capture?
> > 
> > Sure. But since you can easily add virtual monitor interfaces at any
> > time, that doesn't really mean anything.
> 
> Adding a monitor device is a pretty big hammer on ath10k, at least, and
> probably not something one would want running continuously in a production
> environment.

We keep having this discussion. You need to fix this, it should be
really simple to fix this - just remove all checks for CONF_MONITOR
from ath10k and make it use WANT_MONITOR_VIF instead if it doesn't
already.

> The CSI data is one part, but tx-beamforming is another area of interest.
> 
> If I get a chance, I'll try to add a way to pass some of this opaque
> info up through netlink events.  I'm thinking something like:
> 
> mac80211_nl_send_opaque_event(mac80211-handle, int data-type, u8* data, int data_len);

I will not accept this upstream.

johannes

^ permalink raw reply

* Re: A good way to get CSI info to user-space?
From: Ben Greear @ 2017-10-24 13:50 UTC (permalink / raw)
  To: Johannes Berg, linux-wireless@vger.kernel.org
In-Reply-To: <1508852310.2639.29.camel@sipsolutions.net>



On 10/24/2017 06:38 AM, Johannes Berg wrote:
> On Tue, 2017-10-24 at 06:36 -0700, Ben Greear wrote:
>>
>> On 10/23/2017 10:54 PM, Johannes Berg wrote:
>>> On Mon, 2017-10-23 at 13:59 -0700, Ben Greear wrote:
>>>
>>>>> The CSI data has variable length [1] but it's fundamentally always tied
>>>>> to a specific frame and as such we've always attached it to that frame
>>>>> using a radiotap vendor namespace.
>>>>>
>>>>> You can easily implement that in a mac80211 driver since it has support
>>>>> for that via RX_FLAG_RADIOTAP_VENDOR_DATA and the associated struct
>>>>> ieee80211_vendor_radiotap that you put into the skb's head.
>>>>>
>>>>> Why should anything else be needed?
>>>>
>>>> So this would only show up in user-space in something like a pkt-capture?
>>>
>>> Sure. But since you can easily add virtual monitor interfaces at any
>>> time, that doesn't really mean anything.
>>
>> Adding a monitor device is a pretty big hammer on ath10k, at least, and
>> probably not something one would want running continuously in a production
>> environment.
>
> We keep having this discussion. You need to fix this, it should be
> really simple to fix this - just remove all checks for CONF_MONITOR
> from ath10k and make it use WANT_MONITOR_VIF instead if it doesn't
> already.

I don't recall having this discussion, but even if you can do a
non-promiscuous monitor mode, you would have to end up having a bpf
socket filter and packet socket, right?

Wouldn't that have a noticeable effect on performance on modest sized
AP hardware?

>> The CSI data is one part, but tx-beamforming is another area of interest.
>>
>> If I get a chance, I'll try to add a way to pass some of this opaque
>> info up through netlink events.  I'm thinking something like:
>>
>> mac80211_nl_send_opaque_event(mac80211-handle, int data-type, u8* data, int data_len);
>
> I will not accept this upstream.

Thanks for letting me know up front, at least.

Anyone know if there is a useful way to stream events from debugfs and/or sysfs w/out having to busy-poll
on it?

Thanks,
Ben

-- 
Ben Greear <greearb@candelatech.com>
Candela Technologies Inc  http://www.candelatech.com

^ permalink raw reply

* Re: A good way to get CSI info to user-space?
From: Johannes Berg @ 2017-10-24 13:55 UTC (permalink / raw)
  To: Ben Greear, linux-wireless@vger.kernel.org
In-Reply-To: <b52bbc61-f0b5-5e9a-cce3-011fd43e6c8d@candelatech.com>

On Tue, 2017-10-24 at 06:50 -0700, Ben Greear wrote:

> > We keep having this discussion. You need to fix this, it should be
> > really simple to fix this - just remove all checks for CONF_MONITOR
> > from ath10k and make it use WANT_MONITOR_VIF instead if it doesn't
> > already.
> 
> I don't recall having this discussion, 

I'm pretty sure I had this discussion about ath10k not liking virtual
monitor, but maybe it was with somebody else.

> but even if you can do a
> non-promiscuous monitor mode, you would have to end up having a bpf
> socket filter and packet socket, right?

True.

> Wouldn't that have a noticeable effect on performance on modest sized
> AP hardware?

Yes. I was planning to add the wifi BPF to fix that:
https://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next.git/log/?h=bpf

You shouldn't think that building netlink messages is free though.
There's a lot more locking etc. going on there.

> > > mac80211_nl_send_opaque_event(mac80211-handle, int data-type, u8* data, int data_len);
> > 
> > I will not accept this upstream.
> 
> Thanks for letting me know up front, at least.
> 
> Anyone know if there is a useful way to stream events from debugfs
> and/or sysfs w/out having to busy-poll on it?

There's relayfs, which is kinda built for that. You could even use
netlink vendor events, but I don't really think netlink is appropriate
here.

johannes

^ permalink raw reply

* Re: [PATCH] ath10k: rebuild crypto header in RX data frames
From: Ben Greear @ 2017-10-24 16:09 UTC (permalink / raw)
  To: Kalle Valo, Jasmine Strong
  Cc: Sebastian Gottschall, ath10k, linux-wireless@vger.kernel.org
In-Reply-To: <8760b5cfnz.fsf@kamboji.qca.qualcomm.com>

On 10/23/2017 09:50 PM, Kalle Valo wrote:
> Jasmine Strong <jas@eero.com> writes:
>
>> That's what I saw.  A bcom client was able to associate and not pass
>> any traffic.  This is on all three of 9882, 9888 and 4019.
>
> Thanks for the report, we'll investigate it. And I see that your email
> was now succesfully delivered to the list:
>
> http://lists.infradead.org/pipermail/ath10k/2017-October/010325.html


I'm not sure if this is helpful or not, but in the transition from 10.1 to 10.2 firmware,
there was some tricky re-work of the PN counter logic in the firmware source.  It had
specific impact on the broadcom driver interaction.

Possibly a similar issue is being seen with this driver patch?

Thanks,
Ben

-- 
Ben Greear <greearb@candelatech.com>
Candela Technologies Inc  http://www.candelatech.com

^ permalink raw reply

* [PATCH v2] ath10k: rebuild crypto header in Rx data frames
From: Kalle Valo @ 2017-10-24 17:54 UTC (permalink / raw)
  To: ath10k; +Cc: linux-wireless, Vasanthakumar Thiagarajan

From: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>

Rx data frames notified through HTT_T2H_MSG_TYPE_RX_IND and
HTT_T2H_MSG_TYPE_RX_FRAG_IND expect PN/TSC check to be done
on host (mac80211) rather than firmware. Rebuild cipher header
in every received data frames (that are notified through those
HTT interfaces) from the rx_hdr_status tlv available in the
rx descriptor of the first msdu. Skip setting RX_FLAG_IV_STRIPPED
flag for the packets which requires mac80211 PN/TSC check support
and set appropriate RX_FLAG for stripped crypto tail. Hw QCA988X,
QCA9887, QCA99X0, QCA9984, QCA9888 and QCA4019 currently need the
rebuilding of cipher header to perform PN/TSC check for replay
attack.

Tested-by: Manikanta Pubbisetty <mpubbise@qti.qualcomm.com>
Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
---

v2:

* Construct cipher header from rx_hdr_status tlv rather than from
  the msdu_start and mpdu_start tlvs. This fixes connection
  issues, also reduces the amount of code change.

* Make sure the frame is qos data before clearing AMSDU_PRESENT
  bit of qos control field.

* Fix traffic issue with QCA988X and QCA9887 hw by taking care of
  padding bytes added for 4-byte alignment before the cipher
  header.

TODO:

* CCMP-256 and GCMP/GCMP-256 are not yet supported 

 drivers/net/wireless/ath/ath10k/htt_rx.c | 91 ++++++++++++++++++++++++++------
 1 file changed, 74 insertions(+), 17 deletions(-)

diff --git a/drivers/net/wireless/ath/ath10k/htt_rx.c b/drivers/net/wireless/ath/ath10k/htt_rx.c
index a3f5dc78353f..aae4f0ea9360 100644
--- a/drivers/net/wireless/ath/ath10k/htt_rx.c
+++ b/drivers/net/wireless/ath/ath10k/htt_rx.c
@@ -1050,8 +1050,14 @@ static void ath10k_htt_rx_h_undecap_raw(struct ath10k *ar,
 
 	hdr = (void *)msdu->data;
 
-	/* Tail */
-	if (status->flag & RX_FLAG_IV_STRIPPED)
+	/* MIC */
+	if ((status->flag & RX_FLAG_MIC_STRIPPED) &&
+	    enctype == HTT_RX_MPDU_ENCRYPT_AES_CCM_WPA2)
+		skb_trim(msdu, msdu->len - 8);
+
+	/* ICV */
+	if (status->flag & RX_FLAG_ICV_STRIPPED &&
+	    enctype != HTT_RX_MPDU_ENCRYPT_AES_CCM_WPA2)
 		skb_trim(msdu, msdu->len -
 			 ath10k_htt_rx_crypto_tail_len(ar, enctype));
 
@@ -1075,7 +1081,8 @@ static void ath10k_htt_rx_h_undecap_raw(struct ath10k *ar,
 static void ath10k_htt_rx_h_undecap_nwifi(struct ath10k *ar,
 					  struct sk_buff *msdu,
 					  struct ieee80211_rx_status *status,
-					  const u8 first_hdr[64])
+					  const u8 first_hdr[64],
+					  enum htt_rx_mpdu_encrypt_type enctype)
 {
 	struct ieee80211_hdr *hdr;
 	struct htt_rx_desc *rxd;
@@ -1083,6 +1090,7 @@ static void ath10k_htt_rx_h_undecap_nwifi(struct ath10k *ar,
 	u8 da[ETH_ALEN];
 	u8 sa[ETH_ALEN];
 	int l3_pad_bytes;
+	int bytes_aligned = ar->hw_params.decap_align_bytes;
 
 	/* Delivered decapped frame:
 	 * [nwifi 802.11 header] <-- replaced with 802.11 hdr
@@ -1111,6 +1119,14 @@ static void ath10k_htt_rx_h_undecap_nwifi(struct ath10k *ar,
 	/* push original 802.11 header */
 	hdr = (struct ieee80211_hdr *)first_hdr;
 	hdr_len = ieee80211_hdrlen(hdr->frame_control);
+
+	if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
+		memcpy(skb_push(msdu,
+				ath10k_htt_rx_crypto_param_len(ar, enctype)),
+		       (void *)hdr + round_up(hdr_len, bytes_aligned),
+			ath10k_htt_rx_crypto_param_len(ar, enctype));
+	}
+
 	memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
 
 	/* original 802.11 header has a different DA and in
@@ -1171,6 +1187,7 @@ static void ath10k_htt_rx_h_undecap_eth(struct ath10k *ar,
 	u8 sa[ETH_ALEN];
 	int l3_pad_bytes;
 	struct htt_rx_desc *rxd;
+	int bytes_aligned = ar->hw_params.decap_align_bytes;
 
 	/* Delivered decapped frame:
 	 * [eth header] <-- replaced with 802.11 hdr & rfc1042/llc
@@ -1199,6 +1216,14 @@ static void ath10k_htt_rx_h_undecap_eth(struct ath10k *ar,
 	/* push original 802.11 header */
 	hdr = (struct ieee80211_hdr *)first_hdr;
 	hdr_len = ieee80211_hdrlen(hdr->frame_control);
+
+	if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
+		memcpy(skb_push(msdu,
+				ath10k_htt_rx_crypto_param_len(ar, enctype)),
+		       (void *)hdr + round_up(hdr_len, bytes_aligned),
+			ath10k_htt_rx_crypto_param_len(ar, enctype));
+	}
+
 	memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
 
 	/* original 802.11 header has a different DA and in
@@ -1212,12 +1237,14 @@ static void ath10k_htt_rx_h_undecap_eth(struct ath10k *ar,
 static void ath10k_htt_rx_h_undecap_snap(struct ath10k *ar,
 					 struct sk_buff *msdu,
 					 struct ieee80211_rx_status *status,
-					 const u8 first_hdr[64])
+					 const u8 first_hdr[64],
+					 enum htt_rx_mpdu_encrypt_type enctype)
 {
 	struct ieee80211_hdr *hdr;
 	size_t hdr_len;
 	int l3_pad_bytes;
 	struct htt_rx_desc *rxd;
+	int bytes_aligned = ar->hw_params.decap_align_bytes;
 
 	/* Delivered decapped frame:
 	 * [amsdu header] <-- replaced with 802.11 hdr
@@ -1233,6 +1260,14 @@ static void ath10k_htt_rx_h_undecap_snap(struct ath10k *ar,
 
 	hdr = (struct ieee80211_hdr *)first_hdr;
 	hdr_len = ieee80211_hdrlen(hdr->frame_control);
+
+	if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
+		memcpy(skb_push(msdu,
+				ath10k_htt_rx_crypto_param_len(ar, enctype)),
+		       (void *)hdr + round_up(hdr_len, bytes_aligned),
+			ath10k_htt_rx_crypto_param_len(ar, enctype));
+	}
+
 	memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
 }
 
@@ -1267,13 +1302,15 @@ static void ath10k_htt_rx_h_undecap(struct ath10k *ar,
 					    is_decrypted);
 		break;
 	case RX_MSDU_DECAP_NATIVE_WIFI:
-		ath10k_htt_rx_h_undecap_nwifi(ar, msdu, status, first_hdr);
+		ath10k_htt_rx_h_undecap_nwifi(ar, msdu, status, first_hdr,
+					      enctype);
 		break;
 	case RX_MSDU_DECAP_ETHERNET2_DIX:
 		ath10k_htt_rx_h_undecap_eth(ar, msdu, status, first_hdr, enctype);
 		break;
 	case RX_MSDU_DECAP_8023_SNAP_LLC:
-		ath10k_htt_rx_h_undecap_snap(ar, msdu, status, first_hdr);
+		ath10k_htt_rx_h_undecap_snap(ar, msdu, status, first_hdr,
+					     enctype);
 		break;
 	}
 }
@@ -1316,7 +1353,8 @@ static void ath10k_htt_rx_h_csum_offload(struct sk_buff *msdu)
 
 static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
 				 struct sk_buff_head *amsdu,
-				 struct ieee80211_rx_status *status)
+				 struct ieee80211_rx_status *status,
+				 bool fill_crypt_header)
 {
 	struct sk_buff *first;
 	struct sk_buff *last;
@@ -1326,7 +1364,6 @@ static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
 	enum htt_rx_mpdu_encrypt_type enctype;
 	u8 first_hdr[64];
 	u8 *qos;
-	size_t hdr_len;
 	bool has_fcs_err;
 	bool has_crypto_err;
 	bool has_tkip_err;
@@ -1351,15 +1388,17 @@ static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
 	 * decapped header. It'll be used for undecapping of each MSDU.
 	 */
 	hdr = (void *)rxd->rx_hdr_status;
-	hdr_len = ieee80211_hdrlen(hdr->frame_control);
-	memcpy(first_hdr, hdr, hdr_len);
+	memcpy(first_hdr, hdr, RX_HTT_HDR_STATUS_LEN);
 
 	/* Each A-MSDU subframe will use the original header as the base and be
 	 * reported as a separate MSDU so strip the A-MSDU bit from QoS Ctl.
 	 */
 	hdr = (void *)first_hdr;
-	qos = ieee80211_get_qos_ctl(hdr);
-	qos[0] &= ~IEEE80211_QOS_CTL_A_MSDU_PRESENT;
+
+	if (ieee80211_is_data_qos(hdr->frame_control)) {
+		qos = ieee80211_get_qos_ctl(hdr);
+		qos[0] &= ~IEEE80211_QOS_CTL_A_MSDU_PRESENT;
+	}
 
