diff -ruw linux-5.15.42/Makefile linux-5.15.42-fbx/Makefile --- linux-5.15.42/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/Makefile 2024-04-22 14:47:56.993882389 +0200 @@ -379,6 +379,8 @@ # CROSS_COMPILE can be set on the command line # make CROSS_COMPILE=ia64-linux- # Alternatively CROSS_COMPILE can be set in the environment. +# A third alternative is to store a setting in .config so that plain +# "make" in the configured kernel build directory always uses that. # Default value for CROSS_COMPILE is not to prefix executables # Note: Some architectures assign CROSS_COMPILE in their arch/*/Makefile ARCH ?= $(SUBARCH) @@ -416,6 +418,9 @@ KCONFIG_CONFIG ?= .config export KCONFIG_CONFIG +CONFIG_CROSS_COMPILE := $(shell grep ^CONFIG_CROSS_COMPILE= $(KCONFIG_CONFIG) | cut -f 2 -d = | tr -d '"') +CROSS_COMPILE ?= $(CONFIG_CROSS_COMPILE:"%"=%) + # SHELL used by kbuild CONFIG_SHELL := sh @@ -1288,7 +1293,7 @@ quiet_cmd_headers_install = INSTALL $(INSTALL_HDR_PATH)/include cmd_headers_install = \ mkdir -p $(INSTALL_HDR_PATH); \ - rsync -mrl --include='*/' --include='*\.h' --exclude='*' \ + rsync -cmrl --include='*/' --include='*\.h' --exclude='*' \ usr/include $(INSTALL_HDR_PATH) PHONY += headers_install diff -ruw linux-5.15.42/arch/arm/Kconfig linux-5.15.42-fbx/arch/arm/Kconfig --- linux-5.15.42/arch/arm/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/arch/arm/Kconfig 2024-04-22 14:47:56.997882499 +0200 @@ -1626,6 +1626,10 @@ help Include support for flattened device tree machine descriptions. +config DT_OVERRIDE_BUILTIN + bool "override given DTB with built-in DTB if compat matches" + depends on OF + config ATAGS bool "Support for the traditional ATAGS boot data passing" if USE_OF default y @@ -1643,6 +1647,10 @@ This was deprecated in 2001 and announced to live on for 5 years. Some old boot loaders still use this way. +config DT_FROM_MACHTYPE + bool "lookup kernel built-in DTB from ATAGS machtype" + depends on OF && ATAGS + # Compressed boot loader in ROM. Yes, we really want to ask about # TEXT and BSS so we preserve their values in the config files. config ZBOOT_ROM_TEXT diff -ruw linux-5.15.42/arch/arm/Makefile linux-5.15.42-fbx/arch/arm/Makefile --- linux-5.15.42/arch/arm/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/arch/arm/Makefile 2024-04-22 14:46:50.212057843 +0200 @@ -283,6 +283,11 @@ $(eval GCC_PLUGINS_CFLAGS += $(SSP_PLUGIN_CFLAGS)) endif +ifeq ($(CONFIG_USE_OF),y) +# add builtin-dtb into kernel binary +core-y += arch/arm/boot/dts/ +endif + all: $(notdir $(KBUILD_IMAGE)) diff -ruw linux-5.15.42/arch/arm/boot/dts/Makefile linux-5.15.42-fbx/arch/arm/boot/dts/Makefile --- linux-5.15.42/arch/arm/boot/dts/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/arch/arm/boot/dts/Makefile 2024-04-22 14:46:50.216057952 +0200 @@ -139,7 +139,9 @@ bcm47189-tenda-ac9.dtb \ bcm947189acdbmr.dtb dtb-$(CONFIG_ARCH_BCM_63XX) += \ - bcm963138dvt.dtb + bcm963138dvt.dtb \ + bcm963138ref-rnc.dtb \ + fbxgw7a.dtb dtb-$(CONFIG_ARCH_BCM_CYGNUS) += \ bcm911360_entphn.dtb \ bcm911360k.dtb \ @@ -263,7 +265,7 @@ keystone-k2e-evm.dtb \ keystone-k2g-evm.dtb \ keystone-k2g-ice.dtb -dtb-$(CONFIG_MACH_KIRKWOOD) += \ +dtb-$(CONFIG_MACH_KIRKWOOD_DTB) += \ kirkwood-b3.dtb \ kirkwood-blackarmor-nas220.dtb \ kirkwood-cloudbox.dtb \ @@ -341,6 +343,8 @@ kirkwood-ts219-6282.dtb \ kirkwood-ts419-6281.dtb \ kirkwood-ts419-6282.dtb +dtb-$(CONFIG_FBXGW_COMMON) += \ + fbxgwr_exp_stb.dtb dtb-$(CONFIG_ARCH_LPC18XX) += \ lpc4337-ciaa.dtb \ lpc4350-hitex-eval.dtb \ @@ -1499,3 +1503,17 @@ aspeed-bmc-portwell-neptune.dtb \ aspeed-bmc-quanta-q71l.dtb \ aspeed-bmc-supermicro-x11spi.dtb + +$(foreach file, $(subst $\",,$(CONFIG_OF_DTB_BUILTIN_LIST)), \ + $(eval dtb-y += $(file).dtb)) + +$(foreach file, $(subst $\",,$(CONFIG_OF_DTB_BUILTIN_LIST)), \ + $(eval obj-y += $(file).dtb.o)) + +dtstree := $(srctree)/$(src) +dtb-$(CONFIG_OF_ALL_DTBS) := $(patsubst $(dtstree)/%.dts,%.dtb, $(wildcard $(dtstree)/*.dts)) + +DTC_FLAGS += -@ +always-y := $(dtb-y) +clean-files := *.dtb *.dtb.S +obj- += dummy diff -ruw linux-5.15.42/arch/arm/boot/dts/kirkwood-6282.dtsi linux-5.15.42-fbx/arch/arm/boot/dts/kirkwood-6282.dtsi --- linux-5.15.42/arch/arm/boot/dts/kirkwood-6282.dtsi 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/arch/arm/boot/dts/kirkwood-6282.dtsi 2024-04-22 14:46:50.328061012 +0200 @@ -80,6 +80,11 @@ marvell,function = "twsi1"; }; + pmx_twsi1_gpio: pmx-twsi1-gpio { + marvell,pins = "mpp36", "mpp37"; + marvell,function = "gpio"; + }; + pmx_sdio: pmx-sdio { marvell,pins = "mpp12", "mpp13", "mpp14", "mpp15", "mpp16", "mpp17"; @@ -109,7 +114,10 @@ clock-frequency = <100000>; clocks = <&gate_clk 7>; pinctrl-0 = <&pmx_twsi1>; - pinctrl-names = "default"; + pinctrl-1 = <&pmx_twsi1_gpio>; + pinctrl-names = "default", "gpio"; + sda-gpios = <&gpio1 4 GPIO_ACTIVE_HIGH>; + scl-gpios = <&gpio1 5 GPIO_ACTIVE_HIGH>; status = "disabled"; }; diff -ruw linux-5.15.42/arch/arm/boot/dts/kirkwood.dtsi linux-5.15.42-fbx/arch/arm/boot/dts/kirkwood.dtsi --- linux-5.15.42/arch/arm/boot/dts/kirkwood.dtsi 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/arch/arm/boot/dts/kirkwood.dtsi 2024-04-22 14:46:50.332061122 +0200 @@ -99,11 +99,28 @@ marvell,function = "spi"; }; + pmx_tdm_spi: pmx-tdm-spi { + marvell,pins = "mpp24", "mpp25", "mpp26", + "mpp27"; + marvell,function = "tdm"; + }; + + pmx_alt_tdm_spi: pmx-alt-tdm-spi { + marvell,pins = "mpp39", "mpp40", "mpp41", + "mpp42"; + marvell,function = "tdm"; + }; + pmx_twsi0: pmx-twsi0 { marvell,pins = "mpp8", "mpp9"; marvell,function = "twsi0"; }; + pmx_twsi0_gpio: pmx-twsi0-gpio { + marvell,pins = "mpp8", "mpp9"; + marvell,function = "gpio"; + }; + /* * Default UART pinctrl setting without RTS/CTS, * overwrite marvell,pins on board level if required. @@ -138,6 +155,17 @@ status = "disabled"; }; + tdm_spi0: tdm_spi@d0000 { + compatible = "marvell,orion-tdm-spi"; + #address-cells = <1>; + #size-cells = <0>; + reg = <0xd0000 65536>; + clocks = <&gate_clk 20>; + pinctrl-0 = <&pmx_tdm_spi>; + pinctrl-names = "default"; + status = "disabled"; + }; + gpio0: gpio@10100 { compatible = "marvell,orion-gpio"; #gpio-cells = <2>; @@ -148,6 +176,7 @@ #interrupt-cells = <2>; interrupts = <35>, <36>, <37>, <38>; clocks = <&gate_clk 7>; + gpio-ranges = <&pinctrl 0 0 32>; }; gpio1: gpio@10140 { @@ -160,6 +189,7 @@ #interrupt-cells = <2>; interrupts = <39>, <40>, <41>; clocks = <&gate_clk 7>; + gpio-ranges = <&pinctrl 0 32 18>; }; i2c0: i2c@11000 { @@ -171,7 +201,10 @@ clock-frequency = <100000>; clocks = <&gate_clk 7>; pinctrl-0 = <&pmx_twsi0>; - pinctrl-names = "default"; + pinctrl-1 = <&pmx_twsi0_gpio>; + pinctrl-names = "default", "gpio"; + sda-gpios = <&gpio0 8 GPIO_ACTIVE_HIGH>; + scl-gpios = <&gpio0 9 GPIO_ACTIVE_HIGH>; status = "disabled"; }; @@ -319,6 +352,7 @@ clocks = <&gate_clk 0>; marvell,tx-checksum-limit = <1600>; status = "disabled"; + mdio-bus = <&mdio>; eth0port: ethernet0-port@0 { compatible = "marvell,kirkwood-eth-port"; diff -ruw linux-5.15.42/arch/arm/include/uapi/asm/setup.h linux-5.15.42-fbx/arch/arm/include/uapi/asm/setup.h --- linux-5.15.42/arch/arm/include/uapi/asm/setup.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/arch/arm/include/uapi/asm/setup.h 2023-02-27 19:50:20.104193505 +0100 @@ -144,6 +144,37 @@ __u32 fmemclk; }; +/* + * bootloader version + */ +#define ATAG_LOADER_VERSION 0x41000045 +struct tag_loader_version { + char version[1]; +}; + +/* + * freebox serial info + */ +#include +#define ATAG_FBXSERIAL 0x41000044 +struct tag_fbxserial { + struct fbx_serial serial; +}; + +/* + * boot_info tag, used by bank0 in conjuction with fbxhwinfo to + * sortout whether: + * + * - user forced a bank0 boot + * - user forced a bank0 boot _and_ asked for nvram to be erased. + */ +#define ATAG_BOOT_INFO 0x41000046 +struct tag_boot_info { + u32 erase_nvram; /* == 1 if user selected nvram erase */ + u32 bank0_forced; /* == 1 if bank0 boot was + forced by user*/ +}; + struct tag { struct tag_header hdr; union { @@ -166,6 +197,12 @@ * DC21285 specific */ struct tag_memclk memclk; + /* + * Freebox specific + */ + struct tag_loader_version loader_version; + struct tag_fbxserial fbxserial; + struct tag_boot_info boot_info; } u; }; diff -ruw linux-5.15.42/arch/arm/kernel/atags_parse.c linux-5.15.42-fbx/arch/arm/kernel/atags_parse.c --- linux-5.15.42/arch/arm/kernel/atags_parse.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/arch/arm/kernel/atags_parse.c 2023-02-27 17:08:37.794101763 +0100 @@ -22,11 +22,13 @@ #include #include #include +#include #include #include #include #include +#include #include "atags.h" @@ -173,15 +175,70 @@ tag->hdr.tag = ATAG_NONE; } +/* + * lookup into built-in list of machine DT to find machine with the + * given machtype + */ +static int +find_matching_builtin_dt(unsigned int machtype, + void **dt_pointer) +{ +#ifdef CONFIG_DT_FROM_MACHTYPE + char compat_string[32]; + const void *blob; + + sprintf(compat_string, "arm-machtype,%u", machtype); + blob = of_fdt_find_compatible_dtb(compat_string); + if (blob) { + *dt_pointer = (void*)blob; + return 0; + } +#endif + return 1; +} + const struct machine_desc * __init setup_machine_tags(void *atags_vaddr, unsigned int machine_nr) { struct tag *tags = (struct tag *)&default_tags; const struct machine_desc *mdesc = NULL, *p; char *from = default_command_line; + void *builtin_dt; default_tags.mem.start = PHYS_OFFSET; + if (!find_matching_builtin_dt(machine_nr, &builtin_dt)) { + if (atags_vaddr) { + tags = atags_vaddr; + + if (tags->hdr.tag == ATAG_CORE) { + struct tag *tag; + + /* remove all tags that we expect DT to + * override */ + for (; tag->hdr.size; tag = tag_next(tag)) { + switch (tag->hdr.tag) { + case ATAG_MEM: + case ATAG_CORE: + case ATAG_SERIAL: + case ATAG_REVISION: + case ATAG_CMDLINE: + tag->hdr.tag = ATAG_NONE; + break; + + default: + break; + } + } + + save_atags(tags); + parse_tags(tags); + } + } + + return setup_machine_fdt(builtin_dt); + } + /* * locate machine in the list of supported machines. */ diff -ruw linux-5.15.42/arch/arm/kernel/devtree.c linux-5.15.42-fbx/arch/arm/kernel/devtree.c --- linux-5.15.42/arch/arm/kernel/devtree.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/arch/arm/kernel/devtree.c 2024-04-22 14:46:50.456064509 +0200 @@ -10,6 +10,7 @@ #include #include #include +#include #include #include #include @@ -201,6 +202,37 @@ return m; } +/* + * lookup into built-in list of DTB to find one with the same compat + * string as the given blob + */ +static const void *find_matching_builtin_dt(const void *blob) +{ + const char *cp; + int cplen; + + cp = fdt_getprop(blob, 0, "compatible", &cplen); + if (cp == NULL) + return NULL; + + while (cplen > 0) { + const void *builtin_blob; + unsigned long l; + + builtin_blob = of_fdt_find_compatible_dtb(cp); + if (builtin_blob) { + pr_notice("overriding given DTB with " + "builtin one => '%s'", cp); + return builtin_blob; + } + + l = strlen(cp) + 1; + cp += l; + cplen -= l; + } + return NULL; +} + /** * setup_machine_fdt - Machine setup when an dtb was passed to the kernel * @dt_virt: virtual address of dt blob @@ -224,6 +256,14 @@ if (!dt_virt || !early_init_dt_verify(dt_virt)) return NULL; + if (IS_ENABLED(CONFIG_DT_OVERRIDE_BUILTIN)) { + const void *builtin_blob; + + builtin_blob = find_matching_builtin_dt(dt_virt); + if (builtin_blob) + early_init_dt_verify((void *)builtin_blob); + } + mdesc = of_flat_dt_match_machine(mdesc_best, arch_get_next_mach); if (!mdesc) { diff -ruw linux-5.15.42/arch/arm/mach-bcm/Kconfig linux-5.15.42-fbx/arch/arm/mach-bcm/Kconfig --- linux-5.15.42/arch/arm/mach-bcm/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/arch/arm/mach-bcm/Kconfig 2024-04-22 14:46:50.464064728 +0200 @@ -196,6 +196,7 @@ select HAVE_ARM_ARCH_TIMER select HAVE_ARM_TWD if SMP select HAVE_ARM_SCU if SMP + select PINCTRL help This enables support for systems based on Broadcom DSL SoCs. It currently supports the 'BCM63XX' ARM-based family, which includes diff -ruw linux-5.15.42/arch/arm/mach-bcm/Makefile linux-5.15.42-fbx/arch/arm/mach-bcm/Makefile --- linux-5.15.42/arch/arm/mach-bcm/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/arch/arm/mach-bcm/Makefile 2024-04-22 14:46:50.464064728 +0200 @@ -59,7 +59,7 @@ # BCM63XXx ifeq ($(CONFIG_ARCH_BCM_63XX),y) obj-y += bcm63xx.o -obj-$(CONFIG_SMP) += bcm63xx_smp.o bcm63xx_pmb.o +obj-$(CONFIG_SMP) += bcm63xx_smp.o endif ifeq ($(CONFIG_ARCH_BRCMSTB),y) diff -ruw linux-5.15.42/arch/arm/mach-mvebu/Kconfig linux-5.15.42-fbx/arch/arm/mach-mvebu/Kconfig --- linux-5.15.42/arch/arm/mach-mvebu/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/arch/arm/mach-mvebu/Kconfig 2024-04-22 14:46:50.508065930 +0200 @@ -129,4 +129,35 @@ Say 'Y' here if you want your kernel to support boards based on the Marvell Kirkwood device tree. +config MACH_KIRKWOOD_DTB + bool "build kirkwood DTB" + +config FBXGW_COMMON + bool + select ARCH_HAS_FBXSERIAL + select RESET_CONTROLLER + +config MACH_FBXGW2R + bool "Freebox FBXGW2R" + select FBXSERIAL + select FBXGW_COMMON + +config MACH_FBXGW1R + bool "Freebox FBXGW1R" + select FBXSERIAL + select FBXGW_COMMON + select GPIOLIB + +if FBXGW_COMMON + +config FBXGW_COMMON_ETHSW + bool "initialize ethernet switch" + +config FBXGW_COMMON_NAND_SAFE_READ_TIMINGS + bool "use very conservative timings for nand read" + +config FBXGW_COMMON_NAND_SAFE_WRITE_TIMINGS + bool "use very conservative timings for nand write" +endif + endif diff -ruw linux-5.15.42/arch/arm/mach-mvebu/Makefile linux-5.15.42-fbx/arch/arm/mach-mvebu/Makefile --- linux-5.15.42/arch/arm/mach-mvebu/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/arch/arm/mach-mvebu/Makefile 2024-04-22 14:46:50.508065930 +0200 @@ -18,4 +18,7 @@ ifeq ($(CONFIG_MACH_KIRKWOOD),y) obj-y += kirkwood.o obj-$(CONFIG_PM) += kirkwood-pm.o +obj-$(CONFIG_FBXGW_COMMON) += fbxgw-common.o fbxgw-rst.o +obj-$(CONFIG_FBXGW_COMMON_ETHSW) += fbxgw-switch.o +obj-$(CONFIG_MACH_FBXGW1R) += fbxgw1r-gpio-sr.o endif diff -ruw linux-5.15.42/arch/arm/mach-mvebu/kirkwood.c linux-5.15.42-fbx/arch/arm/mach-mvebu/kirkwood.c --- linux-5.15.42/arch/arm/mach-mvebu/kirkwood.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/arch/arm/mach-mvebu/kirkwood.c 2024-04-22 14:46:50.512066040 +0200 @@ -22,6 +22,7 @@ #include #include #include +#include "mvebu-soc-id.h" #include "kirkwood.h" #include "kirkwood-pm.h" #include "common.h" @@ -157,15 +158,67 @@ writel(readl(cpu_config) & ~CPU_CONFIG_ERROR_PROP, cpu_config); } +/* + * See errata. Without this work around: + * "The risk is that the PCIe will not work properly." + */ +static void kirkwood_fe_misc_120(void) +{ + u32 dev, rev; + void __iomem *reg; + + if (mvebu_get_soc_id(&dev, &rev)) { + pr_warn("unable to get soc id when trying to apply " + "FE-MISC-120\n"); + return ; + } + + if (dev != 0x6282) + /* not applicable on this device */ + return ; + + reg = ioremap(FE_MISC_120_REG, 4); + if (!reg) { + pr_warn("unable to ioremap %08x when trying to apply " + "FE-MISC-120.\n", FE_MISC_120_REG); + return ; + } + + writel(readl(reg) | (3 << 25), reg); + iounmap(reg); +} + +/* + * map the IMMR space using iotable_init, like in the old times ... + * As it is going to be mapped using a single 1M section, this can't + * be bad wrt TLB pressure. + */ +static struct map_desc __initdata kirkwood_io_desc[] = { + { + .virtual = 0xfec00000, + .pfn = __phys_to_pfn(0xf1000000), + .length = SZ_1M, + .type = MT_DEVICE, + }, +}; +static void __init kirkwood_map_io(void) +{ + iotable_init(kirkwood_io_desc, ARRAY_SIZE(kirkwood_io_desc)); +} + static struct of_dev_auxdata auxdata[] __initdata = { OF_DEV_AUXDATA("marvell,kirkwood-audio", 0xf10a0000, "mvebu-audio", NULL), { /* sentinel */ } }; +extern void fbxgw1r_init(void); +extern void fbxgw2r_init(void); + static void __init kirkwood_dt_init(void) { kirkwood_disable_mbus_error_propagation(); + kirkwood_fe_misc_120(); BUG_ON(mvebu_mbus_dt_init(false)); @@ -179,9 +232,25 @@ kirkwood_dt_eth_fixup(); of_platform_default_populate(NULL, auxdata, NULL); + +#ifdef CONFIG_MACH_FBXGW1R + if (of_machine_is_compatible("freebox,fbxgw1r")) + fbxgw1r_init(); +#endif + +#ifdef CONFIG_MACH_FBXGW2R + if (of_machine_is_compatible("freebox,fbxgw2r")) + fbxgw2r_init(); +#endif } static const char * const kirkwood_dt_board_compat[] __initconst = { +#ifdef CONFIG_MACH_FBXGW1R + "freebox,fbxgw1r", +#endif +#ifdef CONFIG_MACH_FBXGW2R + "freebox,fbxgw2r", +#endif "marvell,kirkwood", NULL }; @@ -191,4 +260,5 @@ .init_machine = kirkwood_dt_init, .restart = mvebu_restart, .dt_compat = kirkwood_dt_board_compat, + .map_io = kirkwood_map_io, MACHINE_END diff -ruw linux-5.15.42/arch/arm/mach-mvebu/kirkwood.h linux-5.15.42-fbx/arch/arm/mach-mvebu/kirkwood.h --- linux-5.15.42/arch/arm/mach-mvebu/kirkwood.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/arch/arm/mach-mvebu/kirkwood.h 2024-04-22 14:46:50.512066040 +0200 @@ -20,3 +20,5 @@ #define CPU_CONTROL_PHYS (BRIDGE_PHYS_BASE + 0x0104) #define MEMORY_PM_CTRL_PHYS (BRIDGE_PHYS_BASE + 0x0118) + +#define FE_MISC_120_REG (KIRKWOOD_REGS_PHYS_BASE + 0x100e4) diff -ruw linux-5.15.42/arch/arm/mm/dma-mapping.c linux-5.15.42-fbx/arch/arm/mm/dma-mapping.c --- linux-5.15.42/arch/arm/mm/dma-mapping.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/arch/arm/mm/dma-mapping.c 2024-04-22 14:46:50.616068881 +0200 @@ -497,6 +497,7 @@ *ret_page = phys_to_page(phys); ptr = (void *)val; + memset(ptr, 0, size); } return ptr; @@ -931,6 +932,11 @@ phys_addr_t paddr = page_to_phys(page) + off; /* FIXME: non-speculating: not required */ +#ifdef CONFIG_MACH_KIRKWOOD + if (dir == DMA_FROM_DEVICE) + return; +#endif + /* in any case, don't bother invalidating if DMA to device */ if (dir != DMA_TO_DEVICE) { outer_inv_range(paddr, paddr + size); diff -ruw linux-5.15.42/block/blk-core.c linux-5.15.42-fbx/block/blk-core.c --- linux-5.15.42/block/blk-core.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/block/blk-core.c 2024-04-22 14:46:51.584095328 +0200 @@ -1255,7 +1255,7 @@ } } -void blk_account_io_done(struct request *req, u64 now) +void blk_account_io_done(struct request *req, u64 now, blk_status_t error) { /* * Account IO completion. flush_rq isn't accounted as a @@ -1267,6 +1267,11 @@ const int sgrp = op_stat_group(req_op(req)); part_stat_lock(); + + if (error) { + int rw = rq_data_dir(req); + part_stat_inc(req->part, io_errors[rw]); + } update_io_ticks(req->part, jiffies, true); part_stat_inc(req->part, ios[sgrp]); part_stat_add(req->part, nsecs[sgrp], now - req->start_time_ns); diff -ruw linux-5.15.42/block/blk-exec.c linux-5.15.42-fbx/block/blk-exec.c --- linux-5.15.42/block/blk-exec.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/block/blk-exec.c 2024-04-22 14:46:51.584095328 +0200 @@ -53,8 +53,6 @@ rq->rq_disk = bd_disk; rq->end_io = done; - blk_account_io_start(rq); - /* * don't check dying flag for MQ because the request won't * be reused after dying flag is set diff -ruw linux-5.15.42/block/blk-flush.c linux-5.15.42-fbx/block/blk-flush.c --- linux-5.15.42/block/blk-flush.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/block/blk-flush.c 2024-04-22 14:46:51.584095328 +0200 @@ -172,10 +172,21 @@ rq->flush.seq |= seq; cmd_flags = rq->cmd_flags; - if (likely(!error)) + if (likely(!error)) { seq = blk_flush_cur_seq(rq); - else + } else { seq = REQ_FSEQ_DONE; + printk_once(KERN_ERR "%s: flush failed: data integrity problem\n", + rq->rq_disk ? rq->rq_disk->disk_name : "?"); + /* + * returning an error to the FS is wrong: the data is all + * there, it just might not be written out in the expected + * order and thus have a window where the integrity is suspect + * in a crash. Given the small likelihood of actually + * crashing, we should just log a warning here. + */ + error = 0; + } switch (seq) { case REQ_FSEQ_PREFLUSH: diff -ruw linux-5.15.42/block/blk-mq.c linux-5.15.42-fbx/block/blk-mq.c --- linux-5.15.42/block/blk-mq.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/block/blk-mq.c 2024-04-22 14:46:51.588095438 +0200 @@ -556,7 +556,7 @@ blk_mq_sched_completed_request(rq, now); - blk_account_io_done(rq, now); + blk_account_io_done(rq, now, error); if (rq->end_io) { rq_qos_done(rq->q, rq); diff -ruw linux-5.15.42/block/blk.h linux-5.15.42-fbx/block/blk.h --- linux-5.15.42/block/blk.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/block/blk.h 2024-04-22 14:46:51.592095547 +0200 @@ -182,7 +182,7 @@ struct bio *bio, unsigned int nr_segs); void blk_account_io_start(struct request *req); -void blk_account_io_done(struct request *req, u64 now); +void blk_account_io_done(struct request *req, u64 now, blk_status_t error); /* * Plug flush limits @@ -242,11 +242,14 @@ * Contribute to IO statistics IFF: * * a) it's attached to a gendisk, and - * b) the queue had IO stats enabled when this request was started + * b) the queue had IO stats enabled when this request was started, and + * c) it's a file system request */ static inline bool blk_do_io_stat(struct request *rq) { - return rq->rq_disk && (rq->rq_flags & RQF_IO_STAT); + return rq->rq_disk && + (rq->rq_flags & RQF_IO_STAT) && + !blk_rq_is_passthrough(rq); } static inline void req_set_nomerge(struct request_queue *q, struct request *req) @@ -354,6 +357,7 @@ #define ADDPART_FLAG_NONE 0 #define ADDPART_FLAG_RAID 1 #define ADDPART_FLAG_WHOLEDISK 2 +#define ADDPART_FLAG_RO 4 int bdev_add_partition(struct gendisk *disk, int partno, sector_t start, sector_t length); int bdev_del_partition(struct gendisk *disk, int partno); diff -ruw linux-5.15.42/block/genhd.c linux-5.15.42-fbx/block/genhd.c --- linux-5.15.42/block/genhd.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/block/genhd.c 2024-04-22 14:46:51.592095547 +0200 @@ -920,6 +920,7 @@ "%8u %8u %8u " "%8lu %8lu %8llu %8u " "%8lu %8u" + "%8lu %8lu" "\n", stat.ios[STAT_READ], stat.merges[STAT_READ], @@ -941,7 +942,9 @@ (unsigned long long)stat.sectors[STAT_DISCARD], (unsigned int)div_u64(stat.nsecs[STAT_DISCARD], NSEC_PER_MSEC), stat.ios[STAT_FLUSH], - (unsigned int)div_u64(stat.nsecs[STAT_FLUSH], NSEC_PER_MSEC)); + (unsigned int)div_u64(stat.nsecs[STAT_FLUSH], NSEC_PER_MSEC), + part_stat_read(bdev, io_errors[READ]), + part_stat_read(bdev, io_errors[WRITE])); } ssize_t part_inflight_show(struct device *dev, struct device_attribute *attr, diff -ruw linux-5.15.42/block/partitions/Kconfig linux-5.15.42-fbx/block/partitions/Kconfig --- linux-5.15.42/block/partitions/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/block/partitions/Kconfig 2024-04-22 14:46:51.596095656 +0200 @@ -267,3 +267,11 @@ help Say Y here if you want to read the partition table from bootargs. The format for the command line is just like mtdparts. + +config OF_PARTITION + bool "Device tree partition support" if PARTITION_ADVANCED + depends on OF + +config OF_PARTITION_IGNORE_RO + bool "ignore read-only flag" + depends on OF_PARTITION diff -ruw linux-5.15.42/block/partitions/Makefile linux-5.15.42-fbx/block/partitions/Makefile --- linux-5.15.42/block/partitions/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/block/partitions/Makefile 2023-02-24 19:09:45.669973308 +0100 @@ -20,3 +20,4 @@ obj-$(CONFIG_EFI_PARTITION) += efi.o obj-$(CONFIG_KARMA_PARTITION) += karma.o obj-$(CONFIG_SYSV68_PARTITION) += sysv68.o +obj-$(CONFIG_OF_PARTITION) += dt.o diff -ruw linux-5.15.42/block/partitions/check.h linux-5.15.42-fbx/block/partitions/check.h --- linux-5.15.42/block/partitions/check.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/block/partitions/check.h 2024-04-22 14:46:51.596095656 +0200 @@ -68,3 +68,4 @@ int sun_partition(struct parsed_partitions *state); int sysv68_partition(struct parsed_partitions *state); int ultrix_partition(struct parsed_partitions *state); +int dt_partition(struct parsed_partitions *); diff -ruw linux-5.15.42/block/partitions/core.c linux-5.15.42-fbx/block/partitions/core.c --- linux-5.15.42/block/partitions/core.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/block/partitions/core.c 2024-04-22 14:46:51.596095656 +0200 @@ -15,6 +15,10 @@ #include "check.h" static int (*check_part[])(struct parsed_partitions *) = { +#ifdef CONFIG_OF_PARTITION + dt_partition, +#endif + /* * Probe partition formats with tables at disk address 0 * that also have an ADFS boot block at 0xdc0. @@ -359,6 +363,7 @@ bdev->bd_start_sect = start; bdev_set_nr_sectors(bdev, len); + bdev->bd_read_only = (flags & ADDPART_FLAG_RO); pdev = &bdev->bd_device; dname = dev_name(ddev); diff -ruw linux-5.15.42/drivers/Kconfig linux-5.15.42-fbx/drivers/Kconfig --- linux-5.15.42/drivers/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/Kconfig 2024-04-22 14:46:51.640096858 +0200 @@ -21,6 +21,8 @@ source "drivers/gnss/Kconfig" +source "drivers/fbxprocfs/Kconfig" + source "drivers/mtd/Kconfig" source "drivers/of/Kconfig" @@ -77,6 +79,10 @@ source "drivers/gpio/Kconfig" +source "drivers/fbxgpio/Kconfig" + +source "drivers/fbxjtag/Kconfig" + source "drivers/w1/Kconfig" source "drivers/power/Kconfig" @@ -85,6 +91,8 @@ source "drivers/thermal/Kconfig" +source "drivers/fbxwatchdog/Kconfig" + source "drivers/watchdog/Kconfig" source "drivers/ssb/Kconfig" diff -ruw linux-5.15.42/drivers/Makefile linux-5.15.42-fbx/drivers/Makefile --- linux-5.15.42/drivers/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/Makefile 2024-04-22 14:46:51.640096858 +0200 @@ -16,7 +16,9 @@ obj-$(CONFIG_GPIOLIB) += gpio/ obj-y += pwm/ +obj-$(CONFIG_FREEBOX_GPIO) += fbxgpio/ obj-y += pci/ +obj-$(CONFIG_FREEBOX_JTAG) += fbxjtag/ obj-$(CONFIG_PARISC) += parisc/ obj-$(CONFIG_RAPIDIO) += rapidio/ @@ -117,6 +119,7 @@ obj-y += power/ obj-$(CONFIG_HWMON) += hwmon/ obj-$(CONFIG_THERMAL) += thermal/ +obj-$(CONFIG_FREEBOX_WATCHDOG) += fbxwatchdog/ obj-$(CONFIG_WATCHDOG) += watchdog/ obj-$(CONFIG_MD) += md/ obj-$(CONFIG_BT) += bluetooth/ @@ -187,3 +190,5 @@ obj-$(CONFIG_INTERCONNECT) += interconnect/ obj-$(CONFIG_COUNTER) += counter/ obj-$(CONFIG_MOST) += most/ + +obj-$(CONFIG_FREEBOX_PROCFS) += fbxprocfs/ diff -ruw linux-5.15.42/drivers/ata/libata-core.c linux-5.15.42-fbx/drivers/ata/libata-core.c --- linux-5.15.42/drivers/ata/libata-core.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/ata/libata-core.c 2024-04-22 14:46:51.708098716 +0200 @@ -3924,6 +3924,8 @@ /* Sandisk SD7/8/9s lock up hard on large trims */ { "SanDisk SD[789]*", NULL, ATA_HORKAGE_MAX_TRIM_128M, }, + { "Boot ROM", NULL, ATA_HORKAGE_NODMA }, + /* devices which puke on READ_NATIVE_MAX */ { "HDS724040KLSA80", "KFAOA20N", ATA_HORKAGE_BROKEN_HPA, }, { "WDC WD3200JD-00KLB0", "WD-WCAMR1130137", ATA_HORKAGE_BROKEN_HPA }, diff -ruw linux-5.15.42/drivers/ata/libata-scsi.c linux-5.15.42-fbx/drivers/ata/libata-scsi.c --- linux-5.15.42/drivers/ata/libata-scsi.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/ata/libata-scsi.c 2024-04-22 14:46:51.708098716 +0200 @@ -4233,7 +4233,7 @@ */ shost->max_host_blocked = 1; - rc = scsi_add_host_with_dma(shost, &ap->tdev, ap->host->dev); + rc = scsi_add_host_with_dma(shost, host->dev, host->dev); if (rc) goto err_alloc; } diff -ruw linux-5.15.42/drivers/base/property.c linux-5.15.42-fbx/drivers/base/property.c --- linux-5.15.42/drivers/base/property.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/base/property.c 2024-04-22 14:46:51.760100137 +0200 @@ -17,6 +17,7 @@ #include #include #include +#include struct fwnode_handle *dev_fwnode(struct device *dev) { @@ -973,6 +974,21 @@ { char *res; +#ifdef CONFIG_FBXSERIAL + u32 index; + int ret; + + ret = fwnode_property_read_u32(fwnode, "fbxserial-mac-address", + &index); + if (ret == 0) { + res = (void *)fbxserialinfo_get_mac_addr(index); + if (res) { + memcpy(addr, res, alen); + return res; + } + } +#endif + res = fwnode_get_mac_addr(fwnode, "mac-address", addr, alen); if (res) return res; diff -ruw linux-5.15.42/drivers/base/regmap/internal.h linux-5.15.42-fbx/drivers/base/regmap/internal.h --- linux-5.15.42/drivers/base/regmap/internal.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/base/regmap/internal.h 2024-04-22 14:46:51.760100137 +0200 @@ -301,4 +301,6 @@ return reg >> map->reg_stride_order; } +void *regmap_mmio_ctx_get_base(const void *priv); + #endif diff -ruw linux-5.15.42/drivers/base/regmap/regmap-mmio.c linux-5.15.42-fbx/drivers/base/regmap/regmap-mmio.c --- linux-5.15.42/drivers/base/regmap/regmap-mmio.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/base/regmap/regmap-mmio.c 2024-04-22 14:46:51.760100137 +0200 @@ -450,4 +450,10 @@ } EXPORT_SYMBOL_GPL(regmap_mmio_detach_clk); +void *regmap_mmio_ctx_get_base(const void *priv) +{ + struct regmap_mmio_context *ctx = (struct regmap_mmio_context *)priv; + return ctx->regs; +} + MODULE_LICENSE("GPL v2"); diff -ruw linux-5.15.42/drivers/base/regmap/regmap.c linux-5.15.42-fbx/drivers/base/regmap/regmap.c --- linux-5.15.42/drivers/base/regmap/regmap.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/base/regmap/regmap.c 2024-04-22 14:46:51.760100137 +0200 @@ -3333,6 +3333,15 @@ } EXPORT_SYMBOL_GPL(regmap_parse_val); +#ifdef CONFIG_REGMAP_MMIO +void *regmap_get_mmio_base_address(struct regmap *map) +{ + return regmap_mmio_ctx_get_base(map->bus_context); +} + +EXPORT_SYMBOL_GPL(regmap_get_mmio_base_address); +#endif + static int __init regmap_initcall(void) { regmap_debugfs_initcall(); diff -ruw linux-5.15.42/drivers/bluetooth/btrtl.h linux-5.15.42-fbx/drivers/bluetooth/btrtl.h --- linux-5.15.42/drivers/bluetooth/btrtl.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/bluetooth/btrtl.h 2024-04-22 14:46:51.808101449 +0200 @@ -14,6 +14,11 @@ struct btrtl_device_info; +struct rtl_chip_type_evt { + __u8 status; + __u8 type; +} __packed; + struct rtl_download_cmd { __u8 index; __u8 data[RTL_FRAG_LEN]; @@ -63,6 +68,7 @@ unsigned int *controller_baudrate, u32 *device_baudrate, bool *flow_control); +void btrtl_show_version(struct hci_dev *hdev); #else static inline struct btrtl_device_info *btrtl_initialize(struct hci_dev *hdev, diff -ruw linux-5.15.42/drivers/char/Kconfig linux-5.15.42-fbx/drivers/char/Kconfig --- linux-5.15.42/drivers/char/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/char/Kconfig 2024-04-22 14:46:51.820101776 +0200 @@ -321,6 +321,15 @@ memory. When in doubt, say "Y". +config DEVPHYSMEM + bool "/dev/physmem virtual device support" + default n + help + Say Y here if you want to support the /dev/physmem device. The + /dev/physmem device allows unprivileged access to physical memory + unused by the kernel. + When in doubt, say "N". + config NVRAM tristate "/dev/nvram support" depends on X86 || HAVE_ARCH_NVRAM_OPS @@ -452,3 +461,5 @@ only mixes the entropy pool. endmenu + +source "drivers/char/diag/Kconfig" diff -ruw linux-5.15.42/drivers/char/Makefile linux-5.15.42-fbx/drivers/char/Makefile --- linux-5.15.42/drivers/char/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/char/Makefile 2024-04-22 14:46:51.820101776 +0200 @@ -46,3 +46,5 @@ obj-$(CONFIG_XILLYBUS_CLASS) += xillybus/ obj-$(CONFIG_POWERNV_OP_PANEL) += powernv-op-panel.o obj-$(CONFIG_ADI) += adi.o + +obj-$(CONFIG_DIAG_CHAR) += diag/ diff -ruw linux-5.15.42/drivers/char/hw_random/Kconfig linux-5.15.42-fbx/drivers/char/hw_random/Kconfig --- linux-5.15.42/drivers/char/hw_random/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/char/hw_random/Kconfig 2024-04-22 14:46:51.828101995 +0200 @@ -98,6 +98,11 @@ If unsure, say Y. +config HW_RANDOM_BCM63XX + tristate "Broadcom BCM63xx Random Number Generator support" + depends on ARCH_BCM_63XX || BCM63XX + default HW_RANDOM + config HW_RANDOM_IPROC_RNG200 tristate "Broadcom iProc/STB RNG200 support" depends on ARCH_BCM_IPROC || ARCH_BCM2835 || ARCH_BRCMSTB diff -ruw linux-5.15.42/drivers/char/hw_random/Makefile linux-5.15.42-fbx/drivers/char/hw_random/Makefile --- linux-5.15.42/drivers/char/hw_random/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/char/hw_random/Makefile 2024-04-22 14:46:51.828101995 +0200 @@ -31,6 +31,7 @@ obj-$(CONFIG_HW_RANDOM_POWERNV) += powernv-rng.o obj-$(CONFIG_HW_RANDOM_HISI) += hisi-rng.o obj-$(CONFIG_HW_RANDOM_BCM2835) += bcm2835-rng.o +obj-$(CONFIG_HW_RANDOM_BCM63XX) += bcm63xx-rng.o obj-$(CONFIG_HW_RANDOM_IPROC_RNG200) += iproc-rng200.o obj-$(CONFIG_HW_RANDOM_ST) += st-rng.o obj-$(CONFIG_HW_RANDOM_XGENE) += xgene-rng.o diff -ruw linux-5.15.42/drivers/char/mem.c linux-5.15.42-fbx/drivers/char/mem.c --- linux-5.15.42/drivers/char/mem.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/char/mem.c 2024-04-22 14:46:51.836102214 +0200 @@ -28,6 +28,8 @@ #include #include #include +#include + #include #include @@ -402,6 +404,14 @@ return 0; } +static int mmap_physmem(struct file * file, struct vm_area_struct * vma) +{ + if (vma->vm_pgoff < max_pfn && !capable(CAP_SYS_RAWIO)) + return -EPERM; + + return mmap_mem(file, vma); +} + static ssize_t read_port(struct file *file, char __user *buf, size_t count, loff_t *ppos) { @@ -634,6 +644,11 @@ return 0; } +static int open_physmem(struct inode * inode, struct file * filp) +{ + return 0; +} + #define zero_lseek null_lseek #define full_lseek null_lseek #define write_zero write_null @@ -687,6 +702,14 @@ .write = write_full, }; +static const struct file_operations __maybe_unused physmem_fops = { + .mmap = mmap_physmem, + .open = open_physmem, +#ifndef CONFIG_MMU + .get_unmapped_area = get_unmapped_area_mem, +#endif +}; + static const struct memdev { const char *name; umode_t mode; @@ -707,6 +730,9 @@ #ifdef CONFIG_PRINTK [11] = { "kmsg", 0644, &kmsg_fops, 0 }, #endif +#ifdef CONFIG_DEVPHYSMEM + [16] = { "physmem", 0, &physmem_fops, FMODE_UNSIGNED_OFFSET }, +#endif }; static int memory_open(struct inode *inode, struct file *filp) diff -ruw linux-5.15.42/drivers/cpufreq/Kconfig linux-5.15.42-fbx/drivers/cpufreq/Kconfig --- linux-5.15.42/drivers/cpufreq/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/cpufreq/Kconfig 2024-04-22 14:46:52.016107131 +0200 @@ -321,5 +321,10 @@ This adds the CPUFreq driver support for Freescale QorIQ SoCs which are capable of changing the CPU's frequency dynamically. +config BCM63158_CPUFREQ + tristate "CPU frequency scaling driver for BCM63158 SoC" + depends on ARCH_BCM63XX + endif + endmenu diff -ruw linux-5.15.42/drivers/cpufreq/Makefile linux-5.15.42-fbx/drivers/cpufreq/Makefile --- linux-5.15.42/drivers/cpufreq/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/cpufreq/Makefile 2024-04-22 14:46:52.016107131 +0200 @@ -108,3 +108,5 @@ obj-$(CONFIG_SH_CPU_FREQ) += sh-cpufreq.o obj-$(CONFIG_SPARC_US2E_CPUFREQ) += sparc-us2e-cpufreq.o obj-$(CONFIG_SPARC_US3_CPUFREQ) += sparc-us3-cpufreq.o + +obj-$(CONFIG_BCM63158_CPUFREQ) += bcm63158-cpufreq.o diff -ruw linux-5.15.42/drivers/gpio/gpio-mvebu.c linux-5.15.42-fbx/drivers/gpio/gpio-mvebu.c --- linux-5.15.42/drivers/gpio/gpio-mvebu.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/gpio/gpio-mvebu.c 2024-04-22 14:46:52.212112486 +0200 @@ -65,6 +65,11 @@ #define GPIO_LEVEL_MASK_OFF 0x001c #define GPIO_BLINK_CNT_SELECT_OFF 0x0020 +#define GPIO_CONTROL_SET_OFF 0x0028 +#define GPIO_CONTROL_CLR_OFF 0x002c +#define GPIO_DATAOUT_SET_OFF 0x0030 +#define GPIO_DATAOUT_CLR_OFF 0x0034 + /* * PWM register offsets. */ @@ -114,11 +119,13 @@ struct mvebu_gpio_chip { struct gpio_chip chip; struct regmap *regs; + void __iomem *base; u32 offset; struct regmap *percpu_regs; int irqbase; struct irq_domain *domain; int soc_variant; + int broken_mpp33_dir_wa; /* Used for PWM support */ struct clk *clk; @@ -304,6 +311,18 @@ { struct mvebu_gpio_chip *mvchip = gpiochip_get_data(chip); + if (mvchip->soc_variant == MVEBU_GPIO_SOC_VARIANT_A8K) { + unsigned int off; + + if (value) + off = GPIO_DATAOUT_SET_OFF; + else + off = GPIO_DATAOUT_CLR_OFF; + + writel(BIT(pin), mvchip->base + off + mvchip->offset); + return; + } + regmap_update_bits(mvchip->regs, GPIO_OUT_OFF + mvchip->offset, BIT(pin), value ? BIT(pin) : 0); } @@ -342,7 +361,7 @@ static int mvebu_gpio_direction_input(struct gpio_chip *chip, unsigned int pin) { struct mvebu_gpio_chip *mvchip = gpiochip_get_data(chip); - int ret; + int offset, ret; /* * Check with the pinctrl driver whether this pin is usable as @@ -352,7 +371,16 @@ if (ret) return ret; - regmap_update_bits(mvchip->regs, GPIO_IO_CONF_OFF + mvchip->offset, + offset = 0; + if (pin == 1 && mvchip->broken_mpp33_dir_wa) { + /* + * See comment in mvebu_gpio_direction_output(). + */ + offset = -0x40; + } + + regmap_update_bits(mvchip->regs, + GPIO_IO_CONF_OFF + mvchip->offset + offset, BIT(pin), BIT(pin)); return 0; @@ -362,7 +390,7 @@ int value) { struct mvebu_gpio_chip *mvchip = gpiochip_get_data(chip); - int ret; + int offset, ret; /* * Check with the pinctrl driver whether this pin is usable as @@ -375,7 +403,17 @@ mvebu_gpio_blink(chip, pin, 0); mvebu_gpio_set(chip, pin, value); - regmap_update_bits(mvchip->regs, GPIO_IO_CONF_OFF + mvchip->offset, + offset = 0; + if (pin == 1 && mvchip->broken_mpp33_dir_wa) { + /* + * gpio33 direction bit is not controlled from the + * gpio block 0, but from gpio block 1 instead + */ + offset = -0x40; + } + + regmap_update_bits(mvchip->regs, + GPIO_IO_CONF_OFF + mvchip->offset + offset, BIT(pin), 0); return 0; @@ -384,9 +422,18 @@ static int mvebu_gpio_get_direction(struct gpio_chip *chip, unsigned int pin) { struct mvebu_gpio_chip *mvchip = gpiochip_get_data(chip); + int offset; u32 u; - regmap_read(mvchip->regs, GPIO_IO_CONF_OFF + mvchip->offset, &u); + offset = 0; + if (pin == 1 && mvchip->broken_mpp33_dir_wa) { + /* + * See comment in mvebu_gpio_direction_output(). + */ + offset = -0x40; + } + + regmap_read(mvchip->regs, GPIO_IO_CONF_OFF + mvchip->offset + offset, &u); if (u & BIT(pin)) return GPIO_LINE_DIRECTION_IN; @@ -1077,6 +1124,8 @@ if (IS_ERR(mvchip->regs)) return PTR_ERR(mvchip->regs); + mvchip->base = base; + /* * For the legacy SoCs, the regmap directly maps to the GPIO * registers, so no offset is needed. @@ -1109,6 +1158,8 @@ if (IS_ERR(mvchip->regs)) return PTR_ERR(mvchip->regs); + mvchip->base = regmap_get_mmio_base_address(mvchip->regs); + if (of_property_read_u32(pdev->dev.of_node, "offset", &mvchip->offset)) return -EINVAL; @@ -1126,6 +1177,7 @@ bool have_irqs; int soc_variant; int i, cpu, id; + uint32_t broken_mpp33_dir = 0; int err; match = of_match_device(mvebu_gpio_of_match, &pdev->dev); @@ -1153,6 +1205,12 @@ return -ENODEV; } + of_property_read_u32(pdev->dev.of_node, "marvell,broken-mpp33-dir", + &broken_mpp33_dir); + if (broken_mpp33_dir) + dev_notice(&pdev->dev, "using direction set work around for " + "MPP 33.\n"); + id = of_alias_get_id(pdev->dev.of_node, "gpio"); if (id < 0) { dev_err(&pdev->dev, "Couldn't get OF id\n"); @@ -1164,6 +1222,7 @@ if (!IS_ERR(mvchip->clk)) clk_prepare_enable(mvchip->clk); + mvchip->broken_mpp33_dir_wa = broken_mpp33_dir; mvchip->soc_variant = soc_variant; mvchip->chip.label = dev_name(&pdev->dev); mvchip->chip.parent = &pdev->dev; diff -ruw linux-5.15.42/drivers/hid/Kconfig linux-5.15.42-fbx/drivers/hid/Kconfig --- linux-5.15.42/drivers/hid/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/hid/Kconfig 2024-04-22 14:46:53.452146365 +0200 @@ -468,6 +468,11 @@ help Support for ViewSonic/Signotec PD1011 signature pad. +config HID_FBX_REMOTE_AUDIO + tristate "Freebox BLE remote audio driver" + depends on HID && SND + select SND_PCM + config HID_GYRATION tristate "Gyration remote control" depends on HID diff -ruw linux-5.15.42/drivers/hid/Makefile linux-5.15.42-fbx/drivers/hid/Makefile --- linux-5.15.42/drivers/hid/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/hid/Makefile 2024-04-22 14:46:53.452146365 +0200 @@ -53,6 +53,7 @@ obj-$(CONFIG_HID_GOOGLE_HAMMER) += hid-google-hammer.o obj-$(CONFIG_HID_VIVALDI) += hid-vivaldi.o obj-$(CONFIG_HID_GT683R) += hid-gt683r.o +obj-$(CONFIG_HID_FBX_REMOTE_AUDIO) += hid-fbx-remote-audio.o obj-$(CONFIG_HID_GYRATION) += hid-gyration.o obj-$(CONFIG_HID_HOLTEK) += hid-holtek-kbd.o obj-$(CONFIG_HID_HOLTEK) += hid-holtek-mouse.o diff -ruw linux-5.15.42/drivers/hid/hid-quirks.c linux-5.15.42-fbx/drivers/hid/hid-quirks.c --- linux-5.15.42/drivers/hid/hid-quirks.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/hid/hid-quirks.c 2024-04-22 14:46:53.464146693 +0200 @@ -695,6 +695,7 @@ #if IS_ENABLED(CONFIG_HID_ZYDACRON) { HID_USB_DEVICE(USB_VENDOR_ID_ZYDACRON, USB_DEVICE_ID_ZYDACRON_REMOTE_CONTROL) }, #endif + { HID_BLUETOOTH_DEVICE(0x10eb, 0x0023) }, { } }; diff -ruw linux-5.15.42/drivers/hwmon/Kconfig linux-5.15.42-fbx/drivers/hwmon/Kconfig --- linux-5.15.42/drivers/hwmon/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/hwmon/Kconfig 2024-04-22 14:46:53.484147240 +0200 @@ -2178,6 +2178,17 @@ sensors monitor various telemetry data of different components on the card, e.g. board temperature, FPGA core temperature/voltage/current. +config SENSORS_KIRKWOOD_CORETEMP + tristate "Kirkwood core temperature censor" + depends on MACH_KIRKWOOD + +config SENSORS_LD6710_FBX + tristate "LD6710 hardware monitoring driver (as seen on Freebox hardware)" + depends on I2C + +config SENSORS_AP806 + tristate "Marvell AP806/CP110 hardware monitoring driver" + if ACPI comment "ACPI drivers" diff -ruw linux-5.15.42/drivers/hwmon/Makefile linux-5.15.42-fbx/drivers/hwmon/Makefile --- linux-5.15.42/drivers/hwmon/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/hwmon/Makefile 2024-04-22 14:46:53.488147349 +0200 @@ -96,6 +96,7 @@ obj-$(CONFIG_SENSORS_JC42) += jc42.o obj-$(CONFIG_SENSORS_K8TEMP) += k8temp.o obj-$(CONFIG_SENSORS_K10TEMP) += k10temp.o +obj-$(CONFIG_SENSORS_LD6710_FBX) += ld6710-fbx.o obj-$(CONFIG_SENSORS_LINEAGE) += lineage-pem.o obj-$(CONFIG_SENSORS_LOCHNAGAR) += lochnagar-hwmon.o obj-$(CONFIG_SENSORS_LM63) += lm63.o @@ -201,6 +202,8 @@ obj-$(CONFIG_SENSORS_WM831X) += wm831x-hwmon.o obj-$(CONFIG_SENSORS_WM8350) += wm8350-hwmon.o obj-$(CONFIG_SENSORS_XGENE) += xgene-hwmon.o +obj-$(CONFIG_SENSORS_KIRKWOOD_CORETEMP)+= kirkwood-coretemp.o +obj-$(CONFIG_SENSORS_AP806) += ap806-hwmon.o obj-$(CONFIG_SENSORS_OCC) += occ/ obj-$(CONFIG_PMBUS) += pmbus/ diff -ruw linux-5.15.42/drivers/hwmon/adt7475.c linux-5.15.42-fbx/drivers/hwmon/adt7475.c --- linux-5.15.42/drivers/hwmon/adt7475.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/hwmon/adt7475.c 2024-04-22 14:46:53.492147458 +0200 @@ -129,7 +129,19 @@ /* Macro to read the registers */ -#define adt7475_read(reg) i2c_smbus_read_byte_data(client, (reg)) +static inline s32 __adt7475_read(const struct i2c_client *client, u8 cmd) +{ + s32 ret; + + ret = i2c_smbus_read_byte_data(client, cmd); + if (ret < 0) { + printk("__adt7475_read error: %d\n", ret); + return 0; + } + return ret; +} + +#define adt7475_read(reg) __adt7475_read(client, (reg)) /* Macros to easily index the registers */ diff -ruw linux-5.15.42/drivers/hwmon/lm85.c linux-5.15.42-fbx/drivers/hwmon/lm85.c --- linux-5.15.42/drivers/hwmon/lm85.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/hwmon/lm85.c 2024-04-22 14:46:53.504147786 +0200 @@ -194,7 +194,7 @@ }; static const int adm1027_freq_map[] = { /* 1 Hz */ - 11, 15, 22, 29, 35, 44, 59, 88 + 11, 15, 22, 29, 35, 44, 59, 88, 88, 88, 25000 }; static int FREQ_TO_REG(const int *map, @@ -1424,10 +1424,28 @@ .attrs = lm85_attributes_in567, }; -static void lm85_init_client(struct i2c_client *client) +static void lm85_init_client(struct i2c_client *client, struct lm85_data *data) { int value; + /* workaround for emc2300 (emc6d103s), when auto temp min is + * the default value, pwm can never be controlled manually, so + * change this */ + if (data->type == emc6d103s) { + int nr; + + for (nr = 0; nr < 3; nr++) { + data->zone[nr].limit = TEMP_TO_REG(-127000); + lm85_write_value(client, LM85_REG_AFAN_LIMIT(nr), + data->zone[nr].limit); + + /* also force high frequency */ + data->pwm_freq[nr] = 0xa; + lm85_write_value(client, LM85_REG_AFAN_RANGE(nr), + data->pwm_freq[nr]); + } + } + /* Start monitoring if needed */ value = lm85_read_value(client, LM85_REG_CONFIG); if (!(value & 0x01)) { @@ -1589,7 +1607,7 @@ data->vrm = vid_which_vrm(); /* Initialize the LM85 chip */ - lm85_init_client(client); + lm85_init_client(client, data); /* sysfs hooks */ data->groups[idx++] = &lm85_group; diff -ruw linux-5.15.42/drivers/i2c/busses/Kconfig linux-5.15.42-fbx/drivers/i2c/busses/Kconfig --- linux-5.15.42/drivers/i2c/busses/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/i2c/busses/Kconfig 2024-04-22 14:46:53.540148770 +0200 @@ -478,7 +478,7 @@ config I2C_BRCMSTB tristate "BRCM Settop/DSL I2C controller" depends on ARCH_BCM2835 || ARCH_BRCMSTB || BMIPS_GENERIC || \ - ARCH_BCM_63XX || COMPILE_TEST + ARCH_BCM_63XX || ARCH_BCM63XX || COMPILE_TEST default y help If you say yes to this option, support will be included for the @@ -1359,6 +1359,10 @@ to SLIMpro (On chip coprocessor) mailbox mechanism. If unsure, say N. +config I2C_WP3 + tristate "Wintegra WP3 I2C controll" + depends on WINTEGRA_WINPATH3 + config SCx200_ACB tristate "Geode ACCESS.bus support" depends on X86_32 && PCI diff -ruw linux-5.15.42/drivers/i2c/busses/Makefile linux-5.15.42-fbx/drivers/i2c/busses/Makefile --- linux-5.15.42/drivers/i2c/busses/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/i2c/busses/Makefile 2024-04-22 14:46:53.540148770 +0200 @@ -119,6 +119,7 @@ obj-$(CONFIG_I2C_XLR) += i2c-xlr.o obj-$(CONFIG_I2C_XLP9XX) += i2c-xlp9xx.o obj-$(CONFIG_I2C_RCAR) += i2c-rcar.o +obj-$(CONFIG_I2C_WP3) += i2c-wp3.o # External I2C/SMBus adapter drivers obj-$(CONFIG_I2C_DIOLAN_U2C) += i2c-diolan-u2c.o diff -ruw linux-5.15.42/drivers/i2c/busses/i2c-mv64xxx.c linux-5.15.42-fbx/drivers/i2c/busses/i2c-mv64xxx.c --- linux-5.15.42/drivers/i2c/busses/i2c-mv64xxx.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/i2c/busses/i2c-mv64xxx.c 2024-04-22 14:46:53.548148988 +0200 @@ -319,6 +319,11 @@ case MV64XXX_I2C_STATUS_MAST_WR_NO_ACK: /* 30 */ case MV64XXX_I2C_STATUS_MAST_RD_ADDR_NO_ACK: /* 48 */ /* Doesn't seem to be a device at other end */ + dev_dbg(&drv_data->adapter.dev, + "mv64xxx_i2c_fsm: got no ack -- state: 0x%x, " + "status: 0x%x, addr: 0x%x, flags: 0x%x\n", + drv_data->state, status, drv_data->msg->addr, + drv_data->msg->flags); drv_data->action = MV64XXX_I2C_ACTION_SEND_STOP; drv_data->state = MV64XXX_I2C_STATE_IDLE; drv_data->rc = -ENXIO; @@ -580,6 +585,34 @@ int is_last) { unsigned long flags; + int limit; + + /* + * wait for (re)start/stop condition to clear from last + * transfer if any + */ + limit = 1000; + do { + u32 val; + + val = readl(drv_data->reg_base + drv_data->reg_offsets.control); + if (!(val & (MV64XXX_I2C_REG_CONTROL_STOP | + MV64XXX_I2C_REG_CONTROL_STOP))) + break; + + udelay(1); + } while (limit-- > 0); + + if (limit < 0) { + dev_err(&drv_data->adapter.dev, + "mv64xxx: start/stop bit won't clear\n"); + } + + /* according to datasheet, controller is buggy when you do + * register polling and it says to always wait for an IRQ + * (clock domain related), since we busywait for START/STOP + * clear, add a small delay */ + udelay(5); spin_lock_irqsave(&drv_data->lock, flags); @@ -587,6 +620,7 @@ drv_data->send_stop = is_last; drv_data->block = 1; + mv64xxx_i2c_send_start(drv_data); spin_unlock_irqrestore(&drv_data->lock, flags); @@ -993,7 +1027,7 @@ drv_data->adapter.dev.parent = &pd->dev; drv_data->adapter.algo = &mv64xxx_i2c_algo; drv_data->adapter.owner = THIS_MODULE; - drv_data->adapter.class = I2C_CLASS_DEPRECATED; + drv_data->adapter.class = I2C_CLASS_HWMON | I2C_CLASS_SPD; drv_data->adapter.nr = pd->id; drv_data->adapter.dev.of_node = pd->dev.of_node; platform_set_drvdata(pd, drv_data); diff -ruw linux-5.15.42/drivers/i2c/i2c-core-base.c linux-5.15.42-fbx/drivers/i2c/i2c-core-base.c --- linux-5.15.42/drivers/i2c/i2c-core-base.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/i2c/i2c-core-base.c 2024-04-22 14:46:53.560149316 +0200 @@ -248,12 +248,14 @@ bri->set_sda(adap, scl); ndelay(RECOVERY_NDELAY / 2); + if (0) { if (scl) { ret = i2c_generic_bus_free(adap); if (ret == 0) break; } } + } /* If we can't check bus status, assume recovery worked */ if (ret == -EOPNOTSUPP) diff -ruw linux-5.15.42/drivers/input/misc/Kconfig linux-5.15.42-fbx/drivers/input/misc/Kconfig --- linux-5.15.42/drivers/input/misc/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/input/misc/Kconfig 2024-04-22 14:46:53.780155327 +0200 @@ -892,4 +892,9 @@ To compile this driver as a module, choose M here: the module will be called stpmic1_onkey. +config INPUT_SMSC_CAP1066 + tristate "SMSC CAP1066 capacitive sensor driver" + select I2C + select INPUT_POLLDEV + endif diff -ruw linux-5.15.42/drivers/input/misc/Makefile linux-5.15.42-fbx/drivers/input/misc/Makefile --- linux-5.15.42/drivers/input/misc/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/input/misc/Makefile 2024-04-22 14:46:53.780155327 +0200 @@ -86,3 +86,4 @@ obj-$(CONFIG_INPUT_XEN_KBDDEV_FRONTEND) += xen-kbdfront.o obj-$(CONFIG_INPUT_YEALINK) += yealink.o obj-$(CONFIG_INPUT_IDEAPAD_SLIDEBAR) += ideapad_slidebar.o +obj-$(CONFIG_INPUT_SMSC_CAP1066) += smsc_cap1066.o diff -ruw linux-5.15.42/drivers/leds/Kconfig linux-5.15.42-fbx/drivers/leds/Kconfig --- linux-5.15.42/drivers/leds/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/leds/Kconfig 2024-04-22 14:46:53.924159261 +0200 @@ -871,6 +871,16 @@ This option enables support for the Power Button LED of Acer Iconia Tab A500. +config LEDS_LED1202 + tristate "LED support for STMicroElectronics LED1202" + depends on LEDS_CLASS && I2C && OF + help + This option enables support for the LED1202 12-channel + LED driver. + + To compile this driver as a module, choose M here: the module + will be called leds-led1202. + source "drivers/leds/blink/Kconfig" comment "Flash and Torch LED drivers" diff -ruw linux-5.15.42/drivers/leds/Makefile linux-5.15.42-fbx/drivers/leds/Makefile --- linux-5.15.42/drivers/leds/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/leds/Makefile 2024-04-22 14:46:53.924159261 +0200 @@ -87,6 +87,7 @@ obj-$(CONFIG_LEDS_WM831X_STATUS) += leds-wm831x-status.o obj-$(CONFIG_LEDS_WM8350) += leds-wm8350.o obj-$(CONFIG_LEDS_WRAP) += leds-wrap.o +obj-$(CONFIG_LEDS_LED1202) += leds-led1202.o # LED SPI Drivers obj-$(CONFIG_LEDS_CR0014114) += leds-cr0014114.o diff -ruw linux-5.15.42/drivers/media/dvb-core/dvb_frontend.c linux-5.15.42-fbx/drivers/media/dvb-core/dvb_frontend.c --- linux-5.15.42/drivers/media/dvb-core/dvb_frontend.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/media/dvb-core/dvb_frontend.c 2024-04-22 14:46:54.024161993 +0200 @@ -812,6 +812,7 @@ if (fe->exit != DVB_FE_DEVICE_REMOVED) fe->exit = DVB_FE_NORMAL_EXIT; mb(); + wake_up_all(&fepriv->events.wait_queue); if (!fepriv->thread) return; @@ -2739,6 +2740,9 @@ poll_wait(file, &fepriv->events.wait_queue, wait); + if (fe->exit) + return POLLERR | POLLHUP; + if (fepriv->events.eventw != fepriv->events.eventr) return (EPOLLIN | EPOLLRDNORM | EPOLLPRI); diff -ruw linux-5.15.42/drivers/media/rc/keymaps/Makefile linux-5.15.42-fbx/drivers/media/rc/keymaps/Makefile --- linux-5.15.42/drivers/media/rc/keymaps/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/media/rc/keymaps/Makefile 2024-04-22 14:46:54.224167458 +0200 @@ -97,6 +97,7 @@ rc-pv951.o \ rc-hauppauge.o \ rc-rc6-mce.o \ + rc-rc6-freebox.o \ rc-real-audio-220-32-keys.o \ rc-reddo.o \ rc-snapstream-firefly.o \ diff -ruw linux-5.15.42/drivers/media/usb/dvb-usb/dib0700_devices.c linux-5.15.42-fbx/drivers/media/usb/dvb-usb/dib0700_devices.c --- linux-5.15.42/drivers/media/usb/dvb-usb/dib0700_devices.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/media/usb/dvb-usb/dib0700_devices.c 2024-04-22 14:46:54.256168332 +0200 @@ -3907,6 +3907,7 @@ { USB_DEVICE(USB_VID_DIBCOM, USB_PID_DIBCOM_STK8096PVR) }, /* 85 */{ USB_DEVICE(USB_VID_HAMA, USB_PID_HAMA_DVBT_HYBRID) }, { USB_DEVICE(USB_VID_MICROSOFT, USB_PID_XBOX_ONE_TUNER) }, + { USB_DEVICE(USB_VID_DIBCOM, USB_PID_DIBCOM_HOOK_DEFAULT_STK7770P) }, { 0 } /* Terminating entry */ }; MODULE_DEVICE_TABLE(usb, dib0700_usb_id_table); @@ -5149,6 +5150,30 @@ { NULL }, }, }, + }, { DIB0700_DEFAULT_DEVICE_PROPERTIES, + .num_adapters = 1, + .adapter = { + { + DIB0700_NUM_FRONTENDS(1), + .fe = {{ + .caps = DVB_USB_ADAP_HAS_PID_FILTER | DVB_USB_ADAP_PID_FILTER_CAN_BE_TURNED_OFF, + .pid_filter_count = 32, + .pid_filter = stk70x0p_pid_filter, + .pid_filter_ctrl = stk70x0p_pid_filter_ctrl, + .frontend_attach = stk7770p_frontend_attach, + .tuner_attach = dib7770p_tuner_attach, + + DIB0700_DEFAULT_STREAMING_CONFIG(0x02), + }}, + }, + }, + .num_device_descs = 1, + .devices = { + { "DiBcom STK7770P reference design no IR", + { &dib0700_usb_id_table[87], NULL }, + { NULL }, + }, + }, }, }; diff -ruw linux-5.15.42/drivers/mfd/Kconfig linux-5.15.42-fbx/drivers/mfd/Kconfig --- linux-5.15.42/drivers/mfd/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mfd/Kconfig 2024-04-22 14:46:54.308169753 +0200 @@ -2054,6 +2054,16 @@ This driver provides common support for accessing the device, additional drivers must be enabled in order to use the functionality of the device. +config MFD_FBXGW7R_PANEL + tristate "Freebox fbxgw7r panel support" + depends on FB + depends on SPI_MASTER + depends on OF + select FB_SYS_FOPS + select FB_SYS_FILLRECT + select FB_SYS_COPYAREA + select FB_SYS_IMAGEBLIT + select FB_DEFERRED_IO config MFD_WCD934X tristate "Support for WCD9340/WCD9341 Codec" diff -ruw linux-5.15.42/drivers/mfd/Makefile linux-5.15.42-fbx/drivers/mfd/Makefile --- linux-5.15.42/drivers/mfd/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mfd/Makefile 2024-04-22 14:46:54.308169753 +0200 @@ -273,6 +273,7 @@ obj-$(CONFIG_MFD_ATC260X) += atc260x-core.o obj-$(CONFIG_MFD_ATC260X_I2C) += atc260x-i2c.o +obj-$(CONFIG_MFD_FBXGW7R_PANEL) += fbxgw7r-panel.o rsmu-i2c-objs := rsmu_core.o rsmu_i2c.o rsmu-spi-objs := rsmu_core.o rsmu_spi.o diff -ruw linux-5.15.42/drivers/misc/Kconfig linux-5.15.42-fbx/drivers/misc/Kconfig --- linux-5.15.42/drivers/misc/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/misc/Kconfig 2024-04-22 14:46:54.344170736 +0200 @@ -5,6 +5,9 @@ menu "Misc devices" +config WINTEGRA_MMAP + bool "wintegra mmap driver" + config SENSORS_LIS3LV02D tristate depends on INPUT @@ -380,6 +383,18 @@ To compile this driver as a module, choose M here: the module will be called vmw_balloon. +config INTELCE_PIC16PMU + tristate "PIC16 PMU, LED, hwmon support" + select INPUT_POLLDEV + select NEW_LEDS + select I2C + select HWMON + select ARCH_REQUIRE_GPIOLIB + help + Freebox v6 HD PIC16 PMU interface support, enables + control of the on-board LEDs and reports the power status, + reset status and button status. + config PCH_PHUB tristate "Intel EG20T PCH/LAPIS Semicon IOH(ML7213/ML7223/ML7831) PHUB" select GENERIC_NET_UTILS @@ -401,6 +416,15 @@ To compile this driver as a module, choose M here: the module will be called pch_phub. +config FBXSERIAL_OF + bool "read fbxserial through DT chosen node" + depends on OF + select ARCH_HAS_FBXSERIAL + +config RANDOM_OF + bool "get Linux PRNG random through dt chosen node." + depends on OF + config LATTICE_ECP3_CONFIG tristate "Lattice ECP3 FPGA bitstream configuration via SPI" depends on SPI && SYSFS @@ -487,4 +511,6 @@ source "drivers/misc/habanalabs/Kconfig" source "drivers/misc/uacce/Kconfig" source "drivers/misc/pvpanic/Kconfig" +source "drivers/misc/remoti/Kconfig" +source "drivers/misc/hdmi-cec/Kconfig" endmenu diff -ruw linux-5.15.42/drivers/misc/Makefile linux-5.15.42-fbx/drivers/misc/Makefile --- linux-5.15.42/drivers/misc/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/misc/Makefile 2024-04-22 14:46:54.344170736 +0200 @@ -3,6 +3,7 @@ # Makefile for misc devices that really don't fit anywhere else. # +obj-$(CONFIG_WINTEGRA_MMAP) += wintegra_mmap.o obj-$(CONFIG_IBM_ASM) += ibmasm/ obj-$(CONFIG_IBMVMC) += ibmvmc.o obj-$(CONFIG_AD525X_DPOT) += ad525x_dpot.o @@ -21,7 +22,10 @@ obj-$(CONFIG_SENSORS_APDS990X) += apds990x.o obj-$(CONFIG_ENCLOSURE_SERVICES) += enclosure.o obj-$(CONFIG_KGDB_TESTS) += kgdbts.o +obj-$(CONFIG_FBXSERIAL_OF) += fbxserial_of.o +obj-$(CONFIG_RANDOM_OF) += random_of.o obj-$(CONFIG_SGI_XP) += sgi-xp/ +obj-$(CONFIG_INTELCE_PIC16PMU) += pic16-pmu.o obj-$(CONFIG_SGI_GRU) += sgi-gru/ obj-$(CONFIG_CS5535_MFGPT) += cs5535-mfgpt.o obj-$(CONFIG_GEHC_ACHC) += gehc-achc.o @@ -37,6 +41,7 @@ obj-y += cb710/ obj-$(CONFIG_VMWARE_BALLOON) += vmw_balloon.o obj-$(CONFIG_PCH_PHUB) += pch_phub.o +obj-y += hdmi-cec/ obj-y += ti-st/ obj-y += lis3lv02d/ obj-$(CONFIG_ALTERA_STAPL) +=altera-stapl/ @@ -59,3 +64,4 @@ obj-$(CONFIG_XILINX_SDFEC) += xilinx_sdfec.o obj-$(CONFIG_HISI_HIKEY_USB) += hisi_hikey_usb.o obj-$(CONFIG_HI6421V600_IRQ) += hi6421v600-irq.o +obj-y += remoti/ diff -ruw linux-5.15.42/drivers/misc/eeprom/Kconfig linux-5.15.42-fbx/drivers/misc/eeprom/Kconfig --- linux-5.15.42/drivers/misc/eeprom/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/misc/eeprom/Kconfig 2024-04-22 14:46:54.352170955 +0200 @@ -130,4 +130,8 @@ This driver can also be built as a module. If so, the module will be called ee1004. +config EEPROM_EE1004_RAW + tristate "SPD EEPROMs on DDR4 memory modules (non smbus)" + depends on I2C && SYSFS + endmenu diff -ruw linux-5.15.42/drivers/misc/eeprom/Makefile linux-5.15.42-fbx/drivers/misc/eeprom/Makefile --- linux-5.15.42/drivers/misc/eeprom/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/misc/eeprom/Makefile 2023-03-09 16:41:54.887957334 +0100 @@ -8,3 +8,4 @@ obj-$(CONFIG_EEPROM_DIGSY_MTC_CFG) += digsy_mtc_eeprom.o obj-$(CONFIG_EEPROM_IDT_89HPESX) += idt_89hpesx.o obj-$(CONFIG_EEPROM_EE1004) += ee1004.o +obj-$(CONFIG_EEPROM_EE1004_RAW) += ee1004_raw.o diff -ruw linux-5.15.42/drivers/misc/eeprom/at24.c linux-5.15.42-fbx/drivers/misc/eeprom/at24.c --- linux-5.15.42/drivers/misc/eeprom/at24.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/misc/eeprom/at24.c 2024-04-22 14:46:54.352170955 +0200 @@ -597,7 +597,6 @@ struct at24_data *at24; struct regmap *regmap; bool writable; - u8 test_byte; int err; i2c_fn_i2c = i2c_check_functionality(client->adapter, I2C_FUNC_I2C); @@ -618,8 +617,10 @@ page_size = 1; flags = cdata->flags; +#ifndef CONFIG_NVMEM_IGNORE_RO if (device_property_present(dev, "read-only")) flags |= AT24_FLAG_READONLY; +#endif if (device_property_present(dev, "no-read-rollover")) flags |= AT24_FLAG_NO_RDROL; @@ -765,18 +766,6 @@ return PTR_ERR(at24->nvmem); } - /* - * Perform a one-byte test read to verify that the - * chip is functional. - */ - err = at24_read(at24, 0, &test_byte, 1); - if (err) { - pm_runtime_disable(dev); - if (!pm_runtime_status_suspended(dev)) - regulator_disable(at24->vcc_reg); - return -ENODEV; - } - pm_runtime_idle(dev); if (writable) diff -ruw linux-5.15.42/drivers/mmc/host/Kconfig linux-5.15.42-fbx/drivers/mmc/host/Kconfig --- linux-5.15.42/drivers/mmc/host/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mmc/host/Kconfig 2024-04-22 14:46:54.428173031 +0200 @@ -1034,7 +1034,7 @@ config MMC_SDHCI_BRCMSTB tristate "Broadcom SDIO/SD/MMC support" - depends on ARCH_BRCMSTB || BMIPS_GENERIC + depends on ARCH_BRCMSTB || BMIPS_GENERIC || ARCH_BCM63XX depends on MMC_SDHCI_PLTFM select MMC_CQHCI default y diff -ruw linux-5.15.42/drivers/mtd/Kconfig linux-5.15.42-fbx/drivers/mtd/Kconfig --- linux-5.15.42/drivers/mtd/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/Kconfig 2023-02-24 19:08:06.439275900 +0100 @@ -23,6 +23,9 @@ WARNING: some of the tests will ERASE entire MTD device which they test. Do not use these tests unless you really know what you do. +config MTD_ERASE_PRINTK + bool "write to kernel log when a block is erased" + menu "Partition parsers" source "drivers/mtd/parsers/Kconfig" endmenu diff -ruw linux-5.15.42/drivers/mtd/mtdblock.c linux-5.15.42-fbx/drivers/mtd/mtdblock.c --- linux-5.15.42/drivers/mtd/mtdblock.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/mtdblock.c 2024-04-22 14:46:54.464174015 +0200 @@ -322,10 +322,6 @@ if (!(mtd->flags & MTD_WRITEABLE)) dev->mbd.readonly = 1; - if (mtd_type_is_nand(mtd)) - pr_warn("%s: MTD device '%s' is NAND, please consider using UBI block devices instead.\n", - tr->name, mtd->name); - if (add_mtd_blktrans_dev(&dev->mbd)) kfree(dev); } diff -ruw linux-5.15.42/drivers/mtd/mtdchar.c linux-5.15.42-fbx/drivers/mtd/mtdchar.c --- linux-5.15.42/drivers/mtd/mtdchar.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/mtdchar.c 2024-04-22 14:46:54.464174015 +0200 @@ -168,6 +168,7 @@ { struct mtd_oob_ops ops = {}; + memset(&ops, 0, sizeof (ops)); ops.mode = MTD_OPS_RAW; ops.datbuf = kbuf; ops.oobbuf = NULL; @@ -262,6 +263,7 @@ { struct mtd_oob_ops ops = {}; + memset(&ops, 0, sizeof (ops)); ops.mode = MTD_OPS_RAW; ops.datbuf = kbuf; ops.oobbuf = NULL; @@ -748,6 +750,11 @@ erase->len = einfo32.length; } +#ifdef CONFIG_MTD_ERASE_PRINTK + printk(KERN_DEBUG "mtd: %s: ERASE offset=@%08llx\n", + mtd->name, erase->addr); +#endif + ret = mtd_erase(mtd, erase); kfree(erase); } diff -ruw linux-5.15.42/drivers/mtd/mtdcore.c linux-5.15.42-fbx/drivers/mtd/mtdcore.c --- linux-5.15.42/drivers/mtd/mtdcore.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/mtdcore.c 2024-04-22 14:46:54.464174015 +0200 @@ -308,6 +308,56 @@ } MTD_DEVICE_ATTR_RO(bbt_blocks); +static ssize_t mtd_nand_type_show(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct mtd_info *mtd = dev_get_drvdata(dev); + + return snprintf(buf, PAGE_SIZE, "%s\n", mtd->nand_type); +} +static DEVICE_ATTR(nand_type, S_IRUGO, mtd_nand_type_show, NULL); + +static ssize_t mtd_nand_manufacturer_show(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct mtd_info *mtd = dev_get_drvdata(dev); + + return snprintf(buf, PAGE_SIZE, "%s\n", mtd->nand_manufacturer); +} +static DEVICE_ATTR(nand_manufacturer, S_IRUGO, mtd_nand_manufacturer_show, NULL); + +static ssize_t mtd_nand_onfi_ecc_bits_show(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct mtd_info *mtd = dev_get_drvdata(dev); + + return snprintf(buf, PAGE_SIZE, "%d\n", mtd->onfi_ecc_bits); +} +static DEVICE_ATTR(onfi_ecc_bits, S_IRUGO, mtd_nand_onfi_ecc_bits_show, NULL); + +static ssize_t mtd_nand_onfi_model_show(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct mtd_info *mtd = dev_get_drvdata(dev); + + return snprintf(buf, PAGE_SIZE, "%s\n", + mtd->onfi_model ? mtd->onfi_model : "unknown"); +} +static DEVICE_ATTR(onfi_model, S_IRUGO, mtd_nand_onfi_model_show, NULL); + +static ssize_t mtd_nand_ids_show(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct mtd_info *mtd = dev_get_drvdata(dev); + + return snprintf(buf, PAGE_SIZE, "%02x%02x%02x%02x%02x%02x%02x%02x\n", + mtd->nand_ids[0], mtd->nand_ids[1], + mtd->nand_ids[2], mtd->nand_ids[3], + mtd->nand_ids[4], mtd->nand_ids[5], + mtd->nand_ids[6], mtd->nand_ids[7]); +} +static DEVICE_ATTR(nand_ids, S_IRUGO, mtd_nand_ids_show, NULL); + static struct attribute *mtd_attrs[] = { &dev_attr_type.attr, &dev_attr_flags.attr, @@ -326,6 +376,11 @@ &dev_attr_bad_blocks.attr, &dev_attr_bbt_blocks.attr, &dev_attr_bitflip_threshold.attr, + &dev_attr_nand_type.attr, + &dev_attr_nand_manufacturer.attr, + &dev_attr_onfi_ecc_bits.attr, + &dev_attr_onfi_model.attr, + &dev_attr_nand_ids.attr, NULL, }; ATTRIBUTE_GROUPS(mtd); diff -ruw linux-5.15.42/drivers/mtd/mtdpart.c linux-5.15.42-fbx/drivers/mtd/mtdpart.c --- linux-5.15.42/drivers/mtd/mtdpart.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/mtdpart.c 2024-04-22 14:46:54.464174015 +0200 @@ -67,6 +67,11 @@ child->oobsize = parent->oobsize; child->oobavail = parent->oobavail; child->subpage_sft = parent->subpage_sft; + child->nand_type = parent->nand_type; + child->nand_manufacturer = parent->nand_manufacturer; + child->onfi_ecc_bits = parent->onfi_ecc_bits; + child->onfi_model = parent->onfi_model; + memcpy(child->nand_ids, parent->nand_ids, 8); child->name = name; child->owner = parent->owner; diff -ruw linux-5.15.42/drivers/mtd/nand/ecc-sw-bch.c linux-5.15.42-fbx/drivers/mtd/nand/ecc-sw-bch.c --- linux-5.15.42/drivers/mtd/nand/ecc-sw-bch.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/nand/ecc-sw-bch.c 2023-02-24 19:08:29.031890040 +0100 @@ -67,7 +67,8 @@ errloc[i]); } } else if (count < 0) { - pr_err("ECC unrecoverable error\n"); + if (printk_ratelimit()) + pr_err("ecc unrecoverable error\n"); count = -EBADMSG; } diff -ruw linux-5.15.42/drivers/mtd/nand/ecc-sw-hamming.c linux-5.15.42-fbx/drivers/mtd/nand/ecc-sw-hamming.c --- linux-5.15.42/drivers/mtd/nand/ecc-sw-hamming.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/nand/ecc-sw-hamming.c 2024-04-22 14:46:54.468174124 +0200 @@ -437,6 +437,7 @@ if ((bitsperbyte[b0] + bitsperbyte[b1] + bitsperbyte[b2]) == 1) return 1; /* error in ECC data; no action needed */ + if (printk_ratelimit()) pr_err("%s: uncorrectable ECC error\n", __func__); return -EBADMSG; } diff -ruw linux-5.15.42/drivers/mtd/nand/raw/Kconfig linux-5.15.42-fbx/drivers/mtd/nand/raw/Kconfig --- linux-5.15.42/drivers/mtd/nand/raw/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/nand/raw/Kconfig 2024-04-22 14:46:54.468174124 +0200 @@ -12,6 +12,14 @@ comment "Raw/parallel NAND flash controllers" +config MTD_FORCE_BAD_BLOCK_ERASE + bool "Force erase on bad blocks (useful for bootloader parts)" + default n + help + Enable this option only when you need to force an erase on + blocks being marked as "bad" by Linux (i.e: other ECC/bad block + marker layout). + config MTD_NAND_DENALI tristate @@ -31,6 +39,18 @@ Enable the driver for NAND flash on platforms using a Denali NAND controller as a DT device. +config MTD_NAND_DENALI_FBX + tristate "NAND Denali controller support" + depends on PCI + select BCH_CONST_PARAMS + +if MTD_NAND_DENALI_FBX + config BCH_CONST_M + default 13 + config BCH_CONST_T + default 4 +endif + config MTD_NAND_AMS_DELTA tristate "Amstrad E3 NAND controller" depends on MACH_AMS_DELTA || COMPILE_TEST diff -ruw linux-5.15.42/drivers/mtd/nand/raw/Makefile linux-5.15.42-fbx/drivers/mtd/nand/raw/Makefile --- linux-5.15.42/drivers/mtd/nand/raw/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/nand/raw/Makefile 2024-04-22 14:46:54.468174124 +0200 @@ -8,6 +8,7 @@ obj-$(CONFIG_MTD_NAND_DENALI) += denali.o obj-$(CONFIG_MTD_NAND_DENALI_PCI) += denali_pci.o obj-$(CONFIG_MTD_NAND_DENALI_DT) += denali_dt.o +obj-$(CONFIG_MTD_NAND_DENALI_FBX) += denali_nand.o obj-$(CONFIG_MTD_NAND_AU1550) += au1550nd.o obj-$(CONFIG_MTD_NAND_S3C2410) += s3c2410.o obj-$(CONFIG_MTD_NAND_DAVINCI) += davinci_nand.o diff -ruw linux-5.15.42/drivers/mtd/nand/raw/nand_base.c linux-5.15.42-fbx/drivers/mtd/nand/raw/nand_base.c --- linux-5.15.42/drivers/mtd/nand/raw/nand_base.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/nand/raw/nand_base.c 2024-04-22 14:46:54.484174561 +0200 @@ -4500,6 +4500,7 @@ while (len) { /* Check if we have a bad block, we do not erase bad blocks! */ +#ifndef CONFIG_MTD_FORCE_BAD_BLOCK_ERASE if (nand_block_checkbad(chip, ((loff_t) page) << chip->page_shift, allowbbt)) { pr_warn("%s: attempt to erase a bad block at page 0x%08x\n", @@ -4507,6 +4508,7 @@ ret = -EIO; goto erase_exit; } +#endif /* * Invalidate the page cache, if we erase the block which @@ -5161,6 +5163,15 @@ pr_info("%d MiB, %s, erase size: %d KiB, page size: %d, OOB size: %d\n", (int)(targetsize >> 20), nand_is_slc(chip) ? "SLC" : "MLC", mtd->erasesize >> 10, mtd->writesize, mtd->oobsize); + + mtd->nand_type = chip->parameters.model; + mtd->nand_manufacturer = nand_manufacturer_name(manufacturer_desc); + if (chip->parameters.onfi) { + mtd->onfi_ecc_bits = chip->ecc.strength; + mtd->onfi_model = chip->parameters.model; + } + memcpy(mtd->nand_ids, id_data, 8); + return 0; free_detect_allocation: @@ -5691,7 +5702,9 @@ ecc->read_page_raw = nand_read_page_raw; if (!ecc->write_page_raw) ecc->write_page_raw = nand_write_page_raw; + if (!ecc->read_oob) ecc->read_oob = nand_read_oob_std; + if (!ecc->write_oob) ecc->write_oob = nand_write_oob_std; if (!ecc->size) ecc->size = 256; @@ -5722,7 +5735,9 @@ ecc->read_page_raw = nand_read_page_raw; if (!ecc->write_page_raw) ecc->write_page_raw = nand_write_page_raw; + if (!ecc->read_oob) ecc->read_oob = nand_read_oob_std; + if (!ecc->write_oob) ecc->write_oob = nand_write_oob_std; /* @@ -6259,7 +6274,7 @@ /* Large page NAND with SOFT_ECC should support subpage reads */ switch (ecc->engine_type) { case NAND_ECC_ENGINE_TYPE_SOFT: - if (chip->page_shift > 9) + if (chip->page_shift > 9 && !(chip->options & NAND_NO_RNDOUT)) chip->options |= NAND_SUBPAGE_READ; break; diff -ruw linux-5.15.42/drivers/mtd/nand/raw/nand_ids.c linux-5.15.42-fbx/drivers/mtd/nand/raw/nand_ids.c --- linux-5.15.42/drivers/mtd/nand/raw/nand_ids.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/nand/raw/nand_ids.c 2024-04-22 14:46:54.484174561 +0200 @@ -51,9 +51,15 @@ { .id = {0xad, 0xde, 0x94, 0xda, 0x74, 0xc4} }, SZ_8K, SZ_8K, SZ_2M, NAND_NEED_SCRAMBLING, 6, 640, NAND_ECC_INFO(40, SZ_1K) }, + {"TC58NVG1S3EBAI4 256MiB 3.3V 8-bit", + { .id = {0x98, 0xda, 0x90, 0x15, 0x76, 0x14, 0x03} }, + SZ_2K, SZ_256, SZ_128K, 0, 7, 64, NAND_ECC_INFO(1, SZ_512) }, {"TH58NVG2S3HBAI4 4G 3.3V 8-bit", { .id = {0x98, 0xdc, 0x91, 0x15, 0x76} }, SZ_2K, SZ_512, SZ_128K, 0, 5, 128, NAND_ECC_INFO(8, SZ_512) }, + {"K9F2G08U0C 256MiB 3.3V 8-bit", + { .id = {0xec, 0xda, 0x10, 0x95, 0x44} }, + SZ_2K, SZ_256, SZ_128K, 0, 5, 64, NAND_ECC_INFO(1, SZ_512) }, LEGACY_ID_NAND("NAND 4MiB 5V 8-bit", 0x6B, 4, SZ_8K, SP_OPTIONS), LEGACY_ID_NAND("NAND 4MiB 3,3V 8-bit", 0xE3, 4, SZ_8K, SP_OPTIONS), diff -ruw linux-5.15.42/drivers/mtd/nand/raw/nand_samsung.c linux-5.15.42-fbx/drivers/mtd/nand/raw/nand_samsung.c --- linux-5.15.42/drivers/mtd/nand/raw/nand_samsung.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/nand/raw/nand_samsung.c 2023-03-15 19:52:23.521979297 +0100 @@ -118,6 +118,38 @@ nanddev_set_ecc_requirements(base, &requirements); } +static int +k9f2g08u0c_choose_interface_config(struct nand_chip *chip, + struct nand_interface_config *iface) +{ + struct nand_sdr_timings *sdr = &iface->timings.sdr; + + /* Start with timings from the closest timing mode, mode 4. */ + onfi_fill_interface_config(chip, iface, NAND_SDR_IFACE, 4); + + /* Patch timings that differ from mode 4. */ + sdr->tR_max = 40000000; + sdr->tALS_min = 12000; + sdr->tCLS_min = 12000; + sdr->tDS_min = 12000; + sdr->tREH_min = 15000; + sdr->tWHR_min = 60000; + + /* Patch timings not part of onfi timing mode. */ + sdr->tPROG_max = 750000000; + sdr->tBERS_max = 10000000000ULL; + + return nand_choose_best_sdr_timings(chip, iface, sdr); +} + +static int k9f2g08u0c_init(struct nand_chip *chip) +{ + chip->ops.choose_interface_config = + &k9f2g08u0c_choose_interface_config; + + return 0; +} + static int samsung_nand_init(struct nand_chip *chip) { struct mtd_info *mtd = nand_to_mtd(chip); @@ -130,6 +162,10 @@ else chip->options |= NAND_BBM_FIRSTPAGE | NAND_BBM_SECONDPAGE; + if (!strncmp("K9F2G08U0C", chip->parameters.model, + sizeof("K9F2G08U0C") - 1)) + k9f2g08u0c_init(chip); + return 0; } diff -ruw linux-5.15.42/drivers/mtd/nand/raw/nand_toshiba.c linux-5.15.42-fbx/drivers/mtd/nand/raw/nand_toshiba.c --- linux-5.15.42/drivers/mtd/nand/raw/nand_toshiba.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/nand/raw/nand_toshiba.c 2024-04-22 14:46:54.484174561 +0200 @@ -217,6 +217,34 @@ } static int +tc58nvg1s3ebai4_choose_interface_config(struct nand_chip *chip, + struct nand_interface_config *iface) +{ + struct nand_sdr_timings *sdr = &iface->timings.sdr; + + /* Start with timings from the closest timing mode, mode 4. */ + onfi_fill_interface_config(chip, iface, NAND_SDR_IFACE, 4); + + /* Patch timings that differ from mode 4. */ + sdr->tR_max = 25000000; + sdr->tALS_min = 12000; + sdr->tCHZ_max = 20000; + sdr->tCLS_min = 12000; + sdr->tCOH_min = 0; + sdr->tDS_min = 12000; + sdr->tRHOH_min = 22000; + sdr->tRHW_min = 30000; + sdr->tRHZ_max = 60000; + sdr->tWHR_min = 60000; + + /* Patch timings not part of onfi timing mode. */ + sdr->tPROG_max = 700000000; + sdr->tBERS_max = 10000000000ULL; + + return nand_choose_best_sdr_timings(chip, iface, sdr); +} + +static int th58nvg2s3hbai4_choose_interface_config(struct nand_chip *chip, struct nand_interface_config *iface) { @@ -263,6 +291,14 @@ return 0; } +static int tc58nvg1s3ebai4_init(struct nand_chip *chip) +{ + chip->ops.choose_interface_config = + &tc58nvg1s3ebai4_choose_interface_config; + + return 0; +} + static int th58nvg2s3hbai4_init(struct nand_chip *chip) { chip->ops.choose_interface_config = @@ -287,6 +323,9 @@ if (!strncmp("TC58NVG0S3E", chip->parameters.model, sizeof("TC58NVG0S3E") - 1)) tc58nvg0s3e_init(chip); + if (!strncmp("TC58NVG1S3EBAI4", chip->parameters.model, + sizeof("TC58NVG1S3EBAI4") - 1)) + tc58nvg1s3ebai4_init(chip); if (!strncmp("TH58NVG2S3HBAI4", chip->parameters.model, sizeof("TH58NVG2S3HBAI4") - 1)) th58nvg2s3hbai4_init(chip); diff -ruw linux-5.15.42/drivers/mtd/parsers/Kconfig linux-5.15.42-fbx/drivers/mtd/parsers/Kconfig --- linux-5.15.42/drivers/mtd/parsers/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/parsers/Kconfig 2024-04-22 14:46:54.492174780 +0200 @@ -86,6 +86,10 @@ two "firmware" partitions. Currently used firmware has to be detected using CFE environment variable. +config MTD_OF_PARTS_IGNORE_RO + bool "ignore read-only flag" + depends on MTD_OF_PARTS + config MTD_PARSER_IMAGETAG tristate "Parser for BCM963XX Image Tag format partitions" depends on BCM63XX || BMIPS_GENERIC || COMPILE_TEST @@ -186,3 +190,14 @@ help This provides support for parsing partitions from Shared Memory (SMEM) for NAND and SPI flash on Qualcomm platforms. + +config MTD_FBX6HD_PARTS + tristate "Freebox V6 HD partitioning support" + help + Freebox V6 HD partitioning support + +config MTD_FBX6HD_PARTS_WRITE_ALL + bool "make all partitions writeable" + depends on MTD_FBX6HD_PARTS + help + Freebox V6 HD partitions support diff -ruw linux-5.15.42/drivers/mtd/parsers/Makefile linux-5.15.42-fbx/drivers/mtd/parsers/Makefile --- linux-5.15.42/drivers/mtd/parsers/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/parsers/Makefile 2024-04-22 14:46:54.492174780 +0200 @@ -13,3 +13,4 @@ obj-$(CONFIG_MTD_SHARPSL_PARTS) += sharpslpart.o obj-$(CONFIG_MTD_REDBOOT_PARTS) += redboot.o obj-$(CONFIG_MTD_QCOMSMEM_PARTS) += qcomsmempart.o +obj-$(CONFIG_MTD_FBX6HD_PARTS) += fbx6hd-mtdparts.o diff -ruw linux-5.15.42/drivers/mtd/parsers/ofpart_core.c linux-5.15.42-fbx/drivers/mtd/parsers/ofpart_core.c --- linux-5.15.42/drivers/mtd/parsers/ofpart_core.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/parsers/ofpart_core.c 2024-04-22 14:46:54.492174780 +0200 @@ -138,8 +138,10 @@ partname = of_get_property(pp, "name", &len); parts[i].name = partname; +#ifndef CONFIG_MTD_OF_PARTS_IGNORE_RO if (of_get_property(pp, "read-only", &len)) parts[i].mask_flags |= MTD_WRITEABLE; +#endif if (of_get_property(pp, "lock", &len)) parts[i].mask_flags |= MTD_POWERUP_LOCK; diff -ruw linux-5.15.42/drivers/mtd/spi-nor/atmel.c linux-5.15.42-fbx/drivers/mtd/spi-nor/atmel.c --- linux-5.15.42/drivers/mtd/spi-nor/atmel.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/spi-nor/atmel.c 2024-04-22 14:46:54.492174780 +0200 @@ -190,6 +190,10 @@ .fixups = &atmel_global_protection_fixups }, { "at45db081d", INFO(0x1f2500, 0, 64 * 1024, 16, SECT_4K) }, + + /* Used on Freebox Gateways ... */ + { "at25f512b", INFO(0x1f6500, 0x1f65, 32 * 1024, 2, + ALT_PROBE_ATMEL) }, }; const struct spi_nor_manufacturer spi_nor_atmel = { diff -ruw linux-5.15.42/drivers/mtd/spi-nor/core.c linux-5.15.42-fbx/drivers/mtd/spi-nor/core.c --- linux-5.15.42/drivers/mtd/spi-nor/core.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/spi-nor/core.c 2024-04-22 14:46:54.496174889 +0200 @@ -890,6 +890,18 @@ return spi_nor_wait_till_ready(nor); } +static void sst_ewrsr(struct spi_nor *nor) +{ + struct spi_mem_op op = + SPI_MEM_OP(SPI_MEM_OP_CMD(SPINOR_OP_EWRSR, 1), + SPI_MEM_OP_NO_ADDR, + SPI_MEM_OP_NO_DUMMY, + SPI_MEM_OP_NO_DATA); + + BUG_ON(!nor->spimem); + spi_mem_exec_op(nor->spimem, &op); +} + /** * spi_nor_write_sr() - Write the Status Register. * @nor: pointer to 'struct spi_nor'. @@ -906,6 +918,9 @@ if (ret) return ret; + if (nor->info->flags & SST_EWRSR) + sst_ewrsr(nor); + if (nor->spimem) { struct spi_mem_op op = SPI_MEM_OP(SPI_MEM_OP_CMD(SPINOR_OP_WRSR, 0), @@ -1863,6 +1878,40 @@ return NULL; } +static const struct flash_info * +spi_nor_search_part_by_alt_id(const struct flash_info *parts, + unsigned int nparts, + const u32 id) + +{ + int i; + + for (i = 0; i < nparts; i++) { + const struct flash_info *info = &parts[i]; + if ((info->flags & ALT_PROBE) && (info->ext_id == id)) + return info; + } + + return NULL; +} + +static const struct flash_info * +spi_nor_search_part_by_atmel_id(const struct flash_info *parts, + unsigned int nparts, + const u32 id) + +{ + int i; + + for (i = 0; i < nparts; i++) { + const struct flash_info *info = &parts[i]; + if ((info->flags & ALT_PROBE_ATMEL) && (info->ext_id == id)) + return info; + } + + return NULL; +} + static const struct flash_info *spi_nor_read_id(struct spi_nor *nor) { const struct flash_info *info; @@ -1902,6 +1951,80 @@ return ERR_PTR(-ENODEV); } +static const struct flash_info *spi_nor_alt_read_id(struct spi_nor *nor) +{ + u8 data[2]; + u16 id; + int err; + size_t i; + const struct flash_info *info; + struct spi_mem_op op = + SPI_MEM_OP(SPI_MEM_OP_CMD(SPINOR_OP_RDID_ALT, 1), + SPI_MEM_OP_ADDR(3, 0, 1), + SPI_MEM_OP_NO_DUMMY, + SPI_MEM_OP_DATA_IN(sizeof (data), data, 1)); + + BUG_ON(!nor->spimem); + + err = spi_mem_exec_op(nor->spimem, &op); + if (err < 0) { + dev_err(nor->dev, "error %d reading alt ID\n", err); + return ERR_PTR(err); + } + + id = (data[1] << 8) | data[0]; + + for (i = 0; i < ARRAY_SIZE(manufacturers); i++) { + info = spi_nor_search_part_by_alt_id(manufacturers[i]->parts, + manufacturers[i]->nparts, + id); + if (info) { + nor->manufacturer = manufacturers[i]; + return info; + } + } + + + dev_err(nor->dev, "unrecognized ALT id %04x\n", id); + return ERR_PTR(-ENODEV); +} + +static const struct flash_info *spi_nor_atmel_id(struct spi_nor *nor) +{ + u8 data[2]; + u16 id; + int err; + size_t i; + const struct flash_info *info; + struct spi_mem_op op = + SPI_MEM_OP(SPI_MEM_OP_CMD(0x15, 1), + SPI_MEM_OP_NO_ADDR, + SPI_MEM_OP_NO_DUMMY, + SPI_MEM_OP_DATA_IN(sizeof (data), data, 1)); + + BUG_ON(!nor->spimem); + + err = spi_mem_exec_op(nor->spimem, &op); + if (err < 0) { + dev_err(nor->dev, "error %d reading atmel ID\n", err); + return ERR_PTR(err); + } + id = (data[1] << 8) | data[0]; + + for (i = 0; i < ARRAY_SIZE(manufacturers); i++) { + info = spi_nor_search_part_by_atmel_id(manufacturers[i]->parts, + manufacturers[i]->nparts, + id); + if (info) { + nor->manufacturer = manufacturers[i]; + return info; + } + } + + dev_err(nor->dev, "unrecognized ATMEL id %04x\n", id); + return ERR_PTR(-ENODEV); +} + static int spi_nor_read(struct mtd_info *mtd, loff_t from, size_t len, size_t *retlen, u_char *buf) { @@ -2978,6 +3101,15 @@ return NULL; } +static void sst_write_enable(struct spi_nor *nor) +{ + u8 zero = 0; + + spi_nor_write_enable(nor); + sst_ewrsr(nor); + spi_nor_write_sr(nor, &zero, sizeof (zero)); +} + static int spi_nor_set_addr_width(struct spi_nor *nor) { if (nor->addr_width) { @@ -3051,6 +3183,12 @@ if (name && info->id_len) { const struct flash_info *jinfo; + jinfo = spi_nor_alt_read_id(nor); + if (IS_ERR(jinfo)) + /* try ATMEL */ + jinfo = spi_nor_atmel_id(nor); + if (IS_ERR(jinfo)) + /* try JEDEC */ jinfo = spi_nor_read_id(nor); if (IS_ERR(jinfo)) { return jinfo; @@ -3132,6 +3270,9 @@ if (ret) return ret; + if (info->flags & SST_EWRSR) + sst_write_enable(nor); + if (!mtd->name) mtd->name = dev_name(dev); mtd->priv = nor; diff -ruw linux-5.15.42/drivers/mtd/spi-nor/core.h linux-5.15.42-fbx/drivers/mtd/spi-nor/core.h --- linux-5.15.42/drivers/mtd/spi-nor/core.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/spi-nor/core.h 2024-04-22 14:46:54.496174889 +0200 @@ -312,6 +312,7 @@ struct flash_info { char *name; + uint32_t ext_id; /* * This array stores the ID bytes. @@ -383,6 +384,9 @@ * power-up in a write-protected state. */ +#define ALT_PROBE BIT(23) /* only match during alt_probe */ +#define ALT_PROBE_ATMEL BIT(24) /* only match during alt_probe_atmel */ +#define SST_EWRSR BIT(25) /* EWRSR opcode before WRSR */ const struct spi_nor_otp_organization otp_org; /* Part specific fixup hooks. */ @@ -391,6 +395,7 @@ /* Used when the "_ext_id" is two bytes at most */ #define INFO(_jedec_id, _ext_id, _sector_size, _n_sectors, _flags) \ + .ext_id = (_ext_id), \ .id = { \ ((_jedec_id) >> 16) & 0xff, \ ((_jedec_id) >> 8) & 0xff, \ @@ -405,6 +410,7 @@ .flags = (_flags), #define INFO6(_jedec_id, _ext_id, _sector_size, _n_sectors, _flags) \ + .ext_id = (_ext_id), \ .id = { \ ((_jedec_id) >> 16) & 0xff, \ ((_jedec_id) >> 8) & 0xff, \ diff -ruw linux-5.15.42/drivers/mtd/spi-nor/eon.c linux-5.15.42-fbx/drivers/mtd/spi-nor/eon.c --- linux-5.15.42/drivers/mtd/spi-nor/eon.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/spi-nor/eon.c 2024-04-22 14:46:54.496174889 +0200 @@ -25,6 +25,10 @@ { "en25qh128", INFO(0x1c7018, 0, 64 * 1024, 256, 0) }, { "en25qh256", INFO(0x1c7019, 0, 64 * 1024, 512, 0) }, { "en25s64", INFO(0x1c3817, 0, 64 * 1024, 128, SECT_4K) }, + + /* Used on Freebox Gateways ... */ + { "en25f05", INFO(0x1c0500, 0x1c05, 64 * 1024, 1, + ALT_PROBE | SECT_4K) }, }; const struct spi_nor_manufacturer spi_nor_eon = { diff -ruw linux-5.15.42/drivers/mtd/spi-nor/macronix.c linux-5.15.42-fbx/drivers/mtd/spi-nor/macronix.c --- linux-5.15.42/drivers/mtd/spi-nor/macronix.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/spi-nor/macronix.c 2024-04-22 14:46:54.500174999 +0200 @@ -87,6 +87,10 @@ { "mx66u2g45g", INFO(0xc2253c, 0, 64 * 1024, 4096, SECT_4K | SPI_NOR_DUAL_READ | SPI_NOR_QUAD_READ | SPI_NOR_4B_OPCODES) }, + + /* Used on Freebox Gateways ... */ + { "mx25l512", INFO(0xc20500, 0xc205, 64 * 1024, 1, + ALT_PROBE | SECT_4K) }, }; static void macronix_default_init(struct spi_nor *nor) diff -ruw linux-5.15.42/drivers/mtd/spi-nor/sst.c linux-5.15.42-fbx/drivers/mtd/spi-nor/sst.c --- linux-5.15.42/drivers/mtd/spi-nor/sst.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/mtd/spi-nor/sst.c 2024-04-22 14:46:54.500174999 +0200 @@ -89,6 +89,9 @@ SECT_4K | SPI_NOR_DUAL_READ | SPI_NOR_QUAD_READ | SPI_NOR_HAS_LOCK | SPI_NOR_SWP_IS_VOLATILE) .fixups = &sst26vf_fixups }, + + /* Used on Freebox Gateways ... */ + { "sst25vf512a", INFO(0xbf4800, 0xbf48, 32 * 1024, 2, ALT_PROBE | SST_EWRSR) }, }; static int sst_write(struct mtd_info *mtd, loff_t to, size_t len, diff -ruw linux-5.15.42/drivers/net/ethernet/Kconfig linux-5.15.42-fbx/drivers/net/ethernet/Kconfig --- linux-5.15.42/drivers/net/ethernet/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/ethernet/Kconfig 2024-04-22 14:46:54.568176857 +0200 @@ -183,6 +183,7 @@ source "drivers/net/ethernet/tundra/Kconfig" source "drivers/net/ethernet/via/Kconfig" source "drivers/net/ethernet/wiznet/Kconfig" +source "drivers/net/ethernet/wintegra/Kconfig" source "drivers/net/ethernet/xilinx/Kconfig" source "drivers/net/ethernet/xircom/Kconfig" diff -ruw linux-5.15.42/drivers/net/ethernet/Makefile linux-5.15.42-fbx/drivers/net/ethernet/Makefile --- linux-5.15.42/drivers/net/ethernet/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/ethernet/Makefile 2024-04-22 14:46:54.572176966 +0200 @@ -93,6 +93,7 @@ obj-$(CONFIG_NET_VENDOR_TUNDRA) += tundra/ obj-$(CONFIG_NET_VENDOR_VIA) += via/ obj-$(CONFIG_NET_VENDOR_WIZNET) += wiznet/ +obj-$(CONFIG_NET_VENDOR_WINTEGRA) += wintegra/ obj-$(CONFIG_NET_VENDOR_XILINX) += xilinx/ obj-$(CONFIG_NET_VENDOR_XIRCOM) += xircom/ obj-$(CONFIG_NET_VENDOR_SYNOPSYS) += synopsys/ diff -ruw linux-5.15.42/drivers/net/ethernet/atheros/atl1c/atl1c_main.c linux-5.15.42-fbx/drivers/net/ethernet/atheros/atl1c/atl1c_main.c --- linux-5.15.42/drivers/net/ethernet/atheros/atl1c/atl1c_main.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/ethernet/atheros/atl1c/atl1c_main.c 2024-04-22 14:46:54.600177731 +0200 @@ -811,6 +811,7 @@ hw->subsystem_id = pdev->subsystem_device; pci_read_config_dword(pdev, PCI_CLASS_REVISION, &revision); hw->revision_id = revision & 0xFF; + /* before link up, we assume hibernate is true */ hw->hibernate = true; hw->media_type = MEDIA_TYPE_AUTO_SENSOR; @@ -1768,10 +1769,13 @@ u32 queue, bool napi_mode) { struct atl1c_rrd_ring *rrd_ring = &adapter->rrd_ring[queue]; + struct atl1c_hw *hw = &adapter->hw; struct sk_buff *skb; struct page *page; if (adapter->rx_frag_size > PAGE_SIZE) { + /* ip_align seems not to work on this model */ + WARN_ON_ONCE(hw->nic_type == athr_l1d_2); if (likely(napi_mode)) return napi_alloc_skb(&rrd_ring->napi, adapter->rx_buffer_len); @@ -1792,6 +1796,10 @@ skb = build_skb(page_address(page) + rrd_ring->rx_page_offset, adapter->rx_frag_size); if (likely(skb)) { + /* ip_align seems not to work on this model */ + if (hw->nic_type == athr_l1d_2) + skb_reserve(skb, NET_SKB_PAD); + else skb_reserve(skb, NET_SKB_PAD + NET_IP_ALIGN); rrd_ring->rx_page_offset += adapter->rx_frag_size; if (rrd_ring->rx_page_offset >= PAGE_SIZE) diff -ruw linux-5.15.42/drivers/net/ethernet/broadcom/Kconfig linux-5.15.42-fbx/drivers/net/ethernet/broadcom/Kconfig --- linux-5.15.42/drivers/net/ethernet/broadcom/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/ethernet/broadcom/Kconfig 2024-04-22 14:46:54.600177731 +0200 @@ -68,6 +68,45 @@ This driver supports the ethernet MACs in the Broadcom 63xx MIPS chipset family (BCM63XX). +config BCM63XX_ENET_RUNNER + tristate "Broadcom 63xx (63138) runner ethernet support" + select MII + select FIXED_PHY + select PHYLIB + select BCM7XXX_PHY + select BROADCOM_PHY + select SOC_BCM63XX_RDP + +config BCM63158_SF2 + tristate "Broadcom 63158 SF2 support" + select MII + select PHYLINK + select BCM7XXX_PHY + select BROADCOM_PHY + select NET_DSA + select NET_DSA_TAG_BRCM_FBX + +config BCM63158_SYSTEMPORT + tristate "Broadcom 63158 SYSTEMPORT internal MAC support" + depends on OF + select MII + select PHYLINK + +config BCM63158_ENET_RUNNER + tristate "Broadcom 63158 runner ethernet support" + select MII + select PHYLINK + select SOC_BCM63XX_XRDP + +config BCM63158_ENET_RUNNER_FF + bool "fastpath support for freebox boards" + depends on BCM63158_ENET_RUNNER + select IP_FFN + select IPV6_FFN + select IPV6_SIT_6RD + select BRIDGE + select FBXBRIDGE + config BCMGENET tristate "Broadcom GENET internal MAC support" depends on HAS_IOMEM diff -ruw linux-5.15.42/drivers/net/ethernet/broadcom/Makefile linux-5.15.42-fbx/drivers/net/ethernet/broadcom/Makefile --- linux-5.15.42/drivers/net/ethernet/broadcom/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/ethernet/broadcom/Makefile 2023-03-09 15:06:11.356234011 +0100 @@ -17,3 +17,5 @@ obj-$(CONFIG_BGMAC_PLATFORM) += bgmac-platform.o obj-$(CONFIG_SYSTEMPORT) += bcmsysport.o obj-$(CONFIG_BNXT) += bnxt/ +obj-$(CONFIG_BCM63XX_ENET_RUNNER) += bcm63xx_enet_runner/ +obj-y += bcm63158/ diff -ruw linux-5.15.42/drivers/net/ethernet/marvell/Kconfig linux-5.15.42-fbx/drivers/net/ethernet/marvell/Kconfig --- linux-5.15.42/drivers/net/ethernet/marvell/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/ethernet/marvell/Kconfig 2024-04-22 14:46:54.908186146 +0200 @@ -23,6 +23,7 @@ depends on INET select PHYLIB select MVMDIO + select MII help This driver supports the gigabit ethernet MACs in the Marvell Discovery PPC/MIPS chipset family (MV643XX) and @@ -31,6 +32,15 @@ Some boards that use the Discovery chipset are the Momenco Ocelot C and Jaguar ATX and Pegasos II. +config MV643XX_ETH_FBX_FF + bool "fastpath support for freebox boards" + depends on MV643XX_ETH + select IP_FFN + select IPV6_FFN + select IPV6_SIT_6RD + select BRIDGE + select FBXBRIDGE + config MVMDIO tristate "Marvell MDIO interface support" depends on HAS_IOMEM @@ -88,6 +98,7 @@ select MVMDIO select PHYLINK select PAGE_POOL + select MII help This driver supports the network interface units in the Marvell ARMADA 375, 7K and 8K SoCs. @@ -97,6 +108,15 @@ depends on (PTP_1588_CLOCK = y && MVPP2 = y) || \ (PTP_1588_CLOCK && MVPP2 = m) +config MVPP2_FBX_FF + bool "fastpath support for freebox boards" + depends on MVPP2 + select IP_FFN + select IPV6_FFN + select IPV6_SIT_6RD + select BRIDGE + select FBXBRIDGE + config PXA168_ETH tristate "Marvell pxa168 ethernet support" depends on HAS_IOMEM diff -ruw linux-5.15.42/drivers/net/ethernet/marvell/mv643xx_eth.c linux-5.15.42-fbx/drivers/net/ethernet/marvell/mv643xx_eth.c --- linux-5.15.42/drivers/net/ethernet/marvell/mv643xx_eth.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/ethernet/marvell/mv643xx_eth.c 2024-04-22 14:46:54.908186146 +0200 @@ -52,6 +52,20 @@ #include #include #include +#include +#include + +#ifdef CONFIG_MV643XX_ETH_FBX_FF +#include +#include +#include +#include +#include +#include + +#include "../../../net/bridge/br_private.h" +#include "../../../net/fbxbridge/fbxbr_private.h" +#endif static char mv643xx_eth_driver_name[] = "mv643xx_eth"; static char mv643xx_eth_driver_version[] = "1.4"; @@ -95,6 +109,7 @@ #define DISABLE_AUTO_NEG_FOR_DUPLEX 0x00000004 #define FORCE_LINK_PASS 0x00000002 #define SERIAL_PORT_ENABLE 0x00000001 +#define PORT_VPT2P 0x0040 #define PORT_STATUS 0x0044 #define TX_FIFO_EMPTY 0x00000400 #define TX_IN_PROGRESS 0x00000080 @@ -121,6 +136,7 @@ #define INT_CAUSE_EXT 0x0064 #define INT_EXT_LINK_PHY 0x00110000 #define INT_EXT_TX 0x000000ff +#define INT_EXT_TX_0 0x00000001 #define INT_MASK 0x0068 #define INT_MASK_EXT 0x006c #define TX_FIFO_URGENT_THRESHOLD 0x0074 @@ -169,7 +185,8 @@ */ #define DEFAULT_RX_QUEUE_SIZE 128 #define DEFAULT_TX_QUEUE_SIZE 512 -#define SKB_DMA_REALIGN ((PAGE_SIZE - NET_SKB_PAD) % SMP_CACHE_BYTES) +#define RX_OFFSET ALIGN(NET_SKB_PAD, SMP_CACHE_BYTES) +#define COPY_BREAK_SIZE 128 /* Max number of allowed TCP segments for software TSO */ #define MV643XX_MAX_TSO_SEGS 100 @@ -192,6 +209,8 @@ u32 cmd_sts; /* Descriptor command status */ u32 next_desc_ptr; /* Next descriptor pointer */ u32 buf_ptr; /* Descriptor buffer pointer */ + u32 cookie; + u32 pad[3]; }; struct tx_desc { @@ -200,6 +219,9 @@ u32 cmd_sts; /* Command/status field */ u32 next_desc_ptr; /* Pointer to next descriptor */ u32 buf_ptr; /* pointer to buffer for this descriptor*/ + u32 cookie; + u32 cookie_size; + u32 pad[2]; }; #elif defined(__LITTLE_ENDIAN) struct rx_desc { @@ -208,6 +230,8 @@ u16 byte_cnt; /* Descriptor buffer byte count */ u32 buf_ptr; /* Descriptor buffer pointer */ u32 next_desc_ptr; /* Next descriptor pointer */ + u32 cookie; + u32 pad[3]; }; struct tx_desc { @@ -216,6 +240,9 @@ u16 byte_cnt; /* buffer byte count */ u32 buf_ptr; /* pointer to buffer for this descriptor*/ u32 next_desc_ptr; /* Pointer to next descriptor */ + u32 cookie; + u32 cookie_size; + u32 pad[2]; }; #else #error One of __BIG_ENDIAN or __LITTLE_ENDIAN must be defined @@ -226,6 +253,11 @@ /* RX & TX descriptor status */ #define ERROR_SUMMARY 0x00000001 +#define ERROR_CODE_RX_CRC (0x0 << 1) +#define ERROR_CODE_RX_OVERRUN (0x1 << 1) +#define ERROR_CODE_RX_MAX_LENGTH (0x2 << 1) +#define ERROR_CODE_RX_RESOURCE (0x3 << 1) +#define ERROR_CODE_MASK (0x3 << 1) /* RX descriptor status */ #define LAYER_4_CHECKSUM_OK 0x40000000 @@ -237,6 +269,7 @@ #define RX_PKT_IS_ETHERNETV2 0x00800000 #define RX_PKT_LAYER4_TYPE_MASK 0x00600000 #define RX_PKT_LAYER4_TYPE_TCP_IPV4 0x00000000 +#define RX_PKT_LAYER4_TYPE_UDP_IPV4 0x00200000 #define RX_PKT_IS_VLAN_TAGGED 0x00080000 /* TX descriptor command */ @@ -273,7 +306,9 @@ int extended_rx_coal_limit; int tx_bw_control; int tx_csum_limit; + int unit; struct clk *clk; + struct mii_bus *mii_bus; }; #define TX_BW_CONTROL_ABSENT 0 @@ -319,23 +354,30 @@ /* Non MIB hardware counters */ u32 rx_discard; u32 rx_overrun; + /* Non MIB software counters */ + u32 rx_packets_q[8]; + u32 tx_packets_q[8]; }; struct rx_queue { int index; - int rx_ring_size; - - int rx_desc_count; - int rx_curr_desc; - int rx_used_desc; + unsigned int rx_ring_size; + unsigned int rx_curr_desc; + unsigned int rx_packets; struct rx_desc *rx_desc_area; dma_addr_t rx_desc_dma; int rx_desc_area_size; - struct sk_buff **rx_skb; + unsigned int *rx_desc_map_sizes; }; +#ifdef CONFIG_MV643XX_ETH_FBX_FF +#define NAPI_TX_OFFSET 1 +#else +#define NAPI_TX_OFFSET 0 +#endif + struct tx_queue { int index; @@ -378,14 +420,13 @@ struct napi_struct napi; u32 int_mask; - u8 oom; u8 work_link; u8 work_tx; u8 work_tx_end; u8 work_rx; - u8 work_rx_refill; - int skb_size; + unsigned int pkt_size; + unsigned int frag_size; /* * RX state. @@ -394,7 +435,6 @@ unsigned long rx_desc_sram_addr; int rx_desc_sram_size; int rxq_count; - struct timer_list rx_oom; struct rx_queue rxq[8]; /* @@ -411,8 +451,19 @@ */ struct clk *clk; unsigned int t_clk; + +#ifdef CONFIG_MV643XX_ETH_FBX_FF + struct tx_queue *ff_txq; + struct notifier_block ff_notifier; +#endif + + u32 ftth_tx_shaper_rate; + u32 ftth_tx_shaper_burst; }; +#ifdef CONFIG_MV643XX_ETH_FBX_FF +static struct mv643xx_eth_private *mp_by_unit[4]; +#endif /* port register accessors **************************************************/ static inline u32 rdl(struct mv643xx_eth_private *mp, int offset) @@ -492,7 +543,12 @@ static void txq_maybe_wake(struct tx_queue *txq) { struct mv643xx_eth_private *mp = txq_to_mp(txq); - struct netdev_queue *nq = netdev_get_tx_queue(mp->dev, txq->index); + struct netdev_queue *nq; + +#ifdef CONFIG_MV643XX_ETH_FBX_FF + WARN_ON(txq->index == 0); +#endif + nq = netdev_get_tx_queue(mp->dev, txq->index - NAPI_TX_OFFSET); if (netif_tx_queue_stopped(nq)) { __netif_tx_lock(nq, smp_processor_id()); @@ -502,152 +558,2121 @@ } } -static int rxq_process(struct rx_queue *rxq, int budget) +static void *mv643xx_eth_frag_alloc(const struct mv643xx_eth_private *mp) { - struct mv643xx_eth_private *mp = rxq_to_mp(rxq); - struct net_device_stats *stats = &mp->dev->stats; - int rx; + if (likely(mp->frag_size <= PAGE_SIZE)) + return napi_alloc_frag(mp->frag_size); + else + return kmalloc(mp->frag_size, GFP_ATOMIC); +} - rx = 0; - while (rx < budget && rxq->rx_desc_count) { - struct rx_desc *rx_desc; - unsigned int cmd_sts; - struct sk_buff *skb; - u16 byte_cnt; +static void mv643xx_eth_frag_free(const struct mv643xx_eth_private *mp, + void *data) +{ + if (likely(mp->frag_size <= PAGE_SIZE)) + skb_free_frag(data); + else + kfree(data); +} - rx_desc = &rxq->rx_desc_area[rxq->rx_curr_desc]; +#ifdef CONFIG_MV643XX_ETH_FBX_FF - cmd_sts = rx_desc->cmd_sts; - if (cmd_sts & BUFFER_OWNED_BY_DMA) - break; - rmb(); +static bool ff_enabled; +static unsigned int ff_mode; + +static bool ff_tx_queue_can_reclaim(struct tx_queue *txq) +{ + struct tx_desc *desc; + int tx_index; - skb = rxq->rx_skb[rxq->rx_curr_desc]; - rxq->rx_skb[rxq->rx_curr_desc] = NULL; + if (!txq || !txq->tx_desc_count) + return false; - rxq->rx_curr_desc++; - if (rxq->rx_curr_desc == rxq->rx_ring_size) - rxq->rx_curr_desc = 0; + tx_index = txq->tx_used_desc; + desc = &txq->tx_desc_area[tx_index]; + + if ((desc->cmd_sts & BUFFER_OWNED_BY_DMA)) + return false; + + return true; +} + + +/* + * size on which we invalidate data when we reclaim fast-forwarded + * buffer + * + * worst case read lookup by rx path from RX_OFFSET is (VLAN + ip6 + + * iph + tcphdr) + */ +#define FF_MAP_SIZE (sizeof (struct vlan_ethhdr) + \ + sizeof (struct ipv6hdr) + \ + sizeof (struct iphdr) + \ + sizeof (struct tcphdr)) + +static void *ff_tx_queue_frag_reclaim(struct mv643xx_eth_private *mp, + unsigned int needed_frag_size) +{ + struct tx_queue *txq = mp->ff_txq; + struct tx_desc *desc; + void *frag; + unsigned int frag_size; + int tx_index; + + if (!txq || !txq->tx_desc_count) + return NULL; + + tx_index = txq->tx_used_desc; + desc = &txq->tx_desc_area[tx_index]; + + if ((desc->cmd_sts & BUFFER_OWNED_BY_DMA)) + return NULL; + + txq->tx_used_desc = tx_index + 1; + if (txq->tx_used_desc == txq->tx_ring_size) + txq->tx_used_desc = 0; + + txq->tx_desc_count--; + + frag = (void *)desc->cookie; + frag_size = desc->cookie_size; + if (frag_size != needed_frag_size) { + skb_free_frag(frag); + return NULL; + } + + return frag; +} +#endif + +static int rx_desc_refill(struct mv643xx_eth_private *mp, + struct rx_desc *rx_desc, + unsigned int *pmap_size, + bool unmap) +{ + unsigned int map_size = mp->pkt_size; + void *frag; + bool frag_allocated = true; + +#ifdef CONFIG_MV643XX_ETH_FBX_FF + if (ff_enabled) { + struct mv643xx_eth_private *omp; + + /* + * try to reclaim from "opposite" fast forward dedicated tx + * queue + */ + if (ff_mode == 1) + omp = mp_by_unit[1 - mp->shared->unit]; + else + omp = mp; + + if (omp) + frag = ff_tx_queue_frag_reclaim(omp, mp->pkt_size); + else + frag = NULL; + + if (!frag) { + frag = mv643xx_eth_frag_alloc(mp); + } else { + map_size = FF_MAP_SIZE; + frag_allocated = false; + } + } else +#endif + frag = mv643xx_eth_frag_alloc(mp); + if (!frag) + return -ENOMEM; + + if (unmap) dma_unmap_single(mp->dev->dev.parent, rx_desc->buf_ptr, - rx_desc->buf_size, DMA_FROM_DEVICE); - rxq->rx_desc_count--; - rx++; + *pmap_size, DMA_FROM_DEVICE); - mp->work_rx_refill |= 1 << rxq->index; + *pmap_size = map_size; + rx_desc->buf_ptr = dma_map_single(mp->dev->dev.parent, + frag + RX_OFFSET, + map_size, + DMA_FROM_DEVICE); + if (unlikely(dma_mapping_error(mp->dev->dev.parent, + rx_desc->buf_ptr))) { + WARN(1, "dma_map_single failed!\n"); + if (frag_allocated) + mv643xx_eth_frag_free(frag, mp); + return -ENOMEM; + } - byte_cnt = rx_desc->byte_cnt; + rx_desc->buf_size = mp->pkt_size; + rx_desc->cookie = (u32)frag; + wmb(); + rx_desc->cmd_sts = BUFFER_OWNED_BY_DMA | RX_ENABLE_INTERRUPT; + return 0; +} + +static inline bool pkt_is_ipv4(u32 cmd_sts) +{ + return (cmd_sts & RX_PKT_IS_IPV4) == RX_PKT_IS_IPV4; +} + +static inline bool pkt_is_tcp4(u32 cmd_sts) +{ + return (cmd_sts & RX_PKT_LAYER4_TYPE_MASK) == + RX_PKT_LAYER4_TYPE_TCP_IPV4; +} + +static inline bool pkt_is_udp4(u32 cmd_sts) +{ + return (cmd_sts & RX_PKT_LAYER4_TYPE_MASK) == + RX_PKT_LAYER4_TYPE_UDP_IPV4; +} + +#ifdef CONFIG_MV643XX_ETH_FBX_FF + +static inline bool pkt_is_vlan(u32 cmd_sts) +{ + return (cmd_sts & RX_PKT_IS_VLAN_TAGGED) == RX_PKT_IS_VLAN_TAGGED; +} + +static struct { + struct net_device *wan_dev; + struct net_device *lan_dev; + unsigned long jiffies; + + struct net_device *tun_dev; + u8 tun_ready:1; + u16 tun_mtu; + + /* sit parameters */ + union ff_tun_params { + struct { + u32 src; + u32 s6rd_prefix; + u32 s6rd_pmask; + u8 s6rd_plen; + } sit; + + struct { + /* map parameters */ + u32 ipv4_prefix; + u32 ipv4_pmask; + u8 ipv4_plen; + u8 ipv6_plen; + struct in6_addr src; + struct in6_addr br; + + u64 ipv6_prefix; + u32 ea_addr_mask; + u16 ea_port_mask; + u8 psid_len; + u8 ea_lshift; + } map; + } u; + + char tun_dev_name[IFNAMSIZ]; +} ff; + +static LIST_HEAD(ff_devs); + +struct ff_dev { + const char *desc; + unsigned int unit; + bool bridge_member; + unsigned int vlan; + struct net_device **pvirt_dev; + + bool active; + struct net_bridge_port *br_port; + struct fbxbr_port *fbxbr_port; + bool dev_up; + struct list_head next; +}; + +static inline bool is_bridge_dev(struct net_device *dev) +{ + return dev->priv_flags & IFF_EBRIDGE; +} + +static inline bool is_fbxbridge_port(struct net_device *dev) +{ + return dev->priv_flags & IFF_FBXBRIDGE_PORT; +} + +static u32 gen_netmask(u8 len) +{ + return htonl(~((1 << (32 - len)) - 1)); +} + +static void __ff_tun_set_params(bool ready, + unsigned int mtu, + const union ff_tun_params *tp) +{ + if (!ready) { + if (!ff.tun_ready) + return; + + printk(KERN_DEBUG "ff: tunnel now NOT ready\n"); + ff.tun_ready = 0; + return; + } + + if (ff.tun_ready) { + if (ff.tun_mtu == mtu && !memcmp(tp, &ff.u, sizeof (*tp))) + return; + } + + ff.tun_mtu = mtu; + memcpy(&ff.u, tp, sizeof (*tp)); + + if (!ff.tun_ready) + printk(KERN_DEBUG "ff: tunnel now ready\n"); + else + printk(KERN_DEBUG "ff: tunnel params updated\n"); + + ff.tun_ready = true; +} + +static void __ff_tun_read_params(void) +{ + union ff_tun_params tp; + + if (!ff.tun_dev) + return; + + if (!ff.wan_dev) { + __ff_tun_set_params(false, 0, NULL); + return; + } + + memset(&tp, 0, sizeof (tp)); + + if (ff.tun_dev->type == ARPHRD_SIT) { + const struct ip_tunnel *tun = netdev_priv(ff.tun_dev); + const struct ip_tunnel_6rd_parm *ip6rd = &tun->ip6rd; + + if (!ip6rd->prefixlen || ip6rd->prefixlen > 32) { + printk(KERN_DEBUG "ff: unsupported 6rd plen\n"); + __ff_tun_set_params(false, 0, NULL); + return; + } + + if (ff.tun_dev->mtu + sizeof (struct iphdr) > + ff.wan_dev->mtu) { + printk(KERN_DEBUG "ff: WAN mtu too " + "small for tunnel (%u => %u)\n", + ff.tun_dev->mtu, ff.wan_dev->mtu); + __ff_tun_set_params(false, 0, NULL); + return; + } + + tp.sit.src = tun->parms.iph.saddr; + tp.sit.s6rd_prefix = ip6rd->prefix.s6_addr32[0]; + tp.sit.s6rd_pmask = gen_netmask(ip6rd->prefixlen); + tp.sit.s6rd_plen = ip6rd->prefixlen; + __ff_tun_set_params(true, ff.tun_dev->mtu, &tp); + return; + } + + if (ff.tun_dev->type == ARPHRD_TUNNEL6) { + const struct ip6_tnl *t = netdev_priv(ff.tun_dev); + const struct __ip6_tnl_parm *prm = &t->parms; + const struct __ip6_tnl_fmr *fmr; + + if (ff.tun_dev->mtu + sizeof (struct ipv6hdr) > + ff.wan_dev->mtu) { + printk(KERN_DEBUG "ff: WAN mtu too " + "small for tunnel (%u => %u)\n", + ff.tun_dev->mtu, ff.wan_dev->mtu); + __ff_tun_set_params(false, 0, NULL); + return; + } + + tp.map.src = prm->laddr; + tp.map.br = prm->raddr; + + fmr = prm->fmrs; + if (!fmr) { + tp.map.ipv4_prefix = 0; + __ff_tun_set_params(true, ff.tun_dev->mtu, &tp); + return; + } + + if (fmr->ip6_prefix_len < 32 || + (fmr->ip6_prefix_len + 32 - fmr->ip4_prefix_len > 64)) { + printk(KERN_DEBUG "ff: unsupp MAP-E: eabits " + "span 32 bits\n"); + __ff_tun_set_params(false, 0, NULL); + return; + } + + if (fmr->offset) { + printk(KERN_DEBUG "ff: unsupp MAP-E: non zero " + "PSID offset\n"); + __ff_tun_set_params(false, 0, NULL); + return; + } + + tp.map.ipv4_prefix = fmr->ip4_prefix.s_addr; + tp.map.ipv4_pmask = gen_netmask(fmr->ip4_prefix_len); + tp.map.ipv4_plen = fmr->ip4_prefix_len; + tp.map.ipv6_plen = fmr->ip6_prefix_len; + memcpy(&tp.map.ipv6_prefix, &fmr->ip6_prefix, 8); + + tp.map.ea_addr_mask = ~gen_netmask(fmr->ip4_prefix_len); + if (fmr->ea_len <= 32 - fmr->ip4_prefix_len) { + /* v4 prefix or full IP */ + u32 addr_bits; + + addr_bits = fmr->ip4_prefix_len + fmr->ea_len; + if (addr_bits != 32) + tp.map.ea_addr_mask &= gen_netmask(addr_bits); + tp.map.psid_len = 0; + } else { + u8 psid_len; + + psid_len = fmr->ea_len - (32 - fmr->ip4_prefix_len); + tp.map.psid_len = psid_len; + tp.map.ea_port_mask = gen_netmask(psid_len); + } + + tp.map.ea_lshift = 32 - (fmr->ip6_prefix_len - 32) - + fmr->ea_len; + + __ff_tun_set_params(true, ff.tun_dev->mtu, &tp); + return; + } +} + +static void ff_tun_capture(void) +{ + struct net_device *dev; + + local_bh_disable(); + if (ff.tun_dev) { + local_bh_enable(); + printk(KERN_ERR "ff: error: tun already registered\n"); + return; + } + + dev = dev_get_by_name(&init_net, ff.tun_dev_name); + if (!dev) { + local_bh_enable(); + return; + } + + if (dev->type != ARPHRD_SIT && dev->type != ARPHRD_TUNNEL6) { + local_bh_enable(); + return; + } + + if (!(dev->flags & IFF_UP)) { + dev_put(ff.tun_dev); + local_bh_enable(); + return; + } + + ff.tun_dev = dev; + __ff_tun_read_params(); + local_bh_enable(); + printk(KERN_INFO "ff: tun dev grabbed\n"); +} + +static void ff_tun_release(void) +{ + int was_on = 0; + + local_bh_disable(); + if (ff.tun_dev) { + dev_put(ff.tun_dev); + ff.tun_dev = NULL; + was_on = 1; + } + local_bh_enable(); + if (was_on) + printk(KERN_INFO "ff: tun dev released\n"); +} + +static int ff_device_event(struct notifier_block *this, + unsigned long event, void *ptr) +{ + struct net_device *dev = netdev_notifier_info_to_dev(ptr); + struct mv643xx_eth_private *mp; + struct ff_dev *ff_dev; + + if (!net_eq(dev_net(dev), &init_net)) + return 0; + + if (!strcmp(dev->name, ff.tun_dev_name)) { + local_bh_disable(); + + switch (event) { + case NETDEV_UP: + if (!ff.tun_dev) + ff_tun_capture(); + break; + + case NETDEV_CHANGE: + case NETDEV_CHANGEMTU: + if (ff.tun_dev == dev) + __ff_tun_read_params(); + break; + + case NETDEV_GOING_DOWN: + case NETDEV_DOWN: + case NETDEV_UNREGISTER: + if (ff.tun_dev == dev) + ff_tun_release(); + break; + } + + local_bh_enable(); + return 0; + } + + list_for_each_entry(ff_dev, &ff_devs, next) { + mp = container_of(this, typeof(*mp), ff_notifier); + if (mp->shared->unit != ff_dev->unit) + continue; + + if (ff_dev->vlan) { + if (!is_vlan_dev(dev)) + continue; + + switch (event) { + case NETDEV_UP: + if (vlan_dev_upper_dev(dev) != mp->dev || + vlan_dev_vlan_id(dev) != ff_dev->vlan) + continue; + + if (ff_dev->active) + continue; + + dev_hold(dev); + + local_bh_disable(); + *(ff_dev->pvirt_dev) = dev; + + if (ff_dev->pvirt_dev == &ff.wan_dev) + __ff_tun_read_params(); + local_bh_enable(); + + ff_dev->active = true; + printk(KERN_INFO "ff: ff_dev %s: active " + "for %s\n", ff_dev->desc, + dev->name); + break; + + case NETDEV_GOING_DOWN: + case NETDEV_DOWN: + case NETDEV_UNREGISTER: + if (!ff_dev->active) + continue; + + if (vlan_dev_upper_dev(dev) != mp->dev || + vlan_dev_vlan_id(dev) != ff_dev->vlan) + continue; + + local_bh_disable(); + *(ff_dev->pvirt_dev) = NULL; + local_bh_enable(); + dev_put(dev); + ff_dev->active = false; + + printk(KERN_INFO "ff: ff_dev %s: now " + "inactive\n", ff_dev->desc); + break; + + default: + break; + } + } + + if (ff_dev->bridge_member) { + struct net_bridge *br; + struct fbxbr *fbxbr; + bool ok; + + switch (event) { + case NETDEV_UP: + if (dev == mp->dev) + ff_dev->dev_up = true; + break; + + case NETDEV_GOING_DOWN: + case NETDEV_DOWN: + case NETDEV_UNREGISTER: + if (dev == mp->dev) + ff_dev->dev_up = false; + break; + + case NETDEV_CHANGEUPPER: + if (dev == mp->dev) { + rcu_read_lock(); + if ((dev->priv_flags & + IFF_BRIDGE_PORT) && + netdev_master_upper_dev_get(dev)) + ff_dev->br_port = br_port_get_rcu(dev); + else + ff_dev->br_port = NULL; + + if ((dev->priv_flags & + IFF_FBXBRIDGE_PORT) && + netdev_master_upper_dev_get(dev)) + ff_dev->fbxbr_port = fbxbr_port_get_rcu(dev); + else + ff_dev->fbxbr_port = NULL; + rcu_read_unlock(); + } + break; + + default: + break; + } + + ok = false; + br = NULL; + fbxbr = NULL; + if (ff_dev->dev_up && ff_dev->br_port) { + br = ff_dev->br_port->br; + if (br->dev->flags & IFF_UP) + ok = true; + } + + if (ff_dev->dev_up && ff_dev->fbxbr_port) { + fbxbr = ff_dev->fbxbr_port->br; + if (fbxbr->dev->flags & IFF_UP) + ok = true; + } + + if (!(ok ^ ff_dev->active)) + continue; + + if (ok) { + struct net_device *br_dev; + struct net_device *true_dev; + + if (br) { + br_dev = br->dev; + true_dev = br->dev; + } else { + br_dev = fbxbr->dev; + true_dev = mp->dev; + } + + dev_hold(true_dev); + local_bh_disable(); + *(ff_dev->pvirt_dev) = true_dev; + local_bh_enable(); + ff_dev->active = true; + + printk(KERN_INFO "ff: ff_dev %s: active " + "for %s\n", ff_dev->desc, + true_dev->name); + + + } else { + dev = *(ff_dev->pvirt_dev); + local_bh_disable(); + *(ff_dev->pvirt_dev) = NULL; + local_bh_enable(); + dev_put(dev); + ff_dev->active = false; + printk(KERN_INFO "ff: ff_dev %s: " + "now inactive\n", ff_dev->desc); + } + } + } + + return 0; +} + +enum ff_xmit_mode { + FF_XMIT_IPV4, + FF_XMIT_IPV6, + FF_XMIT_IPV6_IN_IPV4, + FF_XMIT_IPV4_IN_IPV6, +}; /* - * Update statistics. * - * Note that the descriptor byte count includes 2 dummy - * bytes automatically inserted by the hardware at the - * start of the packet (which we don't count), and a 4 - * byte CRC at the end of the packet (which we do count). */ - stats->rx_packets++; - stats->rx_bytes += byte_cnt - 2; +static bool ff_send(struct mv643xx_eth_private *mp, + struct tx_queue *txq, + u32 dma_buf_addr, + void *frag, + u32 frag_size, + unsigned int send_len, + unsigned int clean_len, + bool hw_l3_checksum, + bool is_vlan) +{ + struct tx_desc *tx_desc; + unsigned int tx_index; + u32 cmd_sts; + + if (WARN_ON(txq->tx_desc_count == txq->tx_ring_size)) + return 1; + + dma_sync_single_for_device(mp->dev->dev.parent, dma_buf_addr, + clean_len, DMA_TO_DEVICE); + + tx_index = txq->tx_curr_desc++; + if (txq->tx_curr_desc == txq->tx_ring_size) + txq->tx_curr_desc = 0; + + txq->tx_desc_count++; + txq->tx_desc_mapping[tx_index] = DESC_DMA_MAP_SINGLE; + + tx_desc = &txq->tx_desc_area[tx_index]; + tx_desc->byte_cnt = send_len; + tx_desc->buf_ptr = dma_buf_addr; + tx_desc->cookie = (u32)frag; + tx_desc->cookie_size = (u32)frag_size; + + cmd_sts = TX_FIRST_DESC | + TX_LAST_DESC | + GEN_CRC | + BUFFER_OWNED_BY_DMA | + ZERO_PADDING; + + if (hw_l3_checksum) { + cmd_sts |= (GEN_IP_V4_CHECKSUM | + (5 << TX_IHL_SHIFT)); + + if (is_vlan) + cmd_sts |= MAC_HDR_EXTRA_4_BYTES; + } + + tx_desc->cmd_sts = cmd_sts; + txq_enable(txq); + + txq->tx_bytes += send_len; + txq->tx_packets++; + + return 0; +} /* - * In case we received a packet without first / last bits - * on, or the error summary bit is set, the packet needs - * to be dropped. + * ipv4 forward cache private data */ - if ((cmd_sts & (RX_FIRST_DESC | RX_LAST_DESC | ERROR_SUMMARY)) - != (RX_FIRST_DESC | RX_LAST_DESC)) - goto err; +struct ff_priv { + struct in6_addr tun_dest_ip6; + struct dst_entry *tun_dst; +}; + +static void ff_priv_release(const struct ff_priv *priv) +{ + dst_release(priv->tun_dst); +} + +static void ff_priv_destructor_cb(void *data) +{ + const struct ff_priv *priv = (const struct ff_priv *)data; + ff_priv_release(priv); +} + +static const struct ff_priv *ffn_get_ro_priv(const struct ffn_lookup_entry *e) +{ + if (e->manip.priv_destructor != ff_priv_destructor_cb) + return NULL; + + return (const struct ff_priv *)e->manip.ffn_priv_area; +} + +static struct ff_priv *ffn_get_rw_priv(struct ffn_lookup_entry *e) +{ + BUILD_BUG_ON(sizeof (e->manip.ffn_priv_area) < + sizeof (struct ff_priv)); + + if (e->manip.priv_destructor && + e->manip.priv_destructor != ff_priv_destructor_cb) + return NULL; + + return (struct ff_priv *)e->manip.ffn_priv_area; +} + +static const struct ff_priv *fwc_get_ro_priv(const struct fbxbr_fwcache *fwc) +{ + if (fwc->priv_destructor != ff_priv_destructor_cb) + return NULL; + + return (const struct ff_priv *)fwc->priv_area; +} + +static struct ff_priv *fwc_get_rw_priv(const struct fbxbr_fwcache *fwc) +{ + BUILD_BUG_ON(sizeof (fwc->priv_area) < sizeof (struct ff_priv)); + + if (fwc->priv_destructor && + fwc->priv_destructor != ff_priv_destructor_cb) + return NULL; + + return (struct ff_priv *)fwc->priv_area; +} /* - * The -4 is for the CRC in the trailer of the - * received packet + * ipv6 forward cache private data */ - skb_put(skb, byte_cnt - 2 - 4); +struct ff6_priv { + u32 tun_dest_ip; + struct dst_entry *tun_dst; +}; - if (cmd_sts & LAYER_4_CHECKSUM_OK) - skb->ip_summed = CHECKSUM_UNNECESSARY; - skb->protocol = eth_type_trans(skb, mp->dev); +static void ff6_priv_release(const struct ff6_priv *priv) +{ + dst_release(priv->tun_dst); +} - napi_gro_receive(&mp->napi, skb); +static void ff6_priv_destructor_cb(void *data) +{ + const struct ff6_priv *priv = (const struct ff6_priv *)data; + ff6_priv_release(priv); +} - continue; +static const struct ff6_priv *ffn6_get_ro_priv(const struct ffn6_lookup_entry *e6) +{ + if (e6->manip.priv_destructor != ff6_priv_destructor_cb) + return NULL; -err: - stats->rx_dropped++; + return (const struct ff6_priv *)e6->manip.ffn_priv_area; +} - if ((cmd_sts & (RX_FIRST_DESC | RX_LAST_DESC)) != - (RX_FIRST_DESC | RX_LAST_DESC)) { - if (net_ratelimit()) - netdev_err(mp->dev, - "received packet spanning multiple descriptors\n"); +static struct ff6_priv *ffn6_get_rw_priv(struct ffn6_lookup_entry *e6) +{ + BUILD_BUG_ON(sizeof (e6->manip.ffn_priv_area) < + sizeof (struct ff6_priv)); + + if (e6->manip.priv_destructor && + e6->manip.priv_destructor != ff6_priv_destructor_cb) + return NULL; + + return (struct ff6_priv *)e6->manip.ffn_priv_area; } - if (cmd_sts & ERROR_SUMMARY) - stats->rx_errors++; +/* + * + */ +static u32 ff_tun_extract_6rd_addr(const struct in6_addr *d) +{ + u32 a1, a2; - dev_kfree_skb(skb); + a1 = ntohl(d->s6_addr32[0] & ~ff.u.sit.s6rd_pmask); + a1 <<= ff.u.sit.s6rd_plen; + + a2 = ntohl(d->s6_addr32[1] & ff.u.sit.s6rd_pmask); + a2 >>= (32 - ff.u.sit.s6rd_plen); + return htonl(a1 | a2); } - if (rx < budget) - mp->work_rx &= ~(1 << rxq->index); +/* + * + */ +static void ff_tun_gen_mape_addr(u32 addr, u16 port, struct in6_addr *dest) +{ + u32 eabits; + u16 psid; + + eabits = ntohl(addr & ff.u.map.ea_addr_mask) << ff.u.map.psid_len; + psid = 0; + if (ff.u.map.psid_len) { + psid = ntohs(port & ff.u.map.ea_port_mask) >> + (16 - ff.u.map.psid_len); + eabits |= psid; + } + + memcpy(dest, &ff.u.map.ipv6_prefix, 8); + dest->s6_addr32[1] |= htonl(eabits << ff.u.map.ea_lshift); + + dest->s6_addr32[2] = htonl(ntohl(addr) >> 16); + dest->s6_addr32[3] = htonl((ntohl(addr) << 16) | psid); +} + +/* + * + */ +static bool ff_forward(struct mv643xx_eth_private *rx_mp, + struct mv643xx_eth_private *tx_mp, + bool wan_to_lan, + struct net_device *rx_dev, + struct net_device *tx_dev, + unsigned int rx_vlan, + unsigned int tx_vlan, + struct rx_desc *rx_desc, + unsigned int *pmap_size, + unsigned int cmd_sts, + void *frag, + size_t offset, size_t eth_len) +{ + struct net_device_stats *rx_hw_stats; + struct net_device_stats *tx_hw_stats; + struct net_device *last_rx_dev, *next_tx_dev; + struct ffn_lookup_entry *e; + struct ffn6_lookup_entry *e6; + struct tx_queue *txq; + struct nf_conn *ct = NULL; + struct ethhdr *eth; + enum ff_xmit_mode xmit_mode; + u8 dest_hw[6]; + u32 buf_addr; + unsigned int timeout; + void *l2_hdr, *l3_hdr, *l4_hdr; + bool l3_is_ipv4, l4_is_tcp; + unsigned int l3_plen; + unsigned int clean_len; + u32 tun_v4_dest; + const struct in6_addr *tun_v6_pdest; + u16 proto; + struct net_device *soft_tx_dev; + + /* make sure we have headroom for the worst case scenario */ + BUILD_BUG_ON(NET_SKB_PAD < + (sizeof (struct ipv6hdr) + VLAN_HLEN)); + + if (!tx_mp || !rx_dev || !tx_dev) + return false; + + /* hardware skip 2 bytes to align IP header */ + eth = (struct ethhdr *)((uint8_t *)frag + offset + 2); + eth_len -= 2; + + /* + * filter only IPv4 & IPv6 packets + */ + if (rx_vlan) { + struct vlan_ethhdr *vhdr; + + if (!pkt_is_vlan(cmd_sts)) + return false; + + vhdr = (struct vlan_ethhdr *)eth; + if (vhdr->h_vlan_TCI != htons(rx_vlan)) + return false; + + if (!pkt_is_ipv4(cmd_sts)) { + if (vhdr->h_vlan_encapsulated_proto != + htons(ETH_P_IPV6)) + return false; + } + + l3_hdr = vhdr + 1; + l3_plen = eth_len - VLAN_ETH_HLEN; + } else { + if (pkt_is_vlan(cmd_sts)) + return false; + + if (!pkt_is_ipv4(cmd_sts)) { + if (eth->h_proto != htons(ETH_P_IPV6)) + return false; + } + + l3_hdr = eth + 1; + l3_plen = eth_len - ETH_HLEN; + } + + + /* make sure packet is for our mac address */ + if (memcmp(eth->h_dest, rx_mp->dev->dev_addr, 6)) { + return false; + } + + last_rx_dev = rx_dev; + l3_is_ipv4 = pkt_is_ipv4(cmd_sts); + + if (l3_is_ipv4) { + struct iphdr *iph; + struct fbxbr_fwcache *fwc; + struct fbxbr *fbxbr; + struct fbxbr_port *fbxbr_fwd_port; + u16 sport, dport; + u8 ip_proto; + +handle_ipv4: + iph = (struct iphdr *)l3_hdr; + + /* lookup IP ffn entry */ + if (iph->ihl > 5 || (iph->frag_off & htons(IP_MF | IP_OFFSET))) + return false; + + if (iph->ttl <= 1) + return false; + + ip_proto = iph->protocol; + if (ip_proto == IPPROTO_TCP) { + struct tcphdr *tcph; + + if (l3_plen < sizeof (*iph) + sizeof (*tcph)) + return false; + + tcph = (struct tcphdr *)((u8 *)iph + 20); + if (tcph->fin || + tcph->syn || + tcph->rst || + !tcph->ack) { + return false; + } + + sport = tcph->source; + dport = tcph->dest; + l4_hdr = tcph; + l4_is_tcp = true; + + } else if (ip_proto == IPPROTO_UDP) { + struct udphdr *udph; + + if (l3_plen < sizeof (*iph) + sizeof (*udph)) + return false; + + udph = (struct udphdr *)((u8 *)iph + 20); + sport = udph->source; + dport = udph->dest; + l4_hdr = udph; + l4_is_tcp = false; + + } else if (ip_proto == IPPROTO_IPV6) { + struct ipv6hdr *ip6hdr; + u32 ip6rd_daddr; + + if (!ff.tun_ready) + return false; + + /* must be for us */ + if (iph->daddr != ff.u.sit.src) + return false; + + /* check len */ + if (l3_plen < sizeof (struct iphdr) + + sizeof (struct ipv6hdr)) + return false; + + ip6hdr = (struct ipv6hdr *)(iph + 1); + + /* must belong to 6rd prefix */ + if ((ip6hdr->daddr.s6_addr32[0] & + ff.u.sit.s6rd_pmask) != ff.u.sit.s6rd_prefix) + return false; + + /* 6rd address */ + ip6rd_daddr = ff_tun_extract_6rd_addr(&ip6hdr->daddr); + if (ip6rd_daddr != ff.u.sit.src) + return false; + + /* TODO: should check for spoofing here */ + l3_hdr = ip6hdr; + l3_plen -= 20; + l3_is_ipv4 = false; + goto handle_ipv6; + + } else + return false; + + if (is_fbxbridge_port(last_rx_dev)) { + struct fbxbr_fwcache_key k; + struct fbxbr_port *p; + u32 hash; + + p = fbxbr_port_get_rcu(last_rx_dev); + fbxbr = p->br; + + if (wan_to_lan) { + WARN_ON(!p->is_wan); + k.wan_ip = iph->saddr; + k.lan_ip = iph->daddr; + k.wan_port = sport; + k.lan_port = dport; + fbxbr_fwd_port = fbxbr->lan_port; + } else { + WARN_ON(p->is_wan); + k.lan_ip = iph->saddr; + k.wan_ip = iph->daddr; + k.lan_port = sport; + k.wan_port = dport; + fbxbr_fwd_port = fbxbr->wan_port; + } + k.is_tcp = l4_is_tcp; + + if (!unlikely(fbxbr_fwd_port)) + return false; + + hash = fbxbr_fwcache_hash(&k); + fwc = __fbxbr_fwcache_lookup(p->br, hash, &k); + if (!fwc) + return false; + + next_tx_dev = fbxbr_fwd_port->dev; + e = NULL; + } else { + e = __ffn_get(iph->saddr, iph->daddr, + sport, dport, l4_is_tcp); + if (!e) + return false; + + if (e->manip.dst->obsolete > 0) + return false; + + ct = e->manip.ct; + + /* only fast forward TCP connections in established state */ + if (l4_is_tcp && + ct->proto.tcp.state != TCP_CONNTRACK_ESTABLISHED) + return false; + + next_tx_dev = e->manip.dst->dev; + fwc = NULL; + } + + /* find out if the packet is to be sent as-is or + * tunneled */ + if (ff.tun_dev && next_tx_dev == ff.tun_dev) { + const struct ff_priv *ff_priv; + struct ff_priv *ff_wpriv; + struct dst_entry *v6_dst; + const struct in6_addr *pdest, *nexthop; + struct in6_addr dest; + struct rt6_info *rt6; + struct neighbour *neigh; + + /* IPv4 tunneled into MAP-E device */ + if (!ff.tun_ready) { + return false; + } + + if (l3_plen > ff.tun_mtu) + return false; + + /* lookup ipv6 route cache */ + if (e) + ff_priv = ffn_get_ro_priv(e); + else + ff_priv = fwc_get_ro_priv(fwc); + + if (ff_priv) { + if (ff_priv->tun_dst->obsolete < 0) { + /* valid route found */ + v6_dst = ff_priv->tun_dst; + pdest = &ff_priv->tun_dest_ip6; + goto cached_ipv6_route; + } + + ff_priv_release(ff_priv); + if (e) + e->manip.priv_destructor = NULL; + else + fwc->priv_destructor = NULL; + } + + /* cache miss, compute IPv6 destination */ + if (ff.u.map.ipv4_prefix && + (iph->daddr & ff.u.map.ipv4_pmask) == + ff.u.map.ipv4_prefix) { + /* compute dest using FMR */ + ff_tun_gen_mape_addr(iph->daddr, dport, &dest); + pdest = &dest; + } else { + /* next hop is BR */ + pdest = &ff.u.map.br; + } + + /* v6 route lookup */ + rt6 = rt6_lookup(&init_net, pdest, NULL, 0, NULL, 0); + if (!rt6) + return false; + + if (e) + ff_wpriv = ffn_get_rw_priv(e); + else + ff_wpriv = fwc_get_rw_priv(fwc); + if (!ff_wpriv) + return false; + + /* cache this inside FFN private area */ + ff_wpriv->tun_dst = (struct dst_entry *)rt6; + memcpy(&ff_wpriv->tun_dest_ip6, pdest, 16); + if (e) + e->manip.priv_destructor = ff_priv_destructor_cb; + else + fwc->priv_destructor = ff_priv_destructor_cb; + ff_priv = ff_wpriv; + + v6_dst = (struct dst_entry *)rt6; + +cached_ipv6_route: + if (v6_dst->dev != tx_dev) { + return false; + } + + /* is the neighboor ready ? */ + rt6 = (struct rt6_info *)v6_dst; + nexthop = rt6_nexthop(rt6, (struct in6_addr *)pdest); + if (!nexthop) { + return false; + } + + neigh = __ipv6_neigh_lookup_noref(tx_dev, nexthop); + if (!neigh || !(neigh->nud_state & NUD_VALID)) + return false; + memcpy(dest_hw, neigh->ha, 6); + + xmit_mode = FF_XMIT_IPV4_IN_IPV6; + tun_v6_pdest = &ff_priv->tun_dest_ip6; + + } else if (next_tx_dev == tx_dev) { + struct neighbour *neigh; + const struct rtable *rt; + + /* is the neighboor ready ? */ + if (e) { + u32 nexthop; + + rt = (const struct rtable *)e->manip.dst; + nexthop = (__force u32)rt_nexthop(rt, + e->manip.new_dip); + neigh = __ipv4_neigh_lookup_noref(tx_dev, + nexthop); + if (!neigh || !(neigh->nud_state & NUD_VALID)) + return false; + + memcpy(dest_hw, neigh->ha, 6); + } else { + if (!fbxbr_fwd_port->is_wan) { + if (!fbxbr->have_hw_addr) + return false; + memcpy(dest_hw, fbxbr->lan_hwaddr, 6); + } else { + __be32 nh; + + nh = iph->daddr; + if ((nh & fbxbr->wan_netmask) != + (fbxbr->wan_ipaddr & + fbxbr->wan_netmask)) { + rt = fbxbr_fwd_port->rt; + if (!rt || + rt->dst.obsolete > 0) + return false; + + nh = rt_nexthop(rt, nh); + } + + neigh = __ipv4_neigh_lookup_noref( + tx_dev, nh); + if (!neigh || + !(neigh->nud_state & NUD_VALID)) + return false; + + memcpy(dest_hw, neigh->ha, 6); + } + } + + xmit_mode = FF_XMIT_IPV4; + } else + return false; + + } else { + struct ipv6hdr *ip6hdr; + u16 sport, dport; + u8 ip_proto; + +handle_ipv6: + ip6hdr = (struct ipv6hdr *)l3_hdr; + + if (ip6hdr->hop_limit <= 1 || !ip6hdr->payload_len) + return false; + + if (ntohs(ip6hdr->payload_len) > l3_plen) + return false; + + ip_proto = ip6hdr->nexthdr; + + if (ip_proto == IPPROTO_TCP) { + struct tcphdr *tcph; + + if (l3_plen < sizeof (*ip6hdr) + sizeof (*tcph)) + return false; + + tcph = (struct tcphdr *)((u8 *)ip6hdr + + sizeof (*ip6hdr)); + + if (tcph->fin || + tcph->syn || + tcph->rst || + !tcph->ack) { + return false; + } + + sport = tcph->source; + dport = tcph->dest; + l4_hdr = tcph; + l4_is_tcp = true; + + } else if (ip_proto == IPPROTO_UDP) { + struct udphdr *udph; + + if (l3_plen < sizeof (*ip6hdr) + sizeof (*udph)) + return false; + + udph = (struct udphdr *)((u8 *)ip6hdr + + sizeof (*ip6hdr)); + sport = udph->source; + dport = udph->dest; + l4_hdr = udph; + l4_is_tcp = false; + + } else if (ip_proto == IPPROTO_IPIP) { + struct iphdr *iph; + + if (!ff.tun_ready) + return false; + + /* must be for us */ + if (memcmp(&ip6hdr->daddr, &ff.u.map.src, 16)) + return false; + + /* check len */ + if (l3_plen < sizeof (struct iphdr) + + sizeof (struct ipv6hdr)) + return false; + + iph = (struct iphdr *)(ip6hdr + 1); + + /* does it come from BR ? */ + if (memcmp(&ip6hdr->saddr, &ff.u.map.br, 16)) { + struct in6_addr exp_src_addr; + + /* no, check FMR for spoofing */ + if (!ff.u.map.ipv4_prefix) + return false; + + /* check up to PSID to reduce lookup + * depth */ + ff_tun_gen_mape_addr(iph->saddr, 0, + &exp_src_addr); + if (!ipv6_prefix_equal(&ip6hdr->saddr, + &exp_src_addr, + ff.u.map.ipv6_plen + + ff.u.map.ipv4_plen)) + return false; + } + + if (!ff.tun_dev) + return false; + + last_rx_dev = ff.tun_dev; + l3_hdr = iph; + l3_plen -= sizeof (*ip6hdr); + l3_is_ipv4 = true; + goto handle_ipv4; + + } else + return false; + + e6 = __ffn6_get(ip6hdr->saddr.s6_addr32, + ip6hdr->daddr.s6_addr32, + sport, dport, l4_is_tcp); + + if (!e6) { + return false; + } + + if (e6->manip.dst->obsolete > 0) { + return false; + } + + ct = e6->manip.ct; + + /* only fast forward TCP connections in established state */ + if (l4_is_tcp && + ct->proto.tcp.state != TCP_CONNTRACK_ESTABLISHED) { + return false; + } + + /* find out if the packet is to be sent as-is or + * tunneled */ + if (ff.tun_dev && e6->manip.dst->dev == ff.tun_dev) { + const struct ff6_priv *ff6_priv; + struct ff6_priv *ff6_wpriv; + struct dst_entry *v4_dst; + struct flowi4 fl4; + struct rtable *rt; + struct neighbour *neigh; + u32 dest, nexthop; + + /* IPv6 tunneled into SIT device using 6rd */ + if (!ff.tun_ready) { + return false; + } + + if (l3_plen > ff.tun_mtu) + return false; + + /* lookup ipv4 route cache */ + ff6_priv = ffn6_get_ro_priv(e6); + if (ff6_priv) { + if (!ff6_priv->tun_dst->obsolete) { + /* valid route found */ + v4_dst = ff6_priv->tun_dst; + dest = ff6_priv->tun_dest_ip; + goto cached_ipv4_route; + } + + ff6_priv_release(ff6_priv); + e6->manip.priv_destructor = NULL; + } + + /* cache miss, compute IPv4 destination */ + if ((ip6hdr->daddr.s6_addr32[0] & + ff.u.sit.s6rd_pmask) == ff.u.sit.s6rd_prefix) { + /* next hop via prefix */ + dest = ff_tun_extract_6rd_addr(&ip6hdr->daddr); + } else { + const struct in6_addr *nh6; + struct rt6_info *rt6; + + /* next hop via route */ + rt6 = (struct rt6_info *)e6->manip.dst; + nh6 = rt6_nexthop(rt6, + (struct in6_addr *)e6->manip.new_dip); + if (!nh6) { + return false; + } + + /* should be a v4 mapped */ + if (nh6->s6_addr32[0] != 0 || + nh6->s6_addr32[1] != 0 || + nh6->s6_addr32[2] != 0) { + return false; + } + + dest = nh6->s6_addr32[3]; + } + + /* v4 route lookup */ + rt = ip_route_output_ports(&init_net, &fl4, NULL, + dest, ff.u.sit.src, + 0, 0, + IPPROTO_IPV6, 0, + 0); + if (IS_ERR(rt) || + rt->rt_type != RTN_UNICAST) + return false; + + ff6_wpriv = ffn6_get_rw_priv(e6); + if (!ff6_wpriv) + return false; + + /* cache this inside FFN private area */ + ff6_wpriv->tun_dst = (struct dst_entry *)rt; + ff6_wpriv->tun_dest_ip = dest; + e6->manip.priv_destructor = ff6_priv_destructor_cb; + + v4_dst = (struct dst_entry *)rt; + ff6_priv = ff6_wpriv; + +cached_ipv4_route: + if (v4_dst->dev != tx_dev) { + return false; + } + + /* is the neighboor ready ? */ + rt = (struct rtable *)v4_dst; + nexthop = (__force u32)rt_nexthop(rt, dest); + neigh = __ipv4_neigh_lookup_noref(tx_dev, nexthop); + if (!neigh || !(neigh->nud_state & NUD_VALID)) + return false; + memcpy(dest_hw, neigh->ha, 6); + + tun_v4_dest = dest; + xmit_mode = FF_XMIT_IPV6_IN_IPV4; + + } else if (e6->manip.dst->dev == tx_dev) { + const struct in6_addr *nexthop; + const struct rt6_info *rt6; + struct neighbour *neigh; + + /* is the neighboor ready ? */ + rt6 = (const struct rt6_info *)e6->manip.dst; + + nexthop = rt6_nexthop(rt6, + (struct in6_addr *)e6->manip.new_dip); + if (!nexthop) + return false; + + neigh = __ipv6_neigh_lookup_noref(tx_dev, nexthop); + if (!neigh || !