mac80211: add a few upstream fixes

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 39846

diff --git a/package/kernel/mac80211/patches/300-pending_work.patch b/package/kernel/mac80211/patches/300-pending_work.patch
index 1a68845aae36657400e4b08dbf077dd023219cb1..548f3040248377d8826a35a89e669ac767a92178 100644 (file)
--- a/package/kernel/mac80211/patches/300-pending_work.patch
+++ b/package/kernel/mac80211/patches/300-pending_work.patch
@@ -1,3 +1,66 @@
+commit 31959d8df39319e32c6d5ba9c135727be90cfad7
+Author: Michal Kazior <michal.kazior@tieto.com>
+Date:   Fri Mar 7 08:09:38 2014 +0100
+
+    mac80211: fix possible NULL dereference
+    
+    If chanctx is missing on a given vif then the band
+    is assumed to be 2GHz. However if hw doesn't
+    support 2GHz band then mac80211 ended up with a
+    NULL dereference.
+    
+    This fixes a splat:
+    
+    [ 4605.207223] BUG: unable to handle kernel NULL pointer dereference at 0000000000000018
+    [ 4605.210789] IP: [<ffffffffa07b5635>] ieee80211_parse_bitrates+0x65/0x110 [mac80211]
+    
+    The splat was preceeded by WARN_ON(!chanctx_conf)
+    in ieee80211_get_sdata_band().
+    
+    Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
+
+commit 6c5a3ffa0a2d22c091a2717f427259bacf77ac5e
+Author: Michael Braun <michael-dev@fami-braun.de>
+Date:   Thu Mar 6 15:08:43 2014 +0100
+
+    mac80211: fix WPA with VLAN on AP side with ps-sta again
+    
+    commit de74a1d9032f4d37ea453ad2a647e1aff4cd2591
+      "mac80211: fix WPA with VLAN on AP side with ps-sta"
+    fixed an issue where queued multicast packets would
+    be sent out encrypted with the key of an other bss.
+    
+    commit "7cbf9d017dbb5e3276de7d527925d42d4c11e732"
+      "mac80211: fix oops on mesh PS broadcast forwarding"
+    essentially reverted it, because vif.type cannot be AP_VLAN
+    due to the check to vif.type in ieee80211_get_buffered_bc before.
+    
+    As the later commit intended to fix the MESH case, fix it
+    by checking for IFTYPE_AP instead of IFTYPE_AP_VLAN.
+    
+    Fixes: 7cbf9d017dbb
+    Cc: <stable@vger.kernel.org> # 3.10.x
+    Cc: <stable@vger.kernel.org> # 3.11.x
+    Cc: <stable@vger.kernel.org> # 3.12.x
+    Cc: <stable@vger.kernel.org> # 3.13.x
+    Cc: <linux-wireless@vger.kernel.org>
+    Cc: <projekt-wlan@fem.tu-ilmenau.de>
+    Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
+
+commit 9d6ab9bdb9b368a6cf9519f0f92509b5b2c297ec
+Author: Johannes Berg <johannes.berg@intel.com>
+Date:   Mon Mar 3 14:19:08 2014 +0100
+
+    cfg80211: remove racy beacon_interval assignment
+    
+    In case of AP mode, the beacon interval is already reset to
+    zero inside cfg80211_stop_ap(), and in the other modes it
+    isn't relevant. Remove the assignment to remove a potential
+    race since the assignment isn't properly locked.
+    
+    Reported-by: Michal Kazior <michal.kazior@tieto.com>
+    Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+

 commit 1abdeca3c6fb9cf1f84f85e78ed8d1c33bd69db0
 Author: Felix Fietkau <nbd@openwrt.org>
 Date:   Fri Feb 28 18:52:56 2014 +0100
 commit 1abdeca3c6fb9cf1f84f85e78ed8d1c33bd69db0
 Author: Felix Fietkau <nbd@openwrt.org>
 Date:   Fri Feb 28 18:52:56 2014 +0100


@@ -1487,7 +1550,17 @@ Date:   Thu Jan 23 20:06:34 2014 +0100
  
        __sta_info_flush(sdata, true);
        ieee80211_free_keys(sdata, true);
  
        __sta_info_flush(sdata, true);
        ieee80211_free_keys(sdata, true);

-@@ -2638,6 +2643,24 @@ static int ieee80211_start_roc_work(stru
+@@ -1988,6 +1993,9 @@ static int ieee80211_change_bss(struct w
+ 
+       band = ieee80211_get_sdata_band(sdata);
+ 
++      if (WARN_ON(!wiphy->bands[band]))
++              return -EINVAL;
++
+       if (params->use_cts_prot >= 0) {
+               sdata->vif.bss_conf.use_cts_prot = params->use_cts_prot;
+               changed |= BSS_CHANGED_ERP_CTS_PROT;
+@@ -2638,6 +2646,24 @@ static int ieee80211_start_roc_work(stru

        INIT_DELAYED_WORK(&roc->work, ieee80211_sw_roc_work);
        INIT_LIST_HEAD(&roc->dependents);
  
        INIT_DELAYED_WORK(&roc->work, ieee80211_sw_roc_work);
        INIT_LIST_HEAD(&roc->dependents);
  


@@ -1512,7 +1585,7 @@ Date:   Thu Jan 23 20:06:34 2014 +0100
        /* if there's one pending or we're scanning, queue this one */
        if (!list_empty(&local->roc_list) ||
            local->scanning || local->radar_detect_enabled)
        /* if there's one pending or we're scanning, queue this one */
        if (!list_empty(&local->roc_list) ||
            local->scanning || local->radar_detect_enabled)

-@@ -2772,24 +2795,6 @@ static int ieee80211_start_roc_work(stru
+@@ -2772,24 +2798,6 @@ static int ieee80211_start_roc_work(stru

        if (!queued)
                list_add_tail(&roc->list, &local->roc_list);
  
        if (!queued)
                list_add_tail(&roc->list, &local->roc_list);
  


@@ -1537,7 +1610,7 @@ Date:   Thu Jan 23 20:06:34 2014 +0100
        return 0;
  }
  
        return 0;
  }
  

-@@ -3004,8 +3009,10 @@ void ieee80211_csa_finalize_work(struct 
+@@ -3004,8 +3012,10 @@ void ieee80211_csa_finalize_work(struct 

        if (!ieee80211_sdata_running(sdata))
                goto unlock;
  
        if (!ieee80211_sdata_running(sdata))
                goto unlock;
  


@@ -1549,7 +1622,7 @@ Date:   Thu Jan 23 20:06:34 2014 +0100
        err = ieee80211_vif_change_channel(sdata, &changed);
        mutex_unlock(&local->mtx);
        if (WARN_ON(err < 0))
        err = ieee80211_vif_change_channel(sdata, &changed);
        mutex_unlock(&local->mtx);
        if (WARN_ON(err < 0))

-@@ -3022,13 +3029,13 @@ void ieee80211_csa_finalize_work(struct 
+@@ -3022,13 +3032,13 @@ void ieee80211_csa_finalize_work(struct 

        switch (sdata->vif.type) {
        case NL80211_IFTYPE_AP:
                err = ieee80211_assign_beacon(sdata, sdata->u.ap.next_beacon);
        switch (sdata->vif.type) {
        case NL80211_IFTYPE_AP:
                err = ieee80211_assign_beacon(sdata, sdata->u.ap.next_beacon);


@@ -1566,7 +1639,7 @@ Date:   Thu Jan 23 20:06:34 2014 +0100
                ieee80211_bss_info_change_notify(sdata, err);
                break;
        case NL80211_IFTYPE_ADHOC:
                ieee80211_bss_info_change_notify(sdata, err);
                break;
        case NL80211_IFTYPE_ADHOC:

-@@ -3066,7 +3073,7 @@ int ieee80211_channel_switch(struct wiph
+@@ -3066,7 +3076,7 @@ int ieee80211_channel_switch(struct wiph

        struct ieee80211_if_mesh __maybe_unused *ifmsh;
        int err, num_chanctx;
  
        struct ieee80211_if_mesh __maybe_unused *ifmsh;
        int err, num_chanctx;
  


@@ -1806,6 +1879,15 @@ Date:   Thu Jan 23 20:06:34 2014 +0100
        return 0;
  }
  
        return 0;
  }
  

+@@ -2900,7 +2912,7 @@ ieee80211_get_buffered_bc(struct ieee802
+                               cpu_to_le16(IEEE80211_FCTL_MOREDATA);
+               }
+ 
+-              if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN)
++              if (sdata->vif.type == NL80211_IFTYPE_AP)
+                       sdata = IEEE80211_DEV_TO_SUB_IF(skb->dev);
+               if (!ieee80211_tx_prepare(sdata, &tx, skb))
+                       break;

 --- a/net/mac80211/wpa.c
 +++ b/net/mac80211/wpa.c
 @@ -499,7 +499,7 @@ ieee80211_crypto_ccmp_decrypt(struct iee
 --- a/net/mac80211/wpa.c
 +++ b/net/mac80211/wpa.c
 @@ -499,7 +499,7 @@ ieee80211_crypto_ccmp_decrypt(struct iee


@@ -1857,7 +1939,16 @@ Date:   Thu Jan 23 20:06:34 2014 +0100
        /*
         * There are major locking problems in nl80211/mac80211 for CSA,
         * disable for all drivers until this has been reworked.
        /*
         * There are major locking problems in nl80211/mac80211 for CSA,
         * disable for all drivers until this has been reworked.

-@@ -875,8 +875,11 @@ static int cfg80211_netdev_notifier_call
+@@ -795,8 +795,6 @@ void cfg80211_leave(struct cfg80211_regi
+       default:
+               break;
+       }
+-
+-      wdev->beacon_interval = 0;
+ }
+ 
+ static int cfg80211_netdev_notifier_call(struct notifier_block *nb,
+@@ -875,8 +873,11 @@ static int cfg80211_netdev_notifier_call

                break;
        case NETDEV_DOWN:
                cfg80211_update_iface_num(rdev, wdev->iftype, -1);
                break;
        case NETDEV_DOWN:
                cfg80211_update_iface_num(rdev, wdev->iftype, -1);

diff --git a/package/kernel/mac80211/patches/310-ap_scan.patch b/package/kernel/mac80211/patches/310-ap_scan.patch
index 780c598846dcde5889b33be15f39c0247cdbe425..389a00370d6e5b1363f201676c8b1a0753ef2748 100644 (file)
--- a/package/kernel/mac80211/patches/310-ap_scan.patch
+++ b/package/kernel/mac80211/patches/310-ap_scan.patch
@@ -1,6 +1,6 @@
 --- a/net/mac80211/cfg.c
 +++ b/net/mac80211/cfg.c
 --- a/net/mac80211/cfg.c
 +++ b/net/mac80211/cfg.c

-@@ -2145,7 +2145,7 @@ static int ieee80211_scan(struct wiphy *
+@@ -2148,7 +2148,7 @@ static int ieee80211_scan(struct wiphy *

                 * the  frames sent while scanning on other channel will be
                 * lost)
                 */
                 * the  frames sent while scanning on other channel will be
                 * lost)
                 */

diff --git a/package/kernel/mac80211/patches/520-mac80211_cur_txpower.patch b/package/kernel/mac80211/patches/520-mac80211_cur_txpower.patch
index df620481ff2b75d3937f4fcf5c6fc1a8d7281d6a..6df95bceaec7cb227b46a483c843559f8e521d76 100644 (file)
--- a/package/kernel/mac80211/patches/520-mac80211_cur_txpower.patch
+++ b/package/kernel/mac80211/patches/520-mac80211_cur_txpower.patch
@@ -10,7 +10,7 @@
        u8 uapsd_queues;
 --- a/net/mac80211/cfg.c
 +++ b/net/mac80211/cfg.c
        u8 uapsd_queues;
 --- a/net/mac80211/cfg.c
 +++ b/net/mac80211/cfg.c

-@@ -2326,7 +2326,9 @@ static int ieee80211_get_tx_power(struct
+@@ -2329,7 +2329,9 @@ static int ieee80211_get_tx_power(struct

        struct ieee80211_local *local = wiphy_priv(wiphy);
        struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
  
        struct ieee80211_local *local = wiphy_priv(wiphy);
        struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
  

diff --git a/package/kernel/mac80211/patches/522-mac80211_configure_antenna_gain.patch b/package/kernel/mac80211/patches/522-mac80211_configure_antenna_gain.patch
index 0106b4350793c6b6ceb4e4635004e20b364575ea..308ee6eb7715f36cf2e57eacc6ff50aea5783c41 100644 (file)
--- a/package/kernel/mac80211/patches/522-mac80211_configure_antenna_gain.patch
+++ b/package/kernel/mac80211/patches/522-mac80211_configure_antenna_gain.patch
@@ -57,7 +57,7 @@
        __NL80211_ATTR_AFTER_LAST,
 --- a/net/mac80211/cfg.c
 +++ b/net/mac80211/cfg.c
        __NL80211_ATTR_AFTER_LAST,
 --- a/net/mac80211/cfg.c
 +++ b/net/mac80211/cfg.c

-@@ -2336,6 +2336,19 @@ static int ieee80211_get_tx_power(struct
+@@ -2339,6 +2339,19 @@ static int ieee80211_get_tx_power(struct

        return 0;
  }
  
        return 0;
  }
  


@@ -77,7 +77,7 @@
  static int ieee80211_set_wds_peer(struct wiphy *wiphy, struct net_device *dev,
                                  const u8 *addr)
  {
  static int ieee80211_set_wds_peer(struct wiphy *wiphy, struct net_device *dev,
                                  const u8 *addr)
  {

-@@ -3921,6 +3934,7 @@ struct cfg80211_ops mac80211_config_ops 
+@@ -3924,6 +3937,7 @@ struct cfg80211_ops mac80211_config_ops 

        .set_wiphy_params = ieee80211_set_wiphy_params,
        .set_tx_power = ieee80211_set_tx_power,
        .get_tx_power = ieee80211_get_tx_power,
        .set_wiphy_params = ieee80211_set_wiphy_params,
        .set_tx_power = ieee80211_set_tx_power,
        .get_tx_power = ieee80211_get_tx_power,