Commit bba42c78 authored by Kalle Valo's avatar Kalle Valo

Merge tag 'iwlwifi-for-kalle-2016-06-10' of...

Merge tag 'iwlwifi-for-kalle-2016-06-10' of git://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/iwlwifi-fixes

* fix the scan timeout for long scans
* fix an RCU splat caused when updating the TKIP key
* fix a potential NULL-derefence introduced recently
* fix a IGTK key bug that has existed since the MVM driver was introduced
* fix some fw capabilities checks that got accidentally inverted
parents 182fd9ee 280a3efa
...@@ -3851,8 +3851,8 @@ static int iwl_mvm_mac_get_survey(struct ieee80211_hw *hw, int idx, ...@@ -3851,8 +3851,8 @@ static int iwl_mvm_mac_get_survey(struct ieee80211_hw *hw, int idx,
if (idx != 0) if (idx != 0)
return -ENOENT; return -ENOENT;
if (fw_has_capa(&mvm->fw->ucode_capa, if (!fw_has_capa(&mvm->fw->ucode_capa,
IWL_UCODE_TLV_CAPA_RADIO_BEACON_STATS)) IWL_UCODE_TLV_CAPA_RADIO_BEACON_STATS))
return -ENOENT; return -ENOENT;
mutex_lock(&mvm->mutex); mutex_lock(&mvm->mutex);
...@@ -3898,8 +3898,8 @@ static void iwl_mvm_mac_sta_statistics(struct ieee80211_hw *hw, ...@@ -3898,8 +3898,8 @@ static void iwl_mvm_mac_sta_statistics(struct ieee80211_hw *hw,
struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif); struct iwl_mvm_vif *mvmvif = iwl_mvm_vif_from_mac80211(vif);
struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta); struct iwl_mvm_sta *mvmsta = iwl_mvm_sta_from_mac80211(sta);
if (fw_has_capa(&mvm->fw->ucode_capa, if (!fw_has_capa(&mvm->fw->ucode_capa,
IWL_UCODE_TLV_CAPA_RADIO_BEACON_STATS)) IWL_UCODE_TLV_CAPA_RADIO_BEACON_STATS))
return; return;
/* if beacon filtering isn't on mac80211 does it anyway */ /* if beacon filtering isn't on mac80211 does it anyway */
......
...@@ -581,7 +581,7 @@ static bool iwl_mvm_reorder(struct iwl_mvm *mvm, ...@@ -581,7 +581,7 @@ static bool iwl_mvm_reorder(struct iwl_mvm *mvm,
struct iwl_rx_mpdu_desc *desc) struct iwl_rx_mpdu_desc *desc)
{ {
struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
struct iwl_mvm_sta *mvm_sta = iwl_mvm_sta_from_mac80211(sta); struct iwl_mvm_sta *mvm_sta;
struct iwl_mvm_baid_data *baid_data; struct iwl_mvm_baid_data *baid_data;
struct iwl_mvm_reorder_buffer *buffer; struct iwl_mvm_reorder_buffer *buffer;
struct sk_buff *tail; struct sk_buff *tail;
...@@ -604,6 +604,8 @@ static bool iwl_mvm_reorder(struct iwl_mvm *mvm, ...@@ -604,6 +604,8 @@ static bool iwl_mvm_reorder(struct iwl_mvm *mvm,
if (WARN_ON(IS_ERR_OR_NULL(sta))) if (WARN_ON(IS_ERR_OR_NULL(sta)))
return false; return false;
mvm_sta = iwl_mvm_sta_from_mac80211(sta);
/* not a data packet */ /* not a data packet */
if (!ieee80211_is_data_qos(hdr->frame_control) || if (!ieee80211_is_data_qos(hdr->frame_control) ||
is_multicast_ether_addr(hdr->addr1)) is_multicast_ether_addr(hdr->addr1))
......
...@@ -1222,7 +1222,7 @@ static int iwl_mvm_check_running_scans(struct iwl_mvm *mvm, int type) ...@@ -1222,7 +1222,7 @@ static int iwl_mvm_check_running_scans(struct iwl_mvm *mvm, int type)
return -EIO; return -EIO;
} }
#define SCAN_TIMEOUT (16 * HZ) #define SCAN_TIMEOUT (20 * HZ)
void iwl_mvm_scan_timeout(unsigned long data) void iwl_mvm_scan_timeout(unsigned long data)
{ {
......
...@@ -1852,12 +1852,18 @@ static struct iwl_mvm_sta *iwl_mvm_get_key_sta(struct iwl_mvm *mvm, ...@@ -1852,12 +1852,18 @@ static struct iwl_mvm_sta *iwl_mvm_get_key_sta(struct iwl_mvm *mvm,
mvmvif->ap_sta_id != IWL_MVM_STATION_COUNT) { mvmvif->ap_sta_id != IWL_MVM_STATION_COUNT) {
u8 sta_id = mvmvif->ap_sta_id; u8 sta_id = mvmvif->ap_sta_id;
sta = rcu_dereference_check(mvm->fw_id_to_mac_id[sta_id],
lockdep_is_held(&mvm->mutex));
/* /*
* It is possible that the 'sta' parameter is NULL, * It is possible that the 'sta' parameter is NULL,
* for example when a GTK is removed - the sta_id will then * for example when a GTK is removed - the sta_id will then
* be the AP ID, and no station was passed by mac80211. * be the AP ID, and no station was passed by mac80211.
*/ */
return iwl_mvm_sta_from_staid_protected(mvm, sta_id); if (IS_ERR_OR_NULL(sta))
return NULL;
return iwl_mvm_sta_from_mac80211(sta);
} }
return NULL; return NULL;
...@@ -1955,6 +1961,14 @@ static int iwl_mvm_send_sta_igtk(struct iwl_mvm *mvm, ...@@ -1955,6 +1961,14 @@ static int iwl_mvm_send_sta_igtk(struct iwl_mvm *mvm,
struct ieee80211_key_seq seq; struct ieee80211_key_seq seq;
const u8 *pn; const u8 *pn;
switch (keyconf->cipher) {
case WLAN_CIPHER_SUITE_AES_CMAC:
igtk_cmd.ctrl_flags |= cpu_to_le32(STA_KEY_FLG_CCM);
break;
default:
return -EINVAL;
}
memcpy(igtk_cmd.IGTK, keyconf->key, keyconf->keylen); memcpy(igtk_cmd.IGTK, keyconf->key, keyconf->keylen);
ieee80211_get_key_rx_seq(keyconf, 0, &seq); ieee80211_get_key_rx_seq(keyconf, 0, &seq);
pn = seq.aes_cmac.pn; pn = seq.aes_cmac.pn;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment