f01f08906a
* refs/heads/tmp-598165f:
Revert "arm: extend pfn_valid to take into account freed memory map alignment"
UPSTREAM: usb: gadget: clear related members when goto fail
UPSTREAM: usb: gadget: don't release an existing dev->buf
UPSTREAM: usb: gadget: Fix use-after-free bug by not setting udc->dev.driver
UPSTREAM: usb: gadget: rndis: prevent integer overflow in rndis_set_response()
UPSTREAM: fixup for "arm64 entry: Add macro for reading symbol address from the trampoline"
UPSTREAM: arm64: Use the clearbhb instruction in mitigations
UPSTREAM: KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated
UPSTREAM: arm64: Mitigate spectre style branch history side channels
UPSTREAM: KVM: arm64: Add templates for BHB mitigation sequences
UPSTREAM: arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2
UPSTREAM: arm64: Add percpu vectors for EL1
UPSTREAM: arm64: entry: Add macro for reading symbol addresses from the trampoline
UPSTREAM: arm64: entry: Add vectors that have the bhb mitigation sequences
UPSTREAM: arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations
UPSTREAM: arm64: entry: Allow the trampoline text to occupy multiple pages
UPSTREAM: arm64: entry: Make the kpti trampoline's kpti sequence optional
UPSTREAM: arm64: entry: Move trampoline macros out of ifdef'd section
UPSTREAM: arm64: entry: Don't assume tramp_vectors is the start of the vectors
UPSTREAM: arm64: entry: Allow tramp_alias to access symbols after the 4K boundary
UPSTREAM: arm64: entry: Move the trampoline data page before the text page
UPSTREAM: arm64: entry: Free up another register on kpti's tramp_exit path
UPSTREAM: arm64: entry: Make the trampoline cleanup optional
UPSTREAM: arm64: entry.S: Add ventry overflow sanity checks
UPSTREAM: arm64: Add Cortex-X2 CPU part definition
UPSTREAM: arm64: add ID_AA64ISAR2_EL1 sys register
UPSTREAM: arm64: Add Neoverse-N2, Cortex-A710 CPU part definition
UPSTREAM: arm64: Add part number for Arm Cortex-A77
UPSTREAM: sctp: fix the processing for INIT chunk
ANDROID: dm-bow: Protect Ranges fetched and erased from the RB tree
UPSTREAM: ARM: fix Thumb2 regression with Spectre BHB
UPSTREAM: ARM: Spectre-BHB: provide empty stub for non-config
UPSTREAM: ARM: fix build warning in proc-v7-bugs.c
UPSTREAM: ARM: Do not use NOCROSSREFS directive with ld.lld
UPSTREAM: ARM: fix co-processor register typo
UPSTREAM: ARM: fix build error when BPF_SYSCALL is disabled
UPSTREAM: ARM: include unprivileged BPF status in Spectre V2 reporting
UPSTREAM: ARM: Spectre-BHB workaround
UPSTREAM: ARM: use LOADADDR() to get load address of sections
UPSTREAM: ARM: early traps initialisation
UPSTREAM: ARM: report Spectre v2 status through sysfs
UPSTREAM: arm/arm64: smccc/psci: add arm_smccc_1_1_get_conduit()
UPSTREAM: arm/arm64: Provide a wrapper for SMCCC 1.1 calls
UPSTREAM: x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
UPSTREAM: x86/speculation: Warn about Spectre v2 LFENCE mitigation
UPSTREAM: x86/speculation: Update link to AMD speculation whitepaper
UPSTREAM: x86/speculation: Use generic retpoline by default on AMD
UPSTREAM: x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting
UPSTREAM: Documentation/hw-vuln: Update spectre doc
UPSTREAM: x86/speculation: Add eIBRS + Retpoline options
UPSTREAM: x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
UPSTREAM: x86,bugs: Unconditionally allow spectre_v2=retpoline,amd
UPSTREAM: x86/speculation: Merge one test in spectre_v2_user_select_mitigation()
UPSTREAM: bpf: Add kconfig knob for disabling unpriv bpf by default
UPSTREAM: mmc: block: fix read single on recovery logic
Linux 5.4.180
ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE
perf: Fix list corruption in perf_cgroup_switch()
scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
hwmon: (dell-smm) Speed up setting of fan speed
seccomp: Invalidate seccomp mode to catch death failures
USB: serial: cp210x: add CPI Bulk Coin Recycler id
USB: serial: cp210x: add NCR Retail IO box id
USB: serial: ch341: add support for GW Instek USB2.0-Serial devices
USB: serial: option: add ZTE MF286D modem
USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320
usb: gadget: f_uac2: Define specific wTerminalType
usb: gadget: rndis: check size of RNDIS_MSG_SET command
USB: gadget: validate interface OS descriptor requests
usb: gadget: udc: renesas_usb3: Fix host to USB_ROLE_NONE transition
usb: dwc3: gadget: Prevent core from processing stale TRBs
usb: ulpi: Call of_node_put correctly
usb: ulpi: Move of_node_put to ulpi_dev_release
net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
n_tty: wake up poll(POLLRDNORM) on receiving data
vt_ioctl: add array_index_nospec to VT_ACTIVATE
vt_ioctl: fix array_index_nospec in vt_setactivate
net: amd-xgbe: disable interrupts during pci removal
tipc: rate limit warning for received illegal binding update
net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE
veth: fix races around rq->rx_notify_masked
net: fix a memleak when uncloning an skb dst and its metadata
net: do not keep the dst cache when uncloning an skb dst and its metadata
nfp: flower: fix ida_idx not being released
ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path
bonding: pair enable_port with slave_arr_updates
ixgbevf: Require large buffers for build_skb on 82599VF
misc: fastrpc: avoid double fput() on failed usercopy
usb: f_fs: Fix use-after-free for epfile
ARM: dts: imx6qdl-udoo: Properly describe the SD card detect
staging: fbtft: Fix error path in fbtft_driver_module_init()
ARM: dts: meson: Fix the UART compatible strings
perf probe: Fix ppc64 'perf probe add events failed' case
net: bridge: fix stale eth hdr pointer in br_dev_xmit
PM: s2idle: ACPI: Fix wakeup interrupts handling
ACPI/IORT: Check node revision for PMCG resources
nvme-tcp: fix bogus request completion when failing to send AER
ARM: socfpga: fix missing RESET_CONTROLLER
ARM: dts: imx23-evk: Remove MX23_PAD_SSP1_DETECT from hog group
riscv: fix build with binutils 2.38
bpf: Add kconfig knob for disabling unpriv bpf by default
KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER
net: stmmac: dwmac-sun8i: use return val of readl_poll_timeout()
usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend
PM: hibernate: Remove register_nosave_region_late()
scsi: myrs: Fix crash in error case
scsi: qedf: Fix refcount issue when LOGO is received during TMF
scsi: target: iscsi: Make sure the np under each tpg is unique
net: sched: Clarify error message when qdisc kind is unknown
drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer
NFSv4 expose nfs_parse_server_name function
NFSv4 remove zero number of fs_locations entries error check
NFSv4.1: Fix uninitialised variable in devicenotify
nfs: nfs4clinet: check the return value of kstrdup()
NFSv4 only print the label when its queried
nvme: Fix parsing of ANA log page
NFSD: Fix offset type in I/O trace points
NFSD: Clamp WRITE offsets
NFS: Fix initialisation of nfs_client cl_flags field
net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs
net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible PHYs
mmc: sdhci-of-esdhc: Check for error num after setting mask
ima: Do not print policy rule with inactive LSM labels
ima: Allow template selection with ima_template[_fmt]= after ima_hash=
ima: Remove ima_policy file before directory
integrity: check the return value of audit_log_start()
Linux 5.4.179
tipc: improve size validations for received domain records
moxart: fix potential use-after-free on remove path
Linux 5.4.178
cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning
ext4: fix error handling in ext4_restore_inline_data()
EDAC/xgene: Fix deferred probing
EDAC/altera: Fix deferred probing
rtc: cmos: Evaluate century appropriate
selftests: futex: Use variable MAKE instead of make
nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client.
scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
pinctrl: bcm2835: Fix a few error paths
ASoC: max9759: fix underflow in speaker_gain_control_put()
ASoC: cpcap: Check for NULL pointer after calling of_get_child_by_name
ASoC: xilinx: xlnx_formatter_pcm: Make buffer bytes multiple of period bytes
ASoC: fsl: Add missing error handling in pcm030_fabric_probe
drm/i915/overlay: Prevent divide by zero bugs in scaling
net: stmmac: ensure PTP time register reads are consistent
net: stmmac: dump gmac4 DMA registers correctly
net: macsec: Verify that send_sci is on when setting Tx sci explicitly
net: ieee802154: Return meaningful error codes from the netlink helpers
net: ieee802154: ca8210: Stop leaking skb's
net: ieee802154: mcr20a: Fix lifs/sifs periods
net: ieee802154: hwsim: Ensure proper channel selection at probe time
spi: meson-spicc: add IRQ check in meson_spicc_probe
spi: mediatek: Avoid NULL pointer crash in interrupt
spi: bcm-qspi: check for valid cs before applying chip select
iommu/amd: Fix loop timeout issue in iommu_ga_log_enable()
iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()
RDMA/mlx4: Don't continue event handler after memory allocation failure
RDMA/siw: Fix broken RDMA Read Fence/Resume logic.
IB/rdmavt: Validate remote_addr during loopback atomic tests
memcg: charge fs_context and legacy_fs_context
Revert "ASoC: mediatek: Check for error clk pointer"
block: bio-integrity: Advance seed correctly for larger interval sizes
mm/kmemleak: avoid scanning potential huge holes
drm/nouveau: fix off by one in BIOS boundary checking
btrfs: fix deadlock between quota disable and qgroup rescan worker
ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after reboot from Windows
ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer chipset)
ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220 quirks
ALSA: hda/realtek: Add quirk for ASUS GU603
ALSA: usb-audio: Simplify quirk entries with a macro
ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx()
ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx()
ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
audit: improve audit queue handling when "audit=1" on cmdline
Revert "net: fix information leakage in /proc/net/ptype"
Linux 5.4.177
af_packet: fix data-race in packet_setsockopt / packet_setsockopt
cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask()
rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
net: sched: fix use-after-free in tc_new_tfilter()
net: amd-xgbe: Fix skb data length underflow
net: amd-xgbe: ensure to reset the tx_timer_active flag
ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback
cgroup-v1: Require capabilities to set release_agent
psi: Fix uaf issue when psi trigger is destroyed while being polled
PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
Linux 5.4.176
mtd: rawnand: mpc5121: Remove unused variable in ads5121_select_chip()
block: Fix wrong offset in bio_truncate()
fsnotify: invalidate dcache before IN_DELETE event
dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config
ipv4: remove sparse error in ip_neigh_gw4()
ipv4: tcp: send zero IPID in SYNACK messages
ipv4: raw: lock the socket in raw_bind()
net: hns3: handle empty unknown interrupt for VF
yam: fix a memory leak in yam_siocdevprivate()
drm/msm/hdmi: Fix missing put_device() call in msm_hdmi_get_phy
ibmvnic: don't spin in tasklet
ibmvnic: init ->running_cap_crqs early
hwmon: (lm90) Mark alert as broken for MAX6654
rxrpc: Adjust retransmission backoff
phylib: fix potential use-after-free
net: phy: broadcom: hook up soft_reset for BCM54616S
netfilter: conntrack: don't increment invalid counter on NF_REPEAT
NFS: Ensure the server has an up to date ctime before renaming
NFS: Ensure the server has an up to date ctime before hardlinking
ipv6: annotate accesses to fn->fn_sernum
drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
drm/msm/dsi: Fix missing put_device() call in dsi_get_phy
drm/msm: Fix wrong size calculation
net-procfs: show net devices bound packet types
NFSv4: nfs_atomic_open() can race when looking up a non-regular file
NFSv4: Handle case where the lookup of a directory fails
hwmon: (lm90) Reduce maximum conversion rate for G781
ipv4: avoid using shared IP generator for connected sockets
ping: fix the sk_bound_dev_if match in ping_lookup
hwmon: (lm90) Mark alert as broken for MAX6680
hwmon: (lm90) Mark alert as broken for MAX6646/6647/6649
net: fix information leakage in /proc/net/ptype
ipv6_tunnel: Rate limit warning messages
scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()
rpmsg: char: Fix race between the release of rpmsg_eptdev and cdev
rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev
i40e: fix unsigned stat widths
i40e: Fix queues reservation for XDP
i40e: Fix issue when maximum queues is exceeded
i40e: Increase delay to 1 s after global EMP reset
powerpc/32: Fix boot failure with GCC latent entropy plugin
net: sfp: ignore disabled SFP node
ucsi_ccg: Check DEV_INT bit only when starting CCG4
usb: typec: tcpm: Do not disconnect while receiving VBUS off
USB: core: Fix hang in usb_kill_urb by adding memory barriers
usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS
usb: common: ulpi: Fix crash in ulpi_match()
usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge
tty: Add support for Brainboxes UC cards.
tty: n_gsm: fix SW flow control encoding/handling
serial: stm32: fix software flow control transfer
serial: 8250: of: Fix mapped region size when using reg-offset property
netfilter: nft_payload: do not update layer 4 checksum when mangling fragments
arm64: errata: Fix exec handling in erratum 1418040 workaround
drm/etnaviv: relax submit size limits
fsnotify: fix fsnotify hooks in pseudo filesystems
tracing: Don't inc err_log entry count if entry allocation fails
tracing/histogram: Fix a potential memory leak for kstrdup()
PM: wakeup: simplify the output logic of pm_show_wakelocks()
udf: Fix NULL ptr deref when converting from inline format
udf: Restore i_lenAlloc when inode expansion fails
scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices
s390/hypfs: include z/VM guests with access control group set
Bluetooth: refactor malicious adv data check
ANDROID: Fix CRC issue up with xfrm headers in 5.4.174
Linux 5.4.175
drm/vmwgfx: Fix stale file descriptors on failed usercopy
select: Fix indefinitely sleeping task in poll_schedule_timeout()
mmc: sdhci-esdhc-imx: disable CMDQ support
ARM: dts: gpio-ranges property is now required
pinctrl: bcm2835: Change init order for gpio hogs
pinctrl: bcm2835: Add support for wake-up interrupts
pinctrl: bcm2835: Match BCM7211 compatible string
pinctrl: bcm2835: Add support for all GPIOs on BCM2711
pinctrl: bcm2835: Refactor platform data
pinctrl: bcm2835: Drop unused define
rcu: Tighten rcu_advance_cbs_nowake() checks
drm/i915: Flush TLBs before releasing backing store
Linux 5.4.174
Revert "ia64: kprobes: Use generic kretprobe trampoline handler"
mtd: nand: bbt: Fix corner case in bad block table handling
lib/test_meminit: destroy cache in kmem_cache_alloc_bulk() test
lib82596: Fix IRQ check in sni_82596_probe
scripts/dtc: dtx_diff: remove broken example from help text
dt-bindings: display: meson-vpu: Add missing amlogic,canvas property
dt-bindings: display: meson-dw-hdmi: add missing sound-name-prefix property
net: ethernet: mtk_eth_soc: fix error checking in mtk_mac_config()
bcmgenet: add WOL IRQ check
net_sched: restore "mpu xxx" handling
arm64: dts: qcom: msm8996: drop not documented adreno properties
dmaengine: at_xdmac: Fix at_xdmac_lld struct definition
dmaengine: at_xdmac: Fix lld view setting
dmaengine: at_xdmac: Fix concurrency over xfers_list
dmaengine: at_xdmac: Print debug message after realeasing the lock
dmaengine: at_xdmac: Don't start transactions at tx_submit level
perf script: Fix hex dump character output
libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route()
gre: Don't accidentally set RTO_ONLINK in gre_fill_metadata_dst()
xfrm: Don't accidentally set RTO_ONLINK in decode_session4()
netns: add schedule point in ops_exit_list()
inet: frags: annotate races around fqdir->dead and fqdir->high_thresh
rtc: pxa: fix null pointer dereference
net: axienet: increase default TX ring size to 128
net: axienet: fix number of TX ring slots for available check
net: axienet: limit minimum TX ring size
clk: si5341: Fix clock HW provider cleanup
af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress
f2fs: fix to reserve space for IO align feature
parisc: pdc_stable: Fix memory leak in pdcs_register_pathentries
net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module
ipv4: avoid quadratic behavior in netns dismantle
bpftool: Remove inclusion of utilities.mak from Makefiles
powerpc/fsl/dts: Enable WA for erratum A-009885 on fman3l MDIO buses
powerpc/cell: Fix clang -Wimplicit-fallthrough warning
Revert "net/mlx5: Add retry mechanism to the command entry index allocation"
dmaengine: stm32-mdma: fix STM32_MDMA_CTBR_TSEL_MASK
RDMA/rxe: Fix a typo in opcode name
RDMA/hns: Modify the mapping attribute of doorbell to device
scsi: core: Show SCMD_LAST in text form
Documentation: fix firewire.rst ABI file path error
Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization
Documentation: ACPI: Fix data node reference documentation
Documentation: dmaengine: Correctly describe dmatest with channel unset
media: rcar-csi2: Optimize the selection PHTW register
firmware: Update Kconfig help text for Google firmware
of: base: Improve argument length mismatch error
drm/radeon: fix error handling in radeon_driver_open_kms
ext4: don't use the orphan list when migrating an inode
ext4: Fix BUG_ON in ext4_bread when write quota data
ext4: set csum seed in tmp inode while migrating to extents
ext4: make sure quota gets properly shutdown on error
ext4: make sure to reset inode lockdep class when quota enabling fails
btrfs: respect the max size in the header when activating swap file
btrfs: check the root node for uptodate before returning it
btrfs: fix deadlock between quota enable and other quota operations
xfrm: fix policy lookup for ipv6 gre packets
PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device
PCI: pci-bridge-emul: Correctly set PCIe capabilities
PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI config space
drm/bridge: analogix_dp: Make PSR-exit block less
drm/nouveau/kms/nv04: use vzalloc for nv04_display
drm/etnaviv: limit submit sizes
s390/mm: fix 2KB pgtable release race
iwlwifi: mvm: Increase the scan timeout guard to 30 seconds
tracing/kprobes: 'nmissed' not showed correctly for kretprobe
cputime, cpuacct: Include guest time in user time in cpuacct.stat
serial: Fix incorrect rs485 polarity on uart open
fuse: Pass correct lend value to filemap_write_and_wait_range()
ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers
crypto: caam - replace this_cpu_ptr with raw_cpu_ptr
crypto: stm32/crc32 - Fix kernel BUG triggered in probe()
crypto: omap-aes - Fix broken pm_runtime_and_get() usage
rpmsg: core: Clean up resources on announce_create failure.
power: bq25890: Enable continuous conversion for ADC at charging
ASoC: mediatek: mt8173: fix device_node leak
scsi: sr: Don't use GFP_DMA
MIPS: Octeon: Fix build errors using clang
i2c: designware-pci: Fix to change data types of hcnt and lcnt parameters
MIPS: OCTEON: add put_device() after of_find_device_by_node()
powerpc: handle kdump appropriately with crash_kexec_post_notifiers option
ALSA: seq: Set upper limit of processed events
scsi: lpfc: Trigger SLI4 firmware dump before doing driver cleanup
w1: Misuse of get_user()/put_user() reported by sparse
KVM: PPC: Book3S: Suppress failed alloc warning in H_COPY_TOFROM_GUEST
powerpc/powermac: Add missing lockdep_register_key()
clk: meson: gxbb: Fix the SDM_EN bit for MPLL0 on GXBB
i2c: mpc: Correct I2C reset procedure
powerpc/smp: Move setup_profiling_timer() under CONFIG_PROFILING
i2c: i801: Don't silently correct invalid transfer size
powerpc/watchdog: Fix missed watchdog reset due to memory ordering race
powerpc/btext: add missing of_node_put
powerpc/cell: add missing of_node_put
powerpc/powernv: add missing of_node_put
powerpc/6xx: add missing of_node_put
parisc: Avoid calling faulthandler_disabled() twice
random: do not throw away excess input to crng_fast_load
serial: core: Keep mctrl register state and cached copy in sync
serial: pl010: Drop CR register reset on set_termios
regulator: qcom_smd: Align probe function with rpmh-regulator
net: gemini: allow any RGMII interface mode
net: phy: marvell: configure RGMII delays for 88E1118
dm space map common: add bounds check to sm_ll_lookup_bitmap()
dm btree: add a defensive bounds check to insert_at()
mac80211: allow non-standard VHT MCS-10/11
net: mdio: Demote probed message to debug print
btrfs: remove BUG_ON(!eie) in find_parent_nodes
btrfs: remove BUG_ON() in find_parent_nodes()
ACPI: battery: Add the ThinkPad "Not Charging" quirk
drm/amdgpu: fixup bad vram size on gmc v8
ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5
ACPICA: Fix wrong interpretation of PCC address
ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R()
ACPICA: Utilities: Avoid deleting the same object twice in a row
ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions
jffs2: GC deadlock reading a page that is used in jffs2_write_begin()
um: registers: Rename function names to avoid conflicts and build problems
iwlwifi: mvm: Fix calculation of frame length
iwlwifi: remove module loading failure message
iwlwifi: fix leaks/bad data after failed firmware load
ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream
usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0
cpufreq: Fix initialization of min and max frequency QoS requests
arm64: tegra: Adjust length of CCPLEX cluster MMIO region
arm64: dts: ls1028a-qds: move rtc node to the correct i2c bus
audit: ensure userspace is penalized the same as the kernel when under pressure
mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO
media: saa7146: hexium_gemini: Fix a NULL pointer dereference in hexium_attach()
media: igorplugusb: receiver overflow should be reported
HID: quirks: Allow inverting the absolute X/Y values
bpf: Do not WARN in bpf_warn_invalid_xdp_action()
net: bonding: debug: avoid printing debug logs when bond is not notifying peers
x86/mce: Mark mce_read_aux() noinstr
x86/mce: Mark mce_end() noinstr
x86/mce: Mark mce_panic() noinstr
gpio: aspeed: Convert aspeed_gpio.lock to raw_spinlock
net: phy: prefer 1000baseT over 1000baseKX
net-sysfs: update the queue counts in the unregistration path
ath10k: Fix tx hanging
iwlwifi: mvm: synchronize with FW after multicast commands
media: m920x: don't use stack on USB reads
media: saa7146: hexium_orion: Fix a NULL pointer dereference in hexium_attach()
media: uvcvideo: Increase UVC_CTRL_CONTROL_TIMEOUT to 5 seconds.
x86/mm: Flush global TLB when switching to trampoline page-table
floppy: Add max size check for user space request
usb: uhci: add aspeed ast2600 uhci support
rsi: Fix out-of-bounds read in rsi_read_pkt()
rsi: Fix use-after-free in rsi_rx_done_handler()
mwifiex: Fix skb_over_panic in mwifiex_usb_recv()
HSI: core: Fix return freed object in hsi_new_client
gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use
drm/bridge: megachips: Ensure both bridges are probed before registration
mlxsw: pci: Add shutdown method in PCI driver
EDAC/synopsys: Use the quirk for version instead of ddr version
media: b2c2: Add missing check in flexcop_pci_isr:
HID: apple: Do not reset quirks when the Fn key is not found
drm: panel-orientation-quirks: Add quirk for the Lenovo Yoga Book X91F/L
usb: gadget: f_fs: Use stream_open() for endpoint files
batman-adv: allow netlink usage in unprivileged containers
ARM: shmobile: rcar-gen2: Add missing of_node_put()
drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR
ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply
drm/lima: fix warning when CONFIG_DEBUG_SG=y & CONFIG_DMA_API_DEBUG=y
fs: dlm: filter user dlm messages for kernel locks
Bluetooth: Fix debugfs entry leak in hci_register_dev()
of: base: Fix phandle argument length mismatch error message
RDMA/cxgb4: Set queue pair state when being queried
mips: bcm63xx: add support for clk_set_parent()
mips: lantiq: add support for clk_set_parent()
misc: lattice-ecp3-config: Fix task hung when firmware load failed
ASoC: samsung: idma: Check of ioremap return value
ASoC: mediatek: Check for error clk pointer
phy: uniphier-usb3ss: fix unintended writing zeros to PHY register
iommu/iova: Fix race between FQ timeout and teardown
dmaengine: pxa/mmp: stop referencing config->slave_id
clk: stm32: Fix ltdc's clock turn off by clk_disable_unused() after system enter shell
ASoC: rt5663: Handle device_property_read_u32_array error codes
RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry
RDMA/core: Let ib_find_gid() continue search even after empty entry
powerpc/powermac: Add additional missing lockdep_register_key()
PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity()
scsi: ufs: Fix race conditions related to driver data
iommu/io-pgtable-arm: Fix table descriptor paddr formatting
binder: fix handling of error during copy
char/mwave: Adjust io port register size
ALSA: oss: fix compile error when OSS_DEBUG is enabled
ASoC: uniphier: drop selecting non-existing SND_SOC_UNIPHIER_AIO_DMA
powerpc/prom_init: Fix improper check of prom_getprop()
clk: imx8mn: Fix imx8mn_clko1_sels
RDMA/hns: Validate the pkey index
ALSA: hda: Add missing rwsem around snd_ctl_remove() calls
ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls
ALSA: jack: Add missing rwsem around snd_ctl_remove() calls
ext4: avoid trim error on fs with small groups
net: mcs7830: handle usb read errors properly
pcmcia: fix setting of kthread task states
can: xilinx_can: xcan_probe(): check for error irq
can: softing: softing_startstop(): fix set but not used variable warning
tpm: add request_locality before write TPM_INT_ENABLE
spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe
net/mlx5: Set command entry semaphore up once got index free
Revert "net/mlx5e: Block offload of outer header csum for UDP tunnels"
net/mlx5e: Don't block routes with nexthop objects in SW
debugfs: lockdown: Allow reading debugfs files that are not world readable
HID: hid-uclogic-params: Invalid parameter check in uclogic_params_frame_init_v1_buttonpad
HID: hid-uclogic-params: Invalid parameter check in uclogic_params_huion_init
HID: hid-uclogic-params: Invalid parameter check in uclogic_params_get_str_desc
HID: hid-uclogic-params: Invalid parameter check in uclogic_params_init
Bluetooth: hci_bcm: Check for error irq
fsl/fman: Check for null pointer after calling devm_ioremap
staging: greybus: audio: Check null pointer
rocker: fix a sleeping in atomic bug
ppp: ensure minimum packet size in ppp_write()
bpf: Fix SO_RCVBUF/SO_SNDBUF handling in _bpf_setsockopt().
netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check()
pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in nonstatic_find_mem_region()
pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in __nonstatic_find_io_region()
ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes
x86/mce/inject: Avoid out-of-bounds write when setting flags
bpftool: Enable line buffering for stdout
selinux: fix potential memleak in selinux_add_opt()
mmc: meson-mx-sdio: add IRQ check
ARM: dts: armada-38x: Add generic compatible to UART nodes
usb: ftdi-elan: fix memory leak on device disconnect
ARM: 9159/1: decompressor: Avoid UNPREDICTABLE NOP encoding
xfrm: state and policy should fail if XFRMA_IF_ID 0
xfrm: interface with if_id 0 should return error
media: hantro: Fix probe func error path
drm/bridge: ti-sn65dsi86: Set max register for regmap
drm/msm/dpu: fix safe status debugfs file
media: coda/imx-vdoa: Handle dma_set_coherent_mask error codes
media: msi001: fix possible null-ptr-deref in msi001_probe()
media: dw2102: Fix use after free
ARM: dts: gemini: NAS4220-B: fis-index-block with 128 KiB sectors
crypto: stm32/cryp - fix lrw chaining mode
crypto: stm32/cryp - fix double pm exit
crypto: stm32/cryp - fix xts and race condition in crypto_engine requests
xfrm: fix a small bug in xfrm_sa_len()
mwifiex: Fix possible ABBA deadlock
rcu/exp: Mark current CPU as exp-QS in IPI loop second pass
sched/rt: Try to restart rt period timer when rt runtime exceeded
media: si2157: Fix "warm" tuner state detection
media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach()
media: dib8000: Fix a memleak in dib8000_init()
Bluetooth: btmtksdio: fix resume failure
staging: rtl8192e: rtllib_module: fix error handle case in alloc_rtllib()
staging: rtl8192e: return error code from rtllib_softmac_init()
floppy: Fix hang in watchdog when disk is ejected
serial: amba-pl011: do not request memory region twice
tty: serial: uartlite: allow 64 bit address
arm64: dts: ti: k3-j721e: Fix the L2 cache sets
drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms()
drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode()
ACPI: EC: Rework flushing of EC work while suspended to idle
arm64: dts: qcom: msm8916: fix MMC controller aliases
netfilter: bridge: add support for pppoe filtering
media: venus: core: Fix a resource leak in the error handling path of 'venus_probe()'
media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released
media: si470x-i2c: fix possible memory leak in si470x_i2c_probe()
media: imx-pxp: Initialize the spinlock prior to using it
media: rcar-csi2: Correct the selection of hsfreqrange
tty: serial: atmel: Call dma_async_issue_pending()
tty: serial: atmel: Check return code of dmaengine_submit()
arm64: dts: ti: k3-j721e: correct cache-sets info
crypto: qce - fix uaf on qce_ahash_register_one
media: dmxdev: fix UAF when dvb_register_device() fails
tee: fix put order in teedev_close_context()
Bluetooth: stop proccessing malicious adv data
arm64: dts: meson-gxbb-wetek: fix missing GPIO binding
arm64: dts: meson-gxbb-wetek: fix HDMI in early boot
media: aspeed: Update signal status immediately to ensure sane hw state
media: em28xx: fix memory leak in em28xx_init_dev
media: aspeed: fix mode-detect always time out at 2nd run
media: videobuf2: Fix the size printk format
wcn36xx: Release DMA channel descriptor allocations
wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND
clk: bcm-2835: Remove rounding up the dividers
clk: bcm-2835: Pick the closest clock rate
Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails
drm/rockchip: dsi: Fix unbalanced clock on probe error
drm/panel: innolux-p079zca: Delete panel on attach() failure
drm/panel: kingdisplay-kd097d04: Delete panel on attach() failure
drm/rockchip: dsi: Reconfigure hardware on resume()
drm/rockchip: dsi: Hold pm-runtime across bind/unbind
shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode
mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed pages
mm_zone: add function to check if managed dma zone exists
PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller
dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled()
iommu/io-pgtable-arm-v7s: Add error handle for page table allocation failure
lkdtm: Fix content of section containing lkdtm_rodata_do_nothing()
can: softing_cs: softingcs_probe(): fix memleak on registration failure
media: stk1160: fix control-message timeouts
media: pvrusb2: fix control-message timeouts
media: redrat3: fix control-message timeouts
media: dib0700: fix undefined behavior in tuner shutdown
media: s2255: fix control-message timeouts
media: cpia2: fix control-message timeouts
media: em28xx: fix control-message timeouts
media: mceusb: fix control-message timeouts
media: flexcop-usb: fix control-message timeouts
media: v4l2-ioctl.c: readbuffers depends on V4L2_CAP_READWRITE
rtc: cmos: take rtc_lock while reading from CMOS
tools/nolibc: fix incorrect truncation of exit code
tools/nolibc: i386: fix initial stack alignment
tools/nolibc: x86-64: Fix startup code bug
x86/gpu: Reserve stolen memory for first integrated Intel GPU
mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for i.MX6
mtd: rawnand: gpmi: Add ERR007117 protection for nfc_apply_timings
nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed bind()
f2fs: fix to do sanity check in is_alive()
HID: wacom: Avoid using stale array indicies to read contact count
HID: wacom: Ignore the confidence flag when a touch is removed
HID: wacom: Reset expected and received contact counts at the same time
HID: uhid: Fix worker destroying device without any protection
Linux 5.4.173
ARM: 9025/1: Kconfig: CPU_BIG_ENDIAN depends on !LD_IS_LLD
mtd: fixup CFI on ixp4xx
ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after reboot from Windows
KVM: x86: remove PMU FIXED_CTR3 from msrs_to_save_all
firmware: qemu_fw_cfg: fix kobject leak in probe error path
firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries
firmware: qemu_fw_cfg: fix sysfs information leak
rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with interrupts enabled
media: uvcvideo: fix division by zero at stream start
KVM: s390: Clarify SIGP orders versus STOP/RESTART
perf: Protect perf_guest_cbs with RCU
vfs: fs_context: fix up param length parsing in legacy_parse_param
orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc()
devtmpfs regression fix: reconfigure on each mount
kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test
Linux 5.4.172
staging: greybus: fix stack size warning with UBSAN
drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk()
staging: wlan-ng: Avoid bitwise vs logical OR warning in hfa384x_usb_throttlefn()
media: Revert "media: uvcvideo: Set unique vdev name based in type"
random: fix crash on multiple early calls to add_bootloader_randomness()
random: fix data race on crng init time
random: fix data race on crng_node_pool
can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved}
can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data
drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe()
veth: Do not record rx queue hint in veth_xmit
mmc: sdhci-pci: Add PCI ID for Intel ADL
USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status
USB: core: Fix bug in resuming hub's handling of wakeup requests
Bluetooth: bfusb: fix division by zero in send path
Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb()
workqueue: Fix unbind_workers() VS wq_worker_running() race
UPSTREAM: x86/pci: Fix the function type for check_reserved_t
Linux 5.4.171
mISDN: change function names to avoid conflicts
atlantic: Fix buff_ring OOB in aq_ring_rx_clean
net: udp: fix alignment problem in udp4_seq_show()
ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate
scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown()
usb: mtu3: fix interval value for intr and isoc
ipv6: Do cleanup if attribute validation fails in multipath route
ipv6: Continue processing multipath route even if gateway attribute is invalid
phonet: refcount leak in pep_sock_accep
rndis_host: support Hytera digital radios
power: reset: ltc2952: Fix use of floating point literals
power: supply: core: Break capacity loop
xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate
net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8081
sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc
batman-adv: mcast: don't send link-local multicast to mcast routers
lwtunnel: Validate RTA_ENCAP_TYPE attribute length
ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route
ipv6: Check attribute length for RTA_GATEWAY in multipath route
ipv4: Check attribute length for RTA_FLOW in multipath route
ipv4: Check attribute length for RTA_GATEWAY in multipath route
i40e: Fix incorrect netdev's real number of RX/TX queues
i40e: Fix for displaying message regarding NVM version
i40e: fix use-after-free in i40e_sync_filters_subtask()
mac80211: initialize variable have_higher_than_11mbit
RDMA/uverbs: Check for null return of kmalloc_array
RDMA/core: Don't infoleak GRH fields
iavf: Fix limit of total number of queues to active queues of VF
ieee802154: atusb: fix uninit value in atusb_set_extended_addr
tracing: Tag trace_percpu_buffer as a percpu pointer
tracing: Fix check for trace_percpu_buffer validity in get_trace_buf()
selftests: x86: fix [-Wstringop-overread] warn in test_process_vm_readv()
Input: touchscreen - Fix backport of a02dcde595f7cbd240ccd64de96034ad91cffc40
f2fs: quota: fix potential deadlock
Linux 5.4.170
perf script: Fix CPU filtering of a script's switch events
net: fix use-after-free in tw_timer_handler
Input: spaceball - fix parsing of movement data packets
Input: appletouch - initialize work before device registration
scsi: vmw_pvscsi: Set residual data length conditionally
binder: fix async_free_space accounting for empty parcels
usb: mtu3: set interval of FS intr and isoc endpoint
usb: mtu3: fix list_head check warning
usb: mtu3: add memory barrier before set GPD's HWO
usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.
xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set.
uapi: fix linux/nfc.h userspace compilation errors
nfc: uapi: use kernel size_t to fix user-space builds
i2c: validate user data in compat ioctl
fsl/fman: Fix missing put_device() call in fman_port_probe
net/ncsi: check for error return from call to nla_put_u32
selftests/net: udpgso_bench_tx: fix dst ip argument
net/mlx5e: Fix wrong features assignment in case of error
ionic: Initialize the 'lif->dbid_inuse' bitmap
NFC: st21nfca: Fix memory leak in device probe and remove
net: lantiq_xrx200: fix statistics of received bytes
net: usb: pegasus: Do not drop long Ethernet frames
sctp: use call_rcu to free endpoint
selftests: Calculate udpgso segment count without header adjustment
udp: using datalen to cap ipv6 udp max gso segments
net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources
scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write()
selinux: initialize proto variable in selinux_ip_postroute_compat()
recordmcount.pl: fix typo in s390 mcount regex
memblock: fix memblock_phys_alloc() section mismatch error
platform/x86: apple-gmux: use resource_size() with res
tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().
Input: i8042 - enable deferred probe quirk for ASUS UM325UA
Input: i8042 - add deferred probe support
tee: handle lookup of shm with reference count 0
HID: asus: Add depends on USB_HID to HID_ASUS Kconfig option
Linux 5.4.169
phonet/pep: refuse to enable an unbound pipe
hamradio: improve the incomplete fix to avoid NPD
hamradio: defer ax25 kfree after unregister_netdev
ax25: NPD bug when detaching AX25 device
hwmon: (lm90) Do not report 'busy' status bit as alarm
hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681
pinctrl: mediatek: fix global-out-of-bounds issue
mm: mempolicy: fix THP allocations escaping mempolicy restrictions
KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state
usb: gadget: u_ether: fix race in setting MAC address in setup phase
f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()
tee: optee: Fix incorrect page free bug
ARM: 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling
mmc: core: Disable card detect during shutdown
mmc: sdhci-tegra: Fix switch to HS400ES mode
pinctrl: stm32: consider the GPIO offset to expose all the GPIO lines
x86/pkey: Fix undefined behaviour with PKRU_WD_BIT
parisc: Correct completer in lws start
ipmi: fix initialization when workqueue allocation fails
ipmi: ssif: initialize ssif_info->client early
ipmi: bail out if init_srcu_struct fails
Input: atmel_mxt_ts - fix double free in mxt_read_info_block
ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6
ALSA: drivers: opl3: Fix incorrect use of vp->state
ALSA: jack: Check the return value of kstrdup()
hwmon: (lm90) Drop critical attribute support for MAX6654
hwmon: (lm90) Introduce flag indicating extended temperature support
hwmon: (lm90) Add basic support for TI TMP461
hwmon: (lm90) Add max6654 support to lm90 driver
hwmon: (lm90) Fix usage of CONFIG2 register in detect function
Input: elantech - fix stack out of bound access in elantech_change_report_id()
sfc: falcon: Check null pointer of rx_queue->page_ring
drivers: net: smc911x: Check for error irq
fjes: Check for error irq
bonding: fix ad_actor_system option setting to default
ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
net: skip virtio_net_hdr_set_proto if protocol already set
net: accept UFOv6 packages in virtio_net_hdr_to_skb
qlcnic: potential dereference null pointer of rx_queue->page_ring
netfilter: fix regression in looped (broad|multi)cast's MAC handling
IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
spi: change clk_disable_unprepare to clk_unprepare
arm64: dts: allwinner: orangepi-zero-plus: fix PHY mode
HID: holtek: fix mouse probing
serial: 8250_fintek: Fix garbled text for console
net: usb: lan78xx: add Allied Telesis AT29M2-AF
Linux 5.4.168
xen/netback: don't queue unlimited number of packages
xen/netback: fix rx queue stall detection
xen/console: harden hvc_xen against event channel storms
xen/netfront: harden netfront against event channel storms
xen/blkfront: harden blkfront against event channel storms
Revert "xsk: Do not sleep in poll() when need_wakeup set"
net: sched: Fix suspicious RCU usage while accessing tcf_tunnel_info
mac80211: fix regression in SSN handling of addba tx
rcu: Mark accesses to rcu_state.n_force_qs
scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select()
ovl: fix warning in ovl_create_real()
fuse: annotate lock in fuse_reverse_inval_entry()
media: mxl111sf: change mutex_init() location
xsk: Do not sleep in poll() when need_wakeup set
ARM: dts: imx6ull-pinfunc: Fix CSI_DATA07__ESAI_TX0 pad name
Input: touchscreen - avoid bitwise vs logical OR warning
mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO
mac80211: validate extended element ID is present
drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE
libata: if T_LENGTH is zero, dma direction should be DMA_NONE
timekeeping: Really make sure wall_to_monotonic isn't positive
USB: serial: option: add Telit FN990 compositions
USB: serial: cp210x: fix CP2105 GPIO registration
usb: xhci: Extend support for runtime power management for AMD's Yellow carp.
PCI/MSI: Mask MSI-X vectors only on success
PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error
USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04)
USB: gadget: bRequestType is a bitfield, not a enum
sit: do not call ipip6_dev_free() from sit_init_net()
net: systemport: Add global locking for descriptor lifecycle
net/smc: Prevent smc_release() from long blocking
net: Fix double 0x prefix print in SKB dump
net/packet: rx_owner_map depends on pg_vec
netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc
ixgbe: set X550 MDIO speed before talking to PHY
igbvf: fix double free in `igbvf_probe`
igb: Fix removal of unicast MAC filters of VFs
soc/tegra: fuse: Fix bitwise vs. logical OR warning
rds: memory leak in __rds_conn_create()
flow_offload: return EOPNOTSUPP for the unsupported mpls action type
net: sched: lock action when translating it to flow_action infra
mac80211: fix lookup when adding AddBA extension element
mac80211: accept aggregation sessions on 6 GHz
mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock
mac80211: agg-tx: refactor sending addba
selftest/net/forwarding: declare NETIFS p9 p10
dmaengine: st_fdma: fix MODULE_ALIAS
selftests: Fix IPv6 address bind tests
selftests: Fix raw socket bind tests with VRF
inet_diag: fix kernel-infoleak for UDP sockets
inet_diag: use jiffies_delta_to_msecs()
sch_cake: do not call cake_destroy() from cake_init()
s390/kexec_file: fix error handling when applying relocations
selftests: net: Correct ping6 expected rc from 2 to 1
clk: Don't parent clks until the parent is fully registered
ARM: socfpga: dts: fix qspi node compatible
mac80211: track only QoS data frames for admission control
arm64: dts: rockchip: fix audio-supply for Rock Pi 4
arm64: dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply
arm64: dts: rockchip: remove mmc-hs400-enhanced-strobe from rk3399-khadas-edge
nfsd: fix use-after-free due to delegation race
iio: adc: stm32: fix a current leak by resetting pcsel before disabling vdda
audit: improve robustness of the audit queue handling
dm btree remove: fix use after free in rebalance_children()
recordmcount.pl: look for jgnop instruction as well as bcrl on s390
virtio_ring: Fix querying of maximum DMA mapping size for virtio device
firmware: arm_scpi: Fix string overflow in SCPI genpd driver
mac80211: send ADDBA requests using the tid/queue of the aggregation session
mac80211: mark TX-during-stop for TX in in_reconfig
KVM: selftests: Make sure kvm_create_max_vcpus test won't hit RLIMIT_NOFILE
Linux 5.4.167
arm: ioremap: don't abuse pfn_valid() to check if pfn is in RAM
arm: extend pfn_valid to take into account freed memory map alignment
memblock: ensure there is no overflow in memblock_overlaps_region()
memblock: align freed memory map on pageblock boundaries with SPARSEMEM
memblock: free_unused_memmap: use pageblock units instead of MAX_ORDER
hwmon: (dell-smm) Fix warning on /proc/i8k creation error
bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
selinux: fix race condition when computing ocontext SIDs
KVM: x86: Ignore sparse banks size for an "all CPUs", non-sparse IPI req
tracing: Fix a kmemleak false positive in tracing_map
drm/amd/display: add connector type check for CRC source set
drm/amd/display: Fix for the no Audio bug with Tiled Displays
net: netlink: af_netlink: Prevent empty skb by adding a check on len.
i2c: rk3x: Handle a spurious start completion interrupt flag
parisc/agp: Annotate parisc agp init functions with __init
net/mlx4_en: Update reported link modes for 1/10G
drm/msm/dsi: set default num_data_lanes
nfc: fix segfault in nfc_genl_dump_devices_done
Linux 5.4.166
netfilter: selftest: conntrack_vrf.sh: fix file permission
Linux 5.4.165
bpf: Add selftests to cover packet access corner cases
misc: fastrpc: fix improper packet size calculation
irqchip: nvic: Fix offset for Interrupt Priority Offsets
irqchip/irq-gic-v3-its.c: Force synchronisation when issuing INVALL
irqchip/armada-370-xp: Fix support for Multi-MSI interrupts
irqchip/armada-370-xp: Fix return value of armada_370_xp_msi_alloc()
iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove
iio: ad7768-1: Call iio_trigger_notify_done() on error
iio: adc: axp20x_adc: fix charging current reporting on AXP22x
iio: at91-sama5d2: Fix incorrect sign extension
iio: dln2: Check return value of devm_iio_trigger_register()
iio: dln2-adc: Fix lockdep complaint
iio: itg3200: Call iio_trigger_notify_done() on error
iio: kxsd9: Don't return error code in trigger handler
iio: ltr501: Don't return error code in trigger handler
iio: mma8452: Fix trigger reference couting
iio: stk3310: Don't return error code in interrupt handler
iio: trigger: stm32-timer: fix MODULE_ALIAS
iio: trigger: Fix reference counting
xhci: avoid race between disable slot command and host runtime suspend
usb: core: config: using bit mask instead of individual bits
xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime suspending
usb: core: config: fix validation of wMaxPacketValue entries
USB: gadget: zero allocate endpoint 0 buffers
USB: gadget: detect too-big endpoint 0 requests
selftests/fib_tests: Rework fib_rp_filter_test()
net/qla3xxx: fix an error code in ql_adapter_up()
net, neigh: clear whole pneigh_entry at alloc time
net: fec: only clear interrupt of handling queue in fec_enet_rx_queue()
net: altera: set a couple error code in probe()
net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero
tools build: Remove needless libpython-version feature check that breaks test-all fast path
dt-bindings: net: Reintroduce PHY no lane swap binding
mtd: rawnand: fsmc: Fix timing computation
mtd: rawnand: fsmc: Take instruction delay into account
i40e: Fix pre-set max number of queues for VF
i40e: Fix failed opcode appearing if handling messages from VF
ASoC: qdsp6: q6routing: Fix return value from msm_routing_put_audio_mixer
qede: validate non LSO skb length
block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2)
tracefs: Set all files to the same group ownership as the mount option
aio: fix use-after-free due to missing POLLFREE handling
aio: keep poll requests on waitqueue until completed
signalfd: use wake_up_pollfree()
binder: use wake_up_pollfree()
wait: add wake_up_pollfree()
libata: add horkage for ASMedia 1092
x86/sme: Explicitly map new EFI memmap table as encrypted
can: m_can: Disable and ignore ELO interrupt
can: pch_can: pch_can_rx_normal: fix use after free
drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence.
clk: qcom: regmap-mux: fix parent clock lookup
tracefs: Have new files inherit the ownership of their parent
nfsd: Fix nsfd startup race (again)
btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling
btrfs: clear extent buffer uptodate when we fail to write it
ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*()
ALSA: pcm: oss: Limit the period size to 16MB
ALSA: pcm: oss: Fix negative period/buffer sizes
ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform
ALSA: ctl: Fix copy of updated id with element read/write
mm: bdi: initialize bdi_min_ratio when bdi is unregistered
IB/hfi1: Correct guard on eager buffer deallocation
iavf: Fix reporting when setting descriptor count
iavf: restore MSI state on reset
udp: using datalen to cap max gso segments
seg6: fix the iif in the IPv6 socket control block
nfp: Fix memory leak in nfp_cpp_area_cache_add()
bonding: make tx_rebalance_counter an atomic
ice: ignore dropped packets during init
bpf: Fix the off-by-two error in range markings
vrf: don't run conntrack on vrf with !dflt qdisc
selftests: netfilter: add a vrf+conntrack testcase
nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done
can: sja1000: fix use after free in ems_pcmcia_add_card()
can: kvaser_pciefd: kvaser_pciefd_rx_error_frame(): increase correct stats->{rx,tx}_errors counter
can: kvaser_usb: get CAN clock frequency from device
HID: check for valid USB device for many HID drivers
HID: wacom: fix problems when device is not a valid USB device
HID: bigbenff: prevent null pointer dereference
HID: add USB_HID dependancy on some USB HID drivers
HID: add USB_HID dependancy to hid-chicony
HID: add USB_HID dependancy to hid-prodikeys
HID: add hid_is_usb() function to make it simpler for USB detection
HID: google: add eel USB id
HID: quirks: Add quirk for the Microsoft Surface 3 type-cover
ntfs: fix ntfs_test_inode and ntfs_init_locked_inode function type
serial: tegra: Change lower tolerance baud rate limit for tegra20 and tegra30
ANDROID: GKI: fix up abi breakage in fib_rules.h
Linux 5.4.164
ipmi: msghandler: Make symbol 'remove_work_wq' static
net/tls: Fix authentication failure in CCM mode
parisc: Mark cr16 CPU clocksource unstable on all SMP machines
iwlwifi: mvm: retry init flow if failed
serial: 8250_pci: rewrite pericom_do_set_divisor()
serial: 8250_pci: Fix ACCES entries in pci_serial_quirks array
serial: core: fix transmit-buffer reset and memleak
serial: pl011: Add ACPI SBSA UART match id
tty: serial: msm_serial: Deactivate RX DMA for polling support
x86/64/mm: Map all kernel memory into trampoline_pgd
x86/tsc: Disable clocksource watchdog for TSC on qualified platorms
x86/tsc: Add a timer to make sure TSC_adjust is always checked
usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect
USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub
xhci: Fix commad ring abort, write all 64 bits to CRCR register.
vgacon: Propagate console boot parameters before calling `vc_resize'
parisc: Fix "make install" on newer debian releases
parisc: Fix KBUILD_IMAGE for self-extracting kernel
sched/uclamp: Fix rq->uclamp_max not set on first enqueue
KVM: x86/pmu: Fix reserved bits for AMD PerfEvtSeln register
ipv6: fix memory leak in fib6_rule_suppress
drm/msm: Do hw_init() before capturing GPU state
net/smc: Keep smc_close_final rc during active close
net/rds: correct socket tunable error in rds_tcp_tune()
ipv4: convert fib_num_tclassid_users to atomic_t
net: annotate data-races on txq->xmit_lock_owner
net: marvell: mvpp2: Fix the computation of shared CPUs
net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no IRQ is available
rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer()
selftests: net: Correct case name
net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()
siphash: use _unaligned version by default
net: mpls: Fix notifications when deleting a device
net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings()
natsemi: xtensa: fix section mismatch warnings
i2c: cbus-gpio: set atomic transfer callback
i2c: stm32f7: stop dma transfer in case of NACK
i2c: stm32f7: recover the bus on access timeout
i2c: stm32f7: flush TX FIFO upon transfer errors
sata_fsl: fix warning in remove_proc_entry when rmmod sata_fsl
sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl
fget: check that the fd still exists after getting a ref to it
s390/pci: move pseudo-MMIO to prevent MIO overlap
cpufreq: Fix get_cpu_device() failure in add_cpu_dev_symlink()
ipmi: Move remove_work to dedicated workqueue
rt2x00: do not mark device gone on EPROTO errors during start
kprobes: Limit max data_size of the kretprobe instances
vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit
net/smc: Avoid warning of possible recursive locking
perf report: Fix memory leaks around perf_tip()
perf hist: Fix memory leak of a perf_hpp_fmt
net: ethernet: dec: tulip: de4x5: fix possible array overflows in type3_infoblock()
net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of bound
ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()
ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile
scsi: iscsi: Unblock session then wake up error handler
thermal: core: Reset previous low and high trip during thermal zone init
btrfs: check-integrity: fix a warning on write caching disabled disk
s390/setup: avoid using memblock_enforce_memory_limit
platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3 deep
net: return correct error code
atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait
net/smc: Transfer remaining wait queue entries during fallback
mac80211: do not access the IV when it was stripped
drm/sun4i: fix unmet dependency on RESET_CONTROLLER for PHY_SUN6I_MIPI_DPHY
gfs2: Fix length of holes reported at end-of-file
can: j1939: j1939_tp_cmd_recv(): check the dst address of TP.CM_BAM
arm64: dts: mcbin: support 2W SFP modules
of: clk: Make <linux/of_clk.h> self-contained
NFSv42: Fix pagecache invalidation after COPY/CLONE
Revert "net: ipv6: add fib6_nh_release_dsts stub"
Revert "net: nexthop: release IPv6 per-cpu dsts when replacing a nexthop group"
Revert "mmc: sdhci: Fix ADMA for PAGE_SIZE >= 64KiB"
Linux 5.4.163
tty: hvc: replace BUG_ON() with negative return value
xen/netfront: don't trust the backend response data blindly
xen/netfront: disentangle tx_skb_freelist
xen/netfront: don't read data from request on the ring page
xen/netfront: read response from backend only once
xen/blkfront: don't trust the backend response data blindly
xen/blkfront: don't take local copy of a request from the ring page
xen/blkfront: read response from backend only once
xen: sync include/xen/interface/io/ring.h with Xen's newest version
fuse: release pipe buf after last use
NFC: add NCI_UNREG flag to eliminate the race
shm: extend forced shm destroy to support objects from several IPC nses
s390/mm: validate VMA in PGSTE manipulation functions
tracing: Check pid filtering when creating events
vhost/vsock: fix incorrect used length reported to the guest
smb3: do not error on fsync when readonly
f2fs: set SBI_NEED_FSCK flag when inconsistent node block found
net: mscc: ocelot: correctly report the timestamping RX filters in ethtool
net: mscc: ocelot: don't downgrade timestamping RX filters in SIOCSHWTSTAMP
net: hns3: fix VF RSS failed problem after PF enable multi-TCs
net/smc: Don't call clcsock shutdown twice when smc shutdown
net: vlan: fix underflow for the real_dev refcnt
MIPS: use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48
igb: fix netpoll exit with traffic
nvmet: use IOCB_NOWAIT only if the filesystem supports it
tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited flows
PM: hibernate: use correct mode for swsusp_close()
net/ncsi : Add payload to be 32-bit aligned to fix dropped packets
nvmet-tcp: fix incomplete data digest send
net/smc: Ensure the active closing peer first closes clcsock
scsi: core: sysfs: Fix setting device state to SDEV_RUNNING
net: nexthop: release IPv6 per-cpu dsts when replacing a nexthop group
net: ipv6: add fib6_nh_release_dsts stub
nfp: checking parameter process for rx-usecs/tx-usecs is invalid
ipv6: fix typos in __ip6_finish_output()
iavf: Prevent changing static ITR values if adaptive moderation is on
drm/vc4: fix error code in vc4_create_object()
scsi: mpt3sas: Fix kernel panic during drive powercycle test
ARM: socfpga: Fix crash with CONFIG_FORTIRY_SOURCE
NFSv42: Don't fail clone() unless the OP_CLONE operation failed
firmware: arm_scmi: pm: Propagate return value to caller
net: ieee802154: handle iftypes as u32
ASoC: topology: Add missing rwsem around snd_ctl_remove() calls
ASoC: qdsp6: q6routing: Conditionally reset FrontEnd Mixer
ARM: dts: BCM5301X: Add interrupt properties to GPIO node
ARM: dts: BCM5301X: Fix I2C controller interrupt
netfilter: ipvs: Fix reuse connection if RS weight is 0
proc/vmcore: fix clearing user buffer by properly using clear_user()
arm64: dts: marvell: armada-37xx: Set pcie_reset_pin to gpio function
pinctrl: armada-37xx: Correct PWM pins definitions
PCI: aardvark: Fix support for PCI_BRIDGE_CTL_BUS_RESET on emulated bridge
PCI: aardvark: Set PCI Bridge Class Code to PCI Bridge
PCI: aardvark: Fix support for bus mastering and PCI_COMMAND on emulated bridge
PCI: aardvark: Fix link training
PCI: aardvark: Simplify initialization of rootcap on virtual bridge
PCI: aardvark: Implement re-issuing config requests on CRS response
PCI: aardvark: Fix PCIe Max Payload Size setting
PCI: aardvark: Configure PCIe resources from 'ranges' DT property
PCI: pci-bridge-emul: Fix array overruns, improve safety
PCI: aardvark: Update comment about disabling link training
PCI: aardvark: Move PCIe reset card code to advk_pcie_train_link()
PCI: aardvark: Fix compilation on s390
PCI: aardvark: Don't touch PCIe registers if no card connected
PCI: aardvark: Replace custom macros by standard linux/pci_regs.h macros
PCI: aardvark: Issue PERST via GPIO
PCI: aardvark: Improve link training
PCI: aardvark: Train link immediately after enabling training
PCI: aardvark: Fix big endian support
PCI: aardvark: Wait for endpoint to be ready before training link
PCI: aardvark: Deduplicate code in advk_pcie_rd_conf()
mdio: aspeed: Fix "Link is Down" issue
mmc: sdhci: Fix ADMA for PAGE_SIZE >= 64KiB
tracing: Fix pid filtering when triggers are attached
tracing/uprobe: Fix uprobe_perf_open probes iteration
KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB
xen: detect uninitialized xenbus in xenbus_init
xen: don't continue xenstore initialization in case of errors
staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()
staging/fbtft: Fix backlight
HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts
Revert "parisc: Fix backtrace to always include init funtion names"
media: cec: copy sequence field for the reply
ALSA: ctxfi: Fix out-of-range access
binder: fix test regression due to sender_euid change
usb: hub: Fix locking issues with address0_mutex
usb: hub: Fix usb enumeration issue due to address0 race
usb: typec: fusb302: Fix masking of comparator and bc_lvl interrupts
net: nexthop: fix null pointer dereference when IPv6 is not enabled
usb: dwc2: hcd_queue: Fix use of floating point literal
usb: dwc2: gadget: Fix ISOC flow for elapsed frames
USB: serial: option: add Fibocom FM101-GL variants
USB: serial: option: add Telit LE910S1 0x9200 composition
Linux 5.4.162
ALSA: hda: hdac_stream: fix potential locking issue in snd_hdac_stream_assign()
ALSA: hda: hdac_ext_stream: fix potential locking issues
hugetlbfs: flush TLBs correctly after huge_pmd_unshare
tlb: mmu_gather: add tlb_flush_*_range APIs
ice: Delete always true check of PF pointer
usb: max-3421: Use driver data instead of maintaining a list of bound devices
ASoC: DAPM: Cover regression by kctl change notification fix
batman-adv: Don't always reallocate the fragmentation skb head
batman-adv: Reserve needed_*room for fragments
batman-adv: Consider fragmentation for needed_headroom
perf/core: Avoid put_page() when GUP fails
Revert "net: mvpp2: disable force link UP during port init procedure"
drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga and dvi connectors
drm/i915/dp: Ensure sink rate values are always valid
drm/nouveau: use drm_dev_unplug() during device removal
drm/udl: fix control-message timeout
cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
parisc/sticon: fix reverse colors
btrfs: fix memory ordering between normal and ordered work functions
udf: Fix crash after seekdir
s390/kexec: fix memory leak of ipl report buffer
x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails
mm: kmemleak: slob: respect SLAB_NOLEAKTRACE flag
ipc: WARN if trying to remove ipc object which is absent
hexagon: export raw I/O routines for modules
tun: fix bonding active backup with arp monitoring
arm64: vdso32: suppress error message for 'make mrproper'
s390/kexec: fix return code handling
perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server
perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake Server
KVM: PPC: Book3S HV: Use GLOBAL_TOC for kvmppc_h_set_dabr/xdabr()
NFC: reorder the logic in nfc_{un,}register_device
drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame
NFC: reorganize the functions in nci_request
i40e: Fix display error code in dmesg
i40e: Fix creation of first queue by omitting it if is not power of two
i40e: Fix ping is lost after configuring ADq on VF
i40e: Fix changing previously set num_queue_pairs for PFs
i40e: Fix NULL ptr dereference on VSI filter sync
i40e: Fix correct max_pkt_size on VF RX queue
net: virtio_net_hdr_to_skb: count transport header in UFO
net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove
net: sched: act_mirred: drop dst for the direction from egress to ingress
scsi: core: sysfs: Fix hang when device state is set via sysfs
platform/x86: hp_accel: Fix an error handling path in 'lis3lv02d_probe()'
mips: lantiq: add support for clk_get_parent()
mips: bcm63xx: add support for clk_get_parent()
MIPS: generic/yamon-dt: fix uninitialized variable error
iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset
iavf: validate pointers
iavf: prevent accidental free of filter structure
iavf: Fix failure to exit out from last all-multicast mode
iavf: free q_vectors before queues in iavf_disable_vf
iavf: check for null in iavf_fix_features
net: bnx2x: fix variable dereferenced before check
perf tests: Remove bash construct from record+zstd_comp_decomp.sh
perf bench futex: Fix memory leak of perf_cpu_map__new()
perf bpf: Avoid memory leak from perf_env__insert_btf()
RDMA/netlink: Add __maybe_unused to static inline in C file
tracing/histogram: Do not copy the fixed-size char array field over the field size
tracing: Save normal string variables
sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain()
mips: BCM63XX: ensure that CPU_SUPPORTS_32BIT_KERNEL is set
clk: qcom: gcc-msm8996: Drop (again) gcc_aggre1_pnoc_ahb_clk
clk/ast2600: Fix soc revision for AHB
clk: ingenic: Fix bugs with divided dividers
sh: define __BIG_ENDIAN for math-emu
sh: math-emu: drop unused functions
sh: fix kconfig unmet dependency warning for FRAME_POINTER
f2fs: fix up f2fs_lookup tracepoints
maple: fix wrong return value of maple_bus_init().
sh: check return code of request_irq
powerpc/dcr: Use cmplwi instead of 3-argument cmpli
ALSA: gus: fix null pointer dereference on pointer block
powerpc/5200: dts: fix memory node unit name
iio: imu: st_lsm6dsx: Avoid potential array overflow in st_lsm6dsx_set_odr()
scsi: target: Fix alua_tg_pt_gps_count tracking
scsi: target: Fix ordered tag handling
MIPS: sni: Fix the build
tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
ALSA: ISA: not for M68K
ARM: dts: ls1021a-tsn: use generic "jedec,spi-nor" compatible for flash
ARM: dts: ls1021a: move thermal-zones node out of soc/
usb: host: ohci-tmio: check return value after calling platform_get_resource()
ARM: dts: omap: fix gpmc,mux-add-data type
firmware_loader: fix pre-allocated buf built-in firmware use
scsi: advansys: Fix kernel pointer leak
ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect
clk: imx: imx6ul: Move csi_sel mux to correct base register
ASoC: SOF: Intel: hda-dai: fix potential locking issue
arm64: dts: freescale: fix arm,sp805 compatible string
arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency
usb: typec: tipd: Remove WARN_ON in tps6598x_block_read
usb: musb: tusb6010: check return value after calling platform_get_resource()
RDMA/bnxt_re: Check if the vlan is valid before reporting
arm64: dts: hisilicon: fix arm,sp805 compatible string
scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
ARM: dts: NSP: Fix mpcore, mmc node names
arm64: zynqmp: Fix serial compatible string
arm64: zynqmp: Do not duplicate flash partition label property
Conflicts:
Documentation/devicetree/bindings
Documentation/devicetree/bindings/display/amlogic,meson-dw-hdmi.yaml
Documentation/devicetree/bindings/display/amlogic,meson-vpu.yaml
Documentation/devicetree/bindings/net/can/tcan4x5x.txt
Documentation/devicetree/bindings/net/ethernet-phy.yaml
Documentation/devicetree/bindings/pinctrl/marvell,armada-37xx-pinctrl.txt
arch/arm64/include/asm/cputype.h
drivers/base/power/wakeup.c
drivers/clk/qcom/common.c
drivers/iommu/io-pgtable-arm.c
drivers/net/macsec.c
drivers/usb/dwc3/gadget.c
drivers/usb/gadget/function/f_fs.c
include/trace/events/f2fs.h
Change-Id: I06d6af403c13b93b319a8bc01db206c619ee96d3
Signed-off-by: Srinivasarao Pathipati <quic_spathi@quicinc.com>
2221 lines
52 KiB
C
2221 lines
52 KiB
C
// SPDX-License-Identifier: GPL-2.0
|
|
/*
|
|
* Wireless utility functions
|
|
*
|
|
* Copyright 2007-2009 Johannes Berg <johannes@sipsolutions.net>
|
|
* Copyright 2013-2014 Intel Mobile Communications GmbH
|
|
* Copyright 2017 Intel Deutschland GmbH
|
|
* Copyright (C) 2018-2019 Intel Corporation
|
|
*/
|
|
#include <linux/export.h>
|
|
#include <linux/bitops.h>
|
|
#include <linux/etherdevice.h>
|
|
#include <linux/slab.h>
|
|
#include <linux/ieee80211.h>
|
|
#include <net/cfg80211.h>
|
|
#include <net/ip.h>
|
|
#include <net/dsfield.h>
|
|
#include <linux/if_vlan.h>
|
|
#include <linux/mpls.h>
|
|
#include <linux/gcd.h>
|
|
#include <linux/bitfield.h>
|
|
#include <linux/nospec.h>
|
|
#include "core.h"
|
|
#include "rdev-ops.h"
|
|
|
|
|
|
struct ieee80211_rate *
|
|
ieee80211_get_response_rate(struct ieee80211_supported_band *sband,
|
|
u32 basic_rates, int bitrate)
|
|
{
|
|
struct ieee80211_rate *result = &sband->bitrates[0];
|
|
int i;
|
|
|
|
for (i = 0; i < sband->n_bitrates; i++) {
|
|
if (!(basic_rates & BIT(i)))
|
|
continue;
|
|
if (sband->bitrates[i].bitrate > bitrate)
|
|
continue;
|
|
result = &sband->bitrates[i];
|
|
}
|
|
|
|
return result;
|
|
}
|
|
EXPORT_SYMBOL(ieee80211_get_response_rate);
|
|
|
|
u32 ieee80211_mandatory_rates(struct ieee80211_supported_band *sband,
|
|
enum nl80211_bss_scan_width scan_width)
|
|
{
|
|
struct ieee80211_rate *bitrates;
|
|
u32 mandatory_rates = 0;
|
|
enum ieee80211_rate_flags mandatory_flag;
|
|
int i;
|
|
|
|
if (WARN_ON(!sband))
|
|
return 1;
|
|
|
|
if (sband->band == NL80211_BAND_2GHZ) {
|
|
if (scan_width == NL80211_BSS_CHAN_WIDTH_5 ||
|
|
scan_width == NL80211_BSS_CHAN_WIDTH_10)
|
|
mandatory_flag = IEEE80211_RATE_MANDATORY_G;
|
|
else
|
|
mandatory_flag = IEEE80211_RATE_MANDATORY_B;
|
|
} else {
|
|
mandatory_flag = IEEE80211_RATE_MANDATORY_A;
|
|
}
|
|
|
|
bitrates = sband->bitrates;
|
|
for (i = 0; i < sband->n_bitrates; i++)
|
|
if (bitrates[i].flags & mandatory_flag)
|
|
mandatory_rates |= BIT(i);
|
|
return mandatory_rates;
|
|
}
|
|
EXPORT_SYMBOL(ieee80211_mandatory_rates);
|
|
|
|
u32 ieee80211_channel_to_freq_khz(int chan, enum nl80211_band band)
|
|
{
|
|
/* see 802.11 17.3.8.3.2 and Annex J
|
|
* there are overlapping channel numbers in 5GHz and 2GHz bands */
|
|
if (chan <= 0)
|
|
return 0; /* not supported */
|
|
switch (band) {
|
|
case NL80211_BAND_2GHZ:
|
|
if (chan == 14)
|
|
return MHZ_TO_KHZ(2484);
|
|
else if (chan < 14)
|
|
return MHZ_TO_KHZ(2407 + chan * 5);
|
|
break;
|
|
case NL80211_BAND_5GHZ:
|
|
if (chan >= 182 && chan <= 196)
|
|
return MHZ_TO_KHZ(4000 + chan * 5);
|
|
else
|
|
return MHZ_TO_KHZ(5000 + chan * 5);
|
|
break;
|
|
case NL80211_BAND_6GHZ:
|
|
/* see 802.11ax D6.1 27.3.23.2 */
|
|
if (chan == 2)
|
|
return MHZ_TO_KHZ(5935);
|
|
if (chan <= 233)
|
|
return MHZ_TO_KHZ(5950 + chan * 5);
|
|
break;
|
|
case NL80211_BAND_60GHZ:
|
|
if (chan < 7)
|
|
return MHZ_TO_KHZ(56160 + chan * 2160);
|
|
break;
|
|
default:
|
|
;
|
|
}
|
|
return 0; /* not supported */
|
|
}
|
|
EXPORT_SYMBOL(ieee80211_channel_to_freq_khz);
|
|
|
|
int ieee80211_freq_khz_to_channel(u32 freq)
|
|
{
|
|
/* TODO: just handle MHz for now */
|
|
freq = KHZ_TO_MHZ(freq);
|
|
|
|
/* see 802.11 17.3.8.3.2 and Annex J */
|
|
if (freq == 2484)
|
|
return 14;
|
|
else if (freq < 2484)
|
|
return (freq - 2407) / 5;
|
|
else if (freq >= 4910 && freq <= 4980)
|
|
return (freq - 4000) / 5;
|
|
else if (freq < 5925)
|
|
return (freq - 5000) / 5;
|
|
else if (freq == 5935)
|
|
return 2;
|
|
else if (freq <= 45000) /* DMG band lower limit */
|
|
/* see 802.11ax D6.1 27.3.22.2 */
|
|
return (freq - 5950) / 5;
|
|
else if (freq >= 58320 && freq <= 70200)
|
|
return (freq - 56160) / 2160;
|
|
else
|
|
return 0;
|
|
}
|
|
EXPORT_SYMBOL(ieee80211_freq_khz_to_channel);
|
|
|
|
struct ieee80211_channel *ieee80211_get_channel_khz(struct wiphy *wiphy,
|
|
u32 freq)
|
|
{
|
|
enum nl80211_band band;
|
|
struct ieee80211_supported_band *sband;
|
|
int i;
|
|
|
|
for (band = 0; band < NUM_NL80211_BANDS; band++) {
|
|
sband = wiphy->bands[band];
|
|
|
|
if (!sband)
|
|
continue;
|
|
|
|
for (i = 0; i < sband->n_channels; i++) {
|
|
struct ieee80211_channel *chan = &sband->channels[i];
|
|
|
|
if (ieee80211_channel_to_khz(chan) == freq)
|
|
return chan;
|
|
}
|
|
}
|
|
|
|
return NULL;
|
|
}
|
|
EXPORT_SYMBOL(ieee80211_get_channel_khz);
|
|
|
|
static void set_mandatory_flags_band(struct ieee80211_supported_band *sband)
|
|
{
|
|
int i, want;
|
|
|
|
switch (sband->band) {
|
|
case NL80211_BAND_5GHZ:
|
|
case NL80211_BAND_6GHZ:
|
|
want = 3;
|
|
for (i = 0; i < sband->n_bitrates; i++) {
|
|
if (sband->bitrates[i].bitrate == 60 ||
|
|
sband->bitrates[i].bitrate == 120 ||
|
|
sband->bitrates[i].bitrate == 240) {
|
|
sband->bitrates[i].flags |=
|
|
IEEE80211_RATE_MANDATORY_A;
|
|
want--;
|
|
}
|
|
}
|
|
WARN_ON(want);
|
|
break;
|
|
case NL80211_BAND_2GHZ:
|
|
want = 7;
|
|
for (i = 0; i < sband->n_bitrates; i++) {
|
|
switch (sband->bitrates[i].bitrate) {
|
|
case 10:
|
|
case 20:
|
|
case 55:
|
|
case 110:
|
|
sband->bitrates[i].flags |=
|
|
IEEE80211_RATE_MANDATORY_B |
|
|
IEEE80211_RATE_MANDATORY_G;
|
|
want--;
|
|
break;
|
|
case 60:
|
|
case 120:
|
|
case 240:
|
|
sband->bitrates[i].flags |=
|
|
IEEE80211_RATE_MANDATORY_G;
|
|
want--;
|
|
/* fall through */
|
|
default:
|
|
sband->bitrates[i].flags |=
|
|
IEEE80211_RATE_ERP_G;
|
|
break;
|
|
}
|
|
}
|
|
WARN_ON(want != 0 && want != 3);
|
|
break;
|
|
case NL80211_BAND_60GHZ:
|
|
/* check for mandatory HT MCS 1..4 */
|
|
WARN_ON(!sband->ht_cap.ht_supported);
|
|
WARN_ON((sband->ht_cap.mcs.rx_mask[0] & 0x1e) != 0x1e);
|
|
break;
|
|
case NUM_NL80211_BANDS:
|
|
default:
|
|
WARN_ON(1);
|
|
break;
|
|
}
|
|
}
|
|
|
|
void ieee80211_set_bitrate_flags(struct wiphy *wiphy)
|
|
{
|
|
enum nl80211_band band;
|
|
|
|
for (band = 0; band < NUM_NL80211_BANDS; band++)
|
|
if (wiphy->bands[band])
|
|
set_mandatory_flags_band(wiphy->bands[band]);
|
|
}
|
|
|
|
bool cfg80211_supported_cipher_suite(struct wiphy *wiphy, u32 cipher)
|
|
{
|
|
int i;
|
|
for (i = 0; i < wiphy->n_cipher_suites; i++)
|
|
if (cipher == wiphy->cipher_suites[i])
|
|
return true;
|
|
return false;
|
|
}
|
|
|
|
static bool
|
|
cfg80211_igtk_cipher_supported(struct cfg80211_registered_device *rdev)
|
|
{
|
|
struct wiphy *wiphy = &rdev->wiphy;
|
|
int i;
|
|
|
|
for (i = 0; i < wiphy->n_cipher_suites; i++) {
|
|
switch (wiphy->cipher_suites[i]) {
|
|
case WLAN_CIPHER_SUITE_AES_CMAC:
|
|
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
|
|
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
|
|
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
|
|
return true;
|
|
}
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
bool cfg80211_valid_key_idx(struct cfg80211_registered_device *rdev,
|
|
int key_idx, bool pairwise)
|
|
{
|
|
int max_key_idx;
|
|
|
|
if (pairwise)
|
|
max_key_idx = 3;
|
|
else if (wiphy_ext_feature_isset(&rdev->wiphy,
|
|
NL80211_EXT_FEATURE_BEACON_PROTECTION))
|
|
max_key_idx = 7;
|
|
else if (cfg80211_igtk_cipher_supported(rdev))
|
|
max_key_idx = 5;
|
|
else
|
|
max_key_idx = 3;
|
|
|
|
if (key_idx < 0 || key_idx > max_key_idx)
|
|
return false;
|
|
|
|
return true;
|
|
}
|
|
|
|
int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev,
|
|
struct key_params *params, int key_idx,
|
|
bool pairwise, const u8 *mac_addr)
|
|
{
|
|
if (!cfg80211_valid_key_idx(rdev, key_idx, pairwise))
|
|
return -EINVAL;
|
|
|
|
if (!pairwise && mac_addr && !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN))
|
|
return -EINVAL;
|
|
|
|
if (pairwise && !mac_addr)
|
|
return -EINVAL;
|
|
|
|
switch (params->cipher) {
|
|
case WLAN_CIPHER_SUITE_TKIP:
|
|
/* Extended Key ID can only be used with CCMP/GCMP ciphers */
|
|
if ((pairwise && key_idx) ||
|
|
params->mode != NL80211_KEY_RX_TX)
|
|
return -EINVAL;
|
|
break;
|
|
case WLAN_CIPHER_SUITE_CCMP:
|
|
case WLAN_CIPHER_SUITE_CCMP_256:
|
|
case WLAN_CIPHER_SUITE_GCMP:
|
|
case WLAN_CIPHER_SUITE_GCMP_256:
|
|
/* IEEE802.11-2016 allows only 0 and - when supporting
|
|
* Extended Key ID - 1 as index for pairwise keys.
|
|
* @NL80211_KEY_NO_TX is only allowed for pairwise keys when
|
|
* the driver supports Extended Key ID.
|
|
* @NL80211_KEY_SET_TX can't be set when installing and
|
|
* validating a key.
|
|
*/
|
|
if ((params->mode == NL80211_KEY_NO_TX && !pairwise) ||
|
|
params->mode == NL80211_KEY_SET_TX)
|
|
return -EINVAL;
|
|
if (wiphy_ext_feature_isset(&rdev->wiphy,
|
|
NL80211_EXT_FEATURE_EXT_KEY_ID)) {
|
|
if (pairwise && (key_idx < 0 || key_idx > 1))
|
|
return -EINVAL;
|
|
} else if (pairwise && key_idx) {
|
|
return -EINVAL;
|
|
}
|
|
break;
|
|
case WLAN_CIPHER_SUITE_AES_CMAC:
|
|
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
|
|
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
|
|
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
|
|
/* Disallow BIP (group-only) cipher as pairwise cipher */
|
|
if (pairwise)
|
|
return -EINVAL;
|
|
if (key_idx < 4)
|
|
return -EINVAL;
|
|
break;
|
|
case WLAN_CIPHER_SUITE_WEP40:
|
|
case WLAN_CIPHER_SUITE_WEP104:
|
|
if (key_idx > 3)
|
|
return -EINVAL;
|
|
default:
|
|
break;
|
|
}
|
|
|
|
switch (params->cipher) {
|
|
case WLAN_CIPHER_SUITE_WEP40:
|
|
if (params->key_len != WLAN_KEY_LEN_WEP40)
|
|
return -EINVAL;
|
|
break;
|
|
case WLAN_CIPHER_SUITE_TKIP:
|
|
if (params->key_len != WLAN_KEY_LEN_TKIP)
|
|
return -EINVAL;
|
|
break;
|
|
case WLAN_CIPHER_SUITE_CCMP:
|
|
if (params->key_len != WLAN_KEY_LEN_CCMP)
|
|
return -EINVAL;
|
|
break;
|
|
case WLAN_CIPHER_SUITE_CCMP_256:
|
|
if (params->key_len != WLAN_KEY_LEN_CCMP_256)
|
|
return -EINVAL;
|
|
break;
|
|
case WLAN_CIPHER_SUITE_GCMP:
|
|
if (params->key_len != WLAN_KEY_LEN_GCMP)
|
|
return -EINVAL;
|
|
break;
|
|
case WLAN_CIPHER_SUITE_GCMP_256:
|
|
if (params->key_len != WLAN_KEY_LEN_GCMP_256)
|
|
return -EINVAL;
|
|
break;
|
|
case WLAN_CIPHER_SUITE_WEP104:
|
|
if (params->key_len != WLAN_KEY_LEN_WEP104)
|
|
return -EINVAL;
|
|
break;
|
|
case WLAN_CIPHER_SUITE_AES_CMAC:
|
|
if (params->key_len != WLAN_KEY_LEN_AES_CMAC)
|
|
return -EINVAL;
|
|
break;
|
|
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
|
|
if (params->key_len != WLAN_KEY_LEN_BIP_CMAC_256)
|
|
return -EINVAL;
|
|
break;
|
|
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
|
|
if (params->key_len != WLAN_KEY_LEN_BIP_GMAC_128)
|
|
return -EINVAL;
|
|
break;
|
|
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
|
|
if (params->key_len != WLAN_KEY_LEN_BIP_GMAC_256)
|
|
return -EINVAL;
|
|
break;
|
|
default:
|
|
/*
|
|
* We don't know anything about this algorithm,
|
|
* allow using it -- but the driver must check
|
|
* all parameters! We still check below whether
|
|
* or not the driver supports this algorithm,
|
|
* of course.
|
|
*/
|
|
break;
|
|
}
|
|
|
|
if (params->seq) {
|
|
switch (params->cipher) {
|
|
case WLAN_CIPHER_SUITE_WEP40:
|
|
case WLAN_CIPHER_SUITE_WEP104:
|
|
/* These ciphers do not use key sequence */
|
|
return -EINVAL;
|
|
case WLAN_CIPHER_SUITE_TKIP:
|
|
case WLAN_CIPHER_SUITE_CCMP:
|
|
case WLAN_CIPHER_SUITE_CCMP_256:
|
|
case WLAN_CIPHER_SUITE_GCMP:
|
|
case WLAN_CIPHER_SUITE_GCMP_256:
|
|
case WLAN_CIPHER_SUITE_AES_CMAC:
|
|
case WLAN_CIPHER_SUITE_BIP_CMAC_256:
|
|
case WLAN_CIPHER_SUITE_BIP_GMAC_128:
|
|
case WLAN_CIPHER_SUITE_BIP_GMAC_256:
|
|
if (params->seq_len != 6)
|
|
return -EINVAL;
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (!cfg80211_supported_cipher_suite(&rdev->wiphy, params->cipher))
|
|
return -EINVAL;
|
|
|
|
return 0;
|
|
}
|
|
|
|
unsigned int __attribute_const__ ieee80211_hdrlen(__le16 fc)
|
|
{
|
|
unsigned int hdrlen = 24;
|
|
|
|
if (ieee80211_is_data(fc)) {
|
|
if (ieee80211_has_a4(fc))
|
|
hdrlen = 30;
|
|
if (ieee80211_is_data_qos(fc)) {
|
|
hdrlen += IEEE80211_QOS_CTL_LEN;
|
|
if (ieee80211_has_order(fc))
|
|
hdrlen += IEEE80211_HT_CTL_LEN;
|
|
}
|
|
goto out;
|
|
}
|
|
|
|
if (ieee80211_is_mgmt(fc)) {
|
|
if (ieee80211_has_order(fc))
|
|
hdrlen += IEEE80211_HT_CTL_LEN;
|
|
goto out;
|
|
}
|
|
|
|
if (ieee80211_is_ctl(fc)) {
|
|
/*
|
|
* ACK and CTS are 10 bytes, all others 16. To see how
|
|
* to get this condition consider
|
|
* subtype mask: 0b0000000011110000 (0x00F0)
|
|
* ACK subtype: 0b0000000011010000 (0x00D0)
|
|
* CTS subtype: 0b0000000011000000 (0x00C0)
|
|
* bits that matter: ^^^ (0x00E0)
|
|
* value of those: 0b0000000011000000 (0x00C0)
|
|
*/
|
|
if ((fc & cpu_to_le16(0x00E0)) == cpu_to_le16(0x00C0))
|
|
hdrlen = 10;
|
|
else
|
|
hdrlen = 16;
|
|
}
|
|
out:
|
|
return hdrlen;
|
|
}
|
|
EXPORT_SYMBOL(ieee80211_hdrlen);
|
|
|
|
unsigned int ieee80211_get_hdrlen_from_skb(const struct sk_buff *skb)
|
|
{
|
|
const struct ieee80211_hdr *hdr =
|
|
(const struct ieee80211_hdr *)skb->data;
|
|
unsigned int hdrlen;
|
|
|
|
if (unlikely(skb->len < 10))
|
|
return 0;
|
|
hdrlen = ieee80211_hdrlen(hdr->frame_control);
|
|
if (unlikely(hdrlen > skb->len))
|
|
return 0;
|
|
return hdrlen;
|
|
}
|
|
EXPORT_SYMBOL(ieee80211_get_hdrlen_from_skb);
|
|
|
|
static unsigned int __ieee80211_get_mesh_hdrlen(u8 flags)
|
|
{
|
|
int ae = flags & MESH_FLAGS_AE;
|
|
/* 802.11-2012, 8.2.4.7.3 */
|
|
switch (ae) {
|
|
default:
|
|
case 0:
|
|
return 6;
|
|
case MESH_FLAGS_AE_A4:
|
|
return 12;
|
|
case MESH_FLAGS_AE_A5_A6:
|
|
return 18;
|
|
}
|
|
}
|
|
|
|
unsigned int ieee80211_get_mesh_hdrlen(struct ieee80211s_hdr *meshhdr)
|
|
{
|
|
return __ieee80211_get_mesh_hdrlen(meshhdr->flags);
|
|
}
|
|
EXPORT_SYMBOL(ieee80211_get_mesh_hdrlen);
|
|
|
|
int ieee80211_data_to_8023_exthdr_bool(struct sk_buff *skb, struct ethhdr *ehdr,
|
|
const u8 *addr, enum nl80211_iftype iftype,
|
|
u8 data_offset, bool is_amsdu)
|
|
{
|
|
struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
|
|
struct {
|
|
u8 hdr[ETH_ALEN] __aligned(2);
|
|
__be16 proto;
|
|
} payload;
|
|
struct ethhdr tmp;
|
|
u16 hdrlen;
|
|
u8 mesh_flags = 0;
|
|
|
|
if (unlikely(!ieee80211_is_data_present(hdr->frame_control)))
|
|
return -1;
|
|
|
|
hdrlen = ieee80211_hdrlen(hdr->frame_control) + data_offset;
|
|
if (skb->len < hdrlen + 8)
|
|
return -1;
|
|
|
|
/* convert IEEE 802.11 header + possible LLC headers into Ethernet
|
|
* header
|
|
* IEEE 802.11 address fields:
|
|
* ToDS FromDS Addr1 Addr2 Addr3 Addr4
|
|
* 0 0 DA SA BSSID n/a
|
|
* 0 1 DA BSSID SA n/a
|
|
* 1 0 BSSID SA DA n/a
|
|
* 1 1 RA TA DA SA
|
|
*/
|
|
memcpy(tmp.h_dest, ieee80211_get_DA(hdr), ETH_ALEN);
|
|
memcpy(tmp.h_source, ieee80211_get_SA(hdr), ETH_ALEN);
|
|
|
|
if (iftype == NL80211_IFTYPE_MESH_POINT)
|
|
skb_copy_bits(skb, hdrlen, &mesh_flags, 1);
|
|
|
|
mesh_flags &= MESH_FLAGS_AE;
|
|
|
|
switch (hdr->frame_control &
|
|
cpu_to_le16(IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) {
|
|
case cpu_to_le16(IEEE80211_FCTL_TODS):
|
|
if (unlikely(iftype != NL80211_IFTYPE_AP &&
|
|
iftype != NL80211_IFTYPE_AP_VLAN &&
|
|
iftype != NL80211_IFTYPE_P2P_GO))
|
|
return -1;
|
|
break;
|
|
case cpu_to_le16(IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS):
|
|
if (unlikely(iftype != NL80211_IFTYPE_WDS &&
|
|
iftype != NL80211_IFTYPE_MESH_POINT &&
|
|
iftype != NL80211_IFTYPE_AP_VLAN &&
|
|
iftype != NL80211_IFTYPE_STATION))
|
|
return -1;
|
|
if (iftype == NL80211_IFTYPE_MESH_POINT) {
|
|
if (mesh_flags == MESH_FLAGS_AE_A4)
|
|
return -1;
|
|
if (mesh_flags == MESH_FLAGS_AE_A5_A6) {
|
|
skb_copy_bits(skb, hdrlen +
|
|
offsetof(struct ieee80211s_hdr, eaddr1),
|
|
tmp.h_dest, 2 * ETH_ALEN);
|
|
}
|
|
hdrlen += __ieee80211_get_mesh_hdrlen(mesh_flags);
|
|
}
|
|
break;
|
|
case cpu_to_le16(IEEE80211_FCTL_FROMDS):
|
|
if ((iftype != NL80211_IFTYPE_STATION &&
|
|
iftype != NL80211_IFTYPE_P2P_CLIENT &&
|
|
iftype != NL80211_IFTYPE_MESH_POINT) ||
|
|
(is_multicast_ether_addr(tmp.h_dest) &&
|
|
ether_addr_equal(tmp.h_source, addr)))
|
|
return -1;
|
|
if (iftype == NL80211_IFTYPE_MESH_POINT) {
|
|
if (mesh_flags == MESH_FLAGS_AE_A5_A6)
|
|
return -1;
|
|
if (mesh_flags == MESH_FLAGS_AE_A4)
|
|
skb_copy_bits(skb, hdrlen +
|
|
offsetof(struct ieee80211s_hdr, eaddr1),
|
|
tmp.h_source, ETH_ALEN);
|
|
hdrlen += __ieee80211_get_mesh_hdrlen(mesh_flags);
|
|
}
|
|
break;
|
|
case cpu_to_le16(0):
|
|
if (iftype != NL80211_IFTYPE_ADHOC &&
|
|
iftype != NL80211_IFTYPE_STATION &&
|
|
iftype != NL80211_IFTYPE_OCB)
|
|
return -1;
|
|
break;
|
|
}
|
|
|
|
skb_copy_bits(skb, hdrlen, &payload, sizeof(payload));
|
|
tmp.h_proto = payload.proto;
|
|
|
|
if (likely((!is_amsdu && ether_addr_equal(payload.hdr, rfc1042_header) &&
|
|
tmp.h_proto != htons(ETH_P_AARP) &&
|
|
tmp.h_proto != htons(ETH_P_IPX)) ||
|
|
ether_addr_equal(payload.hdr, bridge_tunnel_header)))
|
|
/* remove RFC1042 or Bridge-Tunnel encapsulation and
|
|
* replace EtherType */
|
|
hdrlen += ETH_ALEN + 2;
|
|
else
|
|
tmp.h_proto = htons(skb->len - hdrlen);
|
|
|
|
pskb_pull(skb, hdrlen);
|
|
|
|
if (!ehdr)
|
|
ehdr = skb_push(skb, sizeof(struct ethhdr));
|
|
memcpy(ehdr, &tmp, sizeof(tmp));
|
|
|
|
return 0;
|
|
}
|
|
EXPORT_SYMBOL_GPL(ieee80211_data_to_8023_exthdr_bool);
|
|
|
|
int ieee80211_data_to_8023_exthdr(struct sk_buff *skb, struct ethhdr *ehdr,
|
|
const u8 *addr, enum nl80211_iftype iftype,
|
|
u8 data_offset)
|
|
{
|
|
return ieee80211_data_to_8023_exthdr_bool(skb, ehdr, addr, iftype,
|
|
data_offset, false);
|
|
}
|
|
EXPORT_SYMBOL(ieee80211_data_to_8023_exthdr);
|
|
|
|
static void
|
|
__frame_add_frag(struct sk_buff *skb, struct page *page,
|
|
void *ptr, int len, int size)
|
|
{
|
|
struct skb_shared_info *sh = skb_shinfo(skb);
|
|
int page_offset;
|
|
|
|
get_page(page);
|
|
page_offset = ptr - page_address(page);
|
|
skb_add_rx_frag(skb, sh->nr_frags, page, page_offset, len, size);
|
|
}
|
|
|
|
static void
|
|
__ieee80211_amsdu_copy_frag(struct sk_buff *skb, struct sk_buff *frame,
|
|
int offset, int len)
|
|
{
|
|
struct skb_shared_info *sh = skb_shinfo(skb);
|
|
const skb_frag_t *frag = &sh->frags[0];
|
|
struct page *frag_page;
|
|
void *frag_ptr;
|
|
int frag_len, frag_size;
|
|
int head_size = skb->len - skb->data_len;
|
|
int cur_len;
|
|
|
|
frag_page = virt_to_head_page(skb->head);
|
|
frag_ptr = skb->data;
|
|
frag_size = head_size;
|
|
|
|
while (offset >= frag_size) {
|
|
offset -= frag_size;
|
|
frag_page = skb_frag_page(frag);
|
|
frag_ptr = skb_frag_address(frag);
|
|
frag_size = skb_frag_size(frag);
|
|
frag++;
|
|
}
|
|
|
|
frag_ptr += offset;
|
|
frag_len = frag_size - offset;
|
|
|
|
cur_len = min(len, frag_len);
|
|
|
|
__frame_add_frag(frame, frag_page, frag_ptr, cur_len, frag_size);
|
|
len -= cur_len;
|
|
|
|
while (len > 0) {
|
|
frag_len = skb_frag_size(frag);
|
|
cur_len = min(len, frag_len);
|
|
__frame_add_frag(frame, skb_frag_page(frag),
|
|
skb_frag_address(frag), cur_len, frag_len);
|
|
len -= cur_len;
|
|
frag++;
|
|
}
|
|
}
|
|
|
|
static struct sk_buff *
|
|
__ieee80211_amsdu_copy(struct sk_buff *skb, unsigned int hlen,
|
|
int offset, int len, bool reuse_frag)
|
|
{
|
|
struct sk_buff *frame;
|
|
int cur_len = len;
|
|
|
|
if (skb->len - offset < len)
|
|
return NULL;
|
|
|
|
/*
|
|
* When reusing framents, copy some data to the head to simplify
|
|
* ethernet header handling and speed up protocol header processing
|
|
* in the stack later.
|
|
*/
|
|
if (reuse_frag)
|
|
cur_len = min_t(int, len, 32);
|
|
|
|
/*
|
|
* Allocate and reserve two bytes more for payload
|
|
* alignment since sizeof(struct ethhdr) is 14.
|
|
*/
|
|
frame = dev_alloc_skb(hlen + sizeof(struct ethhdr) + 2 + cur_len);
|
|
if (!frame)
|
|
return NULL;
|
|
|
|
skb_reserve(frame, hlen + sizeof(struct ethhdr) + 2);
|
|
skb_copy_bits(skb, offset, skb_put(frame, cur_len), cur_len);
|
|
|
|
len -= cur_len;
|
|
if (!len)
|
|
return frame;
|
|
|
|
offset += cur_len;
|
|
__ieee80211_amsdu_copy_frag(skb, frame, offset, len);
|
|
|
|
return frame;
|
|
}
|
|
|
|
void ieee80211_amsdu_to_8023s(struct sk_buff *skb, struct sk_buff_head *list,
|
|
const u8 *addr, enum nl80211_iftype iftype,
|
|
const unsigned int extra_headroom,
|
|
const u8 *check_da, const u8 *check_sa)
|
|
{
|
|
unsigned int hlen = ALIGN(extra_headroom, 4);
|
|
struct sk_buff *frame = NULL;
|
|
u16 ethertype;
|
|
u8 *payload;
|
|
int offset = 0, remaining;
|
|
struct ethhdr eth;
|
|
bool reuse_frag = skb->head_frag && !skb_has_frag_list(skb);
|
|
bool reuse_skb = false;
|
|
bool last = false;
|
|
|
|
while (!last) {
|
|
unsigned int subframe_len;
|
|
int len;
|
|
u8 padding;
|
|
|
|
skb_copy_bits(skb, offset, ð, sizeof(eth));
|
|
len = ntohs(eth.h_proto);
|
|
subframe_len = sizeof(struct ethhdr) + len;
|
|
padding = (4 - subframe_len) & 0x3;
|
|
|
|
/* the last MSDU has no padding */
|
|
remaining = skb->len - offset;
|
|
if (subframe_len > remaining)
|
|
goto purge;
|
|
/* mitigate A-MSDU aggregation injection attacks */
|
|
if (ether_addr_equal(eth.h_dest, rfc1042_header))
|
|
goto purge;
|
|
|
|
offset += sizeof(struct ethhdr);
|
|
last = remaining <= subframe_len + padding;
|
|
|
|
/* FIXME: should we really accept multicast DA? */
|
|
if ((check_da && !is_multicast_ether_addr(eth.h_dest) &&
|
|
!ether_addr_equal(check_da, eth.h_dest)) ||
|
|
(check_sa && !ether_addr_equal(check_sa, eth.h_source))) {
|
|
offset += len + padding;
|
|
continue;
|
|
}
|
|
|
|
/* reuse skb for the last subframe */
|
|
if (!skb_is_nonlinear(skb) && !reuse_frag && last) {
|
|
skb_pull(skb, offset);
|
|
frame = skb;
|
|
reuse_skb = true;
|
|
} else {
|
|
frame = __ieee80211_amsdu_copy(skb, hlen, offset, len,
|
|
reuse_frag);
|
|
if (!frame)
|
|
goto purge;
|
|
|
|
offset += len + padding;
|
|
}
|
|
|
|
skb_reset_network_header(frame);
|
|
frame->dev = skb->dev;
|
|
frame->priority = skb->priority;
|
|
|
|
payload = frame->data;
|
|
ethertype = (payload[6] << 8) | payload[7];
|
|
if (likely((ether_addr_equal(payload, rfc1042_header) &&
|
|
ethertype != ETH_P_AARP && ethertype != ETH_P_IPX) ||
|
|
ether_addr_equal(payload, bridge_tunnel_header))) {
|
|
eth.h_proto = htons(ethertype);
|
|
skb_pull(frame, ETH_ALEN + 2);
|
|
}
|
|
|
|
memcpy(skb_push(frame, sizeof(eth)), ð, sizeof(eth));
|
|
__skb_queue_tail(list, frame);
|
|
}
|
|
|
|
if (!reuse_skb)
|
|
dev_kfree_skb(skb);
|
|
|
|
return;
|
|
|
|
purge:
|
|
__skb_queue_purge(list);
|
|
dev_kfree_skb(skb);
|
|
}
|
|
EXPORT_SYMBOL(ieee80211_amsdu_to_8023s);
|
|
|
|
/* Given a data frame determine the 802.1p/1d tag to use. */
|
|
unsigned int cfg80211_classify8021d(struct sk_buff *skb,
|
|
struct cfg80211_qos_map *qos_map)
|
|
{
|
|
unsigned int dscp;
|
|
unsigned char vlan_priority;
|
|
unsigned int ret;
|
|
|
|
/* skb->priority values from 256->263 are magic values to
|
|
* directly indicate a specific 802.1d priority. This is used
|
|
* to allow 802.1d priority to be passed directly in from VLAN
|
|
* tags, etc.
|
|
*/
|
|
if (skb->priority >= 256 && skb->priority <= 263) {
|
|
ret = skb->priority - 256;
|
|
goto out;
|
|
}
|
|
|
|
if (skb_vlan_tag_present(skb)) {
|
|
vlan_priority = (skb_vlan_tag_get(skb) & VLAN_PRIO_MASK)
|
|
>> VLAN_PRIO_SHIFT;
|
|
if (vlan_priority > 0) {
|
|
ret = vlan_priority;
|
|
goto out;
|
|
}
|
|
}
|
|
|
|
switch (skb->protocol) {
|
|
case htons(ETH_P_IP):
|
|
dscp = ipv4_get_dsfield(ip_hdr(skb)) & 0xfc;
|
|
break;
|
|
case htons(ETH_P_IPV6):
|
|
dscp = ipv6_get_dsfield(ipv6_hdr(skb)) & 0xfc;
|
|
break;
|
|
case htons(ETH_P_MPLS_UC):
|
|
case htons(ETH_P_MPLS_MC): {
|
|
struct mpls_label mpls_tmp, *mpls;
|
|
|
|
mpls = skb_header_pointer(skb, sizeof(struct ethhdr),
|
|
sizeof(*mpls), &mpls_tmp);
|
|
if (!mpls)
|
|
return 0;
|
|
|
|
ret = (ntohl(mpls->entry) & MPLS_LS_TC_MASK)
|
|
>> MPLS_LS_TC_SHIFT;
|
|
goto out;
|
|
}
|
|
case htons(ETH_P_80221):
|
|
/* 802.21 is always network control traffic */
|
|
return 7;
|
|
default:
|
|
return 0;
|
|
}
|
|
|
|
if (qos_map) {
|
|
unsigned int i, tmp_dscp = dscp >> 2;
|
|
|
|
for (i = 0; i < qos_map->num_des; i++) {
|
|
if (tmp_dscp == qos_map->dscp_exception[i].dscp) {
|
|
ret = qos_map->dscp_exception[i].up;
|
|
goto out;
|
|
}
|
|
}
|
|
|
|
for (i = 0; i < 8; i++) {
|
|
if (tmp_dscp >= qos_map->up[i].low &&
|
|
tmp_dscp <= qos_map->up[i].high) {
|
|
ret = i;
|
|
goto out;
|
|
}
|
|
}
|
|
}
|
|
|
|
ret = dscp >> 5;
|
|
out:
|
|
return array_index_nospec(ret, IEEE80211_NUM_TIDS);
|
|
}
|
|
EXPORT_SYMBOL(cfg80211_classify8021d);
|
|
|
|
const struct element *ieee80211_bss_get_elem(struct cfg80211_bss *bss, u8 id)
|
|
{
|
|
const struct cfg80211_bss_ies *ies;
|
|
|
|
ies = rcu_dereference(bss->ies);
|
|
if (!ies)
|
|
return NULL;
|
|
|
|
return cfg80211_find_elem(id, ies->data, ies->len);
|
|
}
|
|
EXPORT_SYMBOL(ieee80211_bss_get_elem);
|
|
|
|
void cfg80211_upload_connect_keys(struct wireless_dev *wdev)
|
|
{
|
|
struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
|
|
struct net_device *dev = wdev->netdev;
|
|
int i;
|
|
|
|
if (!wdev->connect_keys)
|
|
return;
|
|
|
|
for (i = 0; i < CFG80211_MAX_WEP_KEYS; i++) {
|
|
if (!wdev->connect_keys->params[i].cipher)
|
|
continue;
|
|
if (rdev_add_key(rdev, dev, i, false, NULL,
|
|
&wdev->connect_keys->params[i])) {
|
|
netdev_err(dev, "failed to set key %d\n", i);
|
|
continue;
|
|
}
|
|
if (wdev->connect_keys->def == i &&
|
|
rdev_set_default_key(rdev, dev, i, true, true)) {
|
|
netdev_err(dev, "failed to set defkey %d\n", i);
|
|
continue;
|
|
}
|
|
}
|
|
|
|
kzfree(wdev->connect_keys);
|
|
wdev->connect_keys = NULL;
|
|
}
|
|
|
|
void cfg80211_process_wdev_events(struct wireless_dev *wdev)
|
|
{
|
|
struct cfg80211_event *ev;
|
|
unsigned long flags;
|
|
|
|
spin_lock_irqsave(&wdev->event_lock, flags);
|
|
while (!list_empty(&wdev->event_list)) {
|
|
ev = list_first_entry(&wdev->event_list,
|
|
struct cfg80211_event, list);
|
|
list_del(&ev->list);
|
|
spin_unlock_irqrestore(&wdev->event_lock, flags);
|
|
|
|
wdev_lock(wdev);
|
|
switch (ev->type) {
|
|
case EVENT_CONNECT_RESULT:
|
|
__cfg80211_connect_result(
|
|
wdev->netdev,
|
|
&ev->cr,
|
|
ev->cr.status == WLAN_STATUS_SUCCESS);
|
|
break;
|
|
case EVENT_ROAMED:
|
|
__cfg80211_roamed(wdev, &ev->rm);
|
|
break;
|
|
case EVENT_DISCONNECTED:
|
|
__cfg80211_disconnected(wdev->netdev,
|
|
ev->dc.ie, ev->dc.ie_len,
|
|
ev->dc.reason,
|
|
!ev->dc.locally_generated);
|
|
break;
|
|
case EVENT_IBSS_JOINED:
|
|
__cfg80211_ibss_joined(wdev->netdev, ev->ij.bssid,
|
|
ev->ij.channel);
|
|
break;
|
|
case EVENT_STOPPED:
|
|
__cfg80211_leave(wiphy_to_rdev(wdev->wiphy), wdev);
|
|
break;
|
|
case EVENT_PORT_AUTHORIZED:
|
|
__cfg80211_port_authorized(wdev, ev->pa.bssid);
|
|
break;
|
|
}
|
|
wdev_unlock(wdev);
|
|
|
|
kfree(ev);
|
|
|
|
spin_lock_irqsave(&wdev->event_lock, flags);
|
|
}
|
|
spin_unlock_irqrestore(&wdev->event_lock, flags);
|
|
}
|
|
|
|
void cfg80211_process_rdev_events(struct cfg80211_registered_device *rdev)
|
|
{
|
|
struct wireless_dev *wdev;
|
|
|
|
ASSERT_RTNL();
|
|
|
|
list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list)
|
|
cfg80211_process_wdev_events(wdev);
|
|
}
|
|
|
|
int cfg80211_change_iface(struct cfg80211_registered_device *rdev,
|
|
struct net_device *dev, enum nl80211_iftype ntype,
|
|
struct vif_params *params)
|
|
{
|
|
int err;
|
|
enum nl80211_iftype otype = dev->ieee80211_ptr->iftype;
|
|
|
|
ASSERT_RTNL();
|
|
|
|
/* don't support changing VLANs, you just re-create them */
|
|
if (otype == NL80211_IFTYPE_AP_VLAN)
|
|
return -EOPNOTSUPP;
|
|
|
|
/* cannot change into P2P device or NAN */
|
|
if (ntype == NL80211_IFTYPE_P2P_DEVICE ||
|
|
ntype == NL80211_IFTYPE_NAN)
|
|
return -EOPNOTSUPP;
|
|
|
|
if (!rdev->ops->change_virtual_intf ||
|
|
!(rdev->wiphy.interface_modes & (1 << ntype)))
|
|
return -EOPNOTSUPP;
|
|
|
|
if (ntype != otype) {
|
|
/* if it's part of a bridge, reject changing type to station/ibss */
|
|
if (netif_is_bridge_port(dev) &&
|
|
(ntype == NL80211_IFTYPE_ADHOC ||
|
|
ntype == NL80211_IFTYPE_STATION ||
|
|
ntype == NL80211_IFTYPE_P2P_CLIENT))
|
|
return -EBUSY;
|
|
|
|
dev->ieee80211_ptr->use_4addr = false;
|
|
dev->ieee80211_ptr->mesh_id_up_len = 0;
|
|
wdev_lock(dev->ieee80211_ptr);
|
|
rdev_set_qos_map(rdev, dev, NULL);
|
|
wdev_unlock(dev->ieee80211_ptr);
|
|
|
|
switch (otype) {
|
|
case NL80211_IFTYPE_AP:
|
|
case NL80211_IFTYPE_P2P_GO:
|
|
cfg80211_stop_ap(rdev, dev, true);
|
|
break;
|
|
case NL80211_IFTYPE_ADHOC:
|
|
cfg80211_leave_ibss(rdev, dev, false);
|
|
break;
|
|
case NL80211_IFTYPE_STATION:
|
|
case NL80211_IFTYPE_P2P_CLIENT:
|
|
wdev_lock(dev->ieee80211_ptr);
|
|
cfg80211_disconnect(rdev, dev,
|
|
WLAN_REASON_DEAUTH_LEAVING, true);
|
|
wdev_unlock(dev->ieee80211_ptr);
|
|
break;
|
|
case NL80211_IFTYPE_MESH_POINT:
|
|
/* mesh should be handled? */
|
|
break;
|
|
case NL80211_IFTYPE_OCB:
|
|
cfg80211_leave_ocb(rdev, dev);
|
|
break;
|
|
default:
|
|
break;
|
|
}
|
|
|
|
cfg80211_process_rdev_events(rdev);
|
|
cfg80211_mlme_purge_registrations(dev->ieee80211_ptr);
|
|
}
|
|
|
|
err = rdev_change_virtual_intf(rdev, dev, ntype, params);
|
|
|
|
WARN_ON(!err && dev->ieee80211_ptr->iftype != ntype);
|
|
|
|
if (!err && params && params->use_4addr != -1)
|
|
dev->ieee80211_ptr->use_4addr = params->use_4addr;
|
|
|
|
if (!err) {
|
|
dev->priv_flags &= ~IFF_DONT_BRIDGE;
|
|
switch (ntype) {
|
|
case NL80211_IFTYPE_STATION:
|
|
if (dev->ieee80211_ptr->use_4addr)
|
|
break;
|
|
/* fall through */
|
|
case NL80211_IFTYPE_OCB:
|
|
case NL80211_IFTYPE_P2P_CLIENT:
|
|
case NL80211_IFTYPE_ADHOC:
|
|
dev->priv_flags |= IFF_DONT_BRIDGE;
|
|
break;
|
|
case NL80211_IFTYPE_P2P_GO:
|
|
case NL80211_IFTYPE_AP:
|
|
case NL80211_IFTYPE_AP_VLAN:
|
|
case NL80211_IFTYPE_WDS:
|
|
case NL80211_IFTYPE_MESH_POINT:
|
|
/* bridging OK */
|
|
break;
|
|
case NL80211_IFTYPE_MONITOR:
|
|
/* monitor can't bridge anyway */
|
|
break;
|
|
case NL80211_IFTYPE_UNSPECIFIED:
|
|
case NUM_NL80211_IFTYPES:
|
|
/* not happening */
|
|
break;
|
|
case NL80211_IFTYPE_P2P_DEVICE:
|
|
case NL80211_IFTYPE_NAN:
|
|
WARN_ON(1);
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (!err && ntype != otype && netif_running(dev)) {
|
|
cfg80211_update_iface_num(rdev, ntype, 1);
|
|
cfg80211_update_iface_num(rdev, otype, -1);
|
|
}
|
|
|
|
return err;
|
|
}
|
|
|
|
static u32 cfg80211_calculate_bitrate_ht(struct rate_info *rate)
|
|
{
|
|
int modulation, streams, bitrate;
|
|
|
|
/* the formula below does only work for MCS values smaller than 32 */
|
|
if (WARN_ON_ONCE(rate->mcs >= 32))
|
|
return 0;
|
|
|
|
modulation = rate->mcs & 7;
|
|
streams = (rate->mcs >> 3) + 1;
|
|
|
|
bitrate = (rate->bw == RATE_INFO_BW_40) ? 13500000 : 6500000;
|
|
|
|
if (modulation < 4)
|
|
bitrate *= (modulation + 1);
|
|
else if (modulation == 4)
|
|
bitrate *= (modulation + 2);
|
|
else
|
|
bitrate *= (modulation + 3);
|
|
|
|
bitrate *= streams;
|
|
|
|
if (rate->flags & RATE_INFO_FLAGS_SHORT_GI)
|
|
bitrate = (bitrate / 9) * 10;
|
|
|
|
/* do NOT round down here */
|
|
return (bitrate + 50000) / 100000;
|
|
}
|
|
|
|
static u32 cfg80211_calculate_bitrate_dmg(struct rate_info *rate)
|
|
{
|
|
static const u32 __mcs2bitrate[] = {
|
|
/* control PHY */
|
|
[0] = 275,
|
|
/* SC PHY */
|
|
[1] = 3850,
|
|
[2] = 7700,
|
|
[3] = 9625,
|
|
[4] = 11550,
|
|
[5] = 12512, /* 1251.25 mbps */
|
|
[6] = 15400,
|
|
[7] = 19250,
|
|
[8] = 23100,
|
|
[9] = 25025,
|
|
[10] = 30800,
|
|
[11] = 38500,
|
|
[12] = 46200,
|
|
/* OFDM PHY */
|
|
[13] = 6930,
|
|
[14] = 8662, /* 866.25 mbps */
|
|
[15] = 13860,
|
|
[16] = 17325,
|
|
[17] = 20790,
|
|
[18] = 27720,
|
|
[19] = 34650,
|
|
[20] = 41580,
|
|
[21] = 45045,
|
|
[22] = 51975,
|
|
[23] = 62370,
|
|
[24] = 67568, /* 6756.75 mbps */
|
|
/* LP-SC PHY */
|
|
[25] = 6260,
|
|
[26] = 8340,
|
|
[27] = 11120,
|
|
[28] = 12510,
|
|
[29] = 16680,
|
|
[30] = 22240,
|
|
[31] = 25030,
|
|
};
|
|
|
|
if (WARN_ON_ONCE(rate->mcs >= ARRAY_SIZE(__mcs2bitrate)))
|
|
return 0;
|
|
|
|
return __mcs2bitrate[rate->mcs];
|
|
}
|
|
|
|
static u32 cfg80211_calculate_bitrate_edmg(struct rate_info *rate)
|
|
{
|
|
static const u32 __mcs2bitrate[] = {
|
|
/* control PHY */
|
|
[0] = 275,
|
|
/* SC PHY */
|
|
[1] = 3850,
|
|
[2] = 7700,
|
|
[3] = 9625,
|
|
[4] = 11550,
|
|
[5] = 12512, /* 1251.25 mbps */
|
|
[6] = 13475,
|
|
[7] = 15400,
|
|
[8] = 19250,
|
|
[9] = 23100,
|
|
[10] = 25025,
|
|
[11] = 26950,
|
|
[12] = 30800,
|
|
[13] = 38500,
|
|
[14] = 46200,
|
|
[15] = 50050,
|
|
[16] = 53900,
|
|
[17] = 57750,
|
|
[18] = 69300,
|
|
[19] = 75075,
|
|
[20] = 80850,
|
|
};
|
|
|
|
if (WARN_ON_ONCE(rate->mcs >= ARRAY_SIZE(__mcs2bitrate)))
|
|
return 0;
|
|
|
|
return __mcs2bitrate[rate->mcs] * rate->n_bonded_ch;
|
|
}
|
|
|
|
static u32 cfg80211_calculate_bitrate_vht(struct rate_info *rate)
|
|
{
|
|
static const u32 base[4][10] = {
|
|
{ 6500000,
|
|
13000000,
|
|
19500000,
|
|
26000000,
|
|
39000000,
|
|
52000000,
|
|
58500000,
|
|
65000000,
|
|
78000000,
|
|
/* not in the spec, but some devices use this: */
|
|
86500000,
|
|
},
|
|
{ 13500000,
|
|
27000000,
|
|
40500000,
|
|
54000000,
|
|
81000000,
|
|
108000000,
|
|
121500000,
|
|
135000000,
|
|
162000000,
|
|
180000000,
|
|
},
|
|
{ 29300000,
|
|
58500000,
|
|
87800000,
|
|
117000000,
|
|
175500000,
|
|
234000000,
|
|
263300000,
|
|
292500000,
|
|
351000000,
|
|
390000000,
|
|
},
|
|
{ 58500000,
|
|
117000000,
|
|
175500000,
|
|
234000000,
|
|
351000000,
|
|
468000000,
|
|
526500000,
|
|
585000000,
|
|
702000000,
|
|
780000000,
|
|
},
|
|
};
|
|
u32 bitrate;
|
|
int idx;
|
|
|
|
if (rate->mcs > 9)
|
|
goto warn;
|
|
|
|
switch (rate->bw) {
|
|
case RATE_INFO_BW_160:
|
|
idx = 3;
|
|
break;
|
|
case RATE_INFO_BW_80:
|
|
idx = 2;
|
|
break;
|
|
case RATE_INFO_BW_40:
|
|
idx = 1;
|
|
break;
|
|
case RATE_INFO_BW_5:
|
|
case RATE_INFO_BW_10:
|
|
default:
|
|
goto warn;
|
|
case RATE_INFO_BW_20:
|
|
idx = 0;
|
|
}
|
|
|
|
bitrate = base[idx][rate->mcs];
|
|
bitrate *= rate->nss;
|
|
|
|
if (rate->flags & RATE_INFO_FLAGS_SHORT_GI)
|
|
bitrate = (bitrate / 9) * 10;
|
|
|
|
/* do NOT round down here */
|
|
return (bitrate + 50000) / 100000;
|
|
warn:
|
|
WARN_ONCE(1, "invalid rate bw=%d, mcs=%d, nss=%d\n",
|
|
rate->bw, rate->mcs, rate->nss);
|
|
return 0;
|
|
}
|
|
|
|
static u32 cfg80211_calculate_bitrate_he(struct rate_info *rate)
|
|
{
|
|
#define SCALE 6144
|
|
u32 mcs_divisors[14] = {
|
|
102399, /* 16.666666... */
|
|
51201, /* 8.333333... */
|
|
34134, /* 5.555555... */
|
|
25599, /* 4.166666... */
|
|
17067, /* 2.777777... */
|
|
12801, /* 2.083333... */
|
|
11769, /* 1.851851... */
|
|
10239, /* 1.666666... */
|
|
8532, /* 1.388888... */
|
|
7680, /* 1.250000... */
|
|
6828, /* 1.111111... */
|
|
6144, /* 1.000000... */
|
|
5690, /* 0.926106... */
|
|
5120, /* 0.833333... */
|
|
};
|
|
u32 rates_160M[3] = { 960777777, 907400000, 816666666 };
|
|
u32 rates_969[3] = { 480388888, 453700000, 408333333 };
|
|
u32 rates_484[3] = { 229411111, 216666666, 195000000 };
|
|
u32 rates_242[3] = { 114711111, 108333333, 97500000 };
|
|
u32 rates_106[3] = { 40000000, 37777777, 34000000 };
|
|
u32 rates_52[3] = { 18820000, 17777777, 16000000 };
|
|
u32 rates_26[3] = { 9411111, 8888888, 8000000 };
|
|
u64 tmp;
|
|
u32 result;
|
|
|
|
if (WARN_ON_ONCE(rate->mcs > 13))
|
|
return 0;
|
|
|
|
if (WARN_ON_ONCE(rate->he_gi > NL80211_RATE_INFO_HE_GI_3_2))
|
|
return 0;
|
|
if (WARN_ON_ONCE(rate->he_ru_alloc >
|
|
NL80211_RATE_INFO_HE_RU_ALLOC_2x996))
|
|
return 0;
|
|
if (WARN_ON_ONCE(rate->nss < 1 || rate->nss > 8))
|
|
return 0;
|
|
|
|
if (rate->bw == RATE_INFO_BW_160)
|
|
result = rates_160M[rate->he_gi];
|
|
else if (rate->bw == RATE_INFO_BW_80 ||
|
|
(rate->bw == RATE_INFO_BW_HE_RU &&
|
|
rate->he_ru_alloc == NL80211_RATE_INFO_HE_RU_ALLOC_996))
|
|
result = rates_969[rate->he_gi];
|
|
else if (rate->bw == RATE_INFO_BW_40 ||
|
|
(rate->bw == RATE_INFO_BW_HE_RU &&
|
|
rate->he_ru_alloc == NL80211_RATE_INFO_HE_RU_ALLOC_484))
|
|
result = rates_484[rate->he_gi];
|
|
else if (rate->bw == RATE_INFO_BW_20 ||
|
|
(rate->bw == RATE_INFO_BW_HE_RU &&
|
|
rate->he_ru_alloc == NL80211_RATE_INFO_HE_RU_ALLOC_242))
|
|
result = rates_242[rate->he_gi];
|
|
else if (rate->bw == RATE_INFO_BW_HE_RU &&
|
|
rate->he_ru_alloc == NL80211_RATE_INFO_HE_RU_ALLOC_106)
|
|
result = rates_106[rate->he_gi];
|
|
else if (rate->bw == RATE_INFO_BW_HE_RU &&
|
|
rate->he_ru_alloc == NL80211_RATE_INFO_HE_RU_ALLOC_52)
|
|
result = rates_52[rate->he_gi];
|
|
else if (rate->bw == RATE_INFO_BW_HE_RU &&
|
|
rate->he_ru_alloc == NL80211_RATE_INFO_HE_RU_ALLOC_26)
|
|
result = rates_26[rate->he_gi];
|
|
else {
|
|
WARN(1, "invalid HE MCS: bw:%d, ru:%d\n",
|
|
rate->bw, rate->he_ru_alloc);
|
|
return 0;
|
|
}
|
|
|
|
/* now scale to the appropriate MCS */
|
|
tmp = result;
|
|
tmp *= SCALE;
|
|
do_div(tmp, mcs_divisors[rate->mcs]);
|
|
result = tmp;
|
|
|
|
/* and take NSS, DCM into account */
|
|
result = (result * rate->nss) / 8;
|
|
if (rate->he_dcm)
|
|
result /= 2;
|
|
|
|
return result / 10000;
|
|
}
|
|
|
|
u32 cfg80211_calculate_bitrate(struct rate_info *rate)
|
|
{
|
|
if (rate->flags & RATE_INFO_FLAGS_MCS)
|
|
return cfg80211_calculate_bitrate_ht(rate);
|
|
if (rate->flags & RATE_INFO_FLAGS_DMG)
|
|
return cfg80211_calculate_bitrate_dmg(rate);
|
|
if (rate->flags & RATE_INFO_FLAGS_EDMG)
|
|
return cfg80211_calculate_bitrate_edmg(rate);
|
|
if (rate->flags & RATE_INFO_FLAGS_VHT_MCS)
|
|
return cfg80211_calculate_bitrate_vht(rate);
|
|
if (rate->flags & RATE_INFO_FLAGS_HE_MCS)
|
|
return cfg80211_calculate_bitrate_he(rate);
|
|
|
|
return rate->legacy;
|
|
}
|
|
EXPORT_SYMBOL(cfg80211_calculate_bitrate);
|
|
|
|
int cfg80211_get_p2p_attr(const u8 *ies, unsigned int len,
|
|
enum ieee80211_p2p_attr_id attr,
|
|
u8 *buf, unsigned int bufsize)
|
|
{
|
|
u8 *out = buf;
|
|
u16 attr_remaining = 0;
|
|
bool desired_attr = false;
|
|
u16 desired_len = 0;
|
|
|
|
while (len > 0) {
|
|
unsigned int iedatalen;
|
|
unsigned int copy;
|
|
const u8 *iedata;
|
|
|
|
if (len < 2)
|
|
return -EILSEQ;
|
|
iedatalen = ies[1];
|
|
if (iedatalen + 2 > len)
|
|
return -EILSEQ;
|
|
|
|
if (ies[0] != WLAN_EID_VENDOR_SPECIFIC)
|
|
goto cont;
|
|
|
|
if (iedatalen < 4)
|
|
goto cont;
|
|
|
|
iedata = ies + 2;
|
|
|
|
/* check WFA OUI, P2P subtype */
|
|
if (iedata[0] != 0x50 || iedata[1] != 0x6f ||
|
|
iedata[2] != 0x9a || iedata[3] != 0x09)
|
|
goto cont;
|
|
|
|
iedatalen -= 4;
|
|
iedata += 4;
|
|
|
|
/* check attribute continuation into this IE */
|
|
copy = min_t(unsigned int, attr_remaining, iedatalen);
|
|
if (copy && desired_attr) {
|
|
desired_len += copy;
|
|
if (out) {
|
|
memcpy(out, iedata, min(bufsize, copy));
|
|
out += min(bufsize, copy);
|
|
bufsize -= min(bufsize, copy);
|
|
}
|
|
|
|
|
|
if (copy == attr_remaining)
|
|
return desired_len;
|
|
}
|
|
|
|
attr_remaining -= copy;
|
|
if (attr_remaining)
|
|
goto cont;
|
|
|
|
iedatalen -= copy;
|
|
iedata += copy;
|
|
|
|
while (iedatalen > 0) {
|
|
u16 attr_len;
|
|
|
|
/* P2P attribute ID & size must fit */
|
|
if (iedatalen < 3)
|
|
return -EILSEQ;
|
|
desired_attr = iedata[0] == attr;
|
|
attr_len = get_unaligned_le16(iedata + 1);
|
|
iedatalen -= 3;
|
|
iedata += 3;
|
|
|
|
copy = min_t(unsigned int, attr_len, iedatalen);
|
|
|
|
if (desired_attr) {
|
|
desired_len += copy;
|
|
if (out) {
|
|
memcpy(out, iedata, min(bufsize, copy));
|
|
out += min(bufsize, copy);
|
|
bufsize -= min(bufsize, copy);
|
|
}
|
|
|
|
if (copy == attr_len)
|
|
return desired_len;
|
|
}
|
|
|
|
iedata += copy;
|
|
iedatalen -= copy;
|
|
attr_remaining = attr_len - copy;
|
|
}
|
|
|
|
cont:
|
|
len -= ies[1] + 2;
|
|
ies += ies[1] + 2;
|
|
}
|
|
|
|
if (attr_remaining && desired_attr)
|
|
return -EILSEQ;
|
|
|
|
return -ENOENT;
|
|
}
|
|
EXPORT_SYMBOL(cfg80211_get_p2p_attr);
|
|
|
|
static bool ieee80211_id_in_list(const u8 *ids, int n_ids, u8 id, bool id_ext)
|
|
{
|
|
int i;
|
|
|
|
/* Make sure array values are legal */
|
|
if (WARN_ON(ids[n_ids - 1] == WLAN_EID_EXTENSION))
|
|
return false;
|
|
|
|
i = 0;
|
|
while (i < n_ids) {
|
|
if (ids[i] == WLAN_EID_EXTENSION) {
|
|
if (id_ext && (ids[i + 1] == id))
|
|
return true;
|
|
|
|
i += 2;
|
|
continue;
|
|
}
|
|
|
|
if (ids[i] == id && !id_ext)
|
|
return true;
|
|
|
|
i++;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
static size_t skip_ie(const u8 *ies, size_t ielen, size_t pos)
|
|
{
|
|
/* we assume a validly formed IEs buffer */
|
|
u8 len = ies[pos + 1];
|
|
|
|
pos += 2 + len;
|
|
|
|
/* the IE itself must have 255 bytes for fragments to follow */
|
|
if (len < 255)
|
|
return pos;
|
|
|
|
while (pos < ielen && ies[pos] == WLAN_EID_FRAGMENT) {
|
|
len = ies[pos + 1];
|
|
pos += 2 + len;
|
|
}
|
|
|
|
return pos;
|
|
}
|
|
|
|
size_t ieee80211_ie_split_ric(const u8 *ies, size_t ielen,
|
|
const u8 *ids, int n_ids,
|
|
const u8 *after_ric, int n_after_ric,
|
|
size_t offset)
|
|
{
|
|
size_t pos = offset;
|
|
|
|
while (pos < ielen) {
|
|
u8 ext = 0;
|
|
|
|
if (ies[pos] == WLAN_EID_EXTENSION)
|
|
ext = 2;
|
|
if ((pos + ext) >= ielen)
|
|
break;
|
|
|
|
if (!ieee80211_id_in_list(ids, n_ids, ies[pos + ext],
|
|
ies[pos] == WLAN_EID_EXTENSION))
|
|
break;
|
|
|
|
if (ies[pos] == WLAN_EID_RIC_DATA && n_after_ric) {
|
|
pos = skip_ie(ies, ielen, pos);
|
|
|
|
while (pos < ielen) {
|
|
if (ies[pos] == WLAN_EID_EXTENSION)
|
|
ext = 2;
|
|
else
|
|
ext = 0;
|
|
|
|
if ((pos + ext) >= ielen)
|
|
break;
|
|
|
|
if (!ieee80211_id_in_list(after_ric,
|
|
n_after_ric,
|
|
ies[pos + ext],
|
|
ext == 2))
|
|
pos = skip_ie(ies, ielen, pos);
|
|
else
|
|
break;
|
|
}
|
|
} else {
|
|
pos = skip_ie(ies, ielen, pos);
|
|
}
|
|
}
|
|
|
|
return pos;
|
|
}
|
|
EXPORT_SYMBOL(ieee80211_ie_split_ric);
|
|
|
|
bool ieee80211_operating_class_to_band(u8 operating_class,
|
|
enum nl80211_band *band)
|
|
{
|
|
switch (operating_class) {
|
|
case 112:
|
|
case 115 ... 127:
|
|
case 128 ... 130:
|
|
*band = NL80211_BAND_5GHZ;
|
|
return true;
|
|
case 131 ... 135:
|
|
*band = NL80211_BAND_6GHZ;
|
|
return true;
|
|
case 81:
|
|
case 82:
|
|
case 83:
|
|
case 84:
|
|
*band = NL80211_BAND_2GHZ;
|
|
return true;
|
|
case 180:
|
|
*band = NL80211_BAND_60GHZ;
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
EXPORT_SYMBOL(ieee80211_operating_class_to_band);
|
|
|
|
bool ieee80211_chandef_to_operating_class(struct cfg80211_chan_def *chandef,
|
|
u8 *op_class)
|
|
{
|
|
u8 vht_opclass;
|
|
u32 freq = chandef->center_freq1;
|
|
|
|
if (freq >= 2412 && freq <= 2472) {
|
|
if (chandef->width > NL80211_CHAN_WIDTH_40)
|
|
return false;
|
|
|
|
/* 2.407 GHz, channels 1..13 */
|
|
if (chandef->width == NL80211_CHAN_WIDTH_40) {
|
|
if (freq > chandef->chan->center_freq)
|
|
*op_class = 83; /* HT40+ */
|
|
else
|
|
*op_class = 84; /* HT40- */
|
|
} else {
|
|
*op_class = 81;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
if (freq == 2484) {
|
|
/* channel 14 is only for IEEE 802.11b */
|
|
if (chandef->width != NL80211_CHAN_WIDTH_20_NOHT)
|
|
return false;
|
|
|
|
*op_class = 82; /* channel 14 */
|
|
return true;
|
|
}
|
|
|
|
switch (chandef->width) {
|
|
case NL80211_CHAN_WIDTH_80:
|
|
vht_opclass = 128;
|
|
break;
|
|
case NL80211_CHAN_WIDTH_160:
|
|
vht_opclass = 129;
|
|
break;
|
|
case NL80211_CHAN_WIDTH_80P80:
|
|
vht_opclass = 130;
|
|
break;
|
|
case NL80211_CHAN_WIDTH_10:
|
|
case NL80211_CHAN_WIDTH_5:
|
|
return false; /* unsupported for now */
|
|
default:
|
|
vht_opclass = 0;
|
|
break;
|
|
}
|
|
|
|
/* 5 GHz, channels 36..48 */
|
|
if (freq >= 5180 && freq <= 5240) {
|
|
if (vht_opclass) {
|
|
*op_class = vht_opclass;
|
|
} else if (chandef->width == NL80211_CHAN_WIDTH_40) {
|
|
if (freq > chandef->chan->center_freq)
|
|
*op_class = 116;
|
|
else
|
|
*op_class = 117;
|
|
} else {
|
|
*op_class = 115;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/* 5 GHz, channels 52..64 */
|
|
if (freq >= 5260 && freq <= 5320) {
|
|
if (vht_opclass) {
|
|
*op_class = vht_opclass;
|
|
} else if (chandef->width == NL80211_CHAN_WIDTH_40) {
|
|
if (freq > chandef->chan->center_freq)
|
|
*op_class = 119;
|
|
else
|
|
*op_class = 120;
|
|
} else {
|
|
*op_class = 118;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/* 5 GHz, channels 100..144 */
|
|
if (freq >= 5500 && freq <= 5720) {
|
|
if (vht_opclass) {
|
|
*op_class = vht_opclass;
|
|
} else if (chandef->width == NL80211_CHAN_WIDTH_40) {
|
|
if (freq > chandef->chan->center_freq)
|
|
*op_class = 122;
|
|
else
|
|
*op_class = 123;
|
|
} else {
|
|
*op_class = 121;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/* 5 GHz, channels 149..169 */
|
|
if (freq >= 5745 && freq <= 5845) {
|
|
if (vht_opclass) {
|
|
*op_class = vht_opclass;
|
|
} else if (chandef->width == NL80211_CHAN_WIDTH_40) {
|
|
if (freq > chandef->chan->center_freq)
|
|
*op_class = 126;
|
|
else
|
|
*op_class = 127;
|
|
} else if (freq <= 5805) {
|
|
*op_class = 124;
|
|
} else {
|
|
*op_class = 125;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/* 56.16 GHz, channel 1..4 */
|
|
if (freq >= 56160 + 2160 * 1 && freq <= 56160 + 2160 * 6) {
|
|
if (chandef->width >= NL80211_CHAN_WIDTH_40)
|
|
return false;
|
|
|
|
*op_class = 180;
|
|
return true;
|
|
}
|
|
|
|
/* not supported yet */
|
|
return false;
|
|
}
|
|
EXPORT_SYMBOL(ieee80211_chandef_to_operating_class);
|
|
|
|
static void cfg80211_calculate_bi_data(struct wiphy *wiphy, u32 new_beacon_int,
|
|
u32 *beacon_int_gcd,
|
|
bool *beacon_int_different)
|
|
{
|
|
struct wireless_dev *wdev;
|
|
|
|
*beacon_int_gcd = 0;
|
|
*beacon_int_different = false;
|
|
|
|
list_for_each_entry(wdev, &wiphy->wdev_list, list) {
|
|
if (!wdev->beacon_interval)
|
|
continue;
|
|
|
|
if (!*beacon_int_gcd) {
|
|
*beacon_int_gcd = wdev->beacon_interval;
|
|
continue;
|
|
}
|
|
|
|
if (wdev->beacon_interval == *beacon_int_gcd)
|
|
continue;
|
|
|
|
*beacon_int_different = true;
|
|
*beacon_int_gcd = gcd(*beacon_int_gcd, wdev->beacon_interval);
|
|
}
|
|
|
|
if (new_beacon_int && *beacon_int_gcd != new_beacon_int) {
|
|
if (*beacon_int_gcd)
|
|
*beacon_int_different = true;
|
|
*beacon_int_gcd = gcd(*beacon_int_gcd, new_beacon_int);
|
|
}
|
|
}
|
|
|
|
int cfg80211_validate_beacon_int(struct cfg80211_registered_device *rdev,
|
|
enum nl80211_iftype iftype, u32 beacon_int)
|
|
{
|
|
/*
|
|
* This is just a basic pre-condition check; if interface combinations
|
|
* are possible the driver must already be checking those with a call
|
|
* to cfg80211_check_combinations(), in which case we'll validate more
|
|
* through the cfg80211_calculate_bi_data() call and code in
|
|
* cfg80211_iter_combinations().
|
|
*/
|
|
|
|
if (beacon_int < 10 || beacon_int > 10000)
|
|
return -EINVAL;
|
|
|
|
return 0;
|
|
}
|
|
|
|
int cfg80211_iter_combinations(struct wiphy *wiphy,
|
|
struct iface_combination_params *params,
|
|
void (*iter)(const struct ieee80211_iface_combination *c,
|
|
void *data),
|
|
void *data)
|
|
{
|
|
const struct ieee80211_regdomain *regdom;
|
|
enum nl80211_dfs_regions region = 0;
|
|
int i, j, iftype;
|
|
int num_interfaces = 0;
|
|
u32 used_iftypes = 0;
|
|
u32 beacon_int_gcd;
|
|
bool beacon_int_different;
|
|
|
|
/*
|
|
* This is a bit strange, since the iteration used to rely only on
|
|
* the data given by the driver, but here it now relies on context,
|
|
* in form of the currently operating interfaces.
|
|
* This is OK for all current users, and saves us from having to
|
|
* push the GCD calculations into all the drivers.
|
|
* In the future, this should probably rely more on data that's in
|
|
* cfg80211 already - the only thing not would appear to be any new
|
|
* interfaces (while being brought up) and channel/radar data.
|
|
*/
|
|
cfg80211_calculate_bi_data(wiphy, params->new_beacon_int,
|
|
&beacon_int_gcd, &beacon_int_different);
|
|
|
|
if (params->radar_detect) {
|
|
rcu_read_lock();
|
|
regdom = rcu_dereference(cfg80211_regdomain);
|
|
if (regdom)
|
|
region = regdom->dfs_region;
|
|
rcu_read_unlock();
|
|
}
|
|
|
|
for (iftype = 0; iftype < NUM_NL80211_IFTYPES; iftype++) {
|
|
num_interfaces += params->iftype_num[iftype];
|
|
if (params->iftype_num[iftype] > 0 &&
|
|
!cfg80211_iftype_allowed(wiphy, iftype, 0, 1))
|
|
used_iftypes |= BIT(iftype);
|
|
}
|
|
|
|
for (i = 0; i < wiphy->n_iface_combinations; i++) {
|
|
const struct ieee80211_iface_combination *c;
|
|
struct ieee80211_iface_limit *limits;
|
|
u32 all_iftypes = 0;
|
|
|
|
c = &wiphy->iface_combinations[i];
|
|
|
|
if (num_interfaces > c->max_interfaces)
|
|
continue;
|
|
if (params->num_different_channels > c->num_different_channels)
|
|
continue;
|
|
|
|
limits = kmemdup(c->limits, sizeof(limits[0]) * c->n_limits,
|
|
GFP_KERNEL);
|
|
if (!limits)
|
|
return -ENOMEM;
|
|
|
|
for (iftype = 0; iftype < NUM_NL80211_IFTYPES; iftype++) {
|
|
if (cfg80211_iftype_allowed(wiphy, iftype, 0, 1))
|
|
continue;
|
|
for (j = 0; j < c->n_limits; j++) {
|
|
all_iftypes |= limits[j].types;
|
|
if (!(limits[j].types & BIT(iftype)))
|
|
continue;
|
|
if (limits[j].max < params->iftype_num[iftype])
|
|
goto cont;
|
|
limits[j].max -= params->iftype_num[iftype];
|
|
}
|
|
}
|
|
|
|
if (params->radar_detect !=
|
|
(c->radar_detect_widths & params->radar_detect))
|
|
goto cont;
|
|
|
|
if (params->radar_detect && c->radar_detect_regions &&
|
|
!(c->radar_detect_regions & BIT(region)))
|
|
goto cont;
|
|
|
|
/* Finally check that all iftypes that we're currently
|
|
* using are actually part of this combination. If they
|
|
* aren't then we can't use this combination and have
|
|
* to continue to the next.
|
|
*/
|
|
if ((all_iftypes & used_iftypes) != used_iftypes)
|
|
goto cont;
|
|
|
|
if (beacon_int_gcd) {
|
|
if (c->beacon_int_min_gcd &&
|
|
beacon_int_gcd < c->beacon_int_min_gcd)
|
|
goto cont;
|
|
if (!c->beacon_int_min_gcd && beacon_int_different)
|
|
goto cont;
|
|
}
|
|
|
|
/* This combination covered all interface types and
|
|
* supported the requested numbers, so we're good.
|
|
*/
|
|
|
|
(*iter)(c, data);
|
|
cont:
|
|
kfree(limits);
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
EXPORT_SYMBOL(cfg80211_iter_combinations);
|
|
|
|
static void
|
|
cfg80211_iter_sum_ifcombs(const struct ieee80211_iface_combination *c,
|
|
void *data)
|
|
{
|
|
int *num = data;
|
|
(*num)++;
|
|
}
|
|
|
|
int cfg80211_check_combinations(struct wiphy *wiphy,
|
|
struct iface_combination_params *params)
|
|
{
|
|
int err, num = 0;
|
|
|
|
err = cfg80211_iter_combinations(wiphy, params,
|
|
cfg80211_iter_sum_ifcombs, &num);
|
|
if (err)
|
|
return err;
|
|
if (num == 0)
|
|
return -EBUSY;
|
|
|
|
return 0;
|
|
}
|
|
EXPORT_SYMBOL(cfg80211_check_combinations);
|
|
|
|
int ieee80211_get_ratemask(struct ieee80211_supported_band *sband,
|
|
const u8 *rates, unsigned int n_rates,
|
|
u32 *mask)
|
|
{
|
|
int i, j;
|
|
|
|
if (!sband)
|
|
return -EINVAL;
|
|
|
|
if (n_rates == 0 || n_rates > NL80211_MAX_SUPP_RATES)
|
|
return -EINVAL;
|
|
|
|
*mask = 0;
|
|
|
|
for (i = 0; i < n_rates; i++) {
|
|
int rate = (rates[i] & 0x7f) * 5;
|
|
bool found = false;
|
|
|
|
for (j = 0; j < sband->n_bitrates; j++) {
|
|
if (sband->bitrates[j].bitrate == rate) {
|
|
found = true;
|
|
*mask |= BIT(j);
|
|
break;
|
|
}
|
|
}
|
|
if (!found)
|
|
return -EINVAL;
|
|
}
|
|
|
|
/*
|
|
* mask must have at least one bit set here since we
|
|
* didn't accept a 0-length rates array nor allowed
|
|
* entries in the array that didn't exist
|
|
*/
|
|
|
|
return 0;
|
|
}
|
|
|
|
unsigned int ieee80211_get_num_supported_channels(struct wiphy *wiphy)
|
|
{
|
|
enum nl80211_band band;
|
|
unsigned int n_channels = 0;
|
|
|
|
for (band = 0; band < NUM_NL80211_BANDS; band++)
|
|
if (wiphy->bands[band])
|
|
n_channels += wiphy->bands[band]->n_channels;
|
|
|
|
return n_channels;
|
|
}
|
|
EXPORT_SYMBOL(ieee80211_get_num_supported_channels);
|
|
|
|
int cfg80211_get_station(struct net_device *dev, const u8 *mac_addr,
|
|
struct station_info *sinfo)
|
|
{
|
|
struct cfg80211_registered_device *rdev;
|
|
struct wireless_dev *wdev;
|
|
|
|
wdev = dev->ieee80211_ptr;
|
|
if (!wdev)
|
|
return -EOPNOTSUPP;
|
|
|
|
rdev = wiphy_to_rdev(wdev->wiphy);
|
|
if (!rdev->ops->get_station)
|
|
return -EOPNOTSUPP;
|
|
|
|
memset(sinfo, 0, sizeof(*sinfo));
|
|
|
|
return rdev_get_station(rdev, dev, mac_addr, sinfo);
|
|
}
|
|
EXPORT_SYMBOL(cfg80211_get_station);
|
|
|
|
void cfg80211_free_nan_func(struct cfg80211_nan_func *f)
|
|
{
|
|
int i;
|
|
|
|
if (!f)
|
|
return;
|
|
|
|
kfree(f->serv_spec_info);
|
|
kfree(f->srf_bf);
|
|
kfree(f->srf_macs);
|
|
for (i = 0; i < f->num_rx_filters; i++)
|
|
kfree(f->rx_filters[i].filter);
|
|
|
|
for (i = 0; i < f->num_tx_filters; i++)
|
|
kfree(f->tx_filters[i].filter);
|
|
|
|
kfree(f->rx_filters);
|
|
kfree(f->tx_filters);
|
|
kfree(f);
|
|
}
|
|
EXPORT_SYMBOL(cfg80211_free_nan_func);
|
|
|
|
bool cfg80211_does_bw_fit_range(const struct ieee80211_freq_range *freq_range,
|
|
u32 center_freq_khz, u32 bw_khz)
|
|
{
|
|
u32 start_freq_khz, end_freq_khz;
|
|
|
|
start_freq_khz = center_freq_khz - (bw_khz / 2);
|
|
end_freq_khz = center_freq_khz + (bw_khz / 2);
|
|
|
|
if (start_freq_khz >= freq_range->start_freq_khz &&
|
|
end_freq_khz <= freq_range->end_freq_khz)
|
|
return true;
|
|
|
|
return false;
|
|
}
|
|
|
|
int cfg80211_sinfo_alloc_tid_stats(struct station_info *sinfo, gfp_t gfp)
|
|
{
|
|
sinfo->pertid = kcalloc(IEEE80211_NUM_TIDS + 1,
|
|
sizeof(*(sinfo->pertid)),
|
|
gfp);
|
|
if (!sinfo->pertid)
|
|
return -ENOMEM;
|
|
|
|
return 0;
|
|
}
|
|
EXPORT_SYMBOL(cfg80211_sinfo_alloc_tid_stats);
|
|
|
|
/* See IEEE 802.1H for LLC/SNAP encapsulation/decapsulation */
|
|
/* Ethernet-II snap header (RFC1042 for most EtherTypes) */
|
|
const unsigned char rfc1042_header[] __aligned(2) =
|
|
{ 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
|
|
EXPORT_SYMBOL(rfc1042_header);
|
|
|
|
/* Bridge-Tunnel header (for EtherTypes ETH_P_AARP and ETH_P_IPX) */
|
|
const unsigned char bridge_tunnel_header[] __aligned(2) =
|
|
{ 0xaa, 0xaa, 0x03, 0x00, 0x00, 0xf8 };
|
|
EXPORT_SYMBOL(bridge_tunnel_header);
|
|
|
|
/* Layer 2 Update frame (802.2 Type 1 LLC XID Update response) */
|
|
struct iapp_layer2_update {
|
|
u8 da[ETH_ALEN]; /* broadcast */
|
|
u8 sa[ETH_ALEN]; /* STA addr */
|
|
__be16 len; /* 6 */
|
|
u8 dsap; /* 0 */
|
|
u8 ssap; /* 0 */
|
|
u8 control;
|
|
u8 xid_info[3];
|
|
} __packed;
|
|
|
|
void cfg80211_send_layer2_update(struct net_device *dev, const u8 *addr)
|
|
{
|
|
struct iapp_layer2_update *msg;
|
|
struct sk_buff *skb;
|
|
|
|
/* Send Level 2 Update Frame to update forwarding tables in layer 2
|
|
* bridge devices */
|
|
|
|
skb = dev_alloc_skb(sizeof(*msg));
|
|
if (!skb)
|
|
return;
|
|
msg = skb_put(skb, sizeof(*msg));
|
|
|
|
/* 802.2 Type 1 Logical Link Control (LLC) Exchange Identifier (XID)
|
|
* Update response frame; IEEE Std 802.2-1998, 5.4.1.2.1 */
|
|
|
|
eth_broadcast_addr(msg->da);
|
|
ether_addr_copy(msg->sa, addr);
|
|
msg->len = htons(6);
|
|
msg->dsap = 0;
|
|
msg->ssap = 0x01; /* NULL LSAP, CR Bit: Response */
|
|
msg->control = 0xaf; /* XID response lsb.1111F101.
|
|
* F=0 (no poll command; unsolicited frame) */
|
|
msg->xid_info[0] = 0x81; /* XID format identifier */
|
|
msg->xid_info[1] = 1; /* LLC types/classes: Type 1 LLC */
|
|
msg->xid_info[2] = 0; /* XID sender's receive window size (RW) */
|
|
|
|
skb->dev = dev;
|
|
skb->protocol = eth_type_trans(skb, dev);
|
|
memset(skb->cb, 0, sizeof(skb->cb));
|
|
netif_rx_ni(skb);
|
|
}
|
|
EXPORT_SYMBOL(cfg80211_send_layer2_update);
|
|
|
|
int ieee80211_get_vht_max_nss(struct ieee80211_vht_cap *cap,
|
|
enum ieee80211_vht_chanwidth bw,
|
|
int mcs, bool ext_nss_bw_capable)
|
|
{
|
|
u16 map = le16_to_cpu(cap->supp_mcs.rx_mcs_map);
|
|
int max_vht_nss = 0;
|
|
int ext_nss_bw;
|
|
int supp_width;
|
|
int i, mcs_encoding;
|
|
|
|
if (map == 0xffff)
|
|
return 0;
|
|
|
|
if (WARN_ON(mcs > 9))
|
|
return 0;
|
|
if (mcs <= 7)
|
|
mcs_encoding = 0;
|
|
else if (mcs == 8)
|
|
mcs_encoding = 1;
|
|
else
|
|
mcs_encoding = 2;
|
|
|
|
/* find max_vht_nss for the given MCS */
|
|
for (i = 7; i >= 0; i--) {
|
|
int supp = (map >> (2 * i)) & 3;
|
|
|
|
if (supp == 3)
|
|
continue;
|
|
|
|
if (supp >= mcs_encoding) {
|
|
max_vht_nss = i + 1;
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (!(cap->supp_mcs.tx_mcs_map &
|
|
cpu_to_le16(IEEE80211_VHT_EXT_NSS_BW_CAPABLE)))
|
|
return max_vht_nss;
|
|
|
|
ext_nss_bw = le32_get_bits(cap->vht_cap_info,
|
|
IEEE80211_VHT_CAP_EXT_NSS_BW_MASK);
|
|
supp_width = le32_get_bits(cap->vht_cap_info,
|
|
IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK);
|
|
|
|
/* if not capable, treat ext_nss_bw as 0 */
|
|
if (!ext_nss_bw_capable)
|
|
ext_nss_bw = 0;
|
|
|
|
/* This is invalid */
|
|
if (supp_width == 3)
|
|
return 0;
|
|
|
|
/* This is an invalid combination so pretend nothing is supported */
|
|
if (supp_width == 2 && (ext_nss_bw == 1 || ext_nss_bw == 2))
|
|
return 0;
|
|
|
|
/*
|
|
* Cover all the special cases according to IEEE 802.11-2016
|
|
* Table 9-250. All other cases are either factor of 1 or not
|
|
* valid/supported.
|
|
*/
|
|
switch (bw) {
|
|
case IEEE80211_VHT_CHANWIDTH_USE_HT:
|
|
case IEEE80211_VHT_CHANWIDTH_80MHZ:
|
|
if ((supp_width == 1 || supp_width == 2) &&
|
|
ext_nss_bw == 3)
|
|
return 2 * max_vht_nss;
|
|
break;
|
|
case IEEE80211_VHT_CHANWIDTH_160MHZ:
|
|
if (supp_width == 0 &&
|
|
(ext_nss_bw == 1 || ext_nss_bw == 2))
|
|
return max_vht_nss / 2;
|
|
if (supp_width == 0 &&
|
|
ext_nss_bw == 3)
|
|
return (3 * max_vht_nss) / 4;
|
|
if (supp_width == 1 &&
|
|
ext_nss_bw == 3)
|
|
return 2 * max_vht_nss;
|
|
break;
|
|
case IEEE80211_VHT_CHANWIDTH_80P80MHZ:
|
|
if (supp_width == 0 && ext_nss_bw == 1)
|
|
return 0; /* not possible */
|
|
if (supp_width == 0 &&
|
|
ext_nss_bw == 2)
|
|
return max_vht_nss / 2;
|
|
if (supp_width == 0 &&
|
|
ext_nss_bw == 3)
|
|
return (3 * max_vht_nss) / 4;
|
|
if (supp_width == 1 &&
|
|
ext_nss_bw == 0)
|
|
return 0; /* not possible */
|
|
if (supp_width == 1 &&
|
|
ext_nss_bw == 1)
|
|
return max_vht_nss / 2;
|
|
if (supp_width == 1 &&
|
|
ext_nss_bw == 2)
|
|
return (3 * max_vht_nss) / 4;
|
|
break;
|
|
}
|
|
|
|
/* not covered or invalid combination received */
|
|
return max_vht_nss;
|
|
}
|
|
EXPORT_SYMBOL(ieee80211_get_vht_max_nss);
|
|
|
|
bool cfg80211_iftype_allowed(struct wiphy *wiphy, enum nl80211_iftype iftype,
|
|
bool is_4addr, u8 check_swif)
|
|
|
|
{
|
|
bool is_vlan = iftype == NL80211_IFTYPE_AP_VLAN;
|
|
|
|
switch (check_swif) {
|
|
case 0:
|
|
if (is_vlan && is_4addr)
|
|
return wiphy->flags & WIPHY_FLAG_4ADDR_AP;
|
|
return wiphy->interface_modes & BIT(iftype);
|
|
case 1:
|
|
if (!(wiphy->software_iftypes & BIT(iftype)) && is_vlan)
|
|
return wiphy->flags & WIPHY_FLAG_4ADDR_AP;
|
|
return wiphy->software_iftypes & BIT(iftype);
|
|
default:
|
|
break;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
EXPORT_SYMBOL(cfg80211_iftype_allowed);
|