(neigh->nud_state & NUD_VALID)) + return false; + memcpy(dest_hw, neigh->ha, 6); + + xmit_mode = FF_XMIT_IPV6; + } else + return false; + } + + /* is destination on correct tx bridge port ? */ + soft_tx_dev = NULL; + if (is_bridge_dev(tx_dev)) { + struct net_bridge_port *p = br_port_get_rcu(tx_mp->dev); + struct net_bridge_fdb_entry *fdb; + + fdb = br_fdb_find_rcu(p->br, dest_hw, 0); + if (!fdb) + return false; - return rx; + if (fdb->dst != p) + soft_tx_dev = fdb->dst->dev; } -static int rxq_refill(struct rx_queue *rxq, int budget) + if (!soft_tx_dev) + txq = tx_mp->ff_txq; + else + txq = NULL; + + if (is_bridge_dev(rx_dev)) { + struct net_bridge *br = netdev_priv(rx_dev); + struct net_bridge_port *p; + + /* if packet comes from a bridge, make sure we are + * allowed to ingress it */ + p = br_port_get_rcu(rx_mp->dev); + if (p->state != BR_STATE_FORWARDING) { + return false; + } + + /* refresh FDB entry for this source */ + if (!br_fdb_update_only(br, p, eth->h_source)) { + return false; + } + + dev_sw_netstats_rx_add(rx_dev, eth_len); + + } else if (rx_vlan) { + struct vlan_dev_priv *vlan = vlan_dev_priv(rx_dev); + struct vlan_pcpu_stats *stats; + stats = this_cpu_ptr(vlan->vlan_pcpu_stats); + stats->rx_packets++; + stats->rx_bytes += eth_len; + } else { + rx_dev->stats.rx_packets++; + rx_dev->stats.rx_bytes += eth_len; + } + + rx_hw_stats = &rx_mp->dev->stats; + rx_hw_stats->rx_bytes += eth_len; + rx_hw_stats->rx_packets++; + + /* do we have room in the tx queue ? */ + if (txq && + txq->tx_desc_count == txq->tx_ring_size && + !ff_tx_queue_can_reclaim(txq)) { + /* just rearm descriptor and fake success */ + rx_desc->cmd_sts = BUFFER_OWNED_BY_DMA | RX_ENABLE_INTERRUPT; + txq_enable(txq); + return true; + } + + /* remember RX desc hw address before we reload it and point + * if back to frag hw address */ + buf_addr = rx_desc->buf_ptr; + buf_addr -= offset; + + /* can we allocate a new fragment to replace the descriptor we + * are about to use ? */ + if (rx_desc_refill(rx_mp, rx_desc, pmap_size, true)) { + /* just rearm descriptor and fake success */ + rx_desc->cmd_sts = BUFFER_OWNED_BY_DMA | RX_ENABLE_INTERRUPT; + return true; + } + + if (ct && l4_is_tcp) { + /* don't try to track window anymore on this + * connection */ + ct->proto.tcp.no_window_track = 1; + } + + /* alter l3 & l4 content if needed (routing only) */ + if (l3_is_ipv4 && e) { + struct iphdr *iph = (struct iphdr *)l3_hdr; + + if (e->manip.alter) { + if (l4_is_tcp) { + struct tcphdr *tcph = (struct tcphdr *)l4_hdr; + tcph->source = e->manip.new_sport; + tcph->dest = e->manip.new_dport; + tcph->check = csum16_sub(tcph->check, + e->manip.l4_adjustment); + } else { + struct udphdr *udph = (struct udphdr *)l4_hdr; + udph->source = e->manip.new_sport; + udph->dest = e->manip.new_dport; + if (udph->check) { + u16 tcheck; + + tcheck = csum16_sub(udph->check, + e->manip.l4_adjustment); + udph->check = tcheck ? tcheck : 0xffff; + } + } + + iph->saddr = e->manip.new_sip; + iph->daddr = e->manip.new_dip; + } + + iph->ttl--; + iph->check = csum16_sub(iph->check, + e->manip.ip_adjustment); + + } else if (!l3_is_ipv4 && e6) { + struct ipv6hdr *ip6hdr = (struct ipv6hdr *)l3_hdr; + + if (e6->manip.alter) { + if (l4_is_tcp) { + struct tcphdr *tcph = (struct tcphdr *)l4_hdr; + tcph->source = e6->manip.new_sport; + tcph->dest = e6->manip.new_dport; + tcph->check = csum16_sub(tcph->check, + e6->manip.adjustment); + } else { + struct udphdr *udph = (struct udphdr *)l4_hdr; + udph->source = e6->manip.new_sport; + udph->dest = e6->manip.new_dport; + + if (udph->check) { + u16 tcheck; + + tcheck = csum16_sub(udph->check, + e6->manip.adjustment); + udph->check = tcheck ? tcheck : 0xffff; + } + } + + memcpy(ip6hdr->saddr.s6_addr32, e6->manip.new_sip, 16); + memcpy(ip6hdr->daddr.s6_addr32, e6->manip.new_dip, 16); + } + + ip6hdr->hop_limit--; + } + + /* packet is ready to xmit */ + switch (xmit_mode) { + case FF_XMIT_IPV4: + clean_len = sizeof (struct iphdr); + proto = ETH_P_IP; + break; + + case FF_XMIT_IPV6: + clean_len = sizeof (struct ipv6hdr); + proto = ETH_P_IPV6; + break; + + case FF_XMIT_IPV6_IN_IPV4: { - struct mv643xx_eth_private *mp = rxq_to_mp(rxq); - int refilled; + struct iphdr *tun_hdr; + /* prepend IPv4 */ + tun_hdr = (struct iphdr *)((u8 *)l3_hdr - sizeof (*tun_hdr)); + tun_hdr->ihl = 5; + tun_hdr->version = 4; + tun_hdr->tos = 0; + tun_hdr->tot_len = htons(l3_plen + sizeof (*tun_hdr)); + tun_hdr->id = 0; + tun_hdr->frag_off = 0; + tun_hdr->ttl = 64; + tun_hdr->protocol = IPPROTO_IPV6; + tun_hdr->saddr = ff.u.sit.src; + tun_hdr->daddr = tun_v4_dest; + + l3_hdr = (u8 *)tun_hdr; + l3_plen += sizeof (*tun_hdr); + + clean_len = sizeof (struct iphdr) + sizeof (struct ipv6hdr); + proto = ETH_P_IP; + break; + } + + case FF_XMIT_IPV4_IN_IPV6: + { + struct ipv6hdr *tun_6hdr; + + /* prepend IPv6 */ + tun_6hdr = (struct ipv6hdr *)((u8 *)l3_hdr - sizeof (*tun_6hdr)); + tun_6hdr->version = 6; + tun_6hdr->priority = 0; + memset(tun_6hdr->flow_lbl, 0, sizeof (tun_6hdr->flow_lbl)); + tun_6hdr->payload_len = htons(l3_plen); + tun_6hdr->nexthdr = IPPROTO_IPIP; + tun_6hdr->hop_limit = 64; + tun_6hdr->saddr = ff.u.map.src; + tun_6hdr->daddr = *tun_v6_pdest; + + l3_hdr = (u8 *)tun_6hdr; + l3_plen += sizeof (*tun_6hdr); + + clean_len = sizeof (struct ipv6hdr) + sizeof (struct iphdr); + proto = ETH_P_IPV6; + break; + } + } + + if (e || e6) { + if (l4_is_tcp) + clean_len += sizeof (struct tcphdr); + else + clean_len += sizeof (struct udphdr); + } - refilled = 0; - while (refilled < budget && rxq->rx_desc_count < rxq->rx_ring_size) { + /* add ethernet header */ + l2_hdr = l3_hdr; + if (tx_vlan) { + struct vlan_ethhdr *vhdr; + + l2_hdr -= VLAN_ETH_HLEN; + vhdr = (struct vlan_ethhdr *)l2_hdr; + memcpy(vhdr->h_dest, dest_hw, 6); + memcpy(vhdr->h_source, rx_mp->dev->dev_addr, 6); + vhdr->h_vlan_proto = htons(ETH_P_8021Q); + vhdr->h_vlan_TCI = htons(836); + vhdr->h_vlan_encapsulated_proto = htons(proto); + + eth = (struct ethhdr *)vhdr; + eth_len = l3_plen + VLAN_ETH_HLEN; + clean_len += VLAN_ETH_HLEN; + } else { + l2_hdr -= ETH_HLEN; + eth = (struct ethhdr *)l2_hdr; + memcpy(eth->h_dest, dest_hw, 6); + memcpy(eth->h_source, rx_mp->dev->dev_addr, 6); + eth->h_proto = htons(proto); + eth_len = l3_plen + ETH_HLEN; + clean_len += ETH_HLEN; + } + + if (txq) { + if (ff_send(tx_mp, + txq, + buf_addr + (void *)eth - frag, + frag, rx_mp->pkt_size, + eth_len, + clean_len, + (proto == ETH_P_IP), + tx_vlan)) { + skb_free_frag(frag); + return true; + } + } else { struct sk_buff *skb; - int rx; - struct rx_desc *rx_desc; - int size; - skb = netdev_alloc_skb(mp->dev, mp->skb_size); + skb = build_skb(frag, rx_mp->frag_size); + if (!skb) { + skb_free_frag(frag); + return true; + } + + skb_reserve(skb, (void *)eth - frag); + skb_put(skb, eth_len); + skb->protocol = eth->h_proto; + skb_set_network_header(skb, l3_hdr - l2_hdr); + skb->dev = soft_tx_dev; + dev_queue_xmit(skb); + } + + if (is_bridge_dev(tx_dev)) { + dev_sw_netstats_tx_add(tx_dev, 1, eth_len); + } else if (tx_vlan) { + struct vlan_dev_priv *vlan = vlan_dev_priv(tx_dev); + struct vlan_pcpu_stats *stats; + stats = this_cpu_ptr(vlan->vlan_pcpu_stats); + stats->tx_packets++; + stats->tx_bytes += eth_len; + } else { + tx_dev->stats.tx_packets++; + tx_dev->stats.tx_bytes += eth_len; + } + + if (txq) { + tx_hw_stats = &tx_mp->dev->stats; + tx_hw_stats->tx_bytes += eth_len; + tx_hw_stats->tx_packets++; + } + + /* refresh conntrack */ + if (ct) { + if (l4_is_tcp) + timeout = HZ * 3600 * 24 * 5; + else + timeout = HZ * 180; + + if (ct->timeout - ff.jiffies < timeout - 10 * HZ) { + unsigned long newtime = ff.jiffies + timeout; + ct->timeout = newtime; + } + } - if (skb == NULL) { - mp->oom = 1; - goto oom; + return true; } - if (SKB_DMA_REALIGN) - skb_reserve(skb, SKB_DMA_REALIGN); +/* + * + */ +static bool ff_receive(struct mv643xx_eth_private *mp, + struct rx_desc *rx_desc, + unsigned int *pmap_size, + unsigned int cmd_sts, + void *frag, + size_t offset, size_t dlen) +{ + if (!ff_enabled) + return false; + + /* + * GWv1 + */ + if (ff_mode == 1) { + /* + * LAN => WAN + * [eth0 (untagged)] => [br0] => IPV4 => [eth1.836] + * + * WAN => LAN + * [eth1.836] => IPV4 => [br0] => [eth0] + */ + if (mp->shared->unit == 0) + return ff_forward(mp, mp_by_unit[1], + false, + ff.lan_dev, + ff.wan_dev, + 0, 836, + rx_desc, + pmap_size, + cmd_sts, + frag, offset, dlen); + + if (mp->shared->unit == 1) + return ff_forward(mp, mp_by_unit[0], + true, + ff.wan_dev, + ff.lan_dev, + 836, 0, + rx_desc, + pmap_size, + cmd_sts, + frag, offset, dlen); + } - refilled++; - rxq->rx_desc_count++; + /* + * GWv2 + */ + if (ff_mode == 2) { + /* + * LAN => WAN + * [eth0 (untagged)] => [br0] => IPV4 => [eth0.836] + * + * WAN => LAN + * [eth0.836] => IPV4 => [br0] => [eth0] + */ + if (mp->shared->unit != 0) + return false; - rx = rxq->rx_used_desc++; - if (rxq->rx_used_desc == rxq->rx_ring_size) - rxq->rx_used_desc = 0; + if (!pkt_is_vlan(cmd_sts)) + return ff_forward(mp, mp, + false, + ff.lan_dev, + ff.wan_dev, + 0, 836, + rx_desc, + pmap_size, + cmd_sts, + frag, offset, dlen); + else + return ff_forward(mp, mp, + true, + ff.wan_dev, + ff.lan_dev, + 836, 0, + rx_desc, + pmap_size, + cmd_sts, + frag, offset, dlen); + } - rx_desc = rxq->rx_desc_area + rx; + return false; +} - size = skb_end_pointer(skb) - skb->data; - rx_desc->buf_ptr = dma_map_single(mp->dev->dev.parent, - skb->data, size, - DMA_FROM_DEVICE); - rx_desc->buf_size = size; - rxq->rx_skb[rx] = skb; - wmb(); - rx_desc->cmd_sts = BUFFER_OWNED_BY_DMA | RX_ENABLE_INTERRUPT; - wmb(); +/* + * + */ +static ssize_t ff_show_enabled(struct device *dev, + struct device_attribute *attr, + char *buf) +{ + return sprintf(buf, "%u\n", ff_enabled); +} + +static ssize_t ff_store_enabled(struct device *dev, + struct device_attribute *attr, + const char *buf, size_t len) +{ + unsigned long val; + + if (kstrtoul(buf, 10, &val)) + return -EINVAL; + + if (ff_enabled == val) + return len; + + printk(KERN_NOTICE "ff: fastpath now %s\n", + val ? "enabled" : "disabled"); + ff_enabled = val; + return len; +} + +static struct device_attribute dev_attr_ff = { + .attr = { .name = "ff_enabled", .mode = (S_IRUGO | S_IWUSR) }, + .show = ff_show_enabled, + .store = ff_store_enabled, +}; /* - * The hardware automatically prepends 2 bytes of - * dummy data to each received packet, so that the - * IP header ends up 16-byte aligned. + * */ - skb_reserve(skb, 2); +static ssize_t ff_show_tun_dev(struct device *dev, + struct device_attribute *attr, + char *buf) +{ + return sprintf(buf, "%s\n", ff.tun_dev_name); } - if (refilled < budget) - mp->work_rx_refill &= ~(1 << rxq->index); +static ssize_t ff_store_tun_dev(struct device *dev, + struct device_attribute *attr, + const char *buf, size_t len) +{ + if (!len || buf[0] == '\n') { + ff.tun_dev_name[0] = 0; + ff_tun_release(); + printk(KERN_NOTICE "ff: tun dev unset\n"); + return len; + } -oom: - return refilled; + ff_tun_release(); + strncpy(ff.tun_dev_name, buf, len); + strim(ff.tun_dev_name); + printk(KERN_NOTICE "ff: tun dev set to %s\n", ff.tun_dev_name); + ff_tun_capture(); + return len; +} + +static struct device_attribute dev_attr_tun = { + .attr = { .name = "ff_tun_dev", .mode = (S_IRUGO | S_IWUSR) }, + .show = ff_show_tun_dev, + .store = ff_store_tun_dev, +}; + +static struct ff_dev gw_lan = { + .desc = "lan", + .unit = 0, + .bridge_member = true, + .pvirt_dev = &ff.lan_dev, +}; + +static struct ff_dev gwv1_wan = { + .desc = "wan", + .unit = 1, + .vlan = 836, + .pvirt_dev = &ff.wan_dev, +}; + +static struct ff_dev gwv2_wan = { + .desc = "wan", + .unit = 0, + .vlan = 836, + .pvirt_dev = &ff.wan_dev, +}; + +static void ff_init(struct device *dev) +{ + static bool done; + + if (done) + return; + + device_create_file(dev, &dev_attr_ff); + device_create_file(dev, &dev_attr_tun); + + printk(KERN_DEBUG "ff_init: mode %u\n", ff_mode); + switch (ff_mode) { + case 1: + list_add(&gw_lan.next, &ff_devs); + list_add(&gwv1_wan.next, &ff_devs); + break; + + case 2: + list_add(&gw_lan.next, &ff_devs); + list_add(&gwv2_wan.next, &ff_devs); + break; + } + + done = true; +} +#endif + +static void rxq_receive_packet(struct mv643xx_eth_private *mp, + struct rx_queue *rxq, + unsigned int cmd_sts, + struct sk_buff *skb) +{ + struct net_device_stats *stats = &mp->dev->stats; + + if (cmd_sts & LAYER_4_CHECKSUM_OK) + skb->ip_summed = CHECKSUM_UNNECESSARY; + + rxq->rx_packets++; + stats->rx_packets++; + stats->rx_bytes += skb->len + ETH_FCS_LEN; + + skb->protocol = eth_type_trans(skb, mp->dev); + + if (pkt_is_ipv4(cmd_sts) && + (pkt_is_udp4(cmd_sts) || pkt_is_tcp4(cmd_sts))) + napi_gro_receive(&mp->napi, skb); + else + netif_receive_skb(skb); +} + +static int rxq_process(struct rx_queue *rxq, int budget) +{ + struct mv643xx_eth_private *mp = rxq_to_mp(rxq); + struct net_device_stats *stats = &mp->dev->stats; + int rx_done; + + rx_done = 0; + while (rx_done < budget) { + struct rx_desc *rx_desc; + struct sk_buff *skb; + unsigned int cmd_sts, rx_desc_idx; + void *frag; + u16 byte_cnt; + int ret; + + rx_desc = &rxq->rx_desc_area[rxq->rx_curr_desc]; + + cmd_sts = rx_desc->cmd_sts; + if (cmd_sts & BUFFER_OWNED_BY_DMA) + break; + + rx_done++; + rx_desc_idx = rxq->rx_curr_desc; + rxq->rx_curr_desc++; + if (rxq->rx_curr_desc == rxq->rx_ring_size) + rxq->rx_curr_desc = 0; + + /* + * In case we received a packet without first / last bits + * on, or the error summary bit is set, the packet needs + * to be dropped. + */ + if ((cmd_sts & (RX_FIRST_DESC | RX_LAST_DESC | ERROR_SUMMARY)) + != (RX_FIRST_DESC | RX_LAST_DESC)) + goto err_rearm; + + rmb(); + frag = (void *)rx_desc->cookie; + byte_cnt = rx_desc->byte_cnt; + +#ifdef CONFIG_MV643XX_ETH_FBX_FF + if (ff_receive(mp, rx_desc, + &rxq->rx_desc_map_sizes[rx_desc_idx], + cmd_sts, + frag, RX_OFFSET, + byte_cnt - ETH_FCS_LEN)) { + rxq->rx_packets++; + continue; + } +#endif + + if (byte_cnt < COPY_BREAK_SIZE) { + /* better copy a small frame and not unmap the + * DMA region */ + skb = netdev_alloc_skb_ip_align(mp->dev, byte_cnt); + if (unlikely(!skb)) + goto err_rearm; + + dma_sync_single_range_for_cpu(mp->dev->dev.parent, + rx_desc->buf_ptr, + 0, + byte_cnt, + DMA_FROM_DEVICE); + + memcpy(skb_put(skb, byte_cnt - 2 - ETH_FCS_LEN), + frag + RX_OFFSET + 2, + byte_cnt - 2 - ETH_FCS_LEN); + + dma_sync_single_range_for_device(mp->dev->dev.parent, + rx_desc->buf_ptr, + 0, + byte_cnt, + DMA_FROM_DEVICE); + + /* rearm descriptor */ + rx_desc->cmd_sts = BUFFER_OWNED_BY_DMA | + RX_ENABLE_INTERRUPT; + + rxq_receive_packet(mp, rxq, cmd_sts, skb); + continue; + } + + ret = rx_desc_refill(mp, rx_desc, + &rxq->rx_desc_map_sizes[rx_desc_idx], + true); + if (ret) { + netdev_err(mp->dev, "oom while refill\n"); + goto err_rearm; + } + + /* descriptor is re-armed now */ + + skb = build_skb(frag, mp->frag_size > PAGE_SIZE ? + 0 : mp->frag_size); + if (!skb) { + mv643xx_eth_frag_free(mp, frag); + stats->rx_dropped++; + continue; + } + + /* add NET_SKB_PAD + skip 2 bytes of hardware align */ + skb_reserve(skb, RX_OFFSET + 2); + skb_put(skb, byte_cnt - 2 - ETH_FCS_LEN); + + rxq_receive_packet(mp, rxq, cmd_sts, skb); + continue; + +err_rearm: + stats->rx_dropped++; + + if ((cmd_sts & (RX_FIRST_DESC | RX_LAST_DESC)) != + (RX_FIRST_DESC | RX_LAST_DESC)) { + if (net_ratelimit()) + netdev_err(mp->dev, + "received packet spanning multiple descriptors\n"); + } + + if (cmd_sts & ERROR_SUMMARY) { + stats->rx_errors++; + if (cmd_sts & RX_FIRST_DESC) { + switch (cmd_sts & ERROR_CODE_MASK) { + case ERROR_CODE_RX_MAX_LENGTH: + stats->rx_length_errors++; + break; + case ERROR_CODE_RX_CRC: + stats->rx_crc_errors++; + break; + case ERROR_CODE_RX_OVERRUN: + stats->rx_fifo_errors++; + break; + } + } + } + + /* rearm descriptor */ + rx_desc->cmd_sts = BUFFER_OWNED_BY_DMA | RX_ENABLE_INTERRUPT; + } + + if (rx_done < budget) + mp->work_rx &= ~(1 << rxq->index); + + return rx_done; } @@ -666,8 +2691,36 @@ return 0; } +static u32 fill_desc_for_checksum(unsigned int vlan_hdr_len, + unsigned int ihl, + unsigned int ip_proto) +{ + u32 cmd = 0; + + if (vlan_hdr_len & 4) + cmd |= MAC_HDR_EXTRA_4_BYTES; + if (vlan_hdr_len & 8) + cmd |= MAC_HDR_EXTRA_8_BYTES; + + cmd |= GEN_TCP_UDP_CHECKSUM | + GEN_TCP_UDP_CHK_FULL | + GEN_IP_V4_CHECKSUM | + ihl << TX_IHL_SHIFT; + + switch (ip_proto) { + case IPPROTO_UDP: + cmd |= UDP_FRAME; + break; + case IPPROTO_TCP: + break; + default: + WARN(1, "protocol not supported"); + } + return cmd; +} + static int skb_tx_csum(struct mv643xx_eth_private *mp, struct sk_buff *skb, - u16 *l4i_chk, u32 *command, int length) + u32 *command, int length) { int ret; u32 cmd = 0; @@ -690,29 +2743,9 @@ return ret; } - if (tag_bytes & 4) - cmd |= MAC_HDR_EXTRA_4_BYTES; - if (tag_bytes & 8) - cmd |= MAC_HDR_EXTRA_8_BYTES; - - cmd |= GEN_TCP_UDP_CHECKSUM | GEN_TCP_UDP_CHK_FULL | - GEN_IP_V4_CHECKSUM | - ip_hdr(skb)->ihl << TX_IHL_SHIFT; - - /* TODO: Revisit this. With the usage of GEN_TCP_UDP_CHK_FULL - * it seems we don't need to pass the initial checksum. - */ - switch (ip_hdr(skb)->protocol) { - case IPPROTO_UDP: - cmd |= UDP_FRAME; - *l4i_chk = 0; - break; - case IPPROTO_TCP: - *l4i_chk = 0; - break; - default: - WARN(1, "protocol not supported"); - } + cmd |= fill_desc_for_checksum(tag_bytes, + ip_hdr(skb)->ihl, + ip_hdr(skb)->protocol); } else { no_csum: /* Errata BTS #50, IHL must be 5 if no HW checksum */ @@ -771,33 +2804,27 @@ } static inline void -txq_put_hdr_tso(struct sk_buff *skb, struct tx_queue *txq, int length, +txq_put_hdr_tso(struct sk_buff *skb, struct tx_queue *txq, u32 *first_cmd_sts, bool first_desc) { - struct mv643xx_eth_private *mp = txq_to_mp(txq); int hdr_len = skb_transport_offset(skb) + tcp_hdrlen(skb); int tx_index; struct tx_desc *desc; - int ret; - u32 cmd_csum = 0; - u16 l4i_chk = 0; + u32 cmd_csum; u32 cmd_sts; tx_index = txq->tx_curr_desc; desc = &txq->tx_desc_area[tx_index]; - ret = skb_tx_csum(mp, skb, &l4i_chk, &cmd_csum, length); - if (ret) - WARN(1, "failed to prepare checksum!"); - - /* Should we set this? Can't use the value from skb_tx_csum() - * as it's not the correct initial L4 checksum to use. - */ desc->l4i_chk = 0; - desc->byte_cnt = hdr_len; desc->buf_ptr = txq->tso_hdrs_dma + txq->tx_curr_desc * TSO_HEADER_SIZE; + + cmd_csum = fill_desc_for_checksum(skb_network_offset(skb) - ETH_HLEN, + ip_hdr(skb)->ihl, + IPPROTO_TCP); + cmd_sts = cmd_csum | BUFFER_OWNED_BY_DMA | TX_FIRST_DESC | GEN_CRC; @@ -847,8 +2874,7 @@ /* prepare packet headers: MAC + IP + TCP */ hdr = txq->tso_hdrs + txq->tx_curr_desc * TSO_HEADER_SIZE; tso_build_hdr(skb, hdr, &tso, data_left, total_len == 0); - txq_put_hdr_tso(skb, txq, data_left, &first_cmd_sts, - first_desc); + txq_put_hdr_tso(skb, txq, &first_cmd_sts, first_desc); while (data_left > 0) { int size; @@ -887,7 +2913,7 @@ return ret; } -static void txq_submit_frag_skb(struct tx_queue *txq, struct sk_buff *skb) +static int txq_submit_frag_skb(struct tx_queue *txq, struct sk_buff *skb) { struct mv643xx_eth_private *mp = txq_to_mp(txq); int nr_frags = skb_shinfo(skb)->nr_frags; @@ -922,22 +2948,26 @@ desc->buf_ptr = skb_frag_dma_map(mp->dev->dev.parent, this_frag, 0, desc->byte_cnt, DMA_TO_DEVICE); + if (unlikely(dma_mapping_error(mp->dev->dev.parent, + desc->buf_ptr))) { + WARN(1, "skb_frag_dma_map failed!\n"); + return -ENOMEM; + } } + return 0; } static int txq_submit_skb(struct tx_queue *txq, struct sk_buff *skb, struct net_device *dev) { struct mv643xx_eth_private *mp = txq_to_mp(txq); - int nr_frags = skb_shinfo(skb)->nr_frags; + int nr_frags; int tx_index; struct tx_desc *desc; u32 cmd_sts; - u16 l4i_chk; int length, ret; cmd_sts = 0; - l4i_chk = 0; if (txq->tx_ring_size - txq->tx_desc_count < MAX_SKB_FRAGS + 1) { if (net_ratelimit()) @@ -945,7 +2975,7 @@ return -EBUSY; } - ret = skb_tx_csum(mp, skb, &l4i_chk, &cmd_sts, skb->len); + ret = skb_tx_csum(mp, skb, &cmd_sts, skb->len); if (ret) return ret; cmd_sts |= TX_FIRST_DESC | GEN_CRC | BUFFER_OWNED_BY_DMA; @@ -956,18 +2986,31 @@ desc = &txq->tx_desc_area[tx_index]; txq->tx_desc_mapping[tx_index] = DESC_DMA_MAP_SINGLE; + nr_frags = skb_shinfo(skb)->nr_frags; if (nr_frags) { - txq_submit_frag_skb(txq, skb); + ret = txq_submit_frag_skb(txq, skb); + if (ret) { + /* restore txq pointer */ + txq->tx_curr_desc = tx_index; + return ret; + } length = skb_headlen(skb); } else { cmd_sts |= ZERO_PADDING | TX_LAST_DESC | TX_ENABLE_INTERRUPT; length = skb->len; } - desc->l4i_chk = l4i_chk; + desc->l4i_chk = 0; desc->byte_cnt = length; desc->buf_ptr = dma_map_single(mp->dev->dev.parent, skb->data, length, DMA_TO_DEVICE); + if (unlikely(dma_mapping_error(mp->dev->dev.parent, + desc->buf_ptr))) { + /* restore txq pointer */ + txq->tx_curr_desc = tx_index; + WARN(1, "dma_map_single failed!\n"); + return -ENOMEM; + } __skb_queue_tail(&txq->tx_skb, skb); @@ -989,6 +3032,34 @@ return 0; } +static int mv643xx_eth_gso_too_big(struct tx_queue *txq, + struct sk_buff *skb, + struct net_device *dev) +{ + struct sk_buff *segs, *nskb; + int ret; + + segs = skb_gso_segment(skb, dev->features & ~NETIF_F_TSO); + if (IS_ERR(segs) || !segs) + return -ENOMEM; + + ret = 0; + do { + nskb = segs; + segs = segs->next; + nskb->next = NULL; + + if (!ret) + ret = txq_submit_skb(txq, nskb, dev); + + if (ret) + dev_consume_skb_any(nskb); + } while (segs); + + dev_consume_skb_any(skb); + return 0; +} + static netdev_tx_t mv643xx_eth_xmit(struct sk_buff *skb, struct net_device *dev) { struct mv643xx_eth_private *mp = netdev_priv(dev); @@ -997,10 +3068,11 @@ struct netdev_queue *nq; queue = skb_get_queue_mapping(skb); - txq = mp->txq + queue; + txq = mp->txq + queue + NAPI_TX_OFFSET; nq = netdev_get_tx_queue(dev, queue); if (has_tiny_unaligned_frags(skb) && __skb_linearize(skb)) { + if (net_ratelimit()) netdev_printk(KERN_DEBUG, dev, "failed to linearize skb with tiny unaligned fragment\n"); return NETDEV_TX_BUSY; @@ -1008,9 +3080,12 @@ length = skb->len; - if (skb_is_gso(skb)) - ret = txq_submit_tso(txq, skb, dev); + if (skb_is_gso(skb)) { + if (skb_shinfo(skb)->gso_size > mp->shared->tx_csum_limit) + ret = mv643xx_eth_gso_too_big(txq, skb, dev); else + ret = txq_submit_tso(txq, skb, dev); + } else ret = txq_submit_skb(txq, skb, dev); if (!ret) { txq->tx_bytes += length; @@ -1031,10 +3106,14 @@ static void txq_kick(struct tx_queue *txq) { struct mv643xx_eth_private *mp = txq_to_mp(txq); - struct netdev_queue *nq = netdev_get_tx_queue(mp->dev, txq->index); + struct netdev_queue *nq; u32 hw_desc_ptr; u32 expected_ptr; +#ifdef CONFIG_MV643XX_ETH_FBX_FF + WARN_ON(txq->index == 0); +#endif + nq = netdev_get_tx_queue(mp->dev, txq->index - NAPI_TX_OFFSET); __netif_tx_lock(nq, smp_processor_id()); if (rdlp(mp, TXQ_COMMAND) & (1 << txq->index)) @@ -1053,13 +3132,22 @@ mp->work_tx_end &= ~(1 << txq->index); } -static int txq_reclaim(struct tx_queue *txq, int budget, int force) +static int txq_reclaim(struct tx_queue *txq, int budget, + bool force, bool lock) { struct mv643xx_eth_private *mp = txq_to_mp(txq); - struct netdev_queue *nq = netdev_get_tx_queue(mp->dev, txq->index); + struct netdev_queue *nq; int reclaimed; + nq = NULL; +#ifdef CONFIG_MV643XX_ETH_FBX_FF + if (txq->index != 0) +#endif + nq = netdev_get_tx_queue(mp->dev, txq->index - NAPI_TX_OFFSET); + + if (nq && lock) { __netif_tx_lock_bh(nq); + } reclaimed = 0; while (reclaimed < budget && txq->tx_desc_count > 0) { @@ -1115,6 +3203,7 @@ } + if (nq && lock) __netif_tx_unlock_bh(nq); if (reclaimed < budget) @@ -1129,11 +3218,13 @@ * Set total maximum TX rate (shared by all TX queues for this port) * to 'rate' bits per second, with a maximum burst of 'burst' bytes. */ -static void tx_set_rate(struct mv643xx_eth_private *mp, int rate, int burst) +static void tx_set_rate(struct mv643xx_eth_private *mp) { int token_rate; int mtu; int bucket_size; + u32 rate = mp->ftth_tx_shaper_rate; + u32 burst = mp->ftth_tx_shaper_burst; token_rate = ((rate / 1000) * 64) / (mp->t_clk / 1000); if (token_rate > 1023) @@ -1147,6 +3238,9 @@ if (bucket_size > 65535) bucket_size = 65535; + if (bucket_size < mtu) + bucket_size = mtu; + switch (mp->shared->tx_bw_control) { case TX_BW_CONTROL_OLD_LAYOUT: wrlp(mp, TX_BW_RATE, token_rate); @@ -1292,6 +3386,7 @@ static void mib_counters_update(struct mv643xx_eth_private *mp) { struct mib_counters *p = &mp->mib_counters; + unsigned int i; spin_lock_bh(&mp->mib_counters_lock); p->good_octets_received += mib_read(mp, 0x00); @@ -1327,6 +3422,12 @@ /* Non MIB hardware counters */ p->rx_discard += rdlp(mp, RX_DISCARD_FRAME_CNT); p->rx_overrun += rdlp(mp, RX_OVERRUN_FRAME_CNT); + /* Non MIB software counters */ + for (i = 0; i < ARRAY_SIZE(mp->rxq); i++) + p->rx_packets_q[i] = mp->rxq[i].rx_packets; + for (i = 0; i < ARRAY_SIZE(mp->txq); i++) + p->tx_packets_q[i] = mp->txq[i].tx_packets; + spin_unlock_bh(&mp->mib_counters_lock); } @@ -1476,6 +3577,22 @@ MIBSTAT(late_collision), MIBSTAT(rx_discard), MIBSTAT(rx_overrun), + MIBSTAT(rx_packets_q[0]), + MIBSTAT(rx_packets_q[1]), + MIBSTAT(rx_packets_q[2]), + MIBSTAT(rx_packets_q[3]), + MIBSTAT(rx_packets_q[4]), + MIBSTAT(rx_packets_q[5]), + MIBSTAT(rx_packets_q[6]), + MIBSTAT(rx_packets_q[7]), + MIBSTAT(tx_packets_q[0]), + MIBSTAT(tx_packets_q[1]), + MIBSTAT(tx_packets_q[2]), + MIBSTAT(tx_packets_q[3]), + MIBSTAT(tx_packets_q[4]), + MIBSTAT(tx_packets_q[5]), + MIBSTAT(tx_packets_q[6]), + MIBSTAT(tx_packets_q[7]), }; static int @@ -1676,14 +3793,257 @@ return 0; } +static void +mv643xx_eth_get_channels(struct net_device *dev, struct ethtool_channels *c) +{ + struct mv643xx_eth_private *mp = netdev_priv(dev); + + c->max_rx = 8; + c->max_tx = 8; + c->max_other = 0; + c->max_combined = c->max_rx + c->max_tx; + c->rx_count = mp->rxq_count; + c->tx_count = mp->txq_count; +} + +static int +mv643xx_eth_set_channels(struct net_device *dev, struct ethtool_channels *c) +{ + struct mv643xx_eth_private *mp = netdev_priv(dev); + bool was_runnning; + + if (c->rx_count > 8 || (c->tx_count > 8 - NAPI_TX_OFFSET) || c->max_other) + return -EINVAL; + + was_runnning = netif_running(dev); + if (was_runnning) + mv643xx_eth_stop(dev); + + mp->rxq_count = c->rx_count; + mp->txq_count = c->tx_count + NAPI_TX_OFFSET; + + netif_set_real_num_rx_queues(dev, mp->rxq_count); + netif_set_real_num_tx_queues(dev, mp->txq_count - NAPI_TX_OFFSET); + + if (was_runnning && mv643xx_eth_open(dev)) { + netdev_err(dev, + "fatal error on re-opening device after channels change\n"); + return -ENOMEM; + } + + return 0; +} + +struct vprio_queue { + int prio; + int queue; +}; + +static int cmp_queue_inv(const void *a, const void *b) +{ + const struct vprio_queue *pa = a, *pb = b; + if (pb->queue != pa->queue) + return pb->queue - pa->queue; + return pa->prio - pb->prio; +} + +static void dump_vlan_rules(struct mv643xx_eth_private *mp, + struct vprio_queue *vprio_to_queue) +{ + unsigned int i; + u32 val; + + val = rdlp(mp, PORT_VPT2P); + for (i = 0; i < 8; i++) { + unsigned int queue; + + queue = (val & (0x7 << i * 3)) >> (i * 3); + vprio_to_queue[i].prio = i; + vprio_to_queue[i].queue = queue; + } + + /* sort with higher tx queue first */ + sort(vprio_to_queue, 8, sizeof (vprio_to_queue[0]), + cmp_queue_inv, NULL); +} + +static unsigned int find_vlan_rule(struct mv643xx_eth_private *mp, + unsigned int prio) +{ + struct vprio_queue vprio_to_queue[8]; + unsigned int i; + + /* check if we already have a rule for this vlan */ + dump_vlan_rules(mp, vprio_to_queue); + for (i = 0; i < ARRAY_SIZE(vprio_to_queue); i++) { + if (vprio_to_queue[i].prio != prio) + continue; + return i; + } + /* never reached */ + return 0; +} + +static int +mv643xx_eth_get_rxnfc(struct net_device *dev, + struct ethtool_rxnfc *info, u32 *rule_locs) +{ + struct mv643xx_eth_private *mp = netdev_priv(dev); + + switch (info->cmd) { + case ETHTOOL_GRXFH: + return -ENOTSUPP; + case ETHTOOL_GRXRINGS: + info->data = mp->rxq_count; + break; + + case ETHTOOL_GRXCLSRLCNT: + info->rule_cnt = 8; + info->data = RX_CLS_LOC_SPECIAL; + break; + + case ETHTOOL_GRXCLSRLALL: + { + unsigned int i; + + if (info->rule_cnt < 8) + return -EINVAL; + + info->data = 8; + info->rule_cnt = 8; + + for (i = 0; i < 8; i++) + rule_locs[i] = i; + + break; + } + + case ETHTOOL_GRXCLSRULE: + { + struct vprio_queue vprio_to_queue[8], *r; + struct ethtool_flow_ext *h_ext, *m_ext; + unsigned int loc; + + loc = info->fs.location; + if (loc >= ARRAY_SIZE(vprio_to_queue)) + return -EINVAL; + + dump_vlan_rules(mp, vprio_to_queue); + r = &vprio_to_queue[loc]; + + memset(&info->fs, 0, sizeof (info->fs)); + info->fs.flow_type = ETHER_FLOW | FLOW_EXT; + info->fs.ring_cookie = r->queue; + info->fs.location = loc; + + m_ext = &info->fs.m_ext; + m_ext->vlan_tci |= VLAN_PRIO_MASK; + + h_ext = &info->fs.h_ext; + h_ext->vlan_tci |= r->prio << VLAN_PRIO_SHIFT; + + break; + } + } + return 0; +} + +static int +mv643xx_eth_set_rxnfc(struct net_device *dev, struct ethtool_rxnfc *info) +{ + struct mv643xx_eth_private *mp = netdev_priv(dev); + + switch (info->cmd) { + case ETHTOOL_SRXFH: + return -ENOTSUPP; + + case ETHTOOL_SRXCLSRLINS: + { + struct ethhdr *m, z; + struct ethtool_flow_ext *h_ext, *m_ext; + unsigned int prio; + unsigned int rule_nr; + u32 val; + + if ((info->fs.flow_type & (FLOW_MAC_EXT | FLOW_EXT)) != + FLOW_EXT) + return -EINVAL; + + info->fs.flow_type &= ~FLOW_EXT; + if (info->fs.flow_type != ETHER_FLOW) + return -EINVAL; + + if (info->fs.ring_cookie >= mp->rxq_count) + return -EINVAL; + + if (info->fs.location != RX_CLS_LOC_ANY) + return -EINVAL; + + /* no mask should be set on ethernet */ + m = &info->fs.m_u.ether_spec; + memset(&z, 0, sizeof (z)); + if (memcmp(m, &z, sizeof (*m))) + return -EINVAL; + + /* no mask should be set on ext besides vlan prio */ + m_ext = &info->fs.m_ext; + if (m_ext->vlan_etype || + m_ext->data[0] || + m_ext->data[1] || + ntohs(m_ext->vlan_tci) != VLAN_PRIO_MASK) + return -EINVAL; + + /* ok, extract vlan prio */ + h_ext = &info->fs.h_ext; + prio = (ntohs(h_ext->vlan_tci) & VLAN_PRIO_MASK) >> + VLAN_PRIO_SHIFT; + + /* update vlan priority table for new rule */ + rule_nr = find_vlan_rule(mp, prio); + + val = rdlp(mp, PORT_VPT2P); + val |= info->fs.ring_cookie << (prio * 3); + wrlp(mp, PORT_VPT2P, val); + + info->fs.location = rule_nr; + break; + } + + case ETHTOOL_SRXCLSRLDEL: + { + struct vprio_queue vprio_to_queue[8], *r; + u32 val; + + if (info->fs.location >= ARRAY_SIZE(vprio_to_queue)) + return -EINVAL; + + dump_vlan_rules(mp, vprio_to_queue); + r = &vprio_to_queue[info->fs.location]; + + /* update vlan priority table */ + val = rdlp(mp, PORT_VPT2P); + val &= ~(0x7 << (r->prio * 3)); + wrlp(mp, PORT_VPT2P, val); + break; + } + } + + return 0; +} static int mv643xx_eth_set_features(struct net_device *dev, netdev_features_t features) { struct mv643xx_eth_private *mp = netdev_priv(dev); bool rx_csum = features & NETIF_F_RXCSUM; + u32 port_config; - wrlp(mp, PORT_CONFIG, rx_csum ? 0x02000000 : 0x00000000); + port_config = rdlp(mp, PORT_CONFIG); + if (rx_csum) + port_config |= 0x02000000; + else + port_config &= ~0x02000000; + wrlp(mp, PORT_CONFIG, port_config); return 0; } @@ -1753,6 +4113,10 @@ .set_wol = mv643xx_eth_set_wol, .get_link_ksettings = mv643xx_eth_get_link_ksettings, .set_link_ksettings = mv643xx_eth_set_link_ksettings, + .get_channels = mv643xx_eth_get_channels, + .set_channels = mv643xx_eth_set_channels, + .get_rxnfc = mv643xx_eth_get_rxnfc, + .set_rxnfc = mv643xx_eth_set_rxnfc, }; @@ -1928,7 +4292,6 @@ return 0; } - /* rx/tx queue initialisation ***********************************************/ static int rxq_init(struct mv643xx_eth_private *mp, int index) { @@ -1940,10 +4303,7 @@ rxq->index = index; rxq->rx_ring_size = mp->rx_ring_size; - - rxq->rx_desc_count = 0; rxq->rx_curr_desc = 0; - rxq->rx_used_desc = 0; size = rxq->rx_ring_size * sizeof(struct rx_desc); @@ -1965,14 +4325,22 @@ memset(rxq->rx_desc_area, 0, size); rxq->rx_desc_area_size = size; - rxq->rx_skb = kcalloc(rxq->rx_ring_size, sizeof(*rxq->rx_skb), - GFP_KERNEL); - if (rxq->rx_skb == NULL) + + rxq->rx_desc_map_sizes = kcalloc(rxq->rx_ring_size, + sizeof (*rxq->rx_desc_map_sizes), + GFP_ATOMIC); + if (!rxq->rx_desc_map_sizes) goto out_free; rx_desc = rxq->rx_desc_area; for (i = 0; i < rxq->rx_ring_size; i++) { - int nexti; + int ret, nexti; + + ret = rx_desc_refill(mp, &rx_desc[i], + &rxq->rx_desc_map_sizes[i], + false); + if (ret) + goto out_free; nexti = i + 1; if (nexti == rxq->rx_ring_size) @@ -1986,6 +4354,16 @@ out_free: + for (i = 0; i < rxq->rx_ring_size; i++) { + if (!rx_desc[i].cookie) + break; + dma_unmap_single(mp->dev->dev.parent, + rx_desc[i].buf_ptr, + rxq->rx_desc_map_sizes[i], + DMA_FROM_DEVICE); + mv643xx_eth_frag_free(mp, (void *)rx_desc[i].cookie); + } + if (index == 0 && size <= mp->rx_desc_sram_size) iounmap(rxq->rx_desc_area); else @@ -1993,6 +4371,7 @@ rxq->rx_desc_area, rxq->rx_desc_dma); + kfree(rxq->rx_desc_map_sizes); out: return -ENOMEM; } @@ -2005,15 +4384,11 @@ rxq_disable(rxq); for (i = 0; i < rxq->rx_ring_size; i++) { - if (rxq->rx_skb[i]) { - dev_consume_skb_any(rxq->rx_skb[i]); - rxq->rx_desc_count--; - } - } - - if (rxq->rx_desc_count) { - netdev_err(mp->dev, "error freeing rx ring -- %d skbs stuck\n", - rxq->rx_desc_count); + dma_unmap_single(mp->dev->dev.parent, + rxq->rx_desc_area[i].buf_ptr, + rxq->rx_desc_map_sizes[i], + DMA_FROM_DEVICE); + mv643xx_eth_frag_free(mp, (void *)rxq->rx_desc_area[i].cookie); } if (rxq->index == 0 && @@ -2023,7 +4398,7 @@ dma_free_coherent(mp->dev->dev.parent, rxq->rx_desc_area_size, rxq->rx_desc_area, rxq->rx_desc_dma); - kfree(rxq->rx_skb); + kfree(rxq->rx_desc_map_sizes); } static int txq_init(struct mv643xx_eth_private *mp, int index) @@ -2119,7 +4494,7 @@ struct mv643xx_eth_private *mp = txq_to_mp(txq); txq_disable(txq); - txq_reclaim(txq, txq->tx_ring_size, 1); + txq_reclaim(txq, txq->tx_ring_size, true, false); BUG_ON(txq->tx_used_desc != txq->tx_curr_desc); @@ -2158,6 +4533,9 @@ wrlp(mp, INT_CAUSE, ~int_cause); mp->work_tx_end |= ((int_cause & INT_TX_END) >> 19) & ~(rdlp(mp, TXQ_COMMAND) & 0xff); +#ifdef CONFIG_MV643XX_ETH_FBX_FF + mp->work_tx_end &= ~INT_TX_END_0; +#endif mp->work_rx |= (int_cause & INT_RX) >> 2; } @@ -2167,6 +4545,9 @@ if (int_cause_ext & INT_EXT_LINK_PHY) mp->work_link = 1; mp->work_tx |= int_cause_ext & INT_EXT_TX; +#ifdef CONFIG_MV643XX_ETH_FBX_FF + mp->work_tx &= ~INT_EXT_TX_0; +#endif } return 1; @@ -2206,7 +4587,8 @@ for (i = 0; i < mp->txq_count; i++) { struct tx_queue *txq = mp->txq + i; - txq_reclaim(txq, txq->tx_ring_size, 1); + txq_reclaim(txq, txq->tx_ring_size, + true, true); txq_reset_hw_ptr(txq); } } @@ -2242,12 +4624,11 @@ struct mv643xx_eth_private *mp; int work_done; - mp = container_of(napi, struct mv643xx_eth_private, napi); +#ifdef CONFIG_MV643XX_ETH_FBX_FF + ff.jiffies = jiffies; +#endif - if (unlikely(mp->oom)) { - mp->oom = 0; - del_timer(&mp->rx_oom); - } + mp = container_of(napi, struct mv643xx_eth_private, napi); work_done = 0; while (work_done < budget) { @@ -2263,8 +4644,6 @@ } queue_mask = mp->work_tx | mp->work_tx_end | mp->work_rx; - if (likely(!mp->oom)) - queue_mask |= mp->work_rx_refill; if (!queue_mask) { if (mv643xx_eth_collect_events(mp)) @@ -2282,20 +4661,17 @@ if (mp->work_tx_end & queue_mask) { txq_kick(mp->txq + queue); } else if (mp->work_tx & queue_mask) { - work_done += txq_reclaim(mp->txq + queue, work_tbd, 0); + work_done += txq_reclaim(mp->txq + queue, work_tbd, + false, true); txq_maybe_wake(mp->txq + queue); } else if (mp->work_rx & queue_mask) { work_done += rxq_process(mp->rxq + queue, work_tbd); - } else if (!mp->oom && (mp->work_rx_refill & queue_mask)) { - work_done += rxq_refill(mp->rxq + queue, work_tbd); } else { BUG(); } } if (work_done < budget) { - if (mp->oom) - mod_timer(&mp->rx_oom, jiffies + (HZ / 10)); napi_complete_done(napi, work_done); wrlp(mp, INT_MASK, mp->int_mask); } @@ -2303,13 +4679,6 @@ return work_done; } -static inline void oom_timer_wrapper(struct timer_list *t) -{ - struct mv643xx_eth_private *mp = from_timer(mp, t, rx_oom); - - napi_schedule(&mp->napi); -} - static void port_start(struct mv643xx_eth_private *mp) { struct net_device *dev = mp->dev; @@ -2345,7 +4714,7 @@ /* * Configure TX path and queues. */ - tx_set_rate(mp, 1000000000, 16777216); + tx_set_rate(mp); for (i = 0; i < mp->txq_count; i++) { struct tx_queue *txq = mp->txq + i; @@ -2359,6 +4728,7 @@ * frames to RX queue #0, and include the pseudo-header when * calculating receive checksums. */ + wrlp(mp, PORT_CONFIG, 0x00000000); mv643xx_eth_set_features(mp->dev, mp->dev->features); /* @@ -2386,32 +4756,34 @@ } } -static void mv643xx_eth_recalc_skb_size(struct mv643xx_eth_private *mp) +static void mv643xx_eth_recalc_frag_size(struct mv643xx_eth_private *mp) { - int skb_size; - /* * Reserve 2+14 bytes for an ethernet header (the hardware * automatically prepends 2 bytes of dummy data to each * received packet), 16 bytes for up to four VLAN tags, and * 4 bytes for the trailing FCS -- 36 bytes total. */ - skb_size = mp->dev->mtu + 36; + mp->pkt_size = mp->dev->mtu + 36; /* - * Make sure that the skb size is a multiple of 8 bytes, as + * Make sure that the buffer size is a multiple of 8 bytes, as * the lower three bits of the receive descriptor's buffer * size field are ignored by the hardware. */ - mp->skb_size = (skb_size + 7) & ~7; + BUILD_BUG_ON(SMP_CACHE_BYTES < 8); /* - * If NET_SKB_PAD is smaller than a cache line, - * netdev_alloc_skb() will cause skb->data to be misaligned - * to a cache line boundary. If this is the case, include - * some extra space to allow re-aligning the data area. + * add NET_SKB_PAD per build_skb() requirement, make sure we + * have room to align data to cache size after reserving */ - mp->skb_size += SKB_DMA_REALIGN; + mp->frag_size = mp->pkt_size + RX_OFFSET; + + /* + * per build_skb() requirement + */ + mp->frag_size = (SKB_DATA_ALIGN(mp->frag_size) + + SKB_DATA_ALIGN(sizeof (struct skb_shared_info))); } static int mv643xx_eth_open(struct net_device *dev) @@ -2431,7 +4803,7 @@ return -EAGAIN; } - mv643xx_eth_recalc_skb_size(mp); + mv643xx_eth_recalc_frag_size(mp); napi_enable(&mp->napi); @@ -2445,15 +4817,9 @@ goto out; } - rxq_refill(mp->rxq + i, INT_MAX); mp->int_mask |= INT_RX_0 << i; } - if (mp->oom) { - mp->rx_oom.expires = jiffies + (HZ / 10); - add_timer(&mp->rx_oom); - } - for (i = 0; i < mp->txq_count; i++) { err = txq_init(mp, i); if (err) { @@ -2461,15 +4827,28 @@ txq_deinit(mp->txq + i); goto out_free; } +#ifdef CONFIG_MV643XX_ETH_FBX_FF + if (i != 0) + mp->int_mask |= INT_TX_END_0 << i; +#else mp->int_mask |= INT_TX_END_0 << i; +#endif } +#ifdef CONFIG_MV643XX_ETH_FBX_FF + mp->ff_txq = &mp->txq[0]; +#endif + add_timer(&mp->mib_counters_timer); port_start(mp); wrlp(mp, INT_MASK_EXT, INT_EXT_LINK_PHY | INT_EXT_TX); wrlp(mp, INT_MASK, mp->int_mask); +#ifdef CONFIG_MV643XX_ETH_FBX_FF + WARN_ON(mp_by_unit[mp->shared->unit] != NULL); + mp_by_unit[mp->shared->unit] = mp; +#endif return 0; @@ -2513,14 +4892,16 @@ struct mv643xx_eth_private *mp = netdev_priv(dev); int i; +#ifdef CONFIG_MV643XX_ETH_FBX_FF + mp_by_unit[mp->shared->unit] = NULL; +#endif + wrlp(mp, INT_MASK_EXT, 0x00000000); wrlp(mp, INT_MASK, 0x00000000); rdlp(mp, INT_MASK); napi_disable(&mp->napi); - del_timer_sync(&mp->rx_oom); - netif_carrier_off(dev); if (dev->phydev) phy_stop(dev->phydev); @@ -2531,6 +4912,10 @@ mib_counters_update(mp); del_timer_sync(&mp->mib_counters_timer); +#ifdef CONFIG_MV643XX_ETH_FBX_FF + mp->ff_txq = NULL; +#endif + for (i = 0; i < mp->rxq_count; i++) rxq_deinit(mp->rxq + i); for (i = 0; i < mp->txq_count; i++) @@ -2539,13 +4924,39 @@ return 0; } +static int mii_bus_read(struct net_device *dev, int mii_id, int regnum) +{ + struct mv643xx_eth_private *mp = netdev_priv(dev); + return mp->shared->mii_bus->read(mp->shared->mii_bus, mii_id, regnum); +} + +static void mii_bus_write(struct net_device *dev, int mii_id, int regnum, + int value) +{ + struct mv643xx_eth_private *mp = netdev_priv(dev); + mp->shared->mii_bus->write(mp->shared->mii_bus, mii_id, regnum, value); +} + static int mv643xx_eth_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd) { int ret; - if (!dev->phydev) + if (!dev->phydev) { + struct mv643xx_eth_private *mp = netdev_priv(dev); + struct mii_if_info mii; + + if (!mp->shared->mii_bus) return -ENOTSUPP; + mii.dev = dev; + mii.mdio_read = mii_bus_read; + mii.mdio_write = mii_bus_write; + mii.phy_id = 0; + mii.phy_id_mask = 0x3f; + mii.reg_num_mask = 0x1f; + return generic_mii_ioctl(&mii, if_mii(ifr), cmd, NULL); + } + ret = phy_mii_ioctl(dev->phydev, ifr, cmd); if (!ret) mv643xx_eth_adjust_link(dev); @@ -2557,8 +4968,8 @@ struct mv643xx_eth_private *mp = netdev_priv(dev); dev->mtu = new_mtu; - mv643xx_eth_recalc_skb_size(mp); - tx_set_rate(mp, 1000000000, 16777216); + mv643xx_eth_recalc_frag_size(mp); + tx_set_rate(mp); if (!netif_running(dev)) return 0; @@ -2807,6 +5218,9 @@ pdev->dev.platform_data = pd; mv643xx_eth_property(np, "tx-checksum-limit", pd->tx_csum_limit); + mv643xx_eth_property(np, "unit", pd->unit); + + pd->mdio_node = of_parse_phandle(np, "mdio-bus", 0); for_each_available_child_of_node(np, pnp) { ret = mv643xx_eth_shared_of_add_port(pdev, pnp); @@ -2872,10 +5286,32 @@ goto err_put_clk; pd = dev_get_platdata(&pdev->dev); + msp->unit = (pd ? pd->unit : 0); msp->tx_csum_limit = (pd != NULL && pd->tx_csum_limit) ? pd->tx_csum_limit : 9 * 1024; + +#ifdef CONFIG_OF + if (pd->mdio_node) { + msp->mii_bus = of_mdio_find_bus(pd->mdio_node); + if (!msp->mii_bus) + return -EPROBE_DEFER; + } +#endif + infer_hw_params(msp); +#ifdef CONFIG_MV643XX_ETH_FBX_FF + if (of_machine_is_compatible("freebox,fbxgw1r")) + ff_mode = 1; + else if (of_machine_is_compatible("freebox,fbxgw2r")) + ff_mode = 2; + else + WARN(1, "ff_mode not set"); + + if (ff_mode) + ff_init(&pdev->dev); +#endif + return 0; err_put_clk: @@ -2956,6 +5392,7 @@ mp->tx_desc_sram_size = pd->tx_sram_size; mp->txq_count = pd->tx_queue_count ? : 1; + mp->txq_count += NAPI_TX_OFFSET; } static int get_phy_mode(struct mv643xx_eth_private *mp) @@ -3098,7 +5535,9 @@ return -ENODEV; } - dev = alloc_etherdev_mq(sizeof(struct mv643xx_eth_private), 8); + dev = alloc_etherdev_mqs(sizeof(struct mv643xx_eth_private), + pd->tx_queue_count ? : 1, + pd->rx_queue_count ? : 1); if (!dev) return -ENOMEM; @@ -3112,6 +5551,30 @@ mp->dev = dev; + /* + * tx shaper bandwidth & burst. + * + * bandwidth is in Mb/s, burst in is bytes. + */ + if (of_property_read_u32(pdev->dev.of_node, "fbx,tx-shaper-rate", + &mp->ftth_tx_shaper_rate)) + /* + * default to 1Gb/s + */ + mp->ftth_tx_shaper_rate = 1000000000; + else + mp->ftth_tx_shaper_rate *= 1000000; + + if (of_property_read_u32(pdev->dev.of_node, "fbx,tx-shaper-burst", + &mp->ftth_tx_shaper_burst)) + /* + * default to 16M + */ + mp->ftth_tx_shaper_burst = 16777216; + + dev_info(&pdev->dev, "shaper rate: %u, burst: %u\n", + mp->ftth_tx_shaper_rate, mp->ftth_tx_shaper_burst); + /* Kirkwood resets some registers on gated clocks. Especially * CLK125_BYPASS_EN must be cleared but is not available on * all other SoCs/System Controllers using this driver. @@ -3135,7 +5598,7 @@ } set_params(mp, pd); - netif_set_real_num_tx_queues(dev, mp->txq_count); + netif_set_real_num_tx_queues(dev, mp->txq_count - NAPI_TX_OFFSET); netif_set_real_num_rx_queues(dev, mp->rxq_count); err = 0; @@ -3178,8 +5641,6 @@ netif_napi_add(dev, &mp->napi, mv643xx_eth_poll, NAPI_POLL_WEIGHT); - timer_setup(&mp->rx_oom, oom_timer_wrapper, 0); - res = platform_get_resource(pdev, IORESOURCE_IRQ, 0); BUG_ON(!res); @@ -3223,6 +5684,11 @@ if (mp->tx_desc_sram_size > 0) netdev_notice(dev, "configured with sram\n"); +#ifdef CONFIG_MV643XX_ETH_FBX_FF + mp->ff_notifier.notifier_call = ff_device_event; + register_netdevice_notifier(&mp->ff_notifier); +#endif + return 0; out: @@ -3238,6 +5704,10 @@ struct mv643xx_eth_private *mp = platform_get_drvdata(pdev); struct net_device *dev = mp->dev; +#ifdef CONFIG_MV643XX_ETH_FBX_FF + unregister_netdevice_notifier(&mp->ff_notifier); +#endif + unregister_netdev(mp->dev); if (dev->phydev) phy_disconnect(dev->phydev); diff -ruw linux-5.15.42/drivers/net/ethernet/marvell/sky2.c linux-5.15.42-fbx/drivers/net/ethernet/marvell/sky2.c --- linux-5.15.42/drivers/net/ethernet/marvell/sky2.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/ethernet/marvell/sky2.c 2024-04-22 14:46:54.932186802 +0200 @@ -3026,6 +3026,16 @@ int work_done = 0; u16 idx; + if (status == 0xffffffff) { + /* + * this may happen if hardware is removed without + * being properly disabled. + */ + printk("sky2: serious hardware error.\n"); + napi_complete(napi); + return 0; + } + if (unlikely(status & Y2_IS_ERROR)) sky2_err_intr(hw, status); diff -ruw linux-5.15.42/drivers/net/mdio/of_mdio.c linux-5.15.42-fbx/drivers/net/mdio/of_mdio.c --- linux-5.15.42/drivers/net/mdio/of_mdio.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/mdio/of_mdio.c 2024-04-22 14:46:55.224194780 +0200 @@ -170,6 +170,8 @@ mdio->reset_post_delay_us = 0; of_property_read_u32(np, "reset-post-delay-us", &mdio->reset_post_delay_us); + mdio->keep_broken_phy = of_property_read_bool(np, "keep-broken-phy"); + /* Register the MDIO bus */ rc = mdiobus_register(mdio); if (rc) diff -ruw linux-5.15.42/drivers/net/phy/Makefile linux-5.15.42-fbx/drivers/net/phy/Makefile --- linux-5.15.42/drivers/net/phy/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/phy/Makefile 2024-04-22 14:46:55.228194889 +0200 @@ -77,6 +77,10 @@ obj-$(CONFIG_NXP_C45_TJA11XX_PHY) += nxp-c45-tja11xx.o obj-$(CONFIG_NXP_TJA11XX_PHY) += nxp-tja11xx.o obj-$(CONFIG_QSEMI_PHY) += qsemi.o +realtek-objs += realtek.o +ifdef CONFIG_HWMON +realtek-objs += realtek-hwmon.o +endif obj-$(CONFIG_REALTEK_PHY) += realtek.o obj-$(CONFIG_RENESAS_PHY) += uPD60620.o obj-$(CONFIG_ROCKCHIP_PHY) += rockchip.o diff -ruw linux-5.15.42/drivers/net/phy/phy-c45.c linux-5.15.42-fbx/drivers/net/phy/phy-c45.c --- linux-5.15.42/drivers/net/phy/phy-c45.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/phy/phy-c45.c 2024-04-22 14:46:55.236195107 +0200 @@ -617,3 +617,25 @@ .name = "Generic Clause 45 PHY", .read_status = genphy_c45_read_status, }; + +static int genphy_broken_c45_get_tunable(struct phy_device *phydev, + struct ethtool_tunable *tuna, + void *data) +{ + switch (tuna->id) { + case ETHTOOL_PHY_BROKEN: + *(u8*)data = 1; + return 0; + default: + return -ENOTSUPP; + } + return 0; +} + +struct phy_driver genphy_broken_c45_driver = { + .phy_id = 0xffffffff, + .phy_id_mask = 0xffffffff, + .name = "Generic Broken Clause 45 PHY", + .read_status = genphy_c45_read_status, + .get_tunable = genphy_broken_c45_get_tunable, +}; diff -ruw linux-5.15.42/drivers/net/phy/phy-core.c linux-5.15.42-fbx/drivers/net/phy/phy-core.c --- linux-5.15.42/drivers/net/phy/phy-core.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/phy/phy-core.c 2024-04-22 14:46:55.236195107 +0200 @@ -13,7 +13,7 @@ */ const char *phy_speed_to_str(int speed) { - BUILD_BUG_ON_MSG(__ETHTOOL_LINK_MODE_MASK_NBITS != 92, + BUILD_BUG_ON_MSG(__ETHTOOL_LINK_MODE_MASK_NBITS != 98, "Enum ethtool_link_mode_bit_indices and phylib are out of sync. " "If a speed or mode has been added please update phy_speed_to_str " "and the PHY settings array.\n"); @@ -147,6 +147,10 @@ PHY_SETTING( 20000, FULL, 20000baseKR2_Full ), PHY_SETTING( 20000, FULL, 20000baseMLD2_Full ), /* 10G */ + PHY_SETTING( 10000, FULL, 10000_1000basePRX_D_Full ), + PHY_SETTING( 10000, FULL, 10000_1000basePRX_U_Full ), + PHY_SETTING( 10000, FULL, 10000basePR_D_Full ), + PHY_SETTING( 10000, FULL, 10000basePR_U_Full ), PHY_SETTING( 10000, FULL, 10000baseCR_Full ), PHY_SETTING( 10000, FULL, 10000baseER_Full ), PHY_SETTING( 10000, FULL, 10000baseKR_Full ), @@ -162,6 +166,8 @@ PHY_SETTING( 2500, FULL, 2500baseT_Full ), PHY_SETTING( 2500, FULL, 2500baseX_Full ), /* 1G */ + PHY_SETTING( 1000, FULL, 1000basePX_D_Full ), + PHY_SETTING( 1000, FULL, 1000basePX_U_Full ), PHY_SETTING( 1000, FULL, 1000baseT_Full ), PHY_SETTING( 1000, HALF, 1000baseT_Half ), PHY_SETTING( 1000, FULL, 1000baseT1_Full ), diff -ruw linux-5.15.42/drivers/net/phy/phy.c linux-5.15.42-fbx/drivers/net/phy/phy.c --- linux-5.15.42/drivers/net/phy/phy.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/phy/phy.c 2024-04-22 14:46:55.236195107 +0200 @@ -35,7 +35,7 @@ #include #include -#define PHY_STATE_TIME HZ +#define PHY_STATE_TIME (HZ / 2) #define PHY_STATE_STR(_state) \ case PHY_##_state: \ diff -ruw linux-5.15.42/drivers/net/phy/phy_device.c linux-5.15.42-fbx/drivers/net/phy/phy_device.c --- linux-5.15.42/drivers/net/phy/phy_device.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/phy/phy_device.c 2024-04-22 14:46:55.236195107 +0200 @@ -744,7 +744,8 @@ return -EIO; } - if ((devs_in_pkg & 0x1fffffff) == 0x1fffffff) { + if ((devs_in_pkg & 0x1fffffff) == 0x1fffffff || + !devs_in_pkg) { /* If mostly Fs, there is no device there, then let's probe * MMD 0, as some 10G PHYs have zero Devices In package, * e.g. Cortina CS4315/CS4340 PHY. @@ -754,9 +755,13 @@ return -EIO; /* no device there, let's get out of here */ - if ((devs_in_pkg & 0x1fffffff) == 0x1fffffff) + if ((devs_in_pkg & 0x1fffffff) == 0x1fffffff || + !devs_in_pkg) { + if (bus->keep_broken_phy) + return 0; return -ENODEV; } + } /* Now probe Device Identifiers for each device present. */ for (i = 1; i < num_ids; i++) { @@ -1385,6 +1390,9 @@ */ if (!d->driver) { if (phydev->is_c45) + if (!phydev->c45_ids.mmds_present) + d->driver = &genphy_broken_c45_driver.mdiodrv.driver; + else d->driver = &genphy_c45_driver.mdiodrv.driver; else d->driver = &genphy_driver.mdiodrv.driver; @@ -3237,9 +3245,15 @@ if (rc) goto err_c45; + rc = phy_driver_register(&genphy_broken_c45_driver, THIS_MODULE); + if (rc) + goto err_c45_broken; + rc = phy_driver_register(&genphy_driver, THIS_MODULE); if (rc) { phy_driver_unregister(&genphy_c45_driver); +err_c45_broken: + phy_driver_unregister(&genphy_broken_c45_driver); err_c45: mdio_bus_exit(); } @@ -3249,6 +3263,7 @@ static void __exit phy_exit(void) { + phy_driver_unregister(&genphy_broken_c45_driver); phy_driver_unregister(&genphy_c45_driver); phy_driver_unregister(&genphy_driver); mdio_bus_exit(); diff -ruw linux-5.15.42/drivers/net/phy/swphy.c linux-5.15.42-fbx/drivers/net/phy/swphy.c --- linux-5.15.42/drivers/net/phy/swphy.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/phy/swphy.c 2023-03-09 15:06:11.372234439 +0100 @@ -29,6 +29,7 @@ SWMII_SPEED_10 = 0, SWMII_SPEED_100, SWMII_SPEED_1000, + SWMII_SPEED_2500, SWMII_DUPLEX_HALF = 0, SWMII_DUPLEX_FULL, }; @@ -51,6 +52,10 @@ .lpagb = LPA_1000FULL | LPA_1000HALF, .estat = ESTATUS_1000_TFULL | ESTATUS_1000_THALF, }, + [SWMII_SPEED_2500] = { + .bmsr = BMSR_ESTATEN, + .lpagb = LPA_1000FULL | LPA_1000HALF, + }, }; static const struct swmii_regs duplex[] = { @@ -71,6 +76,8 @@ static int swphy_decode_speed(int speed) { switch (speed) { + case 2500: + return SWMII_SPEED_2500; case 1000: return SWMII_SPEED_1000; case 100: diff -ruw linux-5.15.42/drivers/net/ppp/ppp_generic.c linux-5.15.42-fbx/drivers/net/ppp/ppp_generic.c --- linux-5.15.42/drivers/net/ppp/ppp_generic.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/ppp/ppp_generic.c 2024-04-22 14:46:55.240195217 +0200 @@ -177,6 +177,7 @@ struct net *chan_net; /* the net channel belongs to */ struct list_head clist; /* link in list of channels per unit */ rwlock_t upl; /* protects `ppp' and 'bridge' */ + int stopped; /* channel is stopped */ struct channel __rcu *bridge; /* "bridged" ppp channel */ #ifdef CONFIG_PPP_MULTILINK u8 avail; /* flag used in multilink stuff */ @@ -1645,10 +1646,28 @@ ppp_send_frame(ppp, skb); /* If there's no work left to do, tell the core net code that we can accept some more. */ - if (!ppp->xmit_pending && !skb_peek(&ppp->file.xq)) + if (!ppp->xmit_pending && !skb_peek(&ppp->file.xq)) { + /* only enable net queue if at least one + * channel is not stopped */ + struct list_head *list; + struct channel *pch; + bool need_wake; + + list = &ppp->channels; + need_wake = false; + while ((list = list->next) != &ppp->channels) { + pch = list_entry(list, struct channel, clist); + if (!pch->stopped) { + need_wake = true; + break; + } + } + + if (need_wake) netif_wake_queue(ppp->dev); else netif_stop_queue(ppp->dev); + } } else { kfree_skb(skb); } @@ -3002,10 +3021,24 @@ if (!pch) return; + pch->stopped = 0; ppp_channel_push(pch); } /* + * Callback from a channel when it want to prevent further transmit on it + */ +void +ppp_output_stop(struct ppp_channel *chan) +{ + struct channel *pch = chan->ppp; + + if (pch == 0) + return; + pch->stopped = 1; +} + +/* * Compression control. */ @@ -3599,6 +3632,7 @@ EXPORT_SYMBOL(ppp_input); EXPORT_SYMBOL(ppp_input_error); EXPORT_SYMBOL(ppp_output_wakeup); +EXPORT_SYMBOL(ppp_output_stop); EXPORT_SYMBOL(ppp_register_compressor); EXPORT_SYMBOL(ppp_unregister_compressor); MODULE_LICENSE("GPL"); diff -ruw linux-5.15.42/drivers/net/ppp/pptp.c linux-5.15.42-fbx/drivers/net/ppp/pptp.c --- linux-5.15.42/drivers/net/ppp/pptp.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/ppp/pptp.c 2023-02-27 19:50:24.224303473 +0100 @@ -356,6 +356,7 @@ po = lookup_chan(ntohs(header->call_id), iph->saddr); if (po) { skb_dst_drop(skb); + skb->mark = 0; nf_reset_ct(skb); return sk_receive_skb(sk_pppox(po), skb, 0); } diff -ruw linux-5.15.42/drivers/net/tun.c linux-5.15.42-fbx/drivers/net/tun.c --- linux-5.15.42/drivers/net/tun.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/tun.c 2024-04-22 14:46:55.244195326 +0200 @@ -77,6 +77,10 @@ #include #include #include +#include +#include +#include +#include #include #include @@ -163,6 +167,31 @@ unsigned long updated ____cacheline_aligned_in_smp; }; +/* + * smalltun definitions + */ +#define SMALLTUN_MAGIC 0x6660 +#define SMALLTUN_VERSION 0x1 + +#define TYPE_MASK 0xf +#define TYPE_CLT (1 << 3) + +#define TYPE_TRIGGER 0x0 +#define TYPE_CHALLENGE 0x1 +#define TYPE_CLIENT_HELLO 0x2 +#define TYPE_SERVER_HELLO 0x3 + +#define TYPE_CLT_DATA (TYPE_CLT | 0x0) +#define TYPE_CLT_GET_PARAMS (TYPE_CLT | 0x1) +#define TYPE_CLT_PARAMS (TYPE_CLT | 0x2) + +struct smalltun_pkt_hdr { + u16 magic; + u8 version; + u8 flag_type; + u8 data[0]; +}; + #define TUN_NUM_FLOW_ENTRIES 1024 #define TUN_MASK_FLOW_ENTRIES (TUN_NUM_FLOW_ENTRIES - 1) @@ -182,6 +211,11 @@ kuid_t owner; kgid_t group; + struct smalltun_fp smalltun_fps[4]; + unsigned int smalltun_valid_count; + unsigned int smalltun_valid[4]; + struct rtable *smalltun_rt_cache[4]; + struct net_device *dev; netdev_features_t set_features; #define TUN_USER_FEATURES (NETIF_F_HW_CSUM|NETIF_F_TSO_ECN|NETIF_F_TSO| \ @@ -1023,6 +1057,184 @@ return 0; } +static int smalltun_is_fastpath(struct tun_struct *tun, + struct sk_buff *skb) +{ + struct iphdr *iph; + const struct smalltun_fp *fp; + struct rtable **prt_cache, *rt_cache; + struct flowi4 fl; + bool match; + size_t i; + + if (!tun->smalltun_valid_count) + return 0; + + if (skb->protocol != htons(ETH_P_IP)) + return 0; + + if (!pskb_may_pull(skb, sizeof(struct iphdr))) + return 0; + + iph = ip_hdr(skb); + + /* lookup smalltun fastpath */ + fp = NULL; + rt_cache = NULL; + for (i = 0; i < ARRAY_SIZE(tun->smalltun_fps); i++) { + if (!tun->smalltun_valid[i]) + continue; + + if (iph->daddr == tun->smalltun_fps[i].inner_dst) { + fp = &tun->smalltun_fps[i]; + prt_cache = &tun->smalltun_rt_cache[i]; + break; + } + } + + if (!fp) + return 0; + + if (fp->af != AF_INET) { + /* FIXME: implement IPv6 transport */ + return 0; + } + + if (!pskb_may_pull(skb, iph->ihl * 4)) + return 0; + + match = false; + for (i = 0; i < fp->rule_count; i++) { + const struct smalltun_rule *r = &fp->rules[i]; + unsigned int sport, dport; + + if (iph->protocol != r->proto) + continue; + + switch (iph->protocol) { + case IPPROTO_UDP: + { + const struct udphdr *udp; + udp = (struct udphdr *)((u8 *)iph + (iph->ihl << 2)); + sport = ntohs(udp->source); + dport = ntohs(udp->dest); + break; + } + case IPPROTO_TCP: + { + const struct tcphdr *tcp; + tcp = (struct tcphdr *)((u8 *)iph + (iph->ihl << 2)); + sport = ntohs(tcp->source); + dport = ntohs(tcp->dest); + break; + } + default: + match = true; + break; + } + + if (match) + break; + + if (r->src_port_start && r->src_port_end) { + if (sport < ntohs(r->src_port_start) || + sport > ntohs(r->src_port_end)) + continue; + } + + if (r->dst_port_start && r->dst_port_end) { + if (dport < ntohs(r->dst_port_start) || + dport > ntohs(r->dst_port_end)) + continue; + } + match = true; + } + + if (!match) + return 0; + + if (fp->af == AF_INET) { + struct iphdr *oiph; + struct udphdr *oudph; + struct smalltun_pkt_hdr *pkt; + unsigned int payload_len; + + payload_len = skb->len; + + if (skb_cow_head(skb, + sizeof (struct iphdr) + + sizeof (struct udphdr) + + sizeof (struct smalltun_pkt_hdr))) + return 0; + + pkt = skb_push(skb, sizeof (struct smalltun_pkt_hdr)); + oudph = skb_push(skb, sizeof (struct udphdr)); + skb_reset_transport_header(skb); + oiph = skb_push(skb, sizeof (struct iphdr)); + skb_reset_network_header(skb); + + /* ip */ + oiph->version = 4; + oiph->tos = 0; + oiph->id = 0; + oiph->ihl = 5; + oiph->frag_off = 0; + oiph->ttl = 64; + oiph->protocol = IPPROTO_UDP; + memcpy(&oiph->saddr, fp->outer_src, 4); + memcpy(&oiph->daddr, fp->outer_dst, 4); + + /* udp */ + oudph->source = fp->outer_src_port; + oudph->dest = fp->outer_dst_port; + oudph->len = htons(payload_len + sizeof (*oudph) + + sizeof (*pkt)); + oudph->check = 0; + + /* smalltun */ + pkt->magic = htons(SMALLTUN_MAGIC); + pkt->version = SMALLTUN_VERSION; + pkt->flag_type = TYPE_CLT_DATA; + + memset(&fl, 0x00, sizeof (fl)); + memcpy(&fl.saddr, fp->outer_src, 4); + memcpy(&fl.daddr, fp->outer_dst, 4); + + if (*prt_cache && (*prt_cache)->dst.obsolete > 0) { + rt_cache = *prt_cache; + *prt_cache = NULL; + ip_rt_put(rt_cache); + } + + rt_cache = *prt_cache; + if (!rt_cache) { + rt_cache = ip_route_output_key(&init_net, &fl); + if (IS_ERR(rt_cache)) { + pr_err("ip_route_output_key(%pI4): %li\n", + &fl.daddr, PTR_ERR(rt_cache)); + return 0; + } + + if (!rt_cache->dst.dev) { + pr_err("ip_route_output_key(%pI4): no dev\n", + &fl.daddr); + return 0; + } + + *prt_cache = rt_cache; + } + + skb_dst_set(skb, dst_clone(&rt_cache->dst)); + skb->dev = skb_dst(skb)->dev; + ip_local_out(&init_net, NULL, skb); + return 1; + } + + /* find route */ + + return 0; +} + /* Net device start xmit */ static void tun_automq_xmit(struct tun_struct *tun, struct sk_buff *skb) { @@ -1099,6 +1311,11 @@ */ skb_orphan(skb); + if (smalltun_is_fastpath(tun, skb)) { + rcu_read_unlock(); + return NETDEV_TX_OK; + } + nf_reset_ct(skb); if (ptr_ring_produce(&tfile->tx_ring, skb)) @@ -3294,6 +3511,104 @@ ret = open_related_ns(&net->ns, get_net_ns); break; + case TUNSMALLTUNSETFP: + { + struct smalltun_fp fp; + unsigned int i; + int free_idx; + + ret = -EFAULT; + if (copy_from_user(&fp, argp, sizeof(fp))) + break; + + /* look for duplicate */ + ret = 0; + free_idx = -1; + for (i = 0; i < ARRAY_SIZE(tun->smalltun_fps); i++) { + if (!tun->smalltun_valid[i]) { + if (free_idx == -1) + free_idx = i; + continue; + } + + if (fp.inner_src == tun->smalltun_fps[i].inner_src && + fp.inner_dst == tun->smalltun_fps[i].inner_dst) { + ret = -EEXIST; + break; + } + } + + if (ret) + break; + + if (free_idx == -1) { + ret = -ENOSPC; + break; + } + + memcpy(&tun->smalltun_fps[free_idx], &fp, sizeof (fp)); + tun->smalltun_valid[free_idx] = 1; + tun->smalltun_valid_count++; + netif_info(tun, tx_queued, tun->dev, + "new fp rule for %pI4 <=> %pI4 (%u rules)\n", + &fp.inner_src, + &fp.inner_dst, + fp.rule_count); + + if (fp.af == AF_INET) { + netif_info(tun, tx_queued, tun->dev, + "outer %pI4:%u <=> %pI4:%u\n", + fp.outer_src, + ntohs(fp.outer_src_port), + fp.outer_dst, + ntohs(fp.outer_dst_port)); + } else { + netif_info(tun, tx_queued, tun->dev, + "outer %pI6:%u <=> %pI6:%u\n", + fp.outer_src, + ntohs(fp.outer_src_port), + fp.outer_dst, + ntohs(fp.outer_dst_port)); + } + break; + } + + case TUNSMALLTUNDELFP: + { + struct smalltun_fp fp; + unsigned int i; + + ret = -EFAULT; + if (copy_from_user(&fp, argp, sizeof(fp))) + break; + + /* lookup */ + ret = -ENOENT; + for (i = 0; i < ARRAY_SIZE(tun->smalltun_fps); i++) { + if (fp.inner_src == tun->smalltun_fps[i].inner_src && + fp.inner_dst == tun->smalltun_fps[i].inner_dst) { + ret = 0; + break; + } + } + + if (ret) + break; + + tun->smalltun_valid[i] = 0; + tun->smalltun_valid_count--; + if (tun->smalltun_rt_cache[i]) { + ip_rt_put(tun->smalltun_rt_cache[i]); + tun->smalltun_rt_cache[i] = NULL; + } + + netif_info(tun, tx_queued, tun->dev, + "removed fp rule for %pI4 <=> %pI4\n", + &fp.inner_src, + &fp.inner_dst); + break; + } + default: ret = -EINVAL; break; diff -ruw linux-5.15.42/drivers/net/wireless/ath/Kconfig linux-5.15.42-fbx/drivers/net/wireless/ath/Kconfig --- linux-5.15.42/drivers/net/wireless/ath/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/Kconfig 2024-04-22 14:46:55.272196091 +0200 @@ -37,6 +37,9 @@ This option enables tracepoints for atheros wireless drivers. Currently, ath9k makes use of this facility. +config ATH_REG_IGNORE + bool "ignore all eeprom regulation" + config ATH_REG_DYNAMIC_USER_REG_HINTS bool "Atheros dynamic user regulatory hints" depends on CFG80211_CERTIFICATION_ONUS diff -ruw linux-5.15.42/drivers/net/wireless/ath/ath.h linux-5.15.42-fbx/drivers/net/wireless/ath/ath.h --- linux-5.15.42/drivers/net/wireless/ath/ath.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/ath.h 2024-04-22 14:46:55.272196091 +0200 @@ -47,6 +47,7 @@ u32 rx_busy; u32 rx_frame; u32 tx_frame; + u32 rx_bss_frame; }; enum ath_device_state { @@ -184,6 +185,8 @@ int last_rssi; struct ieee80211_supported_band sbands[NUM_NL80211_BANDS]; + + int dfs_pulse_valid_diff_ts; }; static inline const struct ath_ps_ops *ath_ps_ops(struct ath_common *common) diff -ruw linux-5.15.42/drivers/net/wireless/ath/ath10k/bmi.h linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/bmi.h --- linux-5.15.42/drivers/net/wireless/ath/ath10k/bmi.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/bmi.h 2022-06-03 17:59:08.201392716 +0200 @@ -109,7 +109,7 @@ struct { __le32 addr; __le32 len; - u8 payload[0]; + u8 payload[]; } write_mem; struct { __le32 addr; @@ -138,18 +138,18 @@ } rompatch_uninstall; struct { __le32 count; - __le32 patch_ids[0]; /* length of @count */ + __le32 patch_ids[]; /* length of @count */ } rompatch_activate; struct { __le32 count; - __le32 patch_ids[0]; /* length of @count */ + __le32 patch_ids[]; /* length of @count */ } rompatch_deactivate; struct { __le32 addr; } lz_start; struct { __le32 len; /* max BMI_MAX_DATA_SIZE */ - u8 payload[0]; /* length of @len */ + u8 payload[]; /* length of @len */ } lz_data; struct { u8 name[BMI_NVRAM_SEG_NAME_SZ]; @@ -160,7 +160,7 @@ union bmi_resp { struct { - u8 payload[0]; + DECLARE_FLEX_ARRAY(u8, payload); } read_mem; struct { __le32 result; diff -ruw linux-5.15.42/drivers/net/wireless/ath/ath10k/core.c linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/core.c --- linux-5.15.42/drivers/net/wireless/ath/ath10k/core.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/core.c 2024-04-22 14:46:55.272196091 +0200 @@ -78,8 +78,7 @@ .decap_align_bytes = 4, .spectral_bin_discard = 0, .spectral_bin_offset = 0, - .vht160_mcs_rx_highest = 0, - .vht160_mcs_tx_highest = 0, + .vht_need_ext_nss = false, .n_cipher_suites = 8, .ast_skid_limit = 0x10, .num_wds_entries = 0x20, @@ -89,6 +88,7 @@ .rri_on_ddr = false, .hw_filter_reset_required = true, .fw_diag_ce_download = false, + .uart_pin_workaround = true, .credit_size_workaround = false, .tx_stats_over_pktlog = true, .dynamic_sar_support = false, @@ -114,8 +114,7 @@ .decap_align_bytes = 4, .spectral_bin_discard = 0, .spectral_bin_offset = 0, - .vht160_mcs_rx_highest = 0, - .vht160_mcs_tx_highest = 0, + .vht_need_ext_nss = false, .n_cipher_suites = 8, .ast_skid_limit = 0x10, .num_wds_entries = 0x20, @@ -151,8 +150,7 @@ .decap_align_bytes = 4, .spectral_bin_discard = 0, .spectral_bin_offset = 0, - .vht160_mcs_rx_highest = 0, - .vht160_mcs_tx_highest = 0, + .vht_need_ext_nss = false, .n_cipher_suites = 8, .ast_skid_limit = 0x10, .num_wds_entries = 0x20, @@ -219,8 +217,7 @@ .decap_align_bytes = 4, .spectral_bin_discard = 0, .spectral_bin_offset = 0, - .vht160_mcs_rx_highest = 0, - .vht160_mcs_tx_highest = 0, + .vht_need_ext_nss = false, .n_cipher_suites = 8, .ast_skid_limit = 0x10, .num_wds_entries = 0x20, @@ -255,8 +252,7 @@ .decap_align_bytes = 4, .spectral_bin_discard = 0, .spectral_bin_offset = 0, - .vht160_mcs_rx_highest = 0, - .vht160_mcs_tx_highest = 0, + .vht_need_ext_nss = false, .n_cipher_suites = 8, .ast_skid_limit = 0x10, .num_wds_entries = 0x20, @@ -291,8 +287,7 @@ .decap_align_bytes = 4, .spectral_bin_discard = 0, .spectral_bin_offset = 0, - .vht160_mcs_rx_highest = 0, - .vht160_mcs_tx_highest = 0, + .vht_need_ext_nss = false, .n_cipher_suites = 8, .ast_skid_limit = 0x10, .num_wds_entries = 0x20, @@ -330,8 +325,7 @@ .decap_align_bytes = 4, .spectral_bin_discard = 0, .spectral_bin_offset = 0, - .vht160_mcs_rx_highest = 0, - .vht160_mcs_tx_highest = 0, + .vht_need_ext_nss = false, .n_cipher_suites = 8, .ast_skid_limit = 0x10, .num_wds_entries = 0x20, @@ -373,8 +367,7 @@ .decap_align_bytes = 1, .spectral_bin_discard = 4, .spectral_bin_offset = 0, - .vht160_mcs_rx_highest = 0, - .vht160_mcs_tx_highest = 0, + .vht_need_ext_nss = false, .n_cipher_suites = 11, .ast_skid_limit = 0x10, .num_wds_entries = 0x20, @@ -422,8 +415,9 @@ /* Can do only 2x2 VHT160 or 80+80. 1560Mbps is 4x4 80Mhz * or 2x2 160Mhz, long-guard-interval. */ - .vht160_mcs_rx_highest = 1560, - .vht160_mcs_tx_highest = 1560, + .vht_need_ext_nss = true, + .vht_over_supp_chan_width = 0, + .vht_over_ext_nss_bw = 2, .n_cipher_suites = 11, .ast_skid_limit = 0x10, .num_wds_entries = 0x20, @@ -468,8 +462,9 @@ /* Can do only 1x1 VHT160 or 80+80. 780Mbps is 2x2 80Mhz or * 1x1 160Mhz, long-guard-interval. */ - .vht160_mcs_rx_highest = 780, - .vht160_mcs_tx_highest = 780, + .vht_need_ext_nss = true, + .vht_over_supp_chan_width = 0, + .vht_over_ext_nss_bw = 2, .n_cipher_suites = 11, .ast_skid_limit = 0x10, .num_wds_entries = 0x20, @@ -504,8 +499,7 @@ .decap_align_bytes = 4, .spectral_bin_discard = 0, .spectral_bin_offset = 0, - .vht160_mcs_rx_highest = 0, - .vht160_mcs_tx_highest = 0, + .vht_need_ext_nss = false, .n_cipher_suites = 8, .ast_skid_limit = 0x10, .num_wds_entries = 0x20, @@ -542,8 +536,7 @@ .decap_align_bytes = 4, .spectral_bin_discard = 0, .spectral_bin_offset = 0, - .vht160_mcs_rx_highest = 0, - .vht160_mcs_tx_highest = 0, + .vht_need_ext_nss = false, .n_cipher_suites = 8, .ast_skid_limit = 0x10, .num_wds_entries = 0x20, @@ -614,8 +607,7 @@ .decap_align_bytes = 1, .spectral_bin_discard = 4, .spectral_bin_offset = 0, - .vht160_mcs_rx_highest = 0, - .vht160_mcs_tx_highest = 0, + .vht_need_ext_nss = false, .n_cipher_suites = 11, .ast_skid_limit = 0x10, .num_wds_entries = 0x20, @@ -1172,6 +1164,7 @@ static int ath10k_fetch_cal_file(struct ath10k *ar) { char filename[100]; + unsigned int i; /* pre-cal--.bin */ scnprintf(filename, sizeof(filename), "pre-cal-%s-%s.bin", @@ -1185,6 +1178,11 @@ scnprintf(filename, sizeof(filename), "cal-%s-%s.bin", ath10k_bus_str(ar->hif.bus), dev_name(ar->dev)); + for (i = 0; filename[i]; i++) { + if (filename[i] == ':') + filename[i] = '_'; + } + ar->cal_file = ath10k_fetch_fw_file(ar, ATH10K_FW_DIR, filename); if (IS_ERR(ar->cal_file)) /* calibration file is optional, don't print any warnings */ @@ -1385,6 +1383,7 @@ const char *boardname, const char *fallback_boardname1, const char *fallback_boardname2, + const char *pci_boardname, const char *filename) { size_t len, magic_len; @@ -1429,7 +1428,11 @@ data += magic_len; len -= magic_len; - /* attempt to find boardname in the IE list */ + /* attempt to find pci_boardname in the IE list */ + ret = ath10k_core_search_bd(ar, pci_boardname, data, len); + + /* if we didn't find it try board name that */ + if (ret == -ENOENT) ret = ath10k_core_search_bd(ar, boardname, data, len); /* if we didn't find it and have a fallback name, try that */ @@ -1441,8 +1444,8 @@ if (ret == -ENOENT) { ath10k_err(ar, - "failed to fetch board data for %s from %s/%s\n", - boardname, ar->hw_params.fw.dir, filename); + "failed to fetch board data for %s or %s from %s/%s\n", + boardname, pci_boardname, ar->hw_params.fw.dir, filename); ret = -ENODATA; } @@ -1458,7 +1461,8 @@ static int ath10k_core_create_board_name(struct ath10k *ar, char *name, size_t name_len, bool with_variant, - bool with_chip_id) + bool with_chip_id, + bool force_pci_id) { /* strlen(',variant=') + strlen(ar->id.bdf_ext) */ char variant[9 + ATH10K_SMBIOS_BDF_EXT_STR_LENGTH] = { 0 }; @@ -1467,7 +1471,7 @@ scnprintf(variant, sizeof(variant), ",variant=%s", ar->id.bdf_ext); - if (ar->id.bmi_ids_valid) { + if (ar->id.bmi_ids_valid && !force_pci_id) { scnprintf(name, name_len, "bus=%s,bmi-chip-id=%d,bmi-board-id=%d%s", ath10k_bus_str(ar->hif.bus), @@ -1476,7 +1480,7 @@ goto out; } - if (ar->id.qmi_ids_valid) { + if (ar->id.qmi_ids_valid && !force_pci_id) { if (with_chip_id) scnprintf(name, name_len, "bus=%s,qmi-board-id=%x,qmi-chip-id=%x%s", @@ -1521,14 +1525,15 @@ int ath10k_core_fetch_board_file(struct ath10k *ar, int bd_ie_type) { - char boardname[100], fallback_boardname1[100], fallback_boardname2[100]; + char boardname[100], fallback_boardname1[100], fallback_boardname2[100], + pci_boardname[100]; int ret; if (bd_ie_type == ATH10K_BD_IE_BOARD) { /* With variant and chip id */ ret = ath10k_core_create_board_name(ar, boardname, sizeof(boardname), true, - true); + true, false); if (ret) { ath10k_err(ar, "failed to create board name: %d", ret); return ret; @@ -1537,7 +1542,7 @@ /* Without variant and only chip-id */ ret = ath10k_core_create_board_name(ar, fallback_boardname1, sizeof(boardname), false, - true); + true, false); if (ret) { ath10k_err(ar, "failed to create 1st fallback board name: %d", ret); @@ -1547,12 +1552,20 @@ /* Without variant and without chip-id */ ret = ath10k_core_create_board_name(ar, fallback_boardname2, sizeof(boardname), false, - false); + false, false); if (ret) { ath10k_err(ar, "failed to create 2nd fallback board name: %d", ret); return ret; } + + ret = ath10k_core_create_board_name(ar, pci_boardname, + sizeof(pci_boardname), + false, false, true); + if (ret) { + ath10k_err(ar, "failed to create pci board name: %d", ret); + return ret; + } } else if (bd_ie_type == ATH10K_BD_IE_BOARD_EXT) { ret = ath10k_core_create_eboard_name(ar, boardname, sizeof(boardname)); @@ -1566,6 +1579,7 @@ ret = ath10k_core_fetch_board_data_api_n(ar, boardname, fallback_boardname1, fallback_boardname2, + pci_boardname, ATH10K_BOARD_API2_FILE); if (!ret) goto success; @@ -2401,6 +2415,7 @@ switch (ar->state) { case ATH10K_STATE_ON: + case ATH10K_STATE_PRE_ON: ar->state = ATH10K_STATE_RESTARTING; ath10k_halt(ar); ath10k_scan_finish(ar); diff -ruw linux-5.15.42/drivers/net/wireless/ath/ath10k/core.h linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/core.h --- linux-5.15.42/drivers/net/wireless/ath/ath10k/core.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/core.h 2024-04-22 14:46:55.276196200 +0200 @@ -701,10 +701,12 @@ void *cal_data; u32 enable_extd_tx_stats; u8 fw_dbglog_mode; + u32 burst_dur[4]; }; enum ath10k_state { ATH10K_STATE_OFF = 0, + ATH10K_STATE_PRE_ON, ATH10K_STATE_ON, /* When doing firmware recovery the device is first powered down. @@ -1015,6 +1017,7 @@ void *vaddr; } msa; u8 mac_addr[ETH_ALEN]; + const char *fem_name; enum ath10k_hw_rev hw_rev; u16 dev_id; @@ -1200,6 +1203,8 @@ struct work_struct restart_work; struct work_struct bundle_tx_work; struct work_struct tx_complete_work; + struct work_struct powerup_work; + bool powerup_pending; /* cycle count is reported twice for each visited channel during scan. * access protected by data_lock diff -ruw linux-5.15.42/drivers/net/wireless/ath/ath10k/debug.c linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/debug.c --- linux-5.15.42/drivers/net/wireless/ath/ath10k/debug.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/debug.c 2024-04-22 14:46:55.276196200 +0200 @@ -2512,6 +2512,79 @@ .llseek = default_llseek, }; +static ssize_t ath10k_write_burst_dur(struct file *file, const char __user *user_buf, + size_t count, loff_t *ppos) +{ + + struct ath10k *ar = file->private_data; + u32 dur[4]; + int ret; + int ac; + char buf[128]; + + simple_write_to_buffer(buf, sizeof(buf) - 1, ppos, user_buf, count); + + /* make sure that buf is null terminated */ + buf[sizeof(buf) - 1] = 0; + + ret = sscanf(buf, "%u %u %u %u", &dur[0], &dur[1], &dur[2], &dur[3]); + + if (!ret) + return -EINVAL; + + mutex_lock(&ar->conf_mutex); + + if (ar->state != ATH10K_STATE_ON && + ar->state != ATH10K_STATE_RESTARTED) { + ret = -ENETDOWN; + goto exit; + } + + for (ac = 0; ac < 4; ac++) { + if (dur[ac] < MIN_BURST_DUR || dur[ac] > MAX_BURST_DUR) { + ret = -EINVAL; + goto exit; + } + + ret = ath10k_wmi_pdev_set_param(ar, ar->wmi.pdev_param->aggr_burst, + (SM(ac, ATH10K_AGGR_BURST_AC) | + SM(dur[ac], ATH10K_AGGR_BURST_DUR))); + if (ret) { + ath10k_warn(ar, "failed to set aggr burst duration for ac %d: %d\n", ac, ret); + goto exit; + } + ar->debug.burst_dur[ac] = dur[ac]; + } + + ret = count; + +exit: + mutex_unlock(&ar->conf_mutex); + return ret; +} + +static ssize_t ath10k_read_burst_dur(struct file *file, char __user *user_buf, + size_t count, loff_t *ppos) +{ + struct ath10k *ar = file->private_data; + int len = 0; + char buf[128]; + + len = scnprintf(buf, sizeof(buf) - len, "%u %u %u %u\n", + ar->debug.burst_dur[0], ar->debug.burst_dur[1], + ar->debug.burst_dur[2], ar->debug.burst_dur[3]); + + return simple_read_from_buffer(user_buf, count, ppos, buf, len); +} + +static const struct file_operations fops_burst_dur = { + .read = ath10k_read_burst_dur, + .write = ath10k_write_burst_dur, + .open = simple_open, + .owner = THIS_MODULE, + .llseek = default_llseek, +}; + int ath10k_debug_create(struct ath10k *ar) { ar->debug.cal_data = vzalloc(ATH10K_DEBUG_CAL_DATA_LEN); @@ -2599,6 +2672,9 @@ debugfs_create_file("ani_enable", 0600, ar->debug.debugfs_phy, ar, &fops_ani_enable); + debugfs_create_file("burst_dur", S_IRUSR | S_IWUSR, + ar->debug.debugfs_phy, ar, &fops_burst_dur); + if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED)) { debugfs_create_file("dfs_simulate_radar", 0200, ar->debug.debugfs_phy, ar, &fops_simulate_radar); diff -ruw linux-5.15.42/drivers/net/wireless/ath/ath10k/debug.h linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/debug.h --- linux-5.15.42/drivers/net/wireless/ath/ath10k/debug.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/debug.h 2023-02-27 20:52:16.423384193 +0100 @@ -81,6 +81,15 @@ __printf(2, 3) void ath10k_err(struct ath10k *ar, const char *fmt, ...); __printf(2, 3) void ath10k_warn(struct ath10k *ar, const char *fmt, ...); +#define ATH10K_AGGR_BURST_AC_MASK 0xff000000 +#define ATH10K_AGGR_BURST_AC_LSB 24 +#define ATH10K_AGGR_BURST_DUR_MASK 0x00ffffff +#define ATH10K_AGGR_BURST_DUR_LSB 0 + +/* burst duration in usec */ +#define MIN_BURST_DUR 0 +#define MAX_BURST_DUR 8000 + void ath10k_debug_print_hwfw_info(struct ath10k *ar); void ath10k_debug_print_board_info(struct ath10k *ar); void ath10k_debug_print_boot_info(struct ath10k *ar); diff -ruw linux-5.15.42/drivers/net/wireless/ath/ath10k/htt_rx.c linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/htt_rx.c --- linux-5.15.42/drivers/net/wireless/ath/ath10k/htt_rx.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/htt_rx.c 2024-04-22 14:46:55.276196200 +0200 @@ -3759,6 +3759,10 @@ arsta->tx_info.status.rates[0].flags |= IEEE80211_TX_RC_80_MHZ_WIDTH; break; + case RATE_INFO_BW_160: + arsta->tx_info.status.rates[0].flags |= + IEEE80211_TX_RC_160_MHZ_WIDTH; + break; } if (peer_stats->succ_pkts) { diff -ruw linux-5.15.42/drivers/net/wireless/ath/ath10k/hw.h linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/hw.h --- linux-5.15.42/drivers/net/wireless/ath/ath10k/hw.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/hw.h 2024-04-22 14:46:55.276196200 +0200 @@ -574,11 +574,14 @@ /* Number of bytes to be discarded for each FFT sample */ int spectral_bin_discard; - /* The board may have a restricted NSS for 160 or 80+80 vs what it - * can do for 80Mhz. + /* The board may have a restricted NSS for 160 or 80+80 vs + * what it can do for 80Mhz. To handle this, we have to use + * Extended NSS support and overrides VHT capabilities from + * firmware */ - int vht160_mcs_rx_highest; - int vht160_mcs_tx_highest; + bool vht_need_ext_nss; + u32 vht_over_supp_chan_width; + u32 vht_over_ext_nss_bw; /* Number of ciphers supported (i.e First N) in cipher_suites array */ int n_cipher_suites; diff -ruw linux-5.15.42/drivers/net/wireless/ath/ath10k/mac.c linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/mac.c --- linux-5.15.42/drivers/net/wireless/ath/ath10k/mac.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/mac.c 2024-04-22 14:46:55.280196310 +0200 @@ -2516,30 +2516,6 @@ return tx_mcs_set; } -static u32 get_160mhz_nss_from_maxrate(int rate) -{ - u32 nss; - - switch (rate) { - case 780: - nss = 1; - break; - case 1560: - nss = 2; - break; - case 2106: - nss = 3; /* not support MCS9 from spec*/ - break; - case 3120: - nss = 4; - break; - default: - nss = 1; - } - - return nss; -} - static void ath10k_peer_assoc_h_vht(struct ath10k *ar, struct ieee80211_vif *vif, struct ieee80211_sta *sta, @@ -2547,13 +2523,16 @@ { const struct ieee80211_sta_vht_cap *vht_cap = &sta->vht_cap; struct ath10k_vif *arvif = (void *)vif->drv_priv; - struct ath10k_hw_params *hw = &ar->hw_params; + enum ieee80211_vht_chanwidth bw; struct cfg80211_chan_def def; enum nl80211_band band; const u16 *vht_mcs_mask; u8 ampdu_factor; - u8 max_nss, vht_mcs; - int i; + u8 rx_nss; + struct ieee80211_vht_cap ieee_vht_cap = { + .vht_cap_info = cpu_to_le32(vht_cap->cap), + .supp_mcs = vht_cap->vht_mcs, + }; if (WARN_ON(ath10k_mac_vif_chan(vif, &def))) return; @@ -2596,15 +2575,20 @@ /* Calculate peer NSS capability from VHT capabilities if STA * supports VHT. */ - for (i = 0, max_nss = 0, vht_mcs = 0; i < NL80211_VHT_NSS_MAX; i++) { - vht_mcs = __le16_to_cpu(vht_cap->vht_mcs.rx_mcs_map) >> - (2 * i) & 3; - - if ((vht_mcs != IEEE80211_VHT_MCS_NOT_SUPPORTED) && - vht_mcs_mask[i]) - max_nss = i + 1; + switch (arg->peer_phymode) { + case MODE_11AC_VHT160: + bw = IEEE80211_VHT_CHANWIDTH_160MHZ; + break; + case MODE_11AC_VHT80_80: + bw = IEEE80211_VHT_CHANWIDTH_80P80MHZ; + break; + default: + bw = IEEE80211_VHT_CHANWIDTH_80MHZ; + break; } - arg->peer_num_spatial_streams = min(sta->rx_nss, max_nss); + + rx_nss = ieee80211_get_vht_max_nss(&ieee_vht_cap, bw, 0, true, 0); + arg->peer_num_spatial_streams = rx_nss; arg->peer_vht_rates.rx_max_rate = __le16_to_cpu(vht_cap->vht_mcs.rx_highest); arg->peer_vht_rates.rx_mcs_set = @@ -2619,20 +2603,6 @@ */ if (arg->peer_phymode == MODE_11AC_VHT160 || arg->peer_phymode == MODE_11AC_VHT80_80) { - u32 rx_nss; - u32 max_rate; - - max_rate = arg->peer_vht_rates.rx_max_rate; - rx_nss = get_160mhz_nss_from_maxrate(max_rate); - - if (rx_nss == 0) - rx_nss = arg->peer_num_spatial_streams; - else - rx_nss = min(arg->peer_num_spatial_streams, rx_nss); - - max_rate = hw->vht160_mcs_tx_highest; - rx_nss = min(rx_nss, get_160mhz_nss_from_maxrate(max_rate)); - arg->peer_bw_rxnss_override = FIELD_PREP(WMI_PEER_NSS_MAP_ENABLE, 1) | FIELD_PREP(WMI_PEER_NSS_160MHZ_MASK, (rx_nss - 1)); @@ -4877,14 +4847,18 @@ vht_cap.vht_mcs.tx_mcs_map = cpu_to_le16(mcs_map); /* If we are supporting 160Mhz or 80+80, then the NIC may be able to do - * a restricted NSS for 160 or 80+80 vs what it can do for 80Mhz. Give - * user-space a clue if that is the case. + * a restricted NSS for 160 or 80+80 vs what it can do for 80Mhz. */ if ((vht_cap.cap & IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK) && - (hw->vht160_mcs_rx_highest != 0 || - hw->vht160_mcs_tx_highest != 0)) { - vht_cap.vht_mcs.rx_highest = cpu_to_le16(hw->vht160_mcs_rx_highest); - vht_cap.vht_mcs.tx_highest = cpu_to_le16(hw->vht160_mcs_tx_highest); + hw->vht_need_ext_nss) { + vht_cap.cap &= ~(IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK | + IEEE80211_VHT_CAP_EXT_NSS_BW_MASK); + vht_cap.cap |= hw->vht_over_supp_chan_width << + IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_SHIFT; + vht_cap.cap |= hw->vht_over_ext_nss_bw << + IEEE80211_VHT_CAP_EXT_NSS_BW_SHIFT; + vht_cap.vht_mcs.tx_highest |= + cpu_to_le16(IEEE80211_VHT_EXT_NSS_BW_CAPABLE); } return vht_cap; @@ -5037,13 +5011,18 @@ const char *fem_name; int ret; + if (ar->fem_name) + fem_name = ar->fem_name; + else { node = ar->dev->of_node; if (!node) return -ENOENT; - ret = of_property_read_string_index(node, "ext-fem-name", 0, &fem_name); + ret = of_property_read_string_index(node, "ext-fem-name", + 0, &fem_name); if (ret) return -ENOENT; + } /* * If external Front End module used in hardware, then default base band timing @@ -5119,12 +5098,83 @@ return 0; } +static int ath10k_get_powered(struct ieee80211_hw *hw, bool *up, bool *busy) +{ + struct ath10k *ar = hw->priv; + *up = (ar->state == ATH10K_STATE_ON || + ar->state == ATH10K_STATE_PRE_ON); + *busy = ar->powerup_pending; + return 0; +} + +static int ath10k_set_powered(struct ieee80211_hw *hw) +{ + struct ath10k *ar = hw->priv; + + switch (ar->state) { + case ATH10K_STATE_OFF: + case ATH10K_STATE_PRE_ON: + break; + default: + return 0; + } + + if (ar->powerup_pending) + return 0; + + queue_work(ar->workqueue, &ar->powerup_work); + ar->powerup_pending = true; + return 0; +} + +static void ath10k_powerup_work(struct work_struct *work) +{ + struct ath10k *ar = container_of(work, struct ath10k, powerup_work); + int ret; + + mutex_lock(&ar->conf_mutex); + + if (ar->state != ATH10K_STATE_OFF) { + mutex_unlock(&ar->conf_mutex); + return; + } + + ret = ath10k_hif_power_up(ar, ATH10K_FIRMWARE_MODE_NORMAL); + if (ret) { + ath10k_err(ar, "Could not init hif: %d\n", ret); + goto err_off; + } + + ret = ath10k_core_start(ar, ATH10K_FIRMWARE_MODE_NORMAL, + &ar->normal_mode_fw); + if (ret) { + ath10k_err(ar, "Could not init core: %d\n", ret); + goto err_power_down; + } + + ar->state = ATH10K_STATE_PRE_ON; + ar->powerup_pending = false; + mutex_unlock(&ar->conf_mutex); + return; + +err_power_down: + ath10k_hif_power_down(ar); + +err_off: + ar->state = ATH10K_STATE_OFF; + + ar->powerup_pending = false; + mutex_unlock(&ar->conf_mutex); + return; +} + static int ath10k_start(struct ieee80211_hw *hw) { struct ath10k *ar = hw->priv; u32 param; int ret = 0; struct wmi_bb_timing_cfg_arg bb_timing = {0}; + bool skip_core_start = false; /* * This makes sense only when restarting hw. It is harmless to call @@ -5139,6 +5189,10 @@ case ATH10K_STATE_OFF: ar->state = ATH10K_STATE_ON; break; + case ATH10K_STATE_PRE_ON: + skip_core_start = true; + ar->state = ATH10K_STATE_ON; + break; case ATH10K_STATE_RESTARTING: ar->state = ATH10K_STATE_RESTARTED; break; @@ -5163,6 +5217,7 @@ spin_unlock_bh(&ar->data_lock); + if (!skip_core_start) { ret = ath10k_hif_power_up(ar, ATH10K_FIRMWARE_MODE_NORMAL); if (ret) { ath10k_err(ar, "Could not init hif: %d\n", ret); @@ -5175,6 +5230,7 @@ ath10k_err(ar, "Could not init core: %d\n", ret); goto err_power_down; } + } if (ar->sys_cap_info & WMI_TLV_SYS_CAP_INFO_RFKILL) { ret = ath10k_mac_rfkill_config(ar); @@ -5342,6 +5398,9 @@ ath10k_drain_tx(ar); + cancel_work_sync(&ar->powerup_work); + ar->powerup_pending = false; + mutex_lock(&ar->conf_mutex); if (ar->state != ATH10K_STATE_OFF) { if (!ar->hw_rfkill_on) @@ -9348,6 +9407,8 @@ static const struct ieee80211_ops ath10k_ops = { .tx = ath10k_mac_op_tx, .wake_tx_queue = ath10k_mac_op_wake_tx_queue, + .get_powered = ath10k_get_powered, + .set_powered = ath10k_set_powered, .start = ath10k_start, .stop = ath10k_stop, .config = ath10k_config, @@ -9561,6 +9622,7 @@ .radar_detect_widths = BIT(NL80211_CHAN_WIDTH_20_NOHT) | BIT(NL80211_CHAN_WIDTH_20) | BIT(NL80211_CHAN_WIDTH_40) | + BIT(NL80211_CHAN_WIDTH_160) | BIT(NL80211_CHAN_WIDTH_80), #endif }, @@ -9744,6 +9806,8 @@ #define WRD_METHOD "WRDD" #define WRDD_WIFI (0x07) +#define ATH10K_DFS_PULSE_VALID_DIFF_TS 100 + static u32 ath10k_mac_wrdd_get_mcc(struct ath10k *ar, union acpi_object *wrdd) { union acpi_object *mcc_pkg; @@ -9957,11 +10021,13 @@ ieee80211_hw_set(ar->hw, SUPPORT_FAST_XMIT); ieee80211_hw_set(ar->hw, CONNECTION_MONITOR); ieee80211_hw_set(ar->hw, SUPPORTS_PER_STA_GTK); + ieee80211_hw_set(ar->hw, APVLAN_NEED_MCAST_TO_UCAST); ieee80211_hw_set(ar->hw, WANT_MONITOR_VIF); ieee80211_hw_set(ar->hw, CHANCTX_STA_CSA); ieee80211_hw_set(ar->hw, QUEUE_CONTROL); ieee80211_hw_set(ar->hw, SUPPORTS_TX_FRAG); ieee80211_hw_set(ar->hw, REPORTS_LOW_ACK); + ieee80211_hw_set(ar->hw, SUPPORTS_VHT_EXT_NSS_BW); if (!test_bit(ATH10K_FLAG_RAW_MODE, &ar->dev_flags)) ieee80211_hw_set(ar->hw, SW_CRYPTO_CONTROL); @@ -10148,6 +10214,8 @@ if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED)) { /* Init ath dfs pattern detector */ ar->ath_common.debug_mask = ATH_DBG_DFS; + ar->ath_common.dfs_pulse_valid_diff_ts = + ATH10K_DFS_PULSE_VALID_DIFF_TS; ar->dfs_detector = dfs_pattern_detector_init(&ar->ath_common, NL80211_DFS_UNSET); @@ -10165,6 +10233,15 @@ if (!ar->hw_params.hw_ops->set_coverage_class) ar->ops->set_coverage_class = NULL; + /* Current wake_tx_queue implementation imposes a significant + * performance penalty in some setups. The tx scheduling code needs + * more work anyway so disable the wake_tx_queue unless firmware + * supports the pull-push mechanism. + */ + if (!test_bit(ATH10K_FW_FEATURE_PEER_FLOW_CONTROL, + ar->running_fw->fw_file.fw_features)) + ar->ops->wake_tx_queue = NULL; + ret = ath_regd_init(&ar->ath_common.regulatory, ar->hw->wiphy, ath10k_reg_notifier); if (ret) { @@ -10195,6 +10272,9 @@ ar->hw->weight_multiplier = ATH10K_AIRTIME_WEIGHT_MULTIPLIER; + INIT_WORK(&ar->powerup_work, ath10k_powerup_work); + ar->powerup_pending = false; + ret = ieee80211_register_hw(ar->hw); if (ret) { ath10k_err(ar, "failed to register ieee80211: %d\n", ret); @@ -10206,16 +10286,20 @@ ar->hw->wiphy->software_iftypes |= BIT(NL80211_IFTYPE_AP_VLAN); } +#ifndef CONFIG_ATH_REG_IGNORE if (!ath_is_world_regd(&ar->ath_common.regulatory)) { ret = regulatory_hint(ar->hw->wiphy, ar->ath_common.regulatory.alpha2); if (ret) goto err_unregister; } +#endif return 0; +#ifndef CONFIG_ATH_REG_IGNORE err_unregister: +#endif ieee80211_unregister_hw(ar->hw); err_dfs_detector_exit: @@ -10233,6 +10317,7 @@ void ath10k_mac_unregister(struct ath10k *ar) { ieee80211_unregister_hw(ar->hw); + cancel_work_sync(&ar->powerup_work); if (IS_ENABLED(CONFIG_ATH10K_DFS_CERTIFIED) && ar->dfs_detector) ar->dfs_detector->exit(ar->dfs_detector); diff -ruw linux-5.15.42/drivers/net/wireless/ath/ath10k/pci.c linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/pci.c --- linux-5.15.42/drivers/net/wireless/ath/ath10k/pci.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/pci.c 2024-04-22 14:46:55.280196310 +0200 @@ -9,6 +9,7 @@ #include #include #include +#include #include "core.h" #include "debug.h" @@ -30,6 +31,7 @@ static unsigned int ath10k_pci_irq_mode = ATH10K_PCI_IRQ_AUTO; static unsigned int ath10k_pci_reset_mode = ATH10K_PCI_RESET_AUTO; +static char *fem_name; module_param_named(irq_mode, ath10k_pci_irq_mode, uint, 0644); MODULE_PARM_DESC(irq_mode, "0: auto, 1: legacy, 2: msi (default: 0)"); @@ -37,6 +39,9 @@ module_param_named(reset_mode, ath10k_pci_reset_mode, uint, 0644); MODULE_PARM_DESC(reset_mode, "0: auto, 1: warm only (default: 0)"); +module_param(fem_name, charp, 0660); +MODULE_PARM_DESC(fem_name, "force FEM type"); + /* how long wait to wait for target to initialise, in ms */ #define ATH10K_PCI_TARGET_WAIT 3000 #define ATH10K_PCI_NUM_WARM_RESET_ATTEMPTS 3 @@ -714,7 +719,8 @@ /* Check if the shared legacy irq is for us */ cause = ath10k_pci_read32(ar, SOC_CORE_BASE_ADDRESS + PCIE_INTR_CAUSE_ADDRESS); - if (cause & (PCIE_INTR_FIRMWARE_MASK | PCIE_INTR_CE_MASK_ALL)) + if (cause & (PCIE_INTR_FIRMWARE_MASK | PCIE_INTR_CE_MASK_ALL) && + cause != 0xdeadbeef) return true; return false; @@ -2655,12 +2661,6 @@ return 0; } -static int ath10k_pci_qca99x0_soft_chip_reset(struct ath10k *ar) -{ - ath10k_pci_irq_disable(ar); - return ath10k_pci_qca99x0_chip_reset(ar); -} - static int ath10k_pci_safe_chip_reset(struct ath10k *ar) { struct ath10k_pci *ar_pci = ath10k_pci_priv(ar); @@ -3529,7 +3529,7 @@ .get_num_banks = ath10k_pci_get_num_banks, }; -static int ath10k_pci_probe(struct pci_dev *pdev, +static int __ath10k_pci_probe(struct pci_dev *pdev, const struct pci_device_id *pci_dev) { int ret = 0; @@ -3570,21 +3570,21 @@ case QCA99X0_2_0_DEVICE_ID: hw_rev = ATH10K_HW_QCA99X0; pci_ps = false; - pci_soft_reset = ath10k_pci_qca99x0_soft_chip_reset; + pci_soft_reset = NULL;; pci_hard_reset = ath10k_pci_qca99x0_chip_reset; targ_cpu_to_ce_addr = ath10k_pci_qca99x0_targ_cpu_to_ce_addr; break; case QCA9984_1_0_DEVICE_ID: hw_rev = ATH10K_HW_QCA9984; pci_ps = false; - pci_soft_reset = ath10k_pci_qca99x0_soft_chip_reset; + pci_soft_reset = NULL;; pci_hard_reset = ath10k_pci_qca99x0_chip_reset; targ_cpu_to_ce_addr = ath10k_pci_qca99x0_targ_cpu_to_ce_addr; break; case QCA9888_2_0_DEVICE_ID: hw_rev = ATH10K_HW_QCA9888; pci_ps = false; - pci_soft_reset = ath10k_pci_qca99x0_soft_chip_reset; + pci_soft_reset = NULL;; pci_hard_reset = ath10k_pci_qca99x0_chip_reset; targ_cpu_to_ce_addr = ath10k_pci_qca99x0_targ_cpu_to_ce_addr; break; @@ -3623,6 +3623,7 @@ ar_pci->targ_cpu_to_ce_addr = targ_cpu_to_ce_addr; ar->ce_priv = &ar_pci->ce; + ar->fem_name = fem_name; ar->id.vendor = pdev->vendor; ar->id.device = pdev->device; ar->id.subsystem_vendor = pdev->subsystem_vendor; @@ -3781,6 +3782,23 @@ ath10k_pci_pm_suspend, ath10k_pci_pm_resume); +static int ath10k_pci_probe(struct pci_dev *pdev, + const struct pci_device_id *pci_dev) +{ + int cnt = 0; + int rv; + do { + rv = __ath10k_pci_probe(pdev, pci_dev); + if (rv == 0) + return rv; + + pr_err("ath10k: failed to probe PCI : %d, retry-count: %d\n", rv, cnt); + mdelay(10); /* let the ath10k firmware gerbil take a small break */ + } while (cnt++ < 3); + + return rv; +} + static struct pci_driver ath10k_pci_driver = { .name = "ath10k_pci", .id_table = ath10k_pci_id_table, diff -ruw linux-5.15.42/drivers/net/wireless/ath/ath10k/thermal.c linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/thermal.c --- linux-5.15.42/drivers/net/wireless/ath/ath10k/thermal.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/thermal.c 2024-04-22 14:46:55.284196419 +0200 @@ -160,7 +160,9 @@ if (!test_bit(WMI_SERVICE_THERM_THROT, ar->wmi.svc_map)) return 0; - cdev = thermal_cooling_device_register("ath10k_thermal", ar, + cdev = thermal_cooling_device_register_with_parent(ar->dev, + "ath10k_thermal", + ar, &ath10k_thermal_ops); if (IS_ERR(cdev)) { diff -ruw linux-5.15.42/drivers/net/wireless/ath/ath10k/txrx.c linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/txrx.c --- linux-5.15.42/drivers/net/wireless/ath/ath10k/txrx.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/txrx.c 2024-04-22 14:46:55.284196419 +0200 @@ -125,7 +125,7 @@ tx_done->ack_rssi != ATH10K_INVALID_RSSI) { info->status.ack_signal = ATH10K_DEFAULT_NOISE_FLOOR + tx_done->ack_rssi; - info->status.is_valid_ack_signal = true; + info->status.flags |= IEEE80211_TX_STATUS_ACK_SIGNAL_VALID; } ieee80211_tx_status(htt->ar->hw, msdu); diff -ruw linux-5.15.42/drivers/net/wireless/ath/ath10k/wmi.c linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/wmi.c --- linux-5.15.42/drivers/net/wireless/ath/ath10k/wmi.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/ath10k/wmi.c 2024-04-22 14:46:55.288196528 +0200 @@ -2427,7 +2427,7 @@ info->flags |= IEEE80211_TX_STAT_ACK; info->status.ack_signal = ATH10K_DEFAULT_NOISE_FLOOR + param->ack_rssi; - info->status.is_valid_ack_signal = true; + info->status.flags |= IEEE80211_TX_STATUS_ACK_SIGNAL_VALID; } ieee80211_tx_status_irqsafe(ar->hw, msdu); @@ -5815,12 +5815,14 @@ survey->noise = noise_floor; survey->time = div_u64(total, cc_freq_hz); survey->time_busy = div_u64(busy, cc_freq_hz); - survey->time_rx = div_u64(rx_bss, cc_freq_hz); + survey->time_rx = div_u64(rx, cc_freq_hz); survey->time_tx = div_u64(tx, cc_freq_hz); + survey->time_bss_rx = div_u64(rx_bss, cc_freq_hz); survey->filled |= (SURVEY_INFO_NOISE_DBM | SURVEY_INFO_TIME | SURVEY_INFO_TIME_BUSY | SURVEY_INFO_TIME_RX | + SURVEY_INFO_TIME_BSS_RX | SURVEY_INFO_TIME_TX); exit: spin_unlock_bh(&ar->data_lock); diff -ruw linux-5.15.42/drivers/net/wireless/ath/ath11k/Kconfig linux-5.15.42-fbx/drivers/net/wireless/ath/ath11k/Kconfig --- linux-5.15.42/drivers/net/wireless/ath/ath11k/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/ath11k/Kconfig 2023-05-22 20:06:42.199799433 +0200 @@ -57,3 +57,15 @@ Enable ath11k spectral scan support Say Y to enable access to the FFT/spectral data via debugfs. + +config ATH11K_SMALL_DP_RINGS + bool "ath11k small datapath DMA rings for memory challenged platforms" + depends on ATH11K + help + Select this to lower the memory requirements for DMA rings + in the datapath code. This can free up to 17 MiB of RAM per + chip. + +config ATH11K_QCN9074_FIXED_MEM_REGION + bool "QCA ath11k fixed memory region mode on QCN9074" + depends on ATH11K diff -ruw linux-5.15.42/drivers/net/wireless/ath/ath11k/Makefile linux-5.15.42-fbx/drivers/net/wireless/ath/ath11k/Makefile --- linux-5.15.42/drivers/net/wireless/ath/ath11k/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/ath11k/Makefile 2022-06-03 17:59:08.233393581 +0200 @@ -17,13 +17,14 @@ peer.o \ dbring.o \ hw.o \ - wow.o + pcic.o ath11k-$(CONFIG_ATH11K_DEBUGFS) += debugfs.o debugfs_htt_stats.o debugfs_sta.o ath11k-$(CONFIG_NL80211_TESTMODE) += testmode.o ath11k-$(CONFIG_ATH11K_TRACING) += trace.o ath11k-$(CONFIG_THERMAL) += thermal.o ath11k-$(CONFIG_ATH11K_SPECTRAL) += spectral.o +ath11k-$(CONFIG_PM) += wow.o obj-$(CONFIG_ATH11K_AHB) += ath11k_ahb.o ath11k_ahb-y += ahb.o diff -ruw linux-5.15.42/drivers/net/wireless/ath/dfs_pattern_detector.c linux-5.15.42-fbx/drivers/net/wireless/ath/dfs_pattern_detector.c --- linux-5.15.42/drivers/net/wireless/ath/dfs_pattern_detector.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/dfs_pattern_detector.c 2024-04-22 14:46:55.348198167 +0200 @@ -275,6 +275,7 @@ { u32 i; struct channel_detector *cd; + int diff_ts; /* * pulses received for a non-supported or un-initialized @@ -287,8 +288,9 @@ if (cd == NULL) return false; + diff_ts = event->ts - dpd->last_pulse_ts; /* reset detector on time stamp wraparound, caused by TSF reset */ - if (event->ts < dpd->last_pulse_ts) + if (diff_ts < dpd->common->dfs_pulse_valid_diff_ts) dpd_reset(dpd); dpd->last_pulse_ts = event->ts; diff -ruw linux-5.15.42/drivers/net/wireless/ath/dfs_pattern_detector.h linux-5.15.42-fbx/drivers/net/wireless/ath/dfs_pattern_detector.h --- linux-5.15.42/drivers/net/wireless/ath/dfs_pattern_detector.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/dfs_pattern_detector.h 2023-02-27 20:51:59.590934925 +0100 @@ -24,7 +24,7 @@ /* tolerated deviation of radar time stamp in usecs on both sides * TODO: this might need to be HW-dependent */ -#define PRI_TOLERANCE 16 +#define PRI_TOLERANCE 6 /** * struct ath_dfs_pool_stats - DFS Statistics for global pools diff -ruw linux-5.15.42/drivers/net/wireless/ath/key.c linux-5.15.42-fbx/drivers/net/wireless/ath/key.c --- linux-5.15.42/drivers/net/wireless/ath/key.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/key.c 2024-04-22 14:46:55.348198167 +0200 @@ -524,7 +524,7 @@ idx = ath_reserve_key_cache_slot(common, key->cipher); break; default: - idx = key->keyidx; + idx = ath_reserve_key_cache_slot(common, key->cipher); break; } } else if (key->keyidx) { diff -ruw linux-5.15.42/drivers/net/wireless/ath/regd.c linux-5.15.42-fbx/drivers/net/wireless/ath/regd.c --- linux-5.15.42/drivers/net/wireless/ath/regd.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/regd.c 2023-02-27 20:46:50.166676215 +0100 @@ -345,6 +345,10 @@ struct ieee80211_channel *ch; unsigned int i; +#ifdef CONFIG_ATH_REG_IGNORE + return; +#endif + for (band = 0; band < NUM_NL80211_BANDS; band++) { if (!wiphy->bands[band]) continue; @@ -379,6 +383,10 @@ { struct ieee80211_supported_band *sband; +#ifdef CONFIG_ATH_REG_IGNORE + return; +#endif + sband = wiphy->bands[NL80211_BAND_2GHZ]; if (!sband) return; @@ -408,6 +416,9 @@ struct ieee80211_channel *ch; unsigned int i; +#ifdef CONFIG_ATH_REG_IGNORE + return; +#endif if (!wiphy->bands[NL80211_BAND_5GHZ]) return; @@ -640,6 +651,11 @@ const struct ieee80211_regdomain *regd; wiphy->reg_notifier = reg_notifier; + +#ifdef CONFIG_ATH_REG_IGNORE + return 0; +#endif + wiphy->regulatory_flags |= REGULATORY_STRICT_REG | REGULATORY_CUSTOM_REG; @@ -704,7 +720,7 @@ regdmn == CTRY_DEFAULT) { printk(KERN_DEBUG "ath: EEPROM indicates default " "country code should be used\n"); - reg->country_code = CTRY_UNITED_STATES; + reg->country_code = CTRY_FRANCE; } if (reg->country_code == CTRY_DEFAULT) { diff -ruw linux-5.15.42/drivers/net/wireless/ath/spectral_common.h linux-5.15.42-fbx/drivers/net/wireless/ath/spectral_common.h --- linux-5.15.42/drivers/net/wireless/ath/spectral_common.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/ath/spectral_common.h 2024-04-22 14:46:55.348198167 +0200 @@ -24,7 +24,6 @@ * could be acquired so far. */ #define SPECTRAL_ATH10K_MAX_NUM_BINS 256 -#define SPECTRAL_ATH11K_MAX_NUM_BINS 512 /* FFT sample format given to userspace via debugfs. * diff -ruw linux-5.15.42/drivers/net/wireless/mac80211_hwsim.c linux-5.15.42-fbx/drivers/net/wireless/mac80211_hwsim.c --- linux-5.15.42/drivers/net/wireless/mac80211_hwsim.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/mac80211_hwsim.c 2024-04-22 14:46:55.440200681 +0200 @@ -4,7 +4,7 @@ * Copyright (c) 2008, Jouni Malinen * Copyright (c) 2011, Javier Lopez * Copyright (c) 2016 - 2017 Intel Deutschland GmbH - * Copyright (C) 2018 - 2020 Intel Corporation + * Copyright (C) 2018 - 2022 Intel Corporation */ /* @@ -173,9 +173,23 @@ } }; +static const struct ieee80211_regdomain hwsim_world_regdom_custom_03 = { + .n_reg_rules = 6, + .alpha2 = "99", + .reg_rules = { + REG_RULE(2412 - 10, 2462 + 10, 40, 0, 20, 0), + REG_RULE(2484 - 10, 2484 + 10, 40, 0, 20, 0), + REG_RULE(5150 - 10, 5240 + 10, 40, 0, 30, 0), + REG_RULE(5745 - 10, 5825 + 10, 40, 0, 30, 0), + REG_RULE(5855 - 10, 5925 + 10, 40, 0, 33, 0), + REG_RULE(5955 - 10, 7125 + 10, 320, 0, 33, 0), + } +}; + static const struct ieee80211_regdomain *hwsim_world_regdom_custom[] = { &hwsim_world_regdom_custom_01, &hwsim_world_regdom_custom_02, + &hwsim_world_regdom_custom_03, }; struct hwsim_vif_priv { @@ -475,16 +489,16 @@ 0 }, }; -static void hwsim_init_s1g_channels(struct ieee80211_channel *channels) +static void hwsim_init_s1g_channels(struct ieee80211_channel *chans) { int ch, freq; for (ch = 0; ch < NUM_S1G_CHANS_US; ch++) { freq = 902000 + (ch + 1) * 500; - channels[ch].band = NL80211_BAND_S1GHZ; - channels[ch].center_freq = KHZ_TO_MHZ(freq); - channels[ch].freq_offset = freq % 1000; - channels[ch].hw_value = ch + 1; + chans[ch].band = NL80211_BAND_S1GHZ; + chans[ch].center_freq = KHZ_TO_MHZ(freq); + chans[ch].freq_offset = freq % 1000; + chans[ch].hw_value = ch + 1; } } @@ -503,6 +517,8 @@ { .bitrate = 540 } }; +#define DEFAULT_RX_RSSI -50 + static const u32 hwsim_ciphers[] = { WLAN_CIPHER_SUITE_WEP40, WLAN_CIPHER_SUITE_WEP104, @@ -652,6 +668,7 @@ ARRAY_SIZE(hwsim_channels_6ghz)]; struct ieee80211_channel *channel; + enum nl80211_chan_width bw; u64 beacon_int /* beacon interval in us */; unsigned int rx_filter; bool started, idle, scanning; @@ -690,6 +707,9 @@ u64 rx_bytes; u64 tx_dropped; u64 tx_failed; + + /* RSSI in rx status of the receiver */ + int rx_rssi; }; static const struct rhashtable_params hwsim_rht_params = { @@ -757,6 +777,7 @@ [HWSIM_ATTR_PERM_ADDR] = NLA_POLICY_ETH_ADDR_COMPAT, [HWSIM_ATTR_IFTYPE_SUPPORT] = { .type = NLA_U32 }, [HWSIM_ATTR_CIPHER_SUPPORT] = { .type = NLA_BINARY }, + [HWSIM_ATTR_BANDS] = { .type = NLA_U8 }, }; #if IS_REACHABLE(CONFIG_VIRTIO) @@ -803,6 +824,40 @@ #define hwsim_virtio_enabled false #endif +static int hwsim_get_chanwidth(enum nl80211_chan_width bw) +{ + switch (bw) { + case NL80211_CHAN_WIDTH_20_NOHT: + case NL80211_CHAN_WIDTH_20: + return 20; + case NL80211_CHAN_WIDTH_40: + return 40; + case NL80211_CHAN_WIDTH_80: + return 80; + case NL80211_CHAN_WIDTH_80P80: + case NL80211_CHAN_WIDTH_160: + return 160; + case NL80211_CHAN_WIDTH_320: + return 320; + case NL80211_CHAN_WIDTH_5: + return 5; + case NL80211_CHAN_WIDTH_10: + return 10; + case NL80211_CHAN_WIDTH_1: + return 1; + case NL80211_CHAN_WIDTH_2: + return 2; + case NL80211_CHAN_WIDTH_4: + return 4; + case NL80211_CHAN_WIDTH_8: + return 8; + case NL80211_CHAN_WIDTH_16: + return 16; + } + + return INT_MAX; +} + static void mac80211_hwsim_tx_frame(struct ieee80211_hw *hw, struct sk_buff *skb, struct ieee80211_channel *chan); @@ -964,6 +1019,29 @@ hwsim_fops_group_read, hwsim_fops_group_write, "%llx\n"); +static int hwsim_fops_rx_rssi_read(void *dat, u64 *val) +{ + struct mac80211_hwsim_data *data = dat; + *val = data->rx_rssi; + return 0; +} + +static int hwsim_fops_rx_rssi_write(void *dat, u64 val) +{ + struct mac80211_hwsim_data *data = dat; + int rssi = (int)val; + + if (rssi >= 0 || rssi < -100) + return -EINVAL; + + data->rx_rssi = rssi; + return 0; +} + +DEFINE_DEBUGFS_ATTRIBUTE(hwsim_fops_rx_rssi, + hwsim_fops_rx_rssi_read, hwsim_fops_rx_rssi_write, + "%lld\n"); + static netdev_tx_t hwsim_mon_xmit(struct sk_buff *skb, struct net_device *dev) { @@ -1276,7 +1354,7 @@ hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM); /* If the queue contains MAX_QUEUE skb's drop some */ if (skb_queue_len(&data->pending) >= MAX_QUEUE) { - /* Droping until WARN_QUEUE level */ + /* Dropping until WARN_QUEUE level */ while (skb_queue_len(&data->pending) >= WARN_QUEUE) { ieee80211_free_txskb(hw, skb_dequeue(&data->pending)); data->tx_dropped++; @@ -1482,8 +1560,8 @@ rx_status.bw = RATE_INFO_BW_20; if (info->control.rates[0].flags & IEEE80211_TX_RC_SHORT_GI) rx_status.enc_flags |= RX_ENC_FLAG_SHORT_GI; - /* TODO: simulate real signal strength (and optional packet loss) */ - rx_status.signal = -50; + /* TODO: simulate optional packet loss */ + rx_status.signal = data->rx_rssi; if (info->control.vif) rx_status.signal += info->control.vif->bss_conf.txpower; @@ -1595,7 +1673,8 @@ struct ieee80211_chanctx_conf *chanctx_conf; struct ieee80211_channel *channel; bool ack; - u32 _portid; + enum nl80211_chan_width confbw = NL80211_CHAN_WIDTH_20_NOHT; + u32 _portid, i; if (WARN_ON(skb->len < 10)) { /* Should not happen; just a sanity check for addr1 use */ @@ -1605,15 +1684,18 @@ if (!data->use_chanctx) { channel = data->channel; + confbw = data->bw; } else if (txi->hw_queue == 4) { channel = data->tmp_chan; } else { chanctx_conf = rcu_dereference(txi->control.vif->chanctx_conf); - if (chanctx_conf) + if (chanctx_conf) { channel = chanctx_conf->def.chan; - else + confbw = chanctx_conf->def.width; + } else { channel = NULL; } + } if (WARN(!channel, "TX w/o channel - queue = %d\n", txi->hw_queue)) { ieee80211_free_txskb(hw, skb); @@ -1636,6 +1718,25 @@ txi->control.rates, ARRAY_SIZE(txi->control.rates)); + for (i = 0; i < ARRAY_SIZE(txi->control.rates); i++) { + u16 rflags = txi->control.rates[i].flags; + /* initialize to data->bw for 5/10 MHz handling */ + enum nl80211_chan_width bw = data->bw; + + if (txi->control.rates[i].idx == -1) + break; + + if (rflags & IEEE80211_TX_RC_40_MHZ_WIDTH) + bw = NL80211_CHAN_WIDTH_40; + else if (rflags & IEEE80211_TX_RC_80_MHZ_WIDTH) + bw = NL80211_CHAN_WIDTH_80; + else if (rflags & IEEE80211_TX_RC_160_MHZ_WIDTH) + bw = NL80211_CHAN_WIDTH_160; + + if (WARN_ON(hwsim_get_chanwidth(bw) > hwsim_get_chanwidth(confbw))) + return; + } + if (skb->len >= 24 + 8 && ieee80211_is_probe_resp(hdr->frame_control)) { /* fake header transmission time */ @@ -1935,6 +2036,7 @@ } data->channel = conf->chandef.chan; + data->bw = conf->chandef.width; for (idx = 0; idx < ARRAY_SIZE(data->survey_data); idx++) { if (data->survey_data[idx].channel && @@ -1946,6 +2048,7 @@ } } else { data->channel = conf->chandef.chan; + data->bw = conf->chandef.width; } mutex_unlock(&data->mutex); @@ -2077,12 +2180,49 @@ wiphy_dbg(hw->wiphy, " TX Power: %d dBm\n", info->txpower); } +static void +mac80211_hwsim_sta_rc_update(struct ieee80211_hw *hw, + struct ieee80211_vif *vif, + struct ieee80211_sta *sta, + u32 changed) +{ + struct mac80211_hwsim_data *data = hw->priv; + u32 bw = U32_MAX; + enum nl80211_chan_width confbw = NL80211_CHAN_WIDTH_20_NOHT; + + switch (sta->bandwidth) { +#define C(_bw) case IEEE80211_STA_RX_BW_##_bw: bw = _bw; break + C(20); + C(40); + C(80); + C(160); + C(320); +#undef C + } + + if (!data->use_chanctx) { + confbw = data->bw; + } else { + struct ieee80211_chanctx_conf *chanctx_conf = + rcu_dereference(vif->chanctx_conf); + + if (!WARN_ON(!chanctx_conf)) + confbw = chanctx_conf->def.width; + } + + WARN(bw > hwsim_get_chanwidth(confbw), + "intf %pM: bad STA %pM bandwidth %d MHz (%d) > channel config %d MHz (%d)\n", + vif->addr, sta->addr, bw, sta->bandwidth, + hwsim_get_chanwidth(data->bw), data->bw); +} + static int mac80211_hwsim_sta_add(struct ieee80211_hw *hw, struct ieee80211_vif *vif, struct ieee80211_sta *sta) { hwsim_check_magic(vif); hwsim_set_sta_magic(sta); + mac80211_hwsim_sta_rc_update(hw, vif, sta, 0); return 0; } @@ -2661,6 +2801,7 @@ .sta_add = mac80211_hwsim_sta_add, \ .sta_remove = mac80211_hwsim_sta_remove, \ .sta_notify = mac80211_hwsim_sta_notify, \ + .sta_rc_update = mac80211_hwsim_sta_rc_update, \ .set_tim = mac80211_hwsim_set_tim, \ .conf_tx = mac80211_hwsim_conf_tx, \ .get_survey = mac80211_hwsim_get_survey, \ @@ -2708,6 +2849,7 @@ u32 iftypes; u32 *ciphers; u8 n_ciphers; + u8 bands; }; static void hwsim_mcast_config_msg(struct sk_buff *mcast_skb, @@ -2812,9 +2954,8 @@ nlmsg_free(mcast_skb); } -static const struct ieee80211_sband_iftype_data he_capa_2ghz[] = { +static const struct ieee80211_sband_iftype_data sband_capa_2ghz[] = { { - /* TODO: should we support other types, e.g., P2P?*/ .types_mask = BIT(NL80211_IFTYPE_STATION) | BIT(NL80211_IFTYPE_AP), .he_cap = { @@ -2859,10 +3000,69 @@ .tx_mcs_80p80 = cpu_to_le16(0xffff), }, }, + .eht_cap = { + .has_eht = true, + .eht_cap_elem = { + .mac_cap_info[0] = + IEEE80211_EHT_MAC_CAP0_NSEP_PRIO_ACCESS | + IEEE80211_EHT_MAC_CAP0_OM_CONTROL | + IEEE80211_EHT_MAC_CAP0_TRIG_TXOP_SHARING_MODE1, + .phy_cap_info[0] = + IEEE80211_EHT_PHY_CAP0_242_TONE_RU_GT20MHZ | + IEEE80211_EHT_PHY_CAP0_NDP_4_EHT_LFT_32_GI | + IEEE80211_EHT_PHY_CAP0_PARTIAL_BW_UL_MU_MIMO | + IEEE80211_EHT_PHY_CAP0_SU_BEAMFORMER | + IEEE80211_EHT_PHY_CAP0_SU_BEAMFORMEE, + .phy_cap_info[3] = + IEEE80211_EHT_PHY_CAP3_NG_16_SU_FEEDBACK | + IEEE80211_EHT_PHY_CAP3_NG_16_MU_FEEDBACK | + IEEE80211_EHT_PHY_CAP3_CODEBOOK_4_2_SU_FDBK | + IEEE80211_EHT_PHY_CAP3_CODEBOOK_7_5_MU_FDBK | + IEEE80211_EHT_PHY_CAP3_TRIG_SU_BF_FDBK | + IEEE80211_EHT_PHY_CAP3_TRIG_MU_BF_PART_BW_FDBK | + IEEE80211_EHT_PHY_CAP3_TRIG_CQI_FDBK, + .phy_cap_info[4] = + IEEE80211_EHT_PHY_CAP4_PART_BW_DL_MU_MIMO | + IEEE80211_EHT_PHY_CAP4_PSR_SR_SUPP | + IEEE80211_EHT_PHY_CAP4_POWER_BOOST_FACT_SUPP | + IEEE80211_EHT_PHY_CAP4_EHT_MU_PPDU_4_EHT_LTF_08_GI | + IEEE80211_EHT_PHY_CAP4_MAX_NC_MASK, + .phy_cap_info[5] = + IEEE80211_EHT_PHY_CAP5_NON_TRIG_CQI_FEEDBACK | + IEEE80211_EHT_PHY_CAP5_TX_LESS_242_TONE_RU_SUPP | + IEEE80211_EHT_PHY_CAP5_RX_LESS_242_TONE_RU_SUPP | + IEEE80211_EHT_PHY_CAP5_PPE_THRESHOLD_PRESENT | + IEEE80211_EHT_PHY_CAP5_COMMON_NOMINAL_PKT_PAD_MASK | + IEEE80211_EHT_PHY_CAP5_MAX_NUM_SUPP_EHT_LTF_MASK, + .phy_cap_info[6] = + IEEE80211_EHT_PHY_CAP6_MAX_NUM_SUPP_EHT_LTF_MASK | + IEEE80211_EHT_PHY_CAP6_MCS15_SUPP_MASK, + .phy_cap_info[7] = + IEEE80211_EHT_PHY_CAP7_20MHZ_STA_RX_NDP_WIDER_BW, + }, + + /* For all MCS and bandwidth, set 8 NSS for both Tx and + * Rx + */ + .eht_mcs_nss_supp = { + /* + * Since B0, B1, B2 and B3 are not set in + * the supported channel width set field in the + * HE PHY capabilities information field the + * device is a 20MHz only device on 2.4GHz band. + */ + .only_20mhz = { + .rx_tx_mcs7_max_nss = 0x88, + .rx_tx_mcs9_max_nss = 0x88, + .rx_tx_mcs11_max_nss = 0x88, + .rx_tx_mcs13_max_nss = 0x88, + }, + }, + /* PPE threshold information is not supported */ + }, }, #ifdef CONFIG_MAC80211_MESH { - /* TODO: should we support other types, e.g., IBSS?*/ .types_mask = BIT(NL80211_IFTYPE_MESH_POINT), .he_cap = { .has_he = true, @@ -2902,7 +3102,7 @@ #endif }; -static const struct ieee80211_sband_iftype_data he_capa_5ghz[] = { +static const struct ieee80211_sband_iftype_data sband_capa_5ghz[] = { { /* TODO: should we support other types, e.g., P2P?*/ .types_mask = BIT(NL80211_IFTYPE_STATION) | @@ -2953,6 +3153,81 @@ .tx_mcs_80p80 = cpu_to_le16(0xfffa), }, }, + .eht_cap = { + .has_eht = true, + .eht_cap_elem = { + .mac_cap_info[0] = + IEEE80211_EHT_MAC_CAP0_NSEP_PRIO_ACCESS | + IEEE80211_EHT_MAC_CAP0_OM_CONTROL | + IEEE80211_EHT_MAC_CAP0_TRIG_TXOP_SHARING_MODE1, + .phy_cap_info[0] = + IEEE80211_EHT_PHY_CAP0_242_TONE_RU_GT20MHZ | + IEEE80211_EHT_PHY_CAP0_NDP_4_EHT_LFT_32_GI | + IEEE80211_EHT_PHY_CAP0_PARTIAL_BW_UL_MU_MIMO | + IEEE80211_EHT_PHY_CAP0_SU_BEAMFORMER | + IEEE80211_EHT_PHY_CAP0_SU_BEAMFORMEE | + IEEE80211_EHT_PHY_CAP0_BEAMFORMEE_SS_80MHZ_MASK, + .phy_cap_info[1] = + IEEE80211_EHT_PHY_CAP1_BEAMFORMEE_SS_80MHZ_MASK | + IEEE80211_EHT_PHY_CAP1_BEAMFORMEE_SS_160MHZ_MASK, + .phy_cap_info[2] = + IEEE80211_EHT_PHY_CAP2_SOUNDING_DIM_80MHZ_MASK | + IEEE80211_EHT_PHY_CAP2_SOUNDING_DIM_160MHZ_MASK, + .phy_cap_info[3] = + IEEE80211_EHT_PHY_CAP3_NG_16_SU_FEEDBACK | + IEEE80211_EHT_PHY_CAP3_NG_16_MU_FEEDBACK | + IEEE80211_EHT_PHY_CAP3_CODEBOOK_4_2_SU_FDBK | + IEEE80211_EHT_PHY_CAP3_CODEBOOK_7_5_MU_FDBK | + IEEE80211_EHT_PHY_CAP3_TRIG_SU_BF_FDBK | + IEEE80211_EHT_PHY_CAP3_TRIG_MU_BF_PART_BW_FDBK | + IEEE80211_EHT_PHY_CAP3_TRIG_CQI_FDBK, + .phy_cap_info[4] = + IEEE80211_EHT_PHY_CAP4_PART_BW_DL_MU_MIMO | + IEEE80211_EHT_PHY_CAP4_PSR_SR_SUPP | + IEEE80211_EHT_PHY_CAP4_POWER_BOOST_FACT_SUPP | + IEEE80211_EHT_PHY_CAP4_EHT_MU_PPDU_4_EHT_LTF_08_GI | + IEEE80211_EHT_PHY_CAP4_MAX_NC_MASK, + .phy_cap_info[5] = + IEEE80211_EHT_PHY_CAP5_NON_TRIG_CQI_FEEDBACK | + IEEE80211_EHT_PHY_CAP5_TX_LESS_242_TONE_RU_SUPP | + IEEE80211_EHT_PHY_CAP5_RX_LESS_242_TONE_RU_SUPP | + IEEE80211_EHT_PHY_CAP5_PPE_THRESHOLD_PRESENT | + IEEE80211_EHT_PHY_CAP5_COMMON_NOMINAL_PKT_PAD_MASK | + IEEE80211_EHT_PHY_CAP5_MAX_NUM_SUPP_EHT_LTF_MASK, + .phy_cap_info[6] = + IEEE80211_EHT_PHY_CAP6_MAX_NUM_SUPP_EHT_LTF_MASK | + IEEE80211_EHT_PHY_CAP6_MCS15_SUPP_MASK, + .phy_cap_info[7] = + IEEE80211_EHT_PHY_CAP7_20MHZ_STA_RX_NDP_WIDER_BW | + IEEE80211_EHT_PHY_CAP7_NON_OFDMA_UL_MU_MIMO_80MHZ | + IEEE80211_EHT_PHY_CAP7_NON_OFDMA_UL_MU_MIMO_160MHZ | + IEEE80211_EHT_PHY_CAP7_MU_BEAMFORMER_80MHZ | + IEEE80211_EHT_PHY_CAP7_MU_BEAMFORMER_160MHZ, + }, + + /* For all MCS and bandwidth, set 8 NSS for both Tx and + * Rx + */ + .eht_mcs_nss_supp = { + /* + * As B1 and B2 are set in the supported + * channel width set field in the HE PHY + * capabilities information field include all + * the following MCS/NSS. + */ + .bw._80 = { + .rx_tx_mcs9_max_nss = 0x88, + .rx_tx_mcs11_max_nss = 0x88, + .rx_tx_mcs13_max_nss = 0x88, + }, + .bw._160 = { + .rx_tx_mcs9_max_nss = 0x88, + .rx_tx_mcs11_max_nss = 0x88, + .rx_tx_mcs13_max_nss = 0x88, + }, + }, + /* PPE threshold information is not supported */ + }, }, #ifdef CONFIG_MAC80211_MESH { @@ -3000,18 +3275,225 @@ #endif }; -static void mac80211_hwsim_he_capab(struct ieee80211_supported_band *sband) +static const struct ieee80211_sband_iftype_data sband_capa_6ghz[] = { + { + /* TODO: should we support other types, e.g., P2P?*/ + .types_mask = BIT(NL80211_IFTYPE_STATION) | + BIT(NL80211_IFTYPE_AP), + .he_6ghz_capa = { + .capa = cpu_to_le16(IEEE80211_HE_6GHZ_CAP_MIN_MPDU_START | + IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP | + IEEE80211_HE_6GHZ_CAP_MAX_MPDU_LEN | + IEEE80211_HE_6GHZ_CAP_SM_PS | + IEEE80211_HE_6GHZ_CAP_RD_RESPONDER | + IEEE80211_HE_6GHZ_CAP_TX_ANTPAT_CONS | + IEEE80211_HE_6GHZ_CAP_RX_ANTPAT_CONS), + }, + .he_cap = { + .has_he = true, + .he_cap_elem = { + .mac_cap_info[0] = + IEEE80211_HE_MAC_CAP0_HTC_HE, + .mac_cap_info[1] = + IEEE80211_HE_MAC_CAP1_TF_MAC_PAD_DUR_16US | + IEEE80211_HE_MAC_CAP1_MULTI_TID_AGG_RX_QOS_8, + .mac_cap_info[2] = + IEEE80211_HE_MAC_CAP2_BSR | + IEEE80211_HE_MAC_CAP2_MU_CASCADING | + IEEE80211_HE_MAC_CAP2_ACK_EN, + .mac_cap_info[3] = + IEEE80211_HE_MAC_CAP3_OMI_CONTROL | + IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_3, + .mac_cap_info[4] = IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU, + .phy_cap_info[0] = + IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_80MHZ_IN_5G | + IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G | + IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G, + .phy_cap_info[1] = + IEEE80211_HE_PHY_CAP1_PREAMBLE_PUNC_RX_MASK | + IEEE80211_HE_PHY_CAP1_DEVICE_CLASS_A | + IEEE80211_HE_PHY_CAP1_LDPC_CODING_IN_PAYLOAD | + IEEE80211_HE_PHY_CAP1_MIDAMBLE_RX_TX_MAX_NSTS, + .phy_cap_info[2] = + IEEE80211_HE_PHY_CAP2_NDP_4x_LTF_AND_3_2US | + IEEE80211_HE_PHY_CAP2_STBC_TX_UNDER_80MHZ | + IEEE80211_HE_PHY_CAP2_STBC_RX_UNDER_80MHZ | + IEEE80211_HE_PHY_CAP2_UL_MU_FULL_MU_MIMO | + IEEE80211_HE_PHY_CAP2_UL_MU_PARTIAL_MU_MIMO, + + /* Leave all the other PHY capability bytes + * unset, as DCM, beam forming, RU and PPE + * threshold information are not supported + */ + }, + .he_mcs_nss_supp = { + .rx_mcs_80 = cpu_to_le16(0xfffa), + .tx_mcs_80 = cpu_to_le16(0xfffa), + .rx_mcs_160 = cpu_to_le16(0xfffa), + .tx_mcs_160 = cpu_to_le16(0xfffa), + .rx_mcs_80p80 = cpu_to_le16(0xfffa), + .tx_mcs_80p80 = cpu_to_le16(0xfffa), + }, + }, + .eht_cap = { + .has_eht = true, + .eht_cap_elem = { + .mac_cap_info[0] = + IEEE80211_EHT_MAC_CAP0_NSEP_PRIO_ACCESS | + IEEE80211_EHT_MAC_CAP0_OM_CONTROL | + IEEE80211_EHT_MAC_CAP0_TRIG_TXOP_SHARING_MODE1, + .phy_cap_info[0] = + IEEE80211_EHT_PHY_CAP0_320MHZ_IN_6GHZ | + IEEE80211_EHT_PHY_CAP0_242_TONE_RU_GT20MHZ | + IEEE80211_EHT_PHY_CAP0_NDP_4_EHT_LFT_32_GI | + IEEE80211_EHT_PHY_CAP0_PARTIAL_BW_UL_MU_MIMO | + IEEE80211_EHT_PHY_CAP0_SU_BEAMFORMER | + IEEE80211_EHT_PHY_CAP0_SU_BEAMFORMEE | + IEEE80211_EHT_PHY_CAP0_BEAMFORMEE_SS_80MHZ_MASK, + .phy_cap_info[1] = + IEEE80211_EHT_PHY_CAP1_BEAMFORMEE_SS_80MHZ_MASK | + IEEE80211_EHT_PHY_CAP1_BEAMFORMEE_SS_160MHZ_MASK | + IEEE80211_EHT_PHY_CAP1_BEAMFORMEE_SS_320MHZ_MASK, + .phy_cap_info[2] = + IEEE80211_EHT_PHY_CAP2_SOUNDING_DIM_80MHZ_MASK | + IEEE80211_EHT_PHY_CAP2_SOUNDING_DIM_160MHZ_MASK | + IEEE80211_EHT_PHY_CAP2_SOUNDING_DIM_320MHZ_MASK, + .phy_cap_info[3] = + IEEE80211_EHT_PHY_CAP3_NG_16_SU_FEEDBACK | + IEEE80211_EHT_PHY_CAP3_NG_16_MU_FEEDBACK | + IEEE80211_EHT_PHY_CAP3_CODEBOOK_4_2_SU_FDBK | + IEEE80211_EHT_PHY_CAP3_CODEBOOK_7_5_MU_FDBK | + IEEE80211_EHT_PHY_CAP3_TRIG_SU_BF_FDBK | + IEEE80211_EHT_PHY_CAP3_TRIG_MU_BF_PART_BW_FDBK | + IEEE80211_EHT_PHY_CAP3_TRIG_CQI_FDBK, + .phy_cap_info[4] = + IEEE80211_EHT_PHY_CAP4_PART_BW_DL_MU_MIMO | + IEEE80211_EHT_PHY_CAP4_PSR_SR_SUPP | + IEEE80211_EHT_PHY_CAP4_POWER_BOOST_FACT_SUPP | + IEEE80211_EHT_PHY_CAP4_EHT_MU_PPDU_4_EHT_LTF_08_GI | + IEEE80211_EHT_PHY_CAP4_MAX_NC_MASK, + .phy_cap_info[5] = + IEEE80211_EHT_PHY_CAP5_NON_TRIG_CQI_FEEDBACK | + IEEE80211_EHT_PHY_CAP5_TX_LESS_242_TONE_RU_SUPP | + IEEE80211_EHT_PHY_CAP5_RX_LESS_242_TONE_RU_SUPP | + IEEE80211_EHT_PHY_CAP5_PPE_THRESHOLD_PRESENT | + IEEE80211_EHT_PHY_CAP5_COMMON_NOMINAL_PKT_PAD_MASK | + IEEE80211_EHT_PHY_CAP5_MAX_NUM_SUPP_EHT_LTF_MASK, + .phy_cap_info[6] = + IEEE80211_EHT_PHY_CAP6_MAX_NUM_SUPP_EHT_LTF_MASK | + IEEE80211_EHT_PHY_CAP6_MCS15_SUPP_MASK | + IEEE80211_EHT_PHY_CAP6_EHT_DUP_6GHZ_SUPP, + .phy_cap_info[7] = + IEEE80211_EHT_PHY_CAP7_20MHZ_STA_RX_NDP_WIDER_BW | + IEEE80211_EHT_PHY_CAP7_NON_OFDMA_UL_MU_MIMO_80MHZ | + IEEE80211_EHT_PHY_CAP7_NON_OFDMA_UL_MU_MIMO_160MHZ | + IEEE80211_EHT_PHY_CAP7_NON_OFDMA_UL_MU_MIMO_320MHZ | + IEEE80211_EHT_PHY_CAP7_MU_BEAMFORMER_80MHZ | + IEEE80211_EHT_PHY_CAP7_MU_BEAMFORMER_160MHZ | + IEEE80211_EHT_PHY_CAP7_MU_BEAMFORMER_320MHZ, + }, + + /* For all MCS and bandwidth, set 8 NSS for both Tx and + * Rx + */ + .eht_mcs_nss_supp = { + /* + * As B1 and B2 are set in the supported + * channel width set field in the HE PHY + * capabilities information field and 320MHz in + * 6GHz is supported include all the following + * MCS/NSS. + */ + .bw._80 = { + .rx_tx_mcs9_max_nss = 0x88, + .rx_tx_mcs11_max_nss = 0x88, + .rx_tx_mcs13_max_nss = 0x88, + }, + .bw._160 = { + .rx_tx_mcs9_max_nss = 0x88, + .rx_tx_mcs11_max_nss = 0x88, + .rx_tx_mcs13_max_nss = 0x88, + }, + .bw._320 = { + .rx_tx_mcs9_max_nss = 0x88, + .rx_tx_mcs11_max_nss = 0x88, + .rx_tx_mcs13_max_nss = 0x88, + }, + }, + /* PPE threshold information is not supported */ + }, + }, +#ifdef CONFIG_MAC80211_MESH + { + /* TODO: should we support other types, e.g., IBSS?*/ + .types_mask = BIT(NL80211_IFTYPE_MESH_POINT), + .he_6ghz_capa = { + .capa = cpu_to_le16(IEEE80211_HE_6GHZ_CAP_MIN_MPDU_START | + IEEE80211_HE_6GHZ_CAP_MAX_AMPDU_LEN_EXP | + IEEE80211_HE_6GHZ_CAP_MAX_MPDU_LEN | + IEEE80211_HE_6GHZ_CAP_SM_PS | + IEEE80211_HE_6GHZ_CAP_RD_RESPONDER | + IEEE80211_HE_6GHZ_CAP_TX_ANTPAT_CONS | + IEEE80211_HE_6GHZ_CAP_RX_ANTPAT_CONS), + }, + .he_cap = { + .has_he = true, + .he_cap_elem = { + .mac_cap_info[0] = + IEEE80211_HE_MAC_CAP0_HTC_HE, + .mac_cap_info[1] = + IEEE80211_HE_MAC_CAP1_MULTI_TID_AGG_RX_QOS_8, + .mac_cap_info[2] = + IEEE80211_HE_MAC_CAP2_ACK_EN, + .mac_cap_info[3] = + IEEE80211_HE_MAC_CAP3_OMI_CONTROL | + IEEE80211_HE_MAC_CAP3_MAX_AMPDU_LEN_EXP_EXT_3, + .mac_cap_info[4] = IEEE80211_HE_MAC_CAP4_AMSDU_IN_AMPDU, + .phy_cap_info[0] = + IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_80MHZ_IN_5G | + IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G | + IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G, + .phy_cap_info[1] = + IEEE80211_HE_PHY_CAP1_PREAMBLE_PUNC_RX_MASK | + IEEE80211_HE_PHY_CAP1_DEVICE_CLASS_A | + IEEE80211_HE_PHY_CAP1_LDPC_CODING_IN_PAYLOAD | + IEEE80211_HE_PHY_CAP1_MIDAMBLE_RX_TX_MAX_NSTS, + .phy_cap_info[2] = 0, + + /* Leave all the other PHY capability bytes + * unset, as DCM, beam forming, RU and PPE + * threshold information are not supported + */ + }, + .he_mcs_nss_supp = { + .rx_mcs_80 = cpu_to_le16(0xfffa), + .tx_mcs_80 = cpu_to_le16(0xfffa), + .rx_mcs_160 = cpu_to_le16(0xfffa), + .tx_mcs_160 = cpu_to_le16(0xfffa), + .rx_mcs_80p80 = cpu_to_le16(0xfffa), + .tx_mcs_80p80 = cpu_to_le16(0xfffa), + }, + }, + }, +#endif +}; + +static void mac80211_hwsim_sband_capab(struct ieee80211_supported_band *sband) { u16 n_iftype_data; if (sband->band == NL80211_BAND_2GHZ) { - n_iftype_data = ARRAY_SIZE(he_capa_2ghz); + n_iftype_data = ARRAY_SIZE(sband_capa_2ghz); sband->iftype_data = - (struct ieee80211_sband_iftype_data *)he_capa_2ghz; + (struct ieee80211_sband_iftype_data *)sband_capa_2ghz; } else if (sband->band == NL80211_BAND_5GHZ) { - n_iftype_data = ARRAY_SIZE(he_capa_5ghz); + n_iftype_data = ARRAY_SIZE(sband_capa_5ghz); + sband->iftype_data = + (struct ieee80211_sband_iftype_data *)sband_capa_5ghz; + } else if (sband->band == NL80211_BAND_6GHZ) { + n_iftype_data = ARRAY_SIZE(sband_capa_6ghz); sband->iftype_data = - (struct ieee80211_sband_iftype_data *)he_capa_5ghz; + (struct ieee80211_sband_iftype_data *)sband_capa_6ghz; } else { return; } @@ -3203,6 +3685,8 @@ hw->wiphy->n_cipher_suites = param->n_ciphers; } + data->rx_rssi = DEFAULT_RX_RSSI; + INIT_DELAYED_WORK(&data->roc_start, hw_roc_start); INIT_DELAYED_WORK(&data->roc_done, hw_roc_done); INIT_DELAYED_WORK(&data->hw_scan, hw_scan_work); @@ -3267,6 +3751,9 @@ sband->band = band; + if (!(BIT(band) & param->bands)) + continue; + switch (band) { case NL80211_BAND_2GHZ: sband->channels = data->channels_2ghz; @@ -3302,6 +3789,12 @@ sband->vht_cap.vht_mcs.tx_mcs_map = sband->vht_cap.vht_mcs.rx_mcs_map; break; + case NL80211_BAND_6GHZ: + sband->channels = data->channels_6ghz; + sband->n_channels = ARRAY_SIZE(hwsim_channels_6ghz); + sband->bitrates = data->rates + 4; + sband->n_bitrates = ARRAY_SIZE(hwsim_rates) - 4; + break; case NL80211_BAND_S1GHZ: memcpy(&sband->s1g_cap, &hwsim_s1g_cap, sizeof(sband->s1g_cap)); @@ -3312,6 +3805,7 @@ continue; } + if (band != NL80211_BAND_6GHZ){ sband->ht_cap.ht_supported = true; sband->ht_cap.cap = IEEE80211_HT_CAP_SUP_WIDTH_20_40 | IEEE80211_HT_CAP_GRN_FLD | @@ -3325,8 +3819,9 @@ sband->ht_cap.mcs.rx_mask[0] = 0xff; sband->ht_cap.mcs.rx_mask[1] = 0xff; sband->ht_cap.mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED; + } - mac80211_hwsim_he_capab(sband); + mac80211_hwsim_sband_capab(sband); hw->wiphy->bands[band] = sband; } @@ -3386,6 +3881,8 @@ debugfs_create_file("ps", 0666, data->debugfs, data, &hwsim_fops_ps); debugfs_create_file("group", 0666, data->debugfs, data, &hwsim_fops_group); + debugfs_create_file("rx_rssi", 0666, data->debugfs, data, + &hwsim_fops_rx_rssi); if (!data->use_chanctx) debugfs_create_file("dfs_simulate_radar", 0222, data->debugfs, @@ -3539,13 +4036,16 @@ static void hwsim_mon_setup(struct net_device *dev) { + u8 addr[ETH_ALEN]; + dev->netdev_ops = &hwsim_netdev_ops; dev->needs_free_netdev = true; ether_setup(dev); dev->priv_flags |= IFF_NO_QUEUE; dev->type = ARPHRD_IEEE80211_RADIOTAP; - eth_zero_addr(dev->dev_addr); - dev->dev_addr[0] = 0x12; + eth_zero_addr(addr); + addr[0] = 0x12; + eth_hw_addr_set(dev, addr); } static struct mac80211_hwsim_data *get_hwsim_data_ref_from_addr(const u8 *addr) @@ -3833,10 +4333,14 @@ param.channels = channels; param.destroy_on_close = info->attrs[HWSIM_ATTR_DESTROY_RADIO_ON_CLOSE]; + param.bands = BIT(NL80211_BAND_2GHZ) | BIT(NL80211_BAND_5GHZ); if (info->attrs[HWSIM_ATTR_CHANNELS]) param.channels = nla_get_u32(info->attrs[HWSIM_ATTR_CHANNELS]); + if (info->attrs[HWSIM_ATTR_BANDS]) + param.bands = nla_get_u8(info->attrs[HWSIM_ATTR_BANDS]); + if (param.channels < 1) { GENL_SET_ERR_MSG(info, "must have at least one channel"); return -EINVAL; @@ -3939,7 +4443,8 @@ ret = mac80211_hwsim_new_radio(info, ¶m); kfree(hwname); - return ret; + + return (ret < 0) ? ret : 0; } static int hwsim_del_radio_nl(struct sk_buff *msg, struct genl_info *info) diff -ruw linux-5.15.42/drivers/net/wireless/mac80211_hwsim.h linux-5.15.42-fbx/drivers/net/wireless/mac80211_hwsim.h --- linux-5.15.42/drivers/net/wireless/mac80211_hwsim.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/mac80211_hwsim.h 2024-04-22 14:46:55.440200681 +0200 @@ -170,6 +170,7 @@ HWSIM_ATTR_PERM_ADDR, HWSIM_ATTR_IFTYPE_SUPPORT, HWSIM_ATTR_CIPHER_SUPPORT, + HWSIM_ATTR_BANDS, __HWSIM_ATTR_MAX, }; #define HWSIM_ATTR_MAX (__HWSIM_ATTR_MAX - 1) diff -ruw linux-5.15.42/drivers/net/wireless/marvell/Kconfig linux-5.15.42-fbx/drivers/net/wireless/marvell/Kconfig --- linux-5.15.42/drivers/net/wireless/marvell/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/marvell/Kconfig 2023-03-10 17:18:24.474042758 +0100 @@ -25,4 +25,8 @@ To compile this driver as a module, choose M here: the module will be called mwl8k. If unsure, say N. +config MWL8K_NEW + tristate "Marvell 88W8xxx PCI/PCIe NEW" + depends on MAC80211 && PCI + endif # WLAN_VENDOR_MARVELL diff -ruw linux-5.15.42/drivers/net/wireless/marvell/Makefile linux-5.15.42-fbx/drivers/net/wireless/marvell/Makefile --- linux-5.15.42/drivers/net/wireless/marvell/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/marvell/Makefile 2023-03-10 17:18:24.474042758 +0100 @@ -5,3 +5,4 @@ obj-$(CONFIG_MWIFIEX) += mwifiex/ obj-$(CONFIG_MWL8K) += mwl8k.o +obj-$(CONFIG_MWL8K_NEW) += mwl8k_new/ diff -ruw linux-5.15.42/drivers/net/wireless/marvell/mwl8k.c linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k.c --- linux-5.15.42/drivers/net/wireless/marvell/mwl8k.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k.c 2024-04-22 14:46:55.456201118 +0200 @@ -24,6 +24,7 @@ #include #include #include +#include #define MWL8K_DESC "Marvell TOPDOG(R) 802.11 Wireless Network Driver" #define MWL8K_NAME KBUILD_MODNAME @@ -35,6 +36,17 @@ MODULE_PARM_DESC(ap_mode_default, "Set to 1 to make ap mode the default instead of sta mode"); +static u8 ap_base_mac_addr[18] = "00:00:00:00:00:00"; +module_param_string(base_mac_addr, ap_base_mac_addr, 18, 0); +MODULE_PARM_DESC(ap_base_mac_addr, + "Override EEPROM defined base mac address in AP mode"); + +static int mac_addr_count = -1; +module_param(mac_addr_count, int, 0); +MODULE_PARM_DESC(ap_base_mac_addr, + "Override EEPROM defined mac address count"); + + /* Register definitions */ #define MWL8K_HIU_GEN_PTR 0x00000c10 #define MWL8K_MODE_STA 0x0000005a @@ -181,6 +193,7 @@ struct mwl8k_priv { struct ieee80211_hw *hw; struct pci_dev *pdev; + struct mac_address addresses[8]; int irq; struct mwl8k_device_info *device_info; @@ -300,6 +313,9 @@ struct ieee80211_channel *acs_chan; unsigned long channel_time; struct survey_info survey[MWL8K_NUM_CHANS]; + + unsigned int last_short_preamble; + unsigned int last_basic_rates; }; #define MAX_WEP_KEY_LEN 13 @@ -327,6 +343,9 @@ /* A flag to indicate is HW crypto is enabled for this bssid */ bool is_hw_crypto_enabled; + + u32 last_beacon_crc; + unsigned int last_beacon_int; }; #define MWL8K_VIF(_vif) ((struct mwl8k_vif *)&((_vif)->drv_priv)) #define IEEE80211_KEY_CONF(_u8) ((struct ieee80211_key_conf *)(_u8)) @@ -802,6 +821,11 @@ return loops ? 0 : -ETIMEDOUT; } +static bool disable_5g = 0; +module_param(disable_5g, bool, 0); +MODULE_PARM_DESC(disable_5g, + "Set to 1 to disable 5G band usage"); + /* DMA header used by firmware and hardware. */ struct mwl8k_dma_data { @@ -1018,6 +1042,9 @@ } } + if (le16_to_cpu(rxd->htsig2) & (1 << 7)) + status->enc_flags |= RX_ENC_FLAG_SHORT_GI; + if (rxd->channel > 14) { status->band = NL80211_BAND_5GHZ; if (!(status->encoding == RX_ENC_HT) && @@ -1666,6 +1693,8 @@ */ #define RI_FORMAT(a) (a & 0x0001) +#define RI_SHORT_GI(a) (a & 0x0002) +#define RI_40MHZ(a) (a & 0x0004) #define RI_RATE_ID_MCS(a) ((a & 0x01f8) >> 3) static int @@ -1723,6 +1752,8 @@ tx_desc->pkt_len = 0; info = IEEE80211_SKB_CB(skb); + rate_info = le16_to_cpu(tx_desc->rate_info); + if (ieee80211_is_data(wh->frame_control)) { rcu_read_lock(); sta = ieee80211_find_sta_by_ifaddr(hw, wh->addr1, @@ -1730,7 +1761,6 @@ if (sta) { sta_info = MWL8K_STA(sta); BUG_ON(sta_info == NULL); - rate_info = le16_to_cpu(tx_desc->rate_info); /* If rate is < 6.5 Mpbs for an ht station * do not form an ampdu. If the station is a * legacy station (format = 0), do not form an @@ -1744,18 +1774,25 @@ } } rcu_read_unlock(); - } - - ieee80211_tx_info_clear_status(info); - /* Rate control is happening in the firmware. - * Ensure no tx rate is being reported. - */ + info->status.rates[0].idx = RI_RATE_ID_MCS(rate_info); + info->status.rates[0].flags = 0; + if (RI_FORMAT(rate_info)) + info->status.rates[0].flags |= IEEE80211_TX_RC_MCS; + if (RI_SHORT_GI(rate_info)) + info->status.rates[0].flags |= IEEE80211_TX_RC_SHORT_GI; + if (RI_40MHZ(rate_info)) + info->status.rates[0].flags |= IEEE80211_TX_RC_40_MHZ_WIDTH; + info->status.rates[1].idx = -1; + } else info->status.rates[0].idx = -1; - info->status.rates[0].count = 1; + + ieee80211_tx_info_clear_status(info); if (MWL8K_TXD_SUCCESS(status)) info->flags |= IEEE80211_TX_STAT_ACK; + if (index >= MWL8K_TX_WMM_QUEUES) + info->flags |= IEEE80211_TX_STAT_AMPDU; ieee80211_tx_status_irqsafe(hw, skb); @@ -2447,7 +2484,7 @@ mwl8k_set_ht_caps(hw, &priv->band_24, caps); } - if (caps & MWL8K_CAP_5GHZ) { + if (!disable_5g && (caps & MWL8K_CAP_5GHZ)) { mwl8k_setup_5ghz_band(hw); if (caps & MWL8K_CAP_MIMO) mwl8k_set_ht_caps(hw, &priv->band_50, caps); @@ -2521,6 +2558,20 @@ __le32 wcbbase_ampdu[MWL8K_MAX_AMPDU_QUEUES]; } __packed; +static void inc_mac(u8 *base, unsigned int count) +{ + unsigned int i; + + for (i = 0; i < count; i++) { + int j; + + for (j = 5; j >= 0; j--) { + if (++base[j] != 0) + break; + } + } +} + static int mwl8k_cmd_get_hw_spec_ap(struct ieee80211_hw *hw) { struct mwl8k_priv *priv = hw->priv; @@ -2542,6 +2593,7 @@ if (!rc) { int off; + u8 ap_base_mac[ETH_ALEN]; api_version = le32_to_cpu(cmd->fw_api_version); if (priv->device_info->fw_api_ap != api_version) { @@ -2553,7 +2605,27 @@ rc = -EINVAL; goto done; } + + if (mac_pton(ap_base_mac_addr, ap_base_mac) && + !is_zero_ether_addr(ap_base_mac)) + SET_IEEE80211_PERM_ADDR(hw, ap_base_mac); + else SET_IEEE80211_PERM_ADDR(hw, cmd->perm_addr); + + if (mac_addr_count > 0) { + unsigned int i; + + for (i = 0; i < mac_addr_count && + i < ARRAY_SIZE(priv->addresses); i++) { + memcpy(&priv->addresses[i], + hw->wiphy->perm_addr, 6); + inc_mac(priv->addresses[i].addr, i); + } + + hw->wiphy->addresses = priv->addresses; + hw->wiphy->n_addresses = i; + } + priv->num_mcaddrs = le16_to_cpu(cmd->num_mcaddrs); priv->fw_rev = le32_to_cpu(cmd->fw_rev); priv->hw_rev = cmd->hw_rev; @@ -4717,10 +4789,6 @@ } priv->irq = priv->pdev->irq; - /* Enable TX reclaim and RX tasklets. */ - tasklet_enable(&priv->poll_tx_task); - tasklet_enable(&priv->poll_rx_task); - /* Enable interrupts */ iowrite32(MWL8K_A2H_EVENTS, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK); iowrite32(MWL8K_A2H_EVENTS, @@ -4755,12 +4823,15 @@ iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK); free_irq(priv->pdev->irq, hw); priv->irq = -1; - tasklet_disable(&priv->poll_tx_task); - tasklet_disable(&priv->poll_rx_task); + tasklet_kill(&priv->poll_tx_task); + tasklet_kill(&priv->poll_rx_task); } else { ieee80211_wake_queues(hw); } + priv->last_short_preamble = ~0; + priv->last_basic_rates = ~0; + return rc; } @@ -4788,8 +4859,8 @@ dev_kfree_skb(priv->beacon_skb); /* Stop TX reclaim and RX tasklets. */ - tasklet_disable(&priv->poll_tx_task); - tasklet_disable(&priv->poll_rx_task); + tasklet_kill(&priv->poll_tx_task); + tasklet_kill(&priv->poll_rx_task); /* Return all skbs to mac80211 */ for (i = 0; i < mwl8k_tx_queues(priv); i++) @@ -4864,6 +4935,8 @@ mwl8k_vif->seqno = 0; memcpy(mwl8k_vif->bssid, vif->addr, ETH_ALEN); mwl8k_vif->is_hw_crypto_enabled = false; + mwl8k_vif->last_beacon_crc = ~0; + mwl8k_vif->last_beacon_int = ~0; /* Set the mac address. */ mwl8k_cmd_set_mac_addr(hw, vif, vif->addr); @@ -5109,19 +5182,27 @@ mwl8k_bss_info_changed_ap(struct ieee80211_hw *hw, struct ieee80211_vif *vif, struct ieee80211_bss_conf *info, u32 changed) { + struct mwl8k_priv *priv = hw->priv; + struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif); + struct sk_buff *skb; + bool update_beacon; + u32 crc; int rc; if (mwl8k_fw_lock(hw)) return; - if (changed & BSS_CHANGED_ERP_PREAMBLE) { + if ((changed & BSS_CHANGED_ERP_PREAMBLE) && + priv->last_short_preamble != vif->bss_conf.use_short_preamble) { rc = mwl8k_set_radio_preamble(hw, vif->bss_conf.use_short_preamble); if (rc) goto out; + priv->last_short_preamble = vif->bss_conf.use_short_preamble; } - if (changed & BSS_CHANGED_BASIC_RATES) { + if ((changed & BSS_CHANGED_BASIC_RATES) && + priv->last_basic_rates != vif->bss_conf.basic_rates) { int idx; int rate; @@ -5140,18 +5221,33 @@ rate = mwl8k_rates_50[idx].hw_value; mwl8k_cmd_use_fixed_rate_ap(hw, rate, rate); + priv->last_basic_rates = vif->bss_conf.basic_rates; } - if (changed & (BSS_CHANGED_BEACON_INT | BSS_CHANGED_BEACON)) { - struct sk_buff *skb; + update_beacon = false; + + if ((changed & BSS_CHANGED_BEACON_INT) && + mwl8k_vif->last_beacon_int != vif->bss_conf.beacon_int) + update_beacon = true; skb = ieee80211_beacon_get(hw, vif); - if (skb != NULL) { - mwl8k_cmd_set_beacon(hw, vif, skb->data, skb->len); - kfree_skb(skb); + crc = 0; + + if (changed & BSS_CHANGED_BEACON) { + if (skb) { + crc = crc32_le(~0, skb->data, skb->len); + if (crc != mwl8k_vif->last_beacon_crc) + update_beacon = true; } } + if (skb && update_beacon) { + mwl8k_cmd_set_beacon(hw, vif, skb->data, skb->len); + mwl8k_vif->last_beacon_crc = crc; + mwl8k_vif->last_beacon_int = vif->bss_conf.beacon_int; + } + kfree_skb(skb); + if (changed & BSS_CHANGED_BEACON_ENABLED) mwl8k_cmd_bss_start(hw, vif, info->enable_beacon); @@ -6104,8 +6200,10 @@ * Ask mac80211 to not to trigger PS mode * based on PM bit of incoming frames. */ - if (priv->ap_fw) + if (priv->ap_fw) { ieee80211_hw_set(hw, AP_LINK_PS); + ieee80211_hw_set(hw, APVLAN_NEED_MCAST_TO_UCAST); + } hw->vif_data_size = sizeof(struct mwl8k_vif); hw->sta_data_size = sizeof(struct mwl8k_sta); @@ -6126,9 +6224,7 @@ /* TX reclaim and RX tasklets. */ tasklet_setup(&priv->poll_tx_task, mwl8k_tx_poll); - tasklet_disable(&priv->poll_tx_task); tasklet_setup(&priv->poll_rx_task, mwl8k_rx_poll); - tasklet_disable(&priv->poll_rx_task); /* Power management cookie */ priv->cookie = dma_alloc_coherent(&priv->pdev->dev, 4, diff -ruw linux-5.15.42/drivers/nvmem/Kconfig linux-5.15.42-fbx/drivers/nvmem/Kconfig --- linux-5.15.42/drivers/nvmem/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/nvmem/Kconfig 2024-04-22 14:46:55.588204725 +0200 @@ -21,6 +21,9 @@ This interface is mostly used by userspace applications to read/write directly into nvmem. +config NVMEM_IGNORE_RO + bool "ignore read-only flags" + config NVMEM_IMX_IIM tristate "i.MX IC Identification Module support" depends on ARCH_MXC || COMPILE_TEST diff -ruw linux-5.15.42/drivers/nvmem/core.c linux-5.15.42-fbx/drivers/nvmem/core.c --- linux-5.15.42/drivers/nvmem/core.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/nvmem/core.c 2024-04-22 14:46:55.588204725 +0200 @@ -817,8 +817,10 @@ break; } +#ifndef CONFIG_NVMEM_IGNORE_RO nvmem->read_only = device_property_present(config->dev, "read-only") || config->read_only || !nvmem->reg_write; +#endif #ifdef CONFIG_NVMEM_SYSFS nvmem->dev.groups = nvmem_dev_groups; diff -ruw linux-5.15.42/drivers/of/Kconfig linux-5.15.42-fbx/drivers/of/Kconfig --- linux-5.15.42/drivers/of/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/of/Kconfig 2024-04-22 14:46:55.592204834 +0200 @@ -35,6 +35,11 @@ If unsure, say N here, but this option is safe to enable. +config OF_DTB_BUILTIN_LIST + string "Link given list of DTB files into kernel" + help + Specify filename without .dtb extension + config OF_FLATTREE bool select DTC @@ -94,4 +99,11 @@ # arches should select this if DMA is coherent by default for OF devices bool +config OF_CONFIGFS + bool "Device Tree Overlay ConfigFS interface" + select CONFIGFS_FS + select OF_OVERLAY + help + Enable a simple user-space driven DT overlay interface. + endif # OF diff -ruw linux-5.15.42/drivers/of/Makefile linux-5.15.42-fbx/drivers/of/Makefile --- linux-5.15.42/drivers/of/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/of/Makefile 2024-04-22 14:46:55.592204834 +0200 @@ -1,6 +1,7 @@ # SPDX-License-Identifier: GPL-2.0 obj-y = base.o device.o platform.o property.o obj-$(CONFIG_OF_KOBJ) += kobj.o +obj-$(CONFIG_OF_CONFIGFS) += configfs.o obj-$(CONFIG_OF_DYNAMIC) += dynamic.o obj-$(CONFIG_OF_FLATTREE) += fdt.o obj-$(CONFIG_OF_EARLY_FLATTREE) += fdt_address.o diff -ruw linux-5.15.42/drivers/of/fdt.c linux-5.15.42-fbx/drivers/of/fdt.c --- linux-5.15.42/drivers/of/fdt.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/of/fdt.c 2024-04-22 14:46:55.592204834 +0200 @@ -29,6 +29,7 @@ #include /* for COMMAND_LINE_SIZE */ #include +#include #include "of_private.h" @@ -791,6 +792,39 @@ return 0; } +/* + * iterate list of built-in dtb to find a compatible match + */ +const void __init *of_fdt_find_compatible_dtb(const char *name) +{ + struct fdt_header { + __be32 magic; + __be32 totalsize; + }; + const struct fdt_header *blob, *best; + unsigned int best_score = ~0; + + best = NULL; + blob = (const struct fdt_header *)__dtb_start; + while ((void *)blob < (void *)__dtb_end && + (be32_to_cpu(blob->magic) == OF_DT_HEADER)) { + unsigned int score; + u32 size; + + score = of_fdt_is_compatible(blob, 0, name); + if (score > 0 && score < best_score) { + best = blob; + best_score = score; + } + + size = be32_to_cpu(blob->totalsize); + blob = (const struct fdt_header *) + PTR_ALIGN((void *)blob + size, STRUCT_ALIGNMENT); + } + + return best; +} + /** * of_flat_dt_is_compatible - Return true if given node has compat in compatible list * @node: node to test @@ -1136,6 +1170,40 @@ return 0; } +#ifdef CONFIG_RANDOM_OF +/* + * get random seed area from device tree, and reserve it early enough + * so that it remains untouched until we can properly add it to the + * entropy pool. + */ +extern u64 random_seed_start; +extern u64 random_seed_size; + +static void __init early_init_dt_handle_random_seed(unsigned long node) +{ + const __be32 *prop; + int len; + + prop = of_get_flat_dt_prop(node, "fbx,random-seed", &len); + if (!prop) + return; + + if (len != 16) { + pr_err("bad fbx,random-seed size %d vs %d!\n", 16, len); + return ; + } + + random_seed_start = dt_mem_next_cell(2, &prop); + random_seed_size = dt_mem_next_cell(2, &prop); + + memblock_reserve(random_seed_start, random_seed_size); +} +#else +static inline void early_init_dt_handle_random_seed(unsigned long node) +{ +} +#endif + int __init early_init_dt_scan_chosen(unsigned long node, const char *uname, int depth, void *data) { @@ -1191,6 +1259,8 @@ fdt_totalsize(initial_boot_params)); } + early_init_dt_handle_random_seed(node); + /* break now */ return 1; } diff -ruw linux-5.15.42/drivers/of/overlay.c linux-5.15.42-fbx/drivers/of/overlay.c --- linux-5.15.42/drivers/of/overlay.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/of/overlay.c 2024-04-22 14:46:55.592204834 +0200 @@ -362,7 +362,7 @@ } if (!of_node_check_flag(target->np, OF_OVERLAY)) - pr_err("WARNING: memory leak will occur if overlay removed, property: %pOF/%s\n", + pr_debug("WARNING: memory leak will occur if overlay removed, property: %pOF/%s\n", target->np, new_prop->name); if (ret) { diff -ruw linux-5.15.42/drivers/pci/controller/Kconfig linux-5.15.42-fbx/drivers/pci/controller/Kconfig --- linux-5.15.42/drivers/pci/controller/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/pci/controller/Kconfig 2024-04-22 14:46:55.604205162 +0200 @@ -253,6 +253,13 @@ Say Y here if you want to enable Gen3 PCIe controller support on MediaTek SoCs. +config PCIE_BCM63XX + tristate "BCM63XX SoCs PCIe endpoint driver." + depends on ARCH_BCM63XX || COMPILE_TEST + depends on OF + depends on PCI_MSI_IRQ_DOMAIN + select PCI_MSI_ARCH_FALLBACKS + config VMD depends on PCI_MSI && X86_64 && SRCU tristate "Intel Volume Management Device Driver" diff -ruw linux-5.15.42/drivers/pci/controller/Makefile linux-5.15.42-fbx/drivers/pci/controller/Makefile --- linux-5.15.42/drivers/pci/controller/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/pci/controller/Makefile 2024-04-22 14:46:55.604205162 +0200 @@ -33,6 +33,7 @@ obj-$(CONFIG_PCIE_MEDIATEK) += pcie-mediatek.o obj-$(CONFIG_PCIE_MEDIATEK_GEN3) += pcie-mediatek-gen3.o obj-$(CONFIG_PCIE_MICROCHIP_HOST) += pcie-microchip-host.o +obj-$(CONFIG_PCIE_BCM63XX) += pcie-bcm63xx.o obj-$(CONFIG_VMD) += vmd.o obj-$(CONFIG_PCIE_BRCMSTB) += pcie-brcmstb.o obj-$(CONFIG_PCI_LOONGSON) += pci-loongson.o diff -ruw linux-5.15.42/drivers/pci/controller/pci-mvebu.c linux-5.15.42-fbx/drivers/pci/controller/pci-mvebu.c --- linux-5.15.42/drivers/pci/controller/pci-mvebu.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/pci/controller/pci-mvebu.c 2024-04-22 14:46:55.616205490 +0200 @@ -73,6 +73,7 @@ struct mvebu_pcie { struct platform_device *pdev; struct mvebu_pcie_port *ports; + struct gpio_descs *reset_gpios; struct resource io; struct resource realio; struct resource mem; @@ -98,8 +99,6 @@ unsigned int io_target; unsigned int io_attr; struct clk *clk; - struct gpio_desc *reset_gpio; - char *reset_name; struct pci_bridge_emul bridge; struct device_node *dn; struct mvebu_pcie *pcie; @@ -904,8 +903,7 @@ struct mvebu_pcie_port *port, struct device_node *child) { struct device *dev = &pcie->pdev->dev; - enum of_gpio_flags flags; - int reset_gpio, ret; + int ret; port->pcie = pcie; @@ -945,42 +943,6 @@ port->io_attr = -1; } - reset_gpio = of_get_named_gpio_flags(child, "reset-gpios", 0, &flags); - if (reset_gpio == -EPROBE_DEFER) { - ret = reset_gpio; - goto err; - } - - if (gpio_is_valid(reset_gpio)) { - unsigned long gpio_flags; - - port->reset_name = devm_kasprintf(dev, GFP_KERNEL, "%s-reset", - port->name); - if (!port->reset_name) { - ret = -ENOMEM; - goto err; - } - - if (flags & OF_GPIO_ACTIVE_LOW) { - dev_info(dev, "%pOF: reset gpio is active low\n", - child); - gpio_flags = GPIOF_ACTIVE_LOW | - GPIOF_OUT_INIT_LOW; - } else { - gpio_flags = GPIOF_OUT_INIT_HIGH; - } - - ret = devm_gpio_request_one(dev, reset_gpio, gpio_flags, - port->reset_name); - if (ret) { - if (ret == -EPROBE_DEFER) - goto err; - goto skip; - } - - port->reset_gpio = gpio_to_desc(reset_gpio); - } - port->clk = of_clk_get_by_name(child, NULL); if (IS_ERR(port->clk)) { dev_err(dev, "%s: cannot get clock\n", port->name); @@ -999,8 +961,6 @@ ret = 0; /* In the case of skipping, we need to free these */ - devm_kfree(dev, port->reset_name); - port->reset_name = NULL; devm_kfree(dev, port->name); port->name = NULL; @@ -1009,41 +969,11 @@ } /* - * Power up a PCIe port. PCIe requires the refclk to be stable for 100µs - * prior to releasing PERST. See table 2-4 in section 2.6.2 AC Specifications - * of the PCI Express Card Electromechanical Specification, 1.1. - */ -static int mvebu_pcie_powerup(struct mvebu_pcie_port *port) -{ - int ret; - - ret = clk_prepare_enable(port->clk); - if (ret < 0) - return ret; - - if (port->reset_gpio) { - u32 reset_udelay = PCI_PM_D3COLD_WAIT * 1000; - - of_property_read_u32(port->dn, "reset-delay-us", - &reset_udelay); - - udelay(100); - - gpiod_set_value_cansleep(port->reset_gpio, 0); - msleep(reset_udelay / 1000); - } - - return 0; -} - -/* * Power down a PCIe port. Strictly, PCIe requires us to place the card * in D3hot state before asserting PERST#. */ static void mvebu_pcie_powerdown(struct mvebu_pcie_port *port) { - gpiod_set_value_cansleep(port->reset_gpio, 1); - clk_disable_unprepare(port->clk); } @@ -1139,6 +1069,88 @@ return 0; } +#include + +struct mvebu_pcie *gpcie; + +static void pcie_reset_set(int idx, int value) +{ + struct mvebu_pcie *pcie = gpcie; + struct gpio_descs *reset_gpios; + int i; + + if (!pcie) { + printk("NOTHING TO RESET\n"); + return; + } + + if (!pcie->reset_gpios) + return; + + reset_gpios = pcie->reset_gpios; + + printk("pcie_reset_set: idx:%d value:%d\n", idx, value); + + if (idx > reset_gpios->ndescs) { + printk("gpio index %d is too high\n", idx); + return; + } + + gpiod_set_value(reset_gpios->desc[idx], value); + msleep(100); + + for (i = 0; i < pcie->nports; i++) { + struct mvebu_pcie_port *port = &pcie->ports[i]; + + if (!mvebu_pcie_link_up(port)) + dev_warn(&port->pcie->pdev->dev, + "%s: PCIe link is DOWN", port->name); + else + dev_info(&port->pcie->pdev->dev, + "%s: PCIe link is UP", port->name); + } + + //fbxgw_pcie_retrain_link(pex_priv); +} + +static ssize_t pcie0_write(struct file *file, + const char __user *data, + size_t count, loff_t *ppos) +{ + char v; + + v = 0; + copy_from_user(&v, data, 1); + if (v != '0' && v != '1') + return -EINVAL; + pcie_reset_set(0, v - '0'); + return count; +} + +static ssize_t pcie1_write(struct file *file, + const char __user *data, + size_t count, loff_t *ppos) +{ + char v; + + v = 0; + copy_from_user(&v, data, 1); + if (v != '0' && v != '1') + return -EINVAL; + pcie_reset_set(1, v - '0'); + return count; +} + +static const struct file_operations pcie0_fops = { + .write = pcie0_write, +}; + +static const struct file_operations pcie1_fops = { + .write = pcie1_write, +}; + +static struct dentry *pcie_debugfs; + static int mvebu_pcie_probe(struct platform_device *pdev) { struct device *dev = &pdev->dev; @@ -1160,6 +1172,16 @@ if (ret) return ret; + /* get reset gpios */ + pcie->reset_gpios = devm_gpiod_get_array_optional(dev, + "reset", + GPIOD_OUT_HIGH); + if (IS_ERR(pcie->reset_gpios)) { + ret = PTR_ERR(pcie->reset_gpios); + dev_err(dev, "failed to parse reset-gpios property: %d\n", ret); + return ret; + } + num = of_get_available_child_count(np); pcie->ports = devm_kcalloc(dev, num, sizeof(*pcie->ports), GFP_KERNEL); @@ -1190,8 +1212,37 @@ if (!child) continue; - ret = mvebu_pcie_powerup(port); + ret = clk_prepare_enable(port->clk); if (ret < 0) + return ret; + } + + /* + * Power up a PCIe port. PCIe requires the refclk to be stable for 100µs + * prior to releasing PERST. See table 2-4 in section 2.6.2 AC Specifications + * of the PCI Express Card Electromechanical Specification, 1.1. + */ + if (pcie->reset_gpios) { + struct gpio_descs *reset_gpios = pcie->reset_gpios; + u32 reset_udelay = PCI_PM_D3COLD_WAIT * 1000; + unsigned int i; + + udelay(100); + + dev_info(dev, "using %u gpio(s) to reset bus", + reset_gpios->ndescs); + + for (i = 0; i < reset_gpios->ndescs; i++) + gpiod_set_value(reset_gpios->desc[i], 0); + + msleep(reset_udelay / 1000); + } + + for (i = 0; i < pcie->nports; i++) { + struct mvebu_pcie_port *port = &pcie->ports[i]; + + child = port->dn; + if (!child) continue; port->base = mvebu_pcie_map_registers(pdev, child, port); @@ -1202,6 +1253,13 @@ continue; } + if (!mvebu_pcie_link_up(port)) + dev_warn(&port->pcie->pdev->dev, + "%s: PCIe link is DOWN", port->name); + else + dev_info(&port->pcie->pdev->dev, + "%s: PCIe link is UP", port->name); + ret = mvebu_pci_bridge_emul_init(port); if (ret < 0) { dev_err(dev, "%s: cannot init emulated bridge\n", @@ -1298,6 +1356,13 @@ bridge->ops = &mvebu_pcie_ops; bridge->align_resource = mvebu_pcie_align_resource; + gpcie = pcie; + pcie_debugfs = debugfs_create_dir("freebox", NULL); + debugfs_create_file("reset_pci0", S_IWUSR, pcie_debugfs, + NULL, &pcie0_fops); + debugfs_create_file("reset_pci1", S_IWUSR, pcie_debugfs, + NULL, &pcie1_fops); + return mvebu_pci_host_probe(bridge); } diff -ruw linux-5.15.42/drivers/pci/quirks.c linux-5.15.42-fbx/drivers/pci/quirks.c --- linux-5.15.42/drivers/pci/quirks.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/pci/quirks.c 2024-04-22 14:46:55.640206145 +0200 @@ -3125,6 +3125,8 @@ dev->is_hotplug_bridge = 1; } DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_HINT, 0x0020, quirk_hotplug_bridge); +DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_PERICOM, PCI_DEVICE_ID_PI7C9X20303SL, + quirk_hotplug_bridge); /* * This is a quirk for the Ricoh MMC controller found as a part of some diff -ruw linux-5.15.42/drivers/phy/Kconfig linux-5.15.42-fbx/drivers/phy/Kconfig --- linux-5.15.42/drivers/phy/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/phy/Kconfig 2024-04-22 14:46:55.656206583 +0200 @@ -70,6 +70,10 @@ functional modes using gpios and sets the attribute max link rate, for CAN drivers. +config XDSL_PHY_API + tristate "xDSL PHY API" + select GENERIC_PHY + source "drivers/phy/allwinner/Kconfig" source "drivers/phy/amlogic/Kconfig" source "drivers/phy/broadcom/Kconfig" diff -ruw linux-5.15.42/drivers/phy/Makefile linux-5.15.42-fbx/drivers/phy/Makefile --- linux-5.15.42/drivers/phy/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/phy/Makefile 2024-04-22 14:46:55.656206583 +0200 @@ -10,6 +10,8 @@ obj-$(CONFIG_PHY_XGENE) += phy-xgene.o obj-$(CONFIG_PHY_PISTACHIO_USB) += phy-pistachio-usb.o obj-$(CONFIG_USB_LGM_PHY) += phy-lgm-usb.o +obj-$(CONFIG_XDSL_PHY_API) += xdsl_phy_api.o + obj-y += allwinner/ \ amlogic/ \ broadcom/ \ diff -ruw linux-5.15.42/drivers/phy/broadcom/Kconfig linux-5.15.42-fbx/drivers/phy/broadcom/Kconfig --- linux-5.15.42/drivers/phy/broadcom/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/phy/broadcom/Kconfig 2024-04-22 14:46:55.660206692 +0200 @@ -37,6 +37,11 @@ help Enable this to support the Broadcom Kona USB 2.0 PHY. +config PHY_BRCM_USB_63138 + tristate "Broadcom 63138 USB 2.0/3.0 PHY Driver" + depends on ARCH_BCM_63XX || COMPILE_TEST + select GENERIC_PHY + config PHY_BCM_NS_USB2 tristate "Broadcom Northstar USB 2.0 PHY Driver" depends on ARCH_BCM_IPROC || COMPILE_TEST diff -ruw linux-5.15.42/drivers/phy/broadcom/Makefile linux-5.15.42-fbx/drivers/phy/broadcom/Makefile --- linux-5.15.42/drivers/phy/broadcom/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/phy/broadcom/Makefile 2023-03-09 15:06:11.376234546 +0100 @@ -1,6 +1,7 @@ # SPDX-License-Identifier: GPL-2.0 obj-$(CONFIG_PHY_BCM63XX_USBH) += phy-bcm63xx-usbh.o obj-$(CONFIG_PHY_CYGNUS_PCIE) += phy-bcm-cygnus-pcie.o +obj-$(CONFIG_PHY_BRCM_USB_63138) += phy-brcm-usb-63138.o obj-$(CONFIG_BCM_KONA_USB2_PHY) += phy-bcm-kona-usb2.o obj-$(CONFIG_PHY_BCM_NS_USB2) += phy-bcm-ns-usb2.o obj-$(CONFIG_PHY_BCM_NS_USB3) += phy-bcm-ns-usb3.o diff -ruw linux-5.15.42/drivers/phy/marvell/Kconfig linux-5.15.42-fbx/drivers/phy/marvell/Kconfig --- linux-5.15.42/drivers/phy/marvell/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/phy/marvell/Kconfig 2023-03-09 15:22:14.035699334 +0100 @@ -136,3 +136,11 @@ components on MMP3-based boards. To compile this driver as a module, choose M here. + +config PHY_UTMI_CP110 + bool "Marvell CP110 UTMI PHY Driver" + depends on ARCH_MVEBU + depends on OF + help + Enable this to support Marvell USB2.0 PHY driver for Marvell + CP110-based SoCs (A7K and A8K). diff -ruw linux-5.15.42/drivers/phy/marvell/Makefile linux-5.15.42-fbx/drivers/phy/marvell/Makefile --- linux-5.15.42/drivers/phy/marvell/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/phy/marvell/Makefile 2023-03-09 15:22:14.035699334 +0100 @@ -13,3 +13,4 @@ obj-$(CONFIG_PHY_PXA_28NM_HSIC) += phy-pxa-28nm-hsic.o obj-$(CONFIG_PHY_PXA_28NM_USB2) += phy-pxa-28nm-usb2.o obj-$(CONFIG_PHY_PXA_USB) += phy-pxa-usb.o +obj-$(CONFIG_PHY_UTMI_CP110) += phy-utmi-cp110.o diff -ruw linux-5.15.42/drivers/pinctrl/bcm/Kconfig linux-5.15.42-fbx/drivers/pinctrl/bcm/Kconfig --- linux-5.15.42/drivers/pinctrl/bcm/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/pinctrl/bcm/Kconfig 2024-04-22 14:46:55.684207348 +0200 @@ -38,6 +38,15 @@ select REGMAP select GPIO_REGMAP +config PINCTRL_BCM63138 + bool "Broadcom 63138 pinmux driver" + depends on OF && (ARCH_BCM_63XX || ARCH_BCM63XX || COMPILE_TEST) + default ARCH_BCM_63XX + select PINMUX + select PINCONF + select GENERIC_PINCONF + select GPIOLIB + config PINCTRL_BCM6318 bool "Broadcom BCM6318 GPIO driver" depends on (BMIPS_GENERIC || COMPILE_TEST) diff -ruw linux-5.15.42/drivers/pinctrl/bcm/Makefile linux-5.15.42-fbx/drivers/pinctrl/bcm/Makefile --- linux-5.15.42/drivers/pinctrl/bcm/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/pinctrl/bcm/Makefile 2024-04-22 14:46:55.684207348 +0200 @@ -10,6 +10,7 @@ obj-$(CONFIG_PINCTRL_BCM6362) += pinctrl-bcm6362.o obj-$(CONFIG_PINCTRL_BCM6368) += pinctrl-bcm6368.o obj-$(CONFIG_PINCTRL_BCM63268) += pinctrl-bcm63268.o +obj-$(CONFIG_PINCTRL_BCM63138) += pinctrl-bcm63138.o obj-$(CONFIG_PINCTRL_IPROC_GPIO) += pinctrl-iproc-gpio.o obj-$(CONFIG_PINCTRL_CYGNUS_MUX) += pinctrl-cygnus-mux.o obj-$(CONFIG_PINCTRL_NS) += pinctrl-ns.o diff -ruw linux-5.15.42/drivers/platform/Kconfig linux-5.15.42-fbx/drivers/platform/Kconfig --- linux-5.15.42/drivers/platform/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/platform/Kconfig 2024-04-22 14:46:55.776209861 +0200 @@ -15,3 +15,9 @@ source "drivers/platform/olpc/Kconfig" source "drivers/platform/surface/Kconfig" + +if X86_INTEL_CE +source "drivers/platform/intelce/Kconfig" +endif + +source "drivers/platform/fbxgw7r/Kconfig" diff -ruw linux-5.15.42/drivers/platform/Makefile linux-5.15.42-fbx/drivers/platform/Makefile --- linux-5.15.42/drivers/platform/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/platform/Makefile 2024-04-22 14:46:55.776209861 +0200 @@ -10,3 +10,5 @@ obj-$(CONFIG_GOLDFISH) += goldfish/ obj-$(CONFIG_CHROME_PLATFORMS) += chrome/ obj-$(CONFIG_SURFACE_PLATFORMS) += surface/ +obj-$(CONFIG_X86_INTEL_CE) += intelce/ +obj-$(CONFIG_FBXGW7R_PLATFORM) += fbxgw7r/ diff -ruw linux-5.15.42/drivers/soc/bcm/Makefile linux-5.15.42-fbx/drivers/soc/bcm/Makefile --- linux-5.15.42/drivers/soc/bcm/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/soc/bcm/Makefile 2024-04-22 14:46:56.204221555 +0200 @@ -3,3 +3,4 @@ obj-$(CONFIG_RASPBERRYPI_POWER) += raspberrypi-power.o obj-y += bcm63xx/ obj-$(CONFIG_SOC_BRCMSTB) += brcmstb/ +obj-$(CONFIG_SOC_BCM63XX) += bcm63xx/ diff -ruw linux-5.15.42/drivers/soc/bcm/bcm63xx/Kconfig linux-5.15.42-fbx/drivers/soc/bcm/bcm63xx/Kconfig --- linux-5.15.42/drivers/soc/bcm/bcm63xx/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/soc/bcm/bcm63xx/Kconfig 2024-04-22 14:46:56.208221664 +0200 @@ -1,4 +1,34 @@ # SPDX-License-Identifier: GPL-2.0-only + +config SOC_BCM63XX + bool "Broadcom 63xx SoC drivers" + depends on ARCH_BCM_63XX || ARM64 || COMPILE_TEST + select RESET_CONTROLLER + help + Enables drivers for the Broadcom 63XX series of chips. + This option alone enables only some support code, while the drivers + can be enabled individually within this menu. + + If unsure, say N. + +config UBUS4_BCM63158 + bool "Broadcom 63158 UBUS4 driver" + depends on SOC_BCM63XX || COMPILE_TEST + +config PROCMON_BCM63158 + bool "Broadcom 63158 PROCMON driver" + depends on SOC_BCM63XX || COMPILE_TEST + +config SOC_BCM63XX_RDP + bool "rdp subsystem" + depends on SOC_BCM63XX || COMPILE_TEST + +config SOC_BCM63XX_XRDP + tristate "xrdp subsystem" + depends on SOC_BCM63XX || COMPILE_TEST + select UBUS4_BCM63158 + + if SOC_BCM63XX config BCM63XX_POWER @@ -19,3 +49,11 @@ help This enables support for the Broadcom's PMB (Power Management Bus) that is used for disabling and enabling SoC devices. + +config SOC_BCM63XX_XRDP_IOCTL + bool "ioctl interface" + depends on SOC_BCM63XX_XRDP + +config SOC_MEMC_BCM63158 + tristate "Broadcom 63158 MEMC driver" + depends on SOC_BCM63XX || COMPILE_TEST diff -ruw linux-5.15.42/drivers/soc/bcm/bcm63xx/Makefile linux-5.15.42-fbx/drivers/soc/bcm/bcm63xx/Makefile --- linux-5.15.42/drivers/soc/bcm/bcm63xx/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/soc/bcm/bcm63xx/Makefile 2024-04-22 14:46:56.208221664 +0200 @@ -1,3 +1,10 @@ # SPDX-License-Identifier: GPL-2.0-only obj-$(CONFIG_BCM63XX_POWER) += bcm63xx-power.o obj-$(CONFIG_BCM_PMB) += bcm-pmb.o + +obj-$(CONFIG_SOC_BCM63XX) += pmc.o +obj-$(CONFIG_SOC_BCM63XX_RDP) += rdp/ +obj-$(CONFIG_SOC_BCM63XX_XRDP) += xrdp/ +obj-$(CONFIG_UBUS4_BCM63158) += ubus4-bcm63158.o +obj-$(CONFIG_PROCMON_BCM63158) += procmon-bcm63158.o +obj-$(CONFIG_SOC_MEMC_BCM63158) += memc-bcm63158.o diff -ruw linux-5.15.42/drivers/spi/Kconfig linux-5.15.42-fbx/drivers/spi/Kconfig --- linux-5.15.42/drivers/spi/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/spi/Kconfig 2024-04-22 14:46:56.236222429 +0200 @@ -172,7 +172,7 @@ config SPI_BCM63XX_HSSPI tristate "Broadcom BCM63XX HS SPI controller driver" - depends on BCM63XX || BMIPS_GENERIC || ARCH_BCM_63XX || COMPILE_TEST + depends on BCM63XX || BMIPS_GENERIC || ARCH_BCM63XX || ARCH_BCM_63XX || COMPILE_TEST help This enables support for the High Speed SPI controller present on newer Broadcom BCM63XX SoCs. @@ -635,6 +635,12 @@ help This selects a driver for the PPC4xx SPI Controller. +config SPI_TDM_ORION + tristate "Orion TDM SPI master" + depends on PLAT_ORION + help + This enables using the TDM SPI master controller on the Orion chips. + config SPI_PXA2XX tristate "PXA2xx SSP SPI master" depends on ARCH_PXA || ARCH_MMP || PCI || ACPI || COMPILE_TEST diff -ruw linux-5.15.42/drivers/spi/Makefile linux-5.15.42-fbx/drivers/spi/Makefile --- linux-5.15.42/drivers/spi/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/spi/Makefile 2024-04-22 14:46:56.236222429 +0200 @@ -86,6 +86,7 @@ obj-$(CONFIG_SPI_ORION) += spi-orion.o obj-$(CONFIG_SPI_PIC32) += spi-pic32.o obj-$(CONFIG_SPI_PIC32_SQI) += spi-pic32-sqi.o +obj-$(CONFIG_SPI_TDM_ORION) += orion_tdm_spi.o obj-$(CONFIG_SPI_PL022) += spi-pl022.o obj-$(CONFIG_SPI_PPC4xx) += spi-ppc4xx.o spi-pxa2xx-platform-objs := spi-pxa2xx.o spi-pxa2xx-dma.o diff -ruw linux-5.15.42/drivers/spi/spi-orion.c linux-5.15.42-fbx/drivers/spi/spi-orion.c --- linux-5.15.42/drivers/spi/spi-orion.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/spi/spi-orion.c 2024-04-22 14:46:56.256222976 +0200 @@ -46,6 +46,9 @@ /* Register for the "Direct Mode" */ #define SPI_DIRECT_WRITE_CONFIG_REG 0x20 +/* per-CS register parameters */ +#define SPI_CSN_TIMING_PARM_REGS(n) (0x30 + 4 * (n)) + #define ORION_SPI_TMISO_SAMPLE_MASK (0x3 << 6) #define ORION_SPI_TMISO_SAMPLE_1 (1 << 6) #define ORION_SPI_TMISO_SAMPLE_2 (2 << 6) @@ -735,6 +738,25 @@ goto out_rel_axi_clk; } + /* + * on A8K (using a380 compatible) and A380, there are per-CS + * timing parameters registers, which may be used and left + * active by the bootloader. + * + * This drivers uses the global timing parameter register(s) + * and interface configuration register, and could silently + * fallback to previously configured per-CS timing parameters, + * unless those registers are cleared beforehand. + */ + if (of_device_is_compatible(pdev->dev.of_node, + "marvell,armada-380-spi")) { + int cs; + + for (cs = 0; cs < 8; ++cs) + writel(0x0, spi->base + SPI_CSN_TIMING_PARM_REGS(cs)); + + } + for_each_available_child_of_node(pdev->dev.of_node, np) { struct orion_direct_acc *dir_acc; u32 cs; diff -ruw linux-5.15.42/drivers/thermal/thermal_core.c linux-5.15.42-fbx/drivers/thermal/thermal_core.c --- linux-5.15.42/drivers/thermal/thermal_core.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/thermal/thermal_core.c 2024-04-22 14:46:56.528230407 +0200 @@ -868,6 +868,7 @@ /** * __thermal_cooling_device_register() - register a new thermal cooling device + * @dev: parent device * @np: a pointer to a device tree node. * @type: the thermal cooling device type. * @devdata: device private data. @@ -883,7 +884,7 @@ * ERR_PTR. Caller must check return value with IS_ERR*() helpers. */ static struct thermal_cooling_device * -__thermal_cooling_device_register(struct device_node *np, +__thermal_cooling_device_register(struct device *pdev, struct device_node *np, const char *type, void *devdata, const struct thermal_cooling_device_ops *ops) { @@ -923,6 +924,7 @@ cdev->device.class = &thermal_class; cdev->devdata = devdata; thermal_cooling_device_setup_sysfs(cdev); + cdev->device.parent = pdev; ret = device_register(&cdev->device); if (ret) goto out_kfree_type; @@ -972,11 +974,30 @@ thermal_cooling_device_register(const char *type, void *devdata, const struct thermal_cooling_device_ops *ops) { - return __thermal_cooling_device_register(NULL, type, devdata, ops); + return __thermal_cooling_device_register(NULL, NULL, type, devdata, ops); } EXPORT_SYMBOL_GPL(thermal_cooling_device_register); /** + * thermal_cooling_device_register_with_parent() - register a new thermal cooling device + * @pdev: parent device + * @type: the thermal cooling device type. + * @devdata: device private data. + * @ops: standard thermal cooling devices callbacks. + * + * Same as thermal_cooling_device_register but take also the parent device. + * Then, hwpath will include the parent device to uniquely identify this device + */ +struct thermal_cooling_device * +thermal_cooling_device_register_with_parent(struct device *pdev, + const char *type, void *devdata, + const struct thermal_cooling_device_ops *ops) +{ + return __thermal_cooling_device_register(pdev, NULL, type, devdata, ops); +} +EXPORT_SYMBOL_GPL(thermal_cooling_device_register_with_parent); + +/** * thermal_of_cooling_device_register() - register an OF thermal cooling device * @np: a pointer to a device tree node. * @type: the thermal cooling device type. @@ -996,7 +1017,7 @@ const char *type, void *devdata, const struct thermal_cooling_device_ops *ops) { - return __thermal_cooling_device_register(np, type, devdata, ops); + return __thermal_cooling_device_register(NULL, np, type, devdata, ops); } EXPORT_SYMBOL_GPL(thermal_of_cooling_device_register); @@ -1036,7 +1057,7 @@ if (!ptr) return ERR_PTR(-ENOMEM); - tcd = __thermal_cooling_device_register(np, type, devdata, ops); + tcd = __thermal_cooling_device_register(NULL, np, type, devdata, ops); if (IS_ERR(tcd)) { devres_free(ptr); return tcd; diff -ruw linux-5.15.42/drivers/tty/serial/Kconfig linux-5.15.42-fbx/drivers/tty/serial/Kconfig --- linux-5.15.42/drivers/tty/serial/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/tty/serial/Kconfig 2024-04-22 14:46:56.556231172 +0200 @@ -1098,7 +1098,6 @@ config SERIAL_BCM63XX tristate "Broadcom BCM63xx/BCM33xx UART support" select SERIAL_CORE - depends on COMMON_CLK help This enables the driver for the onchip UART core found on the following chipsets: @@ -1108,6 +1107,11 @@ BCM68xx (PON) BCM7xxx (STB) - DOCSIS console +config SERIAL_BCM63XX_HS + tristate "Broadcom BCM63xx HS UART support" + select SERIAL_CORE + depends on ARCH_BCM63XX || COMPILE_TEST + config SERIAL_BCM63XX_CONSOLE bool "Console on BCM63xx serial port" depends on SERIAL_BCM63XX=y diff -ruw linux-5.15.42/drivers/tty/serial/Makefile linux-5.15.42-fbx/drivers/tty/serial/Makefile --- linux-5.15.42/drivers/tty/serial/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/tty/serial/Makefile 2024-04-22 14:46:56.556231172 +0200 @@ -30,6 +30,7 @@ obj-$(CONFIG_SERIAL_SA1100) += sa1100.o obj-$(CONFIG_SERIAL_BCM63XX) += bcm63xx_uart.o obj-$(CONFIG_SERIAL_SAMSUNG) += samsung_tty.o +obj-$(CONFIG_SERIAL_BCM63XX_HS) += bcm63xx-hs-uart.o obj-$(CONFIG_SERIAL_MAX3100) += max3100.o obj-$(CONFIG_SERIAL_MAX310X) += max310x.o obj-$(CONFIG_SERIAL_IP22_ZILOG) += ip22zilog.o diff -ruw linux-5.15.42/drivers/usb/host/Kconfig linux-5.15.42-fbx/drivers/usb/host/Kconfig --- linux-5.15.42/drivers/usb/host/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/usb/host/Kconfig 2024-04-22 14:46:56.656233904 +0200 @@ -79,13 +79,13 @@ If unsure, say N. config USB_XHCI_MVEBU - tristate "xHCI support for Marvell Armada 375/38x/37xx" + tristate "xHCI support for Marvell Armada 375/38x/37xx/70x0/80x0" select USB_XHCI_PLATFORM depends on HAS_IOMEM depends on ARCH_MVEBU || COMPILE_TEST help Say 'Y' to enable the support for the xHCI host controller - found in Marvell Armada 375/38x/37xx ARM SOCs. + found in Marvell Armada 375/38x/37xx/70x0/80x0 ARM SOCs. config USB_XHCI_RCAR tristate "xHCI support for Renesas R-Car SoCs" @@ -742,6 +742,10 @@ If unsure, say N. +config USB_BCM63158 + tristate "Broadcom BCM63158 SoC USB host driver" + depends on ARCH_BCM63XX || COMPILE_TEST + config USB_HCD_SSB tristate "SSB usb host driver" depends on SSB diff -ruw linux-5.15.42/drivers/usb/host/Makefile linux-5.15.42-fbx/drivers/usb/host/Makefile --- linux-5.15.42/drivers/usb/host/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/usb/host/Makefile 2024-04-22 14:46:56.656233904 +0200 @@ -85,3 +85,4 @@ obj-$(CONFIG_USB_HCD_SSB) += ssb-hcd.o obj-$(CONFIG_USB_FOTG210_HCD) += fotg210-hcd.o obj-$(CONFIG_USB_MAX3421_HCD) += max3421-hcd.o +obj-$(CONFIG_USB_BCM63158) += usb-bcm63158.o diff -ruw linux-5.15.42/drivers/usb/host/ehci-orion.c linux-5.15.42-fbx/drivers/usb/host/ehci-orion.c --- linux-5.15.42/drivers/usb/host/ehci-orion.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/usb/host/ehci-orion.c 2024-04-22 14:46:56.660234014 +0200 @@ -19,6 +19,7 @@ #include #include #include +#include #include "ehci.h" @@ -57,11 +58,13 @@ | USB_SBUSCFG_AHBBRST_INCR16) #define DRIVER_DESC "EHCI orion driver" +#define EHCI_MAX_RSTS 4 #define hcd_to_orion_priv(h) ((struct orion_ehci_hcd *)hcd_to_ehci(h)->priv) struct orion_ehci_hcd { struct clk *clk; + struct reset_control *rsts[EHCI_MAX_RSTS]; struct phy *phy; }; @@ -212,7 +215,7 @@ struct usb_hcd *hcd; struct ehci_hcd *ehci; void __iomem *regs; - int irq, err; + int irq, err, rst; enum orion_ehci_phy_ver phy_version; struct orion_ehci_hcd *priv; @@ -270,6 +273,22 @@ goto err_put_hcd; } + for (rst = 0; rst < EHCI_MAX_RSTS; rst++) { + priv->rsts[rst] = devm_reset_control_get_shared_by_index( + &pdev->dev, rst); + if (IS_ERR(priv->rsts[rst])) { + err = PTR_ERR(priv->rsts[rst]); + if (err == -EPROBE_DEFER) + goto err; + priv->rsts[rst] = NULL; + break; + } + + err = reset_control_deassert(priv->rsts[rst]); + if (err) + goto err; + } + priv->phy = devm_phy_optional_get(&pdev->dev, "usb"); if (IS_ERR(priv->phy)) { err = PTR_ERR(priv->phy); @@ -317,6 +336,7 @@ err_put_hcd: usb_put_hcd(hcd); err: + if (err != -EPROBE_DEFER) dev_err(&pdev->dev, "init %s fail, %d\n", dev_name(&pdev->dev), err); diff -ruw linux-5.15.42/drivers/usb/storage/scsiglue.c linux-5.15.42-fbx/drivers/usb/storage/scsiglue.c --- linux-5.15.42/drivers/usb/storage/scsiglue.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/usb/storage/scsiglue.c 2024-04-22 14:46:56.716235544 +0200 @@ -456,6 +456,9 @@ usb_stor_dbg(us, "%s called\n", __func__); + if (us->srb == srb) + command_abort(srb); + /* lock the device pointers and do the reset */ mutex_lock(&(us->dev_mutex)); result = us->transport_reset(us); diff -ruw linux-5.15.42/drivers/usb/storage/usb.c linux-5.15.42-fbx/drivers/usb/storage/usb.c --- linux-5.15.42/drivers/usb/storage/usb.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/usb/storage/usb.c 2024-04-22 14:46:56.720235653 +0200 @@ -67,7 +67,7 @@ MODULE_DESCRIPTION("USB Mass Storage driver for Linux"); MODULE_LICENSE("GPL"); -static unsigned int delay_use = 1; +static unsigned int delay_use = 5; module_param(delay_use, uint, S_IRUGO | S_IWUSR); MODULE_PARM_DESC(delay_use, "seconds to delay before using a new device"); diff -ruw linux-5.15.42/drivers/video/Kconfig linux-5.15.42-fbx/drivers/video/Kconfig --- linux-5.15.42/drivers/video/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/video/Kconfig 2024-04-22 14:46:56.744236309 +0200 @@ -46,5 +46,4 @@ endif - endmenu diff -ruw linux-5.15.42/drivers/video/fbdev/Kconfig linux-5.15.42-fbx/drivers/video/fbdev/Kconfig --- linux-5.15.42/drivers/video/fbdev/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/video/fbdev/Kconfig 2024-04-22 14:46:56.756236637 +0200 @@ -2238,6 +2238,24 @@ called sm712fb. If you want to compile it as a module, say M here and read . +config FB_SSD1320 + tristate "SSD1320 OLED driver" + depends on FB && SPI + select FB_SYS_FILLRECT + select FB_SYS_COPYAREA + select FB_SYS_IMAGEBLIT + select FB_SYS_FOPS + select FB_BACKLIGHT + +config FB_SSD1327 + tristate "SSD1327 OLED driver" + depends on FB && SPI + select FB_SYS_FILLRECT + select FB_SYS_COPYAREA + select FB_SYS_IMAGEBLIT + select FB_SYS_FOPS + select FB_BACKLIGHT + source "drivers/video/fbdev/omap/Kconfig" source "drivers/video/fbdev/omap2/Kconfig" source "drivers/video/fbdev/mmp/Kconfig" diff -ruw linux-5.15.42/drivers/video/fbdev/Makefile linux-5.15.42-fbx/drivers/video/fbdev/Makefile --- linux-5.15.42/drivers/video/fbdev/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/drivers/video/fbdev/Makefile 2024-04-22 14:46:56.756236637 +0200 @@ -129,6 +129,8 @@ obj-$(CONFIG_FB_DA8XX) += da8xx-fb.o obj-$(CONFIG_FB_SSD1307) += ssd1307fb.o obj-$(CONFIG_FB_SIMPLE) += simplefb.o +obj-$(CONFIG_FB_SSD1327) += ssd1327.o +obj-$(CONFIG_FB_SSD1320) += ssd1320.o # the test framebuffer is last obj-$(CONFIG_FB_VIRTUAL) += vfb.o diff -ruw linux-5.15.42/fs/Kconfig linux-5.15.42-fbx/fs/Kconfig --- linux-5.15.42/fs/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/Kconfig 2024-04-22 14:46:56.916241008 +0200 @@ -152,6 +152,7 @@ source "fs/exfat/Kconfig" source "fs/ntfs/Kconfig" source "fs/ntfs3/Kconfig" +source "fs/exfat-fbx/Kconfig" endmenu endif # BLOCK diff -ruw linux-5.15.42/fs/Makefile linux-5.15.42-fbx/fs/Makefile --- linux-5.15.42/fs/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/Makefile 2024-04-22 14:46:56.916241008 +0200 @@ -138,3 +138,4 @@ obj-$(CONFIG_EROFS_FS) += erofs/ obj-$(CONFIG_VBOXSF_FS) += vboxsf/ obj-$(CONFIG_ZONEFS_FS) += zonefs/ +obj-$(CONFIG_EXFAT_FS_FBX) += exfat-fbx/ diff -ruw linux-5.15.42/fs/exec.c linux-5.15.42-fbx/fs/exec.c --- linux-5.15.42/fs/exec.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/exec.c 2024-04-22 14:46:57.024243959 +0200 @@ -1879,6 +1879,23 @@ return PTR_ERR(filename); /* + * handle current->exec_mode: + * - if unlimited, then nothing to do. + * - if once, then set it to denied and continue (next execve + * after this one will fail). + * - if denied, then effectively fail the execve call with EPERM. + */ + switch (current->exec_mode) { + case EXEC_MODE_UNLIMITED: + break; + case EXEC_MODE_ONCE: + current->exec_mode = EXEC_MODE_DENIED; + break; + case EXEC_MODE_DENIED: + return -EPERM; + } + + /* * We move the actual failure in case of RLIMIT_NPROC excess from * set*uid() to execve() because too many poorly written programs * don't check setuid() return code. Here we additionally recheck diff -ruw linux-5.15.42/fs/ksmbd/Kconfig linux-5.15.42-fbx/fs/ksmbd/Kconfig --- linux-5.15.42/fs/ksmbd/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/Kconfig 2024-04-22 14:46:57.124246691 +0200 @@ -43,6 +43,17 @@ smb3 encryption, copy-offload, secure per-user session establishment via NTLM or NTLMv2. +config SMB_INSECURE_SERVER + bool "Support for insecure SMB1/CIFS and SMB2.0 protocols" + depends on SMB_SERVER && INET + select NLS + select CRYPTO_MD4 + default n + + help + This enables deprecated insecure protocols dialects: SMB1/CIFS + and SMB2.0 + config SMB_SERVER_SMBDIRECT bool "Support for SMB Direct protocol" depends on SMB_SERVER=m && INFINIBAND && INFINIBAND_ADDR_TRANS || SMB_SERVER=y && INFINIBAND=y && INFINIBAND_ADDR_TRANS=y diff -ruw linux-5.15.42/fs/ksmbd/Makefile linux-5.15.42-fbx/fs/ksmbd/Makefile --- linux-5.15.42/fs/ksmbd/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/Makefile 2024-04-22 14:46:57.124246691 +0200 @@ -18,3 +18,4 @@ $(obj)/ksmbd_spnego_negtokentarg.asn1.o: $(obj)/ksmbd_spnego_negtokentarg.asn1.c $(obj)/ksmbd_spnego_negtokentarg.asn1.h ksmbd-$(CONFIG_SMB_SERVER_SMBDIRECT) += transport_rdma.o +ksmbd-$(CONFIG_SMB_INSECURE_SERVER) += smb1pdu.o smb1ops.o smb1misc.o netmisc.o diff -ruw linux-5.15.42/fs/ksmbd/asn1.c linux-5.15.42-fbx/fs/ksmbd/asn1.c --- linux-5.15.42/fs/ksmbd/asn1.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/asn1.c 2024-04-22 14:46:57.124246691 +0200 @@ -21,101 +21,11 @@ #include "ksmbd_spnego_negtokeninit.asn1.h" #include "ksmbd_spnego_negtokentarg.asn1.h" -#define SPNEGO_OID_LEN 7 #define NTLMSSP_OID_LEN 10 -#define KRB5_OID_LEN 7 -#define KRB5U2U_OID_LEN 8 -#define MSKRB5_OID_LEN 7 -static unsigned long SPNEGO_OID[7] = { 1, 3, 6, 1, 5, 5, 2 }; -static unsigned long NTLMSSP_OID[10] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10 }; -static unsigned long KRB5_OID[7] = { 1, 2, 840, 113554, 1, 2, 2 }; -static unsigned long KRB5U2U_OID[8] = { 1, 2, 840, 113554, 1, 2, 2, 3 }; -static unsigned long MSKRB5_OID[7] = { 1, 2, 840, 48018, 1, 2, 2 }; static char NTLMSSP_OID_STR[NTLMSSP_OID_LEN] = { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x02, 0x0a }; -static bool -asn1_subid_decode(const unsigned char **begin, const unsigned char *end, - unsigned long *subid) -{ - const unsigned char *ptr = *begin; - unsigned char ch; - - *subid = 0; - - do { - if (ptr >= end) - return false; - - ch = *ptr++; - *subid <<= 7; - *subid |= ch & 0x7F; - } while ((ch & 0x80) == 0x80); - - *begin = ptr; - return true; -} - -static bool asn1_oid_decode(const unsigned char *value, size_t vlen, - unsigned long **oid, size_t *oidlen) -{ - const unsigned char *iptr = value, *end = value + vlen; - unsigned long *optr; - unsigned long subid; - - vlen += 1; - if (vlen < 2 || vlen > UINT_MAX / sizeof(unsigned long)) - goto fail_nullify; - - *oid = kmalloc(vlen * sizeof(unsigned long), GFP_KERNEL); - if (!*oid) - return false; - - optr = *oid; - - if (!asn1_subid_decode(&iptr, end, &subid)) - goto fail; - - if (subid < 40) { - optr[0] = 0; - optr[1] = subid; - } else if (subid < 80) { - optr[0] = 1; - optr[1] = subid - 40; - } else { - optr[0] = 2; - optr[1] = subid - 80; - } - - *oidlen = 2; - optr += 2; - - while (iptr < end) { - if (++(*oidlen) > vlen) - goto fail; - - if (!asn1_subid_decode(&iptr, end, optr++)) - goto fail; - } - return true; - -fail: - kfree(*oid); -fail_nullify: - *oid = NULL; - return false; -} - -static bool oid_eq(unsigned long *oid1, unsigned int oid1len, - unsigned long *oid2, unsigned int oid2len) -{ - if (oid1len != oid2len) - return false; - - return memcmp(oid1, oid2, oid1len) == 0; -} - int ksmbd_decode_negTokenInit(unsigned char *security_blob, int length, struct ksmbd_conn *conn) @@ -252,26 +162,18 @@ int ksmbd_gssapi_this_mech(void *context, size_t hdrlen, unsigned char tag, const void *value, size_t vlen) { - unsigned long *oid; - size_t oidlen; - int err = 0; - - if (!asn1_oid_decode(value, vlen, &oid, &oidlen)) { - err = -EBADMSG; - goto out; - } + enum OID oid; - if (!oid_eq(oid, oidlen, SPNEGO_OID, SPNEGO_OID_LEN)) - err = -EBADMSG; - kfree(oid); -out: - if (err) { + oid = look_up_OID(value, vlen); + if (oid != OID_spnego) { char buf[50]; sprint_oid(value, vlen, buf, sizeof(buf)); ksmbd_debug(AUTH, "Unexpected OID: %s\n", buf); + return -EBADMSG; } - return err; + + return 0; } int ksmbd_neg_token_init_mech_type(void *context, size_t hdrlen, @@ -279,37 +181,31 @@ size_t vlen) { struct ksmbd_conn *conn = context; - unsigned long *oid; - size_t oidlen; + enum OID oid; int mech_type; - char buf[50]; - - if (!asn1_oid_decode(value, vlen, &oid, &oidlen)) - goto fail; - if (oid_eq(oid, oidlen, NTLMSSP_OID, NTLMSSP_OID_LEN)) + oid = look_up_OID(value, vlen); + if (oid == OID_ntlmssp) { mech_type = KSMBD_AUTH_NTLMSSP; - else if (oid_eq(oid, oidlen, MSKRB5_OID, MSKRB5_OID_LEN)) + } else if (oid == OID_mskrb5) { mech_type = KSMBD_AUTH_MSKRB5; - else if (oid_eq(oid, oidlen, KRB5_OID, KRB5_OID_LEN)) + } else if (oid == OID_krb5) { mech_type = KSMBD_AUTH_KRB5; - else if (oid_eq(oid, oidlen, KRB5U2U_OID, KRB5U2U_OID_LEN)) + } else if (oid == OID_krb5u2u) { mech_type = KSMBD_AUTH_KRB5U2U; - else - goto fail; + } else { + char buf[50]; + + sprint_oid(value, vlen, buf, sizeof(buf)); + ksmbd_debug(AUTH, "Unexpected OID: %s\n", buf); + return -EBADMSG; + } conn->auth_mechs |= mech_type; if (conn->preferred_auth_mech == 0) conn->preferred_auth_mech = mech_type; - kfree(oid); return 0; - -fail: - kfree(oid); - sprint_oid(value, vlen, buf, sizeof(buf)); - ksmbd_debug(AUTH, "Unexpected OID: %s\n", buf); - return -EBADMSG; } int ksmbd_neg_token_init_mech_token(void *context, size_t hdrlen, diff -ruw linux-5.15.42/fs/ksmbd/auth.c linux-5.15.42-fbx/fs/ksmbd/auth.c --- linux-5.15.42/fs/ksmbd/auth.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/auth.c 2024-04-22 14:46:57.124246691 +0200 @@ -68,6 +68,127 @@ memcpy(buf, NEGOTIATE_GSS_HEADER, AUTH_GSS_LENGTH); } +#ifdef CONFIG_SMB_INSECURE_SERVER +static void +str_to_key(unsigned char *str, unsigned char *key) +{ + int i; + + key[0] = str[0] >> 1; + key[1] = ((str[0] & 0x01) << 6) | (str[1] >> 2); + key[2] = ((str[1] & 0x03) << 5) | (str[2] >> 3); + key[3] = ((str[2] & 0x07) << 4) | (str[3] >> 4); + key[4] = ((str[3] & 0x0F) << 3) | (str[4] >> 5); + key[5] = ((str[4] & 0x1F) << 2) | (str[5] >> 6); + key[6] = ((str[5] & 0x3F) << 1) | (str[6] >> 7); + key[7] = str[6] & 0x7F; + for (i = 0; i < 8; i++) + key[i] = (key[i] << 1); +} + +static int +smbhash(unsigned char *out, const unsigned char *in, unsigned char *key) +{ + unsigned char key2[8]; + struct des_ctx ctx; + + if (fips_enabled) { + ksmbd_debug(AUTH, "FIPS compliance enabled: DES not permitted\n"); + return -ENOENT; + } + + str_to_key(key, key2); + des_expand_key(&ctx, key2, DES_KEY_SIZE); + des_encrypt(&ctx, out, in); + memzero_explicit(&ctx, sizeof(ctx)); + return 0; +} + +static int ksmbd_enc_p24(unsigned char *p21, const unsigned char *c8, unsigned char *p24) +{ + int rc; + + rc = smbhash(p24, c8, p21); + if (rc) + return rc; + rc = smbhash(p24 + 8, c8, p21 + 7); + if (rc) + return rc; + return smbhash(p24 + 16, c8, p21 + 14); +} + +/* produce a md4 message digest from data of length n bytes */ +static int ksmbd_enc_md4(unsigned char *md4_hash, unsigned char *link_str, + int link_len) +{ + int rc; + struct ksmbd_crypto_ctx *ctx; + + ctx = ksmbd_crypto_ctx_find_md4(); + if (!ctx) { + ksmbd_debug(AUTH, "Crypto md4 allocation error\n"); + return -ENOMEM; + } + + rc = crypto_shash_init(CRYPTO_MD4(ctx)); + if (rc) { + ksmbd_debug(AUTH, "Could not init md4 shash\n"); + goto out; + } + + rc = crypto_shash_update(CRYPTO_MD4(ctx), link_str, link_len); + if (rc) { + ksmbd_debug(AUTH, "Could not update with link_str\n"); + goto out; + } + + rc = crypto_shash_final(CRYPTO_MD4(ctx), md4_hash); + if (rc) + ksmbd_debug(AUTH, "Could not generate md4 hash\n"); +out: + ksmbd_release_crypto_ctx(ctx); + return rc; +} + +static int ksmbd_enc_update_sess_key(unsigned char *md5_hash, char *nonce, + char *server_challenge, int len) +{ + int rc; + struct ksmbd_crypto_ctx *ctx; + + ctx = ksmbd_crypto_ctx_find_md5(); + if (!ctx) { + ksmbd_debug(AUTH, "Crypto md5 allocation error\n"); + return -ENOMEM; + } + + rc = crypto_shash_init(CRYPTO_MD5(ctx)); + if (rc) { + ksmbd_debug(AUTH, "Could not init md5 shash\n"); + goto out; + } + + rc = crypto_shash_update(CRYPTO_MD5(ctx), server_challenge, len); + if (rc) { + ksmbd_debug(AUTH, "Could not update with challenge\n"); + goto out; + } + + rc = crypto_shash_update(CRYPTO_MD5(ctx), nonce, len); + if (rc) { + ksmbd_debug(AUTH, "Could not update with nonce\n"); + goto out; + } + + rc = crypto_shash_final(CRYPTO_MD5(ctx), md5_hash); + if (rc) + ksmbd_debug(AUTH, "Could not generate md5 hash\n"); +out: + ksmbd_release_crypto_ctx(ctx); + return rc; +} + +#endif /** * ksmbd_gen_sess_key() - function to generate session key * @sess: session of connection @@ -120,8 +241,8 @@ return rc; } -static int calc_ntlmv2_hash(struct ksmbd_session *sess, char *ntlmv2_hash, - char *dname) +static int calc_ntlmv2_hash(struct ksmbd_conn *conn, struct ksmbd_session *sess, + char *ntlmv2_hash, char *dname) { int ret, len, conv_len; wchar_t *domain = NULL; @@ -157,7 +278,7 @@ } conv_len = smb_strtoUTF16(uniname, user_name(sess->user), len, - sess->conn->local_nls); + conn->local_nls); if (conv_len < 0 || conv_len > len) { ret = -EINVAL; goto out; @@ -181,7 +302,7 @@ } conv_len = smb_strtoUTF16((__le16 *)domain, dname, len, - sess->conn->local_nls); + conn->local_nls); if (conv_len < 0 || conv_len > len) { ret = -EINVAL; goto out; @@ -205,6 +326,45 @@ return ret; } +#ifdef CONFIG_SMB_INSECURE_SERVER +/** + * ksmbd_auth_ntlm() - NTLM authentication handler + * @sess: session of connection + * @pw_buf: NTLM challenge response + * @passkey: user password + * + * Return: 0 on success, error number on error + */ +int ksmbd_auth_ntlm(struct ksmbd_session *sess, char *pw_buf, char *cryptkey) +{ + int rc; + unsigned char p21[21]; + char key[CIFS_AUTH_RESP_SIZE]; + + memset(p21, '\0', 21); + memcpy(p21, user_passkey(sess->user), CIFS_NTHASH_SIZE); + rc = ksmbd_enc_p24(p21, cryptkey, key); + if (rc) { + pr_err("password processing failed\n"); + return rc; + } + + ksmbd_enc_md4(sess->sess_key, user_passkey(sess->user), + CIFS_SMB1_SESSKEY_SIZE); + memcpy(sess->sess_key + CIFS_SMB1_SESSKEY_SIZE, key, + CIFS_AUTH_RESP_SIZE); + sess->sequence_number = 1; + + if (strncmp(pw_buf, key, CIFS_AUTH_RESP_SIZE) != 0) { + ksmbd_debug(AUTH, "ntlmv1 authentication failed\n"); + return -EINVAL; + } + + ksmbd_debug(AUTH, "ntlmv1 authentication pass\n"); + return 0; +} + +#endif /** * ksmbd_auth_ntlmv2() - NTLMv2 authentication handler * @sess: session of connection @@ -214,8 +374,9 @@ * * Return: 0 on success, error number on error */ -int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2, - int blen, char *domain_name) +int ksmbd_auth_ntlmv2(struct ksmbd_conn *conn, struct ksmbd_session *sess, + struct ntlmv2_resp *ntlmv2, int blen, char *domain_name, + char *cryptkey) { char ntlmv2_hash[CIFS_ENCPWD_SIZE]; char ntlmv2_rsp[CIFS_HMAC_MD5_HASH_SIZE]; @@ -229,7 +390,7 @@ return -ENOMEM; } - rc = calc_ntlmv2_hash(sess, ntlmv2_hash, domain_name); + rc = calc_ntlmv2_hash(conn, sess, ntlmv2_hash, domain_name); if (rc) { ksmbd_debug(AUTH, "could not get v2 hash rc %d\n", rc); goto out; @@ -256,7 +417,7 @@ goto out; } - memcpy(construct, sess->ntlmssp.cryptkey, CIFS_CRYPTO_KEY_SIZE); + memcpy(construct, cryptkey, CIFS_CRYPTO_KEY_SIZE); memcpy(construct + CIFS_CRYPTO_KEY_SIZE, &ntlmv2->blob_signature, blen); rc = crypto_shash_update(CRYPTO_HMACMD5(ctx), construct, len); @@ -285,6 +446,105 @@ return rc; } +#ifdef CONFIG_SMB_INSECURE_SERVER +/** + * __ksmbd_auth_ntlmv2() - NTLM2(extended security) authentication handler + * @sess: session of connection + * @client_nonce: client nonce from LM response. + * @ntlm_resp: ntlm response data from client. + * + * Return: 0 on success, error number on error + */ +static int __ksmbd_auth_ntlmv2(struct ksmbd_session *sess, + char *client_nonce, + char *ntlm_resp, + char *cryptkey) +{ + char sess_key[CIFS_SMB1_SESSKEY_SIZE] = {0}; + int rc; + unsigned char p21[21]; + char key[CIFS_AUTH_RESP_SIZE]; + + rc = ksmbd_enc_update_sess_key(sess_key, client_nonce, cryptkey, 8); + if (rc) { + pr_err("password processing failed\n"); + goto out; + } + + memset(p21, '\0', 21); + memcpy(p21, user_passkey(sess->user), CIFS_NTHASH_SIZE); + rc = ksmbd_enc_p24(p21, sess_key, key); + if (rc) { + pr_err("password processing failed\n"); + goto out; + } + + if (memcmp(ntlm_resp, key, CIFS_AUTH_RESP_SIZE) != 0) + rc = -EINVAL; +out: + return rc; +} + +static int cifs_arc4_setkey(struct arc4_ctx *ctx, const u8 *in_key, unsigned int key_len) +{ + int i, j = 0, k = 0; + + ctx->x = 1; + ctx->y = 0; + + for (i = 0; i < 256; i++) + ctx->S[i] = i; + + for (i = 0; i < 256; i++) { + u32 a = ctx->S[i]; + + j = (j + in_key[k] + a) & 0xff; + ctx->S[i] = ctx->S[j]; + ctx->S[j] = a; + if (++k >= key_len) + k = 0; + } + + return 0; +} + +static void cifs_arc4_crypt(struct arc4_ctx *ctx, u8 *out, const u8 *in, unsigned int len) +{ + u32 *const S = ctx->S; + u32 x, y, a, b; + u32 ty, ta, tb; + + if (len == 0) + return; + + x = ctx->x; + y = ctx->y; + + a = S[x]; + y = (y + a) & 0xff; + b = S[y]; + + do { + S[y] = a; + a = (a + b) & 0xff; + S[x] = b; + x = (x + 1) & 0xff; + ta = S[x]; + ty = (y + ta) & 0xff; + tb = S[ty]; + *out++ = *in++ ^ S[a]; + if (--len == 0) + break; + y = ty; + a = ta; + b = tb; + } while (true); + + ctx->x = x; + ctx->y = y; +} + +#endif /** * ksmbd_decode_ntlmssp_auth_blob() - helper function to construct * authenticate blob @@ -295,11 +555,16 @@ * Return: 0 on success, error number on error */ int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob, - int blob_len, struct ksmbd_session *sess) + int blob_len, struct ksmbd_conn *conn, + struct ksmbd_session *sess) { char *domain_name; unsigned int nt_off, dn_off; unsigned short nt_len, dn_len; +#ifdef CONFIG_SMB_INSECURE_SERVER + unsigned int lm_off; + unsigned short lm_len; +#endif int ret; if (blob_len < sizeof(struct authenticate_message)) { @@ -319,22 +584,67 @@ dn_off = le32_to_cpu(authblob->DomainName.BufferOffset); dn_len = le16_to_cpu(authblob->DomainName.Length); - if (blob_len < (u64)dn_off + dn_len || blob_len < (u64)nt_off + nt_len) + if (blob_len < (u64)dn_off + dn_len || blob_len < (u64)nt_off + nt_len || + nt_len < CIFS_ENCPWD_SIZE) + return -EINVAL; + +#ifdef CONFIG_SMB_INSECURE_SERVER + lm_off = le32_to_cpu(authblob->LmChallengeResponse.BufferOffset); + lm_len = le16_to_cpu(authblob->LmChallengeResponse.Length); + if (blob_len < (u64)lm_off + lm_len) return -EINVAL; + /* process NTLM authentication */ + if (nt_len == CIFS_AUTH_RESP_SIZE) { + if (le32_to_cpu(authblob->NegotiateFlags) & + NTLMSSP_NEGOTIATE_EXTENDED_SEC) + return __ksmbd_auth_ntlmv2(sess, + (char *)authblob + lm_off, + (char *)authblob + nt_off, + conn->ntlmssp.cryptkey); + else + return ksmbd_auth_ntlm(sess, (char *)authblob + + nt_off, conn->ntlmssp.cryptkey); + } +#endif + /* TODO : use domain name that imported from configuration file */ domain_name = smb_strndup_from_utf16((const char *)authblob + dn_off, - dn_len, true, sess->conn->local_nls); + dn_len, true, conn->local_nls); if (IS_ERR(domain_name)) return PTR_ERR(domain_name); /* process NTLMv2 authentication */ ksmbd_debug(AUTH, "decode_ntlmssp_authenticate_blob dname%s\n", domain_name); - ret = ksmbd_auth_ntlmv2(sess, (struct ntlmv2_resp *)((char *)authblob + nt_off), + ret = ksmbd_auth_ntlmv2(conn, sess, + (struct ntlmv2_resp *)((char *)authblob + nt_off), nt_len - CIFS_ENCPWD_SIZE, - domain_name); + domain_name, conn->ntlmssp.cryptkey); kfree(domain_name); + + /* The recovered secondary session key */ + if (conn->ntlmssp.client_flags & NTLMSSP_NEGOTIATE_KEY_XCH) { + struct arc4_ctx *ctx_arc4; + unsigned int sess_key_off, sess_key_len; + + sess_key_off = le32_to_cpu(authblob->SessionKey.BufferOffset); + sess_key_len = le16_to_cpu(authblob->SessionKey.Length); + + if (blob_len < (u64)sess_key_off + sess_key_len) + return -EINVAL; + + ctx_arc4 = kmalloc(sizeof(*ctx_arc4), GFP_KERNEL); + if (!ctx_arc4) + return -ENOMEM; + + cifs_arc4_setkey(ctx_arc4, sess->sess_key, + SMB2_NTLMV2_SESSKEY_SIZE); + cifs_arc4_crypt(ctx_arc4, sess->sess_key, + (char *)authblob + sess_key_off, sess_key_len); + kfree_sensitive(ctx_arc4); + } + return ret; } @@ -347,7 +657,7 @@ * */ int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob, - int blob_len, struct ksmbd_session *sess) + int blob_len, struct ksmbd_conn *conn) { if (blob_len < sizeof(struct negotiate_message)) { ksmbd_debug(AUTH, "negotiate blob len %d too small\n", @@ -361,7 +671,7 @@ return -EINVAL; } - sess->ntlmssp.client_flags = le32_to_cpu(negblob->NegotiateFlags); + conn->ntlmssp.client_flags = le32_to_cpu(negblob->NegotiateFlags); return 0; } @@ -375,14 +685,14 @@ */ unsigned int ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob, - struct ksmbd_session *sess) + struct ksmbd_conn *conn) { struct target_info *tinfo; wchar_t *name; __u8 *target_name; unsigned int flags, blob_off, blob_len, type, target_info_len = 0; int len, uni_len, conv_len; - int cflags = sess->ntlmssp.client_flags; + int cflags = conn->ntlmssp.client_flags; memcpy(chgblob->Signature, NTLMSSP_SIGNATURE, 8); chgblob->MessageType = NtLmChallenge; @@ -397,16 +707,22 @@ NTLMSSP_NEGOTIATE_56); } + if (cflags & NTLMSSP_NEGOTIATE_SEAL && smb3_encryption_negotiated(conn)) + flags |= NTLMSSP_NEGOTIATE_SEAL; + if (cflags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN) flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN; if (cflags & NTLMSSP_REQUEST_TARGET) flags |= NTLMSSP_REQUEST_TARGET; - if (sess->conn->use_spnego && + if (conn->use_spnego && (cflags & NTLMSSP_NEGOTIATE_EXTENDED_SEC)) flags |= NTLMSSP_NEGOTIATE_EXTENDED_SEC; + if (cflags & NTLMSSP_NEGOTIATE_KEY_XCH) + flags |= NTLMSSP_NEGOTIATE_KEY_XCH; + chgblob->NegotiateFlags = cpu_to_le32(flags); len = strlen(ksmbd_netbios_name()); name = kmalloc(2 + UNICODE_LEN(len), GFP_KERNEL); @@ -414,7 +730,7 @@ return -ENOMEM; conv_len = smb_strtoUTF16((__le16 *)name, ksmbd_netbios_name(), len, - sess->conn->local_nls); + conn->local_nls); if (conv_len < 0 || conv_len > len) { kfree(name); return -EINVAL; @@ -430,8 +746,8 @@ chgblob->TargetName.BufferOffset = cpu_to_le32(blob_off); /* Initialize random conn challenge */ - get_random_bytes(sess->ntlmssp.cryptkey, sizeof(__u64)); - memcpy(chgblob->Challenge, sess->ntlmssp.cryptkey, + get_random_bytes(conn->ntlmssp.cryptkey, sizeof(__u64)); + memcpy(chgblob->Challenge, conn->ntlmssp.cryptkey, CIFS_CRYPTO_KEY_SIZE); /* Add Target Information to security buffer */ @@ -523,6 +839,59 @@ } #endif +#ifdef CONFIG_SMB_INSECURE_SERVER +/** + * ksmbd_sign_smb1_pdu() - function to generate SMB1 packet signing + * @sess: session of connection + * @iov: buffer iov array + * @n_vec: number of iovecs + * @sig: signature value generated for client request packet + * + */ +int ksmbd_sign_smb1_pdu(struct ksmbd_session *sess, struct kvec *iov, int n_vec, + char *sig) +{ + struct ksmbd_crypto_ctx *ctx; + int rc, i; + + ctx = ksmbd_crypto_ctx_find_md5(); + if (!ctx) { + ksmbd_debug(AUTH, "could not crypto alloc md5\n"); + return -ENOMEM; + } + + rc = crypto_shash_init(CRYPTO_MD5(ctx)); + if (rc) { + ksmbd_debug(AUTH, "md5 init error %d\n", rc); + goto out; + } + + rc = crypto_shash_update(CRYPTO_MD5(ctx), sess->sess_key, 40); + if (rc) { + ksmbd_debug(AUTH, "md5 update error %d\n", rc); + goto out; + } + + for (i = 0; i < n_vec; i++) { + rc = crypto_shash_update(CRYPTO_MD5(ctx), + iov[i].iov_base, + iov[i].iov_len); + if (rc) { + ksmbd_debug(AUTH, "md5 update error %d\n", rc); + goto out; + } + } + + rc = crypto_shash_final(CRYPTO_MD5(ctx), sig); + if (rc) + ksmbd_debug(AUTH, "md5 generation error %d\n", rc); + +out: + ksmbd_release_crypto_ctx(ctx); + return rc; +} +#endif + /** * ksmbd_sign_smb2_pdu() - function to generate packet signing * @conn: connection @@ -631,8 +1000,9 @@ bool binding; }; -static int generate_key(struct ksmbd_session *sess, struct kvec label, - struct kvec context, __u8 *key, unsigned int key_size) +static int generate_key(struct ksmbd_conn *conn, struct ksmbd_session *sess, + struct kvec label, struct kvec context, __u8 *key, + unsigned int key_size) { unsigned char zero = 0x0; __u8 i[4] = {0, 0, 0, 1}; @@ -692,8 +1062,9 @@ goto smb3signkey_ret; } - if (sess->conn->cipher_type == SMB2_ENCRYPTION_AES256_CCM || - sess->conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM) + if (key_size == SMB3_ENC_DEC_KEY_SIZE && + (conn->cipher_type == SMB2_ENCRYPTION_AES256_CCM || + conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), L256, 4); else rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), L128, 4); @@ -728,17 +1099,17 @@ if (!chann) return 0; - if (sess->conn->dialect >= SMB30_PROT_ID && signing->binding) + if (conn->dialect >= SMB30_PROT_ID && signing->binding) key = chann->smb3signingkey; else key = sess->smb3signingkey; - rc = generate_key(sess, signing->label, signing->context, key, + rc = generate_key(conn, sess, signing->label, signing->context, key, SMB3_SIGN_KEY_SIZE); if (rc) return rc; - if (!(sess->conn->dialect >= SMB30_PROT_ID && signing->binding)) + if (!(conn->dialect >= SMB30_PROT_ID && signing->binding)) memcpy(chann->smb3signingkey, key, SMB3_SIGN_KEY_SIZE); ksmbd_debug(AUTH, "dumping generated AES signing keys\n"); @@ -792,30 +1163,31 @@ struct derivation decryption; }; -static int generate_smb3encryptionkey(struct ksmbd_session *sess, +static int generate_smb3encryptionkey(struct ksmbd_conn *conn, + struct ksmbd_session *sess, const struct derivation_twin *ptwin) { int rc; - rc = generate_key(sess, ptwin->encryption.label, + rc = generate_key(conn, sess, ptwin->encryption.label, ptwin->encryption.context, sess->smb3encryptionkey, SMB3_ENC_DEC_KEY_SIZE); if (rc) return rc; - rc = generate_key(sess, ptwin->decryption.label, + rc = generate_key(conn, sess, ptwin->decryption.label, ptwin->decryption.context, sess->smb3decryptionkey, SMB3_ENC_DEC_KEY_SIZE); if (rc) return rc; ksmbd_debug(AUTH, "dumping generated AES encryption keys\n"); - ksmbd_debug(AUTH, "Cipher type %d\n", sess->conn->cipher_type); + ksmbd_debug(AUTH, "Cipher type %d\n", conn->cipher_type); ksmbd_debug(AUTH, "Session Id %llu\n", sess->id); ksmbd_debug(AUTH, "Session Key %*ph\n", SMB2_NTLMV2_SESSKEY_SIZE, sess->sess_key); - if (sess->conn->cipher_type == SMB2_ENCRYPTION_AES256_CCM || - sess->conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM) { + if (conn->cipher_type == SMB2_ENCRYPTION_AES256_CCM || + conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM) { ksmbd_debug(AUTH, "ServerIn Key %*ph\n", SMB3_GCM256_CRYPTKEY_SIZE, sess->smb3encryptionkey); ksmbd_debug(AUTH, "ServerOut Key %*ph\n", @@ -829,7 +1201,8 @@ return 0; } -int ksmbd_gen_smb30_encryptionkey(struct ksmbd_session *sess) +int ksmbd_gen_smb30_encryptionkey(struct ksmbd_conn *conn, + struct ksmbd_session *sess) { struct derivation_twin twin; struct derivation *d; @@ -846,10 +1219,11 @@ d->context.iov_base = "ServerIn "; d->context.iov_len = 10; - return generate_smb3encryptionkey(sess, &twin); + return generate_smb3encryptionkey(conn, sess, &twin); } -int ksmbd_gen_smb311_encryptionkey(struct ksmbd_session *sess) +int ksmbd_gen_smb311_encryptionkey(struct ksmbd_conn *conn, + struct ksmbd_session *sess) { struct derivation_twin twin; struct derivation *d; @@ -866,16 +1240,16 @@ d->context.iov_base = sess->Preauth_HashValue; d->context.iov_len = 64; - return generate_smb3encryptionkey(sess, &twin); + return generate_smb3encryptionkey(conn, sess, &twin); } int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf, __u8 *pi_hash) { int rc; - struct smb2_hdr *rcv_hdr = (struct smb2_hdr *)buf; + struct smb2_hdr *rcv_hdr = smb2_get_msg(buf); char *all_bytes_msg = (char *)&rcv_hdr->ProtocolId; - int msg_size = be32_to_cpu(rcv_hdr->smb2_buf_length); + int msg_size = get_rfc1002_len(buf); struct ksmbd_crypto_ctx *ctx = NULL; if (conn->preauth_info->Preauth_HashId != @@ -950,13 +1324,16 @@ return rc; } -static int ksmbd_get_encryption_key(struct ksmbd_conn *conn, __u64 ses_id, +static int ksmbd_get_encryption_key(struct ksmbd_work *work, __u64 ses_id, int enc, u8 *key) { struct ksmbd_session *sess; u8 *ses_enc_key; - sess = ksmbd_session_lookup_all(conn, ses_id); + if (enc) + sess = work->sess; + else + sess = ksmbd_session_lookup_all(work->conn, ses_id); if (!sess) return -EINVAL; @@ -983,7 +1360,7 @@ u8 *sign) { struct scatterlist *sg; - unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 24; + unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 20; int i, nr_entries[3] = {0}, total_entries = 0, sg_idx = 0; if (!nvec) @@ -1044,12 +1421,12 @@ return sg; } -int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov, +int ksmbd_crypt_message(struct ksmbd_work *work, struct kvec *iov, unsigned int nvec, int enc) { - struct smb2_transform_hdr *tr_hdr = - (struct smb2_transform_hdr *)iov[0].iov_base; - unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 24; + struct ksmbd_conn *conn = work->conn; + struct smb2_transform_hdr *tr_hdr = smb2_get_msg(iov[0].iov_base); + unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 20; int rc; struct scatterlist *sg; u8 sign[SMB2_SIGNATURE_SIZE] = {}; @@ -1061,7 +1438,7 @@ unsigned int crypt_len = le32_to_cpu(tr_hdr->OriginalMessageSize); struct ksmbd_crypto_ctx *ctx; - rc = ksmbd_get_encryption_key(conn, + rc = ksmbd_get_encryption_key(work, le64_to_cpu(tr_hdr->SessionId), enc, key); diff -ruw linux-5.15.42/fs/ksmbd/auth.h linux-5.15.42-fbx/fs/ksmbd/auth.h --- linux-5.15.42/fs/ksmbd/auth.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/auth.h 2024-04-22 14:46:57.124246691 +0200 @@ -33,23 +33,30 @@ struct ksmbd_session; struct ksmbd_conn; +struct ksmbd_work; struct kvec; -int ksmbd_crypt_message(struct ksmbd_conn *conn, struct kvec *iov, +int ksmbd_crypt_message(struct ksmbd_work *work, struct kvec *iov, unsigned int nvec, int enc); void ksmbd_copy_gss_neg_header(void *buf); -int ksmbd_auth_ntlm(struct ksmbd_session *sess, char *pw_buf); -int ksmbd_auth_ntlmv2(struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2, - int blen, char *domain_name); +int ksmbd_auth_ntlm(struct ksmbd_session *sess, char *pw_buf, char *cryptkey); +int ksmbd_auth_ntlmv2(struct ksmbd_conn *conn, struct ksmbd_session *sess, + struct ntlmv2_resp *ntlmv2, int blen, char *domain_name, + char *cryptkey); int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob, - int blob_len, struct ksmbd_session *sess); + int blob_len, struct ksmbd_conn *conn, + struct ksmbd_session *sess); int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob, - int blob_len, struct ksmbd_session *sess); + int blob_len, struct ksmbd_conn *conn); unsigned int ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob, - struct ksmbd_session *sess); + struct ksmbd_conn *conn); int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob, int in_len, char *out_blob, int *out_len); +#ifdef CONFIG_SMB_INSECURE_SERVER +int ksmbd_sign_smb1_pdu(struct ksmbd_session *sess, struct kvec *iov, int n_vec, + char *sig); +#endif int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov, int n_vec, char *sig); int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov, @@ -58,10 +65,21 @@ struct ksmbd_conn *conn); int ksmbd_gen_smb311_signingkey(struct ksmbd_session *sess, struct ksmbd_conn *conn); -int ksmbd_gen_smb30_encryptionkey(struct ksmbd_session *sess); -int ksmbd_gen_smb311_encryptionkey(struct ksmbd_session *sess); +int ksmbd_gen_smb30_encryptionkey(struct ksmbd_conn *conn, + struct ksmbd_session *sess); +int ksmbd_gen_smb311_encryptionkey(struct ksmbd_conn *conn, + struct ksmbd_session *sess); int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf, __u8 *pi_hash); int ksmbd_gen_sd_hash(struct ksmbd_conn *conn, char *sd_buf, int len, __u8 *pi_hash); + +#define ARC4_MIN_KEY_SIZE 1 +#define ARC4_MAX_KEY_SIZE 256 +#define ARC4_BLOCK_SIZE 1 + +struct arc4_ctx { + u32 S[256]; + u32 x, y; +}; #endif diff -ruw linux-5.15.42/fs/ksmbd/connection.c linux-5.15.42-fbx/fs/ksmbd/connection.c --- linux-5.15.42/fs/ksmbd/connection.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/connection.c 2024-04-22 14:46:57.124246691 +0200 @@ -7,9 +7,13 @@ #include #include #include +#include #include "server.h" #include "smb_common.h" +#ifdef CONFIG_SMB_INSECURE_SERVER +#include "smb1pdu.h" +#endif #include "mgmt/ksmbd_ida.h" #include "connection.h" #include "transport_tcp.h" @@ -36,6 +40,7 @@ list_del(&conn->conns_list); write_unlock(&conn_list_lock); + xa_destroy(&conn->sessions); kvfree(conn->request_buf); kfree(conn->preauth_info); kfree(conn); @@ -59,19 +64,30 @@ conn->local_nls = load_nls("utf8"); if (!conn->local_nls) conn->local_nls = load_nls_default(); + if (IS_ENABLED(CONFIG_UNICODE)) +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 17, 0) + conn->um = utf8_load(UNICODE_AGE(12, 1, 0)); +#else + conn->um = utf8_load("12.1.0"); +#endif + else + conn->um = ERR_PTR(-EOPNOTSUPP); + if (IS_ERR(conn->um)) + conn->um = NULL; atomic_set(&conn->req_running, 0); atomic_set(&conn->r_count, 0); conn->total_credits = 1; - conn->outstanding_credits = 1; + conn->outstanding_credits = 0; init_waitqueue_head(&conn->req_running_q); + init_waitqueue_head(&conn->r_count_q); INIT_LIST_HEAD(&conn->conns_list); - INIT_LIST_HEAD(&conn->sessions); INIT_LIST_HEAD(&conn->requests); INIT_LIST_HEAD(&conn->async_requests); spin_lock_init(&conn->request_lock); spin_lock_init(&conn->credits_lock); ida_init(&conn->async_ida); + xa_init(&conn->sessions); spin_lock_init(&conn->llist_lock); INIT_LIST_HEAD(&conn->lock_list); @@ -103,11 +119,24 @@ { struct ksmbd_conn *conn = work->conn; struct list_head *requests_queue = NULL; +#ifdef CONFIG_SMB_INSECURE_SERVER + struct smb2_hdr *hdr = work->request_buf; + if (hdr->ProtocolId == SMB2_PROTO_NUMBER) { if (conn->ops->get_cmd_val(work) != SMB2_CANCEL_HE) { requests_queue = &conn->requests; work->syncronous = true; } + } else { + if (conn->ops->get_cmd_val(work) != SMB_COM_NT_CANCEL) + requests_queue = &conn->requests; + } +#else + if (conn->ops->get_cmd_val(work) != SMB2_CANCEL_HE) { + requests_queue = &conn->requests; + work->syncronous = true; + } +#endif if (requests_queue) { atomic_inc(&conn->req_running); @@ -159,26 +188,24 @@ int ksmbd_conn_write(struct ksmbd_work *work) { struct ksmbd_conn *conn = work->conn; - struct smb_hdr *rsp_hdr = work->response_buf; size_t len = 0; int sent; struct kvec iov[3]; int iov_idx = 0; - ksmbd_conn_try_dequeue_request(work); - if (!rsp_hdr) { + if (!work->response_buf) { pr_err("NULL response header\n"); return -EINVAL; } if (work->tr_buf) { iov[iov_idx] = (struct kvec) { work->tr_buf, - sizeof(struct smb2_transform_hdr) }; + sizeof(struct smb2_transform_hdr) + 4 }; len += iov[iov_idx++].iov_len; } if (work->aux_payload_sz) { - iov[iov_idx] = (struct kvec) { rsp_hdr, work->resp_hdr_sz }; + iov[iov_idx] = (struct kvec) { work->response_buf, work->resp_hdr_sz }; len += iov[iov_idx++].iov_len; iov[iov_idx] = (struct kvec) { work->aux_payload_buf, work->aux_payload_sz }; len += iov[iov_idx++].iov_len; @@ -186,8 +213,8 @@ if (work->tr_buf) iov[iov_idx].iov_len = work->resp_hdr_sz; else - iov[iov_idx].iov_len = get_rfc1002_len(rsp_hdr) + 4; - iov[iov_idx].iov_base = rsp_hdr; + iov[iov_idx].iov_len = get_rfc1002_len(work->response_buf) + 4; + iov[iov_idx].iov_base = work->response_buf; len += iov[iov_idx++].iov_len; } @@ -292,7 +319,7 @@ kvfree(conn->request_buf); conn->request_buf = NULL; - size = t->ops->read(t, hdr_buf, sizeof(hdr_buf)); + size = t->ops->read(t, hdr_buf, sizeof(hdr_buf), -1); if (size != sizeof(hdr_buf)) break; @@ -303,16 +330,23 @@ * Check if pdu size is valid (min : smb header size, * max : 0x00FFFFFF). */ +#ifdef CONFIG_SMB_INSECURE_SERVER + if (pdu_size < sizeof(struct smb_hdr) || + pdu_size > MAX_STREAM_PROT_LEN) { + continue; + } +#else if (pdu_size < __SMB2_HEADER_STRUCTURE_SIZE || pdu_size > MAX_STREAM_PROT_LEN) { continue; } +#endif /* 4 for rfc1002 length field */ size = pdu_size + 4; conn->request_buf = kvmalloc(size, GFP_KERNEL); if (!conn->request_buf) - continue; + break; memcpy(conn->request_buf, hdr_buf, sizeof(hdr_buf)); if (!ksmbd_smb_request(conn)) @@ -322,7 +356,7 @@ * We already read 4 bytes to find out PDU size, now * read in PDU */ - size = t->ops->read(t, conn->request_buf + 4, pdu_size); + size = t->ops->read(t, conn->request_buf + 4, pdu_size, 2); if (size < 0) { pr_err("sock_read failed: %d\n", size); break; @@ -347,9 +381,11 @@ out: /* Wait till all reference dropped to the Server object*/ - while (atomic_read(&conn->r_count) > 0) - schedule_timeout(HZ); + wait_event(conn->r_count_q, atomic_read(&conn->r_count) == 0); + + if (IS_ENABLED(CONFIG_UNICODE)) + utf8_unload(conn->um); unload_nls(conn->local_nls); if (default_conn_ops.terminate_fn) default_conn_ops.terminate_fn(conn); @@ -388,17 +424,24 @@ static void stop_sessions(void) { struct ksmbd_conn *conn; + struct ksmbd_transport *t; again: read_lock(&conn_list_lock); list_for_each_entry(conn, &conn_list, conns_list) { struct task_struct *task; - task = conn->transport->handler; + t = conn->transport; + task = t->handler; if (task) ksmbd_debug(CONN, "Stop session handler %s/%d\n", task->comm, task_pid_nr(task)); conn->status = KSMBD_SESS_EXITING; + if (t->ops->shutdown) { + read_unlock(&conn_list_lock); + t->ops->shutdown(t); + read_lock(&conn_list_lock); + } } read_unlock(&conn_list_lock); diff -ruw linux-5.15.42/fs/ksmbd/connection.h linux-5.15.42-fbx/fs/ksmbd/connection.h --- linux-5.15.42/fs/ksmbd/connection.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/connection.h 2024-04-22 14:46:57.124246691 +0200 @@ -14,19 +14,13 @@ #include #include #include +#include #include "smb_common.h" #include "ksmbd_work.h" #define KSMBD_SOCKET_BACKLOG 16 -/* - * WARNING - * - * This is nothing but a HACK. Session status should move to channel - * or to session. As of now we have 1 tcp_conn : 1 ksmbd_session, but - * we need to change it to 1 tcp_conn : N ksmbd_sessions. - */ enum { KSMBD_SESS_NEW = 0, KSMBD_SESS_GOOD, @@ -53,9 +47,10 @@ char *request_buf; struct ksmbd_transport *transport; struct nls_table *local_nls; + struct unicode_map *um; struct list_head conns_list; /* smb session 1 per user */ - struct list_head sessions; + struct xarray sessions; unsigned long last_active; /* How many request are running currently */ atomic_t req_running; @@ -65,6 +60,7 @@ unsigned int outstanding_credits; spinlock_t credits_lock; wait_queue_head_t req_running_q; + wait_queue_head_t r_count_q; /* Lock to protect requests list*/ spinlock_t request_lock; struct list_head requests; @@ -72,12 +68,7 @@ int connection_type; struct ksmbd_stats stats; char ClientGUID[SMB2_CLIENT_GUID_SIZE]; - union { - /* pending trans request table */ - struct trans_state *recent_trans; - /* Used by ntlmssp */ - char *ntlmssp_cryptkey; - }; + struct ntlmssp_auth ntlmssp; spinlock_t llist_lock; struct list_head lock_list; @@ -122,7 +113,9 @@ struct ksmbd_transport_ops { int (*prepare)(struct ksmbd_transport *t); void (*disconnect)(struct ksmbd_transport *t); - int (*read)(struct ksmbd_transport *t, char *buf, unsigned int size); + void (*shutdown)(struct ksmbd_transport *t); + int (*read)(struct ksmbd_transport *t, char *buf, + unsigned int size, int max_retries); int (*writev)(struct ksmbd_transport *t, struct kvec *iovs, int niov, int size, bool need_invalidate_rkey, unsigned int remote_key); diff -ruw linux-5.15.42/fs/ksmbd/crypto_ctx.c linux-5.15.42-fbx/fs/ksmbd/crypto_ctx.c --- linux-5.15.42/fs/ksmbd/crypto_ctx.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/crypto_ctx.c 2024-04-22 14:46:57.124246691 +0200 @@ -81,6 +81,14 @@ case CRYPTO_SHASH_SHA512: tfm = crypto_alloc_shash("sha512", 0, 0); break; +#ifdef CONFIG_SMB_INSECURE_SERVER + case CRYPTO_SHASH_MD4: + tfm = crypto_alloc_shash("md4", 0, 0); + break; + case CRYPTO_SHASH_MD5: + tfm = crypto_alloc_shash("md5", 0, 0); + break; +#endif default: return NULL; } @@ -208,6 +216,18 @@ return ____crypto_shash_ctx_find(CRYPTO_SHASH_SHA512); } +#ifdef CONFIG_SMB_INSECURE_SERVER +struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_md4(void) +{ + return ____crypto_shash_ctx_find(CRYPTO_SHASH_MD4); +} + +struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_md5(void) +{ + return ____crypto_shash_ctx_find(CRYPTO_SHASH_MD5); +} + +#endif static struct ksmbd_crypto_ctx *____crypto_aead_ctx_find(int id) { struct ksmbd_crypto_ctx *ctx; diff -ruw linux-5.15.42/fs/ksmbd/crypto_ctx.h linux-5.15.42-fbx/fs/ksmbd/crypto_ctx.h --- linux-5.15.42/fs/ksmbd/crypto_ctx.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/crypto_ctx.h 2024-04-22 14:46:57.124246691 +0200 @@ -15,6 +15,10 @@ CRYPTO_SHASH_CMACAES, CRYPTO_SHASH_SHA256, CRYPTO_SHASH_SHA512, +#ifdef CONFIG_SMB_INSECURE_SERVER + CRYPTO_SHASH_MD4, + CRYPTO_SHASH_MD5, +#endif CRYPTO_SHASH_MAX, }; @@ -41,6 +45,10 @@ #define CRYPTO_CMACAES(c) ((c)->desc[CRYPTO_SHASH_CMACAES]) #define CRYPTO_SHA256(c) ((c)->desc[CRYPTO_SHASH_SHA256]) #define CRYPTO_SHA512(c) ((c)->desc[CRYPTO_SHASH_SHA512]) +#ifdef CONFIG_SMB_INSECURE_SERVER +#define CRYPTO_MD4(c) ((c)->desc[CRYPTO_SHASH_MD4]) +#define CRYPTO_MD5(c) ((c)->desc[CRYPTO_SHASH_MD5]) +#endif #define CRYPTO_HMACMD5_TFM(c) ((c)->desc[CRYPTO_SHASH_HMACMD5]->tfm) #define CRYPTO_HMACSHA256_TFM(c)\ @@ -48,6 +56,10 @@ #define CRYPTO_CMACAES_TFM(c) ((c)->desc[CRYPTO_SHASH_CMACAES]->tfm) #define CRYPTO_SHA256_TFM(c) ((c)->desc[CRYPTO_SHASH_SHA256]->tfm) #define CRYPTO_SHA512_TFM(c) ((c)->desc[CRYPTO_SHASH_SHA512]->tfm) +#ifdef CONFIG_SMB_INSECURE_SERVER +#define CRYPTO_MD4_TFM(c) ((c)->desc[CRYPTO_SHASH_MD4]->tfm) +#define CRYPTO_MD5_TFM(c) ((c)->desc[CRYPTO_SHASH_MD5]->tfm) +#endif #define CRYPTO_GCM(c) ((c)->ccmaes[CRYPTO_AEAD_AES_GCM]) #define CRYPTO_CCM(c) ((c)->ccmaes[CRYPTO_AEAD_AES_CCM]) @@ -58,6 +70,10 @@ struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_cmacaes(void); struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_sha512(void); struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_sha256(void); +#ifdef CONFIG_SMB_INSECURE_SERVER +struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_md4(void); +struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_md5(void); +#endif struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_gcm(void); struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_ccm(void); void ksmbd_crypto_destroy(void); diff -ruw linux-5.15.42/fs/ksmbd/glob.h linux-5.15.42-fbx/fs/ksmbd/glob.h --- linux-5.15.42/fs/ksmbd/glob.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/glob.h 2024-04-22 14:46:57.124246691 +0200 @@ -46,4 +46,9 @@ #define UNICODE_LEN(x) ((x) * 2) +#ifdef CONFIG_SMB_INSECURE_SERVER +/* ksmbd misc functions */ +extern void ntstatus_to_dos(__le32 ntstatus, __u8 *eclass, __le16 *ecode); +#endif + #endif /* __KSMBD_GLOB_H */ diff -ruw linux-5.15.42/fs/ksmbd/ksmbd_netlink.h linux-5.15.42-fbx/fs/ksmbd/ksmbd_netlink.h --- linux-5.15.42/fs/ksmbd/ksmbd_netlink.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/ksmbd_netlink.h 2024-04-22 14:46:57.124246691 +0200 @@ -104,7 +104,8 @@ */ __u32 sub_auth[3]; /* Subauth value for Security ID */ __u32 smb2_max_credits; /* MAX credits */ - __u32 reserved[128]; /* Reserved room */ + __u32 smbd_max_io_size; /* smbd read write size */ + __u32 reserved[127]; /* Reserved room */ __u32 ifc_list_sz; /* interfaces list size */ __s8 ____payload[]; }; @@ -162,7 +163,8 @@ __u16 force_directory_mode; __u16 force_uid; __u16 force_gid; - __u32 reserved[128]; /* Reserved room */ + __s8 share_name[KSMBD_REQ_MAX_SHARE_NAME]; + __u32 reserved[112]; /* Reserved room */ __u32 veto_list_sz; __s8 ____payload[]; }; @@ -348,6 +350,7 @@ #define KSMBD_SHARE_FLAG_STREAMS BIT(11) #define KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS BIT(12) #define KSMBD_SHARE_FLAG_ACL_XATTR BIT(13) +#define KSMBD_SHARE_FLAG_UPDATE BIT(14) /* * Tree connect request flags. @@ -363,6 +366,7 @@ #define KSMBD_TREE_CONN_FLAG_READ_ONLY BIT(1) #define KSMBD_TREE_CONN_FLAG_WRITABLE BIT(2) #define KSMBD_TREE_CONN_FLAG_ADMIN_ACCOUNT BIT(3) +#define KSMBD_TREE_CONN_FLAG_UPDATE BIT(4) /* * RPC over IPC. diff -ruw linux-5.15.42/fs/ksmbd/ksmbd_work.c linux-5.15.42-fbx/fs/ksmbd/ksmbd_work.c --- linux-5.15.42/fs/ksmbd/ksmbd_work.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/ksmbd_work.c 2024-04-22 14:46:57.124246691 +0200 @@ -69,7 +69,6 @@ void ksmbd_workqueue_destroy(void) { - flush_workqueue(ksmbd_wq); destroy_workqueue(ksmbd_wq); ksmbd_wq = NULL; } diff -ruw linux-5.15.42/fs/ksmbd/ksmbd_work.h linux-5.15.42-fbx/fs/ksmbd/ksmbd_work.h --- linux-5.15.42/fs/ksmbd/ksmbd_work.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/ksmbd_work.h 2024-04-22 14:46:57.124246691 +0200 @@ -92,7 +92,7 @@ */ static inline void *ksmbd_resp_buf_next(struct ksmbd_work *work) { - return work->response_buf + work->next_smb2_rsp_hdr_off; + return work->response_buf + work->next_smb2_rsp_hdr_off + 4; } /** @@ -101,7 +101,7 @@ */ static inline void *ksmbd_req_buf_next(struct ksmbd_work *work) { - return work->request_buf + work->next_smb2_rcv_hdr_off; + return work->request_buf + work->next_smb2_rcv_hdr_off + 4; } struct ksmbd_work *ksmbd_alloc_work_struct(void); diff -ruw linux-5.15.42/fs/ksmbd/mgmt/ksmbd_ida.c linux-5.15.42-fbx/fs/ksmbd/mgmt/ksmbd_ida.c --- linux-5.15.42/fs/ksmbd/mgmt/ksmbd_ida.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/mgmt/ksmbd_ida.c 2024-04-22 14:46:57.124246691 +0200 @@ -10,6 +10,13 @@ return ida_simple_get(ida, from, to, GFP_KERNEL); } +#ifdef CONFIG_SMB_INSECURE_SERVER +int ksmbd_acquire_smb1_tid(struct ida *ida) +{ + return __acquire_id(ida, 1, 0xFFFF); +} +#endif + int ksmbd_acquire_smb2_tid(struct ida *ida) { int id; @@ -18,6 +25,12 @@ return id; } +#ifdef CONFIG_SMB_INSECURE_SERVER +int ksmbd_acquire_smb1_uid(struct ida *ida) +{ + return __acquire_id(ida, 1, 0xFFFE); +} +#endif int ksmbd_acquire_smb2_uid(struct ida *ida) { diff -ruw linux-5.15.42/fs/ksmbd/mgmt/ksmbd_ida.h linux-5.15.42-fbx/fs/ksmbd/mgmt/ksmbd_ida.h --- linux-5.15.42/fs/ksmbd/mgmt/ksmbd_ida.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/mgmt/ksmbd_ida.h 2024-04-22 14:46:57.124246691 +0200 @@ -16,6 +16,9 @@ * The value 0xFFFF is used to specify all TIDs or no TID, * depending upon the context in which it is used. */ +#ifdef CONFIG_SMB_INSECURE_SERVER +int ksmbd_acquire_smb1_tid(struct ida *ida); +#endif int ksmbd_acquire_smb2_tid(struct ida *ida); /* @@ -25,6 +28,9 @@ * valid UID.<21> All other possible values for a UID, excluding * zero (0x0000), are valid. */ +#ifdef CONFIG_SMB_INSECURE_SERVER +int ksmbd_acquire_smb1_uid(struct ida *ida); +#endif int ksmbd_acquire_smb2_uid(struct ida *ida); int ksmbd_acquire_async_msg_id(struct ida *ida); diff -ruw linux-5.15.42/fs/ksmbd/mgmt/share_config.c linux-5.15.42-fbx/fs/ksmbd/mgmt/share_config.c --- linux-5.15.42/fs/ksmbd/mgmt/share_config.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/mgmt/share_config.c 2024-04-22 14:46:57.124246691 +0200 @@ -16,6 +16,7 @@ #include "user_config.h" #include "user_session.h" #include "../transport_ipc.h" +#include "../misc.h" #define SHARE_HASH_BITS 3 static DEFINE_HASHTABLE(shares_table, SHARE_HASH_BITS); @@ -26,7 +27,7 @@ struct list_head list; }; -static unsigned int share_name_hash(char *name) +static unsigned int share_name_hash(const char *name) { return jhash(name, strlen(name), 0); } @@ -51,12 +52,16 @@ kfree(share); } -void __ksmbd_share_config_put(struct ksmbd_share_config *share) +void ksmbd_share_config_del(struct ksmbd_share_config *share) { down_write(&shares_table_lock); hash_del(&share->hlist); up_write(&shares_table_lock); +} +void __ksmbd_share_config_put(struct ksmbd_share_config *share) +{ + ksmbd_share_config_del(share); kill_share(share); } @@ -68,7 +73,7 @@ return share; } -static struct ksmbd_share_config *__share_lookup(char *name) +static struct ksmbd_share_config *__share_lookup(const char *name) { struct ksmbd_share_config *share; unsigned int key = share_name_hash(name); @@ -115,7 +120,8 @@ return 0; } -static struct ksmbd_share_config *share_config_request(char *name) +static struct ksmbd_share_config *share_config_request(struct unicode_map *um, + const char *name) { struct ksmbd_share_config_response *resp; struct ksmbd_share_config *share = NULL; @@ -129,6 +135,19 @@ if (resp->flags == KSMBD_SHARE_FLAG_INVALID) goto out; + if (*resp->share_name) { + char *cf_resp_name; + bool equal; + + cf_resp_name = ksmbd_casefold_sharename(um, resp->share_name); + if (IS_ERR(cf_resp_name)) + goto out; + equal = !strcmp(cf_resp_name, name); + kfree(cf_resp_name); + if (!equal) + goto out; + } + share = kzalloc(sizeof(struct ksmbd_share_config), GFP_KERNEL); if (!share) goto out; @@ -186,20 +205,11 @@ return share; } -static void strtolower(char *share_name) -{ - while (*share_name) { - *share_name = tolower(*share_name); - share_name++; - } -} - -struct ksmbd_share_config *ksmbd_share_config_get(char *name) +struct ksmbd_share_config *ksmbd_share_config_get(struct unicode_map *um, + const char *name) { struct ksmbd_share_config *share; - strtolower(name); - down_read(&shares_table_lock); share = __share_lookup(name); if (share) @@ -208,7 +218,7 @@ if (share) return share; - return share_config_request(name); + return share_config_request(um, name); } bool ksmbd_share_veto_filename(struct ksmbd_share_config *share, @@ -222,17 +232,3 @@ } return false; } - -void ksmbd_share_configs_cleanup(void) -{ - struct ksmbd_share_config *share; - struct hlist_node *tmp; - int i; - - down_write(&shares_table_lock); - hash_for_each_safe(shares_table, i, tmp, share, hlist) { - hash_del(&share->hlist); - kill_share(share); - } - up_write(&shares_table_lock); -} diff -ruw linux-5.15.42/fs/ksmbd/mgmt/share_config.h linux-5.15.42-fbx/fs/ksmbd/mgmt/share_config.h --- linux-5.15.42/fs/ksmbd/mgmt/share_config.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/mgmt/share_config.h 2024-04-22 14:46:57.124246691 +0200 @@ -9,6 +9,7 @@ #include #include #include +#include struct ksmbd_share_config { char *name; @@ -64,6 +65,7 @@ return share->flags & flag; } +void ksmbd_share_config_del(struct ksmbd_share_config *share); void __ksmbd_share_config_put(struct ksmbd_share_config *share); static inline void ksmbd_share_config_put(struct ksmbd_share_config *share) @@ -73,9 +75,8 @@ __ksmbd_share_config_put(share); } -struct ksmbd_share_config *ksmbd_share_config_get(char *name); +struct ksmbd_share_config *ksmbd_share_config_get(struct unicode_map *um, + const char *name); bool ksmbd_share_veto_filename(struct ksmbd_share_config *share, const char *filename); -void ksmbd_share_configs_cleanup(void); - #endif /* __SHARE_CONFIG_MANAGEMENT_H__ */ diff -ruw linux-5.15.42/fs/ksmbd/mgmt/tree_connect.c linux-5.15.42-fbx/fs/ksmbd/mgmt/tree_connect.c --- linux-5.15.42/fs/ksmbd/mgmt/tree_connect.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/mgmt/tree_connect.c 2024-04-22 14:46:57.124246691 +0200 @@ -16,16 +16,17 @@ #include "user_session.h" struct ksmbd_tree_conn_status -ksmbd_tree_conn_connect(struct ksmbd_session *sess, char *share_name) +ksmbd_tree_conn_connect(struct ksmbd_conn *conn, struct ksmbd_session *sess, + char *share_name) { - struct ksmbd_tree_conn_status status = {-EINVAL, NULL}; + struct ksmbd_tree_conn_status status = {-ENOENT, NULL}; struct ksmbd_tree_connect_response *resp = NULL; struct ksmbd_share_config *sc; struct ksmbd_tree_connect *tree_conn = NULL; struct sockaddr *peer_addr; int ret; - sc = ksmbd_share_config_get(share_name); + sc = ksmbd_share_config_get(conn->um, share_name); if (!sc) return status; @@ -37,25 +38,45 @@ tree_conn->id = ksmbd_acquire_tree_conn_id(sess); if (tree_conn->id < 0) { + pr_err("Failed to acquire tree connect id(%d)\n", + tree_conn->id); status.ret = -EINVAL; goto out_error; } - peer_addr = KSMBD_TCP_PEER_SOCKADDR(sess->conn); + peer_addr = KSMBD_TCP_PEER_SOCKADDR(conn); resp = ksmbd_ipc_tree_connect_request(sess, sc, tree_conn, peer_addr); if (!resp) { + pr_err("Failed to request ipc tree connect\n"); status.ret = -EINVAL; goto out_error; } status.ret = resp->status; - if (status.ret != KSMBD_TREE_CONN_STATUS_OK) + if (status.ret != KSMBD_TREE_CONN_STATUS_OK) { + pr_err("status.ret(%d) is not KSMBD_TREE_CONN_STATUS_OK\n", + status.ret); goto out_error; + } tree_conn->flags = resp->connection_flags; + if (test_tree_conn_flag(tree_conn, KSMBD_TREE_CONN_FLAG_UPDATE)) { + struct ksmbd_share_config *new_sc; + + ksmbd_share_config_del(sc); + new_sc = ksmbd_share_config_get(conn->um, share_name); + if (!new_sc) { + pr_err("Failed to update stale share config\n"); + status.ret = -ESTALE; + goto out_error; + } + ksmbd_share_config_put(sc); + sc = new_sc; + } + tree_conn->user = sess->user; tree_conn->share_conf = sc; status.tree_conn = tree_conn; diff -ruw linux-5.15.42/fs/ksmbd/mgmt/tree_connect.h linux-5.15.42-fbx/fs/ksmbd/mgmt/tree_connect.h --- linux-5.15.42/fs/ksmbd/mgmt/tree_connect.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/mgmt/tree_connect.h 2024-04-22 14:46:57.124246691 +0200 @@ -12,6 +12,7 @@ struct ksmbd_share_config; struct ksmbd_user; +struct ksmbd_conn; struct ksmbd_tree_connect { int id; @@ -40,7 +41,8 @@ struct ksmbd_session; struct ksmbd_tree_conn_status -ksmbd_tree_conn_connect(struct ksmbd_session *sess, char *share_name); +ksmbd_tree_conn_connect(struct ksmbd_conn *conn, struct ksmbd_session *sess, + char *share_name); int ksmbd_tree_conn_disconnect(struct ksmbd_session *sess, struct ksmbd_tree_connect *tree_conn); diff -ruw linux-5.15.42/fs/ksmbd/mgmt/user_config.c linux-5.15.42-fbx/fs/ksmbd/mgmt/user_config.c --- linux-5.15.42/fs/ksmbd/mgmt/user_config.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/mgmt/user_config.c 2024-04-22 14:46:57.124246691 +0200 @@ -67,3 +67,13 @@ return 1; return 0; } + +bool ksmbd_compare_user(struct ksmbd_user *u1, struct ksmbd_user *u2) +{ + if (strcmp(u1->name, u2->name)) + return false; + if (memcmp(u1->passkey, u2->passkey, u1->passkey_sz)) + return false; + + return true; +} diff -ruw linux-5.15.42/fs/ksmbd/mgmt/user_config.h linux-5.15.42-fbx/fs/ksmbd/mgmt/user_config.h --- linux-5.15.42/fs/ksmbd/mgmt/user_config.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/mgmt/user_config.h 2024-04-22 14:46:57.124246691 +0200 @@ -64,4 +64,5 @@ struct ksmbd_user *ksmbd_alloc_user(struct ksmbd_login_response *resp); void ksmbd_free_user(struct ksmbd_user *user); int ksmbd_anonymous_user(struct ksmbd_user *user); +bool ksmbd_compare_user(struct ksmbd_user *u1, struct ksmbd_user *u2); #endif /* __USER_CONFIG_MANAGEMENT_H__ */ diff -ruw linux-5.15.42/fs/ksmbd/mgmt/user_session.c linux-5.15.42-fbx/fs/ksmbd/mgmt/user_session.c --- linux-5.15.42/fs/ksmbd/mgmt/user_session.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/mgmt/user_session.c 2024-04-22 14:46:57.124246691 +0200 @@ -32,11 +32,13 @@ { struct channel *chann, *tmp; + write_lock(&sess->chann_lock); list_for_each_entry_safe(chann, tmp, &sess->ksmbd_chann_list, chann_list) { list_del(&chann->chann_list); kfree(chann); } + write_unlock(&sess->chann_lock); } static void __session_rpc_close(struct ksmbd_session *sess, @@ -106,15 +108,17 @@ entry->method = method; entry->id = ksmbd_ipc_id_alloc(); if (entry->id < 0) - goto error; + goto free_entry; resp = ksmbd_rpc_open(sess, entry->id); if (!resp) - goto error; + goto free_id; kvfree(resp); return entry->id; -error: +free_id: + ksmbd_rpc_id_free(entry->id); +free_entry: list_del(&entry->list); kfree(entry); return -EINVAL; @@ -149,14 +153,17 @@ if (!sess) return; - if (!atomic_dec_and_test(&sess->refcnt)) - return; - - list_del(&sess->sessions_entry); - +#ifdef CONFIG_SMB_INSECURE_SERVER + if (hash_hashed(&sess->hlist)) { down_write(&sessions_table_lock); hash_del(&sess->hlist); up_write(&sessions_table_lock); + } +#else + down_write(&sessions_table_lock); + hash_del(&sess->hlist); + up_write(&sessions_table_lock); +#endif if (sess->user) ksmbd_free_user(sess->user); @@ -181,53 +188,70 @@ return NULL; } -void ksmbd_session_register(struct ksmbd_conn *conn, +int ksmbd_session_register(struct ksmbd_conn *conn, struct ksmbd_session *sess) { - sess->conn = conn; - list_add(&sess->sessions_entry, &conn->sessions); + sess->dialect = conn->dialect; + memcpy(sess->ClientGUID, conn->ClientGUID, SMB2_CLIENT_GUID_SIZE); + return xa_err(xa_store(&conn->sessions, sess->id, sess, GFP_KERNEL)); } -void ksmbd_sessions_deregister(struct ksmbd_conn *conn) +static int ksmbd_chann_del(struct ksmbd_conn *conn, struct ksmbd_session *sess) { - struct ksmbd_session *sess; - - while (!list_empty(&conn->sessions)) { - sess = list_entry(conn->sessions.next, - struct ksmbd_session, - sessions_entry); + struct channel *chann, *tmp; - ksmbd_session_destroy(sess); + write_lock(&sess->chann_lock); + list_for_each_entry_safe(chann, tmp, &sess->ksmbd_chann_list, + chann_list) { + if (chann->conn == conn) { + list_del(&chann->chann_list); + kfree(chann); + write_unlock(&sess->chann_lock); + return 0; } } + write_unlock(&sess->chann_lock); -static bool ksmbd_session_id_match(struct ksmbd_session *sess, - unsigned long long id) -{ - return sess->id == id; + return -ENOENT; } -struct ksmbd_session *ksmbd_session_lookup(struct ksmbd_conn *conn, - unsigned long long id) +void ksmbd_sessions_deregister(struct ksmbd_conn *conn) { - struct ksmbd_session *sess = NULL; + struct ksmbd_session *sess; - list_for_each_entry(sess, &conn->sessions, sessions_entry) { - if (ksmbd_session_id_match(sess, id)) - return sess; + if (conn->binding) { + int bkt; + + down_write(&sessions_table_lock); + hash_for_each(sessions_table, bkt, sess, hlist) { + if (!ksmbd_chann_del(conn, sess)) { + up_write(&sessions_table_lock); + goto sess_destroy; } - return NULL; } + up_write(&sessions_table_lock); + } else { + unsigned long id; -int get_session(struct ksmbd_session *sess) -{ - return atomic_inc_not_zero(&sess->refcnt); + xa_for_each(&conn->sessions, id, sess) { + if (!ksmbd_chann_del(conn, sess)) + goto sess_destroy; + } } -void put_session(struct ksmbd_session *sess) + return; + +sess_destroy: + if (list_empty(&sess->ksmbd_chann_list)) { + xa_erase(&conn->sessions, sess->id); + ksmbd_session_destroy(sess); + } +} + +struct ksmbd_session *ksmbd_session_lookup(struct ksmbd_conn *conn, + unsigned long long id) { - if (atomic_dec_and_test(&sess->refcnt)) - pr_err("get/%s seems to be mismatched.", __func__); + return xa_load(&conn->sessions, id); } struct ksmbd_session *ksmbd_session_lookup_slowpath(unsigned long long id) @@ -236,10 +260,6 @@ down_read(&sessions_table_lock); sess = __session_lookup(id); - if (sess) { - if (!get_session(sess)) - sess = NULL; - } up_read(&sessions_table_lock); return sess; @@ -253,6 +273,8 @@ sess = ksmbd_session_lookup(conn, id); if (!sess && conn->binding) sess = ksmbd_session_lookup_slowpath(id); + if (sess && sess->state != SMB2_SESSION_VALID) + sess = NULL; return sess; } @@ -291,6 +313,18 @@ return NULL; } +#ifdef CONFIG_SMB_INSECURE_SERVER +static int __init_smb1_session(struct ksmbd_session *sess) +{ + int id = ksmbd_acquire_smb1_uid(&session_ida); + + if (id < 0) + return -EINVAL; + sess->id = id; + return 0; +} + +#endif static int __init_smb2_session(struct ksmbd_session *sess) { int id = ksmbd_acquire_smb2_uid(&session_ida); @@ -314,14 +348,18 @@ goto error; set_session_flag(sess, protocol); - INIT_LIST_HEAD(&sess->sessions_entry); xa_init(&sess->tree_conns); INIT_LIST_HEAD(&sess->ksmbd_chann_list); INIT_LIST_HEAD(&sess->rpc_handle_list); sess->sequence_number = 1; - atomic_set(&sess->refcnt, 1); + rwlock_init(&sess->chann_lock); switch (protocol) { +#ifdef CONFIG_SMB_INSECURE_SERVER + case CIFDS_SESSION_FLAG_SMB1: + ret = __init_smb1_session(sess); + break; +#endif case CIFDS_SESSION_FLAG_SMB2: ret = __init_smb2_session(sess); break; @@ -347,6 +385,13 @@ return NULL; } +#ifdef CONFIG_SMB_INSECURE_SERVER +struct ksmbd_session *ksmbd_smb1_session_create(void) +{ + return __session_create(CIFDS_SESSION_FLAG_SMB1); +} +#endif + struct ksmbd_session *ksmbd_smb2_session_create(void) { return __session_create(CIFDS_SESSION_FLAG_SMB2); @@ -356,6 +401,10 @@ { int id = -EINVAL; +#ifdef CONFIG_SMB_INSECURE_SERVER + if (test_session_flag(sess, CIFDS_SESSION_FLAG_SMB1)) + id = ksmbd_acquire_smb1_tid(&sess->tree_conn_ida); +#endif if (test_session_flag(sess, CIFDS_SESSION_FLAG_SMB2)) id = ksmbd_acquire_smb2_tid(&sess->tree_conn_ida); diff -ruw linux-5.15.42/fs/ksmbd/mgmt/user_session.h linux-5.15.42-fbx/fs/ksmbd/mgmt/user_session.h --- linux-5.15.42/fs/ksmbd/mgmt/user_session.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/mgmt/user_session.h 2024-04-22 14:46:57.124246691 +0200 @@ -12,6 +12,9 @@ #include "../smb_common.h" #include "../ntlmssp.h" +#ifdef CONFIG_SMB_INSECURE_SERVER +#define CIFDS_SESSION_FLAG_SMB1 BIT(0) +#endif #define CIFDS_SESSION_FLAG_SMB2 BIT(1) #define PREAUTH_HASHVALUE_SIZE 64 @@ -33,8 +36,10 @@ struct ksmbd_session { u64 id; + __u16 dialect; + char ClientGUID[SMB2_CLIENT_GUID_SIZE]; + struct ksmbd_user *user; - struct ksmbd_conn *conn; unsigned int sequence_number; unsigned int flags; @@ -45,10 +50,10 @@ int state; __u8 *Preauth_HashValue; - struct ntlmssp_auth ntlmssp; char sess_key[CIFS_KEY_SIZE]; struct hlist_node hlist; + rwlock_t chann_lock; struct list_head ksmbd_chann_list; struct xarray tree_conns; struct ida tree_conn_ida; @@ -58,9 +63,7 @@ __u8 smb3decryptionkey[SMB3_ENC_DEC_KEY_SIZE]; __u8 smb3signingkey[SMB3_SIGN_KEY_SIZE]; - struct list_head sessions_entry; struct ksmbd_file_table file_table; - atomic_t refcnt; }; static inline int test_session_flag(struct ksmbd_session *sess, int bit) @@ -78,6 +81,9 @@ sess->flags &= ~bit; } +#ifdef CONFIG_SMB_INSECURE_SERVER +struct ksmbd_session *ksmbd_smb1_session_create(void); +#endif struct ksmbd_session *ksmbd_smb2_session_create(void); void ksmbd_session_destroy(struct ksmbd_session *sess); @@ -85,7 +91,7 @@ struct ksmbd_session *ksmbd_session_lookup_slowpath(unsigned long long id); struct ksmbd_session *ksmbd_session_lookup(struct ksmbd_conn *conn, unsigned long long id); -void ksmbd_session_register(struct ksmbd_conn *conn, +int ksmbd_session_register(struct ksmbd_conn *conn, struct ksmbd_session *sess); void ksmbd_sessions_deregister(struct ksmbd_conn *conn); struct ksmbd_session *ksmbd_session_lookup_all(struct ksmbd_conn *conn, @@ -101,6 +107,4 @@ int ksmbd_session_rpc_open(struct ksmbd_session *sess, char *rpc_name); void ksmbd_session_rpc_close(struct ksmbd_session *sess, int id); int ksmbd_session_rpc_method(struct ksmbd_session *sess, int id); -int get_session(struct ksmbd_session *sess); -void put_session(struct ksmbd_session *sess); #endif /* __USER_SESSION_MANAGEMENT_H__ */ diff -ruw linux-5.15.42/fs/ksmbd/misc.c linux-5.15.42-fbx/fs/ksmbd/misc.c --- linux-5.15.42/fs/ksmbd/misc.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/misc.c 2024-04-22 14:46:57.124246691 +0200 @@ -7,6 +7,7 @@ #include #include #include +#include #include "misc.h" #include "smb_common.h" @@ -158,19 +159,41 @@ * Return : windows path string or error */ -char *convert_to_nt_pathname(char *filename) +char *convert_to_nt_pathname(struct ksmbd_share_config *share, + const struct path *path) { - char *ab_pathname; + char *pathname, *ab_pathname, *nt_pathname; + int share_path_len = share->path_sz; - if (strlen(filename) == 0) - filename = "\\"; + pathname = kmalloc(PATH_MAX, GFP_KERNEL); + if (!pathname) + return ERR_PTR(-EACCES); - ab_pathname = kstrdup(filename, GFP_KERNEL); - if (!ab_pathname) - return NULL; + ab_pathname = d_path(path, pathname, PATH_MAX); + if (IS_ERR(ab_pathname)) { + nt_pathname = ERR_PTR(-EACCES); + goto free_pathname; + } + + if (strncmp(ab_pathname, share->path, share_path_len)) { + nt_pathname = ERR_PTR(-EACCES); + goto free_pathname; + } + + nt_pathname = kzalloc(strlen(&ab_pathname[share_path_len]) + 2, GFP_KERNEL); + if (!nt_pathname) { + nt_pathname = ERR_PTR(-ENOMEM); + goto free_pathname; + } + if (ab_pathname[share_path_len] == '\0') + strcpy(nt_pathname, "/"); + strcat(nt_pathname, &ab_pathname[share_path_len]); - ksmbd_conv_path_to_windows(ab_pathname); - return ab_pathname; + ksmbd_conv_path_to_windows(nt_pathname); + +free_pathname: + kfree(pathname); + return nt_pathname; } int get_nlink(struct kstat *st) @@ -204,26 +227,53 @@ strreplace(path, '/', '\\'); } +char *ksmbd_casefold_sharename(struct unicode_map *um, const char *name) +{ + char *cf_name; + int cf_len; + + cf_name = kzalloc(KSMBD_REQ_MAX_SHARE_NAME, GFP_KERNEL); + if (!cf_name) + return ERR_PTR(-ENOMEM); + + if (IS_ENABLED(CONFIG_UNICODE) && um) { + const struct qstr q_name = {.name = name, .len = strlen(name)}; + + cf_len = utf8_casefold(um, &q_name, cf_name, + KSMBD_REQ_MAX_SHARE_NAME); + if (cf_len < 0) + goto out_ascii; + + return cf_name; + } + +out_ascii: + cf_len = strscpy(cf_name, name, KSMBD_REQ_MAX_SHARE_NAME); + if (cf_len < 0) { + kfree(cf_name); + return ERR_PTR(-E2BIG); + } + + for (; *cf_name; ++cf_name) + *cf_name = isascii(*cf_name) ? tolower(*cf_name) : *cf_name; + return cf_name - cf_len; +} + /** * ksmbd_extract_sharename() - get share name from tree connect request * @treename: buffer containing tree name and share name * * Return: share name on success, otherwise error */ -char *ksmbd_extract_sharename(char *treename) +char *ksmbd_extract_sharename(struct unicode_map *um, const char *treename) { - char *name = treename; - char *dst; - char *pos = strrchr(name, '\\'); + const char *name = treename, *pos = strrchr(name, '\\'); if (pos) name = (pos + 1); /* caller has to free the memory */ - dst = kstrdup(name, GFP_KERNEL); - if (!dst) - return ERR_PTR(-ENOMEM); - return dst; + return ksmbd_casefold_sharename(um, name); } /** diff -ruw linux-5.15.42/fs/ksmbd/misc.h linux-5.15.42-fbx/fs/ksmbd/misc.h --- linux-5.15.42/fs/ksmbd/misc.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/misc.h 2024-04-22 14:46:57.124246691 +0200 @@ -14,12 +14,14 @@ int match_pattern(const char *str, size_t len, const char *pattern); int ksmbd_validate_filename(char *filename); int parse_stream_name(char *filename, char **stream_name, int *s_type); -char *convert_to_nt_pathname(char *filename); +char *convert_to_nt_pathname(struct ksmbd_share_config *share, + const struct path *path); int get_nlink(struct kstat *st); void ksmbd_conv_path_to_unix(char *path); void ksmbd_strip_last_slash(char *path); void ksmbd_conv_path_to_windows(char *path); -char *ksmbd_extract_sharename(char *treename); +char *ksmbd_casefold_sharename(struct unicode_map *um, const char *name); +char *ksmbd_extract_sharename(struct unicode_map *um, const char *treename); char *convert_to_unix_name(struct ksmbd_share_config *share, const char *name); #define KSMBD_DIR_INFO_ALIGNMENT 8 diff -ruw linux-5.15.42/fs/ksmbd/oplock.c linux-5.15.42-fbx/fs/ksmbd/oplock.c --- linux-5.15.42/fs/ksmbd/oplock.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/oplock.c 2024-04-22 14:46:57.128246800 +0200 @@ -10,6 +10,9 @@ #include "oplock.h" #include "smb_common.h" +#ifdef CONFIG_SMB_INSECURE_SERVER +#include "smb1pdu.h" +#endif #include "smbstatus.h" #include "connection.h" #include "mgmt/user_session.h" @@ -30,6 +33,7 @@ static struct oplock_info *alloc_opinfo(struct ksmbd_work *work, u64 id, __u16 Tid) { + struct ksmbd_conn *conn = work->conn; struct ksmbd_session *sess = work->sess; struct oplock_info *opinfo; @@ -38,12 +42,15 @@ return NULL; opinfo->sess = sess; - opinfo->conn = sess->conn; + opinfo->conn = conn; opinfo->level = SMB2_OPLOCK_LEVEL_NONE; opinfo->op_state = OPLOCK_STATE_NONE; opinfo->pending_break = 0; opinfo->fid = id; opinfo->Tid = Tid; +#ifdef CONFIG_SMB_INSECURE_SERVER + opinfo->is_smb2 = IS_SMB2(conn); +#endif INIT_LIST_HEAD(&opinfo->op_entry); INIT_LIST_HEAD(&opinfo->interim_list); init_waitqueue_head(&opinfo->oplock_q); @@ -402,10 +409,24 @@ { struct lease *lease = opinfo_new->o_lease; +#ifdef CONFIG_SMB_INSECURE_SERVER + if (opinfo_new->is_smb2) { if (req_oplock == SMB2_OPLOCK_LEVEL_BATCH) opinfo_new->level = SMB2_OPLOCK_LEVEL_BATCH; else opinfo_new->level = SMB2_OPLOCK_LEVEL_EXCLUSIVE; + } else { + if (req_oplock == REQ_BATCHOPLOCK) + opinfo_new->level = OPLOCK_BATCH; + else + opinfo_new->level = OPLOCK_EXCLUSIVE; + } +#else + if (req_oplock == SMB2_OPLOCK_LEVEL_BATCH) + opinfo_new->level = SMB2_OPLOCK_LEVEL_BATCH; + else + opinfo_new->level = SMB2_OPLOCK_LEVEL_EXCLUSIVE; +#endif if (lctx) { lease->state = lctx->req_state; @@ -425,7 +446,14 @@ { struct lease *lease = opinfo_new->o_lease; +#ifdef CONFIG_SMB_INSECURE_SERVER + if (opinfo_new->is_smb2) opinfo_new->level = SMB2_OPLOCK_LEVEL_II; + else + opinfo_new->level = OPLOCK_READ; +#else + opinfo_new->level = SMB2_OPLOCK_LEVEL_II; +#endif if (lctx) { lease->state = SMB2_LEASE_READ_CACHING_LE; @@ -447,7 +475,14 @@ { struct lease *lease = opinfo_new->o_lease; +#ifdef CONFIG_SMB_INSECURE_SERVER + if (opinfo_new->is_smb2) + opinfo_new->level = SMB2_OPLOCK_LEVEL_NONE; + else + opinfo_new->level = OPLOCK_NONE; +#else opinfo_new->level = SMB2_OPLOCK_LEVEL_NONE; +#endif if (lctx) { lease->state = 0; @@ -595,6 +630,111 @@ return 0; } +#ifdef CONFIG_SMB_INSECURE_SERVER +/** + * smb1_oplock_break_noti() - send smb1 oplock break cmd from conn + * to client + * @work: smb work object + * + * There are two ways this function can be called. 1- while file open we break + * from exclusive/batch lock to levelII oplock and 2- while file write/truncate + * we break from levelII oplock no oplock. + * work->request_buf contains oplock_info. + */ +static void __smb1_oplock_break_noti(struct work_struct *wk) +{ + struct ksmbd_work *work = container_of(wk, struct ksmbd_work, work); + struct ksmbd_conn *conn = work->conn; + struct smb_hdr *rsp_hdr; + struct smb_com_lock_req *req; + struct oplock_info *opinfo = work->request_buf; + + if (allocate_oplock_break_buf(work)) { + pr_err("smb_allocate_rsp_buf failed! "); + ksmbd_free_work_struct(work); + return; + } + + /* Init response header */ + rsp_hdr = work->response_buf; + /* wct is 8 for locking andx(18) */ + memset(rsp_hdr, 0, sizeof(struct smb_hdr) + 18); + rsp_hdr->smb_buf_length = + cpu_to_be32(conn->vals->header_size - 4 + 18); + rsp_hdr->Protocol[0] = 0xFF; + rsp_hdr->Protocol[1] = 'S'; + rsp_hdr->Protocol[2] = 'M'; + rsp_hdr->Protocol[3] = 'B'; + + rsp_hdr->Command = SMB_COM_LOCKING_ANDX; + /* we know unicode, long file name and use nt error codes */ + rsp_hdr->Flags2 = SMBFLG2_UNICODE | SMBFLG2_KNOWS_LONG_NAMES | + SMBFLG2_ERR_STATUS; + rsp_hdr->Uid = cpu_to_le16(work->sess->id); + rsp_hdr->Pid = cpu_to_le16(0xFFFF); + rsp_hdr->Mid = cpu_to_le16(0xFFFF); + rsp_hdr->Tid = cpu_to_le16(opinfo->Tid); + rsp_hdr->WordCount = 8; + + /* Init locking request */ + req = work->response_buf; + + req->AndXCommand = 0xFF; + req->AndXReserved = 0; + req->AndXOffset = 0; + req->Fid = opinfo->fid; + req->LockType = LOCKING_ANDX_OPLOCK_RELEASE; + if (!opinfo->open_trunc && + (opinfo->level == OPLOCK_BATCH || + opinfo->level == OPLOCK_EXCLUSIVE)) + req->OplockLevel = 1; + else + req->OplockLevel = 0; + req->Timeout = 0; + req->NumberOfUnlocks = 0; + req->ByteCount = 0; + ksmbd_debug(OPLOCK, "sending oplock break for fid %d lock level = %d\n", + req->Fid, req->OplockLevel); + + ksmbd_conn_write(work); + ksmbd_free_work_struct(work); + atomic_dec(&conn->r_count); +} + +/** + * smb1_oplock_break() - send smb1 exclusive/batch to level2 oplock + * break command from server to client + * @opinfo: oplock info object + * @ack_required if requiring ack + * + * Return: 0 on success, otherwise error + */ +static int smb1_oplock_break_noti(struct oplock_info *opinfo) +{ + struct ksmbd_conn *conn = opinfo->conn; + struct ksmbd_work *work = ksmbd_alloc_work_struct(); + + if (!work) + return -ENOMEM; + + work->request_buf = (char *)opinfo; + work->conn = conn; + + atomic_inc(&conn->r_count); + if (opinfo->op_state == OPLOCK_ACK_WAIT) { + INIT_WORK(&work->work, __smb1_oplock_break_noti); + ksmbd_queue_work(work); + + wait_for_break_ack(opinfo); + } else { + __smb1_oplock_break_noti(&work->work); + if (opinfo->level == OPLOCK_READ) + opinfo->level = OPLOCK_NONE; + } + return 0; +} +#endif + /** * __smb2_oplock_break_noti() - send smb2 oplock break cmd from conn * to client @@ -615,24 +755,19 @@ struct ksmbd_file *fp; fp = ksmbd_lookup_durable_fd(br_info->fid); - if (!fp) { - atomic_dec(&conn->r_count); - ksmbd_free_work_struct(work); - return; - } + if (!fp) + goto out; if (allocate_oplock_break_buf(work)) { pr_err("smb2_allocate_rsp_buf failed! "); - atomic_dec(&conn->r_count); ksmbd_fd_put(work, fp); - ksmbd_free_work_struct(work); - return; + goto out; } - rsp_hdr = work->response_buf; + rsp_hdr = smb2_get_msg(work->response_buf); memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2); - rsp_hdr->smb2_buf_length = - cpu_to_be32(smb2_hdr_size_no_buflen(conn->vals)); + *(__be32 *)work->response_buf = + cpu_to_be32(conn->vals->header_size); rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER; rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE; rsp_hdr->CreditRequest = cpu_to_le16(0); @@ -645,7 +780,7 @@ rsp_hdr->SessionId = 0; memset(rsp_hdr->Signature, 0, 16); - rsp = work->response_buf; + rsp = smb2_get_msg(work->response_buf); rsp->StructureSize = cpu_to_le16(24); if (!br_info->open_trunc && @@ -659,7 +794,7 @@ rsp->PersistentFid = cpu_to_le64(fp->persistent_id); rsp->VolatileFid = cpu_to_le64(fp->volatile_id); - inc_rfc1001_len(rsp, 24); + inc_rfc1001_len(work->response_buf, 24); ksmbd_debug(OPLOCK, "sending oplock break v_id %llu p_id = %llu lock level = %d\n", @@ -667,8 +802,16 @@ ksmbd_fd_put(work, fp); ksmbd_conn_write(work); + +out: ksmbd_free_work_struct(work); - atomic_dec(&conn->r_count); + /* + * Checking waitqueue to dropping pending requests on + * disconnection. waitqueue_active is safe because it + * uses atomic operation for condition. + */ + if (!atomic_dec_return(&conn->r_count) && waitqueue_active(&conn->r_count_q)) + wake_up(&conn->r_count_q); } /** @@ -731,15 +874,13 @@ if (allocate_oplock_break_buf(work)) { ksmbd_debug(OPLOCK, "smb2_allocate_rsp_buf failed! "); - ksmbd_free_work_struct(work); - atomic_dec(&conn->r_count); - return; + goto out; } - rsp_hdr = work->response_buf; + rsp_hdr = smb2_get_msg(work->response_buf); memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2); - rsp_hdr->smb2_buf_length = - cpu_to_be32(smb2_hdr_size_no_buflen(conn->vals)); + *(__be32 *)work->response_buf = + cpu_to_be32(conn->vals->header_size); rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER; rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE; rsp_hdr->CreditRequest = cpu_to_le16(0); @@ -752,7 +893,7 @@ rsp_hdr->SessionId = 0; memset(rsp_hdr->Signature, 0, 16); - rsp = work->response_buf; + rsp = smb2_get_msg(work->response_buf); rsp->StructureSize = cpu_to_le16(44); rsp->Epoch = br_info->epoch; rsp->Flags = 0; @@ -768,11 +909,19 @@ rsp->AccessMaskHint = 0; rsp->ShareMaskHint = 0; - inc_rfc1001_len(rsp, 44); + inc_rfc1001_len(work->response_buf, 44); ksmbd_conn_write(work); + +out: ksmbd_free_work_struct(work); - atomic_dec(&conn->r_count); + /* + * Checking waitqueue to dropping pending requests on + * disconnection. waitqueue_active is safe because it + * uses atomic operation for condition. + */ + if (!atomic_dec_return(&conn->r_count) && waitqueue_active(&conn->r_count_q)) + wake_up(&conn->r_count_q); } /** @@ -910,10 +1059,20 @@ brk_opinfo->op_state = OPLOCK_ACK_WAIT; } +#ifdef CONFIG_SMB_INSECURE_SERVER + if (brk_opinfo->is_smb2) + if (brk_opinfo->is_lease) + err = smb2_lease_break_noti(brk_opinfo); + else + err = smb2_oplock_break_noti(brk_opinfo); + else + err = smb1_oplock_break_noti(brk_opinfo); +#else if (brk_opinfo->is_lease) err = smb2_lease_break_noti(brk_opinfo); else err = smb2_oplock_break_noti(brk_opinfo); +#endif ksmbd_debug(OPLOCK, "oplock granted = %d\n", brk_opinfo->level); if (brk_opinfo->op_state == OPLOCK_CLOSING) @@ -972,7 +1131,7 @@ } list_for_each_entry(lb, &lease_table_list, l_entry) { - if (!memcmp(lb->client_guid, sess->conn->ClientGUID, + if (!memcmp(lb->client_guid, sess->ClientGUID, SMB2_CLIENT_GUID_SIZE)) goto found; } @@ -988,7 +1147,7 @@ rcu_read_unlock(); if (opinfo->o_fp->f_ci == ci) goto op_next; - err = compare_guid_key(opinfo, sess->conn->ClientGUID, + err = compare_guid_key(opinfo, sess->ClientGUID, lctx->lease_key); if (err) { err = -EINVAL; @@ -1055,6 +1214,10 @@ struct lease_ctx_info *lctx) { switch (level) { +#ifdef CONFIG_SMB_INSECURE_SERVER + case REQ_OPLOCK: + case REQ_BATCHOPLOCK: +#endif case SMB2_OPLOCK_LEVEL_BATCH: case SMB2_OPLOCK_LEVEL_EXCLUSIVE: grant_write_oplock(opinfo, level, lctx); @@ -1122,7 +1285,7 @@ struct oplock_info *m_opinfo; /* is lease already granted ? */ - m_opinfo = same_client_has_lease(ci, sess->conn->ClientGUID, + m_opinfo = same_client_has_lease(ci, sess->ClientGUID, lctx); if (m_opinfo) { copy_lease(m_opinfo, opinfo); @@ -1240,7 +1403,7 @@ { struct oplock_info *op, *brk_op; struct ksmbd_inode *ci; - struct ksmbd_conn *conn = work->sess->conn; + struct ksmbd_conn *conn = work->conn; if (!test_share_config_flag(work->tcon->share_conf, KSMBD_SHARE_FLAG_OPLOCKS)) @@ -1254,6 +1417,36 @@ if (!atomic_inc_not_zero(&brk_op->refcount)) continue; rcu_read_unlock(); + +#ifdef CONFIG_SMB_INSECURE_SERVER + if (brk_op->is_smb2) { + if (brk_op->is_lease && (brk_op->o_lease->state & + (~(SMB2_LEASE_READ_CACHING_LE | + SMB2_LEASE_HANDLE_CACHING_LE)))) { + ksmbd_debug(OPLOCK, + "unexpected lease state(0x%x)\n", + brk_op->o_lease->state); + goto next; + } else if (brk_op->level != + SMB2_OPLOCK_LEVEL_II) { + ksmbd_debug(OPLOCK, "unexpected oplock(0x%x)\n", + brk_op->level); + goto next; + } + + /* Skip oplock being break to none */ + if (brk_op->is_lease && + brk_op->o_lease->new_state == SMB2_LEASE_NONE_LE && + atomic_read(&brk_op->breaking_cnt)) + goto next; + } else { + if (brk_op->level != OPLOCK_READ) { + ksmbd_debug(OPLOCK, "unexpected oplock(0x%x)\n", + brk_op->level); + goto next; + } + } +#else if (brk_op->is_lease && (brk_op->o_lease->state & (~(SMB2_LEASE_READ_CACHING_LE | SMB2_LEASE_HANDLE_CACHING_LE)))) { @@ -1272,6 +1465,7 @@ brk_op->o_lease->new_state == SMB2_LEASE_NONE_LE && atomic_read(&brk_op->breaking_cnt)) goto next; +#endif if (op && op->is_lease && brk_op->is_lease && !memcmp(conn->ClientGUID, brk_op->conn->ClientGUID, @@ -1398,7 +1592,7 @@ if (!lreq) return NULL; - data_offset = (char *)req + 4 + le32_to_cpu(req->CreateContextsOffset); + data_offset = (char *)req + le32_to_cpu(req->CreateContextsOffset); cc = (struct create_context *)data_offset; do { cc = (struct create_context *)((char *)cc + next); @@ -1462,7 +1656,7 @@ * CreateContextsOffset and CreateContextsLength are guaranteed to * be valid because of ksmbd_smb2_check_message(). */ - cc = (struct create_context *)((char *)req + 4 + + cc = (struct create_context *)((char *)req + le32_to_cpu(req->CreateContextsOffset)); remain_len = le32_to_cpu(req->CreateContextsLength); do { @@ -1700,33 +1894,3 @@ read_unlock(&lease_list_lock); return ret_op; } - -int smb2_check_durable_oplock(struct ksmbd_file *fp, - struct lease_ctx_info *lctx, char *name) -{ - struct oplock_info *opinfo = opinfo_get(fp); - int ret = 0; - - if (opinfo && opinfo->is_lease) { - if (!lctx) { - pr_err("open does not include lease\n"); - ret = -EBADF; - goto out; - } - if (memcmp(opinfo->o_lease->lease_key, lctx->lease_key, - SMB2_LEASE_KEY_SIZE)) { - pr_err("invalid lease key\n"); - ret = -EBADF; - goto out; - } - if (name && strcmp(fp->filename, name)) { - pr_err("invalid name reconnect %s\n", name); - ret = -EINVAL; - goto out; - } - } -out: - if (opinfo) - opinfo_put(opinfo); - return ret; -} diff -ruw linux-5.15.42/fs/ksmbd/oplock.h linux-5.15.42-fbx/fs/ksmbd/oplock.h --- linux-5.15.42/fs/ksmbd/oplock.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/oplock.h 2024-04-22 14:46:57.128246800 +0200 @@ -11,6 +11,14 @@ #define OPLOCK_WAIT_TIME (35 * HZ) +#ifdef CONFIG_SMB_INSECURE_SERVER +/* SMB Oplock levels */ +#define OPLOCK_NONE 0 +#define OPLOCK_EXCLUSIVE 1 +#define OPLOCK_BATCH 2 +#define OPLOCK_READ 3 /* level 2 oplock */ +#endif + /* SMB2 Oplock levels */ #define SMB2_OPLOCK_LEVEL_NONE 0x00 #define SMB2_OPLOCK_LEVEL_II 0x01 @@ -71,6 +79,9 @@ atomic_t refcount; __u16 Tid; bool is_lease; +#ifdef CONFIG_SMB_INSECURE_SERVER + bool is_smb2; +#endif bool open_trunc; /* truncate on open */ struct lease *o_lease; struct list_head interim_list; @@ -126,6 +137,4 @@ int find_same_lease_key(struct ksmbd_session *sess, struct ksmbd_inode *ci, struct lease_ctx_info *lctx); void destroy_lease_table(struct ksmbd_conn *conn); -int smb2_check_durable_oplock(struct ksmbd_file *fp, - struct lease_ctx_info *lctx, char *name); #endif /* __KSMBD_OPLOCK_H */ diff -ruw linux-5.15.42/fs/ksmbd/server.c linux-5.15.42-fbx/fs/ksmbd/server.c --- linux-5.15.42/fs/ksmbd/server.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/server.c 2024-04-22 14:46:57.128246800 +0200 @@ -235,10 +235,8 @@ if (work->sess && work->sess->enc && work->encrypted && conn->ops->encrypt_resp) { rc = conn->ops->encrypt_resp(work); - if (rc < 0) { + if (rc < 0) conn->ops->set_rsp_status(work, STATUS_DATA_ERROR); - goto send; - } } ksmbd_conn_write(work); @@ -261,7 +259,13 @@ ksmbd_conn_try_dequeue_request(work); ksmbd_free_work_struct(work); - atomic_dec(&conn->r_count); + /* + * Checking waitqueue to dropping pending requests on + * disconnection. waitqueue_active is safe because it + * uses atomic operation for condition. + */ + if (!atomic_dec_return(&conn->r_count) && waitqueue_active(&conn->r_count_q)) + wake_up(&conn->r_count_q); } /** @@ -622,7 +626,9 @@ MODULE_LICENSE("GPL"); MODULE_SOFTDEP("pre: ecb"); MODULE_SOFTDEP("pre: hmac"); +#ifdef CONFIG_SMB_INSECURE_SERVER MODULE_SOFTDEP("pre: md4"); +#endif MODULE_SOFTDEP("pre: md5"); MODULE_SOFTDEP("pre: nls"); MODULE_SOFTDEP("pre: aes"); diff -ruw linux-5.15.42/fs/ksmbd/smb2misc.c linux-5.15.42-fbx/fs/ksmbd/smb2misc.c --- linux-5.15.42/fs/ksmbd/smb2misc.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/smb2misc.c 2024-04-22 14:46:57.128246800 +0200 @@ -91,11 +91,6 @@ *off = 0; *len = 0; - /* error reqeusts do not have data area */ - if (hdr->Status && hdr->Status != STATUS_MORE_PROCESSING_REQUIRED && - (((struct smb2_err_rsp *)hdr)->StructureSize) == SMB2_ERROR_STRUCTURE_SIZE2_LE) - return ret; - /* * Following commands have data areas so we have to get the location * of the data buffer offset and data buffer length for the particular @@ -137,8 +132,11 @@ *len = le16_to_cpu(((struct smb2_read_req *)hdr)->ReadChannelInfoLength); break; case SMB2_WRITE: - if (((struct smb2_write_req *)hdr)->DataOffset) { - *off = le16_to_cpu(((struct smb2_write_req *)hdr)->DataOffset); + if (((struct smb2_write_req *)hdr)->DataOffset || + ((struct smb2_write_req *)hdr)->Length) { + *off = max_t(unsigned int, + le16_to_cpu(((struct smb2_write_req *)hdr)->DataOffset), + offsetof(struct smb2_write_req, Buffer)); *len = le32_to_cpu(((struct smb2_write_req *)hdr)->Length); break; } @@ -152,15 +150,11 @@ break; case SMB2_LOCK: { - int lock_count; + unsigned short lock_count; - /* - * smb2_lock request size is 48 included single - * smb2_lock_element structure size. - */ - lock_count = le16_to_cpu(((struct smb2_lock_req *)hdr)->LockCount) - 1; + lock_count = le16_to_cpu(((struct smb2_lock_req *)hdr)->LockCount); if (lock_count > 0) { - *off = __SMB2_HEADER_STRUCTURE_SIZE + 48; + *off = offsetof(struct smb2_lock_req, locks); *len = sizeof(struct smb2_lock_element) * lock_count; } break; @@ -339,7 +333,7 @@ ret = 1; } - if ((u64)conn->outstanding_credits + credit_charge > conn->vals->max_credits) { + if ((u64)conn->outstanding_credits + credit_charge > conn->total_credits) { ksmbd_debug(SMB, "Limits exceeding the maximum allowable outstanding requests, given : %u, pending : %u\n", credit_charge, conn->outstanding_credits); ret = 1; @@ -353,16 +347,11 @@ int ksmbd_smb2_check_message(struct ksmbd_work *work) { - struct smb2_pdu *pdu = work->request_buf; + struct smb2_pdu *pdu = ksmbd_req_buf_next(work); struct smb2_hdr *hdr = &pdu->hdr; int command; __u32 clc_len; /* calculated length */ - __u32 len = get_rfc1002_len(pdu); - - if (work->next_smb2_rcv_hdr_off) { - pdu = ksmbd_req_buf_next(work); - hdr = &pdu->hdr; - } + __u32 len = get_rfc1002_len(work->request_buf); if (le32_to_cpu(hdr->NextCommand) > 0) len = le32_to_cpu(hdr->NextCommand); diff -ruw linux-5.15.42/fs/ksmbd/smb2ops.c linux-5.15.42-fbx/fs/ksmbd/smb2ops.c --- linux-5.15.42/fs/ksmbd/smb2ops.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/smb2ops.c 2024-04-22 14:46:57.128246800 +0200 @@ -13,6 +13,34 @@ #include "smb_common.h" #include "server.h" +#ifdef CONFIG_SMB_INSECURE_SERVER +static struct smb_version_values smb20_server_values = { + .version_string = SMB20_VERSION_STRING, + .protocol_id = SMB20_PROT_ID, + .capabilities = 0, + .max_read_size = CIFS_DEFAULT_IOSIZE, + .max_write_size = CIFS_DEFAULT_IOSIZE, + .max_trans_size = CIFS_DEFAULT_IOSIZE, + .max_credits = SMB2_MAX_CREDITS, + .large_lock_type = 0, + .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE, + .shared_lock_type = SMB2_LOCKFLAG_SHARED, + .unlock_lock_type = SMB2_LOCKFLAG_UNLOCK, + .header_size = sizeof(struct smb2_hdr), + .max_header_size = MAX_SMB2_HDR_SIZE, + .read_rsp_size = sizeof(struct smb2_read_rsp) - 1, + .lock_cmd = SMB2_LOCK, + .cap_unix = 0, + .cap_nt_find = SMB2_NT_FIND, + .cap_large_files = SMB2_LARGE_FILES, + .create_lease_size = sizeof(struct create_lease), + .create_durable_size = sizeof(struct create_durable_rsp), + .create_mxac_size = sizeof(struct create_mxac_rsp), + .create_disk_id_size = sizeof(struct create_disk_id_rsp), + .create_posix_size = sizeof(struct create_posix_rsp), +}; + +#endif static struct smb_version_values smb21_server_values = { .version_string = SMB21_VERSION_STRING, .protocol_id = SMB21_PROT_ID, @@ -191,6 +219,23 @@ [SMB2_CHANGE_NOTIFY_HE] = { .proc = smb2_notify}, }; +#ifdef CONFIG_SMB_INSECURE_SERVER +/** + * init_smb2_0_server() - initialize a smb server connection with smb2.0 + * command dispatcher + * @conn: connection instance + */ +int init_smb2_0_server(struct ksmbd_conn *conn) +{ + conn->vals = &smb20_server_values; + conn->ops = &smb2_0_server_ops; + conn->cmds = smb2_0_server_cmds; + conn->max_cmds = ARRAY_SIZE(smb2_0_server_cmds); + conn->signing_algorithm = SIGNING_ALG_HMAC_SHA256; + return 0; +} + +#endif /** * init_smb2_1_server() - initialize a smb server connection with smb2.1 * command dispatcher @@ -308,6 +353,9 @@ void init_smb2_max_credits(unsigned int sz) { +#ifdef CONFIG_SMB_INSECURE_SERVER + smb20_server_values.max_credits = sz; +#endif smb21_server_values.max_credits = sz; smb30_server_values.max_credits = sz; smb302_server_values.max_credits = sz; diff -ruw linux-5.15.42/fs/ksmbd/smb2pdu.c linux-5.15.42-fbx/fs/ksmbd/smb2pdu.c --- linux-5.15.42/fs/ksmbd/smb2pdu.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/smb2pdu.c 2024-04-22 14:46:57.132246909 +0200 @@ -45,8 +45,8 @@ *req = ksmbd_req_buf_next(work); *rsp = ksmbd_resp_buf_next(work); } else { - *req = work->request_buf; - *rsp = work->response_buf; + *req = smb2_get_msg(work->request_buf); + *rsp = smb2_get_msg(work->response_buf); } } @@ -94,13 +94,14 @@ */ int smb2_get_ksmbd_tcon(struct ksmbd_work *work) { - struct smb2_hdr *req_hdr = work->request_buf; + struct smb2_hdr *req_hdr = smb2_get_msg(work->request_buf); + unsigned int cmd = le16_to_cpu(req_hdr->Command); int tree_id; work->tcon = NULL; - if (work->conn->ops->get_cmd_val(work) == SMB2_TREE_CONNECT_HE || - work->conn->ops->get_cmd_val(work) == SMB2_CANCEL_HE || - work->conn->ops->get_cmd_val(work) == SMB2_LOGOFF_HE) { + if (cmd == SMB2_TREE_CONNECT_HE || + cmd == SMB2_CANCEL_HE || + cmd == SMB2_LOGOFF_HE) { ksmbd_debug(SMB, "skip to check tree connect request\n"); return 0; } @@ -131,7 +132,7 @@ if (work->next_smb2_rcv_hdr_off) err_rsp = ksmbd_resp_buf_next(work); else - err_rsp = work->response_buf; + err_rsp = smb2_get_msg(work->response_buf); if (err_rsp->hdr.Status != STATUS_STOPPED_ON_SYMLINK) { err_rsp->StructureSize = SMB2_ERROR_STRUCTURE_SIZE2_LE; @@ -151,7 +152,7 @@ */ bool is_smb2_neg_cmd(struct ksmbd_work *work) { - struct smb2_hdr *hdr = work->request_buf; + struct smb2_hdr *hdr = smb2_get_msg(work->request_buf); /* is it SMB2 header ? */ if (hdr->ProtocolId != SMB2_PROTO_NUMBER) @@ -175,7 +176,7 @@ */ bool is_smb2_rsp(struct ksmbd_work *work) { - struct smb2_hdr *hdr = work->response_buf; + struct smb2_hdr *hdr = smb2_get_msg(work->response_buf); /* is it SMB2 header ? */ if (hdr->ProtocolId != SMB2_PROTO_NUMBER) @@ -201,7 +202,7 @@ if (work->next_smb2_rcv_hdr_off) rcv_hdr = ksmbd_req_buf_next(work); else - rcv_hdr = work->request_buf; + rcv_hdr = smb2_get_msg(work->request_buf); return le16_to_cpu(rcv_hdr->Command); } @@ -217,7 +218,7 @@ if (work->next_smb2_rcv_hdr_off) rsp_hdr = ksmbd_resp_buf_next(work); else - rsp_hdr = work->response_buf; + rsp_hdr = smb2_get_msg(work->response_buf); rsp_hdr->Status = err; smb2_set_err_rsp(work); } @@ -238,13 +239,11 @@ if (conn->need_neg == false) return -EINVAL; - rsp_hdr = work->response_buf; + *(__be32 *)work->response_buf = + cpu_to_be32(conn->vals->header_size); + rsp_hdr = smb2_get_msg(work->response_buf); memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2); - - rsp_hdr->smb2_buf_length = - cpu_to_be32(smb2_hdr_size_no_buflen(conn->vals)); - rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER; rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE; rsp_hdr->CreditRequest = cpu_to_le16(2); @@ -257,7 +256,7 @@ rsp_hdr->SessionId = 0; memset(rsp_hdr->Signature, 0, 16); - rsp = work->response_buf; + rsp = smb2_get_msg(work->response_buf); WARN_ON(ksmbd_conn_good(work)); @@ -278,10 +277,10 @@ rsp->SecurityBufferOffset = cpu_to_le16(128); rsp->SecurityBufferLength = cpu_to_le16(AUTH_GSS_LENGTH); - ksmbd_copy_gss_neg_header(((char *)(&rsp->hdr) + - sizeof(rsp->hdr.smb2_buf_length)) + + ksmbd_copy_gss_neg_header((char *)(&rsp->hdr) + le16_to_cpu(rsp->SecurityBufferOffset)); - inc_rfc1001_len(rsp, sizeof(struct smb2_negotiate_rsp) - + inc_rfc1001_len(work->response_buf, + sizeof(struct smb2_negotiate_rsp) - sizeof(struct smb2_hdr) - sizeof(rsp->Buffer) + AUTH_GSS_LENGTH); rsp->SecurityMode = SMB2_NEGOTIATE_SIGNING_ENABLED_LE; @@ -380,12 +379,8 @@ * command in the compound request */ if (req->Command == SMB2_CREATE && rsp->Status == STATUS_SUCCESS) { - work->compound_fid = - le64_to_cpu(((struct smb2_create_rsp *)rsp)-> - VolatileFileId); - work->compound_pfid = - le64_to_cpu(((struct smb2_create_rsp *)rsp)-> - PersistentFileId); + work->compound_fid = ((struct smb2_create_rsp *)rsp)->VolatileFileId; + work->compound_pfid = ((struct smb2_create_rsp *)rsp)->PersistentFileId; work->compound_sid = le64_to_cpu(rsp->SessionId); } @@ -393,8 +388,8 @@ next_hdr_offset = le32_to_cpu(req->NextCommand); new_len = ALIGN(len, 8); - inc_rfc1001_len(work->response_buf, ((sizeof(struct smb2_hdr) - 4) - + new_len - len)); + inc_rfc1001_len(work->response_buf, + sizeof(struct smb2_hdr) + new_len - len); rsp->NextCommand = cpu_to_le32(new_len); work->next_smb2_rcv_hdr_off += next_hdr_offset; @@ -412,7 +407,7 @@ work->compound_fid = KSMBD_NO_FID; work->compound_pfid = KSMBD_NO_FID; } - memset((char *)rsp_hdr + 4, 0, sizeof(struct smb2_hdr) + 2); + memset((char *)rsp_hdr, 0, sizeof(struct smb2_hdr) + 2); rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER; rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE; rsp_hdr->Command = rcv_hdr->Command; @@ -438,7 +433,7 @@ */ bool is_chained_smb2_message(struct ksmbd_work *work) { - struct smb2_hdr *hdr = work->request_buf; + struct smb2_hdr *hdr = smb2_get_msg(work->request_buf); unsigned int len, next_cmd; if (hdr->ProtocolId != SMB2_PROTO_NUMBER) @@ -489,13 +484,13 @@ */ int init_smb2_rsp_hdr(struct ksmbd_work *work) { - struct smb2_hdr *rsp_hdr = work->response_buf; - struct smb2_hdr *rcv_hdr = work->request_buf; + struct smb2_hdr *rsp_hdr = smb2_get_msg(work->response_buf); + struct smb2_hdr *rcv_hdr = smb2_get_msg(work->request_buf); struct ksmbd_conn *conn = work->conn; memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2); - rsp_hdr->smb2_buf_length = - cpu_to_be32(smb2_hdr_size_no_buflen(conn->vals)); + *(__be32 *)work->response_buf = + cpu_to_be32(conn->vals->header_size); rsp_hdr->ProtocolId = rcv_hdr->ProtocolId; rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE; rsp_hdr->Command = rcv_hdr->Command; @@ -528,7 +523,7 @@ */ int smb2_allocate_rsp_buf(struct ksmbd_work *work) { - struct smb2_hdr *hdr = work->request_buf; + struct smb2_hdr *hdr = smb2_get_msg(work->request_buf); size_t small_sz = MAX_CIFS_SMALL_BUFFER_SIZE; size_t large_sz = small_sz + work->conn->vals->max_trans_size; size_t sz = small_sz; @@ -540,10 +535,11 @@ if (cmd == SMB2_QUERY_INFO_HE) { struct smb2_query_info_req *req; - req = work->request_buf; - if (req->InfoType == SMB2_O_INFO_FILE && + req = smb2_get_msg(work->request_buf); + if ((req->InfoType == SMB2_O_INFO_FILE && (req->FileInfoClass == FILE_FULL_EA_INFORMATION || - req->FileInfoClass == FILE_ALL_INFORMATION)) + req->FileInfoClass == FILE_ALL_INFORMATION)) || + req->InfoType == SMB2_O_INFO_SECURITY) sz = large_sz; } @@ -567,7 +563,7 @@ */ int smb2_check_user_session(struct ksmbd_work *work) { - struct smb2_hdr *req_hdr = work->request_buf; + struct smb2_hdr *req_hdr = smb2_get_msg(work->request_buf); struct ksmbd_conn *conn = work->conn; unsigned int cmd = conn->ops->get_cmd_val(work); unsigned long long sess_id; @@ -594,10 +590,12 @@ return -EINVAL; } -static void destroy_previous_session(struct ksmbd_user *user, u64 id) +static void destroy_previous_session(struct ksmbd_conn *conn, + struct ksmbd_user *user, u64 id) { struct ksmbd_session *prev_sess = ksmbd_session_lookup_slowpath(id); struct ksmbd_user *prev_user; + struct channel *chann; if (!prev_sess) return; @@ -607,18 +605,18 @@ if (!prev_user || strcmp(user->name, prev_user->name) || user->passkey_sz != prev_user->passkey_sz || - memcmp(user->passkey, prev_user->passkey, user->passkey_sz)) { - put_session(prev_sess); + memcmp(user->passkey, prev_user->passkey, user->passkey_sz)) return; - } - put_session(prev_sess); - ksmbd_session_destroy(prev_sess); + prev_sess->state = SMB2_SESSION_EXPIRED; + write_lock(&prev_sess->chann_lock); + list_for_each_entry(chann, &prev_sess->ksmbd_chann_list, chann_list) + chann->conn->status = KSMBD_SESS_EXITING; + write_unlock(&prev_sess->chann_lock); } /** * smb2_get_name() - get filename string from on the wire smb format - * @share: ksmbd_share_config pointer * @src: source buffer * @maxlen: maxlen of source string * @nls_table: nls_table pointer @@ -626,8 +624,7 @@ * Return: matching converted filename on success, otherwise error ptr */ static char * -smb2_get_name(struct ksmbd_share_config *share, const char *src, - const int maxlen, struct nls_table *local_nls) +smb2_get_name(const char *src, const int maxlen, struct nls_table *local_nls) { char *name; @@ -648,7 +645,7 @@ struct ksmbd_conn *conn = work->conn; int id; - rsp_hdr = work->response_buf; + rsp_hdr = smb2_get_msg(work->response_buf); rsp_hdr->Flags |= SMB2_FLAGS_ASYNC_COMMAND; id = ksmbd_acquire_async_msg_id(&conn->async_ida); @@ -680,7 +677,7 @@ { struct smb2_hdr *rsp_hdr; - rsp_hdr = work->response_buf; + rsp_hdr = smb2_get_msg(work->response_buf); smb2_set_err_rsp(work); rsp_hdr->Status = status; @@ -808,11 +805,11 @@ } static void assemble_neg_contexts(struct ksmbd_conn *conn, - struct smb2_negotiate_rsp *rsp) + struct smb2_negotiate_rsp *rsp, + void *smb2_buf_len) { - /* +4 is to account for the RFC1001 len field */ char *pneg_ctxt = (char *)rsp + - le32_to_cpu(rsp->NegotiateContextOffset) + 4; + le32_to_cpu(rsp->NegotiateContextOffset); int neg_ctxt_cnt = 1; int ctxt_size; @@ -821,7 +818,7 @@ build_preauth_ctxt((struct smb2_preauth_neg_context *)pneg_ctxt, conn->preauth_info->Preauth_HashId); rsp->NegotiateContextCount = cpu_to_le16(neg_ctxt_cnt); - inc_rfc1001_len(rsp, AUTH_GSS_PADDING); + inc_rfc1001_len(smb2_buf_len, AUTH_GSS_PADDING); ctxt_size = sizeof(struct smb2_preauth_neg_context); /* Round to 8 byte boundary */ pneg_ctxt += round_up(sizeof(struct smb2_preauth_neg_context), 8); @@ -875,7 +872,7 @@ ctxt_size += sizeof(struct smb2_signing_capabilities) + 2; } - inc_rfc1001_len(rsp, ctxt_size); + inc_rfc1001_len(smb2_buf_len, ctxt_size); } static __le32 decode_preauth_ctxt(struct ksmbd_conn *conn, @@ -929,7 +926,7 @@ * * Return: true if connection should be encrypted, else false */ -static bool smb3_encryption_negotiated(struct ksmbd_conn *conn) +bool smb3_encryption_negotiated(struct ksmbd_conn *conn) { if (!conn->ops->generate_encryptionkey) return false; @@ -977,14 +974,14 @@ } static __le32 deassemble_neg_contexts(struct ksmbd_conn *conn, - struct smb2_negotiate_req *req) + struct smb2_negotiate_req *req, + int len_of_smb) { /* +4 is to account for the RFC1001 len field */ - struct smb2_neg_context *pctx = (struct smb2_neg_context *)((char *)req + 4); + struct smb2_neg_context *pctx = (struct smb2_neg_context *)req; int i = 0, len_of_ctxts; int offset = le32_to_cpu(req->NegotiateContextOffset); int neg_ctxt_cnt = le16_to_cpu(req->NegotiateContextCount); - int len_of_smb = be32_to_cpu(req->hdr.smb2_buf_length); __le32 status = STATUS_INVALID_PARAMETER; ksmbd_debug(SMB, "decoding %d negotiate contexts\n", neg_ctxt_cnt); @@ -1069,8 +1066,8 @@ int smb2_handle_negotiate(struct ksmbd_work *work) { struct ksmbd_conn *conn = work->conn; - struct smb2_negotiate_req *req = work->request_buf; - struct smb2_negotiate_rsp *rsp = work->response_buf; + struct smb2_negotiate_req *req = smb2_get_msg(work->request_buf); + struct smb2_negotiate_rsp *rsp = smb2_get_msg(work->response_buf); int rc = 0; unsigned int smb2_buf_len, smb2_neg_size; __le32 status; @@ -1091,7 +1088,7 @@ } smb2_buf_len = get_rfc1002_len(work->request_buf); - smb2_neg_size = offsetof(struct smb2_negotiate_req, Dialects) - 4; + smb2_neg_size = offsetof(struct smb2_negotiate_req, Dialects); if (smb2_neg_size > smb2_buf_len) { rsp->hdr.Status = STATUS_INVALID_PARAMETER; rc = -EINVAL; @@ -1140,18 +1137,23 @@ goto err_out; } - status = deassemble_neg_contexts(conn, req); + status = deassemble_neg_contexts(conn, req, + get_rfc1002_len(work->request_buf)); if (status != STATUS_SUCCESS) { pr_err("deassemble_neg_contexts error(0x%x)\n", status); rsp->hdr.Status = status; rc = -EINVAL; + kfree(conn->preauth_info); + conn->preauth_info = NULL; goto err_out; } rc = init_smb3_11_server(conn); if (rc < 0) { rsp->hdr.Status = STATUS_INVALID_PARAMETER; + kfree(conn->preauth_info); + conn->preauth_info = NULL; goto err_out; } @@ -1160,7 +1162,7 @@ conn->preauth_info->Preauth_HashValue); rsp->NegotiateContextOffset = cpu_to_le32(OFFSET_OF_NEG_CONTEXT); - assemble_neg_contexts(conn, rsp); + assemble_neg_contexts(conn, rsp, work->response_buf); break; case SMB302_PROT_ID: init_smb3_02_server(conn); @@ -1171,6 +1173,11 @@ case SMB21_PROT_ID: init_smb2_1_server(conn); break; +#ifdef CONFIG_SMB_INSECURE_SERVER + case SMB20_PROT_ID: + init_smb2_0_server(conn); + break; +#endif case SMB2X_PROT_ID: case BAD_PROT_ID: default: @@ -1208,10 +1215,9 @@ rsp->SecurityBufferOffset = cpu_to_le16(128); rsp->SecurityBufferLength = cpu_to_le16(AUTH_GSS_LENGTH); - ksmbd_copy_gss_neg_header(((char *)(&rsp->hdr) + - sizeof(rsp->hdr.smb2_buf_length)) + + ksmbd_copy_gss_neg_header((char *)(&rsp->hdr) + le16_to_cpu(rsp->SecurityBufferOffset)); - inc_rfc1001_len(rsp, sizeof(struct smb2_negotiate_rsp) - + inc_rfc1001_len(work->response_buf, sizeof(struct smb2_negotiate_rsp) - sizeof(struct smb2_hdr) - sizeof(rsp->Buffer) + AUTH_GSS_LENGTH); rsp->SecurityMode = SMB2_NEGOTIATE_SIGNING_ENABLED_LE; @@ -1303,7 +1309,7 @@ struct negotiate_message *negblob, size_t negblob_len) { - struct smb2_sess_setup_rsp *rsp = work->response_buf; + struct smb2_sess_setup_rsp *rsp = smb2_get_msg(work->response_buf); struct challenge_message *chgblob; unsigned char *spnego_blob = NULL; u16 spnego_blob_len; @@ -1311,7 +1317,7 @@ int sz, rc; ksmbd_debug(SMB, "negotiate phase\n"); - rc = ksmbd_decode_ntlmssp_neg_blob(negblob, negblob_len, work->sess); + rc = ksmbd_decode_ntlmssp_neg_blob(negblob, negblob_len, work->conn); if (rc) return rc; @@ -1321,7 +1327,7 @@ memset(chgblob, 0, sizeof(struct challenge_message)); if (!work->conn->use_spnego) { - sz = ksmbd_build_ntlmssp_challenge_blob(chgblob, work->sess); + sz = ksmbd_build_ntlmssp_challenge_blob(chgblob, work->conn); if (sz < 0) return -ENOMEM; @@ -1337,7 +1343,7 @@ return -ENOMEM; chgblob = (struct challenge_message *)neg_blob; - sz = ksmbd_build_ntlmssp_challenge_blob(chgblob, work->sess); + sz = ksmbd_build_ntlmssp_challenge_blob(chgblob, work->conn); if (sz < 0) { rc = -ENOMEM; goto out; @@ -1411,8 +1417,8 @@ static int ntlm_authenticate(struct ksmbd_work *work) { - struct smb2_sess_setup_req *req = work->request_buf; - struct smb2_sess_setup_rsp *rsp = work->response_buf; + struct smb2_sess_setup_req *req = smb2_get_msg(work->request_buf); + struct smb2_sess_setup_rsp *rsp = smb2_get_msg(work->response_buf); struct ksmbd_conn *conn = work->conn; struct ksmbd_session *sess = work->sess; struct channel *chann = NULL; @@ -1435,7 +1441,7 @@ memcpy((char *)&rsp->hdr.ProtocolId + sz, spnego_blob, spnego_blob_len); rsp->SecurityBufferLength = cpu_to_le16(spnego_blob_len); kfree(spnego_blob); - inc_rfc1001_len(rsp, spnego_blob_len - 1); + inc_rfc1001_len(work->response_buf, spnego_blob_len - 1); } user = session_user(conn, req); @@ -1447,7 +1453,7 @@ /* Check for previous session */ prev_id = le64_to_cpu(req->PreviousSessionId); if (prev_id && prev_id != sess->id) - destroy_previous_session(user, prev_id); + destroy_previous_session(conn, user, prev_id); if (sess->state == SMB2_SESSION_VALID) { /* @@ -1458,10 +1464,16 @@ ksmbd_free_user(user); return 0; } - ksmbd_free_user(sess->user); - } + if (!ksmbd_compare_user(sess->user, user)) { + ksmbd_free_user(user); + return -EPERM; + } + ksmbd_free_user(user); + } else { sess->user = user; + } + if (user_guest(sess->user)) { rsp->SessionFlags = SMB2_SESSION_FLAG_IS_GUEST_LE; } else { @@ -1469,7 +1481,7 @@ authblob = user_authblob(conn, req); sz = le16_to_cpu(req->SecurityBufferLength); - rc = ksmbd_decode_ntlmssp_auth_blob(authblob, sz, sess); + rc = ksmbd_decode_ntlmssp_auth_blob(authblob, sz, conn, sess); if (rc) { set_user_flag(sess->user, KSMBD_USER_FLAG_BAD_PASSWORD); ksmbd_debug(SMB, "authentication failed\n"); @@ -1495,7 +1507,7 @@ if (smb3_encryption_negotiated(conn) && !(req->Flags & SMB2_SESSION_REQ_FLAG_BINDING)) { - rc = conn->ops->generate_encryptionkey(sess); + rc = conn->ops->generate_encryptionkey(conn, sess); if (rc) { ksmbd_debug(SMB, "SMB3 encryption key generation failed\n"); @@ -1512,7 +1524,9 @@ binding_session: if (conn->dialect >= SMB30_PROT_ID) { + read_lock(&sess->chann_lock); chann = lookup_chann_list(sess, conn); + read_unlock(&sess->chann_lock); if (!chann) { chann = kmalloc(sizeof(struct channel), GFP_KERNEL); if (!chann) @@ -1520,7 +1534,9 @@ chann->conn = conn; INIT_LIST_HEAD(&chann->chann_list); + write_lock(&sess->chann_lock); list_add(&chann->chann_list, &sess->ksmbd_chann_list); + write_unlock(&sess->chann_lock); } } @@ -1542,8 +1558,8 @@ #ifdef CONFIG_SMB_SERVER_KERBEROS5 static int krb5_authenticate(struct ksmbd_work *work) { - struct smb2_sess_setup_req *req = work->request_buf; - struct smb2_sess_setup_rsp *rsp = work->response_buf; + struct smb2_sess_setup_req *req = smb2_get_msg(work->request_buf); + struct smb2_sess_setup_rsp *rsp = smb2_get_msg(work->response_buf); struct ksmbd_conn *conn = work->conn; struct ksmbd_session *sess = work->sess; char *in_blob, *out_blob; @@ -1558,13 +1574,12 @@ out_blob = (char *)&rsp->hdr.ProtocolId + le16_to_cpu(rsp->SecurityBufferOffset); out_len = work->response_sz - - offsetof(struct smb2_hdr, smb2_buf_length) - - le16_to_cpu(rsp->SecurityBufferOffset); + (le16_to_cpu(rsp->SecurityBufferOffset) + 4); /* Check previous session */ prev_sess_id = le64_to_cpu(req->PreviousSessionId); if (prev_sess_id && prev_sess_id != sess->id) - destroy_previous_session(sess->user, prev_sess_id); + destroy_previous_session(conn, sess->user, prev_sess_id); if (sess->state == SMB2_SESSION_VALID) ksmbd_free_user(sess->user); @@ -1576,14 +1591,14 @@ return -EINVAL; } rsp->SecurityBufferLength = cpu_to_le16(out_len); - inc_rfc1001_len(rsp, out_len - 1); + inc_rfc1001_len(work->response_buf, out_len - 1); if ((conn->sign || server_conf.enforced_signing) || (req->SecurityMode & SMB2_NEGOTIATE_SIGNING_REQUIRED)) sess->sign = true; if (smb3_encryption_negotiated(conn)) { - retval = conn->ops->generate_encryptionkey(sess); + retval = conn->ops->generate_encryptionkey(conn, sess); if (retval) { ksmbd_debug(SMB, "SMB3 encryption key generation failed\n"); @@ -1595,7 +1610,9 @@ } if (conn->dialect >= SMB30_PROT_ID) { + read_lock(&sess->chann_lock); chann = lookup_chann_list(sess, conn); + read_unlock(&sess->chann_lock); if (!chann) { chann = kmalloc(sizeof(struct channel), GFP_KERNEL); if (!chann) @@ -1603,7 +1620,9 @@ chann->conn = conn; INIT_LIST_HEAD(&chann->chann_list); + write_lock(&sess->chann_lock); list_add(&chann->chann_list, &sess->ksmbd_chann_list); + write_unlock(&sess->chann_lock); } } @@ -1631,8 +1650,8 @@ int smb2_sess_setup(struct ksmbd_work *work) { struct ksmbd_conn *conn = work->conn; - struct smb2_sess_setup_req *req = work->request_buf; - struct smb2_sess_setup_rsp *rsp = work->response_buf; + struct smb2_sess_setup_req *req = smb2_get_msg(work->request_buf); + struct smb2_sess_setup_rsp *rsp = smb2_get_msg(work->response_buf); struct ksmbd_session *sess; struct negotiate_message *negblob; unsigned int negblob_len, negblob_off; @@ -1644,7 +1663,7 @@ rsp->SessionFlags = 0; rsp->SecurityBufferOffset = cpu_to_le16(72); rsp->SecurityBufferLength = 0; - inc_rfc1001_len(rsp, 9); + inc_rfc1001_len(work->response_buf, 9); if (!req->hdr.SessionId) { sess = ksmbd_smb2_session_create(); @@ -1653,7 +1672,9 @@ goto out_err; } rsp->hdr.SessionId = cpu_to_le64(sess->id); - ksmbd_session_register(conn, sess); + rc = ksmbd_session_register(conn, sess); + if (rc) + goto out_err; } else if (conn->dialect >= SMB30_PROT_ID && (server_conf.flags & KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL) && req->Flags & SMB2_SESSION_REQ_FLAG_BINDING) { @@ -1665,7 +1686,7 @@ goto out_err; } - if (conn->dialect != sess->conn->dialect) { + if (conn->dialect != sess->dialect) { rc = -EINVAL; goto out_err; } @@ -1675,7 +1696,7 @@ goto out_err; } - if (strncmp(conn->ClientGUID, sess->conn->ClientGUID, + if (strncmp(conn->ClientGUID, sess->ClientGUID, SMB2_CLIENT_GUID_SIZE)) { rc = -ENOENT; goto out_err; @@ -1718,7 +1739,7 @@ negblob_off = le16_to_cpu(req->SecurityBufferOffset); negblob_len = le16_to_cpu(req->SecurityBufferLength); - if (negblob_off < (offsetof(struct smb2_sess_setup_req, Buffer) - 4) || + if (negblob_off < (offsetof(struct smb2_sess_setup_req, Buffer)) || negblob_len < offsetof(struct negotiate_message, NegotiateFlags)) { rc = -EINVAL; goto out_err; @@ -1760,7 +1781,8 @@ * Note: here total size -1 is done as an * adjustment for 0 size blob */ - inc_rfc1001_len(rsp, le16_to_cpu(rsp->SecurityBufferLength) - 1); + inc_rfc1001_len(work->response_buf, + le16_to_cpu(rsp->SecurityBufferLength) - 1); } else if (negblob->MessageType == NtLmAuthenticate) { rc = ntlm_authenticate(work); @@ -1830,6 +1852,7 @@ if (sess->user && sess->user->flags & KSMBD_USER_FLAG_DELAY_SESSION) try_delay = true; + xa_erase(&conn->sessions, sess->id); ksmbd_session_destroy(sess); work->sess = NULL; if (try_delay) @@ -1849,8 +1872,8 @@ int smb2_tree_connect(struct ksmbd_work *work) { struct ksmbd_conn *conn = work->conn; - struct smb2_tree_connect_req *req = work->request_buf; - struct smb2_tree_connect_rsp *rsp = work->response_buf; + struct smb2_tree_connect_req *req = smb2_get_msg(work->request_buf); + struct smb2_tree_connect_rsp *rsp = smb2_get_msg(work->response_buf); struct ksmbd_session *sess = work->sess; char *treename = NULL, *name = NULL; struct ksmbd_tree_conn_status status; @@ -1866,8 +1889,9 @@ goto out_err1; } - name = ksmbd_extract_sharename(treename); + name = ksmbd_extract_sharename(conn->um, treename); if (IS_ERR(name)) { + pr_err("Failed to get share name from tree connect request\n"); status.ret = KSMBD_TREE_CONN_STATUS_ERROR; goto out_err1; } @@ -1875,7 +1899,7 @@ ksmbd_debug(SMB, "tree connect request for tree %s treename %s\n", name, treename); - status = ksmbd_tree_conn_connect(sess, name); + status = ksmbd_tree_conn_connect(conn, sess, name); if (status.ret == KSMBD_TREE_CONN_STATUS_OK) rsp->hdr.Id.SyncId.TreeId = cpu_to_le32(status.tree_conn->id); else @@ -1909,13 +1933,13 @@ if (conn->posix_ext_supported) status.tree_conn->posix_extensions = true; -out_err1: rsp->StructureSize = cpu_to_le16(16); + inc_rfc1001_len(work->response_buf, 16); +out_err1: rsp->Capabilities = 0; rsp->Reserved = 0; /* default manual caching */ rsp->ShareFlags = SMB2_SHAREFLAG_MANUAL_CACHING; - inc_rfc1001_len(rsp, 16); if (!IS_ERR(treename)) kfree(treename); @@ -1927,8 +1951,10 @@ rsp->hdr.Status = STATUS_SUCCESS; rc = 0; break; + case -ESTALE: + case -ENOENT: case KSMBD_TREE_CONN_STATUS_NO_SHARE: - rsp->hdr.Status = STATUS_BAD_NETWORK_PATH; + rsp->hdr.Status = STATUS_BAD_NETWORK_NAME; break; case -ENOMEM: case KSMBD_TREE_CONN_STATUS_NOMEM: @@ -1946,6 +1972,9 @@ rsp->hdr.Status = STATUS_ACCESS_DENIED; } + if (status.ret != KSMBD_TREE_CONN_STATUS_OK) + smb2_set_err_rsp(work); + return rc; } @@ -2020,17 +2049,18 @@ */ int smb2_tree_disconnect(struct ksmbd_work *work) { - struct smb2_tree_disconnect_rsp *rsp = work->response_buf; + struct smb2_tree_disconnect_rsp *rsp = smb2_get_msg(work->response_buf); struct ksmbd_session *sess = work->sess; struct ksmbd_tree_connect *tcon = work->tcon; rsp->StructureSize = cpu_to_le16(4); - inc_rfc1001_len(rsp, 4); + inc_rfc1001_len(work->response_buf, 4); ksmbd_debug(SMB, "request\n"); if (!tcon) { - struct smb2_tree_disconnect_req *req = work->request_buf; + struct smb2_tree_disconnect_req *req = + smb2_get_msg(work->request_buf); ksmbd_debug(SMB, "Invalid tid %d\n", req->hdr.Id.SyncId.TreeId); rsp->hdr.Status = STATUS_NETWORK_NAME_DELETED; @@ -2040,6 +2070,7 @@ ksmbd_close_tree_conn_fds(work); ksmbd_tree_conn_disconnect(sess, tcon); + work->tcon = NULL; return 0; } @@ -2052,24 +2083,21 @@ int smb2_session_logoff(struct ksmbd_work *work) { struct ksmbd_conn *conn = work->conn; - struct smb2_logoff_rsp *rsp = work->response_buf; + struct smb2_logoff_rsp *rsp = smb2_get_msg(work->response_buf); struct ksmbd_session *sess = work->sess; rsp->StructureSize = cpu_to_le16(4); - inc_rfc1001_len(rsp, 4); + inc_rfc1001_len(work->response_buf, 4); ksmbd_debug(SMB, "request\n"); - /* Got a valid session, set connection state */ - WARN_ON(sess->conn != conn); - /* setting CifsExiting here may race with start_tcp_sess */ ksmbd_conn_set_need_reconnect(work); ksmbd_close_session_fds(work); ksmbd_conn_wait_idle(conn); if (ksmbd_tree_conn_session_logoff(sess)) { - struct smb2_logoff_req *req = work->request_buf; + struct smb2_logoff_req *req = smb2_get_msg(work->request_buf); ksmbd_debug(SMB, "Invalid tid %d\n", req->hdr.Id.SyncId.TreeId); rsp->hdr.Status = STATUS_NETWORK_NAME_DELETED; @@ -2096,8 +2124,8 @@ */ static noinline int create_smb2_pipe(struct ksmbd_work *work) { - struct smb2_create_rsp *rsp = work->response_buf; - struct smb2_create_req *req = work->request_buf; + struct smb2_create_rsp *rsp = smb2_get_msg(work->response_buf); + struct smb2_create_req *req = smb2_get_msg(work->request_buf); int id; int err; char *name; @@ -2130,12 +2158,12 @@ rsp->EndofFile = cpu_to_le64(0); rsp->FileAttributes = ATTR_NORMAL_LE; rsp->Reserved2 = 0; - rsp->VolatileFileId = cpu_to_le64(id); + rsp->VolatileFileId = id; rsp->PersistentFileId = 0; rsp->CreateContextsOffset = 0; rsp->CreateContextsLength = 0; - inc_rfc1001_len(rsp, 88); /* StructureSize - 1*/ + inc_rfc1001_len(work->response_buf, 88); /* StructureSize - 1*/ kfree(name); return 0; @@ -2167,7 +2195,7 @@ * Return: 0 on success, otherwise error */ static int smb2_set_ea(struct smb2_ea_info *eabuf, unsigned int buf_len, - struct path *path) + const struct path *path) { struct user_namespace *user_ns = mnt_user_ns(path->mnt); char *attr_name = NULL, *value; @@ -2254,7 +2282,7 @@ return rc; } -static noinline int smb2_set_stream_name_xattr(struct path *path, +static noinline int smb2_set_stream_name_xattr(const struct path *path, struct ksmbd_file *fp, char *stream_name, int s_type) { @@ -2293,7 +2321,7 @@ return 0; } -static int smb2_remove_smb_xattrs(struct path *path) +static int smb2_remove_smb_xattrs(const struct path *path) { struct user_namespace *user_ns = mnt_user_ns(path->mnt); char *name, *xattr_list = NULL; @@ -2312,22 +2340,22 @@ name += strlen(name) + 1) { ksmbd_debug(SMB, "%s, len %zd\n", name, strlen(name)); - if (strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN) && - strncmp(&name[XATTR_USER_PREFIX_LEN], DOS_ATTRIBUTE_PREFIX, - DOS_ATTRIBUTE_PREFIX_LEN) && - strncmp(&name[XATTR_USER_PREFIX_LEN], STREAM_PREFIX, STREAM_PREFIX_LEN)) - continue; - - err = ksmbd_vfs_remove_xattr(user_ns, path->dentry, name); + if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN) && + !strncmp(&name[XATTR_USER_PREFIX_LEN], STREAM_PREFIX, + STREAM_PREFIX_LEN)) { + err = ksmbd_vfs_remove_xattr(user_ns, path->dentry, + name); if (err) - ksmbd_debug(SMB, "remove xattr failed : %s\n", name); + ksmbd_debug(SMB, "remove xattr failed : %s\n", + name); + } } out: kvfree(xattr_list); return err; } -static int smb2_create_truncate(struct path *path) +static int smb2_create_truncate(const struct path *path) { int rc = vfs_truncate(path, 0); @@ -2346,7 +2374,7 @@ return rc; } -static void smb2_new_xattrs(struct ksmbd_tree_connect *tcon, struct path *path, +static void smb2_new_xattrs(struct ksmbd_tree_connect *tcon, const struct path *path, struct ksmbd_file *fp) { struct xattr_dos_attrib da = {0}; @@ -2369,7 +2397,7 @@ } static void smb2_update_xattrs(struct ksmbd_tree_connect *tcon, - struct path *path, struct ksmbd_file *fp) + const struct path *path, struct ksmbd_file *fp) { struct xattr_dos_attrib da; int rc; @@ -2429,7 +2457,7 @@ static int smb2_create_sd_buffer(struct ksmbd_work *work, struct smb2_create_req *req, - struct path *path) + const struct path *path) { struct create_context *context; struct create_sd_buf_req *sd_buf; @@ -2484,7 +2512,7 @@ struct ksmbd_session *sess = work->sess; struct ksmbd_tree_connect *tcon = work->tcon; struct smb2_create_req *req; - struct smb2_create_rsp *rsp, *rsp_org; + struct smb2_create_rsp *rsp; struct path path; struct ksmbd_share_config *share = tcon->share_conf; struct ksmbd_file *fp = NULL; @@ -2510,7 +2538,6 @@ umode_t posix_mode = 0; __le32 daccess, maximal_access = 0; - rsp_org = work->response_buf; WORK_BUFFERS(work, req, rsp); if (req->hdr.NextCommand && !work->next_smb2_rcv_hdr_off && @@ -2534,8 +2561,7 @@ goto err_out1; } - name = smb2_get_name(share, - req->Buffer, + name = smb2_get_name(req->Buffer, le16_to_cpu(req->NameLength), work->conn->local_nls); if (IS_ERR(name)) { @@ -2745,7 +2771,6 @@ } else { file_present = true; user_ns = mnt_user_ns(path.mnt); - generic_fillattr(user_ns, d_inode(path.dentry), &stat); } if (stream_name) { if (req->CreateOptions & FILE_DIRECTORY_FILE_LE) { @@ -2754,7 +2779,8 @@ rsp->hdr.Status = STATUS_NOT_A_DIRECTORY; } } else { - if (S_ISDIR(stat.mode) && s_type == DATA_STREAM) { + if (file_present && S_ISDIR(d_inode(path.dentry)->i_mode) && + s_type == DATA_STREAM) { rc = -EIO; rsp->hdr.Status = STATUS_FILE_IS_A_DIRECTORY; } @@ -2771,7 +2797,8 @@ } if (file_present && req->CreateOptions & FILE_NON_DIRECTORY_FILE_LE && - S_ISDIR(stat.mode) && !(req->CreateOptions & FILE_DELETE_ON_CLOSE_LE)) { + S_ISDIR(d_inode(path.dentry)->i_mode) && + !(req->CreateOptions & FILE_DELETE_ON_CLOSE_LE)) { ksmbd_debug(SMB, "open() argument is a directory: %s, %x\n", name, req->CreateOptions); rsp->hdr.Status = STATUS_FILE_IS_A_DIRECTORY; @@ -2781,7 +2808,7 @@ if (file_present && (req->CreateOptions & FILE_DIRECTORY_FILE_LE) && !(req->CreateDisposition == FILE_CREATE_LE) && - !S_ISDIR(stat.mode)) { + !S_ISDIR(d_inode(path.dentry)->i_mode)) { rsp->hdr.Status = STATUS_NOT_A_DIRECTORY; rc = -EIO; goto err_out; @@ -2925,7 +2952,6 @@ goto err_out; } - fp->filename = name; fp->cdoption = req->CreateDisposition; fp->daccess = daccess; fp->saccess = req->ShareAccess; @@ -2976,7 +3002,7 @@ goto err_out; rc = build_sec_desc(user_ns, - pntsd, NULL, + pntsd, NULL, 0, OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO, @@ -3029,12 +3055,6 @@ list_add(&fp->node, &fp->f_ci->m_fp_list); write_unlock(&fp->f_ci->m_lock); - rc = ksmbd_vfs_getattr(&path, &stat); - if (rc) { - generic_fillattr(user_ns, d_inode(path.dentry), &stat); - rc = 0; - } - /* Check delete pending among previous fp before oplock break */ if (ksmbd_inode_pending_delete(fp)) { rc = -EBUSY; @@ -3121,6 +3141,10 @@ } } + rc = ksmbd_vfs_getattr(&path, &stat); + if (rc) + goto err_out; + if (stat.result_mask & STATX_BTIME) fp->create_time = ksmbd_UnixTimeToNT(stat.btime); else @@ -3136,9 +3160,6 @@ memcpy(fp->client_guid, conn->ClientGUID, SMB2_CLIENT_GUID_SIZE); - generic_fillattr(user_ns, file_inode(fp->filp), - &stat); - rsp->StructureSize = cpu_to_le16(89); rcu_read_lock(); opinfo = rcu_dereference(fp->f_opinfo); @@ -3160,12 +3181,12 @@ rsp->Reserved2 = 0; - rsp->PersistentFileId = cpu_to_le64(fp->persistent_id); - rsp->VolatileFileId = cpu_to_le64(fp->volatile_id); + rsp->PersistentFileId = fp->persistent_id; + rsp->VolatileFileId = fp->volatile_id; rsp->CreateContextsOffset = 0; rsp->CreateContextsLength = 0; - inc_rfc1001_len(rsp_org, 88); /* StructureSize - 1*/ + inc_rfc1001_len(work->response_buf, 88); /* StructureSize - 1*/ /* If lease is request send lease context response */ if (opinfo && opinfo->is_lease) { @@ -3180,7 +3201,8 @@ create_lease_buf(rsp->Buffer, opinfo->o_lease); le32_add_cpu(&rsp->CreateContextsLength, conn->vals->create_lease_size); - inc_rfc1001_len(rsp_org, conn->vals->create_lease_size); + inc_rfc1001_len(work->response_buf, + conn->vals->create_lease_size); next_ptr = &lease_ccontext->Next; next_off = conn->vals->create_lease_size; } @@ -3200,7 +3222,8 @@ le32_to_cpu(maximal_access)); le32_add_cpu(&rsp->CreateContextsLength, conn->vals->create_mxac_size); - inc_rfc1001_len(rsp_org, conn->vals->create_mxac_size); + inc_rfc1001_len(work->response_buf, + conn->vals->create_mxac_size); if (next_ptr) *next_ptr = cpu_to_le32(next_off); next_ptr = &mxac_ccontext->Next; @@ -3218,7 +3241,8 @@ stat.ino, tcon->id); le32_add_cpu(&rsp->CreateContextsLength, conn->vals->create_disk_id_size); - inc_rfc1001_len(rsp_org, conn->vals->create_disk_id_size); + inc_rfc1001_len(work->response_buf, + conn->vals->create_disk_id_size); if (next_ptr) *next_ptr = cpu_to_le32(next_off); next_ptr = &disk_id_ccontext->Next; @@ -3232,15 +3256,15 @@ fp); le32_add_cpu(&rsp->CreateContextsLength, conn->vals->create_posix_size); - inc_rfc1001_len(rsp_org, conn->vals->create_posix_size); + inc_rfc1001_len(work->response_buf, + conn->vals->create_posix_size); if (next_ptr) *next_ptr = cpu_to_le32(next_off); } if (contxt_cnt > 0) { rsp->CreateContextsOffset = - cpu_to_le32(offsetof(struct smb2_create_rsp, Buffer) - - 4); + cpu_to_le32(offsetof(struct smb2_create_rsp, Buffer)); } err_out: @@ -3274,14 +3298,13 @@ if (!rsp->hdr.Status) rsp->hdr.Status = STATUS_UNEXPECTED_IO_ERROR; - if (!fp || !fp->filename) - kfree(name); if (fp) ksmbd_fd_put(work, fp); smb2_set_err_rsp(work); ksmbd_debug(SMB, "Error response: %x\n", rsp->hdr.Status); } + kfree(name); kfree(lc); return 0; @@ -3796,11 +3819,6 @@ return 0; } -static void restart_ctx(struct dir_context *ctx) -{ - ctx->pos = 0; -} - static int verify_info_level(int info_level) { switch (info_level) { @@ -3819,6 +3837,15 @@ return 0; } +static int smb2_resp_buf_len(struct ksmbd_work *work, unsigned short hdr2_len) +{ + int free_len; + + free_len = (int)(work->response_sz - + (get_rfc1002_len(work->response_buf) + 4)) - hdr2_len; + return free_len; +} + static int smb2_calc_max_out_buf_len(struct ksmbd_work *work, unsigned short hdr2_len, unsigned int out_buf_len) @@ -3828,9 +3855,7 @@ if (out_buf_len > work->conn->vals->max_trans_size) return -EINVAL; - free_len = (int)(work->response_sz - - (get_rfc1002_len(work->response_buf) + 4)) - - hdr2_len; + free_len = smb2_resp_buf_len(work, hdr2_len); if (free_len < 0) return -EINVAL; @@ -3841,7 +3866,7 @@ { struct ksmbd_conn *conn = work->conn; struct smb2_query_directory_req *req; - struct smb2_query_directory_rsp *rsp, *rsp_org; + struct smb2_query_directory_rsp *rsp; struct ksmbd_share_config *share = work->tcon->share_conf; struct ksmbd_file *dir_fp = NULL; struct ksmbd_dir_info d_info; @@ -3851,7 +3876,6 @@ int buffer_sz; struct smb2_query_dir_private query_dir_private = {NULL, }; - rsp_org = work->response_buf; WORK_BUFFERS(work, req, rsp); if (ksmbd_override_fsids(work)) { @@ -3866,9 +3890,7 @@ goto err_out2; } - dir_fp = ksmbd_lookup_fd_slow(work, - le64_to_cpu(req->VolatileFileId), - le64_to_cpu(req->PersistentFileId)); + dir_fp = ksmbd_lookup_fd_slow(work, req->VolatileFileId, req->PersistentFileId); if (!dir_fp) { rc = -EBADF; goto err_out2; @@ -3878,8 +3900,7 @@ inode_permission(file_mnt_user_ns(dir_fp->filp), file_inode(dir_fp->filp), MAY_READ | MAY_EXEC)) { - pr_err("no right to enumerate directory (%pd)\n", - dir_fp->filp->f_path.dentry); + pr_err("no right to enumerate directory (%pD)\n", dir_fp->filp); rc = -EACCES; goto err_out2; } @@ -3902,12 +3923,9 @@ ksmbd_debug(SMB, "Search pattern is %s\n", srch_ptr); } - ksmbd_debug(SMB, "Directory name is %s\n", dir_fp->filename); - if (srch_flag & SMB2_REOPEN || srch_flag & SMB2_RESTART_SCANS) { ksmbd_debug(SMB, "Restart directory scan\n"); generic_file_llseek(dir_fp->filp, 0, SEEK_SET); - restart_ctx(&dir_fp->readdir_data.ctx); } memset(&d_info, 0, sizeof(struct ksmbd_dir_info)); @@ -3948,11 +3966,15 @@ set_ctx_actor(&dir_fp->readdir_data.ctx, __query_dir); rc = iterate_dir(dir_fp->filp, &dir_fp->readdir_data.ctx); - if (rc == 0) - restart_ctx(&dir_fp->readdir_data.ctx); - if (rc == -ENOSPC) + /* + * req->OutputBufferLength is too small to contain even one entry. + * In this case, it immediately returns OutputBufferLength 0 to client. + */ + if (!d_info.out_buf_len && !d_info.num_entry) + goto no_buf_len; + if (rc > 0 || rc == -ENOSPC) rc = 0; - if (rc) + else if (rc) goto err_out; d_info.wptr = d_info.rptr; @@ -3972,17 +3994,19 @@ rsp->OutputBufferOffset = cpu_to_le16(0); rsp->OutputBufferLength = cpu_to_le32(0); rsp->Buffer[0] = 0; - inc_rfc1001_len(rsp_org, 9); + inc_rfc1001_len(work->response_buf, 9); } else { +no_buf_len: ((struct file_directory_info *) ((char *)rsp->Buffer + d_info.last_entry_offset)) ->NextEntryOffset = 0; + if (d_info.data_count >= d_info.last_entry_off_align) d_info.data_count -= d_info.last_entry_off_align; rsp->StructureSize = cpu_to_le16(9); rsp->OutputBufferOffset = cpu_to_le16(72); rsp->OutputBufferLength = cpu_to_le32(d_info.data_count); - inc_rfc1001_len(rsp_org, 8 + d_info.data_count); + inc_rfc1001_len(work->response_buf, 8 + d_info.data_count); } kfree(srch_ptr); @@ -4007,6 +4031,8 @@ rsp->hdr.Status = STATUS_NO_MEMORY; else if (rc == -EFAULT) rsp->hdr.Status = STATUS_INVALID_INFO_CLASS; + else if (rc == -EIO) + rsp->hdr.Status = STATUS_FILE_CORRUPT_ERROR; if (!rsp->hdr.Status) rsp->hdr.Status = STATUS_UNEXPECTED_IO_ERROR; @@ -4025,26 +4051,28 @@ * Return: 0 on success, otherwise error */ static int buffer_check_err(int reqOutputBufferLength, - struct smb2_query_info_rsp *rsp, int infoclass_size) + struct smb2_query_info_rsp *rsp, + void *rsp_org, int infoclass_size) { if (reqOutputBufferLength < le32_to_cpu(rsp->OutputBufferLength)) { if (reqOutputBufferLength < infoclass_size) { pr_err("Invalid Buffer Size Requested\n"); rsp->hdr.Status = STATUS_INFO_LENGTH_MISMATCH; - rsp->hdr.smb2_buf_length = cpu_to_be32(sizeof(struct smb2_hdr) - 4); + *(__be32 *)rsp_org = cpu_to_be32(sizeof(struct smb2_hdr)); return -EINVAL; } ksmbd_debug(SMB, "Buffer Overflow\n"); rsp->hdr.Status = STATUS_BUFFER_OVERFLOW; - rsp->hdr.smb2_buf_length = cpu_to_be32(sizeof(struct smb2_hdr) - 4 + + *(__be32 *)rsp_org = cpu_to_be32(sizeof(struct smb2_hdr) + reqOutputBufferLength); rsp->OutputBufferLength = cpu_to_le32(reqOutputBufferLength); } return 0; } -static void get_standard_info_pipe(struct smb2_query_info_rsp *rsp) +static void get_standard_info_pipe(struct smb2_query_info_rsp *rsp, + void *rsp_org) { struct smb2_file_standard_info *sinfo; @@ -4057,10 +4085,11 @@ sinfo->Directory = 0; rsp->OutputBufferLength = cpu_to_le32(sizeof(struct smb2_file_standard_info)); - inc_rfc1001_len(rsp, sizeof(struct smb2_file_standard_info)); + inc_rfc1001_len(rsp_org, sizeof(struct smb2_file_standard_info)); } -static void get_internal_info_pipe(struct smb2_query_info_rsp *rsp, u64 num) +static void get_internal_info_pipe(struct smb2_query_info_rsp *rsp, u64 num, + void *rsp_org) { struct smb2_file_internal_info *file_info; @@ -4070,12 +4099,13 @@ file_info->IndexNumber = cpu_to_le64(num | (1ULL << 63)); rsp->OutputBufferLength = cpu_to_le32(sizeof(struct smb2_file_internal_info)); - inc_rfc1001_len(rsp, sizeof(struct smb2_file_internal_info)); + inc_rfc1001_len(rsp_org, sizeof(struct smb2_file_internal_info)); } static int smb2_get_info_file_pipe(struct ksmbd_session *sess, struct smb2_query_info_req *req, - struct smb2_query_info_rsp *rsp) + struct smb2_query_info_rsp *rsp, + void *rsp_org) { u64 id; int rc; @@ -4084,23 +4114,25 @@ * Windows can sometime send query file info request on * pipe without opening it, checking error condition here */ - id = le64_to_cpu(req->VolatileFileId); + id = req->VolatileFileId; if (!ksmbd_session_rpc_method(sess, id)) return -ENOENT; ksmbd_debug(SMB, "FileInfoClass %u, FileId 0x%llx\n", - req->FileInfoClass, le64_to_cpu(req->VolatileFileId)); + req->FileInfoClass, req->VolatileFileId); switch (req->FileInfoClass) { case FILE_STANDARD_INFORMATION: - get_standard_info_pipe(rsp); + get_standard_info_pipe(rsp, rsp_org); rc = buffer_check_err(le32_to_cpu(req->OutputBufferLength), - rsp, FILE_STANDARD_INFORMATION_SIZE); + rsp, rsp_org, + FILE_STANDARD_INFORMATION_SIZE); break; case FILE_INTERNAL_INFORMATION: - get_internal_info_pipe(rsp, id); + get_internal_info_pipe(rsp, id, rsp_org); rc = buffer_check_err(le32_to_cpu(req->OutputBufferLength), - rsp, FILE_INTERNAL_INFORMATION_SIZE); + rsp, rsp_org, + FILE_INTERNAL_INFORMATION_SIZE); break; default: ksmbd_debug(SMB, "smb2_info_file_pipe for %u not supported\n", @@ -4129,7 +4161,7 @@ int rc, name_len, value_len, xattr_list_len, idx; ssize_t buf_free_len, alignment_bytes, next_offset, rsp_data_cnt = 0; struct smb2_ea_info_req *ea_req = NULL; - struct path *path; + const struct path *path; struct user_namespace *user_ns = file_mnt_user_ns(fp->filp); if (!(fp->daccess & FILE_READ_EA_LE)) { @@ -4390,9 +4422,9 @@ return -EACCES; } - filename = convert_to_nt_pathname(fp->filename); - if (!filename) - return -ENOMEM; + filename = convert_to_nt_pathname(work->tcon->share_conf, &fp->filp->f_path); + if (IS_ERR(filename)) + return PTR_ERR(filename); inode = file_inode(fp->filp); generic_fillattr(file_mnt_user_ns(fp->filp), inode, &stat); @@ -4466,7 +4498,7 @@ struct smb2_file_stream_info *file_info; char *stream_name, *xattr_list = NULL, *stream_buf; struct kstat stat; - struct path *path = &fp->filp->f_path; + const struct path *path = &fp->filp->f_path; ssize_t xattr_list_len; int nbytes = 0, streamlen, stream_name_len, next, idx = 0; int buf_free_len; @@ -4716,7 +4748,7 @@ static int smb2_get_info_file(struct ksmbd_work *work, struct smb2_query_info_req *req, - struct smb2_query_info_rsp *rsp, void *rsp_org) + struct smb2_query_info_rsp *rsp) { struct ksmbd_file *fp; int fileinfoclass = 0; @@ -4727,11 +4759,12 @@ if (test_share_config_flag(work->tcon->share_conf, KSMBD_SHARE_FLAG_PIPE)) { /* smb2 info file called for pipe */ - return smb2_get_info_file_pipe(work->sess, req, rsp); + return smb2_get_info_file_pipe(work->sess, req, rsp, + work->response_buf); } if (work->next_smb2_rcv_hdr_off) { - if (!has_file_id(le64_to_cpu(req->VolatileFileId))) { + if (!has_file_id(req->VolatileFileId)) { ksmbd_debug(SMB, "Compound request set FID = %llu\n", work->compound_fid); id = work->compound_fid; @@ -4740,8 +4773,8 @@ } if (!has_file_id(id)) { - id = le64_to_cpu(req->VolatileFileId); - pid = le64_to_cpu(req->PersistentFileId); + id = req->VolatileFileId; + pid = req->PersistentFileId; } fp = ksmbd_lookup_fd_slow(work, id, pid); @@ -4752,77 +4785,77 @@ switch (fileinfoclass) { case FILE_ACCESS_INFORMATION: - get_file_access_info(rsp, fp, rsp_org); + get_file_access_info(rsp, fp, work->response_buf); file_infoclass_size = FILE_ACCESS_INFORMATION_SIZE; break; case FILE_BASIC_INFORMATION: - rc = get_file_basic_info(rsp, fp, rsp_org); + rc = get_file_basic_info(rsp, fp, work->response_buf); file_infoclass_size = FILE_BASIC_INFORMATION_SIZE; break; case FILE_STANDARD_INFORMATION: - get_file_standard_info(rsp, fp, rsp_org); + get_file_standard_info(rsp, fp, work->response_buf); file_infoclass_size = FILE_STANDARD_INFORMATION_SIZE; break; case FILE_ALIGNMENT_INFORMATION: - get_file_alignment_info(rsp, rsp_org); + get_file_alignment_info(rsp, work->response_buf); file_infoclass_size = FILE_ALIGNMENT_INFORMATION_SIZE; break; case FILE_ALL_INFORMATION: - rc = get_file_all_info(work, rsp, fp, rsp_org); + rc = get_file_all_info(work, rsp, fp, work->response_buf); file_infoclass_size = FILE_ALL_INFORMATION_SIZE; break; case FILE_ALTERNATE_NAME_INFORMATION: - get_file_alternate_info(work, rsp, fp, rsp_org); + get_file_alternate_info(work, rsp, fp, work->response_buf); file_infoclass_size = FILE_ALTERNATE_NAME_INFORMATION_SIZE; break; case FILE_STREAM_INFORMATION: - get_file_stream_info(work, rsp, fp, rsp_org); + get_file_stream_info(work, rsp, fp, work->response_buf); file_infoclass_size = FILE_STREAM_INFORMATION_SIZE; break; case FILE_INTERNAL_INFORMATION: - get_file_internal_info(rsp, fp, rsp_org); + get_file_internal_info(rsp, fp, work->response_buf); file_infoclass_size = FILE_INTERNAL_INFORMATION_SIZE; break; case FILE_NETWORK_OPEN_INFORMATION: - rc = get_file_network_open_info(rsp, fp, rsp_org); + rc = get_file_network_open_info(rsp, fp, work->response_buf); file_infoclass_size = FILE_NETWORK_OPEN_INFORMATION_SIZE; break; case FILE_EA_INFORMATION: - get_file_ea_info(rsp, rsp_org); + get_file_ea_info(rsp, work->response_buf); file_infoclass_size = FILE_EA_INFORMATION_SIZE; break; case FILE_FULL_EA_INFORMATION: - rc = smb2_get_ea(work, fp, req, rsp, rsp_org); + rc = smb2_get_ea(work, fp, req, rsp, work->response_buf); file_infoclass_size = FILE_FULL_EA_INFORMATION_SIZE; break; case FILE_POSITION_INFORMATION: - get_file_position_info(rsp, fp, rsp_org); + get_file_position_info(rsp, fp, work->response_buf); file_infoclass_size = FILE_POSITION_INFORMATION_SIZE; break; case FILE_MODE_INFORMATION: - get_file_mode_info(rsp, fp, rsp_org); + get_file_mode_info(rsp, fp, work->response_buf); file_infoclass_size = FILE_MODE_INFORMATION_SIZE; break; case FILE_COMPRESSION_INFORMATION: - get_file_compression_info(rsp, fp, rsp_org); + get_file_compression_info(rsp, fp, work->response_buf); file_infoclass_size = FILE_COMPRESSION_INFORMATION_SIZE; break; case FILE_ATTRIBUTE_TAG_INFORMATION: - rc = get_file_attribute_tag_info(rsp, fp, rsp_org); + rc = get_file_attribute_tag_info(rsp, fp, work->response_buf); file_infoclass_size = FILE_ATTRIBUTE_TAG_INFORMATION_SIZE; break; case SMB_FIND_FILE_POSIX_INFO: @@ -4830,7 +4863,7 @@ pr_err("client doesn't negotiate with SMB3.1.1 POSIX Extensions\n"); rc = -EOPNOTSUPP; } else { - rc = find_file_posix_info(rsp, fp, rsp_org); + rc = find_file_posix_info(rsp, fp, work->response_buf); file_infoclass_size = sizeof(struct smb311_posix_qinfo); } break; @@ -4841,7 +4874,7 @@ } if (!rc) rc = buffer_check_err(le32_to_cpu(req->OutputBufferLength), - rsp, + rsp, work->response_buf, file_infoclass_size); ksmbd_fd_put(work, fp); return rc; @@ -4849,10 +4882,10 @@ static int smb2_get_info_filesystem(struct ksmbd_work *work, struct smb2_query_info_req *req, - struct smb2_query_info_rsp *rsp, void *rsp_org) + struct smb2_query_info_rsp *rsp) { struct ksmbd_session *sess = work->sess; - struct ksmbd_conn *conn = sess->conn; + struct ksmbd_conn *conn = work->conn; struct ksmbd_share_config *share = work->tcon->share_conf; int fsinfoclass = 0; struct kstatfs stfs; @@ -4885,7 +4918,7 @@ info->DeviceType = cpu_to_le32(stfs.f_type); info->DeviceCharacteristics = cpu_to_le32(0x00000020); rsp->OutputBufferLength = cpu_to_le32(8); - inc_rfc1001_len(rsp_org, 8); + inc_rfc1001_len(work->response_buf, 8); fs_infoclass_size = FS_DEVICE_INFORMATION_SIZE; break; } @@ -4911,7 +4944,7 @@ info->FileSystemNameLen = cpu_to_le32(len); sz = sizeof(struct filesystem_attribute_info) - 2 + len; rsp->OutputBufferLength = cpu_to_le32(sz); - inc_rfc1001_len(rsp_org, sz); + inc_rfc1001_len(work->response_buf, sz); fs_infoclass_size = FS_ATTRIBUTE_INFORMATION_SIZE; break; } @@ -4939,7 +4972,7 @@ info->Reserved = 0; sz = sizeof(struct filesystem_vol_info) - 2 + len; rsp->OutputBufferLength = cpu_to_le32(sz); - inc_rfc1001_len(rsp_org, sz); + inc_rfc1001_len(work->response_buf, sz); fs_infoclass_size = FS_VOLUME_INFORMATION_SIZE; break; } @@ -4953,7 +4986,7 @@ info->SectorsPerAllocationUnit = cpu_to_le32(1); info->BytesPerSector = cpu_to_le32(stfs.f_bsize); rsp->OutputBufferLength = cpu_to_le32(24); - inc_rfc1001_len(rsp_org, 24); + inc_rfc1001_len(work->response_buf, 24); fs_infoclass_size = FS_SIZE_INFORMATION_SIZE; break; } @@ -4970,7 +5003,7 @@ info->SectorsPerAllocationUnit = cpu_to_le32(1); info->BytesPerSector = cpu_to_le32(stfs.f_bsize); rsp->OutputBufferLength = cpu_to_le32(32); - inc_rfc1001_len(rsp_org, 32); + inc_rfc1001_len(work->response_buf, 32); fs_infoclass_size = FS_FULL_SIZE_INFORMATION_SIZE; break; } @@ -4991,7 +5024,7 @@ info->extended_info.rel_date = 0; memcpy(info->extended_info.version_string, "1.1.0", strlen("1.1.0")); rsp->OutputBufferLength = cpu_to_le32(64); - inc_rfc1001_len(rsp_org, 64); + inc_rfc1001_len(work->response_buf, 64); fs_infoclass_size = FS_OBJECT_ID_INFORMATION_SIZE; break; } @@ -5014,7 +5047,7 @@ info->ByteOffsetForSectorAlignment = 0; info->ByteOffsetForPartitionAlignment = 0; rsp->OutputBufferLength = cpu_to_le32(28); - inc_rfc1001_len(rsp_org, 28); + inc_rfc1001_len(work->response_buf, 28); fs_infoclass_size = FS_SECTOR_SIZE_INFORMATION_SIZE; break; } @@ -5036,7 +5069,7 @@ info->DefaultQuotaLimit = cpu_to_le64(SMB2_NO_FID); info->Padding = 0; rsp->OutputBufferLength = cpu_to_le32(48); - inc_rfc1001_len(rsp_org, 48); + inc_rfc1001_len(work->response_buf, 48); fs_infoclass_size = FS_CONTROL_INFORMATION_SIZE; break; } @@ -5057,7 +5090,7 @@ info->TotalFileNodes = cpu_to_le64(stfs.f_files); info->FreeFileNodes = cpu_to_le64(stfs.f_ffree); rsp->OutputBufferLength = cpu_to_le32(56); - inc_rfc1001_len(rsp_org, 56); + inc_rfc1001_len(work->response_buf, 56); fs_infoclass_size = FS_POSIX_INFORMATION_SIZE; } break; @@ -5067,7 +5100,7 @@ return -EOPNOTSUPP; } rc = buffer_check_err(le32_to_cpu(req->OutputBufferLength), - rsp, + rsp, work->response_buf, fs_infoclass_size); path_put(&path); return rc; @@ -5075,17 +5108,17 @@ static int smb2_get_info_sec(struct ksmbd_work *work, struct smb2_query_info_req *req, - struct smb2_query_info_rsp *rsp, void *rsp_org) + struct smb2_query_info_rsp *rsp) { struct ksmbd_file *fp; struct user_namespace *user_ns; struct smb_ntsd *pntsd = (struct smb_ntsd *)rsp->Buffer, *ppntsd = NULL; struct smb_fattr fattr = {{0}}; struct inode *inode; - __u32 secdesclen; + __u32 secdesclen = 0; unsigned int id = KSMBD_NO_FID, pid = KSMBD_NO_FID; int addition_info = le32_to_cpu(req->AdditionalInformation); - int rc; + int rc = 0, ppntsd_size = 0; if (addition_info & ~(OWNER_SECINFO | GROUP_SECINFO | DACL_SECINFO | PROTECTED_DACL_SECINFO | @@ -5102,13 +5135,13 @@ secdesclen = sizeof(struct smb_ntsd); rsp->OutputBufferLength = cpu_to_le32(secdesclen); - inc_rfc1001_len(rsp_org, secdesclen); + inc_rfc1001_len(work->response_buf, secdesclen); return 0; } if (work->next_smb2_rcv_hdr_off) { - if (!has_file_id(le64_to_cpu(req->VolatileFileId))) { + if (!has_file_id(req->VolatileFileId)) { ksmbd_debug(SMB, "Compound request set FID = %llu\n", work->compound_fid); id = work->compound_fid; @@ -5117,8 +5150,8 @@ } if (!has_file_id(id)) { - id = le64_to_cpu(req->VolatileFileId); - pid = le64_to_cpu(req->PersistentFileId); + id = req->VolatileFileId; + pid = req->PersistentFileId; } fp = ksmbd_lookup_fd_slow(work, id, pid); @@ -5131,11 +5164,14 @@ if (test_share_config_flag(work->tcon->share_conf, KSMBD_SHARE_FLAG_ACL_XATTR)) - ksmbd_vfs_get_sd_xattr(work->conn, user_ns, - fp->filp->f_path.dentry, &ppntsd); + ppntsd_size = ksmbd_vfs_get_sd_xattr(work->conn, user_ns, + fp->filp->f_path.dentry, + &ppntsd); - rc = build_sec_desc(user_ns, pntsd, ppntsd, addition_info, - &secdesclen, &fattr); + /* Check if sd buffer size exceeds response buffer size */ + if (smb2_resp_buf_len(work, 8) > ppntsd_size) + rc = build_sec_desc(user_ns, pntsd, ppntsd, ppntsd_size, + addition_info, &secdesclen, &fattr); posix_acl_release(fattr.cf_acls); posix_acl_release(fattr.cf_dacls); kfree(ppntsd); @@ -5144,7 +5180,7 @@ return rc; rsp->OutputBufferLength = cpu_to_le32(secdesclen); - inc_rfc1001_len(rsp_org, secdesclen); + inc_rfc1001_len(work->response_buf, secdesclen); return 0; } @@ -5157,10 +5193,9 @@ int smb2_query_info(struct ksmbd_work *work) { struct smb2_query_info_req *req; - struct smb2_query_info_rsp *rsp, *rsp_org; + struct smb2_query_info_rsp *rsp; int rc = 0; - rsp_org = work->response_buf; WORK_BUFFERS(work, req, rsp); ksmbd_debug(SMB, "GOT query info request\n"); @@ -5168,15 +5203,15 @@ switch (req->InfoType) { case SMB2_O_INFO_FILE: ksmbd_debug(SMB, "GOT SMB2_O_INFO_FILE\n"); - rc = smb2_get_info_file(work, req, rsp, (void *)rsp_org); + rc = smb2_get_info_file(work, req, rsp); break; case SMB2_O_INFO_FILESYSTEM: ksmbd_debug(SMB, "GOT SMB2_O_INFO_FILESYSTEM\n"); - rc = smb2_get_info_filesystem(work, req, rsp, (void *)rsp_org); + rc = smb2_get_info_filesystem(work, req, rsp); break; case SMB2_O_INFO_SECURITY: ksmbd_debug(SMB, "GOT SMB2_O_INFO_SECURITY\n"); - rc = smb2_get_info_sec(work, req, rsp, (void *)rsp_org); + rc = smb2_get_info_sec(work, req, rsp); break; default: ksmbd_debug(SMB, "InfoType %d not supported yet\n", @@ -5201,7 +5236,7 @@ } rsp->StructureSize = cpu_to_le16(9); rsp->OutputBufferOffset = cpu_to_le16(72); - inc_rfc1001_len(rsp_org, 8); + inc_rfc1001_len(work->response_buf, 8); return 0; } @@ -5214,10 +5249,10 @@ static noinline int smb2_close_pipe(struct ksmbd_work *work) { u64 id; - struct smb2_close_req *req = work->request_buf; - struct smb2_close_rsp *rsp = work->response_buf; + struct smb2_close_req *req = smb2_get_msg(work->request_buf); + struct smb2_close_rsp *rsp = smb2_get_msg(work->response_buf); - id = le64_to_cpu(req->VolatileFileId); + id = req->VolatileFileId; ksmbd_session_rpc_close(work->sess, id); rsp->StructureSize = cpu_to_le16(60); @@ -5230,7 +5265,7 @@ rsp->AllocationSize = 0; rsp->EndOfFile = 0; rsp->Attributes = 0; - inc_rfc1001_len(rsp, 60); + inc_rfc1001_len(work->response_buf, 60); return 0; } @@ -5246,14 +5281,12 @@ u64 sess_id; struct smb2_close_req *req; struct smb2_close_rsp *rsp; - struct smb2_close_rsp *rsp_org; struct ksmbd_conn *conn = work->conn; struct ksmbd_file *fp; struct inode *inode; u64 time; int err = 0; - rsp_org = work->response_buf; WORK_BUFFERS(work, req, rsp); if (test_share_config_flag(work->tcon->share_conf, @@ -5278,7 +5311,7 @@ } if (work->next_smb2_rcv_hdr_off && - !has_file_id(le64_to_cpu(req->VolatileFileId))) { + !has_file_id(req->VolatileFileId)) { if (!has_file_id(work->compound_fid)) { /* file already closed, return FILE_CLOSED */ ksmbd_debug(SMB, "file already closed\n"); @@ -5297,7 +5330,7 @@ work->compound_pfid = KSMBD_NO_FID; } } else { - volatile_id = le64_to_cpu(req->VolatileFileId); + volatile_id = req->VolatileFileId; } ksmbd_debug(SMB, "volatile_id = %llu\n", volatile_id); @@ -5343,7 +5376,7 @@ rsp->hdr.Status = STATUS_FILE_CLOSED; smb2_set_err_rsp(work); } else { - inc_rfc1001_len(rsp_org, 60); + inc_rfc1001_len(work->response_buf, 60); } return 0; @@ -5357,11 +5390,11 @@ */ int smb2_echo(struct ksmbd_work *work) { - struct smb2_echo_rsp *rsp = work->response_buf; + struct smb2_echo_rsp *rsp = smb2_get_msg(work->response_buf); rsp->StructureSize = cpu_to_le16(4); rsp->Reserved = 0; - inc_rfc1001_len(rsp, 4); + inc_rfc1001_len(work->response_buf, 4); return 0; } @@ -5383,7 +5416,7 @@ if (!pathname) return -ENOMEM; - abs_oldname = d_path(&fp->filp->f_path, pathname, PATH_MAX); + abs_oldname = file_path(fp->filp, pathname, PATH_MAX); if (IS_ERR(abs_oldname)) { rc = -EINVAL; goto out; @@ -5398,8 +5431,7 @@ goto out; } - new_name = smb2_get_name(share, - file_info->FileName, + new_name = smb2_get_name(file_info->FileName, le32_to_cpu(file_info->FileNameLength), local_nls); if (IS_ERR(new_name)) { @@ -5510,8 +5542,7 @@ if (!pathname) return -ENOMEM; - link_name = smb2_get_name(share, - file_info->FileName, + link_name = smb2_get_name(file_info->FileName, le32_to_cpu(file_info->FileNameLength), local_nls); if (IS_ERR(link_name) || S_ISDIR(file_inode(filp)->i_mode)) { @@ -5520,7 +5551,7 @@ } ksmbd_debug(SMB, "link name is %s\n", link_name); - target_name = d_path(&filp->f_path, pathname, PATH_MAX); + target_name = file_path(filp, pathname, PATH_MAX); if (IS_ERR(target_name)) { rc = -EINVAL; goto out; @@ -5689,8 +5720,7 @@ size = i_size_read(inode); rc = ksmbd_vfs_truncate(work, fp, alloc_blks * 512); if (rc) { - pr_err("truncate failed! filename : %s, err %d\n", - fp->filename, rc); + pr_err("truncate failed!, err %d\n", rc); return rc; } if (size < alloc_blks * 512) @@ -5720,12 +5750,10 @@ * truncated range. */ if (inode->i_sb->s_magic != MSDOS_SUPER_MAGIC) { - ksmbd_debug(SMB, "filename : %s truncated to newsize %lld\n", - fp->filename, newsize); + ksmbd_debug(SMB, "truncated to newsize %lld\n", newsize); rc = ksmbd_vfs_truncate(work, fp, newsize); if (rc) { - ksmbd_debug(SMB, "truncate failed! filename : %s err %d\n", - fp->filename, rc); + ksmbd_debug(SMB, "truncate failed!, err %d\n", rc); if (rc != -EAGAIN) rc = -EBADF; return rc; @@ -5778,7 +5806,7 @@ } next: return smb2_rename(work, fp, user_ns, rename_info, - work->sess->conn->local_nls); + work->conn->local_nls); } static int set_file_disposition_info(struct ksmbd_file *fp, @@ -5912,7 +5940,7 @@ return smb2_create_link(work, work->tcon->share_conf, (struct smb2_file_link_info *)req->Buffer, buf_len, fp->filp, - work->sess->conn->local_nls); + work->conn->local_nls); } case FILE_DISPOSITION_INFORMATION: { @@ -5982,31 +6010,30 @@ int smb2_set_info(struct ksmbd_work *work) { struct smb2_set_info_req *req; - struct smb2_set_info_rsp *rsp, *rsp_org; + struct smb2_set_info_rsp *rsp; struct ksmbd_file *fp; int rc = 0; unsigned int id = KSMBD_NO_FID, pid = KSMBD_NO_FID; ksmbd_debug(SMB, "Received set info request\n"); - rsp_org = work->response_buf; if (work->next_smb2_rcv_hdr_off) { req = ksmbd_req_buf_next(work); rsp = ksmbd_resp_buf_next(work); - if (!has_file_id(le64_to_cpu(req->VolatileFileId))) { + if (!has_file_id(req->VolatileFileId)) { ksmbd_debug(SMB, "Compound request set FID = %llu\n", work->compound_fid); id = work->compound_fid; pid = work->compound_pfid; } } else { - req = work->request_buf; - rsp = work->response_buf; + req = smb2_get_msg(work->request_buf); + rsp = smb2_get_msg(work->response_buf); } if (!has_file_id(id)) { - id = le64_to_cpu(req->VolatileFileId); - pid = le64_to_cpu(req->PersistentFileId); + id = req->VolatileFileId; + pid = req->PersistentFileId; } fp = ksmbd_lookup_fd_slow(work, id, pid); @@ -6041,7 +6068,7 @@ goto err_out; rsp->StructureSize = cpu_to_le16(2); - inc_rfc1001_len(rsp_org, 2); + inc_rfc1001_len(work->response_buf, 2); ksmbd_fd_put(work, fp); return 0; @@ -6081,12 +6108,12 @@ int nbytes = 0, err; u64 id; struct ksmbd_rpc_command *rpc_resp; - struct smb2_read_req *req = work->request_buf; - struct smb2_read_rsp *rsp = work->response_buf; + struct smb2_read_req *req = smb2_get_msg(work->request_buf); + struct smb2_read_rsp *rsp = smb2_get_msg(work->response_buf); - id = le64_to_cpu(req->VolatileFileId); + id = req->VolatileFileId; - inc_rfc1001_len(rsp, 16); + inc_rfc1001_len(work->response_buf, 16); rpc_resp = ksmbd_rpc_read(work->sess, id); if (rpc_resp) { if (rpc_resp->flags != KSMBD_RPC_OK) { @@ -6105,7 +6132,7 @@ rpc_resp->payload_sz); nbytes = rpc_resp->payload_sz; - work->resp_hdr_sz = get_rfc1002_len(rsp) + 4; + work->resp_hdr_sz = get_rfc1002_len(work->response_buf) + 4; work->aux_payload_sz = nbytes; kvfree(rpc_resp); } @@ -6116,7 +6143,7 @@ rsp->DataLength = cpu_to_le32(nbytes); rsp->DataRemaining = 0; rsp->Reserved2 = 0; - inc_rfc1001_len(rsp, nbytes); + inc_rfc1001_len(work->response_buf, nbytes); return 0; out: @@ -6126,25 +6153,33 @@ return err; } -static ssize_t smb2_read_rdma_channel(struct ksmbd_work *work, - struct smb2_read_req *req, void *data_buf, - size_t length) +static int smb2_set_remote_key_for_rdma(struct ksmbd_work *work, + struct smb2_buffer_desc_v1 *desc, + __le32 Channel, + __le16 ChannelInfoOffset, + __le16 ChannelInfoLength) { - struct smb2_buffer_desc_v1 *desc = - (struct smb2_buffer_desc_v1 *)&req->Buffer[0]; - int err; - if (work->conn->dialect == SMB30_PROT_ID && - req->Channel != SMB2_CHANNEL_RDMA_V1) + Channel != SMB2_CHANNEL_RDMA_V1) return -EINVAL; - if (req->ReadChannelInfoOffset == 0 || - le16_to_cpu(req->ReadChannelInfoLength) < sizeof(*desc)) + if (ChannelInfoOffset == 0 || + le16_to_cpu(ChannelInfoLength) < sizeof(*desc)) return -EINVAL; work->need_invalidate_rkey = - (req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE); + (Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE); work->remote_key = le32_to_cpu(desc->token); + return 0; +} + +static ssize_t smb2_read_rdma_channel(struct ksmbd_work *work, + struct smb2_read_req *req, void *data_buf, + size_t length) +{ + struct smb2_buffer_desc_v1 *desc = + (struct smb2_buffer_desc_v1 *)&req->Buffer[0]; + int err; err = ksmbd_conn_rdma_write(work->conn, data_buf, length, le32_to_cpu(desc->token), @@ -6166,14 +6201,15 @@ { struct ksmbd_conn *conn = work->conn; struct smb2_read_req *req; - struct smb2_read_rsp *rsp, *rsp_org; - struct ksmbd_file *fp; + struct smb2_read_rsp *rsp; + struct ksmbd_file *fp = NULL; loff_t offset; size_t length, mincount; ssize_t nbytes = 0, remain_bytes = 0; int err = 0; + bool is_rdma_channel = false; + unsigned int max_read_size = conn->vals->max_read_size; - rsp_org = work->response_buf; WORK_BUFFERS(work, req, rsp); if (test_share_config_flag(work->tcon->share_conf, @@ -6182,8 +6218,30 @@ return smb2_read_pipe(work); } - fp = ksmbd_lookup_fd_slow(work, le64_to_cpu(req->VolatileFileId), - le64_to_cpu(req->PersistentFileId)); + if (req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE || + req->Channel == SMB2_CHANNEL_RDMA_V1) { + is_rdma_channel = true; + max_read_size = get_smbd_max_read_write_size(); + } + + if (is_rdma_channel == true) { + unsigned int ch_offset = le16_to_cpu(req->ReadChannelInfoOffset); + + if (ch_offset < offsetof(struct smb2_read_req, Buffer)) { + err = -EINVAL; + goto out; + } + err = smb2_set_remote_key_for_rdma(work, + (struct smb2_buffer_desc_v1 *) + &req->Buffer[0], + req->Channel, + req->ReadChannelInfoOffset, + req->ReadChannelInfoLength); + if (err) + goto out; + } + + fp = ksmbd_lookup_fd_slow(work, req->VolatileFileId, req->PersistentFileId); if (!fp) { err = -ENOENT; goto out; @@ -6199,15 +6257,15 @@ length = le32_to_cpu(req->Length); mincount = le32_to_cpu(req->MinimumCount); - if (length > conn->vals->max_read_size) { + if (length > max_read_size) { ksmbd_debug(SMB, "limiting read size to max size(%u)\n", - conn->vals->max_read_size); + max_read_size); err = -EINVAL; goto out; } - ksmbd_debug(SMB, "filename %pd, offset %lld, len %zu\n", - fp->filp->f_path.dentry, offset, length); + ksmbd_debug(SMB, "filename %pD, offset %lld, len %zu\n", + fp->filp, offset, length); work->aux_payload_buf = kvmalloc(length, GFP_KERNEL | __GFP_ZERO); if (!work->aux_payload_buf) { @@ -6233,8 +6291,7 @@ ksmbd_debug(SMB, "nbytes %zu, offset %lld mincount %zu\n", nbytes, offset, mincount); - if (req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE || - req->Channel == SMB2_CHANNEL_RDMA_V1) { + if (is_rdma_channel == true) { /* write data to the client using rdma channel */ remain_bytes = smb2_read_rdma_channel(work, req, work->aux_payload_buf, @@ -6255,10 +6312,10 @@ rsp->DataLength = cpu_to_le32(nbytes); rsp->DataRemaining = cpu_to_le32(remain_bytes); rsp->Reserved2 = 0; - inc_rfc1001_len(rsp_org, 16); - work->resp_hdr_sz = get_rfc1002_len(rsp_org) + 4; + inc_rfc1001_len(work->response_buf, 16); + work->resp_hdr_sz = get_rfc1002_len(work->response_buf) + 4; work->aux_payload_sz = nbytes; - inc_rfc1001_len(rsp_org, nbytes); + inc_rfc1001_len(work->response_buf, nbytes); ksmbd_fd_put(work, fp); return 0; @@ -6293,8 +6350,8 @@ */ static noinline int smb2_write_pipe(struct ksmbd_work *work) { - struct smb2_write_req *req = work->request_buf; - struct smb2_write_rsp *rsp = work->response_buf; + struct smb2_write_req *req = smb2_get_msg(work->request_buf); + struct smb2_write_rsp *rsp = smb2_get_msg(work->response_buf); struct ksmbd_rpc_command *rpc_resp; u64 id = 0; int err = 0, ret = 0; @@ -6302,23 +6359,19 @@ size_t length; length = le32_to_cpu(req->Length); - id = le64_to_cpu(req->VolatileFileId); + id = req->VolatileFileId; - if (le16_to_cpu(req->DataOffset) == - (offsetof(struct smb2_write_req, Buffer) - 4)) { - data_buf = (char *)&req->Buffer[0]; - } else { - if ((u64)le16_to_cpu(req->DataOffset) + length > get_rfc1002_len(req)) { + if ((u64)le16_to_cpu(req->DataOffset) + length > + get_rfc1002_len(work->request_buf)) { pr_err("invalid write data offset %u, smb_len %u\n", le16_to_cpu(req->DataOffset), - get_rfc1002_len(req)); + get_rfc1002_len(work->request_buf)); err = -EINVAL; goto out; } data_buf = (char *)(((char *)&req->hdr.ProtocolId) + le16_to_cpu(req->DataOffset)); - } rpc_resp = ksmbd_rpc_write(work->sess, id, data_buf, length); if (rpc_resp) { @@ -6343,7 +6396,7 @@ rsp->DataLength = cpu_to_le32(length); rsp->DataRemaining = 0; rsp->Reserved2 = 0; - inc_rfc1001_len(rsp, 16); + inc_rfc1001_len(work->response_buf, 16); return 0; out: if (err) { @@ -6366,21 +6419,6 @@ desc = (struct smb2_buffer_desc_v1 *)&req->Buffer[0]; - if (work->conn->dialect == SMB30_PROT_ID && - req->Channel != SMB2_CHANNEL_RDMA_V1) - return -EINVAL; - - if (req->Length != 0 || req->DataOffset != 0) - return -EINVAL; - - if (req->WriteChannelInfoOffset == 0 || - le16_to_cpu(req->WriteChannelInfoLength) < sizeof(*desc)) - return -EINVAL; - - work->need_invalidate_rkey = - (req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE); - work->remote_key = le32_to_cpu(desc->token); - data_buf = kvmalloc(length, GFP_KERNEL | __GFP_ZERO); if (!data_buf) return -ENOMEM; @@ -6411,16 +6449,16 @@ int smb2_write(struct ksmbd_work *work) { struct smb2_write_req *req; - struct smb2_write_rsp *rsp, *rsp_org; + struct smb2_write_rsp *rsp; struct ksmbd_file *fp = NULL; loff_t offset; size_t length; ssize_t nbytes; char *data_buf; - bool writethrough = false; + bool writethrough = false, is_rdma_channel = false; int err = 0; + unsigned int max_write_size = work->conn->vals->max_write_size; - rsp_org = work->response_buf; WORK_BUFFERS(work, req, rsp); if (test_share_config_flag(work->tcon->share_conf, KSMBD_SHARE_FLAG_PIPE)) { @@ -6428,14 +6466,41 @@ return smb2_write_pipe(work); } + offset = le64_to_cpu(req->Offset); + length = le32_to_cpu(req->Length); + + if (req->Channel == SMB2_CHANNEL_RDMA_V1 || + req->Channel == SMB2_CHANNEL_RDMA_V1_INVALIDATE) { + is_rdma_channel = true; + max_write_size = get_smbd_max_read_write_size(); + length = le32_to_cpu(req->RemainingBytes); + } + + if (is_rdma_channel == true) { + unsigned int ch_offset = le16_to_cpu(req->WriteChannelInfoOffset); + + if (req->Length != 0 || req->DataOffset != 0 || + ch_offset < offsetof(struct smb2_write_req, Buffer)) { + err = -EINVAL; + goto out; + } + err = smb2_set_remote_key_for_rdma(work, + (struct smb2_buffer_desc_v1 *) + &req->Buffer[0], + req->Channel, + req->WriteChannelInfoOffset, + req->WriteChannelInfoLength); + if (err) + goto out; + } + if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) { ksmbd_debug(SMB, "User does not have write permission\n"); err = -EACCES; goto out; } - fp = ksmbd_lookup_fd_slow(work, le64_to_cpu(req->VolatileFileId), - le64_to_cpu(req->PersistentFileId)); + fp = ksmbd_lookup_fd_slow(work, req->VolatileFileId, req->PersistentFileId); if (!fp) { err = -ENOENT; goto out; @@ -6447,12 +6512,9 @@ goto out; } - offset = le64_to_cpu(req->Offset); - length = le32_to_cpu(req->Length); - - if (length > work->conn->vals->max_write_size) { + if (length > max_write_size) { ksmbd_debug(SMB, "limiting write size to max size(%u)\n", - work->conn->vals->max_write_size); + max_write_size); err = -EINVAL; goto out; } @@ -6460,30 +6522,22 @@ if (le32_to_cpu(req->Flags) & SMB2_WRITEFLAG_WRITE_THROUGH) writethrough = true; - if (req->Channel != SMB2_CHANNEL_RDMA_V1 && - req->Channel != SMB2_CHANNEL_RDMA_V1_INVALIDATE) { - if (le16_to_cpu(req->DataOffset) == - (offsetof(struct smb2_write_req, Buffer) - 4)) { - data_buf = (char *)&req->Buffer[0]; - } else { - if ((u64)le16_to_cpu(req->DataOffset) + length > get_rfc1002_len(req)) { - pr_err("invalid write data offset %u, smb_len %u\n", - le16_to_cpu(req->DataOffset), - get_rfc1002_len(req)); + if (is_rdma_channel == false) { + if (le16_to_cpu(req->DataOffset) < + offsetof(struct smb2_write_req, Buffer)) { err = -EINVAL; goto out; } data_buf = (char *)(((char *)&req->hdr.ProtocolId) + le16_to_cpu(req->DataOffset)); - } ksmbd_debug(SMB, "flags %u\n", le32_to_cpu(req->Flags)); if (le32_to_cpu(req->Flags) & SMB2_WRITEFLAG_WRITE_THROUGH) writethrough = true; - ksmbd_debug(SMB, "filename %pd, offset %lld, len %zu\n", - fp->filp->f_path.dentry, offset, length); + ksmbd_debug(SMB, "filename %pD, offset %lld, len %zu\n", + fp->filp, offset, length); err = ksmbd_vfs_write(work, fp, data_buf, length, &offset, writethrough, &nbytes); if (err < 0) @@ -6492,8 +6546,7 @@ /* read data from the client using rdma channel, and * write the data. */ - nbytes = smb2_write_rdma_channel(work, req, fp, offset, - le32_to_cpu(req->RemainingBytes), + nbytes = smb2_write_rdma_channel(work, req, fp, offset, length, writethrough); if (nbytes < 0) { err = (int)nbytes; @@ -6507,7 +6560,7 @@ rsp->DataLength = cpu_to_le32(nbytes); rsp->DataRemaining = 0; rsp->Reserved2 = 0; - inc_rfc1001_len(rsp_org, 16); + inc_rfc1001_len(work->response_buf, 16); ksmbd_fd_put(work, fp); return 0; @@ -6541,24 +6594,20 @@ int smb2_flush(struct ksmbd_work *work) { struct smb2_flush_req *req; - struct smb2_flush_rsp *rsp, *rsp_org; + struct smb2_flush_rsp *rsp; int err; - rsp_org = work->response_buf; WORK_BUFFERS(work, req, rsp); - ksmbd_debug(SMB, "SMB2_FLUSH called for fid %llu\n", - le64_to_cpu(req->VolatileFileId)); + ksmbd_debug(SMB, "SMB2_FLUSH called for fid %llu\n", req->VolatileFileId); - err = ksmbd_vfs_fsync(work, - le64_to_cpu(req->VolatileFileId), - le64_to_cpu(req->PersistentFileId)); + err = ksmbd_vfs_fsync(work, req->VolatileFileId, req->PersistentFileId); if (err) goto out; rsp->StructureSize = cpu_to_le16(4); rsp->Reserved = 0; - inc_rfc1001_len(rsp_org, 4); + inc_rfc1001_len(work->response_buf, 4); return 0; out: @@ -6579,10 +6628,9 @@ int smb2_cancel(struct ksmbd_work *work) { struct ksmbd_conn *conn = work->conn; - struct smb2_hdr *hdr = work->request_buf; + struct smb2_hdr *hdr = smb2_get_msg(work->request_buf); struct smb2_hdr *chdr; - struct ksmbd_work *cancel_work = NULL; - int canceled = 0; + struct ksmbd_work *iter; struct list_head *command_list; ksmbd_debug(SMB, "smb2 cancel called on mid %llu, async flags 0x%x\n", @@ -6592,11 +6640,11 @@ command_list = &conn->async_requests; spin_lock(&conn->request_lock); - list_for_each_entry(cancel_work, command_list, + list_for_each_entry(iter, command_list, async_request_entry) { - chdr = cancel_work->request_buf; + chdr = smb2_get_msg(iter->request_buf); - if (cancel_work->async_id != + if (iter->async_id != le64_to_cpu(hdr->Id.AsyncId)) continue; @@ -6604,7 +6652,9 @@ "smb2 with AsyncId %llu cancelled command = 0x%x\n", le64_to_cpu(hdr->Id.AsyncId), le16_to_cpu(chdr->Command)); - canceled = 1; + iter->state = KSMBD_WORK_CANCELLED; + if (iter->cancel_fn) + iter->cancel_fn(iter->cancel_argv); break; } spin_unlock(&conn->request_lock); @@ -6612,29 +6662,23 @@ command_list = &conn->requests; spin_lock(&conn->request_lock); - list_for_each_entry(cancel_work, command_list, request_entry) { - chdr = cancel_work->request_buf; + list_for_each_entry(iter, command_list, request_entry) { + chdr = smb2_get_msg(iter->request_buf); if (chdr->MessageId != hdr->MessageId || - cancel_work == work) + iter == work) continue; ksmbd_debug(SMB, "smb2 with mid %llu cancelled command = 0x%x\n", le64_to_cpu(hdr->MessageId), le16_to_cpu(chdr->Command)); - canceled = 1; + iter->state = KSMBD_WORK_CANCELLED; break; } spin_unlock(&conn->request_lock); } - if (canceled) { - cancel_work->state = KSMBD_WORK_CANCELLED; - if (cancel_work->cancel_fn) - cancel_work->cancel_fn(cancel_work->cancel_argv); - } - /* For SMB2_CANCEL command itself send no response*/ work->send_no_response = 1; return 0; @@ -6748,8 +6792,8 @@ */ int smb2_lock(struct ksmbd_work *work) { - struct smb2_lock_req *req = work->request_buf; - struct smb2_lock_rsp *rsp = work->response_buf; + struct smb2_lock_req *req = smb2_get_msg(work->request_buf); + struct smb2_lock_rsp *rsp = smb2_get_msg(work->response_buf); struct smb2_lock_element *lock_ele; struct ksmbd_file *fp = NULL; struct file_lock *flock = NULL; @@ -6767,12 +6811,9 @@ int prior_lock = 0; ksmbd_debug(SMB, "Received lock request\n"); - fp = ksmbd_lookup_fd_slow(work, - le64_to_cpu(req->VolatileFileId), - le64_to_cpu(req->PersistentFileId)); + fp = ksmbd_lookup_fd_slow(work, req->VolatileFileId, req->PersistentFileId); if (!fp) { - ksmbd_debug(SMB, "Invalid file id for lock : %llu\n", - le64_to_cpu(req->VolatileFileId)); + ksmbd_debug(SMB, "Invalid file id for lock : %llu\n", req->VolatileFileId); err = -ENOENT; goto out2; } @@ -6801,6 +6842,7 @@ if (lock_start > U64_MAX - lock_length) { pr_err("Invalid lock range requested\n"); rsp->hdr.Status = STATUS_INVALID_LOCK_RANGE; + locks_free_lock(flock); goto out; } @@ -6820,6 +6862,7 @@ "the end offset(%llx) is smaller than the start offset(%llx)\n", flock->fl_end, flock->fl_start); rsp->hdr.Status = STATUS_INVALID_LOCK_RANGE; + locks_free_lock(flock); goto out; } @@ -6831,6 +6874,7 @@ flock->fl_type != F_UNLCK) { pr_err("conflict two locks in one request\n"); err = -EINVAL; + locks_free_lock(flock); goto out; } } @@ -6839,6 +6883,7 @@ smb_lock = smb2_lock_init(flock, cmd, flags, &lock_list); if (!smb_lock) { err = -EINVAL; + locks_free_lock(flock); goto out; } } @@ -6998,6 +7043,14 @@ ksmbd_vfs_posix_lock_wait(flock); + spin_lock(&work->conn->request_lock); + spin_lock(&fp->f_lock); + list_del(&work->fp_entry); + work->cancel_fn = NULL; + kfree(argv); + spin_unlock(&fp->f_lock); + spin_unlock(&work->conn->request_lock); + if (work->state != KSMBD_WORK_ACTIVE) { list_del(&smb_lock->llist); spin_lock(&work->conn->llist_lock); @@ -7006,9 +7059,6 @@ locks_free_lock(flock); if (work->state == KSMBD_WORK_CANCELLED) { - spin_lock(&fp->f_lock); - list_del(&work->fp_entry); - spin_unlock(&fp->f_lock); rsp->hdr.Status = STATUS_CANCELLED; kfree(smb_lock); @@ -7030,9 +7080,6 @@ list_del(&smb_lock->clist); spin_unlock(&work->conn->llist_lock); - spin_lock(&fp->f_lock); - list_del(&work->fp_entry); - spin_unlock(&fp->f_lock); goto retry; } else if (!rc) { spin_lock(&work->conn->llist_lock); @@ -7056,7 +7103,7 @@ ksmbd_debug(SMB, "successful in taking lock\n"); rsp->hdr.Status = STATUS_SUCCESS; rsp->Reserved = 0; - inc_rfc1001_len(rsp, 4); + inc_rfc1001_len(work->response_buf, 4); ksmbd_fd_put(work, fp); return 0; @@ -7127,8 +7174,8 @@ ci_rsp = (struct copychunk_ioctl_rsp *)&rsp->Buffer[0]; - rsp->VolatileFileId = cpu_to_le64(volatile_id); - rsp->PersistentFileId = cpu_to_le64(persistent_id); + rsp->VolatileFileId = volatile_id; + rsp->PersistentFileId = persistent_id; ci_rsp->ChunksWritten = cpu_to_le32(ksmbd_server_side_copy_max_chunk_count()); ci_rsp->ChunkBytesWritten = @@ -7249,15 +7296,10 @@ struct sockaddr_storage_rsp *sockaddr_storage; unsigned int flags; unsigned long long speed; - struct sockaddr_in6 *csin6 = (struct sockaddr_in6 *)&conn->peer_addr; rtnl_lock(); for_each_netdev(&init_net, netdev) { - if (out_buf_len < - nbytes + sizeof(struct network_interface_info_ioctl_rsp)) { - rtnl_unlock(); - return -ENOSPC; - } + bool ipv4_set = false; if (netdev->type == ARPHRD_LOOPBACK) continue; @@ -7265,12 +7307,20 @@ flags = dev_get_flags(netdev); if (!(flags & IFF_RUNNING)) continue; +ipv6_retry: + if (out_buf_len < + nbytes + sizeof(struct network_interface_info_ioctl_rsp)) { + rtnl_unlock(); + return -ENOSPC; + } nii_rsp = (struct network_interface_info_ioctl_rsp *) &rsp->Buffer[nbytes]; nii_rsp->IfIndex = cpu_to_le32(netdev->ifindex); nii_rsp->Capability = 0; + if (netdev->real_num_tx_queues > 1) + nii_rsp->Capability |= cpu_to_le32(RSS_CAPABLE); if (ksmbd_rdma_capable_netdev(netdev)) nii_rsp->Capability |= cpu_to_le32(RDMA_CAPABLE); @@ -7295,8 +7345,7 @@ nii_rsp->SockAddr_Storage; memset(sockaddr_storage, 0, 128); - if (conn->peer_addr.ss_family == PF_INET || - ipv6_addr_v4mapped(&csin6->sin6_addr)) { + if (!ipv4_set) { struct in_device *idev; sockaddr_storage->Family = cpu_to_le16(INTERNETWORK); @@ -7307,6 +7356,9 @@ continue; sockaddr_storage->addr4.IPv4address = idev_ipv4_address(idev); + nbytes += sizeof(struct network_interface_info_ioctl_rsp); + ipv4_set = true; + goto ipv6_retry; } else { struct inet6_dev *idev6; struct inet6_ifaddr *ifa; @@ -7328,18 +7380,17 @@ break; } sockaddr_storage->addr6.ScopeId = 0; - } - nbytes += sizeof(struct network_interface_info_ioctl_rsp); } + } rtnl_unlock(); /* zero if this is last one */ if (nii_rsp) nii_rsp->Next = 0; - rsp->PersistentFileId = cpu_to_le64(SMB2_NO_FID); - rsp->VolatileFileId = cpu_to_le64(SMB2_NO_FID); + rsp->PersistentFileId = SMB2_NO_FID; + rsp->VolatileFileId = SMB2_NO_FID; return nbytes; } @@ -7398,13 +7449,16 @@ if (in_count == 0) return -EINVAL; + start = le64_to_cpu(qar_req->file_offset); + length = le64_to_cpu(qar_req->length); + + if (start < 0 || length < 0) + return -EINVAL; + fp = ksmbd_lookup_fd_fast(work, id); if (!fp) return -ENOENT; - start = le64_to_cpu(qar_req->file_offset); - length = le64_to_cpu(qar_req->length); - ret = ksmbd_vfs_fqar_lseek(fp, start, length, qar_rsp, in_count, out_count); if (ret && ret != -E2BIG) @@ -7506,9 +7560,7 @@ { struct ksmbd_file *fp; - fp = ksmbd_lookup_fd_slow(work, - le64_to_cpu(req->VolatileFileId), - le64_to_cpu(req->PersistentFileId)); + fp = ksmbd_lookup_fd_slow(work, req->VolatileFileId, req->PersistentFileId); if (!fp) return -ENOENT; @@ -7529,28 +7581,27 @@ int smb2_ioctl(struct ksmbd_work *work) { struct smb2_ioctl_req *req; - struct smb2_ioctl_rsp *rsp, *rsp_org; + struct smb2_ioctl_rsp *rsp; unsigned int cnt_code, nbytes = 0, out_buf_len, in_buf_len; u64 id = KSMBD_NO_FID; struct ksmbd_conn *conn = work->conn; int ret = 0; - rsp_org = work->response_buf; if (work->next_smb2_rcv_hdr_off) { req = ksmbd_req_buf_next(work); rsp = ksmbd_resp_buf_next(work); - if (!has_file_id(le64_to_cpu(req->VolatileFileId))) { + if (!has_file_id(req->VolatileFileId)) { ksmbd_debug(SMB, "Compound request set FID = %llu\n", work->compound_fid); id = work->compound_fid; } } else { - req = work->request_buf; - rsp = work->response_buf; + req = smb2_get_msg(work->request_buf); + rsp = smb2_get_msg(work->response_buf); } if (!has_file_id(id)) - id = le64_to_cpu(req->VolatileFileId); + id = req->VolatileFileId; if (req->Flags != cpu_to_le32(SMB2_0_IOCTL_IS_FSCTL)) { rsp->hdr.Status = STATUS_NOT_SUPPORTED; @@ -7602,11 +7653,16 @@ goto out; } - if (in_buf_len < sizeof(struct validate_negotiate_info_req)) - return -EINVAL; + if (in_buf_len < offsetof(struct validate_negotiate_info_req, + Dialects)) { + ret = -EINVAL; + goto out; + } - if (out_buf_len < sizeof(struct validate_negotiate_info_rsp)) - return -EINVAL; + if (out_buf_len < sizeof(struct validate_negotiate_info_rsp)) { + ret = -EINVAL; + goto out; + } ret = fsctl_validate_negotiate_info(conn, (struct validate_negotiate_info_req *)&req->Buffer[0], @@ -7616,8 +7672,8 @@ goto out; nbytes = sizeof(struct validate_negotiate_info_rsp); - rsp->PersistentFileId = cpu_to_le64(SMB2_NO_FID); - rsp->VolatileFileId = cpu_to_le64(SMB2_NO_FID); + rsp->PersistentFileId = SMB2_NO_FID; + rsp->VolatileFileId = SMB2_NO_FID; break; case FSCTL_QUERY_NETWORK_INTERFACE_INFO: ret = fsctl_query_iface_info_ioctl(conn, rsp, out_buf_len); @@ -7665,8 +7721,8 @@ (struct copychunk_ioctl_req *)&req->Buffer[0], le32_to_cpu(req->CntCode), le32_to_cpu(req->InputCount), - le64_to_cpu(req->VolatileFileId), - le64_to_cpu(req->PersistentFileId), + req->VolatileFileId, + req->PersistentFileId, rsp); break; case FSCTL_SET_SPARSE: @@ -7684,7 +7740,7 @@ { struct file_zero_data_information *zero_data; struct ksmbd_file *fp; - loff_t off, len; + loff_t off, len, bfz; if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) { ksmbd_debug(SMB, @@ -7701,19 +7757,26 @@ zero_data = (struct file_zero_data_information *)&req->Buffer[0]; + off = le64_to_cpu(zero_data->FileOffset); + bfz = le64_to_cpu(zero_data->BeyondFinalZero); + if (off < 0 || bfz < 0 || off > bfz) { + ret = -EINVAL; + goto out; + } + + len = bfz - off; + if (len) { fp = ksmbd_lookup_fd_fast(work, id); if (!fp) { ret = -ENOENT; goto out; } - off = le64_to_cpu(zero_data->FileOffset); - len = le64_to_cpu(zero_data->BeyondFinalZero) - off; - ret = ksmbd_vfs_zero_data(work, fp, off, len); ksmbd_fd_put(work, fp); if (ret < 0) goto out; + } break; } case FSCTL_QUERY_ALLOCATED_RANGES: @@ -7826,7 +7889,7 @@ rsp->Reserved = cpu_to_le16(0); rsp->Flags = cpu_to_le32(0); rsp->Reserved2 = cpu_to_le32(0); - inc_rfc1001_len(rsp_org, 48 + nbytes); + inc_rfc1001_len(work->response_buf, 48 + nbytes); return 0; @@ -7853,8 +7916,8 @@ */ static void smb20_oplock_break_ack(struct ksmbd_work *work) { - struct smb2_oplock_break *req = work->request_buf; - struct smb2_oplock_break *rsp = work->response_buf; + struct smb2_oplock_break *req = smb2_get_msg(work->request_buf); + struct smb2_oplock_break *rsp = smb2_get_msg(work->response_buf); struct ksmbd_file *fp; struct oplock_info *opinfo = NULL; __le32 err = 0; @@ -7961,7 +8024,7 @@ rsp->Reserved2 = 0; rsp->VolatileFid = cpu_to_le64(volatile_id); rsp->PersistentFid = cpu_to_le64(persistent_id); - inc_rfc1001_len(rsp, 24); + inc_rfc1001_len(work->response_buf, 24); return; err_out: @@ -7997,8 +8060,8 @@ static void smb21_lease_break_ack(struct ksmbd_work *work) { struct ksmbd_conn *conn = work->conn; - struct smb2_lease_ack *req = work->request_buf; - struct smb2_lease_ack *rsp = work->response_buf; + struct smb2_lease_ack *req = smb2_get_msg(work->request_buf); + struct smb2_lease_ack *rsp = smb2_get_msg(work->response_buf); struct oplock_info *opinfo; __le32 err = 0; int ret = 0; @@ -8110,7 +8173,7 @@ memcpy(rsp->LeaseKey, req->LeaseKey, 16); rsp->LeaseState = lease_state; rsp->LeaseDuration = 0; - inc_rfc1001_len(rsp, 36); + inc_rfc1001_len(work->response_buf, 36); return; err_out: @@ -8131,8 +8194,8 @@ */ int smb2_oplock_break(struct ksmbd_work *work) { - struct smb2_oplock_break *req = work->request_buf; - struct smb2_oplock_break *rsp = work->response_buf; + struct smb2_oplock_break *req = smb2_get_msg(work->request_buf); + struct smb2_oplock_break *rsp = smb2_get_msg(work->response_buf); switch (le16_to_cpu(req->StructureSize)) { case OP_BREAK_STRUCT_SIZE_20: @@ -8184,7 +8247,7 @@ */ bool smb2_is_sign_req(struct ksmbd_work *work, unsigned int command) { - struct smb2_hdr *rcv_hdr2 = work->request_buf; + struct smb2_hdr *rcv_hdr2 = smb2_get_msg(work->request_buf); if ((rcv_hdr2->Flags & SMB2_FLAGS_SIGNED) && command != SMB2_NEGOTIATE_HE && @@ -8203,22 +8266,22 @@ */ int smb2_check_sign_req(struct ksmbd_work *work) { - struct smb2_hdr *hdr, *hdr_org; + struct smb2_hdr *hdr; char signature_req[SMB2_SIGNATURE_SIZE]; char signature[SMB2_HMACSHA256_SIZE]; struct kvec iov[1]; size_t len; - hdr_org = hdr = work->request_buf; + hdr = smb2_get_msg(work->request_buf); if (work->next_smb2_rcv_hdr_off) hdr = ksmbd_req_buf_next(work); if (!hdr->NextCommand && !work->next_smb2_rcv_hdr_off) - len = be32_to_cpu(hdr_org->smb2_buf_length); + len = get_rfc1002_len(work->request_buf); else if (hdr->NextCommand) len = le32_to_cpu(hdr->NextCommand); else - len = be32_to_cpu(hdr_org->smb2_buf_length) - + len = get_rfc1002_len(work->request_buf) - work->next_smb2_rcv_hdr_off; memcpy(signature_req, hdr->Signature, SMB2_SIGNATURE_SIZE); @@ -8246,25 +8309,26 @@ */ void smb2_set_sign_rsp(struct ksmbd_work *work) { - struct smb2_hdr *hdr, *hdr_org; + struct smb2_hdr *hdr; struct smb2_hdr *req_hdr; char signature[SMB2_HMACSHA256_SIZE]; struct kvec iov[2]; size_t len; int n_vec = 1; - hdr_org = hdr = work->response_buf; + hdr = smb2_get_msg(work->response_buf); if (work->next_smb2_rsp_hdr_off) hdr = ksmbd_resp_buf_next(work); req_hdr = ksmbd_req_buf_next(work); if (!work->next_smb2_rsp_hdr_off) { - len = get_rfc1002_len(hdr_org); + len = get_rfc1002_len(work->response_buf); if (req_hdr->NextCommand) len = ALIGN(len, 8); } else { - len = get_rfc1002_len(hdr_org) - work->next_smb2_rsp_hdr_off; + len = get_rfc1002_len(work->response_buf) - + work->next_smb2_rsp_hdr_off; len = ALIGN(len, 8); } @@ -8300,32 +8364,36 @@ { struct ksmbd_conn *conn = work->conn; char *signing_key; - struct smb2_hdr *hdr, *hdr_org; + struct smb2_hdr *hdr; struct channel *chann; char signature_req[SMB2_SIGNATURE_SIZE]; char signature[SMB2_CMACAES_SIZE]; struct kvec iov[1]; size_t len; - hdr_org = hdr = work->request_buf; + hdr = smb2_get_msg(work->request_buf); if (work->next_smb2_rcv_hdr_off) hdr = ksmbd_req_buf_next(work); if (!hdr->NextCommand && !work->next_smb2_rcv_hdr_off) - len = be32_to_cpu(hdr_org->smb2_buf_length); + len = get_rfc1002_len(work->request_buf); else if (hdr->NextCommand) len = le32_to_cpu(hdr->NextCommand); else - len = be32_to_cpu(hdr_org->smb2_buf_length) - + len = get_rfc1002_len(work->request_buf) - work->next_smb2_rcv_hdr_off; if (le16_to_cpu(hdr->Command) == SMB2_SESSION_SETUP_HE) { signing_key = work->sess->smb3signingkey; } else { + read_lock(&work->sess->chann_lock); chann = lookup_chann_list(work->sess, conn); - if (!chann) + if (!chann) { + read_unlock(&work->sess->chann_lock); return 0; + } signing_key = chann->smb3signingkey; + read_unlock(&work->sess->chann_lock); } if (!signing_key) { @@ -8357,8 +8425,7 @@ void smb3_set_sign_rsp(struct ksmbd_work *work) { struct ksmbd_conn *conn = work->conn; - struct smb2_hdr *req_hdr; - struct smb2_hdr *hdr, *hdr_org; + struct smb2_hdr *req_hdr, *hdr; struct channel *chann; char signature[SMB2_CMACAES_SIZE]; struct kvec iov[2]; @@ -8366,18 +8433,19 @@ size_t len; char *signing_key; - hdr_org = hdr = work->response_buf; + hdr = smb2_get_msg(work->response_buf); if (work->next_smb2_rsp_hdr_off) hdr = ksmbd_resp_buf_next(work); req_hdr = ksmbd_req_buf_next(work); if (!work->next_smb2_rsp_hdr_off) { - len = get_rfc1002_len(hdr_org); + len = get_rfc1002_len(work->response_buf); if (req_hdr->NextCommand) len = ALIGN(len, 8); } else { - len = get_rfc1002_len(hdr_org) - work->next_smb2_rsp_hdr_off; + len = get_rfc1002_len(work->response_buf) - + work->next_smb2_rsp_hdr_off; len = ALIGN(len, 8); } @@ -8385,10 +8453,14 @@ le16_to_cpu(hdr->Command) == SMB2_SESSION_SETUP_HE) { signing_key = work->sess->smb3signingkey; } else { + read_lock(&work->sess->chann_lock); chann = lookup_chann_list(work->sess, work->conn); - if (!chann) + if (!chann) { + read_unlock(&work->sess->chann_lock); return; + } signing_key = chann->smb3signingkey; + read_unlock(&work->sess->chann_lock); } if (!signing_key) @@ -8430,7 +8502,7 @@ if (le16_to_cpu(req->Command) == SMB2_NEGOTIATE_HE && conn->preauth_info) - ksmbd_gen_preauth_integrity_hash(conn, (char *)rsp, + ksmbd_gen_preauth_integrity_hash(conn, work->response_buf, conn->preauth_info->Preauth_HashValue); if (le16_to_cpu(rsp->Command) == SMB2_SESSION_SETUP_HE && sess) { @@ -8448,18 +8520,18 @@ if (!hash_value) return; } - ksmbd_gen_preauth_integrity_hash(conn, (char *)rsp, + ksmbd_gen_preauth_integrity_hash(conn, work->response_buf, hash_value); } } -static void fill_transform_hdr(struct smb2_transform_hdr *tr_hdr, char *old_buf, - __le16 cipher_type) +static void fill_transform_hdr(void *tr_buf, char *old_buf, __le16 cipher_type) { - struct smb2_hdr *hdr = (struct smb2_hdr *)old_buf; + struct smb2_transform_hdr *tr_hdr = tr_buf + 4; + struct smb2_hdr *hdr = smb2_get_msg(old_buf); unsigned int orig_len = get_rfc1002_len(old_buf); - memset(tr_hdr, 0, sizeof(struct smb2_transform_hdr)); + memset(tr_buf, 0, sizeof(struct smb2_transform_hdr) + 4); tr_hdr->ProtocolId = SMB2_TRANSFORM_PROTO_NUM; tr_hdr->OriginalMessageSize = cpu_to_le32(orig_len); tr_hdr->Flags = cpu_to_le16(0x01); @@ -8469,14 +8541,13 @@ else get_random_bytes(&tr_hdr->Nonce, SMB3_AES_CCM_NONCE); memcpy(&tr_hdr->SessionId, &hdr->SessionId, 8); - inc_rfc1001_len(tr_hdr, sizeof(struct smb2_transform_hdr) - 4); - inc_rfc1001_len(tr_hdr, orig_len); + inc_rfc1001_len(tr_buf, sizeof(struct smb2_transform_hdr)); + inc_rfc1001_len(tr_buf, orig_len); } int smb3_encrypt_resp(struct ksmbd_work *work) { char *buf = work->response_buf; - struct smb2_transform_hdr *tr_hdr; struct kvec iov[3]; int rc = -ENOMEM; int buf_size = 0, rq_nvec = 2 + (work->aux_payload_sz ? 1 : 0); @@ -8484,15 +8555,15 @@ if (ARRAY_SIZE(iov) < rq_nvec) return -ENOMEM; - tr_hdr = kzalloc(sizeof(struct smb2_transform_hdr), GFP_KERNEL); - if (!tr_hdr) + work->tr_buf = kzalloc(sizeof(struct smb2_transform_hdr) + 4, GFP_KERNEL); + if (!work->tr_buf) return rc; /* fill transform header */ - fill_transform_hdr(tr_hdr, buf, work->conn->cipher_type); + fill_transform_hdr(work->tr_buf, buf, work->conn->cipher_type); - iov[0].iov_base = tr_hdr; - iov[0].iov_len = sizeof(struct smb2_transform_hdr); + iov[0].iov_base = work->tr_buf; + iov[0].iov_len = sizeof(struct smb2_transform_hdr) + 4; buf_size += iov[0].iov_len - 4; iov[1].iov_base = buf + 4; @@ -8507,35 +8578,31 @@ buf_size += iov[1].iov_len; work->resp_hdr_sz = iov[1].iov_len; - rc = ksmbd_crypt_message(work->conn, iov, rq_nvec, 1); + rc = ksmbd_crypt_message(work, iov, rq_nvec, 1); if (rc) return rc; memmove(buf, iov[1].iov_base, iov[1].iov_len); - tr_hdr->smb2_buf_length = cpu_to_be32(buf_size); - work->tr_buf = tr_hdr; + *(__be32 *)work->tr_buf = cpu_to_be32(buf_size); return rc; } bool smb3_is_transform_hdr(void *buf) { - struct smb2_transform_hdr *trhdr = buf; + struct smb2_transform_hdr *trhdr = smb2_get_msg(buf); return trhdr->ProtocolId == SMB2_TRANSFORM_PROTO_NUM; } int smb3_decrypt_req(struct ksmbd_work *work) { - struct ksmbd_conn *conn = work->conn; struct ksmbd_session *sess; char *buf = work->request_buf; - struct smb2_hdr *hdr; unsigned int pdu_length = get_rfc1002_len(buf); struct kvec iov[2]; - int buf_data_size = pdu_length + 4 - - sizeof(struct smb2_transform_hdr); - struct smb2_transform_hdr *tr_hdr = (struct smb2_transform_hdr *)buf; + int buf_data_size = pdu_length - sizeof(struct smb2_transform_hdr); + struct smb2_transform_hdr *tr_hdr = smb2_get_msg(buf); int rc = 0; if (buf_data_size < sizeof(struct smb2_hdr)) { @@ -8549,7 +8616,7 @@ return -ECONNABORTED; } - sess = ksmbd_session_lookup_all(conn, le64_to_cpu(tr_hdr->SessionId)); + sess = ksmbd_session_lookup_all(work->conn, le64_to_cpu(tr_hdr->SessionId)); if (!sess) { pr_err("invalid session id(%llx) in transform header\n", le64_to_cpu(tr_hdr->SessionId)); @@ -8557,16 +8624,15 @@ } iov[0].iov_base = buf; - iov[0].iov_len = sizeof(struct smb2_transform_hdr); - iov[1].iov_base = buf + sizeof(struct smb2_transform_hdr); + iov[0].iov_len = sizeof(struct smb2_transform_hdr) + 4; + iov[1].iov_base = buf + sizeof(struct smb2_transform_hdr) + 4; iov[1].iov_len = buf_data_size; - rc = ksmbd_crypt_message(conn, iov, 2, 0); + rc = ksmbd_crypt_message(work, iov, 2, 0); if (rc) return rc; memmove(buf + 4, iov[1].iov_base, buf_data_size); - hdr = (struct smb2_hdr *)buf; - hdr->smb2_buf_length = cpu_to_be32(buf_data_size); + *(__be32 *)buf = cpu_to_be32(buf_data_size); return rc; } @@ -8574,7 +8640,8 @@ bool smb3_11_final_sess_setup_resp(struct ksmbd_work *work) { struct ksmbd_conn *conn = work->conn; - struct smb2_hdr *rsp = work->response_buf; + struct ksmbd_session *sess = work->sess; + struct smb2_hdr *rsp = smb2_get_msg(work->response_buf); if (conn->dialect < SMB30_PROT_ID) return false; @@ -8583,6 +8650,7 @@ rsp = ksmbd_resp_buf_next(work); if (le16_to_cpu(rsp->Command) == SMB2_SESSION_SETUP_HE && + sess->user && !user_guest(sess->user) && rsp->Status == STATUS_SUCCESS) return true; return false; diff -ruw linux-5.15.42/fs/ksmbd/smb2pdu.h linux-5.15.42-fbx/fs/ksmbd/smb2pdu.h --- linux-5.15.42/fs/ksmbd/smb2pdu.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/smb2pdu.h 2024-04-22 14:46:57.132246909 +0200 @@ -130,11 +130,6 @@ cpu_to_le16(__SMB2_HEADER_STRUCTURE_SIZE) struct smb2_hdr { - __be32 smb2_buf_length; /* big endian on wire */ - /* - * length is only two or three bytes - with - * one or two byte type preceding it that MBZ - */ __le32 ProtocolId; /* 0xFE 'S' 'M' 'B' */ __le16 StructureSize; /* 64 */ __le16 CreditCharge; /* MBZ */ @@ -164,11 +159,6 @@ #define SMB3_AES_GCM_NONCE 12 struct smb2_transform_hdr { - __be32 smb2_buf_length; /* big endian on wire */ - /* - * length is only two or three bytes - with - * one or two byte type preceding it that MBZ - */ __le32 ProtocolId; /* 0xFD 'S' 'M' 'B' */ __u8 Signature[16]; __u8 Nonce[16]; @@ -253,14 +243,14 @@ __u8 Preauth_HashValue[PREAUTH_HASHVALUE_SIZE]; }; -/* offset is sizeof smb2_negotiate_rsp - 4 but rounded up to 8 bytes. */ +/* offset is sizeof smb2_negotiate_rsp but rounded up to 8 bytes. */ #ifdef CONFIG_SMB_SERVER_KERBEROS5 -/* sizeof(struct smb2_negotiate_rsp) - 4 = +/* sizeof(struct smb2_negotiate_rsp) = * header(64) + response(64) + GSS_LENGTH(96) + GSS_PADDING(0) */ #define OFFSET_OF_NEG_CONTEXT 0xe0 #else -/* sizeof(struct smb2_negotiate_rsp) - 4 = +/* sizeof(struct smb2_negotiate_rsp) = * header(64) + response(64) + GSS_LENGTH(74) + GSS_PADDING(6) */ #define OFFSET_OF_NEG_CONTEXT 0xd0 @@ -611,8 +601,8 @@ __le64 EndofFile; __le32 FileAttributes; __le32 Reserved2; - __le64 PersistentFileId; - __le64 VolatileFileId; + __u64 PersistentFileId; + __u64 VolatileFileId; __le32 CreateContextsOffset; __le32 CreateContextsLength; __u8 Buffer[1]; @@ -643,8 +633,8 @@ union { __u8 Reserved[16]; struct { - __le64 PersistentFileId; - __le64 VolatileFileId; + __u64 PersistentFileId; + __u64 VolatileFileId; } Fid; } Data; } __packed; @@ -653,8 +643,8 @@ struct create_context ccontext; __u8 Name[8]; struct { - __le64 PersistentFileId; - __le64 VolatileFileId; + __u64 PersistentFileId; + __u64 VolatileFileId; } Fid; __u8 CreateGuid[16]; __le32 Flags; @@ -783,8 +773,8 @@ __le16 StructureSize; /* Must be 24 */ __le16 Flags; __le32 Reserved; - __le64 PersistentFileId; - __le64 VolatileFileId; + __u64 PersistentFileId; + __u64 VolatileFileId; } __packed; struct smb2_close_rsp { @@ -806,8 +796,8 @@ __le16 StructureSize; /* Must be 24 */ __le16 Reserved1; __le32 Reserved2; - __le64 PersistentFileId; - __le64 VolatileFileId; + __u64 PersistentFileId; + __u64 VolatileFileId; } __packed; struct smb2_flush_rsp { @@ -833,8 +823,8 @@ __u8 Reserved; __le32 Length; __le64 Offset; - __le64 PersistentFileId; - __le64 VolatileFileId; + __u64 PersistentFileId; + __u64 VolatileFileId; __le32 MinimumCount; __le32 Channel; /* Reserved MBZ */ __le32 RemainingBytes; @@ -863,8 +853,8 @@ __le16 DataOffset; /* offset from start of SMB2 header to write data */ __le32 Length; __le64 Offset; - __le64 PersistentFileId; - __le64 VolatileFileId; + __u64 PersistentFileId; + __u64 VolatileFileId; __le32 Channel; /* Reserved MBZ */ __le32 RemainingBytes; __le16 WriteChannelInfoOffset; /* Reserved MBZ */ @@ -899,8 +889,8 @@ __le16 StructureSize; /* Must be 57 */ __le16 Reserved; /* offset from start of SMB2 header to write data */ __le32 CntCode; - __le64 PersistentFileId; - __le64 VolatileFileId; + __u64 PersistentFileId; + __u64 VolatileFileId; __le32 InputOffset; /* Reserved MBZ */ __le32 InputCount; __le32 MaxInputResponse; @@ -917,8 +907,8 @@ __le16 StructureSize; /* Must be 49 */ __le16 Reserved; /* offset from start of SMB2 header to write data */ __le32 CntCode; - __le64 PersistentFileId; - __le64 VolatileFileId; + __u64 PersistentFileId; + __u64 VolatileFileId; __le32 InputOffset; /* Reserved MBZ */ __le32 InputCount; __le32 OutputOffset; @@ -987,7 +977,7 @@ } __packed; struct resume_key_ioctl_rsp { - __le64 ResumeKey[3]; + __u64 ResumeKey[3]; __le32 ContextLength; __u8 Context[4]; /* ignored, Windows sets to 4 bytes of zero */ } __packed; @@ -1056,8 +1046,8 @@ __le16 StructureSize; /* Must be 32 */ __le16 Flags; __le32 OutputBufferLength; - __le64 PersistentFileId; - __le64 VolatileFileId; + __u64 PersistentFileId; + __u64 VolatileFileId; __u32 CompletionFileter; __u32 Reserved; } __packed; @@ -1099,8 +1089,8 @@ __le16 StructureSize; /* Must be 48 */ __le16 LockCount; __le32 Reserved; - __le64 PersistentFileId; - __le64 VolatileFileId; + __u64 PersistentFileId; + __u64 VolatileFileId; /* Followed by at least one */ struct smb2_lock_element locks[1]; } __packed; @@ -1135,8 +1125,8 @@ __u8 FileInformationClass; __u8 Flags; __le32 FileIndex; - __le64 PersistentFileId; - __le64 VolatileFileId; + __u64 PersistentFileId; + __u64 VolatileFileId; __le16 FileNameOffset; __le16 FileNameLength; __le32 OutputBufferLength; @@ -1182,8 +1172,8 @@ __le32 InputBufferLength; __le32 AdditionalInformation; __le32 Flags; - __le64 PersistentFileId; - __le64 VolatileFileId; + __u64 PersistentFileId; + __u64 VolatileFileId; __u8 Buffer[1]; } __packed; @@ -1204,8 +1194,8 @@ __le16 BufferOffset; __u16 Reserved; __le32 AdditionalInformation; - __le64 PersistentFileId; - __le64 VolatileFileId; + __u64 PersistentFileId; + __u64 VolatileFileId; __u8 Buffer[1]; } __packed; @@ -1639,6 +1629,9 @@ } __packed; /* functions */ +#ifdef CONFIG_SMB_INSECURE_SERVER +int init_smb2_0_server(struct ksmbd_conn *conn); +#endif void init_smb2_1_server(struct ksmbd_conn *conn); void init_smb3_0_server(struct ksmbd_conn *conn); void init_smb3_02_server(struct ksmbd_conn *conn); @@ -1680,6 +1673,7 @@ int smb3_encrypt_resp(struct ksmbd_work *work); bool smb3_11_final_sess_setup_resp(struct ksmbd_work *work); int smb2_set_rsp_credits(struct ksmbd_work *work); +bool smb3_encryption_negotiated(struct ksmbd_conn *conn); /* smb2 misc functions */ int ksmbd_smb2_check_message(struct ksmbd_work *work); @@ -1706,4 +1700,13 @@ int smb2_oplock_break(struct ksmbd_work *work); int smb2_notify(struct ksmbd_work *ksmbd_work); +/* + * Get the body of the smb2 message excluding the 4 byte rfc1002 headers + * from request/response buffer. + */ +static inline void *smb2_get_msg(void *buf) +{ + return buf + 4; +} + #endif /* _SMB2PDU_H */ diff -ruw linux-5.15.42/fs/ksmbd/smb_common.c linux-5.15.42-fbx/fs/ksmbd/smb_common.c --- linux-5.15.42/fs/ksmbd/smb_common.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/smb_common.c 2024-04-22 14:46:57.132246909 +0200 @@ -5,6 +5,9 @@ */ #include "smb_common.h" +#ifdef CONFIG_SMB_INSECURE_SERVER +#include "smb1pdu.h" +#endif #include "server.h" #include "misc.h" #include "smbstatus.h" @@ -22,6 +25,12 @@ #define PERIOD '.' #define mangle(V) ((char)(basechars[(V) % MANGLE_BASE])) +#ifdef CONFIG_SMB_INSECURE_SERVER +#define KSMBD_MIN_SUPPORTED_HEADER_SIZE (sizeof(struct smb_hdr)) +#else +#define KSMBD_MIN_SUPPORTED_HEADER_SIZE (sizeof(struct smb2_hdr)) +#endif + struct smb_protocol { int index; char *name; @@ -30,12 +39,27 @@ }; static struct smb_protocol smb1_protos[] = { +#ifdef CONFIG_SMB_INSECURE_SERVER + { + SMB1_PROT, + "\2NT LM 0.12", + "NT1", + SMB10_PROT_ID + }, + { + SMB2_PROT, + "\2SMB 2.002", + "SMB2_02", + SMB20_PROT_ID + }, +#else { SMB21_PROT, "\2SMB 2.1", "SMB2_10", SMB21_PROT_ID }, +#endif { SMB2X_PROT, "\2SMB 2.???", @@ -45,6 +69,14 @@ }; static struct smb_protocol smb2_protos[] = { +#ifdef CONFIG_SMB_INSECURE_SERVER + { + SMB2_PROT, + "\2SMB 2.002", + "SMB2_02", + SMB20_PROT_ID + }, +#endif { SMB21_PROT, "\2SMB 2.1", @@ -88,7 +120,11 @@ inline int ksmbd_min_protocol(void) { +#ifdef CONFIG_SMB_INSECURE_SERVER + return SMB1_PROT; +#else return SMB21_PROT; +#endif } inline int ksmbd_max_protocol(void) @@ -132,7 +168,17 @@ */ int ksmbd_verify_smb_message(struct ksmbd_work *work) { - struct smb2_hdr *smb2_hdr = work->request_buf + work->next_smb2_rcv_hdr_off; + struct smb2_hdr *smb2_hdr = ksmbd_req_buf_next(work); + +#ifdef CONFIG_SMB_INSECURE_SERVER + if (smb2_hdr->ProtocolId == SMB2_PROTO_NUMBER) { + ksmbd_debug(SMB, "got SMB2 command\n"); + return ksmbd_smb2_check_message(work); + } + + work->conn->outstanding_credits++; + return ksmbd_smb1_check_message(work); +#else struct smb_hdr *hdr; if (smb2_hdr->ProtocolId == SMB2_PROTO_NUMBER) @@ -140,10 +186,13 @@ hdr = work->request_buf; if (*(__le32 *)hdr->Protocol == SMB1_PROTO_NUMBER && - hdr->Command == SMB_COM_NEGOTIATE) + hdr->Command == SMB_COM_NEGOTIATE) { + work->conn->outstanding_credits++; return 0; + } return -EINVAL; +#endif } /** @@ -239,14 +288,14 @@ static int ksmbd_negotiate_smb_dialect(void *buf) { int smb_buf_length = get_rfc1002_len(buf); - __le32 proto = ((struct smb2_hdr *)buf)->ProtocolId; + __le32 proto = ((struct smb2_hdr *)smb2_get_msg(buf))->ProtocolId; if (proto == SMB2_PROTO_NUMBER) { struct smb2_negotiate_req *req; int smb2_neg_size = - offsetof(struct smb2_negotiate_req, Dialects) - 4; + offsetof(struct smb2_negotiate_req, Dialects); - req = (struct smb2_negotiate_req *)buf; + req = (struct smb2_negotiate_req *)smb2_get_msg(buf); if (smb2_neg_size > smb_buf_length) goto err_out; @@ -282,11 +331,23 @@ int ksmbd_init_smb_server(struct ksmbd_work *work) { struct ksmbd_conn *conn = work->conn; +#ifdef CONFIG_SMB_INSECURE_SERVER + void *buf = work->request_buf; + __le32 proto; +#endif if (conn->need_neg == false) return 0; +#ifdef CONFIG_SMB_INSECURE_SERVER + proto = *(__le32 *)((struct smb_hdr *)buf)->Protocol; + if (proto == SMB1_PROTO_NUMBER) + init_smb1_server(conn); + else + init_smb3_11_server(conn); +#else init_smb3_11_server(conn); +#endif if (conn->ops->get_cmd_val(work) != SMB_COM_NEGOTIATE) conn->need_neg = false; @@ -428,6 +489,7 @@ return len; } +#ifndef CONFIG_SMB_INSECURE_SERVER static int __smb2_negotiate(struct ksmbd_conn *conn) { return (conn->dialect >= SMB21_PROT_ID && @@ -442,17 +504,25 @@ neg_rsp->hdr.Status.CifsError = STATUS_INVALID_LOGON_TYPE; return -EINVAL; } +#else +static int __smb2_negotiate(struct ksmbd_conn *conn) +{ + return (conn->dialect >= SMB20_PROT_ID && + conn->dialect <= SMB311_PROT_ID); +} +#endif int ksmbd_smb_negotiate_common(struct ksmbd_work *work, unsigned int command) { struct ksmbd_conn *conn = work->conn; int ret; - conn->dialect = ksmbd_negotiate_smb_dialect(work->request_buf); + conn->dialect = + ksmbd_negotiate_smb_dialect(work->request_buf); ksmbd_debug(SMB, "conn->dialect 0x%x\n", conn->dialect); if (command == SMB2_NEGOTIATE_HE) { - struct smb2_hdr *smb2_hdr = work->request_buf; + struct smb2_hdr *smb2_hdr = smb2_get_msg(work->request_buf); if (smb2_hdr->ProtocolId != SMB2_PROTO_NUMBER) { ksmbd_debug(SMB, "Downgrade to SMB1 negotiation\n"); diff -ruw linux-5.15.42/fs/ksmbd/smb_common.h linux-5.15.42-fbx/fs/ksmbd/smb_common.h --- linux-5.15.42/fs/ksmbd/smb_common.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/smb_common.h 2024-04-22 14:46:57.132246909 +0200 @@ -50,6 +50,11 @@ #define MAX_STREAM_PROT_LEN 0x00FFFFFF +#ifdef CONFIG_SMB_INSECURE_SERVER +#define IS_SMB2(x) ((x)->vals->protocol_id != SMB10_PROT_ID) +#define MAX_HEADER_SIZE(conn) ((conn)->vals->max_header_size) + +#endif /* Responses when opening a file. */ #define F_SUPERSEDED 0 #define F_OPENED 1 @@ -468,7 +473,7 @@ int (*check_sign_req)(struct ksmbd_work *work); void (*set_sign_rsp)(struct ksmbd_work *work); int (*generate_signingkey)(struct ksmbd_session *sess, struct ksmbd_conn *conn); - int (*generate_encryptionkey)(struct ksmbd_session *sess); + int (*generate_encryptionkey)(struct ksmbd_conn *conn, struct ksmbd_session *sess); bool (*is_transform_hdr)(void *buf); int (*decrypt_req)(struct ksmbd_work *work); int (*encrypt_resp)(struct ksmbd_work *work); @@ -478,12 +483,6 @@ int (*proc)(struct ksmbd_work *swork); }; -static inline size_t -smb2_hdr_size_no_buflen(struct smb_version_values *vals) -{ - return vals->header_size - 4; -} - int ksmbd_min_protocol(void); int ksmbd_max_protocol(void); diff -ruw linux-5.15.42/fs/ksmbd/smbacl.c linux-5.15.42-fbx/fs/ksmbd/smbacl.c --- linux-5.15.42/fs/ksmbd/smbacl.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/smbacl.c 2024-04-22 14:46:57.132246909 +0200 @@ -703,6 +703,7 @@ static void set_ntacl_dacl(struct user_namespace *user_ns, struct smb_acl *pndacl, struct smb_acl *nt_dacl, + unsigned int aces_size, const struct smb_sid *pownersid, const struct smb_sid *pgrpsid, struct smb_fattr *fattr) @@ -716,9 +717,19 @@ if (nt_num_aces) { ntace = (struct smb_ace *)((char *)nt_dacl + sizeof(struct smb_acl)); for (i = 0; i < nt_num_aces; i++) { - memcpy((char *)pndace + size, ntace, le16_to_cpu(ntace->size)); - size += le16_to_cpu(ntace->size); - ntace = (struct smb_ace *)((char *)ntace + le16_to_cpu(ntace->size)); + unsigned short nt_ace_size; + + if (offsetof(struct smb_ace, access_req) > aces_size) + break; + + nt_ace_size = le16_to_cpu(ntace->size); + if (nt_ace_size > aces_size) + break; + + memcpy((char *)pndace + size, ntace, nt_ace_size); + size += nt_ace_size; + aces_size -= nt_ace_size; + ntace = (struct smb_ace *)((char *)ntace + nt_ace_size); num_aces++; } } @@ -891,7 +902,7 @@ /* Convert permission bits from mode to equivalent CIFS ACL */ int build_sec_desc(struct user_namespace *user_ns, struct smb_ntsd *pntsd, struct smb_ntsd *ppntsd, - int addition_info, __u32 *secdesclen, + int ppntsd_size, int addition_info, __u32 *secdesclen, struct smb_fattr *fattr) { int rc = 0; @@ -951,15 +962,25 @@ if (!ppntsd) { set_mode_dacl(user_ns, dacl_ptr, fattr); - } else if (!ppntsd->dacloffset) { - goto out; } else { struct smb_acl *ppdacl_ptr; + unsigned int dacl_offset = le32_to_cpu(ppntsd->dacloffset); + int ppdacl_size, ntacl_size = ppntsd_size - dacl_offset; + + if (!dacl_offset || + (dacl_offset + sizeof(struct smb_acl) > ppntsd_size)) + goto out; + + ppdacl_ptr = (struct smb_acl *)((char *)ppntsd + dacl_offset); + ppdacl_size = le16_to_cpu(ppdacl_ptr->size); + if (ppdacl_size > ntacl_size || + ppdacl_size < sizeof(struct smb_acl)) + goto out; - ppdacl_ptr = (struct smb_acl *)((char *)ppntsd + - le32_to_cpu(ppntsd->dacloffset)); set_ntacl_dacl(user_ns, dacl_ptr, ppdacl_ptr, - nowner_sid_ptr, ngroup_sid_ptr, fattr); + ntacl_size - sizeof(struct smb_acl), + nowner_sid_ptr, ngroup_sid_ptr, + fattr); } pntsd->dacloffset = cpu_to_le32(offset); offset += le16_to_cpu(dacl_ptr->size); @@ -983,7 +1004,7 @@ } int smb_inherit_dacl(struct ksmbd_conn *conn, - struct path *path, + const struct path *path, unsigned int uid, unsigned int gid) { const struct smb_sid *psid, *creator = NULL; @@ -993,24 +1014,31 @@ struct smb_sid owner_sid, group_sid; struct dentry *parent = path->dentry->d_parent; struct user_namespace *user_ns = mnt_user_ns(path->mnt); - int inherited_flags = 0, flags = 0, i, ace_cnt = 0, nt_size = 0; - int rc = 0, num_aces, dacloffset, pntsd_type, acl_len; + int inherited_flags = 0, flags = 0, i, ace_cnt = 0, nt_size = 0, pdacl_size; + int rc = 0, num_aces, dacloffset, pntsd_type, pntsd_size, acl_len, aces_size; char *aces_base; bool is_dir = S_ISDIR(d_inode(path->dentry)->i_mode); - acl_len = ksmbd_vfs_get_sd_xattr(conn, user_ns, + pntsd_size = ksmbd_vfs_get_sd_xattr(conn, user_ns, parent, &parent_pntsd); - if (acl_len <= 0) + if (pntsd_size <= 0) return -ENOENT; dacloffset = le32_to_cpu(parent_pntsd->dacloffset); - if (!dacloffset) { + if (!dacloffset || (dacloffset + sizeof(struct smb_acl) > pntsd_size)) { rc = -EINVAL; goto free_parent_pntsd; } parent_pdacl = (struct smb_acl *)((char *)parent_pntsd + dacloffset); + acl_len = pntsd_size - dacloffset; num_aces = le32_to_cpu(parent_pdacl->num_aces); pntsd_type = le16_to_cpu(parent_pntsd->type); + pdacl_size = le16_to_cpu(parent_pdacl->size); + + if (pdacl_size > acl_len || pdacl_size < sizeof(struct smb_acl)) { + rc = -EINVAL; + goto free_parent_pntsd; + } aces_base = kmalloc(sizeof(struct smb_ace) * num_aces * 2, GFP_KERNEL); if (!aces_base) { @@ -1021,11 +1049,23 @@ aces = (struct smb_ace *)aces_base; parent_aces = (struct smb_ace *)((char *)parent_pdacl + sizeof(struct smb_acl)); + aces_size = acl_len - sizeof(struct smb_acl); if (pntsd_type & DACL_AUTO_INHERITED) inherited_flags = INHERITED_ACE; for (i = 0; i < num_aces; i++) { + int pace_size; + + if (offsetof(struct smb_ace, access_req) > aces_size) + break; + + pace_size = le16_to_cpu(parent_aces->size); + if (pace_size > aces_size) + break; + + aces_size -= pace_size; + flags = parent_aces->flags; if (!smb_inherit_flags(flags, is_dir)) goto pass; @@ -1070,8 +1110,7 @@ aces = (struct smb_ace *)((char *)aces + le16_to_cpu(aces->size)); ace_cnt++; pass: - parent_aces = - (struct smb_ace *)((char *)parent_aces + le16_to_cpu(parent_aces->size)); + parent_aces = (struct smb_ace *)((char *)parent_aces + pace_size); } if (nt_size > 0) { @@ -1159,14 +1198,14 @@ return false; } -int smb_check_perm_dacl(struct ksmbd_conn *conn, struct path *path, +int smb_check_perm_dacl(struct ksmbd_conn *conn, const struct path *path, __le32 *pdaccess, int uid) { struct user_namespace *user_ns = mnt_user_ns(path->mnt); struct smb_ntsd *pntsd = NULL; struct smb_acl *pdacl; struct posix_acl *posix_acls; - int rc = 0, acl_size; + int rc = 0, pntsd_size, acl_size, aces_size, pdacl_size, dacl_offset; struct smb_sid sid; int granted = le32_to_cpu(*pdaccess & ~FILE_MAXIMAL_ACCESS_LE); struct smb_ace *ace; @@ -1175,37 +1214,33 @@ struct smb_ace *others_ace = NULL; struct posix_acl_entry *pa_entry; unsigned int sid_type = SIDOWNER; - char *end_of_acl; + unsigned short ace_size; ksmbd_debug(SMB, "check permission using windows acl\n"); - acl_size = ksmbd_vfs_get_sd_xattr(conn, user_ns, + pntsd_size = ksmbd_vfs_get_sd_xattr(conn, user_ns, path->dentry, &pntsd); - if (acl_size <= 0 || !pntsd || !pntsd->dacloffset) { - kfree(pntsd); - return 0; - } + if (pntsd_size <= 0 || !pntsd) + goto err_out; + + dacl_offset = le32_to_cpu(pntsd->dacloffset); + if (!dacl_offset || + (dacl_offset + sizeof(struct smb_acl) > pntsd_size)) + goto err_out; pdacl = (struct smb_acl *)((char *)pntsd + le32_to_cpu(pntsd->dacloffset)); - end_of_acl = ((char *)pntsd) + acl_size; - if (end_of_acl <= (char *)pdacl) { - kfree(pntsd); - return 0; - } + acl_size = pntsd_size - dacl_offset; + pdacl_size = le16_to_cpu(pdacl->size); - if (end_of_acl < (char *)pdacl + le16_to_cpu(pdacl->size) || - le16_to_cpu(pdacl->size) < sizeof(struct smb_acl)) { - kfree(pntsd); - return 0; - } + if (pdacl_size > acl_size || pdacl_size < sizeof(struct smb_acl)) + goto err_out; if (!pdacl->num_aces) { - if (!(le16_to_cpu(pdacl->size) - sizeof(struct smb_acl)) && + if (!(pdacl_size - sizeof(struct smb_acl)) && *pdaccess & ~(FILE_READ_CONTROL_LE | FILE_WRITE_DAC_LE)) { rc = -EACCES; goto err_out; } - kfree(pntsd); - return 0; + goto err_out; } if (*pdaccess & FILE_MAXIMAL_ACCESS_LE) { @@ -1213,11 +1248,16 @@ DELETE; ace = (struct smb_ace *)((char *)pdacl + sizeof(struct smb_acl)); + aces_size = acl_size - sizeof(struct smb_acl); for (i = 0; i < le32_to_cpu(pdacl->num_aces); i++) { + if (offsetof(struct smb_ace, access_req) > aces_size) + break; + ace_size = le16_to_cpu(ace->size); + if (ace_size > aces_size) + break; + aces_size -= ace_size; granted |= le32_to_cpu(ace->access_req); ace = (struct smb_ace *)((char *)ace + le16_to_cpu(ace->size)); - if (end_of_acl < (char *)ace) - goto err_out; } if (!pdacl->num_aces) @@ -1229,7 +1269,15 @@ id_to_sid(uid, sid_type, &sid); ace = (struct smb_ace *)((char *)pdacl + sizeof(struct smb_acl)); + aces_size = acl_size - sizeof(struct smb_acl); for (i = 0; i < le32_to_cpu(pdacl->num_aces); i++) { + if (offsetof(struct smb_ace, access_req) > aces_size) + break; + ace_size = le16_to_cpu(ace->size); + if (ace_size > aces_size) + break; + aces_size -= ace_size; + if (!compare_sids(&sid, &ace->sid) || !compare_sids(&sid_unix_NFS_mode, &ace->sid)) { found = 1; @@ -1239,8 +1287,6 @@ others_ace = ace; ace = (struct smb_ace *)((char *)ace + le16_to_cpu(ace->size)); - if (end_of_acl < (char *)ace) - goto err_out; } if (*pdaccess & FILE_MAXIMAL_ACCESS_LE && found) { @@ -1274,6 +1320,7 @@ if (!access_bits) access_bits = SET_MINIMUM_RIGHTS; + posix_acl_release(posix_acls); goto check_access_bits; } } @@ -1318,7 +1365,7 @@ } int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon, - struct path *path, struct smb_ntsd *pntsd, int ntsd_len, + const struct path *path, struct smb_ntsd *pntsd, int ntsd_len, bool type_check) { int rc; diff -ruw linux-5.15.42/fs/ksmbd/smbacl.h linux-5.15.42-fbx/fs/ksmbd/smbacl.h --- linux-5.15.42/fs/ksmbd/smbacl.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/smbacl.h 2024-04-22 14:46:57.132246909 +0200 @@ -192,7 +192,7 @@ int parse_sec_desc(struct user_namespace *user_ns, struct smb_ntsd *pntsd, int acl_len, struct smb_fattr *fattr); int build_sec_desc(struct user_namespace *user_ns, struct smb_ntsd *pntsd, - struct smb_ntsd *ppntsd, int addition_info, + struct smb_ntsd *ppntsd, int ppntsd_size, int addition_info, __u32 *secdesclen, struct smb_fattr *fattr); int init_acl_state(struct posix_acl_state *state, int cnt); void free_acl_state(struct posix_acl_state *state); @@ -200,12 +200,12 @@ struct posix_acl_entry *pace); int compare_sids(const struct smb_sid *ctsid, const struct smb_sid *cwsid); bool smb_inherit_flags(int flags, bool is_dir); -int smb_inherit_dacl(struct ksmbd_conn *conn, struct path *path, +int smb_inherit_dacl(struct ksmbd_conn *conn, const struct path *path, unsigned int uid, unsigned int gid); -int smb_check_perm_dacl(struct ksmbd_conn *conn, struct path *path, +int smb_check_perm_dacl(struct ksmbd_conn *conn, const struct path *path, __le32 *pdaccess, int uid); int set_info_sec(struct ksmbd_conn *conn, struct ksmbd_tree_connect *tcon, - struct path *path, struct smb_ntsd *pntsd, int ntsd_len, + const struct path *path, struct smb_ntsd *pntsd, int ntsd_len, bool type_check); void id_to_sid(unsigned int cid, uint sidtype, struct smb_sid *ssid); void ksmbd_init_domain(u32 *sub_auth); diff -ruw linux-5.15.42/fs/ksmbd/transport_ipc.c linux-5.15.42-fbx/fs/ksmbd/transport_ipc.c --- linux-5.15.42/fs/ksmbd/transport_ipc.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/transport_ipc.c 2024-04-22 14:46:57.136247019 +0200 @@ -26,6 +26,7 @@ #include "mgmt/ksmbd_ida.h" #include "connection.h" #include "transport_tcp.h" +#include "transport_rdma.h" #define IPC_WAIT_TIMEOUT (2 * HZ) @@ -303,6 +304,8 @@ init_smb2_max_trans_size(req->smb2_max_trans); if (req->smb2_max_credits) init_smb2_max_credits(req->smb2_max_credits); + if (req->smbd_max_io_size) + init_smbd_max_io_size(req->smbd_max_io_size); ret = ksmbd_set_netbios_name(req->netbios_name); ret |= ksmbd_set_server_string(req->server_string); diff -ruw linux-5.15.42/fs/ksmbd/transport_rdma.h linux-5.15.42-fbx/fs/ksmbd/transport_rdma.h --- linux-5.15.42/fs/ksmbd/transport_rdma.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/transport_rdma.h 2024-04-22 14:46:57.136247019 +0200 @@ -7,7 +7,9 @@ #ifndef __KSMBD_TRANSPORT_RDMA_H__ #define __KSMBD_TRANSPORT_RDMA_H__ -#define SMB_DIRECT_PORT 5445 +#define SMBD_DEFAULT_IOSIZE (8 * 1024 * 1024) +#define SMBD_MIN_IOSIZE (512 * 1024) +#define SMBD_MAX_IOSIZE (16 * 1024 * 1024) /* SMB DIRECT negotiation request packet [MS-SMBD] 2.2.1 */ struct smb_direct_negotiate_req { @@ -52,12 +54,16 @@ #ifdef CONFIG_SMB_SERVER_SMBDIRECT int ksmbd_rdma_init(void); -int ksmbd_rdma_destroy(void); +void ksmbd_rdma_destroy(void); bool ksmbd_rdma_capable_netdev(struct net_device *netdev); +void init_smbd_max_io_size(unsigned int sz); +unsigned int get_smbd_max_read_write_size(void); #else static inline int ksmbd_rdma_init(void) { return 0; } static inline int ksmbd_rdma_destroy(void) { return 0; } static inline bool ksmbd_rdma_capable_netdev(struct net_device *netdev) { return false; } +static inline void init_smbd_max_io_size(unsigned int sz) { } +static inline unsigned int get_smbd_max_read_write_size(void) { return 0; } #endif #endif /* __KSMBD_TRANSPORT_RDMA_H__ */ diff -ruw linux-5.15.42/fs/ksmbd/transport_tcp.c linux-5.15.42-fbx/fs/ksmbd/transport_tcp.c --- linux-5.15.42/fs/ksmbd/transport_tcp.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/transport_tcp.c 2024-04-22 14:46:57.136247019 +0200 @@ -230,7 +230,7 @@ break; } ret = kernel_accept(iface->ksmbd_socket, &client_sk, - O_NONBLOCK); + SOCK_NONBLOCK); mutex_unlock(&iface->sock_release_lock); if (ret) { if (ret == -EAGAIN) @@ -282,12 +282,14 @@ * @iov_orig: base IO vector * @nr_segs: number of segments in base iov * @to_read: number of bytes to read from socket + * @max_retries: maximum retry count * * Return: on success return number of bytes read from socket, * otherwise return error number */ static int ksmbd_tcp_readv(struct tcp_transport *t, struct kvec *iov_orig, - unsigned int nr_segs, unsigned int to_read) + unsigned int nr_segs, unsigned int to_read, + int max_retries) { int length = 0; int total_read; @@ -322,11 +324,22 @@ total_read = -EAGAIN; break; } else if (length == -ERESTARTSYS || length == -EAGAIN) { + /* + * If max_retries is negative, Allow unlimited + * retries to keep connection with inactive sessions. + */ + if (max_retries == 0) { + total_read = length; + break; + } else if (max_retries > 0) { + max_retries--; + } + usleep_range(1000, 2000); length = 0; continue; } else if (length <= 0) { - total_read = -EAGAIN; + total_read = length; break; } } @@ -342,14 +355,15 @@ * Return: on success return number of bytes read from socket, * otherwise return error number */ -static int ksmbd_tcp_read(struct ksmbd_transport *t, char *buf, unsigned int to_read) +static int ksmbd_tcp_read(struct ksmbd_transport *t, char *buf, + unsigned int to_read, int max_retries) { struct kvec iov; iov.iov_base = buf; iov.iov_len = to_read; - return ksmbd_tcp_readv(TCP_TRANS(t), &iov, 1, to_read); + return ksmbd_tcp_readv(TCP_TRANS(t), &iov, 1, to_read, max_retries); } static int ksmbd_tcp_writev(struct ksmbd_transport *t, struct kvec *iov, @@ -399,7 +413,8 @@ ret = sock_create(PF_INET6, SOCK_STREAM, IPPROTO_TCP, &ksmbd_socket); if (ret) { - pr_err("Can't create socket for ipv6, try ipv4: %d\n", ret); + if (ret != -EAFNOSUPPORT) + pr_err("Can't create socket for ipv6, fallback to ipv4: %d\n", ret); ret = sock_create(PF_INET, SOCK_STREAM, IPPROTO_TCP, &ksmbd_socket); if (ret) { @@ -476,7 +491,7 @@ switch (event) { case NETDEV_UP: - if (netdev->priv_flags & IFF_BRIDGE_PORT) + if (netif_is_bridge_port(netdev)) return NOTIFY_OK; list_for_each_entry(iface, &iface_list, entry) { @@ -585,7 +600,7 @@ rtnl_lock(); for_each_netdev(&init_net, netdev) { - if (netdev->priv_flags & IFF_BRIDGE_PORT) + if (netif_is_bridge_port(netdev)) continue; if (!alloc_iface(kstrdup(netdev->name, GFP_KERNEL))) return -ENOMEM; diff -ruw linux-5.15.42/fs/ksmbd/unicode.c linux-5.15.42-fbx/fs/ksmbd/unicode.c --- linux-5.15.42/fs/ksmbd/unicode.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/unicode.c 2024-04-22 14:46:57.136247019 +0200 @@ -14,6 +14,24 @@ #include "uniupr.h" #include "smb_common.h" +#ifdef CONFIG_SMB_INSECURE_SERVER +int smb1_utf16_name_length(const __le16 *from, int maxbytes) +{ + int i, len = 0; + int maxwords = maxbytes / 2; + __u16 ftmp; + + for (i = 0; i < maxwords; i++) { + ftmp = get_unaligned_le16(&from[i]); + len += 2; + if (ftmp == 0) + break; + } + + return len; +} +#endif + /* * smb_utf16_bytes() - how long will a string be after conversion? * @from: pointer to input string diff -ruw linux-5.15.42/fs/ksmbd/unicode.h linux-5.15.42-fbx/fs/ksmbd/unicode.h --- linux-5.15.42/fs/ksmbd/unicode.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/unicode.h 2024-04-22 14:46:57.136247019 +0200 @@ -24,6 +24,7 @@ #include #include #include +#include #define UNIUPR_NOLOWER /* Example to not expand lower case tables */ @@ -62,6 +63,9 @@ #endif /* UNIUPR_NOLOWER */ #ifdef __KERNEL__ +#ifdef CONFIG_SMB_INSECURE_SERVER +int smb1_utf16_name_length(const __le16 *from, int maxbytes); +#endif int smb_strtoUTF16(__le16 *to, const char *from, int len, const struct nls_table *codepage); char *smb_strndup_from_utf16(const char *src, const int maxlen, @@ -69,7 +73,7 @@ const struct nls_table *codepage); int smbConvertToUTF16(__le16 *target, const char *source, int srclen, const struct nls_table *cp, int mapchars); -char *ksmbd_extract_sharename(char *treename); +char *ksmbd_extract_sharename(struct unicode_map *um, const char *treename); #endif /* diff -ruw linux-5.15.42/fs/ksmbd/vfs.c linux-5.15.42-fbx/fs/ksmbd/vfs.c --- linux-5.15.42/fs/ksmbd/vfs.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/vfs.c 2024-04-22 14:46:57.136247019 +0200 @@ -9,6 +9,7 @@ #include #include #include +#include #include #include #include @@ -378,8 +379,7 @@ if (work->conn->connection_type) { if (!(fp->daccess & (FILE_READ_DATA_LE | FILE_EXECUTE_LE))) { - pr_err("no right to read(%pd)\n", - fp->filp->f_path.dentry); + pr_err("no right to read(%pD)\n", fp->filp); return -EACCES; } } @@ -399,8 +399,7 @@ nbytes = kernel_read(filp, rbuf, count, pos); if (nbytes < 0) { - pr_err("smb read failed for (%s), err = %zd\n", - fp->filename, nbytes); + pr_err("smb read failed, err = %zd\n", nbytes); return nbytes; } @@ -483,15 +482,13 @@ char *buf, size_t count, loff_t *pos, bool sync, ssize_t *written) { - struct ksmbd_session *sess = work->sess; struct file *filp; loff_t offset = *pos; int err = 0; - if (sess->conn->connection_type) { + if (work->conn->connection_type) { if (!(fp->daccess & FILE_WRITE_DATA_LE)) { - pr_err("no right to write(%pd)\n", - fp->filp->f_path.dentry); + pr_err("no right to write(%pD)\n", fp->filp); err = -EACCES; goto out; } @@ -530,8 +527,8 @@ if (sync) { err = vfs_fsync_range(filp, offset, offset + *written, 0); if (err < 0) - pr_err("fsync failed for filename = %pd, err = %d\n", - fp->filp->f_path.dentry, err); + pr_err("fsync failed for filename = %pD, err = %d\n", + fp->filp, err); } out: @@ -546,7 +543,7 @@ * * Return: 0 on success, otherwise error */ -int ksmbd_vfs_getattr(struct path *path, struct kstat *stat) +int ksmbd_vfs_getattr(const struct path *path, struct kstat *stat) { int err; @@ -556,6 +553,269 @@ return err; } +#ifdef CONFIG_SMB_INSECURE_SERVER +/** + * smb_check_attrs() - sanitize inode attributes + * @inode: inode + * @attrs: inode attributes + */ +static void smb_check_attrs(struct inode *inode, struct iattr *attrs) +{ + /* sanitize the mode change */ + if (attrs->ia_valid & ATTR_MODE) { + attrs->ia_mode &= S_IALLUGO; + attrs->ia_mode |= (inode->i_mode & ~S_IALLUGO); + } + + /* Revoke setuid/setgid on chown */ + if (!S_ISDIR(inode->i_mode) && + (((attrs->ia_valid & ATTR_UID) && + !uid_eq(attrs->ia_uid, inode->i_uid)) || + ((attrs->ia_valid & ATTR_GID) && + !gid_eq(attrs->ia_gid, inode->i_gid)))) { + attrs->ia_valid |= ATTR_KILL_PRIV; + if (attrs->ia_valid & ATTR_MODE) { + /* we're setting mode too, just clear the s*id bits */ + attrs->ia_mode &= ~S_ISUID; + if (attrs->ia_mode & 0010) + attrs->ia_mode &= ~S_ISGID; + } else { + /* set ATTR_KILL_* bits and let VFS handle it */ + attrs->ia_valid |= (ATTR_KILL_SUID | ATTR_KILL_SGID); + } + } +} + +/** + * ksmbd_vfs_setattr() - vfs helper for smb setattr + * @work: work + * @name: file name + * @fid: file id of open file + * @attrs: inode attributes + * + * Return: 0 on success, otherwise error + */ +int ksmbd_vfs_setattr(struct ksmbd_work *work, const char *name, u64 fid, + struct iattr *attrs) +{ + struct file *filp; + struct dentry *dentry; + struct inode *inode; + struct path path; + bool update_size = false; + int err = 0; + struct ksmbd_file *fp = NULL; + struct user_namespace *user_ns; + + if (ksmbd_override_fsids(work)) + return -ENOMEM; + + if (name) { + err = kern_path(name, 0, &path); + if (err) { + ksmbd_revert_fsids(work); + ksmbd_debug(VFS, "lookup failed for %s, err = %d\n", + name, err); + return -ENOENT; + } + dentry = path.dentry; + inode = d_inode(dentry); + user_ns = mnt_user_ns(path.mnt); + } else { + fp = ksmbd_lookup_fd_fast(work, fid); + if (!fp) { + ksmbd_revert_fsids(work); + pr_err("failed to get filp for fid %llu\n", fid); + return -ENOENT; + } + + filp = fp->filp; + dentry = filp->f_path.dentry; + inode = d_inode(dentry); + user_ns = file_mnt_user_ns(filp); + } + +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) + err = inode_permission(user_ns, d_inode(dentry), MAY_WRITE); +#else + err = inode_permission(d_inode(dentry), MAY_WRITE); +#endif + if (err) + goto out; + + /* no need to update mode of symlink */ + if (S_ISLNK(inode->i_mode)) + attrs->ia_valid &= ~ATTR_MODE; + + /* skip setattr, if nothing to update */ + if (!attrs->ia_valid) { + err = 0; + goto out; + } + + smb_check_attrs(inode, attrs); + if (attrs->ia_valid & ATTR_SIZE) { + err = get_write_access(inode); + if (err) + goto out; + update_size = true; + } + + attrs->ia_valid |= ATTR_CTIME; + + inode_lock(inode); +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) + err = notify_change(user_ns, dentry, attrs, NULL); +#else + err = notify_change(dentry, attrs, NULL); +#endif + inode_unlock(inode); + + if (update_size) + put_write_access(inode); + + if (!err) { + sync_inode_metadata(inode, 1); + ksmbd_debug(VFS, "fid %llu, setattr done\n", fid); + } + +out: + if (name) + path_put(&path); + ksmbd_fd_put(work, fp); + ksmbd_revert_fsids(work); + return err; +} + +/** + * ksmbd_vfs_symlink() - vfs helper for creating smb symlink + * @name: source file name + * @symname: symlink name + * + * Return: 0 on success, otherwise error + */ +int ksmbd_vfs_symlink(struct ksmbd_work *work, const char *name, + const char *symname) +{ + struct path path; + struct dentry *dentry; + int err; + + if (ksmbd_override_fsids(work)) + return -ENOMEM; + + dentry = kern_path_create(AT_FDCWD, symname, &path, 0); + if (IS_ERR(dentry)) { + ksmbd_revert_fsids(work); + err = PTR_ERR(dentry); + pr_err("path create failed for %s, err %d\n", name, err); + return err; + } + +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) + err = vfs_symlink(mnt_user_ns(path.mnt), d_inode(dentry->d_parent), dentry, name); +#else + err = vfs_symlink(d_inode(dentry->d_parent), dentry, name); +#endif + if (err && (err != -EEXIST || err != -ENOSPC)) + ksmbd_debug(VFS, "failed to create symlink, err %d\n", err); + + done_path_create(&path, dentry); + ksmbd_revert_fsids(work); + return err; +} + +/** + * ksmbd_vfs_readlink() - vfs helper for reading value of symlink + * @path: path of symlink + * @buf: destination buffer for symlink value + * @lenp: destination buffer length + * + * Return: symlink value length on success, otherwise error + */ +int ksmbd_vfs_readlink(const struct path *path, char *buf, int lenp) +{ + struct inode *inode; + int err; +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 10, 0) + const char *link; + DEFINE_DELAYED_CALL(done); + int len; +#else + mm_segment_t old_fs; +#endif + + if (!path) + return -ENOENT; + + inode = d_inode(path->dentry); + if (!S_ISLNK(inode->i_mode)) + return -EINVAL; + +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 10, 0) + link = vfs_get_link(path->dentry, &done); + if (IS_ERR(link)) { + err = PTR_ERR(link); + pr_err("readlink failed, err = %d\n", err); + return err; + } + + len = strlen(link); + if (len > lenp) + len = lenp; + + memcpy(buf, link, len); + do_delayed_call(&done); + + return 0; +#else + old_fs = get_fs(); + set_fs(KERNEL_DS); + err = inode->i_op->readlink(path->dentry, (char __user *)buf, lenp); + set_fs(old_fs); + if (err < 0) + pr_err("readlink failed, err = %d\n", err); + + return err; +#endif +} + +int ksmbd_vfs_readdir_name(struct ksmbd_work *work, + struct user_namespace *user_ns, + struct ksmbd_kstat *ksmbd_kstat, + const char *de_name, int de_name_len, + const char *dir_path) +{ + struct path path; + int rc, file_pathlen, dir_pathlen; + char *name; + + dir_pathlen = strlen(dir_path); + /* 1 for '/'*/ + file_pathlen = dir_pathlen + de_name_len + 1; + name = kmalloc(file_pathlen + 1, GFP_KERNEL); + if (!name) + return -ENOMEM; + + memcpy(name, dir_path, dir_pathlen); + memset(name + dir_pathlen, '/', 1); + memcpy(name + dir_pathlen + 1, de_name, de_name_len); + name[file_pathlen] = '\0'; + + rc = ksmbd_vfs_kern_path(work, name, LOOKUP_NO_SYMLINKS, &path, 1); + if (rc) { + pr_err("lookup failed: %s [%d]\n", name, rc); + kfree(name); + return -ENOMEM; + } + + ksmbd_vfs_fill_dentry_attrs(work, user_ns, path.dentry, ksmbd_kstat); + path_put(&path); + kfree(name); + return 0; +} + +#endif /** * ksmbd_vfs_fsync() - vfs helper for smb fsync * @work: work @@ -852,6 +1112,9 @@ int err = 0; struct file *filp; + if (size < 0) + return -EINVAL; + filp = fp->filp; /* Do we need to break any of a levelII oplock? */ @@ -876,8 +1139,7 @@ err = vfs_truncate(&filp->f_path, size); if (err) - pr_err("truncate failed for filename : %s err %d\n", - fp->filename, err); + pr_err("truncate failed, err %d\n", err); return err; } @@ -981,6 +1243,42 @@ return err; } +#ifdef CONFIG_SMB_INSECURE_SERVER +int ksmbd_vfs_fsetxattr(struct ksmbd_work *work, const char *filename, + const char *attr_name, const void *attr_value, + size_t attr_size, int flags) +{ + struct path path; + int err; + + if (ksmbd_override_fsids(work)) + return -ENOMEM; + + err = kern_path(filename, 0, &path); + if (err) { + ksmbd_revert_fsids(work); + ksmbd_debug(VFS, "cannot get linux path %s, err %d\n", + filename, err); + return err; + } + +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) + err = vfs_setxattr(mnt_user_ns(path.mnt), path.dentry, +#else + err = vfs_setxattr(path.dentry, +#endif + attr_name, + attr_value, + attr_size, + flags); + if (err) + ksmbd_debug(VFS, "setxattr failed, err %d\n", err); + path_put(&path); + ksmbd_revert_fsids(work); + return err; +} +#endif + /** * ksmbd_vfs_set_fadvise() - convert smb IO caching options to linux options * @filp: file pointer for IO @@ -1018,7 +1316,9 @@ FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE, off, len); - return vfs_fallocate(fp->filp, FALLOC_FL_ZERO_RANGE, off, len); + return vfs_fallocate(fp->filp, + FALLOC_FL_ZERO_RANGE | FALLOC_FL_KEEP_SIZE, + off, len); } int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length, @@ -1049,7 +1349,7 @@ *out_count = 0; end = start + length; while (start < end && *out_count < in_count) { - extent_start = f->f_op->llseek(f, start, SEEK_DATA); + extent_start = vfs_llseek(f, start, SEEK_DATA); if (extent_start < 0) { if (extent_start != -ENXIO) ret = (int)extent_start; @@ -1059,7 +1359,7 @@ if (extent_start >= end) break; - extent_end = f->f_op->llseek(f, extent_start, SEEK_HOLE); + extent_end = vfs_llseek(f, extent_start, SEEK_HOLE); if (extent_end < 0) { if (extent_end != -ENXIO) ret = (int)extent_end; @@ -1149,12 +1449,23 @@ unsigned int d_type) { struct ksmbd_readdir_data *buf; + int cmp = -EINVAL; buf = container_of(ctx, struct ksmbd_readdir_data, ctx); if (buf->used != namlen) return 0; - if (!strncasecmp((char *)buf->private, name, namlen)) { + if (IS_ENABLED(CONFIG_UNICODE) && buf->um) { + const struct qstr q_buf = {.name = buf->private, + .len = buf->used}; + const struct qstr q_name = {.name = name, + .len = namlen}; + + cmp = utf8_strncasecmp(buf->um, &q_buf, &q_name); + } + if (cmp < 0) + cmp = strncasecmp((char *)buf->private, name, namlen); + if (!cmp) { memcpy((char *)buf->private, name, namlen); buf->dirent_count = 1; return -EEXIST; @@ -1170,7 +1481,8 @@ * * Return: 0 on success, otherwise error */ -static int ksmbd_vfs_lookup_in_dir(struct path *dir, char *name, size_t namelen) +static int ksmbd_vfs_lookup_in_dir(const struct path *dir, char *name, + size_t namelen, struct unicode_map *um) { int ret; struct file *dfilp; @@ -1180,6 +1492,7 @@ .private = name, .used = namelen, .dirent_count = 0, + .um = um, }; dfilp = dentry_open(dir, flags, current_cred()); @@ -1242,7 +1555,8 @@ break; err = ksmbd_vfs_lookup_in_dir(&parent, filename, - filename_len); + filename_len, + work->conn->um); path_put(&parent); if (err) goto out; @@ -1541,6 +1855,11 @@ } *pntsd = acl.sd_buf; + if (acl.sd_size < sizeof(struct smb_ntsd)) { + pr_err("sd size is invalid\n"); + goto out_free; + } + (*pntsd)->osidoffset = cpu_to_le32(le32_to_cpu((*pntsd)->osidoffset) - NDR_NTSD_OFFSETOF); (*pntsd)->gsidoffset = cpu_to_le32(le32_to_cpu((*pntsd)->gsidoffset) - @@ -1604,6 +1923,63 @@ return err; } +#ifdef CONFIG_SMB_INSECURE_SERVER +/** + * ksmbd_vfs_dentry_open() - open a dentry and provide fid for it + * @work: smb work ptr + * @path: path of dentry to be opened + * @flags: open flags + * @ret_id: fid returned on this + * @option: file access pattern options for fadvise + * @fexist: file already present or not + * + * Return: allocated struct ksmbd_file on success, otherwise error pointer + */ +struct ksmbd_file *ksmbd_vfs_dentry_open(struct ksmbd_work *work, + const struct path *path, int flags, + __le32 option, int fexist) +{ + struct file *filp; + int err = 0; + struct ksmbd_file *fp = NULL; + + filp = dentry_open(path, flags | O_LARGEFILE, current_cred()); + if (IS_ERR(filp)) { + err = PTR_ERR(filp); + pr_err("dentry open failed, err %d\n", err); + return ERR_PTR(err); + } + + ksmbd_vfs_set_fadvise(filp, option); + + fp = ksmbd_open_fd(work, filp); + if (IS_ERR(fp)) { + fput(filp); + err = PTR_ERR(fp); + pr_err("id insert failed\n"); + goto err_out; + } + + if (flags & O_TRUNC) { + if (fexist) + smb_break_all_oplock(work, fp); + err = vfs_truncate((struct path *)path, 0); + if (err) + goto err_out; + } + return fp; + +err_out: + if (!IS_ERR(fp)) + ksmbd_close_fd(work, fp->volatile_id); + if (err) { + fp = ERR_PTR(err); + pr_err("err : %d\n", err); + } + return fp; +} +#endif + /** * ksmbd_vfs_init_kstat() - convert unix stat information to smb stat format * @p: destination buffer @@ -1740,11 +2116,11 @@ *total_size_written = 0; if (!(src_fp->daccess & (FILE_READ_DATA_LE | FILE_EXECUTE_LE))) { - pr_err("no right to read(%pd)\n", src_fp->filp->f_path.dentry); + pr_err("no right to read(%pD)\n", src_fp->filp); return -EACCES; } if (!(dst_fp->daccess & (FILE_WRITE_DATA_LE | FILE_APPEND_DATA_LE))) { - pr_err("no right to write(%pd)\n", dst_fp->filp->f_path.dentry); + pr_err("no right to write(%pD)\n", dst_fp->filp); return -EACCES; } diff -ruw linux-5.15.42/fs/ksmbd/vfs.h linux-5.15.42-fbx/fs/ksmbd/vfs.h --- linux-5.15.42/fs/ksmbd/vfs.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/vfs.h 2024-04-22 14:46:57.140247128 +0200 @@ -12,6 +12,7 @@ #include #include #include +#include #include "smbacl.h" #include "xattr.h" @@ -77,6 +78,9 @@ struct ksmbd_dir_info { const char *name; +#ifdef CONFIG_SMB_INSECURE_SERVER + char *smb1_name; +#endif char *wptr; char *rptr; int name_len; @@ -99,6 +103,7 @@ unsigned int used; unsigned int dirent_count; unsigned int file_attr; + struct unicode_map *um; }; /* ksmbd kstat wrapper to get valid create time when reading dir entry */ @@ -124,7 +129,25 @@ int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name); int ksmbd_vfs_link(struct ksmbd_work *work, const char *oldname, const char *newname); -int ksmbd_vfs_getattr(struct path *path, struct kstat *stat); +int ksmbd_vfs_getattr(const struct path *path, struct kstat *stat); +#ifdef CONFIG_SMB_INSECURE_SERVER +int ksmbd_vfs_setattr(struct ksmbd_work *work, const char *name, + u64 fid, struct iattr *attrs); +int ksmbd_vfs_symlink(struct ksmbd_work *work, + const char *name, const char *symname); +int ksmbd_vfs_readlink(const struct path *path, char *buf, int lenp); +int ksmbd_vfs_readdir_name(struct ksmbd_work *work, + struct user_namespace *user_ns, + struct ksmbd_kstat *ksmbd_kstat, + const char *de_name, int de_name_len, + const char *dir_path); +struct ksmbd_file *ksmbd_vfs_dentry_open(struct ksmbd_work *work, + const struct path *path, int flags, + __le32 option, int fexist); +int ksmbd_vfs_fsetxattr(struct ksmbd_work *work, const char *filename, + const char *attr_name, const void *attr_value, + size_t attr_size, int flags); +#endif int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp, char *newname); int ksmbd_vfs_truncate(struct ksmbd_work *work, diff -ruw linux-5.15.42/fs/ksmbd/vfs_cache.c linux-5.15.42-fbx/fs/ksmbd/vfs_cache.c --- linux-5.15.42/fs/ksmbd/vfs_cache.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/vfs_cache.c 2024-04-22 14:46:57.140247128 +0200 @@ -328,7 +328,9 @@ kfree(smb_lock); } +#ifdef CONFIG_SMB_INSECURE_SERVER kfree(fp->filename); +#endif if (ksmbd_stream_fd(fp)) kfree(fp->stream.name); kmem_cache_free(filp_cache, fp); @@ -365,12 +367,11 @@ static void set_close_state_blocked_works(struct ksmbd_file *fp) { - struct ksmbd_work *cancel_work, *ctmp; + struct ksmbd_work *cancel_work; spin_lock(&fp->f_lock); - list_for_each_entry_safe(cancel_work, ctmp, &fp->blocked_works, + list_for_each_entry(cancel_work, &fp->blocked_works, fp_entry) { - list_del(&cancel_work->fp_entry); cancel_work->state = KSMBD_WORK_CLOSED; cancel_work->cancel_fn(cancel_work->cancel_argv); } @@ -484,6 +485,35 @@ return fp; } +#ifdef CONFIG_SMB_INSECURE_SERVER +struct ksmbd_file *ksmbd_lookup_fd_filename(struct ksmbd_work *work, char *filename) +{ + struct ksmbd_file *fp = NULL; + unsigned int id; + char *pathname; + + pathname = kmalloc(PATH_MAX, GFP_KERNEL); + if (!pathname) + return NULL; + + read_lock(&work->sess->file_table.lock); + idr_for_each_entry(work->sess->file_table.idr, fp, id) { + char *path = d_path(&fp->filp->f_path, pathname, PATH_MAX); + if (IS_ERR(path)) + break; + + if (!strcmp(path, filename)) { + fp = ksmbd_fp_get(fp); + break; + } + } + read_unlock(&work->sess->file_table.lock); + + kfree(pathname); + return fp; +} +#endif + struct ksmbd_file *ksmbd_lookup_fd_inode(struct inode *inode) { struct ksmbd_file *lfp; @@ -531,7 +561,13 @@ idr_preload(GFP_KERNEL); write_lock(&ft->lock); +#ifdef CONFIG_SMB_INSECURE_SERVER + ret = idr_alloc_cyclic(ft->idr, fp, 0, + IS_SMB2(fp->conn) ? INT_MAX - 1 : 0xFFFF, + GFP_NOWAIT); +#else ret = idr_alloc_cyclic(ft->idr, fp, 0, INT_MAX - 1, GFP_NOWAIT); +#endif if (ret >= 0) { id = ret; ret = 0; @@ -570,7 +606,7 @@ atomic_set(&fp->refcount, 1); fp->filp = filp; - fp->conn = work->sess->conn; + fp->conn = work->conn; fp->tcon = work->tcon; fp->volatile_id = KSMBD_NO_FID; fp->persistent_id = KSMBD_NO_FID; @@ -667,6 +703,24 @@ ksmbd_destroy_file_table(&global_ft); } +#ifdef CONFIG_SMB_INSECURE_SERVER +int ksmbd_file_table_flush(struct ksmbd_work *work) +{ + struct ksmbd_file *fp = NULL; + unsigned int id; + int ret; + + read_lock(&work->sess->file_table.lock); + idr_for_each_entry(work->sess->file_table.idr, fp, id) { + ret = ksmbd_vfs_fsync(work, fp->volatile_id, KSMBD_NO_FID); + if (ret) + break; + } + read_unlock(&work->sess->file_table.lock); + return ret; +} +#endif + int ksmbd_init_file_table(struct ksmbd_file_table *ft) { ft->idr = kzalloc(sizeof(struct idr), GFP_KERNEL); diff -ruw linux-5.15.42/fs/ksmbd/vfs_cache.h linux-5.15.42-fbx/fs/ksmbd/vfs_cache.h --- linux-5.15.42/fs/ksmbd/vfs_cache.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/ksmbd/vfs_cache.h 2024-04-22 14:46:57.140247128 +0200 @@ -62,7 +62,6 @@ struct ksmbd_file { struct file *filp; - char *filename; u64 persistent_id; u64 volatile_id; @@ -96,6 +95,7 @@ int durable_timeout; +#ifdef CONFIG_SMB_INSECURE_SERVER /* for SMB1 */ int pid; @@ -106,6 +106,9 @@ int dirent_offset; + /* for find_first/find_next */ + char *filename; +#endif /* if ls is happening on directory, below is valid*/ struct ksmbd_readdir_data readdir_data; int dot_dotdot[2]; @@ -144,6 +147,10 @@ void ksmbd_fd_put(struct ksmbd_work *work, struct ksmbd_file *fp); struct ksmbd_file *ksmbd_lookup_durable_fd(unsigned long long id); struct ksmbd_file *ksmbd_lookup_fd_cguid(char *cguid); +#ifdef CONFIG_SMB_INSECURE_SERVER +struct ksmbd_file *ksmbd_lookup_fd_filename(struct ksmbd_work *work, char *filename); +int ksmbd_file_table_flush(struct ksmbd_work *work); +#endif struct ksmbd_file *ksmbd_lookup_fd_inode(struct inode *inode); unsigned int ksmbd_open_durable_fd(struct ksmbd_file *fp); struct ksmbd_file *ksmbd_open_fd(struct ksmbd_work *work, struct file *filp); diff -ruw linux-5.15.42/fs/proc/array.c linux-5.15.42-fbx/fs/proc/array.c --- linux-5.15.42/fs/proc/array.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/proc/array.c 2024-04-22 14:46:57.244249970 +0200 @@ -139,6 +139,21 @@ return task_state_array[task_state_index(tsk)]; } +static const char *const task_exec_mode_array[] = { + "0 (Denied)", + "1 (Once)", + "2 (Unlimited)", +}; + +static inline const char *get_task_exec_mode(struct task_struct *tsk) +{ + unsigned int exec_mode = tsk->exec_mode; + + if (exec_mode > EXEC_MODE_UNLIMITED) + return "? (Invalid)"; + return task_exec_mode_array[exec_mode]; +} + static inline void task_state(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *p) { @@ -400,6 +415,12 @@ seq_putc(m, '\n'); } +static inline void task_exec_mode(struct seq_file *m, + struct task_struct *p) +{ + seq_printf(m, "Exec mode: %s\n", get_task_exec_mode(p)); +} + static void task_cpus_allowed(struct seq_file *m, struct task_struct *task) { seq_printf(m, "Cpus_allowed:\t%*pb\n", @@ -446,6 +467,7 @@ task_cpus_allowed(m, task); cpuset_task_status_allowed(m, task); task_context_switch_counts(m, task); + task_exec_mode(m, task); return 0; } diff -ruw linux-5.15.42/fs/pstore/inode.c linux-5.15.42-fbx/fs/pstore/inode.c --- linux-5.15.42/fs/pstore/inode.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/pstore/inode.c 2024-04-22 14:46:57.248250079 +0200 @@ -370,9 +370,10 @@ goto fail; inode->i_mode = S_IFREG | 0444; inode->i_fop = &pstore_file_operations; - scnprintf(name, sizeof(name), "%s-%s-%llu%s", + scnprintf(name, sizeof(name), "%s-%s-%s%llu%s", pstore_type_to_name(record->type), - record->psi->name, record->id, + record->psi->name, record->old ? "old-" : "", + record->id, record->compressed ? ".enc.z" : ""); private = kzalloc(sizeof(*private), GFP_KERNEL); diff -ruw linux-5.15.42/fs/pstore/ram.c linux-5.15.42-fbx/fs/pstore/ram.c --- linux-5.15.42/fs/pstore/ram.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/pstore/ram.c 2024-04-22 14:46:57.248250079 +0200 @@ -136,6 +136,7 @@ record->type = prz->type; record->id = id; + record->old = prz->old_zone; return prz; } @@ -472,7 +473,7 @@ static int ramoops_init_przs(const char *name, struct device *dev, struct ramoops_context *cxt, struct persistent_ram_zone ***przs, - phys_addr_t *paddr, size_t mem_sz, + phys_addr_t *paddr, void *vaddr, size_t mem_sz, ssize_t record_size, unsigned int *cnt, u32 sig, u32 flags) { @@ -536,7 +537,7 @@ else label = kasprintf(GFP_KERNEL, "ramoops:%s(%d/%d)", name, i, *cnt - 1); - prz_ar[i] = persistent_ram_new(*paddr, zone_sz, sig, + prz_ar[i] = persistent_ram_new(*paddr, vaddr, zone_sz, sig, &cxt->ecc_info, cxt->memtype, flags, label); kfree(label); @@ -568,7 +569,7 @@ static int ramoops_init_prz(const char *name, struct device *dev, struct ramoops_context *cxt, struct persistent_ram_zone **prz, - phys_addr_t *paddr, size_t sz, u32 sig) + phys_addr_t *paddr, void *vaddr, size_t sz, u32 sig) { char *label; @@ -583,7 +584,7 @@ } label = kasprintf(GFP_KERNEL, "ramoops:%s", name); - *prz = persistent_ram_new(*paddr, sz, sig, &cxt->ecc_info, + *prz = persistent_ram_new(*paddr, vaddr, sz, sig, &cxt->ecc_info, cxt->memtype, PRZ_FLAG_ZAP_OLD, label); kfree(label); if (IS_ERR(*prz)) { @@ -769,12 +770,14 @@ dump_mem_sz = cxt->size - cxt->console_size - cxt->ftrace_size - cxt->pmsg_size; err = ramoops_init_przs("dmesg", dev, cxt, &cxt->dprzs, &paddr, + pdata->mem_ptr, dump_mem_sz, cxt->record_size, &cxt->max_dump_cnt, 0, 0); if (err) goto fail_out; err = ramoops_init_prz("console", dev, cxt, &cxt->cprz, &paddr, + pdata->mem_ptr, cxt->console_size, 0); if (err) goto fail_init_cprz; @@ -783,6 +786,7 @@ ? nr_cpu_ids : 1; err = ramoops_init_przs("ftrace", dev, cxt, &cxt->fprzs, &paddr, + pdata->mem_ptr, cxt->ftrace_size, -1, &cxt->max_ftrace_cnt, LINUX_VERSION_CODE, (cxt->flags & RAMOOPS_FLAG_FTRACE_PER_CPU) @@ -791,6 +795,7 @@ goto fail_init_fprz; err = ramoops_init_prz("pmsg", dev, cxt, &cxt->mprz, &paddr, + pdata->mem_ptr, cxt->pmsg_size, 0); if (err) goto fail_init_mprz; diff -ruw linux-5.15.42/fs/pstore/ram_core.c linux-5.15.42-fbx/fs/pstore/ram_core.c --- linux-5.15.42/fs/pstore/ram_core.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/fs/pstore/ram_core.c 2024-04-22 14:46:57.248250079 +0200 @@ -34,6 +34,7 @@ uint32_t sig; atomic_t start; atomic_t size; + atomic_t flags; uint8_t data[]; }; @@ -393,6 +394,7 @@ { atomic_set(&prz->buffer->start, 0); atomic_set(&prz->buffer->size, 0); + atomic_set(&prz->buffer->flags, 0); persistent_ram_update_header_ecc(prz); } @@ -475,13 +477,16 @@ return va; } -static int persistent_ram_buffer_map(phys_addr_t start, phys_addr_t size, +static int persistent_ram_buffer_map(phys_addr_t start, void *vaddr, + phys_addr_t size, struct persistent_ram_zone *prz, int memtype) { prz->paddr = start; prz->size = size; - if (pfn_valid(start >> PAGE_SHIFT)) + if (vaddr) + prz->vaddr = vaddr; + else if (pfn_valid(start >> PAGE_SHIFT)) prz->vaddr = persistent_ram_vmap(start, size, memtype); else prz->vaddr = persistent_ram_iomap(start, size, memtype, @@ -528,6 +533,15 @@ pr_debug("found existing buffer, size %zu, start %zu\n", buffer_size(prz), buffer_start(prz)); persistent_ram_save_old(prz); + + if (atomic_read(&prz->buffer->flags) > 0) { + pr_info("old ramoops!\n"); + prz->old_zone = true; + } else { + pr_info("fresh ramoops!\n"); + atomic_set(&prz->buffer->flags, 1); + } + persistent_ram_update_header_ecc(prz); } } else { pr_debug("no valid data in buffer (sig = 0x%08x)\n", @@ -570,7 +584,8 @@ kfree(prz); } -struct persistent_ram_zone *persistent_ram_new(phys_addr_t start, size_t size, +struct persistent_ram_zone *persistent_ram_new(phys_addr_t start, + void *vaddr, size_t size, u32 sig, struct persistent_ram_ecc_info *ecc_info, unsigned int memtype, u32 flags, char *label) { @@ -588,7 +603,7 @@ prz->flags = flags; prz->label = kstrdup(label, GFP_KERNEL); - ret = persistent_ram_buffer_map(start, size, prz, memtype); + ret = persistent_ram_buffer_map(start, vaddr, size, prz, memtype); if (ret) goto err; diff -ruw linux-5.15.42/include/asm-generic/vmlinux.lds.h linux-5.15.42-fbx/include/asm-generic/vmlinux.lds.h --- linux-5.15.42/include/asm-generic/vmlinux.lds.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/asm-generic/vmlinux.lds.h 2024-04-22 14:46:57.364253248 +0200 @@ -328,7 +328,7 @@ #define KERNEL_DTB() \ STRUCT_ALIGN(); \ __dtb_start = .; \ - KEEP(*(.dtb.init.rodata)) \ + KEEP(*(.dtb.rodata)) \ __dtb_end = .; /* @@ -428,6 +428,7 @@ . = ALIGN((align)); \ .rodata : AT(ADDR(.rodata) - LOAD_OFFSET) { \ __start_rodata = .; \ + KERNEL_DTB() \ *(.rodata) *(.rodata.*) \ SCHED_DATA \ RO_AFTER_INIT_DATA /* Read only after init */ \ @@ -718,7 +719,6 @@ TIMER_OF_TABLES() \ CPU_METHOD_OF_TABLES() \ CPUIDLE_METHOD_OF_TABLES() \ - KERNEL_DTB() \ IRQCHIP_OF_MATCH_TABLE() \ ACPI_PROBE_TABLE(irqchip) \ ACPI_PROBE_TABLE(timer) \ diff -ruw linux-5.15.42/include/dt-bindings/input/linux-event-codes.h linux-5.15.42-fbx/include/dt-bindings/input/linux-event-codes.h --- linux-5.15.42/include/dt-bindings/input/linux-event-codes.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/dt-bindings/input/linux-event-codes.h 2024-04-22 14:46:57.776264505 +0200 @@ -779,6 +779,18 @@ #define BTN_TRIGGER_HAPPY39 0x2e6 #define BTN_TRIGGER_HAPPY40 0x2e7 +#define KEY_APP_TV 0x2f1 +#define KEY_APP_REPLAY 0x2f2 +#define KEY_APP_VIDEOCLUB 0x2f3 +#define KEY_APP_WHATSON 0x2f4 +#define KEY_APP_RECORDS 0x2f5 +#define KEY_APP_MEDIA 0x2f6 +#define KEY_APP_YOUTUBE 0x2f7 +#define KEY_APP_RADIOS 0x2f8 +#define KEY_APP_CANALVOD 0x2f9 +#define KEY_APP_PIP 0x2fa +#define KEY_APP_NETFLIX 0x2fb + /* We avoid low common keys in module aliases so they don't get huge. */ #define KEY_MIN_INTERESTING KEY_MUTE #define KEY_MAX 0x2ff diff -ruw linux-5.15.42/include/linux/ethtool.h linux-5.15.42-fbx/include/linux/ethtool.h --- linux-5.15.42/include/linux/ethtool.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/ethtool.h 2024-04-22 14:46:57.448255543 +0200 @@ -705,6 +705,14 @@ void (*get_rmon_stats)(struct net_device *dev, struct ethtool_rmon_stats *rmon_stats, const struct ethtool_rmon_hist_range **ranges); + int (*get_epon_param)(struct net_device *, + struct ethtool_epon_param *); + int (*set_epon_param)(struct net_device *, + const struct ethtool_epon_param *); + int (*set_shaper_param)(struct net_device *, + const struct ethtool_shaper_params *); + int (*get_shaper_param)(struct net_device *, + struct ethtool_shaper_params *); }; int ethtool_check_ops(const struct ethtool_ops *ops); diff -ruw linux-5.15.42/include/linux/ieee80211.h linux-5.15.42-fbx/include/linux/ieee80211.h --- linux-5.15.42/include/linux/ieee80211.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/ieee80211.h 2024-04-22 14:46:57.472256199 +0200 @@ -9,7 +9,7 @@ * Copyright (c) 2006, Michael Wu * Copyright (c) 2013 - 2014 Intel Mobile Communications GmbH * Copyright (c) 2016 - 2017 Intel Deutschland GmbH - * Copyright (c) 2018 - 2021 Intel Corporation + * Copyright (c) 2018 - 2022 Intel Corporation */ #ifndef LINUX_IEEE80211_H @@ -18,6 +18,7 @@ #include #include #include +#include #include #include @@ -1023,6 +1024,8 @@ #define IEEE80211_ADDBA_EXT_FRAG_LEVEL_MASK GENMASK(2, 1) #define IEEE80211_ADDBA_EXT_FRAG_LEVEL_SHIFT 1 #define IEEE80211_ADDBA_EXT_NO_FRAG BIT(0) +#define IEEE80211_ADDBA_EXT_BUF_SIZE_MASK GENMASK(7, 5) +#define IEEE80211_ADDBA_EXT_BUF_SIZE_SHIFT 10 struct ieee80211_addba_ext_ie { u8 data; @@ -1143,7 +1146,7 @@ __le16 auth_transaction; __le16 status_code; /* possibly followed by Challenge text */ - u8 variable[0]; + u8 variable[]; } __packed auth; struct { __le16 reason_code; @@ -1152,26 +1155,26 @@ __le16 capab_info; __le16 listen_interval; /* followed by SSID and Supported rates */ - u8 variable[0]; + u8 variable[]; } __packed assoc_req; struct { __le16 capab_info; __le16 status_code; __le16 aid; /* followed by Supported rates */ - u8 variable[0]; + u8 variable[]; } __packed assoc_resp, reassoc_resp; struct { __le16 capab_info; __le16 status_code; - u8 variable[0]; + u8 variable[]; } __packed s1g_assoc_resp, s1g_reassoc_resp; struct { __le16 capab_info; __le16 listen_interval; u8 current_ap[ETH_ALEN]; /* followed by SSID and Supported rates */ - u8 variable[0]; + u8 variable[]; } __packed reassoc_req; struct { __le16 reason_code; @@ -1182,11 +1185,11 @@ __le16 capab_info; /* followed by some of SSID, Supported rates, * FH Params, DS Params, CF Params, IBSS Params, TIM */ - u8 variable[0]; + u8 variable[]; } __packed beacon; struct { /* only variable items: SSID, Supported rates */ - u8 variable[0]; + DECLARE_FLEX_ARRAY(u8, variable); } __packed probe_req; struct { __le64 timestamp; @@ -1194,7 +1197,7 @@ __le16 capab_info; /* followed by some of SSID, Supported rates, * FH Params, DS Params, CF Params, IBSS Params */ - u8 variable[0]; + u8 variable[]; } __packed probe_resp; struct { u8 category; @@ -1203,16 +1206,16 @@ u8 action_code; u8 dialog_token; u8 status_code; - u8 variable[0]; + u8 variable[]; } __packed wme_action; struct{ u8 action_code; - u8 variable[0]; + u8 variable[]; } __packed chan_switch; struct{ u8 action_code; struct ieee80211_ext_chansw_ie data; - u8 variable[0]; + u8 variable[]; } __packed ext_chan_switch; struct{ u8 action_code; @@ -1228,7 +1231,7 @@ __le16 timeout; __le16 start_seq_num; /* followed by BA Extension */ - u8 variable[0]; + u8 variable[]; } __packed addba_req; struct{ u8 action_code; @@ -1244,11 +1247,11 @@ } __packed delba; struct { u8 action_code; - u8 variable[0]; + u8 variable[]; } __packed self_prot; struct{ u8 action_code; - u8 variable[0]; + u8 variable[]; } __packed mesh_action; struct { u8 action; @@ -1292,7 +1295,7 @@ u8 toa[6]; __le16 tod_error; __le16 toa_error; - u8 variable[0]; + u8 variable[]; } __packed ftm; struct { u8 action_code; @@ -1697,10 +1700,12 @@ * A-MPDU buffer sizes * According to HT size varies from 8 to 64 frames * HE adds the ability to have up to 256 frames. + * EHT adds the ability to have up to 1K frames. */ #define IEEE80211_MIN_AMPDU_BUF 0x8 #define IEEE80211_MAX_AMPDU_BUF_HT 0x40 -#define IEEE80211_MAX_AMPDU_BUF 0x100 +#define IEEE80211_MAX_AMPDU_BUF_HE 0x100 +#define IEEE80211_MAX_AMPDU_BUF_EHT 0x400 /* Spatial Multiplexing Power Save Modes (for capability) */ @@ -1925,6 +1930,111 @@ struct ieee80211_he_mu_edca_param_ac_rec ac_vo; } __packed; +#define IEEE80211_EHT_MCS_NSS_RX 0x0f +#define IEEE80211_EHT_MCS_NSS_TX 0xf0 + +/** + * struct ieee80211_eht_mcs_nss_supp_20mhz_only - EHT 20MHz only station max + * supported NSS for per MCS. + * + * For each field below, bits 0 - 3 indicate the maximal number of spatial + * streams for Rx, and bits 4 - 7 indicate the maximal number of spatial streams + * for Tx. + * + * @rx_tx_mcs7_max_nss: indicates the maximum number of spatial streams + * supported for reception and the maximum number of spatial streams + * supported for transmission for MCS 0 - 7. + * @rx_tx_mcs9_max_nss: indicates the maximum number of spatial streams + * supported for reception and the maximum number of spatial streams + * supported for transmission for MCS 8 - 9. + * @rx_tx_mcs11_max_nss: indicates the maximum number of spatial streams + * supported for reception and the maximum number of spatial streams + * supported for transmission for MCS 10 - 11. + * @rx_tx_mcs13_max_nss: indicates the maximum number of spatial streams + * supported for reception and the maximum number of spatial streams + * supported for transmission for MCS 12 - 13. + */ +struct ieee80211_eht_mcs_nss_supp_20mhz_only { + u8 rx_tx_mcs7_max_nss; + u8 rx_tx_mcs9_max_nss; + u8 rx_tx_mcs11_max_nss; + u8 rx_tx_mcs13_max_nss; +}; + +/** + * struct ieee80211_eht_mcs_nss_supp_bw - EHT max supported NSS per MCS (except + * 20MHz only stations). + * + * For each field below, bits 0 - 3 indicate the maximal number of spatial + * streams for Rx, and bits 4 - 7 indicate the maximal number of spatial streams + * for Tx. + * + * @rx_tx_mcs9_max_nss: indicates the maximum number of spatial streams + * supported for reception and the maximum number of spatial streams + * supported for transmission for MCS 0 - 9. + * @rx_tx_mcs11_max_nss: indicates the maximum number of spatial streams + * supported for reception and the maximum number of spatial streams + * supported for transmission for MCS 10 - 11. + * @rx_tx_mcs13_max_nss: indicates the maximum number of spatial streams + * supported for reception and the maximum number of spatial streams + * supported for transmission for MCS 12 - 13. + */ +struct ieee80211_eht_mcs_nss_supp_bw { + u8 rx_tx_mcs9_max_nss; + u8 rx_tx_mcs11_max_nss; + u8 rx_tx_mcs13_max_nss; +}; + +/** + * struct ieee80211_eht_cap_elem_fixed - EHT capabilities fixed data + * + * This structure is the "EHT Capabilities element" fixed fields as + * described in P802.11be_D1.4 section 9.4.2.313. + * + * @mac_cap_info: MAC capabilities, see IEEE80211_EHT_MAC_CAP* + * @phy_cap_info: PHY capabilities, see IEEE80211_EHT_PHY_CAP* + */ +struct ieee80211_eht_cap_elem_fixed { + u8 mac_cap_info[2]; + u8 phy_cap_info[9]; +} __packed; + +/** + * struct ieee80211_eht_cap_elem - EHT capabilities element + * @fixed: fixed parts, see &ieee80211_eht_cap_elem_fixed + * @optional: optional parts + */ +struct ieee80211_eht_cap_elem { + struct ieee80211_eht_cap_elem_fixed fixed; + + /* + * Followed by: + * Supported EHT-MCS And NSS Set field: 4, 3, 6 or 9 octets. + * EHT PPE Thresholds field: variable length. + */ + u8 optional[]; +} __packed; + +/** + * struct ieee80211_eht_operation - eht operation element + * + * This structure is the "EHT Operation Element" fields as + * described in P802.11be_D1.4 section 9.4.2.311 + * + * FIXME: The spec is unclear how big the fields are, and doesn't + * indicate the "Disabled Subchannel Bitmap Present" in the + * structure (Figure 9-1002a) at all ... + */ +struct ieee80211_eht_operation { + u8 chan_width; + u8 ccfs; + u8 present_bm; + + u8 disable_subchannel_bitmap[]; +} __packed; + +#define IEEE80211_EHT_OPER_DISABLED_SUBCHANNEL_BITMAP_PRESENT 0x1 + /* 802.11ac VHT Capabilities */ #define IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_3895 0x00000000 #define IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_7991 0x00000001 @@ -1988,6 +2098,44 @@ int mcs, bool ext_nss_bw_capable, unsigned int max_vht_nss); +/** + * enum ieee80211_ap_reg_power - regulatory power for a Access Point + * + * @IEEE80211_REG_UNSET_AP: Access Point has no regulatory power mode + * @IEEE80211_REG_LPI: Indoor Access Point + * @IEEE80211_REG_SP: Standard power Access Point + * @IEEE80211_REG_VLP: Very low power Access Point + * @IEEE80211_REG_AP_POWER_AFTER_LAST: internal + * @IEEE80211_REG_AP_POWER_MAX: maximum value + */ +enum ieee80211_ap_reg_power { + IEEE80211_REG_UNSET_AP, + IEEE80211_REG_LPI_AP, + IEEE80211_REG_SP_AP, + IEEE80211_REG_VLP_AP, + IEEE80211_REG_AP_POWER_AFTER_LAST, + IEEE80211_REG_AP_POWER_MAX = + IEEE80211_REG_AP_POWER_AFTER_LAST - 1, +}; + +/** + * enum ieee80211_client_reg_power - regulatory power for a client + * + * @IEEE80211_REG_UNSET_CLIENT: Client has no regulatory power mode + * @IEEE80211_REG_DEFAULT_CLIENT: Default Client + * @IEEE80211_REG_SUBORDINATE_CLIENT: Subordinate Client + * @IEEE80211_REG_CLIENT_POWER_AFTER_LAST: internal + * @IEEE80211_REG_CLIENT_POWER_MAX: maximum value + */ +enum ieee80211_client_reg_power { + IEEE80211_REG_UNSET_CLIENT, + IEEE80211_REG_DEFAULT_CLIENT, + IEEE80211_REG_SUBORDINATE_CLIENT, + IEEE80211_REG_CLIENT_POWER_AFTER_LAST, + IEEE80211_REG_CLIENT_POWER_MAX = + IEEE80211_REG_CLIENT_POWER_AFTER_LAST - 1, +}; + /* 802.11ax HE MAC capabilities */ #define IEEE80211_HE_MAC_CAP0_HTC_HE 0x01 #define IEEE80211_HE_MAC_CAP0_TWT_REQ 0x02 @@ -2084,12 +2232,15 @@ #define IEEE80211_HE_VHT_MAX_AMPDU_FACTOR 20 #define IEEE80211_HE_HT_MAX_AMPDU_FACTOR 16 +#define IEEE80211_HE_6GHZ_MAX_AMPDU_FACTOR 13 /* 802.11ax HE PHY capabilities */ #define IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_IN_2G 0x02 #define IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_80MHZ_IN_5G 0x04 #define IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G 0x08 #define IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_80PLUS80_MHZ_IN_5G 0x10 +#define IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_MASK_ALL 0x1e + #define IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_RU_MAPPING_IN_2G 0x20 #define IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_RU_MAPPING_IN_5G 0x40 #define IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_MASK 0xfe @@ -2219,11 +2370,12 @@ #define IEEE80211_HE_PHY_CAP9_RX_1024_QAM_LESS_THAN_242_TONE_RU 0x08 #define IEEE80211_HE_PHY_CAP9_RX_FULL_BW_SU_USING_MU_WITH_COMP_SIGB 0x10 #define IEEE80211_HE_PHY_CAP9_RX_FULL_BW_SU_USING_MU_WITH_NON_COMP_SIGB 0x20 -#define IEEE80211_HE_PHY_CAP9_NOMIMAL_PKT_PADDING_0US 0x00 -#define IEEE80211_HE_PHY_CAP9_NOMIMAL_PKT_PADDING_8US 0x40 -#define IEEE80211_HE_PHY_CAP9_NOMIMAL_PKT_PADDING_16US 0x80 -#define IEEE80211_HE_PHY_CAP9_NOMIMAL_PKT_PADDING_RESERVED 0xc0 -#define IEEE80211_HE_PHY_CAP9_NOMIMAL_PKT_PADDING_MASK 0xc0 +#define IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_0US 0x0 +#define IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_8US 0x1 +#define IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_16US 0x2 +#define IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_RESERVED 0x3 +#define IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_POS 6 +#define IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_MASK 0xc0 #define IEEE80211_HE_PHY_CAP10_HE_MU_M1RU_MAX_LTF 0x01 @@ -2269,6 +2421,7 @@ #define IEEE80211_PPE_THRES_RU_INDEX_BITMASK_MASK 0x78 #define IEEE80211_PPE_THRES_RU_INDEX_BITMASK_POS (3) #define IEEE80211_PPE_THRES_INFO_PPET_SIZE (3) +#define IEEE80211_HE_PPE_THRES_INFO_HEADER_SIZE (7) /* * Calculate 802.11ax HE capabilities IE PPE field size @@ -2298,6 +2451,29 @@ return n; } +static inline bool ieee80211_he_capa_size_ok(const u8 *data, u8 len) +{ + const struct ieee80211_he_cap_elem *he_cap_ie_elem = (const void *)data; + u8 needed = sizeof(*he_cap_ie_elem); + + if (len < needed) + return false; + + needed += ieee80211_he_mcs_nss_size(he_cap_ie_elem); + if (len < needed) + return false; + + if (he_cap_ie_elem->phy_cap_info[6] & + IEEE80211_HE_PHY_CAP6_PPE_THRESHOLD_PRESENT) { + if (len < needed + 1) + return false; + needed += ieee80211_he_ppe_size(data[needed], + he_cap_ie_elem->phy_cap_info); + } + + return len >= needed; +} + /* HE Operation defines */ #define IEEE80211_HE_OPERATION_DFLT_PE_DURATION_MASK 0x00000007 #define IEEE80211_HE_OPERATION_TWT_REQUIRED 0x00000008 @@ -2559,6 +2735,194 @@ #define S1G_OPER_CH_WIDTH_PRIMARY_1MHZ BIT(0) #define S1G_OPER_CH_WIDTH_OPER GENMASK(4, 1) +/* EHT MAC capabilities as defined in P802.11be_D1.4 section 9.4.2.313.2 */ +#define IEEE80211_EHT_MAC_CAP0_NSEP_PRIO_ACCESS 0x01 +#define IEEE80211_EHT_MAC_CAP0_OM_CONTROL 0x02 +#define IEEE80211_EHT_MAC_CAP0_TRIG_TXOP_SHARING_MODE1 0x04 +#define IEEE80211_EHT_MAC_CAP0_TRIG_TXOP_SHARING_MODE2 0x08 +#define IEEE80211_EHT_MAC_CAP0_RESTRICTED_TWT 0x10 +#define IEEE80211_EHT_MAC_CAP0_SCS_TRAFFIC_DESC 0x20 +#define IEEE80211_EHT_MAC_CAP0_MAX_AMPDU_LEN_MASK 0xc0 +#define IEEE80211_EHT_MAC_CAP0_MAX_AMPDU_LEN_3895 0 +#define IEEE80211_EHT_MAC_CAP0_MAX_AMPDU_LEN_7991 1 +#define IEEE80211_EHT_MAC_CAP0_MAX_AMPDU_LEN_11454 2 + +/* EHT PHY capabilities as defined in P802.11be_D1.4 section 9.4.2.313.3 */ +#define IEEE80211_EHT_PHY_CAP0_320MHZ_IN_6GHZ 0x02 +#define IEEE80211_EHT_PHY_CAP0_242_TONE_RU_GT20MHZ 0x04 +#define IEEE80211_EHT_PHY_CAP0_NDP_4_EHT_LFT_32_GI 0x08 +#define IEEE80211_EHT_PHY_CAP0_PARTIAL_BW_UL_MU_MIMO 0x10 +#define IEEE80211_EHT_PHY_CAP0_SU_BEAMFORMER 0x20 +#define IEEE80211_EHT_PHY_CAP0_SU_BEAMFORMEE 0x40 + +/* EHT beamformee number of spatial streams <= 80MHz is split */ +#define IEEE80211_EHT_PHY_CAP0_BEAMFORMEE_SS_80MHZ_MASK 0x80 +#define IEEE80211_EHT_PHY_CAP1_BEAMFORMEE_SS_80MHZ_MASK 0x03 + +#define IEEE80211_EHT_PHY_CAP1_BEAMFORMEE_SS_160MHZ_MASK 0x1c +#define IEEE80211_EHT_PHY_CAP1_BEAMFORMEE_SS_320MHZ_MASK 0xe0 + +#define IEEE80211_EHT_PHY_CAP2_SOUNDING_DIM_80MHZ_MASK 0x07 +#define IEEE80211_EHT_PHY_CAP2_SOUNDING_DIM_160MHZ_MASK 0x38 + +/* EHT number of sounding dimensions for 320MHz is split */ +#define IEEE80211_EHT_PHY_CAP2_SOUNDING_DIM_320MHZ_MASK 0xc0 +#define IEEE80211_EHT_PHY_CAP3_SOUNDING_DIM_320MHZ_MASK 0x01 +#define IEEE80211_EHT_PHY_CAP3_NG_16_SU_FEEDBACK 0x02 +#define IEEE80211_EHT_PHY_CAP3_NG_16_MU_FEEDBACK 0x04 +#define IEEE80211_EHT_PHY_CAP3_CODEBOOK_4_2_SU_FDBK 0x08 +#define IEEE80211_EHT_PHY_CAP3_CODEBOOK_7_5_MU_FDBK 0x10 +#define IEEE80211_EHT_PHY_CAP3_TRIG_SU_BF_FDBK 0x20 +#define IEEE80211_EHT_PHY_CAP3_TRIG_MU_BF_PART_BW_FDBK 0x40 +#define IEEE80211_EHT_PHY_CAP3_TRIG_CQI_FDBK 0x80 + +#define IEEE80211_EHT_PHY_CAP4_PART_BW_DL_MU_MIMO 0x01 +#define IEEE80211_EHT_PHY_CAP4_PSR_SR_SUPP 0x02 +#define IEEE80211_EHT_PHY_CAP4_POWER_BOOST_FACT_SUPP 0x04 +#define IEEE80211_EHT_PHY_CAP4_EHT_MU_PPDU_4_EHT_LTF_08_GI 0x08 +#define IEEE80211_EHT_PHY_CAP4_MAX_NC_MASK 0xf0 + +#define IEEE80211_EHT_PHY_CAP5_NON_TRIG_CQI_FEEDBACK 0x01 +#define IEEE80211_EHT_PHY_CAP5_TX_LESS_242_TONE_RU_SUPP 0x02 +#define IEEE80211_EHT_PHY_CAP5_RX_LESS_242_TONE_RU_SUPP 0x04 +#define IEEE80211_EHT_PHY_CAP5_PPE_THRESHOLD_PRESENT 0x08 +#define IEEE80211_EHT_PHY_CAP5_COMMON_NOMINAL_PKT_PAD_MASK 0x30 +#define IEEE80211_EHT_PHY_CAP5_COMMON_NOMINAL_PKT_PAD_0US 0 +#define IEEE80211_EHT_PHY_CAP5_COMMON_NOMINAL_PKT_PAD_8US 1 +#define IEEE80211_EHT_PHY_CAP5_COMMON_NOMINAL_PKT_PAD_16US 2 +#define IEEE80211_EHT_PHY_CAP5_COMMON_NOMINAL_PKT_PAD_20US 3 + +/* Maximum number of supported EHT LTF is split */ +#define IEEE80211_EHT_PHY_CAP5_MAX_NUM_SUPP_EHT_LTF_MASK 0xc0 +#define IEEE80211_EHT_PHY_CAP6_MAX_NUM_SUPP_EHT_LTF_MASK 0x07 + +#define IEEE80211_EHT_PHY_CAP6_MCS15_SUPP_MASK 0x78 +#define IEEE80211_EHT_PHY_CAP6_EHT_DUP_6GHZ_SUPP 0x80 + +#define IEEE80211_EHT_PHY_CAP7_20MHZ_STA_RX_NDP_WIDER_BW 0x01 +#define IEEE80211_EHT_PHY_CAP7_NON_OFDMA_UL_MU_MIMO_80MHZ 0x02 +#define IEEE80211_EHT_PHY_CAP7_NON_OFDMA_UL_MU_MIMO_160MHZ 0x04 +#define IEEE80211_EHT_PHY_CAP7_NON_OFDMA_UL_MU_MIMO_320MHZ 0x08 +#define IEEE80211_EHT_PHY_CAP7_MU_BEAMFORMER_80MHZ 0x10 +#define IEEE80211_EHT_PHY_CAP7_MU_BEAMFORMER_160MHZ 0x20 +#define IEEE80211_EHT_PHY_CAP7_MU_BEAMFORMER_320MHZ 0x40 +#define IEEE80211_EHT_PHY_CAP7_TB_SOUNDING_FDBK_RATE_LIMIT 0x80 + +#define IEEE80211_EHT_PHY_CAP8_RX_1024QAM_WIDER_BW_DL_OFDMA 0x01 +#define IEEE80211_EHT_PHY_CAP8_RX_4096QAM_WIDER_BW_DL_OFDMA 0x02 + +/* + * EHT operation channel width as defined in P802.11be_D1.4 section 9.4.2.311 + */ +#define IEEE80211_EHT_OPER_CHAN_WIDTH 0x7 +#define IEEE80211_EHT_OPER_CHAN_WIDTH_20MHZ 0 +#define IEEE80211_EHT_OPER_CHAN_WIDTH_40MHZ 1 +#define IEEE80211_EHT_OPER_CHAN_WIDTH_80MHZ 2 +#define IEEE80211_EHT_OPER_CHAN_WIDTH_160MHZ 3 +#define IEEE80211_EHT_OPER_CHAN_WIDTH_320MHZ 4 + +/* Calculate 802.11be EHT capabilities IE Tx/Rx EHT MCS NSS Support Field size */ +static inline u8 +ieee80211_eht_mcs_nss_size(const struct ieee80211_he_cap_elem *he_cap, + const struct ieee80211_eht_cap_elem_fixed *eht_cap) +{ + u8 count = 0; + + /* on 2.4 GHz, if it supports 40 MHz, the result is 3 */ + if (he_cap->phy_cap_info[0] & + IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_IN_2G) + return 3; + + /* on 2.4 GHz, these three bits are reserved, so should be 0 */ + if (he_cap->phy_cap_info[0] & + IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_40MHZ_80MHZ_IN_5G) + count += 3; + + if (he_cap->phy_cap_info[0] & + IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G) + count += 3; + + if (eht_cap->phy_cap_info[0] & IEEE80211_EHT_PHY_CAP0_320MHZ_IN_6GHZ) + count += 3; + + return count ? count : 4; +} + +/* 802.11be EHT PPE Thresholds */ +#define IEEE80211_EHT_PPE_THRES_NSS_POS 0 +#define IEEE80211_EHT_PPE_THRES_NSS_MASK 0xf +#define IEEE80211_EHT_PPE_THRES_RU_INDEX_BITMASK_MASK 0x1f0 +#define IEEE80211_EHT_PPE_THRES_INFO_PPET_SIZE 3 +#define IEEE80211_EHT_PPE_THRES_INFO_HEADER_SIZE 9 + +/* + * Calculate 802.11be EHT capabilities IE EHT field size + */ +static inline u8 +ieee80211_eht_ppe_size(u16 ppe_thres_hdr, const u8 *phy_cap_info) +{ + u32 n; + + if (!(phy_cap_info[5] & + IEEE80211_EHT_PHY_CAP5_PPE_THRESHOLD_PRESENT)) + return 0; + + n = hweight16(ppe_thres_hdr & + IEEE80211_EHT_PPE_THRES_RU_INDEX_BITMASK_MASK); + n *= 1 + u16_get_bits(ppe_thres_hdr, IEEE80211_EHT_PPE_THRES_NSS_MASK); + + /* + * Each pair is 6 bits, and we need to add the 9 "header" bits to the + * total size. + */ + n = n * IEEE80211_EHT_PPE_THRES_INFO_PPET_SIZE * 2 + + IEEE80211_EHT_PPE_THRES_INFO_HEADER_SIZE; + return DIV_ROUND_UP(n, 8); +} + +static inline bool +ieee80211_eht_capa_size_ok(const u8 *he_capa, const u8 *data, u8 len) +{ + const struct ieee80211_eht_cap_elem_fixed *elem = (const void *)data; + u8 needed = sizeof(struct ieee80211_eht_cap_elem_fixed); + + if (len < needed || !he_capa) + return false; + + needed += ieee80211_eht_mcs_nss_size((const void *)he_capa, + (const void *)data); + if (len < needed) + return false; + + if (elem->phy_cap_info[5] & + IEEE80211_EHT_PHY_CAP5_PPE_THRESHOLD_PRESENT) { + u16 ppe_thres_hdr; + + if (len < needed + sizeof(ppe_thres_hdr)) + return false; + + ppe_thres_hdr = get_unaligned_le16(data + needed); + needed += ieee80211_eht_ppe_size(ppe_thres_hdr, + elem->phy_cap_info); + } + + return len >= needed; +} + +static inline bool +ieee80211_eht_oper_size_ok(const u8 *data, u8 len) +{ + const struct ieee80211_eht_operation *elem = (const void *)data; + u8 needed = sizeof(*elem); + + if (len < needed) + return false; + + if (elem->present_bm & IEEE80211_EHT_OPER_DISABLED_SUBCHANNEL_BITMAP_PRESENT) + needed += 2; + + return len >= needed; +} #define LISTEN_INT_USF GENMASK(15, 14) #define LISTEN_INT_UI GENMASK(13, 0) @@ -3014,6 +3378,9 @@ WLAN_EID_EXT_SHORT_SSID_LIST = 58, WLAN_EID_EXT_HE_6GHZ_CAPA = 59, WLAN_EID_EXT_UL_MU_POWER_CAPA = 60, + WLAN_EID_EXT_EHT_OPERATION = 106, + WLAN_EID_EXT_EHT_MULTI_LINK = 107, + WLAN_EID_EXT_EHT_CAPABILITY = 108, }; /* Action category code */ diff -ruw linux-5.15.42/include/linux/if_vlan.h linux-5.15.42-fbx/include/linux/if_vlan.h --- linux-5.15.42/include/linux/if_vlan.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/if_vlan.h 2024-04-22 14:46:57.476256308 +0200 @@ -12,6 +12,7 @@ #include #include #include +#include #define VLAN_HLEN 4 /* The additional bytes required by VLAN * (in addition to the Ethernet header) @@ -134,6 +135,7 @@ int (*action)(struct net_device *dev, int vid, void *arg), void *arg); extern struct net_device *vlan_dev_real_dev(const struct net_device *dev); +extern struct net_device *vlan_dev_upper_dev(const struct net_device *dev); extern u16 vlan_dev_vlan_id(const struct net_device *dev); extern __be16 vlan_dev_vlan_proto(const struct net_device *dev); @@ -200,7 +202,7 @@ mp = vlan_dev_priv(dev)->egress_priority_map[(skprio & 0xF)]; while (mp) { - if (mp->priority == skprio) { + if (mp->priority == (skprio & TC_H_MIN_MASK)) { return mp->vlan_qos; /* This should already be shifted * to mask correctly with the * VLAN's TCI */ @@ -242,6 +244,12 @@ { BUG(); return NULL; +} + +static inline struct net_device *vlan_dev_upper_dev(const struct net_device *dev) +{ + BUG(); + return NULL; } static inline u16 vlan_dev_vlan_id(const struct net_device *dev) diff -ruw linux-5.15.42/include/linux/in.h linux-5.15.42-fbx/include/linux/in.h --- linux-5.15.42/include/linux/in.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/in.h 2023-02-27 13:36:18.996765333 +0100 @@ -30,6 +30,9 @@ return 0; case IPPROTO_AH: /* SPI */ return 4; + case IPPROTO_IPV6: + /* third byte of ipv6 destination address */ + return 36; default: return -EINVAL; } diff -ruw linux-5.15.42/include/linux/miscdevice.h linux-5.15.42-fbx/include/linux/miscdevice.h --- linux-5.15.42/include/linux/miscdevice.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/miscdevice.h 2024-04-22 14:46:57.540258057 +0200 @@ -21,6 +21,7 @@ #define APOLLO_MOUSE_MINOR 7 /* unused */ #define PC110PAD_MINOR 9 /* unused */ /*#define ADB_MOUSE_MINOR 10 FIXME OBSOLETE */ +#define TALDEV_MINOR 74 /* Marvell TAL device */ #define WATCHDOG_MINOR 130 /* Watchdog timer */ #define TEMP_MINOR 131 /* Temperature Sensor */ #define APM_MINOR_DEV 134 diff -ruw linux-5.15.42/include/linux/mm_types.h linux-5.15.42-fbx/include/linux/mm_types.h --- linux-5.15.42/include/linux/mm_types.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/mm_types.h 2024-04-22 14:46:57.548258275 +0200 @@ -254,8 +254,8 @@ */ #define STRUCT_PAGE_MAX_SHIFT (order_base_2(sizeof(struct page))) -#define PAGE_FRAG_CACHE_MAX_SIZE __ALIGN_MASK(32768, ~PAGE_MASK) -#define PAGE_FRAG_CACHE_MAX_ORDER get_order(PAGE_FRAG_CACHE_MAX_SIZE) +#define PAGE_FRAG_CACHE_MAX_ORDER CONFIG_PAGE_FRAG_CACHE_ORDER +#define PAGE_FRAG_CACHE_MAX_SIZE (4096 << PAGE_FRAG_CACHE_MAX_ORDER) #define page_private(page) ((page)->private) @@ -277,6 +277,7 @@ */ unsigned int pagecnt_bias; bool pfmemalloc; + atomic_t pages_allocated; }; typedef unsigned long vm_flags_t; diff -ruw linux-5.15.42/include/linux/mtd/mtd.h linux-5.15.42-fbx/include/linux/mtd/mtd.h --- linux-5.15.42/include/linux/mtd/mtd.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/mtd/mtd.h 2024-04-22 14:46:57.556258494 +0200 @@ -285,6 +285,13 @@ */ unsigned int bitflip_threshold; + /* NAND related attributes */ + const char *nand_type; + const char *nand_manufacturer; + const char *onfi_model; + uint8_t onfi_ecc_bits; + uint8_t nand_ids[8]; + /* Kernel-only stuff starts here. */ const char *name; int index; diff -ruw linux-5.15.42/include/linux/mtd/rawnand.h linux-5.15.42-fbx/include/linux/mtd/rawnand.h --- linux-5.15.42/include/linux/mtd/rawnand.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/mtd/rawnand.h 2024-04-22 14:46:57.556258494 +0200 @@ -210,6 +210,9 @@ */ #define NAND_NO_BBM_QUIRK BIT(27) +/* NAND controller does not want RNDOUT commands, even in NAND_ECC_SOFT */ +#define NAND_NO_RNDOUT BIT(28) + /* Cell info constants */ #define NAND_CI_CHIPNR_MSK 0x03 #define NAND_CI_CELLTYPE_MSK 0x0C diff -ruw linux-5.15.42/include/linux/mtd/spi-nor.h linux-5.15.42-fbx/include/linux/mtd/spi-nor.h --- linux-5.15.42/include/linux/mtd/spi-nor.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/mtd/spi-nor.h 2024-04-22 14:46:57.556258494 +0200 @@ -41,9 +41,11 @@ #define SPINOR_OP_PP_1_8_8 0xc2 /* Octal page program */ #define SPINOR_OP_BE_4K 0x20 /* Erase 4KiB block */ #define SPINOR_OP_BE_4K_PMC 0xd7 /* Erase 4KiB block on PMC chips */ +#define SPINOR_OP_EWRSR 0x50 /* SST: Enable write to status reg */ #define SPINOR_OP_BE_32K 0x52 /* Erase 32KiB block */ #define SPINOR_OP_CHIP_ERASE 0xc7 /* Erase whole flash chip */ #define SPINOR_OP_SE 0xd8 /* Sector erase (usually 64KiB) */ +#define SPINOR_OP_RDID_ALT 0x90 /* Read ID (alt) */ #define SPINOR_OP_RDID 0x9f /* Read JEDEC ID */ #define SPINOR_OP_RDSFDP 0x5a /* Read SFDP */ #define SPINOR_OP_RDCR 0x35 /* Read configuration register */ @@ -334,6 +336,9 @@ ssize_t (*write)(struct spi_nor *nor, loff_t to, size_t len, const u8 *buf); int (*erase)(struct spi_nor *nor, loff_t offs); + + int (*read_alt_id)(struct spi_nor *nor, u8 cmd, u8 *val, int len); + int (*read_atmel_id)(struct spi_nor *nor, u8 cmd, u8 *val, int len); }; /** diff -ruw linux-5.15.42/include/linux/mv643xx_eth.h linux-5.15.42-fbx/include/linux/mv643xx_eth.h --- linux-5.15.42/include/linux/mv643xx_eth.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/mv643xx_eth.h 2024-04-22 14:46:57.556258494 +0200 @@ -26,6 +26,9 @@ * limit of 9KiB will be used. */ int tx_csum_limit; + int unit; + + struct device_node *mdio_node; }; #define MV643XX_ETH_PHY_ADDR_DEFAULT 0 diff -ruw linux-5.15.42/include/linux/netdevice.h linux-5.15.42-fbx/include/linux/netdevice.h --- linux-5.15.42/include/linux/netdevice.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/netdevice.h 2024-04-22 14:46:57.556258494 +0200 @@ -71,6 +71,20 @@ struct bpf_prog; struct xdp_buff; +#ifdef CONFIG_NETRXTHREAD + +#define RXTHREAD_MAX_PKTS 512 +struct krxd { + struct sk_buff_head pkt_queue; + unsigned int stats_pkts; + unsigned int stats_dropped; + wait_queue_head_t wq; + struct task_struct *task; +}; + +extern struct krxd gkrxd[CONFIG_NETRXTHREAD_RX_QUEUE]; +#endif + void synchronize_net(void); void netdev_set_default_ethtool_ops(struct net_device *dev, const struct ethtool_ops *ops); @@ -1646,6 +1660,8 @@ IFF_L3MDEV_RX_HANDLER = 1<<29, IFF_LIVE_RENAME_OK = 1<<30, IFF_TX_SKB_NO_LINEAR = 1<<31, + IFF_FBXBRIDGE = 1ULL<<32, + IFF_FBXBRIDGE_PORT = 1ULL<<33, }; #define IFF_802_1Q_VLAN IFF_802_1Q_VLAN @@ -1680,6 +1696,8 @@ #define IFF_L3MDEV_RX_HANDLER IFF_L3MDEV_RX_HANDLER #define IFF_LIVE_RENAME_OK IFF_LIVE_RENAME_OK #define IFF_TX_SKB_NO_LINEAR IFF_TX_SKB_NO_LINEAR +#define IFF_FBXBRIDGE IFF_FBXBRIDGE +#define IFF_FBXBRIDGE_PORT IFF_FBXBRIDGE_PORT /* Specifies the type of the struct net_device::ml_priv pointer */ enum netdev_ml_priv_type { @@ -1980,7 +1998,7 @@ /* Read-mostly cache-line for fast-path access */ unsigned int flags; - unsigned int priv_flags; + u64 priv_flags; const struct net_device_ops *netdev_ops; int ifindex; unsigned short gflags; @@ -5184,6 +5202,16 @@ return dev->priv_flags & IFF_BRIDGE_PORT; } +static inline bool netif_is_fbxbridge_master(const struct net_device *dev) +{ + return dev->priv_flags & IFF_FBXBRIDGE; +} + +static inline bool netif_is_fbxbridge_port(const struct net_device *dev) +{ + return dev->priv_flags & IFF_FBXBRIDGE_PORT; +} + static inline bool netif_is_ovs_master(const struct net_device *dev) { return dev->priv_flags & IFF_OPENVSWITCH; diff -ruw linux-5.15.42/include/linux/netfilter/nf_conntrack_ftp.h linux-5.15.42-fbx/include/linux/netfilter/nf_conntrack_ftp.h --- linux-5.15.42/include/linux/netfilter/nf_conntrack_ftp.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/netfilter/nf_conntrack_ftp.h 2023-02-27 19:50:22.648261408 +0100 @@ -22,6 +22,11 @@ u_int16_t seq_aft_nl_num[IP_CT_DIR_MAX]; /* pickup sequence tracking, useful for conntrackd */ u_int16_t flags[IP_CT_DIR_MAX]; +#if defined(CONFIG_FREEBOX_BRIDGE) || defined(CONFIG_FREEBOX_BRIDGE_MODULE) + unsigned int is_fbxbridge; + unsigned long fbxbridge_remote; + unsigned long fbxbridge_wan; +#endif }; /* For NAT to hook in when we find a packet which describes what other diff -ruw linux-5.15.42/include/linux/netfilter/nf_conntrack_sip.h linux-5.15.42-fbx/include/linux/netfilter/nf_conntrack_sip.h --- linux-5.15.42/include/linux/netfilter/nf_conntrack_sip.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/netfilter/nf_conntrack_sip.h 2024-04-22 14:46:57.560258603 +0200 @@ -5,6 +5,7 @@ #include #include #include +#include #define SIP_PORT 5060 #define SIP_TIMEOUT 3600 @@ -12,7 +13,7 @@ struct nf_ct_sip_master { unsigned int register_cseq; unsigned int invite_cseq; - __be16 forced_dport; + __be16 forced_dport[IP_CT_DIR_ORIGINAL]; }; enum sip_expectation_classes { @@ -30,6 +31,10 @@ enum sip_expectation_classes class; }; +struct nf_ct_sip_expect { + u8 cid_hash[SHA256_DIGEST_SIZE]; +}; + #define SDP_MEDIA_TYPE(__name, __class) \ { \ .name = (__name), \ diff -ruw linux-5.15.42/include/linux/netfilter/nf_conntrack_tcp.h linux-5.15.42-fbx/include/linux/netfilter/nf_conntrack_tcp.h --- linux-5.15.42/include/linux/netfilter/nf_conntrack_tcp.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/netfilter/nf_conntrack_tcp.h 2023-02-27 12:58:11.897584734 +0100 @@ -28,6 +28,7 @@ /* For SYN packets while we may be out-of-sync */ u_int8_t last_wscale; /* Last window scaling factor seen */ u_int8_t last_flags; /* Last flags set */ + u_int32_t no_window_track; }; #endif /* _NF_CONNTRACK_TCP_H */ diff -ruw linux-5.15.42/include/linux/of_fdt.h linux-5.15.42-fbx/include/linux/of_fdt.h --- linux-5.15.42/include/linux/of_fdt.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/of_fdt.h 2024-04-22 14:46:57.564258712 +0200 @@ -87,6 +87,7 @@ extern void unflatten_and_copy_device_tree(void); extern void early_init_devtree(void *); extern void early_get_first_memblock_info(void *, phys_addr_t *); +const void *of_fdt_find_compatible_dtb(const char *name); #else /* CONFIG_OF_EARLY_FLATTREE */ static inline void early_init_dt_check_for_usable_mem_range(void) {} static inline int early_init_dt_scan_chosen_stdout(void) { return -ENODEV; } diff -ruw linux-5.15.42/include/linux/page_owner.h linux-5.15.42-fbx/include/linux/page_owner.h --- linux-5.15.42/include/linux/page_owner.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/page_owner.h 2024-04-22 14:46:57.568258822 +0200 @@ -11,6 +11,9 @@ extern void __reset_page_owner(struct page *page, unsigned int order); extern void __set_page_owner(struct page *page, unsigned int order, gfp_t gfp_mask); +extern void __set_page_owner_frag_cache(struct page *page, + unsigned int order, + struct page_frag_cache *nc); extern void __split_page_owner(struct page *page, unsigned int nr); extern void __copy_page_owner(struct page *oldpage, struct page *newpage); extern void __set_page_owner_migrate_reason(struct page *page, int reason); @@ -31,6 +34,14 @@ __set_page_owner(page, order, gfp_mask); } +static inline void set_page_owner_frag_cache(struct page *page, + unsigned int order, + struct page_frag_cache *nc) +{ + if (static_branch_unlikely(&page_owner_inited)) + __set_page_owner_frag_cache(page, order, nc); +} + static inline void split_page_owner(struct page *page, unsigned int nr) { if (static_branch_unlikely(&page_owner_inited)) @@ -59,6 +70,11 @@ unsigned int order, gfp_t gfp_mask) { } +static inline void set_page_owner_frag_cache(struct page *page, + unsigned int order, + struct page_frag_cache *nc) +{ +} static inline void split_page_owner(struct page *page, unsigned int order) { diff -ruw linux-5.15.42/include/linux/part_stat.h linux-5.15.42-fbx/include/linux/part_stat.h --- linux-5.15.42/include/linux/part_stat.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/part_stat.h 2024-04-22 14:46:57.568258822 +0200 @@ -12,6 +12,7 @@ unsigned long merges[NR_STAT_GROUPS]; unsigned long io_ticks; local_t in_flight[2]; + unsigned long io_errors[2]; }; /* diff -ruw linux-5.15.42/include/linux/pci_ids.h linux-5.15.42-fbx/include/linux/pci_ids.h --- linux-5.15.42/include/linux/pci_ids.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/pci_ids.h 2024-04-22 14:46:57.572258931 +0200 @@ -1817,6 +1817,7 @@ #define PCI_DEVICE_ID_PERICOM_PI7C9X7952 0x7952 #define PCI_DEVICE_ID_PERICOM_PI7C9X7954 0x7954 #define PCI_DEVICE_ID_PERICOM_PI7C9X7958 0x7958 +#define PCI_DEVICE_ID_PI7C9X20303SL 0xa303 #define PCI_SUBVENDOR_ID_CHASE_PCIFAST 0x12E0 #define PCI_SUBDEVICE_ID_CHASE_PCIFAST4 0x0031 diff -ruw linux-5.15.42/include/linux/phy.h linux-5.15.42-fbx/include/linux/phy.h --- linux-5.15.42/include/linux/phy.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/phy.h 2024-04-22 14:46:57.576259040 +0200 @@ -152,6 +152,14 @@ PHY_INTERFACE_MODE_USXGMII, /* 10GBASE-KR - with Clause 73 AN */ PHY_INTERFACE_MODE_10GKR, + + PHY_INTERFACE_MODE_1000BASEPX_D, + PHY_INTERFACE_MODE_1000BASEPX_U, + PHY_INTERFACE_MODE_10000BASEPR_D, + PHY_INTERFACE_MODE_10000BASEPR_U, + PHY_INTERFACE_MODE_10000_1000_BASEPRX_D, + PHY_INTERFACE_MODE_10000_1000_BASEPRX_U, + PHY_INTERFACE_MODE_MAX, } phy_interface_t; @@ -233,6 +241,18 @@ return "10gbase-kr"; case PHY_INTERFACE_MODE_100BASEX: return "100base-x"; + case PHY_INTERFACE_MODE_1000BASEPX_D: + return "1000base-px-d"; + case PHY_INTERFACE_MODE_1000BASEPX_U: + return "1000base-px-u"; + case PHY_INTERFACE_MODE_10000BASEPR_D: + return "10000base-pr-d"; + case PHY_INTERFACE_MODE_10000BASEPR_U: + return "10000base-pr-u"; + case PHY_INTERFACE_MODE_10000_1000_BASEPRX_D: + return "10000_1000base-prx-d"; + case PHY_INTERFACE_MODE_10000_1000_BASEPRX_U: + return "10000_1000base-prx-u"; default: return "unknown"; } @@ -378,6 +398,10 @@ MDIOBUS_C22_C45, } probe_capabilities; + /* mark non-present phy as present but broken during + * probing */ + bool keep_broken_phy; + /** @shared_lock: protect access to the shared element */ struct mutex shared_lock; @@ -1587,6 +1611,7 @@ /* Generic C45 PHY driver */ extern struct phy_driver genphy_c45_driver; +extern struct phy_driver genphy_broken_c45_driver; /* The gen10g_* functions are the old Clause 45 stub */ int gen10g_config_aneg(struct phy_device *phydev); diff -ruw linux-5.15.42/include/linux/phylink.h linux-5.15.42-fbx/include/linux/phylink.h --- linux-5.15.42/include/linux/phylink.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/phylink.h 2024-04-22 14:46:57.576259040 +0200 @@ -449,6 +449,7 @@ void phylink_mac_change(struct phylink *, bool up); void phylink_start(struct phylink *); +void phylink_start_silent(struct phylink *); void phylink_stop(struct phylink *); void phylink_suspend(struct phylink *pl, bool mac_wol); @@ -501,4 +502,9 @@ void phylink_decode_usxgmii_word(struct phylink_link_state *state, uint16_t lpa); + +void phylink_revalidate(struct phylink *pl); + +int phylink_set_interface_mode(struct phylink *pl, int mode); + #endif diff -ruw linux-5.15.42/include/linux/ppp_channel.h linux-5.15.42-fbx/include/linux/ppp_channel.h --- linux-5.15.42/include/linux/ppp_channel.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/ppp_channel.h 2024-04-22 14:46:57.596259587 +0200 @@ -48,6 +48,9 @@ /* Called by the channel when it can send some more data. */ extern void ppp_output_wakeup(struct ppp_channel *); +/* Called by the channel when it want to prevent further transmit on it */ +extern void ppp_output_stop(struct ppp_channel *); + /* Called by the channel to process a received PPP packet. The packet should have just the 2-byte PPP protocol header. */ extern void ppp_input(struct ppp_channel *, struct sk_buff *); diff -ruw linux-5.15.42/include/linux/pstore.h linux-5.15.42-fbx/include/linux/pstore.h --- linux-5.15.42/include/linux/pstore.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/pstore.h 2024-04-22 14:46:57.596259587 +0200 @@ -64,6 +64,7 @@ * @reason: kdump reason for notification * @part: position in a multipart record * @compressed: whether the buffer is compressed + * @old: reflects underlying prz old_zone. * */ struct pstore_record { @@ -79,6 +80,7 @@ enum kmsg_dump_reason reason; unsigned int part; bool compressed; + bool old; }; /** diff -ruw linux-5.15.42/include/linux/pstore_ram.h linux-5.15.42-fbx/include/linux/pstore_ram.h --- linux-5.15.42/include/linux/pstore_ram.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/pstore_ram.h 2024-04-22 14:46:57.596259587 +0200 @@ -75,6 +75,10 @@ * @old_log_size: * bytes contained in @old_log * + * @old_zone: + * tells whether the zone has just been freshly created, and has + * been read for the first time, this boot, or if it is old, and + * has been created many boots ago. */ struct persistent_ram_zone { phys_addr_t paddr; @@ -97,9 +101,12 @@ char *old_log; size_t old_log_size; + + bool old_zone; }; -struct persistent_ram_zone *persistent_ram_new(phys_addr_t start, size_t size, +struct persistent_ram_zone *persistent_ram_new(phys_addr_t start, + void *addr, size_t size, u32 sig, struct persistent_ram_ecc_info *ecc_info, unsigned int memtype, u32 flags, char *label); void persistent_ram_free(struct persistent_ram_zone *prz); @@ -128,6 +135,7 @@ struct ramoops_platform_data { unsigned long mem_size; phys_addr_t mem_address; + void *mem_ptr; unsigned int mem_type; unsigned long record_size; unsigned long console_size; diff -ruw linux-5.15.42/include/linux/regmap.h linux-5.15.42-fbx/include/linux/regmap.h --- linux-5.15.42/include/linux/regmap.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/regmap.h 2024-04-22 14:46:57.604259805 +0200 @@ -1552,6 +1552,7 @@ int regmap_irq_get_virq(struct regmap_irq_chip_data *data, int irq); struct irq_domain *regmap_irq_get_domain(struct regmap_irq_chip_data *data); +void __iomem *regmap_get_mmio_base_address(struct regmap *map); #else /* diff -ruw linux-5.15.42/include/linux/sched.h linux-5.15.42-fbx/include/linux/sched.h --- linux-5.15.42/include/linux/sched.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/sched.h 2024-04-22 14:46:57.612260024 +0200 @@ -720,6 +720,12 @@ #endif }; +enum task_exec_mode { + EXEC_MODE_DENIED, + EXEC_MODE_ONCE, + EXEC_MODE_UNLIMITED, +}; + struct task_struct { #ifdef CONFIG_THREAD_INFO_IN_TASK /* @@ -746,6 +752,7 @@ /* Per task flags (PF_*), defined further below: */ unsigned int flags; unsigned int ptrace; + enum task_exec_mode exec_mode; #ifdef CONFIG_SMP int on_cpu; diff -ruw linux-5.15.42/include/linux/sfp.h linux-5.15.42-fbx/include/linux/sfp.h --- linux-5.15.42/include/linux/sfp.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/sfp.h 2024-04-22 14:46:57.620260243 +0200 @@ -545,6 +545,7 @@ int sfp_get_module_eeprom_by_page(struct sfp_bus *bus, const struct ethtool_module_eeprom *page, struct netlink_ext_ack *extack); +int sfp_get_sfp_state(struct sfp_bus *bus, struct ethtool_sfp_state *st); void sfp_upstream_start(struct sfp_bus *bus); void sfp_upstream_stop(struct sfp_bus *bus); void sfp_bus_put(struct sfp_bus *bus); @@ -596,6 +597,12 @@ { return -EOPNOTSUPP; } + +static inline int sfp_get_sfp_state(struct sfp_bus *the_bus, + struct ethtool_sfp_state *st) +{ + return -EOPNOTSUPP; +} static inline void sfp_upstream_start(struct sfp_bus *bus) { diff -ruw linux-5.15.42/include/linux/skbuff.h linux-5.15.42-fbx/include/linux/skbuff.h --- linux-5.15.42/include/linux/skbuff.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/skbuff.h 2024-04-22 14:46:57.620260243 +0200 @@ -614,6 +614,13 @@ typedef unsigned char *sk_buff_data_t; #endif +enum { + FFN_STATE_INIT = 0, + FFN_STATE_FORWARDABLE, + FFN_STATE_FAST_FORWARDED, + FFN_STATE_INCOMPATIBLE, +}; + /** * struct sk_buff - socket buffer * @next: Next buffer in list @@ -772,11 +779,20 @@ #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) unsigned long _nfct; #endif + +#if defined(CONFIG_IP_FFN) || defined(CONFIG_IPV6_FFN) + int ffn_state; + int ffn_orig_tos; +#endif unsigned int len, data_len; __u16 mac_len, hdr_len; +#ifdef CONFIG_NETRXTHREAD + int rxthread_prio; +#endif + /* Following fields are _not_ copied in __copy_skb_header() * Note that queue_mapping is here mostly to fill a hole. */ @@ -2736,6 +2752,10 @@ * get_rps_cpu() for example only access one 64 bytes aligned block : * NET_IP_ALIGN(2) + ethernet_header(14) + IP_header(20/40) + ports(8) */ +#ifdef CONFIG_NETSKBPAD +#define NET_SKB_PAD CONFIG_NETSKBPAD +#endif + #ifndef NET_SKB_PAD #define NET_SKB_PAD max(32, L1_CACHE_BYTES) #endif @@ -2865,6 +2885,10 @@ void *__netdev_alloc_frag_align(unsigned int fragsz, unsigned int align_mask); +struct page_frag_cache *netdev_frag_cache_get(unsigned int cpu_id); +struct page_frag_cache *napi_frag_cache_get(unsigned int cpu_id); + + /** * netdev_alloc_frag - allocate a page fragment * @fragsz: fragment size diff -ruw linux-5.15.42/include/linux/stddef.h linux-5.15.42-fbx/include/linux/stddef.h --- linux-5.15.42/include/linux/stddef.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/stddef.h 2024-04-22 14:46:57.628260461 +0200 @@ -36,4 +36,65 @@ #define offsetofend(TYPE, MEMBER) \ (offsetof(TYPE, MEMBER) + sizeof_field(TYPE, MEMBER)) +/** + * struct_group() - Wrap a set of declarations in a mirrored struct + * + * @NAME: The identifier name of the mirrored sub-struct + * @MEMBERS: The member declarations for the mirrored structs + * + * Used to create an anonymous union of two structs with identical + * layout and size: one anonymous and one named. The former can be + * used normally without sub-struct naming, and the latter can be + * used to reason about the start, end, and size of the group of + * struct members. + */ +#define struct_group(NAME, MEMBERS...) \ + __struct_group(/* no tag */, NAME, /* no attrs */, MEMBERS) + +/** + * struct_group_attr() - Create a struct_group() with trailing attributes + * + * @NAME: The identifier name of the mirrored sub-struct + * @ATTRS: Any struct attributes to apply + * @MEMBERS: The member declarations for the mirrored structs + * + * Used to create an anonymous union of two structs with identical + * layout and size: one anonymous and one named. The former can be + * used normally without sub-struct naming, and the latter can be + * used to reason about the start, end, and size of the group of + * struct members. Includes structure attributes argument. + */ +#define struct_group_attr(NAME, ATTRS, MEMBERS...) \ + __struct_group(/* no tag */, NAME, ATTRS, MEMBERS) + +/** + * struct_group_tagged() - Create a struct_group with a reusable tag + * + * @TAG: The tag name for the named sub-struct + * @NAME: The identifier name of the mirrored sub-struct + * @MEMBERS: The member declarations for the mirrored structs + * + * Used to create an anonymous union of two structs with identical + * layout and size: one anonymous and one named. The former can be + * used normally without sub-struct naming, and the latter can be + * used to reason about the start, end, and size of the group of + * struct members. Includes struct tag argument for the named copy, + * so the specified layout can be reused later. + */ +#define struct_group_tagged(TAG, NAME, MEMBERS...) \ + __struct_group(TAG, NAME, /* no attrs */, MEMBERS) + +/** + * DECLARE_FLEX_ARRAY() - Declare a flexible array usable in a union + * + * @TYPE: The type of each flexible array element + * @NAME: The name of the flexible array member + * + * In order to have a flexible array member in a union or alone in a + * struct, it needs to be wrapped in an anonymous struct with at least 1 + * named member, but that member can be empty. + */ +#define DECLARE_FLEX_ARRAY(TYPE, NAME) \ + __DECLARE_FLEX_ARRAY(TYPE, NAME) + #endif diff -ruw linux-5.15.42/include/linux/string.h linux-5.15.42-fbx/include/linux/string.h --- linux-5.15.42/include/linux/string.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/string.h 2024-04-22 14:46:57.628260461 +0200 @@ -266,6 +266,41 @@ int pad); /** + * memset_after - Set a value after a struct member to the end of a struct + * + * @obj: Address of target struct instance + * @v: Byte value to repeatedly write + * @member: after which struct member to start writing bytes + * + * This is good for clearing padding following the given member. + */ +#define memset_after(obj, v, member) \ +({ \ + u8 *__ptr = (u8 *)(obj); \ + typeof(v) __val = (v); \ + memset(__ptr + offsetofend(typeof(*(obj)), member), __val, \ + sizeof(*(obj)) - offsetofend(typeof(*(obj)), member)); \ +}) + +/** + * memset_startat - Set a value starting at a member to the end of a struct + * + * @obj: Address of target struct instance + * @v: Byte value to repeatedly write + * @member: struct member to start writing at + * + * Note that if there is padding between the prior member and the target + * member, memset_after() should be used to clear the prior padding. + */ +#define memset_startat(obj, v, member) \ +({ \ + u8 *__ptr = (u8 *)(obj); \ + typeof(v) __val = (v); \ + memset(__ptr + offsetof(typeof(*(obj)), member), __val, \ + sizeof(*(obj)) - offsetof(typeof(*(obj)), member)); \ +}) + +/** * str_has_prefix - Test if a string has a given prefix * @str: The string to test * @prefix: The string to see if @str starts with diff -ruw linux-5.15.42/include/linux/tcp.h linux-5.15.42-fbx/include/linux/tcp.h --- linux-5.15.42/include/linux/tcp.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/tcp.h 2024-04-22 14:46:57.636260680 +0200 @@ -225,7 +225,8 @@ u8 compressed_ack; u8 dup_ack_counter:2, tlp_retrans:1, /* TLP is a retransmission */ - unused:5; + linear_rto:1, + unused:4; u32 chrono_start; /* Start time in jiffies of a TCP chrono */ u32 chrono_stat[3]; /* Time in jiffies for chrono_stat stats */ u8 chrono_type:2, /* current chronograph type */ diff -ruw linux-5.15.42/include/linux/thermal.h linux-5.15.42-fbx/include/linux/thermal.h --- linux-5.15.42/include/linux/thermal.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/thermal.h 2024-04-22 14:46:57.636260680 +0200 @@ -376,6 +376,9 @@ struct thermal_cooling_device *thermal_cooling_device_register(const char *, void *, const struct thermal_cooling_device_ops *); +struct thermal_cooling_device *thermal_cooling_device_register_with_parent( + struct device *pdev, const char *, void *, + const struct thermal_cooling_device_ops *); struct thermal_cooling_device * thermal_of_cooling_device_register(struct device_node *np, const char *, void *, const struct thermal_cooling_device_ops *); diff -ruw linux-5.15.42/include/linux/vmalloc.h linux-5.15.42-fbx/include/linux/vmalloc.h --- linux-5.15.42/include/linux/vmalloc.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/linux/vmalloc.h 2024-04-22 14:46:57.652261117 +0200 @@ -151,6 +151,8 @@ extern void *vmalloc_32(unsigned long size); extern void *vmalloc_32_user(unsigned long size); extern void *__vmalloc(unsigned long size, gfp_t gfp_mask); +extern void *__vmalloc_pgprot(unsigned long size, gfp_t gfp_mask, + pgprot_t prot); extern void *__vmalloc_node_range(unsigned long size, unsigned long align, unsigned long start, unsigned long end, gfp_t gfp_mask, pgprot_t prot, unsigned long vm_flags, int node, diff -ruw linux-5.15.42/include/media/dvb-usb-ids.h linux-5.15.42-fbx/include/media/dvb-usb-ids.h --- linux-5.15.42/include/media/dvb-usb-ids.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/media/dvb-usb-ids.h 2024-04-22 14:46:57.660261335 +0200 @@ -118,6 +118,7 @@ #define USB_PID_DELOCK_USB2_DVBT 0xb803 #define USB_PID_DIBCOM_HOOK_DEFAULT 0x0064 #define USB_PID_DIBCOM_HOOK_DEFAULT_REENUM 0x0065 +#define USB_PID_DIBCOM_HOOK_DEFAULT_STK7770P 0x0066 #define USB_PID_DIBCOM_MOD3000_COLD 0x0bb8 #define USB_PID_DIBCOM_MOD3000_WARM 0x0bb9 #define USB_PID_DIBCOM_MOD3001_COLD 0x0bc6 diff -ruw linux-5.15.42/include/net/bluetooth/hci.h linux-5.15.42-fbx/include/net/bluetooth/hci.h --- linux-5.15.42/include/net/bluetooth/hci.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/net/bluetooth/hci.h 2024-04-22 14:46:57.668261554 +0200 @@ -247,6 +247,13 @@ */ HCI_QUIRK_NO_SUSPEND_NOTIFIER, + /* When this quirk is set, max_page for local extended features + * is set to 1, even if controller reports higher number. Some + * controllers (e.g. RTL8723CS) report more pages, but they + * don't actually support features declared there. + */ + HCI_QUIRK_BROKEN_LOCAL_EXT_FTR_MAX_PAGE, + /* * When this quirk is set, LE tx power is not queried on startup * and the min/max tx power values default to HCI_TX_POWER_INVALID. diff -ruw linux-5.15.42/include/net/cfg80211.h linux-5.15.42-fbx/include/net/cfg80211.h --- linux-5.15.42/include/net/cfg80211.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/net/cfg80211.h 2024-04-22 14:46:57.672261663 +0200 @@ -109,6 +109,14 @@ * on this channel. * @IEEE80211_CHAN_16MHZ: 16 MHz bandwidth is permitted * on this channel. + * @IEEE80211_CHAN_NO_320MHZ: If the driver supports 320 MHz on the band, + * this flag indicates that a 320 MHz channel cannot use this + * channel as the control or any of the secondary channels. + * This may be due to the driver or due to regulatory bandwidth + * restrictions. + * @IEEE80211_CHAN_NO_EHT: EHT operation is not permitted on this channel. + * @IEEE80211_CHAN_PSD: power spectral density (in dBm) + * on this channel. * */ enum ieee80211_channel_flags { @@ -131,12 +139,16 @@ IEEE80211_CHAN_4MHZ = 1<<16, IEEE80211_CHAN_8MHZ = 1<<17, IEEE80211_CHAN_16MHZ = 1<<18, + IEEE80211_CHAN_NO_320MHZ = 1<<19, + IEEE80211_CHAN_NO_EHT = 1<<20, + IEEE80211_CHAN_PSD = 1<<21, }; #define IEEE80211_CHAN_NO_HT40 \ (IEEE80211_CHAN_NO_HT40PLUS | IEEE80211_CHAN_NO_HT40MINUS) #define IEEE80211_DFS_MIN_CAC_TIME_MS 60000 +#define IEEE80211_DFS_WEATHER_MIN_CAC_TIME_MS 600000 #define IEEE80211_DFS_MIN_NOP_TIME_MS (30 * 60 * 1000) /** @@ -164,6 +176,7 @@ * on this channel. * @dfs_state_entered: timestamp (jiffies) when the dfs state was entered. * @dfs_cac_ms: DFS CAC time in milliseconds, this is valid for DFS channels. + * @psd: power spectral density (in dBm) */ struct ieee80211_channel { enum nl80211_band band; @@ -180,6 +193,7 @@ enum nl80211_dfs_state dfs_state; unsigned long dfs_state_entered; unsigned int dfs_cac_ms; + s8 psd; }; /** @@ -361,6 +375,48 @@ }; /** + * struct ieee80211_eht_mcs_nss_supp - EHT max supported NSS per MCS + * + * See P802.11be_D1.3 Table 9-401k - "Subfields of the Supported EHT-MCS + * and NSS Set field" + * + * @only_20mhz: MCS/NSS support for 20 MHz-only STA. + * @bw._80: MCS/NSS support for BW <= 80 MHz + * @bw._160: MCS/NSS support for BW = 160 MHz + * @bw._320: MCS/NSS support for BW = 320 MHz + */ +struct ieee80211_eht_mcs_nss_supp { + union { + struct ieee80211_eht_mcs_nss_supp_20mhz_only only_20mhz; + struct { + struct ieee80211_eht_mcs_nss_supp_bw _80; + struct ieee80211_eht_mcs_nss_supp_bw _160; + struct ieee80211_eht_mcs_nss_supp_bw _320; + } __packed bw; + } __packed; +} __packed; + +#define IEEE80211_EHT_PPE_THRES_MAX_LEN 32 + +/** + * struct ieee80211_sta_eht_cap - STA's EHT capabilities + * + * This structure describes most essential parameters needed + * to describe 802.11be EHT capabilities for a STA. + * + * @has_eht: true iff EHT data is valid. + * @eht_cap_elem: Fixed portion of the eht capabilities element. + * @eht_mcs_nss_supp: The supported NSS/MCS combinations. + * @eht_ppe_thres: Holds the PPE Thresholds data. + */ +struct ieee80211_sta_eht_cap { + bool has_eht; + struct ieee80211_eht_cap_elem_fixed eht_cap_elem; + struct ieee80211_eht_mcs_nss_supp eht_mcs_nss_supp; + u8 eht_ppe_thres[IEEE80211_EHT_PPE_THRES_MAX_LEN]; +}; + +/** * struct ieee80211_sband_iftype_data - sband data per interface type * * This structure encapsulates sband data that is relevant for the @@ -379,6 +435,7 @@ u16 types_mask; struct ieee80211_sta_he_cap he_cap; struct ieee80211_he_6ghz_capa he_6ghz_capa; + struct ieee80211_sta_eht_cap eht_cap; struct { const u8 *data; unsigned int len; @@ -562,6 +619,26 @@ } /** + * ieee80211_get_eht_iftype_cap - return ETH capabilities for an sband's iftype + * @sband: the sband to search for the iftype on + * @iftype: enum nl80211_iftype + * + * Return: pointer to the struct ieee80211_sta_eht_cap, or NULL is none found + */ +static inline const struct ieee80211_sta_eht_cap * +ieee80211_get_eht_iftype_cap(const struct ieee80211_supported_band *sband, + enum nl80211_iftype iftype) +{ + const struct ieee80211_sband_iftype_data *data = + ieee80211_get_sband_iftype_data(sband, iftype); + + if (data && data->eht_cap.has_eht) + return &data->eht_cap; + + return NULL; +} + +/** * wiphy_read_of_freq_limits - read frequency limits from device tree * * @wiphy: the wireless device to get extra limits for @@ -740,6 +817,22 @@ }; /** + * struct cfg80211_fils_aad - FILS AAD data + * @macaddr: STA MAC address + * @kek: FILS KEK + * @kek_len: FILS KEK length + * @snonce: STA Nonce + * @anonce: AP Nonce + */ +struct cfg80211_fils_aad { + const u8 *macaddr; + const u8 *kek; + u8 kek_len; + const u8 *snonce; + const u8 *anonce; +}; + +/** * cfg80211_get_chandef_type - return old channel type from chandef * @chandef: the channel definition * @@ -1041,6 +1134,36 @@ }; /** + * struct cfg80211_mbssid_config - AP settings for multi bssid + * + * @tx_wdev: pointer to the transmitted interface in the MBSSID set + * @index: index of this AP in the multi bssid group. + * @ema: set to true if the beacons should be sent out in EMA mode. + */ +struct cfg80211_mbssid_config { + struct wireless_dev *tx_wdev; + u8 index; + bool ema; +}; + +/** + * struct cfg80211_mbssid_elems - Multiple BSSID elements + * + * @cnt: Number of elements in array %elems. + * + * @elem: Array of multiple BSSID element(s) to be added into Beacon frames. + * @elem.data: Data for multiple BSSID elements. + * @elem.len: Length of data. + */ +struct cfg80211_mbssid_elems { + u8 cnt; + struct { + const u8 *data; + size_t len; + } elem[]; +}; + +/** * struct cfg80211_beacon_data - beacon data * @head: head portion of beacon (before TIM IE) * or %NULL if not changed @@ -1058,6 +1181,7 @@ * @assocresp_ies_len: length of assocresp_ies in octets * @probe_resp_len: length of probe response template (@probe_resp) * @probe_resp: probe response template (AP mode only) + * @mbssid_ies: multiple BSSID elements * @ftm_responder: enable FTM responder functionality; -1 for no change * (which also implies no change in LCI/civic location data) * @lci: Measurement Report element content, starting with Measurement Token @@ -1075,6 +1199,7 @@ const u8 *probe_resp; const u8 *lci; const u8 *civicloc; + struct cfg80211_mbssid_elems *mbssid_ies; s8 ftm_responder; size_t head_len, tail_len; @@ -1140,17 +1265,6 @@ }; /** - * enum cfg80211_ap_settings_flags - AP settings flags - * - * Used by cfg80211_ap_settings - * - * @AP_SETTINGS_EXTERNAL_AUTH_SUPPORT: AP supports external authentication - */ -enum cfg80211_ap_settings_flags { - AP_SETTINGS_EXTERNAL_AUTH_SUPPORT = BIT(0), -}; - -/** * struct cfg80211_ap_settings - AP configuration * * Used to configure an AP interface. @@ -1189,6 +1303,7 @@ * @he_oper: HE operation IE (or %NULL if HE isn't enabled) * @fils_discovery: FILS discovery transmission parameters * @unsol_bcast_probe_resp: Unsolicited broadcast probe response parameters + * @mbssid_config: AP settings for multiple bssid */ struct cfg80211_ap_settings { struct cfg80211_chan_def chandef; @@ -1221,6 +1336,7 @@ struct cfg80211_he_bss_color he_bss_color; struct cfg80211_fils_discovery fils_discovery; struct cfg80211_unsol_bcast_probe_resp unsol_bcast_probe_resp; + struct cfg80211_mbssid_config mbssid_config; }; /** @@ -1378,6 +1494,8 @@ * @airtime_weight: airtime scheduler weight for this station * @txpwr: transmit power for an associated station * @he_6ghz_capa: HE 6 GHz Band capabilities of station + * @eht_capa: EHT capabilities of station + * @eht_capa_len: the length of the EHT capabilities */ struct station_parameters { const u8 *supported_rates; @@ -1411,6 +1529,8 @@ u16 airtime_weight; struct sta_txpwr txpwr; const struct ieee80211_he_6ghz_capa *he_6ghz_capa; + const struct ieee80211_eht_cap_elem *eht_capa; + u8 eht_capa_len; }; /** @@ -1488,6 +1608,7 @@ * @RATE_INFO_FLAGS_HE_MCS: HE MCS information * @RATE_INFO_FLAGS_EDMG: 60GHz MCS in EDMG mode * @RATE_INFO_FLAGS_EXTENDED_SC_DMG: 60GHz extended SC MCS + * @RATE_INFO_FLAGS_EHT_MCS: EHT MCS information */ enum rate_info_flags { RATE_INFO_FLAGS_MCS = BIT(0), @@ -1497,6 +1618,7 @@ RATE_INFO_FLAGS_HE_MCS = BIT(4), RATE_INFO_FLAGS_EDMG = BIT(5), RATE_INFO_FLAGS_EXTENDED_SC_DMG = BIT(6), + RATE_INFO_FLAGS_EHT_MCS = BIT(7), }; /** @@ -1511,6 +1633,8 @@ * @RATE_INFO_BW_80: 80 MHz bandwidth * @RATE_INFO_BW_160: 160 MHz bandwidth * @RATE_INFO_BW_HE_RU: bandwidth determined by HE RU allocation + * @RATE_INFO_BW_320: 320 MHz bandwidth + * @RATE_INFO_BW_EHT_RU: bandwidth determined by EHT RU allocation */ enum rate_info_bw { RATE_INFO_BW_20 = 0, @@ -1520,6 +1644,8 @@ RATE_INFO_BW_80, RATE_INFO_BW_160, RATE_INFO_BW_HE_RU, + RATE_INFO_BW_320, + RATE_INFO_BW_EHT_RU, }; /** @@ -1537,6 +1663,9 @@ * @he_ru_alloc: HE RU allocation (from &enum nl80211_he_ru_alloc, * only valid if bw is %RATE_INFO_BW_HE_RU) * @n_bonded_ch: In case of EDMG the number of bonded channels (1-4) + * @eht_gi: EHT guard interval (from &enum nl80211_eht_gi) + * @eht_ru_alloc: EHT RU allocation (from &enum nl80211_eht_ru_alloc, + * only valid if bw is %RATE_INFO_BW_EHT_RU) */ struct rate_info { u8 flags; @@ -1548,6 +1677,8 @@ u8 he_dcm; u8 he_ru_alloc; u8 n_bonded_ch; + u8 eht_gi; + u8 eht_ru_alloc; }; /** @@ -1918,6 +2049,15 @@ int generation; }; +#define MPLINK_DUMP_MAX_BLOCKED_ENTRIES 216 /* 216/6 = 36 entries */ +/** + * struct mplink_blocked_info - mesh peer link blocked info + */ +struct mplink_blocked_info { + u8 count; + u8 info[MPLINK_DUMP_MAX_BLOCKED_ENTRIES]; +}; + /** * struct bss_parameters - BSS parameters * @@ -2113,6 +2253,17 @@ }; /** + * struct mesh_setup - 802.11s mesh setup configuration + * @ie: vendor information elements + * @ie_len: length of vendor information elements + * These parameters are updated peroidically after mesh creation. + */ +struct mesh_vendor_ie { + const u8 *ie; + u8 ie_len; +}; + +/** * struct ocb_setup - 802.11p OCB mode setup configuration * @chandef: defines the channel to use * @@ -2565,7 +2716,7 @@ */ static inline const u8 *ieee80211_bss_get_ie(struct cfg80211_bss *bss, u8 id) { - return (void *)ieee80211_bss_get_elem(bss, id); + return (const void *)ieee80211_bss_get_elem(bss, id); } @@ -4018,6 +4169,19 @@ * @set_sar_specs: Update the SAR (TX power) settings. * * @color_change: Initiate a color change. + * + * @set_fils_aad: Set FILS AAD data to the AP driver so that the driver can use + * those to decrypt (Re)Association Request and encrypt (Re)Association + * Response frame. + * + * @set_radar_background: Configure dedicated offchannel chain available for + * radar/CAC detection on some hw. This chain can't be used to transmit + * or receive frames and it is bounded to a running wdev. + * Background radar/CAC detection allows to avoid the CAC downtime + * switching to a different channel during CAC detection on the selected + * radar channel. + * The caller is expected to set chandef pointer to NULL in order to + * disable background CAC/radar detection. */ struct cfg80211_ops { int (*suspend)(struct wiphy *wiphy, struct cfg80211_wowlan *wow); @@ -4348,6 +4512,13 @@ int (*color_change)(struct wiphy *wiphy, struct net_device *dev, struct cfg80211_color_change_settings *params); + int (*set_fils_aad)(struct wiphy *wiphy, struct net_device *dev, + struct cfg80211_fils_aad *fils_aad); + int (*set_radar_offchan)(struct wiphy *wiphy, + struct cfg80211_chan_def *chandef); + int (*set_radar_background)(struct wiphy *wiphy, + struct cfg80211_chan_def *chandef); + int (*get_avg_busy_time)(struct wiphy *wiphy, struct net_device *dev); }; /* @@ -4981,6 +5152,13 @@ * %NL80211_TID_CONFIG_ATTR_RETRY_LONG attributes * @sar_capa: SAR control capabilities * @rfkill: a pointer to the rfkill structure + * + * @mbssid_max_interfaces: maximum number of interfaces supported by the driver + * in a multiple BSSID set. This field must be set to a non-zero value + * by the driver to advertise MBSSID support. + * @ema_max_profile_periodicity: maximum profile periodicity supported by + * the driver. Setting this field to a non-zero value indicates that the + * driver supports enhanced multi-BSSID advertisements (EMA AP). */ struct wiphy { struct mutex mtx; @@ -5125,6 +5303,9 @@ struct rfkill *rfkill; + u8 mbssid_max_interfaces; + u8 ema_max_profile_periodicity; + char priv[] __aligned(NETDEV_ALIGN); }; @@ -5490,7 +5671,7 @@ unsigned long unprot_beacon_reported; }; -static inline u8 *wdev_address(struct wireless_dev *wdev) +static inline const u8 *wdev_address(struct wireless_dev *wdev) { if (wdev->netdev) return wdev->netdev->dev_addr; @@ -5904,7 +6085,7 @@ (!match_len && match_offset))) return NULL; - return (void *)cfg80211_find_elem_match(eid, ies, len, + return (const void *)cfg80211_find_elem_match(eid, ies, len, match, match_len, match_offset ? match_offset - 2 : 0); @@ -6033,7 +6214,7 @@ cfg80211_find_vendor_ie(unsigned int oui, int oui_type, const u8 *ies, unsigned int len) { - return (void *)cfg80211_find_vendor_elem(oui, oui_type, ies, len); + return (const void *)cfg80211_find_vendor_elem(oui, oui_type, ies, len); } /** @@ -6344,6 +6525,19 @@ }; /** + * cfg80211_get_ies_channel_number - returns the channel number from ies + * @ie: IEs + * @ielen: length of IEs + * @band: enum nl80211_band of the channel + * @ftype: frame type + * + * Returns the channel number, or -1 if none could be determined. + */ +int cfg80211_get_ies_channel_number(const u8 *ie, size_t ielen, + enum nl80211_band band, + enum cfg80211_bss_frame_type ftype); + +/** * cfg80211_inform_bss_data - inform cfg80211 of a new BSS * * @wiphy: the wiphy reporting the BSS @@ -7517,15 +7711,33 @@ void cfg80211_cqm_beacon_loss_notify(struct net_device *dev, gfp_t gfp); /** - * cfg80211_radar_event - radar detection event + * __cfg80211_radar_event - radar detection event * @wiphy: the wiphy * @chandef: chandef for the current channel + * @offchan: the radar has been detected on the offchannel chain * @gfp: context flags * * This function is called when a radar is detected on the current chanenl. */ -void cfg80211_radar_event(struct wiphy *wiphy, - struct cfg80211_chan_def *chandef, gfp_t gfp); +void __cfg80211_radar_event(struct wiphy *wiphy, + struct cfg80211_chan_def *chandef, + bool offchan, gfp_t gfp); + +static inline void +cfg80211_radar_event(struct wiphy *wiphy, + struct cfg80211_chan_def *chandef, + gfp_t gfp) +{ + __cfg80211_radar_event(wiphy, chandef, false, gfp); +} + +static inline void +cfg80211_background_radar_event(struct wiphy *wiphy, + struct cfg80211_chan_def *chandef, + gfp_t gfp) +{ + __cfg80211_radar_event(wiphy, chandef, true, gfp); +} /** * cfg80211_sta_opmode_change_notify - STA's ht/vht operation mode change event @@ -7556,6 +7768,14 @@ const struct cfg80211_chan_def *chandef, enum nl80211_radar_event event, gfp_t gfp); +/** + * cfg80211_background_cac_abort - Channel Availability Check offchan abort event + * @wiphy: the wiphy + * + * This function is called by the driver when a Channel Availability Check + * (CAC) is aborted by a offchannel dedicated chain. + */ +void cfg80211_background_cac_abort(struct wiphy *wiphy); /** * cfg80211_gtk_rekey_notify - notify userspace about driver rekeying @@ -8173,6 +8393,18 @@ bool is_4addr, u8 check_swif); +/** + * cfg80211_assoc_comeback - notification of association that was + * temporarly rejected with a comeback + * @netdev: network device + * @bss: the bss entry with which association is in progress. + * @timeout: timeout interval value TUs. + * + * this function may sleep. the caller must hold the corresponding wdev's mutex. + */ +void cfg80211_assoc_comeback(struct net_device *netdev, + struct cfg80211_bss *bss, u32 timeout); + /* Logging, debugging and troubleshooting/diagnostic helpers. */ /* wiphy_printk helpers, similar to dev_printk */ @@ -8262,7 +8494,7 @@ static inline int cfg80211_obss_color_collision_notify(struct net_device *dev, u64 color_bitmap) { - return cfg80211_bss_color_notify(dev, GFP_KERNEL, + return cfg80211_bss_color_notify(dev, GFP_ATOMIC, NL80211_CMD_OBSS_COLOR_COLLISION, 0, color_bitmap); } diff -ruw linux-5.15.42/include/net/dsa.h linux-5.15.42-fbx/include/net/dsa.h --- linux-5.15.42/include/net/dsa.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/net/dsa.h 2024-04-22 14:46:57.676261773 +0200 @@ -51,6 +51,7 @@ #define DSA_TAG_PROTO_SEVILLE_VALUE 21 #define DSA_TAG_PROTO_BRCM_LEGACY_VALUE 22 #define DSA_TAG_PROTO_SJA1110_VALUE 23 +#define DSA_TAG_PROTO_BRCM_FBX_VALUE 24 enum dsa_tag_protocol { DSA_TAG_PROTO_NONE = DSA_TAG_PROTO_NONE_VALUE, @@ -77,6 +78,7 @@ DSA_TAG_PROTO_OCELOT_8021Q = DSA_TAG_PROTO_OCELOT_8021Q_VALUE, DSA_TAG_PROTO_SEVILLE = DSA_TAG_PROTO_SEVILLE_VALUE, DSA_TAG_PROTO_SJA1110 = DSA_TAG_PROTO_SJA1110_VALUE, + DSA_TAG_PROTO_BRCM_FBX = DSA_TAG_PROTO_BRCM_FBX_VALUE, }; struct dsa_switch; @@ -242,6 +244,8 @@ DSA_PORT_TYPE_DSA, DSA_PORT_TYPE_USER, } type; + bool is_def_cpu_port; + struct device_node *force_cpu_dn; struct dsa_switch *ds; unsigned int index; diff -ruw linux-5.15.42/include/net/ip.h linux-5.15.42-fbx/include/net/ip.h --- linux-5.15.42/include/net/ip.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/net/ip.h 2024-04-22 14:46:57.680261882 +0200 @@ -706,6 +706,20 @@ #endif /* + * Functions provided by ip_ffn.c + */ + +enum { + IP_FFN_FINISH_OUT, + IP_FFN_LOCAL_IN, +}; + +extern void ip_ffn_init(void); +extern int ip_ffn_process(struct sk_buff *skb); +extern void ip_ffn_add(struct sk_buff *skb, int when); +extern void ip_ffn_flush_all(void); + +/* * Functions provided by ip_forward.c */ diff -ruw linux-5.15.42/include/net/ip6_tunnel.h linux-5.15.42-fbx/include/net/ip6_tunnel.h --- linux-5.15.42/include/net/ip6_tunnel.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/net/ip6_tunnel.h 2024-04-22 14:46:57.680261882 +0200 @@ -18,6 +18,18 @@ /* determine capability on a per-packet basis */ #define IP6_TNL_F_CAP_PER_PACKET 0x40000 +/* IPv6 tunnel FMR */ +struct __ip6_tnl_fmr { + struct __ip6_tnl_fmr *next; /* next fmr in list */ + struct in6_addr ip6_prefix; + struct in_addr ip4_prefix; + + __u8 ip6_prefix_len; + __u8 ip4_prefix_len; + __u8 ea_len; + __u8 offset; +}; + struct __ip6_tnl_parm { char name[IFNAMSIZ]; /* name of tunnel device */ int link; /* ifindex of underlying L2 interface */ @@ -29,6 +41,7 @@ __u32 flags; /* tunnel flags */ struct in6_addr laddr; /* local tunnel end-point address */ struct in6_addr raddr; /* remote tunnel end-point address */ + struct __ip6_tnl_fmr *fmrs; /* FMRs */ __be16 i_flags; __be16 o_flags; diff -ruw linux-5.15.42/include/net/ipv6.h linux-5.15.42-fbx/include/net/ipv6.h --- linux-5.15.42/include/net/ipv6.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/net/ipv6.h 2024-04-22 14:46:57.684261991 +0200 @@ -1054,6 +1054,7 @@ int ip6_output(struct net *net, struct sock *sk, struct sk_buff *skb); int ip6_forward(struct sk_buff *skb); int ip6_input(struct sk_buff *skb); +int ip6_input_finish(struct net *net, struct sock *sk, struct sk_buff *skb); int ip6_mc_input(struct sk_buff *skb); void ip6_protocol_deliver_rcu(struct net *net, struct sk_buff *skb, int nexthdr, bool have_final); @@ -1277,4 +1278,18 @@ release_sock(sk); } +/* + * Functions provided by ipv6_ffn.c + */ + +enum { + IPV6_FFN_FINISH_OUT, + IPV6_FFN_LOCAL_IN, +}; + +extern void ipv6_ffn_init(void); +extern int ipv6_ffn_process(struct sk_buff *skb); +extern void ipv6_ffn_add(struct sk_buff *skb, int when); +extern void ipv6_ffn_flush_all(void); + #endif /* _NET_IPV6_H */ diff -ruw linux-5.15.42/include/net/mac80211.h linux-5.15.42-fbx/include/net/mac80211.h --- linux-5.15.42/include/net/mac80211.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/net/mac80211.h 2024-04-22 14:46:57.688262100 +0200 @@ -7,7 +7,7 @@ * Copyright 2007-2010 Johannes Berg * Copyright 2013-2014 Intel Mobile Communications GmbH * Copyright (C) 2015 - 2017 Intel Deutschland GmbH - * Copyright (C) 2018 - 2021 Intel Corporation + * Copyright (C) 2018 - 2022 Intel Corporation */ #ifndef MAC80211_H @@ -632,6 +632,11 @@ * @s1g: BSS is S1G BSS (affects Association Request format). * @beacon_tx_rate: The configured beacon transmit rate that needs to be passed * to driver when rate control is offloaded to firmware. + * @power_type: power type of BSS for 6 GHz + * @tx_pwr_env: transmit power envelope array of BSS. + * @tx_pwr_env_num: number of @tx_pwr_env. + * @pwr_reduction: power constraint of BSS. + * @eht_support: does this BSS support EHT */ struct ieee80211_bss_conf { const u8 *bssid; @@ -702,6 +707,11 @@ u32 unsol_bcast_probe_resp_interval; bool s1g; struct cfg80211_bitrate_mask beacon_tx_rate; + enum ieee80211_ap_reg_power power_type; + struct ieee80211_tx_pwr_env tx_pwr_env[IEEE80211_TPE_MAX_IE_COUNT]; + u8 tx_pwr_env_num; + u8 pwr_reduction; + bool eht_support; }; /** @@ -875,6 +885,17 @@ IEEE80211_TX_CTRL_DONT_REORDER = BIT(8), }; +/** + * enum mac80211_tx_status_flags - flags to describe transmit status + * + * @IEEE80211_TX_STATUS_ACK_SIGNAL_VALID: ACK signal is valid + * + * These flags are used in tx_info->status.flags. + */ +enum mac80211_tx_status_flags { + IEEE80211_TX_STATUS_ACK_SIGNAL_VALID = BIT(0), +}; + /* * This definition is used as a mask to clear all temporary flags, which are * set by the tx handlers for each transmission attempt by the mac80211 stack. @@ -1038,7 +1059,7 @@ * @status.antenna: (legacy, kept only for iwlegacy) * @status.tx_time: airtime consumed for transmission; note this is only * used for WMM AC, not for airtime fairness - * @status.is_valid_ack_signal: ACK signal is valid + * @status.flags: status flags, see &enum mac80211_tx_status_flags * @status.status_driver_data: driver use area * @ack: union part for pure ACK data * @ack.cookie: cookie for the ACK @@ -1091,8 +1112,8 @@ u8 ampdu_len; u8 antenna; u16 tx_time; - bool is_valid_ack_signal; - void *status_driver_data[19 / sizeof(void *)]; + u8 flags; + void *status_driver_data[18 / sizeof(void *)]; } status; struct { struct ieee80211_tx_rate driver_rates[ @@ -1197,12 +1218,7 @@ /* clear the rate counts */ for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) info->status.rates[i].count = 0; - - BUILD_BUG_ON( - offsetof(struct ieee80211_tx_info, status.ack_signal) != 20); - memset(&info->status.ampdu_ack_len, 0, - sizeof(struct ieee80211_tx_info) - - offsetof(struct ieee80211_tx_info, status.ampdu_ack_len)); + memset_after(&info->status, 0, rates); } @@ -1715,6 +1731,7 @@ * write-protected by sdata_lock and local->mtx so holding either is fine * for read access. * @color_change_color: the bss color that will be used after the change. + * @mbssid_tx_vif: Pointer to the transmitting interface if MBSSID is enabled. */ struct ieee80211_vif { enum nl80211_iftype type; @@ -1746,6 +1763,8 @@ bool color_change_active; u8 color_change_color; + struct ieee80211_vif *mbssid_tx_vif; + /* must be last */ u8 drv_priv[] __aligned(sizeof(void *)); }; @@ -1988,6 +2007,7 @@ * @IEEE80211_STA_RX_BW_80: station can receive up to 80 MHz * @IEEE80211_STA_RX_BW_160: station can receive up to 160 MHz * (including 80+80 MHz) + * @IEEE80211_STA_RX_BW_320: station can receive up to 320 MHz * * Implementation note: 20 must be zero to be initialized * correctly, the values must be sorted. @@ -1997,6 +2017,7 @@ IEEE80211_STA_RX_BW_40, IEEE80211_STA_RX_BW_80, IEEE80211_STA_RX_BW_160, + IEEE80211_STA_RX_BW_320, }; /** @@ -2052,6 +2073,7 @@ * @vht_cap: VHT capabilities of this STA; restricted to our own capabilities * @he_cap: HE capabilities of this STA * @he_6ghz_capa: on 6 GHz, holds the HE 6 GHz band capabilities + * @eht_cap: EHT capabilities of this STA * @max_rx_aggregation_subframes: maximal amount of frames in a single AMPDU * that this station is allowed to transmit to us. * Can be modified by driver. @@ -2092,6 +2114,7 @@ struct ieee80211_sta_vht_cap vht_cap; struct ieee80211_sta_he_cap he_cap; struct ieee80211_he_6ghz_capa he_6ghz_capa; + struct ieee80211_sta_eht_cap eht_cap; u16 max_rx_aggregation_subframes; bool wme; u8 uapsd_queues; @@ -2467,6 +2490,8 @@ IEEE80211_HW_SUPPORTS_RX_DECAP_OFFLOAD, IEEE80211_HW_SUPPORTS_CONC_MON_RX_DECAP, + IEEE80211_HW_APVLAN_NEED_MCAST_TO_UCAST, + /* keep last, obviously */ NUM_IEEE80211_HW_FLAGS }; @@ -3933,6 +3958,16 @@ * twt structure. * @twt_teardown_request: Update the hw with TWT teardown request received * from the peer. + * @set_radar_background: Configure dedicated offchannel chain available for + * radar/CAC detection on some hw. This chain can't be used to transmit + * or receive frames and it is bounded to a running wdev. + * Background radar/CAC detection allows to avoid the CAC downtime + * switching to a different channel during CAC detection on the selected + * radar channel. + * The caller is expected to set chandef pointer to NULL in order to + * disable background CAC/radar detection. + * @net_fill_forward_path: Called from .ndo_fill_forward_path in order to + * resolve a path for hardware flow offloading */ struct ieee80211_ops { void (*tx)(struct ieee80211_hw *hw, @@ -3940,6 +3975,8 @@ struct sk_buff *skb); int (*start)(struct ieee80211_hw *hw); void (*stop)(struct ieee80211_hw *hw); + int (*set_powered)(struct ieee80211_hw *hw); + int (*get_powered)(struct ieee80211_hw *hw, bool *up, bool *busy); #ifdef CONFIG_PM int (*suspend)(struct ieee80211_hw *hw, struct cfg80211_wowlan *wowlan); int (*resume)(struct ieee80211_hw *hw); @@ -4261,6 +4298,13 @@ struct ieee80211_twt_setup *twt); void (*twt_teardown_request)(struct ieee80211_hw *hw, struct ieee80211_sta *sta, u8 flowid); + int (*set_radar_background)(struct ieee80211_hw *hw, + struct cfg80211_chan_def *chandef); + int (*net_fill_forward_path)(struct ieee80211_hw *hw, + struct ieee80211_vif *vif, + struct ieee80211_sta *sta, + struct net_device_path_ctx *ctx, + struct net_device_path *path); }; /** @@ -4908,12 +4952,14 @@ * @cntdwn_counter_offs: array of IEEE80211_MAX_CNTDWN_COUNTERS_NUM offsets * to countdown counters. This array can contain zero values which * should be ignored. + * @mbssid_off: position of the multiple bssid element */ struct ieee80211_mutable_offsets { u16 tim_offset; u16 tim_length; u16 cntdwn_counter_offs[IEEE80211_MAX_CNTDWN_COUNTERS_NUM]; + u16 mbssid_off; }; /** @@ -5591,6 +5637,9 @@ * This function iterates over the interfaces associated with a given * hardware that are currently active and calls the callback for them. * This version can only be used while holding the wiphy mutex. + * The driver must not call this with a lock held that it can also take in + * response to callbacks from mac80211, and it must not call this within + * callbacks made by mac80211 - both would result in deadlocks. * * @hw: the hardware struct of which the interfaces should be iterated over * @iter_flags: iteration flags, see &enum ieee80211_interface_iteration_flags @@ -5605,6 +5654,24 @@ void *data); /** + * ieee80211_iterate_stations - iterate stations + * + * This function iterates over all stations associated with a given + * hardware that are currently uploaded to the driver and calls the callback + * function for them. + * This function allows the iterator function to sleep, when the iterator + * function is atomic @ieee80211_iterate_stations_atomic can be used. + * + * @hw: the hardware struct of which the interfaces should be iterated over + * @iterator: the iterator function to call, cannot sleep + * @data: first argument of the iterator function + */ +void ieee80211_iterate_stations(struct ieee80211_hw *hw, + void (*iterator)(void *data, + struct ieee80211_sta *sta), + void *data); + +/** * ieee80211_iterate_stations_atomic - iterate stations * * This function iterates over all stations associated with a given @@ -6010,6 +6077,16 @@ void ieee80211_resume_disconnect(struct ieee80211_vif *vif); /** + * ieee80211_hw_restart_disconnect - disconnect from AP after + * hardware restart + * @vif: &struct ieee80211_vif pointer from the add_interface callback. + * + * Instructs mac80211 to disconnect from the AP after + * hardware restart. + */ +void ieee80211_hw_restart_disconnect(struct ieee80211_vif *vif); + +/** * ieee80211_cqm_rssi_notify - inform a configured connection quality monitoring * rssi threshold triggered * @@ -6053,6 +6130,18 @@ void ieee80211_chswitch_done(struct ieee80211_vif *vif, bool success); /** + * ieee80211_channel_switch_disconnect - disconnect due to channel switch error + * @vif &struct ieee80211_vif pointer from the add_interface callback. + * @block_tx: if %true, do not send deauth frame. + * + * Instruct mac80211 to disconnect due to a channel switch error. The channel + * switch can request to block the tx and so, we need to make sure we do not send + * a deauth frame in this case. + */ +void ieee80211_channel_switch_disconnect(struct ieee80211_vif *vif, + bool block_tx); + +/** * ieee80211_request_smps - request SM PS transition * @vif: &struct ieee80211_vif pointer from the add_interface callback. * @smps_mode: new SM PS mode @@ -6125,6 +6214,13 @@ void ieee80211_send_bar(struct ieee80211_vif *vif, u8 *ra, u16 tid, u16 ssn); /** + * same as ieee80211_send_bar but for given STA, allow sending to a + * STA on AP_VLAN and get a valid control->sta in the driver + */ +void ieee80211_send_bar_sta(struct ieee80211_sta *pubsta, + u16 tid, u16 ssn); + +/** * ieee80211_manage_rx_ba_offl - helper to queue an RX BA work * @vif: &struct ieee80211_vif pointer from the add_interface callback * @addr: station mac address @@ -6634,6 +6730,9 @@ { } +void __ieee80211_schedule_txq(struct ieee80211_hw *hw, + struct ieee80211_txq *txq, bool force); + /** * ieee80211_schedule_txq - schedule a TXQ for transmission * @@ -6646,7 +6745,11 @@ * The driver may call this function if it has buffered packets for * this TXQ internally. */ -void ieee80211_schedule_txq(struct ieee80211_hw *hw, struct ieee80211_txq *txq); +static inline void +ieee80211_schedule_txq(struct ieee80211_hw *hw, struct ieee80211_txq *txq) +{ + __ieee80211_schedule_txq(hw, txq, true); +} /** * ieee80211_return_txq - return a TXQ previously acquired by ieee80211_next_txq() @@ -6658,8 +6761,12 @@ * The driver may set force=true if it has buffered packets for this TXQ * internally. */ -void ieee80211_return_txq(struct ieee80211_hw *hw, struct ieee80211_txq *txq, - bool force); +static inline void +ieee80211_return_txq(struct ieee80211_hw *hw, struct ieee80211_txq *txq, + bool force) +{ + __ieee80211_schedule_txq(hw, txq, force); +} /** * ieee80211_txq_may_transmit - check whether TXQ is allowed to transmit @@ -6829,4 +6936,10 @@ ieee80211_is_data(hdr->frame_control); } +/** + * force dtim count value on given VIF + */ +void ieee80211_force_dtim(struct ieee80211_vif *vif, + unsigned int dtim_count); + #endif /* MAC80211_H */ diff -ruw linux-5.15.42/include/net/netfilter/nf_conntrack.h linux-5.15.42-fbx/include/net/netfilter/nf_conntrack.h --- linux-5.15.42/include/net/netfilter/nf_conntrack.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/net/netfilter/nf_conntrack.h 2024-04-22 14:46:57.688262100 +0200 @@ -116,6 +116,9 @@ u_int32_t secmark; #endif + union nf_conntrack_man_proto nat_src_proto_min; + union nf_conntrack_man_proto nat_src_proto_max; + /* Extensions */ struct nf_ct_ext *ext; diff -ruw linux-5.15.42/include/net/netfilter/nf_conntrack_expect.h linux-5.15.42-fbx/include/net/netfilter/nf_conntrack_expect.h --- linux-5.15.42/include/net/netfilter/nf_conntrack_expect.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/net/netfilter/nf_conntrack_expect.h 2023-03-13 14:08:39.114429164 +0100 @@ -58,13 +58,24 @@ #endif struct rcu_head rcu; + + /* private expect information. */ + char data[32] __aligned(8); }; +#define NF_CT_EXPECT_BUILD_BUG_ON(structsize) \ + BUILD_BUG_ON((structsize) > sizeof_field(struct nf_conntrack_expect, data)) + static inline struct net *nf_ct_exp_net(struct nf_conntrack_expect *exp) { return nf_ct_net(exp->master); } +static inline void *nf_ct_exp_data(struct nf_conntrack_expect *exp) +{ + return (void *)exp->data; +} + #define NF_CT_EXP_POLICY_NAME_LEN 16 struct nf_conntrack_expect_policy { diff -ruw linux-5.15.42/include/net/regulatory.h linux-5.15.42-fbx/include/net/regulatory.h --- linux-5.15.42/include/net/regulatory.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/net/regulatory.h 2024-04-22 14:46:57.696262319 +0200 @@ -221,6 +221,7 @@ u32 flags; u32 dfs_cac_ms; bool has_wmm; + s8 psd; }; struct ieee80211_regdomain { diff -ruw linux-5.15.42/include/net/sock.h linux-5.15.42-fbx/include/net/sock.h --- linux-5.15.42/include/net/sock.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/net/sock.h 2024-04-22 14:46:57.700262428 +0200 @@ -190,6 +190,7 @@ unsigned char skc_reuseport:1; unsigned char skc_ipv6only:1; unsigned char skc_net_refcnt:1; + unsigned char skc_reuse_conflict; int skc_bound_dev_if; union { struct hlist_node skc_bind_node; @@ -381,6 +382,7 @@ #define sk_reuseport __sk_common.skc_reuseport #define sk_ipv6only __sk_common.skc_ipv6only #define sk_net_refcnt __sk_common.skc_net_refcnt +#define sk_reuse_conflict __sk_common.skc_reuse_conflict #define sk_bound_dev_if __sk_common.skc_bound_dev_if #define sk_bind_node __sk_common.skc_bind_node #define sk_prot __sk_common.skc_prot @@ -879,6 +881,7 @@ SOCK_TXTIME, SOCK_XDP, /* XDP is attached */ SOCK_TSTAMP_NEW, /* Indicates 64 bit timestamps always */ + SOCK_UDP_DUP_UNICAST, }; #define SK_FLAGS_TIMESTAMP ((1UL << SOCK_TIMESTAMP) | (1UL << SOCK_TIMESTAMPING_RX_SOFTWARE)) diff -ruw linux-5.15.42/include/uapi/asm-generic/socket.h linux-5.15.42-fbx/include/uapi/asm-generic/socket.h --- linux-5.15.42/include/uapi/asm-generic/socket.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/uapi/asm-generic/socket.h 2024-04-22 14:46:57.744263630 +0200 @@ -30,9 +30,10 @@ #define SO_PEERCRED 17 #define SO_RCVLOWAT 18 #define SO_SNDLOWAT 19 +#endif + #define SO_RCVTIMEO_OLD 20 #define SO_SNDTIMEO_OLD 21 -#endif /* Security levels - as per NRL IPv6 - don't actually do anything */ #define SO_SECURITY_AUTHENTICATION 22 @@ -126,6 +127,8 @@ #define SO_BUF_LOCK 72 +#define SO_UDP_DUP_UNICAST 100 + #if !defined(__KERNEL__) #if __BITS_PER_LONG == 64 || (defined(__x86_64__) && defined(__ILP32__)) diff -ruw linux-5.15.42/include/uapi/linux/dlm_device.h linux-5.15.42-fbx/include/uapi/linux/dlm_device.h --- linux-5.15.42/include/uapi/linux/dlm_device.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/uapi/linux/dlm_device.h 2022-06-03 17:59:11.937493675 +0200 @@ -45,13 +45,13 @@ void __user *bastaddr; struct dlm_lksb __user *lksb; char lvb[DLM_USER_LVB_LEN]; - char name[0]; + char name[]; }; struct dlm_lspace_params { __u32 flags; __u32 minor; - char name[0]; + char name[]; }; struct dlm_purge_params { diff -ruw linux-5.15.42/include/uapi/linux/ethtool.h linux-5.15.42-fbx/include/uapi/linux/ethtool.h --- linux-5.15.42/include/uapi/linux/ethtool.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/uapi/linux/ethtool.h 2024-04-22 14:46:57.768264286 +0200 @@ -231,6 +231,8 @@ ETHTOOL_RX_COPYBREAK, ETHTOOL_TX_COPYBREAK, ETHTOOL_PFC_PREVENTION_TOUT, /* timeout in msecs */ + ETHTOOL_MAC_MODE, + /* * Add your fresh new tunable attribute above and remember to update * tunable_strings[] in net/ethtool/common.c @@ -295,6 +297,8 @@ ETHTOOL_PHY_DOWNSHIFT, ETHTOOL_PHY_FAST_LINK_DOWN, ETHTOOL_PHY_EDPD, + ETHTOOL_PHY_BROKEN, + /* * Add your fresh new phy tunable attribute above and remember to update * phy_tunable_strings[] in net/ethtool/common.c @@ -1460,6 +1464,74 @@ #define ETHTOOL_FEC_BASER (1 << ETHTOOL_FEC_BASER_BIT) #define ETHTOOL_FEC_LLRS (1 << ETHTOOL_FEC_LLRS_BIT) +/** + * struct ethtool_epon_param + * @cmd: Command number = %ETHTOOL_GEPON_PARAM or %ETHTOOL_SEPON_* + */ +struct ethtool_epon_param { + __u32 cmd; + __u8 discovery_rx; + __u8 registered; + __u16 llid; + __u32 burst_cap; + __u32 lasermon_event_count; + __u32 change_count; + __u32 keys_update_id; + __u8 key_sci[8]; + __u8 down_key0[16]; + __u8 down_key1[16]; + __u32 down_encrypt; + __u32 down_last_rx_encrypted; + __u32 down_last_rx_key_id; + __u16 mcast_llid; + __u16 pad; +}; + +/* + * currently a 1:1 mapping for SFP SM in drivers/net/phy/sfp.c + */ +enum { + ETHTOOL_SFP_S_DOWN = 0, + ETHTOOL_SFP_S_FAIL, + ETHTOOL_SFP_S_WAIT, + ETHTOOL_SFP_S_INIT, + ETHTOOL_SFP_S_INIT_PHY, + ETHTOOL_SFP_S_INIT_TX_FAULT, + ETHTOOL_SFP_S_WAIT_LOS, + ETHTOOL_SFP_S_LINK_UP, + ETHTOOL_SFP_S_TX_FAULT, + ETHTOOL_SFP_S_REINIT, + ETHTOOL_SFP_S_TX_DISABLE, +}; + +/** + * struct ethtool_sfp_state + * @cmd: Command number = %ETHTOOL_GSFP_STATE + */ +struct ethtool_sfp_state { + __u32 cmd; + + __u32 fsm_state; + + __u8 o_pwren; + __u8 o_txdis; + __u8 i_presence; + __u8 i_rxlos; + __u8 i_txfault; +}; + +/** + * struct ethtool_shaper_params + * @cmd: %ETHTOOL_GSHAPER_PARAMS / %ETHTOOL_SSHAPER_PARAMS + */ +struct ethtool_shaper_params { + __u32 cmd; + + __u64 rate; + __u32 burst; + __u32 mtu; +}; + /* CMDs currently supported */ #define ETHTOOL_GSET 0x00000001 /* DEPRECATED, Get settings. * Please use ETHTOOL_GLINKSETTINGS @@ -1555,6 +1627,20 @@ #define ETHTOOL_GFECPARAM 0x00000050 /* Get FEC settings */ #define ETHTOOL_SFECPARAM 0x00000051 /* Set FEC settings */ +#define ETHTOOL_GEPON_PARAM 0x00000052 /* Get EPON params */ +#define ETHTOOL_SEPON_KEYS 0x00000053 /* Set EPON encryption keys */ +#define ETHTOOL_SEPON_ENCRYPT 0x00000054 /* Set EPON encryption keys */ +#define ETHTOOL_SEPON_RESTART 0x00000055 /* restart epon link */ +#define ETHTOOL_SEPON_BURST 0x00000056 /* update burst value */ +#define ETHTOOL_SEPON_ADD_MCLLID 0x00000057 /* add epon llid */ +#define ETHTOOL_SEPON_DEL_MCLLID 0x00000058 /* remove epon llid */ +#define ETHTOOL_SEPON_CLR_MCLLID 0x00000059 /* remove all epon llid */ + +#define ETHTOOL_GSFP_STATE 0x00000060 /* get SFP state (IOs/FSM) */ + +#define ETHTOOL_SSHAPER_PARAMS 0x00000061 /* set HW TX shaper params */ +#define ETHTOOL_GSHAPER_PARAMS 0x00000062 /* get HW TX shaper params */ + /* compatibility with older code */ #define SPARC_ETH_GSET ETHTOOL_GSET #define SPARC_ETH_SSET ETHTOOL_SSET @@ -1661,6 +1747,13 @@ ETHTOOL_LINK_MODE_400000baseCR4_Full_BIT = 89, ETHTOOL_LINK_MODE_100baseFX_Half_BIT = 90, ETHTOOL_LINK_MODE_100baseFX_Full_BIT = 91, + ETHTOOL_LINK_MODE_1000basePX_D_Full_BIT = 92, + ETHTOOL_LINK_MODE_1000basePX_U_Full_BIT = 93, + ETHTOOL_LINK_MODE_10000basePR_D_Full_BIT = 94, + ETHTOOL_LINK_MODE_10000basePR_U_Full_BIT = 95, + ETHTOOL_LINK_MODE_10000_1000basePRX_D_Full_BIT = 96, + ETHTOOL_LINK_MODE_10000_1000basePRX_U_Full_BIT = 97, + /* must be last entry */ __ETHTOOL_LINK_MODE_MASK_NBITS }; diff -ruw linux-5.15.42/include/uapi/linux/if_ether.h linux-5.15.42-fbx/include/uapi/linux/if_ether.h --- linux-5.15.42/include/uapi/linux/if_ether.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/uapi/linux/if_ether.h 2024-04-22 14:46:57.772264395 +0200 @@ -118,6 +118,7 @@ #define ETH_P_802_3_MIN 0x0600 /* If the value in the ethernet type is less than this value * then the frame is Ethernet II. Else it is 802.3 */ +#define ETH_P_NMESH_MBH 0xFFFE /* NMESHD beacon eth protocol */ /* * Non DIX types. Won't clash for 1500 types. diff -ruw linux-5.15.42/include/uapi/linux/if_tun.h linux-5.15.42-fbx/include/uapi/linux/if_tun.h --- linux-5.15.42/include/uapi/linux/if_tun.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/uapi/linux/if_tun.h 2024-04-22 14:46:57.772264395 +0200 @@ -62,6 +62,32 @@ #define TUNSETCARRIER _IOW('T', 226, int) #define TUNGETDEVNETNS _IO('T', 227) + +struct smalltun_rule { + __u8 proto; + __be16 src_port_start; + __be16 src_port_end; + __be16 dst_port_start; + __be16 dst_port_end; +}; + +struct smalltun_fp { + __be32 inner_src; + __be32 inner_dst; + + __u32 af; + __u8 outer_src[16]; + __u8 outer_dst[16]; + __be16 outer_src_port; + __be16 outer_dst_port; + + struct smalltun_rule rules[8]; + __u32 rule_count; +}; + +#define TUNSMALLTUNSETFP _IOW('T', 228, struct smalltun_fp) +#define TUNSMALLTUNDELFP _IOW('T', 229, struct smalltun_fp) + /* TUNSETIFF ifr flags */ #define IFF_TUN 0x0001 #define IFF_TAP 0x0002 diff -ruw linux-5.15.42/include/uapi/linux/if_tunnel.h linux-5.15.42-fbx/include/uapi/linux/if_tunnel.h --- linux-5.15.42/include/uapi/linux/if_tunnel.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/uapi/linux/if_tunnel.h 2024-04-22 14:46:57.772264395 +0200 @@ -77,10 +77,23 @@ IFLA_IPTUN_ENCAP_DPORT, IFLA_IPTUN_COLLECT_METADATA, IFLA_IPTUN_FWMARK, + IFLA_IPTUN_FMRS, __IFLA_IPTUN_MAX, }; #define IFLA_IPTUN_MAX (__IFLA_IPTUN_MAX - 1) +enum { + IFLA_IPTUN_FMR_UNSPEC, + IFLA_IPTUN_FMR_IP6_PREFIX, + IFLA_IPTUN_FMR_IP4_PREFIX, + IFLA_IPTUN_FMR_IP6_PREFIX_LEN, + IFLA_IPTUN_FMR_IP4_PREFIX_LEN, + IFLA_IPTUN_FMR_EA_LEN, + IFLA_IPTUN_FMR_OFFSET, + __IFLA_IPTUN_FMR_MAX, +}; +#define IFLA_IPTUN_FMR_MAX (__IFLA_IPTUN_FMR_MAX - 1) + enum tunnel_encap_types { TUNNEL_ENCAP_NONE, TUNNEL_ENCAP_FOU, diff -ruw linux-5.15.42/include/uapi/linux/input-event-codes.h linux-5.15.42-fbx/include/uapi/linux/input-event-codes.h --- linux-5.15.42/include/uapi/linux/input-event-codes.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/uapi/linux/input-event-codes.h 2024-04-22 14:46:57.776264505 +0200 @@ -779,6 +779,18 @@ #define BTN_TRIGGER_HAPPY39 0x2e6 #define BTN_TRIGGER_HAPPY40 0x2e7 +#define KEY_APP_TV 0x2f1 +#define KEY_APP_REPLAY 0x2f2 +#define KEY_APP_VIDEOCLUB 0x2f3 +#define KEY_APP_WHATSON 0x2f4 +#define KEY_APP_RECORDS 0x2f5 +#define KEY_APP_MEDIA 0x2f6 +#define KEY_APP_YOUTUBE 0x2f7 +#define KEY_APP_RADIOS 0x2f8 +#define KEY_APP_CANALVOD 0x2f9 +#define KEY_APP_PIP 0x2fa +#define KEY_APP_NETFLIX 0x2fb + /* We avoid low common keys in module aliases so they don't get huge. */ #define KEY_MIN_INTERESTING KEY_MUTE #define KEY_MAX 0x2ff diff -ruw linux-5.15.42/include/uapi/linux/libc-compat.h linux-5.15.42-fbx/include/uapi/linux/libc-compat.h --- linux-5.15.42/include/uapi/linux/libc-compat.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/uapi/linux/libc-compat.h 2023-02-27 14:15:14.847571831 +0100 @@ -49,11 +49,11 @@ #ifndef _UAPI_LIBC_COMPAT_H #define _UAPI_LIBC_COMPAT_H -/* We have included glibc headers... */ -#if defined(__GLIBC__) +/* We have included libc headers... */ +#if !defined(__KERNEL__) -/* Coordinate with glibc net/if.h header. */ -#if defined(_NET_IF_H) && defined(__USE_MISC) +/* Coordinate with libc net/if.h header. */ +#if defined(_NET_IF_H) && (!defined(__GLIBC__) || defined(__USE_MISC)) /* GLIBC headers included first so don't define anything * that would already be defined. */ @@ -65,9 +65,11 @@ /* Everything up to IFF_DYNAMIC, matches net/if.h until glibc 2.23 */ #define __UAPI_DEF_IF_NET_DEVICE_FLAGS 0 /* For the future if glibc adds IFF_LOWER_UP, IFF_DORMANT and IFF_ECHO */ +#ifndef IFF_ECHO #ifndef __UAPI_DEF_IF_NET_DEVICE_FLAGS_LOWER_UP_DORMANT_ECHO #define __UAPI_DEF_IF_NET_DEVICE_FLAGS_LOWER_UP_DORMANT_ECHO 1 #endif /* __UAPI_DEF_IF_NET_DEVICE_FLAGS_LOWER_UP_DORMANT_ECHO */ +#endif /* IFF_ECHO */ #else /* _NET_IF_H */ @@ -170,7 +172,7 @@ * or we are being included in the kernel, then define everything * that we need. Check for previous __UAPI_* definitions to give * unsupported C libraries a way to opt out of any kernel definition. */ -#else /* !defined(__GLIBC__) */ +#else /* !defined(__KERNEL__) */ /* Definitions for if.h */ #ifndef __UAPI_DEF_IF_IFCONF @@ -262,6 +264,6 @@ #define __UAPI_DEF_XATTR 1 #endif -#endif /* __GLIBC__ */ +#endif /* __KERNEL__ */ #endif /* _UAPI_LIBC_COMPAT_H */ diff -ruw linux-5.15.42/include/uapi/linux/nl80211.h linux-5.15.42-fbx/include/uapi/linux/nl80211.h --- linux-5.15.42/include/uapi/linux/nl80211.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/uapi/linux/nl80211.h 2024-04-22 14:46:57.792264942 +0200 @@ -11,7 +11,7 @@ * Copyright 2008 Jouni Malinen * Copyright 2008 Colin McCabe * Copyright 2015-2017 Intel Deutschland GmbH - * Copyright (C) 2018-2021 Intel Corporation + * Copyright (C) 2018-2022 Intel Corporation * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -301,6 +301,29 @@ */ /** + * DOC: FILS shared key crypto offload + * + * This feature is applicable to drivers running in AP mode. + * + * FILS shared key crypto offload can be advertised by drivers by setting + * @NL80211_EXT_FEATURE_FILS_CRYPTO_OFFLOAD flag. The drivers that support + * FILS shared key crypto offload should be able to encrypt and decrypt + * association frames for FILS shared key authentication as per IEEE 802.11ai. + * With this capability, for FILS key derivation, drivers depend on userspace. + * + * After FILS key derivation, userspace shares the FILS AAD details with the + * driver and the driver stores the same to use in decryption of association + * request and in encryption of association response. The below parameters + * should be given to the driver in %NL80211_CMD_SET_FILS_AAD. + * %NL80211_ATTR_MAC - STA MAC address, used for storing FILS AAD per STA + * %NL80211_ATTR_FILS_KEK - Used for encryption or decryption + * %NL80211_ATTR_FILS_NONCES - Used for encryption or decryption + * (STA Nonce 16 bytes followed by AP Nonce 16 bytes) + * + * Once the association is done, the driver cleans the FILS AAD data. + */ + +/** * enum nl80211_commands - supported nl80211 commands * * @NL80211_CMD_UNSPEC: unspecified command to catch errors @@ -337,7 +360,10 @@ * @NL80211_CMD_DEL_INTERFACE: Virtual interface was deleted, has attributes * %NL80211_ATTR_IFINDEX and %NL80211_ATTR_WIPHY. Can also be sent from * userspace to request deletion of a virtual interface, then requires - * attribute %NL80211_ATTR_IFINDEX. + * attribute %NL80211_ATTR_IFINDEX. If multiple BSSID advertisements are + * enabled using %NL80211_ATTR_MBSSID_CONFIG, %NL80211_ATTR_MBSSID_ELEMS, + * and if this command is used for the transmitting interface, then all + * the non-transmitting interfaces are deleted as well. * * @NL80211_CMD_GET_KEY: Get sequence counter information for a key specified * by %NL80211_ATTR_KEY_IDX and/or %NL80211_ATTR_MAC. @@ -1200,6 +1226,17 @@ * @NL80211_CMD_COLOR_CHANGE_COMPLETED: Notify userland that the color change * has completed * + * @NL80211_CMD_SET_FILS_AAD: Set FILS AAD data to the driver using - + * &NL80211_ATTR_MAC - for STA MAC address + * &NL80211_ATTR_FILS_KEK - for KEK + * &NL80211_ATTR_FILS_NONCES - for FILS Nonces + * (STA Nonce 16 bytes followed by AP Nonce 16 bytes) + * + * @NL80211_CMD_ASSOC_COMEBACK: notification about an association + * temporal rejection with comeback. The event includes %NL80211_ATTR_MAC + * to describe the BSSID address of the AP and %NL80211_ATTR_TIMEOUT to + * specify the timeout value. + * * @NL80211_CMD_MAX: highest used command number * @__NL80211_CMD_AFTER_LAST: internal use */ @@ -1440,6 +1477,10 @@ NL80211_CMD_COLOR_CHANGE_ABORTED, NL80211_CMD_COLOR_CHANGE_COMPLETED, + NL80211_CMD_SET_FILS_AAD, + + NL80211_CMD_ASSOC_COMEBACK, + /* add new commands above here */ /* used to define NL80211_CMD_MAX below */ @@ -2436,7 +2477,9 @@ * space supports external authentication. This attribute shall be used * with %NL80211_CMD_CONNECT and %NL80211_CMD_START_AP request. The driver * may offload authentication processing to user space if this capability - * is indicated in the respective requests from the user space. + * is indicated in the respective requests from the user space. (This flag + * attribute deprecated for %NL80211_CMD_START_AP, use + * %NL80211_ATTR_AP_SETTINGS_FLAGS) * * @NL80211_ATTR_NSS: Station's New/updated RX_NSS value notified using this * u8 attribute. This is used with %NL80211_CMD_STA_OPMODE_CHANGED. @@ -2593,6 +2636,33 @@ * @NL80211_ATTR_COLOR_CHANGE_ELEMS: Nested set of attributes containing the IE * information for the time while performing a color switch. * + * @NL80211_ATTR_MBSSID_CONFIG: Nested attribute for multiple BSSID + * advertisements (MBSSID) parameters in AP mode. + * Kernel uses this attribute to indicate the driver's support for MBSSID + * and enhanced multi-BSSID advertisements (EMA AP) to the userspace. + * Userspace should use this attribute to configure per interface MBSSID + * parameters. + * See &enum nl80211_mbssid_config_attributes for details. + * + * @NL80211_ATTR_MBSSID_ELEMS: Nested parameter to pass multiple BSSID elements. + * Mandatory parameter for the transmitting interface to enable MBSSID. + * Optional for the non-transmitting interfaces. + * + * @NL80211_ATTR_RADAR_BACKGROUND: Configure dedicated offchannel chain + * available for radar/CAC detection on some hw. This chain can't be used + * to transmit or receive frames and it is bounded to a running wdev. + * Background radar/CAC detection allows to avoid the CAC downtime + * switching on a different channel during CAC detection on the selected + * radar channel. + * + * @NL80211_ATTR_AP_SETTINGS_FLAGS: u32 attribute contains ap settings flags, + * enumerated in &enum nl80211_ap_settings_flags. This attribute shall be + * used with %NL80211_CMD_START_AP request. + * + * @NL80211_ATTR_EHT_CAPABILITY: EHT Capability information element (from + * association request when used with NL80211_CMD_NEW_STATION). Can be set + * only if %NL80211_STA_FLAG_WME is set. + * * @NUM_NL80211_ATTR: total number of nl80211_attrs available * @NL80211_ATTR_MAX: highest attribute number currently defined * @__NL80211_ATTR_AFTER_LAST: internal use @@ -3096,6 +3166,17 @@ NL80211_ATTR_COLOR_CHANGE_COLOR, NL80211_ATTR_COLOR_CHANGE_ELEMS, + NL80211_ATTR_MBSSID_CONFIG, + NL80211_ATTR_MBSSID_ELEMS, + + NL80211_ATTR_RADAR_BACKGROUND, + + NL80211_ATTR_AP_SETTINGS_FLAGS, + + NL80211_ATTR_EHT_CAPABILITY, + + NL80211_ATTR_WIPHY_AVG_BUSY_TIME, + /* add attributes here, update the policy in nl80211.c */ __NL80211_ATTR_AFTER_LAST, @@ -3103,6 +3184,9 @@ NL80211_ATTR_MAX = __NL80211_ATTR_AFTER_LAST - 1 }; +#define NL80211_QBC_UPDATE_NODE_METRICS_IE 1 +#define NL80211_QBC_UPDATE_PATH_METRICS_IE 2 + /* source-level API compatibility */ #define NL80211_ATTR_SCAN_GENERATION NL80211_ATTR_GENERATION #define NL80211_ATTR_MESH_PARAMS NL80211_ATTR_MESH_CONFIG @@ -3151,6 +3235,8 @@ #define NL80211_HE_MAX_CAPABILITY_LEN 54 #define NL80211_MAX_NR_CIPHER_SUITES 5 #define NL80211_MAX_NR_AKM_SUITES 2 +#define NL80211_EHT_MIN_CAPABILITY_LEN 13 +#define NL80211_EHT_MAX_CAPABILITY_LEN 51 #define NL80211_MIN_REMAIN_ON_CHANNEL_TIME 10 @@ -3178,7 +3264,7 @@ * and therefore can't be created in the normal ways, use the * %NL80211_CMD_START_P2P_DEVICE and %NL80211_CMD_STOP_P2P_DEVICE * commands to create and destroy one - * @NL80211_IF_TYPE_OCB: Outside Context of a BSS + * @NL80211_IFTYPE_OCB: Outside Context of a BSS * This mode corresponds to the MIB variable dot11OCBActivated=true * @NL80211_IFTYPE_NAN: NAN device interface type (not a netdev) * @NL80211_IFTYPE_MAX: highest interface type number currently defined @@ -3320,6 +3406,56 @@ }; /** + * enum nl80211_eht_gi - EHT guard interval + * @NL80211_RATE_INFO_EHT_GI_0_8: 0.8 usec + * @NL80211_RATE_INFO_EHT_GI_1_6: 1.6 usec + * @NL80211_RATE_INFO_EHT_GI_3_2: 3.2 usec + */ +enum nl80211_eht_gi { + NL80211_RATE_INFO_EHT_GI_0_8, + NL80211_RATE_INFO_EHT_GI_1_6, + NL80211_RATE_INFO_EHT_GI_3_2, +}; + +/** + * enum nl80211_eht_ru_alloc - EHT RU allocation values + * @NL80211_RATE_INFO_EHT_RU_ALLOC_26: 26-tone RU allocation + * @NL80211_RATE_INFO_EHT_RU_ALLOC_52: 52-tone RU allocation + * @NL80211_RATE_INFO_EHT_RU_ALLOC_52P26: 52+26-tone RU allocation + * @NL80211_RATE_INFO_EHT_RU_ALLOC_106: 106-tone RU allocation + * @NL80211_RATE_INFO_EHT_RU_ALLOC_106P26: 106+26 tone RU allocation + * @NL80211_RATE_INFO_EHT_RU_ALLOC_242: 242-tone RU allocation + * @NL80211_RATE_INFO_EHT_RU_ALLOC_484: 484-tone RU allocation + * @NL80211_RATE_INFO_EHT_RU_ALLOC_484P242: 484+242 tone RU allocation + * @NL80211_RATE_INFO_EHT_RU_ALLOC_996: 996-tone RU allocation + * @NL80211_RATE_INFO_EHT_RU_ALLOC_996P484: 996+484 tone RU allocation + * @NL80211_RATE_INFO_EHT_RU_ALLOC_996P484P242: 996+484+242 tone RU allocation + * @NL80211_RATE_INFO_EHT_RU_ALLOC_2x996: 2x996-tone RU allocation + * @NL80211_RATE_INFO_EHT_RU_ALLOC_2x996P484: 2x996+484 tone RU allocation + * @NL80211_RATE_INFO_EHT_RU_ALLOC_3x996: 3x996-tone RU allocation + * @NL80211_RATE_INFO_EHT_RU_ALLOC_3x996P484: 3x996+484 tone RU allocation + * @NL80211_RATE_INFO_EHT_RU_ALLOC_4x996: 4x996-tone RU allocation + */ +enum nl80211_eht_ru_alloc { + NL80211_RATE_INFO_EHT_RU_ALLOC_26, + NL80211_RATE_INFO_EHT_RU_ALLOC_52, + NL80211_RATE_INFO_EHT_RU_ALLOC_52P26, + NL80211_RATE_INFO_EHT_RU_ALLOC_106, + NL80211_RATE_INFO_EHT_RU_ALLOC_106P26, + NL80211_RATE_INFO_EHT_RU_ALLOC_242, + NL80211_RATE_INFO_EHT_RU_ALLOC_484, + NL80211_RATE_INFO_EHT_RU_ALLOC_484P242, + NL80211_RATE_INFO_EHT_RU_ALLOC_996, + NL80211_RATE_INFO_EHT_RU_ALLOC_996P484, + NL80211_RATE_INFO_EHT_RU_ALLOC_996P484P242, + NL80211_RATE_INFO_EHT_RU_ALLOC_2x996, + NL80211_RATE_INFO_EHT_RU_ALLOC_2x996P484, + NL80211_RATE_INFO_EHT_RU_ALLOC_3x996, + NL80211_RATE_INFO_EHT_RU_ALLOC_3x996P484, + NL80211_RATE_INFO_EHT_RU_ALLOC_4x996, +}; + +/** * enum nl80211_rate_info - bitrate information * * These attribute types are used with %NL80211_STA_INFO_TXRATE @@ -3358,6 +3494,13 @@ * @NL80211_RATE_INFO_HE_DCM: HE DCM value (u8, 0/1) * @NL80211_RATE_INFO_RU_ALLOC: HE RU allocation, if not present then * non-OFDMA was used (u8, see &enum nl80211_he_ru_alloc) + * @NL80211_RATE_INFO_320_MHZ_WIDTH: 320 MHz bitrate + * @NL80211_RATE_INFO_EHT_MCS: EHT MCS index (u8, 0-15) + * @NL80211_RATE_INFO_EHT_NSS: EHT NSS value (u8, 1-8) + * @NL80211_RATE_INFO_EHT_GI: EHT guard interval identifier + * (u8, see &enum nl80211_eht_gi) + * @NL80211_RATE_INFO_EHT_RU_ALLOC: EHT RU allocation, if not present then + * non-OFDMA was used (u8, see &enum nl80211_eht_ru_alloc) * @__NL80211_RATE_INFO_AFTER_LAST: internal use */ enum nl80211_rate_info { @@ -3379,6 +3522,11 @@ NL80211_RATE_INFO_HE_GI, NL80211_RATE_INFO_HE_DCM, NL80211_RATE_INFO_HE_RU_ALLOC, + NL80211_RATE_INFO_320_MHZ_WIDTH, + NL80211_RATE_INFO_EHT_MCS, + NL80211_RATE_INFO_EHT_NSS, + NL80211_RATE_INFO_EHT_GI, + NL80211_RATE_INFO_EHT_RU_ALLOC, /* keep last */ __NL80211_RATE_INFO_AFTER_LAST, @@ -3695,6 +3843,14 @@ * given for all 6 GHz band channels * @NL80211_BAND_IFTYPE_ATTR_VENDOR_ELEMS: vendor element capabilities that are * advertised on this band/for this iftype (binary) + * @NL80211_BAND_IFTYPE_ATTR_EHT_CAP_MAC: EHT MAC capabilities as in EHT + * capabilities element + * @NL80211_BAND_IFTYPE_ATTR_EHT_CAP_PHY: EHT PHY capabilities as in EHT + * capabilities element + * @NL80211_BAND_IFTYPE_ATTR_EHT_CAP_MCS_SET: EHT supported NSS/MCS as in EHT + * capabilities element + * @NL80211_BAND_IFTYPE_ATTR_EHT_CAP_PPE: EHT PPE thresholds information as + * defined in EHT capabilities element * @__NL80211_BAND_IFTYPE_ATTR_AFTER_LAST: internal use */ enum nl80211_band_iftype_attr { @@ -3707,6 +3863,10 @@ NL80211_BAND_IFTYPE_ATTR_HE_CAP_PPE, NL80211_BAND_IFTYPE_ATTR_HE_6GHZ_CAPA, NL80211_BAND_IFTYPE_ATTR_VENDOR_ELEMS, + NL80211_BAND_IFTYPE_ATTR_EHT_CAP_MAC, + NL80211_BAND_IFTYPE_ATTR_EHT_CAP_PHY, + NL80211_BAND_IFTYPE_ATTR_EHT_CAP_MCS_SET, + NL80211_BAND_IFTYPE_ATTR_EHT_CAP_PPE, /* keep last */ __NL80211_BAND_IFTYPE_ATTR_AFTER_LAST, @@ -3851,6 +4011,12 @@ * on this channel in current regulatory domain. * @NL80211_FREQUENCY_ATTR_16MHZ: 16 MHz operation is allowed * on this channel in current regulatory domain. + * @NL80211_FREQUENCY_ATTR_NO_320MHZ: any 320 MHz channel using this channel + * as the primary or any of the secondary channels isn't possible + * @NL80211_FREQUENCY_ATTR_NO_EHT: EHT operation is not allowed on this channel + * in current regulatory domain. + * @NL80211_FREQUENCY_ATTR_PSD: power spectral density (in dBm) + * is allowed on this channel in current regulatory domain. * @NL80211_FREQUENCY_ATTR_MAX: highest frequency attribute number * currently defined * @__NL80211_FREQUENCY_ATTR_AFTER_LAST: internal use @@ -3887,6 +4053,9 @@ NL80211_FREQUENCY_ATTR_4MHZ, NL80211_FREQUENCY_ATTR_8MHZ, NL80211_FREQUENCY_ATTR_16MHZ, + NL80211_FREQUENCY_ATTR_NO_320MHZ, + NL80211_FREQUENCY_ATTR_NO_EHT, + NL80211_FREQUENCY_ATTR_PSD, /* keep last */ __NL80211_FREQUENCY_ATTR_AFTER_LAST, @@ -3987,6 +4156,8 @@ * a given frequency range. The value is in mBm (100 * dBm). * @NL80211_ATTR_DFS_CAC_TIME: DFS CAC time in milliseconds. * If not present or 0 default CAC time will be used. + * @NL80211_ATTR_POWER_RULE_PSD: power spectral density (in dBm). + * This could be negative. * @NL80211_REG_RULE_ATTR_MAX: highest regulatory rule attribute number * currently defined * @__NL80211_REG_RULE_ATTR_AFTER_LAST: internal use @@ -4004,6 +4175,8 @@ NL80211_ATTR_DFS_CAC_TIME, + NL80211_ATTR_POWER_RULE_PSD, + /* keep last */ __NL80211_REG_RULE_ATTR_AFTER_LAST, NL80211_REG_RULE_ATTR_MAX = __NL80211_REG_RULE_ATTR_AFTER_LAST - 1 @@ -4085,6 +4258,8 @@ * @NL80211_RRF_NO_80MHZ: 80MHz operation not allowed * @NL80211_RRF_NO_160MHZ: 160MHz operation not allowed * @NL80211_RRF_NO_HE: HE operation not allowed + * @NL80211_RRF_NO_320MHZ: 320MHz operation not allowed + * @NL80211_RRF_PSD: channels has power spectral density value */ enum nl80211_reg_rule_flags { NL80211_RRF_NO_OFDM = 1<<0, @@ -4103,6 +4278,8 @@ NL80211_RRF_NO_80MHZ = 1<<15, NL80211_RRF_NO_160MHZ = 1<<16, NL80211_RRF_NO_HE = 1<<17, + NL80211_RRF_NO_320MHZ = 1<<18, + NL80211_RRF_PSD = 1<<18, }; #define NL80211_RRF_PASSIVE_SCAN NL80211_RRF_NO_IR @@ -4600,6 +4777,8 @@ * @NL80211_CHAN_WIDTH_4: 4 MHz OFDM channel * @NL80211_CHAN_WIDTH_8: 8 MHz OFDM channel * @NL80211_CHAN_WIDTH_16: 16 MHz OFDM channel + * @NL80211_CHAN_WIDTH_320: 320 MHz channel, the %NL80211_ATTR_CENTER_FREQ1 + * attribute must be provided as well */ enum nl80211_chan_width { NL80211_CHAN_WIDTH_20_NOHT, @@ -4615,6 +4794,7 @@ NL80211_CHAN_WIDTH_4, NL80211_CHAN_WIDTH_8, NL80211_CHAN_WIDTH_16, + NL80211_CHAN_WIDTH_320, }; /** @@ -4929,6 +5109,7 @@ * @NL80211_BAND_60GHZ: around 60 GHz band (58.32 - 69.12 GHz) * @NL80211_BAND_6GHZ: around 6 GHz band (5.9 - 7.2 GHz) * @NL80211_BAND_S1GHZ: around 900MHz, supported by S1G PHYs + * @NL80211_BAND_LC: light communication band (placeholder) * @NUM_NL80211_BANDS: number of bands, avoid using this in userspace * since newer kernel versions may support more bands */ @@ -4938,6 +5119,7 @@ NL80211_BAND_60GHZ, NL80211_BAND_6GHZ, NL80211_BAND_S1GHZ, + NL80211_BAND_LC, NUM_NL80211_BANDS, }; @@ -5504,7 +5686,7 @@ * => allows 8 of AP/GO that can have BI gcd >= min gcd * * numbers = [ #{STA} <= 2 ], channels = 2, max = 2 - * => allows two STAs on different channels + * => allows two STAs on the same or on different channels * * numbers = [ #{STA} <= 1, #{P2P-client,P2P-GO} <= 3 ], max = 4 * => allows a STA plus three P2P interfaces @@ -5549,7 +5731,7 @@ * @NL80211_PLINK_ESTAB: mesh peer link is established * @NL80211_PLINK_HOLDING: mesh peer link is being closed or cancelled * @NL80211_PLINK_BLOCKED: all frames transmitted from this mesh - * plink are discarded + * plink are discarded, except for authentication frames * @NUM_NL80211_PLINK_STATES: number of peer link states * @MAX_NL80211_PLINK_STATES: highest numerical value of plink states */ @@ -5686,13 +5868,15 @@ NL80211_TDLS_DISABLE_LINK, }; -/* +/** * enum nl80211_ap_sme_features - device-integrated AP features - * Reserved for future use, no bits are defined in - * NL80211_ATTR_DEVICE_AP_SME yet. + * @NL80211_AP_SME_SA_QUERY_OFFLOAD: SA Query procedures offloaded to driver + * when user space indicates support for SA Query procedures offload during + * "start ap" with %NL80211_AP_SETTINGS_SA_QUERY_OFFLOAD_SUPPORT. + */ enum nl80211_ap_sme_features { + NL80211_AP_SME_SA_QUERY_OFFLOAD = 1 << 0, }; - */ /** * enum nl80211_feature_flags - device/driver features @@ -5995,6 +6179,14 @@ * @NL80211_EXT_FEATURE_BSS_COLOR: The driver supports BSS color collision * detection and change announcemnts. * + * @NL80211_EXT_FEATURE_FILS_CRYPTO_OFFLOAD: Driver running in AP mode supports + * FILS encryption and decryption for (Re)Association Request and Response + * frames. Userspace has to share FILS AAD details to the driver by using + * @NL80211_CMD_SET_FILS_AAD. + * + * @NL80211_EXT_FEATURE_RADAR_BACKGROUND: Device supports background radar/CAC + * detection. + * * @NUM_NL80211_EXT_FEATURES: number of extended features. * @MAX_NL80211_EXT_FEATURES: highest extended feature index. */ @@ -6060,6 +6252,8 @@ NL80211_EXT_FEATURE_SECURE_RTT, NL80211_EXT_FEATURE_PROT_RANGE_NEGO_AND_MEASURE, NL80211_EXT_FEATURE_BSS_COLOR, + NL80211_EXT_FEATURE_FILS_CRYPTO_OFFLOAD, + NL80211_EXT_FEATURE_RADAR_BACKGROUND, /* add new features before the definition below */ NUM_NL80211_EXT_FEATURES, @@ -7349,4 +7543,76 @@ NL80211_SAR_ATTR_SPECS_MAX = __NL80211_SAR_ATTR_SPECS_LAST - 1, }; +/** + * enum nl80211_mbssid_config_attributes - multiple BSSID (MBSSID) and enhanced + * multi-BSSID advertisements (EMA) in AP mode. + * Kernel uses some of these attributes to advertise driver's support for + * MBSSID and EMA. + * Remaining attributes should be used by the userspace to configure the + * features. + * + * @__NL80211_MBSSID_CONFIG_ATTR_INVALID: Invalid + * + * @NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES: Used by the kernel to advertise + * the maximum number of MBSSID interfaces supported by the driver. + * Driver should indicate MBSSID support by setting + * wiphy->mbssid_max_interfaces to a value more than or equal to 2. + * + * @NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY: Used by the kernel + * to advertise the maximum profile periodicity supported by the driver + * if EMA is enabled. Driver should indicate EMA support to the userspace + * by setting wiphy->ema_max_profile_periodicity to + * a non-zero value. + * + * @NL80211_MBSSID_CONFIG_ATTR_INDEX: Mandatory parameter to pass the index of + * this BSS (u8) in the multiple BSSID set. + * Value must be set to 0 for the transmitting interface and non-zero for + * all non-transmitting interfaces. The userspace will be responsible + * for using unique indices for the interfaces. + * Range: 0 to wiphy->mbssid_max_interfaces-1. + * + * @NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX: Mandatory parameter for + * a non-transmitted profile which provides the interface index (u32) of + * the transmitted profile. The value must match one of the interface + * indices advertised by the kernel. Optional if the interface being set up + * is the transmitting one, however, if provided then the value must match + * the interface index of the same. + * + * @NL80211_MBSSID_CONFIG_ATTR_EMA: Flag used to enable EMA AP feature. + * Setting this flag is permitted only if the driver advertises EMA support + * by setting wiphy->ema_max_profile_periodicity to non-zero. + * + * @__NL80211_MBSSID_CONFIG_ATTR_LAST: Internal + * @NL80211_MBSSID_CONFIG_ATTR_MAX: highest attribute + */ +enum nl80211_mbssid_config_attributes { + __NL80211_MBSSID_CONFIG_ATTR_INVALID, + + NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES, + NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY, + NL80211_MBSSID_CONFIG_ATTR_INDEX, + NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX, + NL80211_MBSSID_CONFIG_ATTR_EMA, + + /* keep last */ + __NL80211_MBSSID_CONFIG_ATTR_LAST, + NL80211_MBSSID_CONFIG_ATTR_MAX = __NL80211_MBSSID_CONFIG_ATTR_LAST - 1, +}; + +/** + * enum nl80211_ap_settings_flags - AP settings flags + * + * @NL80211_AP_SETTINGS_EXTERNAL_AUTH_SUPPORT: AP supports external + * authentication. + * @NL80211_AP_SETTINGS_SA_QUERY_OFFLOAD_SUPPORT: Userspace supports SA Query + * procedures offload to driver. If driver advertises + * %NL80211_AP_SME_SA_QUERY_OFFLOAD in AP SME features, userspace shall + * ignore SA Query procedures and validations when this flag is set by + * userspace. + */ +enum nl80211_ap_settings_flags { + NL80211_AP_SETTINGS_EXTERNAL_AUTH_SUPPORT = 1 << 0, + NL80211_AP_SETTINGS_SA_QUERY_OFFLOAD_SUPPORT = 1 << 1, +}; + #endif /* __LINUX_NL80211_H */ diff -ruw linux-5.15.42/include/uapi/linux/serial_core.h linux-5.15.42-fbx/include/uapi/linux/serial_core.h --- linux-5.15.42/include/uapi/linux/serial_core.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/uapi/linux/serial_core.h 2024-04-22 14:46:57.800265160 +0200 @@ -277,4 +277,7 @@ /* Freescale LINFlexD UART */ #define PORT_LINFLEXUART 122 +/* BCM63xx HS */ +#define PORT_BCM63XX_HS 123 + #endif /* _UAPILINUX_SERIAL_CORE_H */ diff -ruw linux-5.15.42/include/uapi/linux/sockios.h linux-5.15.42-fbx/include/uapi/linux/sockios.h --- linux-5.15.42/include/uapi/linux/sockios.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/uapi/linux/sockios.h 2023-02-27 20:40:38.056744387 +0100 @@ -153,6 +153,14 @@ #define SIOCSHWTSTAMP 0x89b0 /* set and get config */ #define SIOCGHWTSTAMP 0x89b1 /* get config */ +/* fbxbridge call */ +#define SIOCGFBXBRIDGE 0x89c0 /* fbxbridge support */ +#define SIOCSFBXBRIDGE 0x89c1 /* Set fbxbridge options */ + +/* fbxdiverter call */ +#define SIOCGFBXDIVERT 0x89d0 /* fbxdiverter support */ +#define SIOCSFBXDIVERT 0x89d1 /* Set fbxdiverter options */ + /* Device private ioctl calls */ /* diff -ruw linux-5.15.42/include/uapi/linux/stddef.h linux-5.15.42-fbx/include/uapi/linux/stddef.h --- linux-5.15.42/include/uapi/linux/stddef.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/uapi/linux/stddef.h 2024-04-22 14:46:57.804265270 +0200 @@ -4,3 +4,40 @@ #ifndef __always_inline #define __always_inline inline #endif + +/** + * __struct_group() - Create a mirrored named and anonyomous struct + * + * @TAG: The tag name for the named sub-struct (usually empty) + * @NAME: The identifier name of the mirrored sub-struct + * @ATTRS: Any struct attributes (usually empty) + * @MEMBERS: The member declarations for the mirrored structs + * + * Used to create an anonymous union of two structs with identical layout + * and size: one anonymous and one named. The former's members can be used + * normally without sub-struct naming, and the latter can be used to + * reason about the start, end, and size of the group of struct members. + * The named struct can also be explicitly tagged for layer reuse, as well + * as both having struct attributes appended. + */ +#define __struct_group(TAG, NAME, ATTRS, MEMBERS...) \ + union { \ + struct { MEMBERS } ATTRS; \ + struct TAG { MEMBERS } ATTRS NAME; \ + } + +/** + * __DECLARE_FLEX_ARRAY() - Declare a flexible array usable in a union + * + * @TYPE: The type of each flexible array element + * @NAME: The name of the flexible array member + * + * In order to have a flexible array member in a union or alone in a + * struct, it needs to be wrapped in an anonymous struct with at least 1 + * named member, but that member can be empty. + */ +#define __DECLARE_FLEX_ARRAY(TYPE, NAME) \ + struct { \ + struct { } __empty_ ## NAME; \ + TYPE NAME[]; \ + } diff -ruw linux-5.15.42/include/uapi/linux/swab.h linux-5.15.42-fbx/include/uapi/linux/swab.h --- linux-5.15.42/include/uapi/linux/swab.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/uapi/linux/swab.h 2024-04-22 14:46:57.804265270 +0200 @@ -3,7 +3,7 @@ #define _UAPI_LINUX_SWAB_H #include -#include +#include #include #include diff -ruw linux-5.15.42/include/uapi/linux/tcp.h linux-5.15.42-fbx/include/uapi/linux/tcp.h --- linux-5.15.42/include/uapi/linux/tcp.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/uapi/linux/tcp.h 2024-04-22 14:46:57.804265270 +0200 @@ -134,6 +134,8 @@ #define TCP_REPAIR_OFF 0 #define TCP_REPAIR_OFF_NO_WP -1 /* Turn off without window probes */ +#define TCP_LINEAR_RTO 128 /* force use of linear timeouts */ + struct tcp_repair_opt { __u32 opt_code; __u32 opt_val; diff -ruw linux-5.15.42/include/uapi/linux/tty.h linux-5.15.42-fbx/include/uapi/linux/tty.h --- linux-5.15.42/include/uapi/linux/tty.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/include/uapi/linux/tty.h 2024-04-22 14:46:57.808265379 +0200 @@ -38,5 +38,6 @@ #define N_NCI 25 /* NFC NCI UART */ #define N_SPEAKUP 26 /* Speakup communication with synths */ #define N_NULL 27 /* Null ldisc used for error handling */ +#define N_REMOTI 28 /* RemoTI over UART */ #endif /* _UAPI_LINUX_TTY_H */ diff -ruw linux-5.15.42/init/Kconfig linux-5.15.42-fbx/init/Kconfig --- linux-5.15.42/init/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/init/Kconfig 2024-04-22 14:46:57.836266144 +0200 @@ -123,6 +123,15 @@ Maximum of each of the number of arguments and environment variables passed to init from the kernel command line. + +config CROSS_COMPILE + string "Cross-compiler tool prefix" + help + Same as running 'make CROSS_COMPILE=prefix-' but stored for + default make runs in this kernel build directory. You don't + need to set this unless you want the configured kernel build + directory to select the cross-compiler automatically. + config COMPILE_TEST bool "Compile also drivers which will not load" depends on HAS_IOMEM @@ -803,6 +812,44 @@ There is no additional runtime cost to printk with this enabled. +config FBX_DECRYPT_INITRD + bool "Decrypt initrd at boot" + depends on BLK_DEV_RAM + default n + +choice + prompt "initrd decryption encryption flavor" + default FBX_DECRYPT_INITRD_RC4 + +config FBX_DECRYPT_INITRD_RC4 + depends on FBX_DECRYPT_INITRD + bool "RC4" + +config FBX_DECRYPT_INITRD_CHACHA20 + depends on FBX_DECRYPT_INITRD + bool "CHACHA20" + select CRYPTO_CHACHA20 + +endchoice + +config FBX_DECRYPT_INITRD_KEY + string "Decryption key" + depends on FBX_DECRYPT_INITRD + +config FBX_DECRYPT_INITRD_NONCE + string "Decryption nonce/IV" + depends on FBX_DECRYPT_INITRD_CHACHA20 + +config FBX_VERIFY_INITRD + bool "Verify initrd at boot" + depends on FBX_DECRYPT_INITRD + select CRYPTO_RSA + select CRYPTO_SHA256 + +config FBX_VERIFY_INITRD_PUBKEY + string "Public key path for initrd verify" + depends on FBX_VERIFY_INITRD + # # Architectures with an unreliable sched_clock() should select this: # @@ -2327,6 +2374,10 @@ one per line. The path can be absolute, or relative to the kernel source tree. +config UNUSED_KSYMS_WHITELIST_SYMS + string "Whitelist of symbols name to keep in ksymtab" + depends on TRIM_UNUSED_KSYMS + endif # MODULES config MODULES_TREE_LOOKUP diff -ruw linux-5.15.42/init/Makefile linux-5.15.42-fbx/init/Makefile --- linux-5.15.42/init/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/init/Makefile 2024-04-22 14:46:57.836266144 +0200 @@ -15,6 +15,14 @@ obj-y += init_task.o +obj-$(CONFIG_FBX_DECRYPT_INITRD)+= fbx_decrypt_initrd.o +obj-$(CONFIG_FBX_DECRYPT_INITRD_RC4) += rc4.o +obj-$(CONFIG_FBX_VERIFY_INITRD) += fbx_initrd_pub_key.o + +PUB_KEY_PATH_UNQUOTED = $(patsubst "%",%,$(CONFIG_FBX_VERIFY_INITRD_PUBKEY)) + +init/fbx_initrd_pub_key.o: $(PUB_KEY_PATH_UNQUOTED) + mounts-y := do_mounts.o mounts-$(CONFIG_BLK_DEV_RAM) += do_mounts_rd.o mounts-$(CONFIG_BLK_DEV_INITRD) += do_mounts_initrd.o diff -ruw linux-5.15.42/init/init_task.c linux-5.15.42-fbx/init/init_task.c --- linux-5.15.42/init/init_task.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/init/init_task.c 2024-04-22 14:46:57.836266144 +0200 @@ -75,6 +75,7 @@ .stack = init_stack, .usage = REFCOUNT_INIT(2), .flags = PF_KTHREAD, + .exec_mode = EXEC_MODE_UNLIMITED, .prio = MAX_PRIO - 20, .static_prio = MAX_PRIO - 20, .normal_prio = MAX_PRIO - 20, diff -ruw linux-5.15.42/init/initramfs.c linux-5.15.42-fbx/init/initramfs.c --- linux-5.15.42/init/initramfs.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/init/initramfs.c 2024-04-22 14:46:57.836266144 +0200 @@ -16,6 +16,7 @@ #include #include #include +#include static ssize_t __init xwrite(struct file *file, const char *p, size_t count, loff_t *pos) @@ -650,6 +651,10 @@ ssize_t written; struct file *file; loff_t pos = 0; +#ifdef CONFIG_FBX_DECRYPT_INITRD + int ret; + extern int fbx_decrypt_initrd(char *start, u32 size); +#endif unpack_to_rootfs(__initramfs_start, __initramfs_size); @@ -659,6 +664,15 @@ if (IS_ERR(file)) return; +#ifdef CONFIG_FBX_DECRYPT_INITRD + ret = fbx_decrypt_initrd((char*)initrd_start, + initrd_end - initrd_start); + if (ret) { + printk(KERN_ERR "Decrypt failed: %i\n", ret); + return; + } +#endif + written = xwrite(file, (char *)initrd_start, initrd_end - initrd_start, &pos); if (written != initrd_end - initrd_start) diff -ruw linux-5.15.42/kernel/fork.c linux-5.15.42-fbx/kernel/fork.c --- linux-5.15.42/kernel/fork.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/kernel/fork.c 2024-04-22 14:46:57.880267346 +0200 @@ -970,6 +970,12 @@ #ifdef CONFIG_MEMCG tsk->active_memcg = NULL; #endif + + /* + * inherit parent exec_mode. + */ + tsk->exec_mode = orig->exec_mode; + return tsk; free_stack: diff -ruw linux-5.15.42/kernel/sys.c linux-5.15.42-fbx/kernel/sys.c --- linux-5.15.42/kernel/sys.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/kernel/sys.c 2024-04-22 14:46:57.936268876 +0200 @@ -11,6 +11,7 @@ #include #include #include +#include #include #include #include @@ -2538,6 +2539,18 @@ error = sched_core_share_pid(arg2, arg3, arg4, arg5); break; #endif + case PR_SET_EXEC_MODE: + if (arg2 != EXEC_MODE_UNLIMITED && + arg2 != EXEC_MODE_ONCE && + arg2 != EXEC_MODE_DENIED) + return -EINVAL; + + if (arg2 > current->exec_mode) + return -EPERM; + current->exec_mode = arg2; + return 0; + case PR_GET_EXEC_MODE: + return current->exec_mode; default: error = -EINVAL; break; diff -ruw linux-5.15.42/lib/Kconfig linux-5.15.42-fbx/lib/Kconfig --- linux-5.15.42/lib/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/lib/Kconfig 2024-04-22 14:46:57.972269860 +0200 @@ -688,6 +688,13 @@ config OBJAGG tristate "objagg" if COMPILE_TEST +config ARCH_HAS_FBXSERIAL + bool + +config FBXSERIAL + bool "fbxserial" + select CRC32 + endmenu config GENERIC_IOREMAP diff -ruw linux-5.15.42/lib/Makefile linux-5.15.42-fbx/lib/Makefile --- linux-5.15.42/lib/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/lib/Makefile 2024-04-22 14:46:57.972269860 +0200 @@ -360,3 +360,4 @@ obj-$(CONFIG_SLUB_KUNIT_TEST) += slub_kunit.o obj-$(CONFIG_GENERIC_LIB_DEVMEM_IS_ALLOWED) += devmem_is_allowed.o +obj-$(CONFIG_FBXSERIAL) += fbxserial.o diff -ruw linux-5.15.42/mm/Kconfig linux-5.15.42-fbx/mm/Kconfig --- linux-5.15.42/mm/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/mm/Kconfig 2024-04-22 14:46:58.016271062 +0200 @@ -324,6 +324,13 @@ config ARCH_SUPPORTS_MEMORY_FAILURE bool +config PAGE_FRAG_CACHE_ORDER + int "page order size of page fragment allocator" + default 3 + help + This allocator is used by networking only for skb->head allocation. + A large value speeds up allocation but causes memory fragmentation. + config MEMORY_FAILURE depends on MMU depends on ARCH_SUPPORTS_MEMORY_FAILURE diff -ruw linux-5.15.42/mm/page_alloc.c linux-5.15.42-fbx/mm/page_alloc.c --- linux-5.15.42/mm/page_alloc.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/mm/page_alloc.c 2024-04-22 14:46:58.044271827 +0200 @@ -5486,18 +5486,24 @@ { struct page *page = NULL; gfp_t gfp = gfp_mask; + unsigned int order; #if (PAGE_SIZE < PAGE_FRAG_CACHE_MAX_SIZE) gfp_mask |= __GFP_COMP | __GFP_NOWARN | __GFP_NORETRY | __GFP_NOMEMALLOC; page = alloc_pages_node(NUMA_NO_NODE, gfp_mask, PAGE_FRAG_CACHE_MAX_ORDER); + order = PAGE_FRAG_CACHE_MAX_ORDER; nc->size = page ? PAGE_FRAG_CACHE_MAX_SIZE : PAGE_SIZE; #endif - if (unlikely(!page)) + if (unlikely(!page)) { page = alloc_pages_node(NUMA_NO_NODE, gfp, 0); + order = 0; + } nc->va = page ? page_address(page) : NULL; + if (page) + set_page_owner_frag_cache(page, order, nc); return page; } diff -ruw linux-5.15.42/mm/vmalloc.c linux-5.15.42-fbx/mm/vmalloc.c --- linux-5.15.42/mm/vmalloc.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/mm/vmalloc.c 2024-04-22 14:46:58.060272264 +0200 @@ -3082,6 +3082,19 @@ EXPORT_SYMBOL_GPL(__vmalloc_node); #endif +/* + * __vmalloc_pgprot(): same as __vmalloc, but with a pgprot_t parameter. + * + * required for IntelCE drivers. + */ +void *__vmalloc_pgprot(unsigned long size, gfp_t gfp_mask, pgprot_t prot) +{ + return __vmalloc_node_range(size, 1, VMALLOC_START, VMALLOC_END, + gfp_mask, prot, 0, 1, + __builtin_return_address(0)); +} +EXPORT_SYMBOL(__vmalloc_pgprot); + void *__vmalloc(unsigned long size, gfp_t gfp_mask) { return __vmalloc_node(size, 1, gfp_mask, NUMA_NO_NODE, diff -ruw linux-5.15.42/net/8021q/vlan.c linux-5.15.42-fbx/net/8021q/vlan.c --- linux-5.15.42/net/8021q/vlan.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/8021q/vlan.c 2024-04-22 14:46:58.068272483 +0200 @@ -211,7 +211,7 @@ /* Attach a VLAN device to a mac address (ie Ethernet Card). * Returns 0 if the device was created or a negative error code otherwise. */ -static int register_vlan_device(struct net_device *real_dev, u16 vlan_id) +int register_vlan_device(struct net_device *real_dev, u16 vlan_id) { struct net_device *new_dev; struct vlan_dev_priv *vlan; diff -ruw linux-5.15.42/net/8021q/vlan_core.c linux-5.15.42-fbx/net/8021q/vlan_core.c --- linux-5.15.42/net/8021q/vlan_core.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/8021q/vlan_core.c 2024-04-22 14:46:58.068272483 +0200 @@ -99,6 +99,12 @@ } EXPORT_SYMBOL(__vlan_find_dev_deep_rcu); +struct net_device *vlan_dev_upper_dev(const struct net_device *dev) +{ + return vlan_dev_priv(dev)->real_dev; +} +EXPORT_SYMBOL(vlan_dev_upper_dev); + struct net_device *vlan_dev_real_dev(const struct net_device *dev) { struct net_device *ret = vlan_dev_priv(dev)->real_dev; diff -ruw linux-5.15.42/net/8021q/vlanproc.c linux-5.15.42-fbx/net/8021q/vlanproc.c --- linux-5.15.42/net/8021q/vlanproc.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/8021q/vlanproc.c 2024-04-22 14:46:58.068272483 +0200 @@ -252,7 +252,7 @@ stats = dev_get_stats(vlandev, &temp); seq_printf(seq, - "%s VID: %d REORDER_HDR: %i dev->priv_flags: %hx\n", + "%s VID: %d REORDER_HDR: %i dev->priv_flags: %llx\n", vlandev->name, vlan->vlan_id, (int)(vlan->flags & 1), vlandev->priv_flags); diff -ruw linux-5.15.42/net/Kconfig linux-5.15.42-fbx/net/Kconfig --- linux-5.15.42/net/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/Kconfig 2024-04-22 14:46:58.072272592 +0200 @@ -60,6 +60,20 @@ menu "Networking options" +config NETSKBPAD + int "Size reserved by dev_alloc_skb" + default 32 + +config NETRXTHREAD + bool "Do rx network processing in kernel thread" + depends on BROKEN_ON_SMP + +config NETRXTHREAD_RX_QUEUE + int "Number of rx queues" + default 1 + depends on NETRXTHREAD + +source "net/nmesh-mbh/Kconfig" source "net/packet/Kconfig" source "net/unix/Kconfig" source "net/tls/Kconfig" @@ -217,6 +231,8 @@ source "net/tipc/Kconfig" source "net/atm/Kconfig" source "net/l2tp/Kconfig" +source "net/fbxatm/Kconfig" +source "net/fbxbridge/Kconfig" source "net/802/Kconfig" source "net/bridge/Kconfig" source "net/dsa/Kconfig" diff -ruw linux-5.15.42/net/Makefile linux-5.15.42-fbx/net/Makefile --- linux-5.15.42/net/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/Makefile 2024-04-22 14:46:58.072272592 +0200 @@ -38,6 +38,12 @@ obj-$(CONFIG_STREAM_PARSER) += strparser/ obj-$(CONFIG_ATM) += atm/ obj-$(CONFIG_L2TP) += l2tp/ +ifneq ($(CONFIG_FBXATM),) +obj-y += fbxatm/ +endif +ifneq ($(CONFIG_FBXBRIDGE),) +obj-y += fbxbridge/ +endif obj-$(CONFIG_DECNET) += decnet/ obj-$(CONFIG_PHONET) += phonet/ ifneq ($(CONFIG_VLAN_8021Q),) @@ -79,3 +85,4 @@ obj-$(CONFIG_XDP_SOCKETS) += xdp/ obj-$(CONFIG_MPTCP) += mptcp/ obj-$(CONFIG_MCTP) += mctp/ +obj-$(CONFIG_NET_NMESH_MBH) += nmesh-mbh/ diff -ruw linux-5.15.42/net/bluetooth/hci_event.c linux-5.15.42-fbx/net/bluetooth/hci_event.c --- linux-5.15.42/net/bluetooth/hci_event.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/bluetooth/hci_event.c 2024-04-22 14:46:58.092273138 +0200 @@ -725,7 +725,9 @@ if (rp->status) return; - if (hdev->max_page < rp->max_page) + if (!test_bit(HCI_QUIRK_BROKEN_LOCAL_EXT_FTR_MAX_PAGE, + &hdev->quirks) && + hdev->max_page < rp->max_page) hdev->max_page = rp->max_page; if (rp->page < HCI_MAX_PAGES) diff -ruw linux-5.15.42/net/bluetooth/hci_request.c linux-5.15.42-fbx/net/bluetooth/hci_request.c --- linux-5.15.42/net/bluetooth/hci_request.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/bluetooth/hci_request.c 2024-04-22 14:46:58.092273138 +0200 @@ -1638,13 +1638,14 @@ return ad_len; /* use complete name if present and fits */ - complete_len = strlen(hdev->dev_name); - if (complete_len && complete_len <= HCI_MAX_SHORT_NAME_LENGTH) + complete_len = strnlen(hdev->dev_name, sizeof (hdev->dev_name)); + if (complete_len && complete_len <= HCI_MAX_SHORT_NAME_LENGTH) { return eir_append_data(ptr, ad_len, EIR_NAME_COMPLETE, hdev->dev_name, complete_len + 1); + } /* use short name if present */ - short_len = strlen(hdev->short_name); + short_len = strnlen(hdev->short_name, sizeof (hdev->short_name)); if (short_len) return eir_append_data(ptr, ad_len, EIR_NAME_SHORT, hdev->short_name, short_len + 1); diff -ruw linux-5.15.42/net/bridge/br_device.c linux-5.15.42-fbx/net/bridge/br_device.c --- linux-5.15.42/net/bridge/br_device.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/bridge/br_device.c 2024-04-22 14:46:58.100273357 +0200 @@ -213,6 +213,7 @@ struct net_bridge *br = netdev_priv(dev); dev->mtu = new_mtu; + br->forced_mtu = new_mtu; /* this flag will be cleared if the MTU was automatically adjusted */ br_opt_toggle(br, BROPT_MTU_SET_BY_USER, true); diff -ruw linux-5.15.42/net/bridge/br_fdb.c linux-5.15.42-fbx/net/bridge/br_fdb.c --- linux-5.15.42/net/bridge/br_fdb.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/bridge/br_fdb.c 2024-04-22 14:46:58.100273357 +0200 @@ -579,22 +579,42 @@ test_and_clear_bit(BR_FDB_NOTIFY_INACTIVE, &fdb->flags)); } -void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, +bool br_fdb_update_only(struct net_bridge *br, + struct net_bridge_port *source, + const unsigned char *addr) +{ + struct net_bridge_fdb_entry *fdb; + + fdb = br_fdb_find_rcu(br, addr, 0); + if (!fdb) + return false; + + fdb->updated = jiffies; + return true; +} + +int br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, const unsigned char *addr, u16 vid, unsigned long flags) { struct net_bridge_fdb_entry *fdb; + int ret = 0; /* some users want to always flood. */ if (hold_time(br) == 0) - return; + return ret; fdb = fdb_find_rcu(&br->fdb_hash_tbl, addr, vid); if (likely(fdb)) { + + if (test_bit(BR_FDB_ADDED_BY_USER, &fdb->flags)) + return ret; + /* attempt to update an entry for a local interface */ if (unlikely(test_bit(BR_FDB_LOCAL, &fdb->flags))) { if (net_ratelimit()) br_warn(br, "received packet on %s with own address as source address (addr:%pM, vlan:%u)\n", source->dev->name, addr, vid); + ret = -ELOOP; } else { unsigned long now = jiffies; bool fdb_modified = false; @@ -636,6 +656,7 @@ */ spin_unlock(&br->hash_lock); } + return ret; } static int fdb_to_nud(const struct net_bridge *br, diff -ruw linux-5.15.42/net/bridge/br_forward.c linux-5.15.42-fbx/net/bridge/br_forward.c --- linux-5.15.42/net/bridge/br_forward.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/bridge/br_forward.c 2024-04-22 14:46:58.100273357 +0200 @@ -22,12 +22,28 @@ const struct sk_buff *skb) { struct net_bridge_vlan_group *vg; + const unsigned char *dest; + struct net_bridge_fdb_entry *fdb_dst = NULL; + u16 vid = 0; + int ret = 0; + + dest = skb_mac_header(skb); + + rcu_read_lock(); + if (is_unicast_ether_addr(dest)) { + if (br_vlan_enabled(p->dev)) + br_vlan_get_tag(skb, &vid); + fdb_dst = br_fdb_find_rcu(p->br, dest, vid); + } vg = nbp_vlan_group_rcu(p); - return ((p->flags & BR_HAIRPIN_MODE) || skb->dev != p->dev) && - p->state == BR_STATE_FORWARDING && br_allowed_egress(vg, skb) && + ret = ((p->flags & BR_HAIRPIN_MODE) || skb->dev != p->dev) && + br_allowed_egress(vg, skb) && ((p->state == BR_STATE_FORWARDING) || + ((p->state == BR_STATE_BLOCKING) && fdb_dst && test_bit(BR_FDB_ADDED_BY_USER, &fdb_dst->flags))) && nbp_switchdev_allowed_egress(p, skb) && !br_skb_isolated(p, skb); + rcu_read_unlock(); + return ret; } int br_dev_queue_push_xmit(struct net *net, struct sock *sk, struct sk_buff *skb) diff -ruw linux-5.15.42/net/bridge/br_if.c linux-5.15.42-fbx/net/bridge/br_if.c --- linux-5.15.42/net/bridge/br_if.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/bridge/br_if.c 2024-04-22 14:46:58.100273357 +0200 @@ -491,13 +491,13 @@ static int br_mtu_min(const struct net_bridge *br) { const struct net_bridge_port *p; - int ret_mtu = 0; + int ret_mtu = min_t(unsigned int, br->forced_mtu, ETH_DATA_LEN); list_for_each_entry(p, &br->port_list, list) if (!ret_mtu || ret_mtu > p->dev->mtu) ret_mtu = p->dev->mtu; - return ret_mtu ? ret_mtu : ETH_DATA_LEN; + return ret_mtu; } void br_mtu_auto_adjust(struct net_bridge *br) diff -ruw linux-5.15.42/net/bridge/br_input.c linux-5.15.42-fbx/net/bridge/br_input.c --- linux-5.15.42/net/bridge/br_input.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/bridge/br_input.c 2024-04-22 14:46:58.104273466 +0200 @@ -99,8 +99,9 @@ /* insert into forwarding database after filtering to avoid spoofing */ br = p->br; - if (p->flags & BR_LEARNING) - br_fdb_update(br, p, eth_hdr(skb)->h_source, vid, 0); + if (p->flags & BR_LEARNING && + br_fdb_update(br, p, eth_hdr(skb)->h_source, vid, 0)) + goto drop; local_rcv = !!(br->dev->flags & IFF_PROMISC); if (is_multicast_ether_addr(eth_hdr(skb)->h_dest)) { @@ -164,7 +165,8 @@ if (dst) { unsigned long now = jiffies; - if (test_bit(BR_FDB_LOCAL, &dst->flags)) + if (test_bit(BR_FDB_LOCAL, &dst->flags) && + !test_bit(BR_FDB_ADDED_BY_USER, &dst->flags)) return br_pass_frame_up(skb); if (now != dst->used) @@ -278,6 +280,34 @@ return 0; } +/* Don't forward packets to originating port or forwarding disabled */ +static inline int br_drop_input_pkt(const struct net_bridge_port *p, + const struct sk_buff *skb) +{ + const unsigned char *dest; + struct net_bridge_fdb_entry *fdb_dst = NULL; + u16 vid = 0; + int ret = 1; + + dest = skb_mac_header(skb); + + if (!is_unicast_ether_addr(dest)) + goto out; + + rcu_read_lock(); + if (br_vlan_enabled(p->dev)) + br_vlan_get_tag(skb, &vid); + + fdb_dst = br_fdb_find_rcu(p->br, dest, vid); + if (fdb_dst) + ret = 0; + + rcu_read_unlock(); + +out: + return ret; +} + /* * Return NULL if skb is handled * note: already called with rcu_read_lock @@ -369,6 +399,10 @@ forward: switch (p->state) { + case BR_STATE_BLOCKING: + if (br_drop_input_pkt(p, skb)) + goto drop; + fallthrough; case BR_STATE_FORWARDING: case BR_STATE_LEARNING: if (ether_addr_equal(p->br->dev->dev_addr, dest)) diff -ruw linux-5.15.42/net/bridge/br_private.h linux-5.15.42-fbx/net/bridge/br_private.h --- linux-5.15.42/net/bridge/br_private.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/bridge/br_private.h 2024-04-22 14:46:58.108273576 +0200 @@ -535,6 +535,7 @@ #if IS_ENABLED(CONFIG_BRIDGE_CFM) struct hlist_head mep_list; #endif + unsigned int forced_mtu; }; struct br_input_skb_cb { @@ -771,7 +772,10 @@ unsigned long off); int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, const unsigned char *addr, u16 vid); -void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, +bool br_fdb_update_only(struct net_bridge *br, + struct net_bridge_port *source, + const unsigned char *addr); +int br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, const unsigned char *addr, u16 vid, unsigned long flags); int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], diff -ruw linux-5.15.42/net/bridge/br_private_stp.h linux-5.15.42-fbx/net/bridge/br_private_stp.h --- linux-5.15.42/net/bridge/br_private_stp.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/bridge/br_private_stp.h 2024-04-22 14:46:58.108273576 +0200 @@ -23,7 +23,7 @@ #define BR_MAX_MAX_AGE (40*HZ) #define BR_MIN_PATH_COST 1 -#define BR_MAX_PATH_COST 65535 +#define BR_MAX_PATH_COST 5000000 struct br_config_bpdu { unsigned int topology_change:1; diff -ruw linux-5.15.42/net/core/dev.c linux-5.15.42-fbx/net/core/dev.c --- linux-5.15.42/net/core/dev.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/core/dev.c 2024-04-22 14:46:58.124274013 +0200 @@ -150,6 +150,7 @@ #include #include #include +#include #include "net-sysfs.h" @@ -158,6 +159,9 @@ /* This should be increased if a protocol with a bigger head is added. */ #define GRO_MAX_HEAD (MAX_HEADER + 128) +int (*nmesh_mbh_bridge_rx)(struct sk_buff *skb) __rcu __read_mostly; +EXPORT_SYMBOL_GPL(nmesh_mbh_bridge_rx); + static DEFINE_SPINLOCK(ptype_lock); static DEFINE_SPINLOCK(offload_lock); struct list_head ptype_base[PTYPE_HASH_SIZE] __read_mostly; @@ -172,6 +176,10 @@ struct netlink_ext_ack *extack); static struct napi_struct *napi_by_id(unsigned int napi_id); +#ifdef CONFIG_NETRXTHREAD +struct krxd gkrxd[CONFIG_NETRXTHREAD_RX_QUEUE]; +#endif + /* * The @dev_base_head list is protected by @dev_base_lock and the rtnl * semaphore. @@ -1216,22 +1224,6 @@ net = dev_net(dev); - /* Some auto-enslaved devices e.g. failover slaves are - * special, as userspace might rename the device after - * the interface had been brought up and running since - * the point kernel initiated auto-enslavement. Allow - * live name change even when these slave devices are - * up and running. - * - * Typically, users of these auto-enslaving devices - * don't actually care about slave name change, as - * they are supposed to operate on master interface - * directly. - */ - if (dev->flags & IFF_UP && - likely(!(dev->priv_flags & IFF_LIVE_RENAME_OK))) - return -EBUSY; - down_write(&devnet_rename_sem); if (strncmp(newname, dev->name, IFNAMSIZ) == 0) { @@ -4918,6 +4910,23 @@ return ret; } +/* Start Freebox added code */ +#if defined(CONFIG_FREEBOX_DIVERTER) || defined(CONFIG_FREEBOX_DIVERTER_MODULE) +int (*fbxdiverter_hook)(struct sk_buff *); + +static int handle_fbxdiverter(struct sk_buff *skb) +{ + /* try_module_get is missing here, so there is a race on + * fbxdiverter module deletion */ + if (!fbxdiverter_hook) + return 0; + return fbxdiverter_hook(skb); +} + +EXPORT_SYMBOL(fbxdiverter_hook); +#endif + + /** * netif_rx - post buffer to the network code * @skb: buffer to post @@ -5235,28 +5244,117 @@ return 0; } +static int __netif_receive_skb_core_end(struct sk_buff **pskb, bool pfmemalloc, + struct packet_type **ppt_prev); + static int __netif_receive_skb_core(struct sk_buff **pskb, bool pfmemalloc, struct packet_type **ppt_prev) { - struct packet_type *ptype, *pt_prev; - rx_handler_func_t *rx_handler; struct sk_buff *skb = *pskb; - struct net_device *orig_dev; - bool deliver_exact = false; - int ret = NET_RX_DROP; - __be16 type; +#ifdef CONFIG_NETRXTHREAD + unsigned int len; + struct krxd *krxd; +#endif net_timestamp_check(!netdev_tstamp_prequeue, skb); trace_netif_receive_skb(skb); - orig_dev = skb->dev; - skb_reset_network_header(skb); if (!skb_transport_header_was_set(skb)) skb_reset_transport_header(skb); skb_reset_mac_len(skb); +#if defined(CONFIG_FREEBOX_DIVERTER) || defined(CONFIG_FREEBOX_DIVERTER_MODULE) + if (handle_fbxdiverter(skb)) + return NET_RX_SUCCESS; +#endif + +#ifndef CONFIG_NETRXTHREAD + return __netif_receive_skb_core_end(pskb, pfmemalloc, ppt_prev); +#else + if (pfmemalloc) + return __netif_receive_skb_core_end(pskb, pfmemalloc, ppt_prev); + + BUILD_BUG_ON(ARRAY_SIZE(gkrxd) < 2); + krxd = &gkrxd[skb->rxthread_prio & 1]; + + /* queue the packet to the rx thread */ + local_bh_disable(); + len = skb_queue_len(&krxd->pkt_queue); + if (len < RXTHREAD_MAX_PKTS) { + __skb_queue_tail(&krxd->pkt_queue, skb); + krxd->stats_pkts++; + if (!len) + wake_up(&krxd->wq); + } else { + krxd->stats_dropped++; + dev_kfree_skb(skb); + } + local_bh_enable(); + return NET_RX_SUCCESS; +#endif +} + +#ifdef CONFIG_NETRXTHREAD +static int krxd_action(void *data) +{ + struct krxd *krxd = (struct krxd *)data; + unsigned int queue = krxd - gkrxd; + struct sk_buff *skb; + + set_user_nice(current, queue > 0 ? -10 : -5); + current->flags |= PF_NOFREEZE; + __set_current_state(TASK_RUNNING); + + local_bh_disable(); + while (1) { + struct packet_type *pt_prev = NULL; + struct net_device *orig_dev; + + skb = skb_dequeue(&krxd->pkt_queue); + if (!skb) { + local_bh_enable(); + wait_event_interruptible(krxd->wq, + skb_queue_len(&krxd->pkt_queue)); + set_current_state(TASK_RUNNING); + local_bh_disable(); + continue; + } + + rcu_read_lock(); + orig_dev = skb->dev; + __netif_receive_skb_core_end(&skb, false, &pt_prev); + if (pt_prev) + INDIRECT_CALL_INET(pt_prev->func, + ipv6_rcv, ip_rcv, skb, + skb->dev, pt_prev, orig_dev); + rcu_read_unlock(); + + /* only schedule when working on lowest prio queue */ + if (queue == 0 && need_resched()) { + local_bh_enable(); + schedule(); + local_bh_disable(); + } + } + return 0; +} +#endif + +static int __netif_receive_skb_core_end(struct sk_buff **pskb, bool pfmemalloc, + struct packet_type **ppt_prev) +{ + struct sk_buff *skb = *pskb; + struct packet_type *ptype, *pt_prev; + rx_handler_func_t *rx_handler; + struct net_device *orig_dev; + bool deliver_exact = false; + int ret = NET_RX_DROP; + __be16 type; + int (*nmesh_mbh_rx)(struct sk_buff *skb); + + orig_dev = skb->dev; pt_prev = NULL; another_round: @@ -5283,6 +5381,13 @@ goto out; } + if ((skb->protocol == cpu_to_be16(ETH_P_NMESH_MBH)) || + unlikely(is_multicast_ether_addr(eth_hdr(skb)->h_dest))) { + nmesh_mbh_rx = rcu_dereference(nmesh_mbh_bridge_rx); + if (nmesh_mbh_rx && nmesh_mbh_rx(skb)) + goto out; + } + if (skb_skip_tc_classify(skb)) goto skip_classify; @@ -5412,7 +5517,9 @@ if (pt_prev) { if (unlikely(skb_orphan_frags_rx(skb, GFP_ATOMIC))) goto drop; - *ppt_prev = pt_prev; + else + ret = INDIRECT_CALL_INET(pt_prev->func, ipv6_rcv, ip_rcv, skb, + skb->dev, pt_prev, orig_dev); } else { drop: if (!deliver_exact) @@ -5443,10 +5550,16 @@ struct packet_type *pt_prev = NULL; int ret; +#ifdef CONFIG_NETRXTHREAD + (void)orig_dev; + ret = __netif_receive_skb_core(&skb, pfmemalloc, &pt_prev); +#else ret = __netif_receive_skb_core(&skb, pfmemalloc, &pt_prev); if (pt_prev) ret = INDIRECT_CALL_INET(pt_prev->func, ipv6_rcv, ip_rcv, skb, skb->dev, pt_prev, orig_dev); +#endif + return ret; } @@ -11675,6 +11788,24 @@ open_softirq(NET_TX_SOFTIRQ, net_tx_action); open_softirq(NET_RX_SOFTIRQ, net_rx_action); +#ifdef CONFIG_NETRXTHREAD + for (i = 0; i < CONFIG_NETRXTHREAD_RX_QUEUE; i++) { + struct krxd *krxd = &gkrxd[i]; + struct task_struct *task; + + skb_queue_head_init(&krxd->pkt_queue); + init_waitqueue_head(&krxd->wq); + task = kthread_create(krxd_action, krxd, "krxthread_%u", i); + if (IS_ERR(task)) { + printk(KERN_ERR "unable to create krxd\n"); + return -ENOMEM; + } + krxd->task = task; + wake_up_process(task); + } +#endif + + rc = cpuhp_setup_state_nocalls(CPUHP_NET_DEV_DEAD, "net/dev:dead", NULL, dev_cpu_dead); WARN_ON(rc < 0); diff -ruw linux-5.15.42/net/core/net-procfs.c linux-5.15.42-fbx/net/core/net-procfs.c --- linux-5.15.42/net/core/net-procfs.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/core/net-procfs.c 2024-04-22 14:46:58.128274122 +0200 @@ -190,6 +190,89 @@ .show = softnet_seq_show, }; +static struct page_frag_cache *frag_alloc_netdev_get_online(loff_t *pos) +{ + struct page_frag_cache *nc = NULL; + + while (*pos < nr_cpu_ids) + if (cpu_online(*pos)) { + nc = netdev_frag_cache_get(*pos); + break; + } else + ++*pos; + return nc; +} + +static struct page_frag_cache *frag_alloc_napi_get_online(loff_t *pos) +{ + struct page_frag_cache *nc = NULL; + + while (*pos < nr_cpu_ids) + if (cpu_online(*pos)) { + nc = napi_frag_cache_get(*pos); + break; + } else + ++*pos; + return nc; +} + +static void *frag_alloc_netdev_seq_start(struct seq_file *seq, loff_t *pos) +{ + return frag_alloc_netdev_get_online(pos); +} + +static void *frag_alloc_netdev_seq_next(struct seq_file *seq, void *v, loff_t *pos) +{ + ++*pos; + return frag_alloc_netdev_get_online(pos); +} + +static void *frag_alloc_napi_seq_start(struct seq_file *seq, loff_t *pos) +{ + return frag_alloc_napi_get_online(pos); +} + +static void *frag_alloc_napi_seq_next(struct seq_file *seq, void *v, loff_t *pos) +{ + ++*pos; + return frag_alloc_napi_get_online(pos); +} + +static void frag_alloc_seq_stop(struct seq_file *seq, void *v) +{ +} + +static int frag_alloc_seq_show(struct seq_file *seq, void *v) +{ + struct page_frag_cache *nc = v; + unsigned int pages = atomic_read(&nc->pages_allocated); + +#ifdef CONFIG_PAGE_OWNER + seq_printf(seq, + "cpu[%d]: pages:%u (%lu kB)\n", + (int)seq->index, pages, (pages * PAGE_SIZE) / 1024); +#else + seq_printf(seq, + "cpu[%d]: CONFIG_PAGE_OWNER missing\n", + (int)seq->index); +#endif + return 0; +} + +static const struct seq_operations frag_alloc_netdev_seq_ops = { + .start = frag_alloc_netdev_seq_start, + .next = frag_alloc_netdev_seq_next, + .stop = frag_alloc_seq_stop, + .show = frag_alloc_seq_show, +}; + +static const struct seq_operations frag_alloc_napi_seq_ops = { + .start = frag_alloc_napi_seq_start, + .next = frag_alloc_napi_seq_next, + .stop = frag_alloc_seq_stop, + .show = frag_alloc_seq_show, +}; + static void *ptype_get_idx(struct seq_file *seq, loff_t pos) { struct list_head *ptype_list = NULL; @@ -310,6 +393,85 @@ .show = ptype_seq_show, }; +#ifdef CONFIG_NETRXTHREAD +/* + * This is invoked by the /proc filesystem handler to display a device + * in detail. + */ +static void *krxthread_seq_start(struct seq_file *seq, loff_t *pos) +{ + int *queue; + + if (*pos > CONFIG_NETRXTHREAD_RX_QUEUE) + return NULL; + + queue = kmalloc(sizeof(*queue), GFP_KERNEL); + if (!queue) + return NULL; + *queue = ((int)*pos - 1); + + return queue; +} + +static void *krxthread_seq_next(struct seq_file *seq, void *v, loff_t *pos) +{ + int *queue = v; + + if (*pos == CONFIG_NETRXTHREAD_RX_QUEUE) { + ++*pos; + return NULL; + } + + ++*queue; + *pos = *queue + 1; + return queue; +} + +static void krxthread_seq_stop(struct seq_file *seq, void *v) +{ + kfree(v); +} + +static void krxthread_seq_printf_stats(struct seq_file *seq, int queue) +{ + seq_printf(seq, "%8u %12u %12u\n", + queue, + gkrxd[queue].stats_pkts, + gkrxd[queue].stats_dropped); +} + +static int krxthread_seq_show(struct seq_file *seq, void *v) +{ + int *queue = v; + + if (*queue == -1) + seq_printf(seq, "%8s %12s %12s\n", + "queue", "packets", "drops"); + else + krxthread_seq_printf_stats(seq, *queue); + return 0; +} + +static const struct seq_operations krxthread_seq_ops = { + .start = krxthread_seq_start, + .next = krxthread_seq_next, + .stop = krxthread_seq_stop, + .show = krxthread_seq_show, +}; + +static int krxthread_seq_open(struct inode *inode, struct file *file) +{ + return seq_open(file, &krxthread_seq_ops); +} + +static const struct proc_ops krxthread_seq_fops = { + .proc_open = krxthread_seq_open, + .proc_read = seq_read, + .proc_lseek = seq_lseek, + .proc_release = seq_release, +}; +#endif /* KRXTHREAD */ + static int __net_init dev_proc_net_init(struct net *net) { int rc = -ENOMEM; @@ -323,9 +485,20 @@ if (!proc_create_net("ptype", 0444, net->proc_net, &ptype_seq_ops, sizeof(struct seq_net_private))) goto out_softnet; + if (!proc_create_seq("frag_alloc_netdev", 0444, net->proc_net, + &frag_alloc_netdev_seq_ops)) + goto out_softnet; + if (!proc_create_seq("frag_alloc_napi", 0444, net->proc_net, + &frag_alloc_napi_seq_ops)) + goto out_softnet; if (wext_proc_init(net)) goto out_ptype; +#ifdef CONFIG_NETRXTHREAD + if (!proc_create("krxthread", S_IRUGO, net->proc_net, + &krxthread_seq_fops)) + goto out_ptype; +#endif rc = 0; out: return rc; diff -ruw linux-5.15.42/net/core/net-sysfs.c linux-5.15.42-fbx/net/core/net-sysfs.c --- linux-5.15.42/net/core/net-sysfs.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/core/net-sysfs.c 2024-04-22 14:46:58.132274231 +0200 @@ -15,6 +15,7 @@ #include #include #include +#include #include #include #include @@ -754,7 +755,24 @@ }; #if IS_ENABLED(CONFIG_WIRELESS_EXT) || IS_ENABLED(CONFIG_CFG80211) +static ssize_t show_nl80211_iftype(struct device *dev, + struct device_attribute *attr, char *buf) +{ + const struct net_device *netdev = to_net_dev(dev); + ssize_t ret = 0; + + if (!rtnl_trylock()) + return restart_syscall(); + if (netdev->ieee80211_ptr) + ret = sprintf(buf, "%d\n", netdev->ieee80211_ptr->iftype); + rtnl_unlock(); + + return ret; +} +static DEVICE_ATTR(nl80211_iftype, S_IRUGO, show_nl80211_iftype, NULL); + static struct attribute *wireless_attrs[] = { + &dev_attr_nl80211_iftype.attr, NULL }; diff -ruw linux-5.15.42/net/core/of_net.c linux-5.15.42-fbx/net/core/of_net.c --- linux-5.15.42/net/core/of_net.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/core/of_net.c 2024-04-22 14:46:58.132274231 +0200 @@ -12,6 +12,7 @@ #include #include #include +#include /** * of_get_phy_mode - Get phy mode for given device_node @@ -95,6 +96,23 @@ return 0; } +static int of_get_mac_addr_from_fbxserial(struct device_node *np, u8 *addr) +{ +#ifdef CONFIG_FBXSERIAL + struct property *pp; + + pp = of_find_property(np, "fbxserial-mac-address", NULL); + if (!pp || pp->length != 4) + return -ENODEV; + + memcpy(addr, fbxserialinfo_get_mac_addr(be32_to_cpu(*(u32*)pp->value)), + ETH_ALEN); + return 0; +#else + return -ENOSYS; +#endif +} + /** * of_get_mac_address() * @np: Caller's Device Node @@ -128,6 +146,10 @@ if (!np) return -ENODEV; + ret = of_get_mac_addr_from_fbxserial(np, addr); + if (!ret) + return 0; + ret = of_get_mac_addr(np, "mac-address", addr); if (!ret) return 0; diff -ruw linux-5.15.42/net/core/skbuff.c linux-5.15.42-fbx/net/core/skbuff.c --- linux-5.15.42/net/core/skbuff.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/core/skbuff.c 2024-04-22 14:46:58.136274341 +0200 @@ -135,6 +135,17 @@ static DEFINE_PER_CPU(struct page_frag_cache, netdev_alloc_cache); static DEFINE_PER_CPU(struct napi_alloc_cache, napi_alloc_cache); +struct page_frag_cache *netdev_frag_cache_get(unsigned int cpu_id) +{ + return per_cpu_ptr(&netdev_alloc_cache, cpu_id); +} + +struct page_frag_cache *napi_frag_cache_get(unsigned int cpu_id) +{ + struct napi_alloc_cache *nc = per_cpu_ptr(&napi_alloc_cache, cpu_id); + return &nc->page; +} + static void *__alloc_frag_align(unsigned int fragsz, gfp_t gfp_mask, unsigned int align_mask) { @@ -1017,6 +1028,10 @@ memcpy(&new->headers_start, &old->headers_start, offsetof(struct sk_buff, headers_end) - offsetof(struct sk_buff, headers_start)); + +#ifdef CONFIG_IP_FFN + new->ffn_state = FFN_STATE_INIT; +#endif CHECK_SKB_FIELD(protocol); CHECK_SKB_FIELD(csum); CHECK_SKB_FIELD(hash); @@ -5500,11 +5515,15 @@ skb->offload_l3_fwd_mark = 0; #endif +#ifdef CONFIG_IP_FFN + skb->ffn_state = FFN_STATE_INIT; +#endif + skb->mark = 0; + if (!xnet) return; ipvs_reset(skb); - skb->mark = 0; skb->tstamp = 0; } EXPORT_SYMBOL_GPL(skb_scrub_packet); diff -ruw linux-5.15.42/net/core/sock.c linux-5.15.42-fbx/net/core/sock.c --- linux-5.15.42/net/core/sock.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/core/sock.c 2024-04-22 14:46:58.136274341 +0200 @@ -1369,6 +1369,10 @@ ~SOCK_BUF_LOCK_MASK); break; + case SO_UDP_DUP_UNICAST: + sock_valbool_flag(sk, SOCK_UDP_DUP_UNICAST, valbool); + break; + default: ret = -ENOPROTOOPT; break; @@ -1724,6 +1728,10 @@ v.val64 = sock_gen_cookie(sk); break; + case SO_UDP_DUP_UNICAST: + v.val = sock_flag(sk, SOCK_UDP_DUP_UNICAST); + break; + case SO_ZEROCOPY: v.val = sock_flag(sk, SOCK_ZEROCOPY); break; diff -ruw linux-5.15.42/net/dsa/Kconfig linux-5.15.42-fbx/net/dsa/Kconfig --- linux-5.15.42/net/dsa/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/dsa/Kconfig 2024-04-22 14:46:58.144274559 +0200 @@ -57,6 +57,10 @@ Say Y or M if you want to enable support for tagging frames for the Hirschmann Hellcreek TSN switches. +config NET_DSA_TAG_BRCM_FBX + tristate "Tag driver for Broadcom switches using in-frame headers" + select NET_DSA_TAG_BRCM_COMMON + config NET_DSA_TAG_GSWIP tristate "Tag driver for Lantiq / Intel GSWIP switches" help diff -ruw linux-5.15.42/net/ethtool/common.c linux-5.15.42-fbx/net/ethtool/common.c --- linux-5.15.42/net/ethtool/common.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ethtool/common.c 2024-04-22 14:46:58.152274778 +0200 @@ -89,6 +89,7 @@ [ETHTOOL_RX_COPYBREAK] = "rx-copybreak", [ETHTOOL_TX_COPYBREAK] = "tx-copybreak", [ETHTOOL_PFC_PREVENTION_TOUT] = "pfc-prevention-tout", + [ETHTOOL_MAC_MODE] = "mac-mode", }; const char @@ -200,6 +201,12 @@ __DEFINE_LINK_MODE_NAME(400000, CR4, Full), __DEFINE_LINK_MODE_NAME(100, FX, Half), __DEFINE_LINK_MODE_NAME(100, FX, Full), + __DEFINE_LINK_MODE_NAME(1000, PX_D, Full), + __DEFINE_LINK_MODE_NAME(1000, PX_U, Full), + __DEFINE_LINK_MODE_NAME(10000, PR_D, Full), + __DEFINE_LINK_MODE_NAME(10000, PR_U, Full), + __DEFINE_LINK_MODE_NAME(10000_1000, PRX_D, Full), + __DEFINE_LINK_MODE_NAME(10000_1000, PRX_U, Full), }; static_assert(ARRAY_SIZE(link_mode_names) == __ETHTOOL_LINK_MODE_MASK_NBITS); @@ -235,6 +242,10 @@ #define __LINK_MODE_LANES_T1 1 #define __LINK_MODE_LANES_X 1 #define __LINK_MODE_LANES_FX 1 +#define __LINK_MODE_LANES_PX_D 1 +#define __LINK_MODE_LANES_PX_U 1 +#define __LINK_MODE_LANES_PR_U 1 +#define __LINK_MODE_LANES_PR_D 1 #define __DEFINE_LINK_MODE_PARAMS(_speed, _type, _duplex) \ [ETHTOOL_LINK_MODE(_speed, _type, _duplex)] = { \ @@ -348,6 +359,20 @@ __DEFINE_LINK_MODE_PARAMS(400000, CR4, Full), __DEFINE_LINK_MODE_PARAMS(100, FX, Half), __DEFINE_LINK_MODE_PARAMS(100, FX, Full), + + __DEFINE_LINK_MODE_PARAMS(1000, PX_D, Full), + __DEFINE_LINK_MODE_PARAMS(1000, PX_U, Full), + __DEFINE_LINK_MODE_PARAMS(10000, PR_D, Full), + __DEFINE_LINK_MODE_PARAMS(10000, PR_U, Full), + + [ETHTOOL_LINK_MODE_10000_1000basePRX_D_Full_BIT] = { + .speed = SPEED_10000, + .duplex = DUPLEX_FULL, + }, + [ETHTOOL_LINK_MODE_10000_1000basePRX_U_Full_BIT] = { + .speed = SPEED_10000, + .duplex = DUPLEX_FULL, + }, }; static_assert(ARRAY_SIZE(link_mode_params) == __ETHTOOL_LINK_MODE_MASK_NBITS); diff -ruw linux-5.15.42/net/ethtool/ioctl.c linux-5.15.42-fbx/net/ethtool/ioctl.c --- linux-5.15.42/net/ethtool/ioctl.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ethtool/ioctl.c 2024-04-22 14:46:58.152274778 +0200 @@ -2386,6 +2386,11 @@ tuna->type_id != ETHTOOL_TUNABLE_U16) return -EINVAL; break; + case ETHTOOL_MAC_MODE: + if (tuna->len != sizeof(u32) || + tuna->type_id != ETHTOOL_TUNABLE_U32) + return -EINVAL; + break; default: return -EINVAL; } @@ -2567,6 +2572,7 @@ switch (tuna->id) { case ETHTOOL_PHY_DOWNSHIFT: case ETHTOOL_PHY_FAST_LINK_DOWN: + case ETHTOOL_PHY_BROKEN: if (tuna->len != sizeof(u8) || tuna->type_id != ETHTOOL_TUNABLE_U8) return -EINVAL; @@ -2693,6 +2699,87 @@ return dev->ethtool_ops->set_fecparam(dev, &fecparam); } +static int ethtool_get_eponparam(struct net_device *dev, void __user *useraddr) +{ + struct ethtool_epon_param eponparam = { .cmd = ETHTOOL_GEPON_PARAM }; + int rc; + + if (!dev->ethtool_ops->get_epon_param) + return -EOPNOTSUPP; + + rc = dev->ethtool_ops->get_epon_param(dev, &eponparam); + if (rc) + return rc; + + if (copy_to_user(useraddr, &eponparam, sizeof(eponparam))) + return -EFAULT; + return 0; +} + +static int ethtool_set_eponparam(struct net_device *dev, void __user *useraddr) +{ + struct ethtool_epon_param eponparam; + + if (!dev->ethtool_ops->set_epon_param) + return -EOPNOTSUPP; + + if (copy_from_user(&eponparam, useraddr, sizeof(eponparam))) + return -EFAULT; + + return dev->ethtool_ops->set_epon_param(dev, &eponparam); +} + +static int ethtool_get_sfp_state(struct net_device *dev, void __user *useraddr) +{ + struct ethtool_sfp_state sfp_state; + int rc; + + if (!dev->sfp_bus) { + printk("no SFP bus ya twat.\n"); + return -ENODEV; + } + + rc = sfp_get_sfp_state(dev->sfp_bus, &sfp_state); + if (rc) + return rc; + + if (copy_to_user(useraddr, &sfp_state, sizeof (sfp_state))) + return -EFAULT; + return 0; +} + +static int ethtool_get_shaper_params(struct net_device *dev, void __user *uaddr) +{ + struct ethtool_shaper_params sp; + int rc; + + if (!dev->ethtool_ops->get_shaper_param) + return -EOPNOTSUPP; + + memset(&sp, 0, sizeof (sp)); + rc = dev->ethtool_ops->get_shaper_param(dev, &sp); + if (rc) + return rc; + + if (copy_to_user(uaddr, &sp, sizeof (sp))) + return -EFAULT; + + return 0; +} + +static int ethtool_set_shaper_params(struct net_device *dev, void __user *uaddr) +{ + struct ethtool_shaper_params sp; + + if (!dev->ethtool_ops->set_shaper_param) + return -EOPNOTSUPP; + + if (copy_from_user(&sp, uaddr, sizeof (sp))) + return -EFAULT; + + return dev->ethtool_ops->set_shaper_param(dev, &sp); +} + /* The main entry point in this file. Called from net/core/dev_ioctl.c */ int dev_ethtool(struct net *net, struct ifreq *ifr, void __user *useraddr) @@ -2979,6 +3066,27 @@ case ETHTOOL_SFECPARAM: rc = ethtool_set_fecparam(dev, useraddr); break; + case ETHTOOL_GEPON_PARAM: + rc = ethtool_get_eponparam(dev, useraddr); + break; + case ETHTOOL_SEPON_KEYS: + case ETHTOOL_SEPON_ENCRYPT: + case ETHTOOL_SEPON_RESTART: + case ETHTOOL_SEPON_BURST: + case ETHTOOL_SEPON_ADD_MCLLID: + case ETHTOOL_SEPON_DEL_MCLLID: + case ETHTOOL_SEPON_CLR_MCLLID: + rc = ethtool_set_eponparam(dev, useraddr); + break; + case ETHTOOL_GSFP_STATE: + rc = ethtool_get_sfp_state(dev, useraddr); + break; + case ETHTOOL_SSHAPER_PARAMS: + rc = ethtool_set_shaper_params(dev, useraddr); + break; + case ETHTOOL_GSHAPER_PARAMS: + rc = ethtool_get_shaper_params(dev, useraddr); + break; default: rc = -EOPNOTSUPP; } diff -ruw linux-5.15.42/net/ipv4/Makefile linux-5.15.42-fbx/net/ipv4/Makefile --- linux-5.15.42/net/ipv4/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv4/Makefile 2024-04-22 14:46:58.160274996 +0200 @@ -20,6 +20,8 @@ obj-$(CONFIG_NET_IP_TUNNEL) += ip_tunnel.o obj-$(CONFIG_SYSCTL) += sysctl_net_ipv4.o + +obj-$(CONFIG_IP_FFN) += ip_ffn.o obj-$(CONFIG_PROC_FS) += proc.o obj-$(CONFIG_IP_MULTIPLE_TABLES) += fib_rules.o obj-$(CONFIG_IP_MROUTE) += ipmr.o diff -ruw linux-5.15.42/net/ipv4/ip_input.c linux-5.15.42-fbx/net/ipv4/ip_input.c --- linux-5.15.42/net/ipv4/ip_input.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv4/ip_input.c 2024-04-22 14:46:58.168275215 +0200 @@ -223,8 +223,12 @@ } } -static int ip_local_deliver_finish(struct net *net, struct sock *sk, struct sk_buff *skb) +int ip_local_deliver_finish(struct net *net, struct sock *sk, struct sk_buff *skb) { +#ifdef CONFIG_IP_FFN + if (skb->ffn_state == FFN_STATE_FORWARDABLE) + ip_ffn_add(skb, IP_FFN_LOCAL_IN); +#endif __skb_pull(skb, skb_network_header_len(skb)); rcu_read_lock(); @@ -537,6 +541,11 @@ if (skb == NULL) return NET_RX_DROP; +#ifdef CONFIG_IP_FFN + if (!ip_ffn_process(skb)) + return NET_RX_SUCCESS; +#endif + return NF_HOOK(NFPROTO_IPV4, NF_INET_PRE_ROUTING, net, NULL, skb, dev, NULL, ip_rcv_finish); diff -ruw linux-5.15.42/net/ipv4/ip_output.c linux-5.15.42-fbx/net/ipv4/ip_output.c --- linux-5.15.42/net/ipv4/ip_output.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv4/ip_output.c 2024-04-22 14:46:58.172275324 +0200 @@ -218,6 +218,11 @@ return res; } +#ifdef CONFIG_IP_FFN + if (skb->ffn_state == FFN_STATE_FORWARDABLE) + ip_ffn_add(skb, IP_FFN_FINISH_OUT); +#endif + rcu_read_lock_bh(); neigh = ip_neigh_for_gw(rt, skb, &is_v6gw); if (!IS_ERR(neigh)) { @@ -427,6 +432,11 @@ skb->dev = dev; skb->protocol = htons(ETH_P_IP); +#ifdef CONFIG_IP_FFN + if (skb->ffn_state == FFN_STATE_FAST_FORWARDED) + return ip_finish_output(net, sk, skb); +#endif + return NF_HOOK_COND(NFPROTO_IPV4, NF_INET_POST_ROUTING, net, sk, skb, indev, dev, ip_finish_output, @@ -1742,4 +1752,7 @@ #if defined(CONFIG_IP_MULTICAST) igmp_mc_init(); #endif +#ifdef CONFIG_IP_FFN + ip_ffn_init(); +#endif } diff -ruw linux-5.15.42/net/ipv4/ip_tunnel_core.c linux-5.15.42-fbx/net/ipv4/ip_tunnel_core.c --- linux-5.15.42/net/ipv4/ip_tunnel_core.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv4/ip_tunnel_core.c 2024-04-22 14:46:58.172275324 +0200 @@ -38,6 +38,9 @@ #include #include #include +#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) +#include +#endif const struct ip_tunnel_encap_ops __rcu * iptun_encaps[MAX_IPTUN_ENCAP_OPS] __read_mostly; @@ -60,6 +63,11 @@ skb_scrub_packet(skb, xnet); skb_clear_hash_if_not_l4(skb); +#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) + if (proto == IPPROTO_IPV6) + nf_ct_set(skb, NULL, IP_CT_UNTRACKED); +#endif + skb_dst_set(skb, &rt->dst); memset(IPCB(skb), 0, sizeof(*IPCB(skb))); diff -ruw linux-5.15.42/net/ipv4/ipconfig.c linux-5.15.42-fbx/net/ipv4/ipconfig.c --- linux-5.15.42/net/ipv4/ipconfig.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv4/ipconfig.c 2024-04-22 14:46:58.172275324 +0200 @@ -197,16 +197,62 @@ static struct ic_device *ic_first_dev __initdata; /* List of open device */ static struct ic_device *ic_dev __initdata; /* Selected device */ -static bool __init ic_is_init_dev(struct net_device *dev) +static bool __init ic_is_init_dev(struct net_device *dev, bool partial) { + char *p = NULL; + bool ret; + if (dev->flags & IFF_LOOPBACK) return false; - return user_dev_name[0] ? !strcmp(dev->name, user_dev_name) : + + if (partial) { + p = strchr(user_dev_name, '.'); + if (p) + *p = 0; + } + + ret = false; + if (user_dev_name[0] ? !strcmp(dev->name, user_dev_name) : (!(dev->flags & IFF_LOOPBACK) && (dev->flags & (IFF_POINTOPOINT|IFF_BROADCAST)) && - strncmp(dev->name, "dummy", 5)); + strncmp(dev->name, "dummy", 5))) + ret = true; + if (p) + *p = '.'; + return ret; } +#ifdef CONFIG_VLAN_8021Q +int register_vlan_device(struct net_device *real_dev, u16 vlan_id); + +static void __init prepare_vlan(void) +{ + unsigned short oflags; + struct net_device *dev; + char *p; + u16 vid; + + if (!strchr(user_dev_name, '.')) + return; + + p = strchr(user_dev_name, '.'); + *p = 0; + vid = simple_strtoul(p + 1, NULL, 10); + dev = __dev_get_by_name(&init_net, user_dev_name); + if (!dev) + goto fail; + + oflags = dev->flags; + if (dev_change_flags(dev, oflags | IFF_UP, NULL) < 0) + goto fail; + + register_vlan_device(dev, vid); + +fail: + *p = '.'; +} +#endif + static int __init ic_open_devs(void) { struct ic_device *d, **last; @@ -225,8 +271,13 @@ pr_err("IP-Config: Failed to open %s\n", dev->name); } +#ifdef CONFIG_VLAN_8021Q + /* register vlan device if needed */ + prepare_vlan(); +#endif + for_each_netdev(&init_net, dev) { - if (ic_is_init_dev(dev)) { + if (ic_is_init_dev(dev, false)) { int able = 0; if (dev->mtu >= 364) able |= IC_BOOTP; @@ -275,10 +326,12 @@ int wait, elapsed; for_each_netdev(&init_net, dev) - if (ic_is_init_dev(dev) && netif_carrier_ok(dev)) + if (ic_is_init_dev(dev, false) && netif_carrier_ok(dev)) goto have_carrier; + rtnl_unlock(); msleep(1); + rtnl_lock(); if (time_before(jiffies, next_msg)) continue; @@ -721,8 +774,10 @@ e += len; } if (*vendor_class_identifier) { +#ifdef IPCONFIG_DEBUG pr_info("DHCP: sending class identifier \"%s\"\n", vendor_class_identifier); +#endif *e++ = 60; /* Class-identifier */ len = strlen(vendor_class_identifier); *e++ = len; @@ -1436,7 +1491,7 @@ rtnl_lock(); for_each_netdev(&init_net, dev) { - if (ic_is_init_dev(dev)) { + if (ic_is_init_dev(dev, true)) { found = 1; break; } diff -ruw linux-5.15.42/net/ipv4/netfilter/Kconfig linux-5.15.42-fbx/net/ipv4/netfilter/Kconfig --- linux-5.15.42/net/ipv4/netfilter/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv4/netfilter/Kconfig 2024-04-22 14:46:58.172275324 +0200 @@ -6,6 +6,13 @@ menu "IP: Netfilter Configuration" depends on INET && NETFILTER +config IP_FFN + bool "IP: Fast forwarding and NAT" + +config IP_FFN_PROCFS + bool "IP: Fast forwarding and NAT /proc/net entries" + depends on IP_FFN + config NF_DEFRAG_IPV4 tristate default n diff -ruw linux-5.15.42/net/ipv4/netfilter/ip_tables.c linux-5.15.42-fbx/net/ipv4/netfilter/ip_tables.c --- linux-5.15.42/net/ipv4/netfilter/ip_tables.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv4/netfilter/ip_tables.c 2024-04-22 14:46:58.176275433 +0200 @@ -1101,6 +1101,8 @@ return ret; } +extern void fbxbr_flush_cache(void); + static int do_replace(struct net *net, sockptr_t arg, unsigned int len) { @@ -1140,6 +1142,15 @@ tmp.num_counters, tmp.counters); if (ret) goto free_newinfo_untrans; + +#ifdef CONFIG_IP_FFN + ip_ffn_flush_all(); +#endif + +#ifdef CONFIG_FBXBRIDGE + fbxbr_flush_cache(); +#endif + return 0; free_newinfo_untrans: diff -ruw linux-5.15.42/net/ipv4/tcp.c linux-5.15.42-fbx/net/ipv4/tcp.c --- linux-5.15.42/net/ipv4/tcp.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv4/tcp.c 2024-04-22 14:46:58.180275543 +0200 @@ -3481,6 +3481,13 @@ err = -EINVAL; break; + case TCP_LINEAR_RTO: + if (val < 0 || val > 1) + err = -EINVAL; + else + tp->linear_rto = val; + break; + case TCP_REPAIR: if (!tcp_can_repair_sock(sk)) err = -EPERM; @@ -4074,6 +4081,9 @@ case TCP_THIN_DUPACK: val = 0; break; + case TCP_LINEAR_RTO: + val = tp->linear_rto; + break; case TCP_REPAIR: val = tp->repair; diff -ruw linux-5.15.42/net/ipv4/tcp_timer.c linux-5.15.42-fbx/net/ipv4/tcp_timer.c --- linux-5.15.42/net/ipv4/tcp_timer.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv4/tcp_timer.c 2024-04-22 14:46:58.188275761 +0200 @@ -579,6 +579,10 @@ icsk->icsk_retransmits <= TCP_THIN_LINEAR_RETRIES) { icsk->icsk_backoff = 0; icsk->icsk_rto = min(__tcp_set_rto(tp), TCP_RTO_MAX); + + } else if (sk->sk_state == TCP_ESTABLISHED && tp->linear_rto) { + icsk->icsk_backoff = 0; + icsk->icsk_rto = min(__tcp_set_rto(tp), TCP_RTO_MAX); } else { /* Use normal (exponential) backoff */ icsk->icsk_rto = min(icsk->icsk_rto << 1, TCP_RTO_MAX); diff -ruw linux-5.15.42/net/ipv4/udp.c linux-5.15.42-fbx/net/ipv4/udp.c --- linux-5.15.42/net/ipv4/udp.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv4/udp.c 2024-04-22 14:46:58.192275871 +0200 @@ -308,6 +308,49 @@ inet_sk(sk)->inet_num = snum; udp_sk(sk)->udp_port_hash = snum; udp_sk(sk)->udp_portaddr_hash ^= snum; + + /* resolve udp reuse conflict */ + if (sk->sk_reuse) { + struct sock *sk2; + bool found; + + found = false; + sk_for_each(sk2, &hslot->head) { + if (!net_eq(sock_net(sk2), net) || + sk2 == sk || + (udp_sk(sk2)->udp_port_hash != snum)) + continue; + + if (sk2->sk_bound_dev_if && + sk->sk_bound_dev_if && + sk2->sk_bound_dev_if != sk->sk_bound_dev_if) + continue; + + if (!inet_rcv_saddr_equal(sk, sk2, true)) + continue; + + found = true; + break; + } + + sk_for_each(sk2, &hslot->head) { + if (!net_eq(sock_net(sk2), net) || + sk2 == sk || + (udp_sk(sk2)->udp_port_hash != snum)) + continue; + + if (sk2->sk_bound_dev_if && + sk->sk_bound_dev_if && + sk2->sk_bound_dev_if != sk->sk_bound_dev_if) + continue; + + if (!inet_rcv_saddr_equal(sk, sk2, true)) + continue; + + sk->sk_reuse_conflict = found; + } + } + if (sk_unhashed(sk)) { if (sk->sk_reuseport && udp_reuseport_add_sock(sk, hslot)) { @@ -2329,6 +2372,90 @@ return 0; } +/* + * Unicast goes to one listener and all sockets with dup flag + * + * Note: called only from the BH handler context. + * + * Note2: it is okay to use the udp_table.hash table only here + * and not udp_table.hash2 table as the sock is always hashed in + * both udp_table.hash and udp_table.hash2. This might impact + * performance if the sock hash bucket hosts more than 10 socks + * but has the benefit of keeping the code simplier. + * + * Note3: __udp_is_mcast_sock() does not have really anything to + * do with multicast, it used there to deliver the packet only to + * the sockets that are bound to the ip:port/interface the skbuff + * is targeted to. + */ +static int __udp4_lib_uc_conflict_deliver(struct net *net, struct sk_buff *skb, + struct udphdr *uh, + __be32 saddr, __be32 daddr, + struct udp_table *udptable, + int proto) +{ + struct sock *sk, *first = NULL; + unsigned short hnum = ntohs(uh->dest); + struct udp_hslot *hslot = udp_hashslot(udptable, net, hnum); + int dif = skb->dev->ifindex; + unsigned int offset = offsetof(typeof(*sk), sk_node); + struct hlist_node *node; + struct sk_buff *nskb; + int sdif = inet_sdif(skb); + bool found_non_dup; + + found_non_dup = false; + sk_for_each_entry_offset_rcu(sk, node, &hslot->head, offset) { + bool need_deliver; + + if (!__udp_is_mcast_sock(net, sk, uh->dest, daddr, + uh->source, saddr, dif, sdif, hnum)) + continue; + + if (sock_flag(sk, SOCK_UDP_DUP_UNICAST)) + need_deliver = true; + else { + if (!found_non_dup) + need_deliver = true; + else + need_deliver = false; + found_non_dup = true; + } + + if (!need_deliver) + continue; + + if (!first) { + first = sk; + continue; + } + nskb = skb_clone(skb, GFP_ATOMIC); + + if (unlikely(!nskb)) { + atomic_inc(&sk->sk_drops); + __UDP_INC_STATS(net, UDP_MIB_RCVBUFERRORS, + IS_UDPLITE(sk)); + __UDP_INC_STATS(net, UDP_MIB_INERRORS, + IS_UDPLITE(sk)); + continue; + } + + if (udp_queue_rcv_skb(sk, nskb) > 0) + consume_skb(nskb); + } + + if (first) { + if (udp_queue_rcv_skb(first, skb) > 0) + consume_skb(skb); + } else { + kfree_skb(skb); + __UDP_INC_STATS(net, UDP_MIB_IGNOREDMULTI, + proto == IPPROTO_UDPLITE); + } + + return 0; +} + /* Initialize UDP checksum. If exited with zero value (success), * CHECKSUM_UNNECESSARY means, that no more checks are required. * Otherwise, csum completion requires checksumming packet body, @@ -2455,9 +2582,15 @@ saddr, daddr, udptable, proto); sk = __udp4_lib_lookup_skb(skb, uh->source, uh->dest, udptable); - if (sk) - return udp_unicast_rcv_skb(sk, skb, uh); + if (sk) { + if (sk->sk_reuse_conflict) + return __udp4_lib_uc_conflict_deliver(net, + skb, uh, + saddr, daddr, + udptable, proto); + return udp_unicast_rcv_skb(sk, skb, uh); + } if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) goto drop; nf_reset_ct(skb); diff -ruw linux-5.15.42/net/ipv6/Makefile linux-5.15.42-fbx/net/ipv6/Makefile --- linux-5.15.42/net/ipv6/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv6/Makefile 2024-04-22 14:46:58.192275871 +0200 @@ -15,6 +15,7 @@ ipv6-offload := ip6_offload.o tcpv6_offload.o exthdrs_offload.o ipv6-$(CONFIG_SYSCTL) = sysctl_net_ipv6.o +ipv6-$(CONFIG_IPV6_FFN) += ip6_ffn.o ipv6-$(CONFIG_IPV6_MROUTE) += ip6mr.o ipv6-$(CONFIG_XFRM) += xfrm6_policy.o xfrm6_state.o xfrm6_input.o \ diff -ruw linux-5.15.42/net/ipv6/addrconf.c linux-5.15.42-fbx/net/ipv6/addrconf.c --- linux-5.15.42/net/ipv6/addrconf.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv6/addrconf.c 2024-04-22 14:46:58.192275871 +0200 @@ -2307,12 +2307,27 @@ return 0; } +static int addrconf_ifid_ppp(u8 *eui, struct net_device *dev) +{ + if (is_zero_ether_addr(dev->perm_addr)) + return -1; + + memcpy(eui, dev->perm_addr, 3); + memcpy(eui + 5, dev->perm_addr + 3, 3); + eui[3] = 0xFF; + eui[4] = 0xFE; + eui[0] ^= 2; + return 0; +} + static int ipv6_generate_eui64(u8 *eui, struct net_device *dev) { switch (dev->type) { case ARPHRD_ETHER: case ARPHRD_FDDI: return addrconf_ifid_eui48(eui, dev); + case ARPHRD_PPP: + return addrconf_ifid_ppp(eui, dev); case ARPHRD_ARCNET: return addrconf_ifid_arcnet(eui, dev); case ARPHRD_INFINIBAND: @@ -3356,6 +3371,7 @@ if ((dev->type != ARPHRD_ETHER) && (dev->type != ARPHRD_FDDI) && + (dev->type != ARPHRD_PPP) && (dev->type != ARPHRD_ARCNET) && (dev->type != ARPHRD_INFINIBAND) && (dev->type != ARPHRD_IEEE1394) && diff -ruw linux-5.15.42/net/ipv6/af_inet6.c linux-5.15.42-fbx/net/ipv6/af_inet6.c --- linux-5.15.42/net/ipv6/af_inet6.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv6/af_inet6.c 2024-04-22 14:46:58.196275980 +0200 @@ -1165,6 +1165,10 @@ if (err) goto udpv6_fail; +#ifdef CONFIG_IPV6_FFN + ipv6_ffn_init(); +#endif + err = udplitev6_init(); if (err) goto udplitev6_fail; diff -ruw linux-5.15.42/net/ipv6/ip6_input.c linux-5.15.42-fbx/net/ipv6/ip6_input.c --- linux-5.15.42/net/ipv6/ip6_input.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv6/ip6_input.c 2024-04-22 14:46:58.200276089 +0200 @@ -294,6 +294,12 @@ skb = ip6_rcv_core(skb, dev, net); if (skb == NULL) return NET_RX_DROP; + +#ifdef CONFIG_IPV6_FFN + if (!ipv6_ffn_process(skb)) + return NET_RX_SUCCESS; +#endif + return NF_HOOK(NFPROTO_IPV6, NF_INET_PRE_ROUTING, net, NULL, skb, dev, NULL, ip6_rcv_finish); @@ -457,8 +463,13 @@ kfree_skb(skb); } -static int ip6_input_finish(struct net *net, struct sock *sk, struct sk_buff *skb) +int ip6_input_finish(struct net *net, struct sock *sk, struct sk_buff *skb) { +#ifdef CONFIG_IPV6_FFN + if (skb->ffn_state == FFN_STATE_FORWARDABLE) + ipv6_ffn_add(skb, IPV6_FFN_LOCAL_IN); +#endif + rcu_read_lock(); ip6_protocol_deliver_rcu(net, skb, 0, false); rcu_read_unlock(); diff -ruw linux-5.15.42/net/ipv6/ip6_output.c linux-5.15.42-fbx/net/ipv6/ip6_output.c --- linux-5.15.42/net/ipv6/ip6_output.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv6/ip6_output.c 2024-04-22 14:46:58.200276089 +0200 @@ -51,6 +51,7 @@ #include #include #include +#include #include #include #include @@ -116,6 +117,11 @@ return res; } +#ifdef CONFIG_IPV6_FFN + if (skb->ffn_state == FFN_STATE_FORWARDABLE) + ipv6_ffn_add(skb, IPV6_FFN_FINISH_OUT); +#endif + rcu_read_lock_bh(); nexthop = rt6_nexthop((struct rt6_info *)dst, daddr); neigh = __ipv6_neigh_lookup_noref(dev, nexthop); @@ -221,6 +227,11 @@ return 0; } +#ifdef CONFIG_IP_FFN + if (skb->ffn_state == FFN_STATE_FAST_FORWARDED) + return ip6_finish_output(net, sk, skb); +#endif + return NF_HOOK_COND(NFPROTO_IPV6, NF_INET_POST_ROUTING, net, sk, skb, indev, dev, ip6_finish_output, @@ -612,6 +623,8 @@ hdr->hop_limit--; + skb->priority = rt_tos2priority(ipv6_get_dsfield(hdr)); + return NF_HOOK(NFPROTO_IPV6, NF_INET_FORWARD, net, NULL, skb, skb->dev, dst->dev, ip6_forward_finish); diff -ruw linux-5.15.42/net/ipv6/ip6_tunnel.c linux-5.15.42-fbx/net/ipv6/ip6_tunnel.c --- linux-5.15.42/net/ipv6/ip6_tunnel.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv6/ip6_tunnel.c 2024-04-22 14:46:58.200276089 +0200 @@ -67,9 +67,9 @@ module_param(log_ecn_error, bool, 0644); MODULE_PARM_DESC(log_ecn_error, "Log packets received with corrupted ECN"); -static u32 HASH(const struct in6_addr *addr1, const struct in6_addr *addr2) +static u32 HASH(const struct in6_addr *addr) { - u32 hash = ipv6_addr_hash(addr1) ^ ipv6_addr_hash(addr2); + u32 hash = ipv6_addr_hash(addr); return hash_32(hash, IP6_TUNNEL_HASH_SIZE_SHIFT); } @@ -114,17 +114,26 @@ ip6_tnl_lookup(struct net *net, int link, const struct in6_addr *remote, const struct in6_addr *local) { - unsigned int hash = HASH(remote, local); + unsigned int hash = HASH(local); struct ip6_tnl *t, *cand = NULL; struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id); struct in6_addr any; + struct __ip6_tnl_fmr *fmr; for_each_ip6_tunnel_rcu(ip6n->tnls_r_l[hash]) { if (!ipv6_addr_equal(local, &t->parms.laddr) || - !ipv6_addr_equal(remote, &t->parms.raddr) || !(t->dev->flags & IFF_UP)) continue; + if (!ipv6_addr_equal(remote, &t->parms.raddr)) { + for (fmr = t->parms.fmrs; fmr; fmr = fmr->next) { + if (ipv6_prefix_equal(remote, &fmr->ip6_prefix, + fmr->ip6_prefix_len)) + return t; + } + continue ; + } + if (link == t->parms.link) return t; else @@ -132,7 +141,7 @@ } memset(&any, 0, sizeof(any)); - hash = HASH(&any, local); + hash = HASH(local); for_each_ip6_tunnel_rcu(ip6n->tnls_r_l[hash]) { if (!ipv6_addr_equal(local, &t->parms.laddr) || !ipv6_addr_any(&t->parms.raddr) || @@ -145,7 +154,7 @@ cand = t; } - hash = HASH(remote, &any); + hash = HASH(&any); for_each_ip6_tunnel_rcu(ip6n->tnls_r_l[hash]) { if (!ipv6_addr_equal(remote, &t->parms.raddr) || !ipv6_addr_any(&t->parms.laddr) || @@ -194,7 +203,7 @@ if (!ipv6_addr_any(remote) || !ipv6_addr_any(local)) { prio = 1; - h = HASH(remote, local); + h = HASH(local); } return &ip6n->tnls[prio][h]; } @@ -378,6 +387,12 @@ struct net *net = t->net; struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id); + while (t->parms.fmrs) { + struct __ip6_tnl_fmr *next = t->parms.fmrs->next; + kfree(t->parms.fmrs); + t->parms.fmrs = next; + } + if (dev == ip6n->fb_tnl_dev) RCU_INIT_POINTER(ip6n->tnls_wc[0], NULL); else @@ -790,6 +805,107 @@ } EXPORT_SYMBOL_GPL(ip6_tnl_rcv_ctl); +/** + * ip4ip6_fmr_calc - calculate target / source IPv6-address based on FMR + * @dest: destination IPv6 address buffer + * @skb: received socket buffer + * @fmr: MAP FMR + * @xmit: Calculate for xmit or rcv + **/ +static void ip4ip6_fmr_calc(struct in6_addr *dest, + const struct iphdr *iph, const uint8_t *end, + const struct __ip6_tnl_fmr *fmr, bool xmit) +{ + int psidlen = fmr->ea_len - (32 - fmr->ip4_prefix_len); + u8 *portp = NULL; + bool use_dest_addr; + const struct iphdr *dsth = iph; + + if ((u8*)dsth >= end) + return; + + /* find significant IP header */ + if (iph->protocol == IPPROTO_ICMP) { + struct icmphdr *ih = (struct icmphdr*)(((u8*)dsth) + dsth->ihl * 4); + if (ih && ((u8*)&ih[1]) <= end && ( + ih->type == ICMP_DEST_UNREACH || + ih->type == ICMP_SOURCE_QUENCH || + ih->type == ICMP_TIME_EXCEEDED || + ih->type == ICMP_PARAMETERPROB || + ih->type == ICMP_REDIRECT)) + dsth = (const struct iphdr*)&ih[1]; + } + + /* in xmit-path use dest port by default and source port only if + this is an ICMP reply to something else; vice versa in rcv-path */ + use_dest_addr = (xmit && dsth == iph) || (!xmit && dsth != iph); + + /* get dst port */ + if (((u8*)&dsth[1]) <= end && ( + dsth->protocol == IPPROTO_UDP || + dsth->protocol == IPPROTO_TCP || + dsth->protocol == IPPROTO_SCTP || + dsth->protocol == IPPROTO_DCCP)) { + /* for UDP, TCP, SCTP and DCCP source and dest port + follow IPv4 header directly */ + portp = ((u8*)dsth) + dsth->ihl * 4; + + if (use_dest_addr) + portp += sizeof(u16); + } else if (iph->protocol == IPPROTO_ICMP) { + struct icmphdr *ih = (struct icmphdr*)(((u8*)dsth) + dsth->ihl * 4); + + /* use icmp identifier as port */ + if (((u8*)&ih) <= end && ( + (use_dest_addr && ( + ih->type == ICMP_ECHOREPLY || + ih->type == ICMP_TIMESTAMPREPLY || + ih->type == ICMP_INFO_REPLY || + ih->type == ICMP_ADDRESSREPLY)) || + (!use_dest_addr && ( + ih->type == ICMP_ECHO || + ih->type == ICMP_TIMESTAMP || + ih->type == ICMP_INFO_REQUEST || + ih->type == ICMP_ADDRESS) + ))) + portp = (u8*)&ih->un.echo.id; + } + + if ((portp && &portp[2] <= end) || psidlen == 0) { + int frombyte = fmr->ip6_prefix_len / 8; + int fromrem = fmr->ip6_prefix_len % 8; + int bytes = sizeof(struct in6_addr) - frombyte; + const u32 *addr = (use_dest_addr) ? &iph->daddr : &iph->saddr; + u64 eabits = ((u64)ntohl(*addr)) << (32 + fmr->ip4_prefix_len); + u64 t = 0; + + /* extract PSID from port and add it to eabits */ + u16 psidbits = 0; + if (psidlen > 0) { + psidbits = ((u16)portp[0]) << 8 | ((u16)portp[1]); + psidbits >>= 16 - psidlen - fmr->offset; + psidbits = (u16)(psidbits << (16 - psidlen)); + eabits |= ((u64)psidbits) << (48 - (fmr->ea_len - psidlen)); + } + + /* rewrite destination address */ + *dest = fmr->ip6_prefix; + memcpy(&dest->s6_addr[10], addr, sizeof(*addr)); + dest->s6_addr16[7] = htons(psidbits >> (16 - psidlen)); + + if (bytes > sizeof(u64)) + bytes = sizeof(u64); + + /* insert eabits */ + memcpy(&t, &dest->s6_addr[frombyte], bytes); + t = be64_to_cpu(t) & ~(((((u64)1) << fmr->ea_len) - 1) + << (64 - fmr->ea_len - fromrem)); + t = cpu_to_be64(t | (eabits >> fromrem)); + memcpy(&dest->s6_addr[frombyte], &t, bytes); + } +} + + static int __ip6_tnl_rcv(struct ip6_tnl *tunnel, struct sk_buff *skb, const struct tnl_ptk_info *tpi, struct metadata_dst *tun_dst, @@ -843,6 +959,27 @@ skb_reset_network_header(skb); memset(skb->cb, 0, sizeof(struct inet6_skb_parm)); + if (tpi->proto == htons(ETH_P_IP) && + !ipv6_addr_equal(&ipv6h->saddr, &tunnel->parms.raddr)) { + /* Packet didn't come from BR, so lookup FMR */ + struct __ip6_tnl_fmr *fmr; + struct in6_addr expected = tunnel->parms.raddr; + for (fmr = tunnel->parms.fmrs; fmr; fmr = fmr->next) + if (ipv6_prefix_equal(&ipv6h->saddr, + &fmr->ip6_prefix, fmr->ip6_prefix_len)) + break; + + /* Check that IPv6 matches IPv4 source to prevent spoofing */ + if (fmr) + ip4ip6_fmr_calc(&expected, ip_hdr(skb), + skb_tail_pointer(skb), fmr, false); + + if (!ipv6_addr_equal(&ipv6h->saddr, &expected)) { + rcu_read_unlock(); + goto drop; + } + } + __skb_tunnel_rx(skb, tunnel->dev, tunnel->net); err = dscp_ecn_decapsulate(tunnel, ipv6h, skb); @@ -994,6 +1131,7 @@ opt->ops.opt_nflen = 8; } + /** * ip6_tnl_addr_conflict - compare packet addresses to tunnel's own * @t: the outgoing tunnel device @@ -1278,6 +1416,7 @@ const struct iphdr *iph; int encap_limit = -1; __u16 offset; + struct __ip6_tnl_fmr *fmr; struct flowi6 fl6; __u8 dsfield, orig_dsfield; __u32 mtu; @@ -1373,6 +1512,18 @@ fl6.flowi6_uid = sock_net_uid(dev_net(dev), NULL); dsfield = INET_ECN_encapsulate(dsfield, orig_dsfield); + /* try to find matching FMR */ + for (fmr = t->parms.fmrs; fmr; fmr = fmr->next) { + unsigned mshift = 32 - fmr->ip4_prefix_len; + if (ntohl(fmr->ip4_prefix.s_addr) >> mshift == + ntohl(ip_hdr(skb)->daddr) >> mshift) + break; + } + + /* change dstaddr according to FMR */ + if (fmr) + ip4ip6_fmr_calc(&fl6.daddr, ip_hdr(skb), skb_tail_pointer(skb), fmr, true); + if (iptunnel_handle_offloads(skb, SKB_GSO_IPXIP6)) return -1; @@ -1525,6 +1676,14 @@ t->parms.link = p->link; t->parms.proto = p->proto; t->parms.fwmark = p->fwmark; + + while (t->parms.fmrs) { + struct __ip6_tnl_fmr *next = t->parms.fmrs->next; + kfree(t->parms.fmrs); + t->parms.fmrs = next; + } + t->parms.fmrs = p->fmrs; + dst_cache_reset(&t->dst_cache); ip6_tnl_link_config(t); return 0; @@ -1563,6 +1722,7 @@ p->flowinfo = u->flowinfo; p->link = u->link; p->proto = u->proto; + p->fmrs = NULL; memcpy(p->name, u->name, sizeof(u->name)); } @@ -1949,13 +2109,22 @@ return 0; } -static void ip6_tnl_netlink_parms(struct nlattr *data[], +static const struct nla_policy ip6_tnl_fmr_policy[IFLA_IPTUN_FMR_MAX + 1] = { + [IFLA_IPTUN_FMR_IP6_PREFIX] = { .len = sizeof(struct in6_addr) }, + [IFLA_IPTUN_FMR_IP4_PREFIX] = { .len = sizeof(struct in_addr) }, + [IFLA_IPTUN_FMR_IP6_PREFIX_LEN] = { .type = NLA_U8 }, + [IFLA_IPTUN_FMR_IP4_PREFIX_LEN] = { .type = NLA_U8 }, + [IFLA_IPTUN_FMR_EA_LEN] = { .type = NLA_U8 }, + [IFLA_IPTUN_FMR_OFFSET] = { .type = NLA_U8 } +}; + +static int ip6_tnl_netlink_parms(struct nlattr *data[], struct __ip6_tnl_parm *parms) { memset(parms, 0, sizeof(*parms)); if (!data) - return; + return 0; if (data[IFLA_IPTUN_LINK]) parms->link = nla_get_u32(data[IFLA_IPTUN_LINK]); @@ -1986,6 +2155,52 @@ if (data[IFLA_IPTUN_FWMARK]) parms->fwmark = nla_get_u32(data[IFLA_IPTUN_FWMARK]); + + if (data[IFLA_IPTUN_FMRS]) { + unsigned rem; + struct nlattr *fmr; + + nla_for_each_nested(fmr, data[IFLA_IPTUN_FMRS], rem) { + struct nlattr *fmrd[IFLA_IPTUN_FMR_MAX + 1], *c; + struct __ip6_tnl_fmr *nfmr; + int err; + + err = nla_parse_nested_deprecated(fmrd, IFLA_IPTUN_FMR_MAX, + fmr, ip6_tnl_fmr_policy, NULL); + if (err) + return err; + + if (!(nfmr = kzalloc(sizeof(*nfmr), GFP_KERNEL))) + return -ENOMEM; + + nfmr->offset = 6; + + if ((c = fmrd[IFLA_IPTUN_FMR_IP6_PREFIX])) + nla_memcpy(&nfmr->ip6_prefix, fmrd[IFLA_IPTUN_FMR_IP6_PREFIX], + sizeof(nfmr->ip6_prefix)); + + if ((c = fmrd[IFLA_IPTUN_FMR_IP4_PREFIX])) + nla_memcpy(&nfmr->ip4_prefix, fmrd[IFLA_IPTUN_FMR_IP4_PREFIX], + sizeof(nfmr->ip4_prefix)); + + if ((c = fmrd[IFLA_IPTUN_FMR_IP6_PREFIX_LEN])) + nfmr->ip6_prefix_len = nla_get_u8(c); + + if ((c = fmrd[IFLA_IPTUN_FMR_IP4_PREFIX_LEN])) + nfmr->ip4_prefix_len = nla_get_u8(c); + + if ((c = fmrd[IFLA_IPTUN_FMR_EA_LEN])) + nfmr->ea_len = nla_get_u8(c); + + if ((c = fmrd[IFLA_IPTUN_FMR_OFFSET])) + nfmr->offset = nla_get_u8(c); + + nfmr->next = parms->fmrs; + parms->fmrs = nfmr; + } + } + + return 0; } static bool ip6_tnl_netlink_encap_parms(struct nlattr *data[], @@ -2039,7 +2254,9 @@ return err; } - ip6_tnl_netlink_parms(data, &nt->parms); + err = ip6_tnl_netlink_parms(data, &nt->parms); + if (err) + return err; if (nt->parms.collect_md) { if (rtnl_dereference(ip6n->collect_md_tun)) @@ -2066,6 +2283,7 @@ struct net *net = t->net; struct ip6_tnl_net *ip6n = net_generic(net, ip6_tnl_net_id); struct ip_tunnel_encap ipencap; + int err; if (dev == ip6n->fb_tnl_dev) return -EINVAL; @@ -2076,7 +2294,10 @@ if (err < 0) return err; } - ip6_tnl_netlink_parms(data, &p); + err = ip6_tnl_netlink_parms(data, &p); + if (err) + return err; + if (p.collect_md) return -EINVAL; @@ -2101,6 +2322,12 @@ static size_t ip6_tnl_get_size(const struct net_device *dev) { + const struct ip6_tnl *t = netdev_priv(dev); + struct __ip6_tnl_fmr *c; + int fmrs = 0; + for (c = t->parms.fmrs; c; c = c->next) + ++fmrs; + return /* IFLA_IPTUN_LINK */ nla_total_size(4) + @@ -2130,6 +2357,24 @@ nla_total_size(0) + /* IFLA_IPTUN_FWMARK */ nla_total_size(4) + + /* IFLA_IPTUN_FMRS */ + nla_total_size(0) + + ( + /* nest */ + nla_total_size(0) + + /* IFLA_IPTUN_FMR_IP6_PREFIX */ + nla_total_size(sizeof(struct in6_addr)) + + /* IFLA_IPTUN_FMR_IP4_PREFIX */ + nla_total_size(sizeof(struct in_addr)) + + /* IFLA_IPTUN_FMR_EA_LEN */ + nla_total_size(1) + + /* IFLA_IPTUN_FMR_IP6_PREFIX_LEN */ + nla_total_size(1) + + /* IFLA_IPTUN_FMR_IP4_PREFIX_LEN */ + nla_total_size(1) + + /* IFLA_IPTUN_FMR_OFFSET */ + nla_total_size(1) + ) * fmrs + 0; } @@ -2137,6 +2382,9 @@ { struct ip6_tnl *tunnel = netdev_priv(dev); struct __ip6_tnl_parm *parm = &tunnel->parms; + struct __ip6_tnl_fmr *c; + int fmrcnt = 0; + struct nlattr *fmrs; if (nla_put_u32(skb, IFLA_IPTUN_LINK, parm->link) || nla_put_in6_addr(skb, IFLA_IPTUN_LOCAL, &parm->laddr) || @@ -2146,9 +2394,27 @@ nla_put_be32(skb, IFLA_IPTUN_FLOWINFO, parm->flowinfo) || nla_put_u32(skb, IFLA_IPTUN_FLAGS, parm->flags) || nla_put_u8(skb, IFLA_IPTUN_PROTO, parm->proto) || - nla_put_u32(skb, IFLA_IPTUN_FWMARK, parm->fwmark)) + nla_put_u32(skb, IFLA_IPTUN_FWMARK, parm->fwmark) || + !(fmrs = nla_nest_start_noflag(skb, IFLA_IPTUN_FMRS))) goto nla_put_failure; + for (c = parm->fmrs; c; c = c->next) { + struct nlattr *fmr = nla_nest_start_noflag(skb, ++fmrcnt); + if (!fmr || + nla_put(skb, IFLA_IPTUN_FMR_IP6_PREFIX, + sizeof(c->ip6_prefix), &c->ip6_prefix) || + nla_put(skb, IFLA_IPTUN_FMR_IP4_PREFIX, + sizeof(c->ip4_prefix), &c->ip4_prefix) || + nla_put_u8(skb, IFLA_IPTUN_FMR_IP6_PREFIX_LEN, c->ip6_prefix_len) || + nla_put_u8(skb, IFLA_IPTUN_FMR_IP4_PREFIX_LEN, c->ip4_prefix_len) || + nla_put_u8(skb, IFLA_IPTUN_FMR_EA_LEN, c->ea_len) || + nla_put_u8(skb, IFLA_IPTUN_FMR_OFFSET, c->offset)) + goto nla_put_failure; + + nla_nest_end(skb, fmr); + } + nla_nest_end(skb, fmrs); + if (nla_put_u16(skb, IFLA_IPTUN_ENCAP_TYPE, tunnel->encap.type) || nla_put_be16(skb, IFLA_IPTUN_ENCAP_SPORT, tunnel->encap.sport) || nla_put_be16(skb, IFLA_IPTUN_ENCAP_DPORT, tunnel->encap.dport) || @@ -2188,6 +2454,7 @@ [IFLA_IPTUN_ENCAP_DPORT] = { .type = NLA_U16 }, [IFLA_IPTUN_COLLECT_METADATA] = { .type = NLA_FLAG }, [IFLA_IPTUN_FWMARK] = { .type = NLA_U32 }, + [IFLA_IPTUN_FMRS] = { .type = NLA_NESTED }, }; static struct rtnl_link_ops ip6_link_ops __read_mostly = { diff -ruw linux-5.15.42/net/ipv6/netfilter/Kconfig linux-5.15.42-fbx/net/ipv6/netfilter/Kconfig --- linux-5.15.42/net/ipv6/netfilter/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv6/netfilter/Kconfig 2024-04-22 14:46:58.204276198 +0200 @@ -6,6 +6,13 @@ menu "IPv6: Netfilter Configuration" depends on INET && IPV6 && NETFILTER +config IPV6_FFN + bool "IPv6: Fast forwarding and NAT" + +config IPV6_FFN_PROCFS + bool "IPv6: Fast forwarding and NAT /proc/net entries" + depends on IPV6_FFN + config NF_SOCKET_IPV6 tristate "IPv6 socket lookup support" help diff -ruw linux-5.15.42/net/ipv6/netfilter/ip6_tables.c linux-5.15.42-fbx/net/ipv6/netfilter/ip6_tables.c --- linux-5.15.42/net/ipv6/netfilter/ip6_tables.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv6/netfilter/ip6_tables.c 2024-04-22 14:46:58.204276198 +0200 @@ -1158,6 +1158,10 @@ tmp.num_counters, tmp.counters); if (ret) goto free_newinfo_untrans; + +#ifdef CONFIG_IPV6_FFN + ipv6_ffn_flush_all(); +#endif return 0; free_newinfo_untrans: diff -ruw linux-5.15.42/net/ipv6/udp.c linux-5.15.42-fbx/net/ipv6/udp.c --- linux-5.15.42/net/ipv6/udp.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/ipv6/udp.c 2024-04-22 14:46:58.212276417 +0200 @@ -811,6 +811,82 @@ * Note: called only from the BH handler context, * so we don't need to lock the hashes. */ +static int __udp6_lib_uc_conflict_deliver(struct net *net, struct sk_buff *skb, + const struct in6_addr *saddr, const struct in6_addr *daddr, + struct udp_table *udptable, int proto) +{ + struct sock *sk, *first = NULL; + const struct udphdr *uh = udp_hdr(skb); + unsigned short hnum = ntohs(uh->dest); + struct udp_hslot *hslot = udp_hashslot(udptable, net, hnum); + unsigned int offset = offsetof(typeof(*sk), sk_node); + int dif = inet6_iif(skb); + int sdif = inet6_sdif(skb); + struct hlist_node *node; + struct sk_buff *nskb; + bool found_non_dup; + + found_non_dup = false; + sk_for_each_entry_offset_rcu(sk, node, &hslot->head, offset) { + bool need_deliver; + + if (!__udp_v6_is_mcast_sock(net, sk, uh->dest, daddr, + uh->source, saddr, dif, sdif, hnum)) + + continue; + + /* If zero checksum and no_check is not on for + * the socket then skip it. + */ + if (!uh->check && !udp_sk(sk)->no_check6_rx) + continue; + + if (sock_flag(sk, SOCK_UDP_DUP_UNICAST)) + need_deliver = true; + else { + if (!found_non_dup) + need_deliver = true; + else + need_deliver = false; + found_non_dup = true; + } + + if (!need_deliver) + continue; + + if (!first) { + first = sk; + continue; + } + nskb = skb_clone(skb, GFP_ATOMIC); + if (unlikely(!nskb)) { + atomic_inc(&sk->sk_drops); + __UDP6_INC_STATS(net, UDP_MIB_RCVBUFERRORS, + IS_UDPLITE(sk)); + __UDP6_INC_STATS(net, UDP_MIB_INERRORS, + IS_UDPLITE(sk)); + continue; + } + + if (udpv6_queue_rcv_skb(sk, nskb) > 0) + consume_skb(nskb); + } + + if (first) { + if (udpv6_queue_rcv_skb(first, skb) > 0) + consume_skb(skb); + } else { + kfree_skb(skb); + __UDP6_INC_STATS(net, UDP_MIB_IGNOREDMULTI, + proto == IPPROTO_UDPLITE); + } + return 0; +} + +/* + * Note: called only from the BH handler context, + * so we don't need to lock the hashes. + */ static int __udp6_lib_mcast_deliver(struct net *net, struct sk_buff *skb, const struct in6_addr *saddr, const struct in6_addr *daddr, struct udp_table *udptable, int proto) @@ -984,6 +1060,12 @@ if (sk) { if (!uh->check && !udp_sk(sk)->no_check6_rx) goto report_csum_error; + + if (sk->sk_reuse_conflict) + return __udp6_lib_uc_conflict_deliver(net, skb, + saddr, daddr, + udptable, proto); + return udp6_unicast_rcv_skb(sk, skb, uh); } diff -ruw linux-5.15.42/net/key/af_key.c linux-5.15.42-fbx/net/key/af_key.c --- linux-5.15.42/net/key/af_key.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/key/af_key.c 2024-04-22 14:46:58.216276526 +0200 @@ -2826,10 +2826,8 @@ void *ext_hdrs[SADB_EXT_MAX]; int err; - err = pfkey_broadcast(skb_clone(skb, GFP_KERNEL), GFP_KERNEL, + pfkey_broadcast(skb_clone(skb, GFP_KERNEL), GFP_KERNEL, BROADCAST_PROMISC_ONLY, NULL, sock_net(sk)); - if (err) - return err; memset(ext_hdrs, 0, sizeof(ext_hdrs)); err = parse_exthdrs(skb, hdr, ext_hdrs); diff -ruw linux-5.15.42/net/mac80211/Makefile linux-5.15.42-fbx/net/mac80211/Makefile --- linux-5.15.42/net/mac80211/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/Makefile 2024-04-22 14:46:58.220276636 +0200 @@ -34,7 +34,9 @@ trace.o mlme.o \ tdls.o \ ocb.o \ - airtime.o + airtime.o \ + eht.o \ + nmeshd_nl.o mac80211-$(CONFIG_MAC80211_LEDS) += led.o mac80211-$(CONFIG_MAC80211_DEBUGFS) += \ diff -ruw linux-5.15.42/net/mac80211/agg-rx.c linux-5.15.42-fbx/net/mac80211/agg-rx.c --- linux-5.15.42/net/mac80211/agg-rx.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/agg-rx.c 2024-04-22 14:46:58.220276636 +0200 @@ -180,7 +180,8 @@ static void ieee80211_add_addbaext(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb, - const struct ieee80211_addba_ext_ie *req) + const struct ieee80211_addba_ext_ie *req, + u16 buf_size) { struct ieee80211_supported_band *sband; struct ieee80211_addba_ext_ie *resp; @@ -210,6 +211,8 @@ frag_level = cap_frag_level; resp->data |= u8_encode_bits(frag_level, IEEE80211_ADDBA_EXT_FRAG_LEVEL_MASK); + resp->data |= u8_encode_bits(buf_size >> IEEE80211_ADDBA_EXT_BUF_SIZE_SHIFT, + IEEE80211_ADDBA_EXT_BUF_SIZE_MASK); } static void ieee80211_send_addba_resp(struct sta_info *sta, u8 *da, u16 tid, @@ -261,7 +264,7 @@ mgmt->u.action.u.addba_resp.status = cpu_to_le16(status); if (sta->sta.he_cap.has_he && addbaext) - ieee80211_add_addbaext(sdata, skb, addbaext); + ieee80211_add_addbaext(sdata, skb, addbaext, buf_size); ieee80211_tx_skb(sdata, skb); } @@ -309,8 +312,10 @@ goto end; } - if (sta->sta.he_cap.has_he) - max_buf_size = IEEE80211_MAX_AMPDU_BUF; + if (sta->sta.eht_cap.has_eht) + max_buf_size = IEEE80211_MAX_AMPDU_BUF_EHT; + else if (sta->sta.he_cap.has_he) + max_buf_size = IEEE80211_MAX_AMPDU_BUF_HE; else max_buf_size = IEEE80211_MAX_AMPDU_BUF_HT; @@ -478,7 +483,7 @@ size_t len) { u16 capab, tid, timeout, ba_policy, buf_size, start_seq_num; - struct ieee802_11_elems elems = { }; + struct ieee802_11_elems *elems = NULL; u8 dialog_token; int ies_len; @@ -496,16 +501,25 @@ ies_len = len - offsetof(struct ieee80211_mgmt, u.action.u.addba_req.variable); if (ies_len) { - ieee802_11_parse_elems(mgmt->u.action.u.addba_req.variable, - ies_len, true, &elems, mgmt->bssid, NULL); - if (elems.parse_error) - return; + elems = ieee802_11_parse_elems(mgmt->u.action.u.addba_req.variable, + ies_len, true, NULL); + if (!elems || elems->parse_error) + goto free; + } + + if (sta->sta.eht_cap.has_eht && elems && elems->addba_ext_ie) { + u8 buf_size_1k = u8_get_bits(elems->addba_ext_ie->data, + IEEE80211_ADDBA_EXT_BUF_SIZE_MASK); + + buf_size |= buf_size_1k << IEEE80211_ADDBA_EXT_BUF_SIZE_SHIFT; } __ieee80211_start_rx_ba_session(sta, dialog_token, timeout, start_seq_num, ba_policy, tid, buf_size, true, false, - elems.addba_ext_ie); + elems ? elems->addba_ext_ie : NULL); +free: + kfree(elems); } void ieee80211_manage_rx_ba_offl(struct ieee80211_vif *vif, diff -ruw linux-5.15.42/net/mac80211/agg-tx.c linux-5.15.42-fbx/net/mac80211/agg-tx.c --- linux-5.15.42/net/mac80211/agg-tx.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/agg-tx.c 2024-04-22 14:46:58.220276636 +0200 @@ -139,6 +139,14 @@ } EXPORT_SYMBOL(ieee80211_send_bar); +void ieee80211_send_bar_sta(struct ieee80211_sta *pubsta, + u16 tid, u16 ssn) +{ + struct sta_info *sta = container_of(pubsta, struct sta_info, sta); + ieee80211_send_bar(&sta->sdata->vif, pubsta->addr, tid, ssn); +} +EXPORT_SYMBOL(ieee80211_send_bar_sta); + void ieee80211_assign_tid_tx(struct sta_info *sta, int tid, struct tid_ampdu_tx *tid_tx) { @@ -920,6 +928,8 @@ unlock_sta: spin_unlock_bh(&sta->lock); + if (start_txq) + ieee80211_agg_start_txq(sta, tid, false); if (start_txq) ieee80211_agg_start_txq(sta, tid, false); diff -ruw linux-5.15.42/net/mac80211/airtime.c linux-5.15.42-fbx/net/mac80211/airtime.c --- linux-5.15.42/net/mac80211/airtime.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/airtime.c 2024-04-22 14:46:58.220276636 +0200 @@ -1,6 +1,7 @@ // SPDX-License-Identifier: ISC /* * Copyright (C) 2019 Felix Fietkau + * Copyright (C) 2021 Intel Corporation */ #include @@ -67,17 +68,11 @@ #define IEEE80211_VHT_STREAM_GROUPS 8 /* BW(=4) * SGI(=2) */ #define IEEE80211_HE_MAX_STREAMS 8 -#define IEEE80211_HE_STREAM_GROUPS 12 /* BW(=4) * GI(=3) */ #define IEEE80211_HT_GROUPS_NB (IEEE80211_MAX_STREAMS * \ IEEE80211_HT_STREAM_GROUPS) #define IEEE80211_VHT_GROUPS_NB (IEEE80211_MAX_STREAMS * \ IEEE80211_VHT_STREAM_GROUPS) -#define IEEE80211_HE_GROUPS_NB (IEEE80211_HE_MAX_STREAMS * \ - IEEE80211_HE_STREAM_GROUPS) -#define IEEE80211_GROUPS_NB (IEEE80211_HT_GROUPS_NB + \ - IEEE80211_VHT_GROUPS_NB + \ - IEEE80211_HE_GROUPS_NB) #define IEEE80211_HT_GROUP_0 0 #define IEEE80211_VHT_GROUP_0 (IEEE80211_HT_GROUP_0 + IEEE80211_HT_GROUPS_NB) @@ -477,7 +472,9 @@ bool sp = status->enc_flags & RX_ENC_FLAG_SHORTPRE; bool cck; - if (WARN_ON_ONCE(status->band > NL80211_BAND_5GHZ)) + /* on 60GHz or sub-1GHz band, there are no legacy rates */ + if (WARN_ON_ONCE(status->band == NL80211_BAND_60GHZ || + status->band == NL80211_BAND_S1GHZ)) return 0; sband = hw->wiphy->bands[status->band]; @@ -650,12 +647,12 @@ struct sta_info *sta = container_of(pubsta, struct sta_info, sta); struct ieee80211_rx_status stat; - struct ieee80211_tx_rate *rate = &sta->tx_stats.last_rate; + struct ieee80211_tx_rate *tx_rate = &sta->tx_stats.last_rate; struct rate_info *ri = &sta->tx_stats.last_rate_info; u32 duration, overhead; u8 agg_shift; - if (ieee80211_fill_rx_status(&stat, hw, rate, ri, band, len)) + if (ieee80211_fill_rx_status(&stat, hw, tx_rate, ri, band, len)) return 0; if (stat.encoding == RX_ENC_LEGACY || !ampdu) diff -ruw linux-5.15.42/net/mac80211/cfg.c linux-5.15.42-fbx/net/mac80211/cfg.c --- linux-5.15.42/net/mac80211/cfg.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/cfg.c 2024-04-22 14:46:58.224276745 +0200 @@ -5,7 +5,7 @@ * Copyright 2006-2010 Johannes Berg * Copyright 2013-2015 Intel Mobile Communications GmbH * Copyright (C) 2015-2017 Intel Deutschland GmbH - * Copyright (C) 2018-2020 Intel Corporation + * Copyright (C) 2018-2021 Intel Corporation */ #include @@ -112,6 +112,36 @@ return 0; } +static int ieee80211_set_ap_mbssid_options(struct ieee80211_sub_if_data *sdata, + struct cfg80211_mbssid_config params) +{ + struct ieee80211_sub_if_data *tx_sdata; + + sdata->vif.mbssid_tx_vif = NULL; + sdata->vif.bss_conf.bssid_index = 0; + sdata->vif.bss_conf.nontransmitted = false; + sdata->vif.bss_conf.ema_ap = false; + + if (sdata->vif.type != NL80211_IFTYPE_AP || !params.tx_wdev) + return -EINVAL; + + tx_sdata = IEEE80211_WDEV_TO_SUB_IF(params.tx_wdev); + if (!tx_sdata) + return -EINVAL; + + if (tx_sdata == sdata) { + sdata->vif.mbssid_tx_vif = &sdata->vif; + } else { + sdata->vif.mbssid_tx_vif = &tx_sdata->vif; + sdata->vif.bss_conf.nontransmitted = true; + sdata->vif.bss_conf.bssid_index = params.index; + } + if (params.ema) + sdata->vif.bss_conf.ema_ap = true; + + return 0; +} + static struct wireless_dev *ieee80211_add_iface(struct wiphy *wiphy, const char *name, unsigned char name_assign_type, @@ -959,11 +989,29 @@ return 0; } +static int +ieee80211_copy_mbssid_beacon(u8 *pos, struct cfg80211_mbssid_elems *dst, + struct cfg80211_mbssid_elems *src) +{ + int i, offset = 0; + + for (i = 0; i < src->cnt; i++) { + memcpy(pos + offset, src->elem[i].data, src->elem[i].len); + dst->elem[i].len = src->elem[i].len; + dst->elem[i].data = pos + offset; + offset += dst->elem[i].len; + } + dst->cnt = src->cnt; + + return offset; +} + static int ieee80211_assign_beacon(struct ieee80211_sub_if_data *sdata, struct cfg80211_beacon_data *params, const struct ieee80211_csa_settings *csa, const struct ieee80211_color_change_settings *cca) { + struct cfg80211_mbssid_elems *mbssid = NULL; struct beacon_data *new, *old; int new_head_len, new_tail_len; int size, err; @@ -991,6 +1039,17 @@ size = sizeof(*new) + new_head_len + new_tail_len; + /* new or old multiple BSSID elements? */ + if (params->mbssid_ies) { + mbssid = params->mbssid_ies; + size += struct_size(new->mbssid_ies, elem, mbssid->cnt); + size += ieee80211_get_mbssid_beacon_len(mbssid); + } else if (old && old->mbssid_ies) { + mbssid = old->mbssid_ies; + size += struct_size(new->mbssid_ies, elem, mbssid->cnt); + size += ieee80211_get_mbssid_beacon_len(mbssid); + } + new = kzalloc(size, GFP_KERNEL); if (!new) return -ENOMEM; @@ -999,12 +1058,23 @@ /* * pointers go into the block we allocated, - * memory is | beacon_data | head | tail | + * memory is | beacon_data | head | tail | mbssid_ies */ new->head = ((u8 *) new) + sizeof(*new); new->tail = new->head + new_head_len; new->head_len = new_head_len; new->tail_len = new_tail_len; + /* copy in optional mbssid_ies */ + if (mbssid) { + u8 *pos = new->tail + new->tail_len; + + new->mbssid_ies = (void *)pos; + pos += struct_size(new->mbssid_ies, elem, mbssid->cnt); + ieee80211_copy_mbssid_beacon(pos, new->mbssid_ies, mbssid); + /* update bssid_indicator */ + sdata->vif.bss_conf.bssid_indicator = + ilog2(__roundup_pow_of_two(mbssid->cnt + 1)); + } if (csa) { new->cntdwn_current_counter = csa->count; @@ -1107,6 +1177,14 @@ changed |= BSS_CHANGED_HE_BSS_COLOR; } + if (sdata->vif.type == NL80211_IFTYPE_AP && + params->mbssid_config.tx_wdev) { + err = ieee80211_set_ap_mbssid_options(sdata, + params->mbssid_config); + if (err) + return err; + } + mutex_lock(&local->mtx); err = ieee80211_vif_use_channel(sdata, ¶ms->chandef, IEEE80211_CHANCTX_SHARED); @@ -1294,8 +1372,11 @@ mutex_unlock(&local->mtx); + if (sdata->u.ap.next_beacon) { + kfree(sdata->u.ap.next_beacon->mbssid_ies); kfree(sdata->u.ap.next_beacon); sdata->u.ap.next_beacon = NULL; + } /* turn off carrier for this interface and dependent VLANs */ list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) @@ -1474,38 +1555,6 @@ #endif } -static void sta_apply_airtime_params(struct ieee80211_local *local, - struct sta_info *sta, - struct station_parameters *params) -{ - u8 ac; - - for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) { - struct airtime_sched_info *air_sched = &local->airtime[ac]; - struct airtime_info *air_info = &sta->airtime[ac]; - struct txq_info *txqi; - u8 tid; - - spin_lock_bh(&air_sched->lock); - for (tid = 0; tid < IEEE80211_NUM_TIDS + 1; tid++) { - if (air_info->weight == params->airtime_weight || - !sta->sta.txq[tid] || - ac != ieee80211_ac_from_tid(tid)) - continue; - - airtime_weight_set(air_info, params->airtime_weight); - - txqi = to_txq_info(sta->sta.txq[tid]); - if (RB_EMPTY_NODE(&txqi->schedule_order)) - continue; - - ieee80211_update_airtime_weight(local, air_sched, - 0, true); - } - spin_unlock_bh(&air_sched->lock); - } -} - static int sta_apply_parameters(struct ieee80211_local *local, struct sta_info *sta, struct station_parameters *params) @@ -1678,6 +1727,14 @@ (void *)params->he_6ghz_capa, sta); + if (params->eht_capa) + ieee80211_eht_cap_ie_to_sta_eht_cap(sdata, sband, + (u8 *)params->he_capa, + params->he_capa_len, + params->eht_capa, + params->eht_capa_len, + sta); + if (params->opmode_notif_used) { /* returned value is only needed for rc update, but the * rc isn't initialized here yet, so ignore it @@ -1693,8 +1750,7 @@ sta_apply_mesh_params(local, sta, params); if (params->airtime_weight) - sta_apply_airtime_params(local, sta, params); - + sta->airtime_weight = params->airtime_weight; /* set the STA state after all sta info from usermode has been set */ if (test_sta_flag(sta, WLAN_STA_TDLS_PEER) || @@ -2090,6 +2146,163 @@ return 0; } +int ieee80211_update_mpp(struct wiphy *wiphy, struct net_device *dev, + const u8 *dst, const u8 *next_hop) +{ + struct ieee80211_sub_if_data *sdata; + int ret = 0; + struct mesh_path *mppath; + + sdata = IEEE80211_DEV_TO_SUB_IF(dev); + + rcu_read_lock(); + + mppath = mpp_path_lookup(sdata, dst); + if (!mppath) { + ret = mpp_path_add(sdata, dst, next_hop); + if (!ret) { + mppath = mpp_path_lookup(sdata, dst); + spin_lock_bh(&mppath->state_lock); + mppath->flags |= MESH_PATH_FIXED; + spin_unlock_bh(&mppath->state_lock); + } + } else { + spin_lock_bh(&mppath->state_lock); + if (!ether_addr_equal(mppath->mpp, next_hop)) + memcpy(mppath->mpp, next_hop, ETH_ALEN); + mppath->exp_time = jiffies; + mppath->flags |= MESH_PATH_FIXED; + spin_unlock_bh(&mppath->state_lock); + } + rcu_read_unlock(); + return ret; +} + +int ieee80211_delete_mpp(struct wiphy *wiphy, struct net_device *dev, + const u8 *dst) +{ + struct ieee80211_sub_if_data *sdata; + int ret = 0; + struct mesh_path *mppath; + + sdata = IEEE80211_DEV_TO_SUB_IF(dev); + rcu_read_lock(); + mppath = mpp_path_lookup(sdata, dst); + if (mppath) { + spin_lock_bh(&mppath->state_lock); + mppath->flags &= ~MESH_PATH_FIXED; + spin_unlock_bh(&mppath->state_lock); + } else { + ret = -ENOENT; + } + rcu_read_unlock(); + return ret; +} + +static struct mplink_block_list_info * +ieee80211_find_mp_blink_info(struct ieee80211_if_mesh *ifmsh, const u8 *dst) +{ + struct mplink_block_list_info *mp_blink; + + list_for_each_entry(mp_blink, &ifmsh->mplink_blocking_list, list) { + if (ether_addr_equal(dst, mp_blink->dst)) + return mp_blink; + } + + return NULL; +} + +int ieee80211_mplink_block(struct wiphy *wiphy, struct net_device *dev, + const u8 *dst) +{ + struct ieee80211_sub_if_data *sdata; + struct ieee80211_if_mesh *ifmsh; + struct mplink_block_list_info *mp_blink; + int ret = 0; + + sdata = IEEE80211_DEV_TO_SUB_IF(dev); + ifmsh = &sdata->u.mesh; + + spin_lock_bh(&ifmsh->mplink_blocking_list_lock); + + if (ieee80211_find_mp_blink_info(ifmsh, dst)) + goto out; + + mp_blink = kzalloc(sizeof(*mp_blink), GFP_ATOMIC); + if (!mp_blink) { + ret = -ENOMEM; + goto out; + } + + memcpy(mp_blink->dst, dst, ETH_ALEN); + list_add_tail(&mp_blink->list, &ifmsh->mplink_blocking_list); + +out: + spin_unlock_bh(&ifmsh->mplink_blocking_list_lock); + return ret; +} + +int ieee80211_mplink_unblock(struct wiphy *wiphy, struct net_device *dev, + const u8 *dst) +{ + struct ieee80211_sub_if_data *sdata; + struct ieee80211_if_mesh *ifmsh; + struct mplink_block_list_info *mp_blink; + int ret = 0; + + sdata = IEEE80211_DEV_TO_SUB_IF(dev); + ifmsh = &sdata->u.mesh; + + spin_lock_bh(&ifmsh->mplink_blocking_list_lock); + + mp_blink = ieee80211_find_mp_blink_info(ifmsh, dst); + if (!mp_blink) { + ret = -ENOENT; + goto out; + } + + list_del(&mp_blink->list); + kfree(mp_blink); + +out: + spin_unlock_bh(&ifmsh->mplink_blocking_list_lock); + + return ret; +} + +int ieee80211_dump_blocked_mplink_info(struct wiphy *wiphy, struct net_device *dev, + struct mplink_blocked_info *minfo) +{ + struct ieee80211_sub_if_data *sdata; + struct ieee80211_if_mesh *ifmsh; + struct mplink_block_list_info *mp_blink; + u32 len = 0; + + sdata = IEEE80211_DEV_TO_SUB_IF(dev); + ifmsh = &sdata->u.mesh; + + spin_lock_bh(&ifmsh->mplink_blocking_list_lock); + list_for_each_entry(mp_blink, &ifmsh->mplink_blocking_list, list) { + if (minfo->count > (sizeof(struct mplink_blocked_info) / ETH_ALEN)) + break; + memcpy(minfo->info + len, mp_blink->dst, ETH_ALEN); + len += ETH_ALEN; + minfo->count++; + } + spin_unlock_bh(&ifmsh->mplink_blocking_list_lock); + + return 0; +} + +int ieee80211_mplink_flush(struct wiphy *wiphy, struct net_device *dev) +{ + struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); + + ieee80211_mesh_free_blocked_mplink_entries(sdata); + + return 0; +} + static int ieee80211_get_mesh_config(struct wiphy *wiphy, struct net_device *dev, struct mesh_config *conf) @@ -2282,6 +2495,36 @@ return 0; } +int ieee80211_update_mesh_vendor_node_metrics_ie(struct wiphy *wiphy, + struct net_device *dev, + const struct mesh_vendor_ie *vendor_ie) +{ + struct ieee80211_sub_if_data *sdata; + struct ieee80211_if_mesh *ifmsh; + + sdata = IEEE80211_DEV_TO_SUB_IF(dev); + ifmsh = &sdata->u.mesh; + memcpy(ifmsh->node_vendor_ie, vendor_ie->ie, vendor_ie->ie_len); + ifmsh->node_vendor_ie_len = vendor_ie->ie_len; + ieee80211_mbss_info_change_notify(sdata, BSS_CHANGED_BEACON); + return 0; +} + +int ieee80211_update_mesh_vendor_path_metrics_ie(struct wiphy *wiphy, + struct net_device *dev, + const struct mesh_vendor_ie *vendor_ie) +{ + struct ieee80211_sub_if_data *sdata; + struct ieee80211_if_mesh *ifmsh; + + sdata = IEEE80211_DEV_TO_SUB_IF(dev); + ifmsh = &sdata->u.mesh; + memcpy(ifmsh->mpm_vendor_ie, vendor_ie->ie, vendor_ie->ie_len); + ifmsh->mpm_vendor_ie_len = vendor_ie->ie_len; + ieee80211_mbss_info_change_notify(sdata, BSS_CHANGED_BEACON); + return 0; +} + static int ieee80211_join_mesh(struct wiphy *wiphy, struct net_device *dev, const struct mesh_config *conf, const struct mesh_setup *setup) @@ -2305,8 +2548,10 @@ err = ieee80211_vif_use_channel(sdata, &setup->chandef, IEEE80211_CHANCTX_SHARED); mutex_unlock(&sdata->local->mtx); - if (err) + if (err) { + kfree(ifmsh->ie); return err; + } return ieee80211_start_mesh(sdata); } @@ -3089,12 +3334,24 @@ len = beacon->head_len + beacon->tail_len + beacon->beacon_ies_len + beacon->proberesp_ies_len + beacon->assocresp_ies_len + - beacon->probe_resp_len + beacon->lci_len + beacon->civicloc_len; + beacon->probe_resp_len + beacon->lci_len + beacon->civicloc_len + + ieee80211_get_mbssid_beacon_len(beacon->mbssid_ies); new_beacon = kzalloc(sizeof(*new_beacon) + len, GFP_KERNEL); if (!new_beacon) return NULL; + if (beacon->mbssid_ies && beacon->mbssid_ies->cnt) { + new_beacon->mbssid_ies = + kzalloc(struct_size(new_beacon->mbssid_ies, + elem, beacon->mbssid_ies->cnt), + GFP_KERNEL); + if (!new_beacon->mbssid_ies) { + kfree(new_beacon); + return NULL; + } + } + pos = (u8 *)(new_beacon + 1); if (beacon->head_len) { new_beacon->head_len = beacon->head_len; @@ -3132,6 +3389,10 @@ memcpy(pos, beacon->probe_resp, beacon->probe_resp_len); pos += beacon->probe_resp_len; } + if (beacon->mbssid_ies && beacon->mbssid_ies->cnt) + pos += ieee80211_copy_mbssid_beacon(pos, + new_beacon->mbssid_ies, + beacon->mbssid_ies); /* might copy -1, meaning no changes requested */ new_beacon->ftm_responder = beacon->ftm_responder; @@ -3154,12 +3415,46 @@ void ieee80211_csa_finish(struct ieee80211_vif *vif) { struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); + struct ieee80211_local *local = sdata->local; - ieee80211_queue_work(&sdata->local->hw, - &sdata->csa_finalize_work); + rcu_read_lock(); + + if (vif->mbssid_tx_vif == vif) { + /* Trigger ieee80211_csa_finish() on the non-transmitting + * interfaces when channel switch is received on + * transmitting interface + */ + struct ieee80211_sub_if_data *iter; + + list_for_each_entry_rcu(iter, &local->interfaces, list) { + if (!ieee80211_sdata_running(iter)) + continue; + + if (iter == sdata || iter->vif.mbssid_tx_vif != vif) + continue; + + ieee80211_queue_work(&iter->local->hw, + &iter->csa_finalize_work); + } + } + ieee80211_queue_work(&local->hw, &sdata->csa_finalize_work); + + rcu_read_unlock(); } EXPORT_SYMBOL(ieee80211_csa_finish); +void ieee80211_channel_switch_disconnect(struct ieee80211_vif *vif, bool block_tx) +{ + struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); + struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; + struct ieee80211_local *local = sdata->local; + + sdata->csa_block_tx = block_tx; + sdata_info(sdata, "channel switch failed, disconnecting\n"); + ieee80211_queue_work(&local->hw, &ifmgd->csa_connection_drop_work); +} +EXPORT_SYMBOL(ieee80211_channel_switch_disconnect); + static int ieee80211_set_after_csa_beacon(struct ieee80211_sub_if_data *sdata, u32 *changed) { @@ -3169,8 +3464,11 @@ case NL80211_IFTYPE_AP: err = ieee80211_assign_beacon(sdata, sdata->u.ap.next_beacon, NULL, NULL); + if (sdata->u.ap.next_beacon) { + kfree(sdata->u.ap.next_beacon->mbssid_ies); kfree(sdata->u.ap.next_beacon); sdata->u.ap.next_beacon = NULL; + } if (err < 0) return err; @@ -3325,8 +3623,12 @@ if ((params->n_counter_offsets_beacon > IEEE80211_MAX_CNTDWN_COUNTERS_NUM) || (params->n_counter_offsets_presp > - IEEE80211_MAX_CNTDWN_COUNTERS_NUM)) + IEEE80211_MAX_CNTDWN_COUNTERS_NUM)) { + kfree(sdata->u.ap.next_beacon->mbssid_ies); + kfree(sdata->u.ap.next_beacon); + sdata->u.ap.next_beacon = NULL; return -EINVAL; + } csa.counter_offsets_beacon = params->counter_offsets_beacon; csa.counter_offsets_presp = params->counter_offsets_presp; @@ -3336,7 +3638,9 @@ err = ieee80211_assign_beacon(sdata, ¶ms->beacon_csa, &csa, NULL); if (err < 0) { + kfree(sdata->u.ap.next_beacon->mbssid_ies); kfree(sdata->u.ap.next_beacon); + sdata->u.ap.next_beacon = NULL; return err; } *changed |= err; @@ -3426,8 +3730,11 @@ static void ieee80211_color_change_abort(struct ieee80211_sub_if_data *sdata) { sdata->vif.color_change_active = false; + if (sdata->u.ap.next_beacon) { + kfree(sdata->u.ap.next_beacon->mbssid_ies); kfree(sdata->u.ap.next_beacon); sdata->u.ap.next_beacon = NULL; + } cfg80211_color_change_aborted_notify(sdata->dev); } @@ -4165,8 +4472,11 @@ ret = ieee80211_assign_beacon(sdata, sdata->u.ap.next_beacon, NULL, NULL); + if (sdata->u.ap.next_beacon) { + kfree(sdata->u.ap.next_beacon->mbssid_ies); kfree(sdata->u.ap.next_beacon); sdata->u.ap.next_beacon = NULL; + } if (ret < 0) return ret; @@ -4209,7 +4519,11 @@ err = ieee80211_assign_beacon(sdata, ¶ms->beacon_color_change, NULL, &color_change); if (err < 0) { + if (sdata->u.ap.next_beacon) { + kfree(sdata->u.ap.next_beacon->mbssid_ies); kfree(sdata->u.ap.next_beacon); + sdata->u.ap.next_beacon = NULL; + } return err; } *changed |= err; @@ -4230,6 +4544,21 @@ changed |= BSS_CHANGED_HE_BSS_COLOR; ieee80211_bss_info_change_notify(sdata, changed); + + if (!sdata->vif.bss_conf.nontransmitted && sdata->vif.mbssid_tx_vif) { + struct ieee80211_sub_if_data *child; + + mutex_lock(&sdata->local->iflist_mtx); + list_for_each_entry(child, &sdata->local->interfaces, list) { + if (child != sdata && child->vif.mbssid_tx_vif == &sdata->vif) { + child->vif.bss_conf.he_bss_color.color = color; + child->vif.bss_conf.he_bss_color.enabled = enable; + ieee80211_bss_info_change_notify(child, + BSS_CHANGED_HE_BSS_COLOR); + } + } + mutex_unlock(&sdata->local->iflist_mtx); + } } static int ieee80211_color_change_finalize(struct ieee80211_sub_if_data *sdata) @@ -4314,6 +4643,9 @@ sdata_assert_lock(sdata); + if (sdata->vif.bss_conf.nontransmitted) + return -EINVAL; + mutex_lock(&local->mtx); /* don't allow another color change if one is already active or if csa @@ -4345,6 +4677,25 @@ return err; } +static int +ieee80211_set_radar_background(struct wiphy *wiphy, + struct cfg80211_chan_def *chandef) +{ + struct ieee80211_local *local = wiphy_priv(wiphy); + + if (!local->ops->set_radar_background) + return -EOPNOTSUPP; + + return local->ops->set_radar_background(&local->hw, chandef); +} + +static int ieee80211_get_avg_busy_time(struct wiphy *wiphy, + struct net_device *dev) +{ + struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); + return ewma_avg_busy_read(&sdata->avg_busy); +} + const struct cfg80211_ops mac80211_config_ops = { .add_virtual_intf = ieee80211_add_iface, .del_virtual_intf = ieee80211_del_iface, @@ -4449,4 +4800,6 @@ .reset_tid_config = ieee80211_reset_tid_config, .set_sar_specs = ieee80211_set_sar_specs, .color_change = ieee80211_color_change, + .set_radar_background = ieee80211_set_radar_background, + .get_avg_busy_time = ieee80211_get_avg_busy_time, }; diff -ruw linux-5.15.42/net/mac80211/chan.c linux-5.15.42-fbx/net/mac80211/chan.c --- linux-5.15.42/net/mac80211/chan.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/chan.c 2024-04-22 14:46:58.224276745 +0200 @@ -218,6 +218,8 @@ * might be smaller than the configured bw (160). */ return NL80211_CHAN_WIDTH_160; + case IEEE80211_STA_RX_BW_320: + return NL80211_CHAN_WIDTH_320; default: WARN_ON(1); return NL80211_CHAN_WIDTH_20; @@ -417,7 +419,7 @@ { u32 changed; - /* expected to handle only 20/40/80/160 channel widths */ + /* expected to handle only 20/40/80/160/320 channel widths */ switch (chandef->width) { case NL80211_CHAN_WIDTH_20_NOHT: case NL80211_CHAN_WIDTH_20: @@ -425,6 +427,7 @@ case NL80211_CHAN_WIDTH_80: case NL80211_CHAN_WIDTH_80P80: case NL80211_CHAN_WIDTH_160: + case NL80211_CHAN_WIDTH_320: break; default: WARN_ON(1); diff -ruw linux-5.15.42/net/mac80211/debugfs.c linux-5.15.42-fbx/net/mac80211/debugfs.c --- linux-5.15.42/net/mac80211/debugfs.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/debugfs.c 2024-04-22 14:46:58.224276745 +0200 @@ -216,14 +216,14 @@ "VI %u %u\n" "BE %u %u\n" "BK %u %u\n", - local->airtime[IEEE80211_AC_VO].aql_txq_limit_low, - local->airtime[IEEE80211_AC_VO].aql_txq_limit_high, - local->airtime[IEEE80211_AC_VI].aql_txq_limit_low, - local->airtime[IEEE80211_AC_VI].aql_txq_limit_high, - local->airtime[IEEE80211_AC_BE].aql_txq_limit_low, - local->airtime[IEEE80211_AC_BE].aql_txq_limit_high, - local->airtime[IEEE80211_AC_BK].aql_txq_limit_low, - local->airtime[IEEE80211_AC_BK].aql_txq_limit_high); + local->aql_txq_limit_low[IEEE80211_AC_VO], + local->aql_txq_limit_high[IEEE80211_AC_VO], + local->aql_txq_limit_low[IEEE80211_AC_VI], + local->aql_txq_limit_high[IEEE80211_AC_VI], + local->aql_txq_limit_low[IEEE80211_AC_BE], + local->aql_txq_limit_high[IEEE80211_AC_BE], + local->aql_txq_limit_low[IEEE80211_AC_BK], + local->aql_txq_limit_high[IEEE80211_AC_BK]); return simple_read_from_buffer(user_buf, count, ppos, buf, len); } @@ -255,11 +255,11 @@ if (ac >= IEEE80211_NUM_ACS) return -EINVAL; - q_limit_low_old = local->airtime[ac].aql_txq_limit_low; - q_limit_high_old = local->airtime[ac].aql_txq_limit_high; + q_limit_low_old = local->aql_txq_limit_low[ac]; + q_limit_high_old = local->aql_txq_limit_high[ac]; - local->airtime[ac].aql_txq_limit_low = q_limit_low; - local->airtime[ac].aql_txq_limit_high = q_limit_high; + local->aql_txq_limit_low[ac] = q_limit_low; + local->aql_txq_limit_high[ac] = q_limit_high; mutex_lock(&local->sta_mtx); list_for_each_entry(sta, &local->sta_list, list) { @@ -382,46 +382,6 @@ .llseek = default_llseek, }; -static ssize_t airtime_read(struct file *file, - char __user *user_buf, - size_t count, - loff_t *ppos) -{ - struct ieee80211_local *local = file->private_data; - char buf[200]; - u64 v_t[IEEE80211_NUM_ACS]; - u64 wt[IEEE80211_NUM_ACS]; - int len = 0, ac; - - for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) { - spin_lock_bh(&local->airtime[ac].lock); - v_t[ac] = local->airtime[ac].v_t; - wt[ac] = local->airtime[ac].weight_sum; - spin_unlock_bh(&local->airtime[ac].lock); - } - len = scnprintf(buf, sizeof(buf), - "\tVO VI BE BK\n" - "Virt-t\t%-10llu %-10llu %-10llu %-10llu\n" - "Weight\t%-10llu %-10llu %-10llu %-10llu\n", - v_t[0], - v_t[1], - v_t[2], - v_t[3], - wt[0], - wt[1], - wt[2], - wt[3]); - - return simple_read_from_buffer(user_buf, count, ppos, - buf, len); -} - -static const struct file_operations airtime_ops = { - .read = airtime_read, - .open = simple_open, - .llseek = default_llseek, -}; - #ifdef CONFIG_PM static ssize_t reset_write(struct file *file, const char __user *user_buf, size_t count, loff_t *ppos) @@ -504,6 +464,7 @@ FLAG(SUPPORTS_TX_ENCAP_OFFLOAD), FLAG(SUPPORTS_RX_DECAP_OFFLOAD), FLAG(SUPPORTS_CONC_MON_RX_DECAP), + FLAG(APVLAN_NEED_MCAST_TO_UCAST), #undef FLAG }; @@ -634,8 +595,10 @@ .llseek = generic_file_llseek, \ }; +#ifdef CONFIG_MAC80211_DEBUG_COUNTERS #define DEBUGFS_STATS_ADD(name) \ debugfs_create_u32(#name, 0400, statsd, &local->name); +#endif #define DEBUGFS_DEVSTATS_ADD(name) \ debugfs_create_file(#name, 0400, statsd, local, &stats_ ##name## _ops); @@ -672,11 +635,7 @@ if (local->ops->wake_tx_queue) DEBUGFS_ADD_MODE(aqm, 0600); - if (wiphy_ext_feature_isset(local->hw.wiphy, - NL80211_EXT_FEATURE_AIRTIME_FAIRNESS)) { - DEBUGFS_ADD_MODE(airtime, 0600); DEBUGFS_ADD_MODE(airtime_flags, 0600); - } DEBUGFS_ADD(aql_txq_limit); debugfs_create_u32("aql_threshold", 0600, diff -ruw linux-5.15.42/net/mac80211/debugfs_key.c linux-5.15.42-fbx/net/mac80211/debugfs_key.c --- linux-5.15.42/net/mac80211/debugfs_key.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/debugfs_key.c 2024-04-22 14:46:58.224276745 +0200 @@ -4,6 +4,7 @@ * Copyright (c) 2006 Jiri Benc * Copyright 2007 Johannes Berg * Copyright (C) 2015 Intel Deutschland GmbH + * Copyright (C) 2021 Intel Corporation */ #include @@ -22,7 +23,6 @@ return mac80211_format_buffer(userbuf, count, ppos, \ format_string, key->prop); \ } -#define KEY_READ_D(name) KEY_READ(name, name, "%d\n") #define KEY_READ_X(name) KEY_READ(name, name, "0x%x\n") #define KEY_OPS(name) \ diff -ruw linux-5.15.42/net/mac80211/debugfs_netdev.c linux-5.15.42-fbx/net/mac80211/debugfs_netdev.c --- linux-5.15.42/net/mac80211/debugfs_netdev.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/debugfs_netdev.c 2024-04-22 14:46:58.224276745 +0200 @@ -2,7 +2,7 @@ /* * Copyright (c) 2006 Jiri Benc * Copyright 2007 Johannes Berg - * Copyright (C) 2020 Intel Corporation + * Copyright (C) 2020-2021 Intel Corporation */ #include @@ -77,8 +77,6 @@ IEEE80211_IF_FMT(name, field, "%#x\n") #define IEEE80211_IF_FMT_LHEX(name, field) \ IEEE80211_IF_FMT(name, field, "%#lx\n") -#define IEEE80211_IF_FMT_SIZE(name, field) \ - IEEE80211_IF_FMT(name, field, "%zd\n") #define IEEE80211_IF_FMT_HEXARRAY(name, field) \ static ssize_t ieee80211_if_fmt_##name( \ @@ -512,34 +510,6 @@ } IEEE80211_IF_FILE_R(aqm); -static ssize_t ieee80211_if_fmt_airtime( - const struct ieee80211_sub_if_data *sdata, char *buf, int buflen) -{ - struct ieee80211_local *local = sdata->local; - struct ieee80211_txq *txq = sdata->vif.txq; - struct airtime_info *air_info; - int len; - - if (!txq) - return 0; - - spin_lock_bh(&local->airtime[txq->ac].lock); - air_info = to_airtime_info(txq); - len = scnprintf(buf, - buflen, - "RX: %llu us\nTX: %llu us\nWeight: %u\n" - "Virt-T: %lld us\n", - air_info->rx_airtime, - air_info->tx_airtime, - air_info->weight, - air_info->v_t); - spin_unlock_bh(&local->airtime[txq->ac].lock); - - return len; -} - -IEEE80211_IF_FILE_R(airtime); - IEEE80211_IF_FILE(multicast_to_unicast, u.ap.multicast_to_unicast, HEX); /* IBSS attributes */ @@ -685,10 +655,8 @@ if (sdata->local->ops->wake_tx_queue && sdata->vif.type != NL80211_IFTYPE_P2P_DEVICE && - sdata->vif.type != NL80211_IFTYPE_NAN) { + sdata->vif.type != NL80211_IFTYPE_NAN) DEBUGFS_ADD(aqm); - DEBUGFS_ADD(airtime); - } } static void add_sta_files(struct ieee80211_sub_if_data *sdata) diff -ruw linux-5.15.42/net/mac80211/debugfs_sta.c linux-5.15.42-fbx/net/mac80211/debugfs_sta.c --- linux-5.15.42/net/mac80211/debugfs_sta.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/debugfs_sta.c 2024-04-22 14:46:58.224276745 +0200 @@ -5,7 +5,7 @@ * Copyright 2007 Johannes Berg * Copyright 2013-2014 Intel Mobile Communications GmbH * Copyright(c) 2016 Intel Deutschland GmbH - * Copyright (C) 2018 - 2020 Intel Corporation + * Copyright (C) 2018 - 2021 Intel Corporation */ #include @@ -202,7 +202,7 @@ size_t bufsz = 400; char *buf = kzalloc(bufsz, GFP_KERNEL), *p = buf; u64 rx_airtime = 0, tx_airtime = 0; - u64 v_t[IEEE80211_NUM_ACS]; + s64 deficit[IEEE80211_NUM_ACS]; ssize_t rv; int ac; @@ -210,18 +210,18 @@ return -ENOMEM; for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) { - spin_lock_bh(&local->airtime[ac].lock); + spin_lock_bh(&local->active_txq_lock[ac]); rx_airtime += sta->airtime[ac].rx_airtime; tx_airtime += sta->airtime[ac].tx_airtime; - v_t[ac] = sta->airtime[ac].v_t; - spin_unlock_bh(&local->airtime[ac].lock); + deficit[ac] = sta->airtime[ac].deficit; + spin_unlock_bh(&local->active_txq_lock[ac]); } p += scnprintf(p, bufsz + buf - p, "RX: %llu us\nTX: %llu us\nWeight: %u\n" - "Virt-T: VO: %lld us VI: %lld us BE: %lld us BK: %lld us\n", - rx_airtime, tx_airtime, sta->airtime[0].weight, - v_t[0], v_t[1], v_t[2], v_t[3]); + "Deficit: VO: %lld us VI: %lld us BE: %lld us BK: %lld us\n", + rx_airtime, tx_airtime, sta->airtime_weight, + deficit[0], deficit[1], deficit[2], deficit[3]); rv = simple_read_from_buffer(userbuf, count, ppos, buf, p - buf); kfree(buf); @@ -236,11 +236,11 @@ int ac; for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) { - spin_lock_bh(&local->airtime[ac].lock); + spin_lock_bh(&local->active_txq_lock[ac]); sta->airtime[ac].rx_airtime = 0; sta->airtime[ac].tx_airtime = 0; - sta->airtime[ac].v_t = 0; - spin_unlock_bh(&local->airtime[ac].lock); + sta->airtime[ac].deficit = sta->airtime_weight; + spin_unlock_bh(&local->active_txq_lock[ac]); } return count; @@ -263,10 +263,10 @@ return -ENOMEM; for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) { - spin_lock_bh(&local->airtime[ac].lock); + spin_lock_bh(&local->active_txq_lock[ac]); q_limit_l[ac] = sta->airtime[ac].aql_limit_low; q_limit_h[ac] = sta->airtime[ac].aql_limit_high; - spin_unlock_bh(&local->airtime[ac].lock); + spin_unlock_bh(&local->active_txq_lock[ac]); q_depth[ac] = atomic_read(&sta->airtime[ac].aql_tx_pending); } @@ -314,17 +314,24 @@ static ssize_t sta_agg_status_read(struct file *file, char __user *userbuf, size_t count, loff_t *ppos) { - char buf[71 + IEEE80211_NUM_TIDS * 40], *p = buf; + char *buf, *p; + ssize_t bufsz = 71 + IEEE80211_NUM_TIDS * 40; int i; struct sta_info *sta = file->private_data; struct tid_ampdu_rx *tid_rx; struct tid_ampdu_tx *tid_tx; + ssize_t ret; + + buf = kzalloc(bufsz, GFP_KERNEL); + if (!buf) + return -ENOMEM; + p = buf; rcu_read_lock(); - p += scnprintf(p, sizeof(buf) + buf - p, "next dialog_token: %#02x\n", + p += scnprintf(p, bufsz + buf - p, "next dialog_token: %#02x\n", sta->ampdu_mlme.dialog_token_allocator + 1); - p += scnprintf(p, sizeof(buf) + buf - p, + p += scnprintf(p, bufsz + buf - p, "TID\t\tRX\tDTKN\tSSN\t\tTX\tDTKN\tpending\n"); for (i = 0; i < IEEE80211_NUM_TIDS; i++) { @@ -334,25 +341,27 @@ tid_tx = rcu_dereference(sta->ampdu_mlme.tid_tx[i]); tid_rx_valid = test_bit(i, sta->ampdu_mlme.agg_session_valid); - p += scnprintf(p, sizeof(buf) + buf - p, "%02d", i); - p += scnprintf(p, sizeof(buf) + buf - p, "\t\t%x", + p += scnprintf(p, bufsz + buf - p, "%02d", i); + p += scnprintf(p, bufsz + buf - p, "\t\t%x", tid_rx_valid); - p += scnprintf(p, sizeof(buf) + buf - p, "\t%#.2x", + p += scnprintf(p, bufsz + buf - p, "\t%#.2x", tid_rx_valid ? sta->ampdu_mlme.tid_rx_token[i] : 0); - p += scnprintf(p, sizeof(buf) + buf - p, "\t%#.3x", + p += scnprintf(p, bufsz + buf - p, "\t%#.3x", tid_rx ? tid_rx->ssn : 0); - p += scnprintf(p, sizeof(buf) + buf - p, "\t\t%x", !!tid_tx); - p += scnprintf(p, sizeof(buf) + buf - p, "\t%#.2x", + p += scnprintf(p, bufsz + buf - p, "\t\t%x", !!tid_tx); + p += scnprintf(p, bufsz + buf - p, "\t%#.2x", tid_tx ? tid_tx->dialog_token : 0); - p += scnprintf(p, sizeof(buf) + buf - p, "\t%03d", + p += scnprintf(p, bufsz + buf - p, "\t%03d", tid_tx ? skb_queue_len(&tid_tx->pending) : 0); - p += scnprintf(p, sizeof(buf) + buf - p, "\n"); + p += scnprintf(p, bufsz + buf - p, "\n"); } rcu_read_unlock(); - return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf); + ret = simple_read_from_buffer(userbuf, count, ppos, buf, p - buf); + kfree(buf); + return ret; } static ssize_t sta_agg_status_write(struct file *file, const char __user *userbuf, @@ -432,17 +441,24 @@ #define PRINT_HT_CAP(_cond, _str) \ do { \ if (_cond) \ - p += scnprintf(p, sizeof(buf)+buf-p, "\t" _str "\n"); \ + p += scnprintf(p, bufsz + buf - p, "\t" _str "\n"); \ } while (0) - char buf[512], *p = buf; + char *buf, *p; int i; + ssize_t bufsz = 512; struct sta_info *sta = file->private_data; struct ieee80211_sta_ht_cap *htc = &sta->sta.ht_cap; + ssize_t ret; + + buf = kzalloc(bufsz, GFP_KERNEL); + if (!buf) + return -ENOMEM; + p = buf; - p += scnprintf(p, sizeof(buf) + buf - p, "ht %ssupported\n", + p += scnprintf(p, bufsz + buf - p, "ht %ssupported\n", htc->ht_supported ? "" : "not "); if (htc->ht_supported) { - p += scnprintf(p, sizeof(buf)+buf-p, "cap: %#.4x\n", htc->cap); + p += scnprintf(p, bufsz + buf - p, "cap: %#.4x\n", htc->cap); PRINT_HT_CAP((htc->cap & BIT(0)), "RX LDPC"); PRINT_HT_CAP((htc->cap & BIT(1)), "HT20/HT40"); @@ -484,81 +500,90 @@ PRINT_HT_CAP((htc->cap & BIT(15)), "L-SIG TXOP protection"); - p += scnprintf(p, sizeof(buf)+buf-p, "ampdu factor/density: %d/%d\n", + p += scnprintf(p, bufsz + buf - p, "ampdu factor/density: %d/%d\n", htc->ampdu_factor, htc->ampdu_density); - p += scnprintf(p, sizeof(buf)+buf-p, "MCS mask:"); + p += scnprintf(p, bufsz + buf - p, "MCS mask:"); for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) - p += scnprintf(p, sizeof(buf)+buf-p, " %.2x", + p += scnprintf(p, bufsz + buf - p, " %.2x", htc->mcs.rx_mask[i]); - p += scnprintf(p, sizeof(buf)+buf-p, "\n"); + p += scnprintf(p, bufsz + buf - p, "\n"); /* If not set this is meaningless */ if (le16_to_cpu(htc->mcs.rx_highest)) { - p += scnprintf(p, sizeof(buf)+buf-p, + p += scnprintf(p, bufsz + buf - p, "MCS rx highest: %d Mbps\n", le16_to_cpu(htc->mcs.rx_highest)); } - p += scnprintf(p, sizeof(buf)+buf-p, "MCS tx params: %x\n", + p += scnprintf(p, bufsz + buf - p, "MCS tx params: %x\n", htc->mcs.tx_params); } - return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf); + ret = simple_read_from_buffer(userbuf, count, ppos, buf, p - buf); + kfree(buf); + return ret; } STA_OPS(ht_capa); static ssize_t sta_vht_capa_read(struct file *file, char __user *userbuf, size_t count, loff_t *ppos) { - char buf[512], *p = buf; + char *buf, *p; struct sta_info *sta = file->private_data; struct ieee80211_sta_vht_cap *vhtc = &sta->sta.vht_cap; + ssize_t ret; + ssize_t bufsz = 512; - p += scnprintf(p, sizeof(buf) + buf - p, "VHT %ssupported\n", + buf = kzalloc(bufsz, GFP_KERNEL); + if (!buf) + return -ENOMEM; + p = buf; + + p += scnprintf(p, bufsz + buf - p, "VHT %ssupported\n", vhtc->vht_supported ? "" : "not "); if (vhtc->vht_supported) { - p += scnprintf(p, sizeof(buf) + buf - p, "cap: %#.8x\n", + p += scnprintf(p, bufsz + buf - p, "cap: %#.8x\n", vhtc->cap); #define PFLAG(a, b) \ do { \ if (vhtc->cap & IEEE80211_VHT_CAP_ ## a) \ - p += scnprintf(p, sizeof(buf) + buf - p, \ + p += scnprintf(p, bufsz + buf - p, \ "\t\t%s\n", b); \ } while (0) switch (vhtc->cap & 0x3) { case IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_3895: - p += scnprintf(p, sizeof(buf) + buf - p, + p += scnprintf(p, bufsz + buf - p, "\t\tMAX-MPDU-3895\n"); break; case IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_7991: - p += scnprintf(p, sizeof(buf) + buf - p, + p += scnprintf(p, bufsz + buf - p, "\t\tMAX-MPDU-7991\n"); break; case IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_11454: - p += scnprintf(p, sizeof(buf) + buf - p, + p += scnprintf(p, bufsz + buf - p, "\t\tMAX-MPDU-11454\n"); break; default: - p += scnprintf(p, sizeof(buf) + buf - p, + p += scnprintf(p, bufsz + buf - p, "\t\tMAX-MPDU-UNKNOWN\n"); } switch (vhtc->cap & IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK) { case 0: - p += scnprintf(p, sizeof(buf) + buf - p, + p += scnprintf(p, bufsz + buf - p, "\t\t80Mhz\n"); break; case IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ: - p += scnprintf(p, sizeof(buf) + buf - p, + p += scnprintf(p, bufsz + buf - p, "\t\t160Mhz\n"); break; case IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ: - p += scnprintf(p, sizeof(buf) + buf - p, + p += scnprintf(p, bufsz + buf - p, "\t\t80+80Mhz\n"); break; default: - p += scnprintf(p, sizeof(buf) + buf - p, + p += scnprintf(p, bufsz + buf - p, "\t\tUNKNOWN-MHZ: 0x%x\n", (vhtc->cap >> 2) & 0x3); } @@ -566,15 +591,15 @@ PFLAG(SHORT_GI_80, "SHORT-GI-80"); PFLAG(SHORT_GI_160, "SHORT-GI-160"); PFLAG(TXSTBC, "TXSTBC"); - p += scnprintf(p, sizeof(buf) + buf - p, + p += scnprintf(p, bufsz + buf - p, "\t\tRXSTBC_%d\n", (vhtc->cap >> 8) & 0x7); PFLAG(SU_BEAMFORMER_CAPABLE, "SU-BEAMFORMER-CAPABLE"); PFLAG(SU_BEAMFORMEE_CAPABLE, "SU-BEAMFORMEE-CAPABLE"); - p += scnprintf(p, sizeof(buf) + buf - p, + p += scnprintf(p, bufsz + buf - p, "\t\tBEAMFORMEE-STS: 0x%x\n", (vhtc->cap & IEEE80211_VHT_CAP_BEAMFORMEE_STS_MASK) >> IEEE80211_VHT_CAP_BEAMFORMEE_STS_SHIFT); - p += scnprintf(p, sizeof(buf) + buf - p, + p += scnprintf(p, bufsz + buf - p, "\t\tSOUNDING-DIMENSIONS: 0x%x\n", (vhtc->cap & IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_MASK) >> IEEE80211_VHT_CAP_SOUNDING_DIMENSIONS_SHIFT); @@ -582,34 +607,36 @@ PFLAG(MU_BEAMFORMEE_CAPABLE, "MU-BEAMFORMEE-CAPABLE"); PFLAG(VHT_TXOP_PS, "TXOP-PS"); PFLAG(HTC_VHT, "HTC-VHT"); - p += scnprintf(p, sizeof(buf) + buf - p, + p += scnprintf(p, bufsz + buf - p, "\t\tMPDU-LENGTH-EXPONENT: 0x%x\n", (vhtc->cap & IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK) >> IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_SHIFT); PFLAG(VHT_LINK_ADAPTATION_VHT_UNSOL_MFB, "LINK-ADAPTATION-VHT-UNSOL-MFB"); - p += scnprintf(p, sizeof(buf) + buf - p, + p += scnprintf(p, bufsz + buf - p, "\t\tLINK-ADAPTATION-VHT-MRQ-MFB: 0x%x\n", (vhtc->cap & IEEE80211_VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB) >> 26); PFLAG(RX_ANTENNA_PATTERN, "RX-ANTENNA-PATTERN"); PFLAG(TX_ANTENNA_PATTERN, "TX-ANTENNA-PATTERN"); - p += scnprintf(p, sizeof(buf)+buf-p, "RX MCS: %.4x\n", + p += scnprintf(p, bufsz + buf - p, "RX MCS: %.4x\n", le16_to_cpu(vhtc->vht_mcs.rx_mcs_map)); if (vhtc->vht_mcs.rx_highest) - p += scnprintf(p, sizeof(buf)+buf-p, + p += scnprintf(p, bufsz + buf - p, "MCS RX highest: %d Mbps\n", le16_to_cpu(vhtc->vht_mcs.rx_highest)); - p += scnprintf(p, sizeof(buf)+buf-p, "TX MCS: %.4x\n", + p += scnprintf(p, bufsz + buf - p, "TX MCS: %.4x\n", le16_to_cpu(vhtc->vht_mcs.tx_mcs_map)); if (vhtc->vht_mcs.tx_highest) - p += scnprintf(p, sizeof(buf)+buf-p, + p += scnprintf(p, bufsz + buf - p, "MCS TX highest: %d Mbps\n", le16_to_cpu(vhtc->vht_mcs.tx_highest)); #undef PFLAG } - return simple_read_from_buffer(userbuf, count, ppos, buf, p - buf); + ret = simple_read_from_buffer(userbuf, count, ppos, buf, p - buf); + kfree(buf); + return ret; } STA_OPS(vht_capa); @@ -909,14 +936,15 @@ PFLAG(PHY, 9, RX_FULL_BW_SU_USING_MU_WITH_NON_COMP_SIGB, "RX-FULL-BW-SU-USING-MU-WITH-NON-COMP-SIGB"); - switch (cap[9] & IEEE80211_HE_PHY_CAP9_NOMIMAL_PKT_PADDING_MASK) { - case IEEE80211_HE_PHY_CAP9_NOMIMAL_PKT_PADDING_0US: + switch (u8_get_bits(cap[9], + IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_MASK)) { + case IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_0US: PRINT("NOMINAL-PACKET-PADDING-0US"); break; - case IEEE80211_HE_PHY_CAP9_NOMIMAL_PKT_PADDING_8US: + case IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_8US: PRINT("NOMINAL-PACKET-PADDING-8US"); break; - case IEEE80211_HE_PHY_CAP9_NOMIMAL_PKT_PADDING_16US: + case IEEE80211_HE_PHY_CAP9_NOMINAL_PKT_PADDING_16US: PRINT("NOMINAL-PACKET-PADDING-16US"); break; } diff -ruw linux-5.15.42/net/mac80211/driver-ops.c linux-5.15.42-fbx/net/mac80211/driver-ops.c --- linux-5.15.42/net/mac80211/driver-ops.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/driver-ops.c 2024-04-22 14:46:58.224276745 +0200 @@ -49,6 +49,30 @@ local->started = false; } +int drv_get_powered(struct ieee80211_local *local, bool *up, bool *busy) +{ + int ret = -EOPNOTSUPP; + + might_sleep(); + + if (local->ops->get_powered) + ret = local->ops->get_powered(&local->hw, up, busy); + + return ret; +} + +int drv_set_powered(struct ieee80211_local *local) +{ + int ret = -EOPNOTSUPP; + + might_sleep(); + + if (local->ops->set_powered) + ret = local->ops->set_powered(&local->hw); + + return ret; +} + int drv_add_interface(struct ieee80211_local *local, struct ieee80211_sub_if_data *sdata) { diff -ruw linux-5.15.42/net/mac80211/driver-ops.h linux-5.15.42-fbx/net/mac80211/driver-ops.h --- linux-5.15.42/net/mac80211/driver-ops.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/driver-ops.h 2024-04-22 14:46:58.224276745 +0200 @@ -84,6 +84,8 @@ int drv_start(struct ieee80211_local *local); void drv_stop(struct ieee80211_local *local); +int drv_get_powered(struct ieee80211_local *local, bool *up, bool *busy); +int drv_set_powered(struct ieee80211_local *local); #ifdef CONFIG_PM static inline int drv_suspend(struct ieee80211_local *local, @@ -166,7 +168,8 @@ sdata->vif.type == NL80211_IFTYPE_NAN || (sdata->vif.type == NL80211_IFTYPE_MONITOR && !sdata->vif.mu_mimo_owner && - !(changed & BSS_CHANGED_TXPOWER)))) + !(changed & (BSS_CHANGED_TXPOWER | + BSS_CHANGED_QOS))))) return; if (!check_sdata_in_driver(sdata)) @@ -1142,6 +1145,8 @@ trace_drv_get_expected_throughput(&sta->sta); if (local->ops->get_expected_throughput && sta->uploaded) ret = local->ops->get_expected_throughput(&local->hw, &sta->sta); + else + ret = ewma_avg_est_tp_read(&sta->status_stats.avg_est_tp); trace_drv_return_u32(local, ret); return ret; @@ -1486,4 +1491,26 @@ trace_drv_return_void(local); } +static inline int drv_net_fill_forward_path(struct ieee80211_local *local, + struct ieee80211_sub_if_data *sdata, + struct ieee80211_sta *sta, + struct net_device_path_ctx *ctx, + struct net_device_path *path) +{ + int ret = -EOPNOTSUPP; + + sdata = get_bss_sdata(sdata); + if (!check_sdata_in_driver(sdata)) + return -EIO; + + trace_drv_net_fill_forward_path(local, sdata, sta); + if (local->ops->net_fill_forward_path) + ret = local->ops->net_fill_forward_path(&local->hw, + &sdata->vif, sta, + ctx, path); + trace_drv_return_int(local, ret); + + return ret; +} + #endif /* __MAC80211_DRIVER_OPS */ diff -ruw linux-5.15.42/net/mac80211/ethtool.c linux-5.15.42-fbx/net/mac80211/ethtool.c --- linux-5.15.42/net/mac80211/ethtool.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/ethtool.c 2024-04-22 14:46:58.228276854 +0200 @@ -46,6 +46,22 @@ }; #define STA_STATS_LEN ARRAY_SIZE(ieee80211_gstrings_sta_stats) +struct ethtool_priv_flags_strings { + const char string[ETH_GSTRING_LEN]; +}; + +enum { + POWERED_SUPPORTED = (1 << 0), + POWERED_STATUS = (1 << 1), + POWERED_CHANGE_BUSY = (1 << 2), +}; + +static const struct ethtool_priv_flags_strings ieee80211_pflags_strings[] = { + { .string = "powered-supported" }, + { .string = "powered-status" }, + { .string = "powered-change-busy", }, +}; + static int ieee80211_get_sset_count(struct net_device *dev, int sset) { struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); @@ -56,6 +72,9 @@ rv += drv_get_et_sset_count(sdata, sset); + if (sset == ETH_SS_PRIV_FLAGS) + rv += ARRAY_SIZE(ieee80211_pflags_strings); + if (rv == 0) return -EOPNOTSUPP; return rv; @@ -212,6 +231,9 @@ memcpy(data, ieee80211_gstrings_sta_stats, sz_sta_stats); } drv_get_et_strings(sdata, sset, &(data[sz_sta_stats])); + if (sset == ETH_SS_PRIV_FLAGS) + memcpy(data, ieee80211_pflags_strings, + sizeof (ieee80211_pflags_strings)); } static int ieee80211_get_regs_len(struct net_device *dev) @@ -229,6 +251,35 @@ regs->len = 0; } +static u32 ieee80211_get_priv_flags(struct net_device *dev) +{ + struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); + struct ieee80211_local *local = sdata->local; + bool powered, powered_busy; + u32 ret; + + ret = 0; + if (!drv_get_powered(local, &powered, &powered_busy)) { + ret |= POWERED_SUPPORTED; + if (powered) + ret |= POWERED_STATUS; + if (powered_busy) + ret |= POWERED_CHANGE_BUSY; + } + return ret; +} + +static int ieee80211_set_priv_flags(struct net_device *dev, u32 flags) +{ + struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); + struct ieee80211_local *local = sdata->local; + + if (flags & (POWERED_STATUS)) + return drv_set_powered(local); + + return 0; +} + const struct ethtool_ops ieee80211_ethtool_ops = { .get_drvinfo = cfg80211_get_drvinfo, .get_regs_len = ieee80211_get_regs_len, @@ -239,4 +290,6 @@ .get_strings = ieee80211_get_strings, .get_ethtool_stats = ieee80211_get_stats, .get_sset_count = ieee80211_get_sset_count, + .set_priv_flags = ieee80211_set_priv_flags, + .get_priv_flags = ieee80211_get_priv_flags, }; diff -ruw linux-5.15.42/net/mac80211/fils_aead.c linux-5.15.42-fbx/net/mac80211/fils_aead.c --- linux-5.15.42/net/mac80211/fils_aead.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/fils_aead.c 2024-04-22 14:46:58.228276854 +0200 @@ -219,7 +219,8 @@ { struct ieee80211_mgmt *mgmt = (void *)skb->data; u8 *capab, *ies, *encr; - const u8 *addr[5 + 1], *session; + const u8 *addr[5 + 1]; + const struct element *session; size_t len[5 + 1]; size_t crypt_len; @@ -231,12 +232,12 @@ ies = mgmt->u.assoc_req.variable; } - session = cfg80211_find_ext_ie(WLAN_EID_EXT_FILS_SESSION, + session = cfg80211_find_ext_elem(WLAN_EID_EXT_FILS_SESSION, ies, skb->data + skb->len - ies); - if (!session || session[1] != 1 + 8) + if (!session || session->datalen != 1 + 8) return -EINVAL; /* encrypt after FILS Session element */ - encr = (u8 *)session + 2 + 1 + 8; + encr = (u8 *)session->data + 1 + 8; /* AES-SIV AAD vectors */ @@ -270,7 +271,8 @@ { struct ieee80211_mgmt *mgmt = (void *)frame; u8 *capab, *ies, *encr; - const u8 *addr[5 + 1], *session; + const u8 *addr[5 + 1]; + const struct element *session; size_t len[5 + 1]; int res; size_t crypt_len; @@ -280,16 +282,16 @@ capab = (u8 *)&mgmt->u.assoc_resp.capab_info; ies = mgmt->u.assoc_resp.variable; - session = cfg80211_find_ext_ie(WLAN_EID_EXT_FILS_SESSION, + session = cfg80211_find_ext_elem(WLAN_EID_EXT_FILS_SESSION, ies, frame + *frame_len - ies); - if (!session || session[1] != 1 + 8) { + if (!session || session->datalen != 1 + 8) { mlme_dbg(sdata, "No (valid) FILS Session element in (Re)Association Response frame from %pM", mgmt->sa); return -EINVAL; } /* decrypt after FILS Session element */ - encr = (u8 *)session + 2 + 1 + 8; + encr = (u8 *)session->data + 1 + 8; /* AES-SIV AAD vectors */ diff -ruw linux-5.15.42/net/mac80211/ibss.c linux-5.15.42-fbx/net/mac80211/ibss.c --- linux-5.15.42/net/mac80211/ibss.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/ibss.c 2024-04-22 14:46:58.228276854 +0200 @@ -9,7 +9,7 @@ * Copyright 2009, Johannes Berg * Copyright 2013-2014 Intel Mobile Communications GmbH * Copyright(c) 2016 Intel Deutschland GmbH - * Copyright(c) 2018-2020 Intel Corporation + * Copyright(c) 2018-2021 Intel Corporation */ #include @@ -1589,7 +1589,7 @@ struct ieee80211_rx_status *rx_status) { size_t baselen; - struct ieee802_11_elems elems; + struct ieee802_11_elems *elems; BUILD_BUG_ON(offsetof(typeof(mgmt->u.probe_resp), variable) != offsetof(typeof(mgmt->u.beacon), variable)); @@ -1602,10 +1602,13 @@ if (baselen > len) return; - ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen, - false, &elems, mgmt->bssid, NULL); + elems = ieee802_11_parse_elems(mgmt->u.probe_resp.variable, + len - baselen, false, NULL); - ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, &elems); + if (elems) { + ieee80211_rx_bss_info(sdata, mgmt, len, rx_status, elems); + kfree(elems); + } } void ieee80211_ibss_rx_queued_mgmt(struct ieee80211_sub_if_data *sdata, @@ -1614,7 +1617,7 @@ struct ieee80211_rx_status *rx_status; struct ieee80211_mgmt *mgmt; u16 fc; - struct ieee802_11_elems elems; + struct ieee802_11_elems *elems; int ies_len; rx_status = IEEE80211_SKB_RXCB(skb); @@ -1651,15 +1654,16 @@ if (ies_len < 0) break; - ieee802_11_parse_elems( + elems = ieee802_11_parse_elems( mgmt->u.action.u.chan_switch.variable, - ies_len, true, &elems, mgmt->bssid, NULL); - - if (elems.parse_error) - break; + ies_len, true, NULL); - ieee80211_rx_mgmt_spectrum_mgmt(sdata, mgmt, skb->len, - rx_status, &elems); + if (elems && !elems->parse_error) + ieee80211_rx_mgmt_spectrum_mgmt(sdata, mgmt, + skb->len, + rx_status, + elems); + kfree(elems); break; } } diff -ruw linux-5.15.42/net/mac80211/ieee80211_i.h linux-5.15.42-fbx/net/mac80211/ieee80211_i.h --- linux-5.15.42/net/mac80211/ieee80211_i.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/ieee80211_i.h 2024-04-22 14:46:58.228276854 +0200 @@ -257,6 +257,7 @@ struct ieee80211_meshconf_ie *meshconf; u16 cntdwn_counter_offsets[IEEE80211_MAX_CNTDWN_COUNTERS_NUM]; u8 cntdwn_current_counter; + struct cfg80211_mbssid_elems *mbssid_ies; struct rcu_head rcu_head; }; @@ -366,6 +367,8 @@ IEEE80211_STA_DISABLE_WMM = BIT(14), IEEE80211_STA_ENABLE_RRM = BIT(15), IEEE80211_STA_DISABLE_HE = BIT(16), + IEEE80211_STA_DISABLE_EHT = BIT(17), + IEEE80211_STA_DISABLE_320MHZ = BIT(18), }; struct ieee80211_mgd_auth_data { @@ -631,10 +634,9 @@ */ struct ieee802_11_elems; struct ieee80211_mesh_sync_ops { - void (*rx_bcn_presp)(struct ieee80211_sub_if_data *sdata, - u16 stype, - struct ieee80211_mgmt *mgmt, - struct ieee802_11_elems *elems, + void (*rx_bcn_presp)(struct ieee80211_sub_if_data *sdata, u16 stype, + struct ieee80211_mgmt *mgmt, unsigned int len, + const struct ieee80211_meshconf_ie *mesh_cfg, struct ieee80211_rx_status *rx_status); /* should be called with beacon_data under RCU read lock */ @@ -746,6 +748,18 @@ struct mesh_table mpp_paths; /* Store paths for MPP&MAP */ int mesh_paths_generation; int mpp_paths_generation; + + /* Store Vendor specific node metrics IE */ + u8 node_vendor_ie[260]; + u8 node_vendor_ie_len; + /* Store Vendor specific mesh path metrics IE */ + u8 mpm_vendor_ie[260]; + u8 mpm_vendor_ie_len; + + /* list to hold blocked mesh peer link entries */ + struct list_head mplink_blocking_list; + /* lock for mplink_blocking_list list */ + spinlock_t mplink_blocking_list_lock; }; #ifdef CONFIG_MAC80211_MESH @@ -766,6 +780,8 @@ * back to wireless media and to the local net stack. * @IEEE80211_SDATA_DISCONNECT_RESUME: Disconnect after resume. * @IEEE80211_SDATA_IN_DRIVER: indicates interface was added to driver + * @IEEE80211_SDATA_DISCONNECT_HW_RESTART: Disconnect after hardware restart + * recovery */ enum ieee80211_sub_if_data_flags { IEEE80211_SDATA_ALLMULTI = BIT(0), @@ -773,6 +789,7 @@ IEEE80211_SDATA_DONT_BRIDGE_PACKETS = BIT(3), IEEE80211_SDATA_DISCONNECT_RESUME = BIT(4), IEEE80211_SDATA_IN_DRIVER = BIT(5), + IEEE80211_SDATA_DISCONNECT_HW_RESTART = BIT(6), }; /** @@ -858,16 +875,20 @@ * @def_flow: used as a fallback flow when a packet destined to @tin hashes to * a fq_flow which is already owned by a different tin * @def_cvars: codel vars for @def_flow - * @schedule_order: used with ieee80211_local->active_txqs * @frags: used to keep fragments created after dequeue + * @schedule_order: used with ieee80211_local->active_txqs + * @schedule_round: counter to prevent infinite loops on TXQ scheduling */ struct txq_info { struct fq_tin tin; struct codel_vars def_cvars; struct codel_stats cstats; - struct rb_node schedule_order; + + u16 schedule_round; + struct list_head schedule_order; struct sk_buff_head frags; + unsigned long flags; /* keep last! */ @@ -895,6 +916,7 @@ struct idr function_inst_ids; }; +DECLARE_EWMA(avg_busy, 8, 4) struct ieee80211_sub_if_data { struct list_head list; @@ -944,8 +966,6 @@ struct ieee80211_tx_queue_params tx_conf[IEEE80211_NUM_ACS]; struct mac80211_qos_map __rcu *qos_map; - struct airtime_info airtime[IEEE80211_NUM_ACS]; - struct work_struct csa_finalize_work; bool csa_block_tx; /* write-protected by sdata_lock and local->mtx */ struct cfg80211_chan_def csa_chandef; @@ -1018,6 +1038,11 @@ } debugfs; #endif + struct delayed_work busy_avg_work; + u64 last_time; + u64 last_time_busy; + struct ewma_avg_busy avg_busy; + /* must be last, dynamically sized area in this! */ struct ieee80211_vif vif; }; @@ -1079,6 +1104,20 @@ return shift; } +static inline int +ieee80211_get_mbssid_beacon_len(struct cfg80211_mbssid_elems *elems) +{ + int i, len = 0; + + if (!elems) + return 0; + + for (i = 0; i < elems->cnt; i++) + len += elems->elem[i].len; + + return len; +} + enum { IEEE80211_RX_MSG = 1, IEEE80211_TX_STATUS_MSG = 2, @@ -1161,44 +1200,6 @@ SCAN_ABORT, }; -/** - * struct airtime_sched_info - state used for airtime scheduling and AQL - * - * @lock: spinlock that protects all the fields in this struct - * @active_txqs: rbtree of currently backlogged queues, sorted by virtual time - * @schedule_pos: the current position maintained while a driver walks the tree - * with ieee80211_next_txq() - * @active_list: list of struct airtime_info structs that were active within - * the last AIRTIME_ACTIVE_DURATION (100 ms), used to compute - * weight_sum - * @last_weight_update: used for rate limiting walking active_list - * @last_schedule_time: tracks the last time a transmission was scheduled; used - * for catching up v_t if no stations are eligible for - * transmission. - * @v_t: global virtual time; queues with v_t < this are eligible for - * transmission - * @weight_sum: total sum of all active stations used for dividing airtime - * @weight_sum_reciprocal: reciprocal of weight_sum (to avoid divisions in fast - * path - see comment above - * IEEE80211_RECIPROCAL_DIVISOR_64) - * @aql_txq_limit_low: AQL limit when total outstanding airtime - * is < IEEE80211_AQL_THRESHOLD - * @aql_txq_limit_high: AQL limit when total outstanding airtime - * is > IEEE80211_AQL_THRESHOLD - */ -struct airtime_sched_info { - spinlock_t lock; - struct rb_root_cached active_txqs; - struct rb_node *schedule_pos; - struct list_head active_list; - u64 last_weight_update; - u64 last_schedule_activity; - u64 v_t; - u64 weight_sum; - u64 weight_sum_reciprocal; - u32 aql_txq_limit_low; - u32 aql_txq_limit_high; -}; DECLARE_STATIC_KEY_FALSE(aql_disable); struct ieee80211_local { @@ -1212,8 +1213,13 @@ struct codel_params cparams; /* protects active_txqs and txqi->schedule_order */ - struct airtime_sched_info airtime[IEEE80211_NUM_ACS]; + spinlock_t active_txq_lock[IEEE80211_NUM_ACS]; + struct list_head active_txqs[IEEE80211_NUM_ACS]; + u16 schedule_round[IEEE80211_NUM_ACS]; + u16 airtime_flags; + u32 aql_txq_limit_low[IEEE80211_NUM_ACS]; + u32 aql_txq_limit_high[IEEE80211_NUM_ACS]; u32 aql_threshold; atomic_t aql_total_pending_airtime; @@ -1262,6 +1268,9 @@ */ bool suspended; + /* suspending is true during the whole suspend process */ + bool suspending; + /* * Resuming is true while suspended, but when we're reprogramming the * hardware -- at that time it's allowed to use ieee80211_queue_work() @@ -1481,7 +1490,7 @@ }; static inline struct ieee80211_sub_if_data * -IEEE80211_DEV_TO_SUB_IF(struct net_device *dev) +IEEE80211_DEV_TO_SUB_IF(const struct net_device *dev) { return netdev_priv(dev); } @@ -1528,6 +1537,7 @@ struct ieee802_11_elems { const u8 *ie_start; size_t total_len; + u32 crc; /* pointers to IEs */ const struct ieee80211_tdls_lnkie *lnk_id; @@ -1537,7 +1547,6 @@ const u8 *supp_rates; const u8 *ds_params; const struct ieee80211_tim_ie *tim; - const u8 *challenge; const u8 *rsn; const u8 *rsnx; const u8 *erp_info; @@ -1585,13 +1594,14 @@ const struct ieee80211_s1g_oper_ie *s1g_oper; const struct ieee80211_s1g_bcn_compat_ie *s1g_bcn_compat; const struct ieee80211_aid_response_ie *aid_resp; + const struct ieee80211_eht_cap_elem *eht_cap; + const struct ieee80211_eht_operation *eht_operation; /* length of them, respectively */ u8 ext_capab_len; u8 ssid_len; u8 supp_rates_len; u8 tim_len; - u8 challenge_len; u8 rsn_len; u8 rsnx_len; u8 ext_supp_rates_len; @@ -1607,9 +1617,25 @@ u8 bssid_index_len; u8 tx_pwr_env_len[IEEE80211_TPE_MAX_IE_COUNT]; u8 tx_pwr_env_num; + u8 eht_cap_len; /* whether a parse error occurred while retrieving these elements */ bool parse_error; + + /* + * scratch buffer that can be used for various element parsing related + * tasks, e.g., element de-fragmentation etc. + */ + size_t scratch_len; + u8 *scratch_pos; + u8 scratch[]; +}; + +struct ieee802_11_mesh_vendor_specific_elems { + const u8 *ie_start; + u8 ie_len; + /* whether a parse error occurred while retrieving these elements */ + bool parse_error; }; static inline struct ieee80211_local *hw_to_local( @@ -1630,125 +1656,6 @@ return !