 	/* Some attention flags are valid only in the last MSDU. */
 	last = skb_peek_tail(amsdu);
@@ -1406,9 +1445,14 @@ static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
 		status->flag |= RX_FLAG_DECRYPTED;
 
 		if (likely(!is_mgmt))
-			status->flag |= RX_FLAG_IV_STRIPPED |
-					RX_FLAG_MMIC_STRIPPED;
-}
+			status->flag |= RX_FLAG_MMIC_STRIPPED;
+
+		if (fill_crypt_header)
+			status->flag |= RX_FLAG_MIC_STRIPPED |
+					RX_FLAG_ICV_STRIPPED;
+		else
+			status->flag |= RX_FLAG_IV_STRIPPED;
+	}
 
 	skb_queue_walk(amsdu, msdu) {
 		ath10k_htt_rx_h_csum_offload(msdu);
@@ -1424,6 +1468,9 @@ static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
 		if (is_mgmt)
 			continue;
 
+		if (fill_crypt_header)
+			continue;
+
 		hdr = (void *)msdu->data;
 		hdr->frame_control &= ~__cpu_to_le16(IEEE80211_FCTL_PROTECTED);
 	}
@@ -1434,6 +1481,9 @@ static void ath10k_htt_rx_h_deliver(struct ath10k *ar,
 				    struct ieee80211_rx_status *status)
 {
 	struct sk_buff *msdu;
+	struct sk_buff *first_subframe;
+
+	first_subframe = skb_peek(amsdu);
 
 	while ((msdu = __skb_dequeue(amsdu))) {
 		/* Setup per-MSDU flags */
@@ -1442,6 +1492,13 @@ static void ath10k_htt_rx_h_deliver(struct ath10k *ar,
 		else
 			status->flag |= RX_FLAG_AMSDU_MORE;
 
+		if (msdu == first_subframe) {
+			first_subframe = NULL;
+			status->flag &= ~RX_FLAG_ALLOW_SAME_PN;
+		} else {
+			status->flag |= RX_FLAG_ALLOW_SAME_PN;
+		}
+
 		ath10k_process_rx(ar, status, msdu);
 	}
 }
@@ -1584,7 +1641,7 @@ static int ath10k_htt_rx_handle_amsdu(struct ath10k_htt *htt)
 		ath10k_htt_rx_h_unchain(ar, &amsdu);
 
 	ath10k_htt_rx_h_filter(ar, &amsdu, rx_status);
-	ath10k_htt_rx_h_mpdu(ar, &amsdu, rx_status);
+	ath10k_htt_rx_h_mpdu(ar, &amsdu, rx_status, true);
 	ath10k_htt_rx_h_deliver(ar, &amsdu, rx_status);
 
 	return num_msdus;
@@ -1923,7 +1980,7 @@ static int ath10k_htt_rx_in_ord_ind(struct ath10k *ar, struct sk_buff *skb,
 			budget_left -= skb_queue_len(&amsdu);
 			ath10k_htt_rx_h_ppdu(ar, &amsdu, status, vdev_id);
 			ath10k_htt_rx_h_filter(ar, &amsdu, status);
-			ath10k_htt_rx_h_mpdu(ar, &amsdu, status);
+			ath10k_htt_rx_h_mpdu(ar, &amsdu, status, false);
 			ath10k_htt_rx_h_deliver(ar, &amsdu, status);
 			break;
 		case -EAGAIN:
-- 
2.7.4

^ permalink raw reply related

* Re: [PATCH] ath10k: rebuild crypto header in RX data frames
From: Jasmine Strong @ 2017-10-24 19:19 UTC (permalink / raw)
  To: Ben Greear
  Cc: Kalle Valo, Sebastian Gottschall, ath10k,
	linux-wireless@vger.kernel.org
In-Reply-To: <59EF65AE.8060803@candelatech.com>

That can't be the case here, since we see it break the mesh too (where
the clients are other QCA radios.)

We're now seeing very slow mesh peering with a 9882 leaf to a 4019
gateway, with the second version of this patch.
It took more than five minutes for one of the leaves to successfully
peer (and the other 9882 leaf, despite achieving
peering, never managed to get DHCP, implying that something is broken
with data frames and this patch on qca9882.)

On Tue, Oct 24, 2017 at 9:09 AM, Ben Greear <greearb@candelatech.com> wrote:
> On 10/23/2017 09:50 PM, Kalle Valo wrote:
>>
>> Jasmine Strong <jas@eero.com> writes:
>>
>>> That's what I saw.  A bcom client was able to associate and not pass
>>> any traffic.  This is on all three of 9882, 9888 and 4019.
>>
>>
>> Thanks for the report, we'll investigate it. And I see that your email
>> was now succesfully delivered to the list:
>>
>> http://lists.infradead.org/pipermail/ath10k/2017-October/010325.html
>
>
>
> I'm not sure if this is helpful or not, but in the transition from 10.1 to
> 10.2 firmware,
> there was some tricky re-work of the PN counter logic in the firmware
> source.  It had
> specific impact on the broadcom driver interaction.
>
> Possibly a similar issue is being seen with this driver patch?
>
> Thanks,
> Ben
>
> --
> Ben Greear <greearb@candelatech.com>
> Candela Technologies Inc  http://www.candelatech.com
>

^ permalink raw reply

* Re: [PATCH v2] ath10k: rebuild crypto header in Rx data frames
From: Sebastian Gottschall @ 2017-10-24 19:27 UTC (permalink / raw)
  To: Kalle Valo, ath10k; +Cc: linux-wireless, Vasanthakumar Thiagarajan
In-Reply-To: <1508867652-16199-1-git-send-email-kvalo@qca.qualcomm.com>

will test it and report success (or not)

Am 24.10.2017 um 19:54 schrieb Kalle Valo:
> From: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
>
> Rx data frames notified through HTT_T2H_MSG_TYPE_RX_IND and
> HTT_T2H_MSG_TYPE_RX_FRAG_IND expect PN/TSC check to be done
> on host (mac80211) rather than firmware. Rebuild cipher header
> in every received data frames (that are notified through those
> HTT interfaces) from the rx_hdr_status tlv available in the
> rx descriptor of the first msdu. Skip setting RX_FLAG_IV_STRIPPED
> flag for the packets which requires mac80211 PN/TSC check support
> and set appropriate RX_FLAG for stripped crypto tail. Hw QCA988X,
> QCA9887, QCA99X0, QCA9984, QCA9888 and QCA4019 currently need the
> rebuilding of cipher header to perform PN/TSC check for replay
> attack.
>
> Tested-by: Manikanta Pubbisetty <mpubbise@qti.qualcomm.com>
> Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
> Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
> ---
>
> v2:
>
> * Construct cipher header from rx_hdr_status tlv rather than from
>    the msdu_start and mpdu_start tlvs. This fixes connection
>    issues, also reduces the amount of code change.
>
> * Make sure the frame is qos data before clearing AMSDU_PRESENT
>    bit of qos control field.
>
> * Fix traffic issue with QCA988X and QCA9887 hw by taking care of
>    padding bytes added for 4-byte alignment before the cipher
>    header.
>
> TODO:
>
> * CCMP-256 and GCMP/GCMP-256 are not yet supported
>
>   drivers/net/wireless/ath/ath10k/htt_rx.c | 91 ++++++++++++++++++++++++++------
>   1 file changed, 74 insertions(+), 17 deletions(-)
>
> diff --git a/drivers/net/wireless/ath/ath10k/htt_rx.c b/drivers/net/wireless/ath/ath10k/htt_rx.c
> index a3f5dc78353f..aae4f0ea9360 100644
> --- a/drivers/net/wireless/ath/ath10k/htt_rx.c
> +++ b/drivers/net/wireless/ath/ath10k/htt_rx.c
> @@ -1050,8 +1050,14 @@ static void ath10k_htt_rx_h_undecap_raw(struct ath10k *ar,
>   
>   	hdr = (void *)msdu->data;
>   
> -	/* Tail */
> -	if (status->flag & RX_FLAG_IV_STRIPPED)
> +	/* MIC */
> +	if ((status->flag & RX_FLAG_MIC_STRIPPED) &&
> +	    enctype == HTT_RX_MPDU_ENCRYPT_AES_CCM_WPA2)
> +		skb_trim(msdu, msdu->len - 8);
> +
> +	/* ICV */
> +	if (status->flag & RX_FLAG_ICV_STRIPPED &&
> +	    enctype != HTT_RX_MPDU_ENCRYPT_AES_CCM_WPA2)
>   		skb_trim(msdu, msdu->len -
>   			 ath10k_htt_rx_crypto_tail_len(ar, enctype));
>   
> @@ -1075,7 +1081,8 @@ static void ath10k_htt_rx_h_undecap_raw(struct ath10k *ar,
>   static void ath10k_htt_rx_h_undecap_nwifi(struct ath10k *ar,
>   					  struct sk_buff *msdu,
>   					  struct ieee80211_rx_status *status,
> -					  const u8 first_hdr[64])
> +					  const u8 first_hdr[64],
> +					  enum htt_rx_mpdu_encrypt_type enctype)
>   {
>   	struct ieee80211_hdr *hdr;
>   	struct htt_rx_desc *rxd;
> @@ -1083,6 +1090,7 @@ static void ath10k_htt_rx_h_undecap_nwifi(struct ath10k *ar,
>   	u8 da[ETH_ALEN];
>   	u8 sa[ETH_ALEN];
>   	int l3_pad_bytes;
> +	int bytes_aligned = ar->hw_params.decap_align_bytes;
>   
>   	/* Delivered decapped frame:
>   	 * [nwifi 802.11 header] <-- replaced with 802.11 hdr
> @@ -1111,6 +1119,14 @@ static void ath10k_htt_rx_h_undecap_nwifi(struct ath10k *ar,
>   	/* push original 802.11 header */
>   	hdr = (struct ieee80211_hdr *)first_hdr;
>   	hdr_len = ieee80211_hdrlen(hdr->frame_control);
> +
> +	if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
> +		memcpy(skb_push(msdu,
> +				ath10k_htt_rx_crypto_param_len(ar, enctype)),
> +		       (void *)hdr + round_up(hdr_len, bytes_aligned),
> +			ath10k_htt_rx_crypto_param_len(ar, enctype));
> +	}
> +
>   	memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
>   
>   	/* original 802.11 header has a different DA and in
> @@ -1171,6 +1187,7 @@ static void ath10k_htt_rx_h_undecap_eth(struct ath10k *ar,
>   	u8 sa[ETH_ALEN];
>   	int l3_pad_bytes;
>   	struct htt_rx_desc *rxd;
> +	int bytes_aligned = ar->hw_params.decap_align_bytes;
>   
>   	/* Delivered decapped frame:
>   	 * [eth header] <-- replaced with 802.11 hdr & rfc1042/llc
> @@ -1199,6 +1216,14 @@ static void ath10k_htt_rx_h_undecap_eth(struct ath10k *ar,
>   	/* push original 802.11 header */
>   	hdr = (struct ieee80211_hdr *)first_hdr;
>   	hdr_len = ieee80211_hdrlen(hdr->frame_control);
> +
> +	if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
> +		memcpy(skb_push(msdu,
> +				ath10k_htt_rx_crypto_param_len(ar, enctype)),
> +		       (void *)hdr + round_up(hdr_len, bytes_aligned),
> +			ath10k_htt_rx_crypto_param_len(ar, enctype));
> +	}
> +
>   	memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
>   
>   	/* original 802.11 header has a different DA and in
> @@ -1212,12 +1237,14 @@ static void ath10k_htt_rx_h_undecap_eth(struct ath10k *ar,
>   static void ath10k_htt_rx_h_undecap_snap(struct ath10k *ar,
>   					 struct sk_buff *msdu,
>   					 struct ieee80211_rx_status *status,
> -					 const u8 first_hdr[64])
> +					 const u8 first_hdr[64],
> +					 enum htt_rx_mpdu_encrypt_type enctype)
>   {
>   	struct ieee80211_hdr *hdr;
>   	size_t hdr_len;
>   	int l3_pad_bytes;
>   	struct htt_rx_desc *rxd;
> +	int bytes_aligned = ar->hw_params.decap_align_bytes;
>   
>   	/* Delivered decapped frame:
>   	 * [amsdu header] <-- replaced with 802.11 hdr
> @@ -1233,6 +1260,14 @@ static void ath10k_htt_rx_h_undecap_snap(struct ath10k *ar,
>   
>   	hdr = (struct ieee80211_hdr *)first_hdr;
>   	hdr_len = ieee80211_hdrlen(hdr->frame_control);
> +
> +	if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
> +		memcpy(skb_push(msdu,
> +				ath10k_htt_rx_crypto_param_len(ar, enctype)),
> +		       (void *)hdr + round_up(hdr_len, bytes_aligned),
> +			ath10k_htt_rx_crypto_param_len(ar, enctype));
> +	}
> +
>   	memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
>   }
>   
> @@ -1267,13 +1302,15 @@ static void ath10k_htt_rx_h_undecap(struct ath10k *ar,
>   					    is_decrypted);
>   		break;
>   	case RX_MSDU_DECAP_NATIVE_WIFI:
> -		ath10k_htt_rx_h_undecap_nwifi(ar, msdu, status, first_hdr);
> +		ath10k_htt_rx_h_undecap_nwifi(ar, msdu, status, first_hdr,
> +					      enctype);
>   		break;
>   	case RX_MSDU_DECAP_ETHERNET2_DIX:
>   		ath10k_htt_rx_h_undecap_eth(ar, msdu, status, first_hdr, enctype);
>   		break;
>   	case RX_MSDU_DECAP_8023_SNAP_LLC:
> -		ath10k_htt_rx_h_undecap_snap(ar, msdu, status, first_hdr);
> +		ath10k_htt_rx_h_undecap_snap(ar, msdu, status, first_hdr,
> +					     enctype);
>   		break;
>   	}
>   }
> @@ -1316,7 +1353,8 @@ static void ath10k_htt_rx_h_csum_offload(struct sk_buff *msdu)
>   
>   static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
>   				 struct sk_buff_head *amsdu,
> -				 struct ieee80211_rx_status *status)
> +				 struct ieee80211_rx_status *status,
> +				 bool fill_crypt_header)
>   {
>   	struct sk_buff *first;
>   	struct sk_buff *last;
> @@ -1326,7 +1364,6 @@ static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
>   	enum htt_rx_mpdu_encrypt_type enctype;
>   	u8 first_hdr[64];
>   	u8 *qos;
> -	size_t hdr_len;
>   	bool has_fcs_err;
>   	bool has_crypto_err;
>   	bool has_tkip_err;
> @@ -1351,15 +1388,17 @@ static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
>   	 * decapped header. It'll be used for undecapping of each MSDU.
>   	 */
>   	hdr = (void *)rxd->rx_hdr_status;
> -	hdr_len = ieee80211_hdrlen(hdr->frame_control);
> -	memcpy(first_hdr, hdr, hdr_len);
> +	memcpy(first_hdr, hdr, RX_HTT_HDR_STATUS_LEN);
>   
>   	/* Each A-MSDU subframe will use the original header as the base and be
>   	 * reported as a separate MSDU so strip the A-MSDU bit from QoS Ctl.
>   	 */
>   	hdr = (void *)first_hdr;
> -	qos = ieee80211_get_qos_ctl(hdr);
> -	qos[0] &= ~IEEE80211_QOS_CTL_A_MSDU_PRESENT;
> +
> +	if (ieee80211_is_data_qos(hdr->frame_control)) {
> +		qos = ieee80211_get_qos_ctl(hdr);
> +		qos[0] &= ~IEEE80211_QOS_CTL_A_MSDU_PRESENT;
> +	}
>   
>   	/* Some attention flags are valid only in the last MSDU. */
>   	last = skb_peek_tail(amsdu);
> @@ -1406,9 +1445,14 @@ static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
>   		status->flag |= RX_FLAG_DECRYPTED;
>   
>   		if (likely(!is_mgmt))
> -			status->flag |= RX_FLAG_IV_STRIPPED |
> -					RX_FLAG_MMIC_STRIPPED;
> -}
> +			status->flag |= RX_FLAG_MMIC_STRIPPED;
> +
> +		if (fill_crypt_header)
> +			status->flag |= RX_FLAG_MIC_STRIPPED |
> +					RX_FLAG_ICV_STRIPPED;
> +		else
> +			status->flag |= RX_FLAG_IV_STRIPPED;
> +	}
>   
>   	skb_queue_walk(amsdu, msdu) {
>   		ath10k_htt_rx_h_csum_offload(msdu);
> @@ -1424,6 +1468,9 @@ static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
>   		if (is_mgmt)
>   			continue;
>   
> +		if (fill_crypt_header)
> +			continue;
> +
>   		hdr = (void *)msdu->data;
>   		hdr->frame_control &= ~__cpu_to_le16(IEEE80211_FCTL_PROTECTED);
>   	}
> @@ -1434,6 +1481,9 @@ static void ath10k_htt_rx_h_deliver(struct ath10k *ar,
>   				    struct ieee80211_rx_status *status)
>   {
>   	struct sk_buff *msdu;
> +	struct sk_buff *first_subframe;
> +
> +	first_subframe = skb_peek(amsdu);
>   
>   	while ((msdu = __skb_dequeue(amsdu))) {
>   		/* Setup per-MSDU flags */
> @@ -1442,6 +1492,13 @@ static void ath10k_htt_rx_h_deliver(struct ath10k *ar,
>   		else
>   			status->flag |= RX_FLAG_AMSDU_MORE;
>   
> +		if (msdu == first_subframe) {
> +			first_subframe = NULL;
> +			status->flag &= ~RX_FLAG_ALLOW_SAME_PN;
> +		} else {
> +			status->flag |= RX_FLAG_ALLOW_SAME_PN;
> +		}
> +
>   		ath10k_process_rx(ar, status, msdu);
>   	}
>   }
> @@ -1584,7 +1641,7 @@ static int ath10k_htt_rx_handle_amsdu(struct ath10k_htt *htt)
>   		ath10k_htt_rx_h_unchain(ar, &amsdu);
>   
>   	ath10k_htt_rx_h_filter(ar, &amsdu, rx_status);
> -	ath10k_htt_rx_h_mpdu(ar, &amsdu, rx_status);
> +	ath10k_htt_rx_h_mpdu(ar, &amsdu, rx_status, true);
>   	ath10k_htt_rx_h_deliver(ar, &amsdu, rx_status);
>   
>   	return num_msdus;
> @@ -1923,7 +1980,7 @@ static int ath10k_htt_rx_in_ord_ind(struct ath10k *ar, struct sk_buff *skb,
>   			budget_left -= skb_queue_len(&amsdu);
>   			ath10k_htt_rx_h_ppdu(ar, &amsdu, status, vdev_id);
>   			ath10k_htt_rx_h_filter(ar, &amsdu, status);
> -			ath10k_htt_rx_h_mpdu(ar, &amsdu, status);
> +			ath10k_htt_rx_h_mpdu(ar, &amsdu, status, false);
>   			ath10k_htt_rx_h_deliver(ar, &amsdu, status);
>   			break;
>   		case -EAGAIN:


-- 
Mit freundlichen Grüssen / Regards

Sebastian Gottschall / CTO

NewMedia-NET GmbH - DD-WRT
Firmensitz:  Stubenwaldallee 21a, 64625 Bensheim
Registergericht: Amtsgericht Darmstadt, HRB 25473
Geschäftsführer: Peter Steinhäuser, Christian Scheele
http://www.dd-wrt.com
email: s.gottschall@dd-wrt.com
Tel.: +496251-582650 / Fax: +496251-5826565

^ permalink raw reply

* Re: iwlwifi crash with hostapd
From: Mario Theodoridis @ 2017-10-24 19:56 UTC (permalink / raw)
  To: linux-wireless
In-Reply-To: <20171019205933.GB7281@us.netrek.org>

[-- Attachment #1: Type: text/plain, Size: 1979 bytes --]

Sorry for skipping the list one the last one.

On 19.10.2017 22:59, James Cameron wrote:
> On Thu, Oct 19, 2017 at 08:56:46AM +0200, Mario Theodoridis wrote:
>> On 18/10/17 23:33, James Cameron wrote:
>>
>>      For your interest, kernel v4.4.93 in stable series just released has
>>      changes in relevant files.
>>
>>      [1]https://lwn.net/Articles/736770/
>>
>> Thanks James,
>>
>> after looking into bisection last night, i found that just before i wanted to
>> test out the 4.4.0-82 kernel, i found 3 stack traces in my syslog. :(
>>
>> I guess, i'm dealing with race conditions now. But it seems the 79 kernel still
>> crashes wifi a lot less than later ones.
>>
>> How do i get line numbers into these traces?

As the 4.4.0-79 kernel was sometimes crapping out, too, i decided to try 
to test the latest kernel instead of bisecting after all.
This took a while because virtualbox was being a bitch. virtualbox-5.0 
doesn't bode well with virtualbox-dkms-51, so i ended up rebuilding 
virtualbox-5.1 to prevent dependency hell.
The vb-dkms package doesn't do 4.14, so i ended up going with the 4.13 
kernel that comes with artful.

This one pretty quickly loads my syslog with new error stacks. I haven't 
tested actual behavior yet, but the logs don't look so hot.

I ran another wireless-info (attached) and appended some of the syslog 
stuff to it.


> Several methods, though by far the most common seems to be personal
> experience with offsets.
> 
> When you don't have that personal experience, the methods are;
> 
> 1.  using GDB against the .o file,
> 
> 2.  using binutils objdump to disassemble .o file or vmlinuz,
> 
> 3.  using GCC to generate assembly listings,
> 
> See https://wiki.ubuntu.com/Kernel/KernelDebuggingTricks right down
> the end of page for the GDB method.

I have gotten around to that part, yet, as i was busy with the above, 
but it seems later versions have issues, too.


-- 
Mit freundlichen Grüßen/Best regards

Mario Theodoridis

[-- Attachment #2: wireless-info.txt --]
[-- Type: text/plain, Size: 34566 bytes --]


########## wireless info START ##########

Report from: 24 Oct 2017 21:35 CEST +0200

Booted last: 24 Oct 2017 00:00 CEST +0200

Script from: 25 Mar 2017 07:04 UTC +0000

##### release ###########################

Distributor ID:	Ubuntu
Description:	Ubuntu 16.04.3 LTS
Release:	16.04
Codename:	xenial

##### kernel ############################

Linux 4.13.0-041300-generic #201709031731 SMP Sun Sep 3 21:33:09 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

Parameters: ro

##### desktop ###########################

/usr/share/xsessions/plasma

##### lspci #############################

00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection (2) I219-V [8086:15b8] (rev 31)
	Subsystem: Gigabyte Technology Co., Ltd Ethernet Connection (2) I219-V [1458:e000]
	Kernel driver in use: e1000e

03:00.0 Ethernet controller [0200]: Intel Corporation 82546GB Gigabit Ethernet Controller [8086:1079] (rev 03)
	Subsystem: Intel Corporation PRO/1000 MT Dual Port Server Adapter [8086:117a]
	Kernel driver in use: e1000

03:00.1 Ethernet controller [0200]: Intel Corporation 82546GB Gigabit Ethernet Controller [8086:1079] (rev 03)
	Subsystem: Intel Corporation PRO/1000 MT Dual Port Server Adapter [8086:117a]
	Kernel driver in use: e1000

03:01.0 Ethernet controller [0200]: Intel Corporation 82557/8/9/0/1 Ethernet Pro 100 [8086:1229] (rev 08)
	Subsystem: Intel Corporation EtherExpress PRO/100+ Management Adapter [8086:000c]
	Kernel driver in use: e100

07:00.0 Network controller [0280]: Intel Corporation Wireless 7260 [8086:08b1] (rev 73)
	Subsystem: Intel Corporation Dual Band Wireless-AC 7260 [8086:4070]
	Kernel driver in use: iwlwifi

##### lsusb #############################

Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 003: ID 046a:0011 Cherry GmbH G83 (RS 6000) Keyboard
Bus 001 Device 002: ID 046d:c06b Logitech, Inc. G700 Wireless Gaming Mouse
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

##### PCMCIA card info ##################

##### rfkill ############################

0: phy0: Wireless LAN
	Soft blocked: no
	Hard blocked: no

##### lsmod #############################

iwlmvm                385024  0
mac80211              778240  1 iwlmvm
iwlwifi               249856  1 iwlmvm
cfg80211              610304  3 iwlmvm,iwlwifi,mac80211
wmi                    24576  0

##### interfaces ########################

auto lo enp3s1 enp3s0f0 br0
iface lo inet loopback

iface enp3s1 inet manual
  pre-up ip link set dev enp3s1 up
  post-down ip link set dev enp3s1 down

iface enp3s0f0 inet static
  address 192.168.23.3
  netmask 255.255.255.0
  pre-up iptables-restore < /etc/iptables.rules
  up route add -net 192.168.123.0/24 gw 192.168.23.4 dev enp3s0f0
  up route add -net 192.168.8.0/24 gw 192.168.23.4 dev enp3s0f0

iface br0 inet static
  address 192.168.7.3
  netmask 255.255.255.0
  gateway 192.168.7.1
  pre-up iptables-restore < /etc/iptables.rules
  bridge_ports enp3s0f1 enp0s31f6
  bridge_stp off
  bridge_fd 0
  bridge_maxwait 0

##### ifconfig ##########################

br0       Link encap:Ethernet  HWaddr <MAC 'br0' [IF1]>  
          inet addr:192.168.7.3  Bcast:192.168.7.255  Mask:255.255.255.0
          inet6 addr: fe80::<IP6 'br0' [IF1]>/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2022 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1879 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:338533 (338.5 KB)  TX bytes:912814 (912.8 KB)

enp0s31f6 Link encap:Ethernet  HWaddr <MAC 'enp0s31f6' [IF2]>  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
          Interrupt:16 Memory:ef500000-ef520000 

enp3s1    Link encap:Ethernet  HWaddr <MAC 'enp3s1' [IF3]>  
          inet6 addr: fe80::<IP6 'enp3s1' [IF3]>/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:46101 errors:0 dropped:0 overruns:0 frame:0
          TX packets:49601 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:3640955 (3.6 MB)  TX bytes:3586459 (3.5 MB)

enp3s0f0  Link encap:Ethernet  HWaddr <MAC 'enp3s0f0' [IF4]>  
          inet addr:192.168.23.3  Bcast:192.168.23.255  Mask:255.255.255.0
          inet6 addr: fe80::<IP6 'enp3s0f0' [IF4]>/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:212 errors:0 dropped:0 overruns:0 frame:0
          TX packets:235 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:26436 (26.4 KB)  TX bytes:70467 (70.4 KB)

enp3s0f1  Link encap:Ethernet  HWaddr <MAC 'br0' [IF1]>  
          inet6 addr: fe80::<IP6 'br0' [IF1]>/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:12 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2033 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:8052 (8.0 KB)  TX bytes:356179 (356.1 KB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:94 errors:0 dropped:0 overruns:0 frame:0
          TX packets:94 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:8456 (8.4 KB)  TX bytes:8456 (8.4 KB)

wlp7s0    Link encap:Ethernet  HWaddr <MAC 'wlp7s0' [IF6]>  
          inet6 addr: fe80::<IP6 'wlp7s0' [IF6]>/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2538 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2509 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:498073 (498.0 KB)  TX bytes:1161421 (1.1 MB)

##### iwconfig ##########################

enp3s0f1  no wireless extensions.

enp3s0f0  no wireless extensions.

enp0s31f6  no wireless extensions.

enp3s1    no wireless extensions.

br0       no wireless extensions.

lo        no wireless extensions.

wlp7s0    IEEE 802.11  Mode:Master  Tx-Power=20 dBm   
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Power Management:on
          

##### route #############################

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.7.1     0.0.0.0         UG    0      0        0 br0
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 br0
192.168.7.0     0.0.0.0         255.255.255.0   U     0      0        0 br0
192.168.8.0     192.168.23.4    255.255.255.0   UG    0      0        0 enp3s0f0
192.168.23.0    0.0.0.0         255.255.255.0   U     0      0        0 enp3s0f0
192.168.123.0   192.168.23.4    255.255.255.0   UG    0      0        0 enp3s0f0

##### resolv.conf #######################

domain schmut.com
nameserver 192.168.23.4

##### network managers ##################

Installed:

	None found.

Running:

	None found.

##### NetworkManager info ###############

NetworkManager is not installed (package "network-manager").

##### NetworkManager.state ##############

[main]
NetworkingEnabled=true
WirelessEnabled=true
WWANEnabled=true

##### NetworkManager.conf ###############

[main]
plugins=ifupdown,keyfile,ofono
dns=dnsmasq

[ifupdown]
managed=false

##### NetworkManager profiles ###########

No NetworkManager profiles found.

##### iw reg get ########################

Region: Europe/Berlin (based on set time zone)

country DE: DFS-ETSI
	(2400 - 2483 @ 40), (N/A, 20), (N/A)
	(5150 - 5250 @ 80), (N/A, 20), (N/A), NO-OUTDOOR
	(5250 - 5350 @ 80), (N/A, 20), (0 ms), NO-OUTDOOR, DFS
	(5470 - 5725 @ 160), (N/A, 26), (0 ms), DFS
	(57000 - 66000 @ 2160), (N/A, 40), (N/A)

##### iwlist channels ###################

enp3s0f1  no frequency information.

enp3s0f0  no frequency information.

enp0s31f6  no frequency information.

enp3s1    no frequency information.

br0       no frequency information.

lo        no frequency information.

wlp7s0    32 channels in total; available frequencies :
          Channel 01 : 2.412 GHz
          Channel 02 : 2.417 GHz
          Channel 03 : 2.422 GHz
          Channel 04 : 2.427 GHz
          Channel 05 : 2.432 GHz
          Channel 06 : 2.437 GHz
          Channel 07 : 2.442 GHz
          Channel 08 : 2.447 GHz
          Channel 09 : 2.452 GHz
          Channel 10 : 2.457 GHz
          Channel 11 : 2.462 GHz
          Channel 12 : 2.467 GHz
          Channel 13 : 2.472 GHz
          Channel 36 : 5.18 GHz
          Channel 40 : 5.2 GHz
          Channel 44 : 5.22 GHz
          Channel 48 : 5.24 GHz
          Channel 52 : 5.26 GHz
          Channel 56 : 5.28 GHz
          Channel 60 : 5.3 GHz
          Channel 64 : 5.32 GHz
          Channel 100 : 5.5 GHz
          Channel 104 : 5.52 GHz
          Channel 108 : 5.54 GHz
          Channel 112 : 5.56 GHz
          Channel 116 : 5.58 GHz
          Channel 120 : 5.6 GHz
          Channel 124 : 5.62 GHz
          Channel 128 : 5.64 GHz
          Channel 132 : 5.66 GHz
          Channel 136 : 5.68 GHz
          Channel 140 : 5.7 GHz

##### iwlist scan #######################

enp3s0f1  Interface doesn't support scanning.

enp3s0f0  Interface doesn't support scanning.

enp0s31f6  Interface doesn't support scanning.

wlp7s0    Interface doesn't support scanning : Operation not supported

enp3s1    Interface doesn't support scanning.

br0       Interface doesn't support scanning.

lo        Interface doesn't support scanning.

