Add support for reporting and calculating VHT MCSes.
Note that I'm not completely sure that the bitrate
calculations are correct, nor that they can't be
simplified.
Change-Id: Id4c132850a85ff59f0fc16396763ed717689bec0
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Git-commit: db9c64cf8d9d3fcbc34b09d037f266d1fc9f928c
Git-repo:
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Signed-off-by: Sameer Thalappil <sameert@codeaurora.org>
Some of the printks are in the packet handling path.
We now ratelimit the very unlikely errors to avoid
kmsg spamming.
Signed-off-by: JP Abgrall <jpa@google.com>
In the past it would always ignore interfaces with loopback addresses.
Now we just treat them like any other.
This also helps with writing tests that check for the presence
of the qtaguid module.
Signed-off-by: JP Abgrall <jpa@google.com>
Setting net.ipv6.conf.<interface>.accept_ra=2 causes the kernel
to accept RAs even when forwarding is enabled. However, enabling
forwarding purges all default routes on the system, breaking
connectivity until the next RA is received. Fix this by not
purging default routes on interfaces that have accept_ra=2.
Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Iliyan Malchev <malchev@google.com>
In the past the iface_stat_fmt would only show global bytes/packets
for the skb-based numbers.
For stall detection in userspace, distinguishing tcp vs other protocols
makes it easier.
Now we report
ifname total_skb_rx_bytes total_skb_rx_packets total_skb_tx_bytes
total_skb_tx_packets {rx,tx}_{tcp,udp,ohter}_{bytes,packets}
Bug: 6818637
Signed-off-by: JP Abgrall <jpa@google.com>
qtaguid limits what can be done with /ctrl and /stats based on group
membership.
This changes removes AID_NET_BW_STATS and AID_NET_BW_ACCT, and picks
up the groups from the gid of the matching proc entry files.
Signed-off-by: JP Abgrall <jpa@google.com>
Change-Id: I42e477adde78a12ed5eb58fbc0b277cdaadb6f94
Avoid the possible crash due to Bluetooth connection loss while data
trasfer is in progress. Bluetooth connection loss might happen due to
turn off of Bluetooth or reset of device when there is an active data
transfer over Bluetooth.
Change-Id: Ib15a9ac2df3a250d279774d6e45f1e37c9ea1cc0
CRs-fixed: 375238
Signed-off-by: Bhakthavatsala Raghavendra <braghave@codeaurora.org>
Signed-off-by: Mallikarjuna GB <gbmalli@codeaurora.org>
Keep the Clock offset valid for one Hour and read it again after
connection complete so that we have most recent value. This helps
for faster ACL connections.
CRs-fixed: 430132
Change-Id: I1526878a7365f9cc0c654e0af6c4dd214fac4cd8
Signed-off-by: Mallikarjuna GB <gbmalli@codeaurora.org>
The re-authentication code changes are added to mandate 16 digit
PIN Key for SECURE_HIGH connections. But only SAP profile needs
16 digit key, not all the profiles that register with SECURITY
HIGH. Avoid the code to mandate 16 digit key.
Change-Id: Iffc02841e52b8c0b2f6e2495b27df26869e72999
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
Signed-off-by: Ram Mohan Korukonda <rkorukon@codeaurora.org>
Signed-off-by: Mallikarjuna GB <gbmalli@codeaurora.org>
The scatternet scenarios are difficult to be handled in SOC. This
change not to allow role switch during outgoing ACL connections
will avoid scatternet scenarios.
CRs-fixed: 392836
Change-Id: I5769b71879ea951755e115424fb2b5b504e95784
Signed-off-by: Mallikarjuna GB <gbmalli@codeaurora.org>
Addressing the PAN PTS case failure TC_BNEP_BRIDGE_TX_BV_01_I
CRs-fixed: 418765
Change-Id: Ied43be30e41afec4088c5b331eda1431015ebb3e
Signed-off-by: Mallikarjuna GB <gbmalli@codeaurora.org>
Due to simultaneous disconnects from HCI and SCO
this race condtion arrives. While doing SCO disconnect
a null pointer check for HCI connection should be present
to avoid any crash due to this condtion.
CRs-Fixed: 415887
Change-Id: I23f0a7a256e267650db0abc2fc510b964b64c50c
Signed-off-by: Nitin Srivastava <nitinsr@codeaurora.org>
Signed-off-by: Mallikarjuna GB <gbmalli@codeaurora.org>
When pairing is cancelled during the pass key request UI pop
up, call pairing complete after sending SMP_CMD_PAIRING_FAIL
which would clean up all the pairing callbacks and send
notification to the above layers.
Change-Id: I0d3e9bdc19dc2fcae280d3c70ddea976ecb218c7
Signed-off-by: Archana Ramachandran <archanar@codeaurora.org>
CRs-fixed: 430016
Signed-off-by: Sunny Kapdi <sunnyk@codeaurora.org>
Signed-off-by: Mallikarjuna GB <gbmalli@codeaurora.org>
Change has to be reverted to address one user interaction case,
in the process of addressing one issue it made mandate to have
user interactions in some BT scenarios, the issue is fixed via
f8fffe8423933433c30dda4f9a92afc71e8def21 and it addressees all
the user scenarios properly.
More details on this issue is provided in CR: 413132 analysis
section in the prism.
This reverts commit 45df0f99094aefc2564951495ab0005a18d62de3.
Change-Id: I56611cb2646789c71f4012e906a7bbada1236c00
Signed-off-by: Bhasker Neti <bneti@codeaurora.org>
Signed-off-by: Mallikarjuna GB <gbmalli@codeaurora.org>
While turning off BT, sleep is getting called in the soft isr context
from work queue which is queued from a code section guarded under the
bh lock,
To resolve this released the bh lock before queing the work, as it wont
impact any BT functionality.
CRs-fixed: 405917
Change-Id: I1b872d724b4d0d384cc5314e0f493facd9829a54
Signed-off-by: Bhasker Neti <bneti@codeaurora.org>
Signed-off-by: Mallikarjuna GB <gbmalli@codeaurora.org>
If the bonded remote device is removed from the list of paired
devices in the DUT, it is still possible to connect to the DUT
from the remote device without any user confirmation.
CRs-fixed: 413132
Change-Id: Iea3e4cf41e5403c3e304ca5f82cf42266be35b79
Signed-off-by: Bhasker Neti <bneti@codeaurora.org>
Signed-off-by: Mallikarjuna GB <gbmalli@codeaurora.org>
When whitelist APIs are used for establishing LE connection
between the phone and remote LE device, few times
ATT requests like Read by Group Type request are received by
the phone from the remote device before the L2CAP channel has
been set up completely. Hence the LE server in the phone
sends a "Request not supported" error response since
the L2CAP channel has not yet been created. This fix checks
the state of the L2CAP channel after sleeping for a while
and sends the ATT request to be processed by the upper layers
when the L2CAP channel is up.
CRs-fixed: 415648
Change-Id: Ifbaf75fe612195b3c6ce49629106cac09dd0a437
Signed-off-by: Subramanian Srinivasan <subrsrin@codeaurora.org>
Signed-off-by: Mallikarjuna GB <gbmalli@codeaurora.org>
Based on the user requirement for auth type, update even
the pending security level. This will make sure the authentication
requirement matches the action at kernel space on connection
establishment.
CRs-Fixed: 385463
Change-Id: I94c7e621c105bb2180e6e722cc8cca17869ff2e5
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
Signed-off-by: Mallikarjuna GB <gbmalli@codeaurora.org>
The NL80211_CMD_TDLS_OPER command was previously used only for userspace
request for the kernel code to perform TDLS operations. However, there
are also cases where the driver may need to request operations from
userspace, e.g., when using security on the AP path. Add a new cfg80211
function for generating a TDLS operation event for drivers to request a
new link to be set up (NL80211_TDLS_SETUP) or an existing link to be
torn down (NL80211_TDLS_TEARDOWN). Drivers can optionally use these
events, e.g., based on noticing data traffic being sent to a peer
station that is seen with good signal strength.
Change-Id: I778f5136fc4518bedcaed14a5412de4be6c85cf3
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Acked-by: Ng Chilam <chilamng@qca.qualcomm.com>
[Madan Mohan Koyyalamudi <mkoyya@codeaurora.org>: move changes from
include/uapi/linux/nl80211.h to include/linux/nl80211.h, remove trace.h,
remove trace_cfg80211_tdls_oper_request() in nl80211.c ]
Signed-off-by: Madan Mohan Koyyalamudi <mkoyya@codeaurora.org>
Export a function from sch_api.c that will look up
desired qdisc and call it's registered change function
to enable/disable flow.
Change-Id: I5b6dc7a6fd2b09b796c92b3770ba83423d19c864
CRs-Fixed: 355156
Acked-by: Jimi Shah <jimis@qualcomm.com>
Signed-off-by: Tianyi Gou <tgou@codeaurora.org>
(cherry picked from commit b8419fe690053b76658d49565c57ac654faf2eaa)
(cherry picked from commit 3a30e7aa4487f56a74f12c12f11cece6ce1f2100)
Add support to create connection to LE devices using
whitelist. With this, the Controller can try to connect
to multiple devices at the same time. The following
interfaces are added.
1. Add/Remove device from whitelist
2. Clear all the devices from whitelist
3. Create Connection to devices from whitelist
4. Cancel create connection to whitelist devices
CRs-fixed: 388980
Change-Id: I3900c71255e754f80bb2873ae19a41b94cca76c3
Signed-off-by: Sunny Kapdi <sunnyk@codeaurora.org>
(cherry picked from commit 93bef895b01b79f49af60ba1394c9c3f6e563212)
(cherry picked from commit 377ee2bf1fc37bcbeae872661646bdd6a5f8da31)
Found there are some IOT issues when this command is sent from
DUT. This command is only a dummy implementation. As this doesn't
have any impact on functionality, disabled the feature.
Change-Id: Ib435ac17df9d0377bd0b41fdc33b68c738eeaccc
CRs-Fixed: 390090
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
(cherry picked from commit ed37c51ddc9b1514f5e5bfec1ae4763a85e2faad)
Added a new function to verify whether the LE Connection Update
parameters are valid instaed of verifying all the LE Connection
parameters since only update parameters are set in the Connection
Update Request.
CRs-Fixed: 387146
Change-Id: I9fe6b51e44e2793f3945613fdfde3a039804746f
Signed-off-by: Archana Ramachandran <archanar@codeaurora.org>
(cherry picked from commit 95319af0612d58788279748f586cc57221c3443e)
Send device disconnection reason to bluez on receiving the
diconnection complete event so that low energy profiles
such as proximity can decide to reconnect if the reason
is link loss.
CRs-Fixed: 378240
Signed-off-by: Archana Ramachandran <archanar@codeaurora.org>
(cherry picked from commit da09d26a75ee1c7c1911dcfbe0128fd09f6631f4)
Change-Id: Iab1fede47f44342d87be6c3c5aa7590754fd950c
Signed-off-by: Sudhir Sharma <sudsha@codeaurora.org>
Found in a rare case there is possibility that remote device
sent disconnect on a connection and DUT is trying send data
on the same. In that case accessing some released wakelock
is causing issue. The current changes are to use locking
mechanism to validate the connection before acting on the
wake lock.
CRs-Fixed: 394651
Change-Id: I6a4188a7d0d05a8cfbe66d3680473d549157917a
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
(cherry picked from commit 6aadc41fcbd28dc3899a4b5d098e5f316588a029)
Signed-off-by: Sudhir Sharma <sudsha@codeaurora.org>
In hci_connect API there is check for existing link, before
connect operation in order to avoid queuing connect if connection
already exist. This check for Synchronous connections is not
validating for ESCO and SCO connection types which are possible
synchronous connections.The current change takes care of verifying
both before proceeding to add a new connection.
Change-Id: I9018e0938bcd222bb6d80944e1b113e07227b066
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
(cherry picked from commit 645f4d465ba131c87a99fdebcef5e597181b33c8)
Signed-off-by: Sudhir Sharma <sudsha@codeaurora.org>
Non-root user-space processes can send Netlink messages to other
processes that are well-known for being subscribed to Netlink
asynchronous notifications. This allows ilegitimate non-root
process to send forged messages to Netlink subscribers.
The userspace process usually verifies the legitimate origin in
two ways:
a) Socket credentials. If UID != 0, then the message comes from
some ilegitimate process and the message needs to be dropped.
b) Netlink portID. In general, portID == 0 means that the origin
of the messages comes from the kernel. Thus, discarding any
message not coming from the kernel.
However, ctnetlink sets the portID in event messages that has
been triggered by some user-space process, eg. conntrack utility.
So other processes subscribed to ctnetlink events, eg. conntrackd,
know that the event was triggered by some user-space action.
Neither of the two ways to discard ilegitimate messages coming
from non-root processes can help for ctnetlink.
This patch adds capability validation in case that dst_pid is set
in netlink_sendmsg(). This approach is aggressive since existing
applications using any Netlink bus to deliver messages between
two user-space processes will break. Note that the exception is
NETLINK_USERSOCK, since it is reserved for netlink-to-netlink
userspace communication.
Still, if anyone wants that his Netlink bus allows netlink-to-netlink
userspace, then they can set NL_NONROOT_SEND. However, by default,
I don't think it makes sense to allow to use NETLINK_ROUTE to
communicate two processes that are sending no matter what information
that is not related to link/neighbouring/routing. They should be using
NETLINK_USERSOCK instead for that.
Change-Id: Ib1c38cb798391b51dedddf62a862346d36119ec7
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Pablo Neira Ayuso discovered that avahi and
potentially NetworkManager accept spoofed Netlink messages because of a
kernel bug. The kernel passes all-zero SCM_CREDENTIALS ancillary data
to the receiver if the sender did not provide such data, instead of not
including any such data at all or including the correct data from the
peer (as it is the case with AF_UNIX).
This bug was introduced in commit 16e5726269
(af_unix: dont send SCM_CREDENTIALS by default)
This patch forces passing credentials for netlink, as
before the regression.
Another fix would be to not add SCM_CREDENTIALS in
netlink messages if not provided by the sender, but it
might break some programs.
With help from Florian Weimer & Petr Matousek
This issue is designated as CVE-2012-3520
Change-Id: Id4f36301d407ef5c8218c5ef9f66d299766cdf57
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Petr Matousek <pmatouse@redhat.com>
Cc: Florian Weimer <fweimer@redhat.com>
Cc: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Have maximum blocking time for shutdown operation as DISCONNECT_TIMEOUT.
During this period when SCO connection closes, the userspace will be
updated on the close operation. Existing approach of immidiate return
on shutdown call can cause synchronization issues on SCO state between
kernel and userspace. This happens when disconnect operation takes
more time at kernel space.
Change-Id: Id9e6a61c2c3d4ba2cf6da574fc49bc6894a8f96a
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
While hid device unpair process, we are trying to access released
socket as apart of getting hci device which results a kernel panic.
CRs-fixed: 387164
Change-Id: I1f3f3f92cfd1d3b39793bc5a142001d5e26d76c4
Signed-off-by: Ram Mohan Korukonda <rkorukon@codeaurora.org>
shutdown should wait for SCO link to be properly disconnected before
detroying the socket, otherwise an application using the socket may
assume link is properly disconnected before it really happens which
can be a problem when e.g synchronizing profile switch.
Change-Id: Ifc59bfd90c264d9c742ce254161a21518108c3cb
Signed-off-by: Luiz Augusto von Dentz <luiz.dentz-von@nokia.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
Found there is possibility of sniff subrate collision with some
IOT devices. When this collision happned if the remote device
send subrate values that doesn't match with DUT supported
values exit sniff mode. This will allow DUT to reconfigure
sniff after idle time.
CRs-Fixed: 380811
Change-Id: Ie9502a48411635fbea73f935f99ea4f444556b41
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
When data transfer is in progress on a ACL connection, all the time
the set_active_mode API will be called to update the timer for next
sniff mode. If there is ACL disconnect triggered from remote side,
there is possibility of hci connection delete when set_active
routine in progress. Found a condition where delete API destroyed
the wake lock, which is used in set_active API. In codition leads
to crash in set_wakelock API. The current change is to lock hdev,
before set_active and set_sniff APIs are called. This avoids the
race condition in accessing hci connection, while delete in progress
and vice versa.
CRs-Fixed: 383490
Change-Id: I625ebb8c8f09ddf2afcd300d20ab3bf8e164b485
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
The PRIO qdisc supports flow control, such that packet
dequeue can be disabled based on boolean flag 'enable_flow'.
When flow is re-enabled, the latency for new packets
arriving at network driver is high. To reduce the delay in
scheduling packets, the qdisc will now invoke
__netif_schedule() to expedite dequeue. This significantly
reduces the latency of packets arriving at network driver.
Change-Id: Ic5fe3faf86f177300d3018b9f60974ba3811641c
CRs-Fixed: 355156
Acked-by: Jimi Shah <jimis@qualcomm.com>
Signed-off-by: Tianyi Gou <tgou@codeaurora.org>
It is possible that during BT OFF operation the hcon
could be released from a tasklet context while we are
trying to send the l2cap disconnect req. Make sure
that hcon is valid before dereferencing it during
l2cap disconnect req.
CRs-fixed: 383345
Change-Id: Icb12c62560013b5ebb047c1c5d4bfe04b3a793ef
Signed-off-by: Sunny Kapdi <sunnyk@codeaurora.org>
In rfcomm_session_put API the session count is decremented
and when it is equal to zero rfcomm_session_del is called
where session is removed from sessions list and freed. The
current change is verify the existance of session in list
before acting session. The avoids the possibility of action
on a deleted session, which causes crash.
CRs-Fixed: 383000
Change-Id: Ia55607b08ee388465494f08bbe1627102d281f8a
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
The BT host has fixed set of buffers to send data to SoC, generic value
is 5. When a connection, like A2DP playback is ready to send data it
fills one of the buffer available and sends to SoC. Once SoC got
acknowledged from remote side that the data received it updates the host
and the buffer is freed. Till host is acknowledged the send Complete
info, the data buffer is locked for that data transfer. The below is the
example for buffers availability.
Total free Buffers count : 5
Connections : 1
Conn_1 need to send data, picks buf_1 and send to SoC
free Buffers count: 4
Buffers used by Conn_1 : 1
Still Conn_1 has more data to send ....
free Buffers count: 3
Buffers used by Conn_1 : 2
Remote device Ack for buf_1, so 1 buffer is freed, updated state is
free Buffers count : 4
Buffers used by Conn_1 : 1
When there are more ACL connections to transfer data, like one
connection for A2DP playback and one for OPP data transfer, all the data
buffers available with host can be used by any ACL which has ready data
to send. This allows maximum throughputs possibility from host. But the
existing solution has a problem. If one connection has used all the
buffers at a instanace of time, and didnt release (this happens when remote
device doesnt ACK to send) the other connections will not have buffers to
send. In current usecase A2dp data cannot be sent to headset as OPP
connection is lost. The current change is, when there are more
connections the quota for a connection that it can use maximum is
total buffers-1. This allows other connections not to get blocked,
at the same time through puts are not going to dropped.
CRs-Fixed: 370497
Change-Id: Iac34f0a223555de80d1daebde34c7fc87668c0d5
Signed-off-by: Srinivas Krovvidi <skrovvid@codeaurora.org>
LE connections don't have sniff/active connection
mode, unlike BR/EDR. Make sure that the link which
has been requested to enter sniff/active mode is not
an LE connection.
CRs-fixed: 376972
Change-Id: Iec4714d1c2ea7621267f9064b7046eb9d5ff9462
Signed-off-by: Sunny Kapdi <sunnyk@codeaurora.org>
Added support to let the userspace know about the updated
LE connection parameters. On receiving successful connection
complete and connection parameters update event from the BT
Controller, send a mgmt event to the userspace bluetoothd.
CRs-fixed: 380271
Change-Id: If8c3d785188e0d4f38c7431d01c016f399137408
Signed-off-by: Sunny Kapdi <sunnyk@codeaurora.org>
The start encryption command fails when the LE update
connection parameters request is pending.
Hence, prevent the update of LE connection parameters during the
bonding process. The update of connection parameters is
not necessary during bonding process.
CRs-fixed: 380257
Change-Id: I41cb3998fecc2297d61ec97d66ac35a0bd41ca80
Signed-off-by: Subramanian Srinivasan <subrsrin@codeaurora.org>
In error conditions Adapter state machine via Bluez tries to reset
the hci device, during that in some rare scenario if some pending event
comes from riva, the command complete apis tries to access some already
freed memory in reset sequence.
CRs-fixed: 369658
Change-Id: I5e9ce0a4322d07a26602c7f74b1484720f6b4d75
Signed-off-by: Bhasker Neti <bneti@codeaurora.org>
Since the context where unlink will be called is unaware of
validity of hci_conn pointer, fetch the valid hci_conn
before unlink.
CRs-fixed: 370274
Change-Id: I30a35acdf75c9b4787af6629c7b32d2d31b8ad80
Signed-off-by: Mallikarjuna GB <gbmalli@codeaurora.org>
Update the hdev scan state with Inquiry start/cancel commands in
non-LE case accordingly. And also there was no check to see the
SCAN_BR mode before sending inquiry cancel.Added a check to see
if the scan state is SCAN_BR,then send inquiry cancel
Change-Id: I222f500fc20b991f4c3ec7eb1fc70bf20649f142
Signed-off-by: Bhasker Neti <bneti@codeaurora.org>
CRs-fixed: 359771