(skb_queue_empty(&txqi->frags) && !txqi->tin.backlog_packets); } -static inline struct airtime_info *to_airtime_info(struct ieee80211_txq *txq) -{ - struct ieee80211_sub_if_data *sdata; - struct sta_info *sta; - - if (txq->sta) { - sta = container_of(txq->sta, struct sta_info, sta); - return &sta->airtime[txq->ac]; - } - - sdata = vif_to_sdata(txq->vif); - return &sdata->airtime[txq->ac]; -} - -/* To avoid divisions in the fast path, we keep pre-computed reciprocals for - * airtime weight calculations. There are two different weights to keep track - * of: The per-station weight and the sum of weights per phy. - * - * For the per-station weights (kept in airtime_info below), we use 32-bit - * reciprocals with a devisor of 2^19. This lets us keep the multiplications and - * divisions for the station weights as 32-bit operations at the cost of a bit - * of rounding error for high weights; but the choice of divisor keeps rounding - * errors <10% for weights <2^15, assuming no more than 8ms of airtime is - * reported at a time. - * - * For the per-phy sum of weights the values can get higher, so we use 64-bit - * operations for those with a 32-bit divisor, which should avoid any - * significant rounding errors. - */ -#define IEEE80211_RECIPROCAL_DIVISOR_64 0x100000000ULL -#define IEEE80211_RECIPROCAL_SHIFT_64 32 -#define IEEE80211_RECIPROCAL_DIVISOR_32 0x80000U -#define IEEE80211_RECIPROCAL_SHIFT_32 19 - -static inline void airtime_weight_set(struct airtime_info *air_info, u16 weight) -{ - if (air_info->weight == weight) - return; - - air_info->weight = weight; - if (weight) { - air_info->weight_reciprocal = - IEEE80211_RECIPROCAL_DIVISOR_32 / weight; - } else { - air_info->weight_reciprocal = 0; - } -} - -static inline void airtime_weight_sum_set(struct airtime_sched_info *air_sched, - int weight_sum) -{ - if (air_sched->weight_sum == weight_sum) - return; - - air_sched->weight_sum = weight_sum; - if (air_sched->weight_sum) { - air_sched->weight_sum_reciprocal = IEEE80211_RECIPROCAL_DIVISOR_64; - do_div(air_sched->weight_sum_reciprocal, air_sched->weight_sum); - } else { - air_sched->weight_sum_reciprocal = 0; - } -} - -/* A problem when trying to enforce airtime fairness is that we want to divide - * the airtime between the currently *active* stations. However, basing this on - * the instantaneous queue state of stations doesn't work, as queues tend to - * oscillate very quickly between empty and occupied, leading to the scheduler - * thinking only a single station is active when deciding whether to allow - * transmission (and thus not throttling correctly). - * - * To fix this we use a timer-based notion of activity: a station is considered - * active if it has been scheduled within the last 100 ms; we keep a separate - * list of all the stations considered active in this manner, and lazily update - * the total weight of active stations from this list (filtering the stations in - * the list by their 'last active' time). - * - * We add one additional safeguard to guard against stations that manage to get - * scheduled every 100 ms but don't transmit a lot of data, and thus don't use - * up any airtime. Such stations would be able to get priority for an extended - * period of time if they do start transmitting at full capacity again, and so - * we add an explicit maximum for how far behind a station is allowed to fall in - * the virtual airtime domain. This limit is set to a relatively high value of - * 20 ms because the main mechanism for catching up idle stations is the active - * state as described above; i.e., the hard limit should only be hit in - * pathological cases. - */ -#define AIRTIME_ACTIVE_DURATION (100 * NSEC_PER_MSEC) -#define AIRTIME_MAX_BEHIND 20000 /* 20 ms */ - -static inline bool airtime_is_active(struct airtime_info *air_info, u64 now) -{ - return air_info->last_scheduled >= now - AIRTIME_ACTIVE_DURATION; -} - -static inline void airtime_set_active(struct airtime_sched_info *air_sched, - struct airtime_info *air_info, u64 now) -{ - air_info->last_scheduled = now; - air_sched->last_schedule_activity = now; - list_move_tail(&air_info->list, &air_sched->active_list); -} - -static inline bool airtime_catchup_v_t(struct airtime_sched_info *air_sched, - u64 v_t, u64 now) -{ - air_sched->v_t = v_t; - return true; -} - -static inline void init_airtime_info(struct airtime_info *air_info, - struct airtime_sched_info *air_sched) -{ - atomic_set(&air_info->aql_tx_pending, 0); - air_info->aql_limit_low = air_sched->aql_txq_limit_low; - air_info->aql_limit_high = air_sched->aql_txq_limit_high; - airtime_weight_set(air_info, IEEE80211_DEFAULT_AIRTIME_WEIGHT); - INIT_LIST_HEAD(&air_info->list); -} - static inline int ieee80211_bssid_match(const u8 *raddr, const u8 *addr) { return ether_addr_equal(raddr, addr) || @@ -1994,14 +1901,6 @@ u64 *cookie); int ieee80211_probe_mesh_link(struct wiphy *wiphy, struct net_device *dev, const u8 *buf, size_t len); -void ieee80211_resort_txq(struct ieee80211_hw *hw, - struct ieee80211_txq *txq); -void ieee80211_unschedule_txq(struct ieee80211_hw *hw, - struct ieee80211_txq *txq, - bool purge); -void ieee80211_update_airtime_weight(struct ieee80211_local *local, - struct airtime_sched_info *air_sched, - u64 now, bool force); /* HT */ void ieee80211_apply_htcap_overrides(struct ieee80211_sub_if_data *sdata, @@ -2214,20 +2113,57 @@ ieee80211_tx_skb_tid(sdata, skb, 7); } -u32 ieee802_11_parse_elems_crc(const u8 *start, size_t len, bool action, - struct ieee802_11_elems *elems, - u64 filter, u32 crc, u8 *transmitter_bssid, - u8 *bss_bssid); -static inline void ieee802_11_parse_elems(const u8 *start, size_t len, - bool action, - struct ieee802_11_elems *elems, - u8 *transmitter_bssid, - u8 *bss_bssid) +/** + * struct ieee80211_elems_parse_params - element parsing parameters + * @start: pointer to the elements + * @len: length of the elements + * @action: %true if the elements came from an action frame + * @filter: bitmap of element IDs to filter out while calculating + * the element CRC + * @crc: CRC starting value + * @bss: the BSS to parse this as, for multi-BSSID cases this can + * represent a non-transmitting BSS in which case the data + * for that non-transmitting BSS is returned + */ +struct ieee80211_elems_parse_params { + const u8 *start; + size_t len; + bool action; + u64 filter; + u32 crc; + struct cfg80211_bss *bss; +}; + +struct ieee802_11_elems * +ieee802_11_parse_elems_full(struct ieee80211_elems_parse_params *params); + +static inline struct ieee802_11_elems * +ieee802_11_parse_elems_crc(const u8 *start, size_t len, bool action, + u64 filter, u32 crc, + struct cfg80211_bss *bss) { - ieee802_11_parse_elems_crc(start, len, action, elems, 0, 0, - transmitter_bssid, bss_bssid); + struct ieee80211_elems_parse_params params = { + .start = start, + .len = len, + .action = action, + .filter = filter, + .crc = crc, + .bss = bss, + }; + + return ieee802_11_parse_elems_full(¶ms); } +u32 ieee802_11_parse_mesh_vendor_elems(const u8 *start, size_t len, bool action, + struct ieee802_11_mesh_vendor_specific_elems *elems, + u64 filter, u32 crc, u8 type); + +static inline struct ieee802_11_elems * +ieee802_11_parse_elems(const u8 *start, size_t len, bool action, + struct cfg80211_bss *bss) +{ + return ieee802_11_parse_elems_crc(start, len, action, 0, 0, bss); +} extern const int ieee802_1d_to_ac[8]; @@ -2410,6 +2346,7 @@ struct cfg80211_chan_def *chandef); bool ieee80211_chandef_he_6ghz_oper(struct ieee80211_sub_if_data *sdata, const struct ieee80211_he_operation *he_oper, + const struct ieee80211_eht_operation *eht_oper, struct cfg80211_chan_def *chandef); bool ieee80211_chandef_s1g_oper(const struct ieee80211_s1g_oper_ie *oper, struct cfg80211_chan_def *chandef); @@ -2513,4 +2450,16 @@ void ieee80211_init_frag_cache(struct ieee80211_fragment_cache *cache); void ieee80211_destroy_frag_cache(struct ieee80211_fragment_cache *cache); +u8 ieee80211_ie_len_eht_cap(struct ieee80211_sub_if_data *sdata, u8 iftype); +u8 *ieee80211_ie_build_eht_cap(u8 *pos, + const struct ieee80211_sta_he_cap *he_cap, + const struct ieee80211_sta_eht_cap *eht_cap, + u8 *end); + +void +ieee80211_eht_cap_ie_to_sta_eht_cap(struct ieee80211_sub_if_data *sdata, + struct ieee80211_supported_band *sband, + const u8 *he_cap_ie, u8 he_cap_len, + const struct ieee80211_eht_cap_elem *eht_cap_ie_elem, + u8 eht_cap_len, struct sta_info *sta); #endif /* IEEE80211_I_H */ diff -ruw linux-5.15.42/net/mac80211/iface.c linux-5.15.42-fbx/net/mac80211/iface.c --- linux-5.15.42/net/mac80211/iface.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/iface.c 2024-04-22 14:46:58.228276854 +0200 @@ -632,17 +632,46 @@ ieee80211_add_virtual_monitor(local); } +static void ieee80211_stop_mbssid(struct ieee80211_sub_if_data *sdata) +{ + struct ieee80211_sub_if_data *tx_sdata, *non_tx_sdata, *tmp_sdata; + struct ieee80211_vif *tx_vif = sdata->vif.mbssid_tx_vif; + + if (!tx_vif) + return; + + tx_sdata = vif_to_sdata(tx_vif); + sdata->vif.mbssid_tx_vif = NULL; + + list_for_each_entry_safe(non_tx_sdata, tmp_sdata, + &tx_sdata->local->interfaces, list) { + if (non_tx_sdata != sdata && non_tx_sdata != tx_sdata && + non_tx_sdata->vif.mbssid_tx_vif == tx_vif && + ieee80211_sdata_running(non_tx_sdata)) { + non_tx_sdata->vif.mbssid_tx_vif = NULL; + dev_close(non_tx_sdata->wdev.netdev); + } + } + + if (sdata != tx_sdata && ieee80211_sdata_running(tx_sdata)) { + tx_sdata->vif.mbssid_tx_vif = NULL; + dev_close(tx_sdata->wdev.netdev); + } +} + static int ieee80211_stop(struct net_device *dev) { struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); - /* close all dependent VLAN interfaces before locking wiphy */ + /* close dependent VLAN and MBSSID interfaces before locking wiphy */ if (sdata->vif.type == NL80211_IFTYPE_AP) { struct ieee80211_sub_if_data *vlan, *tmpsdata; list_for_each_entry_safe(vlan, tmpsdata, &sdata->u.ap.vlans, u.vlan.list) dev_close(vlan->dev); + + ieee80211_stop_mbssid(sdata); } wiphy_lock(sdata->local->hw.wiphy); @@ -681,6 +710,8 @@ */ static void ieee80211_teardown_sdata(struct ieee80211_sub_if_data *sdata) { + cancel_delayed_work_sync(&sdata->busy_avg_work); + /* free extra data */ ieee80211_free_keys(sdata, false); @@ -760,6 +791,64 @@ .ndo_get_stats64 = ieee80211_get_stats64, }; +static int ieee80211_netdev_fill_forward_path(struct net_device_path_ctx *ctx, + struct net_device_path *path) +{ + struct ieee80211_sub_if_data *sdata; + struct ieee80211_local *local; + struct sta_info *sta; + int ret = -ENOENT; + + sdata = IEEE80211_DEV_TO_SUB_IF(ctx->dev); + local = sdata->local; + + if (!local->ops->net_fill_forward_path) + return -EOPNOTSUPP; + + rcu_read_lock(); + switch (sdata->vif.type) { + case NL80211_IFTYPE_AP_VLAN: + sta = rcu_dereference(sdata->u.vlan.sta); + if (sta) + break; + if (sdata->wdev.use_4addr) + goto out; + if (is_multicast_ether_addr(ctx->daddr)) + goto out; + sta = sta_info_get_bss(sdata, ctx->daddr); + break; + case NL80211_IFTYPE_AP: + if (is_multicast_ether_addr(ctx->daddr)) + goto out; + sta = sta_info_get(sdata, ctx->daddr); + break; + case NL80211_IFTYPE_STATION: + if (sdata->wdev.wiphy->flags & WIPHY_FLAG_SUPPORTS_TDLS) { + sta = sta_info_get(sdata, ctx->daddr); + if (sta && test_sta_flag(sta, WLAN_STA_TDLS_PEER)) { + if (!test_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH)) + goto out; + + break; + } + } + + sta = sta_info_get(sdata, sdata->u.mgd.bssid); + break; + default: + goto out; + } + + if (!sta) + goto out; + + ret = drv_net_fill_forward_path(local, sdata, &sta->sta, ctx, path); +out: + rcu_read_unlock(); + + return ret; +} + static const struct net_device_ops ieee80211_dataif_8023_ops = { .ndo_open = ieee80211_open, .ndo_stop = ieee80211_stop, @@ -769,6 +858,7 @@ .ndo_set_mac_address = ieee80211_change_mac, .ndo_select_queue = ieee80211_netdev_select_queue, .ndo_get_stats64 = ieee80211_get_stats64, + .ndo_fill_forward_path = ieee80211_netdev_fill_forward_path, }; static bool ieee80211_iftype_supports_hdr_offload(enum nl80211_iftype iftype) @@ -1110,9 +1200,7 @@ * this interface, if it has the special null one. */ if (dev && is_zero_ether_addr(dev->dev_addr)) { - memcpy(dev->dev_addr, - local->hw.wiphy->perm_addr, - ETH_ALEN); + eth_hw_addr_set(dev, local->hw.wiphy->perm_addr); memcpy(dev->perm_addr, dev->dev_addr, ETH_ALEN); if (!is_valid_ether_addr(dev->dev_addr)) { @@ -1537,6 +1625,59 @@ ieee80211_recalc_smps(sdata); } +#define DEFAULT_BUSY_AVG_INTERVAL_MS 1000 + +static void ieee80211_if_busy_avg_work(struct work_struct *work) +{ + struct delayed_work *delayed_work = to_delayed_work(work); + struct ieee80211_sub_if_data *sdata = + container_of(delayed_work, struct ieee80211_sub_if_data, + busy_avg_work); + struct survey_info survey; + struct ieee80211_local *local = sdata->local; + struct ieee80211_chanctx_conf *chanctx_conf; + struct ieee80211_channel *channel = NULL; + int q = 0, mask = SURVEY_INFO_TIME | SURVEY_INFO_TIME_BUSY; + u64 interval, busy; + + rcu_read_lock(); + chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf); + if (chanctx_conf) + channel = chanctx_conf->def.chan; + rcu_read_unlock(); + + if (!channel) + goto end; + + if (!local->started) + goto end; + + do { + survey.filled = 0; + if (drv_get_survey(local, q++, &survey) != 0) { + survey.filled = 0; + break; + } + } while (channel != survey.channel); + + /* ensure we have timestamp & busy info as well as this is new values */ + if ((survey.filled & mask) != mask || survey.time == sdata->last_time) + goto end; + + /* compute diff & save values */ + interval = survey.time - sdata->last_time; + busy = survey.time_busy - sdata->last_time_busy; + sdata->last_time = survey.time; + sdata->last_time_busy = survey.time_busy; + + /* average percent busy time */ + ewma_avg_busy_add(&sdata->avg_busy, div_u64(busy * 100, interval)); + +end: + schedule_delayed_work(&sdata->busy_avg_work, + msecs_to_jiffies(DEFAULT_BUSY_AVG_INTERVAL_MS)); +} + /* * Helper function to initialise an interface to a specific type. */ @@ -1578,6 +1719,8 @@ INIT_WORK(&sdata->color_change_finalize_work, ieee80211_color_change_finalize_work); INIT_LIST_HEAD(&sdata->assigned_chanctx_list); INIT_LIST_HEAD(&sdata->reserved_chanctx_list); + INIT_DELAYED_WORK(&sdata->busy_avg_work, + ieee80211_if_busy_avg_work); switch (type) { case NL80211_IFTYPE_P2P_GO: @@ -1634,6 +1777,9 @@ } ieee80211_debugfs_add_netdev(sdata); + schedule_delayed_work(&sdata->busy_avg_work, + msecs_to_jiffies(DEFAULT_BUSY_AVG_INTERVAL_MS)); + } static int ieee80211_runtime_change_iftype(struct ieee80211_sub_if_data *sdata, @@ -1966,9 +2112,9 @@ ieee80211_assign_perm_addr(local, ndev->perm_addr, type); if (is_valid_ether_addr(params->macaddr)) - memcpy(ndev->dev_addr, params->macaddr, ETH_ALEN); + eth_hw_addr_set(ndev, params->macaddr); else - memcpy(ndev->dev_addr, ndev->perm_addr, ETH_ALEN); + eth_hw_addr_set(ndev, ndev->perm_addr); SET_NETDEV_DEV(ndev, wiphy_dev(local->hw.wiphy)); /* don't use IEEE80211_DEV_TO_SUB_IF -- it checks too much */ @@ -2022,9 +2168,6 @@ } } - for (i = 0; i < IEEE80211_NUM_ACS; i++) - init_airtime_info(&sdata->airtime[i], &local->airtime[i]); - ieee80211_set_default_queues(sdata); sdata->ap_power_level = IEEE80211_UNSET_POWER_LEVEL; diff -ruw linux-5.15.42/net/mac80211/key.c linux-5.15.42-fbx/net/mac80211/key.c --- linux-5.15.42/net/mac80211/key.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/key.c 2024-04-22 14:46:58.228276854 +0200 @@ -172,6 +172,12 @@ * Hence, don't send GTKs for VLAN interfaces to the driver. */ if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) { + if (ieee80211_hw_check(&key->local->hw, + APVLAN_NEED_MCAST_TO_UCAST)) { + /* no need to fail, this key will + * never be used */ + return 0; + } ret = 1; goto out_unsupported; } diff -ruw linux-5.15.42/net/mac80211/main.c linux-5.15.42-fbx/net/mac80211/main.c --- linux-5.15.42/net/mac80211/main.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/main.c 2024-04-22 14:46:58.228276854 +0200 @@ -32,6 +32,7 @@ #include "wep.h" #include "led.h" #include "debugfs.h" +#include "nmeshd_nl.h" void ieee80211_configure_filter(struct ieee80211_local *local) { @@ -707,13 +708,10 @@ spin_lock_init(&local->queue_stop_reason_lock); for (i = 0; i < IEEE80211_NUM_ACS; i++) { - struct airtime_sched_info *air_sched = &local->airtime[i]; - - air_sched->active_txqs = RB_ROOT_CACHED; - INIT_LIST_HEAD(&air_sched->active_list); - spin_lock_init(&air_sched->lock); - air_sched->aql_txq_limit_low = IEEE80211_DEFAULT_AQL_TXQ_LIMIT_L; - air_sched->aql_txq_limit_high = + INIT_LIST_HEAD(&local->active_txqs[i]); + spin_lock_init(&local->active_txq_lock[i]); + local->aql_txq_limit_low[i] = IEEE80211_DEFAULT_AQL_TXQ_LIMIT_L; + local->aql_txq_limit_high[i] = IEEE80211_DEFAULT_AQL_TXQ_LIMIT_H; } @@ -909,7 +907,7 @@ int result, i; enum nl80211_band band; int channels, max_bitrates; - bool supp_ht, supp_vht, supp_he; + bool supp_ht, supp_vht, supp_he, supp_eht; struct cfg80211_chan_def dflt_chandef = {}; if (ieee80211_hw_check(hw, QUEUE_CONTROL) && @@ -978,6 +976,7 @@ supp_ht = false; supp_vht = false; supp_he = false; + supp_eht = false; for (band = 0; band < NUM_NL80211_BANDS; band++) { struct ieee80211_supported_band *sband; @@ -1021,6 +1020,7 @@ iftd = &sband->iftype_data[i]; supp_he = supp_he || iftd->he_cap.has_he; + supp_eht = supp_eht || iftd->eht_cap.has_eht; } /* HT, VHT, HE require QoS, thus >= 4 queues */ @@ -1028,6 +1028,10 @@ (supp_ht || supp_vht || supp_he))) return -EINVAL; + /* EHT requires HE support */ + if (WARN_ON(supp_eht && !supp_he)) + return -EINVAL; + if (!sband->ht_cap.ht_supported) continue; @@ -1138,6 +1142,12 @@ 3 + sizeof(struct ieee80211_he_cap_elem) + sizeof(struct ieee80211_he_mcs_nss_supp) + IEEE80211_HE_PPE_THRES_MAX_LEN; + + if (supp_eht) + local->scan_ies_len += + 3 + sizeof(struct ieee80211_eht_cap_elem) + + sizeof(struct ieee80211_eht_mcs_nss_supp) + + IEEE80211_EHT_PPE_THRES_MAX_LEN; } if (!local->ops->hw_scan) { @@ -1464,6 +1474,7 @@ if (ret) goto err_netdev; + nmeshd_nl_init(); return 0; err_netdev: rc80211_minstrel_exit(); @@ -1473,6 +1484,8 @@ static void __exit ieee80211_exit(void) { + nmeshd_nl_deinit(); + rc80211_minstrel_exit(); ieee80211s_stop(); diff -ruw linux-5.15.42/net/mac80211/mesh.c linux-5.15.42-fbx/net/mac80211/mesh.c --- linux-5.15.42/net/mac80211/mesh.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/mesh.c 2024-04-22 14:46:58.228276854 +0200 @@ -1,7 +1,7 @@ // SPDX-License-Identifier: GPL-2.0-only /* * Copyright (c) 2008, 2009 open80211s Ltd. - * Copyright (C) 2018 - 2020 Intel Corporation + * Copyright (C) 2018 - 2021 Intel Corporation * Authors: Luis Carlos Cobo * Javier Cardona */ @@ -104,7 +104,8 @@ ieee80211_chandef_vht_oper(&sdata->local->hw, vht_cap_info, ie->vht_operation, ie->ht_operation, &sta_chan_def); - ieee80211_chandef_he_6ghz_oper(sdata, ie->he_operation, &sta_chan_def); + ieee80211_chandef_he_6ghz_oper(sdata, ie->he_operation, NULL, + &sta_chan_def); if (!cfg80211_chandef_compatible(&sdata->vif.bss_conf.chandef, &sta_chan_def)) @@ -347,19 +348,32 @@ u8 offset, len; const u8 *data; - if (!ifmsh->ie || !ifmsh->ie_len) - return 0; - /* fast-forward to vendor IEs */ - offset = ieee80211_ie_split_vendor(ifmsh->ie, ifmsh->ie_len, 0); + if (ifmsh->node_vendor_ie_len) { + offset = ieee80211_ie_split_vendor(ifmsh->node_vendor_ie, + ifmsh->node_vendor_ie_len, 0); + + if (offset < ifmsh->node_vendor_ie_len) { + len = ifmsh->node_vendor_ie_len - offset; + data = ifmsh->node_vendor_ie + offset; + if (skb_tailroom(skb) < len) + return -ENOMEM; + skb_put_data(skb, data, len); + } + } - if (offset < ifmsh->ie_len) { - len = ifmsh->ie_len - offset; - data = ifmsh->ie + offset; + if (ifmsh->mpm_vendor_ie_len) { + offset = ieee80211_ie_split_vendor(ifmsh->mpm_vendor_ie, + ifmsh->mpm_vendor_ie_len, 0); + + if (offset < ifmsh->mpm_vendor_ie_len) { + len = ifmsh->mpm_vendor_ie_len - offset; + data = ifmsh->mpm_vendor_ie + offset; if (skb_tailroom(skb) < len) return -ENOMEM; skb_put_data(skb, data, len); } + } return 0; } @@ -848,11 +862,13 @@ 2 + 1 + sizeof(struct ieee80211_he_operation) + sizeof(struct ieee80211_he_6ghz_oper) + 2 + 1 + sizeof(struct ieee80211_he_6ghz_capa) + - ifmsh->ie_len; + ifmsh->ie_len + + ifmsh->node_vendor_ie_len + + ifmsh->mpm_vendor_ie_len; bcn = kzalloc(sizeof(*bcn) + head_len + tail_len, GFP_KERNEL); /* need an skb for IE builders to operate on */ - skb = dev_alloc_skb(max(head_len, tail_len)); + skb = __dev_alloc_skb(max(head_len, tail_len), GFP_KERNEL); if (!bcn || !skb) goto out_free; @@ -1247,7 +1263,7 @@ struct sk_buff *presp; struct beacon_data *bcn; struct ieee80211_mgmt *hdr; - struct ieee802_11_elems elems; + struct ieee802_11_elems *elems; size_t baselen; u8 *pos; @@ -1256,22 +1272,23 @@ if (baselen > len) return; - ieee802_11_parse_elems(pos, len - baselen, false, &elems, mgmt->bssid, - NULL); - - if (!elems.mesh_id) + elems = ieee802_11_parse_elems(pos, len - baselen, false, NULL); + if (!elems) return; + if (!elems->mesh_id) + goto free; + /* 802.11-2012 10.1.4.3.2 */ if ((!ether_addr_equal(mgmt->da, sdata->vif.addr) && !is_broadcast_ether_addr(mgmt->da)) || - elems.ssid_len != 0) - return; + elems->ssid_len != 0) + goto free; - if (elems.mesh_id_len != 0 && - (elems.mesh_id_len != ifmsh->mesh_id_len || - memcmp(elems.mesh_id, ifmsh->mesh_id, ifmsh->mesh_id_len))) - return; + if (elems->mesh_id_len != 0 && + (elems->mesh_id_len != ifmsh->mesh_id_len || + memcmp(elems->mesh_id, ifmsh->mesh_id, ifmsh->mesh_id_len))) + goto free; rcu_read_lock(); bcn = rcu_dereference(ifmsh->beacon); @@ -1295,6 +1312,8 @@ ieee80211_tx_skb(sdata, presp); out: rcu_read_unlock(); +free: + kfree(elems); } static void ieee80211_mesh_rx_bcn_presp(struct ieee80211_sub_if_data *sdata, @@ -1305,57 +1324,84 @@ { struct ieee80211_local *local = sdata->local; struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; - struct ieee802_11_elems elems; + struct ieee802_11_elems *elems; struct ieee80211_channel *channel; size_t baselen; int freq; enum nl80211_band band = rx_status->band; + struct ieee802_11_mesh_vendor_specific_elems nm, pm; + u32 beacon_int; + bool is_neigh_conn_estab; /* ignore ProbeResp to foreign address */ if (stype == IEEE80211_STYPE_PROBE_RESP && !ether_addr_equal(mgmt->da, sdata->vif.addr)) return; + if (stype == IEEE80211_STYPE_BEACON) + beacon_int = mgmt->u.beacon.beacon_int; + baselen = (u8 *) mgmt->u.probe_resp.variable - (u8 *) mgmt; if (baselen > len) return; - ieee802_11_parse_elems(mgmt->u.probe_resp.variable, len - baselen, - false, &elems, mgmt->bssid, NULL); + elems = ieee802_11_parse_elems(mgmt->u.probe_resp.variable, + len - baselen, + false, NULL); + if (!elems) + return; /* ignore non-mesh or secure / unsecure mismatch */ - if ((!elems.mesh_id || !elems.mesh_config) || - (elems.rsn && sdata->u.mesh.security == IEEE80211_MESH_SEC_NONE) || - (!elems.rsn && sdata->u.mesh.security != IEEE80211_MESH_SEC_NONE)) - return; + if ((!elems->mesh_id || !elems->mesh_config) || + (elems->rsn && sdata->u.mesh.security == IEEE80211_MESH_SEC_NONE) || + (!elems->rsn && sdata->u.mesh.security != IEEE80211_MESH_SEC_NONE)) + goto free; - if (elems.ds_params) - freq = ieee80211_channel_to_frequency(elems.ds_params[0], band); + if (elems->ds_params) + freq = ieee80211_channel_to_frequency(elems->ds_params[0], band); else freq = rx_status->freq; channel = ieee80211_get_channel(local->hw.wiphy, freq); if (!channel || channel->flags & IEEE80211_CHAN_DISABLED) - return; + goto free; - if (mesh_matches_local(sdata, &elems)) { + if (mesh_matches_local(sdata, elems)) { mpl_dbg(sdata, "rssi_threshold=%d,rx_status->signal=%d\n", sdata->u.mesh.mshcfg.rssi_threshold, rx_status->signal); + + is_neigh_conn_estab = mesh_neighbour_connection_established(sdata, mgmt->sa); + ieee802_11_parse_mesh_vendor_elems(mgmt->u.probe_resp.variable, len - baselen, false, + &nm, 0, 0, NL80211_QBC_UPDATE_NODE_METRICS_IE); + if (nm.parse_error == false) + elems->total_len -= (nm.ie_len + 2); + + ieee802_11_parse_mesh_vendor_elems(mgmt->u.probe_resp.variable, len - baselen, false, + &pm, 0, 0, NL80211_QBC_UPDATE_PATH_METRICS_IE); + if (pm.parse_error == false) + elems->total_len -= (pm.ie_len + 2); + + if (is_neigh_conn_estab) + nmeshd_nl_send_vendor_ies(sdata->dev, mgmt->sa, stype, rx_status->signal, + beacon_int, &pm, &nm, GFP_KERNEL); + if (!sdata->u.mesh.user_mpm || sdata->u.mesh.mshcfg.rssi_threshold == 0 || sdata->u.mesh.mshcfg.rssi_threshold < rx_status->signal) - mesh_neighbour_update(sdata, mgmt->sa, &elems, + mesh_neighbour_update(sdata, mgmt->sa, elems, rx_status); if (ifmsh->csa_role != IEEE80211_MESH_CSA_ROLE_INIT && !sdata->vif.csa_active) - ieee80211_mesh_process_chnswitch(sdata, &elems, true); + ieee80211_mesh_process_chnswitch(sdata, elems, true); } if (ifmsh->sync_ops) - ifmsh->sync_ops->rx_bcn_presp(sdata, - stype, mgmt, &elems, rx_status); + ifmsh->sync_ops->rx_bcn_presp(sdata, stype, mgmt, len, + elems->mesh_config, rx_status); +free: + kfree(elems); } int ieee80211_mesh_finish_csa(struct ieee80211_sub_if_data *sdata) @@ -1447,46 +1493,59 @@ struct ieee80211_mgmt *mgmt, size_t len) { struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; - struct ieee802_11_elems elems; + struct ieee802_11_elems *elems; u16 pre_value; bool fwd_csa = true; size_t baselen; u8 *pos; + struct sta_info *sta = NULL; if (mgmt->u.action.u.measurement.action_code != WLAN_ACTION_SPCT_CHL_SWITCH) return; + /* Process action frames received from connected mesh nodes */ + rcu_read_lock(); + sta = sta_info_get(sdata, mgmt->bssid); + if (!sta) { + rcu_read_unlock(); + return; + } + rcu_read_unlock(); + pos = mgmt->u.action.u.chan_switch.variable; baselen = offsetof(struct ieee80211_mgmt, u.action.u.chan_switch.variable); - ieee802_11_parse_elems(pos, len - baselen, true, &elems, - mgmt->bssid, NULL); - - if (!mesh_matches_local(sdata, &elems)) + elems = ieee802_11_parse_elems(pos, len - baselen, true, NULL); + if (!elems) return; - ifmsh->chsw_ttl = elems.mesh_chansw_params_ie->mesh_ttl; + if (!mesh_matches_local(sdata, elems)) + goto free; + + ifmsh->chsw_ttl = elems->mesh_chansw_params_ie->mesh_ttl; if (!--ifmsh->chsw_ttl) fwd_csa = false; - pre_value = le16_to_cpu(elems.mesh_chansw_params_ie->mesh_pre_value); + pre_value = le16_to_cpu(elems->mesh_chansw_params_ie->mesh_pre_value); if (ifmsh->pre_value >= pre_value) - return; + goto free; ifmsh->pre_value = pre_value; if (!sdata->vif.csa_active && - !ieee80211_mesh_process_chnswitch(sdata, &elems, false)) { + !ieee80211_mesh_process_chnswitch(sdata, elems, false)) { mcsa_dbg(sdata, "Failed to process CSA action frame"); - return; + goto free; } /* forward or re-broadcast the CSA frame */ if (fwd_csa) { - if (mesh_fwd_csa_frame(sdata, mgmt, len, &elems) < 0) + if (mesh_fwd_csa_frame(sdata, mgmt, len, elems) < 0) mcsa_dbg(sdata, "Failed to forward the CSA frame"); } +free: + kfree(elems); } static void ieee80211_mesh_rx_mgmt_action(struct ieee80211_sub_if_data *sdata, @@ -1628,13 +1687,29 @@ skb_queue_head_init(&ifmsh->ps.bc_buf); spin_lock_init(&ifmsh->mesh_preq_queue_lock); spin_lock_init(&ifmsh->sync_offset_lock); + INIT_LIST_HEAD(&ifmsh->mplink_blocking_list); + spin_lock_init(&ifmsh->mplink_blocking_list_lock); RCU_INIT_POINTER(ifmsh->beacon, NULL); sdata->vif.bss_conf.bssid = zero_addr; } +void ieee80211_mesh_free_blocked_mplink_entries(struct ieee80211_sub_if_data *sdata) +{ + struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; + struct mplink_block_list_info *mp_blink, *mp_blink_nxt; + + spin_lock_bh(&ifmsh->mplink_blocking_list_lock); + list_for_each_entry_safe(mp_blink, mp_blink_nxt, &ifmsh->mplink_blocking_list, list) { + list_del(&mp_blink->list); + kfree(mp_blink); + } + spin_unlock_bh(&ifmsh->mplink_blocking_list_lock); +} + void ieee80211_mesh_teardown_sdata(struct ieee80211_sub_if_data *sdata) { mesh_rmc_free(sdata); mesh_pathtbl_unregister(sdata); + ieee80211_mesh_free_blocked_mplink_entries(sdata); } diff -ruw linux-5.15.42/net/mac80211/mesh.h linux-5.15.42-fbx/net/mac80211/mesh.h --- linux-5.15.42/net/mac80211/mesh.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/mesh.h 2024-04-22 14:46:58.228276854 +0200 @@ -127,6 +127,11 @@ u32 path_change_count; }; +struct mplink_block_list_info { + struct list_head list; + u8 dst[ETH_ALEN]; +}; + /* Recent multicast cache */ /* RMC_BUCKETS must be a power of 2, maximum 256 */ #define RMC_BUCKETS 256 @@ -219,6 +224,7 @@ /* wrapper for ieee80211_bss_info_change_notify() */ void ieee80211_mbss_info_change_notify(struct ieee80211_sub_if_data *sdata, u32 changed); +void ieee80211_mesh_free_blocked_mplink_entries(struct ieee80211_sub_if_data *sdata); /* mesh power save */ u32 ieee80211_mps_local_status_update(struct ieee80211_sub_if_data *sdata); @@ -279,7 +285,8 @@ struct ieee80211_mgmt *mgmt, size_t len, struct ieee80211_rx_status *rx_status); void mesh_sta_cleanup(struct sta_info *sta); - +bool mesh_neighbour_connection_established(struct ieee80211_sub_if_data *sdata, + u8 *hw_addr); /* Private interfaces */ /* Mesh paths */ int mesh_path_error_tx(struct ieee80211_sub_if_data *sdata, @@ -339,12 +346,20 @@ void mesh_path_flush_by_iface(struct ieee80211_sub_if_data *sdata); void mesh_sync_adjust_tsf(struct ieee80211_sub_if_data *sdata); void ieee80211s_stop(void); +void nmeshd_nl_send_vendor_ies(struct net_device *dev, const u8 *macaddr, u16 stype, s8 signal, + u32 beacon_int, struct ieee802_11_mesh_vendor_specific_elems *pm, + struct ieee802_11_mesh_vendor_specific_elems *nm, gfp_t gfp); + #else static inline bool mesh_path_sel_is_hwmp(struct ieee80211_sub_if_data *sdata) { return false; } static inline void mesh_path_flush_by_iface(struct ieee80211_sub_if_data *sdata) {} static inline void ieee80211s_stop(void) {} +static inline void nmeshd_nl_send_vendor_ies(struct net_device *dev, const u8 *macaddr, u16 stype, s8 signal, + u32 beacon_int, struct ieee802_11_mesh_vendor_specific_elems *pm, + struct ieee802_11_mesh_vendor_specific_elems *nm, gfp_t gfp) +{} #endif #endif /* IEEE80211S_H */ diff -ruw linux-5.15.42/net/mac80211/mesh_hwmp.c linux-5.15.42-fbx/net/mac80211/mesh_hwmp.c --- linux-5.15.42/net/mac80211/mesh_hwmp.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/mesh_hwmp.c 2024-04-22 14:46:58.232276963 +0200 @@ -1,7 +1,7 @@ // SPDX-License-Identifier: GPL-2.0-only /* * Copyright (c) 2008, 2009 open80211s Ltd. - * Copyright (C) 2019 Intel Corporation + * Copyright (C) 2019, 2021 Intel Corporation * Author: Luis Carlos Cobo */ @@ -908,7 +908,7 @@ void mesh_rx_path_sel_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_mgmt *mgmt, size_t len) { - struct ieee802_11_elems elems; + struct ieee802_11_elems *elems; size_t baselen; u32 path_metric; struct sta_info *sta; @@ -926,37 +926,41 @@ rcu_read_unlock(); baselen = (u8 *) mgmt->u.action.u.mesh_action.variable - (u8 *) mgmt; - ieee802_11_parse_elems(mgmt->u.action.u.mesh_action.variable, - len - baselen, false, &elems, mgmt->bssid, NULL); + elems = ieee802_11_parse_elems(mgmt->u.action.u.mesh_action.variable, + len - baselen, false, NULL); + if (!elems) + return; - if (elems.preq) { - if (elems.preq_len != 37) + if (elems->preq) { + if (elems->preq_len != 37) /* Right now we support just 1 destination and no AE */ - return; - path_metric = hwmp_route_info_get(sdata, mgmt, elems.preq, + goto free; + path_metric = hwmp_route_info_get(sdata, mgmt, elems->preq, MPATH_PREQ); if (path_metric) - hwmp_preq_frame_process(sdata, mgmt, elems.preq, + hwmp_preq_frame_process(sdata, mgmt, elems->preq, path_metric); } - if (elems.prep) { - if (elems.prep_len != 31) + if (elems->prep) { + if (elems->prep_len != 31) /* Right now we support no AE */ - return; - path_metric = hwmp_route_info_get(sdata, mgmt, elems.prep, + goto free; + path_metric = hwmp_route_info_get(sdata, mgmt, elems->prep, MPATH_PREP); if (path_metric) - hwmp_prep_frame_process(sdata, mgmt, elems.prep, + hwmp_prep_frame_process(sdata, mgmt, elems->prep, path_metric); } - if (elems.perr) { - if (elems.perr_len != 15) + if (elems->perr) { + if (elems->perr_len != 15) /* Right now we support only one destination per PERR */ - return; - hwmp_perr_frame_process(sdata, mgmt, elems.perr); + goto free; + hwmp_perr_frame_process(sdata, mgmt, elems->perr); } - if (elems.rann) - hwmp_rann_frame_process(sdata, mgmt, elems.rann); + if (elems->rann) + hwmp_rann_frame_process(sdata, mgmt, elems->rann); +free: + kfree(elems); } /** diff -ruw linux-5.15.42/net/mac80211/mesh_plink.c linux-5.15.42-fbx/net/mac80211/mesh_plink.c --- linux-5.15.42/net/mac80211/mesh_plink.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/mesh_plink.c 2024-04-22 14:46:58.232276963 +0200 @@ -1,7 +1,7 @@ // SPDX-License-Identifier: GPL-2.0-only /* * Copyright (c) 2008, 2009 open80211s Ltd. - * Copyright (C) 2019 Intel Corporation + * Copyright (C) 2019, 2021 Intel Corporation * Author: Luis Carlos Cobo */ #include @@ -1200,7 +1200,7 @@ struct ieee80211_mgmt *mgmt, size_t len, struct ieee80211_rx_status *rx_status) { - struct ieee802_11_elems elems; + struct ieee802_11_elems *elems; size_t baselen; u8 *baseaddr; @@ -1228,7 +1228,35 @@ if (baselen > len) return; } - ieee802_11_parse_elems(baseaddr, len - baselen, true, &elems, - mgmt->bssid, NULL); - mesh_process_plink_frame(sdata, mgmt, &elems, rx_status); + elems = ieee802_11_parse_elems(baseaddr, len - baselen, true, NULL); + mesh_process_plink_frame(sdata, mgmt, elems, rx_status); + kfree(elems); +} + +/* + * mesh_neighbour_connection_established - return if connection has been established with neighbor. + * + * @sdata: local meshif + * @addr: peer's address + * @elems: IEs from beacon or mesh peering frame + * + * + */ +bool mesh_neighbour_connection_established(struct ieee80211_sub_if_data *sdata, + u8 *hw_addr) +{ + struct sta_info *sta; + bool ret = false; + + rcu_read_lock(); + sta = sta_info_get(sdata, hw_addr); + if (!sta) + goto out; + + if (sta->mesh->plink_state == NL80211_PLINK_ESTAB) + ret = true; + +out: + rcu_read_unlock(); + return ret; } diff -ruw linux-5.15.42/net/mac80211/mesh_sync.c linux-5.15.42-fbx/net/mac80211/mesh_sync.c --- linux-5.15.42/net/mac80211/mesh_sync.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/mesh_sync.c 2024-04-22 14:46:58.232276963 +0200 @@ -3,6 +3,7 @@ * Copyright 2011-2012, Pavel Zubarev * Copyright 2011-2012, Marco Porsch * Copyright 2011-2012, cozybit Inc. + * Copyright (C) 2021 Intel Corporation */ #include "ieee80211_i.h" @@ -35,12 +36,12 @@ /** * mesh_peer_tbtt_adjusting - check if an mp is currently adjusting its TBTT * - * @ie: information elements of a management frame from the mesh peer + * @cfg: mesh config element from the mesh peer (or %NULL) */ -static bool mesh_peer_tbtt_adjusting(struct ieee802_11_elems *ie) +static bool mesh_peer_tbtt_adjusting(const struct ieee80211_meshconf_ie *cfg) { - return (ie->mesh_config->meshconf_cap & - IEEE80211_MESHCONF_CAPAB_TBTT_ADJUSTING) != 0; + return cfg && + (cfg->meshconf_cap & IEEE80211_MESHCONF_CAPAB_TBTT_ADJUSTING); } void mesh_sync_adjust_tsf(struct ieee80211_sub_if_data *sdata) @@ -76,10 +77,10 @@ } } -static void mesh_sync_offset_rx_bcn_presp(struct ieee80211_sub_if_data *sdata, - u16 stype, - struct ieee80211_mgmt *mgmt, - struct ieee802_11_elems *elems, +static void +mesh_sync_offset_rx_bcn_presp(struct ieee80211_sub_if_data *sdata, u16 stype, + struct ieee80211_mgmt *mgmt, unsigned int len, + const struct ieee80211_meshconf_ie *mesh_cfg, struct ieee80211_rx_status *rx_status) { struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; @@ -101,10 +102,7 @@ */ if (ieee80211_have_rx_timestamp(rx_status)) t_r = ieee80211_calculate_rx_timestamp(local, rx_status, - 24 + 12 + - elems->total_len + - FCS_LEN, - 24); + len + FCS_LEN, 24); else t_r = drv_get_tsf(local, sdata); @@ -119,7 +117,7 @@ * dot11MeshNbrOffsetMaxNeighbor non-peer non-MBSS neighbors */ - if (elems->mesh_config && mesh_peer_tbtt_adjusting(elems)) { + if (mesh_peer_tbtt_adjusting(mesh_cfg)) { msync_dbg(sdata, "STA %pM : is adjusting TBTT\n", sta->sta.addr); goto no_sync; diff -ruw linux-5.15.42/net/mac80211/mlme.c linux-5.15.42-fbx/net/mac80211/mlme.c --- linux-5.15.42/net/mac80211/mlme.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/mlme.c 2024-04-22 14:46:58.232276963 +0200 @@ -150,6 +150,7 @@ const struct ieee80211_ht_operation *ht_oper, const struct ieee80211_vht_operation *vht_oper, const struct ieee80211_he_operation *he_oper, + const struct ieee80211_eht_operation *eht_oper, const struct ieee80211_s1g_oper_ie *s1g_oper, struct cfg80211_chan_def *chandef, bool tracking) { @@ -165,12 +166,17 @@ chandef->freq1_offset = channel->freq_offset; if (channel->band == NL80211_BAND_6GHZ) { - if (!ieee80211_chandef_he_6ghz_oper(sdata, he_oper, chandef)) + if (!ieee80211_chandef_he_6ghz_oper(sdata, he_oper, eht_oper, + chandef)) { + mlme_dbg(sdata, + "bad 6 GHz operation, disabling HT/VHT/HE/EHT\n"); ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT | - IEEE80211_STA_DISABLE_HE; - else + IEEE80211_STA_DISABLE_HE | + IEEE80211_STA_DISABLE_EHT; + } else { ret = 0; + } vht_chandef = *chandef; goto out; } else if (sband->band == NL80211_BAND_S1GHZ) { @@ -191,9 +197,11 @@ ieee80211_apply_htcap_overrides(sdata, &sta_ht_cap); if (!ht_oper || !sta_ht_cap.ht_supported) { + mlme_dbg(sdata, "HT operation missing / HT not supported\n"); ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT | - IEEE80211_STA_DISABLE_HE; + IEEE80211_STA_DISABLE_HE | + IEEE80211_STA_DISABLE_EHT; goto out; } @@ -216,7 +224,8 @@ ht_oper->primary_chan, channel->band); ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT | - IEEE80211_STA_DISABLE_HE; + IEEE80211_STA_DISABLE_HE | + IEEE80211_STA_DISABLE_EHT; goto out; } @@ -224,6 +233,7 @@ if (sta_ht_cap.cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) { ieee80211_chandef_ht_oper(ht_oper, chandef); } else { + mlme_dbg(sdata, "40 MHz not supported\n"); /* 40 MHz (and 80 MHz) must be supported for VHT */ ret = IEEE80211_STA_DISABLE_VHT; /* also mark 40 MHz disabled */ @@ -232,6 +242,7 @@ } if (!vht_oper || !sband->vht_cap.vht_supported) { + mlme_dbg(sdata, "VHT operation missing / VHT not supported\n"); ret = IEEE80211_STA_DISABLE_VHT; goto out; } @@ -254,8 +265,8 @@ &vht_chandef)) { if (!(ifmgd->flags & IEEE80211_STA_DISABLE_HE)) sdata_info(sdata, - "HE AP VHT information is invalid, disable HE\n"); - ret = IEEE80211_STA_DISABLE_HE; + "HE AP VHT information is invalid, disabling HE\n"); + ret = IEEE80211_STA_DISABLE_HE | IEEE80211_STA_DISABLE_EHT; goto out; } } else if (!ieee80211_chandef_vht_oper(&sdata->local->hw, @@ -264,7 +275,7 @@ &vht_chandef)) { if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT)) sdata_info(sdata, - "AP VHT information is invalid, disable VHT\n"); + "AP VHT information is invalid, disabling VHT\n"); ret = IEEE80211_STA_DISABLE_VHT; goto out; } @@ -272,7 +283,7 @@ if (!cfg80211_chandef_valid(&vht_chandef)) { if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT)) sdata_info(sdata, - "AP VHT information is invalid, disable VHT\n"); + "AP VHT information is invalid, disabling VHT\n"); ret = IEEE80211_STA_DISABLE_VHT; goto out; } @@ -285,7 +296,7 @@ if (!cfg80211_chandef_compatible(chandef, &vht_chandef)) { if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT)) sdata_info(sdata, - "AP VHT information doesn't match HT, disable VHT\n"); + "AP VHT information doesn't match HT, disabling VHT\n"); ret = IEEE80211_STA_DISABLE_VHT; goto out; } @@ -335,7 +346,8 @@ if (WARN_ON(chandef->width == NL80211_CHAN_WIDTH_20_NOHT)) { ret = IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT | - IEEE80211_STA_DISABLE_HE; + IEEE80211_STA_DISABLE_HE | + IEEE80211_STA_DISABLE_EHT; break; } @@ -344,7 +356,11 @@ if (!he_oper || !cfg80211_chandef_usable(sdata->wdev.wiphy, chandef, IEEE80211_CHAN_NO_HE)) - ret |= IEEE80211_STA_DISABLE_HE; + ret |= IEEE80211_STA_DISABLE_HE | IEEE80211_STA_DISABLE_EHT; + + if (!eht_oper || !cfg80211_chandef_usable(sdata->wdev.wiphy, chandef, + IEEE80211_CHAN_NO_EHT)) + ret |= IEEE80211_STA_DISABLE_EHT; if (chandef->width != vht_chandef.width && !tracking) sdata_info(sdata, @@ -361,6 +377,7 @@ const struct ieee80211_ht_operation *ht_oper, const struct ieee80211_vht_operation *vht_oper, const struct ieee80211_he_operation *he_oper, + const struct ieee80211_eht_operation *eht_oper, const struct ieee80211_s1g_oper_ie *s1g_oper, const u8 *bssid, u32 *changed) { @@ -386,9 +403,16 @@ /* don't check HE if we associated as non-HE station */ if (ifmgd->flags & IEEE80211_STA_DISABLE_HE || !ieee80211_get_he_iftype_cap(sband, - ieee80211_vif_type_p2p(&sdata->vif))) - + ieee80211_vif_type_p2p(&sdata->vif))) { he_oper = NULL; + eht_oper = NULL; + } + + /* don't check EHT if we associated as non-EHT station */ + if (ifmgd->flags & IEEE80211_STA_DISABLE_EHT || + !ieee80211_get_eht_iftype_cap(sband, + ieee80211_vif_type_p2p(&sdata->vif))) + eht_oper = NULL; if (WARN_ON_ONCE(!sta)) return -EINVAL; @@ -408,7 +432,8 @@ /* calculate new channel (type) based on HT/VHT/HE operation IEs */ flags = ieee80211_determine_chantype(sdata, sband, chan, vht_cap_info, - ht_oper, vht_oper, he_oper, + ht_oper, vht_oper, + he_oper, eht_oper, s1g_oper, &chandef, true); /* @@ -442,9 +467,11 @@ if (flags != (ifmgd->flags & (IEEE80211_STA_DISABLE_HT | IEEE80211_STA_DISABLE_VHT | IEEE80211_STA_DISABLE_HE | + IEEE80211_STA_DISABLE_EHT | IEEE80211_STA_DISABLE_40MHZ | IEEE80211_STA_DISABLE_80P80MHZ | - IEEE80211_STA_DISABLE_160MHZ)) || + IEEE80211_STA_DISABLE_160MHZ | + IEEE80211_STA_DISABLE_320MHZ)) || !cfg80211_chandef_valid(&chandef)) { sdata_info(sdata, "AP %pM changed caps/bw in a way we can't support (0x%x/0x%x) - disconnect\n", @@ -666,6 +693,48 @@ ieee80211_ie_build_he_6ghz_cap(sdata, skb); } +static void ieee80211_add_eht_ie(struct ieee80211_sub_if_data *sdata, + struct sk_buff *skb, + struct ieee80211_supported_band *sband) +{ + u8 *pos; + const struct ieee80211_sta_he_cap *he_cap; + const struct ieee80211_sta_eht_cap *eht_cap; + struct ieee80211_chanctx_conf *chanctx_conf; + u8 eht_cap_size; + bool reg_cap = false; + + rcu_read_lock(); + chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf); + if (!WARN_ON_ONCE(!chanctx_conf)) + reg_cap = cfg80211_chandef_usable(sdata->wdev.wiphy, + &chanctx_conf->def, + IEEE80211_CHAN_NO_HE | + IEEE80211_CHAN_NO_EHT); + rcu_read_unlock(); + + he_cap = ieee80211_get_he_iftype_cap(sband, + ieee80211_vif_type_p2p(&sdata->vif)); + eht_cap = ieee80211_get_eht_iftype_cap(sband, + ieee80211_vif_type_p2p(&sdata->vif)); + + /* + * EHT capabilities element is only added if the HE capabilities element + * was added so assume that 'he_cap' is valid and don't check it. + */ + if (WARN_ON(!he_cap || !eht_cap || !reg_cap)) + return; + + eht_cap_size = + 2 + 1 + sizeof(eht_cap->eht_cap_elem) + + ieee80211_eht_mcs_nss_size(&he_cap->he_cap_elem, + &eht_cap->eht_cap_elem) + + ieee80211_eht_ppe_size(eht_cap->eht_ppe_thres[0], + eht_cap->eht_cap_elem.phy_cap_info); + pos = skb_put(skb, eht_cap_size); + ieee80211_ie_build_eht_cap(pos, he_cap, eht_cap, pos + eht_cap_size); +} + static int ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata) { struct ieee80211_local *local = sdata->local; @@ -986,17 +1055,22 @@ &assoc_data->ap_vht_cap); /* - * If AP doesn't support HT, mark HE as disabled. + * If AP doesn't support HT, mark HE and EHT as disabled. * If on the 5GHz band, make sure it supports VHT. */ if (ifmgd->flags & IEEE80211_STA_DISABLE_HT || (sband->band == NL80211_BAND_5GHZ && ifmgd->flags & IEEE80211_STA_DISABLE_VHT)) - ifmgd->flags |= IEEE80211_STA_DISABLE_HE; + ifmgd->flags |= IEEE80211_STA_DISABLE_HE | + IEEE80211_STA_DISABLE_EHT; - if (!(ifmgd->flags & IEEE80211_STA_DISABLE_HE)) + if (!(ifmgd->flags & IEEE80211_STA_DISABLE_HE)) { ieee80211_add_he_ie(sdata, skb, sband); + if (!(ifmgd->flags & IEEE80211_STA_DISABLE_EHT)) + ieee80211_add_eht_ie(sdata, skb, sband); + } + /* if present, add any custom non-vendor IEs that go after HE */ if (assoc_data->ie_len) { noffset = ieee80211_ie_split_vendor(assoc_data->ie, @@ -1502,6 +1576,7 @@ fallthrough; case NL80211_BAND_2GHZ: case NL80211_BAND_60GHZ: + case NL80211_BAND_LC: chan_increment = 1; break; case NL80211_BAND_5GHZ: @@ -2270,6 +2345,7 @@ { struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; struct ieee80211_local *local = sdata->local; + struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; u32 changed = 0; struct ieee80211_prep_tx_info info = { .subtype = stype, @@ -2419,6 +2495,10 @@ cancel_delayed_work_sync(&ifmgd->tx_tspec_wk); sdata->encrypt_headroom = IEEE80211_ENCRYPT_HEADROOM; + + bss_conf->pwr_reduction = 0; + bss_conf->tx_pwr_env_num = 0; + memset(bss_conf->tx_pwr_env, 0, sizeof(bss_conf->tx_pwr_env)); } static void ieee80211_reset_ap_probe(struct ieee80211_sub_if_data *sdata) @@ -2528,7 +2608,7 @@ static void ieee80211_mgd_probe_ap_send(struct ieee80211_sub_if_data *sdata) { struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; - const u8 *ssid; + const struct element *ssid; u8 *dst = ifmgd->associated->bssid; u8 unicast_limit = max(1, max_probe_tries - 3); struct sta_info *sta; @@ -2565,14 +2645,14 @@ int ssid_len; rcu_read_lock(); - ssid = ieee80211_bss_get_ie(ifmgd->associated, WLAN_EID_SSID); + ssid = ieee80211_bss_get_elem(ifmgd->associated, WLAN_EID_SSID); if (WARN_ON_ONCE(ssid == NULL)) ssid_len = 0; else - ssid_len = ssid[1]; + ssid_len = ssid->datalen; ieee80211_mlme_send_probe_req(sdata, sdata->vif.addr, dst, - ssid + 2, ssid_len, + ssid->data, ssid_len, ifmgd->associated->channel); rcu_read_unlock(); } @@ -2602,6 +2682,13 @@ goto out; } + if (sdata->local->suspending) { + /* reschedule after resume */ + mutex_unlock(&sdata->local->mtx); + ieee80211_reset_ap_probe(sdata); + goto out; + } + if (beacon) { mlme_dbg_ratelimited(sdata, "detected beacon loss from AP (missed %d beacons) - probing\n", @@ -2648,7 +2735,7 @@ struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; struct cfg80211_bss *cbss; struct sk_buff *skb; - const u8 *ssid; + const struct element *ssid; int ssid_len; if (WARN_ON(sdata->vif.type != NL80211_IFTYPE_STATION)) @@ -2666,16 +2753,17 @@ return NULL; rcu_read_lock(); - ssid = ieee80211_bss_get_ie(cbss, WLAN_EID_SSID); - if (WARN_ONCE(!ssid || ssid[1] > IEEE80211_MAX_SSID_LEN, - "invalid SSID element (len=%d)", ssid ? ssid[1] : -1)) + ssid = ieee80211_bss_get_elem(cbss, WLAN_EID_SSID); + if (WARN_ONCE(!ssid || ssid->datalen > IEEE80211_MAX_SSID_LEN, + "invalid SSID element (len=%d)", + ssid ? ssid->datalen : -1)) ssid_len = 0; else - ssid_len = ssid[1]; + ssid_len = ssid->datalen; skb = ieee80211_build_probe_req(sdata, sdata->vif.addr, cbss->bssid, (u32) -1, cbss->channel, - ssid + 2, ssid_len, + ssid->data, ssid_len, NULL, 0, IEEE80211_PROBE_FLAG_DIRECTED); rcu_read_unlock(); @@ -2889,17 +2977,17 @@ { struct ieee80211_local *local = sdata->local; struct ieee80211_mgd_auth_data *auth_data = sdata->u.mgd.auth_data; + const struct element *challenge; u8 *pos; - struct ieee802_11_elems elems; u32 tx_flags = 0; struct ieee80211_prep_tx_info info = { .subtype = IEEE80211_STYPE_AUTH, }; pos = mgmt->u.auth.variable; - ieee802_11_parse_elems(pos, len - (pos - (u8 *)mgmt), false, &elems, - mgmt->bssid, auth_data->bss->bssid); - if (!elems.challenge) + challenge = cfg80211_find_elem(WLAN_EID_CHALLENGE, pos, + len - (pos - (u8 *)mgmt)); + if (!challenge) return; auth_data->expected_transaction = 4; drv_mgd_prepare_tx(sdata->local, sdata, &info); @@ -2907,7 +2995,8 @@ tx_flags = IEEE80211_TX_CTL_REQ_TX_STATUS | IEEE80211_TX_INTFL_MLME_CONN_TX; ieee80211_send_auth(sdata, 3, auth_data->algorithm, 0, - elems.challenge - 2, elems.challenge_len + 2, + (void *)challenge, + challenge->datalen + sizeof(*challenge), auth_data->bss->bssid, auth_data->bss->bssid, auth_data->key, auth_data->key_len, auth_data->key_idx, tx_flags); @@ -3316,8 +3405,11 @@ aid = 0; /* TODO */ } capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info); - ieee802_11_parse_elems(pos, len - (pos - (u8 *)mgmt), false, elems, - mgmt->bssid, assoc_data->bss->bssid); + elems = ieee802_11_parse_elems(pos, len - (pos - (u8 *)mgmt), false, + assoc_data->bss); + + if (!elems) + return false; if (elems->aid_resp) aid = le16_to_cpu(elems->aid_resp->aid); @@ -3339,7 +3431,8 @@ if (!is_s1g && !elems->supp_rates) { sdata_info(sdata, "no SuppRates element in AssocResp\n"); - return false; + ret = false; + goto out; } sdata->vif.bss_conf.aid = aid; @@ -3361,7 +3454,7 @@ (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT) && (!elems->vht_cap_elem || !elems->vht_operation)))) { const struct cfg80211_bss_ies *ies; - struct ieee802_11_elems bss_elems; + struct ieee802_11_elems *bss_elems; rcu_read_lock(); ies = rcu_dereference(cbss->ies); @@ -3369,16 +3462,21 @@ bss_ies = kmemdup(ies, sizeof(*ies) + ies->len, GFP_ATOMIC); rcu_read_unlock(); - if (!bss_ies) - return false; + if (!bss_ies) { + ret = false; + goto out; + } + + bss_elems = ieee802_11_parse_elems(bss_ies->data, bss_ies->len, + false, assoc_data->bss); + if (!bss_elems) { + ret = false; + goto out; + } - ieee802_11_parse_elems(bss_ies->data, bss_ies->len, - false, &bss_elems, - mgmt->bssid, - assoc_data->bss->bssid); if (assoc_data->wmm && - !elems->wmm_param && bss_elems.wmm_param) { - elems->wmm_param = bss_elems.wmm_param; + !elems->wmm_param && bss_elems->wmm_param) { + elems->wmm_param = bss_elems->wmm_param; sdata_info(sdata, "AP bug: WMM param missing from AssocResp\n"); } @@ -3387,30 +3485,32 @@ * Also check if we requested HT/VHT, otherwise the AP doesn't * have to include the IEs in the (re)association response. */ - if (!elems->ht_cap_elem && bss_elems.ht_cap_elem && + if (!elems->ht_cap_elem && bss_elems->ht_cap_elem && !(ifmgd->flags & IEEE80211_STA_DISABLE_HT)) { - elems->ht_cap_elem = bss_elems.ht_cap_elem; + elems->ht_cap_elem = bss_elems->ht_cap_elem; sdata_info(sdata, "AP bug: HT capability missing from AssocResp\n"); } - if (!elems->ht_operation && bss_elems.ht_operation && + if (!elems->ht_operation && bss_elems->ht_operation && !(ifmgd->flags & IEEE80211_STA_DISABLE_HT)) { - elems->ht_operation = bss_elems.ht_operation; + elems->ht_operation = bss_elems->ht_operation; sdata_info(sdata, "AP bug: HT operation missing from AssocResp\n"); } - if (!elems->vht_cap_elem && bss_elems.vht_cap_elem && + if (!elems->vht_cap_elem && bss_elems->vht_cap_elem && !(ifmgd->flags & IEEE80211_STA_DISABLE_VHT)) { - elems->vht_cap_elem = bss_elems.vht_cap_elem; + elems->vht_cap_elem = bss_elems->vht_cap_elem; sdata_info(sdata, "AP bug: VHT capa missing from AssocResp\n"); } - if (!elems->vht_operation && bss_elems.vht_operation && + if (!elems->vht_operation && bss_elems->vht_operation && !(ifmgd->flags & IEEE80211_STA_DISABLE_VHT)) { - elems->vht_operation = bss_elems.vht_operation; + elems->vht_operation = bss_elems->vht_operation; sdata_info(sdata, "AP bug: VHT operation missing from AssocResp\n"); } + + kfree(bss_elems); } /* @@ -3496,10 +3596,25 @@ bss_conf->twt_protected = false; changed |= ieee80211_recalc_twt_req(sdata, sta, elems); + + if (elems->eht_operation && elems->eht_cap && + !(ifmgd->flags & IEEE80211_STA_DISABLE_EHT)) { + ieee80211_eht_cap_ie_to_sta_eht_cap(sdata, sband, + elems->he_cap, + elems->he_cap_len, + elems->eht_cap, + elems->eht_cap_len, + sta); + + bss_conf->eht_support = sta->sta.eht_cap.has_eht; + } else { + bss_conf->eht_support = false; + } } else { bss_conf->he_support = false; bss_conf->twt_requester = false; bss_conf->twt_protected = false; + bss_conf->eht_support = false; } bss_conf->twt_broadcast = @@ -3661,6 +3776,7 @@ ret = true; out: + kfree(elems); kfree(bss_ies); return ret; } @@ -3672,7 +3788,7 @@ struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; struct ieee80211_mgd_assoc_data *assoc_data = ifmgd->assoc_data; u16 capab_info, status_code, aid; - struct ieee802_11_elems elems; + struct ieee802_11_elems *elems; int ac, uapsd_queues = -1; u8 *pos; bool reassoc; @@ -3729,14 +3845,20 @@ fils_decrypt_assoc_resp(sdata, (u8 *)mgmt, &len, assoc_data) < 0) return; - ieee802_11_parse_elems(pos, len - (pos - (u8 *)mgmt), false, &elems, - mgmt->bssid, assoc_data->bss->bssid); + elems = ieee802_11_parse_elems(pos, len - (pos - (u8 *)mgmt), false, + assoc_data->bss); + if (!elems) + goto notify_driver; if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY && - elems.timeout_int && - elems.timeout_int->type == WLAN_TIMEOUT_ASSOC_COMEBACK) { + elems->timeout_int && + elems->timeout_int->type == WLAN_TIMEOUT_ASSOC_COMEBACK) { u32 tu, ms; - tu = le32_to_cpu(elems.timeout_int->value); + + cfg80211_assoc_comeback(sdata->dev, assoc_data->bss, + le32_to_cpu(elems->timeout_int->value)); + + tu = le32_to_cpu(elems->timeout_int->value); ms = tu * 1024 / 1000; sdata_info(sdata, "%pM rejected association temporarily; comeback duration %u TU (%u ms)\n", @@ -3756,7 +3878,7 @@ event.u.mlme.reason = status_code; drv_event_callback(sdata->local, sdata, &event); } else { - if (!ieee80211_assoc_success(sdata, cbss, mgmt, len, &elems)) { + if (!ieee80211_assoc_success(sdata, cbss, mgmt, len, elems)) { /* oops -- internal error -- send timeout for now */ ieee80211_destroy_assoc_data(sdata, false, false); cfg80211_assoc_timeout(sdata->dev, cbss); @@ -3786,6 +3908,7 @@ ifmgd->assoc_req_ies, ifmgd->assoc_req_ies_len); notify_driver: drv_mgd_complete_tx(sdata->local, sdata, &info); + kfree(elems); } static void ieee80211_rx_bss_info(struct ieee80211_sub_if_data *sdata, @@ -3990,7 +4113,7 @@ struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; struct ieee80211_mgmt *mgmt = (void *) hdr; size_t baselen; - struct ieee802_11_elems elems; + struct ieee802_11_elems *elems; struct ieee80211_local *local = sdata->local; struct ieee80211_chanctx_conf *chanctx_conf; struct ieee80211_channel *chan; @@ -4036,15 +4159,15 @@ if (ifmgd->assoc_data && ifmgd->assoc_data->need_beacon && ieee80211_rx_our_beacon(bssid, ifmgd->assoc_data->bss)) { - ieee802_11_parse_elems(variable, - len - baselen, false, &elems, - bssid, - ifmgd->assoc_data->bss->bssid); + elems = ieee802_11_parse_elems(variable, len - baselen, false, + ifmgd->assoc_data->bss); + if (!elems) + return; ieee80211_rx_bss_info(sdata, mgmt, len, rx_status); - if (elems.dtim_period) - ifmgd->dtim_period = elems.dtim_period; + if (elems->dtim_period) + ifmgd->dtim_period = elems->dtim_period; ifmgd->have_beacon = true; ifmgd->assoc_data->need_beacon = false; if (ieee80211_hw_check(&local->hw, TIMING_BEACON_ONLY)) { @@ -4052,17 +4175,17 @@ le64_to_cpu(mgmt->u.beacon.timestamp); sdata->vif.bss_conf.sync_device_ts = rx_status->device_timestamp; - sdata->vif.bss_conf.sync_dtim_count = elems.dtim_count; + sdata->vif.bss_conf.sync_dtim_count = elems->dtim_count; } - if (elems.mbssid_config_ie) + if (elems->mbssid_config_ie) bss_conf->profile_periodicity = - elems.mbssid_config_ie->profile_periodicity; + elems->mbssid_config_ie->profile_periodicity; else bss_conf->profile_periodicity = 0; - if (elems.ext_capab_len >= 11 && - (elems.ext_capab[10] & WLAN_EXT_CAPA11_EMA_SUPPORT)) + if (elems->ext_capab_len >= 11 && + (elems->ext_capab[10] & WLAN_EXT_CAPA11_EMA_SUPPORT)) bss_conf->ema_ap = true; else bss_conf->ema_ap = false; @@ -4071,6 +4194,7 @@ ifmgd->assoc_data->timeout = jiffies; ifmgd->assoc_data->timeout_started = true; run_again(sdata, ifmgd->assoc_data->timeout); + kfree(elems); return; } @@ -4102,13 +4226,15 @@ */ if (!ieee80211_is_s1g_beacon(hdr->frame_control)) ncrc = crc32_be(0, (void *)&mgmt->u.beacon.beacon_int, 4); - ncrc = ieee802_11_parse_elems_crc(variable, - len - baselen, false, &elems, - care_about_ies, ncrc, - mgmt->bssid, bssid); + elems = ieee802_11_parse_elems_crc(variable, len - baselen, + false, care_about_ies, ncrc, + ifmgd->associated); + if (!elems) + return; + ncrc = elems->crc; if (ieee80211_hw_check(&local->hw, PS_NULLFUNC_STACK) && - ieee80211_check_tim(elems.tim, elems.tim_len, bss_conf->aid)) { + ieee80211_check_tim(elems->tim, elems->tim_len, bss_conf->aid)) { if (local->hw.conf.dynamic_ps_timeout > 0) { if (local->hw.conf.flags & IEEE80211_CONF_PS) { local->hw.conf.flags &= ~IEEE80211_CONF_PS; @@ -4178,12 +4304,12 @@ le64_to_cpu(mgmt->u.beacon.timestamp); sdata->vif.bss_conf.sync_device_ts = rx_status->device_timestamp; - sdata->vif.bss_conf.sync_dtim_count = elems.dtim_count; + sdata->vif.bss_conf.sync_dtim_count = elems->dtim_count; } if ((ncrc == ifmgd->beacon_crc && ifmgd->beacon_crc_valid) || ieee80211_is_s1g_short_beacon(mgmt->frame_control)) - return; + goto free; ifmgd->beacon_crc = ncrc; ifmgd->beacon_crc_valid = true; @@ -4191,12 +4317,12 @@ ieee80211_sta_process_chanswitch(sdata, rx_status->mactime, rx_status->device_timestamp, - &elems, true); + elems, true); if (!(ifmgd->flags & IEEE80211_STA_DISABLE_WMM) && - ieee80211_sta_wmm_params(local, sdata, elems.wmm_param, - elems.wmm_param_len, - elems.mu_edca_param_set)) + ieee80211_sta_wmm_params(local, sdata, elems->wmm_param, + elems->wmm_param_len, + elems->mu_edca_param_set)) changed |= BSS_CHANGED_QOS; /* @@ -4205,7 +4331,7 @@ */ if (!ifmgd->have_beacon) { /* a few bogus AP send dtim_period = 0 or no TIM IE */ - bss_conf->dtim_period = elems.dtim_period ?: 1; + bss_conf->dtim_period = elems->dtim_period ?: 1; changed |= BSS_CHANGED_BEACON_INFO; ifmgd->have_beacon = true; @@ -4217,9 +4343,9 @@ ieee80211_recalc_ps_vif(sdata); } - if (elems.erp_info) { + if (elems->erp_info) { erp_valid = true; - erp_value = elems.erp_info[0]; + erp_value = elems->erp_info[0]; } else { erp_valid = false; } @@ -4232,12 +4358,13 @@ mutex_lock(&local->sta_mtx); sta = sta_info_get(sdata, bssid); - changed |= ieee80211_recalc_twt_req(sdata, sta, &elems); + changed |= ieee80211_recalc_twt_req(sdata, sta, elems); - if (ieee80211_config_bw(sdata, sta, elems.ht_cap_elem, - elems.vht_cap_elem, elems.ht_operation, - elems.vht_operation, elems.he_operation, - elems.s1g_oper, bssid, &changed)) { + if (ieee80211_config_bw(sdata, sta, elems->ht_cap_elem, + elems->vht_cap_elem, elems->ht_operation, + elems->vht_operation, elems->he_operation, + elems->eht_operation, + elems->s1g_oper, bssid, &changed)) { mutex_unlock(&local->sta_mtx); sdata_info(sdata, "failed to follow AP %pM bandwidth change, disconnect\n", @@ -4249,21 +4376,23 @@ sizeof(deauth_buf), true, WLAN_REASON_DEAUTH_LEAVING, false); - return; + goto free; } - if (sta && elems.opmode_notif) - ieee80211_vht_handle_opmode(sdata, sta, *elems.opmode_notif, + if (sta && elems->opmode_notif) + ieee80211_vht_handle_opmode(sdata, sta, *elems->opmode_notif, rx_status->band); mutex_unlock(&local->sta_mtx); changed |= ieee80211_handle_pwr_constr(sdata, chan, mgmt, - elems.country_elem, - elems.country_elem_len, - elems.pwr_constr_elem, - elems.cisco_dtpc_elem); + elems->country_elem, + elems->country_elem_len, + elems->pwr_constr_elem, + elems->cisco_dtpc_elem); ieee80211_bss_info_change_notify(sdata, changed); +free: + kfree(elems); } void ieee80211_sta_rx_queued_ext(struct ieee80211_sub_if_data *sdata, @@ -4292,7 +4421,6 @@ struct ieee80211_rx_status *rx_status; struct ieee80211_mgmt *mgmt; u16 fc; - struct ieee802_11_elems elems; int ies_len; rx_status = (struct ieee80211_rx_status *) skb->cb; @@ -4324,6 +4452,8 @@ break; case IEEE80211_STYPE_ACTION: if (mgmt->u.action.category == WLAN_CATEGORY_SPECTRUM_MGMT) { + struct ieee802_11_elems *elems; + ies_len = skb->len - offsetof(struct ieee80211_mgmt, u.action.u.chan_switch.variable); @@ -4332,18 +4462,19 @@ break; /* CSA IE cannot be overridden, no need for BSSID */ - ieee802_11_parse_elems( + elems = ieee802_11_parse_elems( mgmt->u.action.u.chan_switch.variable, - ies_len, true, &elems, mgmt->bssid, NULL); - - if (elems.parse_error) - break; + ies_len, true, NULL); + if (elems && !elems->parse_error) ieee80211_sta_process_chanswitch(sdata, rx_status->mactime, rx_status->device_timestamp, - &elems, false); + elems, false); + kfree(elems); } else if (mgmt->u.action.category == WLAN_CATEGORY_PUBLIC) { + struct ieee802_11_elems *elems; + ies_len = skb->len - offsetof(struct ieee80211_mgmt, u.action.u.ext_chan_switch.variable); @@ -4355,21 +4486,22 @@ * extended CSA IE can't be overridden, no need for * BSSID */ - ieee802_11_parse_elems( + elems = ieee802_11_parse_elems( mgmt->u.action.u.ext_chan_switch.variable, - ies_len, true, &elems, mgmt->bssid, NULL); - - if (elems.parse_error) - break; + ies_len, true, NULL); - /* for the handling code pretend this was also an IE */ - elems.ext_chansw_ie = + if (elems && !elems->parse_error) { + /* for the handling code pretend it was an IE */ + elems->ext_chansw_ie = &mgmt->u.action.u.ext_chan_switch.data; ieee80211_sta_process_chanswitch(sdata, rx_status->mactime, rx_status->device_timestamp, - &elems, false); + elems, false); + } + + kfree(elems); } break; } @@ -4806,6 +4938,7 @@ sdata_unlock(sdata); } +#endif void ieee80211_sta_restart(struct ieee80211_sub_if_data *sdata) { @@ -4827,9 +4960,20 @@ sdata_unlock(sdata); return; } + + if (sdata->flags & IEEE80211_SDATA_DISCONNECT_HW_RESTART) { + sdata->flags &= ~IEEE80211_SDATA_DISCONNECT_HW_RESTART; + mlme_dbg(sdata, "driver requested disconnect after hardware restart\n"); + ieee80211_sta_connection_lost(sdata, + ifmgd->associated->bssid, + WLAN_REASON_UNSPECIFIED, + true); + sdata_unlock(sdata); + return; + } + sdata_unlock(sdata); } -#endif /* interface setup */ void ieee80211_sta_setup_sdata(struct ieee80211_sub_if_data *sdata) @@ -4884,21 +5028,28 @@ rcu_read_unlock(); } -static u8 ieee80211_ht_vht_rx_chains(struct ieee80211_sub_if_data *sdata, +static u8 ieee80211_max_rx_chains(struct ieee80211_sub_if_data *sdata, struct cfg80211_bss *cbss) { + struct ieee80211_he_mcs_nss_supp *he_mcs_nss_supp; struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; - const u8 *ht_cap_ie, *vht_cap_ie; + const struct element *ht_cap_elem, *vht_cap_elem; + const struct cfg80211_bss_ies *ies; const struct ieee80211_ht_cap *ht_cap; const struct ieee80211_vht_cap *vht_cap; + const struct ieee80211_he_cap_elem *he_cap; + const struct element *he_cap_elem; + u16 mcs_80_map, mcs_160_map; + int i, mcs_nss_size; + bool support_160; u8 chains = 1; if (ifmgd->flags & IEEE80211_STA_DISABLE_HT) return chains; - ht_cap_ie = ieee80211_bss_get_ie(cbss, WLAN_EID_HT_CAPABILITY); - if (ht_cap_ie && ht_cap_ie[1] >= sizeof(*ht_cap)) { - ht_cap = (void *)(ht_cap_ie + 2); + ht_cap_elem = ieee80211_bss_get_elem(cbss, WLAN_EID_HT_CAPABILITY); + if (ht_cap_elem && ht_cap_elem->datalen >= sizeof(*ht_cap)) { + ht_cap = (void *)ht_cap_elem->data; chains = ieee80211_mcs_to_chains(&ht_cap->mcs); /* * TODO: use "Tx Maximum Number Spatial Streams Supported" and @@ -4909,12 +5060,12 @@ if (ifmgd->flags & IEEE80211_STA_DISABLE_VHT) return chains; - vht_cap_ie = ieee80211_bss_get_ie(cbss, WLAN_EID_VHT_CAPABILITY); - if (vht_cap_ie && vht_cap_ie[1] >= sizeof(*vht_cap)) { + vht_cap_elem = ieee80211_bss_get_elem(cbss, WLAN_EID_VHT_CAPABILITY); + if (vht_cap_elem && vht_cap_elem->datalen >= sizeof(*vht_cap)) { u8 nss; u16 tx_mcs_map; - vht_cap = (void *)(vht_cap_ie + 2); + vht_cap = (void *)vht_cap_elem->data; tx_mcs_map = le16_to_cpu(vht_cap->supp_mcs.tx_mcs_map); for (nss = 8; nss > 0; nss--) { if (((tx_mcs_map >> (2 * (nss - 1))) & 3) != @@ -4925,10 +5076,156 @@ chains = max(chains, nss); } + if (ifmgd->flags & IEEE80211_STA_DISABLE_HE) + return chains; + + ies = rcu_dereference(cbss->ies); + he_cap_elem = cfg80211_find_ext_elem(WLAN_EID_EXT_HE_CAPABILITY, + ies->data, ies->len); + + if (!he_cap_elem || he_cap_elem->datalen < sizeof(*he_cap)) + return chains; + + /* skip one byte ext_tag_id */ + he_cap = (void *)(he_cap_elem->data + 1); + mcs_nss_size = ieee80211_he_mcs_nss_size(he_cap); + + /* invalid HE IE */ + if (he_cap_elem->datalen < 1 + mcs_nss_size + sizeof(*he_cap)) + return chains; + + /* mcs_nss is right after he_cap info */ + he_mcs_nss_supp = (void *)(he_cap + 1); + + mcs_80_map = le16_to_cpu(he_mcs_nss_supp->tx_mcs_80); + + for (i = 7; i >= 0; i--) { + u8 mcs_80 = mcs_80_map >> (2 * i) & 3; + + if (mcs_80 != IEEE80211_VHT_MCS_NOT_SUPPORTED) { + chains = max_t(u8, chains, i + 1); + break; + } + } + + support_160 = he_cap->phy_cap_info[0] & + IEEE80211_HE_PHY_CAP0_CHANNEL_WIDTH_SET_160MHZ_IN_5G; + + if (!support_160) + return chains; + + mcs_160_map = le16_to_cpu(he_mcs_nss_supp->tx_mcs_160); + for (i = 7; i >= 0; i--) { + u8 mcs_160 = mcs_160_map >> (2 * i) & 3; + + if (mcs_160 != IEEE80211_VHT_MCS_NOT_SUPPORTED) { + chains = max_t(u8, chains, i + 1); + break; + } + } + return chains; } static bool +ieee80211_verify_peer_he_mcs_support(struct ieee80211_sub_if_data *sdata, + const struct cfg80211_bss_ies *ies, + const struct ieee80211_he_operation *he_op) +{ + const struct element *he_cap_elem; + const struct ieee80211_he_cap_elem *he_cap; + struct ieee80211_he_mcs_nss_supp *he_mcs_nss_supp; + u16 mcs_80_map_tx, mcs_80_map_rx; + u16 ap_min_req_set; + int mcs_nss_size; + int nss; + + he_cap_elem = cfg80211_find_ext_elem(WLAN_EID_EXT_HE_CAPABILITY, + ies->data, ies->len); + + /* invalid HE IE */ + if (!he_cap_elem || he_cap_elem->datalen < 1 + sizeof(*he_cap)) { + sdata_info(sdata, + "Invalid HE elem, Disable HE\n"); + return false; + } + + /* skip one byte ext_tag_id */ + he_cap = (void *)(he_cap_elem->data + 1); + mcs_nss_size = ieee80211_he_mcs_nss_size(he_cap); + + /* invalid HE IE */ + if (he_cap_elem->datalen < 1 + sizeof(*he_cap) + mcs_nss_size) { + sdata_info(sdata, + "Invalid HE elem with nss size, Disable HE\n"); + return false; + } + + /* mcs_nss is right after he_cap info */ + he_mcs_nss_supp = (void *)(he_cap + 1); + + mcs_80_map_tx = le16_to_cpu(he_mcs_nss_supp->tx_mcs_80); + mcs_80_map_rx = le16_to_cpu(he_mcs_nss_supp->rx_mcs_80); + + /* P802.11-REVme/D0.3 + * 27.1.1 Introduction to the HE PHY + * ... + * An HE STA shall support the following features: + * ... + * Single spatial stream HE-MCSs 0 to 7 (transmit and receive) in all + * supported channel widths for HE SU PPDUs + */ + if ((mcs_80_map_tx & 0x3) == IEEE80211_HE_MCS_NOT_SUPPORTED || + (mcs_80_map_rx & 0x3) == IEEE80211_HE_MCS_NOT_SUPPORTED) { + sdata_info(sdata, + "Missing mandatory rates for 1 Nss, rx 0x%x, tx 0x%x, disable HE\n", + mcs_80_map_tx, mcs_80_map_rx); + return false; + } + + if (!he_op) + return true; + + ap_min_req_set = le16_to_cpu(he_op->he_mcs_nss_set); + + /* make sure the AP is consistent with itself + * + * P802.11-REVme/D0.3 + * 26.17.1 Basic HE BSS operation + * + * A STA that is operating in an HE BSS shall be able to receive and + * transmit at each of the tuple values indicated by the + * Basic HE-MCS And NSS Set field of the HE Operation parameter of the + * MLME-START.request primitive and shall be able to receive at each of + * the tuple values indicated by the Supported HE-MCS and + * NSS Set field in the HE Capabilities parameter of the MLMESTART.request + * primitive + */ + for (nss = 8; nss > 0; nss--) { + u8 ap_op_val = (ap_min_req_set >> (2 * (nss - 1))) & 3; + u8 ap_rx_val; + u8 ap_tx_val; + + if (ap_op_val == IEEE80211_HE_MCS_NOT_SUPPORTED) + continue; + + ap_rx_val = (mcs_80_map_rx >> (2 * (nss - 1))) & 3; + ap_tx_val = (mcs_80_map_tx >> (2 * (nss - 1))) & 3; + + if (ap_rx_val == IEEE80211_HE_MCS_NOT_SUPPORTED || + ap_tx_val == IEEE80211_HE_MCS_NOT_SUPPORTED || + ap_rx_val < ap_op_val || ap_tx_val < ap_op_val) { + sdata_info(sdata, + "Invalid rates for %d Nss, rx %d, tx %d oper %d, disable HE\n", + nss, ap_rx_val, ap_rx_val, ap_op_val); + return false; + } + } + + return true; +} + +static bool ieee80211_verify_sta_he_mcs_support(struct ieee80211_sub_if_data *sdata, struct ieee80211_supported_band *sband, const struct ieee80211_he_operation *he_op) @@ -4974,7 +5271,15 @@ /* * Make sure the HE AP doesn't require MCSs that aren't - * supported by the client + * supported by the client as required by spec + * + * P802.11-REVme/D0.3 + * 26.17.1 Basic HE BSS operation + * + * An HE STA shall not attempt to join * (MLME-JOIN.request primitive) + * a BSS, unless it supports (i.e., is able to both transmit and + * receive using) all of the tuples in the basic + * HE-MCS and NSS set. */ if (sta_rx_val == IEEE80211_HE_MCS_NOT_SUPPORTED || sta_tx_val == IEEE80211_HE_MCS_NOT_SUPPORTED || @@ -5001,16 +5306,28 @@ const struct ieee80211_ht_operation *ht_oper = NULL; const struct ieee80211_vht_operation *vht_oper = NULL; const struct ieee80211_he_operation *he_oper = NULL; + const struct ieee80211_eht_operation *eht_oper = NULL; const struct ieee80211_s1g_oper_ie *s1g_oper = NULL; struct ieee80211_supported_band *sband; struct cfg80211_chan_def chandef; bool is_6ghz = cbss->channel->band == NL80211_BAND_6GHZ; bool is_5ghz = cbss->channel->band == NL80211_BAND_5GHZ; struct ieee80211_bss *bss = (void *)cbss->priv; + struct ieee802_11_elems *elems; + const struct cfg80211_bss_ies *ies; int ret; u32 i; bool have_80mhz; + rcu_read_lock(); + + ies = rcu_dereference(cbss->ies); + elems = ieee802_11_parse_elems(ies->data, ies->len, false, cbss); + if (!elems) { + rcu_read_unlock(); + return -ENOMEM; + } + sband = local->hw.wiphy->bands[cbss->channel->band]; ifmgd->flags &= ~(IEEE80211_STA_DISABLE_40MHZ | @@ -5019,32 +5336,36 @@ /* disable HT/VHT/HE if we don't support them */ if (!sband->ht_cap.ht_supported && !is_6ghz) { + mlme_dbg(sdata, "HT not supported, disabling HT/VHT/HE/EHT\n"); ifmgd->flags |= IEEE80211_STA_DISABLE_HT; ifmgd->flags |= IEEE80211_STA_DISABLE_VHT; ifmgd->flags |= IEEE80211_STA_DISABLE_HE; + ifmgd->flags |= IEEE80211_STA_DISABLE_EHT; } if (!sband->vht_cap.vht_supported && is_5ghz) { + mlme_dbg(sdata, "VHT not supported, disabling VHT/HE/EHT\n"); ifmgd->flags |= IEEE80211_STA_DISABLE_VHT; ifmgd->flags |= IEEE80211_STA_DISABLE_HE; + ifmgd->flags |= IEEE80211_STA_DISABLE_EHT; } if (!ieee80211_get_he_iftype_cap(sband, - ieee80211_vif_type_p2p(&sdata->vif))) + ieee80211_vif_type_p2p(&sdata->vif))) { + mlme_dbg(sdata, "HE not supported, disabling HE and EHT\n"); ifmgd->flags |= IEEE80211_STA_DISABLE_HE; + ifmgd->flags |= IEEE80211_STA_DISABLE_EHT; + } - rcu_read_lock(); + if (!ieee80211_get_eht_iftype_cap(sband, + ieee80211_vif_type_p2p(&sdata->vif))) { + mlme_dbg(sdata, "EHT not supported, disabling EHT\n"); + ifmgd->flags |= IEEE80211_STA_DISABLE_EHT; + } if (!(ifmgd->flags & IEEE80211_STA_DISABLE_HT) && !is_6ghz) { - const u8 *ht_oper_ie, *ht_cap_ie; - - ht_oper_ie = ieee80211_bss_get_ie(cbss, WLAN_EID_HT_OPERATION); - if (ht_oper_ie && ht_oper_ie[1] >= sizeof(*ht_oper)) - ht_oper = (void *)(ht_oper_ie + 2); - - ht_cap_ie = ieee80211_bss_get_ie(cbss, WLAN_EID_HT_CAPABILITY); - if (ht_cap_ie && ht_cap_ie[1] >= sizeof(*ht_cap)) - ht_cap = (void *)(ht_cap_ie + 2); + ht_oper = elems->ht_operation; + ht_cap = elems->ht_cap_elem; if (!ht_cap) { ifmgd->flags |= IEEE80211_STA_DISABLE_HT; @@ -5053,12 +5374,7 @@ } if (!(ifmgd->flags & IEEE80211_STA_DISABLE_VHT) && !is_6ghz) { - const u8 *vht_oper_ie, *vht_cap; - - vht_oper_ie = ieee80211_bss_get_ie(cbss, - WLAN_EID_VHT_OPERATION); - if (vht_oper_ie && vht_oper_ie[1] >= sizeof(*vht_oper)) - vht_oper = (void *)(vht_oper_ie + 2); + vht_oper = elems->vht_operation; if (vht_oper && !ht_oper) { vht_oper = NULL; sdata_info(sdata, @@ -5066,30 +5382,69 @@ ifmgd->flags |= IEEE80211_STA_DISABLE_HT; ifmgd->flags |= IEEE80211_STA_DISABLE_VHT; ifmgd->flags |= IEEE80211_STA_DISABLE_HE; + ifmgd->flags |= IEEE80211_STA_DISABLE_EHT; } - vht_cap = ieee80211_bss_get_ie(cbss, WLAN_EID_VHT_CAPABILITY); - if (!vht_cap || vht_cap[1] < sizeof(struct ieee80211_vht_cap)) { + if (!elems->vht_cap_elem) { + sdata_info(sdata, + "bad VHT capabilities, disabling VHT\n"); ifmgd->flags |= IEEE80211_STA_DISABLE_VHT; vht_oper = NULL; } } if (!(ifmgd->flags & IEEE80211_STA_DISABLE_HE)) { + he_oper = elems->he_operation; + + if (is_6ghz) { + struct ieee80211_bss_conf *bss_conf; + u8 i, j = 0; + + bss_conf = &sdata->vif.bss_conf; + + if (elems->pwr_constr_elem) + bss_conf->pwr_reduction = *elems->pwr_constr_elem; + + BUILD_BUG_ON(ARRAY_SIZE(bss_conf->tx_pwr_env) != + ARRAY_SIZE(elems->tx_pwr_env)); + + for (i = 0; i < elems->tx_pwr_env_num; i++) { + if (elems->tx_pwr_env_len[i] > + sizeof(bss_conf->tx_pwr_env[j])) + continue; + + bss_conf->tx_pwr_env_num++; + memcpy(&bss_conf->tx_pwr_env[j], elems->tx_pwr_env[i], + elems->tx_pwr_env_len[i]); + j++; + } + } + + if (!ieee80211_verify_peer_he_mcs_support(sdata, ies, he_oper) || + !ieee80211_verify_sta_he_mcs_support(sdata, sband, he_oper)) + ifmgd->flags |= IEEE80211_STA_DISABLE_HE | + IEEE80211_STA_DISABLE_EHT; + } + + /* + * EHT requires HE to be supported as well. Specifically for 6 GHz + * channels, the operation channel information can only be deduced from + * both the 6 GHz operation information (from the HE operation IE) and + * EHT operation. + */ + if (!(ifmgd->flags & (IEEE80211_STA_DISABLE_HE | + IEEE80211_STA_DISABLE_EHT)) && he_oper) { const struct cfg80211_bss_ies *ies; - const u8 *he_oper_ie; + const u8 *eht_oper_ie; ies = rcu_dereference(cbss->ies); - he_oper_ie = cfg80211_find_ext_ie(WLAN_EID_EXT_HE_OPERATION, + eht_oper_ie = cfg80211_find_ext_ie(WLAN_EID_EXT_EHT_OPERATION, ies->data, ies->len); - if (he_oper_ie && - he_oper_ie[1] >= ieee80211_he_oper_size(&he_oper_ie[3])) - he_oper = (void *)(he_oper_ie + 3); + if (eht_oper_ie && eht_oper_ie[1] >= + 1 + sizeof(struct ieee80211_eht_operation)) + eht_oper = (void *)(eht_oper_ie + 3); else - he_oper = NULL; - - if (!ieee80211_verify_sta_he_mcs_support(sdata, sband, he_oper)) - ifmgd->flags |= IEEE80211_STA_DISABLE_HE; + eht_oper = NULL; } /* Allow VHT if at least one channel on the sband supports 80 MHz */ @@ -5103,17 +5458,14 @@ break; } - if (!have_80mhz) + if (!have_80mhz) { + sdata_info(sdata, "80 MHz not supported, disabling VHT\n"); ifmgd->flags |= IEEE80211_STA_DISABLE_VHT; + } if (sband->band == NL80211_BAND_S1GHZ) { - const u8 *s1g_oper_ie; - - s1g_oper_ie = ieee80211_bss_get_ie(cbss, - WLAN_EID_S1G_OPERATION); - if (s1g_oper_ie && s1g_oper_ie[1] >= sizeof(*s1g_oper)) - s1g_oper = (void *)(s1g_oper_ie + 2); - else + s1g_oper = elems->s1g_oper; + if (!s1g_oper) sdata_info(sdata, "AP missing S1G operation element?\n"); } @@ -5121,14 +5473,18 @@ ifmgd->flags |= ieee80211_determine_chantype(sdata, sband, cbss->channel, bss->vht_cap_info, - ht_oper, vht_oper, he_oper, + ht_oper, vht_oper, + he_oper, eht_oper, s1g_oper, &chandef, false); - sdata->needed_rx_chains = min(ieee80211_ht_vht_rx_chains(sdata, cbss), + sdata->needed_rx_chains = min(ieee80211_max_rx_chains(sdata, cbss), local->rx_chains); rcu_read_unlock(); + /* the element data was RCU protected so no longer valid anyway */ + kfree(elems); + elems = NULL; if (ifmgd->flags & IEEE80211_STA_DISABLE_HE && is_6ghz) { sdata_info(sdata, "Rejecting non-HE 6/7 GHz connection"); @@ -5533,7 +5889,7 @@ const struct cfg80211_bss_ies *beacon_ies; struct ieee80211_supported_band *sband; struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; - const u8 *ssidie, *ht_ie, *vht_ie; + const struct element *ssid_elem, *ht_elem, *vht_elem; int i, err; bool override = false; @@ -5542,14 +5898,14 @@ return -ENOMEM; rcu_read_lock(); - ssidie = ieee80211_bss_get_ie(req->bss, WLAN_EID_SSID); - if (!ssidie || ssidie[1] > sizeof(assoc_data->ssid)) { + ssid_elem = ieee80211_bss_get_elem(req->bss, WLAN_EID_SSID); + if (!ssid_elem || ssid_elem->datalen > sizeof(assoc_data->ssid)) { rcu_read_unlock(); kfree(assoc_data); return -EINVAL; } - memcpy(assoc_data->ssid, ssidie + 2, ssidie[1]); - assoc_data->ssid_len = ssidie[1]; + memcpy(assoc_data->ssid, ssid_elem->data, ssid_elem->datalen); + assoc_data->ssid_len = ssid_elem->datalen; memcpy(bss_conf->ssid, assoc_data->ssid, assoc_data->ssid_len); bss_conf->ssid_len = assoc_data->ssid_len; rcu_read_unlock(); @@ -5609,6 +5965,7 @@ ifmgd->flags |= IEEE80211_STA_DISABLE_HT; ifmgd->flags |= IEEE80211_STA_DISABLE_VHT; ifmgd->flags |= IEEE80211_STA_DISABLE_HE; + ifmgd->flags |= IEEE80211_STA_DISABLE_EHT; netdev_info(sdata->dev, "disabling HT/VHT/HE due to WEP/TKIP use\n"); } @@ -5616,11 +5973,12 @@ sband = local->hw.wiphy->bands[req->bss->channel->band]; - /* also disable HT/VHT/HE if the AP doesn't use WMM */ + /* also disable HT/VHT/HE/EHT if the AP doesn't use WMM */ if (!bss->wmm_used) { ifmgd->flags |= IEEE80211_STA_DISABLE_HT; ifmgd->flags |= IEEE80211_STA_DISABLE_VHT; ifmgd->flags |= IEEE80211_STA_DISABLE_HE; + ifmgd->flags |= IEEE80211_STA_DISABLE_EHT; netdev_info(sdata->dev, "disabling HT/VHT/HE as WMM/QoS is not supported by the AP\n"); } @@ -5663,19 +6021,23 @@ assoc_data->supp_rates_len = bss->supp_rates_len; rcu_read_lock(); - ht_ie = ieee80211_bss_get_ie(req->bss, WLAN_EID_HT_OPERATION); - if (ht_ie && ht_ie[1] >= sizeof(struct ieee80211_ht_operation)) + ht_elem = ieee80211_bss_get_elem(req->bss, WLAN_EID_HT_OPERATION); + if (ht_elem && ht_elem->datalen >= sizeof(struct ieee80211_ht_operation)) assoc_data->ap_ht_param = - ((struct ieee80211_ht_operation *)(ht_ie + 2))->ht_param; + ((struct ieee80211_ht_operation *)(ht_elem->data))->ht_param; else if (!is_6ghz) ifmgd->flags |= IEEE80211_STA_DISABLE_HT; - vht_ie = ieee80211_bss_get_ie(req->bss, WLAN_EID_VHT_CAPABILITY); - if (vht_ie && vht_ie[1] >= sizeof(struct ieee80211_vht_cap)) - memcpy(&assoc_data->ap_vht_cap, vht_ie + 2, + vht_elem = ieee80211_bss_get_elem(req->bss, WLAN_EID_VHT_CAPABILITY); + if (vht_elem && vht_elem->datalen >= sizeof(struct ieee80211_vht_cap)) { + memcpy(&assoc_data->ap_vht_cap, vht_elem->data, sizeof(struct ieee80211_vht_cap)); - else if (is_5ghz) + } else if (is_5ghz) { + sdata_info(sdata, + "VHT capa missing/short, disabling VHT/HE/EHT\n"); ifmgd->flags |= IEEE80211_STA_DISABLE_VHT | - IEEE80211_STA_DISABLE_HE; + IEEE80211_STA_DISABLE_HE | + IEEE80211_STA_DISABLE_EHT; + } rcu_read_unlock(); if (WARN((sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_UAPSD) && @@ -5749,16 +6111,23 @@ } if (req->flags & ASSOC_REQ_DISABLE_HT) { + mlme_dbg(sdata, "HT disabled by flag, disabling HT/VHT/HE\n"); ifmgd->flags |= IEEE80211_STA_DISABLE_HT; ifmgd->flags |= IEEE80211_STA_DISABLE_VHT; ifmgd->flags |= IEEE80211_STA_DISABLE_HE; + ifmgd->flags |= IEEE80211_STA_DISABLE_EHT; } - if (req->flags & ASSOC_REQ_DISABLE_VHT) + if (req->flags & ASSOC_REQ_DISABLE_VHT) { + mlme_dbg(sdata, "VHT disabled by flag, disabling VHT\n"); ifmgd->flags |= IEEE80211_STA_DISABLE_VHT; + } - if (req->flags & ASSOC_REQ_DISABLE_HE) + if (req->flags & ASSOC_REQ_DISABLE_HE) { + mlme_dbg(sdata, "HE disabled by flag, disabling HE/EHT\n"); ifmgd->flags |= IEEE80211_STA_DISABLE_HE; + ifmgd->flags |= IEEE80211_STA_DISABLE_EHT; + } err = ieee80211_prep_connection(sdata, req->bss, true, override); if (err) diff -ruw linux-5.15.42/net/mac80211/rc80211_minstrel_ht.c linux-5.15.42-fbx/net/mac80211/rc80211_minstrel_ht.c --- linux-5.15.42/net/mac80211/rc80211_minstrel_ht.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/rc80211_minstrel_ht.c 2024-04-22 14:46:58.236277073 +0200 @@ -1,7 +1,7 @@ // SPDX-License-Identifier: GPL-2.0-only /* * Copyright (C) 2010-2013 Felix Fietkau - * Copyright (C) 2019-2020 Intel Corporation + * Copyright (C) 2019-2021 Intel Corporation */ #include #include @@ -18,8 +18,6 @@ #define AVG_AMPDU_SIZE 16 #define AVG_PKT_SIZE 1200 -#define SAMPLE_SWITCH_THR 100 - /* Number of bits for an average sized packet */ #define MCS_NBITS ((AVG_PKT_SIZE * AVG_AMPDU_SIZE) << 3) diff -ruw linux-5.15.42/net/mac80211/rx.c linux-5.15.42-fbx/net/mac80211/rx.c --- linux-5.15.42/net/mac80211/rx.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/rx.c 2024-04-22 14:46:58.236277073 +0200 @@ -465,7 +465,12 @@ unsigned int stbc; rthdr->it_present |= cpu_to_le32(BIT(IEEE80211_RADIOTAP_MCS)); - *pos++ = local->hw.radiotap_mcs_details; + *pos = local->hw.radiotap_mcs_details; + if (status->enc_flags & RX_ENC_FLAG_HT_GF) + *pos |= IEEE80211_RADIOTAP_MCS_HAVE_FMT; + if (status->enc_flags & RX_ENC_FLAG_LDPC) + *pos |= IEEE80211_RADIOTAP_MCS_HAVE_FEC; + pos++; *pos = 0; if (status->enc_flags & RX_ENC_FLAG_SHORT_GI) *pos |= IEEE80211_RADIOTAP_MCS_SGI; @@ -1583,8 +1588,12 @@ for (tid = 0; tid < IEEE80211_NUM_TIDS; tid++) { struct ieee80211_txq *txq = sta->sta.txq[tid]; + struct txq_info *txqi = to_txq_info(txq); - ieee80211_unschedule_txq(&local->hw, txq, false); + spin_lock(&local->active_txq_lock[txq->ac]); + if (!list_empty(&txqi->schedule_order)) + list_del_init(&txqi->schedule_order); + spin_unlock(&local->active_txq_lock[txq->ac]); if (txq_has_queue(txq)) set_bit(tid, &sta->txq_buffered_tids); @@ -1983,6 +1992,7 @@ if (mmie_keyidx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS || mmie_keyidx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS + NUM_DEFAULT_BEACON_KEYS) { + if (rx->sdata->dev) cfg80211_rx_unprot_mlme_mgmt(rx->sdata->dev, skb->data, skb->len); @@ -2133,7 +2143,8 @@ /* either the frame has been decrypted or will be dropped */ status->flag |= RX_FLAG_DECRYPTED; - if (unlikely(ieee80211_is_beacon(fc) && result == RX_DROP_UNUSABLE)) + if (unlikely(ieee80211_is_beacon(fc) && result == RX_DROP_UNUSABLE && + rx->sdata->dev)) cfg80211_rx_unprot_mlme_mgmt(rx->sdata->dev, skb->data, skb->len); @@ -2904,9 +2915,11 @@ mpp_path_add(sdata, proxied_addr, mpp_addr); } else { spin_lock_bh(&mppath->state_lock); - if (!ether_addr_equal(mppath->mpp, mpp_addr)) + if (!ether_addr_equal(mppath->mpp, mpp_addr) && + !(mppath->flags & MESH_PATH_FIXED)) { memcpy(mppath->mpp, mpp_addr, ETH_ALEN); mppath->exp_time = jiffies; + } spin_unlock_bh(&mppath->state_lock); } rcu_read_unlock(); @@ -2944,6 +2957,7 @@ if (!fwd_skb) goto out; + fwd_skb->dev = sdata->dev; fwd_hdr = (struct ieee80211_hdr *) fwd_skb->data; fwd_hdr->frame_control &= ~cpu_to_le16(IEEE80211_FCTL_RETRY); info = IEEE80211_SKB_CB(fwd_skb); @@ -2971,6 +2985,7 @@ } IEEE80211_IFSTA_MESH_CTR_INC(ifmsh, fwded_frames); + fwd_skb->dev = sdata->dev; ieee80211_add_pending_skb(local, fwd_skb); out: if (is_multicast_ether_addr(hdr->addr1)) @@ -3217,10 +3232,7 @@ ieee80211_process_rx_twt_action(struct ieee80211_rx_data *rx) { struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)rx->skb->data; - struct ieee80211_rx_status *status = IEEE80211_SKB_RXCB(rx->skb); struct ieee80211_sub_if_data *sdata = rx->sdata; - const struct ieee80211_sta_he_cap *hecap; - struct ieee80211_supported_band *sband; /* TWT actions are only supported in AP for the moment */ if (sdata->vif.type != NL80211_IFTYPE_AP) @@ -3229,14 +3241,7 @@ if (!rx->local->ops->add_twt_setup) return false; - sband = rx->local->hw.wiphy->bands[status->band]; - hecap = ieee80211_get_he_iftype_cap(sband, - ieee80211_vif_type_p2p(&sdata->vif)); - if (!hecap) - return false; - - if (!(hecap->he_cap_elem.mac_cap_info[0] & - IEEE80211_HE_MAC_CAP0_TWT_RES)) + if (!sdata->vif.bss_conf.twt_responder) return false; if (!rx->sta) @@ -4628,6 +4633,8 @@ /* do the header conversion - first grab the addresses */ ether_addr_copy(addrs.da, skb->data + fast_rx->da_offs); ether_addr_copy(addrs.sa, skb->data + fast_rx->sa_offs); + skb_postpull_rcsum(skb, skb->data + snap_offs, + sizeof(rfc1042_header) + 2); /* remove the SNAP but leave the ethertype */ skb_pull(skb, snap_offs + sizeof(rfc1042_header)); /* push the addresses in front */ @@ -4645,6 +4652,37 @@ return true; } +static bool ieee80211_check_frame_is_valid_to_process(struct ieee80211_rx_data *rx, + struct sk_buff *skb) +{ + struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; + struct ieee80211_sub_if_data *sdata = rx->sdata; + struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; + struct mplink_block_list_info *mp_blink; + __le16 fc; + + fc = ((struct ieee80211_hdr *)skb->data)->frame_control; + + if ((rx->sdata->vif.type == NL80211_IFTYPE_MESH_POINT) && + ieee80211_is_data(fc) && is_multicast_ether_addr(hdr->addr1)) { + spin_lock_bh(&ifmsh->mplink_blocking_list_lock); + list_for_each_entry(mp_blink, &ifmsh->mplink_blocking_list, list) { + if (ether_addr_equal(hdr->addr2, mp_blink->dst)) { + spin_unlock_bh(&ifmsh->mplink_blocking_list_lock); +/* Commented this temporarily, need to give the option to enable/disable at run time */ +#if 0 + print_hex_dump_bytes("skb_dump:", DUMP_PREFIX_NONE, + skb->data, skb->len); +#endif + return false; + } + } + spin_unlock_bh(&ifmsh->mplink_blocking_list_lock); + } + + return true; +} + /* * This function returns whether or not the SKB * was destined for RX processing or not, which, @@ -4657,6 +4695,9 @@ struct ieee80211_local *local = rx->local; struct ieee80211_sub_if_data *sdata = rx->sdata; + if (!ieee80211_check_frame_is_valid_to_process(rx, skb)) + return false; + rx->skb = skb; /* See if we can do fast-rx; if we have to copy we already lost, @@ -4898,7 +4939,7 @@ * The same happens when we're not even started, * but that's worth a warning. */ - if (WARN_ON(!local->started)) + if (!local->started) goto drop; if (likely(!(status->flag & RX_FLAG_FAILED_PLCP_CRC))) { diff -ruw linux-5.15.42/net/mac80211/scan.c linux-5.15.42-fbx/net/mac80211/scan.c --- linux-5.15.42/net/mac80211/scan.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/scan.c 2024-04-22 14:46:58.236277073 +0200 @@ -9,7 +9,7 @@ * Copyright 2007, Michael Wu * Copyright 2013-2015 Intel Mobile Communications GmbH * Copyright 2016-2017 Intel Deutschland GmbH - * Copyright (C) 2018-2020 Intel Corporation + * Copyright (C) 2018-2021 Intel Corporation */ #include @@ -155,7 +155,7 @@ }; bool signal_valid; struct ieee80211_sub_if_data *scan_sdata; - struct ieee802_11_elems elems; + struct ieee802_11_elems *elems; size_t baselen; u8 *elements; @@ -209,8 +209,9 @@ if (baselen > len) return NULL; - ieee802_11_parse_elems(elements, len - baselen, false, &elems, - mgmt->bssid, cbss->bssid); + elems = ieee802_11_parse_elems(elements, len - baselen, false, cbss); + if (!elems) + return NULL; /* In case the signal is invalid update the status */ signal_valid = channel == cbss->channel; @@ -218,13 +219,20 @@ rx_status->flag |= RX_FLAG_NO_SIGNAL_VAL; bss = (void *)cbss->priv; - ieee80211_update_bss_from_elems(local, bss, &elems, rx_status, beacon); + ieee80211_update_bss_from_elems(local, bss, elems, rx_status, beacon); + kfree(elems); list_for_each_entry(non_tx_cbss, &cbss->nontrans_list, nontrans_list) { non_tx_bss = (void *)non_tx_cbss->priv; - ieee80211_update_bss_from_elems(local, non_tx_bss, &elems, + elems = ieee802_11_parse_elems(elements, len - baselen, false, + non_tx_cbss); + if (!elems) + continue; + + ieee80211_update_bss_from_elems(local, non_tx_bss, elems, rx_status, beacon); + kfree(elems); } return bss; diff -ruw linux-5.15.42/net/mac80211/sta_info.c linux-5.15.42-fbx/net/mac80211/sta_info.c --- linux-5.15.42/net/mac80211/sta_info.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/sta_info.c 2024-04-22 14:46:58.236277073 +0200 @@ -309,9 +309,10 @@ return; local_bh_disable(); - if (!test_sta_flag(sta, WLAN_STA_PS_STA)) + if (!test_sta_flag(sta, WLAN_STA_PS_STA)) { + if (test_sta_flag(sta, WLAN_STA_PS_DELIVER)) ieee80211_sta_ps_deliver_wakeup(sta); - else if (test_and_clear_sta_flag(sta, WLAN_STA_PSPOLL)) + } else if (test_and_clear_sta_flag(sta, WLAN_STA_PSPOLL)) ieee80211_sta_ps_deliver_poll_response(sta); else if (test_and_clear_sta_flag(sta, WLAN_STA_UAPSD)) ieee80211_sta_ps_deliver_uapsd(sta); @@ -364,8 +365,7 @@ goto free; sta->mesh->plink_sta = sta; spin_lock_init(&sta->mesh->plink_lock); - if (ieee80211_vif_is_mesh(&sdata->vif) && - !sdata->u.mesh.user_mpm) + if (!sdata->u.mesh.user_mpm) timer_setup(&sta->mesh->plink_timer, mesh_plink_timer, 0); sta->mesh->nonpeer_pm = NL80211_MESH_POWER_ACTIVE; @@ -425,11 +425,15 @@ if (sta_prepare_rate_control(local, sta, gfp)) goto free_txq; + sta->airtime_weight = IEEE80211_DEFAULT_AIRTIME_WEIGHT; for (i = 0; i < IEEE80211_NUM_ACS; i++) { skb_queue_head_init(&sta->ps_tx_buf[i]); skb_queue_head_init(&sta->tx_filtered[i]); - init_airtime_info(&sta->airtime[i], &local->airtime[i]); + sta->airtime[i].deficit = sta->airtime_weight; + atomic_set(&sta->airtime[i].aql_tx_pending, 0); + sta->airtime[i].aql_limit_low = local->aql_txq_limit_low[i]; + sta->airtime[i].aql_limit_high = local->aql_txq_limit_high[i]; } for (i = 0; i < IEEE80211_NUM_TIDS; i++) @@ -444,6 +448,7 @@ switch (i) { case NL80211_BAND_2GHZ: + case NL80211_BAND_LC: /* * We use both here, even if we cannot really know for * sure the station will support both, but the only use @@ -641,13 +646,13 @@ /* check if STA exists already */ if (sta_info_get_bss(sdata, sta->sta.addr)) { err = -EEXIST; - goto out_err; + goto out_cleanup; } sinfo = kzalloc(sizeof(struct station_info), GFP_KERNEL); if (!sinfo) { err = -ENOMEM; - goto out_err; + goto out_cleanup; } local->num_sta++; @@ -664,6 +669,15 @@ list_add_tail_rcu(&sta->list, &local->sta_list); + /* update channel context before notifying the driver about state + * change, this enables driver using the updated channel context right away. + */ + if (sta->sta_state >= IEEE80211_STA_ASSOC) { + ieee80211_recalc_min_chandef(sta->sdata); + if (!sta->sta.support_p2p_ps) + ieee80211_recalc_p2p_go_ps_allowed(sta->sdata); + } + /* notify driver */ err = sta_info_insert_drv_state(local, sdata, sta); if (err) @@ -671,12 +685,6 @@ set_sta_flag(sta, WLAN_STA_INSERTED); - if (sta->sta_state >= IEEE80211_STA_ASSOC) { - ieee80211_recalc_min_chandef(sta->sdata); - if (!sta->sta.support_p2p_ps) - ieee80211_recalc_p2p_go_ps_allowed(sta->sdata); - } - /* accept BA sessions now */ clear_sta_flag(sta, WLAN_STA_BLOCK_BA); @@ -703,8 +711,8 @@ out_drop_sta: local->num_sta--; synchronize_net(); + out_cleanup: cleanup_single_sta(sta); - out_err: mutex_unlock(&local->sta_mtx); kfree(sinfo); rcu_read_lock(); @@ -1888,59 +1896,24 @@ } EXPORT_SYMBOL(ieee80211_sta_set_buffered); -void ieee80211_register_airtime(struct ieee80211_txq *txq, +void ieee80211_sta_register_airtime(struct ieee80211_sta *pubsta, u8 tid, u32 tx_airtime, u32 rx_airtime) { - struct ieee80211_sub_if_data *sdata = vif_to_sdata(txq->vif); - struct ieee80211_local *local = sdata->local; - u64 weight_sum, weight_sum_reciprocal; - struct airtime_sched_info *air_sched; - struct airtime_info *air_info; + struct sta_info *sta = container_of(pubsta, struct sta_info, sta); + struct ieee80211_local *local = sta->sdata->local; + u8 ac = ieee80211_ac_from_tid(tid); u32 airtime = 0; - air_sched = &local->airtime[txq->ac]; - air_info = to_airtime_info(txq); - - if (local->airtime_flags & AIRTIME_USE_TX) + if (sta->local->airtime_flags & AIRTIME_USE_TX) airtime += tx_airtime; - if (local->airtime_flags & AIRTIME_USE_RX) + if (sta->local->airtime_flags & AIRTIME_USE_RX) airtime += rx_airtime; - /* Weights scale so the unit weight is 256 */ - airtime <<= 8; - - spin_lock_bh(&air_sched->lock); - - air_info->tx_airtime += tx_airtime; - air_info->rx_airtime += rx_airtime; - - if (air_sched->weight_sum) { - weight_sum = air_sched->weight_sum; - weight_sum_reciprocal = air_sched->weight_sum_reciprocal; - } else { - weight_sum = air_info->weight; - weight_sum_reciprocal = air_info->weight_reciprocal; - } - - /* Round the calculation of global vt */ - air_sched->v_t += (u64)((airtime + (weight_sum >> 1)) * - weight_sum_reciprocal) >> IEEE80211_RECIPROCAL_SHIFT_64; - air_info->v_t += (u32)((airtime + (air_info->weight >> 1)) * - air_info->weight_reciprocal) >> IEEE80211_RECIPROCAL_SHIFT_32; - ieee80211_resort_txq(&local->hw, txq); - - spin_unlock_bh(&air_sched->lock); -} - -void ieee80211_sta_register_airtime(struct ieee80211_sta *pubsta, u8 tid, - u32 tx_airtime, u32 rx_airtime) -{ - struct ieee80211_txq *txq = pubsta->txq[tid]; - - if (!txq) - return; - - ieee80211_register_airtime(txq, tx_airtime, rx_airtime); + spin_lock_bh(&local->active_txq_lock[ac]); + sta->airtime[ac].tx_airtime += tx_airtime; + sta->airtime[ac].rx_airtime += rx_airtime; + sta->airtime[ac].deficit -= airtime; + spin_unlock_bh(&local->active_txq_lock[ac]); } EXPORT_SYMBOL(ieee80211_sta_register_airtime); @@ -1980,6 +1953,53 @@ tx_pending, 0); } +void ieee80211_sta_update_tp(struct ieee80211_local *local, + struct sta_info *sta, + struct sk_buff *skb, + u16 tx_time_est, + bool ack, int retry) +{ + unsigned long diff = 0; + struct ieee80211_sub_if_data *sdata = NULL; + u32 avg_busy = 0; + struct rate_control_ref *ref = NULL; + + if (!skb || !sta || !tx_time_est) + return; + + if (test_sta_flag(sta, WLAN_STA_RATE_CONTROL)) + ref = sta->rate_ctrl; + + if (ref && ref->ops->get_expected_throughput) + return; + + if (local->ops->get_expected_throughput) + return; + + sdata = sta->sdata; + avg_busy = ewma_avg_busy_read(&sdata->avg_busy); + tx_time_est += ack ? 4 : 0; + tx_time_est += retry ? retry * 2 : 2; + + sta->tx_stats.tp_tx_size += (skb->len * 8) * 1000; + sta->tx_stats.tp_tx_time_est += tx_time_est; + + diff = jiffies - sta->status_stats.last_tp_update; + if (diff > HZ / 10) { + sta->tx_stats.tp_tx_time_est += + div_u64(sta->tx_stats.tp_tx_time_est * (avg_busy >> 1), + 100); + + ewma_avg_est_tp_add(&sta->status_stats.avg_est_tp, + div_u64(sta->tx_stats.tp_tx_size, + sta->tx_stats.tp_tx_time_est)); + + sta->tx_stats.tp_tx_size = 0; + sta->tx_stats.tp_tx_time_est = 0; + sta->status_stats.last_tp_update = jiffies; + } +} + int sta_info_move_state(struct sta_info *sta, enum ieee80211_sta_state new_state) { @@ -2384,7 +2404,7 @@ } if (!(sinfo->filled & BIT_ULL(NL80211_STA_INFO_AIRTIME_WEIGHT))) { - sinfo->airtime_weight = sta->airtime[0].weight; + sinfo->airtime_weight = sta->airtime_weight; sinfo->filled |= BIT_ULL(NL80211_STA_INFO_AIRTIME_WEIGHT); } diff -ruw linux-5.15.42/net/mac80211/sta_info.h linux-5.15.42-fbx/net/mac80211/sta_info.h --- linux-5.15.42/net/mac80211/sta_info.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/sta_info.h 2024-04-22 14:46:58.236277073 +0200 @@ -124,6 +124,7 @@ #define HT_AGG_STATE_SENT_ADDBA 8 DECLARE_EWMA(avg_signal, 10, 8) +DECLARE_EWMA(avg_est_tp, 8, 16) enum ieee80211_agg_stop_reason { AGG_STOP_DECLINED, AGG_STOP_LOCAL_REQUEST, @@ -135,28 +136,27 @@ #define AIRTIME_USE_TX BIT(0) #define AIRTIME_USE_RX BIT(1) - struct airtime_info { u64 rx_airtime; u64 tx_airtime; - u64 v_t; - u64 last_scheduled; - struct list_head list; + s64 deficit; atomic_t aql_tx_pending; /* Estimated airtime for frames pending */ u32 aql_limit_low; u32 aql_limit_high; - u32 weight_reciprocal; - u16 weight; }; void ieee80211_sta_update_pending_airtime(struct ieee80211_local *local, struct sta_info *sta, u8 ac, u16 tx_airtime, bool tx_completed); -void ieee80211_register_airtime(struct ieee80211_txq *txq, - u32 tx_airtime, u32 rx_airtime); struct sta_info; +void ieee80211_sta_update_tp(struct ieee80211_local *local, + struct sta_info *sta, + struct sk_buff *skb, + u16 tx_time_est, + bool ack, int retry); + /** * struct tid_ampdu_tx - TID aggregation information (Tx). * @@ -176,6 +176,7 @@ * @failed_bar_ssn: ssn of the last failed BAR tx attempt * @bar_pending: BAR needs to be re-sent * @amsdu: support A-MSDU withing A-MDPU + * @ssn: starting sequence number of the session * * This structure's lifetime is managed by RCU, assignments to * the array holding it must hold the aggregation mutex. @@ -523,6 +524,7 @@ * @tid_seq: per-TID sequence numbers for sending to this STA * @airtime: per-AC struct airtime_info describing airtime statistics for this * station + * @airtime_weight: station weight for airtime fairness calculation purposes * @ampdu_mlme: A-MPDU state machine state * @mesh: mesh STA information * @debugfs_dir: debug filesystem directory dentry @@ -566,6 +568,7 @@ * @status_stats.last_ack_signal: last ACK signal * @status_stats.ack_signal_filled: last ACK signal validity * @status_stats.avg_ack_signal: average ACK signal + * @status_stats.avg_est_tp: average expected throughput * @frags: fragment cache */ struct sta_info { @@ -640,6 +643,8 @@ s8 last_ack_signal; bool ack_signal_filled; struct ewma_avg_signal avg_ack_signal; + struct ewma_avg_est_tp avg_est_tp; + unsigned long last_tp_update; } status_stats; /* Updated from TX path only, no locking requirements */ @@ -649,10 +654,13 @@ struct ieee80211_tx_rate last_rate; struct rate_info last_rate_info; u64 msdu[IEEE80211_NUM_TIDS + 1]; + u64 tp_tx_size; + u64 tp_tx_time_est; } tx_stats; u16 tid_seq[IEEE80211_QOS_CTL_TID_MASK + 1]; struct airtime_info airtime[IEEE80211_NUM_ACS]; + u16 airtime_weight; /* * Aggregation information, locked with lock. diff -ruw linux-5.15.42/net/mac80211/status.c linux-5.15.42-fbx/net/mac80211/status.c --- linux-5.15.42/net/mac80211/status.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/status.c 2024-04-22 14:46:58.236277073 +0200 @@ -5,6 +5,7 @@ * Copyright 2006-2007 Jiri Benc * Copyright 2008-2010 Johannes Berg * Copyright 2013-2014 Intel Mobile Communications GmbH + * Copyright 2021-2022 Intel Corporation */ #include @@ -628,6 +629,8 @@ u64 cookie = IEEE80211_SKB_CB(skb)->ack.cookie; struct ieee80211_sub_if_data *sdata; struct ieee80211_hdr *hdr = (void *)skb->data; + bool is_valid_ack_signal = + !!(info->status.flags & IEEE80211_TX_STATUS_ACK_SIGNAL_VALID); rcu_read_lock(); sdata = ieee80211_sdata_from_skb(local, skb); @@ -644,7 +647,7 @@ cfg80211_probe_status(sdata->dev, hdr->addr1, cookie, acked, info->status.ack_signal, - info->status.is_valid_ack_signal, + is_valid_ack_signal, GFP_ATOMIC); else if (ieee80211_is_mgmt(hdr->frame_control)) cfg80211_mgmt_tx_status(&sdata->wdev, cookie, @@ -754,7 +757,6 @@ */ #define STA_LOST_PKT_THRESHOLD 50 #define STA_LOST_PKT_TIME HZ /* 1 sec since last ACK */ -#define STA_LOST_TDLS_PKT_THRESHOLD 10 #define STA_LOST_TDLS_PKT_TIME (10*HZ) /* 10secs since last ACK */ static void ieee80211_lost_packet(struct sta_info *sta, @@ -781,7 +783,7 @@ } /* - * If we're in TDLS mode, make sure that all STA_LOST_TDLS_PKT_THRESHOLD + * If we're in TDLS mode, make sure that all STA_LOST_PKT_THRESHOLD * of the last packets were lost, and that no ACK was received in the * last STA_LOST_TDLS_PKT_TIME ms, before triggering the CQM packet-loss * mechanism. @@ -904,11 +906,13 @@ struct ieee80211_bar *bar; int shift = 0; int tid = IEEE80211_NUM_TIDS; + bool ack_requested; + ack_requested = !(info->flags & IEEE80211_TX_CTL_NO_ACK); sband = local->hw.wiphy->bands[info->band]; fc = hdr->frame_control; - if (status->sta) { + if (status->sta && ack_requested) { sta = container_of(status->sta, struct sta_info, sta); shift = ieee80211_vif_get_shift(&sta->sdata->vif); @@ -983,25 +987,6 @@ if (!(info->flags & IEEE80211_TX_CTL_INJECTED) && acked) ieee80211_frame_acked(sta, skb); - } else if (wiphy_ext_feature_isset(local->hw.wiphy, - NL80211_EXT_FEATURE_AIRTIME_FAIRNESS)) { - struct ieee80211_sub_if_data *sdata; - struct ieee80211_txq *txq; - u32 airtime; - - /* Account airtime to multicast queue */ - sdata = ieee80211_sdata_from_skb(local, skb); - - if (sdata && (txq = sdata->vif.txq)) { - airtime = info->status.tx_time ?: - ieee80211_calc_expected_tx_airtime(hw, - &sdata->vif, - NULL, - skb->len, - false); - - ieee80211_register_airtime(txq, airtime, 0); - } } /* SNMP counters @@ -1102,8 +1087,9 @@ struct ieee80211_supported_band *sband; struct sta_info *sta = NULL; int rates_idx, retry_count; - bool acked, noack_success; + bool acked, noack_success, ack_signal_valid; u16 tx_time_est; + bool ack_requested; if (pubsta) { sta = container_of(pubsta, struct sta_info, sta); @@ -1131,10 +1117,15 @@ sband = hw->wiphy->bands[info->band]; + ack_requested = !(info->flags & IEEE80211_TX_CTL_NO_ACK); acked = !!(info->flags & IEEE80211_TX_STAT_ACK); noack_success = !!(info->flags & IEEE80211_TX_STAT_NOACK_TRANSMITTED); + ack_signal_valid = + !!(info->status.flags & IEEE80211_TX_STATUS_ACK_SIGNAL_VALID); - if (pubsta) { + ieee80211_sta_update_tp(local, sta, skb, tx_time_est, acked, retry_count); + + if (pubsta && ack_requested) { struct ieee80211_sub_if_data *sdata = sta->sdata; if (!acked && !noack_success) @@ -1161,7 +1152,7 @@ unlikely(sdata->u.mgd.probe_send_count > 0)) sdata->u.mgd.probe_send_count = 0; - if (info->status.is_valid_ack_signal) { + if (ack_signal_valid) { sta->status_stats.last_ack_signal = (s8)info->status.ack_signal; sta->status_stats.ack_signal_filled = true; diff -ruw linux-5.15.42/net/mac80211/tdls.c linux-5.15.42-fbx/net/mac80211/tdls.c --- linux-5.15.42/net/mac80211/tdls.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/tdls.c 2024-04-22 14:46:58.240277182 +0200 @@ -6,7 +6,7 @@ * Copyright 2014, Intel Corporation * Copyright 2014 Intel Mobile Communications GmbH * Copyright 2015 - 2016 Intel Deutschland GmbH - * Copyright (C) 2019 Intel Corporation + * Copyright (C) 2019, 2021 Intel Corporation */ #include @@ -1684,7 +1684,7 @@ struct sk_buff *skb) { struct ieee80211_local *local = sdata->local; - struct ieee802_11_elems elems; + struct ieee802_11_elems *elems = NULL; struct sta_info *sta; struct ieee80211_tdls_data *tf = (void *)skb->data; bool local_initiator; @@ -1718,16 +1718,20 @@ goto call_drv; } - ieee802_11_parse_elems(tf->u.chan_switch_resp.variable, - skb->len - baselen, false, &elems, - NULL, NULL); - if (elems.parse_error) { + elems = ieee802_11_parse_elems(tf->u.chan_switch_resp.variable, + skb->len - baselen, false, NULL); + if (!elems) { + ret = -ENOMEM; + goto out; + } + + if (elems->parse_error) { tdls_dbg(sdata, "Invalid IEs in TDLS channel switch resp\n"); ret = -EINVAL; goto out; } - if (!elems.ch_sw_timing || !elems.lnk_id) { + if (!elems->ch_sw_timing || !elems->lnk_id) { tdls_dbg(sdata, "TDLS channel switch resp - missing IEs\n"); ret = -EINVAL; goto out; @@ -1735,15 +1739,15 @@ /* validate the initiator is set correctly */ local_initiator = - !memcmp(elems.lnk_id->init_sta, sdata->vif.addr, ETH_ALEN); + !memcmp(elems->lnk_id->init_sta, sdata->vif.addr, ETH_ALEN); if (local_initiator == sta->sta.tdls_initiator) { tdls_dbg(sdata, "TDLS chan switch invalid lnk-id initiator\n"); ret = -EINVAL; goto out; } - params.switch_time = le16_to_cpu(elems.ch_sw_timing->switch_time); - params.switch_timeout = le16_to_cpu(elems.ch_sw_timing->switch_timeout); + params.switch_time = le16_to_cpu(elems->ch_sw_timing->switch_time); + params.switch_timeout = le16_to_cpu(elems->ch_sw_timing->switch_timeout); params.tmpl_skb = ieee80211_tdls_ch_sw_resp_tmpl_get(sta, ¶ms.ch_sw_tm_ie); @@ -1763,6 +1767,7 @@ out: mutex_unlock(&local->sta_mtx); dev_kfree_skb_any(params.tmpl_skb); + kfree(elems); return ret; } @@ -1771,7 +1776,7 @@ struct sk_buff *skb) { struct ieee80211_local *local = sdata->local; - struct ieee802_11_elems elems; + struct ieee802_11_elems *elems; struct cfg80211_chan_def chandef; struct ieee80211_channel *chan; enum nl80211_channel_type chan_type; @@ -1831,22 +1836,27 @@ return -EINVAL; } - ieee802_11_parse_elems(tf->u.chan_switch_req.variable, - skb->len - baselen, false, &elems, NULL, NULL); - if (elems.parse_error) { + elems = ieee802_11_parse_elems(tf->u.chan_switch_req.variable, + skb->len - baselen, false, NULL); + if (!elems) + return -ENOMEM; + + if (elems->parse_error) { tdls_dbg(sdata, "Invalid IEs in TDLS channel switch req\n"); - return -EINVAL; + ret = -EINVAL; + goto free; } - if (!elems.ch_sw_timing || !elems.lnk_id) { + if (!elems->ch_sw_timing || !elems->lnk_id) { tdls_dbg(sdata, "TDLS channel switch req - missing IEs\n"); - return -EINVAL; + ret = -EINVAL; + goto free; } - if (!elems.sec_chan_offs) { + if (!elems->sec_chan_offs) { chan_type = NL80211_CHAN_HT20; } else { - switch (elems.sec_chan_offs->sec_chan_offs) { + switch (elems->sec_chan_offs->sec_chan_offs) { case IEEE80211_HT_PARAM_CHA_SEC_ABOVE: chan_type = NL80211_CHAN_HT40PLUS; break; @@ -1865,7 +1875,8 @@ if (!cfg80211_reg_can_beacon_relax(sdata->local->hw.wiphy, &chandef, sdata->wdev.iftype)) { tdls_dbg(sdata, "TDLS chan switch to forbidden channel\n"); - return -EINVAL; + ret = -EINVAL; + goto free; } mutex_lock(&local->sta_mtx); @@ -1881,7 +1892,7 @@ /* validate the initiator is set correctly */ local_initiator = - !memcmp(elems.lnk_id->init_sta, sdata->vif.addr, ETH_ALEN); + !memcmp(elems->lnk_id->init_sta, sdata->vif.addr, ETH_ALEN); if (local_initiator == sta->sta.tdls_initiator) { tdls_dbg(sdata, "TDLS chan switch invalid lnk-id initiator\n"); ret = -EINVAL; @@ -1889,16 +1900,16 @@ } /* peer should have known better */ - if (!sta->sta.ht_cap.ht_supported && elems.sec_chan_offs && - elems.sec_chan_offs->sec_chan_offs) { + if (!sta->sta.ht_cap.ht_supported && elems->sec_chan_offs && + elems->sec_chan_offs->sec_chan_offs) { tdls_dbg(sdata, "TDLS chan switch - wide chan unsupported\n"); ret = -ENOTSUPP; goto out; } params.chandef = &chandef; - params.switch_time = le16_to_cpu(elems.ch_sw_timing->switch_time); - params.switch_timeout = le16_to_cpu(elems.ch_sw_timing->switch_timeout); + params.switch_time = le16_to_cpu(elems->ch_sw_timing->switch_time); + params.switch_timeout = le16_to_cpu(elems->ch_sw_timing->switch_timeout); params.tmpl_skb = ieee80211_tdls_ch_sw_resp_tmpl_get(sta, @@ -1917,6 +1928,8 @@ out: mutex_unlock(&local->sta_mtx); dev_kfree_skb_any(params.tmpl_skb); +free: + kfree(elems); return ret; } diff -ruw linux-5.15.42/net/mac80211/trace.h linux-5.15.42-fbx/net/mac80211/trace.h --- linux-5.15.42/net/mac80211/trace.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/trace.h 2024-04-22 14:46:58.240277182 +0200 @@ -2892,6 +2892,13 @@ ) ); +DEFINE_EVENT(sta_event, drv_net_fill_forward_path, + TP_PROTO(struct ieee80211_local *local, + struct ieee80211_sub_if_data *sdata, + struct ieee80211_sta *sta), + TP_ARGS(local, sdata, sta) +); + #endif /* !__MAC80211_DRIVER_TRACE || TRACE_HEADER_MULTI_READ */ #undef TRACE_INCLUDE_PATH diff -ruw linux-5.15.42/net/mac80211/tx.c linux-5.15.42-fbx/net/mac80211/tx.c --- linux-5.15.42/net/mac80211/tx.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/tx.c 2024-04-22 14:46:58.240277182 +0200 @@ -18,7 +18,6 @@ #include #include #include -#include #include #include #include @@ -146,7 +145,8 @@ rate = DIV_ROUND_UP(r->bitrate, 1 << shift); switch (sband->band) { - case NL80211_BAND_2GHZ: { + case NL80211_BAND_2GHZ: + case NL80211_BAND_LC: { u32 flag; if (tx->sdata->flags & IEEE80211_SDATA_OPERATING_GMODE) flag = IEEE80211_RATE_MANDATORY_G; @@ -1280,6 +1280,9 @@ (info->control.flags & IEEE80211_TX_CTRL_PS_RESPONSE)) return NULL; + if (unlikely(ieee80211_is_ctl(hdr->frame_control))) + return NULL; + if (!(info->flags & IEEE80211_TX_CTL_HW_80211_ENCAP) && unlikely(!ieee80211_is_data_present(hdr->frame_control))) { if ((!ieee80211_is_mgmt(hdr->frame_control) || @@ -1480,7 +1483,7 @@ codel_vars_init(&txqi->def_cvars); codel_stats_init(&txqi->cstats); __skb_queue_head_init(&txqi->frags); - RB_CLEAR_NODE(&txqi->schedule_order); + INIT_LIST_HEAD(&txqi->schedule_order); txqi->txq.vif = &sdata->vif; @@ -1524,7 +1527,9 @@ ieee80211_purge_tx_queue(&local->hw, &txqi->frags); spin_unlock_bh(&fq->lock); - ieee80211_unschedule_txq(&local->hw, &txqi->txq, true); + spin_lock_bh(&local->active_txq_lock[txqi->txq.ac]); + list_del_init(&txqi->schedule_order); + spin_unlock_bh(&local->active_txq_lock[txqi->txq.ac]); } void ieee80211_txq_set_params(struct ieee80211_local *local) @@ -3633,6 +3638,7 @@ struct ieee80211_tx_data tx; ieee80211_tx_result r; struct ieee80211_vif *vif = txq->vif; + struct rate_control_ref *ref = NULL; WARN_ON_ONCE(softirq_count() == 0); @@ -3791,8 +3797,13 @@ encap_out: IEEE80211_SKB_CB(skb)->control.vif = vif; + if (tx.sta && test_sta_flag(tx.sta, WLAN_STA_RATE_CONTROL)) + ref = tx.sta->rate_ctrl; + if (vif && - wiphy_ext_feature_isset(local->hw.wiphy, NL80211_EXT_FEATURE_AQL)) { + ((!local->ops->get_expected_throughput && + (!ref || !ref->ops->get_expected_throughput)) || + wiphy_ext_feature_isset(local->hw.wiphy, NL80211_EXT_FEATURE_AQL))) { bool ampdu = txq->ac != IEEE80211_AC_VO; u32 airtime; @@ -3819,259 +3830,102 @@ struct ieee80211_txq *ieee80211_next_txq(struct ieee80211_hw *hw, u8 ac) { struct ieee80211_local *local = hw_to_local(hw); - struct airtime_sched_info *air_sched; - u64 now = ktime_get_boottime_ns(); struct ieee80211_txq *ret = NULL; - struct airtime_info *air_info; - struct txq_info *txqi = NULL; - struct rb_node *node; - bool first = false; - - air_sched = &local->airtime[ac]; - spin_lock_bh(&air_sched->lock); + struct txq_info *txqi = NULL, *head = NULL; + bool found_eligible_txq = false; - node = air_sched->schedule_pos; + spin_lock_bh(&local->active_txq_lock[ac]); begin: - if (!node) { - node = rb_first_cached(&air_sched->active_txqs); - first = true; - } else { - node = rb_next(node); - } - - if (!node) + txqi = list_first_entry_or_null(&local->active_txqs[ac], + struct txq_info, + schedule_order); + if (!txqi) goto out; - txqi = container_of(node, struct txq_info, schedule_order); - air_info = to_airtime_info(&txqi->txq); - - if (air_info->v_t > air_sched->v_t && - (!first || !airtime_catchup_v_t(air_sched, air_info->v_t, now))) + if (txqi == head) { + if (!found_eligible_txq) goto out; - - if (!ieee80211_txq_airtime_check(hw, &txqi->txq)) { - first = false; - goto begin; - } - - air_sched->schedule_pos = node; - air_sched->last_schedule_activity = now; - ret = &txqi->txq; -out: - spin_unlock_bh(&air_sched->lock); - return ret; -} -EXPORT_SYMBOL(ieee80211_next_txq); - -static void __ieee80211_insert_txq(struct rb_root_cached *root, - struct txq_info *txqi) -{ - struct rb_node **new = &root->rb_root.rb_node; - struct airtime_info *old_air, *new_air; - struct rb_node *parent = NULL; - struct txq_info *__txqi; - bool leftmost = true; - - while (*new) { - parent = *new; - __txqi = rb_entry(parent, struct txq_info, schedule_order); - old_air = to_airtime_info(&__txqi->txq); - new_air = to_airtime_info(&txqi->txq); - - if (new_air->v_t <= old_air->v_t) { - new = &parent->rb_left; - } else { - new = &parent->rb_right; - leftmost = false; - } - } - - rb_link_node(&txqi->schedule_order, parent, new); - rb_insert_color_cached(&txqi->schedule_order, root, leftmost); -} - -void ieee80211_resort_txq(struct ieee80211_hw *hw, - struct ieee80211_txq *txq) -{ - struct airtime_info *air_info = to_airtime_info(txq); - struct ieee80211_local *local = hw_to_local(hw); - struct txq_info *txqi = to_txq_info(txq); - struct airtime_sched_info *air_sched; - - air_sched = &local->airtime[txq->ac]; - - lockdep_assert_held(&air_sched->lock); - - if (!RB_EMPTY_NODE(&txqi->schedule_order)) { - struct airtime_info *a_prev = NULL, *a_next = NULL; - struct txq_info *t_prev, *t_next; - struct rb_node *n_prev, *n_next; - - /* Erasing a node can cause an expensive rebalancing operation, - * so we check the previous and next nodes first and only remove - * and re-insert if the current node is not already in the - * correct position. - */ - if ((n_prev = rb_prev(&txqi->schedule_order)) != NULL) { - t_prev = container_of(n_prev, struct txq_info, - schedule_order); - a_prev = to_airtime_info(&t_prev->txq); - } - - if ((n_next = rb_next(&txqi->schedule_order)) != NULL) { - t_next = container_of(n_next, struct txq_info, - schedule_order); - a_next = to_airtime_info(&t_next->txq); - } - - if ((!a_prev || a_prev->v_t <= air_info->v_t) && - (!a_next || a_next->v_t > air_info->v_t)) - return; - - if (air_sched->schedule_pos == &txqi->schedule_order) - air_sched->schedule_pos = n_prev; - - rb_erase_cached(&txqi->schedule_order, - &air_sched->active_txqs); - RB_CLEAR_NODE(&txqi->schedule_order); - __ieee80211_insert_txq(&air_sched->active_txqs, txqi); - } + else + found_eligible_txq = false; } -void ieee80211_update_airtime_weight(struct ieee80211_local *local, - struct airtime_sched_info *air_sched, - u64 now, bool force) -{ - struct airtime_info *air_info, *tmp; - u64 weight_sum = 0; - - if (unlikely(!now)) - now = ktime_get_boottime_ns(); + if (!head) + head = txqi; - lockdep_assert_held(&air_sched->lock); + if (txqi->txq.sta) { + struct sta_info *sta = container_of(txqi->txq.sta, + struct sta_info, sta); + bool aql_check = ieee80211_txq_airtime_check(hw, &txqi->txq); + s64 deficit = sta->airtime[txqi->txq.ac].deficit; - if (!force && (air_sched->last_weight_update < - now - AIRTIME_ACTIVE_DURATION)) - return; + if (aql_check) + found_eligible_txq = true; - list_for_each_entry_safe(air_info, tmp, - &air_sched->active_list, list) { - if (airtime_is_active(air_info, now)) - weight_sum += air_info->weight; - else - list_del_init(&air_info->list); + if (deficit < 0) + sta->airtime[txqi->txq.ac].deficit += + sta->airtime_weight; + + if (deficit < 0 || !aql_check) { + list_move_tail(&txqi->schedule_order, + &local->active_txqs[txqi->txq.ac]); + goto begin; } - airtime_weight_sum_set(air_sched, weight_sum); - air_sched->last_weight_update = now; } -void ieee80211_schedule_txq(struct ieee80211_hw *hw, - struct ieee80211_txq *txq) - __acquires(txq_lock) __releases(txq_lock) -{ - struct ieee80211_local *local = hw_to_local(hw); - struct txq_info *txqi = to_txq_info(txq); - struct airtime_sched_info *air_sched; - u64 now = ktime_get_boottime_ns(); - struct airtime_info *air_info; - u8 ac = txq->ac; - bool was_active; - - air_sched = &local->airtime[ac]; - air_info = to_airtime_info(txq); - spin_lock_bh(&air_sched->lock); - was_active = airtime_is_active(air_info, now); - airtime_set_active(air_sched, air_info, now); - - if (!RB_EMPTY_NODE(&txqi->schedule_order)) + if (txqi->schedule_round == local->schedule_round[ac]) goto out; - /* If the station has been inactive for a while, catch up its v_t so it - * doesn't get indefinite priority; see comment above the definition of - * AIRTIME_MAX_BEHIND. - */ - if ((!was_active && air_info->v_t < air_sched->v_t) || - air_info->v_t < air_sched->v_t - AIRTIME_MAX_BEHIND) - air_info->v_t = air_sched->v_t; - - ieee80211_update_airtime_weight(local, air_sched, now, !was_active); - __ieee80211_insert_txq(&air_sched->active_txqs, txqi); + list_del_init(&txqi->schedule_order); + txqi->schedule_round = local->schedule_round[ac]; + ret = &txqi->txq; out: - spin_unlock_bh(&air_sched->lock); + spin_unlock_bh(&local->active_txq_lock[ac]); + return ret; } -EXPORT_SYMBOL(ieee80211_schedule_txq); +EXPORT_SYMBOL(ieee80211_next_txq); -static void __ieee80211_unschedule_txq(struct ieee80211_hw *hw, +void __ieee80211_schedule_txq(struct ieee80211_hw *hw, struct ieee80211_txq *txq, - bool purge) + bool force) { struct ieee80211_local *local = hw_to_local(hw); struct txq_info *txqi = to_txq_info(txq); - struct airtime_sched_info *air_sched; - struct airtime_info *air_info; - - air_sched = &local->airtime[txq->ac]; - air_info = to_airtime_info(&txqi->txq); - - lockdep_assert_held(&air_sched->lock); - - if (purge) { - list_del_init(&air_info->list); - ieee80211_update_airtime_weight(local, air_sched, 0, true); - } - - if (RB_EMPTY_NODE(&txqi->schedule_order)) - return; - - if (air_sched->schedule_pos == &txqi->schedule_order) - air_sched->schedule_pos = rb_prev(&txqi->schedule_order); - if (!purge) - airtime_set_active(air_sched, air_info, - ktime_get_boottime_ns()); + spin_lock_bh(&local->active_txq_lock[txq->ac]); - rb_erase_cached(&txqi->schedule_order, - &air_sched->active_txqs); - RB_CLEAR_NODE(&txqi->schedule_order); -} - -void ieee80211_unschedule_txq(struct ieee80211_hw *hw, - struct ieee80211_txq *txq, - bool purge) - __acquires(txq_lock) __releases(txq_lock) -{ - struct ieee80211_local *local = hw_to_local(hw); - - spin_lock_bh(&local->airtime[txq->ac].lock); - __ieee80211_unschedule_txq(hw, txq, purge); - spin_unlock_bh(&local->airtime[txq->ac].lock); + if (list_empty(&txqi->schedule_order) && + (force || !skb_queue_empty(&txqi->frags) || + txqi->tin.backlog_packets)) { + /* If airtime accounting is active, always enqueue STAs at the + * head of the list to ensure that they only get moved to the + * back by the airtime DRR scheduler once they have a negative + * deficit. A station that already has a negative deficit will + * get immediately moved to the back of the list on the next + * call to ieee80211_next_txq(). + */ + if (txqi->txq.sta && local->airtime_flags && + wiphy_ext_feature_isset(local->hw.wiphy, + NL80211_EXT_FEATURE_AIRTIME_FAIRNESS)) + list_add(&txqi->schedule_order, + &local->active_txqs[txq->ac]); + else + list_add_tail(&txqi->schedule_order, + &local->active_txqs[txq->ac]); } -void ieee80211_return_txq(struct ieee80211_hw *hw, - struct ieee80211_txq *txq, bool force) -{ - struct ieee80211_local *local = hw_to_local(hw); - struct txq_info *txqi = to_txq_info(txq); - - spin_lock_bh(&local->airtime[txq->ac].lock); - - if (!RB_EMPTY_NODE(&txqi->schedule_order) && !force && - !txq_has_queue(txq)) - __ieee80211_unschedule_txq(hw, txq, false); - - spin_unlock_bh(&local->airtime[txq->ac].lock); + spin_unlock_bh(&local->active_txq_lock[txq->ac]); } -EXPORT_SYMBOL(ieee80211_return_txq); +EXPORT_SYMBOL(__ieee80211_schedule_txq); DEFINE_STATIC_KEY_FALSE(aql_disable); bool ieee80211_txq_airtime_check(struct ieee80211_hw *hw, struct ieee80211_txq *txq) { - struct airtime_info *air_info = to_airtime_info(txq); + struct sta_info *sta; struct ieee80211_local *local = hw_to_local(hw); if (!wiphy_ext_feature_isset(local->hw.wiphy, NL80211_EXT_FEATURE_AQL)) @@ -4086,12 +3940,15 @@ if (unlikely(txq->tid == IEEE80211_NUM_TIDS)) return true; - if (atomic_read(&air_info->aql_tx_pending) < air_info->aql_limit_low) + sta = container_of(txq->sta, struct sta_info, sta); + if (atomic_read(&sta->airtime[txq->ac].aql_tx_pending) < + sta->airtime[txq->ac].aql_limit_low) return true; if (atomic_read(&local->aql_total_pending_airtime) < local->aql_threshold && - atomic_read(&air_info->aql_tx_pending) < air_info->aql_limit_high) + atomic_read(&sta->airtime[txq->ac].aql_tx_pending) < + sta->airtime[txq->ac].aql_limit_high) return true; return false; @@ -4101,59 +3958,60 @@ bool ieee80211_txq_may_transmit(struct ieee80211_hw *hw, struct ieee80211_txq *txq) { - struct txq_info *first_txqi = NULL, *txqi = to_txq_info(txq); struct ieee80211_local *local = hw_to_local(hw); - struct airtime_sched_info *air_sched; - struct airtime_info *air_info; - struct rb_node *node = NULL; - bool ret = false; - u64 now; - - - if (!ieee80211_txq_airtime_check(hw, txq)) - return false; + struct txq_info *iter, *tmp, *txqi = to_txq_info(txq); + struct sta_info *sta; + u8 ac = txq->ac; - air_sched = &local->airtime[txq->ac]; - spin_lock_bh(&air_sched->lock); + spin_lock_bh(&local->active_txq_lock[ac]); - if (RB_EMPTY_NODE(&txqi->schedule_order)) + if (!txqi->txq.sta) goto out; - now = ktime_get_boottime_ns(); + if (list_empty(&txqi->schedule_order)) + goto out; - /* Like in ieee80211_next_txq(), make sure the first station in the - * scheduling order is eligible for transmission to avoid starvation. - */ - node = rb_first_cached(&air_sched->active_txqs); - if (node) { - first_txqi = container_of(node, struct txq_info, - schedule_order); - air_info = to_airtime_info(&first_txqi->txq); + list_for_each_entry_safe(iter, tmp, &local->active_txqs[ac], + schedule_order) { + if (iter == txqi) + break; - if (air_sched->v_t < air_info->v_t) - airtime_catchup_v_t(air_sched, air_info->v_t, now); + if (!iter->txq.sta) { + list_move_tail(&iter->schedule_order, + &local->active_txqs[ac]); + continue; } - - air_info = to_airtime_info(&txqi->txq); - if (air_info->v_t <= air_sched->v_t) { - air_sched->last_schedule_activity = now; - ret = true; + sta = container_of(iter->txq.sta, struct sta_info, sta); + if (sta->airtime[ac].deficit < 0) + sta->airtime[ac].deficit += sta->airtime_weight; + list_move_tail(&iter->schedule_order, &local->active_txqs[ac]); } + sta = container_of(txqi->txq.sta, struct sta_info, sta); + if (sta->airtime[ac].deficit >= 0) + goto out; + + sta->airtime[ac].deficit += sta->airtime_weight; + list_move_tail(&txqi->schedule_order, &local->active_txqs[ac]); + spin_unlock_bh(&local->active_txq_lock[ac]); + + return false; out: - spin_unlock_bh(&air_sched->lock); - return ret; + if (!list_empty(&txqi->schedule_order)) + list_del_init(&txqi->schedule_order); + spin_unlock_bh(&local->active_txq_lock[ac]); + + return true; } EXPORT_SYMBOL(ieee80211_txq_may_transmit); void ieee80211_txq_schedule_start(struct ieee80211_hw *hw, u8 ac) { struct ieee80211_local *local = hw_to_local(hw); - struct airtime_sched_info *air_sched = &local->airtime[ac]; - spin_lock_bh(&air_sched->lock); - air_sched->schedule_pos = NULL; - spin_unlock_bh(&air_sched->lock); + spin_lock_bh(&local->active_txq_lock[ac]); + local->schedule_round[ac]++; + spin_unlock_bh(&local->active_txq_lock[ac]); } EXPORT_SYMBOL(ieee80211_txq_schedule_start); @@ -4189,12 +4047,10 @@ } ieee80211_aggr_check(sdata, sta, skb); - + sk_pacing_shift_update(skb->sk, sdata->local->hw.tx_sk_pacing_shift); if (sta) { struct ieee80211_fast_tx *fast_tx; - sk_pacing_shift_update(skb->sk, sdata->local->hw.tx_sk_pacing_shift); - fast_tx = rcu_dereference(sta->fast_tx); if (fast_tx && @@ -4288,6 +4144,9 @@ return false; if (sdata->wdev.use_4addr) return false; + if (ieee80211_hw_check(&sdata->local->hw, + APVLAN_NEED_MCAST_TO_UCAST)) + break; fallthrough; case NL80211_IFTYPE_AP: /* check runtime toggle for this bss */ @@ -4987,38 +4846,88 @@ return 0; } -static struct sk_buff * -__ieee80211_beacon_get(struct ieee80211_hw *hw, +static void +ieee80211_beacon_get_finish(struct ieee80211_hw *hw, struct ieee80211_vif *vif, struct ieee80211_mutable_offsets *offs, - bool is_template) + struct beacon_data *beacon, + struct sk_buff *skb, + struct ieee80211_chanctx_conf *chanctx_conf, + u16 csa_off_base) { struct ieee80211_local *local = hw_to_local(hw); - struct beacon_data *beacon = NULL; - struct sk_buff *skb = NULL; + struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); struct ieee80211_tx_info *info; - struct ieee80211_sub_if_data *sdata = NULL; enum nl80211_band band; struct ieee80211_tx_rate_control txrc; - struct ieee80211_chanctx_conf *chanctx_conf; - int csa_off_base = 0; - rcu_read_lock(); + /* CSA offsets */ + if (offs && beacon) { + u16 i; - sdata = vif_to_sdata(vif); - chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf); + for (i = 0; i < IEEE80211_MAX_CNTDWN_COUNTERS_NUM; i++) { + u16 csa_off = beacon->cntdwn_counter_offsets[i]; - if (!ieee80211_sdata_running(sdata) || !chanctx_conf) - goto out; + if (!csa_off) + continue; - if (offs) - memset(offs, 0, sizeof(*offs)); + offs->cntdwn_counter_offs[i] = csa_off_base + csa_off; + } + } - if (sdata->vif.type == NL80211_IFTYPE_AP) { + band = chanctx_conf->def.chan->band; + info = IEEE80211_SKB_CB(skb); + info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; + info->flags |= IEEE80211_TX_CTL_NO_ACK; + info->band = band; + + memset(&txrc, 0, sizeof(txrc)); + txrc.hw = hw; + txrc.sband = local->hw.wiphy->bands[band]; + txrc.bss_conf = &sdata->vif.bss_conf; + txrc.skb = skb; + txrc.reported_rate.idx = -1; + if (sdata->beacon_rate_set && sdata->beacon_rateidx_mask[band]) + txrc.rate_idx_mask = sdata->beacon_rateidx_mask[band]; + else + txrc.rate_idx_mask = sdata->rc_rateidx_mask[band]; + txrc.bss = true; + rate_control_get_rate(sdata, NULL, &txrc); + + info->control.vif = vif; + info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT | + IEEE80211_TX_CTL_ASSIGN_SEQ | + IEEE80211_TX_CTL_FIRST_FRAGMENT; +} + +static void +ieee80211_beacon_add_mbssid(struct sk_buff *skb, struct beacon_data *beacon) +{ + int i; + + if (!beacon->mbssid_ies) + return; + + for (i = 0; i < beacon->mbssid_ies->cnt; i++) + skb_put_data(skb, beacon->mbssid_ies->elem[i].data, + beacon->mbssid_ies->elem[i].len); +} + +static struct sk_buff * +ieee80211_beacon_get_ap(struct ieee80211_hw *hw, + struct ieee80211_vif *vif, + struct ieee80211_mutable_offsets *offs, + bool is_template, + struct beacon_data *beacon, + struct ieee80211_chanctx_conf *chanctx_conf) +{ + struct ieee80211_local *local = hw_to_local(hw); + struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); struct ieee80211_if_ap *ap = &sdata->u.ap; + struct sk_buff *skb = NULL; + u16 csa_off_base = 0; + int mbssid_len; - beacon = rcu_dereference(ap->beacon); - if (beacon) { if (beacon->cntdwn_counter_offsets[0]) { if (!is_template) ieee80211_beacon_update_cntdwn(vif); @@ -5026,40 +4935,78 @@ ieee80211_set_beacon_cntdwn(sdata, beacon); } - /* - * headroom, head length, - * tail length and maximum TIM length + /* headroom, head length, + * tail length, maximum TIM length and multiple BSSID length */ - skb = dev_alloc_skb(local->tx_headroom + - beacon->head_len + + mbssid_len = ieee80211_get_mbssid_beacon_len(beacon->mbssid_ies); + skb = dev_alloc_skb(local->tx_headroom + beacon->head_len + beacon->tail_len + 256 + - local->hw.extra_beacon_tailroom); + local->hw.extra_beacon_tailroom + mbssid_len); if (!skb) - goto out; + return NULL; skb_reserve(skb, local->tx_headroom); skb_put_data(skb, beacon->head, beacon->head_len); - ieee80211_beacon_add_tim(sdata, &ap->ps, skb, - is_template); + ieee80211_beacon_add_tim(sdata, &ap->ps, skb, is_template); if (offs) { offs->tim_offset = beacon->head_len; offs->tim_length = skb->len - beacon->head_len; offs->cntdwn_counter_offs[0] = beacon->cntdwn_counter_offsets[0]; + if (mbssid_len) { + ieee80211_beacon_add_mbssid(skb, beacon); + offs->mbssid_off = skb->len - mbssid_len; + } + /* for AP the csa offsets are from tail */ csa_off_base = skb->len; } if (beacon->tail) - skb_put_data(skb, beacon->tail, - beacon->tail_len); + skb_put_data(skb, beacon->tail, beacon->tail_len); if (ieee80211_beacon_protect(skb, local, sdata) < 0) + return NULL; + + ieee80211_beacon_get_finish(hw, vif, offs, beacon, skb, chanctx_conf, + csa_off_base); + return skb; +} + +static struct sk_buff * +__ieee80211_beacon_get(struct ieee80211_hw *hw, + struct ieee80211_vif *vif, + struct ieee80211_mutable_offsets *offs, + bool is_template) +{ + struct ieee80211_local *local = hw_to_local(hw); + struct beacon_data *beacon = NULL; + struct sk_buff *skb = NULL; + struct ieee80211_sub_if_data *sdata = NULL; + struct ieee80211_chanctx_conf *chanctx_conf; + + rcu_read_lock(); + + sdata = vif_to_sdata(vif); + chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf); + + if (!ieee80211_sdata_running(sdata) || !chanctx_conf) goto out; - } else + + if (offs) + memset(offs, 0, sizeof(*offs)); + + if (sdata->vif.type == NL80211_IFTYPE_AP) { + struct ieee80211_if_ap *ap = &sdata->u.ap; + + beacon = rcu_dereference(ap->beacon); + if (!beacon) goto out; + + skb = ieee80211_beacon_get_ap(hw, vif, offs, is_template, + beacon, chanctx_conf); } else if (sdata->vif.type == NL80211_IFTYPE_ADHOC) { struct ieee80211_if_ibss *ifibss = &sdata->u.ibss; struct ieee80211_hdr *hdr; @@ -5085,6 +5032,9 @@ hdr = (struct ieee80211_hdr *) skb->data; hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_BEACON); + + ieee80211_beacon_get_finish(hw, vif, offs, beacon, skb, + chanctx_conf, 0); } else if (ieee80211_vif_is_mesh(&sdata->vif)) { struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; @@ -5124,51 +5074,13 @@ } skb_put_data(skb, beacon->tail, beacon->tail_len); + ieee80211_beacon_get_finish(hw, vif, offs, beacon, skb, + chanctx_conf, 0); } else { WARN_ON(1); goto out; } - /* CSA offsets */ - if (offs && beacon) { - int i; - - for (i = 0; i < IEEE80211_MAX_CNTDWN_COUNTERS_NUM; i++) { - u16 csa_off = beacon->cntdwn_counter_offsets[i]; - - if (!csa_off) - continue; - - offs->cntdwn_counter_offs[i] = csa_off_base + csa_off; - } - } - - band = chanctx_conf->def.chan->band; - - info = IEEE80211_SKB_CB(skb); - - info->flags |= IEEE80211_TX_INTFL_DONT_ENCRYPT; - info->flags |= IEEE80211_TX_CTL_NO_ACK; - info->band = band; - - memset(&txrc, 0, sizeof(txrc)); - txrc.hw = hw; - txrc.sband = local->hw.wiphy->bands[band]; - txrc.bss_conf = &sdata->vif.bss_conf; - txrc.skb = skb; - txrc.reported_rate.idx = -1; - if (sdata->beacon_rate_set && sdata->beacon_rateidx_mask[band]) - txrc.rate_idx_mask = sdata->beacon_rateidx_mask[band]; - else - txrc.rate_idx_mask = sdata->rc_rateidx_mask[band]; - txrc.bss = true; - rate_control_get_rate(sdata, NULL, &txrc); - - info->control.vif = vif; - - info->flags |= IEEE80211_TX_CTL_CLEAR_PS_FILT | - IEEE80211_TX_CTL_ASSIGN_SEQ | - IEEE80211_TX_CTL_FIRST_FRAGMENT; out: rcu_read_unlock(); return skb; diff -ruw linux-5.15.42/net/mac80211/util.c linux-5.15.42-fbx/net/mac80211/util.c --- linux-5.15.42/net/mac80211/util.