##### module infos ######################

[iwlmvm]
filename:       /lib/modules/4.13.0-041300-generic/kernel/drivers/net/wireless/intel/iwlwifi/mvm/iwlmvm.ko
license:        GPL
author:         Copyright(c) 2003- 2015 Intel Corporation <linuxwifi@intel.com>
description:    The new Intel(R) wireless AGN driver for Linux
srcversion:     DFE95A75883D23265666A99
depends:        iwlwifi,mac80211,cfg80211
intree:         Y
name:           iwlmvm
vermagic:       4.13.0-041300-generic SMP mod_unload 
parm:           init_dbg:set to true to debug an ASSERT in INIT fw (default: false (bool)
parm:           power_scheme:power management scheme: 1-active, 2-balanced, 3-low power, default: 2 (int)
parm:           tfd_q_hang_detect:TFD queues hang detection (default: true (bool)

[mac80211]
filename:       /lib/modules/4.13.0-041300-generic/kernel/net/mac80211/mac80211.ko
license:        GPL
description:    IEEE 802.11 subsystem
srcversion:     66E288B8743878C5423A01E
depends:        cfg80211
intree:         Y
name:           mac80211
vermagic:       4.13.0-041300-generic SMP mod_unload 
parm:           minstrel_vht_only:Use only VHT rates when VHT is supported by sta. (bool)
parm:           max_nullfunc_tries:Maximum nullfunc tx tries before disconnecting (reason 4). (int)
parm:           max_probe_tries:Maximum probe tries before disconnecting (reason 4). (int)
parm:           beacon_loss_count:Number of beacon intervals before we decide beacon was lost. (int)
parm:           probe_wait_ms:Maximum time(ms) to wait for probe response before disconnecting (reason 4). (int)
parm:           ieee80211_default_rc_algo:Default rate control algorithm for mac80211 to use (charp)

[iwlwifi]
filename:       /lib/modules/4.13.0-041300-generic/kernel/drivers/net/wireless/intel/iwlwifi/iwlwifi.ko
license:        GPL
author:         Copyright(c) 2003- 2015 Intel Corporation <linuxwifi@intel.com>
description:    Intel(R) Wireless WiFi driver for Linux
firmware:       iwlwifi-100-5.ucode
firmware:       iwlwifi-1000-5.ucode
firmware:       iwlwifi-135-6.ucode
firmware:       iwlwifi-105-6.ucode
firmware:       iwlwifi-2030-6.ucode
firmware:       iwlwifi-2000-6.ucode
firmware:       iwlwifi-5150-2.ucode
firmware:       iwlwifi-5000-5.ucode
firmware:       iwlwifi-6000g2b-6.ucode
firmware:       iwlwifi-6000g2a-6.ucode
firmware:       iwlwifi-6050-5.ucode
firmware:       iwlwifi-6000-6.ucode
firmware:       iwlwifi-7265D-29.ucode
firmware:       iwlwifi-7265-17.ucode
firmware:       iwlwifi-3168-29.ucode
firmware:       iwlwifi-3160-17.ucode
firmware:       iwlwifi-7260-17.ucode
firmware:       iwlwifi-8265-33.ucode
firmware:       iwlwifi-8000C-33.ucode
firmware:       iwlwifi-9260-th-b0-jf-b0--33.ucode
firmware:       iwlwifi-9260-th-a0-jf-a0--33.ucode
firmware:       iwlwifi-9000-pu-a0-jf-b0--33.ucode
firmware:       iwlwifi-9000-pu-a0-jf-a0--33.ucode
firmware:       iwlwifi-Qu-a0-jf-b0--33.ucode
firmware:       iwlwifi-Qu-a0-hr-a0--33.ucode
srcversion:     D8B9AE31E2E295766C37A0F
depends:        cfg80211
intree:         Y
name:           iwlwifi
vermagic:       4.13.0-041300-generic SMP mod_unload 
parm:           swcrypto:using crypto in software (default 0 [hardware]) (int)
parm:           11n_disable:disable 11n functionality, bitmap: 1: full, 2: disable agg TX, 4: disable agg RX, 8 enable agg TX (uint)
parm:           amsdu_size:amsdu size 0: 12K for multi Rx queue devices, 4K for other devices 1:4K 2:8K 3:12K (default 0) (int)
parm:           fw_restart:restart firmware in case of error (default true) (bool)
parm:           antenna_coupling:specify antenna coupling in dB (default: 0 dB) (int)
parm:           nvm_file:NVM file name (charp)
parm:           d0i3_disable:disable d0i3 functionality (default: Y) (bool)
parm:           lar_disable:disable LAR functionality (default: N) (bool)
parm:           uapsd_disable:disable U-APSD functionality bitmap 1: BSS 2: P2P Client (default: 3) (uint)
parm:           bt_coex_active:enable wifi/bt co-exist (default: enable) (bool)
parm:           led_mode:0=system default, 1=On(RF On)/Off(RF Off), 2=blinking, 3=Off (default: 0) (int)
parm:           power_save:enable WiFi power management (default: disable) (bool)
parm:           power_level:default power save level (range from 1 - 5, default: 1) (int)
parm:           fw_monitor:firmware monitor - to debug FW (default: false - needs lots of memory) (bool)
parm:           d0i3_timeout:Timeout to D0i3 entry when idle (ms) (uint)
parm:           disable_11ac:Disable VHT capabilities (default: false) (bool)

[cfg80211]
filename:       /lib/modules/4.13.0-041300-generic/kernel/net/wireless/cfg80211.ko
description:    wireless configuration support
license:        GPL
author:         Johannes Berg
srcversion:     A854863B536C70273DE73A5
depends:        
intree:         Y
name:           cfg80211
vermagic:       4.13.0-041300-generic SMP mod_unload 
parm:           bss_entries_limit:limit to number of scan BSS entries (per wiphy, default 1000) (int)
parm:           ieee80211_regdom:IEEE 802.11 regulatory domain code (charp)
parm:           cfg80211_disable_40mhz_24ghz:Disable 40MHz support in the 2.4GHz band (bool)

##### module parameters #################

[iwlmvm]
init_dbg: N
power_scheme: 2
tfd_q_hang_detect: Y

[mac80211]
beacon_loss_count: 7
ieee80211_default_rc_algo: minstrel_ht
max_nullfunc_tries: 2
max_probe_tries: 5
minstrel_vht_only: Y
probe_wait_ms: 500

[iwlwifi]
11n_disable: 0
amsdu_size: 0
antenna_coupling: 0
bt_coex_active: Y
d0i3_disable: Y
d0i3_timeout: 1000
disable_11ac: N
fw_monitor: N
fw_restart: Y
lar_disable: N
led_mode: 0
nvm_file: (null)
power_level: 0
power_save: N
swcrypto: 0
uapsd_disable: 3

[cfg80211]
bss_entries_limit: 1000
cfg80211_disable_40mhz_24ghz: N
ieee80211_regdom: DE

##### /etc/modules ######################

##### modprobe options ##################

[/etc/modprobe.d/blacklist-ath_pci.conf]
blacklist ath_pci

[/etc/modprobe.d/blacklist.conf]
blacklist evbug
blacklist usbmouse
blacklist usbkbd
blacklist eepro100
blacklist de4x5
blacklist eth1394
blacklist snd_intel8x0m
blacklist snd_aw2
blacklist i2c_i801
blacklist prism54
blacklist bcm43xx
blacklist garmin_gps
blacklist asus_acpi
blacklist snd_pcsp
blacklist pcspkr
blacklist amd76x_edac

[/etc/modprobe.d/blacklist-rare-network.conf]
alias net-pf-3 off
alias net-pf-6 off
alias net-pf-9 off
alias net-pf-11 off
alias net-pf-12 off
alias net-pf-19 off
alias net-pf-21 off
alias net-pf-36 off

[/etc/modprobe.d/cfg80211.conf]
options cfg80211 ieee80211_regdom=DE

[/etc/modprobe.d/iwlwifi.conf]
remove iwlwifi \
(/sbin/lsmod | grep -o -e ^iwlmvm -e ^iwldvm -e ^iwlwifi | xargs /sbin/rmmod) \
&& /sbin/modprobe -r mac80211

[/etc/modprobe.d/mlx4.conf]
softdep mlx4_core post: mlx4_en

##### rc.local ##########################

exit 0

##### pm-utils ##########################

##### udev rules ########################

##### dmesg #############################

[  264.998016] RIP: 0010:iwl_mvm_rx_tx_cmd+0x698/0x7d0 [iwlmvm]
[  264.998073]  iwl_mvm_rx_common+0x77/0x250 [iwlmvm]
[  264.998089]  iwl_mvm_rx+0x5d/0x70 [iwlmvm]
[  264.998105]  iwl_pcie_rx_handle+0x22b/0x9a0 [iwlwifi]
[  264.998123]  iwl_pcie_irq_handler+0x61b/0x990 [iwlwifi]
[  265.497526] WARNING: CPU: 4 PID: 544 at /home/kernel/COD/linux/drivers/net/wireless/intel/iwlwifi/mvm/tx.c:1393 iwl_mvm_rx_tx_cmd+0x698/0x7d0 [iwlmvm]
[  265.497653] CPU: 4 PID: 544 Comm: irq/127-iwlwifi Tainted: G        W  OE   4.13.0-041300-generic #201709031731
[  265.497676] RIP: 0010:iwl_mvm_rx_tx_cmd+0x698/0x7d0 [iwlmvm]
[  265.497731]  iwl_mvm_rx_common+0x77/0x250 [iwlmvm]
[  265.497745]  iwl_mvm_rx+0x5d/0x70 [iwlmvm]
[  265.497762]  iwl_pcie_rx_handle+0x22b/0x9a0 [iwlwifi]
[  265.497777]  iwl_pcie_irq_handler+0x61b/0x990 [iwlwifi]
[  265.498029] WARNING: CPU: 4 PID: 544 at /home/kernel/COD/linux/drivers/net/wireless/intel/iwlwifi/mvm/tx.c:1393 iwl_mvm_rx_tx_cmd+0x698/0x7d0 [iwlmvm]
[  265.498143] CPU: 4 PID: 544 Comm: irq/127-iwlwifi Tainted: G        W  OE   4.13.0-041300-generic #201709031731
[  265.498160] RIP: 0010:iwl_mvm_rx_tx_cmd+0x698/0x7d0 [iwlmvm]
[  265.498205]  iwl_mvm_rx_common+0x77/0x250 [iwlmvm]
[  265.498218]  iwl_mvm_rx+0x5d/0x70 [iwlmvm]
[  265.498232]  iwl_pcie_rx_handle+0x22b/0x9a0 [iwlwifi]
[  265.498258]  iwl_pcie_irq_handler+0x61b/0x990 [iwlwifi]

