| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Fix the following NULL pointer dereference avoiding to run
mt76u_status_worker thread if the device is not running yet.
KASAN: null-ptr-deref in range
[0x0000000000000000-0x0000000000000007]
CPU: 0 PID: 98 Comm: kworker/u2:2 Not tainted 5.14.0+ #78 Hardware
name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
rel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.org 04/01/2014
Workqueue: mt76 mt76u_tx_status_data
RIP: 0010:mt76x02_mac_fill_tx_status.isra.0+0x82c/0x9e0
Code: c5 48 b8 00 00 00 00 00 fc ff df 80 3c 02 00 0f 85 94 01 00 00
48 b8 00 00 00 00 00 fc ff df 4d 8b 34 24 4c 89 f2 48 c1 ea 03 <0f>
b6
04 02 84 c0 74 08 3c 03 0f 8e 89 01 00 00 41 8b 16 41 0f b7
RSP: 0018:ffffc900005af988 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: ffffc900005afae8 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff832fc661 RDI: ffffc900005afc2a
RBP: ffffc900005afae0 R08: 0000000000000001 R09: fffff520000b5f3c
R10: 0000000000000003 R11: fffff520000b5f3b R12: ffff88810b6132d8
R13: 000000000000ffff R14: 0000000000000000 R15: ffffc900005afc28
FS: 0000000000000000(0000) GS:ffff88811aa00000(0000)
knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fa0eda6a000 CR3: 0000000118f17000 CR4: 0000000000750ef0
PKRU: 55555554
Call Trace:
mt76x02_send_tx_status+0x1d2/0xeb0
mt76x02_tx_status_data+0x8e/0xd0
mt76u_tx_status_data+0xe1/0x240
process_one_work+0x92b/0x1460
worker_thread+0x95/0xe00
kthread+0x3a1/0x480
ret_from_fork+0x1f/0x30
Modules linked in:
--[ end trace 8df5d20fc5040f65 ]--
RIP: 0010:mt76x02_mac_fill_tx_status.isra.0+0x82c/0x9e0
Code: c5 48 b8 00 00 00 00 00 fc ff df 80 3c 02 00 0f 85 94 01 00 00
48 b8 00 00 00 00 00 fc ff df 4d 8b 34 24 4c 89 f2 48 c1 ea 03 <0f>
b6
04 02 84 c0 74 08 3c 03 0f 8e 89 01 00 00 41 8b 16 41 0f b7
RSP: 0018:ffffc900005af988 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: ffffc900005afae8 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff832fc661 RDI: ffffc900005afc2a
RBP: ffffc900005afae0 R08: 0000000000000001 R09: fffff520000b5f3c
R10: 0000000000000003 R11: fffff520000b5f3b R12: ffff88810b6132d8
R13: 000000000000ffff R14: 0000000000000000 R15: ffffc900005afc28
FS: 0000000000000000(0000) GS:ffff88811aa00000(0000)
knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fa0eda6a000 CR3: 0000000118f17000 CR4: 0000000000750ef0
PKRU: 55555554
Moreover move stat_work schedule out of the for loop.
Reported-by: Dokyung Song <[email protected]>
Co-developed-by: Deren Wu <[email protected]>
Signed-off-by: Deren Wu <[email protected]>
Signed-off-by: Lorenzo Bianconi <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
The hardware reports the number of transmitting antennas not the actual
number of spatial streams
Co-developed-by: Peter Chiu <[email protected]>
Signed-off-by: Peter Chiu <[email protected]>
Signed-off-by: Evelyn Tsai <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
The hardware simply does not support this in DBDC mode. Remove it from
the HE capabilities.
Signed-off-by: Nicolas Cavallari <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
Do not hardcode beamformee 4 space-time streams support, because
DBDC can only support up to 2.
Fixes: 00b2e16e0063 ("mt76: mt7915: add TxBF capabilities")
Signed-off-by: Nicolas Cavallari <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
mt7915 does not have a per-band number of chains unlike the other chips,
it only has a total number of chains. Yet the current code would
consider the total number as a per-band number.
For example, it would report that a 2x2 + 2x2 DBDC card have 4 chains on
each band and set chainmask to 0b1111 for the first interface and
0b11110000 for the second.
