| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
There was a missing break making the digital stack configured for
ISO1443 target instead of ISO15693.
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This adds support for ISO-DEP protocol over NFC-A rf technology. The
port100 already supports NFC-A and ATS request and response for type 4A
tags are handled at digital level. This patch adds NFC_PROTO_ISO14443
to the supported protocols and an entry for framing configuration which
is the same as NFC-A standard frame with CRC handling.
Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
| |
When a type 4A target is activated, this change adds the ISO-DEP SoD
when sending frames and removes it when receiving responses. Chaining
is not supported so sent frames are rejected if they exceed remote FSC
bytes.
Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
| |
|
|
|
|
|
|
| |
This adds support for ATS request and response handling for type 4A tag
activation.
Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
| |
|
|
|
|
|
|
|
| |
The arrays for protocols and rf techs must define a number of entries
corresponding to their maximum possible index values.
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Thierry Escande <thierry.escande@linux.intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
| |
|
|
|
|
|
|
|
| |
PN544 C3 firmwares already contain the command frames to be sent, but as
they may exceed the i2c maximum payload, we need to fragment them into
secure chunks and send them through the secure write command.
Signed-off-by: Arron Wang <arron.wang@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Different pn544 hardware variant may use different commands to download
new firmwares. The C2 does a regular firmware download while the C3 uses
a more secure protocol.
As a consequence we need to pass the hardware variant from the HCI SW
version command reply down to the pn544 i2c layer, in order to use the
right protocol at run time.
Signed-off-by: Arron Wang <arron.wang@intel.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
| |
|
|
|
|
|
|
| |
Add ISO/IEC 15693 support by having netlink push the
1-byte DSFID and 8-byte UID tag information upstream.
Signed-off-by: Mark A. Greer <mgreer@animalcreek.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for ISO/IEC 15693 to the digital layer. The code
currently uses single-slot anticollision only since the digital
layer infrastructure only supports one tag per adapter (making
it pointless to do 16-slot anticollision).
The code uses two new framing types:
'NFC_DIGITAL_FRAMING_ISO15693_INVENTORY' and
'NFC_DIGITAL_FRAMING_ISO15693_TVT'. The former is used to
tell the driver to prepare for an Inventory command and the
ensuing anticollision sequence. The latter is used to tell
the driver that the anticollision sequence is over and to
prepare for non-inventory commands.
Signed-off-by: Mark A. Greer <mgreer@animalcreek.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
| |
|
|
|
|
|
|
| |
Add the header definitions required by upcoming
patches that add support for ISO/IEC 15693.
Signed-off-by: Mark A. Greer <mgreer@animalcreek.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
|
| |
|
|
|
|
|
| |
This has been removed in further work.
Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
| |
The dtim period sent to FW was 0 because the dtim period
was never set. This caused an incorrect dtim count to be sent in
beacons.
Signed-off-by: Pontus Fuchs <pontus.fuchs@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
| |
This fixes problems seen with multiple softap clients and reconnecting
softap clients.
Signed-off-by: Pontus Fuchs <pontus.fuchs@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
| |
This is more line with the names of the other members
Signed-off-by: Pontus Fuchs <pontus.fuchs@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
| |
3680 has a few registers on other addresses.
Signed-off-by: Pontus Fuchs <pontus.fuchs@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
| |
After fw caps exchange, print the FW's capabilities.
Signed-off-by: Pontus Fuchs <pontus.fuchs@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
| |
If wowlan if off mac80211 will stop / start the driver on suspend /
resume. This causes problems on resume since request_firmware is called
from start. Fix this by caching the nv.
Signed-off-by: Pontus Fuchs <pontus.fuchs@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
On some wcnss firmwares the start command can take up to 300ms to
complete. Currently there is a 200ms timeout for SMD command to
complete which causes the start to fail.
Increase the timeout to 500ms. Also improve debug information
regarding SMD command completion time.
Signed-off-by: Pontus Fuchs <pontus.fuchs@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
| |
* Response format is not in the canonical format.
wcn36xx_smd_rsp_status_check cannot be used.
* Save the FW caps in wcn36xx struct for later use.
Signed-off-by: Pontus Fuchs <pontus.fuchs@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
| |
Signed-off-by: Pontus Fuchs <pontus.fuchs@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
| |
TI wl12xx/wl18xx cards support channel switch via a driver specific
switch_channel op while operating with channel contexts.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enabling beacon filtering before receving a beacon
might result in not having a beacon at all for the
current connected AP, which prevents the station
from entering power-save.