########## wireless info END ############

########## Some Syslog entries ########## 
Oct 24 21:31:22 zippy kernel: [   82.363883] iwlwifi 0000:07:00.0: Microcode SW error detected.  Restarting 0x2000000.
Oct 24 21:31:22 zippy kernel: [   82.364000] iwlwifi 0000:07:00.0: Start IWL Error Log Dump:
Oct 24 21:31:22 zippy kernel: [   82.364005] iwlwifi 0000:07:00.0: Status: 0x00000200, count: 6
Oct 24 21:31:22 zippy kernel: [   82.364009] iwlwifi 0000:07:00.0: Loaded firmware version: 17.459231.0
Oct 24 21:31:22 zippy kernel: [   82.364013] iwlwifi 0000:07:00.0: 0x00002078 | ADVANCED_SYSASSERT
Oct 24 21:31:22 zippy kernel: [   82.364017] iwlwifi 0000:07:00.0: 0x00000220 | trm_hw_status0
Oct 24 21:31:22 zippy kernel: [   82.364021] iwlwifi 0000:07:00.0: 0x00000000 | trm_hw_status1
Oct 24 21:31:22 zippy kernel: [   82.364024] iwlwifi 0000:07:00.0: 0x00000B30 | branchlink2
Oct 24 21:31:22 zippy kernel: [   82.364028] iwlwifi 0000:07:00.0: 0x000164C0 | interruptlink1
Oct 24 21:31:22 zippy kernel: [   82.364031] iwlwifi 0000:07:00.0: 0x00000000 | interruptlink2
Oct 24 21:31:22 zippy kernel: [   82.364034] iwlwifi 0000:07:00.0: 0xDEADBEEF | data1
Oct 24 21:31:22 zippy kernel: [   82.364038] iwlwifi 0000:07:00.0: 0xDEADBEEF | data2
Oct 24 21:31:22 zippy kernel: [   82.364041] iwlwifi 0000:07:00.0: 0xDEADBEEF | data3
Oct 24 21:31:22 zippy kernel: [   82.364044] iwlwifi 0000:07:00.0: 0x6DC11255 | beacon time
Oct 24 21:31:22 zippy kernel: [   82.364048] iwlwifi 0000:07:00.0: 0x02ED9CEF | tsf low
Oct 24 21:31:22 zippy kernel: [   82.364051] iwlwifi 0000:07:00.0: 0x00000000 | tsf hi
Oct 24 21:31:22 zippy kernel: [   82.364054] iwlwifi 0000:07:00.0: 0x00000000 | time gp1
Oct 24 21:31:22 zippy kernel: [   82.364058] iwlwifi 0000:07:00.0: 0x02ED9CF0 | time gp2
Oct 24 21:31:22 zippy kernel: [   82.364061] iwlwifi 0000:07:00.0: 0x00000000 | uCode revision type
Oct 24 21:31:22 zippy kernel: [   82.364064] iwlwifi 0000:07:00.0: 0x00000011 | uCode version major
Oct 24 21:31:22 zippy kernel: [   82.364068] iwlwifi 0000:07:00.0: 0x000701DF | uCode version minor
Oct 24 21:31:22 zippy kernel: [   82.364071] iwlwifi 0000:07:00.0: 0x00000144 | hw version
Oct 24 21:31:22 zippy kernel: [   82.364074] iwlwifi 0000:07:00.0: 0x40489204 | board version
Oct 24 21:31:22 zippy kernel: [   82.364078] iwlwifi 0000:07:00.0: 0x0045014E | hcmd
Oct 24 21:31:22 zippy kernel: [   82.364081] iwlwifi 0000:07:00.0: 0x24022080 | isr0
Oct 24 21:31:22 zippy kernel: [   82.364084] iwlwifi 0000:07:00.0: 0x00000000 | isr1
Oct 24 21:31:22 zippy kernel: [   82.364088] iwlwifi 0000:07:00.0: 0x00000002 | isr2
Oct 24 21:31:22 zippy kernel: [   82.364091] iwlwifi 0000:07:00.0: 0x0041FCC0 | isr3
Oct 24 21:31:22 zippy kernel: [   82.364094] iwlwifi 0000:07:00.0: 0x00000000 | isr4
Oct 24 21:31:22 zippy kernel: [   82.364097] iwlwifi 0000:07:00.0: 0x01000112 | last cmd Id
Oct 24 21:31:22 zippy kernel: [   82.364101] iwlwifi 0000:07:00.0: 0x00000000 | wait_event
Oct 24 21:31:22 zippy kernel: [   82.364104] iwlwifi 0000:07:00.0: 0x000000D4 | l2p_control
Oct 24 21:31:22 zippy kernel: [   82.364107] iwlwifi 0000:07:00.0: 0x00018030 | l2p_duration
Oct 24 21:31:22 zippy kernel: [   82.364111] iwlwifi 0000:07:00.0: 0x00000007 | l2p_mhvalid
Oct 24 21:31:22 zippy kernel: [   82.364114] iwlwifi 0000:07:00.0: 0x00008100 | l2p_addr_match
Oct 24 21:31:22 zippy kernel: [   82.364117] iwlwifi 0000:07:00.0: 0x00000005 | lmpm_pmg_sel
Oct 24 21:31:22 zippy kernel: [   82.364121] iwlwifi 0000:07:00.0: 0x11011741 | timestamp
Oct 24 21:31:22 zippy kernel: [   82.364124] iwlwifi 0000:07:00.0: 0x00006878 | flow_handler
Oct 24 21:31:22 zippy kernel: [   82.364130] ieee80211 phy0: Hardware restart was requested
Oct 24 21:31:23 zippy kernel: [   83.256332] iwlwifi 0000:07:00.0: Microcode SW error detected.  Restarting 0x2000000.
Oct 24 21:31:23 zippy kernel: [   83.256455] iwlwifi 0000:07:00.0: Start IWL Error Log Dump:
Oct 24 21:31:23 zippy kernel: [   83.256460] iwlwifi 0000:07:00.0: Status: 0x00000200, count: 6
Oct 24 21:31:23 zippy kernel: [   83.256464] iwlwifi 0000:07:00.0: Loaded firmware version: 17.459231.0
Oct 24 21:31:23 zippy kernel: [   83.256469] iwlwifi 0000:07:00.0: 0x00002078 | ADVANCED_SYSASSERT
Oct 24 21:31:23 zippy kernel: [   83.256472] iwlwifi 0000:07:00.0: 0x00000220 | trm_hw_status0
Oct 24 21:31:23 zippy kernel: [   83.256476] iwlwifi 0000:07:00.0: 0x00000000 | trm_hw_status1
Oct 24 21:31:23 zippy kernel: [   83.256479] iwlwifi 0000:07:00.0: 0x00000B30 | branchlink2
Oct 24 21:31:23 zippy kernel: [   83.256483] iwlwifi 0000:07:00.0: 0x000164C0 | interruptlink1
Oct 24 21:31:23 zippy kernel: [   83.256486] iwlwifi 0000:07:00.0: 0x00000000 | interruptlink2
Oct 24 21:31:23 zippy kernel: [   83.256489] iwlwifi 0000:07:00.0: 0xDEADBEEF | data1
Oct 24 21:31:23 zippy kernel: [   83.256493] iwlwifi 0000:07:00.0: 0xDEADBEEF | data2
Oct 24 21:31:23 zippy kernel: [   83.256496] iwlwifi 0000:07:00.0: 0xDEADBEEF | data3
Oct 24 21:31:23 zippy kernel: [   83.256499] iwlwifi 0000:07:00.0: 0x0036C2F4 | beacon time
Oct 24 21:31:23 zippy kernel: [   83.256503] iwlwifi 0000:07:00.0: 0x0007AD19 | tsf low
Oct 24 21:31:23 zippy kernel: [   83.256506] iwlwifi 0000:07:00.0: 0x00000000 | tsf hi
Oct 24 21:31:23 zippy kernel: [   83.256509] iwlwifi 0000:07:00.0: 0x00000000 | time gp1
Oct 24 21:31:23 zippy kernel: [   83.256512] iwlwifi 0000:07:00.0: 0x0007AD1A | time gp2
Oct 24 21:31:23 zippy kernel: [   83.256516] iwlwifi 0000:07:00.0: 0x00000000 | uCode revision type
Oct 24 21:31:23 zippy kernel: [   83.256519] iwlwifi 0000:07:00.0: 0x00000011 | uCode version major
Oct 24 21:31:23 zippy kernel: [   83.256523] iwlwifi 0000:07:00.0: 0x000701DF | uCode version minor
Oct 24 21:31:23 zippy kernel: [   83.256526] iwlwifi 0000:07:00.0: 0x00000144 | hw version
Oct 24 21:31:23 zippy kernel: [   83.256530] iwlwifi 0000:07:00.0: 0x40489204 | board version
Oct 24 21:31:23 zippy kernel: [   83.256533] iwlwifi 0000:07:00.0: 0x003A014E | hcmd
Oct 24 21:31:23 zippy kernel: [   83.256536] iwlwifi 0000:07:00.0: 0x24022080 | isr0
Oct 24 21:31:23 zippy kernel: [   83.256539] iwlwifi 0000:07:00.0: 0x00000000 | isr1
Oct 24 21:31:23 zippy kernel: [   83.256543] iwlwifi 0000:07:00.0: 0x00000002 | isr2
Oct 24 21:31:23 zippy kernel: [   83.256546] iwlwifi 0000:07:00.0: 0x004010C0 | isr3
Oct 24 21:31:23 zippy kernel: [   83.256549] iwlwifi 0000:07:00.0: 0x00000000 | isr4
Oct 24 21:31:23 zippy kernel: [   83.256552] iwlwifi 0000:07:00.0: 0x01000112 | last cmd Id
Oct 24 21:31:23 zippy kernel: [   83.256556] iwlwifi 0000:07:00.0: 0x00000000 | wait_event
Oct 24 21:31:23 zippy kernel: [   83.256559] iwlwifi 0000:07:00.0: 0x000000D4 | l2p_control
Oct 24 21:31:23 zippy kernel: [   83.256562] iwlwifi 0000:07:00.0: 0x00018030 | l2p_duration
Oct 24 21:31:23 zippy kernel: [   83.256566] iwlwifi 0000:07:00.0: 0x00000007 | l2p_mhvalid
Oct 24 21:31:23 zippy kernel: [   83.256569] iwlwifi 0000:07:00.0: 0x00008100 | l2p_addr_match
Oct 24 21:31:23 zippy kernel: [   83.256573] iwlwifi 0000:07:00.0: 0x00000005 | lmpm_pmg_sel
Oct 24 21:31:23 zippy kernel: [   83.256576] iwlwifi 0000:07:00.0: 0x11011741 | timestamp
Oct 24 21:31:23 zippy kernel: [   83.256579] iwlwifi 0000:07:00.0: 0x0000D8E8 | flow_handler
Oct 24 21:31:23 zippy kernel: [   83.256585] ieee80211 phy0: Hardware restart was requested
[...]
Oct 24 21:34:25 zippy kernel: [  265.497497] ------------[ cut here ]------------
Oct 24 21:34:25 zippy kernel: [  265.497526] WARNING: CPU: 4 PID: 544 at /home/kernel/COD/linux/drivers/net/wireless/intel/iwlwifi/mvm/tx.c:1393 iwl_mvm_rx_tx_cmd+0x698/0x7d0 [iwlmvm]
Oct 24 21:34:25 zippy kernel: [  265.497528] Modules linked in: ccm pci_stub vboxpci(OE) vboxnetadp(OE) vboxnetflt(OE) vboxdrv(OE) bnep snd_hda_codec_hdmi nf_log_ipv4 nf_log_common xt_LOG xt_tcpudp nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack libcrc32c iptable_filter ip_tables x_tables arc4 snd_hda_codec_realtek snd_hda_codec_generic snd_hda_intel snd_hda_codec snd_hda_core snd_hwdep snd_pcm intel_rapl x86_pkg_temp_thermal intel_powerclamp coretemp snd_seq_midi kvm_intel bridge snd_seq_midi_event stp llc joydev kvm snd_rawmidi irqbypass input_leds crct10dif_pclmul iwlmvm crc32_pclmul ghash_clmulni_intel snd_seq mac80211 pcbc iwlwifi aesni_intel aes_x86_64 snd_seq_device crypto_simd glue_helper snd_timer cryptd cfg80211 snd intel_cstate intel_rapl_perf mei_me soundcore shpchp mei hci_uart btbcm serdev btqca btintel
Oct 24 21:34:25 zippy kernel: [  265.497606]  bluetooth ecdh_generic intel_lpss_acpi intel_lpss acpi_als mac_hid kfifo_buf tpm_infineon acpi_pad industrialio parport_pc ppdev lp parport autofs4 i915 i2c_algo_bit e1000e drm_kms_helper syscopyarea ptp sysfillrect e100 hid_generic sysimgblt pps_core mii fb_sys_fops e1000 usbhid drm ahci libahci wmi i2c_hid pinctrl_sunrisepoint video pinctrl_intel hid
Oct 24 21:34:25 zippy kernel: [  265.497653] CPU: 4 PID: 544 Comm: irq/127-iwlwifi Tainted: G        W  OE   4.13.0-041300-generic #201709031731
Oct 24 21:34:25 zippy kernel: [  265.497655] Hardware name: Gigabyte Technology Co., Ltd. Z170M-D3H/Z170M-D3H-CF, BIOS F20 11/17/2016
Oct 24 21:34:25 zippy kernel: [  265.497657] task: ffff9b07698a4740 task.stack: ffffbff9824d4000
Oct 24 21:34:25 zippy kernel: [  265.497676] RIP: 0010:iwl_mvm_rx_tx_cmd+0x698/0x7d0 [iwlmvm]
Oct 24 21:34:25 zippy kernel: [  265.497679] RSP: 0018:ffffbff9824d7cb0 EFLAGS: 00050202
Oct 24 21:34:25 zippy kernel: [  265.497682] RAX: 0000000001051010 RBX: ffff9b0767751568 RCX: 000000018015000e
Oct 24 21:34:25 zippy kernel: [  265.497684] RDX: 000000018015000f RSI: ffffe5989094cf80 RDI: 0000000040042000
Oct 24 21:34:25 zippy kernel: [  265.497686] RBP: ffffbff9824d7d30 R08: ffff9b0764c71f30 R09: 000000018015000e
Oct 24 21:34:25 zippy kernel: [  265.497688] R10: ffffbff9824d7c88 R11: ffffffffaa279400 R12: 0000000000000088
Oct 24 21:34:25 zippy kernel: [  265.497690] R13: ffff9b0764c71f00 R14: 0000000000000240 R15: ffff9b064ccec000
Oct 24 21:34:25 zippy kernel: [  265.497694] FS:  0000000000000000(0000) GS:ffff9b077ed00000(0000) knlGS:0000000000000000
Oct 24 21:34:25 zippy kernel: [  265.497696] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Oct 24 21:34:25 zippy kernel: [  265.497698] CR2: 0000000800ece860 CR3: 0000000313009000 CR4: 00000000003426e0
Oct 24 21:34:25 zippy kernel: [  265.497700] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Oct 24 21:34:25 zippy kernel: [  265.497702] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Oct 24 21:34:25 zippy kernel: [  265.497704] Call Trace:
Oct 24 21:34:25 zippy kernel: [  265.497712]  ? wake_up_process+0x15/0x20
Oct 24 21:34:25 zippy kernel: [  265.497731]  iwl_mvm_rx_common+0x77/0x250 [iwlmvm]
Oct 24 21:34:25 zippy kernel: [  265.497745]  iwl_mvm_rx+0x5d/0x70 [iwlmvm]
Oct 24 21:34:25 zippy kernel: [  265.497762]  iwl_pcie_rx_handle+0x22b/0x9a0 [iwlwifi]
Oct 24 21:34:25 zippy kernel: [  265.497777]  iwl_pcie_irq_handler+0x61b/0x990 [iwlwifi]
Oct 24 21:34:25 zippy kernel: [  265.497784]  ? irq_finalize_oneshot.part.38+0xf0/0xf0
Oct 24 21:34:25 zippy kernel: [  265.497789]  irq_thread_fn+0x20/0x50
Oct 24 21:34:25 zippy kernel: [  265.497794]  irq_thread+0x12f/0x1a0
Oct 24 21:34:25 zippy kernel: [  265.497799]  ? irq_forced_thread_fn+0x70/0x70
Oct 24 21:34:25 zippy kernel: [  265.497803]  kthread+0x125/0x140
Oct 24 21:34:25 zippy kernel: [  265.497809]  ? irq_thread_check_affinity+0xe0/0xe0
Oct 24 21:34:25 zippy kernel: [  265.497812]  ? kthread_create_on_node+0x70/0x70
Oct 24 21:34:25 zippy kernel: [  265.497820]  ret_from_fork+0x25/0x30
Oct 24 21:34:25 zippy kernel: [  265.497822] Code: 89 f7 e8 dc c5 18 00 e9 24 ff ff ff 8b 4d 98 48 c7 c2 99 3a 97 c0 48 89 df 4c 89 45 88 e8 51 19 02 00 4c 8b 45 88 e9 87 fb ff ff <0f> ff e9 64 fb ff ff 0f ff e9 6d fa ff ff 48 63 45 a8 0f b7 4d
Oct 24 21:34:25 zippy kernel: [  265.497889] ---[ end trace 22ccae5d67387e29 ]---
Oct 24 21:34:25 zippy kernel: [  265.498010] ------------[ cut here ]------------
Oct 24 21:34:25 zippy kernel: [  265.498029] WARNING: CPU: 4 PID: 544 at /home/kernel/COD/linux/drivers/net/wireless/intel/iwlwifi/mvm/tx.c:1393 iwl_mvm_rx_tx_cmd+0x698/0x7d0 [iwlmvm]
Oct 24 21:34:25 zippy kernel: [  265.498031] Modules linked in: ccm pci_stub vboxpci(OE) vboxnetadp(OE) vboxnetflt(OE) vboxdrv(OE) bnep snd_hda_codec_hdmi nf_log_ipv4 nf_log_common xt_LOG xt_tcpudp nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack libcrc32c iptable_filter ip_tables x_tables arc4 snd_hda_codec_realtek snd_hda_codec_generic snd_hda_intel snd_hda_codec snd_hda_core snd_hwdep snd_pcm intel_rapl x86_pkg_temp_thermal intel_powerclamp coretemp snd_seq_midi kvm_intel bridge snd_seq_midi_event stp llc joydev kvm snd_rawmidi irqbypass input_leds crct10dif_pclmul iwlmvm crc32_pclmul ghash_clmulni_intel snd_seq mac80211 pcbc iwlwifi aesni_intel aes_x86_64 snd_seq_device crypto_simd glue_helper snd_timer cryptd cfg80211 snd intel_cstate intel_rapl_perf mei_me soundcore shpchp mei hci_uart btbcm serdev btqca btintel
Oct 24 21:34:25 zippy kernel: [  265.498100]  bluetooth ecdh_generic intel_lpss_acpi intel_lpss acpi_als mac_hid kfifo_buf tpm_infineon acpi_pad industrialio parport_pc ppdev lp parport autofs4 i915 i2c_algo_bit e1000e drm_kms_helper syscopyarea ptp sysfillrect e100 hid_generic sysimgblt pps_core mii fb_sys_fops e1000 usbhid drm ahci libahci wmi i2c_hid pinctrl_sunrisepoint video pinctrl_intel hid
Oct 24 21:34:25 zippy kernel: [  265.498143] CPU: 4 PID: 544 Comm: irq/127-iwlwifi Tainted: G        W  OE   4.13.0-041300-generic #201709031731
Oct 24 21:34:25 zippy kernel: [  265.498144] Hardware name: Gigabyte Technology Co., Ltd. Z170M-D3H/Z170M-D3H-CF, BIOS F20 11/17/2016
Oct 24 21:34:25 zippy kernel: [  265.498147] task: ffff9b07698a4740 task.stack: ffffbff9824d4000
Oct 24 21:34:25 zippy kernel: [  265.498160] RIP: 0010:iwl_mvm_rx_tx_cmd+0x698/0x7d0 [iwlmvm]
Oct 24 21:34:25 zippy kernel: [  265.498162] RSP: 0018:ffffbff9824d7cb0 EFLAGS: 00050202
Oct 24 21:34:25 zippy kernel: [  265.498166] RAX: 0000000001051010 RBX: ffff9b0767751568 RCX: 000000000000064b
Oct 24 21:34:25 zippy kernel: [  265.498168] RDX: 000000000000064a RSI: ffff9b077ed20380 RDI: ffffe59890a29a80
Oct 24 21:34:25 zippy kernel: [  265.498170] RBP: ffffbff9824d7d30 R08: ffff9b0764c71f30 R09: ffffffffc093e999
Oct 24 21:34:25 zippy kernel: [  265.498171] R10: ffff9b07636f8000 R11: ffffffffaa2794f0 R12: 0000000000000088
Oct 24 21:34:25 zippy kernel: [  265.498173] R13: ffff9b0764c71f00 R14: 0000000000000250 R15: ffff9b064c1de000
Oct 24 21:34:25 zippy kernel: [  265.498176] FS:  0000000000000000(0000) GS:ffff9b077ed00000(0000) knlGS:0000000000000000
Oct 24 21:34:25 zippy kernel: [  265.498178] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Oct 24 21:34:25 zippy kernel: [  265.498180] CR2: 0000000800ece860 CR3: 0000000313009000 CR4: 00000000003426e0
Oct 24 21:34:25 zippy kernel: [  265.498182] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Oct 24 21:34:25 zippy kernel: [  265.498184] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Oct 24 21:34:25 zippy kernel: [  265.498185] Call Trace:
Oct 24 21:34:25 zippy kernel: [  265.498190]  ? wake_up_process+0x15/0x20
Oct 24 21:34:25 zippy kernel: [  265.498205]  iwl_mvm_rx_common+0x77/0x250 [iwlmvm]
Oct 24 21:34:25 zippy kernel: [  265.498218]  iwl_mvm_rx+0x5d/0x70 [iwlmvm]
Oct 24 21:34:25 zippy kernel: [  265.498232]  iwl_pcie_rx_handle+0x22b/0x9a0 [iwlwifi]
Oct 24 21:34:25 zippy kernel: [  265.498258]  iwl_pcie_irq_handler+0x61b/0x990 [iwlwifi]
Oct 24 21:34:25 zippy kernel: [  265.498264]  ? irq_finalize_oneshot.part.38+0xf0/0xf0
Oct 24 21:34:25 zippy kernel: [  265.498269]  irq_thread_fn+0x20/0x50
Oct 24 21:34:25 zippy kernel: [  265.498274]  irq_thread+0x12f/0x1a0
Oct 24 21:34:25 zippy kernel: [  265.498280]  ? irq_forced_thread_fn+0x70/0x70
Oct 24 21:34:25 zippy kernel: [  265.498283]  kthread+0x125/0x140
Oct 24 21:34:25 zippy kernel: [  265.498288]  ? irq_thread_check_affinity+0xe0/0xe0
Oct 24 21:34:25 zippy kernel: [  265.498292]  ? kthread_create_on_node+0x70/0x70
Oct 24 21:34:25 zippy kernel: [  265.498298]  ret_from_fork+0x25/0x30
Oct 24 21:34:25 zippy kernel: [  265.498301] Code: 89 f7 e8 dc c5 18 00 e9 24 ff ff ff 8b 4d 98 48 c7 c2 99 3a 97 c0 48 89 df 4c 89 45 88 e8 51 19 02 00 4c 8b 45 88 e9 87 fb ff ff <0f> ff e9 64 fb ff ff 0f ff e9 6d fa ff ff 48 63 45 a8 0f b7 4d
Oct 24 21:34:25 zippy kernel: [  265.498367] ---[ end trace 22ccae5d67387e2a ]---


