summaryrefslogtreecommitdiffstats
path: root/net/mac80211/key.c
Commit message (Collapse)AuthorAgeFilesLines
* mac80211: add op to configure default key idYoni Divinsky2013-01-181-1/+4
| | | | | | | | | | | | | | | There are hardwares which support offload of data packets for example when auto ARP is enabled the hw will send the ARP response. In such cases if WEP encryption is configured the hw must know the default WEP key in order to encrypt the packets correctly. When hw_accel is enabled and encryption type is set to WEP, the driver should get the default key index from mac80211. Signed-off-by: Yoni Divinsky <yoni.divinsky@ti.com> [cleanups, fixes, documentation] Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: introduce IEEE80211_NUM_TIDS and use itJohannes Berg2012-11-191-5/+5
| | | | | | | | | Introduce IEEE80211_NUM_TIDS in the generic 802.11 header file and use it in place of STA_TID_NUM and NUM_RX_DATA_QUEUES which are both really the number of TIDs. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: use CMAC_PN_LENJohannes Berg2012-11-191-2/+3
| | | | | | Instead of hardcoding its value (6), use the constant. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: use synchronize_net() on key destroyingEliad Peller2012-09-061-1/+1
| | | | | | | | | | | | __ieee80211_key_destroy() calls synchronize_rcu() in order to sync the tx path before destroying the key. However, synching the tx path can be done with synchronize_net() as well, which is usually faster (the timing might be important for roaming scenarios). Signed-off-by: Eliad Peller <eliad@wizery.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: remove ieee80211_key_removedJohannes Berg2012-07-091-20/+0
| | | | | | | | | | This API call was intended to be used by drivers if they want to optimize key handling by removing one key when another is added. Remove it since no driver is using it. If needed, it can always be added back. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: clean up debuggingJohannes Berg2012-06-241-2/+2
| | | | | | | | | | | | | | | | | | There are a few things that make the logging and debugging in mac80211 less useful than it should be right now: * a lot of messages should be pr_info, not pr_debug * wholesale use of pr_debug makes it require *both* Kconfig and dynamic configuration * there are still a lot of ifdefs * the style is very inconsistent, sometimes the sdata->name is printed in front Clean up everything, introducing new macros and separating out the station MLME debugging into a new Kconfig symbol. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: clean up asm/unaligned.h inclusionJohannes Berg2012-02-271-0/+1
| | | | | | | | | | | Some files implicitly get this via mesh.h which itself doesn't need it, so move the inclusion into the right files. Some other files don't need it at all but include it, so remove it from there. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: dont program keys for stations not uploadedJohannes Berg2012-02-061-16/+14
| | | | | | | | | | If a station couldn't be uploaded to the driver but is still kept (only in IBSS mode) we still shouldn't try to program the keys for it into hardware; fix this bug by skipping the key upload in this case. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: simplify AP_VLAN handlingJohannes Berg2012-02-061-8/+0
| | | | | | | | | | | | | | Setting keys and updating TKIP keys must use the BSS sdata (not AP_VLAN), so we translate. Move the translation into driver-ops wrappers instead of having it inline in the code to simplify the normal code flow. The same can be done for sta_add/remove which already does the translation in the wrapper. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* Merge branch 'master' of ↵John W. Linville2011-11-171-2/+7
|\ | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem Conflicts: include/net/bluetooth/bluetooth.h
| * mac80211: support adding IV-room in the skb for CCMP keysArik Nemtsov2011-11-081-2/+7
| | | | | | | | | | | | | | | | | | Some cards can generate CCMP IVs in HW, but require the space for the IV to be pre-allocated in the frame at the correct offset. Add a key flag that allows us to achieve this. Signed-off-by: Arik Nemtsov <arik@wizery.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modulesPaul Gortmaker2011-10-311-0/+1
