mac80211: update to version 4.19.57
authorHauke Mehrtens <hauke@hauke-m.de>
Sat, 6 Jul 2019 22:08:20 +0000 (00:08 +0200)
committerHauke Mehrtens <hauke@hauke-m.de>
Sun, 7 Jul 2019 16:20:04 +0000 (18:20 +0200)
62 files changed:
package/kernel/mac80211/Makefile
package/kernel/mac80211/patches/ath/404-regd_no_assoc_hints.patch
package/kernel/mac80211/patches/ath/979-ath10k-fix-incorrect-multicast-broadcast-rate-settin.patch
package/kernel/mac80211/patches/brcm/305-v4.20-0001-brcmfmac-remove-set-but-not-used-variables-sfdoff-an.patch
package/kernel/mac80211/patches/brcm/320-v5.0-0004-brcmfmac-Set-board_type-used-for-nvram-file-selectio.patch
package/kernel/mac80211/patches/brcm/328-v5.0-0001-brcmfmac-add-credit-numbers-updating-support.patch
package/kernel/mac80211/patches/brcm/328-v5.0-0002-brcmfmac-enable-frameburst-mode-in-default-firmware-.patch
package/kernel/mac80211/patches/brcm/328-v5.0-0003-brcmfmac-handle-compressed-tx-status-signal.patch
package/kernel/mac80211/patches/brcm/329-v5.0-0002-brcmfmac-set-F2-watermark-to-256-for-4373.patch
package/kernel/mac80211/patches/brcm/329-v5.0-0003-brcmfmac-set-SDIO-F1-MesBusyCtrl-for-CYW4373.patch
package/kernel/mac80211/patches/brcm/329-v5.0-0004-brcmfmac-add-support-for-CYW43012-SDIO-chipset.patch
package/kernel/mac80211/patches/brcm/329-v5.0-0006-brcmfmac-update-43012-F2-watermark-setting-to-fix-DM.patch
package/kernel/mac80211/patches/brcm/329-v5.0-0008-brcmfmac-disable-command-decode-in-sdio_aos.patch
package/kernel/mac80211/patches/brcm/332-v5.0-0001-brcmfmac-Fix-access-point-mode.patch
package/kernel/mac80211/patches/brcm/341-v5.1-brcmfmac-add-a-check-for-the-status-of-usb_register.patch
package/kernel/mac80211/patches/brcm/346-v5.1-brcmfmac-add-bphy_err-and-use-it-in-the-cfg80211.c.patch
package/kernel/mac80211/patches/brcm/349-v5.1-0001-brcmfmac-assure-SSID-length-from-firmware-is-limited.patch [deleted file]
package/kernel/mac80211/patches/brcm/349-v5.1-0002-brcmfmac-add-subtype-check-for-event-handling-in-dat.patch [deleted file]
package/kernel/mac80211/patches/brcm/349-v5.1-0003-brcmfmac-create-debugfs-files-for-bus-specific-layer.patch
package/kernel/mac80211/patches/brcm/349-v5.1-0005-brcmfmac-check-and-dump-trap-info-during-sdio-probe.patch
package/kernel/mac80211/patches/brcm/351-v5.1-0001-brcmfmac-improve-code-handling-bandwidth-of-firmware.patch
package/kernel/mac80211/patches/brcm/351-v5.1-0002-brcmfmac-support-firmware-reporting-160-MHz-channels.patch
package/kernel/mac80211/patches/brcm/352-v5.1-brcmfmac-rework-bphy_err-to-take-struct-brcmf_pub-ar.patch
package/kernel/mac80211/patches/brcm/354-v5.1-brcmfmac-use-bphy_err-in-all-wiphy-related-code.patch
package/kernel/mac80211/patches/brcm/360-v5.2-0002-brcmfmac-add-a-function-designated-for-handling-firm.patch
package/kernel/mac80211/patches/brcm/360-v5.2-0003-brcmfmac-reset-PCIe-bus-on-a-firmware-crash.patch
package/kernel/mac80211/patches/brcm/361-v5.2-0001-brcmfmac-fix-WARNING-during-USB-disconnect-in-case-o.patch [deleted file]
package/kernel/mac80211/patches/brcm/361-v5.2-0002-brcmfmac-fix-NULL-pointer-derefence-during-USB-disco.patch [deleted file]
package/kernel/mac80211/patches/brcm/362-v5.2-0001-brcmfmac-fix-race-during-disconnect-when-USB-complet.patch [deleted file]
package/kernel/mac80211/patches/brcm/363-v5.2-brcmfmac-fix-Oops-when-bringing-up-interface-during-.patch [deleted file]
package/kernel/mac80211/patches/brcm/364-v5.2-brcmfmac-convert-dev_init_lock-mutex-to-completion.patch [deleted file]
package/kernel/mac80211/patches/brcm/365-v5.2-brcmfmac-fix-missing-checks-for-kmemdup.patch [deleted file]
package/kernel/mac80211/patches/brcm/373-v5.2-brcm80211-potential-NULL-dereference-in-brcmf_cfg802.patch [deleted file]
package/kernel/mac80211/patches/mwl/700-mwl8k-missing-pci-id-for-WNR854T.patch
package/kernel/mac80211/patches/mwl/940-mwl8k_init_devices_synchronously.patch
package/kernel/mac80211/patches/mwl/941-mwl8k-Fix-rate_idx-underflow.patch [deleted file]
package/kernel/mac80211/patches/rt2x00/004-rt2x00-do-not-check-for-txstatus-timeout-every-time-.patch
package/kernel/mac80211/patches/rt2x00/005-rt2x00-use-different-txstatus-timeouts-when-flushing.patch
package/kernel/mac80211/patches/rt2x00/022-rt2x00-check-number-of-EPROTO-errors.patch
package/kernel/mac80211/patches/rt2x00/023-rt2x00-do-not-print-error-when-queue-is-full.patch
package/kernel/mac80211/patches/rt2x00/029-rt2x00-remove-last_nostatus_check.patch
package/kernel/mac80211/patches/rt2x00/032-rt2x00-do-not-increment-sequence-number-while-re-tra.patch [deleted file]
package/kernel/mac80211/patches/subsys/100-remove-cryptoapi-dependencies.patch
package/kernel/mac80211/patches/subsys/140-tweak-TSQ-setting.patch
package/kernel/mac80211/patches/subsys/300-mac80211-add-stop-start-logic-for-software-TXQs.patch
package/kernel/mac80211/patches/subsys/301-mac80211-do-not-call-driver-wake_tx_queue-op-during-.patch [deleted file]
package/kernel/mac80211/patches/subsys/311-mac80211-fix-memory-accounting-with-A-MSDU-aggregati.patch [deleted file]
package/kernel/mac80211/patches/subsys/313-mac80211-fix-unaligned-access-in-mesh-table-hash-fun.patch [deleted file]
package/kernel/mac80211/patches/subsys/320-mac80211-Add-TXQ-scheduling-API.patch
package/kernel/mac80211/patches/subsys/321-cfg80211-Add-airtime-statistics-and-settings.patch
package/kernel/mac80211/patches/subsys/322-mac80211-Add-airtime-accounting-and-scheduling-to-TX.patch
package/kernel/mac80211/patches/subsys/323-mac80211-Expose-ieee80211_schedule_txq-function.patch
package/kernel/mac80211/patches/subsys/350-mac80211-add-hdrlen-to-ieee80211_tx_data.patch
package/kernel/mac80211/patches/subsys/351-mac80211-add-TX_NEEDS_ALIGNED4_SKBS-hw-flag.patch
package/kernel/mac80211/patches/subsys/352-mac80211-rework-locking-for-txq-scheduling-airtime-f.patch
package/kernel/mac80211/patches/subsys/354-mac80211-calculate-hash-for-fq-without-holding-fq-lo.patch
package/kernel/mac80211/patches/subsys/355-mac80211-run-late-dequeue-late-tx-handlers-without-h.patch
package/kernel/mac80211/patches/subsys/357-mac80211-optimize-skb-resizing.patch
package/kernel/mac80211/patches/subsys/358-mac80211-make-ieee80211_schedule_txq-schedule-empty-.patch
package/kernel/mac80211/patches/subsys/360-mac80211-when-using-iTXQ-select-the-queue-in-ieee802.patch
package/kernel/mac80211/patches/subsys/362-mac80211-minstrel_ht-automatically-calculate-rate-du.patch
package/kernel/mac80211/patches/subsys/390-nl-mac-80211-allow-4addr-AP-operation-on-crypto-cont.patch [deleted file]

index 20258fd6628b5f96e7c85074a31196e4092d42a2..246e87d5728d092fa1c0b2303ad8e1749f3b114b 100644 (file)
@@ -10,10 +10,10 @@ include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=mac80211
 
-PKG_VERSION:=4.19.32-1
-PKG_RELEASE:=2
-PKG_SOURCE_URL:=@KERNEL/linux/kernel/projects/backports/stable/v4.19.32/
-PKG_HASH:=838db1565b54fe4bd1e769c54f30c65c9ea2fb5e99a0cddb7910561794ae317a
+PKG_VERSION:=4.19.57-1
+PKG_RELEASE:=1
+PKG_SOURCE_URL:=@KERNEL/linux/kernel/projects/backports/stable/v4.19.57/
+PKG_HASH:=f9c2d888cd49bd85e3f625f440468a803eeabb36662b56426c6cb2d15a7e049d
 
 PKG_SOURCE:=backports-$(PKG_VERSION).tar.xz
 PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/backports-$(PKG_VERSION)
index ec95206acb87959843f8ce7c425a96cdd0bb5726..d4c7318377ebed3fac5f7a7dd22233d0366f94ea 100644 (file)
@@ -1,6 +1,6 @@
 --- a/net/wireless/reg.c
 +++ b/net/wireless/reg.c
-@@ -2982,6 +2982,8 @@ void regulatory_hint_country_ie(struct w
+@@ -3021,6 +3021,8 @@ void regulatory_hint_country_ie(struct w
        enum environment_cap env = ENVIRON_ANY;
        struct regulatory_request *request = NULL, *lr;
  
@@ -9,7 +9,7 @@
        /* IE len must be evenly divisible by 2 */
        if (country_ie_len & 0x01)
                return;
-@@ -3188,6 +3190,7 @@ static void restore_regulatory_settings(
+@@ -3227,6 +3229,7 @@ static void restore_regulatory_settings(
  
  void regulatory_hint_disconnect(void)
  {
index 8695b7e094885bb479e14386a0461a25cf57603d..c25d14fc04e2151cafed53b0e6751146f54044c9 100644 (file)
@@ -30,7 +30,7 @@ Origin: other, https://patchwork.kernel.org/patch/10723033/
  
 @@ -5658,7 +5658,11 @@ static void ath10k_bss_info_changed(stru
        if (changed & BSS_CHANGED_MCAST_RATE &&
-           !WARN_ON(ath10k_mac_vif_chan(arvif->vif, &def))) {
+           !ath10k_mac_vif_chan(arvif->vif, &def)) {
                band = def.chan->band;
 -              rateidx = vif->bss_conf.mcast_rate[band] - 1;
 +              mcast_rate = vif->bss_conf.mcast_rate[band];
index 192ed1a7704c3dafbd7bc8cc52e3af20ea3e0db3..c4b67863a083366256a09f6b8691add3a0812308 100644 (file)
@@ -22,7 +22,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
 
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c
-@@ -1463,7 +1463,7 @@ static u8 brcmf_sdio_rxglom(struct brcmf
+@@ -1474,7 +1474,7 @@ static u8 brcmf_sdio_rxglom(struct brcmf
        struct sk_buff *pfirst, *pnext;
  
        int errcode;
@@ -31,7 +31,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  
        struct brcmf_sdio_hdrinfo rd_new;
  
-@@ -1597,7 +1597,6 @@ static u8 brcmf_sdio_rxglom(struct brcmf
+@@ -1608,7 +1608,6 @@ static u8 brcmf_sdio_rxglom(struct brcmf
  
                /* Remove superframe header, remember offset */
                skb_pull(pfirst, rd_new.dat_offset);
@@ -39,7 +39,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                num = 0;
  
                /* Validate all the subframe headers */
-@@ -3405,7 +3404,6 @@ static int brcmf_sdio_bus_preinit(struct
+@@ -3416,7 +3415,6 @@ static int brcmf_sdio_bus_preinit(struct
        struct brcmf_sdio_dev *sdiodev = bus_if->bus_priv.sdio;
        struct brcmf_sdio *bus = sdiodev->bus;
        struct brcmf_core *core = bus->sdio_core;
@@ -47,7 +47,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        u32 value;
        int err;
  
-@@ -3448,7 +3446,6 @@ static int brcmf_sdio_bus_preinit(struct
+@@ -3459,7 +3457,6 @@ static int brcmf_sdio_bus_preinit(struct
        if (sdiodev->sg_support) {
                bus->txglom = false;
                value = 1;
index a33ceaa21ed268e2a12d62553ae5ab9e64a6d315..f7c2c0ff487024e7d9642c95e7cc65f3aba3916b 100644 (file)
@@ -67,7 +67,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        fwreq->bus_nr = devinfo->pdev->bus->number;
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c
-@@ -4174,6 +4174,7 @@ brcmf_sdio_prepare_fw_request(struct brc
+@@ -4185,6 +4185,7 @@ brcmf_sdio_prepare_fw_request(struct brc
  
        fwreq->items[BRCMF_SDIO_FW_CODE].type = BRCMF_FW_TYPE_BINARY;
        fwreq->items[BRCMF_SDIO_FW_NVRAM].type = BRCMF_FW_TYPE_NVRAM;
index dd40ee2b1f0b2a63a4f7e015cfe5889ec0e2b299..3f84e542081ddfbde6d005186e6e5518428363fb 100644 (file)
@@ -27,7 +27,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        int credits_borrowed[BRCMF_FWS_FIFO_AC_VO + 1];
        int deq_node_pos[BRCMF_FWS_FIFO_COUNT];
        u32 fifo_credit_map;
-@@ -1237,6 +1238,9 @@ static void brcmf_fws_return_credits(str
+@@ -1241,6 +1242,9 @@ static void brcmf_fws_return_credits(str
        }
  
        fws->fifo_credit[fifo] += credits;
@@ -37,7 +37,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  }
  
  static void brcmf_fws_schedule_deq(struct brcmf_fws_info *fws)
-@@ -1595,19 +1599,21 @@ static int brcmf_fws_notify_credit_map(s
+@@ -1599,19 +1603,21 @@ static int brcmf_fws_notify_credit_map(s
                brcmf_err("event payload too small (%d)\n", e->datalen);
                return -EINVAL;
        }
@@ -63,7 +63,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        }
        brcmf_fws_schedule_deq(fws);
        brcmf_fws_unlock(fws);
-@@ -2013,7 +2019,7 @@ static int brcmf_fws_borrow_credit(struc
+@@ -2017,7 +2023,7 @@ static int brcmf_fws_borrow_credit(struc
        }
  
        for (lender_ac = 0; lender_ac <= BRCMF_FWS_FIFO_AC_VO; lender_ac++) {
@@ -72,7 +72,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        fws->credits_borrowed[lender_ac]++;
                        fws->fifo_credit[lender_ac]--;
                        if (fws->fifo_credit[lender_ac] == 0)
-@@ -2210,8 +2216,9 @@ static void brcmf_fws_dequeue_worker(str
+@@ -2216,8 +2222,9 @@ static void brcmf_fws_dequeue_worker(str
                        }
                        continue;
                }
@@ -84,7 +84,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        skb = brcmf_fws_deq(fws, fifo);
                        if (!skb)
                                break;
-@@ -2222,7 +2229,7 @@ static void brcmf_fws_dequeue_worker(str
+@@ -2228,7 +2235,7 @@ static void brcmf_fws_dequeue_worker(str
                                break;
                }
                if ((fifo == BRCMF_FWS_FIFO_AC_BE) &&
index 9602792d4fcf7bc22a61b28c42de10a794a51b8d..3ae36890cea1ed42afc471d01da14569b6d0e115 100644 (file)
@@ -17,7 +17,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
 
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
-@@ -6638,6 +6638,12 @@ static s32 brcmf_config_dongle(struct br
+@@ -6644,6 +6644,12 @@ static s32 brcmf_config_dongle(struct br
  
        brcmf_configure_arp_nd_offload(ifp, true);
  
index d44c8737ad55553b4e00a8fb004b97f98c74463a..bf72dcabc1a671894f1dd19b9dc22a992602a438 100644 (file)
@@ -18,7 +18,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
 
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwsignal.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwsignal.c
-@@ -1455,9 +1455,10 @@ static int brcmf_fws_txstatus_suppressed
+@@ -1459,9 +1459,10 @@ static int brcmf_fws_txstatus_suppressed
  
  static int
  brcmf_fws_txs_process(struct brcmf_fws_info *fws, u8 flags, u32 hslot,
@@ -30,7 +30,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        int ret;
        bool remove_from_hanger = true;
        struct sk_buff *skb;
-@@ -1468,60 +1469,71 @@ brcmf_fws_txs_process(struct brcmf_fws_i
+@@ -1472,60 +1473,71 @@ brcmf_fws_txs_process(struct brcmf_fws_i
        brcmf_dbg(DATA, "flags %d\n", flags);
  
        if (flags == BRCMF_FWS_TXSTATUS_DISCARD)
@@ -144,7 +144,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  
        return 0;
  }
-@@ -1547,7 +1559,8 @@ static int brcmf_fws_fifocreditback_indi
+@@ -1551,7 +1563,8 @@ static int brcmf_fws_fifocreditback_indi
        return BRCMF_FWS_RET_OK_SCHEDULE;
  }
  
@@ -154,7 +154,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  {
        __le32 status_le;
        __le16 seq_le;
-@@ -1556,23 +1569,31 @@ static int brcmf_fws_txstatus_indicate(s
+@@ -1560,23 +1573,31 @@ static int brcmf_fws_txstatus_indicate(s
        u32 genbit;
        u8 flags;
        u16 seq;
@@ -189,7 +189,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        brcmf_fws_unlock(fws);
        return BRCMF_FWS_RET_OK_NOSCHEDULE;
  }
-@@ -1888,8 +1909,6 @@ void brcmf_fws_hdrpull(struct brcmf_if *
+@@ -1892,8 +1913,6 @@ void brcmf_fws_hdrpull(struct brcmf_if *
  
                err = BRCMF_FWS_RET_OK_NOSCHEDULE;
                switch (type) {
@@ -198,7 +198,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                case BRCMF_FWS_TYPE_HOST_REORDER_RXPKTS:
                        rd = (struct brcmf_skb_reorder_data *)skb->cb;
                        rd->reorder = data;
-@@ -1912,7 +1931,8 @@ void brcmf_fws_hdrpull(struct brcmf_if *
+@@ -1916,7 +1935,8 @@ void brcmf_fws_hdrpull(struct brcmf_if *
                        err = brcmf_fws_request_indicate(fws, type, data);
                        break;
                case BRCMF_FWS_TYPE_TXSTATUS:
@@ -208,7 +208,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        break;
                case BRCMF_FWS_TYPE_FIFO_CREDITBACK:
                        err = brcmf_fws_fifocreditback_indicate(fws, data);
-@@ -2001,7 +2021,7 @@ static void brcmf_fws_rollback_toq(struc
+@@ -2005,7 +2025,7 @@ static void brcmf_fws_rollback_toq(struc
                fws->stats.rollback_failed++;
                hslot = brcmf_skb_htod_tag_get_field(skb, HSLOT);
                brcmf_fws_txs_process(fws, BRCMF_FWS_TXSTATUS_HOST_TOSSED,
@@ -217,7 +217,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        } else {
                fws->stats.rollback_success++;
                brcmf_fws_return_credits(fws, fifo, 1);
-@@ -2462,7 +2482,8 @@ void brcmf_fws_bustxfail(struct brcmf_fw
+@@ -2476,7 +2496,8 @@ void brcmf_fws_bustxfail(struct brcmf_fw
        }
        brcmf_fws_lock(fws);
        hslot = brcmf_skb_htod_tag_get_field(skb, HSLOT);
index a915473b8cfe25485f350d113c13f6c919565a84..bf35c4587ef55117fb689a2cbf559d90a75b022a 100644 (file)
@@ -37,7 +37,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  /* Force SD->SB reset mapping (rev 11) */
  #define SBSDIO_DEVCTL_SB_RST_CTL      0x30
  /*   Determined by CoreControl bit */
-@@ -4046,6 +4052,7 @@ static void brcmf_sdio_firmware_callback
+@@ -4057,6 +4063,7 @@ static void brcmf_sdio_firmware_callback
        void *nvram;
        u32 nvram_len;
        u8 saveclk;
@@ -45,7 +45,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  
        brcmf_dbg(TRACE, "Enter: dev=%s, err=%d\n", dev_name(dev), err);
  
-@@ -4101,8 +4108,23 @@ static void brcmf_sdio_firmware_callback
+@@ -4112,8 +4119,23 @@ static void brcmf_sdio_firmware_callback
                brcmf_sdiod_writel(sdiod, core->base + SD_REG(hostintmask),
                                   bus->hostintmask, NULL);
  
index 0e22a1545e76abc1545e72b58bf780f2c95a780b..9ba6931f8ddc46de673853e0a9226cbfb123ff7b 100644 (file)
@@ -18,7 +18,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
 
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c
-@@ -4119,6 +4119,9 @@ static void brcmf_sdio_firmware_callback
+@@ -4130,6 +4130,9 @@ static void brcmf_sdio_firmware_callback
                        devctl |= SBSDIO_DEVCTL_F2WM_ENAB;
                        brcmf_sdiod_writeb(sdiod, SBSDIO_DEVICE_CTL, devctl,
                                           &err);
index e53d4bafa0471bc270ec7067a0696af65e23cf7f..2c7828cf5fd17cbf3a3bd5698e18c97617ed20c0 100644 (file)
@@ -85,7 +85,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  };
  
  static void pkt_align(struct sk_buff *p, int len, int align)
-@@ -677,6 +679,14 @@ brcmf_sdio_kso_control(struct brcmf_sdio
+@@ -683,6 +685,14 @@ brcmf_sdio_kso_control(struct brcmf_sdio
        /* 1st KSO write goes to AOS wake up core if device is asleep  */
        brcmf_sdiod_writeb(bus->sdiodev, SBSDIO_FUNC1_SLEEPCSR, wr_val, &err);
  
@@ -100,7 +100,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        if (on) {
                /* device WAKEUP through KSO:
                 * write bit 0 & read back until
-@@ -2402,6 +2412,14 @@ static int brcmf_sdio_tx_ctrlframe(struc
+@@ -2413,6 +2423,14 @@ static int brcmf_sdio_tx_ctrlframe(struc
        return ret;
  }
  
@@ -115,7 +115,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  static void brcmf_sdio_bus_stop(struct device *dev)
  {
        struct brcmf_bus *bus_if = dev_get_drvdata(dev);
-@@ -2409,7 +2427,7 @@ static void brcmf_sdio_bus_stop(struct d
+@@ -2420,7 +2438,7 @@ static void brcmf_sdio_bus_stop(struct d
        struct brcmf_sdio *bus = sdiodev->bus;
        struct brcmf_core *core = bus->sdio_core;
        u32 local_hostintmask;
@@ -124,7 +124,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        int err;
  
        brcmf_dbg(TRACE, "Enter\n");
-@@ -2436,9 +2454,14 @@ static void brcmf_sdio_bus_stop(struct d
+@@ -2447,9 +2465,14 @@ static void brcmf_sdio_bus_stop(struct d
                /* Force backplane clocks to assure F2 interrupt propagates */
                saveclk = brcmf_sdiod_readb(sdiodev, SBSDIO_FUNC1_CHIPCLKCSR,
                                            &err);
@@ -142,7 +142,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                if (err)
                        brcmf_err("Failed to force clock for F2: err %d\n",
                                  err);
-@@ -3328,20 +3351,45 @@ err:
+@@ -3339,20 +3362,45 @@ err:
        return bcmerror;
  }
  
@@ -190,7 +190,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        brcmf_sdiod_writeb(bus->sdiodev, SBSDIO_FUNC1_WAKEUPCTRL, val, &err);
        if (err) {
                brcmf_err("error writing SBSDIO_FUNC1_WAKEUPCTRL\n");
-@@ -3350,8 +3398,7 @@ static void brcmf_sdio_sr_init(struct br
+@@ -3361,8 +3409,7 @@ static void brcmf_sdio_sr_init(struct br
  
        /* Add CMD14 Support */
        brcmf_sdiod_func0_wb(bus->sdiodev, SDIO_CCCR_BRCM_CARDCAP,
@@ -200,7 +200,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                             &err);
        if (err) {
                brcmf_err("error writing SDIO_CCCR_BRCM_CARDCAP\n");
-@@ -3359,7 +3406,7 @@ static void brcmf_sdio_sr_init(struct br
+@@ -3370,7 +3417,7 @@ static void brcmf_sdio_sr_init(struct br
        }
  
        brcmf_sdiod_writeb(bus->sdiodev, SBSDIO_FUNC1_CHIPCLKCSR,
@@ -209,7 +209,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        if (err) {
                brcmf_err("error writing SBSDIO_FUNC1_CHIPCLKCSR\n");
                return;
-@@ -4051,7 +4098,7 @@ static void brcmf_sdio_firmware_callback
+@@ -4062,7 +4109,7 @@ static void brcmf_sdio_firmware_callback
        const struct firmware *code;
        void *nvram;
        u32 nvram_len;
@@ -218,7 +218,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        u8 devctl;
  
        brcmf_dbg(TRACE, "Enter: dev=%s, err=%d\n", dev_name(dev), err);
-@@ -4085,8 +4132,11 @@ static void brcmf_sdio_firmware_callback
+@@ -4096,8 +4143,11 @@ static void brcmf_sdio_firmware_callback
        /* Force clocks on backplane to be sure F2 interrupt propagates */
        saveclk = brcmf_sdiod_readb(sdiod, SBSDIO_FUNC1_CHIPCLKCSR, &err);
        if (!err) {
index 3b44952af4085e2cdc2061432dac34585e80cd17..c43f0668e95e824362d741b80382fc351ea19afa 100644 (file)
@@ -29,7 +29,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  
  #ifdef DEBUG
  
-@@ -4173,6 +4174,17 @@ static void brcmf_sdio_firmware_callback
+@@ -4184,6 +4185,17 @@ static void brcmf_sdio_firmware_callback
                                           CY_4373_F2_WATERMARK |
                                           SBSDIO_MESBUSYCTRL_ENAB, &err);
                        break;
index a1125e588d3c9558d27ab494d5b363145f16398f..63f30fb8e6dc691c047b5e85928899c3e5d31ffa 100644 (file)
@@ -30,7 +30,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
 
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c
-@@ -3354,7 +3354,11 @@ err:
+@@ -3365,7 +3365,11 @@ err:
  
  static bool brcmf_sdio_aos_no_decode(struct brcmf_sdio *bus)
  {
index acf587676e2c8213dd7e21dc0323baf6a79e4eb5..f5f45c8d3ef989a54696eddd65a14b6f951db657 100644 (file)
@@ -22,7 +22,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
 
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
-@@ -6308,6 +6308,16 @@ brcmf_txrx_stypes[NUM_NL80211_IFTYPES] =
+@@ -6314,6 +6314,16 @@ brcmf_txrx_stypes[NUM_NL80211_IFTYPES] =
                .tx = 0xffff,
                .rx = BIT(IEEE80211_STYPE_ACTION >> 4) |
                      BIT(IEEE80211_STYPE_PROBE_REQ >> 4)
index 356891067851b02b027efb493ca93ad9ccbf9a56..5104666b69c10c9b628ebf16dc4f39f5f4b1b575 100644 (file)
@@ -14,7 +14,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
 
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c
-@@ -1552,6 +1552,10 @@ void brcmf_usb_exit(void)
+@@ -1557,6 +1557,10 @@ void brcmf_usb_exit(void)
  
  void brcmf_usb_register(void)
  {
index efd77d4c00dc575d75625636297bb367e56781f9..8858b186a79949db9a8302ceda751fd2c0e3aea4 100644 (file)
@@ -1078,7 +1078,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return -EINVAL;
        }
  
-@@ -3498,7 +3531,7 @@ static void brcmf_report_wowl_wakeind(st
+@@ -3500,7 +3533,7 @@ static void brcmf_report_wowl_wakeind(st
        err = brcmf_fil_iovar_data_get(ifp, "wowl_wakeind", &wake_ind_le,
                                       sizeof(wake_ind_le));
        if (err) {
@@ -1087,7 +1087,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return;
        }
  
-@@ -3539,7 +3572,7 @@ static void brcmf_report_wowl_wakeind(st
+@@ -3541,7 +3574,7 @@ static void brcmf_report_wowl_wakeind(st
                                cfg->wowl.nd_data_completed,
                                BRCMF_ND_INFO_TIMEOUT);
                        if (!timeout)
@@ -1096,7 +1096,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        else
                                wakeup_data.net_detect = cfg->wowl.nd_info;
                }
-@@ -3747,7 +3780,7 @@ brcmf_cfg80211_set_pmksa(struct wiphy *w
+@@ -3749,7 +3782,7 @@ brcmf_cfg80211_set_pmksa(struct wiphy *w
                        cfg->pmk_list.npmk = cpu_to_le32(npmk);
                }
        } else {
@@ -1105,7 +1105,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return -EINVAL;
        }
  
-@@ -3793,7 +3826,7 @@ brcmf_cfg80211_del_pmksa(struct wiphy *w
+@@ -3795,7 +3828,7 @@ brcmf_cfg80211_del_pmksa(struct wiphy *w
                memset(&pmk[i], 0, sizeof(*pmk));
                cfg->pmk_list.npmk = cpu_to_le32(npmk - 1);
        } else {
@@ -1114,7 +1114,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return -EINVAL;
        }
  
-@@ -3825,19 +3858,20 @@ brcmf_cfg80211_flush_pmksa(struct wiphy
+@@ -3827,19 +3860,20 @@ brcmf_cfg80211_flush_pmksa(struct wiphy
  
  static s32 brcmf_configure_opensecurity(struct brcmf_if *ifp)
  {
@@ -1137,7 +1137,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return err;
        }
        /* set upper-layer auth */
-@@ -3847,7 +3881,7 @@ static s32 brcmf_configure_opensecurity(
+@@ -3849,7 +3883,7 @@ static s32 brcmf_configure_opensecurity(
                wpa_val = WPA_AUTH_DISABLED;
        err = brcmf_fil_bsscfg_int_set(ifp, "wpa_auth", wpa_val);
        if (err < 0) {
@@ -1146,7 +1146,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return err;
        }
  
-@@ -3867,6 +3901,7 @@ brcmf_configure_wpaie(struct brcmf_if *i
+@@ -3869,6 +3903,7 @@ brcmf_configure_wpaie(struct brcmf_if *i
                      const struct brcmf_vs_tlv *wpa_ie,
                      bool is_rsn_ie)
  {
@@ -1154,7 +1154,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        u32 auth = 0; /* d11 open authentication */
        u16 count;
        s32 err = 0;
-@@ -3897,13 +3932,13 @@ brcmf_configure_wpaie(struct brcmf_if *i
+@@ -3899,13 +3934,13 @@ brcmf_configure_wpaie(struct brcmf_if *i
        /* check for multicast cipher suite */
        if (offset + WPA_IE_MIN_OUI_LEN > len) {
                err = -EINVAL;
@@ -1170,7 +1170,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto exit;
        }
        offset += TLV_OUI_LEN;
-@@ -3925,7 +3960,7 @@ brcmf_configure_wpaie(struct brcmf_if *i
+@@ -3927,7 +3962,7 @@ brcmf_configure_wpaie(struct brcmf_if *i
                break;
        default:
                err = -EINVAL;
@@ -1179,7 +1179,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto exit;
        }
  
-@@ -3936,13 +3971,13 @@ brcmf_configure_wpaie(struct brcmf_if *i
+@@ -3938,13 +3973,13 @@ brcmf_configure_wpaie(struct brcmf_if *i
        /* Check for unicast suite(s) */
        if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) {
                err = -EINVAL;
@@ -1195,7 +1195,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        goto exit;
                }
                offset += TLV_OUI_LEN;
-@@ -3960,7 +3995,7 @@ brcmf_configure_wpaie(struct brcmf_if *i
+@@ -3962,7 +3997,7 @@ brcmf_configure_wpaie(struct brcmf_if *i
                        pval |= AES_ENABLED;
                        break;
                default:
@@ -1204,7 +1204,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                }
                offset++;
        }
-@@ -3970,13 +4005,13 @@ brcmf_configure_wpaie(struct brcmf_if *i
+@@ -3972,13 +4007,13 @@ brcmf_configure_wpaie(struct brcmf_if *i
        /* Check for auth key management suite(s) */
        if (offset + (WPA_IE_MIN_OUI_LEN * count) > len) {
                err = -EINVAL;
@@ -1220,7 +1220,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        goto exit;
                }
                offset += TLV_OUI_LEN;
-@@ -4004,7 +4039,7 @@ brcmf_configure_wpaie(struct brcmf_if *i
+@@ -4006,7 +4041,7 @@ brcmf_configure_wpaie(struct brcmf_if *i
                        wpa_auth |= WPA2_AUTH_1X_SHA256;
                        break;
                default:
@@ -1229,7 +1229,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                }
                offset++;
        }
-@@ -4046,7 +4081,7 @@ brcmf_configure_wpaie(struct brcmf_if *i
+@@ -4048,7 +4083,7 @@ brcmf_configure_wpaie(struct brcmf_if *i
                err = brcmf_fil_bsscfg_int_set(ifp, "wme_bss_disable",
                                               wme_bss_disable);
                if (err < 0) {
@@ -1238,7 +1238,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        goto exit;
                }
  
-@@ -4060,7 +4095,7 @@ brcmf_configure_wpaie(struct brcmf_if *i
+@@ -4062,7 +4097,7 @@ brcmf_configure_wpaie(struct brcmf_if *i
                                                        &data[offset],
                                                        WPA_IE_MIN_OUI_LEN);
                        if (err < 0) {
@@ -1247,7 +1247,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                                goto exit;
                        }
                }
-@@ -4071,13 +4106,13 @@ brcmf_configure_wpaie(struct brcmf_if *i
+@@ -4073,13 +4108,13 @@ brcmf_configure_wpaie(struct brcmf_if *i
        /* set auth */
        err = brcmf_fil_bsscfg_int_set(ifp, "auth", auth);
        if (err < 0) {
@@ -1263,7 +1263,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto exit;
        }
        /* Configure MFP, this needs to go after wsec otherwise the wsec command
-@@ -4086,14 +4121,14 @@ brcmf_configure_wpaie(struct brcmf_if *i
+@@ -4088,14 +4123,14 @@ brcmf_configure_wpaie(struct brcmf_if *i
        if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MFP)) {
                err = brcmf_fil_bsscfg_int_set(ifp, "mfp", mfp);
                if (err < 0) {
@@ -1280,7 +1280,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto exit;
        }
  
-@@ -4180,6 +4215,7 @@ s32 brcmf_vif_set_mgmt_ie(struct brcmf_c
+@@ -4182,6 +4217,7 @@ s32 brcmf_vif_set_mgmt_ie(struct brcmf_c
                          const u8 *vndr_ie_buf, u32 vndr_ie_len)
  {
        struct brcmf_if *ifp;
@@ -1288,7 +1288,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        struct vif_saved_ie *saved_ie;
        s32 err = 0;
        u8  *iovar_ie_buf;
-@@ -4200,6 +4236,7 @@ s32 brcmf_vif_set_mgmt_ie(struct brcmf_c
+@@ -4202,6 +4238,7 @@ s32 brcmf_vif_set_mgmt_ie(struct brcmf_c
        if (!vif)
                return -ENODEV;
        ifp = vif->ifp;
@@ -1296,7 +1296,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        saved_ie = &vif->saved_ie;
  
        brcmf_dbg(TRACE, "bsscfgidx %d, pktflag : 0x%02X\n", ifp->bsscfgidx,
-@@ -4231,13 +4268,13 @@ s32 brcmf_vif_set_mgmt_ie(struct brcmf_c
+@@ -4233,13 +4270,13 @@ s32 brcmf_vif_set_mgmt_ie(struct brcmf_c
                break;
        default:
                err = -EPERM;
@@ -1312,7 +1312,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto exit;
        }
  
-@@ -4298,8 +4335,8 @@ s32 brcmf_vif_set_mgmt_ie(struct brcmf_c
+@@ -4300,8 +4337,8 @@ s32 brcmf_vif_set_mgmt_ie(struct brcmf_c
                        /* verify remained buf size before copy data */
                        if (remained_buf_len < (vndrie_info->vndrie.len +
                                                        VNDR_IE_VSIE_OFFSET)) {
@@ -1323,7 +1323,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                                break;
                        }
                        remained_buf_len -= (vndrie_info->ie_len +
-@@ -4330,7 +4367,7 @@ s32 brcmf_vif_set_mgmt_ie(struct brcmf_c
+@@ -4332,7 +4369,7 @@ s32 brcmf_vif_set_mgmt_ie(struct brcmf_c
                err  = brcmf_fil_bsscfg_data_set(ifp, "vndr_ie", iovar_ie_buf,
                                                 total_ie_buf_len);
                if (err)
@@ -1332,7 +1332,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        }
  
  exit:
-@@ -4358,13 +4395,14 @@ static s32
+@@ -4360,13 +4397,14 @@ static s32
  brcmf_config_ap_mgmt_ie(struct brcmf_cfg80211_vif *vif,
                        struct cfg80211_beacon_data *beacon)
  {
@@ -1348,7 +1348,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return err;
        }
        brcmf_dbg(TRACE, "Applied Vndr IEs for Beacon\n");
-@@ -4374,7 +4412,7 @@ brcmf_config_ap_mgmt_ie(struct brcmf_cfg
+@@ -4376,7 +4414,7 @@ brcmf_config_ap_mgmt_ie(struct brcmf_cfg
                                    beacon->proberesp_ies,
                                    beacon->proberesp_ies_len);
        if (err)
@@ -1357,7 +1357,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        else
                brcmf_dbg(TRACE, "Applied Vndr IEs for Probe Resp\n");
  
-@@ -4483,7 +4521,8 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
+@@ -4485,7 +4523,8 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
                        err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY,
                                                    is_11d);
                        if (err < 0) {
@@ -1367,7 +1367,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                                goto exit;
                        }
                }
-@@ -4491,8 +4530,8 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
+@@ -4493,8 +4532,8 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
                        err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_BCNPRD,
                                                    settings->beacon_interval);
                        if (err < 0) {
@@ -1378,7 +1378,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                                goto exit;
                        }
                }
-@@ -4500,7 +4539,8 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
+@@ -4502,7 +4541,8 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
                        err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_DTIMPRD,
                                                    settings->dtim_period);
                        if (err < 0) {
@@ -1388,7 +1388,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                                goto exit;
                        }
                }
-@@ -4510,7 +4550,8 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
+@@ -4512,7 +4552,8 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
                     !brcmf_feat_is_enabled(ifp, BRCMF_FEAT_RSDB))) {
                        err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_DOWN, 1);
                        if (err < 0) {
@@ -1398,7 +1398,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                                goto exit;
                        }
                        brcmf_fil_iovar_int_set(ifp, "apsta", 0);
-@@ -4518,7 +4559,7 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
+@@ -4520,7 +4561,7 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
  
                err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_INFRA, 1);
                if (err < 0) {
@@ -1407,7 +1407,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        goto exit;
                }
        } else if (WARN_ON(supports_11d && (is_11d != ifp->vif->is_11d))) {
-@@ -4534,7 +4575,8 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
+@@ -4536,7 +4577,8 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
  
                err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_AP, 1);
                if (err < 0) {
@@ -1417,7 +1417,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        goto exit;
                }
                if (!mbss) {
-@@ -4543,14 +4585,14 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
+@@ -4545,14 +4587,14 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
                         */
                        err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec);
                        if (err < 0) {
@@ -1435,7 +1435,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        goto exit;
                }
                /* On DOWN the firmware removes the WEP keys, reconfigure
-@@ -4565,14 +4607,14 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
+@@ -4567,14 +4609,14 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
                err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
                                             &join_params, sizeof(join_params));
                if (err < 0) {
@@ -1452,7 +1452,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                                goto exit;
                        }
                }
-@@ -4581,14 +4623,14 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
+@@ -4583,14 +4625,14 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
        } else if (dev_role == NL80211_IFTYPE_P2P_GO) {
                err = brcmf_fil_iovar_int_set(ifp, "chanspec", chanspec);
                if (err < 0) {
@@ -1470,7 +1470,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        goto exit;
                }
                bss_enable.bsscfgidx = cpu_to_le32(ifp->bsscfgidx);
-@@ -4596,7 +4638,7 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
+@@ -4598,7 +4640,7 @@ brcmf_cfg80211_start_ap(struct wiphy *wi
                err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable,
                                               sizeof(bss_enable));
                if (err < 0) {
@@ -1479,7 +1479,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        goto exit;
                }
  
-@@ -4644,13 +4686,13 @@ static int brcmf_cfg80211_stop_ap(struct
+@@ -4646,13 +4688,13 @@ static int brcmf_cfg80211_stop_ap(struct
                err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SSID,
                                             &join_params, sizeof(join_params));
                if (err < 0)
@@ -1496,7 +1496,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                if (brcmf_feat_is_enabled(ifp, BRCMF_FEAT_MBSS))
                        brcmf_fil_iovar_int_set(ifp, "mbss", 0);
                brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_REGULATORY,
-@@ -4658,7 +4700,7 @@ static int brcmf_cfg80211_stop_ap(struct
+@@ -4660,7 +4702,7 @@ static int brcmf_cfg80211_stop_ap(struct
                /* Bring device back up so it can be used again */
                err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_UP, 1);
                if (err < 0)
@@ -1505,7 +1505,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  
                brcmf_vif_clear_mgmt_ies(ifp->vif);
        } else {
-@@ -4667,7 +4709,7 @@ static int brcmf_cfg80211_stop_ap(struct
+@@ -4669,7 +4711,7 @@ static int brcmf_cfg80211_stop_ap(struct
                err = brcmf_fil_iovar_data_set(ifp, "bss", &bss_enable,
                                               sizeof(bss_enable));
                if (err < 0)
@@ -1514,7 +1514,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        }
        brcmf_set_mpc(ifp, 1);
        brcmf_configure_arp_nd_offload(ifp, true);
-@@ -4715,7 +4757,8 @@ brcmf_cfg80211_del_station(struct wiphy
+@@ -4717,7 +4759,8 @@ brcmf_cfg80211_del_station(struct wiphy
        err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SCB_DEAUTHENTICATE_FOR_REASON,
                                     &scbval, sizeof(scbval));
        if (err)
@@ -1524,7 +1524,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  
        brcmf_dbg(TRACE, "Exit\n");
        return err;
-@@ -4745,7 +4788,7 @@ brcmf_cfg80211_change_station(struct wip
+@@ -4747,7 +4790,7 @@ brcmf_cfg80211_change_station(struct wip
                err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_SCB_DEAUTHORIZE,
                                             (void *)mac, ETH_ALEN);
        if (err < 0)
@@ -1533,7 +1533,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  
        return err;
  }
-@@ -4795,7 +4838,7 @@ brcmf_cfg80211_mgmt_tx(struct wiphy *wip
+@@ -4797,7 +4840,7 @@ brcmf_cfg80211_mgmt_tx(struct wiphy *wip
        mgmt = (const struct ieee80211_mgmt *)buf;
  
        if (!ieee80211_is_mgmt(mgmt->frame_control)) {
@@ -1542,7 +1542,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return -EPERM;
        }
  
-@@ -4826,13 +4869,13 @@ brcmf_cfg80211_mgmt_tx(struct wiphy *wip
+@@ -4828,13 +4871,13 @@ brcmf_cfg80211_mgmt_tx(struct wiphy *wip
                                        GFP_KERNEL);
        } else if (ieee80211_is_action(mgmt->frame_control)) {
                if (len > BRCMF_FIL_ACTION_FRAME_SIZE + DOT11_MGMT_HDR_LEN) {
@@ -1558,7 +1558,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        err = -ENOMEM;
                        goto exit;
                }
-@@ -4890,7 +4933,7 @@ brcmf_cfg80211_cancel_remain_on_channel(
+@@ -4892,7 +4935,7 @@ brcmf_cfg80211_cancel_remain_on_channel(
  
        vif = cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif;
        if (vif == NULL) {
@@ -1567,7 +1567,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                err = -ENODEV;
                goto exit;
        }
-@@ -4918,7 +4961,7 @@ static int brcmf_cfg80211_get_channel(st
+@@ -4920,7 +4963,7 @@ static int brcmf_cfg80211_get_channel(st
  
        err = brcmf_fil_iovar_int_get(ifp, "chanspec", &chanspec);
        if (err) {
@@ -1576,7 +1576,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return err;
        }
  
-@@ -5057,7 +5100,7 @@ static int brcmf_cfg80211_tdls_oper(stru
+@@ -5059,7 +5102,7 @@ static int brcmf_cfg80211_tdls_oper(stru
        ret = brcmf_fil_iovar_data_set(ifp, "tdls_endpoint",
                                       &info, sizeof(info));
        if (ret < 0)
@@ -1585,7 +1585,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  
        return ret;
  }
-@@ -5078,7 +5121,7 @@ brcmf_cfg80211_update_conn_params(struct
+@@ -5080,7 +5123,7 @@ brcmf_cfg80211_update_conn_params(struct
        err = brcmf_vif_set_mgmt_ie(ifp->vif, BRCMF_VNDR_IE_ASSOCREQ_FLAG,
                                    sme->ie, sme->ie_len);
        if (err)
@@ -1594,7 +1594,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        else
                brcmf_dbg(TRACE, "Applied Vndr IEs for Assoc request\n");
  
-@@ -5104,7 +5147,7 @@ brcmf_cfg80211_set_rekey_data(struct wip
+@@ -5106,7 +5149,7 @@ brcmf_cfg80211_set_rekey_data(struct wip
        ret = brcmf_fil_iovar_data_set(ifp, "gtk_key_info", &gtk_le,
                                       sizeof(gtk_le));
        if (ret < 0)
@@ -1603,7 +1603,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  
        return ret;
  }
-@@ -5336,6 +5379,7 @@ static void brcmf_clear_assoc_ies(struct
+@@ -5338,6 +5381,7 @@ static void brcmf_clear_assoc_ies(struct
  static s32 brcmf_get_assoc_ies(struct brcmf_cfg80211_info *cfg,
                               struct brcmf_if *ifp)
  {
@@ -1611,7 +1611,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        struct brcmf_cfg80211_assoc_ielen_le *assoc_info;
        struct brcmf_cfg80211_connect_info *conn_info = cfg_to_conn(cfg);
        u32 req_len;
-@@ -5347,7 +5391,7 @@ static s32 brcmf_get_assoc_ies(struct br
+@@ -5349,7 +5393,7 @@ static s32 brcmf_get_assoc_ies(struct br
        err = brcmf_fil_iovar_data_get(ifp, "assoc_info",
                                       cfg->extra_buf, WL_ASSOC_INFO_MAX);
        if (err) {
@@ -1620,7 +1620,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return err;
        }
        assoc_info =
-@@ -5359,7 +5403,7 @@ static s32 brcmf_get_assoc_ies(struct br
+@@ -5361,7 +5405,7 @@ static s32 brcmf_get_assoc_ies(struct br
                                               cfg->extra_buf,
                                               WL_ASSOC_INFO_MAX);
                if (err) {
@@ -1629,7 +1629,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        return err;
                }
                conn_info->req_ie_len = req_len;
-@@ -5375,7 +5419,7 @@ static s32 brcmf_get_assoc_ies(struct br
+@@ -5379,7 +5423,7 @@ static s32 brcmf_get_assoc_ies(struct br
                                               cfg->extra_buf,
                                               WL_ASSOC_INFO_MAX);
                if (err) {
@@ -1638,7 +1638,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        return err;
                }
                conn_info->resp_ie_len = resp_len;
-@@ -5502,6 +5546,7 @@ brcmf_notify_connect_status_ap(struct br
+@@ -5508,6 +5552,7 @@ brcmf_notify_connect_status_ap(struct br
                               struct net_device *ndev,
                               const struct brcmf_event_msg *e, void *data)
  {
@@ -1646,7 +1646,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        static int generation;
        u32 event = e->event_code;
        u32 reason = e->reason;
-@@ -5519,7 +5564,7 @@ brcmf_notify_connect_status_ap(struct br
+@@ -5525,7 +5570,7 @@ brcmf_notify_connect_status_ap(struct br
        if (((event == BRCMF_E_ASSOC_IND) || (event == BRCMF_E_REASSOC_IND)) &&
            (reason == BRCMF_E_STATUS_SUCCESS)) {
                if (!data) {
@@ -1655,7 +1655,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        return -EINVAL;
                }
  
-@@ -5811,6 +5856,7 @@ static void init_vif_event(struct brcmf_
+@@ -5817,6 +5862,7 @@ static void init_vif_event(struct brcmf_
  
  static s32 brcmf_dongle_roam(struct brcmf_if *ifp)
  {
@@ -1663,7 +1663,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        s32 err;
        u32 bcn_timeout;
        __le32 roamtrigger[2];
-@@ -5823,7 +5869,7 @@ static s32 brcmf_dongle_roam(struct brcm
+@@ -5829,7 +5875,7 @@ static s32 brcmf_dongle_roam(struct brcm
                bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_ON;
        err = brcmf_fil_iovar_int_set(ifp, "bcn_timeout", bcn_timeout);
        if (err) {
@@ -1672,7 +1672,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto roam_setup_done;
        }
  
-@@ -5835,7 +5881,7 @@ static s32 brcmf_dongle_roam(struct brcm
+@@ -5841,7 +5887,7 @@ static s32 brcmf_dongle_roam(struct brcm
        err = brcmf_fil_iovar_int_set(ifp, "roam_off",
                                      ifp->drvr->settings->roamoff);
        if (err) {
@@ -1681,7 +1681,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto roam_setup_done;
        }
  
-@@ -5844,7 +5890,7 @@ static s32 brcmf_dongle_roam(struct brcm
+@@ -5850,7 +5896,7 @@ static s32 brcmf_dongle_roam(struct brcm
        err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_TRIGGER,
                                     (void *)roamtrigger, sizeof(roamtrigger));
        if (err) {
@@ -1690,7 +1690,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto roam_setup_done;
        }
  
-@@ -5853,7 +5899,7 @@ static s32 brcmf_dongle_roam(struct brcm
+@@ -5859,7 +5905,7 @@ static s32 brcmf_dongle_roam(struct brcm
        err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_DELTA,
                                     (void *)roam_delta, sizeof(roam_delta));
        if (err) {
@@ -1699,7 +1699,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto roam_setup_done;
        }
  
-@@ -5864,25 +5910,26 @@ roam_setup_done:
+@@ -5870,25 +5916,26 @@ roam_setup_done:
  static s32
  brcmf_dongle_scantime(struct brcmf_if *ifp)
  {
@@ -1729,7 +1729,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto dongle_scantime_out;
        }
  
-@@ -5914,10 +5961,10 @@ static void brcmf_update_bw40_channel_fl
+@@ -5920,10 +5967,10 @@ static void brcmf_update_bw40_channel_fl
  static int brcmf_construct_chaninfo(struct brcmf_cfg80211_info *cfg,
                                    u32 bw_cap[])
  {
@@ -1741,7 +1741,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        struct brcmf_chanspec_list *list;
        struct brcmu_chan ch;
        int err;
-@@ -5936,11 +5983,10 @@ static int brcmf_construct_chaninfo(stru
+@@ -5942,11 +5989,10 @@ static int brcmf_construct_chaninfo(stru
        err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
                                       BRCMF_DCMD_MEDLEN);
        if (err) {
@@ -1754,7 +1754,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        band = wiphy->bands[NL80211_BAND_2GHZ];
        if (band)
                for (i = 0; i < band->n_channels; i++)
-@@ -5960,7 +6006,8 @@ static int brcmf_construct_chaninfo(stru
+@@ -5966,7 +6012,8 @@ static int brcmf_construct_chaninfo(stru
                } else if (ch.band == BRCMU_CHAN_BAND_5G) {
                        band = wiphy->bands[NL80211_BAND_5GHZ];
                } else {
@@ -1764,7 +1764,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        continue;
                }
                if (!band)
-@@ -5983,8 +6030,8 @@ static int brcmf_construct_chaninfo(stru
+@@ -5989,8 +6036,8 @@ static int brcmf_construct_chaninfo(stru
                        /* It seems firmware supports some channel we never
                         * considered. Something new in IEEE standard?
                         */
@@ -1775,7 +1775,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        continue;
                }
  
-@@ -6030,6 +6077,7 @@ fail_pbuf:
+@@ -6036,6 +6083,7 @@ fail_pbuf:
  
  static int brcmf_enable_bw40_2g(struct brcmf_cfg80211_info *cfg)
  {
@@ -1783,7 +1783,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        struct brcmf_if *ifp = brcmf_get_ifp(cfg->pub, 0);
        struct ieee80211_supported_band *band;
        struct brcmf_fil_bwcap_le band_bwcap;
-@@ -6076,7 +6124,7 @@ static int brcmf_enable_bw40_2g(struct b
+@@ -6082,7 +6130,7 @@ static int brcmf_enable_bw40_2g(struct b
                err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
                                               BRCMF_DCMD_MEDLEN);
                if (err) {
@@ -1792,7 +1792,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        kfree(pbuf);
                        return err;
                }
-@@ -6107,6 +6155,7 @@ static int brcmf_enable_bw40_2g(struct b
+@@ -6113,6 +6161,7 @@ static int brcmf_enable_bw40_2g(struct b
  
  static void brcmf_get_bwcap(struct brcmf_if *ifp, u32 bw_cap[])
  {
@@ -1800,7 +1800,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        u32 band, mimo_bwcap;
        int err;
  
-@@ -6142,7 +6191,7 @@ static void brcmf_get_bwcap(struct brcmf
+@@ -6148,7 +6197,7 @@ static void brcmf_get_bwcap(struct brcmf
                bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_20MHZ_BIT;
                break;
        default:
@@ -1809,7 +1809,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        }
  }
  
-@@ -6218,7 +6267,7 @@ static void brcmf_update_vht_cap(struct
+@@ -6224,7 +6273,7 @@ static void brcmf_update_vht_cap(struct
  static int brcmf_setup_wiphybands(struct brcmf_cfg80211_info *cfg)
  {
        struct brcmf_if *ifp = brcmf_get_ifp(cfg->pub, 0);
@@ -1818,7 +1818,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        u32 nmode = 0;
        u32 vhtmode = 0;
        u32 bw_cap[2] = { WLC_BW_20MHZ_BIT, WLC_BW_20MHZ_BIT };
-@@ -6234,7 +6283,7 @@ static int brcmf_setup_wiphybands(struct
+@@ -6240,7 +6289,7 @@ static int brcmf_setup_wiphybands(struct
        (void)brcmf_fil_iovar_int_get(ifp, "vhtmode", &vhtmode);
        err = brcmf_fil_iovar_int_get(ifp, "nmode", &nmode);
        if (err) {
@@ -1827,7 +1827,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        } else {
                brcmf_get_bwcap(ifp, bw_cap);
        }
-@@ -6244,7 +6293,7 @@ static int brcmf_setup_wiphybands(struct
+@@ -6250,7 +6299,7 @@ static int brcmf_setup_wiphybands(struct
  
        err = brcmf_fil_iovar_int_get(ifp, "rxchain", &rxchain);
        if (err) {
@@ -1836,7 +1836,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                nchain = 1;
        } else {
                for (nchain = 0; rxchain; nchain++)
-@@ -6254,7 +6303,7 @@ static int brcmf_setup_wiphybands(struct
+@@ -6260,7 +6309,7 @@ static int brcmf_setup_wiphybands(struct
  
        err = brcmf_construct_chaninfo(cfg, bw_cap);
        if (err) {
@@ -1845,7 +1845,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return err;
        }
  
-@@ -6266,7 +6315,6 @@ static int brcmf_setup_wiphybands(struct
+@@ -6272,7 +6321,6 @@ static int brcmf_setup_wiphybands(struct
                                              &txbf_bfr_cap);
        }
  
@@ -1853,7 +1853,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        for (i = 0; i < ARRAY_SIZE(wiphy->bands); i++) {
                band = wiphy->bands[i];
                if (band == NULL)
-@@ -6467,7 +6515,7 @@ static void brcmf_wiphy_wowl_params(stru
+@@ -6473,7 +6521,7 @@ static void brcmf_wiphy_wowl_params(stru
        wowl = kmemdup(&brcmf_wowlan_support, sizeof(brcmf_wowlan_support),
                       GFP_KERNEL);
        if (!wowl) {
@@ -1862,7 +1862,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                wiphy->wowlan = &brcmf_wowlan_support;
                return;
        }
-@@ -6564,7 +6612,7 @@ static int brcmf_setup_wiphy(struct wiph
+@@ -6570,7 +6618,7 @@ static int brcmf_setup_wiphy(struct wiph
        err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BANDLIST, &bandlist,
                                     sizeof(bandlist));
        if (err) {
@@ -1871,7 +1871,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return err;
        }
        /* first entry in bandlist is number of bands */
-@@ -6613,6 +6661,7 @@ static int brcmf_setup_wiphy(struct wiph
+@@ -6619,6 +6667,7 @@ static int brcmf_setup_wiphy(struct wiph
  
  static s32 brcmf_config_dongle(struct brcmf_cfg80211_info *cfg)
  {
@@ -1879,7 +1879,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        struct net_device *ndev;
        struct wireless_dev *wdev;
        struct brcmf_if *ifp;
-@@ -6650,7 +6699,7 @@ static s32 brcmf_config_dongle(struct br
+@@ -6656,7 +6705,7 @@ static s32 brcmf_config_dongle(struct br
  
        err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_FAKEFRAG, 1);
        if (err) {
@@ -1888,7 +1888,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto default_conf_out;
        }
  
-@@ -6842,8 +6891,8 @@ static void brcmf_cfg80211_reg_notifier(
+@@ -6848,8 +6897,8 @@ static void brcmf_cfg80211_reg_notifier(
        /* ignore non-ISO3166 country codes */
        for (i = 0; i < 2; i++)
                if (req->alpha2[i] < 'A' || req->alpha2[i] > 'Z') {
@@ -1899,7 +1899,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        return;
                }
  
-@@ -6852,7 +6901,7 @@ static void brcmf_cfg80211_reg_notifier(
+@@ -6858,7 +6907,7 @@ static void brcmf_cfg80211_reg_notifier(
  
        err = brcmf_fil_iovar_data_get(ifp, "country", &ccreq, sizeof(ccreq));
        if (err) {
@@ -1908,7 +1908,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return;
        }
  
-@@ -6862,7 +6911,7 @@ static void brcmf_cfg80211_reg_notifier(
+@@ -6868,7 +6917,7 @@ static void brcmf_cfg80211_reg_notifier(
  
        err = brcmf_fil_iovar_data_set(ifp, "country", &ccreq, sizeof(ccreq));
        if (err) {
@@ -1917,7 +1917,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return;
        }
        brcmf_setup_wiphybands(cfg);
-@@ -6908,13 +6957,13 @@ struct brcmf_cfg80211_info *brcmf_cfg802
+@@ -6914,13 +6963,13 @@ struct brcmf_cfg80211_info *brcmf_cfg802
        u16 *cap = NULL;
  
        if (!ndev) {
@@ -1933,7 +1933,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return NULL;
        }
  
-@@ -6935,7 +6984,7 @@ struct brcmf_cfg80211_info *brcmf_cfg802
+@@ -6941,7 +6990,7 @@ struct brcmf_cfg80211_info *brcmf_cfg802
  
        err = wl_init_priv(cfg);
        if (err) {
@@ -1942,7 +1942,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                brcmf_free_vif(vif);
                goto wiphy_out;
        }
-@@ -6944,7 +6993,7 @@ struct brcmf_cfg80211_info *brcmf_cfg802
+@@ -6950,7 +6999,7 @@ struct brcmf_cfg80211_info *brcmf_cfg802
        /* determine d11 io type before wiphy setup */
        err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_VERSION, &io_type);
        if (err) {
@@ -1951,7 +1951,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto priv_out;
        }
        cfg->d11inf.io_type = (u8)io_type;
-@@ -6978,13 +7027,13 @@ struct brcmf_cfg80211_info *brcmf_cfg802
+@@ -6984,13 +7033,13 @@ struct brcmf_cfg80211_info *brcmf_cfg802
  #endif
        err = wiphy_register(wiphy);
        if (err < 0) {
@@ -1967,7 +1967,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto wiphy_unreg_out;
        }
  
-@@ -7002,24 +7051,24 @@ struct brcmf_cfg80211_info *brcmf_cfg802
+@@ -7008,24 +7057,24 @@ struct brcmf_cfg80211_info *brcmf_cfg802
  
        err = brcmf_fweh_activate_events(ifp);
        if (err) {
@@ -1996,7 +1996,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                brcmf_btcoex_detach(cfg);
                brcmf_p2p_detach(&cfg->p2p);
                goto wiphy_unreg_out;
-@@ -7039,7 +7088,7 @@ struct brcmf_cfg80211_info *brcmf_cfg802
+@@ -7045,7 +7094,7 @@ struct brcmf_cfg80211_info *brcmf_cfg802
        /* (re-) activate FWEH event handling */
        err = brcmf_fweh_activate_events(ifp);
        if (err) {
diff --git a/package/kernel/mac80211/patches/brcm/349-v5.1-0001-brcmfmac-assure-SSID-length-from-firmware-is-limited.patch b/package/kernel/mac80211/patches/brcm/349-v5.1-0001-brcmfmac-assure-SSID-length-from-firmware-is-limited.patch
deleted file mode 100644 (file)
index 78db268..0000000
+++ /dev/null
@@ -1,28 +0,0 @@
-From 1b5e2423164b3670e8bc9174e4762d297990deff Mon Sep 17 00:00:00 2001
-From: Arend van Spriel <arend.vanspriel@broadcom.com>
-Date: Thu, 14 Feb 2019 13:43:47 +0100
-Subject: [PATCH] brcmfmac: assure SSID length from firmware is limited
-
-The SSID length as received from firmware should not exceed
-IEEE80211_MAX_SSID_LEN as that would result in heap overflow.
-
-Reviewed-by: Hante Meuleman <hante.meuleman@broadcom.com>
-Reviewed-by: Pieter-Paul Giesberts <pieter-paul.giesberts@broadcom.com>
-Reviewed-by: Franky Lin <franky.lin@broadcom.com>
-Signed-off-by: Arend van Spriel <arend.vanspriel@broadcom.com>
-Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
----
- drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 2 ++
- 1 file changed, 2 insertions(+)
-
---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
-+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
-@@ -3499,6 +3499,8 @@ brcmf_wowl_nd_results(struct brcmf_if *i
-       }
-       netinfo = brcmf_get_netinfo_array(pfn_result);
-+      if (netinfo->SSID_len > IEEE80211_MAX_SSID_LEN)
-+              netinfo->SSID_len = IEEE80211_MAX_SSID_LEN;
-       memcpy(cfg->wowl.nd->ssid.ssid, netinfo->SSID, netinfo->SSID_len);
-       cfg->wowl.nd->ssid.ssid_len = netinfo->SSID_len;
-       cfg->wowl.nd->n_channels = 1;
diff --git a/package/kernel/mac80211/patches/brcm/349-v5.1-0002-brcmfmac-add-subtype-check-for-event-handling-in-dat.patch b/package/kernel/mac80211/patches/brcm/349-v5.1-0002-brcmfmac-add-subtype-check-for-event-handling-in-dat.patch
deleted file mode 100644 (file)
index 57946da..0000000
+++ /dev/null
@@ -1,96 +0,0 @@
-From a4176ec356c73a46c07c181c6d04039fafa34a9f Mon Sep 17 00:00:00 2001
-From: Arend van Spriel <arend.vanspriel@broadcom.com>
-Date: Thu, 14 Feb 2019 13:43:48 +0100
-Subject: [PATCH] brcmfmac: add subtype check for event handling in data path
-
-For USB there is no separate channel being used to pass events
-from firmware to the host driver and as such are passed over the
-data path. In order to detect mock event messages an additional
-check is needed on event subtype. This check is added conditionally
-using unlikely() keyword.
-
-Reviewed-by: Hante Meuleman <hante.meuleman@broadcom.com>
-Reviewed-by: Pieter-Paul Giesberts <pieter-paul.giesberts@broadcom.com>
-Reviewed-by: Franky Lin <franky.lin@broadcom.com>
-Signed-off-by: Arend van Spriel <arend.vanspriel@broadcom.com>
-Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
----
- .../wireless/broadcom/brcm80211/brcmfmac/core.c  |  5 +++--
- .../wireless/broadcom/brcm80211/brcmfmac/fweh.h  | 16 ++++++++++++----
- .../broadcom/brcm80211/brcmfmac/msgbuf.c         |  2 +-
- 3 files changed, 16 insertions(+), 7 deletions(-)
-
---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
-+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
-@@ -519,7 +519,8 @@ void brcmf_rx_frame(struct device *dev,
-       } else {
-               /* Process special event packets */
-               if (handle_event)
--                      brcmf_fweh_process_skb(ifp->drvr, skb);
-+                      brcmf_fweh_process_skb(ifp->drvr, skb,
-+                                             BCMILCP_SUBTYPE_VENDOR_LONG);
-               brcmf_netif_rx(ifp, skb);
-       }
-@@ -536,7 +537,7 @@ void brcmf_rx_event(struct device *dev,
-       if (brcmf_rx_hdrpull(drvr, skb, &ifp))
-               return;
--      brcmf_fweh_process_skb(ifp->drvr, skb);
-+      brcmf_fweh_process_skb(ifp->drvr, skb, 0);
-       brcmu_pkt_buf_free_skb(skb);
- }
---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.h
-+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.h
-@@ -211,7 +211,7 @@ enum brcmf_fweh_event_code {
-  */
- #define BRCM_OUI                              "\x00\x10\x18"
- #define BCMILCP_BCM_SUBTYPE_EVENT             1
--
-+#define BCMILCP_SUBTYPE_VENDOR_LONG           32769
- /**
-  * struct brcm_ethhdr - broadcom specific ether header.
-@@ -334,10 +334,10 @@ void brcmf_fweh_process_event(struct brc
- void brcmf_fweh_p2pdev_setup(struct brcmf_if *ifp, bool ongoing);
- static inline void brcmf_fweh_process_skb(struct brcmf_pub *drvr,
--                                        struct sk_buff *skb)
-+                                        struct sk_buff *skb, u16 stype)
- {
-       struct brcmf_event *event_packet;
--      u16 usr_stype;
-+      u16 subtype, usr_stype;
-       /* only process events when protocol matches */
-       if (skb->protocol != cpu_to_be16(ETH_P_LINK_CTL))
-@@ -346,8 +346,16 @@ static inline void brcmf_fweh_process_sk
-       if ((skb->len + ETH_HLEN) < sizeof(*event_packet))
-               return;
--      /* check for BRCM oui match */
-       event_packet = (struct brcmf_event *)skb_mac_header(skb);
-+
-+      /* check subtype if needed */
-+      if (unlikely(stype)) {
-+              subtype = get_unaligned_be16(&event_packet->hdr.subtype);
-+              if (subtype != stype)
-+                      return;
-+      }
-+
-+      /* check for BRCM oui match */
-       if (memcmp(BRCM_OUI, &event_packet->hdr.oui[0],
-                  sizeof(event_packet->hdr.oui)))
-               return;
---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/msgbuf.c
-+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/msgbuf.c
-@@ -1116,7 +1116,7 @@ static void brcmf_msgbuf_process_event(s
-       skb->protocol = eth_type_trans(skb, ifp->ndev);
--      brcmf_fweh_process_skb(ifp->drvr, skb);
-+      brcmf_fweh_process_skb(ifp->drvr, skb, 0);
- exit:
-       brcmu_pkt_buf_free_skb(skb);
index b58ec4b7e904db5c3faf2fc0a306729a02eaa343..487aa004090b046d535ab10539592b55a57c5f1f 100644 (file)
@@ -48,7 +48,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
   */
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
-@@ -1177,6 +1177,7 @@ static int brcmf_bus_started(struct brcm
+@@ -1181,6 +1181,7 @@ static int brcmf_bus_started(struct brcm
        brcmf_debugfs_add_entry(drvr, "revinfo", brcmf_revinfo_read);
        brcmf_feat_debugfs_create(drvr);
        brcmf_proto_debugfs_create(drvr);
@@ -58,7 +58,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c
-@@ -3143,9 +3143,12 @@ static int brcmf_debugfs_sdio_count_read
+@@ -3154,9 +3154,12 @@ static int brcmf_debugfs_sdio_count_read
        return 0;
  }
  
@@ -73,7 +73,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        struct dentry *dentry = brcmf_debugfs_get_devdir(drvr);
  
        if (IS_ERR_OR_NULL(dentry))
-@@ -3165,7 +3168,7 @@ static int brcmf_sdio_checkdied(struct b
+@@ -3176,7 +3179,7 @@ static int brcmf_sdio_checkdied(struct b
        return 0;
  }
  
@@ -82,7 +82,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  {
  }
  #endif /* DEBUG */
-@@ -3477,8 +3480,6 @@ static int brcmf_sdio_bus_preinit(struct
+@@ -3488,8 +3491,6 @@ static int brcmf_sdio_bus_preinit(struct
        if (bus->rxbuf)
                bus->rxblen = value;
  
@@ -91,7 +91,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        /* the commands below use the terms tx and rx from
         * a device perspective, ie. bus:txglom affects the
         * bus transfers from device to host.
-@@ -4088,6 +4089,7 @@ static const struct brcmf_bus_ops brcmf_
+@@ -4099,6 +4100,7 @@ static const struct brcmf_bus_ops brcmf_
        .get_ramsize = brcmf_sdio_bus_get_ramsize,
        .get_memdump = brcmf_sdio_bus_get_memdump,
        .get_fwname = brcmf_sdio_get_fwname,
index dce433158511a4a7ac40bf4b1bf01d9588c89863..c9757db976d777246ce3a549f61b561e89dab56a 100644 (file)
@@ -18,7 +18,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
 
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c
-@@ -2999,21 +2999,35 @@ static int brcmf_sdio_trap_info(struct s
+@@ -3010,21 +3010,35 @@ static int brcmf_sdio_trap_info(struct s
        if (error < 0)
                return error;
  
@@ -69,7 +69,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        return 0;
  }
  
-@@ -3067,8 +3081,10 @@ static int brcmf_sdio_checkdied(struct b
+@@ -3078,8 +3092,10 @@ static int brcmf_sdio_checkdied(struct b
        else if (sh.flags & SDPCM_SHARED_ASSERT)
                brcmf_err("assertion in dongle\n");
  
@@ -81,7 +81,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  
        return 0;
  }
-@@ -4199,7 +4215,7 @@ static void brcmf_sdio_firmware_callback
+@@ -4210,7 +4226,7 @@ static void brcmf_sdio_firmware_callback
        } else {
                /* Disable F2 again */
                sdio_disable_func(sdiod->func2);
@@ -90,7 +90,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        }
  
        if (brcmf_chip_sr_capable(bus->ci)) {
-@@ -4220,8 +4236,10 @@ static void brcmf_sdio_firmware_callback
+@@ -4231,8 +4247,10 @@ static void brcmf_sdio_firmware_callback
        }
  
        /* If we didn't come up, turn off backplane clock */
@@ -102,7 +102,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  
        sdio_release_host(sdiod->func1);
  
-@@ -4235,12 +4253,15 @@ static void brcmf_sdio_firmware_callback
+@@ -4246,12 +4264,15 @@ static void brcmf_sdio_firmware_callback
        err = brcmf_attach(sdiod->dev, sdiod->settings);
        if (err != 0) {
                brcmf_err("brcmf_attach failed\n");
index 4e492465544c4fa0d55be0ddc0bcf869d82350a6..b28ff817eaf2e259a335687cb30e3dd0085c9e42 100644 (file)
@@ -18,7 +18,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
 
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
-@@ -6043,11 +6043,18 @@ static int brcmf_construct_chaninfo(stru
+@@ -6047,11 +6047,18 @@ static int brcmf_construct_chaninfo(stru
                /* assuming the chanspecs order is HT20,
                 * HT40 upper, HT40 lower, and VHT80.
                 */
index a809378d13805d79d41b759f04adbaec394ebf08..3d92f80b3eb63a32575273362f525f95a234cc1c 100644 (file)
@@ -18,7 +18,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
 
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
-@@ -6044,6 +6044,9 @@ static int brcmf_construct_chaninfo(stru
+@@ -6048,6 +6048,9 @@ static int brcmf_construct_chaninfo(stru
                 * HT40 upper, HT40 lower, and VHT80.
                 */
                switch (ch.bw) {
index 27931db84061cba235d0da7b066abf00f00fb89a..bab3b3a20429a227e80f7867b0ef659c62208c2a 100644 (file)
@@ -1891,7 +1891,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        return err;
                }
                conn_info->req_ie_len = req_len;
-@@ -5421,7 +5465,7 @@ static s32 brcmf_get_assoc_ies(struct br
+@@ -5423,7 +5467,7 @@ static s32 brcmf_get_assoc_ies(struct br
                                               cfg->extra_buf,
                                               WL_ASSOC_INFO_MAX);
                if (err) {
@@ -1900,7 +1900,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        return err;
                }
                conn_info->resp_ie_len = resp_len;
-@@ -5548,7 +5592,7 @@ brcmf_notify_connect_status_ap(struct br
+@@ -5552,7 +5596,7 @@ brcmf_notify_connect_status_ap(struct br
                               struct net_device *ndev,
                               const struct brcmf_event_msg *e, void *data)
  {
@@ -1909,7 +1909,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        static int generation;
        u32 event = e->event_code;
        u32 reason = e->reason;
-@@ -5566,7 +5610,7 @@ brcmf_notify_connect_status_ap(struct br
+@@ -5570,7 +5614,7 @@ brcmf_notify_connect_status_ap(struct br
        if (((event == BRCMF_E_ASSOC_IND) || (event == BRCMF_E_REASSOC_IND)) &&
            (reason == BRCMF_E_STATUS_SUCCESS)) {
                if (!data) {
@@ -1918,7 +1918,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        return -EINVAL;
                }
  
-@@ -5858,7 +5902,7 @@ static void init_vif_event(struct brcmf_
+@@ -5862,7 +5906,7 @@ static void init_vif_event(struct brcmf_
  
  static s32 brcmf_dongle_roam(struct brcmf_if *ifp)
  {
@@ -1927,7 +1927,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        s32 err;
        u32 bcn_timeout;
        __le32 roamtrigger[2];
-@@ -5871,7 +5915,7 @@ static s32 brcmf_dongle_roam(struct brcm
+@@ -5875,7 +5919,7 @@ static s32 brcmf_dongle_roam(struct brcm
                bcn_timeout = BRCMF_DEFAULT_BCN_TIMEOUT_ROAM_ON;
        err = brcmf_fil_iovar_int_set(ifp, "bcn_timeout", bcn_timeout);
        if (err) {
@@ -1936,7 +1936,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto roam_setup_done;
        }
  
-@@ -5883,7 +5927,7 @@ static s32 brcmf_dongle_roam(struct brcm
+@@ -5887,7 +5931,7 @@ static s32 brcmf_dongle_roam(struct brcm
        err = brcmf_fil_iovar_int_set(ifp, "roam_off",
                                      ifp->drvr->settings->roamoff);
        if (err) {
@@ -1945,7 +1945,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto roam_setup_done;
        }
  
-@@ -5892,7 +5936,7 @@ static s32 brcmf_dongle_roam(struct brcm
+@@ -5896,7 +5940,7 @@ static s32 brcmf_dongle_roam(struct brcm
        err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_TRIGGER,
                                     (void *)roamtrigger, sizeof(roamtrigger));
        if (err) {
@@ -1954,7 +1954,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto roam_setup_done;
        }
  
-@@ -5901,7 +5945,7 @@ static s32 brcmf_dongle_roam(struct brcm
+@@ -5905,7 +5949,7 @@ static s32 brcmf_dongle_roam(struct brcm
        err = brcmf_fil_cmd_data_set(ifp, BRCMF_C_SET_ROAM_DELTA,
                                     (void *)roam_delta, sizeof(roam_delta));
        if (err) {
@@ -1963,7 +1963,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto roam_setup_done;
        }
  
-@@ -5912,26 +5956,26 @@ roam_setup_done:
+@@ -5916,26 +5960,26 @@ roam_setup_done:
  static s32
  brcmf_dongle_scantime(struct brcmf_if *ifp)
  {
@@ -1994,7 +1994,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto dongle_scantime_out;
        }
  
-@@ -5964,7 +6008,8 @@ static int brcmf_construct_chaninfo(stru
+@@ -5968,7 +6012,8 @@ static int brcmf_construct_chaninfo(stru
                                    u32 bw_cap[])
  {
        struct wiphy *wiphy = cfg_to_wiphy(cfg);
@@ -2004,7 +2004,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        struct ieee80211_supported_band *band;
        struct ieee80211_channel *channel;
        struct brcmf_chanspec_list *list;
-@@ -5985,7 +6030,7 @@ static int brcmf_construct_chaninfo(stru
+@@ -5989,7 +6034,7 @@ static int brcmf_construct_chaninfo(stru
        err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
                                       BRCMF_DCMD_MEDLEN);
        if (err) {
@@ -2013,7 +2013,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto fail_pbuf;
        }
  
-@@ -6008,7 +6053,7 @@ static int brcmf_construct_chaninfo(stru
+@@ -6012,7 +6057,7 @@ static int brcmf_construct_chaninfo(stru
                } else if (ch.band == BRCMU_CHAN_BAND_5G) {
                        band = wiphy->bands[NL80211_BAND_5GHZ];
                } else {
@@ -2022,7 +2022,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                                 ch.chspec);
                        continue;
                }
-@@ -6032,7 +6077,7 @@ static int brcmf_construct_chaninfo(stru
+@@ -6036,7 +6081,7 @@ static int brcmf_construct_chaninfo(stru
                        /* It seems firmware supports some channel we never
                         * considered. Something new in IEEE standard?
                         */
@@ -2031,7 +2031,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                                 ch.control_ch_num);
                        continue;
                }
-@@ -6089,8 +6134,8 @@ fail_pbuf:
+@@ -6093,8 +6138,8 @@ fail_pbuf:
  
  static int brcmf_enable_bw40_2g(struct brcmf_cfg80211_info *cfg)
  {
@@ -2042,7 +2042,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        struct ieee80211_supported_band *band;
        struct brcmf_fil_bwcap_le band_bwcap;
        struct brcmf_chanspec_list *list;
-@@ -6136,7 +6181,7 @@ static int brcmf_enable_bw40_2g(struct b
+@@ -6140,7 +6185,7 @@ static int brcmf_enable_bw40_2g(struct b
                err = brcmf_fil_iovar_data_get(ifp, "chanspecs", pbuf,
                                               BRCMF_DCMD_MEDLEN);
                if (err) {
@@ -2051,7 +2051,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        kfree(pbuf);
                        return err;
                }
-@@ -6167,7 +6212,7 @@ static int brcmf_enable_bw40_2g(struct b
+@@ -6171,7 +6216,7 @@ static int brcmf_enable_bw40_2g(struct b
  
  static void brcmf_get_bwcap(struct brcmf_if *ifp, u32 bw_cap[])
  {
@@ -2060,7 +2060,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        u32 band, mimo_bwcap;
        int err;
  
-@@ -6203,7 +6248,7 @@ static void brcmf_get_bwcap(struct brcmf
+@@ -6207,7 +6252,7 @@ static void brcmf_get_bwcap(struct brcmf
                bw_cap[NL80211_BAND_5GHZ] |= WLC_BW_20MHZ_BIT;
                break;
        default:
@@ -2069,7 +2069,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        }
  }
  
-@@ -6278,7 +6323,8 @@ static void brcmf_update_vht_cap(struct
+@@ -6282,7 +6327,8 @@ static void brcmf_update_vht_cap(struct
  
  static int brcmf_setup_wiphybands(struct brcmf_cfg80211_info *cfg)
  {
@@ -2079,7 +2079,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        struct wiphy *wiphy = cfg_to_wiphy(cfg);
        u32 nmode = 0;
        u32 vhtmode = 0;
-@@ -6295,7 +6341,7 @@ static int brcmf_setup_wiphybands(struct
+@@ -6299,7 +6345,7 @@ static int brcmf_setup_wiphybands(struct
        (void)brcmf_fil_iovar_int_get(ifp, "vhtmode", &vhtmode);
        err = brcmf_fil_iovar_int_get(ifp, "nmode", &nmode);
        if (err) {
@@ -2088,7 +2088,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        } else {
                brcmf_get_bwcap(ifp, bw_cap);
        }
-@@ -6305,7 +6351,7 @@ static int brcmf_setup_wiphybands(struct
+@@ -6309,7 +6355,7 @@ static int brcmf_setup_wiphybands(struct
  
        err = brcmf_fil_iovar_int_get(ifp, "rxchain", &rxchain);
        if (err) {
@@ -2097,7 +2097,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                nchain = 1;
        } else {
                for (nchain = 0; rxchain; nchain++)
-@@ -6315,7 +6361,7 @@ static int brcmf_setup_wiphybands(struct
+@@ -6319,7 +6365,7 @@ static int brcmf_setup_wiphybands(struct
  
        err = brcmf_construct_chaninfo(cfg, bw_cap);
        if (err) {
@@ -2106,7 +2106,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return err;
        }
  
-@@ -6522,12 +6568,13 @@ static void brcmf_wiphy_wowl_params(stru
+@@ -6526,12 +6572,13 @@ static void brcmf_wiphy_wowl_params(stru
  {
  #ifdef CONFIG_PM
        struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
@@ -2121,7 +2121,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                wiphy->wowlan = &brcmf_wowlan_support;
                return;
        }
-@@ -6624,7 +6671,7 @@ static int brcmf_setup_wiphy(struct wiph
+@@ -6628,7 +6675,7 @@ static int brcmf_setup_wiphy(struct wiph
        err = brcmf_fil_cmd_data_get(ifp, BRCMF_C_GET_BANDLIST, &bandlist,
                                     sizeof(bandlist));
        if (err) {
@@ -2130,7 +2130,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return err;
        }
        /* first entry in bandlist is number of bands */
-@@ -6673,7 +6720,7 @@ static int brcmf_setup_wiphy(struct wiph
+@@ -6677,7 +6724,7 @@ static int brcmf_setup_wiphy(struct wiph
  
  static s32 brcmf_config_dongle(struct brcmf_cfg80211_info *cfg)
  {
@@ -2139,7 +2139,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        struct net_device *ndev;
        struct wireless_dev *wdev;
        struct brcmf_if *ifp;
-@@ -6711,7 +6758,7 @@ static s32 brcmf_config_dongle(struct br
+@@ -6715,7 +6762,7 @@ static s32 brcmf_config_dongle(struct br
  
        err = brcmf_fil_cmd_int_set(ifp, BRCMF_C_SET_FAKEFRAG, 1);
        if (err) {
@@ -2148,7 +2148,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto default_conf_out;
        }
  
-@@ -6892,6 +6939,7 @@ static void brcmf_cfg80211_reg_notifier(
+@@ -6896,6 +6943,7 @@ static void brcmf_cfg80211_reg_notifier(
  {
        struct brcmf_cfg80211_info *cfg = wiphy_to_cfg(wiphy);
        struct brcmf_if *ifp = brcmf_get_ifp(cfg->pub, 0);
@@ -2156,7 +2156,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        struct brcmf_fil_country_le ccreq;
        s32 err;
        int i;
-@@ -6903,7 +6951,7 @@ static void brcmf_cfg80211_reg_notifier(
+@@ -6907,7 +6955,7 @@ static void brcmf_cfg80211_reg_notifier(
        /* ignore non-ISO3166 country codes */
        for (i = 0; i < 2; i++)
                if (req->alpha2[i] < 'A' || req->alpha2[i] > 'Z') {
@@ -2165,7 +2165,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                                 req->alpha2[0], req->alpha2[1]);
                        return;
                }
-@@ -6913,7 +6961,7 @@ static void brcmf_cfg80211_reg_notifier(
+@@ -6917,7 +6965,7 @@ static void brcmf_cfg80211_reg_notifier(
  
        err = brcmf_fil_iovar_data_get(ifp, "country", &ccreq, sizeof(ccreq));
        if (err) {
@@ -2174,7 +2174,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return;
        }
  
-@@ -6923,7 +6971,7 @@ static void brcmf_cfg80211_reg_notifier(
+@@ -6927,7 +6975,7 @@ static void brcmf_cfg80211_reg_notifier(
  
        err = brcmf_fil_iovar_data_set(ifp, "country", &ccreq, sizeof(ccreq));
        if (err) {
@@ -2183,7 +2183,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return;
        }
        brcmf_setup_wiphybands(cfg);
-@@ -6969,13 +7017,13 @@ struct brcmf_cfg80211_info *brcmf_cfg802
+@@ -6973,13 +7021,13 @@ struct brcmf_cfg80211_info *brcmf_cfg802
        u16 *cap = NULL;
  
        if (!ndev) {
@@ -2199,7 +2199,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return NULL;
        }
  
-@@ -6996,7 +7044,7 @@ struct brcmf_cfg80211_info *brcmf_cfg802
+@@ -7000,7 +7048,7 @@ struct brcmf_cfg80211_info *brcmf_cfg802
  
        err = wl_init_priv(cfg);
        if (err) {
@@ -2208,7 +2208,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                brcmf_free_vif(vif);
                goto wiphy_out;
        }
-@@ -7005,7 +7053,7 @@ struct brcmf_cfg80211_info *brcmf_cfg802
+@@ -7009,7 +7057,7 @@ struct brcmf_cfg80211_info *brcmf_cfg802
        /* determine d11 io type before wiphy setup */
        err = brcmf_fil_cmd_int_get(ifp, BRCMF_C_GET_VERSION, &io_type);
        if (err) {
@@ -2217,7 +2217,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto priv_out;
        }
        cfg->d11inf.io_type = (u8)io_type;
-@@ -7039,13 +7087,13 @@ struct brcmf_cfg80211_info *brcmf_cfg802
+@@ -7043,13 +7091,13 @@ struct brcmf_cfg80211_info *brcmf_cfg802
  #endif
        err = wiphy_register(wiphy);
        if (err < 0) {
@@ -2233,7 +2233,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto wiphy_unreg_out;
        }
  
-@@ -7063,24 +7111,24 @@ struct brcmf_cfg80211_info *brcmf_cfg802
+@@ -7067,24 +7115,24 @@ struct brcmf_cfg80211_info *brcmf_cfg802
  
        err = brcmf_fweh_activate_events(ifp);
        if (err) {
@@ -2262,7 +2262,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                brcmf_btcoex_detach(cfg);
                brcmf_p2p_detach(&cfg->p2p);
                goto wiphy_unreg_out;
-@@ -7100,7 +7148,7 @@ struct brcmf_cfg80211_info *brcmf_cfg802
+@@ -7104,7 +7152,7 @@ struct brcmf_cfg80211_info *brcmf_cfg802
        /* (re-) activate FWEH event handling */
        err = brcmf_fweh_activate_events(ifp);
        if (err) {
index 5836f6ab870b4b567d80431cf6dddbe2b0032a34..5eaf51186862382022dc7f4ec3178436b73ac013 100644 (file)
@@ -408,15 +408,15 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        brcmf_net_detach(ifp->ndev, false);
                        drvr->iflist[bsscfgidx] = NULL;
 @@ -864,7 +866,7 @@ static void brcmf_del_if(struct brcmf_pu
        ifp = drvr->iflist[bsscfgidx];
-       drvr->iflist[bsscfgidx] = NULL;
        if (!ifp) {
 -              brcmf_err("Null interface, bsscfgidx=%d\n", bsscfgidx);
 +              bphy_err(drvr, "Null interface, bsscfgidx=%d\n", bsscfgidx);
                return;
        }
        brcmf_dbg(TRACE, "Enter, bsscfgidx=%d, ifidx=%d\n", bsscfgidx,
-@@ -914,16 +916,17 @@ static int brcmf_psm_watchdog_notify(str
+@@ -918,16 +920,17 @@ static int brcmf_psm_watchdog_notify(str
                                     const struct brcmf_event_msg *evtmsg,
                                     void *data)
  {
@@ -436,7 +436,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  
        return err;
  }
-@@ -967,7 +970,7 @@ static int brcmf_inetaddr_changed(struct
+@@ -971,7 +974,7 @@ static int brcmf_inetaddr_changed(struct
        ret = brcmf_fil_iovar_data_get(ifp, "arp_hostip", addr_table,
                                       sizeof(addr_table));
        if (ret) {
@@ -445,7 +445,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return NOTIFY_OK;
        }
  
-@@ -984,7 +987,7 @@ static int brcmf_inetaddr_changed(struct
+@@ -988,7 +991,7 @@ static int brcmf_inetaddr_changed(struct
                        ret = brcmf_fil_iovar_data_set(ifp, "arp_hostip",
                                &ifa->ifa_address, sizeof(ifa->ifa_address));
                        if (ret)
@@ -454,7 +454,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                }
                break;
        case NETDEV_DOWN:
-@@ -996,8 +999,8 @@ static int brcmf_inetaddr_changed(struct
+@@ -1000,8 +1003,8 @@ static int brcmf_inetaddr_changed(struct
                        ret = brcmf_fil_iovar_data_set(ifp, "arp_hostip_clear",
                                                       NULL, 0);
                        if (ret) {
@@ -465,7 +465,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                                return NOTIFY_OK;
                        }
                        for (i = 0; i < ARPOL_MAX_ENTRIES; i++) {
-@@ -1007,8 +1010,8 @@ static int brcmf_inetaddr_changed(struct
+@@ -1011,8 +1014,8 @@ static int brcmf_inetaddr_changed(struct
                                                               &addr_table[i],
                                                               sizeof(addr_table[i]));
                                if (ret)
@@ -476,7 +476,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        }
                }
                break;
-@@ -1182,7 +1185,7 @@ static int brcmf_bus_started(struct brcm
+@@ -1186,7 +1189,7 @@ static int brcmf_bus_started(struct brcm
        return 0;
  
  fail:
@@ -485,7 +485,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        if (drvr->config) {
                brcmf_cfg80211_detach(drvr->config);
                drvr->config = NULL;
-@@ -1234,7 +1237,7 @@ int brcmf_attach(struct device *dev, str
+@@ -1238,7 +1241,7 @@ int brcmf_attach(struct device *dev, str
        /* Attach and link in the protocol */
        ret = brcmf_proto_attach(drvr);
        if (ret != 0) {
@@ -494,7 +494,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto fail;
        }
  
-@@ -1247,7 +1250,7 @@ int brcmf_attach(struct device *dev, str
+@@ -1251,7 +1254,7 @@ int brcmf_attach(struct device *dev, str
  
        ret = brcmf_bus_started(drvr, ops);
        if (ret != 0) {
@@ -503,7 +503,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                goto fail;
        }
  
-@@ -1347,6 +1350,7 @@ static int brcmf_get_pend_8021x_cnt(stru
+@@ -1353,6 +1356,7 @@ static int brcmf_get_pend_8021x_cnt(stru
  
  int brcmf_netdev_wait_pend8021x(struct brcmf_if *ifp)
  {
@@ -511,7 +511,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        int err;
  
        err = wait_event_timeout(ifp->pend_8021x_wait,
-@@ -1354,7 +1358,7 @@ int brcmf_netdev_wait_pend8021x(struct b
+@@ -1360,7 +1364,7 @@ int brcmf_netdev_wait_pend8021x(struct b
                                 MAX_WAIT_FOR_8021X_TX);
  
        if (!err)
@@ -690,7 +690,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                  ifp->bsscfgidx, name, len);
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwsignal.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwsignal.c
-@@ -1255,6 +1255,7 @@ static int brcmf_fws_enq(struct brcmf_fw
+@@ -1259,6 +1259,7 @@ static int brcmf_fws_enq(struct brcmf_fw
                         enum brcmf_fws_skb_state state, int fifo,
                         struct sk_buff *p)
  {
@@ -698,7 +698,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        int prec = 2 * fifo;
        u32 *qfull_stat = &fws->stats.delayq_full_error;
        struct brcmf_fws_mac_descriptor *entry;
-@@ -1267,7 +1268,7 @@ static int brcmf_fws_enq(struct brcmf_fw
+@@ -1271,7 +1272,7 @@ static int brcmf_fws_enq(struct brcmf_fw
  
        entry = brcmf_skbcb(p)->mac;
        if (entry == NULL) {
@@ -707,7 +707,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return -ENOENT;
        }
  
-@@ -1457,6 +1458,7 @@ static int
+@@ -1461,6 +1462,7 @@ static int
  brcmf_fws_txs_process(struct brcmf_fws_info *fws, u8 flags, u32 hslot,
                      u32 genbit, u16 seq, u8 compcnt)
  {
@@ -715,7 +715,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        u32 fifo;
        u8 cnt = 0;
        int ret;
-@@ -1481,14 +1483,14 @@ brcmf_fws_txs_process(struct brcmf_fws_i
+@@ -1485,14 +1487,14 @@ brcmf_fws_txs_process(struct brcmf_fws_i
        else if (flags == BRCMF_FWS_TXSTATUS_HOST_TOSSED)
                fws->stats.txs_host_tossed += compcnt;
        else
@@ -733,7 +733,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        goto cont;
                }
  
-@@ -1612,12 +1614,13 @@ static int brcmf_fws_notify_credit_map(s
+@@ -1616,12 +1618,13 @@ static int brcmf_fws_notify_credit_map(s
                                       const struct brcmf_event_msg *e,
                                       void *data)
  {
@@ -749,7 +749,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                return -EINVAL;
        }
  
-@@ -1681,6 +1684,7 @@ static void brcmf_rxreorder_get_skb_list
+@@ -1685,6 +1688,7 @@ static void brcmf_rxreorder_get_skb_list
  
  void brcmf_fws_rxreorder(struct brcmf_if *ifp, struct sk_buff *pkt)
  {
@@ -757,7 +757,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        u8 *reorder_data;
        u8 flow_id, max_idx, cur_idx, exp_idx, end_idx;
        struct brcmf_ampdu_rx_reorder *rfi;
-@@ -1695,7 +1699,7 @@ void brcmf_fws_rxreorder(struct brcmf_if
+@@ -1699,7 +1703,7 @@ void brcmf_fws_rxreorder(struct brcmf_if
  
        /* validate flags and flow id */
        if (flags == 0xFF) {
@@ -766,7 +766,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                brcmf_netif_rx(ifp, pkt);
                return;
        }
-@@ -1732,7 +1736,7 @@ void brcmf_fws_rxreorder(struct brcmf_if
+@@ -1736,7 +1740,7 @@ void brcmf_fws_rxreorder(struct brcmf_if
                          flow_id, max_idx);
                rfi = kzalloc(buf_size, GFP_ATOMIC);
                if (rfi == NULL) {
@@ -775,7 +775,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                        brcmf_netif_rx(ifp, pkt);
                        return;
                }
-@@ -1996,6 +2000,7 @@ static u8 brcmf_fws_precommit_skb(struct
+@@ -2000,6 +2004,7 @@ static u8 brcmf_fws_precommit_skb(struct
  static void brcmf_fws_rollback_toq(struct brcmf_fws_info *fws,
                                   struct sk_buff *skb, int fifo)
  {
@@ -783,7 +783,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        struct brcmf_fws_mac_descriptor *entry;
        struct sk_buff *pktout;
        int qidx, hslot;
-@@ -2009,11 +2014,11 @@ static void brcmf_fws_rollback_toq(struc
+@@ -2013,11 +2018,11 @@ static void brcmf_fws_rollback_toq(struc
  
                pktout = brcmu_pktq_penq_head(&entry->psq, qidx, skb);
                if (pktout == NULL) {
@@ -797,7 +797,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                rc = -ENOENT;
        }
  
-@@ -2118,7 +2123,8 @@ static int brcmf_fws_assign_htod(struct
+@@ -2122,7 +2127,8 @@ static int brcmf_fws_assign_htod(struct
  
  int brcmf_fws_process_skb(struct brcmf_if *ifp, struct sk_buff *skb)
  {
@@ -807,7 +807,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        struct brcmf_skbuff_cb *skcb = brcmf_skbcb(skb);
        struct ethhdr *eh = (struct ethhdr *)(skb->data);
        int fifo = BRCMF_FWS_FIFO_BCMC;
-@@ -2146,7 +2152,7 @@ int brcmf_fws_process_skb(struct brcmf_i
+@@ -2150,7 +2156,7 @@ int brcmf_fws_process_skb(struct brcmf_i
                brcmf_fws_enq(fws, BRCMF_FWS_SKBSTATE_DELAYED, fifo, skb);
                brcmf_fws_schedule_deq(fws);
        } else {
@@ -816,7 +816,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                brcmf_txfinalize(ifp, skb, false);
                rc = -ENOMEM;
        }
-@@ -2365,7 +2371,7 @@ struct brcmf_fws_info *brcmf_fws_attach(
+@@ -2371,7 +2377,7 @@ struct brcmf_fws_info *brcmf_fws_attach(
  
        fws->fws_wq = create_singlethread_workqueue("brcmf_fws_wq");
        if (fws->fws_wq == NULL) {
@@ -825,7 +825,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                rc = -EBADF;
                goto fail;
        }
-@@ -2381,13 +2387,13 @@ struct brcmf_fws_info *brcmf_fws_attach(
+@@ -2387,13 +2393,13 @@ struct brcmf_fws_info *brcmf_fws_attach(
        rc = brcmf_fweh_register(drvr, BRCMF_E_FIFO_CREDIT_MAP,
                                 brcmf_fws_notify_credit_map);
        if (rc < 0) {
@@ -841,7 +841,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                brcmf_fweh_unregister(drvr, BRCMF_E_FIFO_CREDIT_MAP);
                goto fail;
        }
-@@ -2399,7 +2405,7 @@ struct brcmf_fws_info *brcmf_fws_attach(
+@@ -2405,7 +2411,7 @@ struct brcmf_fws_info *brcmf_fws_attach(
        fws->fw_signals = true;
        ifp = brcmf_get_ifp(drvr, 0);
        if (brcmf_fil_iovar_int_set(ifp, "tlv", tlv)) {
index 595b8948c71541bab6dfaa564bfd8a09f5f66faa..ea423e310b5c1a161d8501495fe48a202ad4c8eb 100644 (file)
@@ -36,7 +36,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  void brcmf_bus_change_state(struct brcmf_bus *bus, enum brcmf_bus_state state);
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
-@@ -1294,6 +1294,16 @@ void brcmf_dev_coredump(struct device *d
+@@ -1298,6 +1298,16 @@ void brcmf_dev_coredump(struct device *d
                brcmf_dbg(TRACE, "failed to create coredump\n");
  }
  
@@ -66,7 +66,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c
-@@ -1090,8 +1090,8 @@ static u32 brcmf_sdio_hostmail(struct br
+@@ -1101,8 +1101,8 @@ static u32 brcmf_sdio_hostmail(struct br
  
        /* dongle indicates the firmware has halted/crashed */
        if (hmb_data & HMB_DATA_FWHALT) {
index 5617d141b3dea1147e5f2be3de9c672e03c159ea..2179d6e63aa7ef4704b23b80d826db73e611af4f 100644 (file)
@@ -49,7 +49,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
   */
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
-@@ -1105,6 +1105,14 @@ static int brcmf_revinfo_read(struct seq
+@@ -1109,6 +1109,14 @@ static int brcmf_revinfo_read(struct seq
        return 0;
  }
  
@@ -64,7 +64,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
  static int brcmf_bus_started(struct brcmf_pub *drvr, struct cfg80211_ops *ops)
  {
        int ret = -1;
-@@ -1176,6 +1184,8 @@ static int brcmf_bus_started(struct brcm
+@@ -1180,6 +1188,8 @@ static int brcmf_bus_started(struct brcm
  #endif
  #endif /* CONFIG_INET */
  
@@ -73,7 +73,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
        /* populate debugfs */
        brcmf_debugfs_add_entry(drvr, "revinfo", brcmf_revinfo_read);
        brcmf_feat_debugfs_create(drvr);
-@@ -1302,6 +1312,8 @@ void brcmf_fw_crashed(struct device *dev
+@@ -1306,6 +1316,8 @@ void brcmf_fw_crashed(struct device *dev
        bphy_err(drvr, "Firmware has halted or crashed\n");
  
        brcmf_dev_coredump(dev);
diff --git a/package/kernel/mac80211/patches/brcm/361-v5.2-0001-brcmfmac-fix-WARNING-during-USB-disconnect-in-case-o.patch b/package/kernel/mac80211/patches/brcm/361-v5.2-0001-brcmfmac-fix-WARNING-during-USB-disconnect-in-case-o.patch
deleted file mode 100644 (file)
index cb4b5c9..0000000
+++ /dev/null
@@ -1,124 +0,0 @@
-From c80d26e81ef1802f30364b4ad1955c1443a592b9 Mon Sep 17 00:00:00 2001
-From: Piotr Figiel <p.figiel@camlintechnologies.com>
-Date: Mon, 4 Mar 2019 15:42:49 +0000
-Subject: [PATCH] brcmfmac: fix WARNING during USB disconnect in case of
- unempty psq
-
-brcmu_pkt_buf_free_skb emits WARNING when attempting to free a sk_buff
-which is part of any queue. After USB disconnect this may have happened
-when brcmf_fws_hanger_cleanup() is called as per-interface psq was never
-cleaned when removing the interface.
-Change brcmf_fws_macdesc_cleanup() in a way that it removes the
-corresponding packets from hanger table (to avoid double-free when
-brcmf_fws_hanger_cleanup() is called) and add a call to clean-up the
-interface specific packet queue.
-
-Below is a WARNING during USB disconnect with Raspberry Pi WiFi dongle
-running in AP mode. This was reproducible when the interface was
-transmitting during the disconnect and is fixed with this commit.
-
-------------[ cut here ]------------
-WARNING: CPU: 0 PID: 1171 at drivers/net/wireless/broadcom/brcm80211/brcmutil/utils.c:49 brcmu_pkt_buf_free_skb+0x3c/0x40
-Modules linked in: nf_log_ipv4 nf_log_common xt_LOG xt_limit iptable_mangle xt_connmark xt_tcpudp xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 iptable_filter ip_tables x_tables usb_f_mass_storage usb_f_rndis u_ether cdc_acm smsc95xx usbnet ci_hdrc_imx ci_hdrc ulpi usbmisc_imx 8250_exar 8250_pci 8250 8250_base libcomposite configfs udc_core
-CPU: 0 PID: 1171 Comm: kworker/0:0 Not tainted 4.19.23-00075-gde33ed8 #99
-Hardware name: Freescale i.MX6 Quad/DualLite (Device Tree)
-Workqueue: usb_hub_wq hub_event
-[<8010ff84>] (unwind_backtrace) from [<8010bb64>] (show_stack+0x10/0x14)
-[<8010bb64>] (show_stack) from [<80840278>] (dump_stack+0x88/0x9c)
-[<80840278>] (dump_stack) from [<8011f5ec>] (__warn+0xfc/0x114)
-[<8011f5ec>] (__warn) from [<8011f71c>] (warn_slowpath_null+0x40/0x48)
-[<8011f71c>] (warn_slowpath_null) from [<805a476c>] (brcmu_pkt_buf_free_skb+0x3c/0x40)
-[<805a476c>] (brcmu_pkt_buf_free_skb) from [<805bb6c4>] (brcmf_fws_cleanup+0x1e4/0x22c)
-[<805bb6c4>] (brcmf_fws_cleanup) from [<805bc854>] (brcmf_fws_del_interface+0x58/0x68)
-[<805bc854>] (brcmf_fws_del_interface) from [<805b66ac>] (brcmf_remove_interface+0x40/0x150)
-[<805b66ac>] (brcmf_remove_interface) from [<805b6870>] (brcmf_detach+0x6c/0xb0)
-[<805b6870>] (brcmf_detach) from [<805bdbb8>] (brcmf_usb_disconnect+0x30/0x4c)
-[<805bdbb8>] (brcmf_usb_disconnect) from [<805e5d64>] (usb_unbind_interface+0x5c/0x1e0)
-[<805e5d64>] (usb_unbind_interface) from [<804aab10>] (device_release_driver_internal+0x154/0x1ec)
-[<804aab10>] (device_release_driver_internal) from [<804a97f4>] (bus_remove_device+0xcc/0xf8)
-[<804a97f4>] (bus_remove_device) from [<804a6fc0>] (device_del+0x118/0x308)
-[<804a6fc0>] (device_del) from [<805e488c>] (usb_disable_device+0xa0/0x1c8)
-[<805e488c>] (usb_disable_device) from [<805dcf98>] (usb_disconnect+0x70/0x1d8)
-[<805dcf98>] (usb_disconnect) from [<805ddd84>] (hub_event+0x464/0xf50)
-[<805ddd84>] (hub_event) from [<80135a70>] (process_one_work+0x138/0x3f8)
-[<80135a70>] (process_one_work) from [<80135d5c>] (worker_thread+0x2c/0x554)
-[<80135d5c>] (worker_thread) from [<8013b1a0>] (kthread+0x124/0x154)
-[<8013b1a0>] (kthread) from [<801010e8>] (ret_from_fork+0x14/0x2c)
-Exception stack(0xecf8dfb0 to 0xecf8dff8)
-dfa0:                                     00000000 00000000 00000000 00000000
-dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
-dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
----[ end trace 38d234018e9e2a90 ]---
-------------[ cut here ]------------
-
-Signed-off-by: Piotr Figiel <p.figiel@camlintechnologies.com>
-Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
----
- .../broadcom/brcm80211/brcmfmac/fwsignal.c    | 42 +++++++++++--------
- 1 file changed, 24 insertions(+), 18 deletions(-)
-
---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwsignal.c
-+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwsignal.c
-@@ -580,24 +580,6 @@ static bool brcmf_fws_ifidx_match(struct
-       return ifidx == *(int *)arg;
- }
--static void brcmf_fws_psq_flush(struct brcmf_fws_info *fws, struct pktq *q,
--                              int ifidx)
--{
--      bool (*matchfn)(struct sk_buff *, void *) = NULL;
--      struct sk_buff *skb;
--      int prec;
--
--      if (ifidx != -1)
--              matchfn = brcmf_fws_ifidx_match;
--      for (prec = 0; prec < q->num_prec; prec++) {
--              skb = brcmu_pktq_pdeq_match(q, prec, matchfn, &ifidx);
--              while (skb) {
--                      brcmu_pkt_buf_free_skb(skb);
--                      skb = brcmu_pktq_pdeq_match(q, prec, matchfn, &ifidx);
--              }
--      }
--}
--
- static void brcmf_fws_hanger_init(struct brcmf_fws_hanger *hanger)
- {
-       int i;
-@@ -669,6 +651,28 @@ static inline int brcmf_fws_hanger_poppk
-       return 0;
- }
-+static void brcmf_fws_psq_flush(struct brcmf_fws_info *fws, struct pktq *q,
-+                              int ifidx)
-+{
-+      bool (*matchfn)(struct sk_buff *, void *) = NULL;
-+      struct sk_buff *skb;
-+      int prec;
-+      u32 hslot;
-+
-+      if (ifidx != -1)
-+              matchfn = brcmf_fws_ifidx_match;
-+      for (prec = 0; prec < q->num_prec; prec++) {
-+              skb = brcmu_pktq_pdeq_match(q, prec, matchfn, &ifidx);
-+              while (skb) {
-+                      hslot = brcmf_skb_htod_tag_get_field(skb, HSLOT);
-+                      brcmf_fws_hanger_poppkt(&fws->hanger, hslot, &skb,
-+                                              true);
-+                      brcmu_pkt_buf_free_skb(skb);
-+                      skb = brcmu_pktq_pdeq_match(q, prec, matchfn, &ifidx);
-+              }
-+      }
-+}
-+
- static int brcmf_fws_hanger_mark_suppressed(struct brcmf_fws_hanger *h,
-                                           u32 slot_id)
- {
-@@ -2200,6 +2204,8 @@ void brcmf_fws_del_interface(struct brcm
-       brcmf_fws_lock(fws);
-       ifp->fws_desc = NULL;
-       brcmf_dbg(TRACE, "deleting %s\n", entry->name);
-+      brcmf_fws_macdesc_cleanup(fws, &fws->desc.iface[ifp->ifidx],
-+                                ifp->ifidx);
-       brcmf_fws_macdesc_deinit(entry);
-       brcmf_fws_cleanup(fws, ifp->ifidx);
-       brcmf_fws_unlock(fws);
diff --git a/package/kernel/mac80211/patches/brcm/361-v5.2-0002-brcmfmac-fix-NULL-pointer-derefence-during-USB-disco.patch b/package/kernel/mac80211/patches/brcm/361-v5.2-0002-brcmfmac-fix-NULL-pointer-derefence-during-USB-disco.patch
deleted file mode 100644 (file)
index e45288b..0000000
+++ /dev/null
@@ -1,217 +0,0 @@
-From 5cdb0ef6144f47440850553579aa923c20a63f23 Mon Sep 17 00:00:00 2001
-From: Piotr Figiel <p.figiel@camlintechnologies.com>
-Date: Mon, 4 Mar 2019 15:42:52 +0000
-Subject: [PATCH] brcmfmac: fix NULL pointer derefence during USB disconnect
-
-In case USB disconnect happens at the moment transmitting workqueue is in
-progress the underlying interface may be gone causing a NULL pointer
-dereference. Add synchronization of the workqueue destruction with the
-detach implementation in core so that the transmitting workqueue is stopped
-during detach before the interfaces are removed.
-
-Fix following Oops:
-
-Unable to handle kernel NULL pointer dereference at virtual address 00000008
-pgd = 9e6a802d
-[00000008] *pgd=00000000
-Internal error: Oops: 5 [#1] PREEMPT SMP ARM
-Modules linked in: nf_log_ipv4 nf_log_common xt_LOG xt_limit iptable_mangle
-xt_connmark xt_tcpudp xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4
-iptable_filter ip_tables x_tables usb_f_mass_storage usb_f_rndis u_ether
-usb_serial_simple usbserial cdc_acm brcmfmac brcmutil smsc95xx usbnet
-ci_hdrc_imx ci_hdrc ulpi usbmisc_imx 8250_exar 8250_pci 8250 8250_base
-libcomposite configfs udc_core
-CPU: 0 PID: 7 Comm: kworker/u8:0 Not tainted 4.19.23-00076-g03740aa-dirty #102
-Hardware name: Freescale i.MX6 Quad/DualLite (Device Tree)
-Workqueue: brcmf_fws_wq brcmf_fws_dequeue_worker [brcmfmac]
-PC is at brcmf_txfinalize+0x34/0x90 [brcmfmac]
-LR is at brcmf_fws_dequeue_worker+0x218/0x33c [brcmfmac]
-pc : [<7f0dee64>]    lr : [<7f0e4140>]    psr: 60010093
-sp : ee8abef0  ip : 00000000  fp : edf38000
-r10: ffffffed  r9 : edf38970  r8 : edf38004
-r7 : edf3e970  r6 : 00000000  r5 : ede69000  r4 : 00000000
-r3 : 00000a97  r2 : 00000000  r1 : 0000888e  r0 : ede69000
-Flags: nZCv  IRQs off  FIQs on  Mode SVC_32  ISA ARM  Segment none
-Control: 10c5387d  Table: 7d03c04a  DAC: 00000051
-Process kworker/u8:0 (pid: 7, stack limit = 0x24ec3e04)
-Stack: (0xee8abef0 to 0xee8ac000)
-bee0:                                     ede69000 00000000 ed56c3e0 7f0e4140
-bf00: 00000001 00000000 edf38004 edf3e99c ed56c3e0 80d03d00 edfea43a edf3e970
-bf20: ee809880 ee804200 ee971100 00000000 edf3e974 00000000 ee804200 80135a70
-bf40: 80d03d00 ee804218 ee809880 ee809894 ee804200 80d03d00 ee804218 ee8aa000
-bf60: 00000088 80135d5c 00000000 ee829f00 ee829dc0 00000000 ee809880 80135d30
-bf80: ee829f1c ee873eac 00000000 8013b1a0 ee829dc0 8013b07c 00000000 00000000
-bfa0: 00000000 00000000 00000000 801010e8 00000000 00000000 00000000 00000000
-bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
-bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 00000000 00000000
-[<7f0dee64>] (brcmf_txfinalize [brcmfmac]) from [<7f0e4140>] (brcmf_fws_dequeue_worker+0x218/0x33c [brcmfmac])
-[<7f0e4140>] (brcmf_fws_dequeue_worker [brcmfmac]) from [<80135a70>] (process_one_work+0x138/0x3f8)
-[<80135a70>] (process_one_work) from [<80135d5c>] (worker_thread+0x2c/0x554)
-[<80135d5c>] (worker_thread) from [<8013b1a0>] (kthread+0x124/0x154)
-[<8013b1a0>] (kthread) from [<801010e8>] (ret_from_fork+0x14/0x2c)
-Exception stack(0xee8abfb0 to 0xee8abff8)
-bfa0:                                     00000000 00000000 00000000 00000000
-bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
-bfe0: 00000000 00000000 00000000 00000000 00000013 00000000
-Code: e1530001 0a000007 e3560000 e1a00005 (05942008)
----[ end trace 079239dd31c86e90 ]---
-
-Signed-off-by: Piotr Figiel <p.figiel@camlintechnologies.com>
-Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
----
- .../wireless/broadcom/brcm80211/brcmfmac/bcdc.c  | 11 +++++++++--
- .../wireless/broadcom/brcm80211/brcmfmac/bcdc.h  |  6 ++++--
- .../wireless/broadcom/brcm80211/brcmfmac/core.c  |  4 +++-
- .../broadcom/brcm80211/brcmfmac/fwsignal.c       | 16 ++++++++++++----
- .../broadcom/brcm80211/brcmfmac/fwsignal.h       |  3 ++-
- .../wireless/broadcom/brcm80211/brcmfmac/proto.c | 10 ++++++++--
- .../wireless/broadcom/brcm80211/brcmfmac/proto.h |  3 ++-
- 7 files changed, 40 insertions(+), 13 deletions(-)
-
---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcdc.c
-+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcdc.c
-@@ -490,11 +490,18 @@ fail:
-       return -ENOMEM;
- }
--void brcmf_proto_bcdc_detach(struct brcmf_pub *drvr)
-+void brcmf_proto_bcdc_detach_pre_delif(struct brcmf_pub *drvr)
-+{
-+      struct brcmf_bcdc *bcdc = drvr->proto->pd;
-+
-+      brcmf_fws_detach_pre_delif(bcdc->fws);
-+}
-+
-+void brcmf_proto_bcdc_detach_post_delif(struct brcmf_pub *drvr)
- {
-       struct brcmf_bcdc *bcdc = drvr->proto->pd;
-       drvr->proto->pd = NULL;
--      brcmf_fws_detach(bcdc->fws);
-+      brcmf_fws_detach_post_delif(bcdc->fws);
-       kfree(bcdc);
- }
---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcdc.h
-+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcdc.h
-@@ -18,14 +18,16 @@
- #ifdef CPTCFG_BRCMFMAC_PROTO_BCDC
- int brcmf_proto_bcdc_attach(struct brcmf_pub *drvr);
--void brcmf_proto_bcdc_detach(struct brcmf_pub *drvr);
-+void brcmf_proto_bcdc_detach_pre_delif(struct brcmf_pub *drvr);
-+void brcmf_proto_bcdc_detach_post_delif(struct brcmf_pub *drvr);
- void brcmf_proto_bcdc_txflowblock(struct device *dev, bool state);
- void brcmf_proto_bcdc_txcomplete(struct device *dev, struct sk_buff *txp,
-                                bool success);
- struct brcmf_fws_info *drvr_to_fws(struct brcmf_pub *drvr);
- #else
- static inline int brcmf_proto_bcdc_attach(struct brcmf_pub *drvr) { return 0; }
--static inline void brcmf_proto_bcdc_detach(struct brcmf_pub *drvr) {}
-+static void brcmf_proto_bcdc_detach_pre_delif(struct brcmf_pub *drvr) {};
-+static inline void brcmf_proto_bcdc_detach_post_delif(struct brcmf_pub *drvr) {}
- #endif
- #endif /* BRCMFMAC_BCDC_H */
---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
-+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
-@@ -1342,6 +1342,8 @@ void brcmf_detach(struct device *dev)
-       brcmf_bus_change_state(bus_if, BRCMF_BUS_DOWN);
-+      brcmf_proto_detach_pre_delif(drvr);
-+
-       /* make sure primary interface removed last */
-       for (i = BRCMF_MAX_IFS-1; i > -1; i--)
-               brcmf_remove_interface(drvr->iflist[i], false);
-@@ -1351,7 +1353,7 @@ void brcmf_detach(struct device *dev)
-       brcmf_bus_stop(drvr->bus_if);
--      brcmf_proto_detach(drvr);
-+      brcmf_proto_detach_post_delif(drvr);
-       bus_if->drvr = NULL;
-       wiphy_free(drvr->wiphy);
---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwsignal.c
-+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwsignal.c
-@@ -2443,17 +2443,25 @@ struct brcmf_fws_info *brcmf_fws_attach(
-       return fws;
- fail:
--      brcmf_fws_detach(fws);
-+      brcmf_fws_detach_pre_delif(fws);
-+      brcmf_fws_detach_post_delif(fws);
-       return ERR_PTR(rc);
- }
--void brcmf_fws_detach(struct brcmf_fws_info *fws)
-+void brcmf_fws_detach_pre_delif(struct brcmf_fws_info *fws)
- {
-       if (!fws)
-               return;
--
--      if (fws->fws_wq)
-+      if (fws->fws_wq) {
-               destroy_workqueue(fws->fws_wq);
-+              fws->fws_wq = NULL;
-+      }
-+}
-+
-+void brcmf_fws_detach_post_delif(struct brcmf_fws_info *fws)
-+{
-+      if (!fws)
-+              return;
-       /* cleanup */
-       brcmf_fws_lock(fws);
---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwsignal.h
-+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwsignal.h
-@@ -19,7 +19,8 @@
- #define FWSIGNAL_H_
- struct brcmf_fws_info *brcmf_fws_attach(struct brcmf_pub *drvr);
--void brcmf_fws_detach(struct brcmf_fws_info *fws);
-+void brcmf_fws_detach_pre_delif(struct brcmf_fws_info *fws);
-+void brcmf_fws_detach_post_delif(struct brcmf_fws_info *fws);
- void brcmf_fws_debugfs_create(struct brcmf_pub *drvr);
- bool brcmf_fws_queue_skbs(struct brcmf_fws_info *fws);
- bool brcmf_fws_fc_active(struct brcmf_fws_info *fws);
---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/proto.c
-+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/proto.c
-@@ -67,16 +67,22 @@ fail:
-       return -ENOMEM;
- }
--void brcmf_proto_detach(struct brcmf_pub *drvr)
-+void brcmf_proto_detach_post_delif(struct brcmf_pub *drvr)
- {
-       brcmf_dbg(TRACE, "Enter\n");
-       if (drvr->proto) {
-               if (drvr->bus_if->proto_type == BRCMF_PROTO_BCDC)
--                      brcmf_proto_bcdc_detach(drvr);
-+                      brcmf_proto_bcdc_detach_post_delif(drvr);
-               else if (drvr->bus_if->proto_type == BRCMF_PROTO_MSGBUF)
-                       brcmf_proto_msgbuf_detach(drvr);
-               kfree(drvr->proto);
-               drvr->proto = NULL;
-       }
- }
-+
-+void brcmf_proto_detach_pre_delif(struct brcmf_pub *drvr)
-+{
-+      if (drvr->proto && drvr->bus_if->proto_type == BRCMF_PROTO_BCDC)
-+              brcmf_proto_bcdc_detach_pre_delif(drvr);
-+}
---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/proto.h
-+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/proto.h
-@@ -54,7 +54,8 @@ struct brcmf_proto {
- int brcmf_proto_attach(struct brcmf_pub *drvr);
--void brcmf_proto_detach(struct brcmf_pub *drvr);
-+void brcmf_proto_detach_pre_delif(struct brcmf_pub *drvr);
-+void brcmf_proto_detach_post_delif(struct brcmf_pub *drvr);
- static inline int brcmf_proto_hdrpull(struct brcmf_pub *drvr, bool do_fws,
-                                     struct sk_buff *skb,
diff --git a/package/kernel/mac80211/patches/brcm/362-v5.2-0001-brcmfmac-fix-race-during-disconnect-when-USB-complet.patch b/package/kernel/mac80211/patches/brcm/362-v5.2-0001-brcmfmac-fix-race-during-disconnect-when-USB-complet.patch
deleted file mode 100644 (file)
index b6a11d6..0000000
+++ /dev/null
@@ -1,84 +0,0 @@
-From db3b9e2e1d58080d0754bdf9293dabf8c6491b67 Mon Sep 17 00:00:00 2001
-From: Piotr Figiel <p.figiel@camlintechnologies.com>
-Date: Fri, 8 Mar 2019 15:25:04 +0000
-Subject: [PATCH] brcmfmac: fix race during disconnect when USB completion is
- in progress
-
-It was observed that rarely during USB disconnect happening shortly after
-connect (before full initialization completes) usb_hub_wq would wait
-forever for the dev_init_lock to be unlocked. dev_init_lock would remain
-locked though because of infinite wait during usb_kill_urb:
-
-[ 2730.656472] kworker/0:2     D    0   260      2 0x00000000
-[ 2730.660700] Workqueue: events request_firmware_work_func
-[ 2730.664807] [<809dca20>] (__schedule) from [<809dd164>] (schedule+0x4c/0xac)
-[ 2730.670587] [<809dd164>] (schedule) from [<8069af44>] (usb_kill_urb+0xdc/0x114)
-[ 2730.676815] [<8069af44>] (usb_kill_urb) from [<7f258b50>] (brcmf_usb_free_q+0x34/0xa8 [brcmfmac])
-[ 2730.684833] [<7f258b50>] (brcmf_usb_free_q [brcmfmac]) from [<7f2517d4>] (brcmf_detach+0xa0/0xb8 [brcmfmac])
-[ 2730.693557] [<7f2517d4>] (brcmf_detach [brcmfmac]) from [<7f251a34>] (brcmf_attach+0xac/0x3d8 [brcmfmac])
-[ 2730.702094] [<7f251a34>] (brcmf_attach [brcmfmac]) from [<7f2587ac>] (brcmf_usb_probe_phase2+0x468/0x4a0 [brcmfmac])
-[ 2730.711601] [<7f2587ac>] (brcmf_usb_probe_phase2 [brcmfmac]) from [<7f252888>] (brcmf_fw_request_done+0x194/0x220 [brcmfmac])
-[ 2730.721795] [<7f252888>] (brcmf_fw_request_done [brcmfmac]) from [<805748e4>] (request_firmware_work_func+0x4c/0x88)
-[ 2730.731125] [<805748e4>] (request_firmware_work_func) from [<80141474>] (process_one_work+0x228/0x808)
-[ 2730.739223] [<80141474>] (process_one_work) from [<80141a80>] (worker_thread+0x2c/0x564)
-[ 2730.746105] [<80141a80>] (worker_thread) from [<80147bcc>] (kthread+0x13c/0x16c)
-[ 2730.752227] [<80147bcc>] (kthread) from [<801010b4>] (ret_from_fork+0x14/0x20)
-
-[ 2733.099695] kworker/0:3     D    0  1065      2 0x00000000
-[ 2733.103926] Workqueue: usb_hub_wq hub_event
-[ 2733.106914] [<809dca20>] (__schedule) from [<809dd164>] (schedule+0x4c/0xac)
-[ 2733.112693] [<809dd164>] (schedule) from [<809e2a8c>] (schedule_timeout+0x214/0x3e4)
-[ 2733.119621] [<809e2a8c>] (schedule_timeout) from [<809dde2c>] (wait_for_common+0xc4/0x1c0)
-[ 2733.126810] [<809dde2c>] (wait_for_common) from [<7f258d00>] (brcmf_usb_disconnect+0x1c/0x4c [brcmfmac])
-[ 2733.135206] [<7f258d00>] (brcmf_usb_disconnect [brcmfmac]) from [<8069e0c8>] (usb_unbind_interface+0x5c/0x1e4)
-[ 2733.143943] [<8069e0c8>] (usb_unbind_interface) from [<8056d3e8>] (device_release_driver_internal+0x164/0x1fc)
-[ 2733.152769] [<8056d3e8>] (device_release_driver_internal) from [<8056c078>] (bus_remove_device+0xd0/0xfc)
-[ 2733.161138] [<8056c078>] (bus_remove_device) from [<8056977c>] (device_del+0x11c/0x310)
-[ 2733.167939] [<8056977c>] (device_del) from [<8069cba8>] (usb_disable_device+0xa0/0x1cc)
-[ 2733.174743] [<8069cba8>] (usb_disable_device) from [<8069507c>] (usb_disconnect+0x74/0x1dc)
-[ 2733.181823] [<8069507c>] (usb_disconnect) from [<80695e88>] (hub_event+0x478/0xf88)
-[ 2733.188278] [<80695e88>] (hub_event) from [<80141474>] (process_one_work+0x228/0x808)
-[ 2733.194905] [<80141474>] (process_one_work) from [<80141a80>] (worker_thread+0x2c/0x564)
-[ 2733.201724] [<80141a80>] (worker_thread) from [<80147bcc>] (kthread+0x13c/0x16c)
-[ 2733.207913] [<80147bcc>] (kthread) from [<801010b4>] (ret_from_fork+0x14/0x20)
-
-It was traced down to a case where usb_kill_urb would be called on an URB
-structure containing more or less random data, including large number in
-its use_count. During the debugging it appeared that in brcmf_usb_free_q()
-the traversal over URBs' lists is not synchronized with operations on those
-lists in brcmf_usb_rx_complete() leading to handling
-brcmf_usbdev_info structure (holding lists' head) as lists' element and in
-result causing above problem.
-
-Fix it by walking through all URBs during brcmf_cancel_all_urbs using the
-arrays of requests instead of linked lists.
-
-Signed-off-by: Piotr Figiel <p.figiel@camlintechnologies.com>
-Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
----
- drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c | 10 ++++++++--
- 1 file changed, 8 insertions(+), 2 deletions(-)
-
---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c
-+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c
-@@ -682,12 +682,18 @@ static int brcmf_usb_up(struct device *d
- static void brcmf_cancel_all_urbs(struct brcmf_usbdev_info *devinfo)
- {
-+      int i;
-+
-       if (devinfo->ctl_urb)
-               usb_kill_urb(devinfo->ctl_urb);
-       if (devinfo->bulk_urb)
-               usb_kill_urb(devinfo->bulk_urb);
--      brcmf_usb_free_q(&devinfo->tx_postq, true);
--      brcmf_usb_free_q(&devinfo->rx_postq, true);
-+      if (devinfo->tx_reqs)
-+              for (i = 0; i < devinfo->bus_pub.ntxq; i++)
-+                      usb_kill_urb(devinfo->tx_reqs[i].urb);
-+      if (devinfo->rx_reqs)
-+              for (i = 0; i < devinfo->bus_pub.nrxq; i++)
-+                      usb_kill_urb(devinfo->rx_reqs[i].urb);
- }
- static void brcmf_usb_down(struct device *dev)
diff --git a/package/kernel/mac80211/patches/brcm/363-v5.2-brcmfmac-fix-Oops-when-bringing-up-interface-during-.patch b/package/kernel/mac80211/patches/brcm/363-v5.2-brcmfmac-fix-Oops-when-bringing-up-interface-during-.patch
deleted file mode 100644 (file)
index 01e9bf0..0000000
+++ /dev/null
@@ -1,123 +0,0 @@
-From 24d413a31afaee9bbbf79226052c386b01780ce2 Mon Sep 17 00:00:00 2001
-From: Piotr Figiel <p.figiel@camlintechnologies.com>
-Date: Wed, 13 Mar 2019 09:52:01 +0000
-Subject: [PATCH] brcmfmac: fix Oops when bringing up interface during USB
- disconnect
-
-Fix a race which leads to an Oops with NULL pointer dereference.  The
-dereference is in brcmf_config_dongle() when cfg_to_ndev() attempts to get
-net_device structure of interface with index 0 via if2bss mapping. This
-shouldn't fail because of check for bus being ready in brcmf_netdev_open(),
-but it's not synchronised with USB disconnect and there is a race: after
-the check the bus can be marked down and the mapping for interface 0 may be
-gone.
-
-Solve this by modifying disconnect handling so that the removal of mapping
-of ifidx to brcmf_if structure happens after netdev removal (which is
-synchronous with brcmf_netdev_open() thanks to rtln being locked in
-devinet_ioctl()). This assures brcmf_netdev_open() returns before the
-mapping is removed during disconnect.
-
-Unable to handle kernel NULL pointer dereference at virtual address 00000008
-pgd = bcae2612
-[00000008] *pgd=8be73831
-Internal error: Oops: 17 [#1] PREEMPT SMP ARM
-Modules linked in: brcmfmac brcmutil nf_log_ipv4 nf_log_common xt_LOG xt_limit
-iptable_mangle xt_connmark xt_tcpudp xt_conntrack nf_conntrack nf_defrag_ipv6
-nf_defrag_ipv4 iptable_filter ip_tables x_tables usb_f_mass_storage usb_f_rndis
-u_ether usb_serial_simple usbserial cdc_acm smsc95xx usbnet ci_hdrc_imx ci_hdrc
-usbmisc_imx ulpi 8250_exar 8250_pci 8250 8250_base libcomposite configfs
-udc_core [last unloaded: brcmutil]
-CPU: 2 PID: 24478 Comm: ifconfig Not tainted 4.19.23-00078-ga62866d-dirty #115
-Hardware name: Freescale i.MX6 Quad/DualLite (Device Tree)
-PC is at brcmf_cfg80211_up+0x94/0x29c [brcmfmac]
-LR is at brcmf_cfg80211_up+0x8c/0x29c [brcmfmac]
-pc : [<7f26a91c>]    lr : [<7f26a914>]    psr: a0070013
-sp : eca99d28  ip : 00000000  fp : ee9c6c00
-r10: 00000036  r9 : 00000000  r8 : ece4002c
-r7 : edb5b800  r6 : 00000000  r5 : 80f08448  r4 : edb5b968
-r3 : ffffffff  r2 : 00000000  r1 : 00000002  r0 : 00000000
-Flags: NzCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none
-Control: 10c5387d  Table: 7ca0c04a  DAC: 00000051
-Process ifconfig (pid: 24478, stack limit = 0xd9e85a0e)
-Stack: (0xeca99d28 to 0xeca9a000)
-9d20:                   00000000 80f873b0 0000000d 80f08448 eca99d68 50d45f32
-9d40: 7f27de94 ece40000 80f08448 80f08448 7f27de94 ece4002c 00000000 00000036
-9d60: ee9c6c00 7f27262c 00001002 50d45f32 ece40000 00000000 80f08448 80772008
-9d80: 00000001 00001043 00001002 ece40000 00000000 50d45f32 ece40000 00000001
-9da0: 80f08448 00001043 00001002 807723d0 00000000 50d45f32 80f08448 eca99e58
-9dc0: 80f87113 50d45f32 80f08448 ece40000 ece40138 00001002 80f08448 00000000
-9de0: 00000000 80772434 edbd5380 eca99e58 edbd5380 80f08448 ee9c6c0c 80805f70
-9e00: 00000000 ede08e00 00008914 ece40000 00000014 ee9c6c0c 600c0013 00001043
-9e20: 0208a8c0 ffffffff 00000000 50d45f32 eca98000 80f08448 7ee9fc38 00008914
-9e40: 80f68e40 00000051 eca98000 00000036 00000003 80808b9c 6e616c77 00000030
-9e60: 00000000 00000000 00001043 0208a8c0 ffffffff 00000000 80f08448 00000000
-9e80: 00000000 816d8b20 600c0013 00000001 ede09320 801763d4 00000000 50d45f32
-9ea0: eca98000 80f08448 7ee9fc38 50d45f32 00008914 80f08448 7ee9fc38 80f68e40
-9ec0: ed531540 8074721c 00000800 00000001 00000000 6e616c77 00000030 00000000
-9ee0: 00000000 00001002 0208a8c0 ffffffff 00000000 50d45f32 80f08448 7ee9fc38
-9f00: ed531560 ec8fc900 80285a6c 80285138 edb910c0 00000000 ecd91008 ede08e00
-9f20: 80f08448 00000000 00000000 816d8b20 600c0013 00000001 ede09320 801763d4
-9f40: 00000000 50d45f32 00021000 edb91118 edb910c0 80f08448 01b29000 edb91118
-9f60: eca99f7c 50d45f32 00021000 ec8fc900 00000003 ec8fc900 00008914 7ee9fc38
-9f80: eca98000 00000036 00000003 80285a6c 00086364 7ee9fe1c 000000c3 00000036
-9fa0: 801011c4 80101000 00086364 7ee9fe1c 00000003 00008914 7ee9fc38 00086364
-9fc0: 00086364 7ee9fe1c 000000c3 00000036 0008630c 7ee9fe1c 7ee9fc38 00000003
-9fe0: 000a42b8 7ee9fbd4 00019914 76e09acc 600c0010 00000003 00000000 00000000
-[<7f26a91c>] (brcmf_cfg80211_up [brcmfmac]) from [<7f27262c>] (brcmf_netdev_open+0x74/0xe8 [brcmfmac])
-[<7f27262c>] (brcmf_netdev_open [brcmfmac]) from [<80772008>] (__dev_open+0xcc/0x150)
-[<80772008>] (__dev_open) from [<807723d0>] (__dev_change_flags+0x168/0x1b4)
-[<807723d0>] (__dev_change_flags) from [<80772434>] (dev_change_flags+0x18/0x48)
-[<80772434>] (dev_change_flags) from [<80805f70>] (devinet_ioctl+0x67c/0x79c)
-[<80805f70>] (devinet_ioctl) from [<80808b9c>] (inet_ioctl+0x210/0x3d4)
-[<80808b9c>] (inet_ioctl) from [<8074721c>] (sock_ioctl+0x350/0x524)
-[<8074721c>] (sock_ioctl) from [<80285138>] (do_vfs_ioctl+0xb0/0x9b0)
-[<80285138>] (do_vfs_ioctl) from [<80285a6c>] (ksys_ioctl+0x34/0x5c)
-[<80285a6c>] (ksys_ioctl) from [<80101000>] (ret_fast_syscall+0x0/0x28)
-Exception stack(0xeca99fa8 to 0xeca99ff0)
-9fa0:                   00086364 7ee9fe1c 00000003 00008914 7ee9fc38 00086364
-9fc0: 00086364 7ee9fe1c 000000c3 00000036 0008630c 7ee9fe1c 7ee9fc38 00000003
-9fe0: 000a42b8 7ee9fbd4 00019914 76e09acc
-Code: e5970328 eb002021 e1a02006 e3a01002 (e5909008)
----[ end trace 5cbac2333f3ac5df ]---
-
-Signed-off-by: Piotr Figiel <p.figiel@camlintechnologies.com>
-Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
----
- .../net/wireless/broadcom/brcm80211/brcmfmac/core.c    | 10 +++++++---
- 1 file changed, 7 insertions(+), 3 deletions(-)
-
---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
-+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
-@@ -862,17 +862,17 @@ static void brcmf_del_if(struct brcmf_pu
-                        bool rtnl_locked)
- {
-       struct brcmf_if *ifp;
-+      int ifidx;
-       ifp = drvr->iflist[bsscfgidx];
--      drvr->iflist[bsscfgidx] = NULL;
-       if (!ifp) {
-               bphy_err(drvr, "Null interface, bsscfgidx=%d\n", bsscfgidx);
-               return;
-       }
-       brcmf_dbg(TRACE, "Enter, bsscfgidx=%d, ifidx=%d\n", bsscfgidx,
-                 ifp->ifidx);
--      if (drvr->if2bss[ifp->ifidx] == bsscfgidx)
--              drvr->if2bss[ifp->ifidx] = BRCMF_BSSIDX_INVALID;
-+      ifidx = ifp->ifidx;
-+
-       if (ifp->ndev) {
-               if (bsscfgidx == 0) {
-                       if (ifp->ndev->netdev_ops == &brcmf_netdev_ops_pri) {
-@@ -900,6 +900,10 @@ static void brcmf_del_if(struct brcmf_pu
-               brcmf_p2p_ifp_removed(ifp, rtnl_locked);
-               kfree(ifp);
-       }
-+
-+      drvr->iflist[bsscfgidx] = NULL;
-+      if (drvr->if2bss[ifidx] == bsscfgidx)
-+              drvr->if2bss[ifidx] = BRCMF_BSSIDX_INVALID;
- }
- void brcmf_remove_interface(struct brcmf_if *ifp, bool rtnl_locked)
diff --git a/package/kernel/mac80211/patches/brcm/364-v5.2-brcmfmac-convert-dev_init_lock-mutex-to-completion.patch b/package/kernel/mac80211/patches/brcm/364-v5.2-brcmfmac-convert-dev_init_lock-mutex-to-completion.patch
deleted file mode 100644 (file)
index e6ecd22..0000000
+++ /dev/null
@@ -1,182 +0,0 @@
-From a9fd0953fa4a62887306be28641b4b0809f3b2fd Mon Sep 17 00:00:00 2001
-From: Piotr Figiel <p.figiel@camlintechnologies.com>
-Date: Wed, 13 Mar 2019 09:52:42 +0000
-Subject: [PATCH] brcmfmac: convert dev_init_lock mutex to completion
-
-Leaving dev_init_lock mutex locked in probe causes BUG and a WARNING when
-kernel is compiled with CONFIG_PROVE_LOCKING. Convert mutex to completion
-which silences those warnings and improves code readability.
-
-Fix below errors when connecting the USB WiFi dongle:
-
-brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43143 for chip BCM43143/2
-BUG: workqueue leaked lock or atomic: kworker/0:2/0x00000000/434
-     last function: hub_event
-1 lock held by kworker/0:2/434:
- #0: 18d5dcdf (&devinfo->dev_init_lock){+.+.}, at: brcmf_usb_probe+0x78/0x550 [brcmfmac]
-CPU: 0 PID: 434 Comm: kworker/0:2 Not tainted 4.19.23-00084-g454a789-dirty #123
-Hardware name: Freescale i.MX6 Quad/DualLite (Device Tree)
-Workqueue: usb_hub_wq hub_event
-[<8011237c>] (unwind_backtrace) from [<8010d74c>] (show_stack+0x10/0x14)
-[<8010d74c>] (show_stack) from [<809c4324>] (dump_stack+0xa8/0xd4)
-[<809c4324>] (dump_stack) from [<8014195c>] (process_one_work+0x710/0x808)
-[<8014195c>] (process_one_work) from [<80141a80>] (worker_thread+0x2c/0x564)
-[<80141a80>] (worker_thread) from [<80147bcc>] (kthread+0x13c/0x16c)
-[<80147bcc>] (kthread) from [<801010b4>] (ret_from_fork+0x14/0x20)
-Exception stack(0xed1d9fb0 to 0xed1d9ff8)
-9fa0:                                     00000000 00000000 00000000 00000000
-9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
-9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
-
-======================================================
-WARNING: possible circular locking dependency detected
-4.19.23-00084-g454a789-dirty #123 Not tainted
-------------------------------------------------------
-kworker/0:2/434 is trying to acquire lock:
-e29cf799 ((wq_completion)"events"){+.+.}, at: process_one_work+0x174/0x808
-
-but task is already holding lock:
-18d5dcdf (&devinfo->dev_init_lock){+.+.}, at: brcmf_usb_probe+0x78/0x550 [brcmfmac]
-
-which lock already depends on the new lock.
-
-the existing dependency chain (in reverse order) is:
-
--> #2 (&devinfo->dev_init_lock){+.+.}:
-       mutex_lock_nested+0x1c/0x24
-       brcmf_usb_probe+0x78/0x550 [brcmfmac]
-       usb_probe_interface+0xc0/0x1bc
-       really_probe+0x228/0x2c0
-       __driver_attach+0xe4/0xe8
-       bus_for_each_dev+0x68/0xb4
-       bus_add_driver+0x19c/0x214
-       driver_register+0x78/0x110
-       usb_register_driver+0x84/0x148
-       process_one_work+0x228/0x808
-       worker_thread+0x2c/0x564
-       kthread+0x13c/0x16c
-       ret_from_fork+0x14/0x20
-         (null)
-
--> #1 (brcmf_driver_work){+.+.}:
-       worker_thread+0x2c/0x564
-       kthread+0x13c/0x16c
-       ret_from_fork+0x14/0x20
-         (null)
-
--> #0 ((wq_completion)"events"){+.+.}:
-       process_one_work+0x1b8/0x808
-       worker_thread+0x2c/0x564
-       kthread+0x13c/0x16c
-       ret_from_fork+0x14/0x20
-         (null)
-
-other info that might help us debug this:
-
-Chain exists of:
-  (wq_completion)"events" --> brcmf_driver_work --> &devinfo->dev_init_lock
-
- Possible unsafe locking scenario:
-
-       CPU0                    CPU1
-       ----                    ----
-  lock(&devinfo->dev_init_lock);
-                               lock(brcmf_driver_work);
-                               lock(&devinfo->dev_init_lock);
-  lock((wq_completion)"events");
-
- *** DEADLOCK ***
-
-1 lock held by kworker/0:2/434:
- #0: 18d5dcdf (&devinfo->dev_init_lock){+.+.}, at: brcmf_usb_probe+0x78/0x550 [brcmfmac]
-
-stack backtrace:
-CPU: 0 PID: 434 Comm: kworker/0:2 Not tainted 4.19.23-00084-g454a789-dirty #123
-Hardware name: Freescale i.MX6 Quad/DualLite (Device Tree)
-Workqueue: events request_firmware_work_func
-[<8011237c>] (unwind_backtrace) from [<8010d74c>] (show_stack+0x10/0x14)
-[<8010d74c>] (show_stack) from [<809c4324>] (dump_stack+0xa8/0xd4)
-[<809c4324>] (dump_stack) from [<80172838>] (print_circular_bug+0x210/0x330)
-[<80172838>] (print_circular_bug) from [<80175940>] (__lock_acquire+0x160c/0x1a30)
-[<80175940>] (__lock_acquire) from [<8017671c>] (lock_acquire+0xe0/0x268)
-[<8017671c>] (lock_acquire) from [<80141404>] (process_one_work+0x1b8/0x808)
-[<80141404>] (process_one_work) from [<80141a80>] (worker_thread+0x2c/0x564)
-[<80141a80>] (worker_thread) from [<80147bcc>] (kthread+0x13c/0x16c)
-[<80147bcc>] (kthread) from [<801010b4>] (ret_from_fork+0x14/0x20)
-Exception stack(0xed1d9fb0 to 0xed1d9ff8)
-9fa0:                                     00000000 00000000 00000000 00000000
-9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
-9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
-
-Signed-off-by: Piotr Figiel <p.figiel@camlintechnologies.com>
-Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
----
- .../wireless/broadcom/brcm80211/brcmfmac/usb.c  | 17 ++++++++---------
- 1 file changed, 8 insertions(+), 9 deletions(-)
-
---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c
-+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/usb.c
-@@ -160,7 +160,7 @@ struct brcmf_usbdev_info {
-       struct usb_device *usbdev;
-       struct device *dev;
--      struct mutex dev_init_lock;
-+      struct completion dev_init_done;
-       int ctl_in_pipe, ctl_out_pipe;
-       struct urb *ctl_urb; /* URB for control endpoint */
-@@ -1194,11 +1194,11 @@ static void brcmf_usb_probe_phase2(struc
-       if (ret)
-               goto error;
--      mutex_unlock(&devinfo->dev_init_lock);
-+      complete(&devinfo->dev_init_done);
-       return;
- error:
-       brcmf_dbg(TRACE, "failed: dev=%s, err=%d\n", dev_name(dev), ret);
--      mutex_unlock(&devinfo->dev_init_lock);
-+      complete(&devinfo->dev_init_done);
-       device_release_driver(dev);
- }
-@@ -1266,7 +1266,7 @@ static int brcmf_usb_probe_cb(struct brc
-               if (ret)
-                       goto fail;
-               /* we are done */
--              mutex_unlock(&devinfo->dev_init_lock);
-+              complete(&devinfo->dev_init_done);
-               return 0;
-       }
-       bus->chip = bus_pub->devid;
-@@ -1326,11 +1326,10 @@ brcmf_usb_probe(struct usb_interface *in
-       devinfo->usbdev = usb;
-       devinfo->dev = &usb->dev;
--      /* Take an init lock, to protect for disconnect while still loading.
-+      /* Init completion, to protect for disconnect while still loading.
-        * Necessary because of the asynchronous firmware load construction
-        */
--      mutex_init(&devinfo->dev_init_lock);
--      mutex_lock(&devinfo->dev_init_lock);
-+      init_completion(&devinfo->dev_init_done);
-       usb_set_intfdata(intf, devinfo);
-@@ -1408,7 +1407,7 @@ brcmf_usb_probe(struct usb_interface *in
-       return 0;
- fail:
--      mutex_unlock(&devinfo->dev_init_lock);
-+      complete(&devinfo->dev_init_done);
-       kfree(devinfo);
-       usb_set_intfdata(intf, NULL);
-       return ret;
-@@ -1423,7 +1422,7 @@ brcmf_usb_disconnect(struct usb_interfac
-       devinfo = (struct brcmf_usbdev_info *)usb_get_intfdata(intf);
-       if (devinfo) {
--              mutex_lock(&devinfo->dev_init_lock);
-+              wait_for_completion(&devinfo->dev_init_done);
-               /* Make sure that devinfo still exists. Firmware probe routines
-                * may have released the device and cleared the intfdata.
-                */
diff --git a/package/kernel/mac80211/patches/brcm/365-v5.2-brcmfmac-fix-missing-checks-for-kmemdup.patch b/package/kernel/mac80211/patches/brcm/365-v5.2-brcmfmac-fix-missing-checks-for-kmemdup.patch
deleted file mode 100644 (file)
index 87974dc..0000000
+++ /dev/null
@@ -1,35 +0,0 @@
-From 46953f97224d56a12ccbe9c6acaa84ca0dab2780 Mon Sep 17 00:00:00 2001
-From: Kangjie Lu <kjlu@umn.edu>
-Date: Fri, 15 Mar 2019 12:04:32 -0500
-Subject: [PATCH] brcmfmac: fix missing checks for kmemdup
-
-In case kmemdup fails, the fix sets conn_info->req_ie_len and
-conn_info->resp_ie_len to zero to avoid buffer overflows.
-
-Signed-off-by: Kangjie Lu <kjlu@umn.edu>
-Acked-by: Arend van Spriel <arend.vanspriel@broadcom.com>
-Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
----
- drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
-+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
-@@ -5456,6 +5456,8 @@ static s32 brcmf_get_assoc_ies(struct br
-               conn_info->req_ie =
-                   kmemdup(cfg->extra_buf, conn_info->req_ie_len,
-                           GFP_KERNEL);
-+              if (!conn_info->req_ie)
-+                      conn_info->req_ie_len = 0;
-       } else {
-               conn_info->req_ie_len = 0;
-               conn_info->req_ie = NULL;
-@@ -5472,6 +5474,8 @@ static s32 brcmf_get_assoc_ies(struct br
-               conn_info->resp_ie =
-                   kmemdup(cfg->extra_buf, conn_info->resp_ie_len,
-                           GFP_KERNEL);
-+              if (!conn_info->resp_ie)
-+                      conn_info->resp_ie_len = 0;
-       } else {
-               conn_info->resp_ie_len = 0;
-               conn_info->resp_ie = NULL;
diff --git a/package/kernel/mac80211/patches/brcm/373-v5.2-brcm80211-potential-NULL-dereference-in-brcmf_cfg802.patch b/package/kernel/mac80211/patches/brcm/373-v5.2-brcm80211-potential-NULL-dereference-in-brcmf_cfg802.patch
deleted file mode 100644 (file)
index b4d56c3..0000000
+++ /dev/null
@@ -1,50 +0,0 @@
-From e025da3d7aa4770bb1d1b3b0aa7cc4da1744852d Mon Sep 17 00:00:00 2001
-From: Dan Carpenter <dan.carpenter@oracle.com>
-Date: Wed, 24 Apr 2019 12:52:18 +0300
-Subject: [PATCH] brcm80211: potential NULL dereference in
- brcmf_cfg80211_vndr_cmds_dcmd_handler()
-
-If "ret_len" is negative then it could lead to a NULL dereference.
-
-The "ret_len" value comes from nl80211_vendor_cmd(), if it's negative
-then we don't allocate the "dcmd_buf" buffer.  Then we pass "ret_len" to
-brcmf_fil_cmd_data_set() where it is cast to a very high u32 value.
-Most of the functions in that call tree check whether the buffer we pass
-is NULL but there are at least a couple places which don't such as
-brcmf_dbg_hex_dump() and brcmf_msgbuf_query_dcmd().  We memcpy() to and
-from the buffer so it would result in a NULL dereference.
-
-The fix is to change the types so that "ret_len" can't be negative.  (If
-we memcpy() zero bytes to NULL, that's a no-op and doesn't cause an
-issue).
-
-Fixes: 1bacb0487d0e ("brcmfmac: replace cfg80211 testmode with vendor command")
-Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
-Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
----
- drivers/net/wireless/broadcom/brcm80211/brcmfmac/vendor.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
---- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/vendor.c
-+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/vendor.c
-@@ -35,9 +35,10 @@ static int brcmf_cfg80211_vndr_cmds_dcmd
-       struct brcmf_if *ifp;
-       const struct brcmf_vndr_dcmd_hdr *cmdhdr = data;
-       struct sk_buff *reply;
--      int ret, payload, ret_len;
-+      unsigned int payload, ret_len;
-       void *dcmd_buf = NULL, *wr_pointer;
-       u16 msglen, maxmsglen = PAGE_SIZE - 0x100;
-+      int ret;
-       if (len < sizeof(*cmdhdr)) {
-               brcmf_err("vendor command too short: %d\n", len);
-@@ -65,7 +66,7 @@ static int brcmf_cfg80211_vndr_cmds_dcmd
-                       brcmf_err("oversize return buffer %d\n", ret_len);
-                       ret_len = BRCMF_DCMD_MAXLEN;
-               }
--              payload = max(ret_len, len) + 1;
-+              payload = max_t(unsigned int, ret_len, len) + 1;
-               dcmd_buf = vzalloc(payload);
-               if (NULL == dcmd_buf)
-                       return -ENOMEM;
index f3e311a2e9a5967ed9e66bc8c9c4cb21c6e73359..9c5870bef8aadf2bab0abb5c768c50487186f228 100644 (file)
@@ -1,6 +1,6 @@
 --- a/drivers/net/wireless/marvell/mwl8k.c
 +++ b/drivers/net/wireless/marvell/mwl8k.c
-@@ -5686,6 +5686,7 @@ MODULE_FIRMWARE("mwl8k/fmimage_8366.fw")
+@@ -5691,6 +5691,7 @@ MODULE_FIRMWARE("mwl8k/fmimage_8366.fw")
  MODULE_FIRMWARE(MWL8K_8366_AP_FW(MWL8K_8366_AP_FW_API));
  
  static const struct pci_device_id mwl8k_pci_id_table[] = {
index 61a6c4c70f6b9242fbb56b63964ba8cef74d48b0..ca0b37a8a71598b95b25149f787a8456369b79cf 100644 (file)
@@ -1,6 +1,6 @@
 --- a/drivers/net/wireless/marvell/mwl8k.c
 +++ b/drivers/net/wireless/marvell/mwl8k.c
-@@ -6271,6 +6271,8 @@ static int mwl8k_probe(struct pci_dev *p
+@@ -6276,6 +6276,8 @@ static int mwl8k_probe(struct pci_dev *p
  
        priv->running_bsses = 0;
  
@@ -9,7 +9,7 @@
        return rc;
  
  err_stop_firmware:
-@@ -6304,8 +6306,6 @@ static void mwl8k_remove(struct pci_dev
+@@ -6309,8 +6311,6 @@ static void mwl8k_remove(struct pci_dev
                return;
        priv = hw->priv;
  
diff --git a/package/kernel/mac80211/patches/mwl/941-mwl8k-Fix-rate_idx-underflow.patch b/package/kernel/mac80211/patches/mwl/941-mwl8k-Fix-rate_idx-underflow.patch
deleted file mode 100644 (file)
index d034dcf..0000000
+++ /dev/null
@@ -1,75 +0,0 @@
-From b897577af85bb5e5638efa780bc3716fae5212d3 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20=C5=A0tetiar?= <ynezz@true.cz>
-Date: Mon, 8 Apr 2019 09:45:56 +0200
-Subject: [PATCH] mwl8k: Fix rate_idx underflow
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-It was reported on OpenWrt bug tracking system[1], that several users
-are affected by the endless reboot of their routers if they configure
-5GHz interface with channel 44 or 48.
-
-The reboot loop is caused by the following excessive number of WARN_ON
-messages:
-
- WARNING: CPU: 0 PID: 0 at backports-4.19.23-1/net/mac80211/rx.c:4516
-                             ieee80211_rx_napi+0x1fc/0xa54 [mac80211]
-
-as the messages are being correctly emitted by the following guard:
-
- case RX_ENC_LEGACY:
-      if (WARN_ON(status->rate_idx >= sband->n_bitrates))
-
-as the rate_idx is in this case erroneously set to 251 (0xfb). This fix
-simply converts previously used magic number to proper constant and
-guards against substraction which is leading to the currently observed
-underflow.
-
-1. https://bugs.openwrt.org/index.php?do=details&task_id=2218
-
-Fixes: 854783444bab ("mwl8k: properly set receive status rate index on 5 GHz receive")
-Cc: <stable@vger.kernel.org>
-Tested-by: Eubert Bao <bunnier@gmail.com>
-Reported-by: Eubert Bao <bunnier@gmail.com>
-Signed-off-by: Petr Å tetiar <ynezz@true.cz>
----
- drivers/net/wireless/marvell/mwl8k.c | 13 +++++++++----
- 1 file changed, 9 insertions(+), 4 deletions(-)
-
---- a/drivers/net/wireless/marvell/mwl8k.c
-+++ b/drivers/net/wireless/marvell/mwl8k.c
-@@ -441,6 +441,9 @@ static const struct ieee80211_rate mwl8k
- #define MWL8K_CMD_UPDATE_STADB                0x1123
- #define MWL8K_CMD_BASTREAM            0x1125
-+#define MWL8K_LEGACY_5G_RATE_OFFSET \
-+      (ARRAY_SIZE(mwl8k_rates_24) - ARRAY_SIZE(mwl8k_rates_50))
-+
- static const char *mwl8k_cmd_name(__le16 cmd, char *buf, int bufsize)
- {
-       u16 command = le16_to_cpu(cmd);
-@@ -1016,8 +1019,9 @@ mwl8k_rxd_ap_process(void *_rxd, struct
-       if (rxd->channel > 14) {
-               status->band = NL80211_BAND_5GHZ;
--              if (!(status->encoding == RX_ENC_HT))
--                      status->rate_idx -= 5;
-+              if (!(status->encoding == RX_ENC_HT) &&
-+                  status->rate_idx >= MWL8K_LEGACY_5G_RATE_OFFSET)
-+                      status->rate_idx -= MWL8K_LEGACY_5G_RATE_OFFSET;
-       } else {
-               status->band = NL80211_BAND_2GHZ;
-       }
-@@ -1124,8 +1128,9 @@ mwl8k_rxd_sta_process(void *_rxd, struct
-       if (rxd->channel > 14) {
-               status->band = NL80211_BAND_5GHZ;
--              if (!(status->encoding == RX_ENC_HT))
--                      status->rate_idx -= 5;
-+              if (!(status->encoding == RX_ENC_HT) &&
-+                  status->rate_idx >= MWL8K_LEGACY_5G_RATE_OFFSET)
-+                      status->rate_idx -= MWL8K_LEGACY_5G_RATE_OFFSET;
-       } else {
-               status->band = NL80211_BAND_2GHZ;
-       }
index 832768d0424d7cb0cbfe004c964cea4543cfdc0d..3e76379fa4e5663bf398b11ae30bf09675f52f13 100644 (file)
@@ -51,7 +51,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
                rt2800mmio_enable_interrupt(rt2x00dev,
 --- a/drivers/net/wireless/ralink/rt2x00/rt2x00.h
 +++ b/drivers/net/wireless/ralink/rt2x00/rt2x00.h
-@@ -980,6 +980,8 @@ struct rt2x00_dev {
+@@ -979,6 +979,8 @@ struct rt2x00_dev {
         */
        DECLARE_KFIFO_PTR(txstatus_fifo, u32);
  
@@ -62,7 +62,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
         */
 --- a/drivers/net/wireless/ralink/rt2x00/rt2x00queue.c
 +++ b/drivers/net/wireless/ralink/rt2x00/rt2x00queue.c
-@@ -1039,6 +1039,7 @@ void rt2x00queue_start_queues(struct rt2
+@@ -1042,6 +1042,7 @@ void rt2x00queue_start_queues(struct rt2
         */
        tx_queue_for_each(rt2x00dev, queue)
                rt2x00queue_start_queue(queue);
index 0f29026373951873dbb1ce3bc207e9e56f58e836..f2839941af5ea007f0c223690351709fee5958d0 100644 (file)
@@ -97,7 +97,7 @@ Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
         * Driver configuration
 --- a/drivers/net/wireless/ralink/rt2x00/rt2x00mac.c
 +++ b/drivers/net/wireless/ralink/rt2x00/rt2x00mac.c
-@@ -720,8 +720,12 @@ void rt2x00mac_flush(struct ieee80211_hw
+@@ -710,8 +710,12 @@ void rt2x00mac_flush(struct ieee80211_hw
        if (!test_bit(DEVICE_STATE_PRESENT, &rt2x00dev->flags))
                return;
  
index 251ac287bfda9fc9a357aa8c704ddaab11f35f37..c1754694bd97337dde800e58a352f5814a63733c 100644 (file)
@@ -34,7 +34,7 @@ Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
 
 --- a/drivers/net/wireless/ralink/rt2x00/rt2x00.h
 +++ b/drivers/net/wireless/ralink/rt2x00/rt2x00.h
-@@ -1017,6 +1017,7 @@ struct rt2x00_dev {
+@@ -1016,6 +1016,7 @@ struct rt2x00_dev {
        unsigned int extra_tx_headroom;
  
        struct usb_anchor *anchor;
index 7e2f2193be9187ede2083361e2435a28cef43469..223abab4f128c6585ed0ed6098f47b5a63ddfdc3 100644 (file)
@@ -32,7 +32,7 @@ Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
 
 --- a/drivers/net/wireless/ralink/rt2x00/rt2x00queue.c
 +++ b/drivers/net/wireless/ralink/rt2x00/rt2x00queue.c
-@@ -671,7 +671,7 @@ int rt2x00queue_write_tx_frame(struct da
+@@ -674,7 +674,7 @@ int rt2x00queue_write_tx_frame(struct da
        spin_lock(&queue->tx_lock);
  
        if (unlikely(rt2x00queue_full(queue))) {
index 0daaef5e8b5f186624856c447b7df2bf0ccfff48..08ac24033d30ad89469f915cc0e43cff369ad0ba 100644 (file)
@@ -36,7 +36,7 @@ Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
                if (rt2800_entry_txstatus_timeout(rt2x00dev, entry))
 --- a/drivers/net/wireless/ralink/rt2x00/rt2x00.h
 +++ b/drivers/net/wireless/ralink/rt2x00/rt2x00.h
-@@ -981,8 +981,6 @@ struct rt2x00_dev {
+@@ -980,8 +980,6 @@ struct rt2x00_dev {
         */
        DECLARE_KFIFO_PTR(txstatus_fifo, u32);
  
@@ -47,7 +47,7 @@ Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
         */
 --- a/drivers/net/wireless/ralink/rt2x00/rt2x00queue.c
 +++ b/drivers/net/wireless/ralink/rt2x00/rt2x00queue.c
-@@ -1039,7 +1039,6 @@ void rt2x00queue_start_queues(struct rt2
+@@ -1042,7 +1042,6 @@ void rt2x00queue_start_queues(struct rt2
         */
        tx_queue_for_each(rt2x00dev, queue)
                rt2x00queue_start_queue(queue);
diff --git a/package/kernel/mac80211/patches/rt2x00/032-rt2x00-do-not-increment-sequence-number-while-re-tra.patch b/package/kernel/mac80211/patches/rt2x00/032-rt2x00-do-not-increment-sequence-number-while-re-tra.patch
deleted file mode 100644 (file)
index c1f3815..0000000
+++ /dev/null
@@ -1,94 +0,0 @@
-From 746ba11f170603bf1eaade817553a6c2e9135bbe Mon Sep 17 00:00:00 2001
-From: Vijayakumar Durai <vijayakumar.durai1@vivint.com>
-Date: Wed, 27 Mar 2019 11:03:17 +0100
-Subject: [PATCH] rt2x00: do not increment sequence number while
- re-transmitting
-
-Currently rt2x00 devices retransmit the management frames with
-incremented sequence number if hardware is assigning the sequence.
-
-This is HW bug fixed already for non-QOS data frames, but it should
-be fixed for management frames except beacon.
-
-Without fix retransmitted frames have wrong SN:
-
- AlphaNet_e8:fb:36 Vivotek_52:31:51 Authentication, SN=1648, FN=0, Flags=........C Frame is not being retransmitted 1648 1
- AlphaNet_e8:fb:36 Vivotek_52:31:51 Authentication, SN=1649, FN=0, Flags=....R...C Frame is being retransmitted 1649 1
- AlphaNet_e8:fb:36 Vivotek_52:31:51 Authentication, SN=1650, FN=0, Flags=....R...C Frame is being retransmitted 1650 1
-
-With the fix SN stays correctly the same:
-
- 88:6a:e3:e8:f9:a2 8c:f5:a3:88:76:87 Authentication, SN=1450, FN=0, Flags=........C
- 88:6a:e3:e8:f9:a2 8c:f5:a3:88:76:87 Authentication, SN=1450, FN=0, Flags=....R...C
- 88:6a:e3:e8:f9:a2 8c:f5:a3:88:76:87 Authentication, SN=1450, FN=0, Flags=....R...C
-
-Cc: stable@vger.kernel.org
-Signed-off-by: Vijayakumar Durai <vijayakumar.durai1@vivint.com>
-[sgruszka: simplify code, change comments and changelog]
-Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
-Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
----
- drivers/net/wireless/ralink/rt2x00/rt2x00.h      |  1 -
- drivers/net/wireless/ralink/rt2x00/rt2x00mac.c   | 10 ----------
- drivers/net/wireless/ralink/rt2x00/rt2x00queue.c | 15 +++++++++------
- 3 files changed, 9 insertions(+), 17 deletions(-)
-
---- a/drivers/net/wireless/ralink/rt2x00/rt2x00.h
-+++ b/drivers/net/wireless/ralink/rt2x00/rt2x00.h
-@@ -673,7 +673,6 @@ enum rt2x00_state_flags {
-       CONFIG_CHANNEL_HT40,
-       CONFIG_POWERSAVING,
-       CONFIG_HT_DISABLED,
--      CONFIG_QOS_DISABLED,
-       CONFIG_MONITORING,
-       /*
---- a/drivers/net/wireless/ralink/rt2x00/rt2x00mac.c
-+++ b/drivers/net/wireless/ralink/rt2x00/rt2x00mac.c
-@@ -642,19 +642,9 @@ void rt2x00mac_bss_info_changed(struct i
-                       rt2x00dev->intf_associated--;
-               rt2x00leds_led_assoc(rt2x00dev, !!rt2x00dev->intf_associated);
--
--              clear_bit(CONFIG_QOS_DISABLED, &rt2x00dev->flags);
-       }
-       /*
--       * Check for access point which do not support 802.11e . We have to
--       * generate data frames sequence number in S/W for such AP, because
--       * of H/W bug.
--       */
--      if (changes & BSS_CHANGED_QOS && !bss_conf->qos)
--              set_bit(CONFIG_QOS_DISABLED, &rt2x00dev->flags);
--
--      /*
-        * When the erp information has changed, we should perform
-        * additional configuration steps. For all other changes we are done.
-        */
---- a/drivers/net/wireless/ralink/rt2x00/rt2x00queue.c
-+++ b/drivers/net/wireless/ralink/rt2x00/rt2x00queue.c
-@@ -201,15 +201,18 @@ static void rt2x00queue_create_tx_descri
-       if (!rt2x00_has_cap_flag(rt2x00dev, REQUIRE_SW_SEQNO)) {
-               /*
-                * rt2800 has a H/W (or F/W) bug, device incorrectly increase
--               * seqno on retransmited data (non-QOS) frames. To workaround
--               * the problem let's generate seqno in software if QOS is
--               * disabled.
-+               * seqno on retransmitted data (non-QOS) and management frames.
-+               * To workaround the problem let's generate seqno in software.
-+               * Except for beacons which are transmitted periodically by H/W
-+               * hence hardware has to assign seqno for them.
-                */
--              if (test_bit(CONFIG_QOS_DISABLED, &rt2x00dev->flags))
--                      __clear_bit(ENTRY_TXD_GENERATE_SEQ, &txdesc->flags);
--              else
-+              if (ieee80211_is_beacon(hdr->frame_control)) {
-+                      __set_bit(ENTRY_TXD_GENERATE_SEQ, &txdesc->flags);
-                       /* H/W will generate sequence number */
-                       return;
-+              }
-+
-+              __clear_bit(ENTRY_TXD_GENERATE_SEQ, &txdesc->flags);
-       }
-       /*
index 0fe6ee196c054afaf3376af955ca22603724de1f..0cedfb3ac66f6184347d80f720a4ce7fa3d83441 100644 (file)
        struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(skb);
        struct ieee80211_key *key = rx->key;
        struct ieee80211_mmie_16 *mmie;
--      u8 aad[GMAC_AAD_LEN], mic[GMAC_MIC_LEN], ipn[6], nonce[GMAC_NONCE_LEN];
-+      u8 aad[20], mic[16], ipn[6], nonce[12];
+-      u8 aad[GMAC_AAD_LEN], *mic, ipn[6], nonce[GMAC_NONCE_LEN];
++      u8 aad[20], *mic, ipn[6], nonce[12];
        struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
  
        if (!ieee80211_is_mgmt(hdr->frame_control))
index 42a63822090d354efcb989c2187a08df8d01426a..f78ba82de352c9c5660189a1bb9504e16e8e755e 100644 (file)
@@ -1,6 +1,6 @@
 --- a/net/mac80211/tx.c
 +++ b/net/mac80211/tx.c
-@@ -3797,6 +3797,12 @@ out:
+@@ -3800,6 +3800,12 @@ out:
  netdev_tx_t ieee80211_subif_start_xmit(struct sk_buff *skb,
                                       struct net_device *dev)
  {
index 422e9c29775fb17c6cb4d76dcf5c044a0e2ed089..c354d2caf4ed2e5400275a6b3a44c60a156d83ba 100644 (file)
@@ -100,7 +100,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
                     (unsigned long) local);
 --- a/net/mac80211/tx.c
 +++ b/net/mac80211/tx.c
-@@ -3482,13 +3482,19 @@ struct sk_buff *ieee80211_tx_dequeue(str
+@@ -3485,13 +3485,19 @@ struct sk_buff *ieee80211_tx_dequeue(str
        struct ieee80211_tx_info *info;
        struct ieee80211_tx_data tx;
        ieee80211_tx_result r;
@@ -122,7 +122,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
        /* Make sure fragments stay together. */
        skb = __skb_dequeue(&txqi->frags);
        if (skb)
-@@ -3583,6 +3589,7 @@ begin:
+@@ -3586,6 +3592,7 @@ begin:
        }
  
        IEEE80211_SKB_CB(skb)->control.vif = vif;
diff --git a/package/kernel/mac80211/patches/subsys/301-mac80211-do-not-call-driver-wake_tx_queue-op-during-.patch b/package/kernel/mac80211/patches/subsys/301-mac80211-do-not-call-driver-wake_tx_queue-op-during-.patch
deleted file mode 100644 (file)
index 5bbf4db..0000000
+++ /dev/null
@@ -1,33 +0,0 @@
-From: Felix Fietkau <nbd@nbd.name>
-Date: Fri, 1 Mar 2019 14:42:56 +0100
-Subject: [PATCH] mac80211: do not call driver wake_tx_queue op during reconfig
-
-There are several scenarios in which mac80211 can call drv_wake_tx_queue
-after ieee80211_restart_hw has been called and has not yet completed.
-Driver private structs are considered uninitialized until mac80211 has
-uploaded the vifs, stations and keys again, so using private tx queue
-data during that time is not safe.
-
-The driver can also not rely on drv_reconfig_complete to figure out when
-it is safe to accept drv_wake_tx_queue calls again, because it is only
-called after all tx queues are woken again.
-
-To fix this, bail out early in drv_wake_tx_queue if local->in_reconfig
-is set.
-
-Cc: stable@vger.kernel.org
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
-
---- a/net/mac80211/driver-ops.h
-+++ b/net/mac80211/driver-ops.h
-@@ -1166,6 +1166,9 @@ static inline void drv_wake_tx_queue(str
- {
-       struct ieee80211_sub_if_data *sdata = vif_to_sdata(txq->txq.vif);
-+      if (local->in_reconfig)
-+              return;
-+
-       if (!check_sdata_in_driver(sdata))
-               return;
diff --git a/package/kernel/mac80211/patches/subsys/311-mac80211-fix-memory-accounting-with-A-MSDU-aggregati.patch b/package/kernel/mac80211/patches/subsys/311-mac80211-fix-memory-accounting-with-A-MSDU-aggregati.patch
deleted file mode 100644 (file)
index 1fd2b25..0000000
+++ /dev/null
@@ -1,58 +0,0 @@
-From: Felix Fietkau <nbd@nbd.name>
-Date: Thu, 8 Mar 2018 21:00:56 +0100
-Subject: [PATCH] mac80211: fix memory accounting with A-MSDU aggregation
-
-fq uses skb->truesize for memory usage tracking. Increments/decrements
-are done on enqueue/dequeue.
-When A-MSDU aggregation is performed on tx side, the packet is
-aggregated with the last packet in the queue belonging to the same flow.
-There are multiple bugs here:
-- The truesize field of the aggregated packet isn't updated, so memory
-usage is underestimated
-- fq->memory_usage isn't adjusted.
-
-Because of the combination of both bugs, this only causes tx issues in
-rare cases, mainly when the A-MSDU head needs to be reallocated.
-
-Fix this by adjusting both truesize of the A-MSDU head and adding the
-truesize delta to fq->memory_usage.
-
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
-
---- a/net/mac80211/tx.c
-+++ b/net/mac80211/tx.c
-@@ -3185,6 +3185,7 @@ static bool ieee80211_amsdu_aggregate(st
-       u8 max_subframes = sta->sta.max_amsdu_subframes;
-       int max_frags = local->hw.max_tx_fragments;
-       int max_amsdu_len = sta->sta.max_amsdu_len;
-+      int orig_truesize;
-       __be16 len;
-       void *data;
-       bool ret = false;
-@@ -3216,12 +3217,13 @@ static bool ieee80211_amsdu_aggregate(st
-       flow = fq_flow_classify(fq, tin, skb, fq_flow_get_default_func);
-       head = skb_peek_tail(&flow->queue);
-       if (!head)
--              goto out;
-+              goto unlock;
-+      orig_truesize = head->truesize;
-       orig_len = head->len;
-       if (skb->len + head->len > max_amsdu_len)
--              goto out;
-+              goto unlock;
-       nfrags = 1 + skb_shinfo(skb)->nr_frags;
-       nfrags += 1 + skb_shinfo(head)->nr_frags;
-@@ -3279,6 +3281,9 @@ out_recalc:
-               fq_recalc_backlog(fq, tin, flow);
-       }
- out:
-+      fq->memory_usage += head->truesize - orig_truesize;
-+
-+unlock:
-       spin_unlock_bh(&fq->lock);
-       return ret;
diff --git a/package/kernel/mac80211/patches/subsys/313-mac80211-fix-unaligned-access-in-mesh-table-hash-fun.patch b/package/kernel/mac80211/patches/subsys/313-mac80211-fix-unaligned-access-in-mesh-table-hash-fun.patch
deleted file mode 100644 (file)
index 2ce2358..0000000
+++ /dev/null
@@ -1,21 +0,0 @@
-From: Felix Fietkau <nbd@nbd.name>
-Date: Wed, 13 Mar 2019 18:52:56 +0100
-Subject: [PATCH] mac80211: fix unaligned access in mesh table hash function
-
-The pointer to the last four bytes of the address is not guaranteed to be
-aligned, so we need to use __get_unaligned_cpu32 here
-
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
-
---- a/net/mac80211/mesh_pathtbl.c
-+++ b/net/mac80211/mesh_pathtbl.c
-@@ -23,7 +23,7 @@ static void mesh_path_free_rcu(struct me
- static u32 mesh_table_hash(const void *addr, u32 len, u32 seed)
- {
-       /* Use last four bytes of hw addr as hash index */
--      return jhash_1word(*(u32 *)(addr+2), seed);
-+      return jhash_1word(__get_unaligned_cpu32(addr+2), seed);
- }
- static const struct rhashtable_params mesh_rht_params = {
index 0f7d9e15067a6e0c5de1d24125295430e93c7832..4566e99319548a74e65ada51079a0bb9899fdc78 100644 (file)
@@ -229,7 +229,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  
        return true;
  }
-@@ -3602,6 +3606,60 @@ out:
+@@ -3600,6 +3604,60 @@ out:
  }
  EXPORT_SYMBOL(ieee80211_tx_dequeue);
  
index 7eb64c425183b5dafcf443e36423bd51064b1615..338e247307e083d8e7881425c46501ce6f9a14c2 100644 (file)
@@ -156,7 +156,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  };
  
  /* policy for the key attributes */
-@@ -4658,6 +4659,11 @@ static int nl80211_send_station(struct s
+@@ -4664,6 +4665,11 @@ static int nl80211_send_station(struct s
        PUT_SINFO(PLID, plid, u16);
        PUT_SINFO(PLINK_STATE, plink_state, u8);
        PUT_SINFO_U64(RX_DURATION, rx_duration);
@@ -168,7 +168,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  
        switch (rdev->wiphy.signal_type) {
        case CFG80211_SIGNAL_TYPE_MBM:
-@@ -5294,6 +5300,15 @@ static int nl80211_set_station(struct sk
+@@ -5300,6 +5306,15 @@ static int nl80211_set_station(struct sk
                        nla_get_u8(info->attrs[NL80211_ATTR_OPMODE_NOTIF]);
        }
  
@@ -184,7 +184,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
        /* Include parameters for TDLS peer (will check later) */
        err = nl80211_set_station_tdls(info, &params);
        if (err)
-@@ -5432,6 +5447,15 @@ static int nl80211_new_station(struct sk
+@@ -5438,6 +5453,15 @@ static int nl80211_new_station(struct sk
                        return -EINVAL;
        }
  
index d4176eb491451b3b7b324dde5984a29fa145bab2..c8decd2f08a470792e48e752ccf37f8b083c0f18 100644 (file)
@@ -412,7 +412,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
        spin_lock_bh(&local->active_txq_lock[txqi->txq.ac]);
        list_del_init(&txqi->schedule_order);
        spin_unlock_bh(&local->active_txq_lock[txqi->txq.ac]);
-@@ -3613,11 +3616,28 @@ struct ieee80211_txq *ieee80211_next_txq
+@@ -3611,11 +3614,28 @@ struct ieee80211_txq *ieee80211_next_txq
  
        lockdep_assert_held(&local->active_txq_lock[ac]);
  
@@ -442,7 +442,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
                return NULL;
  
        list_del_init(&txqi->schedule_order);
-@@ -3635,12 +3655,74 @@ void ieee80211_return_txq(struct ieee802
+@@ -3633,12 +3653,74 @@ void ieee80211_return_txq(struct ieee802
        lockdep_assert_held(&local->active_txq_lock[txq->ac]);
  
        if (list_empty(&txqi->schedule_order) &&
index 573f9bd13590671f7bd479617ba66ebe2dde4eec..b5b06cdde95faeab8f1e74c573e484654de1609f 100644 (file)
@@ -51,7 +51,7 @@ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
  
 --- a/net/mac80211/tx.c
 +++ b/net/mac80211/tx.c
-@@ -3675,6 +3675,19 @@ void ieee80211_return_txq(struct ieee802
+@@ -3673,6 +3673,19 @@ void ieee80211_return_txq(struct ieee802
  }
  EXPORT_SYMBOL(ieee80211_return_txq);
  
index 2759895c988fb59acae5781c0a6e06d401cb7ead..7b2a4a1c09f531c0109c35f8245e30c6acee87f1 100644 (file)
@@ -48,7 +48,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
        if (likely(sta)) {
                if (!IS_ERR(sta))
                        tx->sta = sta;
-@@ -3525,6 +3525,7 @@ begin:
+@@ -3523,6 +3523,7 @@ begin:
        tx.local = local;
        tx.skb = skb;
        tx.sdata = vif_to_sdata(info->control.vif);
@@ -56,7 +56,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  
        if (txq->sta)
                tx.sta = container_of(txq->sta, struct sta_info, sta);
-@@ -3551,7 +3552,7 @@ begin:
+@@ -3549,7 +3550,7 @@ begin:
  
                if (tx.key &&
                    (tx.key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV))
@@ -65,7 +65,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  
                ieee80211_xmit_fast_finish(sta->sdata, sta, pn_offs,
                                           tx.key, skb);
-@@ -4008,6 +4009,7 @@ ieee80211_build_data_template(struct iee
+@@ -4006,6 +4007,7 @@ ieee80211_build_data_template(struct iee
        hdr = (void *)skb->data;
        tx.sta = sta_info_get(sdata, hdr->addr1);
        tx.skb = skb;
index d8dbecca1b3c040a0ecc5437722fce2782602e99..e1e846e0dfc286c4534dde463a7e323f2f9d9f2f 100644 (file)
@@ -274,7 +274,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
        /* We store the key here so there's no point in using rcu_dereference()
         * but that's fine because the code that changes the pointers will call
         * this function after doing so. For a single CPU that would be enough,
-@@ -3525,7 +3531,7 @@ begin:
+@@ -3523,7 +3529,7 @@ begin:
        tx.local = local;
        tx.skb = skb;
        tx.sdata = vif_to_sdata(info->control.vif);
@@ -283,7 +283,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  
        if (txq->sta)
                tx.sta = container_of(txq->sta, struct sta_info, sta);
-@@ -4009,7 +4015,7 @@ ieee80211_build_data_template(struct iee
+@@ -4007,7 +4013,7 @@ ieee80211_build_data_template(struct iee
        hdr = (void *)skb->data;
        tx.sta = sta_info_get(sdata, hdr->addr1);
        tx.skb = skb;
index ef67dd197701880c29a43831a6fc04eaca09d800..0404afe7d2308e81e99d5afa692de513153fe767 100644 (file)
@@ -95,7 +95,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
   * ieee80211_txq_may_transmit - check whether TXQ is allowed to transmit
 --- a/net/mac80211/tx.c
 +++ b/net/mac80211/tx.c
-@@ -3619,16 +3619,17 @@ EXPORT_SYMBOL(ieee80211_tx_dequeue);
+@@ -3617,16 +3617,17 @@ EXPORT_SYMBOL(ieee80211_tx_dequeue);
  struct ieee80211_txq *ieee80211_next_txq(struct ieee80211_hw *hw, u8 ac)
  {
        struct ieee80211_local *local = hw_to_local(hw);
@@ -115,7 +115,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  
        if (txqi->txq.sta) {
                struct sta_info *sta = container_of(txqi->txq.sta,
-@@ -3645,21 +3646,25 @@ struct ieee80211_txq *ieee80211_next_txq
+@@ -3643,21 +3644,25 @@ struct ieee80211_txq *ieee80211_next_txq
  
  
        if (txqi->schedule_round == local->schedule_round[ac])
@@ -146,7 +146,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  
        if (list_empty(&txqi->schedule_order) &&
            (!skb_queue_empty(&txqi->frags) || txqi->tin.backlog_packets)) {
-@@ -3679,18 +3684,7 @@ void ieee80211_return_txq(struct ieee802
+@@ -3677,18 +3682,7 @@ void ieee80211_return_txq(struct ieee802
                        list_add_tail(&txqi->schedule_order,
                                      &local->active_txqs[txq->ac]);
        }
@@ -165,7 +165,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
        spin_unlock_bh(&local->active_txq_lock[txq->ac]);
  }
  EXPORT_SYMBOL(ieee80211_schedule_txq);
-@@ -3703,7 +3697,7 @@ bool ieee80211_txq_may_transmit(struct i
+@@ -3701,7 +3695,7 @@ bool ieee80211_txq_may_transmit(struct i
        struct sta_info *sta;
        u8 ac = txq->ac;
  
@@ -174,7 +174,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  
        if (!txqi->txq.sta)
                goto out;
-@@ -3733,34 +3727,27 @@ bool ieee80211_txq_may_transmit(struct i
+@@ -3731,34 +3725,27 @@ bool ieee80211_txq_may_transmit(struct i
  
        sta->airtime[ac].deficit += sta->airtime_weight;
        list_move_tail(&txqi->schedule_order, &local->active_txqs[ac]);
index 2b6d8ab52525dcbdb0f8cec14732a624cec99672..3084a4ba32669085c448e24a1fda6ce8e1639eda 100644 (file)
@@ -121,4 +121,4 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 +                              fq_flow_get_default_func);
        head = skb_peek_tail(&flow->queue);
        if (!head)
-               goto unlock;
+               goto out;
index 3127c868227809ec1763c507944b694e430150b2..ba25458816284f33c1cec18c2b5427a6294cd585 100644 (file)
@@ -10,7 +10,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 
 --- a/net/mac80211/tx.c
 +++ b/net/mac80211/tx.c
-@@ -3507,6 +3507,7 @@ struct sk_buff *ieee80211_tx_dequeue(str
+@@ -3505,6 +3505,7 @@ struct sk_buff *ieee80211_tx_dequeue(str
        ieee80211_tx_result r;
        struct ieee80211_vif *vif = txq->vif;
  
@@ -18,7 +18,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
        spin_lock_bh(&fq->lock);
  
        if (test_bit(IEEE80211_TXQ_STOP, &txqi->flags) ||
-@@ -3523,11 +3524,12 @@ struct sk_buff *ieee80211_tx_dequeue(str
+@@ -3521,11 +3522,12 @@ struct sk_buff *ieee80211_tx_dequeue(str
        if (skb)
                goto out;
  
@@ -32,7 +32,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
        hdr = (struct ieee80211_hdr *)skb->data;
        info = IEEE80211_SKB_CB(skb);
  
-@@ -3573,8 +3575,11 @@ begin:
+@@ -3571,8 +3573,11 @@ begin:
  
                skb = __skb_dequeue(&tx.skbs);
  
@@ -45,7 +45,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
        }
  
        if (skb && skb_has_frag_list(skb) &&
-@@ -3613,6 +3618,7 @@ begin:
+@@ -3611,6 +3616,7 @@ begin:
        }
  
        IEEE80211_SKB_CB(skb)->control.vif = vif;
index 82ed1723c02cfe4f1018ccbaf32d171bd9bd5758..8853ccd0594d9cd5a6aa129bf027a1a908a7697a 100644 (file)
@@ -180,7 +180,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
        }
  
        if (encaps_data)
-@@ -3377,7 +3367,6 @@ static bool ieee80211_xmit_fast(struct i
+@@ -3375,7 +3365,6 @@ static bool ieee80211_xmit_fast(struct i
        struct ieee80211_local *local = sdata->local;
        u16 ethertype = (skb->data[12] << 8) | skb->data[13];
        int extra_head = fast_tx->hdr_len - (ETH_HLEN - 2);
@@ -188,7 +188,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
        struct ethhdr eth;
        struct ieee80211_tx_info *info;
        struct ieee80211_hdr *hdr = (void *)fast_tx->hdr;
-@@ -3429,10 +3418,7 @@ static bool ieee80211_xmit_fast(struct i
+@@ -3427,10 +3416,7 @@ static bool ieee80211_xmit_fast(struct i
         * as the may-encrypt argument for the resize to not account for
         * more room than we already have in 'extra_head'
         */
index a0a65f35a87e6fd6eb32991fd5b73738fbc93f12..46dd151f1196c1961cb8c902852bbd8b367b903b 100644 (file)
@@ -72,7 +72,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  /**
 --- a/net/mac80211/tx.c
 +++ b/net/mac80211/tx.c
-@@ -3655,8 +3655,9 @@ out:
+@@ -3653,8 +3653,9 @@ out:
  }
  EXPORT_SYMBOL(ieee80211_next_txq);
  
@@ -84,7 +84,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  {
        struct ieee80211_local *local = hw_to_local(hw);
        struct txq_info *txqi = to_txq_info(txq);
-@@ -3664,7 +3665,8 @@ void ieee80211_schedule_txq(struct ieee8
+@@ -3662,7 +3663,8 @@ void ieee80211_schedule_txq(struct ieee8
        spin_lock_bh(&local->active_txq_lock[txq->ac]);
  
        if (list_empty(&txqi->schedule_order) &&
@@ -94,7 +94,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
                /* If airtime accounting is active, always enqueue STAs at the
                 * head of the list to ensure that they only get moved to the
                 * back by the airtime DRR scheduler once they have a negative
-@@ -3684,7 +3686,7 @@ void ieee80211_schedule_txq(struct ieee8
+@@ -3682,7 +3684,7 @@ void ieee80211_schedule_txq(struct ieee8
  
        spin_unlock_bh(&local->active_txq_lock[txq->ac]);
  }
index bb3af7317a5aeab88db49452a084b66910610146..6009ab74d8bb1c488b0492295ece3a3f92740d87 100644 (file)
@@ -13,7 +13,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 
 --- a/net/mac80211/tx.c
 +++ b/net/mac80211/tx.c
-@@ -3753,6 +3753,7 @@ void __ieee80211_subif_start_xmit(struct
+@@ -3751,6 +3751,7 @@ void __ieee80211_subif_start_xmit(struct
                                  u32 info_flags)
  {
        struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
@@ -21,7 +21,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
        struct sta_info *sta;
        struct sk_buff *next;
  
-@@ -3766,7 +3767,15 @@ void __ieee80211_subif_start_xmit(struct
+@@ -3764,7 +3765,15 @@ void __ieee80211_subif_start_xmit(struct
        if (ieee80211_lookup_ra_sta(sdata, skb, &sta))
                goto out_free;
  
index 81d14966f73dab859875cdb81020ef5d7ac64784..661a7c9f06202235a605d10b92d95af5ce1cb07b 100644 (file)
@@ -96,90 +96,100 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 -      MCS_GROUP(2, 0, BW_20, 4),
 -      MCS_GROUP(3, 0, BW_20, 4),
 -      MCS_GROUP(4, 0, BW_20, 4),
-+      MCS_GROUP(1, 0, BW_20),
-+      MCS_GROUP(2, 0, BW_20),
-+      MCS_GROUP(3, 0, BW_20),
-+      MCS_GROUP(4, 0, BW_20),
+-
 -      MCS_GROUP(1, 1, BW_20, 5),
 -      MCS_GROUP(2, 1, BW_20, 4),
 -      MCS_GROUP(3, 1, BW_20, 4),
 -      MCS_GROUP(4, 1, BW_20, 4),
-+      MCS_GROUP(1, 1, BW_20),
-+      MCS_GROUP(2, 1, BW_20),
-+      MCS_GROUP(3, 1, BW_20),
-+      MCS_GROUP(4, 1, BW_20),
+-
 -      MCS_GROUP(1, 0, BW_40, 4),
 -      MCS_GROUP(2, 0, BW_40, 4),
 -      MCS_GROUP(3, 0, BW_40, 4),
 -      MCS_GROUP(4, 0, BW_40, 4),
-+      MCS_GROUP(1, 0, BW_40),
-+      MCS_GROUP(2, 0, BW_40),
-+      MCS_GROUP(3, 0, BW_40),
-+      MCS_GROUP(4, 0, BW_40),
+-
 -      MCS_GROUP(1, 1, BW_40, 4),
 -      MCS_GROUP(2, 1, BW_40, 4),
 -      MCS_GROUP(3, 1, BW_40, 4),
 -      MCS_GROUP(4, 1, BW_40, 4),
-+      MCS_GROUP(1, 1, BW_40),
-+      MCS_GROUP(2, 1, BW_40),
-+      MCS_GROUP(3, 1, BW_40),
-+      MCS_GROUP(4, 1, BW_40),
+-
 -      CCK_GROUP(8),
-+      CCK_GROUP,
+-
 -      VHT_GROUP(1, 0, BW_20, 5),
 -      VHT_GROUP(2, 0, BW_20, 4),
 -      VHT_GROUP(3, 0, BW_20, 4),
 -      VHT_GROUP(4, 0, BW_20, 4),
-+      VHT_GROUP(1, 0, BW_20),
-+      VHT_GROUP(2, 0, BW_20),
-+      VHT_GROUP(3, 0, BW_20),
-+      VHT_GROUP(4, 0, BW_20),
+-
 -      VHT_GROUP(1, 1, BW_20, 5),
 -      VHT_GROUP(2, 1, BW_20, 4),
 -      VHT_GROUP(3, 1, BW_20, 4),
 -      VHT_GROUP(4, 1, BW_20, 4),
-+      VHT_GROUP(1, 1, BW_20),
-+      VHT_GROUP(2, 1, BW_20),
-+      VHT_GROUP(3, 1, BW_20),
-+      VHT_GROUP(4, 1, BW_20),
+-
 -      VHT_GROUP(1, 0, BW_40, 4),
 -      VHT_GROUP(2, 0, BW_40, 4),
 -      VHT_GROUP(3, 0, BW_40, 4),
 -      VHT_GROUP(4, 0, BW_40, 3),
-+      VHT_GROUP(1, 0, BW_40),
-+      VHT_GROUP(2, 0, BW_40),
-+      VHT_GROUP(3, 0, BW_40),
-+      VHT_GROUP(4, 0, BW_40),
+-
 -      VHT_GROUP(1, 1, BW_40, 4),
 -      VHT_GROUP(2, 1, BW_40, 4),
 -      VHT_GROUP(3, 1, BW_40, 4),
 -      VHT_GROUP(4, 1, BW_40, 3),
-+      VHT_GROUP(1, 1, BW_40),
-+      VHT_GROUP(2, 1, BW_40),
-+      VHT_GROUP(3, 1, BW_40),
-+      VHT_GROUP(4, 1, BW_40),
+-
 -      VHT_GROUP(1, 0, BW_80, 4),
 -      VHT_GROUP(2, 0, BW_80, 4),
 -      VHT_GROUP(3, 0, BW_80, 4),
 -      VHT_GROUP(4, 0, BW_80, 2),
-+      VHT_GROUP(1, 0, BW_80),
-+      VHT_GROUP(2, 0, BW_80),
-+      VHT_GROUP(3, 0, BW_80),
-+      VHT_GROUP(4, 0, BW_80),
+-
 -      VHT_GROUP(1, 1, BW_80, 4),
 -      VHT_GROUP(2, 1, BW_80, 4),
 -      VHT_GROUP(3, 1, BW_80, 4),
 -      VHT_GROUP(4, 1, BW_80, 2),
++      MCS_GROUP(1, 0, BW_20),
++      MCS_GROUP(2, 0, BW_20),
++      MCS_GROUP(3, 0, BW_20),
++      MCS_GROUP(4, 0, BW_20),
++
++      MCS_GROUP(1, 1, BW_20),
++      MCS_GROUP(2, 1, BW_20),
++      MCS_GROUP(3, 1, BW_20),
++      MCS_GROUP(4, 1, BW_20),
++
++      MCS_GROUP(1, 0, BW_40),
++      MCS_GROUP(2, 0, BW_40),
++      MCS_GROUP(3, 0, BW_40),
++      MCS_GROUP(4, 0, BW_40),
++
++      MCS_GROUP(1, 1, BW_40),
++      MCS_GROUP(2, 1, BW_40),
++      MCS_GROUP(3, 1, BW_40),
++      MCS_GROUP(4, 1, BW_40),
++
++      CCK_GROUP,
++
++      VHT_GROUP(1, 0, BW_20),
++      VHT_GROUP(2, 0, BW_20),
++      VHT_GROUP(3, 0, BW_20),
++      VHT_GROUP(4, 0, BW_20),
++
++      VHT_GROUP(1, 1, BW_20),
++      VHT_GROUP(2, 1, BW_20),
++      VHT_GROUP(3, 1, BW_20),
++      VHT_GROUP(4, 1, BW_20),
++
++      VHT_GROUP(1, 0, BW_40),
++      VHT_GROUP(2, 0, BW_40),
++      VHT_GROUP(3, 0, BW_40),
++      VHT_GROUP(4, 0, BW_40),
++
++      VHT_GROUP(1, 1, BW_40),
++      VHT_GROUP(2, 1, BW_40),
++      VHT_GROUP(3, 1, BW_40),
++      VHT_GROUP(4, 1, BW_40),
++
++      VHT_GROUP(1, 0, BW_80),
++      VHT_GROUP(2, 0, BW_80),
++      VHT_GROUP(3, 0, BW_80),
++      VHT_GROUP(4, 0, BW_80),
++
 +      VHT_GROUP(1, 1, BW_80),
 +      VHT_GROUP(2, 1, BW_80),
 +      VHT_GROUP(3, 1, BW_80),
diff --git a/package/kernel/mac80211/patches/subsys/390-nl-mac-80211-allow-4addr-AP-operation-on-crypto-cont.patch b/package/kernel/mac80211/patches/subsys/390-nl-mac-80211-allow-4addr-AP-operation-on-crypto-cont.patch
deleted file mode 100644 (file)
index d5b08b4..0000000
+++ /dev/null
@@ -1,103 +0,0 @@
-From 33d915d9e8ce811d8958915ccd18d71a66c7c495 Mon Sep 17 00:00:00 2001
-From: Manikanta Pubbisetty <mpubbise@codeaurora.org>
-Date: Wed, 8 May 2019 14:55:33 +0530
-Subject: [PATCH] {nl,mac}80211: allow 4addr AP operation on crypto controlled
- devices
-
-As per the current design, in the case of sw crypto controlled devices,
-it is the device which advertises the support for AP/VLAN iftype based
-on it's ability to tranmsit packets encrypted in software
-(In VLAN functionality, group traffic generated for a specific
-VLAN group is always encrypted in software). Commit db3bdcb9c3ff
-("mac80211: allow AP_VLAN operation on crypto controlled devices")
-has introduced this change.
-
-Since 4addr AP operation also uses AP/VLAN iftype, this conditional
-way of advertising AP/VLAN support has broken 4addr AP mode operation on
-crypto controlled devices which do not support VLAN functionality.
-
-In the case of ath10k driver, not all firmwares have support for VLAN
-functionality but all can support 4addr AP operation. Because AP/VLAN
-support is not advertised for these devices, 4addr AP operations are
-also blocked.
-
-Fix this by allowing 4addr operation on devices which do not support
-AP/VLAN iftype but can support 4addr AP operation (decision is based on
-the wiphy flag WIPHY_FLAG_4ADDR_AP).
-
-Cc: stable@vger.kernel.org
-Fixes: db3bdcb9c3ff ("mac80211: allow AP_VLAN operation on crypto controlled devices")
-Signed-off-by: Manikanta Pubbisetty <mpubbise@codeaurora.org>
-Signed-off-by: Johannes Berg <johannes.berg@intel.com>
----
- include/net/cfg80211.h | 3 ++-
- net/mac80211/util.c    | 4 +++-
- net/wireless/core.c    | 6 +++++-
- net/wireless/nl80211.c | 8 ++++++--
- 4 files changed, 16 insertions(+), 5 deletions(-)
-
---- a/include/net/cfg80211.h
-+++ b/include/net/cfg80211.h
-@@ -3457,7 +3457,8 @@ struct cfg80211_ops {
-  *    on wiphy_new(), but can be changed by the driver if it has a good
-  *    reason to override the default
-  * @WIPHY_FLAG_4ADDR_AP: supports 4addr mode even on AP (with a single station
-- *    on a VLAN interface)
-+ *    on a VLAN interface). This flag also serves an extra purpose of
-+ *    supporting 4ADDR AP mode on devices which do not support AP/VLAN iftype.
-  * @WIPHY_FLAG_4ADDR_STATION: supports 4addr mode even as a station
-  * @WIPHY_FLAG_CONTROL_PORT_PROTOCOL: This device supports setting the
-  *    control port protocol ethertype. The device also honours the
---- a/net/mac80211/util.c
-+++ b/net/mac80211/util.c
-@@ -3626,7 +3626,9 @@ int ieee80211_check_combinations(struct
-       }
-       /* Always allow software iftypes */
--      if (local->hw.wiphy->software_iftypes & BIT(iftype)) {
-+      if (local->hw.wiphy->software_iftypes & BIT(iftype) ||
-+          (iftype == NL80211_IFTYPE_AP_VLAN &&
-+           local->hw.wiphy->flags & WIPHY_FLAG_4ADDR_AP)) {
-               if (radar_detect)
-                       return -EINVAL;
-               return 0;
---- a/net/wireless/core.c
-+++ b/net/wireless/core.c
-@@ -1351,8 +1351,12 @@ static int cfg80211_netdev_notifier_call
-               }
-               break;
-       case NETDEV_PRE_UP:
--              if (!(wdev->wiphy->interface_modes & BIT(wdev->iftype)))
-+              if (!(wdev->wiphy->interface_modes & BIT(wdev->iftype)) &&
-+                  !(wdev->iftype == NL80211_IFTYPE_AP_VLAN &&
-+                    rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP &&
-+                    wdev->use_4addr))
-                       return notifier_from_errno(-EOPNOTSUPP);
-+
-               if (rfkill_blocked(rdev->rfkill))
-                       return notifier_from_errno(-ERFKILL);
-               break;
---- a/net/wireless/nl80211.c
-+++ b/net/wireless/nl80211.c
-@@ -3194,8 +3194,7 @@ static int nl80211_new_interface(struct
-                       return -EINVAL;
-       }
--      if (!rdev->ops->add_virtual_intf ||
--          !(rdev->wiphy.interface_modes & (1 << type)))
-+      if (!rdev->ops->add_virtual_intf)
-               return -EOPNOTSUPP;
-       if ((type == NL80211_IFTYPE_P2P_DEVICE || type == NL80211_IFTYPE_NAN ||
-@@ -3214,6 +3213,11 @@ static int nl80211_new_interface(struct
-                       return err;
-       }
-+      if (!(rdev->wiphy.interface_modes & (1 << type)) &&
-+          !(type == NL80211_IFTYPE_AP_VLAN && params.use_4addr &&
-+            rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP))
-+              return -EOPNOTSUPP;
-+
-       err = nl80211_parse_mon_options(rdev, type, info, &params);
-       if (err < 0)
-               return err;