^ permalink raw reply

* Re: A good way to get CSI info to user-space?
From: Ben Greear @ 2017-10-24 20:15 UTC (permalink / raw)
  To: Johannes Berg, linux-wireless@vger.kernel.org
In-Reply-To: <1508853316.2639.31.camel@sipsolutions.net>

On 10/24/2017 06:55 AM, Johannes Berg wrote:
> On Tue, 2017-10-24 at 06:50 -0700, Ben Greear wrote:
>
>>> We keep having this discussion. You need to fix this, it should be
>>> really simple to fix this - just remove all checks for CONF_MONITOR
>>> from ath10k and make it use WANT_MONITOR_VIF instead if it doesn't
>>> already.
>>
>> I don't recall having this discussion,
>
> I'm pretty sure I had this discussion about ath10k not liking virtual
> monitor, but maybe it was with somebody else.
>
>> but even if you can do a
>> non-promiscuous monitor mode, you would have to end up having a bpf
>> socket filter and packet socket, right?
>
> True.
>
>> Wouldn't that have a noticeable effect on performance on modest sized
>> AP hardware?
>
> Yes. I was planning to add the wifi BPF to fix that:
> https://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next.git/log/?h=bpf
>
> You shouldn't think that building netlink messages is free though.
> There's a lot more locking etc. going on there.

CSI info is quite rare (probe-responses only at this point),
so even if each report is somewhat costly, that
will still be a lot less over-all work than running any kind of filter on
every frame.

I'm not sure how often tx-beamforming data is made available, but probably
it is somewhat rare compared to normal data packets, at least in ath10k.

>>>> mac80211_nl_send_opaque_event(mac80211-handle, int data-type, u8* data, int data_len);
>>>
>>> I will not accept this upstream.
>>
>> Thanks for letting me know up front, at least.
>>
>> Anyone know if there is a useful way to stream events from debugfs
>> and/or sysfs w/out having to busy-poll on it?
>
> There's relayfs, which is kinda built for that. You could even use
> netlink vendor events, but I don't really think netlink is appropriate
> here.

I'll look into the netlink vendor events.

Thanks,
Ben

>
> johannes
>


-- 
Ben Greear <greearb@candelatech.com>
Candela Technologies Inc  http://www.candelatech.com

^ permalink raw reply

* Re: [PATCH v2] ath10k: rebuild crypto header in Rx data frames
From: Sebastian Gottschall @ 2017-10-24 20:41 UTC (permalink / raw)
  To: Kalle Valo, ath10k; +Cc: linux-wireless, Vasanthakumar Thiagarajan
In-Reply-To: <1508867652-16199-1-git-send-email-kvalo@qca.qualcomm.com>

patch works. tested in sta and ap mode so far on 9984

Am 24.10.2017 um 19:54 schrieb Kalle Valo:
> From: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
>
> Rx data frames notified through HTT_T2H_MSG_TYPE_RX_IND and
> HTT_T2H_MSG_TYPE_RX_FRAG_IND expect PN/TSC check to be done
> on host (mac80211) rather than firmware. Rebuild cipher header
> in every received data frames (that are notified through those
> HTT interfaces) from the rx_hdr_status tlv available in the
> rx descriptor of the first msdu. Skip setting RX_FLAG_IV_STRIPPED
> flag for the packets which requires mac80211 PN/TSC check support
> and set appropriate RX_FLAG for stripped crypto tail. Hw QCA988X,
> QCA9887, QCA99X0, QCA9984, QCA9888 and QCA4019 currently need the
> rebuilding of cipher header to perform PN/TSC check for replay
> attack.
>
> Tested-by: Manikanta Pubbisetty <mpubbise@qti.qualcomm.com>
> Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
> Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
> ---
>
> v2:
>
> * Construct cipher header from rx_hdr_status tlv rather than from
>    the msdu_start and mpdu_start tlvs. This fixes connection
>    issues, also reduces the amount of code change.
>
> * Make sure the frame is qos data before clearing AMSDU_PRESENT
>    bit of qos control field.
>
> * Fix traffic issue with QCA988X and QCA9887 hw by taking care of
>    padding bytes added for 4-byte alignment before the cipher
>    header.
>
> TODO:
>
> * CCMP-256 and GCMP/GCMP-256 are not yet supported
>
>   drivers/net/wireless/ath/ath10k/htt_rx.c | 91 ++++++++++++++++++++++++++------
>   1 file changed, 74 insertions(+), 17 deletions(-)
>
> diff --git a/drivers/net/wireless/ath/ath10k/htt_rx.c b/drivers/net/wireless/ath/ath10k/htt_rx.c
> index a3f5dc78353f..aae4f0ea9360 100644
> --- a/drivers/net/wireless/ath/ath10k/htt_rx.c
> +++ b/drivers/net/wireless/ath/ath10k/htt_rx.c
> @@ -1050,8 +1050,14 @@ static void ath10k_htt_rx_h_undecap_raw(struct ath10k *ar,
>   
>   	hdr = (void *)msdu->data;
>   
> -	/* Tail */
> -	if (status->flag & RX_FLAG_IV_STRIPPED)
> +	/* MIC */
> +	if ((status->flag & RX_FLAG_MIC_STRIPPED) &&
> +	    enctype == HTT_RX_MPDU_ENCRYPT_AES_CCM_WPA2)
> +		skb_trim(msdu, msdu->len - 8);
> +
> +	/* ICV */
> +	if (status->flag & RX_FLAG_ICV_STRIPPED &&
> +	    enctype != HTT_RX_MPDU_ENCRYPT_AES_CCM_WPA2)
>   		skb_trim(msdu, msdu->len -
>   			 ath10k_htt_rx_crypto_tail_len(ar, enctype));
>   
> @@ -1075,7 +1081,8 @@ static void ath10k_htt_rx_h_undecap_raw(struct ath10k *ar,
>   static void ath10k_htt_rx_h_undecap_nwifi(struct ath10k *ar,
>   					  struct sk_buff *msdu,
>   					  struct ieee80211_rx_status *status,
> -					  const u8 first_hdr[64])
> +					  const u8 first_hdr[64],
> +					  enum htt_rx_mpdu_encrypt_type enctype)
>   {
>   	struct ieee80211_hdr *hdr;
>   	struct htt_rx_desc *rxd;
> @@ -1083,6 +1090,7 @@ static void ath10k_htt_rx_h_undecap_nwifi(struct ath10k *ar,
>   	u8 da[ETH_ALEN];
>   	u8 sa[ETH_ALEN];
>   	int l3_pad_bytes;
> +	int bytes_aligned = ar->hw_params.decap_align_bytes;
>   
>   	/* Delivered decapped frame:
>   	 * [nwifi 802.11 header] <-- replaced with 802.11 hdr
> @@ -1111,6 +1119,14 @@ static void ath10k_htt_rx_h_undecap_nwifi(struct ath10k *ar,
>   	/* push original 802.11 header */
>   	hdr = (struct ieee80211_hdr *)first_hdr;
>   	hdr_len = ieee80211_hdrlen(hdr->frame_control);
> +
> +	if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
> +		memcpy(skb_push(msdu,
> +				ath10k_htt_rx_crypto_param_len(ar, enctype)),
> +		       (void *)hdr + round_up(hdr_len, bytes_aligned),
> +			ath10k_htt_rx_crypto_param_len(ar, enctype));
> +	}
> +
>   	memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
>   
>   	/* original 802.11 header has a different DA and in
> @@ -1171,6 +1187,7 @@ static void ath10k_htt_rx_h_undecap_eth(struct ath10k *ar,
>   	u8 sa[ETH_ALEN];
>   	int l3_pad_bytes;
>   	struct htt_rx_desc *rxd;
> +	int bytes_aligned = ar->hw_params.decap_align_bytes;
>   
>   	/* Delivered decapped frame:
>   	 * [eth header] <-- replaced with 802.11 hdr & rfc1042/llc
> @@ -1199,6 +1216,14 @@ static void ath10k_htt_rx_h_undecap_eth(struct ath10k *ar,
>   	/* push original 802.11 header */
>   	hdr = (struct ieee80211_hdr *)first_hdr;
>   	hdr_len = ieee80211_hdrlen(hdr->frame_control);
> +
> +	if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
> +		memcpy(skb_push(msdu,
> +				ath10k_htt_rx_crypto_param_len(ar, enctype)),
> +		       (void *)hdr + round_up(hdr_len, bytes_aligned),
> +			ath10k_htt_rx_crypto_param_len(ar, enctype));
> +	}
> +
>   	memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
>   
>   	/* original 802.11 header has a different DA and in
> @@ -1212,12 +1237,14 @@ static void ath10k_htt_rx_h_undecap_eth(struct ath10k *ar,
>   static void ath10k_htt_rx_h_undecap_snap(struct ath10k *ar,
>   					 struct sk_buff *msdu,
>   					 struct ieee80211_rx_status *status,
> -					 const u8 first_hdr[64])
> +					 const u8 first_hdr[64],
> +					 enum htt_rx_mpdu_encrypt_type enctype)
>   {
>   	struct ieee80211_hdr *hdr;
>   	size_t hdr_len;
>   	int l3_pad_bytes;
>   	struct htt_rx_desc *rxd;
> +	int bytes_aligned = ar->hw_params.decap_align_bytes;
>   
>   	/* Delivered decapped frame:
>   	 * [amsdu header] <-- replaced with 802.11 hdr
> @@ -1233,6 +1260,14 @@ static void ath10k_htt_rx_h_undecap_snap(struct ath10k *ar,
>   
>   	hdr = (struct ieee80211_hdr *)first_hdr;
>   	hdr_len = ieee80211_hdrlen(hdr->frame_control);
> +
> +	if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
> +		memcpy(skb_push(msdu,
> +				ath10k_htt_rx_crypto_param_len(ar, enctype)),
> +		       (void *)hdr + round_up(hdr_len, bytes_aligned),
> +			ath10k_htt_rx_crypto_param_len(ar, enctype));
> +	}
> +
>   	memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
>   }
>   
> @@ -1267,13 +1302,15 @@ static void ath10k_htt_rx_h_undecap(struct ath10k *ar,
>   					    is_decrypted);
>   		break;
>   	case RX_MSDU_DECAP_NATIVE_WIFI:
> -		ath10k_htt_rx_h_undecap_nwifi(ar, msdu, status, first_hdr);
> +		ath10k_htt_rx_h_undecap_nwifi(ar, msdu, status, first_hdr,
> +					      enctype);
>   		break;
>   	case RX_MSDU_DECAP_ETHERNET2_DIX:
>   		ath10k_htt_rx_h_undecap_eth(ar, msdu, status, first_hdr, enctype);
>   		break;
>   	case RX_MSDU_DECAP_8023_SNAP_LLC:
> -		ath10k_htt_rx_h_undecap_snap(ar, msdu, status, first_hdr);
> +		ath10k_htt_rx_h_undecap_snap(ar, msdu, status, first_hdr,
> +					     enctype);
>   		break;
>   	}
>   }
> @@ -1316,7 +1353,8 @@ static void ath10k_htt_rx_h_csum_offload(struct sk_buff *msdu)
>   
>   static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
>   				 struct sk_buff_head *amsdu,
> -				 struct ieee80211_rx_status *status)
> +				 struct ieee80211_rx_status *status,
> +				 bool fill_crypt_header)
>   {
>   	struct sk_buff *first;
>   	struct sk_buff *last;
> @@ -1326,7 +1364,6 @@ static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
>   	enum htt_rx_mpdu_encrypt_type enctype;
>   	u8 first_hdr[64];
>   	u8 *qos;
> -	size_t hdr_len;
>   	bool has_fcs_err;
>   	bool has_crypto_err;
>   	bool has_tkip_err;
> @@ -1351,15 +1388,17 @@ static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
>   	 * decapped header. It'll be used for undecapping of each MSDU.
>   	 */
>   	hdr = (void *)rxd->rx_hdr_status;
> -	hdr_len = ieee80211_hdrlen(hdr->frame_control);
> -	memcpy(first_hdr, hdr, hdr_len);
> +	memcpy(first_hdr, hdr, RX_HTT_HDR_STATUS_LEN);
>   
>   	/* Each A-MSDU subframe will use the original header as the base and be
>   	 * reported as a separate MSDU so strip the A-MSDU bit from QoS Ctl.
>   	 */
>   	hdr = (void *)first_hdr;
> -	qos = ieee80211_get_qos_ctl(hdr);
> -	qos[0] &= ~IEEE80211_QOS_CTL_A_MSDU_PRESENT;
> +
> +	if (ieee80211_is_data_qos(hdr->frame_control)) {
> +		qos = ieee80211_get_qos_ctl(hdr);
> +		qos[0] &= ~IEEE80211_QOS_CTL_A_MSDU_PRESENT;
> +	}
>   
>   	/* Some attention flags are valid only in the last MSDU. */
>   	last = skb_peek_tail(amsdu);
> @@ -1406,9 +1445,14 @@ static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
>   		status->flag |= RX_FLAG_DECRYPTED;
>   
>   		if (likely(!is_mgmt))
> -			status->flag |= RX_FLAG_IV_STRIPPED |
> -					RX_FLAG_MMIC_STRIPPED;
> -}
> +			status->flag |= RX_FLAG_MMIC_STRIPPED;
> +
> +		if (fill_crypt_header)
> +			status->flag |= RX_FLAG_MIC_STRIPPED |
> +					RX_FLAG_ICV_STRIPPED;
> +		else
> +			status->flag |= RX_FLAG_IV_STRIPPED;
> +	}
>   
>   	skb_queue_walk(amsdu, msdu) {
>   		ath10k_htt_rx_h_csum_offload(msdu);
> @@ -1424,6 +1468,9 @@ static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
>   		if (is_mgmt)
>   			continue;
>   
> +		if (fill_crypt_header)
> +			continue;
> +
>   		hdr = (void *)msdu->data;
>   		hdr->frame_control &= ~__cpu_to_le16(IEEE80211_FCTL_PROTECTED);
>   	}
> @@ -1434,6 +1481,9 @@ static void ath10k_htt_rx_h_deliver(struct ath10k *ar,
>   				    struct ieee80211_rx_status *status)
>   {
>   	struct sk_buff *msdu;
> +	struct sk_buff *first_subframe;
> +
> +	first_subframe = skb_peek(amsdu);
>   
>   	while ((msdu = __skb_dequeue(amsdu))) {
>   		/* Setup per-MSDU flags */
> @@ -1442,6 +1492,13 @@ static void ath10k_htt_rx_h_deliver(struct ath10k *ar,
>   		else
>   			status->flag |= RX_FLAG_AMSDU_MORE;
>   
> +		if (msdu == first_subframe) {
> +			first_subframe = NULL;
> +			status->flag &= ~RX_FLAG_ALLOW_SAME_PN;
> +		} else {
> +			status->flag |= RX_FLAG_ALLOW_SAME_PN;
> +		}
> +
>   		ath10k_process_rx(ar, status, msdu);
>   	}
>   }
> @@ -1584,7 +1641,7 @@ static int ath10k_htt_rx_handle_amsdu(struct ath10k_htt *htt)
>   		ath10k_htt_rx_h_unchain(ar, &amsdu);
>   
>   	ath10k_htt_rx_h_filter(ar, &amsdu, rx_status);
> -	ath10k_htt_rx_h_mpdu(ar, &amsdu, rx_status);
> +	ath10k_htt_rx_h_mpdu(ar, &amsdu, rx_status, true);
>   	ath10k_htt_rx_h_deliver(ar, &amsdu, rx_status);
>   
>   	return num_msdus;
> @@ -1923,7 +1980,7 @@ static int ath10k_htt_rx_in_ord_ind(struct ath10k *ar, struct sk_buff *skb,
>   			budget_left -= skb_queue_len(&amsdu);
>   			ath10k_htt_rx_h_ppdu(ar, &amsdu, status, vdev_id);
>   			ath10k_htt_rx_h_filter(ar, &amsdu, status);
> -			ath10k_htt_rx_h_mpdu(ar, &amsdu, status);
> +			ath10k_htt_rx_h_mpdu(ar, &amsdu, status, false);
>   			ath10k_htt_rx_h_deliver(ar, &amsdu, status);
>   			break;
>   		case -EAGAIN:


-- 
Mit freundlichen Grüssen / Regards

Sebastian Gottschall / CTO

NewMedia-NET GmbH - DD-WRT
Firmensitz:  Stubenwaldallee 21a, 64625 Bensheim
Registergericht: Amtsgericht Darmstadt, HRB 25473
Geschäftsführer: Peter Steinhäuser, Christian Scheele
http://www.dd-wrt.com
email: s.gottschall@dd-wrt.com
Tel.: +496251-582650 / Fax: +496251-5826565

^ permalink raw reply

* Re: iwlwifi crash with hostapd
From: James Cameron @ 2017-10-24 21:01 UTC (permalink / raw)
  To: Mario Theodoridis; +Cc: linux-wireless
In-Reply-To: <8b961054-0b13-771b-387e-b47837c493ca@schmut.com>

Summary: WARN_ON(iwl_mvm_is_dqa_supported(mvm)) in
iwl_mvm_rx_tx_cmd_single with v4.13, but code is since changed.