|/ | | | | | | | | These files are non modular, but need to export symbols using the macros now living in export.h -- call out the include so that things won't break when we remove the implicit presence of module.h from everywhere. Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
* mac80211: optimise station flagsJohannes Berg2011-09-301-2/+2
| | | | | | | | | | | | | | | | | | | | The flaglock in struct sta_info has long been something that I wanted to get rid of, this finally does the conversion to atomic bitops. The conversion itself is straight-forward in most places, a few things needed to change a bit since we can no longer use multiple bits at the same time. On x86-64, this is a fairly significant code size reduction: text data bss dec hex 427861 23648 1008 452517 6e7a5 before 425383 23648 976 450007 6ddd7 after Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: let key iteration get keys in install orderJohannes Berg2011-07-151-1/+1
| | | | | | | | | | | ieee80211_iter_keys() currently returns keys in the backward order they were installed in, which is a bit confusing. Add them to the tail of the key list to make sure iterations go in the same order that keys were originally installed in. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: allow drivers to access key sequence counterJohannes Berg2011-07-081-0/+74
| | | | | | | | | | | In order to implement GTK rekeying, the device needs to be able to encrypt frames with the right PN/IV and check the PN/IV in RX frames. To be able to tell it about all those counters, we need to be able to get them from mac80211, this adds the required API. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: fix TKIP races, make API easier to useJohannes Berg2011-07-081-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Our current TKIP code races against itself on TX since we can process multiple packets at the same time on different ACs, but they all share the TX context for TKIP. This can lead to bad IVs etc. Also, the crypto offload helper code just obtains the P1K/P2K from the cache, and can update it as well, but there's no guarantee that packets are really processed in order. To fix these issues, first introduce a spinlock that will protect the IV16/IV32 values in the TX context. This first step makes sure that we don't assign the same IV multiple times or get confused in other ways. Secondly, change the way the P1K cache works. I add a field "p1k_iv32" that stores the value of the IV32 when the P1K was last recomputed, and if different from the last time, then a new P1K is recomputed. This can cause the P1K computation to flip back and forth if packets are processed out of order. All this also happens under the new spinlock. Finally, because there are argument differences, split up the ieee80211_get_tkip_key() API into ieee80211_get_tkip_p1k() and ieee80211_get_tkip_p2k() and give them the correct arguments. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: support GTK rekey offloadJohannes Berg2011-07-061-0/+12
| | | | | | | | | This adds the necessary mac80211 APIs to support GTK rekey offload, mirroring the functionality from cfg80211. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: allow driver to iterate keysJohannes Berg2011-07-061-0/+33
| | | | | | | | | | | When in suspend/wowlan, devices might implement crypto offload differently (more features), and might require reprogramming keys for the WoWLAN (as it is the case for Intel devices that use another uCode image). Thus allow the driver to iterate all keys in this context. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: Skip tailroom reservation for full HW-crypto devices with race fixYogesh Ashok Powar2011-07-051-2/+49