Replace the current approach (of starting beacon
filtering on init) and configure beacon filering
only after bss_conf->dtimper is set (which means
mac80211 already parsed a beacon).
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
| |
dfs configuration command might take longer than
the current timeout. increase it to 5 seconds.
Signed-off-by: Yaniv Machani <yanivma@ti.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Silently ignore repetitive scheduling of recovery work and commands
being passed to the bus when the HW is not available. This can happen
many times during recovery and slow it down. It also spams the kernel
logs.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
| |
Each AP has its own global and broadcast links, so when
checking for active sta count (according to the active_link_count)
we must take them all into account.
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
mac80211 unsets the default wep key on disassoc.
The fw doesn't support this notification, so simply
ignore it.
The actual flow actually triggers fw recovery in some
cases, as mac80211 unsets the default key only after
disassoc, when wlvif->sta.hlid, resulting in invalid
hlid being passed to the fw.
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
12xx chips allow only OFDM rates in AP mode for BT-Coex purposes. This
is no longer required in 18xx chips, starting with FW 8.6.0.0.8.
Update the min allowed FW version in 18xx to support this functionality.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
| |
Stopping sched scan on interface removal (during recovery)
is no longer needed, as sched scanning is automatically
restarted by mac80211.
Signed-off-by: Barak Bercovitz <barak@wizery.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Send EAPOL frames with voice priority by setting (the new)
TX_HW_ATTR_EAPOL_FRAME bit in tx attribute.
Sending EAPOL with voice priority fixes re-key
timeout issues during heavy traffic.
Signed-off-by: Igal Chernobelsky <igalc@ti.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bump the min wl18xx fw version to 8.8.0.0.13
This fw is not backward compatible with older
firmware (due to api changes), so use bump
the firmware name as well.
Some modifications were done to the driver-fw api
in order to support multiple APs.
Additionally, some of the consts (such as max stations,
max links and max RX BA sessions) were changed.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Each hw supports a different iface combinations.
Define the supported combinations in each driver,
and save it in wl->iface_combinations.
Since each driver defines its own combinations now,
it can also define its max supported channels, so
we no longer need to save and set it explicitly
in wlcore.
Update wl18xx interface combinations to allow
multiple APs.
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
| |
Each hw supports a different max stations (connected to the
same ap). add a new wl->max_ap_stations and use it instead
of the current common AP_MAX_STATIONS.
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Upcoming fw versions will have different max links support
(according to the hw). Get ready for it by configuring
wl->num_links per-hw, instead of using the const WL12XX_MAX_LINKS.
However, continue using WLCORE_MAX_LINKS in order to simplify
structs declarations (we use it in multiple bitmaps, and converting
them to dynamic arrays is just cumbersome).
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Instead of splitting the fw_status into 2 and using some
complex calculations, read the fw status and let each low-level
driver (wl12xx/wl18xx) convert it into a common struct.
This is required for the upcoming fw api changes, which
break the current logic anyway.
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It seems the wl18xx FW sometimes sends spurious changes on the PSM state
of the broadcast HLID. This causes us to search for a station on a
non-peer link and fail, causing warnings in our log.
Prevent the driver from considering PSM changes for any non-peer HLIDs.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
When the chip is in ELP mode read/write to FW is invalid and may cause
the lower layers to get stuck. The reads/writes concerning ELP wakeup
are the exception here and are checked for. In addition to blocking the
IO, produce a warning.
Signed-off-by: Barak Bercovitz <barak@wizery.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Sometimes a tx_flush during suspend fails, but the FW manages to flush
out the packets during the time when the host is supsended. Cancel
the Tx-watchdog on suspend to not cause a spurious recovery on resume
for that case. Set a flag to reinit the watchdog on the first Tx after
resume, so we'll still recover if the FW is not empty and there's
indeed a problem.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
zero rx_filter_enabled array after recovery to avoid
cases were the driver will keep trying to clear a
filter which is not configured in FW.
Such case will cause consecutive recoveries due to
command execution failures.
While on it, convert rx_filter_enabled to bitmap,
to save some memory and make sparse happy (it
doesn't like sizeof(bool array)).