On Tue, Oct 24, 2017 at 09:56:31PM +0200, Mario Theodoridis wrote:
> Sorry for skipping the list one the last one.

Sorry, that was my fault.  It was a private message you replied to.

> On 19.10.2017 22:59, James Cameron wrote:
> >On Thu, Oct 19, 2017 at 08:56:46AM +0200, Mario Theodoridis wrote:
> >>On 18/10/17 23:33, James Cameron wrote:
> >>
> >>     For your interest, kernel v4.4.93 in stable series just released has
> >>     changes in relevant files.
> >>
> >>     https://lwn.net/Articles/736770/
> >>
> >>Thanks James,
> >>
> >>after looking into bisection last night, i found that just before
> >>i wanted to test out the 4.4.0-82 kernel, i found 3 stack traces
> >>in my syslog. :(
> >>
> >>I guess, i'm dealing with race conditions now. But it seems the 79
> >>kernel still crashes wifi a lot less than later ones.
> >>
> >>How do i get line numbers into these traces?
> 
> As the 4.4.0-79 kernel was sometimes crapping out, too, i decided to
> try to test the latest kernel instead of bisecting after all.  This
> took a while because virtualbox was being a bitch. virtualbox-5.0
> doesn't bode well with virtualbox-dkms-51, so i ended up rebuilding
> virtualbox-5.1 to prevent dependency hell.  The vb-dkms package
> doesn't do 4.14, so i ended up going with the 4.13 kernel that comes
> with artful.

You didn't say virtualbox was essential for reproducing the problem,
so I'm continuing to exclude it from thought.  If it is essential for
reproducing, then you might contact them.

Please do make sure you can exclude virtualbox as a cause.

> This one pretty quickly loads my syslog with new error stacks. I
> haven't tested actual behavior yet, but the logs don't look so hot.

Do connections frequently keep dying as before?

> I ran another wireless-info (attached) and appended some of the
> syslog stuff to it.

Thanks, you identified a line of code and cause; a WARN_ON in
iwl_mvm_rx_tx_cmd_single;

		case TX_STATUS_FAIL_DEST_PS:
			/* In DQA, the FW should have stopped the queue and not
			 * return this status
			 */
			WARN_ON(iwl_mvm_is_dqa_supported(mvm));
			info->flags |= IEEE80211_TX_STAT_TX_FILTERED;
			break;

But it is only a warning.  If connections aren't dying, it may not be
important to you.

Please check you are using the most recent linux-firmware?

> >Several methods, though by far the most common seems to be personal
> >experience with offsets.
> >
> >When you don't have that personal experience, the methods are;
> >
> >1.  using GDB against the .o file,
> >
> >2.  using binutils objdump to disassemble .o file or vmlinuz,
> >
> >3.  using GCC to generate assembly listings,
> >
> >See https://wiki.ubuntu.com/Kernel/KernelDebuggingTricks right down
> >the end of page for the GDB method.
> 
> I have gotten around to that part, yet, as i was busy with the
> above, but it seems later versions have issues, too.

However, you're still testing old source code.

Several changes made since are worth testing, please either
cherry-pick the patches or test a 4.14 rc kernel, and without
involving dkms or virtualbox.

Or, if new firmware fixes the problem, go with that instead.

> -- 
> Mit freundlichen Grüßen/Best regards
> 
> Mario Theodoridis

> 
> ########## wireless info START ##########
> [...]

-- 
James Cameron
http://quozl.netrek.org/

^ permalink raw reply

* Re: [PATCH v2] ath10k: rebuild crypto header in Rx data frames
From: Jasmine Strong @ 2017-10-24 21:15 UTC (permalink / raw)
  To: Sebastian Gottschall
  Cc: Kalle Valo, ath10k, Vasanthakumar Thiagarajan, linux-wireless
In-Reply-To: <720ce165-4a06-1d6e-6158-7983d75eea8a@dd-wrt.com>

Seems to work okay on mixed networks of 9882, 4019 and 9888.

On Tue, Oct 24, 2017 at 1:41 PM, Sebastian Gottschall
<s.gottschall@dd-wrt.com> wrote:
> patch works. tested in sta and ap mode so far on 9984
>
> Am 24.10.2017 um 19:54 schrieb Kalle Valo:
>>
>> From: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
>>
>> Rx data frames notified through HTT_T2H_MSG_TYPE_RX_IND and
>> HTT_T2H_MSG_TYPE_RX_FRAG_IND expect PN/TSC check to be done
>> on host (mac80211) rather than firmware. Rebuild cipher header
>> in every received data frames (that are notified through those
>> HTT interfaces) from the rx_hdr_status tlv available in the
>> rx descriptor of the first msdu. Skip setting RX_FLAG_IV_STRIPPED
>> flag for the packets which requires mac80211 PN/TSC check support
>> and set appropriate RX_FLAG for stripped crypto tail. Hw QCA988X,
>> QCA9887, QCA99X0, QCA9984, QCA9888 and QCA4019 currently need the
>> rebuilding of cipher header to perform PN/TSC check for replay
>> attack.
>>
>> Tested-by: Manikanta Pubbisetty <mpubbise@qti.qualcomm.com>
>> Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
>> Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
>> ---
>>
>> v2:
>>
>> * Construct cipher header from rx_hdr_status tlv rather than from
>>    the msdu_start and mpdu_start tlvs. This fixes connection
>>    issues, also reduces the amount of code change.
>>
>> * Make sure the frame is qos data before clearing AMSDU_PRESENT
>>    bit of qos control field.
>>
>> * Fix traffic issue with QCA988X and QCA9887 hw by taking care of
>>    padding bytes added for 4-byte alignment before the cipher
>>    header.
>>
>> TODO:
>>
>> * CCMP-256 and GCMP/GCMP-256 are not yet supported
>>
>>   drivers/net/wireless/ath/ath10k/htt_rx.c | 91
>> ++++++++++++++++++++++++++------
>>   1 file changed, 74 insertions(+), 17 deletions(-)
>>
>> diff --git a/drivers/net/wireless/ath/ath10k/htt_rx.c
>> b/drivers/net/wireless/ath/ath10k/htt_rx.c
>> index a3f5dc78353f..aae4f0ea9360 100644
>> --- a/drivers/net/wireless/ath/ath10k/htt_rx.c
>> +++ b/drivers/net/wireless/ath/ath10k/htt_rx.c
>> @@ -1050,8 +1050,14 @@ static void ath10k_htt_rx_h_undecap_raw(struct
>> ath10k *ar,
>>         hdr =3D (void *)msdu->data;
>>   -     /* Tail */
>> -       if (status->flag & RX_FLAG_IV_STRIPPED)
>> +       /* MIC */
>> +       if ((status->flag & RX_FLAG_MIC_STRIPPED) &&
>> +           enctype =3D=3D HTT_RX_MPDU_ENCRYPT_AES_CCM_WPA2)
>> +               skb_trim(msdu, msdu->len - 8);
>> +
>> +       /* ICV */
>> +       if (status->flag & RX_FLAG_ICV_STRIPPED &&
>> +           enctype !=3D HTT_RX_MPDU_ENCRYPT_AES_CCM_WPA2)
>>                 skb_trim(msdu, msdu->len -
>>                          ath10k_htt_rx_crypto_tail_len(ar, enctype));
>>   @@ -1075,7 +1081,8 @@ static void ath10k_htt_rx_h_undecap_raw(struct
>> ath10k *ar,
>>   static void ath10k_htt_rx_h_undecap_nwifi(struct ath10k *ar,
>>                                           struct sk_buff *msdu,
>>                                           struct ieee80211_rx_status
>> *status,
>> -                                         const u8 first_hdr[64])
>> +                                         const u8 first_hdr[64],
>> +                                         enum htt_rx_mpdu_encrypt_type
>> enctype)
>>   {
>>         struct ieee80211_hdr *hdr;
>>         struct htt_rx_desc *rxd;
>> @@ -1083,6 +1090,7 @@ static void ath10k_htt_rx_h_undecap_nwifi(struct
>> ath10k *ar,
>>         u8 da[ETH_ALEN];
>>         u8 sa[ETH_ALEN];
>>         int l3_pad_bytes;
>> +       int bytes_aligned =3D ar->hw_params.decap_align_bytes;
>>         /* Delivered decapped frame:
>>          * [nwifi 802.11 header] <-- replaced with 802.11 hdr
>> @@ -1111,6 +1119,14 @@ static void ath10k_htt_rx_h_undecap_nwifi(struct
>> ath10k *ar,
>>         /* push original 802.11 header */
>>         hdr =3D (struct ieee80211_hdr *)first_hdr;
>>         hdr_len =3D ieee80211_hdrlen(hdr->frame_control);
>> +
>> +       if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
>> +               memcpy(skb_push(msdu,
>> +                               ath10k_htt_rx_crypto_param_len(ar,
>> enctype)),
>> +                      (void *)hdr + round_up(hdr_len, bytes_aligned),
>> +                       ath10k_htt_rx_crypto_param_len(ar, enctype));
>> +       }
>> +
>>         memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
>>         /* original 802.11 header has a different DA and in
>> @@ -1171,6 +1187,7 @@ static void ath10k_htt_rx_h_undecap_eth(struct
>> ath10k *ar,
>>         u8 sa[ETH_ALEN];
>>         int l3_pad_bytes;
>>         struct htt_rx_desc *rxd;
>> +       int bytes_aligned =3D ar->hw_params.decap_align_bytes;
>>         /* Delivered decapped frame:
>>          * [eth header] <-- replaced with 802.11 hdr & rfc1042/llc
>> @@ -1199,6 +1216,14 @@ static void ath10k_htt_rx_h_undecap_eth(struct
>> ath10k *ar,
>>         /* push original 802.11 header */
>>         hdr =3D (struct ieee80211_hdr *)first_hdr;
>>         hdr_len =3D ieee80211_hdrlen(hdr->frame_control);
>> +
>> +       if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
>> +               memcpy(skb_push(msdu,
>> +                               ath10k_htt_rx_crypto_param_len(ar,
>> enctype)),
>> +                      (void *)hdr + round_up(hdr_len, bytes_aligned),
>> +                       ath10k_htt_rx_crypto_param_len(ar, enctype));
>> +       }
>> +
>>         memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
>>         /* original 802.11 header has a different DA and in
>> @@ -1212,12 +1237,14 @@ static void ath10k_htt_rx_h_undecap_eth(struct
>> ath10k *ar,
>>   static void ath10k_htt_rx_h_undecap_snap(struct ath10k *ar,
>>                                          struct sk_buff *msdu,
>>                                          struct ieee80211_rx_status
>> *status,
>> -                                        const u8 first_hdr[64])
>> +                                        const u8 first_hdr[64],
>> +                                        enum htt_rx_mpdu_encrypt_type
>> enctype)
>>   {
>>         struct ieee80211_hdr *hdr;
>>         size_t hdr_len;
>>         int l3_pad_bytes;
>>         struct htt_rx_desc *rxd;
>> +       int bytes_aligned =3D ar->hw_params.decap_align_bytes;
>>         /* Delivered decapped frame:
>>          * [amsdu header] <-- replaced with 802.11 hdr
>> @@ -1233,6 +1260,14 @@ static void ath10k_htt_rx_h_undecap_snap(struct
>> ath10k *ar,
>>         hdr =3D (struct ieee80211_hdr *)first_hdr;
>>         hdr_len =3D ieee80211_hdrlen(hdr->frame_control);
>> +
>> +       if (!(status->flag & RX_FLAG_IV_STRIPPED)) {
>> +               memcpy(skb_push(msdu,
>> +                               ath10k_htt_rx_crypto_param_len(ar,
>> enctype)),
>> +                      (void *)hdr + round_up(hdr_len, bytes_aligned),
>> +                       ath10k_htt_rx_crypto_param_len(ar, enctype));
>> +       }
>> +
>>         memcpy(skb_push(msdu, hdr_len), hdr, hdr_len);
>>   }
>>   @@ -1267,13 +1302,15 @@ static void ath10k_htt_rx_h_undecap(struct
>> ath10k *ar,
>>                                             is_decrypted);
>>                 break;
>>         case RX_MSDU_DECAP_NATIVE_WIFI:
>> -               ath10k_htt_rx_h_undecap_nwifi(ar, msdu, status,
>> first_hdr);
>> +               ath10k_htt_rx_h_undecap_nwifi(ar, msdu, status, first_hd=
r,
>> +                                             enctype);
>>                 break;
>>         case RX_MSDU_DECAP_ETHERNET2_DIX:
>>                 ath10k_htt_rx_h_undecap_eth(ar, msdu, status, first_hdr,
>> enctype);
>>                 break;
>>         case RX_MSDU_DECAP_8023_SNAP_LLC:
>> -               ath10k_htt_rx_h_undecap_snap(ar, msdu, status, first_hdr=
);
>> +               ath10k_htt_rx_h_undecap_snap(ar, msdu, status, first_hdr=
,
>> +                                            enctype);
>>                 break;
>>         }
>>   }
>> @@ -1316,7 +1353,8 @@ static void ath10k_htt_rx_h_csum_offload(struct
>> sk_buff *msdu)
>>     static void ath10k_htt_rx_h_mpdu(struct ath10k *ar,
>>                                  struct sk_buff_head *amsdu,
>> -                                struct ieee80211_rx_status *status)
>> +                                struct ieee80211_rx_status *status,
>> +                                bool fill_crypt_header)
>>   {
>>         struct sk_buff *first;
>>         struct sk_buff *last;
>> @@ -1326,7 +1364,6 @@ static void ath10k_htt_rx_h_mpdu(struct ath10k *ar=
,
>>         enum htt_rx_mpdu_encrypt_type enctype;
>>         u8 first_hdr[64];
>>         u8 *qos;
>> -       size_t hdr_len;
>>         bool has_fcs_err;
>>         bool has_crypto_err;
>>         bool has_tkip_err;
>> @@ -1351,15 +1388,17 @@ static void ath10k_htt_rx_h_mpdu(struct ath10k
>> *ar,
>>          * decapped header. It'll be used for undecapping of each MSDU.
>>          */
>>         hdr =3D (void *)rxd->rx_hdr_status;
>> -       hdr_len =3D ieee80211_hdrlen(hdr->frame_control);
>> -       memcpy(first_hdr, hdr, hdr_len);
>> +       memcpy(first_hdr, hdr, RX_HTT_HDR_STATUS_LEN);
>>         /* Each A-MSDU subframe will use the original header as the base
>> and be
>>          * reported as a separate MSDU so strip the A-MSDU bit from QoS
>> Ctl.
>>          */
>>         hdr =3D (void *)first_hdr;
>> -       qos =3D ieee80211_get_qos_ctl(hdr);
>> -       qos[0] &=3D ~IEEE80211_QOS_CTL_A_MSDU_PRESENT;
>> +
>> +       if (ieee80211_is_data_qos(hdr->frame_control)) {
>> +               qos =3D ieee80211_get_qos_ctl(hdr);
>> +               qos[0] &=3D ~IEEE80211_QOS_CTL_A_MSDU_PRESENT;
>> +       }
>>         /* Some attention flags are valid only in the last MSDU. */
>>         last =3D skb_peek_tail(amsdu);
>> @@ -1406,9 +1445,14 @@ static void ath10k_htt_rx_h_mpdu(struct ath10k *a=
r,
>>                 status->flag |=3D RX_FLAG_DECRYPTED;
>>                 if (likely(!is_mgmt))
>> -                       status->flag |=3D RX_FLAG_IV_STRIPPED |
>> -                                       RX_FLAG_MMIC_STRIPPED;
>> -}
>> +                       status->flag |=3D RX_FLAG_MMIC_STRIPPED;
>> +
>> +               if (fill_crypt_header)
>> +                       status->flag |=3D RX_FLAG_MIC_STRIPPED |
>> +                                       RX_FLAG_ICV_STRIPPED;
>> +               else
>> +                       status->flag |=3D RX_FLAG_IV_STRIPPED;
>> +       }
>>         skb_queue_walk(amsdu, msdu) {
>>                 ath10k_htt_rx_h_csum_offload(msdu);
>> @@ -1424,6 +1468,9 @@ static void ath10k_htt_rx_h_mpdu(struct ath10k *ar=
,
>>                 if (is_mgmt)
>>                         continue;
>>   +             if (fill_crypt_header)
>> +                       continue;
>> +
>>                 hdr =3D (void *)msdu->data;
>>                 hdr->frame_control &=3D
>> ~__cpu_to_le16(IEEE80211_FCTL_PROTECTED);
>>         }
>> @@ -1434,6 +1481,9 @@ static void ath10k_htt_rx_h_deliver(struct ath10k
>> *ar,
>>                                     struct ieee80211_rx_status *status)
>>   {
>>         struct sk_buff *msdu;
>> +       struct sk_buff *first_subframe;
>> +
>> +       first_subframe =3D skb_peek(amsdu);
>>         while ((msdu =3D __skb_dequeue(amsdu))) {
>>                 /* Setup per-MSDU flags */
>> @@ -1442,6 +1492,13 @@ static void ath10k_htt_rx_h_deliver(struct ath10k
>> *ar,
>>                 else
>>                         status->flag |=3D RX_FLAG_AMSDU_MORE;
>>   +             if (msdu =3D=3D first_subframe) {
>> +                       first_subframe =3D NULL;
>> +                       status->flag &=3D ~RX_FLAG_ALLOW_SAME_PN;
>> +               } else {
>> +                       status->flag |=3D RX_FLAG_ALLOW_SAME_PN;
>> +               }
>> +
>>                 ath10k_process_rx(ar, status, msdu);
>>         }
>>   }
>> @@ -1584,7 +1641,7 @@ static int ath10k_htt_rx_handle_amsdu(struct
>> ath10k_htt *htt)
>>                 ath10k_htt_rx_h_unchain(ar, &amsdu);
>>         ath10k_htt_rx_h_filter(ar, &amsdu, rx_status);
>> -       ath10k_htt_rx_h_mpdu(ar, &amsdu, rx_status);
>> +       ath10k_htt_rx_h_mpdu(ar, &amsdu, rx_status, true);
>>         ath10k_htt_rx_h_deliver(ar, &amsdu, rx_status);
>>         return num_msdus;
>> @@ -1923,7 +1980,7 @@ static int ath10k_htt_rx_in_ord_ind(struct ath10k
>> *ar, struct sk_buff *skb,
>>                         budget_left -=3D skb_queue_len(&amsdu);
>>                         ath10k_htt_rx_h_ppdu(ar, &amsdu, status, vdev_id=
);
>>                         ath10k_htt_rx_h_filter(ar, &amsdu, status);
>> -                       ath10k_htt_rx_h_mpdu(ar, &amsdu, status);
>> +                       ath10k_htt_rx_h_mpdu(ar, &amsdu, status, false);
>>                         ath10k_htt_rx_h_deliver(ar, &amsdu, status);
>>                         break;
>>                 case -EAGAIN:
>
>
>
> --
> Mit freundlichen Gr=C3=BCssen / Regards
>
> Sebastian Gottschall / CTO
>
> NewMedia-NET GmbH - DD-WRT
> Firmensitz:  Stubenwaldallee 21a, 64625 Bensheim
> Registergericht: Amtsgericht Darmstadt, HRB 25473
> Gesch=C3=A4ftsf=C3=BChrer: Peter Steinh=C3=A4user, Christian Scheele
> http://www.dd-wrt.com
> email: s.gottschall@dd-wrt.com
> Tel.: +496251-582650 / Fax: +496251-5826565
>
>
> _______________________________________________
> ath10k mailing list
> ath10k@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/ath10k

