Commit Graph

205194 Commits

Author SHA1 Message Date
Wey-Yi Guy
d9d9a5194b iwlagn: fix module firmware name for 130 series device
130 series device should use firmware name with 130 in it.

Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
2010-10-06 16:50:13 -07:00
John W. Linville
494486f8fd mac80211: avoid uninitialized var warning in ieee80211_scan_cancel
net/mac80211/scan.c: In function ‘ieee80211_scan_cancel’:
net/mac80211/scan.c:794: warning: ‘finish’ may be used uninitialized in this function

Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:40:40 -04:00
Johannes Berg
3207390a8b cfg80211: fix BSS double-unlinking
When multiple interfaces are actively trying
to associate with the same BSS, they may both
find that the BSS isn't there and then try to
unlink it. This can cause errors since the
unlinking code can't currently deal with items
that have already been unlinked.

Normally this doesn't happen as most people
don't try to use multiple station interfaces
that associate at the same time too.

Fix this by using the list entry as a flag to
see if the item is still on a list.

Cc: stable@kernel.org
Reported-by: Ben Greear <greearb@candelatech.com>
Tested-by: Hun-Kyi Wynn <hkwynn@candelatech.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:43 -04:00
Bruno Randolf
b206b4ef06 nl80211/mac80211: Add retry and failed transmission count to station info
This information is already available in mac80211, we just need to export it
via cfg80211 and nl80211.

Signed-off-by: Bruno Randolf <br1@einfach.org>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:43 -04:00
Stanislaw Gruszka
09be251e90 Revert "iwlwifi: do not perferm force reset while doing scan"
This reverts commit 7acc7c683a. It was
applied to avoid possible warning in ieee80211_restart_hw, however
reason of the warning were races in mac80211, currently hopefully fixed.

Not reseting device when performing scan is bad for two reasons.

When forcing reset from iwl_check_stuck_queue(), in case of fail,
reset will be repeated until scan finish. But since firmware is in bad
shape, scan only finish after scan_check work (about 7s). So we will
delay the reset, what is not good behaviour.

When forcing reset from iwl_recover_from_statistics(), we will not
repeat the reset, so we will not perform reset at all when needed.

Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:42 -04:00
Stanislaw Gruszka
3aed49ef17 mac80211: compete scan to cfg80211 if deferred scan fail to start
We nulify local->scan_req on failure in __ieee80211_start_scan, so
__ieee80211_scan_completed will not call cfg80211_scan_done. Fix that.

Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:42 -04:00
Stanislaw Gruszka
6eb11a9a31 mac80211: do not requeue scan work when not needed
When performing hw scan and not abort it, __ieee80211_scan_completed()
is currently called from scan work, so does not need to reschedule work
to call drv_hw_scan().

Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:42 -04:00
Stanislaw Gruszka
4136c4224c mac80211: assure we also cancel deferred scan request
This is partial revert and fix for commit
85f72bc839 "mac80211: only cancel
software-based scans on suspend"

When cfg80211 request the scan and mac80211 perform some management work,
we defer the scan request. We do not canceling such requests when calling
ieee80211_scan_cancel(), because of SCAN_SW_SCANNING bit check just
before the call. So fix that problem.

Another problem, which commit 85f72bc839
tries to solve, is we can not cancel HW scan. Hence patch make
ieee80211_scan_cancel() ignore HW scan (see code comments). Keeping
local->mtx lock assures that the deferred scan will not become
"working" HW scan.

Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:42 -04:00
Stanislaw Gruszka
e229f844d7 mac80211: keep lock when calling __ieee80211_scan_completed()
We are taking local->mtx inside __ieee80211_scan_completed(), but just
before call to that function we drop the lock. Dropping/taking lock is not
good, because can lead to hard to understand race conditions.

Patch split scan_completed() code into two functions, first must be called
with local->mtx taken and second without it.

Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:42 -04:00
Stanislaw Gruszka
259b62e35b mac80211: reduce number of __ieee80211_scan_completed calls
Use goto instruction to call __ieee80211_scan_completed only ones in
ieee80211_scan_work. This is prepare for the next patch.

Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:41 -04:00
Rafał Miłecki
78159788e1 b43: N-PHY: don't duplicate setting channel in shared memory
It's already set in PHY common code.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:41 -04:00
Rafał Miłecki
106cb09a14 b43: define B43_SHM_SH_CHAN_40MHZ
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:41 -04:00
Rafał Miłecki
5e7ee098ce b43: N-PHY: simplify channel switching
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:41 -04:00
Johannes Berg
d537f5fdfc nl80211: fix error in generic netif_running check
Yikes! The error return keeps a netdev reference
and the rdev mutex locked, fix that!

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:41 -04:00
Johannes Berg
e31b82136d cfg80211/mac80211: allow per-station GTKs
This adds API to allow adding per-station GTKs,
updates mac80211 to support it, and also allows
drivers to remove a key from hwaccel again when
this may be necessary due to multiple GTKs.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:40 -04:00
Johannes Berg
53f73c09d6 mac80211: avoid transmitting delBA to old AP
When roaming while we have active BA session,
we can end up transmitting delBA frames to
the old AP while we're already on the new AP's
channel, which can cause warnings.

Simply avoid sending those frames, but still
tear down the internal session state, since
they are not really necessary anyway as we
will implicitly disassociate when sending the
association to the new AP.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Acked-by: Luis R. Rodriguez <lrodriguez@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:40 -04:00
Senthil Balasubramanian
845d708e62 ath9k: Introduce a wrapper for power save disable.
Signed-off-by: Senthil Balasubramanian <senthilkumar@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:40 -04:00
Senthil Balasubramanian
fbab7390f9 ath9k: remove unnecessary power save flags.
drv_config callback is called only after the ack for the nullframe
is received and so driver need not do anything special for this.

So remove NULLFUNC_COMPLETED, PS_ENABLED flags and bf_isnullfunc
flags from ath9k as mac80211 already handles them properly.

Signed-off-by: Senthil Balasubramanian <senthilkumar@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:40 -04:00
Felix Fietkau
95792178a5 ath9k_hw: merge ath9k_hw_ani_monitor_old and ath9k_hw_ani_monitor_new
After the last rounds of cleanup, these functions are now functionally
equivalent and can thus be merged.
Also get rid of some excessive (and redundant) debug messages.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:39 -04:00
Felix Fietkau
8eb4980c33 ath9k_hw: remove function pointer abstraction for internal ANI ops
The code gets more concise and readable when making the new ANI functions
fall back to the old ones if ANI v2 is disabled. This also makes further code
cleanup easier.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:39 -04:00
Felix Fietkau
bfc472bb73 ath9k_hw: remove code duplication in phy error counter handling
Split out the PHY error counter update from ath9k_hw_ani_monitor_*, reuse
it in ath9k_hw_proc_mib_event (merged from ath9k_hw_proc_mib_event_old
and ath9k_hw_proc_mib_event_new).

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:39 -04:00
Felix Fietkau
093115b7fd ath9k_hw: clean up ANI state handling
ANI state is kept per channel, so instead of keeping an array of ANI states
with an arbitrary size of 255, move the ANI state into the channel struct.

Move some config settings that are not per-channel out of
the per-channel struct to save some memory.

With those changes, ath9k_ani_restart_old and ath9k_ani_restart_new can
be merged into a single function.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:39 -04:00
Felix Fietkau
71ea420992 ath9k_hw: add a helper function to check for the new ANI implementation
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:39 -04:00
Felix Fietkau
435c1610f4 ath9k_hw: clean up register write buffering
Throughout the code, DISABLE_REGWRITE_BUFFER is always called right after
REGWRITE_BUFFER_FLUSH. Since that's unlikely to change any time soon, that
makes keeping those ops separate rather pointless, as it only increases
code size and line number counts.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:30:38 -04:00
Felix Fietkau
9dbebc7fd0 ath9k_hw: merge codepaths that access the cycle counter registers
The cycle counters are used by ANI to determine the amount of time that the
radio spent not receiving or transmitting. They're also used for debugging
purposes if the baseband watchdog on AR9003 detects a lockup.
In the future, we want to use these counters to determine the medium utilization
and export this information via survey. For that, we need to make sure that
the counter is only accessed from one place, which also ensures that
wraparounds won't occur at inconvenient points in time.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:26:01 -04:00
Felix Fietkau
6497827f53 ath9k_hw: clean up calibration flags
The calibration actual calibration flags are only used by the per chip family
source files, so it makes more sense to define them in those files instead
of globally. That way the code has to test for less flags.