Fixes: 99ad32a4ca3a ("mt76: mt7915: add support for MT7986")
Co-developed-by: Felix Fietkau <[email protected]>
Signed-off-by: Nicolas Cavallari <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
Host triggered and catastrophic event triggered firmware core dumping
for basic firmware issues triage, including state reporting, task/irq
info, function calltrace and MCU memory dump.
Signed-off-by: Ryder Lee <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
Trigger firmware crash and enable full system recovery through debugfs.
This also renames knob "fw_ser" to a clear-cut name "sys_recovery".
Signed-off-by: Ryder Lee <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
Add mt7915_reset() and refactor mt7915_mac_reset_work() to support
full system recovery.
Co-developed-by: Ryder Lee <[email protected]>
Signed-off-by: Ryder Lee <[email protected]>
Signed-off-by: Bo Jiao <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
Reuse mt7915_dma_disable() to reduce duplicated code.
This is a preliminary patch to enable full system reset.
Co-developed-by: Ryder Lee <[email protected]>
Signed-off-by: Ryder Lee <[email protected]>
Signed-off-by: Bo Jiao <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
Move aggregation stats array per-phy instead of share it between multiple
interfaces. This is a preliminary patch to add mt7996 driver support.
Signed-off-by: Lorenzo Bianconi <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
This is a preliminary patch to move aggr_stats array in mt76_phy
structure.
Signed-off-by: Lorenzo Bianconi <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
Similar to mt7915, fix stats clash between bins [4-7] in 802.11 tx
aggregation histogram.
Fixes: 163f4d22c118d ("mt76: mt7921: add MAC support")
Signed-off-by: Lorenzo Bianconi <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
Fix stats clash between bins [4-7] in 802.11 tx aggregation histogram.
Fixes: e57b7901469fc ("mt76: add mac80211 driver for MT7915 PCIe-based chipsets")
Signed-off-by: Lorenzo Bianconi <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
This adds selectable RTC/CTS enablement for each interface.
Signed-off-by: Ryder Lee <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
This adds selectable RTC/CTS enablement for each interface.
Signed-off-by: Ryder Lee <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
Due to information missing, the firmware may be fail on bandwidth
related settings in mt7921/mt7922. Add new cmd STA_REC_HE_V2 to apply
additional capabilities in 6GHz band.
Tested-by: Ben Greear <[email protected]>
Co-developed-by: Deren Wu <[email protected]>
Signed-off-by: Deren Wu <[email protected]>
Signed-off-by: Ming Yen Hsieh <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
This reports signal strength of ACK packets from the peer as measured
at each interface.
Tested-by: Shurong Wen <[email protected]>
Signed-off-by: Ryder Lee <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
The MIB INFO command is fetching MIB_BUSY_TIME, MIB_TX_TIME, MIB_RX_TIME and
MIB_OBSS_AIRTIME from the radio and filling out cc_busy, cc_tx, cc_bss_rx
and cc_rx respectively.
busy should be >= tx + rx >= tx + bss_rx but we don’t always quite see this.
Sometimes tx + rx is a bit higher than busy due to inaccurate accounting,
so this patch recalculates numbers to make them more reasonable.
Reported-By: Kevin Schneider <[email protected]>
Tested-by: Kevin Schneider <[email protected]>
Tested-by: Chad Monroe <[email protected]>
Signed-off-by: Ryder Lee <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
MT_DRV_AMSDU_OFFLOAD"
This reverts commit f17f4864504d754bcbf31e4c89412cdf9946c409 and adds the
MT_DRV_AMSDU_OFFLOAD flag for MT7921 USB/SDIO
The reverted commit significantly decreases performance when running
a test where two MT7915 radios have 16 station vdevs each, configured
for AC mode, and transmitting UDP traffic to AP.
Co-developed-by: Felix Fietkau <[email protected]>
Reported-by: Carson Vandegriffe <[email protected]>
Signed-off-by: Ben Greear <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
Enable WED tx support for mt7986-wmac chipset available on mt7986 board.
Tested-by: Daniel Golle <[email protected]>
Co-developed-by: Bo Jiao <[email protected]>
Signed-off-by: Bo Jiao <[email protected]>
Co-developed-by: Sujuan Chen <[email protected]>
Signed-off-by: Sujuan Chen <[email protected]>
Signed-off-by: Lorenzo Bianconi <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
Introduce wed tx support for MT7986 chipset
Tested-by: Daniel Golle <[email protected]>
Co-developed-by: Bo Jiao <[email protected]>
Signed-off-by: Bo Jiao <[email protected]>
Co-developed-by: Sujuan Chen <[email protected]>
Signed-off-by: Sujuan Chen <[email protected]>
Signed-off-by: Lorenzo Bianconi <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
This is a preliminary patch to enable wed support for mt7986-wmac
chipset.
Tested-by: Daniel Golle <[email protected]>
Co-developed-by: Bo Jiao <[email protected]>
Signed-off-by: Bo Jiao <[email protected]>
Co-developed-by: Sujuan Chen <[email protected]>
Signed-off-by: Sujuan Chen <[email protected]>
Signed-off-by: Lorenzo Bianconi <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
Correct mac timiing settings for different hardware generations.
This improves 40-60Mbps performance.
Fixes: 9aac2969fe5f ("mt76: mt7915: update mac timing settings")
Reported-By: Carson Vandegriffe <[email protected]>
Tested-by: Chad Monroe <[email protected]>
Signed-off-by: Ryder Lee <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
For MT7915D, correct antenna index should be set to let DFS radar
detection work on the 5 GHz band.
Signed-off-by: Shayne Chen <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
In previous, we only allow user to configure tx antenna mask
contiguously (e.g. 0x3, 0xf).
This patch allows user to configure tx antenna mask interleavingly
(e.g. 0x5, 0x8). By setting proper antenna mask and nss, user can
prioritized the signal of different antennas, which helps to test
their performance in normal mode.
Signed-off-by: Shayne Chen <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
Add mt76_connac_spe_idx() for antenna mask to spatial extension
index conversion. This is used to support flexible control of
tx antenna.
Signed-off-by: Shayne Chen <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
Let the configuration of testmode antenna mask on both band0 and band1
become antenna_mask rather than chainmask. This could simplify the
settings for user and get rid of the conversion when sending fw command.
Signed-off-by: Shayne Chen <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
A variant of mt7916 supports up to 3 tx/rx paths but with only
2 spatial streams. An example usage of the 3rd path is to server as
an auxiliary for beamforming.
In order to deal with this case, this patch reworks some parts to
correctly use paths or streams.
Signed-off-by: Peter Chiu <[email protected]>
Signed-off-by: Shayne Chen <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
Rework tx paths and streams init part to improve readability, and make
sure that the available tx streams should be smaller than or equal to
the available tx paths.
Signed-off-by: Shayne Chen <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
The value of regidx of rf registers is combined with WF selection and
offset. Extend the WF selection field from 4 to 8 bits since the
adie index should also be specified.
Signed-off-by: Evelyn Tsai <[email protected]>
Signed-off-by: Shayne Chen <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
According to the tx-free-done documentation, the DW4 can be repeated,
so have to be more careful about how we test for walking off the
end of the array.
Signed-off-by: Ben Greear <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
All uses of mt76_wcid_mask_test() have
been removed since commit 8950a62f19c9 ("mt76: get rid of
mt76_wcid_hw routine"), so remove it.
Signed-off-by: Gaosheng Cui <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
Group 3 in RxD is disabled in monitor mode. We should use the group 5 in
RxD instead to fix antenna signal way off issue, e.g we would see the
incorrect antenna signal value in wireshark. On the other hand, Group 5
wouldn't be used in STA or AP mode, so the patch shouldn't cause any
harm to those modes.
Fixes: cbaa0a404f8d ("mt76: mt7921: fix up the monitor mode")
Reported-by: Adrian Granados <[email protected]>
Co-developed-by: Deren Wu <[email protected]>
Signed-off-by: Deren Wu <[email protected]>
Signed-off-by: Sean Wang <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>
|
|
- remove stbc, because mt76x0 doesn't support it and mt76x2 uses the same
values as HT/VHT
- reduce vht array to 2 elements, because VHT MCS0-7 are the same as HT
Signed-off-by: Felix Fietkau <[email protected]>
|
|
Its layout and code is mt76x02 specific
Signed-off-by: Felix Fietkau <[email protected]>
|
|
ieee80211_drop_unencrypted is called from ieee80211_rx_h_mesh_fwding and
ieee80211_frame_allowed.
Since ieee80211_rx_h_mesh_fwding can forward packets for other mesh nodes
and is called earlier, it needs to check the decryptions status and if the
packet is using the control protocol on its own, instead of deferring to
the later call from ieee80211_frame_allowed.
Because of that, ieee80211_drop_unencrypted has a mesh specific check
that skips over the mesh header in order to check the payload protocol.
This code is invalid when called from ieee80211_frame_allowed, since that
happens after the 802.11->802.3 conversion.
Fix this by moving the mesh specific check directly into
ieee80211_rx_h_mesh_fwding.
Signed-off-by: Felix Fietkau <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Johannes Berg <[email protected]>
|
|
This can be used to selectively disable feature flags for checksum offload,
scatter/gather or GSO by changing vif->netdev_features.
Removing features from vif->netdev_features does not affect the netdev
features themselves, but instead fixes up skbs in the tx path so that the
offloads are not needed in the driver.
Aside from making it easier to deal with vif type based hardware limitations,
this also makes it possible to optimize performance on hardware without native
GSO support by declaring GSO support in hw->netdev_features and removing it
from vif->netdev_features. This allows mac80211 to handle GSO segmentation
after the sta lookup, but before itxq enqueue, thus reducing the number of
unnecessary sta lookups, as well as some other per-packet processing.
Signed-off-by: Felix Fietkau <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Johannes Berg <[email protected]>
|
|
Updates to the TIM information element to match changes made in the
IEEE Std 802.11ah-2020.
Signed-off-by: Kieran Frewen <[email protected]>
Co-developed-by: Gilad Itzkovitch <[email protected]>
Signed-off-by: Gilad Itzkovitch <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
[use skb_put_data/skb_put_u8]
Signed-off-by: Johannes Berg <[email protected]>
|
|
It's not valid to have the multiple BSSID element in the
association response (per 802.11 REVme D1.0), so don't
try to parse it there, but only in the fallback beacon
elements if needed.
The other case that was parsing association requests was
already changed in a previous commit.
Change-Id: I659d2ef1253e079cc71c46a017044e116e31c024
Signed-off-by: Johannes Berg <[email protected]>
|
|
There's no need to open-code container_of() when we have
bss_from_pub(). Use it.
Change-Id: I074723717909ba211a40e6499f0c36df0e2ba4be
Signed-off-by: Johannes Berg <[email protected]>
|
|
The call to ieee80211_do_stop() right after will also do
synchronize_rcu() to ensure the SDATA_STATE_RUNNING bit
is cleared, so we don't need to synchronize_net() here.
Change-Id: Id9f9ffcf195002013e5d9fde288877d219780864
Signed-off-by: Johannes Berg <[email protected]>
|
|
ieee80211_get_txq() can only be called with vif != NULL.
Remove not needed NULL test in function.
Signed-off-by: Alexander Wetzel <[email protected]>
Reported-by: kernel test robot <[email protected]>
Reported-by: Dan Carpenter <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Johannes Berg <[email protected]>
|
|
In regulatory_init_db(), when it's going to return a error, reg_pdev
should be unregistered. When load_builtin_regdb_keys() fails it doesn't
do it and makes cfg80211 can't be reload with report:
sysfs: cannot create duplicate filename '/devices/platform/regulatory.0'
...
<TASK>
dump_stack_lvl+0x79/0x9b
sysfs_warn_dup.cold+0x1c/0x29
sysfs_create_dir_ns+0x22d/0x290
kobject_add_internal+0x247/0x800
kobject_add+0x135/0x1b0
device_add+0x389/0x1be0
platform_device_add+0x28f/0x790
platform_device_register_full+0x376/0x4b0
regulatory_init+0x9a/0x4b2 [cfg80211]
cfg80211_init+0x84/0x113 [cfg80211]
...
Fixes: 90a53e4432b1 ("cfg80211: implement regdb signature checking")
Signed-off-by: Chen Zhongjin <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Johannes Berg <[email protected]>
|
|
If the "channel->freq_offset" comparison is omitted in cmp_bss(),
BSS with different kHz units cannot be distinguished in the S1G Band.
So "freq_offset" should also be included in the comparison.
Signed-off-by: JUN-KYU SHIN <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Johannes Berg <[email protected]>
|
|
In ieee80211_lookup_key, the variable named `local` is unused if
compiled without lockdep, getting this warning:
net/mac80211/cfg.c: In function ‘ieee80211_lookup_key’:
net/mac80211/cfg.c:542:26: error: unused variable ‘local’ [-Werror=unused-variable]
struct ieee80211_local *local = sdata->local;
^~~~~
Fix it with __maybe_unused.
Fixes: 8cbf0c2ab6df ("wifi: mac80211: refactor some key code")
Signed-off-by: Íñigo Huguet <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Johannes Berg <[email protected]>
|
|
The open code is defined as a helper function(tp_to_dev) on r8169_main.c,
which the open code is &tp->pci_dev->dev. The helper function was added
in commit 1e1205b7d3e9 ("r8169: add helper tp_to_dev"). And then later,
commit f1e911d5d0df ("r8169: add basic phylib support") added
r8169_phylink_handler function but it didn't use the helper function.
Thus, tp_to_dev() replaces the open code. This patch doesn't change logic.
Signed-off-by: Juhee Kang <[email protected]>
Reviewed-by: Heiner Kallweit <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Paolo Abeni <[email protected]>
|
|
Correct wrong closing bracket.
Signed-off-by: Philipp Hortmann <[email protected]>
Link: https://lore.kernel.org/r/20221114200135.GA100176@matrix-ESPRIMO-P710
Signed-off-by: Johannes Berg <[email protected]>
|
|
When register_netdevice() failed in ieee80211_if_add(), ndev->tstats
isn't released. Fix it.
Fixes: 5a490510ba5f ("mac80211: use per-CPU TX/RX statistics")
Signed-off-by: Zhengchao Shao <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Johannes Berg <[email protected]>
|
|
As the nla_nest_start() may fail with NULL returned, the return value needs
to be checked.
Fixes: ce08cd344a00 ("wifi: nl80211: expose link information for interfaces")
Signed-off-by: Yuan Can <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Johannes Berg <[email protected]>
|
|
When building with -Wstringop-overflow, GCC's KASAN implementation does
not correctly perform bounds checking within some complex structures
when faced with literal offsets, and can get very confused. For example,
this warning is seen due to literal offsets into sturct ieee80211_hdr
that may or may not be large enough:
drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c: In function 'iwl_mvm_rx_mpdu_mq':
drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c:2022:29: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=]
2022 | *qc &= ~IEEE80211_QOS_CTL_A_MSDU_PRESENT;
In file included from drivers/net/wireless/intel/iwlwifi/mvm/fw-api.h:32,
from drivers/net/wireless/intel/iwlwifi/mvm/sta.h:15,
from drivers/net/wireless/intel/iwlwifi/mvm/mvm.h:27,
from drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c:10:
drivers/net/wireless/intel/iwlwifi/mvm/../fw/api/rx.h:559:16: note: at offset [78, 166] into destination object 'mpdu_len' of size 2
559 | __le16 mpdu_len;
| ^~~~~~~~
Refactor ieee80211_get_qos_ctl() to avoid using literal offsets,
requiring the creation of the actual structure that is described in the
comments. Explicitly choose the desired offset, making the code more
human-readable too. This is one of the last remaining warning to fix
before enabling -Wstringop-overflow globally.
Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97490
Link: https://github.com/KSPP/linux/issues/181
Cc: Johannes Berg <[email protected]>
Cc: Kalle Valo <[email protected]>
Cc: Gregory Greenman <[email protected]>
Cc: "Gustavo A. R. Silva" <[email protected]>
Cc: [email protected]
Cc: [email protected]
Signed-off-by: Kees Cook <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Johannes Berg <[email protected]>
|