Signed-off-by: Nadim Zubidat <nadimz@ti.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |
|
|
|
|
|
|
| |
Use ieee80211_channel_to_frequency() to replace b43_channel_to_freq_{2,5}ghz(),
and remove unused b43_freq_to_channel_{2,5}ghz().
Signed-off-by: ZHAO Gang <gamerh2o@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| |\
| |
| |
| | |
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Orignal code will not detect a DMA mapping failure, causing the HW
to attempt a DMA from an invalid address.
This patch add the error check and eventually simply drops the TX
packet if we can't map it for DMA.
Signed-off-by: andrea merello <andrea.merello@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In original code the old RX DMA buffer is unmapped and processed and at the end
of the isr a new buffer is mapped with pci_map_single and attached to the RX
descriptor.
If pci_map_single fails then the RX descriptor remains with no valid DMA buffer
attached.
In this condition the DMA will target where it shouldn't with obvious evil
consequences.
Simply avoiding re-arming the descriptor will prevent buggy DMA but it will
result soon in RX stuck.
This patch move the DMA mapping of the new buffer at the beginning of the ISR
(and it adds error check for pci_map_single success/fail).
If the DMA mapping fails then we do not unmap the old buffer and we re-arm the
descriptor without processing it, with the old DMA buffer still attached.
In this way we lose the currently RX-ed packet, but whenever next calls to
pci_map_single will succeed again,then the RX process will go on without stuck.
Signed-off-by: andrea merello <andrea.merello@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
| | |\
| | |
| | |
| | | |
git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
During channel context assignment, the interface should
be found by interface iteration, so we need to assign the
pointer before the channel context.
Reported-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Tested-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The "new" fragmentation code (since my rewrite almost 5 years ago)
erroneously sets skb->len rather than using skb_trim() to adjust
the length of the first fragment after copying out all the others.
This leaves the skb tail pointer pointing to after where the data
originally ended, and thus causes the encryption MIC to be written
at that point, rather than where it belongs: immediately after the
data.
The impact of this is that if software encryption is done, then
a) encryption doesn't work for the first fragment, the connection
becomes unusable as the first fragment will never be properly
verified at the receiver, the MIC is practically guaranteed to
be wrong
b) we leak up to 8 bytes of plaintext (!) of the packet out into
the air
This is only mitigated by the fact that many devices are capable
of doing encryption in hardware, in which case this can't happen
as the tail pointer is irrelevant in that case. Additionally,
fragmentation is not used very frequently and would normally have
to be configured manually.
Fix this by using skb_trim() properly.
Cc: stable@vger.kernel.org
Fixes: 2de8e0d999b8 ("mac80211: rewrite fragmentation")
Reported-by: Jouni Malinen <j@w1.fi>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently, when a station leaves an IBSS network, the
corresponding BSS is not dropped from cfg80211 if there are
other active stations in the network. But, the small
window that is present when trying to determine a station's
status based on IEEE80211_IBSS_MERGE_INTERVAL introduces
a race.
Instead of trying to keep the BSS, always remove it when
leaving an IBSS network. There is not much benefit to retain
the BSS entry since it will be added with a subsequent join
operation.
This fixes an issue where a dangling BSS entry causes ath9k
to wait for a beacon indefinitely.
Cc: <stable@vger.kernel.org>
Reported-by: Simon Wunderlich <sw@simonwunderlich.de>
Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When the driver cannot start the AP or when the assignement
of the beacon goes wrong, we need to unassign the vif.
Cc: stable@vger.kernel.org
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Due to the previous commit, when a scan finishes, it is in theory
possible to hit the following sequence:
1. interface starts being removed
2. scan is cancelled by driver and cfg80211 is notified
3. scan done work is scheduled
4. interface is removed completely, rdev->scan_req is freed,
event sent to userspace but scan done work remains pending
5. new scan is requested on another virtual interface
6. scan done work runs, freeing the still-running scan
To fix this situation, hang on to the scan done message and block
new scans while that is the case, and only send the message from
the work function, regardless of whether the scan_req is already
freed from interface removal. This makes step 5 above impossible
and changes step 6 to be
5. scan done work runs, sending the scan done message
As this can't work for wext, so we send the message immediately,
but this shouldn't be an issue since we still return -EBUSY.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When an interface/wdev is removed, any ongoing scan should be
cancelled by the driver. This will make it call cfg80211, which
only queues a work struct. If interface/wdev removal is quick
enough, this can leave the scan request pending and processed
only after the interface is gone, causing a use-after-free.