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Based on inputs from Johannes Berg <johannes@sipsolutions.net> from http://article.gmane.org/gmane.linux.kernel.wireless.general/68193 and http://article.gmane.org/gmane.linux.kernel.wireless.general/71702 In xmit path, devices that do full hardware crypto (including MMIC and ICV) need no tailroom. For such devices, tailroom reservation can be skipped if all the keys are programmed into the hardware (i.e software crypto is not used for any of the keys) and none of the keys wants software to generate Michael MIC and IV. v2: Added check for IV along with MMIC. Reported-by: Fabio Rossi <rossi.f@inwind.it> Tested-by: Fabio Rossi <rossi.f@inwind.it> Signed-off-by: Mohammed Shafi Shajakhan <mshajakhan@atheros.com> Cc: Mohammed Shafi Shajakhan <mshajakhan@atheros.com> v3: Fixing races to avoid WARNING: at net/mac80211/wpa.c:397 ccmp_encrypt_skb+0xc4/0x1f0 Reported-by: Andreas Hartmann <andihartmann@01019freenet.de> Tested-by: Andreas Hartmann <andihartmann@01019freenet.de> v4: Added links with message ID Signed-off-by: Yogesh Ashok Powar <yogeshp@marvell.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* Revert "mac80211: Skip tailroom reservation for full HW-crypto devices"John W. Linville2011-06-061-19/+2
| | | | | | | | | | | | | | | This reverts commit aac6af5534fade2b18682a0b9efad1a6c04c34c6. Conflicts: net/mac80211/key.c That commit has a race that causes a warning, as documented in the thread here: http://marc.info/?l=linux-wireless&m=130717684914101&w=2 Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: sparse RCU annotationsJohannes Berg2011-05-161-8/+14
| | | | | | | | | | | | | | | | | | This adds sparse RCU annotations to most of mac80211, only the mesh code remains to be done. Due the the previous patches, the annotations are pretty simple. The only thing that this actually changes is removing the RCU usage of key->sta in debugfs since this pointer isn't actually an RCU-managed pointer (it only has a single assignment done before the key even goes live). As that is otherwise harmless, I decided to make it part of this patch. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: make key locking clearerJohannes Berg2011-05-121-4/+4
| | | | | | | | | | | | | The code in ieee80211_del_key() doesn't acquire the key_mtx properly when it dereferences the keys. It turns out that isn't actually necessary since the key_mtx itself seems to be redundant since all key manipulations are done under the RTNL, but as long as we have the key_mtx we should use it the right way too. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: Fix a warning due to skipping tailroom reservation for IVMohammed Shafi Shajakhan2011-05-051-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The devices that require IV generation in software need tailroom reservation for ICVs used in TKIP or WEP encryptions. Currently, decision to skip the tailroom reservation in the tx path was taken only on whether driver wants MMIC to be generated in software or not. Following patch appends IV generation check for such decisions and fixes the following warning. WARNING: at net/mac80211/wep.c:101 ieee80211_wep_add_iv+0x56/0xf3() Hardware name: 64756D6 Modules linked in: ath9k ath9k_common ath9k_hw Pid: 0, comm: swapper Tainted: G W 2.6.39-rc5-wl Call Trace: [<c102fd29>] warn_slowpath_common+0x65/0x7a [<c1465c4e>] ? ieee80211_wep_add_iv+0x56/0xf3 [<c102fd4d>] warn_slowpath_null+0xf/0x13 [<c1465c4e>] ieee80211_wep_add_iv+0x56/0xf3 [<c1466007>] ieee80211_crypto_wep_encrypt+0x63/0x88 [<c1478bf3>] ieee80211_tx_h_encrypt+0x2f/0x63 [<c1478cba>] invoke_tx_handlers+0x93/0xe1 [<c1478eda>] ieee80211_tx+0x4b/0x6d [<c147907c>] ieee80211_xmit+0x180/0x188 [<c147779d>] ? ieee80211_skb_resize+0x95/0xd9 [<c1479edf>] ieee80211_subif_start_xmit+0x64f/0x668 [<c13956fc>] dev_hard_start_xmit+0x368/0x48c [<c13a8bd6>] sch_direct_xmit+0x4d/0x101 [<c1395ae1>] dev_queue_xmit+0x2c1/0x43f [<c13a74a2>] ? eth_header+0x1e/0x90 [<c13a7400>] ? eth_type_trans+0x91/0xc2 [<c13a7484>] ? eth_rebuild_header+0x53/0x53 [<c139f079>] neigh_resolve_output+0x223/0x27e [<c13c6b23>] ip_finish_output2+0x1d4/0x1fe [<c13c6bc6>] ip_finish_output+0x79/0x7d [<c13c6cbe>] T.1075+0x43/0x48 [<c13c6e6e>] ip_output+0x75/0x7b [<c13c4970>] dst_output+0xc/0xe [<c13c62c9>] ip_local_out+0x17/0x1a [<c13c67bb>] ip_queue_xmit+0x2aa/0x2f8 [<c138b742>] ? sk_setup_caps+0x21/0x92 [<c13d95ea>] ? __tcp_v4_send_check+0x7e/0xb7 [<c13d5d2e>] tcp_transmit_skb+0x6a1/0x6d7 [<c13d533b>] ? tcp_established_options+0x20/0x8b [<c13d6f28>] tcp_retransmit_skb+0x43a/0x527 [<c13d8d6d>] tcp_retransmit_timer+0x32e/0x45d [<c13d8f23>] tcp_write_timer+0x87/0x16c [<c103a030>] run_timer_softirq+0x156/0x1f9 [<c13d8e9c>] ? tcp_retransmit_timer+0x45d/0x45d [<c1034d65>] __do_softirq+0x97/0x14a [<c1034cce>] ? irq_enter+0x4d/0x4d Cc: Yogesh Powar <yogeshp@marvell.com> Reported-by: Fabio Rossi <rossi.f@inwind.it> Tested-by: Fabio Rossi <rossi.f@inwind.it> Signed-off-by: Mohammed Shafi Shajakhan <mshajakhan@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: Skip tailroom reservation for full HW-crypto devicesYogesh Ashok Powar2011-04-281-2/+17