Also instead of using a separate callback for testing whether a particular
calibration type is supported, simply adjust ah->supp_cals in the calibration
init which is called right after the hardware reset, before any of the
calibrations are run.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 16:26:01 -04:00
John W. Linville
373426cac0 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6 2010-10-06 16:25:52 -04:00
Johannes Berg
44271488b9 mac80211: delete AddBA response timer
We never delete the addBA response timer, which
is typically fine, but if the station it belongs
to is deleted very quickly after starting the BA
session, before the peer had a chance to reply,
the timer may fire after the station struct has
been freed already. Therefore, we need to delete
the timer in a suitable spot -- best when the
session is being stopped (which will happen even
then) in which case the delete will be a no-op
most of the time.

I've reproduced the scenario and tested the fix.

This fixes the crash reported at
http://mid.gmane.org/4CAB6F96.6090701@candelatech.com

Cc: stable@kernel.org
Reported-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 15:58:29 -04:00
Felix Fietkau
918df629d6 ath9k_hw: fix regression in ANI listen time calculation
wireless-testing
  commit 37e5bf6535
  Author: Luis R. Rodriguez <lrodriguez@atheros.com>
  Date:   Sat Jun 12 00:33:40 2010 -0400

    ath9k_hw: fix clock rate calculations for ANI

This commit accidentally broke clock rate calculation by doubling the
calculated clock rate

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-06 15:58:28 -04:00
Wey-Yi Guy
58a39090a1 iwlagn: define 130 series of WiFi/BT combo devices
add new structures and defines need to identify 130 devices.

Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
2010-10-06 08:14:21 -07:00
Wey-Yi Guy
898dade116 iwlagn: rename iwl5000_tx_resp
iwl5000_tx_resp really should be iwlagn_tx_resp, rename it.

Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
2010-10-06 08:12:02 -07:00
Wey-Yi Guy
a8029bb79e iwlwifi: remove uncorrect comments
some structure belong to _agn devices, not just 5000. Fix it.

Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
2010-10-06 08:11:41 -07:00
Wey-Yi Guy
ab63c68ada iwlagn: rename iwl5000_tx_power_dbm_cmd
iwl5000_tx_power_dbm_cmd really should be iwlagn_tx_power_dbm_cmd,
so rename it.

Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
2010-10-06 08:11:27 -07:00
Wey-Yi Guy
7cb1b0887f iwlagn: reduce redundant parameter definitions
move paramater definitions to a device paramater structure only
leaving the device name, which antennas are used and what firmware
file to use in the iwl_cfg structure.  this will not completely
remove the redundancies but greatly reduce them for devices that
only vary by name or antennas.  the parameters that are more
likely to change within a given device family are left in iwl_cfg.
also separate bt param structure added to help reduce more.

Signed-off-by: Jay Sternberg <jay.e.sternberg@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
2010-10-06 08:10:00 -07:00
Wey-Yi Guy
72645eff4b iwlwifi: schedule to deprecate software scan support
Hardware scan is the prefer method for all iwlwifi devices;
especially for dual-mode functions. Schedule to deprecate the
software scan support in kernel 2.6.40

Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
2010-10-06 07:42:43 -07:00
John W. Linville
46bf695802 Merge branch 'wireless-next' of git://git.kernel.org/pub/scm/linux/kernel/git/luca/wl12xx 2010-10-05 13:50:27 -04:00
Luis R. Rodriguez
e7480bbb92 mac80211: fix channel assumption for association done work
Be consistent and use the wk->chan instead of the
local->hw.conf.channel for the association done work.
This prevents any possible races against channel changes
while we run this work.

In the case that the race did happen we would be initializing
the bit rates for the new AP under the assumption of a wrong
channel and in the worst case, wrong band. This could lead
to trying to assuming we could use CCK frames on 5 GHz, for
example.

This patch has a fix for kernels >= v2.6.34

Cc: stable@kernel.org
Signed-off-by: Luis R. Rodriguez <lrodriguez@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-05 13:37:52 -04:00
Johannes Berg
691895e7e2 nl80211: fix remain-on-channel documentation
The documentation for NL80211_CMD_REMAIN_ON_CHANNEL
isn't accurate, an interface index is required by
the command. Update it accordingly.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-05 13:37:52 -04:00
Gabor Juhos
970bf9d40c ath9k: get correct tx gain type in ath9k_hw_4k_get_eeprom
The base_eep_header_4k structure contains information that the
device supports high power tx gain table or not. However the
ath9k_hw_4k_get_eeprom function does not return that value when
it is called with EEP_TXGAIN_TYPE. This leads to that the tx gain
initialization will use the init values from the original tx gain
table even if the device inidicates that the high power table
should be used.

Changes-licensed-under: ISC
Signed-off-by: Gabor Juhos <juhosg@openwrt.org>
Signed-off-by: Shu Hwa Shen <shensh@zcomm.com.cn>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-05 13:37:52 -04:00
Bruno Randolf
4198a8d036 ath5k: Don't wake internal queues
We should only wake up queues which mac80211 knows about (queues 0-3). We have
another internal queue ("CAB", queue number 6) which we use for power-saved
frames. When transmitted frames are processed from this queue, we have to make
sure we don't bother mac80211 with waking a queue it doesn't know about.

this fixes:

WARNING: at /home/br1/ath/wireless-testing/net/mac80211/util.c:275
  __ieee80211_wake_queue+0xd6/0xe0 [mac80211]()

Signed-off-by: Bruno Randolf <br1@einfach.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-05 13:37:52 -04:00
Johannes Berg
025e6be220 mac80211: fix deadlock with multiple interfaces
The locking around ieee80211_recalc_smps is
buggy -- it cannot acquire another interface's
mutex while the iflist mutex is held because
another code path could be holding the iface
mutex and trying to acquire the iflist mutex.

But the locking is also unnecessary, we only
check "ifmgd->associated" as a bool, and don't
use the pointer (in check_mgd_smps).

Reported-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-05 13:37:51 -04:00
Johannes Berg
6774889314 nl80211: reduce dumping boilerplate
Consolidate boilerplate code needed for .dumpit
calls operating on netdevs.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-05 13:37:51 -04:00
Johannes Berg
4126571481 nl80211: use generic check for netif_running
Use a new flag that requires the netdev to be
UP and use it to check instead of coding the
check into all functions that require it.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-05 13:37:51 -04:00
Johannes Berg
4c47699106 nl80211: use the new genetlink pre/post_doit hooks
This makes nl80211 use the new genetlink
pre_doit/post_doit hooks for locking and
checking the interface/wiphy index.

This significantly reduces the code size
and the likelihood of locking errors.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-05 13:37:51 -04:00
Johannes Berg
ff4c92d85c genetlink: introduce pre_doit/post_doit hooks
Each family may have some amount of boilerplate
locking code that applies to most, or even all,
commands.

This allows a family to handle such things in
a more generic way, by allowing it to
 a) include private flags in each operation
 b) specify a pre_doit hook that is called,
    before an operation's doit() callback and
    may return an error directly,
 c) specify a post_doit hook that can undo
    locking or similar things done by pre_doit,
    and finally
 d) include two private pointers in each info
    struct passed between all these operations
    including doit(). (It's two because I'll
    need two in nl80211 -- can be extended.)

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-05 13:35:30 -04:00
Dan Carpenter
2ee4e27cf2 ipw2200: check for allocation failures
If kzalloc() fails then return should return with -ENOMEM.

Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-05 13:35:29 -04:00
Bruno Randolf
9eba612549 mac80211: Add WME information element for IBSS
Enable WME QoS in IBSS mode by adding a WME information element to beacons and
probe respones and by checking for it and marking stations as WME capable if it
is present.

Signed-off-by: Bruno Randolf <br1@einfach.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-05 13:35:29 -04:00
Helmut Schaa
b34793ee27 rt2x00: Work around hw aggregation oddity in rt2800
If a frame is not meant to be sent as AMPDU or part of it the hw might
still decide to aggregate this frame if a previous frame started an
AMPDU. However, this will limit the usefulness of the reported tx rate
since the reported rate will be the one specified in the TXWI of the
first frame and thus it is not possible to reliably caculate the
number of retrys by substracting the reported tx rate from the tx rate
in the TXWI.

To fix this issue, only report the successful rate for frames that were
not meant to be aggregated but ended up in an aggregate.

Example:
Frame A (MCS7, AMPDU=1) B (MCS7, AMPDU=1) C (MCS12, AMDPU=0, PROBE_RATE)

Although frame C shoudn't be aggregated the hw might sill put it
into an AMPDU together with A and B. If the transmission succeeds the tx
status will contain MCS7 for all three frames. In that case we should
only report MCS7 as success rate and avoid reporting MCS12-MCS8 as
failed tx attempts as this will affect the future rate control
decisions.

This oddity might strike us in other scenarious as well but the most
common "wrong" report happened for frames used to probe a different tx
rate.

This improves the rate control decisions notable.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-05 13:35:29 -04:00
Helmut Schaa
01e946f22a rt2x00: Improve cooperation between rt2800pci and minstrel
In order to lower the impact of probe rates don't send a frame as AMPDU
if the rate control algorithm sets IEEE80211_TX_CTL_RATE_CTRL_PROBE.
Otherwise a whole aggregate would be send with a probe rate which might
lead to numerous retries.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-05 13:35:29 -04:00
Helmut Schaa
1f0280cb35 rt2x00: Fix oops caused by error path in rt2x00lib_start
When rt2x00lib_enable_radio fails to enable the radio, rt2x00lib_start
will call rt2x00queue_uninitialize to uninitialize the queues. Since,
the queues are not initialized here but already in rt2x00lib_initialize
we shouldn't uninitialize the queues here. Otherwise, a consecutive call
to rt2x00lib_start will oops (see below) because it assumes the queues
are already initialized.

BUG: unable to handle kernel NULL pointer dereference at 00000010
IP: [<f8d2d901>] :rt2800pci:rt2800pci_clear_entry+0x1/0x40
*pde = 00000000
Oops: 0000 [#1] SMP
Modules linked in: ... rt2800pci ...

Pid: 5995, comm: hostapd Not tainted (2.6.27.8 #1)
EIP: 0060:[<f8d2d901>] EFLAGS: 00210246 CPU: 3
EIP is at rt2800pci_clear_entry+0x1/0x40 [rt2800pci]
EAX: 00000000 EBX: f698863c ECX: 00200296 EDX: f8d2dee0
ESI: f6988600 EDI: f5b6f000 EBP: 00000000 ESP: f6d75e4c
 DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
Process hostapd (pid: 5995, ti=f6d74000 task=f6ce2300 task.ti=f6d74000)
Stack: f698863c fa00eaec 00000000 f5b6f000 00000000 f7b67000 f5b6e280 fa00c629
      f5b6f000 00000000 fa00ca3d f7b67480 00000001 fa177d4c 01b6e890 f7b67000
      00000000 f7b67000 00000001 00001003 00001002 c066c366 f7b67000 c0668ad0
Call Trace:
 [<fa00eaec>] rt2x00queue_init_queues+0x5c/0x90 [rt2x00lib]
 [<fa00c629>] rt2x00lib_enable_radio+0x29/0xa0 [rt2x00lib]
 [<fa00ca3d>] rt2x00lib_start+0x5d/0xd0 [rt2x00lib]
 [<fa177d4c>] ieee80211_do_open+0x21c/0x510 [mac80211]
 [<c066c366>] dev_open+0x56/0xb0
 [<c0668ad0>] dev_set_rx_mode+0x20/0x40
 [<c066a67f>] dev_change_flags+0x7f/0x190
 [<c06b1495>] devinet_ioctl+0x515/0x690
 [<c0668d24>] __dev_get_by_name+0x74/0x90
 [<c065d3f0>] sock_ioctl+0xd0/0x240
 [<c065d320>] sock_ioctl+0x0/0x240
 [<c018179b>] vfs_ioctl+0x2b/0x90
 [<c0181a5b>] do_vfs_ioctl+0x25b/0x2a0
 [<c0181af6>] sys_ioctl+0x56/0x70
 [<c0103262>] syscall_call+0x7/0xb
 [<c0700000>] add_card+0xad0/0xba0
 =======================
Code: 83 78 08 0e 74 14 8b 02 8b 48 04 85 c9 0f 99 c0 0f b6 c0 c3 8d b6
      00 00 00 00 8b 02 8b 40 04 85 c0 0f 99 c0 0f b6 c0 c3 66 90 53 <8b>
      48 10 8b 58 08 8b 40 04 83 78 08 0e 74 15 8b 11 83 c2 04 8b
EIP: [<f8d2d901>] rt2800pci_clear_entry+0x1/0x40 [rt2800pci] SS:ESP 0068:f6d75e4c
---[ end trace cff9a5c094bb8837 ]---

Reported-by: Joshua Smith <jesmith@kaon.com>
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2010-10-05 13:35:29 -04:00