Fix this by making sure the scan request is not pending after
the interface is destroyed. We can't flush or cancel the work
item due to locking concerns, but when it'll run it shouldn't
find anything to do. This leaves a potential issue, if a new
scan gets requested before the work runs, it prematurely stops
the running scan, potentially causing another crash. I'll fix
that in the next patch.
This was particularly observed with P2P_DEVICE wdevs, likely
because freeing them is quicker than freeing netdevs.
Reported-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Fixes: 4a58e7c38443 ("cfg80211: don't "leak" uncompleted scans")
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
sdata->u.ap.request_smps_work can’t be flushed synchronously
under wdev_lock(wdev) since ieee80211_request_smps_ap_work
itself locks the same lock.
While at it, reset the driver_smps_mode when the ap is
stopped to its default: OFF.
This solves:
======================================================
[ INFO: possible circular locking dependency detected ]
3.12.0-ipeer+ #2 Tainted: G O
-------------------------------------------------------
rmmod/2867 is trying to acquire lock:
((&sdata->u.ap.request_smps_work)){+.+...}, at: [<c105b8d0>] flush_work+0x0/0x90
but task is already holding lock:
(&wdev->mtx){+.+.+.}, at: [<f9b32626>] cfg80211_stop_ap+0x26/0x230 [cfg80211]
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #1 (&wdev->mtx){+.+.+.}:
[<c10aefa9>] lock_acquire+0x79/0xe0
[<c1607a1a>] mutex_lock_nested+0x4a/0x360
[<fb06288b>] ieee80211_request_smps_ap_work+0x2b/0x50 [mac80211]
[<c105cdd8>] process_one_work+0x198/0x450
[<c105d469>] worker_thread+0xf9/0x320
[<c10669ff>] kthread+0x9f/0xb0
[<c1613397>] ret_from_kernel_thread+0x1b/0x28
-> #0 ((&sdata->u.ap.request_smps_work)){+.+...}:
[<c10ae9df>] __lock_acquire+0x183f/0x1910
[<c10aefa9>] lock_acquire+0x79/0xe0
[<c105b917>] flush_work+0x47/0x90
[<c105d867>] __cancel_work_timer+0x67/0xe0
[<c105d90f>] cancel_work_sync+0xf/0x20
[<fb0765cc>] ieee80211_stop_ap+0x8c/0x340 [mac80211]
[<f9b3268c>] cfg80211_stop_ap+0x8c/0x230 [cfg80211]
[<f9b0d8f9>] cfg80211_leave+0x79/0x100 [cfg80211]
[<f9b0da72>] cfg80211_netdev_notifier_call+0xf2/0x4f0 [cfg80211]
[<c160f2c9>] notifier_call_chain+0x59/0x130
[<c106c6de>] __raw_notifier_call_chain+0x1e/0x30
[<c106c70f>] raw_notifier_call_chain+0x1f/0x30
[<c14f8213>] call_netdevice_notifiers_info+0x33/0x70
[<c14f8263>] call_netdevice_notifiers+0x13/0x20
[<c14f82a4>] __dev_close_many+0x34/0xb0
[<c14f83fe>] dev_close_many+0x6e/0xc0
[<c14f9c77>] rollback_registered_many+0xa7/0x1f0
[<c14f9dd4>] unregister_netdevice_many+0x14/0x60
[<fb06f4d9>] ieee80211_remove_interfaces+0xe9/0x170 [mac80211]
[<fb055116>] ieee80211_unregister_hw+0x56/0x110 [mac80211]
[<fa3e9396>] iwl_op_mode_mvm_stop+0x26/0xe0 [iwlmvm]
[<f9b9d8ca>] _iwl_op_mode_stop+0x3a/0x70 [iwlwifi]
[<f9b9d96f>] iwl_opmode_deregister+0x6f/0x90 [iwlwifi]
[<fa405179>] __exit_compat+0xd/0x19 [iwlmvm]
[<c10b8bf9>] SyS_delete_module+0x179/0x2b0
[<c1613421>] sysenter_do_call+0x12/0x32
Fixes: 687da132234f ("mac80211: implement SMPS for AP")
Cc: <stable@vger.kernel.org> [3.13]
Reported-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
|