| | | | | | | | | | | | In xmit path, devices that do full hardware crypto (including TKIP MMIC) need no tailroom. For such devices, tailroom reservation can be skipped if all the keys are programmed into the hardware (i.e software crypto is not used for any of the keys) and none of the keys wants software to generate Michael MIC. Signed-off-by: Yogesh Ashok Powar <yogeshp@marvell.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: fix possible NULL pointer dereferenceMariusz Kozlowski2011-03-281-1/+2
| | | | | | | | | This patch moves 'key' dereference after BUG_ON(!key) so that when key is NULL we will see proper trace instead of oops. Signed-off-by: Mariusz Kozlowski <mk@lab.zgora.pl> Acked-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: fix NULL pointer dereference in ieee80211_key_alloc()Petr Štetiar2011-03-281-2/+2
| | | | | | | | | | | | | | | | | | | | The ieee80211_key struct can be kfree()d several times in the function, for example if some of the key setup functions fails beforehand, but there's no check if the struct is still valid before we call memcpy() and INIT_LIST_HEAD() on it. In some cases (like it was in my case), if there's missing aes-generic module it could lead to the following kernel OOPS: Unable to handle kernel NULL pointer dereference at virtual address 0000018c .... PC is at memcpy+0x80/0x29c ... Backtrace: [<bf11c5e4>] (ieee80211_key_alloc+0x0/0x234 [mac80211]) from [<bf1148b4>] (ieee80211_add_key+0x70/0x12c [mac80211]) [<bf114844>] (ieee80211_add_key+0x0/0x12c [mac80211]) from [<bf070cc0>] (__cfg80211_set_encryption+0x2a8/0x464 [cfg80211]) Signed-off-by: Petr Štetiar <ynezz@true.cz> Reviewed-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* Merge branch 'master' of ↵John W. Linville2011-01-051-0/+6
|\ | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6
| * mac80211: add missing synchronize_rcuJohannes Berg2011-01-041-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | commit ad0e2b5a00dbec303e4682b403bb6703d11dcdb2 Author: Johannes Berg <johannes.berg@intel.com> Date: Tue Jun 1 10:19:19 2010 +0200 mac80211: simplify key locking removed the synchronization against RCU and thus opened a race window where we can use a key for TX while it is already freed. Put a synchronisation into the right place to close that window. Reported-by: Jussi Kivilinna <jussi.kivilinna@mbnet.fi> Cc: stable@kernel.org [2.6.36+] Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | mac80211: fix some key comments and codeJohannes Berg2011-01-041-21/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The key documentation is slightly out of date, fix that. Also, the list entry in the key struct is no longer used that way, so list_del_init() isn't necessary any more there. Finally, ieee80211_key_link() is no longer invoked under RCU read lock, but rather with an appropriate station lock held. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | mac80211: support separate default keysJohannes Berg2010-12-131-19/+26
| | | | | | | | | | | | | | | | Add support for split default keys (unicast and multicast) in mac80211. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | mac80211: Disable hw crypto for GTKs on AP VLAN interfacesHelmut Schaa2010-11-221-1/+8
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | When using AP VLAN interfaces, each VLAN interface should be in its own broadcast domain. Hostapd achieves this by assigning different GTKs to different AP VLAN interfaces. However, mac80211 drivers are not aware of AP VLAN interfaces and as such mac80211 sends the GTK to the driver in the context of the base AP mode interface. This causes problems when multiple AP VLAN interfaces are used since the driver will use the same key slot for the different GTKs (there's no way for the driver to distinguish the different GTKs from different AP VLAN interfaces). Thus, only the clients associated to one AP VLAN interface (the one that was created last) can actually use broadcast traffic. Fix this by not programming any GTKs for AP VLAN interfaces into the hw but fall back to using software crypto. The GTK for the underlying AP interface is still sent to the driver. That means, broadcast traffic to stations associated to an AP VLAN interface is encrypted in software whereas broadcast traffic to stations associated to the non-VLAN AP interface is encrypted in hardware. Cc: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* cfg80211/mac80211: allow per-station GTKsJohannes Berg2010-10-061-34/+61
| | | | | | | | | | This adds API to allow adding per-station GTKs, updates mac80211 to support it, and also allows drivers to remove a key from hwaccel again when this may be necessary due to multiple GTKs. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* cfg80211/mac80211: use lockdep_assert_heldJohannes Berg2010-09-161-1/+1
| | | | | | | | | | | | Instead of using a WARN_ON(!mutex_is_locked()) use lockdep_assert_held() which compiles away completely when lockdep isn't enabled, and also is a more accurate assertion since it checks that the current thread is holding the mutex. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: allow vendor specific cipher suitesJohannes Berg2010-08-271-8/+30
| | | | | | | | | | | Allow drivers to specify their own set of cipher suites to advertise vendor-specific ciphers. The driver is then required to implement hardware crypto offload for it. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: Juuso Oikarinen <juuso.oikarinen@nokia.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* net/mac80211: Use wiphy_<level>Joe Perches2010-08-251-8/+6
| | | | | | | | | | Standardize logging messages from printk(KERN_<level> "%s: " fmt , wiphy_name(foo), args); to wiphy_<level>(foo, fmt, args); Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: move key tfm setupJohannes Berg2010-08-161-16/+10
| | | | | | | | | There's no need to keep separate if statements for setting up the CCMP/AES-CMAC tfm structs; move that into the existing switch statement. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: use cipher suite selectorsJohannes Berg2010-08-161-13/+12
| | | | | | | | | | | | | Currently, mac80211 translates the cfg80211 cipher suite selectors into ALG_* values. That isn't all too useful, and some drivers benefit from the distinction between WEP40 and WEP104 as well. Therefore, convert it all to use the cipher suite selectors. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Acked-by: Gertjan van Wingerde <gwingerde@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: Don't squash error codes in key setup functionsBen Hutchings2010-08-161-6/+8
| | | | | | | | | | | | | | | ieee80211_add_key() currently returns -ENOMEM in case of any error, including a missing crypto algorithm. Change ieee80211_key_alloc() and ieee80211_aes_{key_setup_encrypt,cmac_key_setup}() to encode errors with ERR_PTR() rather than returning NULL, and change ieee80211_add_key() accordingly. Compile-tested only. Reported-by: Marcin Owsiany <porridge@debian.org> Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Acked-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: Fix key freeing to handle unlinked keysJouni Malinen2010-07-271-7/+6
| | | | | | | | | | | | | | | | | | | Key locking simplification removed key->sdata != NULL verification from ieee80211_key_free(). While that is fine for most use cases, there is one path where this function can be called with an unlinked key (i.e., key->sdata == NULL && key->local == NULL). This results in a NULL pointer dereference with the current implementation. This is known to happen at least with FT protocol when wpa_supplicant tries to configure the key before association. Avoid the issue by passing in the local pointer to ieee80211_key_free(). In addition, do not clear the key from hw_accel or debugfs if it has not yet been added. At least the hw_accel one could trigger another NULL pointer dereference. Signed-off-by: Jouni Malinen <j@w1.fi> Reviewed-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: Use a separate CCMP PN receive counter for management framesJouni Malinen2010-06-151-1/+1
| | | | | | | | | | | | When management frame protection (IEEE 802.11w) is used, we must use a separate counter for tracking received CCMP packet number for the management frames. The previously used NUM_RX_DATA_QUEUESth queue was shared with data frames when QoS was not used and that can cause problems in detecting replays incorrectly for robust management frames. Add a new counter just for robust management frames to avoid this issue. Signed-off-by: Jouni Malinen <jouni.malinen@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: simplify key lockingJohannes Berg2010-06-031-222/+66
| | | | | | | | | | | | | Since I recently made station management able to sleep, I can now rework key management as well; since it will no longer need a spinlock and can also use a mutex instead, a bunch of code to allow drivers' set_key to sleep while key management is protected by a spinlock can now be removed. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* Revert "ath9k: Group Key fix for VAPs"John W. Linville2010-05-241-1/+0
| | | | | | | | | This reverts commit 03ceedea972a82d343fa5c2528b3952fa9e615d5. This patch was reported to cause a regression in which connectivity is lost and cannot be reestablished after a suspend/resume cycle. Signed-off-by: John W. Linville <linville@tuxdriver.com>
* Merge branch 'master' into for-davemJohn W. Linville2010-04-231-0/+1
|\ | | | | | | | | | | | | Conflicts: drivers/net/wireless/ath/ath9k/phy.c drivers/net/wireless/iwlwifi/iwl-6000.c drivers/net/wireless/iwlwifi/iwl-debugfs.c
| * ath9k: Group Key fix for VAPsDaniel Yingqiang Ma2010-04-201-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When I set up multiple VAPs with ath9k, I encountered an issue that the traffic may be lost after a while. The detailed phenomenon is 1. After a while the clients connected to one of these VAPs will get into a state that no broadcast/multicast packets can be transfered successfully while the unicast packets can be transfered normally. 2. Minutes latter the unitcast packets transfer will fail as well, because the ARP entry is expired and it can't be freshed due to the broadcast trouble. It's caused by the group key overwritten and someone discussed this issue in ath9k-devel maillist before, but haven't work out a fix yet. I referred the method in madwifi, and made a patch for ath9k. The method is to set the high bit of the sender(AP)'s address, and associated that mac and the group key. It requires the hardware supports multicast frame key search. It seems true for AR9160. Not sure whether it's the correct way to fix this issue. But it seems to work in my test. The patch is attached, feel free to revise it. Signed-off-by: Daniel Yingqiang ma <yma.cool@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | include cleanup: Update gfp.h and slab.h includes to prepare for breaking ↵Tejun Heo2010-03-301-0/+1
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | implicit slab.h inclusion from percpu.h percpu.h is included by sched.h and module.h and thus ends up being included when building most .c files. percpu.h includes slab.h which in turn includes gfp.h making everything defined by the two files universally available and complicating inclusion dependencies. percpu.h -> slab.h dependency is about to be removed. Prepare for this change by updating users of gfp and slab facilities include those headers directly instead of assuming availability. As this conversion needs to touch large number of source files, the following script is used as the basis of conversion. http://userweb.kernel.org/~tj/misc/slabh-sweep.py The script does the followings. * Scan files for gfp and slab usages and update includes such that only the necessary includes are there. ie. if only gfp is used, gfp.h, if slab is used, slab.h. * When the script inserts a new include, it looks at the include blocks and try to put the new include such that its order conforms to its surrounding. It's put in the include block which contains core kernel includes, in the same order that the rest are ordered - alphabetical, Christmas tree, rev-Xmas-tree or at the end if there doesn't seem to be any matching order. * If the script can't find a place to put a new include (mostly because the file doesn't have fitting include block), it prints out an error message indicating which .h file needs to be added to the file. The conversion was done in the following steps. 1. The initial automatic conversion of all .c files updated slightly over 4000 files, deleting around 700 includes and adding ~480 gfp.h and ~3000 slab.h inclusions. The script emitted errors for ~400 files. 2. Each error was manually checked. Some didn't need the inclusion, some needed manual addition while adding it to implementation .h or embedding .c file was more appropriate for others. This step added inclusions to around 150 files. 3. The script was run again and the output was compared to the edits from #2 to make sure no file was left behind. 4. Several build tests were done and a couple of problems were fixed. e.g. lib/decompress_*.c used malloc/free() wrappers around slab APIs requiring slab.h to be added manually. 5. The script was run on all .h files but without automatically editing them as sprinkling gfp.h and slab.h inclusions around .h files could easily lead to inclusion dependency hell. Most gfp.h inclusion directives were ignored as stuff from gfp.h was usually wildly available and often used in preprocessor macros. Each slab.h inclusion directive was examined and added manually as necessary. 6. percpu.h was updated not to include slab.h. 7. Build test were done on the following configurations and failures were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my distributed build env didn't work with gcov compiles) and a few more options had to be turned off depending on archs to make things build (like ipr on powerpc/64 which failed due to missing writeq). * x86 and x86_64 UP and SMP allmodconfig and a custom test config. * powerpc and powerpc64 SMP allmodconfig * sparc and sparc64 SMP allmodconfig * ia64 SMP allmodconfig * s390 SMP allmodconfig * alpha SMP allmodconfig * um on x86_64 SMP allmodconfig 8. percpu.h modifications were reverted so that it could be applied as a separate patch and serve as bisection point. Given the fact that I had only a couple of failures from tests on step 6, I'm fairly confident about the coverage of this conversion patch. If there is a breakage, it's likely to be something in one of the arch headers which should be easily discoverable easily on most builds of the specific arch. Signed-off-by: Tejun Heo <tj@kernel.org> Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org> Cc: Ingo Molnar <mingo@redhat.com> Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
* mac80211: add ieee80211_sdata_runningJohannes Berg2009-12-281-2/+2
| | | | | | | | | Instead of always using netif_running(sdata->dev) use ieee80211_sdata_running(sdata) now which is just an inline containing netif_running() for now. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: trace interface nameJohannes Berg2009-12-211-2/+2
| | | | | | | | It's not all that useful to have the vif/sdata pointer, we'd rather refer to the interfaces by their name. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: make station management completely depend on vifJohannes Berg2009-12-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | The station management currently uses the virtual interface, but you cannot add the same station to multiple virtual interfaces if you're communicating with it in multiple ways. This restriction should be lifted so that in the future we can, for instance, support bluetooth 3 with an access point that mac80211 is already associated to. We can do that by requiring all sta_info_get users to provide the virtual interface and making the RX code aware that an address may match more than one station struct. Thanks to the previous patches this one isn't all that large and except for the RX and TX status paths changes has low complexity. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* mac80211: fix todo lockJohannes Berg2009-08-171-13/+15
| | | | | | | | | | | | | | | | The key todo lock can be taken from different locks that require it to be _bh to avoid lock inversion due to (soft)irqs. This should fix the two problems reported by Bob and Gabor: http://mid.gmane.org/20090619113049.GB18956@hash.localnet http://mid.gmane.org/4A3FA376.8020307@openwrt.org Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Cc: Bob Copeland <me@bobcopeland.com> Cc: Gabor Juhos <juhosg@openwrt.org> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* nl80211: Validate NL80211_ATTR_KEY_SEQ lengthJouni Malinen2009-05-201-3/+3
| | | | | | | | Validate RSC (NL80211_ATTR_KEY_SEQ) length in nl80211/cfg80211 instead of having to do this in all the drivers. Signed-off-by: Jouni Malinen <jouni.malinen@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
OpenPOWER on IntegriCloud