^ permalink raw reply

* [PATCH] wireless-regdb: convert remaining values in mW to equivalent dBm
From: Ryan Mounce @ 2017-10-25  4:45 UTC (permalink / raw)
  To: seth.forshee; +Cc: wireless-regdb, linux-wireless, Ryan Mounce

This patch converts the few remaining rules specified in mW to directly
equivalent rules in dBm, to improve consistency of the regdb.

Signed-off-by: Ryan Mounce <ryan@mounce.com.au>
---
 db.txt | 64 ++++++++++++++++++++++++++++++++--------------------------------
 1 file changed, 32 insertions(+), 32 deletions(-)

diff --git a/db.txt b/db.txt
index 9d129f2..8ea5a66 100644
--- a/db.txt
+++ b/db.txt
@@ -305,7 +305,7 @@ country CR: DFS-FCC
 # - Redes Informáticas
 # Resolución 127, 2011 - Reglamento Banda 2,4 GHz.
 country CU: DFS-FCC
-	(2400 - 2483.5 @ 40), (200 mW)
+	(2400 - 2483.5 @ 40), (23)
 
 country CX: DFS-FCC
 	(2402 - 2482 @ 40), (20)
@@ -327,10 +327,10 @@ country CY: DFS-ETSI
 # Power at 5250 - 5350 MHz and 5470 - 5725 MHz can be doubled if TPC is
 # implemented.
 country CZ: DFS-ETSI
-	(2400 - 2483.5 @ 40), (100 mW)
-	(5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW
-	(5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW
-	(5470 - 5725 @ 160), (500 mW), DFS
+	(2400 - 2483.5 @ 40), (20)
+	(5150 - 5250 @ 80), (23), NO-OUTDOOR, AUTO-BW
+	(5250 - 5350 @ 80), (20), NO-OUTDOOR, DFS, AUTO-BW
+	(5470 - 5725 @ 160), (27), DFS
 	# 60 GHz band channels 1-4, ref: Etsi En 302 567
 	(57000 - 66000 @ 2160), (40)
 
@@ -362,12 +362,12 @@ country CZ: DFS-ETSI
 # https://www.bundesnetzagentur.de/SharedDocs/Downloads/DE/Sachgebiete/Telekommunikation/Unternehmen_Institutionen/Frequenzen/Allgemeinzuteilungen/2011_08_MGWS_pdf.pdf
 
 country DE: DFS-ETSI
-	(2400 - 2483.5 @ 40), (100 mW)
-	(5150 - 5250 @ 80), (100 mW), NO-OUTDOOR, AUTO-BW
-	(5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW
-	(5470 - 5725 @ 160), (500 mW), DFS
+	(2400 - 2483.5 @ 40), (20)
+	(5150 - 5250 @ 80), (20), NO-OUTDOOR, AUTO-BW
+	(5250 - 5350 @ 80), (20), NO-OUTDOOR, DFS, AUTO-BW
+	(5470 - 5725 @ 160), (27), DFS
 	# short range devices (ETSI EN 300 440-1)
-	(5725 - 5875 @ 80), (25 mW)
+	(5725 - 5875 @ 80), (14)
 	# 60 GHz band channels 1-4 (ETSI EN 302 567)
 	(57000 - 66000 @ 2160), (40)
 
@@ -427,12 +427,12 @@ country EG: DFS-ETSI
 # http://www.minetur.gob.es/telecomunicaciones/espectro/paginas/cnaf.aspx
 
 country ES: DFS-ETSI
-	(2400 - 2483.5 @ 40), (100 mW)
-	(5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW
-	(5250 - 5350 @ 80), (100 mW), NO-OUTDOOR, DFS, AUTO-BW
-	(5470 - 5725 @ 160), (500 mW), DFS
+	(2400 - 2483.5 @ 40), (20)
+	(5150 - 5250 @ 80), (23), NO-OUTDOOR, AUTO-BW
+	(5250 - 5350 @ 80), (20), NO-OUTDOOR, DFS, AUTO-BW
+	(5470 - 5725 @ 160), (27), DFS
 	# Short Range Devices (SRD) (ETSI EN 300 440)
-	(5725 - 5875 @ 80), (25 mW)
+	(5725 - 5875 @ 80), (14)
 	# 60 GHz band channels 1-4, ref: Etsi En 302 567
 	(57000 - 66000 @ 2160), (40)
 
@@ -589,8 +589,8 @@ country IE: DFS-ETSI
 
 country IL: DFS-ETSI
 	(2402 - 2482 @ 40), (20)
-	(5150 - 5250 @ 80), (200 mW), NO-OUTDOOR, AUTO-BW
-	(5250 - 5350 @ 80), (200 mW), NO-OUTDOOR, DFS, AUTO-BW
+	(5150 - 5250 @ 80), (23), NO-OUTDOOR, AUTO-BW
+	(5250 - 5350 @ 80), (23), NO-OUTDOOR, DFS, AUTO-BW
 
 country IN:
 	(2402 - 2482 @ 40), (20)
@@ -639,7 +639,7 @@ country JP: DFS-JP
 	(5490 - 5710 @ 160), (23), DFS
 	# 60 GHz band channels 2-4 at 10mW,
 	# ref: http://www.arib.or.jp/english/html/overview/doc/1-STD-T74v1_1.pdf
-	(59000 - 66000 @ 2160), (10 mW)
+	(59000 - 66000 @ 2160), (10)
 
 country KE: DFS-JP
 	(2402 - 2482 @ 40), (20)
@@ -856,10 +856,10 @@ country MU: DFS-FCC
 # Source:
 # http://www.cam.gov.mv/docs/tech_standards/TAM-TS-100-2004-WLAN.pdf
 country MV: DFS-ETSI
-	(2400 - 2483.5 @ 40), (100 mW)
-	(5150 - 5250 @ 80), (200 mW), AUTO-BW
-	(5250 - 5350 @ 80), (100 mW), DFS, AUTO-BW
-	(5725 - 5850 @ 80), (100 mW)
+	(2400 - 2483.5 @ 40), (20)
+	(5150 - 5250 @ 80), (23), AUTO-BW
+	(5250 - 5350 @ 80), (20), DFS, AUTO-BW
+	(5725 - 5850 @ 80), (20)
 
 country MW: DFS-ETSI
 	(2402 - 2482 @ 40), (20)
@@ -904,7 +904,7 @@ country NL: DFS-ETSI
 	(5250 - 5330 @ 80), (20), NO-OUTDOOR, DFS, AUTO-BW
 	(5490 - 5710 @ 160), (27), DFS
 	# short range devices (ETSI EN 300 440-1)
-	(5725 - 5875 @ 80), (25 mW)
+	(5725 - 5875 @ 80), (14)
 	# 60 GHz band channels 1-4, ref: Etsi En 302 567
 	(57000 - 66000 @ 2160), (40)
 
@@ -914,12 +914,12 @@ country NL: DFS-ETSI
 # Up to 2W (or 4W with TPC) is allowed in the 5725 – 5795 MHz band
 # which has been merged with 5470 - 5725 MHz to allow wide channels
 country NO: DFS-ETSI
-	(2400 - 2483.5 @ 40), (100 mW)
-	(5150 - 5250 @ 80), (200 mW), AUTO-BW
-	(5250 - 5350 @ 80), (100 mW), DFS, AUTO-BW
-	(5470 - 5795 @ 160), (500 mW), DFS
-	(5815 - 5850 @ 35), (2000 mW), DFS
-	(17100 - 17300 @ 200), (100 mW)
+	(2400 - 2483.5 @ 40), (20)
+	(5150 - 5250 @ 80), (23), AUTO-BW
+	(5250 - 5350 @ 80), (20), DFS, AUTO-BW
+	(5470 - 5795 @ 160), (27), DFS
+	(5815 - 5850 @ 35), (33), DFS
+	(17100 - 17300 @ 200), (20)
 	# 60 GHz band channels 1-4, ref: Etsi En 302 567
 	(57000 - 66000 @ 2160), (40)
 
@@ -1044,9 +1044,9 @@ country RO: DFS-ETSI
 # Source:
 # http://www.ratel.rs/upload/documents/Plan_namene/Plan_namene-sl_glasnik.pdf
 country RS: DFS-ETSI
-	(2400 - 2483.5 @ 40), (100 mW)
-	(5150 - 5350 @ 40), (200 mW), NO-OUTDOOR
-	(5470 - 5725 @ 20), (1000 mW), DFS
+	(2400 - 2483.5 @ 40), (20)
+	(5150 - 5350 @ 40), (23), NO-OUTDOOR
+	(5470 - 5725 @ 20), (30), DFS
 	# 60 GHz band channels 1-4, ref: Etsi En 302 567
 	(57000 - 66000 @ 2160), (40)
 
-- 
2.13.5 (Apple Git-94)

^ permalink raw reply related

* Re: [PATCH] drivers/wireless: iwlwifi/mvm: Convert timers to use timer_setup()
From: Luca Coelho @ 2017-10-25  5:33 UTC (permalink / raw)
  To: Kees Cook, Kalle Valo
  Cc: Johannes Berg, Emmanuel Grumbach, Intel Linux Wireless,
	Sara Sharon, linux-wireless, netdev, linux-kernel
In-Reply-To: <20171024092937.GA47262@beast>

On Tue, 2017-10-24 at 02:29 -0700, Kees Cook wrote:
> In preparation for unconditionally passing the struct timer_list
> pointer to
> all timer callbacks, switch to using the new timer_setup() and
> from_timer()
> to pass the timer pointer explicitly.
> 
> The RCU lifetime on baid_data is unclear, so this adds a direct copy
> of the
> rcu_ptr passed to the original callback. It may be possible to
> improve this
> to just use baid_data->mvm->baid_map[baid_data->baid] instead.
> 
> Cc: Johannes Berg <johannes.berg@intel.com>
> Cc: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
> Cc: Luca Coelho <luciano.coelho@intel.com>
> Cc: Intel Linux Wireless <linuxwifi@intel.com>
> Cc: Kalle Valo <kvalo@codeaurora.org>
> Cc: Sara Sharon <sara.sharon@intel.com>
> Cc: linux-wireless@vger.kernel.org
> Cc: netdev@vger.kernel.org
> Signed-off-by: Kees Cook <keescook@chromium.org>
> ---

Thanks, Kees.  I'm taking this for review on our internal tree.  If all
our checks pass, I'll apply it and it will reach the mainline following
our usual upstreaming process.

--
Cheers,
Luca.

^ permalink raw reply


This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox