1. 11 Sep, 2019 1 commit
    • Jouni Malinen's avatar
      mac80211: Do not send Layer 2 Update frame before authorization · 3e493173
      Jouni Malinen authored
      
      
      The Layer 2 Update frame is used to update bridges when a station roams
      to another AP even if that STA does not transmit any frames after the
      reassociation. This behavior was described in IEEE Std 802.11F-2003 as
      something that would happen based on MLME-ASSOCIATE.indication, i.e.,
      before completing 4-way handshake. However, this IEEE trial-use
      recommended practice document was published before RSN (IEEE Std
      802.11i-2004) and as such, did not consider RSN use cases. Furthermore,
      IEEE Std 802.11F-2003 was withdrawn in 2006 and as such, has not been
      maintained amd should not be used anymore.
      
      Sending out the Layer 2 Update frame immediately after association is
      fine for open networks (and also when using SAE, FT protocol, or FILS
      authentication when the station is actually authenticated by the time
      association completes). However, it is not appropriate for cases where
      RSN is used with PSK or EAP authentication since the station is actually
      fully authenticated only once the 4-way handshake completes after
      authentication and attackers might be able to use the unauthenticated
      triggering of Layer 2 Update frame transmission to disrupt bridge
      behavior.
      
      Fix this by postponing transmission of the Layer 2 Update frame from
      station entry addition to the point when the station entry is marked
      authorized. Similarly, send out the VLAN binding update only if the STA
      entry has already been authorized.
      
      Signed-off-by: default avatarJouni Malinen <jouni@codeaurora.org>
      Reviewed-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3e493173
  2. 19 Jun, 2019 1 commit
  3. 14 Jun, 2019 1 commit
    • Johannes Berg's avatar
      mac80211: use STA info in rate_control_send_low() · bd718fc1
      Johannes Berg authored
      
      
      Even if we have a station, we currently call rate_control_send_low()
      with the NULL station unless further rate control (driver, minstrel)
      has been initialized.
      
      Change this so we can use more information about the station to use
      a better rate. For example, when we associate with an AP, we will
      now use the lowest rate it advertised as supported (that we can)
      rather than the lowest mandatory rate. This aligns our behaviour
      with most other 802.11 implementations.
      
      To make this possible, we need to also ensure that we have non-zero
      rates at all times, so in case we really have *nothing* pre-fill
      the supp_rates bitmap with the very lowest mandatory bitmap (11b
      and 11a on 2.4 and 5 GHz respectively).
      
      Additionally, hostapd appears to be giving us an empty supported
      rates bitmap (it can and should do better, since the STA must have
      supported for at least the basic rates in the BSS), so ignore any
      such bitmaps that would actually zero out the supp_rates, and in
      that case just keep the pre-filled mandatory rates.
      
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: default avatarLuca Coelho <luciano.coelho@intel.com>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      bd718fc1
  4. 26 Apr, 2019 1 commit
    • Alexander Wetzel's avatar
      mac80211: IEEE 802.11 Extended Key ID support · 96fc6efb
      Alexander Wetzel authored
      
      
      Add support for Extended Key ID as defined in IEEE 802.11-2016.
      
       - Implement the nl80211 API for Extended Key ID
       - Extend mac80211 API to allow drivers to support Extended Key ID
       - Enable Extended Key ID by default for drivers only supporting SW
         crypto (e.g. mac80211_hwsim)
       - Allow unicast Tx usage to be supressed (IEEE80211_KEY_FLAG_NO_AUTO_TX)
       - Select the decryption key based on the MPDU keyid
       - Enforce existing assumptions in the code that rekeys don't change the
         cipher
      
      Signed-off-by: default avatarAlexander Wetzel <alexander@wetzel-home.de>
      [remove module parameter]
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      96fc6efb
  5. 08 Apr, 2019 1 commit
  6. 19 Jan, 2019 2 commits
    • Toke Høiland-Jørgensen's avatar
      mac80211: Add airtime accounting and scheduling to TXQs · b4809e94
      Toke Høiland-Jørgensen authored
      
      
      This adds airtime accounting and scheduling to the mac80211 TXQ
      scheduler. A new callback, ieee80211_sta_register_airtime(), is added
      that drivers can call to report airtime usage for stations.
      
      When airtime information is present, mac80211 will schedule TXQs
      (through ieee80211_next_txq()) in a way that enforces airtime fairness
      between active stations. This scheduling works the same way as the ath9k
      in-driver airtime fairness scheduling. If no airtime usage is reported
      by the driver, the scheduler will default to round-robin scheduling.
      
      For drivers that don't control TXQ scheduling in software, a new API
      function, ieee80211_txq_may_transmit(), is added which the driver can use
      to check if the TXQ is eligible for transmission, or should be throttled to
      enforce fairness. Calls to this function must also be enclosed in
      ieee80211_txq_schedule_{start,end}() calls to ensure proper locking.
      
      The API ieee80211_txq_may_transmit() also ensures that TXQ list will be
      aligned aginst driver's own round-robin scheduler list. i.e it rotates
      the TXQ list till it makes the requested node becomes the first entry
      in TXQ list. Thus both the TXQ list and driver's list are in sync.
      
      Co-developed-by: default avatarRajkumar Manoharan <rmanohar@codeaurora.org>
      Signed-off-by: default avatarLouie Lu <git@louie.lu>
      [added debugfs write op to reset airtime counter]
      Signed-off-by: default avatarToke Høiland-Jørgensen <toke@toke.dk>
      Signed-off-by: default avatarRajkumar Manoharan <rmanohar@codeaurora.org>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      b4809e94
    • Toke Høiland-Jørgensen's avatar
      mac80211: Add TXQ scheduling API · 18667600
      Toke Høiland-Jørgensen authored
      
      
      This adds an API to mac80211 to handle scheduling of TXQs. The interface
      between driver and mac80211 for TXQ handling is changed by adding two new
      functions: ieee80211_next_txq(), which will return the next TXQ to schedule
      in the current round-robin rotation, and ieee80211_return_txq(), which the
      driver uses to indicate that it has finished scheduling a TXQ (which will
      then be put back in the scheduling rotation if it isn't empty).
      
      The driver must call ieee80211_txq_schedule_start() at the start of each
      scheduling session, and ieee80211_txq_schedule_end() at the end. The API
      then guarantees that the same TXQ is not returned twice in the same
      session (so a driver can loop on ieee80211_next_txq() without worrying
      about breaking the loop.
      
      Usage of the new API is optional, so drivers can be ported one at a time.
      In this patch, the actual scheduling performed by mac80211 is simple
      round-robin, but a subsequent commit adds airtime fairness awareness to the
      scheduler.
      
      Signed-off-by: default avatarToke Høiland-Jørgensen <toke@toke.dk>
      [minor kernel-doc fix, propagate sparse locking checks out]
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      18667600
  7. 09 Nov, 2018 2 commits
  8. 05 Sep, 2018 1 commit
  9. 29 Aug, 2018 1 commit
    • Balaji Pothunoori's avatar
      cfg80211: clarify frames covered by average ACK signal report · 9c06602b
      Balaji Pothunoori authored
      
      
      Modify the API to include all ACK frames in average ACK
      signal strength reporting, not just ACKs for data frames.
      Make exposing the data conditional on implementing the
      extended feature flag.
      
      This is how it was really implemented in mac80211, update
      the code there to use the new defines and clean up some of
      the setting code.
      
      Keep nl80211.h source compatibility by keeping the old names.
      
      Signed-off-by: default avatarBalaji Pothunoori <bpothuno@codeaurora.org>
      [rewrite commit log, change compatibility to be old=new
       instead of the other way around, update kernel-doc,
       roll in mac80211 changes, make mac80211 depend on valid
       bit instead of HW flag]
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      9c06602b
  10. 29 Jun, 2018 1 commit
    • Omer Efrat's avatar
      mac80211: use BIT_ULL for NL80211_STA_INFO_* attribute types · a4217750
      Omer Efrat authored
      
      
      The BIT macro uses unsigned long which some architectures handle as 32 bit
      and therefore might cause macro's shift to overflow when used on a value
      equals or larger than 32 (NL80211_STA_INFO_RX_DURATION and afterwards).
      
      Since 'filled' member in station_info changed to u64, BIT_ULL macro
      should be used with all NL80211_STA_INFO_* attribute types instead of BIT
      to prevent future possible bugs when one will use BIT macro for higher
      attributes by mistake.
      
      This commit cleans up all usages of BIT macro with the above field
      in mac80211 by changing it to BIT_ULL instead.
      
      Signed-off-by: default avatarOmer Efrat <omer.efrat@tandemg.com>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      a4217750
  11. 18 Jun, 2018 1 commit
  12. 15 Jun, 2018 1 commit
  13. 18 May, 2018 2 commits
  14. 08 May, 2018 1 commit
  15. 07 May, 2018 2 commits
  16. 19 Feb, 2018 3 commits
  17. 19 Dec, 2017 2 commits
  18. 11 Dec, 2017 2 commits
    • Toke Høiland-Jørgensen's avatar
      mac80211: Add airtime account and scheduling to TXQs · b0d52ad8
      Toke Høiland-Jørgensen authored
      
      
      This adds airtime accounting and scheduling to the mac80211 TXQ
      scheduler. A new hardware flag, AIRTIME_ACCOUNTING, is added that
      drivers can set if they support reporting airtime usage of
      transmissions. When this flag is set, mac80211 will expect the actual
      airtime usage to be reported in the tx_time and rx_time fields of the
      respective status structs.
      
      When airtime information is present, mac80211 will schedule TXQs
      (through ieee80211_next_txq()) in a way that enforces airtime fairness
      between active stations. This scheduling works the same way as the ath9k
      in-driver airtime fairness scheduling.
      
      Signed-off-by: default avatarToke Høiland-Jørgensen <toke@toke.dk>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      b0d52ad8
    • Toke Høiland-Jørgensen's avatar
      mac80211: Add TXQ scheduling API · e937b8da
      Toke Høiland-Jørgensen authored
      
      
      This adds an API to mac80211 to handle scheduling of TXQs and changes the
      interface between driver and mac80211 for TXQ handling as follows:
      
      - The wake_tx_queue callback interface no longer includes the TXQ. Instead,
        the driver is expected to retrieve that from ieee80211_next_txq()
      
      - Two new mac80211 functions are added: ieee80211_next_txq() and
        ieee80211_schedule_txq(). The former returns the next TXQ that should be
        scheduled, and is how the driver gets a queue to pull packets from. The
        latter is called internally by mac80211 to start scheduling a queue, and
        the driver is supposed to call it to re-schedule the TXQ after it is
        finished pulling packets from it (unless the queue emptied).
      
      The ath9k and ath10k drivers are changed to use the new API.
      
      Signed-off-by: default avatarToke Høiland-Jørgensen <toke@toke.dk>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      e937b8da
  19. 20 Nov, 2017 2 commits
    • Kees Cook's avatar
      mac80211: aggregation: Convert timers to use timer_setup() · 7cca2acd
      Kees Cook authored
      
      
      In preparation for unconditionally passing the struct timer_list pointer to
      all timer callbacks, switch to using the new timer_setup() and from_timer()
      to pass the timer pointer explicitly.
      
      This removes the tid mapping array and expands the tid structures to
      add a pointer back to the station, along with the tid index itself.
      
      Cc: Johannes Berg <johannes@sipsolutions.net>
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: linux-wireless@vger.kernel.org
      Cc: netdev@vger.kernel.org
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      [switch tid variables to u8, the valid range is 0-15 at most,
       initialize tid_tx->sta/tid properly]
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      7cca2acd
    • Kees Cook's avatar
      mac80211: Convert timers to use timer_setup() · 34f11cd3
      Kees Cook authored
      
      
      In preparation for unconditionally passing the struct timer_list pointer to
      all timer callbacks, switch to using the new timer_setup() and from_timer()
      to pass the timer pointer explicitly.
      
      Cc: Johannes Berg <johannes@sipsolutions.net>
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: linux-wireless@vger.kernel.org
      Cc: netdev@vger.kernel.org
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      34f11cd3
  20. 25 Oct, 2017 1 commit
    • Mark Rutland's avatar
      locking/atomics: COCCINELLE/treewide: Convert trivial ACCESS_ONCE() patterns... · 6aa7de05
      Mark Rutland authored
      
      locking/atomics: COCCINELLE/treewide: Convert trivial ACCESS_ONCE() patterns to READ_ONCE()/WRITE_ONCE()
      
      Please do not apply this to mainline directly, instead please re-run the
      coccinelle script shown below and apply its output.
      
      For several reasons, it is desirable to use {READ,WRITE}_ONCE() in
      preference to ACCESS_ONCE(), and new code is expected to use one of the
      former. So far, there's been no reason to change most existing uses of
      ACCESS_ONCE(), as these aren't harmful, and changing them results in
      churn.
      
      However, for some features, the read/write distinction is critical to
      correct operation. To distinguish these cases, separate read/write
      accessors must be used. This patch migrates (most) remaining
      ACCESS_ONCE() instances to {READ,WRITE}_ONCE(), using the following
      coccinelle script:
      
      ----
      // Convert trivial ACCESS_ONCE() uses to equivalent READ_ONCE() and
      // WRITE_ONCE()
      
      // $ make coccicheck COCCI=/home/mark/once.cocci SPFLAGS="--include-headers" MODE=patch
      
      virtual patch
      
      @ depends on patch @
      expression E1, E2;
      @@
      
      - ACCESS_ONCE(E1) = E2
      + WRITE_ONCE(E1, E2)
      
      @ depends on patch @
      expression E;
      @@
      
      - ACCESS_ONCE(E)
      + READ_ONCE(E)
      ----
      
      Signed-off-by: Mark Rutland's avatarMark Rutland <mark.rutland@arm.com>
      Signed-off-by: default avatarPaul E. McKenney <paulmck@linux.vnet.ibm.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: davem@davemloft.net
      Cc: linux-arch@vger.kernel.org
      Cc: mpe@ellerman.id.au
      Cc: shuah@kernel.org
      Cc: snitzer@redhat.com
      Cc: thor.thayer@linux.intel.com
      Cc: tj@kernel.org
      Cc: viro@zeniv.linux.org.uk
      Cc: will.deacon@arm.com
      Link: http://lkml.kernel.org/r/1508792849-3115-19-git-send-email-paulmck@linux.vnet.ibm.com
      
      
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      6aa7de05
  21. 06 Oct, 2017 1 commit
    • Kees Cook's avatar
      net/mac80211/mesh_plink: Convert timers to use timer_setup() · 4c02d62f
      Kees Cook authored
      
      
      In preparation for unconditionally passing the struct timer_list pointer to
      all timer callbacks, switch to using the new timer_setup() and from_timer()
      to pass the timer pointer explicitly. This requires adding a pointer back
      to the sta_info since container_of() can't resolve the sta_info.
      
      Cc: Johannes Berg <johannes@sipsolutions.net>
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: linux-wireless@vger.kernel.org
      Cc: netdev@vger.kernel.org
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      4c02d62f
  22. 21 Sep, 2017 1 commit
  23. 16 Jun, 2017 1 commit
    • Johannes Berg's avatar
      networking: make skb_put & friends return void pointers · 4df864c1
      Johannes Berg authored
      
      
      It seems like a historic accident that these return unsigned char *,
      and in many places that means casts are required, more often than not.
      
      Make these functions (skb_put, __skb_put and pskb_put) return void *
      and remove all the casts across the tree, adding a (u8 *) cast only
      where the unsigned char pointer was used directly, all done with the
      following spatch:
      
          @@
          expression SKB, LEN;
          typedef u8;
          identifier fn = { skb_put, __skb_put };
          @@
          - *(fn(SKB, LEN))
          + *(u8 *)fn(SKB, LEN)
      
          @@
          expression E, SKB, LEN;
          identifier fn = { skb_put, __skb_put };
          type T;
          @@
          - E = ((T *)(fn(SKB, LEN)))
          + E = fn(SKB, LEN)
      
      which actually doesn't cover pskb_put since there are only three
      users overall.
      
      A handful of stragglers were converted manually, notably a macro in
      drivers/isdn/i4l/isdn_bsdcomp.c and, oddly enough, one of the many
      instances in net/bluetooth/hci_sock.c. In the former file, I also
      had to fix one whitespace problem spatch introduced.
      
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4df864c1
  24. 01 Jun, 2017 1 commit
  25. 17 May, 2017 1 commit
    • Toke Høiland-Jørgensen's avatar
      mac80211: Dynamically set CoDel parameters per station · 484a54c2
      Toke Høiland-Jørgensen authored
      
      
      CoDel can be too aggressive if a station sends at a very low rate,
      leading reduced throughput. This gets worse the more stations are
      present, as each station gets more bursty the longer the round-robin
      scheduling between stations takes.
      
      This adds dynamic adjustment of CoDel parameters per station. It uses
      the rate selection information to estimate throughput and sets more
      lenient CoDel parameters if the estimated throughput is below a
      threshold (modified by the number of active stations).
      
      A new callback is added that drivers can use to notify mac80211 about
      changes in expected throughput, so the same adjustment can be made for
      cards that implement rate control in firmware. Drivers that don't use
      this will just get the default parameters.
      
      Signed-off-by: default avatarToke Høiland-Jørgensen <toke@toke.dk>
      [remove currently unnecessary EXPORT_SYMBOL, fix kernel-doc, remove
      inline annotation]
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      484a54c2
  26. 28 Apr, 2017 2 commits
    • Mohammed Shafi Shajakhan's avatar
      mac80211: Fix possible sband related NULL pointer de-reference · 21a8e9dd
      Mohammed Shafi Shajakhan authored
      Existing API 'ieee80211_get_sdata_band' returns default 2 GHz band even
      if the channel context configuration is NULL. This crashes for chipsets
      which support 5 Ghz alone when it tries to access members of 'sband'.
      Channel context configuration can be NULL in multivif case and when
      channel switch is in progress (or) when it fails. Fix this by replacing
      the API 'ieee80211_get_sdata_band' with  'ieee80211_get_sband' which
      returns a NULL pointer for sband when the channel configuration is NULL.
      
      An example scenario is as below:
      
      In multivif mode (AP + STA) with drivers like ath10k, when we do a
      channel switch in the AP vif (which has a number of clients connected)
      and a STA vif which is connected to some other AP, when the channel
      switch in AP vif fails, while the STA vifs tries to connect to the
      other AP, there is a window where the channel context is NULL/invalid
      and this results in a crash  while the clients connected to the AP vif
      tries to reconnect and this race is very similar to the one investigated
      by Michal in https://patchwork.kernel.org/patch/3788161/
      
       and this does
      happens with hardware that supports 5Ghz alone after long hours of
      testing with continuous channel switch on the AP vif
      
      ieee80211 phy0: channel context reservation cannot be finalized because
      some interfaces aren't switching
      wlan0: failed to finalize CSA, disconnecting
      wlan0-1: deauthenticating from 8c:fd:f0:01:54:9c by local choice
      	(Reason: 3=DEAUTH_LEAVING)
      
      	WARNING: CPU: 1 PID: 19032 at net/mac80211/ieee80211_i.h:1013 sta_info_alloc+0x374/0x3fc [mac80211]
      	[<bf77272c>] (sta_info_alloc [mac80211])
      	[<bf78776c>] (ieee80211_add_station [mac80211]))
      	[<bf73cc50>] (nl80211_new_station [cfg80211])
      
      	Unable to handle kernel NULL pointer dereference at virtual
      	address 00000014
      	pgd = d5f4c000
      	Internal error: Oops: 17 [#1] PREEMPT SMP ARM
      	PC is at sta_info_alloc+0x380/0x3fc [mac80211]
      	LR is at sta_info_alloc+0x37c/0x3fc [mac80211]
      	[<bf772738>] (sta_info_alloc [mac80211])
      	[<bf78776c>] (ieee80211_add_station [mac80211])
      	[<bf73cc50>] (nl80211_new_station [cfg80211]))
      
      Cc: Michal Kazior <michal.kazior@tieto.com>
      Signed-off-by: default avatarMohammed Shafi Shajakhan <mohammed@qti.qualcomm.com>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      21a8e9dd
    • Johannes Berg's avatar
      mac80211: use bitfield macros for encoded rate · dcba665b
      Johannes Berg authored
      
      
      Instead of hand-coding the bit manipulations, use the bitfield
      macros to generate the code for the encoded bitrate.
      
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      dcba665b
  27. 06 Mar, 2017 1 commit
  28. 27 Feb, 2017 2 commits
    • Sara Sharon's avatar
      mac80211: shorten debug message · 2595d259
      Sara Sharon authored
      
      
      Tracing is limited to 100 characters and this message passes
      the limit when there are a few buffered frames. Shorten it.
      
      Signed-off-by: default avatarSara Sharon <sara.sharon@intel.com>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      2595d259
    • Emmanuel Grumbach's avatar
      mac80211: fix power saving clients handling in iwlwifi · d98937f4
      Emmanuel Grumbach authored
      iwlwifi now supports RSS and can't let mac80211 track the
      PS state based on the Rx frames since they can come out of
      order. iwlwifi is now advertising AP_LINK_PS, and uses
      explicit notifications to teach mac80211 about the PS state
      of the stations and the PS poll / uAPSD trigger frames
      coming our way from the peers.
      
      Because of that, the TIM stopped being maintained in
      mac80211. I tried to fix this in commit c68df2e7
      ("mac80211: allow using AP_LINK_PS with mac80211-generated TIM IE")
      but that was later reverted by Felix in commit 6c18a6b4
      
      
      ("Revert "mac80211: allow using AP_LINK_PS with mac80211-generated TIM IE")
      since it broke drivers that do not implement set_tim.
      
      Since none of the drivers that set AP_LINK_PS have the
      set_tim() handler set besides iwlwifi, I can bail out in
      __sta_info_recalc_tim if AP_LINK_PS AND .set_tim is not
      implemented.
      
      Signed-off-by: default avatarEmmanuel Grumbach <emmanuel.grumbach@intel.com>
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      d98937f4
  29. 11 Jan, 2017 1 commit