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/util.c 2024-04-22 14:46:58.240277182 +0200 @@ -301,7 +301,8 @@ local_bh_disable(); spin_lock(&fq->lock); - if (sdata->vif.type == NL80211_IFTYPE_AP) + if ((sdata->vif.type == NL80211_IFTYPE_AP) && + ieee80211_sdata_running(sdata)) ps = &sdata->bss->ps; sdata->vif.txqs_stopped[ac] = false; @@ -862,6 +863,19 @@ } } +void ieee80211_iterate_stations(struct ieee80211_hw *hw, + void (*iterator)(void *data, + struct ieee80211_sta *sta), + void *data) +{ + struct ieee80211_local *local = hw_to_local(hw); + + mutex_lock(&local->sta_mtx); + __iterate_stations(local, iterator, data); + mutex_unlock(&local->sta_mtx); +} +EXPORT_SYMBOL_GPL(ieee80211_iterate_stations); + void ieee80211_iterate_stations_atomic(struct ieee80211_hw *hw, void (*iterator)(void *data, struct ieee80211_sta *sta), @@ -960,8 +974,10 @@ } break; case WLAN_EID_EXT_HE_CAPABILITY: + if (ieee80211_he_capa_size_ok(data, len)) { elems->he_cap = data; elems->he_cap_len = len; + } break; case WLAN_EID_EXT_HE_OPERATION: if (len >= sizeof(*elems->he_operation) && @@ -993,23 +1009,34 @@ if (len >= sizeof(*elems->he_6ghz_capa)) elems->he_6ghz_capa = data; break; + case WLAN_EID_EXT_EHT_CAPABILITY: + if (ieee80211_eht_capa_size_ok(elems->he_cap, + data, len)) { + elems->eht_cap = data; + elems->eht_cap_len = len; + } + break; + case WLAN_EID_EXT_EHT_OPERATION: + if (ieee80211_eht_oper_size_ok(data, len)) + elems->eht_operation = data; + break; } } static u32 -_ieee802_11_parse_elems_crc(const u8 *start, size_t len, bool action, +_ieee802_11_parse_elems_full(struct ieee80211_elems_parse_params *params, struct ieee802_11_elems *elems, - u64 filter, u32 crc, const struct element *check_inherit) { const struct element *elem; - bool calc_crc = filter != 0; + bool calc_crc = params->filter != 0; DECLARE_BITMAP(seen_elems, 256); + u32 crc = params->crc; const u8 *ie; bitmap_zero(seen_elems, 256); - for_each_element(elem, start, len) { + for_each_element(elem, params->start, params->len) { bool elem_parse_failed; u8 id = elem->id; u8 elen = elem->datalen; @@ -1072,7 +1099,7 @@ break; } - if (calc_crc && id < 64 && (filter & (1ULL << id))) + if (calc_crc && id < 64 && (params->filter & (1ULL << id))) crc = crc32_be(crc, pos - 2, elen + 2); elem_parse_failed = false; @@ -1117,10 +1144,6 @@ } else elem_parse_failed = true; break; - case WLAN_EID_CHALLENGE: - elems->challenge = pos; - elems->challenge_len = elen; - break; case WLAN_EID_VENDOR_SPECIFIC: if (elen >= 4 && pos[0] == 0x00 && pos[1] == 0x50 && pos[2] == 0xf2) { @@ -1257,7 +1280,7 @@ elems->mesh_chansw_params_ie = (void *)pos; break; case WLAN_EID_WIDE_BW_CHANNEL_SWITCH: - if (!action || + if (!params->action || elen < sizeof(*elems->wide_bw_chansw_ie)) { elem_parse_failed = true; break; @@ -1265,7 +1288,7 @@ elems->wide_bw_chansw_ie = (void *)pos; break; case WLAN_EID_CHANNEL_SWITCH_WRAPPER: - if (action) { + if (params->action) { elem_parse_failed = true; break; } @@ -1392,7 +1415,7 @@ __set_bit(id, seen_elems); } - if (!for_each_element_completed(elem, start, len)) + if (!for_each_element_completed(elem, params->start, params->len)) elems->parse_error = true; return crc; @@ -1400,20 +1423,21 @@ static size_t ieee802_11_find_bssid_profile(const u8 *start, size_t len, struct ieee802_11_elems *elems, - u8 *transmitter_bssid, - u8 *bss_bssid, + struct cfg80211_bss *bss, u8 *nontransmitted_profile) { const struct element *elem, *sub; size_t profile_len = 0; bool found = false; - if (!bss_bssid || !transmitter_bssid) + if (!bss || !bss->transmitted_bss) return profile_len; for_each_element_id(elem, WLAN_EID_MULTIPLE_BSSID, start, len) { if (elem->datalen < 2) continue; + if (elem->data[0] < 1 || elem->data[0] > 8) + continue; for_each_element(sub, elem->data + 1, elem->datalen - 1) { u8 new_bssid[ETH_ALEN]; @@ -1450,11 +1474,11 @@ continue; } - cfg80211_gen_new_bssid(transmitter_bssid, + cfg80211_gen_new_bssid(bss->transmitted_bss->bssid, elem->data[0], index[2], new_bssid); - if (ether_addr_equal(new_bssid, bss_bssid)) { + if (ether_addr_equal(new_bssid, bss->bssid)) { found = true; elems->bssid_index_len = index[1]; elems->bssid_index = (void *)&index[2]; @@ -1466,40 +1490,99 @@ return found ? profile_len : 0; } -u32 ieee802_11_parse_elems_crc(const u8 *start, size_t len, bool action, - struct ieee802_11_elems *elems, - u64 filter, u32 crc, u8 *transmitter_bssid, - u8 *bss_bssid) +u32 ieee802_11_parse_mesh_vendor_elems(const u8 *start, size_t len, bool action, + struct ieee802_11_mesh_vendor_specific_elems *elems, + u64 filter, u32 crc, u8 type) { + size_t left = len; + const u8 *pos = start; + bool calc_crc = filter != 0; + + memset(elems, 0, sizeof(*elems)); + elems->parse_error = true; + + while (left >= 2) { + u8 id, elen; + + id = *pos++; + elen = *pos++; + left -= 2; + + if (elen > left) + break; + + if (calc_crc && id < 64 && (filter & (1ULL << id))) + crc = crc32_be(crc, pos - 2, elen + 2); + + switch (id) { + case WLAN_EID_VENDOR_SPECIFIC: + if (elen >= 4 && pos[0] == 0xC0 && pos[1] == 0xFF && + pos[2] == 0xEE && pos[3] == type) { + /* Qubercomm OUI (C0:FF:EE) */ + + if (calc_crc) + crc = crc32_be(crc, pos - 2, elen + 2); + + elems->ie_start = pos; + elems->ie_len = elen; + elems->parse_error = false; + } + break; + default: + break; + } + + if (elems->parse_error == false) + break; + + left -= elen; + pos += elen; + } + + return crc; +} +EXPORT_SYMBOL(ieee802_11_parse_mesh_vendor_elems); + +struct ieee802_11_elems * +ieee802_11_parse_elems_full(struct ieee80211_elems_parse_params *params) +{ + struct ieee802_11_elems *elems; const struct element *non_inherit = NULL; u8 *nontransmitted_profile; int nontransmitted_profile_len = 0; + size_t scratch_len = params->len; - memset(elems, 0, sizeof(*elems)); - elems->ie_start = start; - elems->total_len = len; + elems = kzalloc(sizeof(*elems) + scratch_len, GFP_ATOMIC); + if (!elems) + return NULL; + elems->ie_start = params->start; + elems->total_len = params->len; + elems->scratch_len = scratch_len; + elems->scratch_pos = elems->scratch; - nontransmitted_profile = kmalloc(len, GFP_ATOMIC); - if (nontransmitted_profile) { + nontransmitted_profile = elems->scratch_pos; nontransmitted_profile_len = - ieee802_11_find_bssid_profile(start, len, elems, - transmitter_bssid, - bss_bssid, + ieee802_11_find_bssid_profile(params->start, params->len, + elems, params->bss, nontransmitted_profile); - non_inherit = - cfg80211_find_ext_elem(WLAN_EID_EXT_NON_INHERITANCE, + elems->scratch_pos += nontransmitted_profile_len; + elems->scratch_len -= nontransmitted_profile_len; + non_inherit = cfg80211_find_ext_elem(WLAN_EID_EXT_NON_INHERITANCE, nontransmitted_profile, nontransmitted_profile_len); - } - crc = _ieee802_11_parse_elems_crc(start, len, action, elems, filter, - crc, non_inherit); + elems->crc = _ieee802_11_parse_elems_full(params, elems, non_inherit); /* Override with nontransmitted profile, if found */ - if (nontransmitted_profile_len) - _ieee802_11_parse_elems_crc(nontransmitted_profile, - nontransmitted_profile_len, - action, elems, 0, 0, NULL); + if (nontransmitted_profile_len) { + struct ieee80211_elems_parse_params sub = { + .start = nontransmitted_profile, + .len = nontransmitted_profile_len, + .action = params->action, + }; + + _ieee802_11_parse_elems_full(&sub, elems, NULL); + } if (elems->tim && !elems->parse_error) { const struct ieee80211_tim_ie *tim_ie = elems->tim; @@ -1519,9 +1602,7 @@ offsetofend(struct ieee80211_bssid_index, dtim_count)) elems->dtim_count = elems->bssid_index->dtim_count; - kfree(nontransmitted_profile); - - return crc; + return elems; } void ieee80211_regulatory_limit_wmm_params(struct ieee80211_sub_if_data *sdata, @@ -1784,6 +1865,7 @@ struct ieee80211_local *local = sdata->local; struct ieee80211_supported_band *sband; const struct ieee80211_sta_he_cap *he_cap; + const struct ieee80211_sta_eht_cap *eht_cap; u8 *pos = buffer, *end = buffer + buffer_len; size_t noffset; int supp_rates_len, i; @@ -1964,6 +2046,18 @@ goto out_err; } + eht_cap = ieee80211_get_eht_iftype_cap(sband, + ieee80211_vif_type_p2p(&sdata->vif)); + + if (eht_cap && + cfg80211_any_usable_channels(local->hw.wiphy, BIT(sband->band), + IEEE80211_CHAN_NO_HE | + IEEE80211_CHAN_NO_EHT)) { + pos = ieee80211_ie_build_eht_cap(pos, he_cap, eht_cap, end); + if (!pos) + goto out_err; + } + if (cfg80211_any_usable_channels(local->hw.wiphy, BIT(NL80211_BAND_6GHZ), IEEE80211_CHAN_NO_HE)) { @@ -2066,7 +2160,7 @@ chandef.chan = chan; skb = ieee80211_probereq_get(&local->hw, src, ssid, ssid_len, - 100 + ie_len); + local->scan_ies_len + ie_len); if (!skb) return NULL; @@ -2306,6 +2400,7 @@ struct cfg80211_sched_scan_request *sched_scan_req; bool sched_scan_stopped = false; bool suspended = local->suspended; + bool in_reconfig = false; /* nothing to do if HW shouldn't run */ if (!local->open_count) @@ -2649,7 +2744,15 @@ mutex_unlock(&local->sta_mtx); } + /* + * If this is for hw restart things are still running. + * We may want to change that later, however. + */ + if (local->open_count && (!suspended || reconfig_due_to_wowlan)) + drv_reconfig_complete(local, IEEE80211_RECONFIG_TYPE_RESTART); + if (local->in_reconfig) { + in_reconfig = local->in_reconfig; local->in_reconfig = false; barrier(); @@ -2667,12 +2770,14 @@ IEEE80211_QUEUE_STOP_REASON_SUSPEND, false); - /* - * If this is for hw restart things are still running. - * We may want to change that later, however. - */ - if (local->open_count && (!suspended || reconfig_due_to_wowlan)) - drv_reconfig_complete(local, IEEE80211_RECONFIG_TYPE_RESTART); + if (in_reconfig) { + list_for_each_entry(sdata, &local->interfaces, list) { + if (!ieee80211_sdata_running(sdata)) + continue; + if (sdata->vif.type == NL80211_IFTYPE_STATION) + ieee80211_sta_restart(sdata); + } + } if (!suspended) return 0; @@ -2703,7 +2808,7 @@ return 0; } -void ieee80211_resume_disconnect(struct ieee80211_vif *vif) +static void ieee80211_reconfig_disconnect(struct ieee80211_vif *vif, u8 flag) { struct ieee80211_sub_if_data *sdata; struct ieee80211_local *local; @@ -2715,19 +2820,35 @@ sdata = vif_to_sdata(vif); local = sdata->local; - if (WARN_ON(!local->resuming)) + if (WARN_ON(flag & IEEE80211_SDATA_DISCONNECT_RESUME && + !local->resuming)) + return; + + if (WARN_ON(flag & IEEE80211_SDATA_DISCONNECT_HW_RESTART && + !local->in_reconfig)) return; if (WARN_ON(vif->type != NL80211_IFTYPE_STATION)) return; - sdata->flags |= IEEE80211_SDATA_DISCONNECT_RESUME; + sdata->flags |= flag; mutex_lock(&local->key_mtx); list_for_each_entry(key, &sdata->key_list, list) key->flags |= KEY_FLAG_TAINTED; mutex_unlock(&local->key_mtx); } + +void ieee80211_hw_restart_disconnect(struct ieee80211_vif *vif) +{ + ieee80211_reconfig_disconnect(vif, IEEE80211_SDATA_DISCONNECT_HW_RESTART); +} +EXPORT_SYMBOL_GPL(ieee80211_hw_restart_disconnect); + +void ieee80211_resume_disconnect(struct ieee80211_vif *vif) +{ + ieee80211_reconfig_disconnect(vif, IEEE80211_SDATA_DISCONNECT_RESUME); +} EXPORT_SYMBOL_GPL(ieee80211_resume_disconnect); void ieee80211_recalc_smps(struct ieee80211_sub_if_data *sdata) @@ -3058,6 +3179,10 @@ else ht_oper->ht_param = IEEE80211_HT_PARAM_CHA_SEC_BELOW; break; + case NL80211_CHAN_WIDTH_320: + /* HT information element should not be included on 6GHz */ + WARN_ON(1); + return pos; default: ht_oper->ht_param = IEEE80211_HT_PARAM_CHA_SEC_NONE; break; @@ -3097,6 +3222,10 @@ case NL80211_CHAN_WIDTH_80P80: *pos++ = IEEE80211_VHT_CHANWIDTH_80P80MHZ; break; + case NL80211_CHAN_WIDTH_320: + /* The behavior is not defined for 320 MHz channels */ + WARN_ON(1); + fallthrough; default: *pos++ = IEEE80211_VHT_CHANWIDTH_USE_HT; } @@ -3149,6 +3278,10 @@ case NL80211_CHAN_WIDTH_80: vht_oper->chan_width = IEEE80211_VHT_CHANWIDTH_80MHZ; break; + case NL80211_CHAN_WIDTH_320: + /* VHT information element should not be included on 6GHz */ + WARN_ON(1); + return pos; default: vht_oper->chan_width = IEEE80211_VHT_CHANWIDTH_USE_HT; break; @@ -3209,6 +3342,13 @@ he_6ghz_op->ccfs1 = 0; switch (chandef->width) { + case NL80211_CHAN_WIDTH_320: + /* + * TODO: mesh operation is not defined over 6GHz 320 MHz + * channels. + */ + WARN_ON(1); + break; case NL80211_CHAN_WIDTH_160: /* Convert 160 MHz channel width to new style as interop * workaround. @@ -3264,7 +3404,6 @@ channel_type = NL80211_CHAN_HT40MINUS; break; default: - channel_type = NL80211_CHAN_NO_HT; return false; } @@ -3398,16 +3537,19 @@ bool ieee80211_chandef_he_6ghz_oper(struct ieee80211_sub_if_data *sdata, const struct ieee80211_he_operation *he_oper, + const struct ieee80211_eht_operation *eht_oper, struct cfg80211_chan_def *chandef) { struct ieee80211_local *local = sdata->local; struct ieee80211_supported_band *sband; enum nl80211_iftype iftype = ieee80211_vif_type_p2p(&sdata->vif); const struct ieee80211_sta_he_cap *he_cap; + const struct ieee80211_sta_eht_cap *eht_cap; struct cfg80211_chan_def he_chandef = *chandef; const struct ieee80211_he_6ghz_oper *he_6ghz_oper; - bool support_80_80, support_160; - u8 he_phy_cap; + struct ieee80211_bss_conf *bss_conf = &sdata->vif.bss_conf; + bool support_80_80, support_160, support_320; + u8 he_phy_cap, eht_phy_cap; u32 freq; if (chandef->chan->band != NL80211_BAND_6GHZ) @@ -3436,6 +3578,12 @@ return false; } + eht_cap = ieee80211_get_eht_iftype_cap(sband, iftype); + if (!eht_cap) { + sdata_info(sdata, "Missing iftype sband data/EHT cap"); + eht_oper = NULL; + } + he_6ghz_oper = ieee80211_he_6ghz_oper(he_oper); if (!he_6ghz_oper) { @@ -3445,11 +3593,30 @@ return false; } + /* + * The EHT operation IE does not contain the primary channel so the + * primary channel frequency should be taken from the 6 GHz operation + * information. + */ freq = ieee80211_channel_to_frequency(he_6ghz_oper->primary, NL80211_BAND_6GHZ); he_chandef.chan = ieee80211_get_channel(sdata->local->hw.wiphy, freq); switch (u8_get_bits(he_6ghz_oper->control, + IEEE80211_HE_6GHZ_OPER_CTRL_REG_INFO)) { + case IEEE80211_6GHZ_CTRL_REG_LPI_AP: + bss_conf->power_type = IEEE80211_REG_LPI_AP; + break; + case IEEE80211_6GHZ_CTRL_REG_SP_AP: + bss_conf->power_type = IEEE80211_REG_SP_AP; + break; + default: + bss_conf->power_type = IEEE80211_REG_UNSET_AP; + break; + } + + if (!eht_oper) { + switch (u8_get_bits(he_6ghz_oper->control, IEEE80211_HE_6GHZ_OPER_CTRL_CHANWIDTH)) { case IEEE80211_HE_6GHZ_OPER_CTRL_CHANWIDTH_20MHZ: he_chandef.width = NL80211_CHAN_WIDTH_20; @@ -3487,6 +3654,42 @@ ieee80211_channel_to_frequency(he_6ghz_oper->ccfs1, NL80211_BAND_6GHZ); } + } else { + eht_phy_cap = eht_cap->eht_cap_elem.phy_cap_info[0]; + support_320 = + eht_phy_cap & IEEE80211_EHT_PHY_CAP0_320MHZ_IN_6GHZ; + + switch (u8_get_bits(eht_oper->chan_width, + IEEE80211_EHT_OPER_CHAN_WIDTH)) { + case IEEE80211_EHT_OPER_CHAN_WIDTH_20MHZ: + he_chandef.width = NL80211_CHAN_WIDTH_20; + break; + case IEEE80211_EHT_OPER_CHAN_WIDTH_40MHZ: + he_chandef.width = NL80211_CHAN_WIDTH_40; + break; + case IEEE80211_EHT_OPER_CHAN_WIDTH_80MHZ: + he_chandef.width = NL80211_CHAN_WIDTH_80; + break; + case IEEE80211_EHT_OPER_CHAN_WIDTH_160MHZ: + if (support_160) + he_chandef.width = NL80211_CHAN_WIDTH_160; + else + he_chandef.width = NL80211_CHAN_WIDTH_80; + break; + case IEEE80211_EHT_OPER_CHAN_WIDTH_320MHZ: + if (support_320) + he_chandef.width = NL80211_CHAN_WIDTH_320; + else if (support_160) + he_chandef.width = NL80211_CHAN_WIDTH_160; + else + he_chandef.width = NL80211_CHAN_WIDTH_80; + break; + } + + he_chandef.center_freq1 = + ieee80211_channel_to_frequency(eht_oper->ccfs, + NL80211_BAND_6GHZ); + } if (!cfg80211_chandef_valid(&he_chandef)) { sdata_info(sdata, @@ -3957,6 +4160,15 @@ ret = IEEE80211_STA_DISABLE_80P80MHZ | IEEE80211_STA_DISABLE_160MHZ; break; + case NL80211_CHAN_WIDTH_320: + /* n_P20 */ + tmp = (150 + c->chan->center_freq - c->center_freq1) / 20; + /* n_P160 */ + tmp /= 80; + c->center_freq1 = c->center_freq1 - 80 + 160 * tmp; + c->width = NL80211_CHAN_WIDTH_160; + ret = IEEE80211_STA_DISABLE_320MHZ; + break; default: case NL80211_CHAN_WIDTH_20_NOHT: WARN_ON_ONCE(1); @@ -4349,6 +4561,32 @@ ps->dtim_count = dtim_count; } +void ieee80211_force_dtim(struct ieee80211_vif *vif, + unsigned int dtim_count) +{ + struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif); + u8 dtim_period = sdata->vif.bss_conf.dtim_period; + struct ps_data *ps; + + if (sdata->vif.type == NL80211_IFTYPE_AP || + sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { + if (!sdata->bss) + return; + + ps = &sdata->bss->ps; + } else if (ieee80211_vif_is_mesh(&sdata->vif)) { + ps = &sdata->u.mesh.ps; + } else { + return; + } + + if (WARN_ON_ONCE(dtim_count >= dtim_period)) + return; + + ps->dtim_count = dtim_count; +} +EXPORT_SYMBOL(ieee80211_force_dtim); + static u8 ieee80211_chanctx_radar_detect(struct ieee80211_local *local, struct ieee80211_chanctx *ctx) { @@ -4621,3 +4859,69 @@ return (u16) listen_interval; } + +u8 ieee80211_ie_len_eht_cap(struct ieee80211_sub_if_data *sdata, u8 iftype) +{ + const struct ieee80211_sta_he_cap *he_cap; + const struct ieee80211_sta_eht_cap *eht_cap; + struct ieee80211_supported_band *sband; + u8 n; + + sband = ieee80211_get_sband(sdata); + if (!sband) + return 0; + + he_cap = ieee80211_get_he_iftype_cap(sband, iftype); + eht_cap = ieee80211_get_eht_iftype_cap(sband, iftype); + if (!he_cap || !eht_cap) + return 0; + + n = ieee80211_eht_mcs_nss_size(&he_cap->he_cap_elem, + &eht_cap->eht_cap_elem); + return 2 + 1 + + sizeof(he_cap->he_cap_elem) + n + + ieee80211_eht_ppe_size(eht_cap->eht_ppe_thres[0], + eht_cap->eht_cap_elem.phy_cap_info); + return 0; +} + +u8 *ieee80211_ie_build_eht_cap(u8 *pos, + const struct ieee80211_sta_he_cap *he_cap, + const struct ieee80211_sta_eht_cap *eht_cap, + u8 *end) +{ + u8 mcs_nss_len, ppet_len; + u8 ie_len; + u8 *orig_pos = pos; + + /* Make sure we have place for the IE */ + if (!he_cap || !eht_cap) + return orig_pos; + + mcs_nss_len = ieee80211_eht_mcs_nss_size(&he_cap->he_cap_elem, + &eht_cap->eht_cap_elem); + ppet_len = ieee80211_eht_ppe_size(eht_cap->eht_ppe_thres[0], + eht_cap->eht_cap_elem.phy_cap_info); + + ie_len = 2 + 1 + sizeof(eht_cap->eht_cap_elem) + mcs_nss_len + ppet_len; + if ((end - pos) < ie_len) + return orig_pos; + + *pos++ = WLAN_EID_EXTENSION; + *pos++ = ie_len - 2; + *pos++ = WLAN_EID_EXT_EHT_CAPABILITY; + + /* Fixed data */ + memcpy(pos, &eht_cap->eht_cap_elem, sizeof(eht_cap->eht_cap_elem)); + pos += sizeof(eht_cap->eht_cap_elem); + + memcpy(pos, &eht_cap->eht_mcs_nss_supp, mcs_nss_len); + pos += mcs_nss_len; + + if (ppet_len) { + memcpy(pos, &eht_cap->eht_ppe_thres, ppet_len); + pos += ppet_len; + } + + return pos; +} diff -ruw linux-5.15.42/net/mac80211/vht.c linux-5.15.42-fbx/net/mac80211/vht.c --- linux-5.15.42/net/mac80211/vht.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/vht.c 2024-04-22 14:46:58.240277182 +0200 @@ -4,7 +4,7 @@ * * Portions of this file * Copyright(c) 2015 - 2016 Intel Deutschland GmbH - * Copyright (C) 2018 - 2020 Intel Corporation + * Copyright (C) 2018 - 2021 Intel Corporation */ #include @@ -230,9 +230,11 @@ sizeof(struct ieee80211_vht_mcs_info)); /* copy EXT_NSS_BW Support value or remove the capability */ - if (ieee80211_hw_check(&sdata->local->hw, SUPPORTS_VHT_EXT_NSS_BW)) + if (ieee80211_hw_check(&sdata->local->hw, SUPPORTS_VHT_EXT_NSS_BW)) { + vht_cap->cap |= cap_info & + IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK; vht_cap->cap |= (cap_info & IEEE80211_VHT_CAP_EXT_NSS_BW_MASK); - else + } else vht_cap->vht_mcs.tx_highest &= ~cpu_to_le16(IEEE80211_VHT_EXT_NSS_BW_CAPABLE); @@ -329,15 +331,27 @@ } } -/* FIXME: move this to some better location - parses HE now */ +/* FIXME: move this to some better location - parses HE/EHT now */ enum ieee80211_sta_rx_bandwidth ieee80211_sta_cap_rx_bw(struct sta_info *sta) { struct ieee80211_sta_vht_cap *vht_cap = &sta->sta.vht_cap; struct ieee80211_sta_he_cap *he_cap = &sta->sta.he_cap; + struct ieee80211_sta_eht_cap *eht_cap = &sta->sta.eht_cap; u32 cap_width; if (he_cap->has_he) { - u8 info = he_cap->he_cap_elem.phy_cap_info[0]; + u8 info; + + if (eht_cap->has_eht && + sta->sdata->vif.bss_conf.chandef.chan->band == + NL80211_BAND_6GHZ) { + info = eht_cap->eht_cap_elem.phy_cap_info[0]; + + if (info & IEEE80211_EHT_PHY_CAP0_320MHZ_IN_6GHZ) + return IEEE80211_STA_RX_BW_320; + } + + info = he_cap->he_cap_elem.phy_cap_info[0]; if (sta->sdata->vif.bss_conf.chandef.chan->band == NL80211_BAND_2GHZ) { @@ -445,6 +459,8 @@ case NL80211_CHAN_WIDTH_160: case NL80211_CHAN_WIDTH_80P80: return IEEE80211_STA_RX_BW_160; + case NL80211_CHAN_WIDTH_320: + return IEEE80211_STA_RX_BW_320; default: WARN_ON_ONCE(1); return IEEE80211_STA_RX_BW_20; @@ -483,13 +499,24 @@ void ieee80211_sta_set_rx_nss(struct sta_info *sta) { - u8 ht_rx_nss = 0, vht_rx_nss = 0, he_rx_nss = 0, rx_nss; + u8 ht_rx_nss = 0, vht_rx_nss = 0, he_rx_nss = 0, eht_rx_nss = 0, rx_nss; bool support_160; /* if we received a notification already don't overwrite it */ if (sta->sta.rx_nss) return; + if (sta->sta.eht_cap.has_eht) { + int i; + const u8 *rx_nss_mcs = (void *)&sta->sta.eht_cap.eht_mcs_nss_supp; + + /* get the max nss for EHT over all possible bandwidths and mcs */ + for (i = 0; i < sizeof(struct ieee80211_eht_mcs_nss_supp); i++) + eht_rx_nss = max_t(u8, eht_rx_nss, + u8_get_bits(rx_nss_mcs[i], + IEEE80211_EHT_MCS_NSS_RX)); + } + if (sta->sta.he_cap.has_he) { int i; u8 rx_mcs_80 = 0, rx_mcs_160 = 0; @@ -501,7 +528,7 @@ for (i = 7; i >= 0; i--) { u8 mcs_160 = (mcs_160_map >> (2 * i)) & 3; - if (mcs_160 != IEEE80211_VHT_MCS_NOT_SUPPORTED) { + if (mcs_160 != IEEE80211_HE_MCS_NOT_SUPPORTED) { rx_mcs_160 = i + 1; break; } @@ -509,7 +536,7 @@ for (i = 7; i >= 0; i--) { u8 mcs_80 = (mcs_80_map >> (2 * i)) & 3; - if (mcs_80 != IEEE80211_VHT_MCS_NOT_SUPPORTED) { + if (mcs_80 != IEEE80211_HE_MCS_NOT_SUPPORTED) { rx_mcs_80 = i + 1; break; } @@ -555,6 +582,7 @@ rx_nss = max(vht_rx_nss, ht_rx_nss); rx_nss = max(he_rx_nss, rx_nss); + rx_nss = max(eht_rx_nss, rx_nss); sta->sta.rx_nss = max_t(u8, 1, rx_nss); } diff -ruw linux-5.15.42/net/mac80211/wpa.c linux-5.15.42-fbx/net/mac80211/wpa.c --- linux-5.15.42/net/mac80211/wpa.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/mac80211/wpa.c 2024-04-22 14:46:58.240277182 +0200 @@ -449,7 +449,6 @@ (info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE)) return 0; - hdr = (struct ieee80211_hdr *) pos; pos += hdrlen; pn64 = atomic64_inc_return(&key->conf.tx_pn); @@ -686,7 +685,6 @@ (info->control.hw_key->flags & IEEE80211_KEY_FLAG_PUT_IV_SPACE)) return 0; - hdr = (struct ieee80211_hdr *)pos; pos += hdrlen; pn64 = atomic64_inc_return(&key->conf.tx_pn); @@ -881,8 +879,6 @@ if (skb_linearize(rx->skb)) return RX_DROP_UNUSABLE; - hdr = (struct ieee80211_hdr *)rx->skb->data; - rx_pn = key->u.gen.rx_pn[qos_tid]; skb_pn = rx->skb->data + hdrlen + cs->pn_off; diff -ruw linux-5.15.42/net/netfilter/Kconfig linux-5.15.42-fbx/net/netfilter/Kconfig --- linux-5.15.42/net/netfilter/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/netfilter/Kconfig 2024-04-22 14:46:58.256277619 +0200 @@ -348,6 +348,7 @@ config NF_CONNTRACK_SIP tristate "SIP protocol support" default m if NETFILTER_ADVANCED=n + select CRYPTO_LIB_SHA256 help SIP is an application-layer control protocol that can establish, modify, and terminate multimedia sessions (conferences) such as diff -ruw linux-5.15.42/net/netfilter/nf_conntrack_core.c linux-5.15.42-fbx/net/netfilter/nf_conntrack_core.c --- linux-5.15.42/net/netfilter/nf_conntrack_core.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/netfilter/nf_conntrack_core.c 2024-04-22 14:46:58.264277838 +0200 @@ -625,6 +625,14 @@ #endif } +#ifdef CONFIG_IP_FFN +extern void ip_ffn_ct_destroy(struct nf_conn *ct); +#endif + +#ifdef CONFIG_IPV6_FFN +extern void ipv6_ffn_ct_destroy(struct nf_conn *ct); +#endif + void nf_ct_destroy(struct nf_conntrack *nfct) { struct nf_conn *ct = (struct nf_conn *)nfct; @@ -632,6 +640,15 @@ pr_debug("%s(%p)\n", __func__, ct); WARN_ON(refcount_read(&nfct->use) != 0); +#ifdef CONFIG_IP_FFN + if (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num == AF_INET) + ip_ffn_ct_destroy(ct); +#endif +#ifdef CONFIG_IPV6_FFN + if (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num == AF_INET6) + ipv6_ffn_ct_destroy(ct); +#endif + if (unlikely(nf_ct_is_template(ct))) { nf_ct_tmpl_free(ct); return; diff -ruw linux-5.15.42/net/netfilter/nf_conntrack_ftp.c linux-5.15.42-fbx/net/netfilter/nf_conntrack_ftp.c --- linux-5.15.42/net/netfilter/nf_conntrack_ftp.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/netfilter/nf_conntrack_ftp.c 2024-04-22 14:46:58.264277838 +0200 @@ -27,6 +27,10 @@ #include #define HELPER_NAME "ftp" +#if defined(CONFIG_FREEBOX_BRIDGE) || defined(CONFIG_FREEBOX_BRIDGE_MODULE) +#include +#include +#endif MODULE_LICENSE("GPL"); MODULE_AUTHOR("Rusty Russell "); @@ -398,6 +402,17 @@ return NF_ACCEPT; } +#if defined(CONFIG_FREEBOX_BRIDGE) || defined(CONFIG_FREEBOX_BRIDGE_MODULE) + if (!ct_ftp_info->is_fbxbridge && skb->dev->fbx_bridge) { + struct fbxbridge *fbxbr; + + fbxbr = skb->dev->fbx_bridge; + ct_ftp_info->is_fbxbridge = 1; + ct_ftp_info->fbxbridge_remote = ntohl(fbxbr->br_remote_ipaddr); + ct_ftp_info->fbxbridge_wan = fbxbr->wan_ipaddr; + } +#endif + th = skb_header_pointer(skb, protoff, sizeof(_tcph), &_tcph); if (th == NULL) return NF_ACCEPT; @@ -487,6 +502,50 @@ * Doesn't matter unless NAT is happening. */ daddr = &ct->tuplehash[!dir].tuple.dst.u3; +#if defined(CONFIG_FREEBOX_BRIDGE) || defined(CONFIG_FREEBOX_BRIDGE_MODULE) + if (ct_ftp_info->is_fbxbridge && + search[dir][i].ftptype == NF_CT_FTP_PORT) { + unsigned long orig_ip_addr; + unsigned short orig_port; + char buffer[sizeof("nnn,nnn,nnn,nnn,nnn,nnn")]; + unsigned int len; + __be32 addr; + + /* kludge: if we are here, then this is a local pkt + * that has gone through internal fbxbridge snat. + * + * If we see a port command, then we mangle packet to + * change ip address given to the remote bridge + * address */ + + /* check address is packet is the one fbxbridge + * changed */ + orig_ip_addr = cmd.u3.ip; + if (orig_ip_addr != ct_ftp_info->fbxbridge_wan) + goto donttouch; + + /* now mangle the remote address */ + orig_port = cmd.u.tcp.port; + addr = ct_ftp_info->fbxbridge_remote; + len = sprintf(buffer, "%u,%u,%u,%u,%u,%u", + ((unsigned char *)&addr)[0], + ((unsigned char *)&addr)[1], + ((unsigned char *)&addr)[2], + ((unsigned char *)&addr)[3], + orig_port >> 8 , orig_port & 0xFF); + + nf_nat_mangle_tcp_packet(skb, ct, ctinfo, matchoff, + matchlen, buffer, len); + + /* then adjust as if nothing happened */ + matchlen = len; + cmd.u3.ip = ct_ftp_info->fbxbridge_remote; + } +donttouch: + +#endif + + /* Update the ftp info */ if ((cmd.l3num == nf_ct_l3num(ct)) && memcmp(&cmd.u3.all, &ct->tuplehash[dir].tuple.src.u3.all, diff -ruw linux-5.15.42/net/netfilter/nf_conntrack_helper.c linux-5.15.42-fbx/net/netfilter/nf_conntrack_helper.c --- linux-5.15.42/net/netfilter/nf_conntrack_helper.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/netfilter/nf_conntrack_helper.c 2024-04-22 14:46:58.268277947 +0200 @@ -35,7 +35,7 @@ EXPORT_SYMBOL_GPL(nf_ct_helper_hsize); static unsigned int nf_ct_helper_count __read_mostly; -static bool nf_ct_auto_assign_helper __read_mostly = false; +static bool nf_ct_auto_assign_helper __read_mostly = true; module_param_named(nf_conntrack_helper, nf_ct_auto_assign_helper, bool, 0644); MODULE_PARM_DESC(nf_conntrack_helper, "Enable automatic conntrack helper assignment (default 0)"); diff -ruw linux-5.15.42/net/netfilter/nf_conntrack_proto_tcp.c linux-5.15.42-fbx/net/netfilter/nf_conntrack_proto_tcp.c --- linux-5.15.42/net/netfilter/nf_conntrack_proto_tcp.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/netfilter/nf_conntrack_proto_tcp.c 2024-04-22 14:46:58.268277947 +0200 @@ -1125,7 +1125,8 @@ break; } - if (!tcp_in_window(ct, dir, index, + if (!ct->proto.tcp.no_window_track && + !tcp_in_window(ct, dir, index, skb, dataoff, th, state)) { spin_unlock_bh(&ct->lock); return -NF_ACCEPT; @@ -1210,6 +1211,38 @@ return NF_ACCEPT; } +#ifdef CONFIG_IP_FFN +int external_tcpv4_packet(struct nf_conn *ct, + struct sk_buff *skb, + unsigned int dataoff, + enum ip_conntrack_info ctinfo) +{ + /* fixme: is is always PRE_ROUTING ?*/ + struct nf_hook_state state = { + .hook = NF_INET_PRE_ROUTING, + .pf = AF_INET, + .net = nf_ct_net(ct), + }; + return nf_conntrack_tcp_packet(ct, skb, dataoff, ctinfo, &state); +} +#endif + +#ifdef CONFIG_IPV6_FFN +int external_tcpv6_packet(struct nf_conn *ct, + struct sk_buff *skb, + unsigned int dataoff, + enum ip_conntrack_info ctinfo) +{ + /* fixme: is is always PRE_ROUTING ?*/ + struct nf_hook_state state = { + .hook = NF_INET_PRE_ROUTING, + .pf = AF_INET6, + .net = nf_ct_net(ct), + }; + return nf_conntrack_tcp_packet(ct, skb, dataoff, ctinfo, &state); +} +#endif + #if IS_ENABLED(CONFIG_NF_CT_NETLINK) #include diff -ruw linux-5.15.42/net/netfilter/nf_conntrack_proto_udp.c linux-5.15.42-fbx/net/netfilter/nf_conntrack_proto_udp.c --- linux-5.15.42/net/netfilter/nf_conntrack_proto_udp.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/netfilter/nf_conntrack_proto_udp.c 2024-04-22 14:46:58.268277947 +0200 @@ -127,6 +127,38 @@ return NF_ACCEPT; } +#ifdef CONFIG_IP_FFN +int external_udpv4_packet(struct nf_conn *ct, + struct sk_buff *skb, + unsigned int dataoff, + enum ip_conntrack_info ctinfo) +{ + /* fixme: is is always PRE_ROUTING ?*/ + struct nf_hook_state state = { + .hook = NF_INET_PRE_ROUTING, + .pf = AF_INET, + .net = nf_ct_net(ct), + }; + return nf_conntrack_udp_packet(ct, skb, dataoff, ctinfo, &state); +} +#endif + +#ifdef CONFIG_IPV6_FFN +int external_udpv6_packet(struct nf_conn *ct, + struct sk_buff *skb, + unsigned int dataoff, + enum ip_conntrack_info ctinfo) +{ + /* fixme: is is always PRE_ROUTING ?*/ + struct nf_hook_state state = { + .hook = NF_INET_PRE_ROUTING, + .pf = AF_INET6, + .net = nf_ct_net(ct), + }; + return nf_conntrack_udp_packet(ct, skb, dataoff, ctinfo, &state); +} +#endif + #ifdef CONFIG_NF_CT_PROTO_UDPLITE static void udplite_error_log(const struct sk_buff *skb, const struct nf_hook_state *state, diff -ruw linux-5.15.42/net/netfilter/nf_conntrack_sip.c linux-5.15.42-fbx/net/netfilter/nf_conntrack_sip.c --- linux-5.15.42/net/netfilter/nf_conntrack_sip.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/netfilter/nf_conntrack_sip.c 2024-04-22 14:46:58.268277947 +0200 @@ -35,6 +35,8 @@ MODULE_ALIAS("ip_conntrack_sip"); MODULE_ALIAS_NFCT_HELPER(HELPER_NAME); +#define MAX_CALLS 8 + #define MAX_PORTS 8 static unsigned short ports[MAX_PORTS]; static unsigned int ports_c; @@ -825,7 +827,8 @@ return found; } -static void flush_expectations(struct nf_conn *ct, bool media) +static void __flush_expectations(struct nf_conn *ct, bool media, + const u8 *cid_hash) { struct nf_conn_help *help = nfct_help(ct); struct nf_conntrack_expect *exp; @@ -835,6 +838,15 @@ hlist_for_each_entry_safe(exp, next, &help->expectations, lnode) { if ((exp->class != SIP_EXPECT_SIGNALLING) ^ media) continue; + if (media && cid_hash) { + const struct nf_ct_sip_expect *exp_sip_info; + exp_sip_info = nf_ct_exp_data(exp); + + if (memcmp(exp_sip_info->cid_hash, cid_hash, + sizeof (exp_sip_info->cid_hash))) + continue; + } + if (!nf_ct_remove_expect(exp)) continue; if (!media) @@ -843,12 +855,36 @@ spin_unlock_bh(&nf_conntrack_expect_lock); } +static void flush_sig_expectations(struct nf_conn *ct) +{ + return __flush_expectations(ct, false, NULL); +} + +static void flush_media_expectations(struct nf_conn *ct, + const char *msg_data, + unsigned int msg_len) +{ + unsigned int matchoff, matchlen; + u8 cid_hash[SHA256_DIGEST_SIZE]; + struct sha256_state s; + + sha256_init(&s); + if (ct_sip_get_header(ct, msg_data, 0, msg_len, + SIP_HDR_CALL_ID, + &matchoff, &matchlen) > 0) + sha256_update(&s, msg_data + matchoff, matchlen); + sha256_final(&s, cid_hash); + + __flush_expectations(ct, true, cid_hash); +} + static int set_expected_rtp_rtcp(struct sk_buff *skb, unsigned int protoff, unsigned int dataoff, const char **dptr, unsigned int *datalen, union nf_inet_addr *daddr, __be16 port, enum sip_expectation_classes class, - unsigned int mediaoff, unsigned int medialen) + unsigned int mediaoff, unsigned int medialen, + const u8 *cid_hash) { struct nf_conntrack_expect *exp, *rtp_exp, *rtcp_exp; enum ip_conntrack_info ctinfo; @@ -861,6 +897,7 @@ u_int16_t base_port; __be16 rtp_port, rtcp_port; const struct nf_nat_sip_hooks *hooks; + struct nf_ct_sip_expect *exp_sip_info; saddr = NULL; if (sip_direct_media) { @@ -953,18 +990,29 @@ goto err1; } - if (skip_expect) + if (skip_expect) { + exp_sip_info = nf_ct_exp_data(exp); + memcpy(exp_sip_info->cid_hash, cid_hash, + sizeof (exp_sip_info->cid_hash)); return NF_ACCEPT; + } rtp_exp = nf_ct_expect_alloc(ct); if (rtp_exp == NULL) goto err1; + exp_sip_info = nf_ct_exp_data(rtp_exp); + memcpy(exp_sip_info->cid_hash, cid_hash, + sizeof (exp_sip_info->cid_hash)); nf_ct_expect_init(rtp_exp, class, nf_ct_l3num(ct), saddr, daddr, IPPROTO_UDP, NULL, &rtp_port); + rtcp_exp = nf_ct_expect_alloc(ct); if (rtcp_exp == NULL) goto err2; + exp_sip_info = nf_ct_exp_data(rtcp_exp); + memcpy(exp_sip_info->cid_hash, cid_hash, + sizeof (exp_sip_info->cid_hash)); nf_ct_expect_init(rtcp_exp, class, nf_ct_l3num(ct), saddr, daddr, IPPROTO_UDP, NULL, &rtcp_port); @@ -1039,10 +1087,20 @@ const struct nf_nat_sip_hooks *hooks; unsigned int port; const struct sdp_media_type *t; + struct sha256_state s; + u8 cid_hash[SHA256_DIGEST_SIZE]; int ret = NF_ACCEPT; hooks = rcu_dereference(nf_nat_sip_hooks); + /* extract caller id if any */ + sha256_init(&s); + if (ct_sip_get_header(ct, *dptr, 0, *datalen, + SIP_HDR_CALL_ID, + &matchoff, &matchlen) > 0) + sha256_update(&s, *dptr + matchoff, matchlen); + sha256_final(&s, cid_hash); + /* Find beginning of session description */ if (ct_sip_get_sdp_header(ct, *dptr, 0, *datalen, SDP_HDR_VERSION, SDP_HDR_UNSPEC, @@ -1101,7 +1159,7 @@ ret = set_expected_rtp_rtcp(skb, protoff, dataoff, dptr, datalen, &rtp_addr, htons(port), t->class, - mediaoff, medialen); + mediaoff, medialen, cid_hash); if (ret != NF_ACCEPT) { nf_ct_helper_log(skb, ct, "cannot add expectation for voice"); @@ -1145,7 +1203,7 @@ (code >= 200 && code <= 299)) return process_sdp(skb, protoff, dataoff, dptr, datalen, cseq); else if (ct_sip_info->invite_cseq == cseq) - flush_expectations(ct, true); + flush_media_expectations(ct, *dptr, *datalen); return NF_ACCEPT; } @@ -1162,7 +1220,7 @@ (code >= 200 && code <= 299)) return process_sdp(skb, protoff, dataoff, dptr, datalen, cseq); else if (ct_sip_info->invite_cseq == cseq) - flush_expectations(ct, true); + flush_media_expectations(ct, *dptr, *datalen); return NF_ACCEPT; } @@ -1179,7 +1237,7 @@ (code >= 200 && code <= 299)) return process_sdp(skb, protoff, dataoff, dptr, datalen, cseq); else if (ct_sip_info->invite_cseq == cseq) - flush_expectations(ct, true); + flush_media_expectations(ct, *dptr, *datalen); return NF_ACCEPT; } @@ -1193,7 +1251,7 @@ struct nf_ct_sip_master *ct_sip_info = nfct_help_data(ct); unsigned int ret; - flush_expectations(ct, true); + flush_media_expectations(ct, *dptr, *datalen); ret = process_sdp(skb, protoff, dataoff, dptr, datalen, cseq); if (ret == NF_ACCEPT) ct_sip_info->invite_cseq = cseq; @@ -1208,7 +1266,7 @@ enum ip_conntrack_info ctinfo; struct nf_conn *ct = nf_ct_get(skb, &ctinfo); - flush_expectations(ct, true); + flush_media_expectations(ct, *dptr, *datalen); return NF_ACCEPT; } @@ -1387,7 +1445,7 @@ } flush: - flush_expectations(ct, false); + flush_sig_expectations(ct); return NF_ACCEPT; } @@ -1463,12 +1521,13 @@ * Via: header so that nf_nat_sip can redirect the responses to * the correct port. */ - if (ct_sip_parse_header_uri(ct, *dptr, NULL, *datalen, + if (nf_ct_protonum(ct) == IPPROTO_UDP && + ct_sip_parse_header_uri(ct, *dptr, NULL, *datalen, SIP_HDR_VIA_UDP, NULL, &matchoff, &matchlen, &addr, &port) > 0 && port != ct->tuplehash[dir].tuple.src.u.udp.port && nf_inet_addr_cmp(&addr, &ct->tuplehash[dir].tuple.src.u3)) - ct_sip_info->forced_dport = port; + ct_sip_info->forced_dport[!dir] = port; for (i = 0; i < ARRAY_SIZE(sip_handlers); i++) { const struct sip_handler *handler; @@ -1642,17 +1701,17 @@ }, [SIP_EXPECT_AUDIO] = { .name = "audio", - .max_expected = 2 * IP_CT_DIR_MAX, + .max_expected = MAX_CALLS * 2 * IP_CT_DIR_MAX, .timeout = 3 * 60, }, [SIP_EXPECT_VIDEO] = { .name = "video", - .max_expected = 2 * IP_CT_DIR_MAX, + .max_expected = MAX_CALLS * 2 * IP_CT_DIR_MAX, .timeout = 3 * 60, }, [SIP_EXPECT_IMAGE] = { .name = "image", - .max_expected = IP_CT_DIR_MAX, + .max_expected = MAX_CALLS * IP_CT_DIR_MAX, .timeout = 3 * 60, }, }; @@ -1667,6 +1726,7 @@ int i, ret; NF_CT_HELPER_BUILD_BUG_ON(sizeof(struct nf_ct_sip_master)); + NF_CT_EXPECT_BUILD_BUG_ON(sizeof(struct nf_ct_sip_expect)); if (ports_c == 0) ports[ports_c++] = SIP_PORT; diff -ruw linux-5.15.42/net/netfilter/nf_nat_core.c linux-5.15.42-fbx/net/netfilter/nf_nat_core.c --- linux-5.15.42/net/netfilter/nf_nat_core.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/netfilter/nf_nat_core.c 2024-04-22 14:46:58.272278056 +0200 @@ -641,6 +641,11 @@ else ct->status |= IPS_SRC_NAT_DONE; + if (maniptype == NF_NAT_MANIP_SRC) { + ct->nat_src_proto_min = range->min_proto; + ct->nat_src_proto_max = range->max_proto; + } + return NF_ACCEPT; } EXPORT_SYMBOL(nf_nat_setup_info); diff -ruw linux-5.15.42/net/netfilter/nf_nat_ftp.c linux-5.15.42-fbx/net/netfilter/nf_nat_ftp.c --- linux-5.15.42/net/netfilter/nf_nat_ftp.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/netfilter/nf_nat_ftp.c 2024-04-22 14:46:58.272278056 +0200 @@ -69,7 +69,8 @@ struct nf_conntrack_expect *exp) { union nf_inet_addr newaddr; - u_int16_t port; + u_int16_t port, sport, eport; + unsigned int i; int dir = CTINFO2DIR(ctinfo); struct nf_conn *ct = exp->master; char buffer[sizeof("|1||65535|") + INET6_ADDRSTRLEN]; @@ -86,8 +87,26 @@ * this one. */ exp->expectfn = nf_nat_follow_master; + if (dir == IP_CT_DIR_ORIGINAL && + (ct->status & IPS_SRC_NAT) && + ct->nat_src_proto_min.all && + ct->nat_src_proto_max.all) { + sport = ntohs(ct->nat_src_proto_min.all); + eport = ntohs(ct->nat_src_proto_max.all); + } else { + sport = 1024; + eport = 65535; + } + + port = ntohs(exp->saved_proto.tcp.port); + if (port < sport || port > eport) { + get_random_bytes(&port, sizeof (port)); + port %= eport - sport; + port += sport; + } + /* Try to get same port: if not, try to change it. */ - for (port = ntohs(exp->saved_proto.tcp.port); port != 0; port++) { + for (i = 0; i < eport - sport + 1; i++) { int ret; exp->tuple.dst.u.tcp.port = htons(port); @@ -98,6 +117,10 @@ port = 0; break; } + + port++; + if (port > eport) + port = sport; } if (port == 0) { diff -ruw linux-5.15.42/net/netfilter/nf_nat_helper.c linux-5.15.42-fbx/net/netfilter/nf_nat_helper.c --- linux-5.15.42/net/netfilter/nf_nat_helper.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/netfilter/nf_nat_helper.c 2024-04-22 14:46:58.272278056 +0200 @@ -188,6 +188,14 @@ range.flags = NF_NAT_RANGE_MAP_IPS; range.min_addr = range.max_addr = ct->master->tuplehash[!exp->dir].tuple.dst.u3; + + if (ct->master->nat_src_proto_min.all && + ct->master->nat_src_proto_max.all) { + range.flags |= NF_NAT_RANGE_PROTO_SPECIFIED; + range.min_proto = ct->master->nat_src_proto_min; + range.max_proto = ct->master->nat_src_proto_max; + } + nf_nat_setup_info(ct, &range, NF_NAT_MANIP_SRC); /* For DST manip, map port here to where it's expected. */ diff -ruw linux-5.15.42/net/netfilter/nf_nat_proto.c linux-5.15.42-fbx/net/netfilter/nf_nat_proto.c --- linux-5.15.42/net/netfilter/nf_nat_proto.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/netfilter/nf_nat_proto.c 2023-02-27 13:42:32.630771810 +0100 @@ -385,6 +385,8 @@ { #if IS_ENABLED(CONFIG_IPV6) struct ipv6hdr *ipv6h; + const __be32 *to; + __be32 *from; __be16 frag_off; int hdroff; u8 nexthdr; @@ -407,10 +409,24 @@ ipv6h = (void *)skb->data + iphdroff; manip_addr: - if (maniptype == NF_NAT_MANIP_SRC) - ipv6h->saddr = target->src.u3.in6; - else - ipv6h->daddr = target->dst.u3.in6; + if (maniptype == NF_NAT_MANIP_SRC) { + from = ipv6h->saddr.s6_addr32; + to = target->src.u3.in6.s6_addr32; + } else { + from = ipv6h->daddr.s6_addr32; + to = target->dst.u3.in6.s6_addr32; + } + + if (skb->ip_summed == CHECKSUM_COMPLETE) { + __be32 diff[] = { + ~from[0], ~from[1], ~from[2], ~from[3], + to[0], to[1], to[2], to[3], + }; + + skb->csum = ~csum_partial(diff, sizeof(diff), ~skb->csum); + } + + memcpy(from, to, sizeof (struct in6_addr)); #endif return true; diff -ruw linux-5.15.42/net/netfilter/nf_nat_sip.c linux-5.15.42-fbx/net/netfilter/nf_nat_sip.c --- linux-5.15.42/net/netfilter/nf_nat_sip.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/netfilter/nf_nat_sip.c 2024-04-22 14:46:58.272278056 +0200 @@ -111,8 +111,11 @@ } else if (nf_inet_addr_cmp(&ct->tuplehash[dir].tuple.dst.u3, addr) && ct->tuplehash[dir].tuple.dst.u.udp.port == port) { newaddr = ct->tuplehash[!dir].tuple.src.u3; - newport = ct_sip_info->forced_dport ? : + if (nf_ct_protonum(ct) == IPPROTO_UDP) + newport = ct_sip_info->forced_dport[dir] ? : ct->tuplehash[!dir].tuple.src.u.udp.port; + else + newport = ct->tuplehash[!dir].tuple.src.u.udp.port; } else return 1; @@ -279,7 +282,8 @@ } /* Mangle destination port for Cisco phones, then fix up checksums */ - if (dir == IP_CT_DIR_REPLY && ct_sip_info->forced_dport) { + if (nf_ct_protonum(ct) == IPPROTO_UDP && + dir == IP_CT_DIR_REPLY && ct_sip_info->forced_dport[dir]) { struct udphdr *uh; if (skb_ensure_writable(skb, skb->len)) { @@ -288,7 +292,7 @@ } uh = (void *)skb->data + protoff; - uh->dest = ct_sip_info->forced_dport; + uh->dest = ct_sip_info->forced_dport[dir]; if (!nf_nat_mangle_udp_packet(skb, ct, ctinfo, protoff, 0, 0, NULL, 0)) { @@ -365,6 +369,15 @@ range_set_for_snat = 1; } + if (range_set_for_snat) { + if (ct->master->nat_src_proto_min.all && + ct->master->nat_src_proto_max.all) { + range.flags |= NF_NAT_RANGE_PROTO_SPECIFIED; + range.min_proto = ct->master->nat_src_proto_min; + range.max_proto = ct->master->nat_src_proto_max; + } + } + /* Perform SRC manip. */ if (range_set_for_snat) nf_nat_setup_info(ct, &range, NF_NAT_MANIP_SRC); @@ -382,10 +395,11 @@ enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo); struct nf_ct_sip_master *ct_sip_info = nfct_help_data(ct); union nf_inet_addr newaddr; - u_int16_t port; + u_int16_t port, sport, eport; __be16 srcport; char buffer[INET6_ADDRSTRLEN + sizeof("[]:nnnnn")]; unsigned int buflen; + unsigned int i; /* Connection will come from reply */ if (nf_inet_addr_cmp(&ct->tuplehash[dir].tuple.src.u3, @@ -397,7 +411,7 @@ /* If the signalling port matches the connection's source port in the * original direction, try to use the destination port in the opposite * direction. */ - srcport = ct_sip_info->forced_dport ? : + srcport = ct_sip_info->forced_dport[dir] ? : ct->tuplehash[dir].tuple.src.u.udp.port; if (exp->tuple.dst.u.udp.port == srcport) port = ntohs(ct->tuplehash[!dir].tuple.dst.u.udp.port); @@ -410,7 +424,24 @@ exp->dir = !dir; exp->expectfn = nf_nat_sip_expected; - for (; port != 0; port++) { + if (dir == IP_CT_DIR_ORIGINAL && + (ct->status & IPS_SRC_NAT) && + ct->nat_src_proto_min.all && + ct->nat_src_proto_max.all) { + sport = ntohs(ct->nat_src_proto_min.all); + eport = ntohs(ct->nat_src_proto_max.all); + } else { + sport = 1024; + eport = 65535; + } + + if (port < sport || port > eport) { + get_random_bytes(&port, sizeof (port)); + port %= eport - sport; + port += sport; + } + + for (i = 0; i < eport - sport + 1; i++) { int ret; exp->tuple.dst.u.udp.port = htons(port); @@ -421,6 +452,10 @@ port = 0; break; } + + port++; + if (port > eport) + port = sport; } if (port == 0) { @@ -580,7 +615,8 @@ enum ip_conntrack_info ctinfo; struct nf_conn *ct = nf_ct_get(skb, &ctinfo); enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo); - u_int16_t port; + u_int16_t port, sport, eport; + unsigned int i; /* Connection will come from reply */ if (nf_inet_addr_cmp(&ct->tuplehash[dir].tuple.src.u3, @@ -601,17 +637,37 @@ rtcp_exp->dir = !dir; rtcp_exp->expectfn = nf_nat_sip_expected; + if (dir == IP_CT_DIR_ORIGINAL && + (ct->status & IPS_SRC_NAT) && + ct->nat_src_proto_min.all && + ct->nat_src_proto_max.all) { + sport = ntohs(ct->nat_src_proto_min.all); + eport = ntohs(ct->nat_src_proto_max.all); + } else { + sport = 1024; + eport = 65535; + } + + port = ntohs(rtp_exp->tuple.dst.u.udp.port); + if (port < sport || port > eport - 1) { + get_random_bytes(&port, sizeof (port)); + port %= eport - sport; + port += sport; + } + /* Try to get same pair of ports: if not, try to change them. */ - for (port = ntohs(rtp_exp->tuple.dst.u.udp.port); - port != 0; port += 2) { + for (i = 0; i < eport - sport + 1; i += 2) { int ret; rtp_exp->tuple.dst.u.udp.port = htons(port); ret = nf_ct_expect_related(rtp_exp, NF_CT_EXP_F_SKIP_MASTER); - if (ret == -EBUSY) + if (ret == -EBUSY) { + port += 2; + if (port > eport) + port = sport; continue; - else if (ret < 0) { + } else if (ret < 0) { port = 0; break; } @@ -622,12 +678,19 @@ break; else if (ret == -EBUSY) { nf_ct_unexpect_related(rtp_exp); + port += 2; + if (port > eport) + port = sport; continue; } else if (ret < 0) { nf_ct_unexpect_related(rtp_exp); port = 0; break; } + + port += 2; + if (port > eport) + port = sport; } if (port == 0) { diff -ruw linux-5.15.42/net/netfilter/nfnetlink.c linux-5.15.42-fbx/net/netfilter/nfnetlink.c --- linux-5.15.42/net/netfilter/nfnetlink.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/netfilter/nfnetlink.c 2024-04-22 14:46:58.276278166 +0200 @@ -643,7 +643,10 @@ skb->len < nlh->nlmsg_len) return; - if (!netlink_net_capable(skb, CAP_NET_ADMIN)) { + if (NFNL_SUBSYS_ID(nlh->nlmsg_type) == NFNL_SUBSYS_CTNETLINK && + NFNL_MSG_TYPE(nlh->nlmsg_type) == 1 /* IPCTNL_MSG_CT_GET */) { + pr_debug("Carving out access exception for conntrack get; does not work for batch queries\n"); + } else if (!netlink_net_capable(skb, CAP_NET_ADMIN)) { netlink_ack(skb, nlh, -EPERM, NULL); return; } diff -ruw linux-5.15.42/net/sched/sch_drr.c linux-5.15.42-fbx/net/sched/sch_drr.c --- linux-5.15.42/net/sched/sch_drr.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/sched/sch_drr.c 2024-04-22 14:46:58.324279477 +0200 @@ -335,7 +335,9 @@ cl = drr_find_class(sch, res.classid); return cl; } - return NULL; + + /* default to first minor if it exists, or drop */ + return drr_find_class(sch, TC_H_MAKE(TC_H_MAJ(sch->handle), 1)); } static int drr_enqueue(struct sk_buff *skb, struct Qdisc *sch, diff -ruw linux-5.15.42/net/socket.c linux-5.15.42-fbx/net/socket.c --- linux-5.15.42/net/socket.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/socket.c 2024-04-22 14:46:58.352280242 +0200 @@ -1140,6 +1140,29 @@ return err; } +static DEFINE_MUTEX(fbxbridge_ioctl_mutex); +static int (*fbxbridge_ioctl_hook)(struct net *, unsigned int cmd, void __user *arg) = NULL; + +void fbxbridge_set(int (*hook)(struct net *, unsigned int, void __user *)) +{ + mutex_lock(&fbxbridge_ioctl_mutex); + fbxbridge_ioctl_hook = hook; + mutex_unlock(&fbxbridge_ioctl_mutex); +} + +static DEFINE_MUTEX(fbxdiverter_ioctl_mutex); +static int (*fbxdiverter_ioctl_hook) (struct net *, unsigned int cmd, void __user *arg) = NULL; + +void fbxdiverter_ioctl_set(int (*hook) (struct net *, unsigned int, + void __user *)) +{ + mutex_lock(&fbxdiverter_ioctl_mutex); + fbxdiverter_ioctl_hook = hook; + mutex_unlock(&fbxdiverter_ioctl_mutex); +} + +EXPORT_SYMBOL(fbxdiverter_ioctl_set); + /* * With an ioctl, arg may well be a user mode pointer, but we don't know * what to do with it - that's up to the protocol still. @@ -1209,6 +1232,17 @@ err = open_related_ns(&net->ns, get_net_ns); break; + case SIOCGFBXDIVERT: + case SIOCSFBXDIVERT: + err = -ENOPKG; + if (!fbxdiverter_ioctl_hook) + request_module("fbxdiverter"); + + mutex_lock(&fbxdiverter_ioctl_mutex); + if (fbxdiverter_ioctl_hook) + err = fbxdiverter_ioctl_hook(net, cmd, argp); + mutex_unlock(&fbxdiverter_ioctl_mutex); + break; case SIOCGSTAMP_OLD: case SIOCGSTAMPNS_OLD: if (!sock->ops->gettstamp) { @@ -1234,6 +1268,17 @@ err = dev_ifconf(net, argp); break; + case SIOCGFBXBRIDGE: + case SIOCSFBXBRIDGE: + err = -ENOPKG; + if (!fbxbridge_ioctl_hook) + request_module("fbxbridge"); + + mutex_lock(&fbxbridge_ioctl_mutex); + if (fbxbridge_ioctl_hook) + err = fbxbridge_ioctl_hook(net, cmd, argp); + mutex_unlock(&fbxbridge_ioctl_mutex); + break; default: err = sock_do_ioctl(net, sock, cmd, arg); break; diff -ruw linux-5.15.42/net/unix/Kconfig linux-5.15.42-fbx/net/unix/Kconfig --- linux-5.15.42/net/unix/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/unix/Kconfig 2023-04-05 14:58:59.067863051 +0200 @@ -30,6 +30,9 @@ depends on UNIX default y +config UNIX_ABSTRACT_IGNORE_NETNS + bool "make abstract namespace global to all network namespaces" + config UNIX_DIAG tristate "UNIX: socket monitoring interface" depends on UNIX diff -ruw linux-5.15.42/net/unix/af_unix.c linux-5.15.42-fbx/net/unix/af_unix.c --- linux-5.15.42/net/unix/af_unix.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/unix/af_unix.c 2024-04-22 14:46:58.372280788 +0200 @@ -294,8 +294,10 @@ sk_for_each(s, &unix_socket_table[hash]) { struct unix_sock *u = unix_sk(s); +#ifdef UNIX_ABSTRACT_IGNORE_NETNS if (!net_eq(sock_net(s), net)) continue; +#endif if (u->addr->len == len && !memcmp(u->addr->name, sunname, len)) diff -ruw linux-5.15.42/net/wireless/Makefile linux-5.15.42-fbx/net/wireless/Makefile --- linux-5.15.42/net/wireless/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/wireless/Makefile 2024-04-22 14:46:58.380281007 +0200 @@ -26,7 +26,7 @@ $(obj)/shipped-certs.c: $(wildcard $(srctree)/$(src)/certs/*.hex) @$(kecho) " GEN $@" - @(echo '#include "reg.h"'; \ + $(Q)(echo '#include "reg.h"'; \ echo 'const u8 shipped_regdb_certs[] = {'; \ echo | cat - $^ ; \ echo '};'; \ @@ -36,7 +36,7 @@ $(obj)/extra-certs.c: $(CONFIG_CFG80211_EXTRA_REGDB_KEYDIR:"%"=%) \ $(wildcard $(CONFIG_CFG80211_EXTRA_REGDB_KEYDIR:"%"=%)/*.x509) @$(kecho) " GEN $@" - @(set -e; \ + $(Q)(set -e; \ allf=""; \ for f in $^ ; do \ test -f $$f || continue;\ diff -ruw linux-5.15.42/net/wireless/chan.c linux-5.15.42-fbx/net/wireless/chan.c --- linux-5.15.42/net/wireless/chan.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/wireless/chan.c 2024-04-22 14:46:58.380281007 +0200 @@ -181,6 +181,9 @@ case NL80211_CHAN_WIDTH_160: mhz = 160; break; + case NL80211_CHAN_WIDTH_320: + mhz = 320; + break; default: WARN_ON_ONCE(1); return -1; @@ -245,19 +248,7 @@ oper_freq - MHZ_TO_KHZ(oper_width) / 2) return false; break; - case NL80211_CHAN_WIDTH_40: - if (chandef->center_freq1 != control_freq + 10 && - chandef->center_freq1 != control_freq - 10) - return false; - if (chandef->center_freq2) - return false; - break; case NL80211_CHAN_WIDTH_80P80: - if (chandef->center_freq1 != control_freq + 30 && - chandef->center_freq1 != control_freq + 10 && - chandef->center_freq1 != control_freq - 10 && - chandef->center_freq1 != control_freq - 30) - return false; if (!chandef->center_freq2) return false; /* adjacent is not allowed -- that's a 160 MHz channel */ @@ -265,28 +256,53 @@ chandef->center_freq2 - chandef->center_freq1 == 80) return false; break; - case NL80211_CHAN_WIDTH_80: - if (chandef->center_freq1 != control_freq + 30 && - chandef->center_freq1 != control_freq + 10 && - chandef->center_freq1 != control_freq - 10 && - chandef->center_freq1 != control_freq - 30) - return false; + default: if (chandef->center_freq2) return false; break; + } + + switch (chandef->width) { + case NL80211_CHAN_WIDTH_5: + case NL80211_CHAN_WIDTH_10: + case NL80211_CHAN_WIDTH_20: + case NL80211_CHAN_WIDTH_20_NOHT: + case NL80211_CHAN_WIDTH_1: + case NL80211_CHAN_WIDTH_2: + case NL80211_CHAN_WIDTH_4: + case NL80211_CHAN_WIDTH_8: + case NL80211_CHAN_WIDTH_16: + /* all checked above */ + break; + case NL80211_CHAN_WIDTH_320: + if (chandef->center_freq1 == control_freq + 150 || + chandef->center_freq1 == control_freq + 130 || + chandef->center_freq1 == control_freq + 110 || + chandef->center_freq1 == control_freq + 90 || + chandef->center_freq1 == control_freq - 90 || + chandef->center_freq1 == control_freq - 110 || + chandef->center_freq1 == control_freq - 130 || + chandef->center_freq1 == control_freq - 150) + break; + fallthrough; case NL80211_CHAN_WIDTH_160: - if (chandef->center_freq1 != control_freq + 70 && - chandef->center_freq1 != control_freq + 50 && - chandef->center_freq1 != control_freq + 30 && - chandef->center_freq1 != control_freq + 10 && - chandef->center_freq1 != control_freq - 10 && - chandef->center_freq1 != control_freq - 30 && - chandef->center_freq1 != control_freq - 50 && - chandef->center_freq1 != control_freq - 70) - return false; - if (chandef->center_freq2) - return false; + if (chandef->center_freq1 == control_freq + 70 || + chandef->center_freq1 == control_freq + 50 || + chandef->center_freq1 == control_freq - 50 || + chandef->center_freq1 == control_freq - 70) break; + fallthrough; + case NL80211_CHAN_WIDTH_80P80: + case NL80211_CHAN_WIDTH_80: + if (chandef->center_freq1 == control_freq + 30 || + chandef->center_freq1 == control_freq - 30) + break; + fallthrough; + case NL80211_CHAN_WIDTH_40: + if (chandef->center_freq1 == control_freq + 10 || + chandef->center_freq1 == control_freq - 10) + break; + fallthrough; default: return false; } @@ -305,7 +321,7 @@ EXPORT_SYMBOL(cfg80211_chandef_valid); static void chandef_primary_freqs(const struct cfg80211_chan_def *c, - u32 *pri40, u32 *pri80) + u32 *pri40, u32 *pri80, u32 *pri160) { int tmp; @@ -313,9 +329,11 @@ case NL80211_CHAN_WIDTH_40: *pri40 = c->center_freq1; *pri80 = 0; + *pri160 = 0; break; case NL80211_CHAN_WIDTH_80: case NL80211_CHAN_WIDTH_80P80: + *pri160 = 0; *pri80 = c->center_freq1; /* n_P20 */ tmp = (30 + c->chan->center_freq - c->center_freq1)/20; @@ -325,6 +343,7 @@ *pri40 = c->center_freq1 - 20 + 40 * tmp; break; case NL80211_CHAN_WIDTH_160: + *pri160 = c->center_freq1; /* n_P20 */ tmp = (70 + c->chan->center_freq - c->center_freq1)/20; /* n_P40 */ @@ -335,6 +354,20 @@ tmp /= 2; *pri80 = c->center_freq1 - 40 + 80 * tmp; break; + case NL80211_CHAN_WIDTH_320: + /* n_P20 */ + tmp = (150 + c->chan->center_freq - c->center_freq1) / 20; + /* n_P40 */ + tmp /= 2; + /* freq_P40 */ + *pri40 = c->center_freq1 - 140 + 40 * tmp; + /* n_P80 */ + tmp /= 2; + *pri80 = c->center_freq1 - 120 + 80 * tmp; + /* n_P160 */ + tmp /= 2; + *pri160 = c->center_freq1 - 80 + 160 * tmp; + break; default: WARN_ON_ONCE(1); } @@ -344,7 +377,7 @@ cfg80211_chandef_compatible(const struct cfg80211_chan_def *c1, const struct cfg80211_chan_def *c2) { - u32 c1_pri40, c1_pri80, c2_pri40, c2_pri80; + u32 c1_pri40, c1_pri80, c2_pri40, c2_pri80, c1_pri160, c2_pri160; /* If they are identical, return */ if (cfg80211_chandef_identical(c1, c2)) @@ -379,14 +412,31 @@ c2->width == NL80211_CHAN_WIDTH_20) return c1; - chandef_primary_freqs(c1, &c1_pri40, &c1_pri80); - chandef_primary_freqs(c2, &c2_pri40, &c2_pri80); + chandef_primary_freqs(c1, &c1_pri40, &c1_pri80, &c1_pri160); + chandef_primary_freqs(c2, &c2_pri40, &c2_pri80, &c2_pri160); if (c1_pri40 != c2_pri40) return NULL; - WARN_ON(!c1_pri80 && !c2_pri80); - if (c1_pri80 && c2_pri80 && c1_pri80 != c2_pri80) + if (c1->width == NL80211_CHAN_WIDTH_40) + return c2; + + if (c2->width == NL80211_CHAN_WIDTH_40) + return c1; + + if (c1_pri80 != c2_pri80) + return NULL; + + if (c1->width == NL80211_CHAN_WIDTH_80 && + c2->width > NL80211_CHAN_WIDTH_80) + return c2; + + if (c2->width == NL80211_CHAN_WIDTH_80 && + c1->width > NL80211_CHAN_WIDTH_80) + return c1; + + WARN_ON(!c1_pri160 && !c2_pri160); + if (c1_pri160 && c2_pri160 && c1_pri160 != c2_pri160) return NULL; if (c1->width > c2->width) @@ -712,6 +762,19 @@ return false; } +static bool +cfg80211_offchan_chain_is_active(struct cfg80211_registered_device *rdev, + struct ieee80211_channel *channel) +{ + if (!rdev->background_radar_wdev) + return false; + + if (!cfg80211_chandef_valid(&rdev->background_radar_chandef)) + return false; + + return cfg80211_is_sub_chan(&rdev->background_radar_chandef, channel); +} + bool cfg80211_any_wiphy_oper_chan(struct wiphy *wiphy, struct ieee80211_channel *chan) { @@ -728,6 +791,9 @@ if (cfg80211_is_wiphy_oper_chan(&rdev->wiphy, chan)) return true; + + if (cfg80211_offchan_chain_is_active(rdev, chan)) + return true; } return false; @@ -942,7 +1008,10 @@ struct ieee80211_sta_vht_cap *vht_cap; struct ieee80211_edmg *edmg_cap; u32 width, control_freq, cap; - bool ext_nss_cap, support_80_80 = false; + bool ext_nss_cap, support_80_80 = false, support_320 = false; + const struct ieee80211_sband_iftype_data *iftd; + struct ieee80211_supported_band *sband; + int i; if (WARN_ON(!cfg80211_chandef_valid(chandef))) return false; @@ -1044,6 +1113,32 @@ (vht_cap->cap & IEEE80211_VHT_CAP_EXT_NSS_BW_MASK))) return false; break; + case NL80211_CHAN_WIDTH_320: + prohibited_flags |= IEEE80211_CHAN_NO_320MHZ; + width = 320; + + if (chandef->chan->band != NL80211_BAND_6GHZ) + return false; + + sband = wiphy->bands[NL80211_BAND_6GHZ]; + if (!sband) + return false; + + for (i = 0; i < sband->n_iftype_data; i++) { + iftd = &sband->iftype_data[i]; + if (!iftd->eht_cap.has_eht) + continue; + + if (iftd->eht_cap.eht_cap_elem.phy_cap_info[0] & + IEEE80211_EHT_PHY_CAP0_320MHZ_IN_6GHZ) { + support_320 = true; + break; + } + } + + if (!support_320) + return false; + break; default: WARN_ON_ONCE(1); return false; diff -ruw linux-5.15.42/net/wireless/core.c linux-5.15.42-fbx/net/wireless/core.c --- linux-5.15.42/net/wireless/core.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/wireless/core.c 2024-04-22 14:46:58.380281007 +0200 @@ -536,6 +536,10 @@ INIT_WORK(&rdev->rfkill_block, cfg80211_rfkill_block_work); INIT_WORK(&rdev->conn_work, cfg80211_conn_work); INIT_WORK(&rdev->event_work, cfg80211_event_work); + INIT_WORK(&rdev->background_cac_abort_wk, + cfg80211_background_cac_abort_wk); + INIT_DELAYED_WORK(&rdev->background_cac_done_wk, + cfg80211_background_cac_done_wk); init_waitqueue_head(&rdev->dev_wait); @@ -724,6 +728,7 @@ if (wiphy->interface_modes & ~(BIT(NL80211_IFTYPE_STATION) | BIT(NL80211_IFTYPE_P2P_CLIENT) | BIT(NL80211_IFTYPE_AP) | + BIT(NL80211_IFTYPE_MESH_POINT) | BIT(NL80211_IFTYPE_P2P_GO) | BIT(NL80211_IFTYPE_ADHOC) | BIT(NL80211_IFTYPE_P2P_DEVICE) | @@ -1045,11 +1050,13 @@ cancel_work_sync(&rdev->conn_work); flush_work(&rdev->event_work); cancel_delayed_work_sync(&rdev->dfs_update_channels_wk); + cancel_delayed_work_sync(&rdev->background_cac_done_wk); flush_work(&rdev->destroy_work); flush_work(&rdev->sched_scan_stop_wk); flush_work(&rdev->propagate_radar_detect_wk); flush_work(&rdev->propagate_cac_done_wk); flush_work(&rdev->mgmt_registrations_update_wk); + flush_work(&rdev->background_cac_abort_wk); #ifdef CONFIG_PM if (rdev->wiphy.wowlan_config && rdev->ops->set_wakeup) @@ -1198,6 +1205,8 @@ cfg80211_pmsr_wdev_down(wdev); + cfg80211_stop_background_radar_detection(wdev); + switch (wdev->iftype) { case NL80211_IFTYPE_ADHOC: __cfg80211_leave_ibss(rdev, dev, true); diff -ruw linux-5.15.42/net/wireless/core.h linux-5.15.42-fbx/net/wireless/core.h --- linux-5.15.42/net/wireless/core.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/wireless/core.h 2024-04-22 14:46:58.384281116 +0200 @@ -84,6 +84,11 @@ struct delayed_work dfs_update_channels_wk; + struct wireless_dev *background_radar_wdev; + struct cfg80211_chan_def background_radar_chandef; + struct delayed_work background_cac_done_wk; + struct work_struct background_cac_abort_wk; + /* netlink port which started critical protocol (0 means not started) */ u32 crit_proto_nlportid; @@ -491,6 +496,17 @@ void cfg80211_sched_dfs_chan_update(struct cfg80211_registered_device *rdev); +int +cfg80211_start_background_radar_detection(struct cfg80211_registered_device *rdev, + struct wireless_dev *wdev, + struct cfg80211_chan_def *chandef); + +void cfg80211_stop_background_radar_detection(struct wireless_dev *wdev); + +void cfg80211_background_cac_done_wk(struct work_struct *work); + +void cfg80211_background_cac_abort_wk(struct work_struct *work); + bool cfg80211_any_wiphy_oper_chan(struct wiphy *wiphy, struct ieee80211_channel *chan); diff -ruw linux-5.15.42/net/wireless/mlme.c linux-5.15.42-fbx/net/wireless/mlme.c --- linux-5.15.42/net/wireless/mlme.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/wireless/mlme.c 2024-04-22 14:46:58.384281116 +0200 @@ -905,13 +905,13 @@ } -void cfg80211_radar_event(struct wiphy *wiphy, +void __cfg80211_radar_event(struct wiphy *wiphy, struct cfg80211_chan_def *chandef, - gfp_t gfp) + bool offchan, gfp_t gfp) { struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); - trace_cfg80211_radar_event(wiphy, chandef); + trace_cfg80211_radar_event(wiphy, chandef, offchan); /* only set the chandef supplied channel to unavailable, in * case the radar is detected on only one of multiple channels @@ -919,6 +919,9 @@ */ cfg80211_set_dfs_state(wiphy, chandef, NL80211_DFS_UNAVAILABLE); + if (offchan) + queue_work(cfg80211_wq, &rdev->background_cac_abort_wk); + cfg80211_sched_dfs_chan_update(rdev); nl80211_radar_notify(rdev, chandef, NL80211_RADAR_DETECTED, NULL, gfp); @@ -926,7 +929,7 @@ memcpy(&rdev->radar_chandef, chandef, sizeof(struct cfg80211_chan_def)); queue_work(cfg80211_wq, &rdev->propagate_radar_detect_wk); } -EXPORT_SYMBOL(cfg80211_radar_event); +EXPORT_SYMBOL(__cfg80211_radar_event); void cfg80211_cac_event(struct net_device *netdev, const struct cfg80211_chan_def *chandef, @@ -970,3 +973,143 @@ nl80211_radar_notify(rdev, chandef, event, netdev, gfp); } EXPORT_SYMBOL(cfg80211_cac_event); + +static void +__cfg80211_background_cac_event(struct cfg80211_registered_device *rdev, + struct wireless_dev *wdev, + const struct cfg80211_chan_def *chandef, + enum nl80211_radar_event event) +{ + struct wiphy *wiphy = &rdev->wiphy; + struct net_device *netdev; + + lockdep_assert_wiphy(&rdev->wiphy); + + if (!cfg80211_chandef_valid(chandef)) + return; + + if (!rdev->background_radar_wdev) + return; + + switch (event) { + case NL80211_RADAR_CAC_FINISHED: + cfg80211_set_dfs_state(wiphy, chandef, NL80211_DFS_AVAILABLE); + memcpy(&rdev->cac_done_chandef, chandef, sizeof(*chandef)); + queue_work(cfg80211_wq, &rdev->propagate_cac_done_wk); + cfg80211_sched_dfs_chan_update(rdev); + wdev = rdev->background_radar_wdev; + break; + case NL80211_RADAR_CAC_ABORTED: + if (!cancel_delayed_work(&rdev->background_cac_done_wk)) + return; + wdev = rdev->background_radar_wdev; + break; + case NL80211_RADAR_CAC_STARTED: + break; + default: + return; + } + + netdev = wdev ? wdev->netdev : NULL; + nl80211_radar_notify(rdev, chandef, event, netdev, GFP_KERNEL); +} + +static void +cfg80211_background_cac_event(struct cfg80211_registered_device *rdev, + const struct cfg80211_chan_def *chandef, + enum nl80211_radar_event event) +{ + wiphy_lock(&rdev->wiphy); + __cfg80211_background_cac_event(rdev, rdev->background_radar_wdev, + chandef, event); + wiphy_unlock(&rdev->wiphy); +} + +void cfg80211_background_cac_done_wk(struct work_struct *work) +{ + struct delayed_work *delayed_work = to_delayed_work(work); + struct cfg80211_registered_device *rdev; + + rdev = container_of(delayed_work, struct cfg80211_registered_device, + background_cac_done_wk); + cfg80211_background_cac_event(rdev, &rdev->background_radar_chandef, + NL80211_RADAR_CAC_FINISHED); +} + +void cfg80211_background_cac_abort_wk(struct work_struct *work) +{ + struct cfg80211_registered_device *rdev; + + rdev = container_of(work, struct cfg80211_registered_device, + background_cac_abort_wk); + cfg80211_background_cac_event(rdev, &rdev->background_radar_chandef, + NL80211_RADAR_CAC_ABORTED); +} + +void cfg80211_background_cac_abort(struct wiphy *wiphy) +{ + struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); + + queue_work(cfg80211_wq, &rdev->background_cac_abort_wk); +} +EXPORT_SYMBOL(cfg80211_background_cac_abort); + +int +cfg80211_start_background_radar_detection(struct cfg80211_registered_device *rdev, + struct wireless_dev *wdev, + struct cfg80211_chan_def *chandef) +{ + unsigned int cac_time_ms; + int err; + + lockdep_assert_wiphy(&rdev->wiphy); + + if (!wiphy_ext_feature_isset(&rdev->wiphy, + NL80211_EXT_FEATURE_RADAR_BACKGROUND)) + return -EOPNOTSUPP; + + /* Offchannel chain already locked by another wdev */ + if (rdev->background_radar_wdev && rdev->background_radar_wdev != wdev) + return -EBUSY; + + /* CAC already in progress on the offchannel chain */ + if (rdev->background_radar_wdev == wdev && + delayed_work_pending(&rdev->background_cac_done_wk)) + return -EBUSY; + + err = rdev_set_radar_background(rdev, chandef); + if (err) + return err; + + cac_time_ms = cfg80211_chandef_dfs_cac_time(&rdev->wiphy, chandef); + if (!cac_time_ms) + cac_time_ms = IEEE80211_DFS_MIN_CAC_TIME_MS; + + rdev->background_radar_chandef = *chandef; + rdev->background_radar_wdev = wdev; /* Get offchain ownership */ + + __cfg80211_background_cac_event(rdev, wdev, chandef, + NL80211_RADAR_CAC_STARTED); + queue_delayed_work(cfg80211_wq, &rdev->background_cac_done_wk, + msecs_to_jiffies(cac_time_ms)); + + return 0; +} + +void cfg80211_stop_background_radar_detection(struct wireless_dev *wdev) +{ + struct wiphy *wiphy = wdev->wiphy; + struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); + + lockdep_assert_wiphy(wiphy); + + if (wdev != rdev->background_radar_wdev) + return; + + rdev_set_radar_background(rdev, NULL); + rdev->background_radar_wdev = NULL; /* Release offchain ownership */ + + __cfg80211_background_cac_event(rdev, wdev, + &rdev->background_radar_chandef, + NL80211_RADAR_CAC_ABORTED); +} diff -ruw linux-5.15.42/net/wireless/nl80211.c linux-5.15.42-fbx/net/wireless/nl80211.c --- linux-5.15.42/net/wireless/nl80211.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/wireless/nl80211.c 2024-04-22 14:46:58.388281226 +0200 @@ -5,7 +5,7 @@ * Copyright 2006-2010 Johannes Berg * Copyright 2013-2014 Intel Mobile Communications GmbH * Copyright 2015-2017 Intel Deutschland GmbH - * Copyright (C) 2018-2021 Intel Corporation + * Copyright (C) 2018-2022 Intel Corporation */ #include @@ -285,6 +285,15 @@ return -EINVAL; } +static int validate_he_capa(const struct nlattr *attr, + struct netlink_ext_ack *extack) +{ + if (!ieee80211_he_capa_size_ok(nla_data(attr), nla_len(attr))) + return -EINVAL; + + return 0; +} + /* policy for the attributes */ static const struct nla_policy nl80211_policy[NUM_NL80211_ATTR]; @@ -437,6 +446,16 @@ [NL80211_SAR_ATTR_SPECS] = NLA_POLICY_NESTED_ARRAY(sar_specs_policy), }; +static const struct nla_policy +nl80211_mbssid_config_policy[NL80211_MBSSID_CONFIG_ATTR_MAX + 1] = { + [NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES] = NLA_POLICY_MIN(NLA_U8, 2), + [NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY] = + NLA_POLICY_MIN(NLA_U8, 1), + [NL80211_MBSSID_CONFIG_ATTR_INDEX] = { .type = NLA_U8 }, + [NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX] = { .type = NLA_U32 }, + [NL80211_MBSSID_CONFIG_ATTR_EMA] = { .type = NLA_FLAG }, +}; + static const struct nla_policy nl80211_policy[NUM_NL80211_ATTR] = { [0] = { .strict_start_type = NL80211_ATTR_HE_OBSS_PD }, [NL80211_ATTR_WIPHY] = { .type = NLA_U32 }, @@ -721,8 +740,7 @@ [NL80211_ATTR_TXQ_MEMORY_LIMIT] = { .type = NLA_U32 }, [NL80211_ATTR_TXQ_QUANTUM] = { .type = NLA_U32 }, [NL80211_ATTR_HE_CAPABILITY] = - NLA_POLICY_RANGE(NLA_BINARY, - NL80211_HE_MIN_CAPABILITY_LEN, + NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_he_capa, NL80211_HE_MAX_CAPABILITY_LEN), [NL80211_ATTR_FTM_RESPONDER] = NLA_POLICY_NESTED(nl80211_ftm_responder_policy), @@ -764,6 +782,15 @@ [NL80211_ATTR_COLOR_CHANGE_COUNT] = { .type = NLA_U8 }, [NL80211_ATTR_COLOR_CHANGE_COLOR] = { .type = NLA_U8 }, [NL80211_ATTR_COLOR_CHANGE_ELEMS] = NLA_POLICY_NESTED(nl80211_policy), + [NL80211_ATTR_MBSSID_CONFIG] = + NLA_POLICY_NESTED(nl80211_mbssid_config_policy), + [NL80211_ATTR_MBSSID_ELEMS] = { .type = NLA_NESTED }, + [NL80211_ATTR_RADAR_BACKGROUND] = { .type = NLA_FLAG }, + [NL80211_ATTR_AP_SETTINGS_FLAGS] = { .type = NLA_U32 }, + [NL80211_ATTR_EHT_CAPABILITY] = + NLA_POLICY_RANGE(NLA_BINARY, + NL80211_EHT_MIN_CAPABILITY_LEN, + NL80211_EHT_MAX_CAPABILITY_LEN), }; /* policy for the key attributes */ @@ -854,6 +881,7 @@ [NL80211_BAND_5GHZ] = { .type = NLA_S32 }, [NL80211_BAND_6GHZ] = { .type = NLA_S32 }, [NL80211_BAND_60GHZ] = { .type = NLA_S32 }, + [NL80211_BAND_LC] = { .type = NLA_S32 }, }; static const struct nla_policy @@ -1060,6 +1088,10 @@ if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_OFFSET, chan->freq_offset)) goto nla_put_failure; + if ((chan->flags & IEEE80211_CHAN_PSD) && + nla_put_s8(msg, NL80211_FREQUENCY_ATTR_PSD, chan->psd)) + goto nla_put_failure; + if ((chan->flags & IEEE80211_CHAN_DISABLED) && nla_put_flag(msg, NL80211_FREQUENCY_ATTR_DISABLED)) goto nla_put_failure; @@ -1133,6 +1165,12 @@ if ((chan->flags & IEEE80211_CHAN_16MHZ) && nla_put_flag(msg, NL80211_FREQUENCY_ATTR_16MHZ)) goto nla_put_failure; + if ((chan->flags & IEEE80211_CHAN_NO_320MHZ) && + nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_320MHZ)) + goto nla_put_failure; + if ((chan->flags & IEEE80211_CHAN_NO_EHT) && + nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_EHT)) + goto nla_put_failure; } if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER, @@ -1714,6 +1752,7 @@ const struct ieee80211_sband_iftype_data *iftdata) { const struct ieee80211_sta_he_cap *he_cap = &iftdata->he_cap; + const struct ieee80211_sta_eht_cap *eht_cap = &iftdata->eht_cap; if (nl80211_put_iftypes(msg, NL80211_BAND_IFTYPE_ATTR_IFTYPES, iftdata->types_mask)) @@ -1734,6 +1773,32 @@ return -ENOBUFS; } + if (eht_cap->has_eht && he_cap->has_he) { + u8 mcs_nss_size, ppe_thresh_size; + u16 ppe_thres_hdr; + + mcs_nss_size = + ieee80211_eht_mcs_nss_size(&he_cap->he_cap_elem, + &eht_cap->eht_cap_elem); + + ppe_thres_hdr = get_unaligned_le16(&eht_cap->eht_ppe_thres[0]); + ppe_thresh_size = + ieee80211_eht_ppe_size(ppe_thres_hdr, + eht_cap->eht_cap_elem.phy_cap_info); + + if (nla_put(msg, NL80211_BAND_IFTYPE_ATTR_EHT_CAP_MAC, + sizeof(eht_cap->eht_cap_elem.mac_cap_info), + eht_cap->eht_cap_elem.mac_cap_info) || + nla_put(msg, NL80211_BAND_IFTYPE_ATTR_EHT_CAP_PHY, + sizeof(eht_cap->eht_cap_elem.phy_cap_info), + eht_cap->eht_cap_elem.phy_cap_info) || + nla_put(msg, NL80211_BAND_IFTYPE_ATTR_EHT_CAP_MCS_SET, + mcs_nss_size, &eht_cap->eht_mcs_nss_supp) || + nla_put(msg, NL80211_BAND_IFTYPE_ATTR_EHT_CAP_PPE, + ppe_thresh_size, eht_cap->eht_ppe_thres)) + return -ENOBUFS; + } + if (sband->band == NL80211_BAND_6GHZ && nla_put(msg, NL80211_BAND_IFTYPE_ATTR_HE_6GHZ_CAPA, sizeof(iftdata->he_6ghz_capa), @@ -2212,6 +2277,35 @@ return -ENOBUFS; } +static int nl80211_put_mbssid_support(struct wiphy *wiphy, struct sk_buff *msg) +{ + struct nlattr *config; + + if (!wiphy->mbssid_max_interfaces) + return 0; + + config = nla_nest_start(msg, NL80211_ATTR_MBSSID_CONFIG); + if (!config) + return -ENOBUFS; + + if (nla_put_u8(msg, NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES, + wiphy->mbssid_max_interfaces)) + goto fail; + + if (wiphy->ema_max_profile_periodicity && + nla_put_u8(msg, + NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY, + wiphy->ema_max_profile_periodicity)) + goto fail; + + nla_nest_end(msg, config); + return 0; + +fail: + nla_nest_cancel(msg, config); + return -ENOBUFS; +} + struct nl80211_dump_wiphy_state { s64 filter_wiphy; long start; @@ -2797,6 +2891,9 @@ if (nl80211_put_sar_specs(rdev, msg)) goto nla_put_failure; + if (nl80211_put_mbssid_support(&rdev->wiphy, msg)) + goto nla_put_failure; + /* done */ state->split_start = 0; break; @@ -3282,6 +3379,7 @@ } if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && + netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_MONITOR && netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) { result = -EINVAL; goto out; @@ -3623,6 +3721,12 @@ goto nla_put_failure; } + if (rdev->ops->get_avg_busy_time) { + int busy = rdev->ops->get_avg_busy_time(&rdev->wiphy, dev); + nla_put_u32(msg, NL80211_ATTR_WIPHY_AVG_BUSY_TIME, + busy); + } + wdev_lock(wdev); switch (wdev->iftype) { case NL80211_IFTYPE_AP: @@ -3633,14 +3737,16 @@ case NL80211_IFTYPE_STATION: case NL80211_IFTYPE_P2P_CLIENT: case NL80211_IFTYPE_ADHOC: { - const u8 *ssid_ie; + const struct element *ssid_elem; + if (!wdev->current_bss) break; rcu_read_lock(); - ssid_ie = ieee80211_bss_get_ie(&wdev->current_bss->pub, + ssid_elem = ieee80211_bss_get_elem(&wdev->current_bss->pub, WLAN_EID_SSID); - if (ssid_ie && - nla_put(msg, NL80211_ATTR_SSID, ssid_ie[1], ssid_ie + 2)) + if (ssid_elem && + nla_put(msg, NL80211_ATTR_SSID, ssid_elem->datalen, + ssid_elem->data)) goto nla_put_failure_rcu_locked; rcu_read_unlock(); break; @@ -4995,6 +5101,96 @@ return 0; } +static int nl80211_parse_mbssid_config(struct wiphy *wiphy, + struct net_device *dev, + struct nlattr *attrs, + struct cfg80211_mbssid_config *config, + u8 num_elems) +{ + struct nlattr *tb[NL80211_MBSSID_CONFIG_ATTR_MAX + 1]; + + if (!wiphy->mbssid_max_interfaces) + return -EOPNOTSUPP; + + if (nla_parse_nested(tb, NL80211_MBSSID_CONFIG_ATTR_MAX, attrs, NULL, + NULL) || + !tb[NL80211_MBSSID_CONFIG_ATTR_INDEX]) + return -EINVAL; + + config->ema = nla_get_flag(tb[NL80211_MBSSID_CONFIG_ATTR_EMA]); + if (config->ema) { + if (!wiphy->ema_max_profile_periodicity) + return -EOPNOTSUPP; + + if (num_elems > wiphy->ema_max_profile_periodicity) + return -EINVAL; + } + + config->index = nla_get_u8(tb[NL80211_MBSSID_CONFIG_ATTR_INDEX]); + if (config->index >= wiphy->mbssid_max_interfaces || + (!config->index && !num_elems)) + return -EINVAL; + + if (tb[NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX]) { + u32 tx_ifindex = + nla_get_u32(tb[NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX]); + + if ((!config->index && tx_ifindex != dev->ifindex) || + (config->index && tx_ifindex == dev->ifindex)) + return -EINVAL; + + if (tx_ifindex != dev->ifindex) { + struct net_device *tx_netdev = + dev_get_by_index(wiphy_net(wiphy), tx_ifindex); + + if (!tx_netdev || !tx_netdev->ieee80211_ptr || + tx_netdev->ieee80211_ptr->wiphy != wiphy || + tx_netdev->ieee80211_ptr->iftype != + NL80211_IFTYPE_AP) { + dev_put(tx_netdev); + return -EINVAL; + } + + config->tx_wdev = tx_netdev->ieee80211_ptr; + } else { + config->tx_wdev = dev->ieee80211_ptr; + } + } else if (!config->index) { + config->tx_wdev = dev->ieee80211_ptr; + } else { + return -EINVAL; + } + + return 0; +} + +static struct cfg80211_mbssid_elems * +nl80211_parse_mbssid_elems(struct wiphy *wiphy, struct nlattr *attrs) +{ + struct nlattr *nl_elems; + struct cfg80211_mbssid_elems *elems; + int rem_elems; + u8 i = 0, num_elems = 0; + + if (!wiphy->mbssid_max_interfaces) + return ERR_PTR(-EINVAL); + + nla_for_each_nested(nl_elems, attrs, rem_elems) + num_elems++; + + elems = kzalloc(struct_size(elems, elem, num_elems), GFP_KERNEL); + if (!elems) + return ERR_PTR(-ENOMEM); + + nla_for_each_nested(nl_elems, attrs, rem_elems) { + elems->elem[i].data = nla_data(nl_elems); + elems->elem[i].len = nla_len(nl_elems); + i++; + } + elems->cnt = num_elems; + return elems; +} + static int nl80211_parse_beacon(struct cfg80211_registered_device *rdev, struct nlattr *attrs[], struct cfg80211_beacon_data *bcn) @@ -5075,6 +5271,17 @@ bcn->ftm_responder = -1; } + if (attrs[NL80211_ATTR_MBSSID_ELEMS]) { + struct cfg80211_mbssid_elems *mbssid = + nl80211_parse_mbssid_elems(&rdev->wiphy, + attrs[NL80211_ATTR_MBSSID_ELEMS]); + + if (IS_ERR(mbssid)) + return PTR_ERR(mbssid); + + bcn->mbssid_ies = mbssid; + } + return 0; } @@ -5206,21 +5413,21 @@ } static void nl80211_check_ap_rate_selectors(struct cfg80211_ap_settings *params, - const u8 *rates) + const struct element *rates) { int i; if (!rates) return; - for (i = 0; i < rates[1]; i++) { - if (rates[2 + i] == BSS_MEMBERSHIP_SELECTOR_HT_PHY) + for (i = 0; i < rates->datalen; i++) { + if (rates->data[i] == BSS_MEMBERSHIP_SELECTOR_HT_PHY) params->ht_required = true; - if (rates[2 + i] == BSS_MEMBERSHIP_SELECTOR_VHT_PHY) + if (rates->data[i] == BSS_MEMBERSHIP_SELECTOR_VHT_PHY) params->vht_required = true; - if (rates[2 + i] == BSS_MEMBERSHIP_SELECTOR_HE_PHY) + if (rates->data[i] == BSS_MEMBERSHIP_SELECTOR_HE_PHY) params->he_required = true; - if (rates[2 + i] == BSS_MEMBERSHIP_SELECTOR_SAE_H2E) + if (rates->data[i] == BSS_MEMBERSHIP_SELECTOR_SAE_H2E) params->sae_h2e_required = true; } } @@ -5235,27 +5442,27 @@ const struct cfg80211_beacon_data *bcn = ¶ms->beacon; size_t ies_len = bcn->tail_len; const u8 *ies = bcn->tail; - const u8 *rates; - const u8 *cap; + const struct element *rates; + const struct element *cap; - rates = cfg80211_find_ie(WLAN_EID_SUPP_RATES, ies, ies_len); + rates = cfg80211_find_elem(WLAN_EID_SUPP_RATES, ies, ies_len); nl80211_check_ap_rate_selectors(params, rates); - rates = cfg80211_find_ie(WLAN_EID_EXT_SUPP_RATES, ies, ies_len); + rates = cfg80211_find_elem(WLAN_EID_EXT_SUPP_RATES, ies, ies_len); nl80211_check_ap_rate_selectors(params, rates); - cap = cfg80211_find_ie(WLAN_EID_HT_CAPABILITY, ies, ies_len); - if (cap && cap[1] >= sizeof(*params->ht_cap)) - params->ht_cap = (void *)(cap + 2); - cap = cfg80211_find_ie(WLAN_EID_VHT_CAPABILITY, ies, ies_len); - if (cap && cap[1] >= sizeof(*params->vht_cap)) - params->vht_cap = (void *)(cap + 2); - cap = cfg80211_find_ext_ie(WLAN_EID_EXT_HE_CAPABILITY, ies, ies_len); - if (cap && cap[1] >= sizeof(*params->he_cap) + 1) - params->he_cap = (void *)(cap + 3); - cap = cfg80211_find_ext_ie(WLAN_EID_EXT_HE_OPERATION, ies, ies_len); - if (cap && cap[1] >= sizeof(*params->he_oper) + 1) - params->he_oper = (void *)(cap + 3); + cap = cfg80211_find_elem(WLAN_EID_HT_CAPABILITY, ies, ies_len); + if (cap && cap->datalen >= sizeof(*params->ht_cap)) + params->ht_cap = (void *)cap->data; + cap = cfg80211_find_elem(WLAN_EID_VHT_CAPABILITY, ies, ies_len); + if (cap && cap->datalen >= sizeof(*params->vht_cap)) + params->vht_cap = (void *)cap->data; + cap = cfg80211_find_ext_elem(WLAN_EID_EXT_HE_CAPABILITY, ies, ies_len); + if (cap && cap->datalen >= sizeof(*params->he_cap) + 1) + params->he_cap = (void *)(cap->data + 1); + cap = cfg80211_find_ext_elem(WLAN_EID_EXT_HE_OPERATION, ies, ies_len); + if (cap && cap->datalen >= sizeof(*params->he_oper) + 1) + params->he_oper = (void *)(cap->data + 1); } static bool nl80211_get_ap_channel(struct cfg80211_registered_device *rdev, @@ -5337,7 +5544,7 @@ struct cfg80211_registered_device *rdev = info->user_ptr[0]; struct net_device *dev = info->user_ptr[1]; struct wireless_dev *wdev = dev->ieee80211_ptr; - struct cfg80211_ap_settings params; + struct cfg80211_ap_settings *params; int err; if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && @@ -5350,27 +5557,29 @@ if (wdev->beacon_interval) return -EALREADY; - memset(¶ms, 0, sizeof(params)); - /* these are required for START_AP */ if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] || !info->attrs[NL80211_ATTR_DTIM_PERIOD] || !info->attrs[NL80211_ATTR_BEACON_HEAD]) return -EINVAL; - err = nl80211_parse_beacon(rdev, info->attrs, ¶ms.beacon); + params = kzalloc(sizeof(*params), GFP_KERNEL); + if (!params) + return -ENOMEM; + + err = nl80211_parse_beacon(rdev, info->attrs, ¶ms->beacon); if (err) - return err; + goto out; - params.beacon_interval = + params->beacon_interval = nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); - params.dtim_period = + params->dtim_period = nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]); err = cfg80211_validate_beacon_int(rdev, dev->ieee80211_ptr->iftype, - params.beacon_interval); + params->beacon_interval); if (err) - return err; + goto out; /* * In theory, some of these attributes should be required here @@ -5380,129 +5589,157 @@ * additional information -- drivers must check! */ if (info->attrs[NL80211_ATTR_SSID]) { - params.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); - params.ssid_len = + params->ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); + params->ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); - if (params.ssid_len == 0) - return -EINVAL; + if (params->ssid_len == 0) { + err = -EINVAL; + goto out; + } } if (info->attrs[NL80211_ATTR_HIDDEN_SSID]) - params.hidden_ssid = nla_get_u32( + params->hidden_ssid = nla_get_u32( info->attrs[NL80211_ATTR_HIDDEN_SSID]); - params.privacy = !!info->attrs[NL80211_ATTR_PRIVACY]; + params->privacy = !!info->attrs[NL80211_ATTR_PRIVACY]; if (info->attrs[NL80211_ATTR_AUTH_TYPE]) { - params.auth_type = nla_get_u32( + params->auth_type = nla_get_u32( info->attrs[NL80211_ATTR_AUTH_TYPE]); - if (!nl80211_valid_auth_type(rdev, params.auth_type, - NL80211_CMD_START_AP)) - return -EINVAL; + if (!nl80211_valid_auth_type(rdev, params->auth_type, + NL80211_CMD_START_AP)) { + err = -EINVAL; + goto out; + } } else - params.auth_type = NL80211_AUTHTYPE_AUTOMATIC; + params->auth_type = NL80211_AUTHTYPE_AUTOMATIC; - err = nl80211_crypto_settings(rdev, info, ¶ms.crypto, + err = nl80211_crypto_settings(rdev, info, ¶ms->crypto, NL80211_MAX_NR_CIPHER_SUITES); if (err) - return err; + goto out; if (info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]) { - if (!(rdev->wiphy.features & NL80211_FEATURE_INACTIVITY_TIMER)) - return -EOPNOTSUPP; - params.inactivity_timeout = nla_get_u16( + if (!(rdev->wiphy.features & NL80211_FEATURE_INACTIVITY_TIMER)) { + err = -EOPNOTSUPP; + goto out; + } + params->inactivity_timeout = nla_get_u16( info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]); } if (info->attrs[NL80211_ATTR_P2P_CTWINDOW]) { - if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) - return -EINVAL; - params.p2p_ctwindow = + if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) { + err = -EINVAL; + goto out; + } + params->p2p_ctwindow = nla_get_u8(info->attrs[NL80211_ATTR_P2P_CTWINDOW]); - if (params.p2p_ctwindow != 0 && - !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_CTWIN)) - return -EINVAL; + if (params->p2p_ctwindow != 0 && + !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_CTWIN)) { + err = -EINVAL; + goto out; + } } if (info->attrs[NL80211_ATTR_P2P_OPPPS]) { u8 tmp; - if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) - return -EINVAL; + if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) { + err = -EINVAL; + goto out; + } tmp = nla_get_u8(info->attrs[NL80211_ATTR_P2P_OPPPS]); - params.p2p_opp_ps = tmp; - if (params.p2p_opp_ps != 0 && - !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_OPPPS)) - return -EINVAL; + params->p2p_opp_ps = tmp; + if (params->p2p_opp_ps != 0 && + !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_OPPPS)) { + err = -EINVAL; + goto out; + } } if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { - err = nl80211_parse_chandef(rdev, info, ¶ms.chandef); + err = nl80211_parse_chandef(rdev, info, ¶ms->chandef); if (err) - return err; + goto out; } else if (wdev->preset_chandef.chan) { - params.chandef = wdev->preset_chandef; - } else if (!nl80211_get_ap_channel(rdev, ¶ms)) - return -EINVAL; + params->chandef = wdev->preset_chandef; + } else if (!nl80211_get_ap_channel(rdev, params)) { + err = -EINVAL; + goto out; + } - if (!cfg80211_reg_can_beacon_relax(&rdev->wiphy, ¶ms.chandef, - wdev->iftype)) - return -EINVAL; + if (!cfg80211_reg_can_beacon_relax(&rdev->wiphy, ¶ms->chandef, + wdev->iftype)) { + err = -EINVAL; + goto out; + } if (info->attrs[NL80211_ATTR_TX_RATES]) { err = nl80211_parse_tx_bitrate_mask(info, info->attrs, NL80211_ATTR_TX_RATES, - ¶ms.beacon_rate, + ¶ms->beacon_rate, dev, false); if (err) - return err; + goto out; - err = validate_beacon_tx_rate(rdev, params.chandef.chan->band, - ¶ms.beacon_rate); + err = validate_beacon_tx_rate(rdev, params->chandef.chan->band, + ¶ms->beacon_rate); if (err) - return err; + goto out; } if (info->attrs[NL80211_ATTR_SMPS_MODE]) { - params.smps_mode = + params->smps_mode = nla_get_u8(info->attrs[NL80211_ATTR_SMPS_MODE]); - switch (params.smps_mode) { + switch (params->smps_mode) { case NL80211_SMPS_OFF: break; case NL80211_SMPS_STATIC: if (!(rdev->wiphy.features & - NL80211_FEATURE_STATIC_SMPS)) - return -EINVAL; + NL80211_FEATURE_STATIC_SMPS)) { + err = -EINVAL; + goto out; + } break; case NL80211_SMPS_DYNAMIC: if (!(rdev->wiphy.features & - NL80211_FEATURE_DYNAMIC_SMPS)) - return -EINVAL; + NL80211_FEATURE_DYNAMIC_SMPS)) { + err = -EINVAL; + goto out; + } break; default: - return -EINVAL; + err = -EINVAL; + goto out; } } else { - params.smps_mode = NL80211_SMPS_OFF; + params->smps_mode = NL80211_SMPS_OFF; } - params.pbss = nla_get_flag(info->attrs[NL80211_ATTR_PBSS]); - if (params.pbss && !rdev->wiphy.bands[NL80211_BAND_60GHZ]) - return -EOPNOTSUPP; + params->pbss = nla_get_flag(info->attrs[NL80211_ATTR_PBSS]); + if (params->pbss && !rdev->wiphy.bands[NL80211_BAND_60GHZ]) { + err = -EOPNOTSUPP; + goto out; + } if (info->attrs[NL80211_ATTR_ACL_POLICY]) { - params.acl = parse_acl_data(&rdev->wiphy, info); - if (IS_ERR(params.acl)) - return PTR_ERR(params.acl); + params->acl = parse_acl_data(&rdev->wiphy, info); + if (IS_ERR(params->acl)) { + err = PTR_ERR(params->acl); + params->acl = NULL; + goto out; + } } - params.twt_responder = + params->twt_responder = nla_get_flag(info->attrs[NL80211_ATTR_TWT_RESPONDER]); if (info->attrs[NL80211_ATTR_HE_OBSS_PD]) { err = nl80211_parse_he_obss_pd( info->attrs[NL80211_ATTR_HE_OBSS_PD], - ¶ms.he_obss_pd); + ¶ms->he_obss_pd); if (err) goto out; } @@ -5510,7 +5747,7 @@ if (info->attrs[NL80211_ATTR_HE_BSS_COLOR]) { err = nl80211_parse_he_bss_color( info->attrs[NL80211_ATTR_HE_BSS_COLOR], - ¶ms.he_bss_color); + ¶ms->he_bss_color); if (err) goto out; } @@ -5518,7 +5755,7 @@ if (info->attrs[NL80211_ATTR_FILS_DISCOVERY]) { err = nl80211_parse_fils_discovery(rdev, info->attrs[NL80211_ATTR_FILS_DISCOVERY], - ¶ms); + params); if (err) goto out; } @@ -5526,24 +5763,38 @@ if (info->attrs[NL80211_ATTR_UNSOL_BCAST_PROBE_RESP]) { err = nl80211_parse_unsol_bcast_probe_resp( rdev, info->attrs[NL80211_ATTR_UNSOL_BCAST_PROBE_RESP], - ¶ms); + params); if (err) goto out; } - nl80211_calculate_ap_params(¶ms); + if (info->attrs[NL80211_ATTR_MBSSID_CONFIG]) { + err = nl80211_parse_mbssid_config(&rdev->wiphy, dev, + info->attrs[NL80211_ATTR_MBSSID_CONFIG], + ¶ms->mbssid_config, + params->beacon.mbssid_ies ? + params->beacon.mbssid_ies->cnt : + 0); + if (err) + goto out; + } + + nl80211_calculate_ap_params(params); - if (info->attrs[NL80211_ATTR_EXTERNAL_AUTH_SUPPORT]) - params.flags |= AP_SETTINGS_EXTERNAL_AUTH_SUPPORT; + if (info->attrs[NL80211_ATTR_AP_SETTINGS_FLAGS]) + params->flags = nla_get_u32( + info->attrs[NL80211_ATTR_AP_SETTINGS_FLAGS]); + else if (info->attrs[NL80211_ATTR_EXTERNAL_AUTH_SUPPORT]) + params->flags |= NL80211_AP_SETTINGS_EXTERNAL_AUTH_SUPPORT; wdev_lock(wdev); - err = rdev_start_ap(rdev, dev, ¶ms); + err = rdev_start_ap(rdev, dev, params); if (!err) { - wdev->preset_chandef = params.chandef; - wdev->beacon_interval = params.beacon_interval; - wdev->chandef = params.chandef; - wdev->ssid_len = params.ssid_len; - memcpy(wdev->ssid, params.ssid, wdev->ssid_len); + wdev->preset_chandef = params->chandef; + wdev->beacon_interval = params->beacon_interval; + wdev->chandef = params->chandef; + wdev->ssid_len = params->ssid_len; + memcpy(wdev->ssid, params->ssid, wdev->ssid_len); if (info->attrs[NL80211_ATTR_SOCKET_OWNER]) wdev->conn_owner_nlportid = info->snd_portid; @@ -5551,7 +5802,13 @@ wdev_unlock(wdev); out: - kfree(params.acl); + kfree(params->acl); + kfree(params->beacon.mbssid_ies); + if (params->mbssid_config.tx_wdev && + params->mbssid_config.tx_wdev->netdev && + params->mbssid_config.tx_wdev->netdev != dev) + dev_put(params->mbssid_config.tx_wdev->netdev); + kfree(params); return err; } @@ -5576,12 +5833,14 @@ err = nl80211_parse_beacon(rdev, info->attrs, ¶ms); if (err) - return err; + goto out; wdev_lock(wdev); err = rdev_change_beacon(rdev, dev, ¶ms); wdev_unlock(wdev); +out: + kfree(params.mbssid_ies); return err; } @@ -5726,6 +5985,14 @@ case RATE_INFO_BW_HE_RU: rate_flg = 0; WARN_ON(!(info->flags & RATE_INFO_FLAGS_HE_MCS)); + break; + case RATE_INFO_BW_320: + rate_flg = NL80211_RATE_INFO_320_MHZ_WIDTH; + break; + case RATE_INFO_BW_EHT_RU: + rate_flg = 0; + WARN_ON(!(info->flags & RATE_INFO_FLAGS_EHT_MCS)); + break; } if (rate_flg && nla_put_flag(msg, rate_flg)) @@ -5758,6 +6025,17 @@ nla_put_u8(msg, NL80211_RATE_INFO_HE_RU_ALLOC, info->he_ru_alloc)) return false; + } else if (info->flags & RATE_INFO_FLAGS_EHT_MCS) { + if (nla_put_u8(msg, NL80211_RATE_INFO_EHT_MCS, info->mcs)) + return false; + if (nla_put_u8(msg, NL80211_RATE_INFO_EHT_NSS, info->nss)) + return false; + if (nla_put_u8(msg, NL80211_RATE_INFO_EHT_GI, info->eht_gi)) + return false; + if (info->bw == RATE_INFO_BW_EHT_RU && + nla_put_u8(msg, NL80211_RATE_INFO_EHT_RU_ALLOC, + info->eht_ru_alloc)) + return false; } nla_nest_end(msg, rate); @@ -6172,7 +6450,7 @@ if (params->supported_rates) return -EINVAL; if (params->ext_capab || params->ht_capa || params->vht_capa || - params->he_capa) + params->he_capa || params->eht_capa) return -EINVAL; } @@ -6375,6 +6653,18 @@ nla_data(info->attrs[NL80211_ATTR_HE_CAPABILITY]); params->he_capa_len = nla_len(info->attrs[NL80211_ATTR_HE_CAPABILITY]); + + if (info->attrs[NL80211_ATTR_EHT_CAPABILITY]) { + params->eht_capa = + nla_data(info->attrs[NL80211_ATTR_EHT_CAPABILITY]); + params->eht_capa_len = + nla_len(info->attrs[NL80211_ATTR_EHT_CAPABILITY]); + + if (!ieee80211_eht_capa_size_ok((const u8 *)params->he_capa, + (const u8 *)params->eht_capa, + params->eht_capa_len)) + return -EINVAL; + } } err = nl80211_parse_sta_channel_info(info, params); @@ -6632,6 +6922,18 @@ nla_data(info->attrs[NL80211_ATTR_HE_CAPABILITY]); params.he_capa_len = nla_len(info->attrs[NL80211_ATTR_HE_CAPABILITY]); + + if (info->attrs[NL80211_ATTR_EHT_CAPABILITY]) { + params.eht_capa = + nla_data(info->attrs[NL80211_ATTR_EHT_CAPABILITY]); + params.eht_capa_len = + nla_len(info->attrs[NL80211_ATTR_EHT_CAPABILITY]); + + if (!ieee80211_eht_capa_size_ok((const u8 *)params.he_capa, + (const u8 *)params.eht_capa, + params.eht_capa_len)) + return -EINVAL; + } } if (info->attrs[NL80211_ATTR_HE_6GHZ_CAPABILITY]) @@ -6681,8 +6983,9 @@ params.ht_capa = NULL; params.vht_capa = NULL; - /* HE requires WME */ - if (params.he_capa_len || params.he_6ghz_capa) + /* HE and EHT require WME */ + if (params.he_capa_len || params.he_6ghz_capa || + params.eht_capa_len) return -EINVAL; } @@ -7739,6 +8042,11 @@ reg_rule->dfs_cac_ms)) goto nla_put_failure; + if ((reg_rule->flags & NL80211_RRF_PSD) && + nla_put_s8(msg, NL80211_ATTR_POWER_RULE_PSD, + reg_rule->psd)) + goto nla_put_failure; + nla_nest_end(msg, nl_reg_rule); } @@ -7755,6 +8063,7 @@ struct cfg80211_registered_device *rdev; struct wiphy *wiphy = NULL; struct sk_buff *msg; + int err = -EMSGSIZE; void *hdr; msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); @@ -7773,34 +8082,35 @@ rdev = cfg80211_get_dev_from_info(genl_info_net(info), info); if (IS_ERR(rdev)) { - nlmsg_free(msg); - rtnl_unlock(); - return PTR_ERR(rdev); + err = PTR_ERR(rdev); + goto nla_put_failure; } wiphy = &rdev->wiphy; self_managed = wiphy->regulatory_flags & REGULATORY_WIPHY_SELF_MANAGED; + + rcu_read_lock(); + regdom = get_wiphy_regdom(wiphy); /* a self-managed-reg device must have a private regdom */ if (WARN_ON(!regdom && self_managed)) { - nlmsg_free(msg); - rtnl_unlock(); - return -EINVAL; + err = -EINVAL; + goto nla_put_failure_rcu; } if (regdom && nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy))) - goto nla_put_failure; + goto nla_put_failure_rcu; + } else { + rcu_read_lock(); } if (!wiphy && reg_last_request_cell_base() && nla_put_u32(msg, NL80211_ATTR_USER_REG_HINT_TYPE, NL80211_USER_REG_HINT_CELL_BASE)) - goto nla_put_failure; - - rcu_read_lock(); + goto nla_put_failure_rcu; if (!regdom) regdom = rcu_dereference(cfg80211_regdomain); @@ -7820,7 +8130,7 @@ rtnl_unlock(); put_failure: nlmsg_free(msg); - return -EMSGSIZE; + return err; } static int nl80211_send_regdom(struct sk_buff *msg, struct netlink_callback *cb, @@ -7866,19 +8176,19 @@ struct cfg80211_registered_device *rdev; int err, reg_idx, start = cb->args[2]; - rtnl_lock(); + rcu_read_lock(); if (cfg80211_regdomain && start == 0) { err = nl80211_send_regdom(skb, cb, cb->nlh->nlmsg_seq, NLM_F_MULTI, NULL, - rtnl_dereference(cfg80211_regdomain)); + rcu_dereference(cfg80211_regdomain)); if (err < 0) goto out_err; } /* the global regdom is idx 0 */ reg_idx = 1; - list_for_each_entry(rdev, &cfg80211_rdev_list, list) { + list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) { regdom = get_wiphy_regdom(&rdev->wiphy); if (!regdom) continue; @@ -7897,7 +8207,7 @@ cb->args[2] = reg_idx; err = skb->len; out_err: - rtnl_unlock(); + rcu_read_unlock(); return err; } @@ -7910,6 +8220,7 @@ [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 }, [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 }, [NL80211_ATTR_DFS_CAC_TIME] = { .type = NLA_U32 }, + [NL80211_ATTR_POWER_RULE_PSD] = { .type = NLA_S8 }, }; static int parse_reg_rule(struct nlattr *tb[], @@ -7931,6 +8242,14 @@ reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]); + if (reg_rule->flags & NL80211_RRF_PSD) { + if (!tb[NL80211_ATTR_POWER_RULE_PSD]) + return -EINVAL; + + reg_rule->psd = + nla_get_s8(tb[NL80211_ATTR_POWER_RULE_PSD]); + } + freq_range->start_freq_khz = nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]); freq_range->end_freq_khz = @@ -9088,38 +9407,60 @@ struct cfg80211_chan_def chandef; enum nl80211_dfs_regions dfs_region; unsigned int cac_time_ms; - int err; + int err = -EINVAL; + + flush_delayed_work(&rdev->dfs_update_channels_wk); + + wiphy_lock(wiphy); dfs_region = reg_get_dfs_region(wiphy); if (dfs_region == NL80211_DFS_UNSET) - return -EINVAL; + goto unlock; err = nl80211_parse_chandef(rdev, info, &chandef); if (err) - return err; - - if (netif_carrier_ok(dev)) - return -EBUSY; - - if (wdev->cac_started) - return -EBUSY; + goto unlock; err = cfg80211_chandef_dfs_required(wiphy, &chandef, wdev->iftype); if (err < 0) - return err; + goto unlock; - if (err == 0) - return -EINVAL; + if (err == 0) { + err = -EINVAL; + goto unlock; + } - if (!cfg80211_chandef_dfs_usable(wiphy, &chandef)) - return -EINVAL; + if (!cfg80211_chandef_dfs_usable(wiphy, &chandef)) { + err = -EINVAL; + goto unlock; + } + + if (nla_get_flag(info->attrs[NL80211_ATTR_RADAR_BACKGROUND])) { + err = cfg80211_start_background_radar_detection(rdev, wdev, + &chandef); + goto unlock; + } + + if (netif_carrier_ok(dev)) { + err = -EBUSY; + goto unlock; + } + + if (wdev->cac_started) { + err = -EBUSY; + goto unlock; + } /* CAC start is offloaded to HW and can't be started manually */ - if (wiphy_ext_feature_isset(wiphy, NL80211_EXT_FEATURE_DFS_OFFLOAD)) - return -EOPNOTSUPP; + if (wiphy_ext_feature_isset(wiphy, NL80211_EXT_FEATURE_DFS_OFFLOAD)) { + err = -EOPNOTSUPP; + goto unlock; + } - if (!rdev->ops->start_radar_detection) - return -EOPNOTSUPP; + if (!rdev->ops->start_radar_detection) { + err = -EOPNOTSUPP; + goto unlock; + } cac_time_ms = cfg80211_chandef_dfs_cac_time(&rdev->wiphy, &chandef); if (WARN_ON(!cac_time_ms)) @@ -9132,6 +9473,9 @@ wdev->cac_start_time = jiffies; wdev->cac_time_ms = cac_time_ms; } +unlock: + wiphy_unlock(wiphy); + return err; } @@ -9258,12 +9602,14 @@ err = nl80211_parse_beacon(rdev, info->attrs, ¶ms.beacon_after); if (err) - return err; + goto free; csa_attrs = kcalloc(NL80211_ATTR_MAX + 1, sizeof(*csa_attrs), GFP_KERNEL); - if (!csa_attrs) - return -ENOMEM; + if (!csa_attrs) { + err = -ENOMEM; + goto free; + } err = nla_parse_nested_deprecated(csa_attrs, NL80211_ATTR_MAX, info->attrs[NL80211_ATTR_CSA_IES], @@ -9381,6 +9727,8 @@ wdev_unlock(wdev); free: + kfree(params.beacon_after.mbssid_ies); + kfree(params.beacon_csa.mbssid_ies); kfree(csa_attrs); return err; } @@ -10330,6 +10678,8 @@ NL80211_EXT_FEATURE_VHT_IBSS)) return -EINVAL; break; + case NL80211_CHAN_WIDTH_320: + return -EINVAL; default: return -EINVAL; } @@ -11786,8 +12136,9 @@ if (n_thresholds) { struct cfg80211_cqm_config *cqm_config; - cqm_config = kzalloc(sizeof(struct cfg80211_cqm_config) + - n_thresholds * sizeof(s32), GFP_KERNEL); + cqm_config = kzalloc(struct_size(cqm_config, rssi_thresholds, + n_thresholds), + GFP_KERNEL); if (!cqm_config) { err = -ENOMEM; goto unlock; @@ -11796,7 +12147,8 @@ cqm_config->rssi_hyst = hysteresis; cqm_config->n_rssi_thresholds = n_thresholds; memcpy(cqm_config->rssi_thresholds, thresholds, - n_thresholds * sizeof(s32)); + flex_array_size(cqm_config, rssi_thresholds, + n_thresholds)); wdev->cqm_config = cqm_config; } @@ -14931,10 +15283,35 @@ wdev_unlock(wdev); out: + kfree(params.beacon_next.mbssid_ies); + kfree(params.beacon_color_change.mbssid_ies); kfree(tb); return err; } +static int nl80211_set_fils_aad(struct sk_buff *skb, + struct genl_info *info) +{ + struct cfg80211_registered_device *rdev = info->user_ptr[0]; + struct net_device *dev = info->user_ptr[1]; + struct cfg80211_fils_aad fils_aad = {}; + u8 *nonces; + + if (!info->attrs[NL80211_ATTR_MAC] || + !info->attrs[NL80211_ATTR_FILS_KEK] || + !info->attrs[NL80211_ATTR_FILS_NONCES]) + return -EINVAL; + + fils_aad.macaddr = nla_data(info->attrs[NL80211_ATTR_MAC]); + fils_aad.kek_len = nla_len(info->attrs[NL80211_ATTR_FILS_KEK]); + fils_aad.kek = nla_data(info->attrs[NL80211_ATTR_FILS_KEK]); + nonces = nla_data(info->attrs[NL80211_ATTR_FILS_NONCES]); + fils_aad.snonce = nonces; + fils_aad.anonce = nonces + FILS_NONCE_LEN; + + return rdev_set_fils_aad(rdev, dev, &fils_aad); +} + #define NL80211_FLAG_NEED_WIPHY 0x01 #define NL80211_FLAG_NEED_NETDEV 0x02 #define NL80211_FLAG_NEED_RTNL 0x04 @@ -15112,9 +15489,7 @@ if (specs > rdev->wiphy.sar_capa->num_freq_ranges) return -EINVAL; - sar_spec = kzalloc(sizeof(*sar_spec) + - specs * sizeof(struct cfg80211_sar_sub_specs), - GFP_KERNEL); + sar_spec = kzalloc(struct_size(sar_spec, sub_specs, specs), GFP_KERNEL); if (!sar_spec) return -ENOMEM; @@ -15756,7 +16131,8 @@ .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, .doit = nl80211_start_radar_detection, .flags = GENL_UNS_ADMIN_PERM, - .internal_flags = NL80211_FLAG_NEED_NETDEV_UP, + .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | + NL80211_FLAG_NO_WIPHY_MTX, }, { .cmd = NL80211_CMD_GET_PROTOCOL_FEATURES, @@ -15938,6 +16314,13 @@ .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | NL80211_FLAG_NEED_RTNL, }, + { + .cmd = NL80211_CMD_SET_FILS_AAD, + .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, + .doit = nl80211_set_fils_aad, + .flags = GENL_UNS_ADMIN_PERM, + .internal_flags = NL80211_FLAG_NEED_NETDEV_UP, + }, }; static struct genl_family nl80211_fam __ro_after_init = { @@ -16830,6 +17213,44 @@ nlmsg_free(msg); } +void cfg80211_assoc_comeback(struct net_device *netdev, + struct cfg80211_bss *bss, u32 timeout) +{ + struct wireless_dev *wdev = netdev->ieee80211_ptr; + struct wiphy *wiphy = wdev->wiphy; + struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); + struct sk_buff *msg; + void *hdr; + + trace_cfg80211_assoc_comeback(wdev, bss->bssid, timeout); + + msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); + if (!msg) + return; + + hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ASSOC_COMEBACK); + if (!hdr) { + nlmsg_free(msg); + return; + } + + if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || + nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) || + nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bss->bssid) || + nla_put_u32(msg, NL80211_ATTR_TIMEOUT, timeout)) + goto nla_put_failure; + + genlmsg_end(msg, hdr); + + genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, + NL80211_MCGRP_MLME, GFP_KERNEL); + return; + + nla_put_failure: + nlmsg_free(msg); +} +EXPORT_SYMBOL(cfg80211_assoc_comeback); + void cfg80211_ready_on_channel(struct wireless_dev *wdev, u64 cookie, struct ieee80211_channel *chan, unsigned int duration, gfp_t gfp) diff -ruw linux-5.15.42/net/wireless/pmsr.c linux-5.15.42-fbx/net/wireless/pmsr.c --- linux-5.15.42/net/wireless/pmsr.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/wireless/pmsr.c 2024-04-22 14:46:58.388281226 +0200 @@ -2,8 +2,6 @@ /* * Copyright (C) 2018 - 2021 Intel Corporation */ -#ifndef __PMSR_H -#define __PMSR_H #include #include "core.h" #include "nl80211.h" @@ -661,5 +659,3 @@ } spin_unlock_bh(&wdev->pmsr_lock); } - -#endif /* __PMSR_H */ diff -ruw linux-5.15.42/net/wireless/rdev-ops.h linux-5.15.42-fbx/net/wireless/rdev-ops.h --- linux-5.15.42/net/wireless/rdev-ops.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/wireless/rdev-ops.h 2024-04-22 14:46:58.388281226 +0200 @@ -1381,4 +1381,35 @@ return ret; } +static inline int +rdev_set_fils_aad(struct cfg80211_registered_device *rdev, + struct net_device *dev, struct cfg80211_fils_aad *fils_aad) +{ + int ret = -EOPNOTSUPP; + + trace_rdev_set_fils_aad(&rdev->wiphy, dev, fils_aad); + if (rdev->ops->set_fils_aad) + ret = rdev->ops->set_fils_aad(&rdev->wiphy, dev, fils_aad); + trace_rdev_return_int(&rdev->wiphy, ret); + + return ret; +} + +static inline int +rdev_set_radar_background(struct cfg80211_registered_device *rdev, + struct cfg80211_chan_def *chandef) +{ + struct wiphy *wiphy = &rdev->wiphy; + int ret; + + if (!rdev->ops->set_radar_background) + return -EOPNOTSUPP; + + trace_rdev_set_radar_background(wiphy, chandef); + ret = rdev->ops->set_radar_background(wiphy, chandef); + trace_rdev_return_int(wiphy, ret); + + return ret; +} + #endif /* __CFG80211_RDEV_OPS */ diff -ruw linux-5.15.42/net/wireless/reg.c linux-5.15.42-fbx/net/wireless/reg.c --- linux-5.15.42/net/wireless/reg.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/wireless/reg.c 2024-04-22 14:46:58.392281335 +0200 @@ -133,6 +133,7 @@ static void restore_regulatory_settings(bool reset_user, bool cached); static void print_regdomain(const struct ieee80211_regdomain *rd); +static void reg_process_hint(struct regulatory_request *reg_request); static const struct ieee80211_regdomain *get_cfg80211_regdom(void) { @@ -1098,6 +1099,8 @@ const struct firmware *fw; void *db; int err; + const struct ieee80211_regdomain *current_regdomain; + struct regulatory_request *request; err = request_firmware(&fw, "regulatory.db", ®_pdev->dev); if (err) @@ -1118,8 +1121,26 @@ if (!IS_ERR_OR_NULL(regdb)) kfree(regdb); regdb = db; - rtnl_unlock(); + /* reset regulatory domain */ + current_regdomain = get_cfg80211_regdom(); + + request = kzalloc(sizeof(*request), GFP_KERNEL); + if (!request) { + err = -ENOMEM; + goto out_unlock; + } + + request->wiphy_idx = WIPHY_IDX_INVALID; + request->alpha2[0] = current_regdomain->alpha2[0]; + request->alpha2[1] = current_regdomain->alpha2[1]; + request->initiator = NL80211_REGDOM_SET_BY_CORE; + request->user_reg_hint_type = NL80211_USER_REG_HINT_USER; + + reg_process_hint(request); + +out_unlock: + rtnl_unlock(); out: release_firmware(fw); return err; @@ -1217,6 +1238,8 @@ { unsigned int bw = reg_get_max_bandwidth_from_range(rd, rule); + if (rule->flags & NL80211_RRF_NO_320MHZ) + bw = min_t(unsigned int, bw, MHZ_TO_KHZ(160)); if (rule->flags & NL80211_RRF_NO_160MHZ) bw = min_t(unsigned int, bw, MHZ_TO_KHZ(80)); if (rule->flags & NL80211_RRF_NO_80MHZ) @@ -1590,6 +1613,10 @@ channel_flags |= IEEE80211_CHAN_NO_160MHZ; if (rd_flags & NL80211_RRF_NO_HE) channel_flags |= IEEE80211_CHAN_NO_HE; + if (rd_flags & NL80211_RRF_NO_320MHZ) + channel_flags |= IEEE80211_CHAN_NO_320MHZ; + if (rd_flags & NL80211_RRF_PSD) + channel_flags |= IEEE80211_CHAN_PSD; return channel_flags; } @@ -1752,6 +1779,8 @@ bw_flags |= IEEE80211_CHAN_NO_80MHZ; if (max_bandwidth_khz < MHZ_TO_KHZ(160)) bw_flags |= IEEE80211_CHAN_NO_160MHZ; + if (max_bandwidth_khz < MHZ_TO_KHZ(320)) + bw_flags |= IEEE80211_CHAN_NO_320MHZ; } return bw_flags; } @@ -1790,10 +1819,16 @@ if (chan->flags & IEEE80211_CHAN_RADAR) { chan->dfs_cac_ms = IEEE80211_DFS_MIN_CAC_TIME_MS; + if (chan->center_freq >= 5600 && + chan->center_freq <= 5650) + chan->dfs_cac_ms = IEEE80211_DFS_WEATHER_MIN_CAC_TIME_MS; if (reg_rule->dfs_cac_ms) chan->dfs_cac_ms = reg_rule->dfs_cac_ms; } + if (chan->flags & IEEE80211_CHAN_PSD) + chan->psd = reg_rule->psd; + return; } @@ -1810,9 +1845,17 @@ if (chan->flags & IEEE80211_CHAN_RADAR) { if (reg_rule->dfs_cac_ms) chan->dfs_cac_ms = reg_rule->dfs_cac_ms; + else { + if (chan->center_freq >= 5600 && + chan->center_freq <= 5650) + chan->dfs_cac_ms = IEEE80211_DFS_WEATHER_MIN_CAC_TIME_MS; else chan->dfs_cac_ms = IEEE80211_DFS_MIN_CAC_TIME_MS; } + } + + if (chan->flags & IEEE80211_CHAN_PSD) + chan->psd = reg_rule->psd; if (chan->orig_mpwr) { /* @@ -1883,6 +1926,12 @@ rrule2->dfs_cac_ms); } + if ((rrule1->flags & NL80211_RRF_PSD) && + (rrule2->flags & NL80211_RRF_PSD)) + chan->psd = min_t(s8, rrule1->psd, rrule2->psd); + else + chan->flags &= ~NL80211_RRF_PSD; + return; } @@ -2350,6 +2399,7 @@ switch (iftype) { case NL80211_IFTYPE_AP: case NL80211_IFTYPE_P2P_GO: + case NL80211_IFTYPE_MESH_POINT: if (!wdev->beacon_interval) goto wdev_inactive_unlock; chandef = wdev->chandef; @@ -2388,6 +2438,7 @@ case NL80211_IFTYPE_AP: case NL80211_IFTYPE_P2P_GO: case NL80211_IFTYPE_ADHOC: + case NL80211_IFTYPE_MESH_POINT: wiphy_lock(wiphy); ret = cfg80211_reg_can_beacon_relax(wiphy, &chandef, iftype); wiphy_unlock(wiphy); @@ -2545,6 +2596,9 @@ chan->dfs_cac_ms = IEEE80211_DFS_MIN_CAC_TIME_MS; } + if (chan->flags & IEEE80211_CHAN_PSD) + chan->psd = reg_rule->psd; + chan->max_power = chan->max_reg_power; } diff -ruw linux-5.15.42/net/wireless/scan.c linux-5.15.42-fbx/net/wireless/scan.c --- linux-5.15.42/net/wireless/scan.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/wireless/scan.c 2024-04-22 14:46:58.392281335 +0200 @@ -143,18 +143,12 @@ lockdep_assert_held(&rdev->bss_lock); bss->refcount++; - if (bss->pub.hidden_beacon_bss) { - bss = container_of(bss->pub.hidden_beacon_bss, - struct cfg80211_internal_bss, - pub); - bss->refcount++; - } - if (bss->pub.transmitted_bss) { - bss = container_of(bss->pub.transmitted_bss, - struct cfg80211_internal_bss, - pub); - bss->refcount++; - } + + if (bss->pub.hidden_beacon_bss) + bss_from_pub(bss->pub.hidden_beacon_bss)->refcount++; + + if (bss->pub.transmitted_bss) + bss_from_pub(bss->pub.transmitted_bss)->refcount++; } static inline void bss_ref_put(struct cfg80211_registered_device *rdev, @@ -304,7 +298,8 @@ tmp_old = cfg80211_find_ie(WLAN_EID_SSID, ie, ielen); tmp_old = (tmp_old) ? tmp_old + tmp_old[1] + 2 : ie; - while (tmp_old + tmp_old[1] + 2 - ie <= ielen) { + while (tmp_old + 2 - ie <= ielen && + tmp_old + tmp_old[1] + 2 - ie <= ielen) { if (tmp_old[0] == 0) { tmp_old++; continue; @@ -364,7 +359,8 @@ * copied to new ie, skip ssid, capability, bssid-index ie */ tmp_new = sub_copy; - while (tmp_new + tmp_new[1] + 2 - sub_copy <= subie_len) { + while (tmp_new + 2 - sub_copy <= subie_len && + tmp_new + tmp_new[1] + 2 - sub_copy <= subie_len) { if (!(tmp_new[0] == WLAN_EID_NON_TX_BSSID_CAP || tmp_new[0] == WLAN_EID_SSID)) { memcpy(pos, tmp_new, tmp_new[1] + 2); @@ -383,7 +379,7 @@ const u8 *ssid, size_t ssid_len) { const struct cfg80211_bss_ies *ies; - const u8 *ssidie; + const struct element *ssid_elem; if (bssid && !ether_addr_equal(a->bssid, bssid)) return false; @@ -394,34 +390,32 @@ ies = rcu_access_pointer(a->ies); if (!ies) return false; - ssidie = cfg80211_find_ie(WLAN_EID_SSID, ies->data, ies->len); - if (!ssidie) + ssid_elem = cfg80211_find_elem(WLAN_EID_SSID, ies->data, ies->len); + if (!ssid_elem) return false; - if (ssidie[1] != ssid_len) + if (ssid_elem->datalen != ssid_len) return false; - return memcmp(ssidie + 2, ssid, ssid_len) == 0; + return memcmp(ssid_elem->data, ssid, ssid_len) == 0; } static int cfg80211_add_nontrans_list(struct cfg80211_bss *trans_bss, struct cfg80211_bss *nontrans_bss) { - const u8 *ssid; - size_t ssid_len; + const struct element *ssid_elem; struct cfg80211_bss *bss = NULL; rcu_read_lock(); - ssid = ieee80211_bss_get_ie(nontrans_bss, WLAN_EID_SSID); - if (!ssid) { + ssid_elem = ieee80211_bss_get_elem(nontrans_bss, WLAN_EID_SSID); + if (!ssid_elem) { rcu_read_unlock(); return -EINVAL; } - ssid_len = ssid[1]; - ssid = ssid + 2; /* check if nontrans_bss is in the list */ list_for_each_entry(bss, &trans_bss->nontrans_list, nontrans_list) { - if (is_bss(bss, nontrans_bss->bssid, ssid, ssid_len)) { + if (is_bss(bss, nontrans_bss->bssid, ssid_elem->data, + ssid_elem->datalen)) { rcu_read_unlock(); return 0; } @@ -429,6 +423,15 @@ rcu_read_unlock(); + /* + * This is a bit weird - it's not on the list, but already on another + * one! The only way that could happen is if there's some BSSID/SSID + * shared by multiple APs in their multi-BSSID profiles, potentially + * with hidden SSID mixed in ... ignore it. + */ + if (!list_empty(&nontrans_bss->nontrans_list)) + return -EINVAL; + /* add to the list */ list_add_tail(&nontrans_bss->nontrans_list, &trans_bss->nontrans_list); return 0; @@ -1604,6 +1607,23 @@ u8 bssid_index; }; +static void cfg80211_update_hidden_bsses(struct cfg80211_internal_bss *known, + const struct cfg80211_bss_ies *new_ies, + const struct cfg80211_bss_ies *old_ies) +{ + struct cfg80211_internal_bss *bss; + + /* Assign beacon IEs to all sub entries */ + list_for_each_entry(bss, &known->hidden_list, hidden_list) { + const struct cfg80211_bss_ies *ies; + + ies = rcu_access_pointer(bss->pub.beacon_ies); + WARN_ON(ies != old_ies); + + rcu_assign_pointer(bss->pub.beacon_ies, new_ies); + } +} + static bool cfg80211_update_known_bss(struct cfg80211_registered_device *rdev, struct cfg80211_internal_bss *known, @@ -1627,7 +1647,6 @@ kfree_rcu((struct cfg80211_bss_ies *)old, rcu_head); } else if (rcu_access_pointer(new->pub.beacon_ies)) { const struct cfg80211_bss_ies *old; - struct cfg80211_internal_bss *bss; if (known->pub.hidden_beacon_bss && !list_empty(&known->hidden_list)) { @@ -1655,16 +1674,7 @@ if (old == rcu_access_pointer(known->pub.ies)) rcu_assign_pointer(known->pub.ies, new->pub.beacon_ies); - /* Assign beacon IEs to all sub entries */ - list_for_each_entry(bss, &known->hidden_list, hidden_list) { - const struct cfg80211_bss_ies *ies; - - ies = rcu_access_pointer(bss->pub.beacon_ies); - WARN_ON(ies != old); - - rcu_assign_pointer(bss->pub.beacon_ies, - new->pub.beacon_ies); - } + cfg80211_update_hidden_bsses(known, new->pub.beacon_ies, old); if (old) kfree_rcu((struct cfg80211_bss_ies *)old, rcu_head); @@ -1741,6 +1751,8 @@ new->refcount = 1; INIT_LIST_HEAD(&new->hidden_list); INIT_LIST_HEAD(&new->pub.nontrans_list); + /* we'll set this later if it was non-NULL */ + new->pub.transmitted_bss = NULL; if (rcu_access_pointer(tmp->pub.proberesp_ies)) { hidden = rb_find_bss(rdev, tmp, BSS_CMP_HIDE_ZLEN); @@ -1801,44 +1813,76 @@ return NULL; } +int cfg80211_get_ies_channel_number(const u8 *ie, size_t ielen, + enum nl80211_band band, + enum cfg80211_bss_frame_type ftype) +{ + const struct element *tmp; + + if (band == NL80211_BAND_6GHZ) { + struct ieee80211_he_operation *he_oper; + + tmp = cfg80211_find_ext_elem(WLAN_EID_EXT_HE_OPERATION, ie, + ielen); + if (tmp && tmp->datalen >= sizeof(*he_oper) && + tmp->datalen >= ieee80211_he_oper_size(&tmp->data[1])) { + const struct ieee80211_he_6ghz_oper *he_6ghz_oper; + + he_oper = (void *)&tmp->data[1]; + + he_6ghz_oper = ieee80211_he_6ghz_oper(he_oper); + if (!he_6ghz_oper) + return -1; + + if (ftype != CFG80211_BSS_FTYPE_BEACON || + he_6ghz_oper->control & IEEE80211_HE_6GHZ_OPER_CTRL_DUP_BEACON) + return he_6ghz_oper->primary; + } + } else if (band == NL80211_BAND_S1GHZ) { + tmp = cfg80211_find_elem(WLAN_EID_S1G_OPERATION, ie, ielen); + if (tmp && tmp->datalen >= sizeof(struct ieee80211_s1g_oper_ie)) { + struct ieee80211_s1g_oper_ie *s1gop = (void *)tmp->data; + + return s1gop->primary_ch; + } + } else { + tmp = cfg80211_find_elem(WLAN_EID_DS_PARAMS, ie, ielen); + if (tmp && tmp->datalen == 1) + return tmp->data[0]; + + tmp = cfg80211_find_elem(WLAN_EID_HT_OPERATION, ie, ielen); + if (tmp && + tmp->datalen >= sizeof(struct ieee80211_ht_operation)) { + struct ieee80211_ht_operation *htop = (void *)tmp->data; + + return htop->primary_chan; + } + } + + return -1; +} +EXPORT_SYMBOL(cfg80211_get_ies_channel_number); + /* * Update RX channel information based on the available frame payload * information. This is mainly for the 2.4 GHz band where frames can be received * from neighboring channels and the Beacon frames use the DSSS Parameter Set * element to indicate the current (transmitting) channel, but this might also * be needed on other bands if RX frequency does not match with the actual - * operating channel of a BSS. + * operating channel of a BSS, or if the AP reports a different primary channel. */ static struct ieee80211_channel * cfg80211_get_bss_channel(struct wiphy *wiphy, const u8 *ie, size_t ielen, struct ieee80211_channel *channel, - enum nl80211_bss_scan_width scan_width) + enum nl80211_bss_scan_width scan_width, + enum cfg80211_bss_frame_type ftype) { - const u8 *tmp; u32 freq; - int channel_number = -1; + int channel_number; struct ieee80211_channel *alt_channel; - if (channel->band == NL80211_BAND_S1GHZ) { - tmp = cfg80211_find_ie(WLAN_EID_S1G_OPERATION, ie, ielen); - if (tmp && tmp[1] >= sizeof(struct ieee80211_s1g_oper_ie)) { - struct ieee80211_s1g_oper_ie *s1gop = (void *)(tmp + 2); - - channel_number = s1gop->primary_ch; - } - } else { - tmp = cfg80211_find_ie(WLAN_EID_DS_PARAMS, ie, ielen); - if (tmp && tmp[1] == 1) { - channel_number = tmp[2]; - } else { - tmp = cfg80211_find_ie(WLAN_EID_HT_OPERATION, ie, ielen); - if (tmp && tmp[1] >= sizeof(struct ieee80211_ht_operation)) { - struct ieee80211_ht_operation *htop = (void *)(tmp + 2); - - channel_number = htop->primary_chan; - } - } - } + channel_number = cfg80211_get_ies_channel_number(ie, ielen, + channel->band, ftype); if (channel_number < 0) { /* No channel information in frame payload */ @@ -1846,6 +1890,16 @@ } freq = ieee80211_channel_to_freq_khz(channel_number, channel->band); + + /* + * In 6GHz, duplicated beacon indication is relevant for + * beacons only. + */ + if (channel->band == NL80211_BAND_6GHZ && + (freq == channel->center_freq || + abs(freq - channel->center_freq) > 80)) + return channel; + alt_channel = ieee80211_get_channel_khz(wiphy, freq); if (!alt_channel) { if (channel->band == NL80211_BAND_2GHZ) { @@ -1907,7 +1961,7 @@ return NULL; channel = cfg80211_get_bss_channel(wiphy, ie, ielen, data->chan, - data->scan_width); + data->scan_width, ftype); if (!channel) return NULL; @@ -1981,10 +2035,15 @@ spin_lock_bh(&rdev->bss_lock); if (cfg80211_add_nontrans_list(non_tx_data->tx_bss, &res->pub)) { - if (__cfg80211_unlink_bss(rdev, res)) + if (__cfg80211_unlink_bss(rdev, res)) { rdev->bss_generation++; + res = NULL; + } } spin_unlock_bh(&rdev->bss_lock); + + if (!res) + return NULL; } trace_cfg80211_return_bss(&res->pub); @@ -2084,12 +2143,12 @@ if (!non_tx_data) return; - if (!cfg80211_find_ie(WLAN_EID_MULTIPLE_BSSID, ie, ielen)) + if (!cfg80211_find_elem(WLAN_EID_MULTIPLE_BSSID, ie, ielen)) return; if (!wiphy->support_mbssid) return; if (wiphy->support_only_he_mbssid && - !cfg80211_find_ext_ie(WLAN_EID_EXT_HE_CAPABILITY, ie, ielen)) + !cfg80211_find_ext_elem(WLAN_EID_EXT_HE_CAPABILITY, ie, ielen)) return; new_ie = kmalloc(IEEE80211_MAX_DATA_LEN, gfp); @@ -2103,6 +2162,8 @@ for_each_element_id(elem, WLAN_EID_MULTIPLE_BSSID, ie, ielen) { if (elem->datalen < 4) continue; + if (elem->data[0] < 1 || (int)elem->data[0] > 8) + continue; for_each_element(sub, elem->data + 1, elem->datalen - 1) { u8 profile_len; @@ -2232,13 +2293,14 @@ struct ieee80211_mgmt *mgmt, size_t len) { u8 *ie, *new_ie, *pos; - const u8 *nontrans_ssid, *trans_ssid, *mbssid; + const struct element *nontrans_ssid; + const u8 *trans_ssid, *mbssid; size_t ielen = len - offsetof(struct ieee80211_mgmt, u.probe_resp.variable); size_t new_ie_len; struct cfg80211_bss_ies *new_ies; const struct cfg80211_bss_ies *old; - u8 cpy_len; + size_t cpy_len; lockdep_assert_held(&wiphy_to_rdev(wiphy)->bss_lock); @@ -2259,11 +2321,11 @@ return; new_ie_len -= mbssid[1]; - nontrans_ssid = ieee80211_bss_get_ie(nontrans_bss, WLAN_EID_SSID); + nontrans_ssid = ieee80211_bss_get_elem(nontrans_bss, WLAN_EID_SSID); if (!nontrans_ssid) return; - new_ie_len += nontrans_ssid[1]; + new_ie_len += nontrans_ssid->datalen; /* generate new ie for nontrans BSS * 1. replace SSID with nontrans BSS' SSID @@ -2280,7 +2342,7 @@ pos = new_ie; /* copy the nontransmitted SSID */ - cpy_len = nontrans_ssid[1] + 2; + cpy_len = nontrans_ssid->datalen + 2; memcpy(pos, nontrans_ssid, cpy_len); pos += cpy_len; /* copy the IEs between SSID and MBSSID */ @@ -2305,6 +2367,8 @@ } else { old = rcu_access_pointer(nontrans_bss->beacon_ies); rcu_assign_pointer(nontrans_bss->beacon_ies, new_ies); + cfg80211_update_hidden_bsses(bss_from_pub(nontrans_bss), + new_ies, old); rcu_assign_pointer(nontrans_bss->ies, new_ies); if (old) kfree_rcu((struct cfg80211_bss_ies *)old, rcu_head); @@ -2331,6 +2395,7 @@ size_t ielen, min_hdr_len = offsetof(struct ieee80211_mgmt, u.probe_resp.variable); int bss_type; + enum cfg80211_bss_frame_type ftype; BUILD_BUG_ON(offsetof(struct ieee80211_mgmt, u.probe_resp.variable) != offsetof(struct ieee80211_mgmt, u.beacon.variable)); @@ -2367,8 +2432,16 @@ variable = ext->u.s1g_beacon.variable; } + if (ieee80211_is_beacon(mgmt->frame_control)) + ftype = CFG80211_BSS_FTYPE_BEACON; + else if (ieee80211_is_probe_resp(mgmt->frame_control)) + ftype = CFG80211_BSS_FTYPE_PRESP; + else + ftype = CFG80211_BSS_FTYPE_UNKNOWN; + channel = cfg80211_get_bss_channel(wiphy, variable, - ielen, data->chan, data->scan_width); + ielen, data->chan, data->scan_width, + ftype); if (!channel) return NULL; @@ -2456,10 +2529,10 @@ res = cfg80211_inform_single_bss_frame_data(wiphy, data, mgmt, len, gfp); if (!res || !wiphy->support_mbssid || - !cfg80211_find_ie(WLAN_EID_MULTIPLE_BSSID, ie, ielen)) + !cfg80211_find_elem(WLAN_EID_MULTIPLE_BSSID, ie, ielen)) return res; if (wiphy->support_only_he_mbssid && - !cfg80211_find_ext_ie(WLAN_EID_EXT_HE_CAPABILITY, ie, ielen)) + !cfg80211_find_ext_elem(WLAN_EID_EXT_HE_CAPABILITY, ie, ielen)) return res; non_tx_data.tx_bss = res; @@ -2685,7 +2758,7 @@ struct cfg80211_registered_device *rdev; struct wiphy *wiphy; struct iw_scan_req *wreq = NULL; - struct cfg80211_scan_request *creq = NULL; + struct cfg80211_scan_request *creq; int i, err, n_channels = 0; enum nl80211_band band; @@ -2700,10 +2773,8 @@ if (IS_ERR(rdev)) return PTR_ERR(rdev); - if (rdev->scan_req || rdev->scan_msg) { - err = -EBUSY; - goto out; - } + if (rdev->scan_req || rdev->scan_msg) + return -EBUSY; wiphy = &rdev->wiphy; @@ -2716,10 +2787,8 @@ creq = kzalloc(sizeof(*creq) + sizeof(struct cfg80211_ssid) + n_channels * sizeof(void *), GFP_ATOMIC); - if (!creq) { - err = -ENOMEM; - goto out; - } + if (!creq) + return -ENOMEM; creq->wiphy = wiphy; creq->wdev = dev->ieee80211_ptr; diff -ruw linux-5.15.42/net/wireless/sme.c linux-5.15.42-fbx/net/wireless/sme.c --- linux-5.15.42/net/wireless/sme.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/wireless/sme.c 2024-04-22 14:46:58.392281335 +0200 @@ -680,7 +680,9 @@ bool wextev) { struct wireless_dev *wdev = dev->ieee80211_ptr; - const u8 *country_ie; + const struct element *country_elem; + const u8 *country_data; + u8 country_datalen; #ifdef CONFIG_CFG80211_WEXT union iwreq_data wrqu; #endif @@ -762,26 +764,22 @@ cfg80211_upload_connect_keys(wdev); rcu_read_lock(); - country_ie = ieee80211_bss_get_ie(cr->bss, WLAN_EID_COUNTRY); - if (!country_ie) { + country_elem = ieee80211_bss_get_elem(cr->bss, WLAN_EID_COUNTRY); + if (!country_elem) { rcu_read_unlock(); return; } - country_ie = kmemdup(country_ie, 2 + country_ie[1], GFP_ATOMIC); + country_datalen = country_elem->datalen; + country_data = kmemdup(country_elem->data, country_datalen, GFP_ATOMIC); rcu_read_unlock(); - if (!country_ie) + if (!country_data) return; - /* - * ieee80211_bss_get_ie() ensures we can access: - * - country_ie + 2, the start of the country ie data, and - * - and country_ie[1] which is the IE length - */ regulatory_hint_country_ie(wdev->wiphy, cr->bss->channel->band, - country_ie + 2, country_ie[1]); - kfree(country_ie); + country_data, country_datalen); + kfree(country_data); } /* Consumes bss object one way or another */ diff -ruw linux-5.15.42/net/wireless/trace.h linux-5.15.42-fbx/net/wireless/trace.h --- linux-5.15.42/net/wireless/trace.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/wireless/trace.h 2024-04-22 14:46:58.396281444 +0200 @@ -167,6 +167,19 @@ __entry->center_freq1, __entry->freq1_offset, \ __entry->center_freq2 +#define FILS_AAD_ASSIGN(fa) \ + do { \ + if (fa) { \ + ether_addr_copy(__entry->macaddr, fa->macaddr); \ + __entry->kek_len = fa->kek_len; \ + } else { \ + eth_zero_addr(__entry->macaddr); \ + __entry->kek_len = 0; \ + } \ + } while (0) +#define FILS_AAD_PR_FMT \ + "macaddr: %pM, kek_len: %d" + #define SINFO_ENTRY __field(int, generation) \ __field(u32, connected_time) \ __field(u32, inactive_time) \ @@ -2614,6 +2627,24 @@ TP_ARGS(wiphy, wdev, cookie) ); +TRACE_EVENT(rdev_set_fils_aad, + TP_PROTO(struct wiphy *wiphy, struct net_device *netdev, + struct cfg80211_fils_aad *fils_aad), + TP_ARGS(wiphy, netdev, fils_aad), + TP_STRUCT__entry(WIPHY_ENTRY + NETDEV_ENTRY + __array(u8, macaddr, ETH_ALEN) + __field(u8, kek_len) + ), + TP_fast_assign(WIPHY_ASSIGN; + NETDEV_ASSIGN; + FILS_AAD_ASSIGN(fils_aad); + ), + TP_printk(WIPHY_PR_FMT ", " NETDEV_PR_FMT ", " FILS_AAD_PR_FMT, + WIPHY_PR_ARG, NETDEV_PR_ARG, __entry->macaddr, + __entry->kek_len) +); + /************************************************************* * cfg80211 exported functions traces * *************************************************************/ @@ -3022,18 +3053,21 @@ ); TRACE_EVENT(cfg80211_radar_event, - TP_PROTO(struct wiphy *wiphy, struct cfg80211_chan_def *chandef), - TP_ARGS(wiphy, chandef), + TP_PROTO(struct wiphy *wiphy, struct cfg80211_chan_def *chandef, + bool offchan), + TP_ARGS(wiphy, chandef, offchan), TP_STRUCT__entry( WIPHY_ENTRY CHAN_DEF_ENTRY + __field(bool, offchan) ), TP_fast_assign( WIPHY_ASSIGN; CHAN_DEF_ASSIGN(chandef); + __entry->offchan = offchan; ), - TP_printk(WIPHY_PR_FMT ", " CHAN_DEF_PR_FMT, - WIPHY_PR_ARG, CHAN_DEF_PR_ARG) + TP_printk(WIPHY_PR_FMT ", " CHAN_DEF_PR_FMT ", offchan %d", + WIPHY_PR_ARG, CHAN_DEF_PR_ARG, __entry->offchan) ); TRACE_EVENT(cfg80211_cac_event, @@ -3643,6 +3677,42 @@ __entry->color_bitmap) ); +TRACE_EVENT(rdev_set_radar_background, + TP_PROTO(struct wiphy *wiphy, struct cfg80211_chan_def *chandef), + + TP_ARGS(wiphy, chandef), + + TP_STRUCT__entry( + WIPHY_ENTRY + CHAN_DEF_ENTRY + ), + + TP_fast_assign( + WIPHY_ASSIGN; + CHAN_DEF_ASSIGN(chandef) + ), + + TP_printk(WIPHY_PR_FMT ", " CHAN_DEF_PR_FMT, + WIPHY_PR_ARG, CHAN_DEF_PR_ARG) +); + +TRACE_EVENT(cfg80211_assoc_comeback, + TP_PROTO(struct wireless_dev *wdev, const u8 *bssid, u32 timeout), + TP_ARGS(wdev, bssid, timeout), + TP_STRUCT__entry( + WDEV_ENTRY + MAC_ENTRY(bssid) + __field(u32, timeout) + ), + TP_fast_assign( + WDEV_ASSIGN; + MAC_ASSIGN(bssid, bssid); + __entry->timeout = timeout; + ), + TP_printk(WDEV_PR_FMT ", " MAC_PR_FMT ", timeout: %u TUs", + WDEV_PR_ARG, MAC_PR_ARG(bssid), __entry->timeout) +); + #endif /* !__RDEV_OPS_TRACE || TRACE_HEADER_MULTI_READ */ #undef TRACE_INCLUDE_PATH diff -ruw linux-5.15.42/net/wireless/util.c linux-5.15.42-fbx/net/wireless/util.c --- linux-5.15.42/net/wireless/util.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/net/wireless/util.c 2024-04-22 14:46:58.396281444 +0200 @@ -5,7 +5,7 @@ * Copyright 2007-2009 Johannes Berg * Copyright 2013-2014 Intel Mobile Communications GmbH * Copyright 2017 Intel Deutschland GmbH - * Copyright (C) 2018-2020 Intel Corporation + * Copyright (C) 2018-2021 Intel Corporation */ #include #include @@ -80,6 +80,7 @@ return 0; /* not supported */ switch (band) { case NL80211_BAND_2GHZ: + case NL80211_BAND_LC: if (chan == 14) return MHZ_TO_KHZ(2484); else if (chan < 14) @@ -209,6 +210,7 @@ WARN_ON(want); break; case NL80211_BAND_2GHZ: + case NL80211_BAND_LC: want = 7; for (i = 0; i < sband->n_bitrates; i++) { switch (sband->bitrates[i].bitrate) { @@ -632,12 +634,14 @@ if (likely((!is_amsdu && ether_addr_equal(payload.hdr, rfc1042_header) && tmp.h_proto != htons(ETH_P_AARP) && tmp.h_proto != htons(ETH_P_IPX)) || - ether_addr_equal(payload.hdr, bridge_tunnel_header))) + ether_addr_equal(payload.hdr, bridge_tunnel_header))) { /* remove RFC1042 or Bridge-Tunnel encapsulation and * replace EtherType */ hdrlen += ETH_ALEN + 2; - else + skb_postpull_rcsum(skb, &payload, ETH_ALEN + 2); + } else { tmp.h_proto = htons(skb->len - hdrlen); + } pskb_pull(skb, hdrlen); @@ -1426,6 +1430,135 @@ return result / 10000; } +static u32 cfg80211_calculate_bitrate_eht(struct rate_info *rate) +{ +#define SCALE 6144 + static const u32 mcs_divisors[16] = { + 102399, /* 16.666666... */ + 51201, /* 8.333333... */ + 34134, /* 5.555555... */ + 25599, /* 4.166666... */ + 17067, /* 2.777777... */ + 12801, /* 2.083333... */ + 11769, /* 1.851851... */ + 10239, /* 1.666666... */ + 8532, /* 1.388888... */ + 7680, /* 1.250000... */ + 6828, /* 1.111111... */ + 6144, /* 1.000000... */ + 5690, /* 0.926106... */ + 5120, /* 0.833333... */ + 409600, /* 66.666666... */ + 204800, /* 33.333333... */ + }; + static const u32 rates_996[3] = { 480388888, 453700000, 408333333 }; + static const u32 rates_484[3] = { 229411111, 216666666, 195000000 }; + static const u32 rates_242[3] = { 114711111, 108333333, 97500000 }; + static const u32 rates_106[3] = { 40000000, 37777777, 34000000 }; + static const u32 rates_52[3] = { 18820000, 17777777, 16000000 }; + static const u32 rates_26[3] = { 9411111, 8888888, 8000000 }; + u64 tmp; + u32 result; + + if (WARN_ON_ONCE(rate->mcs > 15)) + return 0; + if (WARN_ON_ONCE(rate->eht_gi > NL80211_RATE_INFO_EHT_GI_3_2)) + return 0; + if (WARN_ON_ONCE(rate->eht_ru_alloc > + NL80211_RATE_INFO_EHT_RU_ALLOC_4x996)) + return 0; + if (WARN_ON_ONCE(rate->nss < 1 || rate->nss > 8)) + return 0; + + /* Bandwidth checks for MCS 14 */ + if (rate->mcs == 14) { + if ((rate->bw != RATE_INFO_BW_EHT_RU && + rate->bw != RATE_INFO_BW_80 && + rate->bw != RATE_INFO_BW_160 && + rate->bw != RATE_INFO_BW_320) || + (rate->bw == RATE_INFO_BW_EHT_RU && + rate->eht_ru_alloc != NL80211_RATE_INFO_EHT_RU_ALLOC_996 && + rate->eht_ru_alloc != NL80211_RATE_INFO_EHT_RU_ALLOC_2x996 && + rate->eht_ru_alloc != NL80211_RATE_INFO_EHT_RU_ALLOC_4x996)) { + WARN(1, "invalid EHT BW for MCS 14: bw:%d, ru:%d\n", + rate->bw, rate->eht_ru_alloc); + return 0; + } + } + + if (rate->bw == RATE_INFO_BW_320 || + (rate->bw == RATE_INFO_BW_EHT_RU && + rate->eht_ru_alloc == NL80211_RATE_INFO_EHT_RU_ALLOC_4x996)) + result = 4 * rates_996[rate->eht_gi]; + else if (rate->bw == RATE_INFO_BW_EHT_RU && + rate->eht_ru_alloc == NL80211_RATE_INFO_EHT_RU_ALLOC_3x996P484) + result = 3 * rates_996[rate->eht_gi] + rates_484[rate->eht_gi]; + else if (rate->bw == RATE_INFO_BW_EHT_RU && + rate->eht_ru_alloc == NL80211_RATE_INFO_EHT_RU_ALLOC_3x996) + result = 3 * rates_996[rate->eht_gi]; + else if (rate->bw == RATE_INFO_BW_EHT_RU && + rate->eht_ru_alloc == NL80211_RATE_INFO_EHT_RU_ALLOC_2x996P484) + result = 2 * rates_996[rate->eht_gi] + rates_484[rate->eht_gi]; + else if (rate->bw == RATE_INFO_BW_160 || + (rate->bw == RATE_INFO_BW_EHT_RU && + rate->eht_ru_alloc == NL80211_RATE_INFO_EHT_RU_ALLOC_2x996)) + result = 2 * rates_996[rate->eht_gi]; + else if (rate->bw == RATE_INFO_BW_EHT_RU && + rate->eht_ru_alloc == + NL80211_RATE_INFO_EHT_RU_ALLOC_996P484P242) + result = rates_996[rate->eht_gi] + rates_484[rate->eht_gi] + + rates_242[rate->eht_gi]; + else if (rate->bw == RATE_INFO_BW_EHT_RU && + rate->eht_ru_alloc == NL80211_RATE_INFO_EHT_RU_ALLOC_996P484) + result = rates_996[rate->eht_gi] + rates_484[rate->eht_gi]; + else if (rate->bw == RATE_INFO_BW_80 || + (rate->bw == RATE_INFO_BW_EHT_RU && + rate->eht_ru_alloc == NL80211_RATE_INFO_EHT_RU_ALLOC_996)) + result = rates_996[rate->eht_gi]; + else if (rate->bw == RATE_INFO_BW_EHT_RU && + rate->eht_ru_alloc == NL80211_RATE_INFO_EHT_RU_ALLOC_484P242) + result = rates_484[rate->eht_gi] + rates_242[rate->eht_gi]; + else if (rate->bw == RATE_INFO_BW_40 || + (rate->bw == RATE_INFO_BW_EHT_RU && + rate->eht_ru_alloc == NL80211_RATE_INFO_EHT_RU_ALLOC_484)) + result = rates_484[rate->eht_gi]; + else if (rate->bw == RATE_INFO_BW_20 || + (rate->bw == RATE_INFO_BW_EHT_RU && + rate->eht_ru_alloc == NL80211_RATE_INFO_EHT_RU_ALLOC_242)) + result = rates_242[rate->eht_gi]; + else if (rate->bw == RATE_INFO_BW_EHT_RU && + rate->eht_ru_alloc == NL80211_RATE_INFO_EHT_RU_ALLOC_106P26) + result = rates_106[rate->eht_gi] + rates_26[rate->eht_gi]; + else if (rate->bw == RATE_INFO_BW_EHT_RU && + rate->eht_ru_alloc == NL80211_RATE_INFO_EHT_RU_ALLOC_106) + result = rates_106[rate->eht_gi]; + else if (rate->bw == RATE_INFO_BW_EHT_RU && + rate->eht_ru_alloc == NL80211_RATE_INFO_EHT_RU_ALLOC_52P26) + result = rates_52[rate->eht_gi] + rates_26[rate->eht_gi]; + else if (rate->bw == RATE_INFO_BW_EHT_RU && + rate->eht_ru_alloc == NL80211_RATE_INFO_EHT_RU_ALLOC_52) + result = rates_52[rate->eht_gi]; + else if (rate->bw == RATE_INFO_BW_EHT_RU && + rate->eht_ru_alloc == NL80211_RATE_INFO_EHT_RU_ALLOC_26) + result = rates_26[rate->eht_gi]; + else { + WARN(1, "invalid EHT MCS: bw:%d, ru:%d\n", + rate->bw, rate->eht_ru_alloc); + return 0; + } + + /* now scale to the appropriate MCS */ + tmp = result; + tmp *= SCALE; + do_div(tmp, mcs_divisors[rate->mcs]); + result = tmp; + + /* and take NSS */ + result = (result * rate->nss) / 8; + + return result / 10000; +} + u32 cfg80211_calculate_bitrate(struct rate_info *rate) { if (rate->flags & RATE_INFO_FLAGS_MCS) @@ -1440,6 +1573,8 @@ return cfg80211_calculate_bitrate_vht(rate); if (rate->flags & RATE_INFO_FLAGS_HE_MCS) return cfg80211_calculate_bitrate_he(rate); + if (rate->flags & RATE_INFO_FLAGS_EHT_MCS) + return cfg80211_calculate_bitrate_eht(rate); return rate->legacy; } diff -ruw linux-5.15.42/scripts/Makefile.build linux-5.15.42-fbx/scripts/Makefile.build --- linux-5.15.42/scripts/Makefile.build 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/scripts/Makefile.build 2024-04-22 14:46:58.420282100 +0200 @@ -475,10 +475,10 @@ cmd_link_multi-m = \ $(cmd_update_lto_symversions); \ rm -f $@; \ - $(AR) cDPrsT $@ $(filter %.o,$^) + $(AR) cDPrsT $@ $(filter %.o %a,$^) else quiet_cmd_link_multi-m = LD [M] $@ - cmd_link_multi-m = $(LD) $(ld_flags) -r -o $@ $(filter %.o,$^) + cmd_link_multi-m = $(LD) $(ld_flags) -r -o $@ $(filter %.o %.a,$^) endif $(multi-obj-m): FORCE diff -ruw linux-5.15.42/scripts/Makefile.lib linux-5.15.42-fbx/scripts/Makefile.lib --- linux-5.15.42/scripts/Makefile.lib 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/scripts/Makefile.lib 2024-04-22 14:46:58.420282100 +0200 @@ -319,11 +319,11 @@ DTC_FLAGS += $(if $(filter $(patsubst $(obj)/%,%,$@), $(base-dtb-y)), -@) # Generate an assembly file to wrap the output of the device tree compiler -quiet_cmd_dt_S_dtb= DTB $@ +quiet_cmd_dt_S_dtb= DTB_bin $@ cmd_dt_S_dtb= \ { \ echo '\#include '; \ - echo '.section .dtb.init.rodata,"a"'; \ + echo '.section .dtb.rodata,"a"'; \ echo '.balign STRUCT_ALIGNMENT'; \ echo '.global __dtb_$(subst -,_,$(*F))_begin'; \ echo '__dtb_$(subst -,_,$(*F))_begin:'; \ @@ -336,6 +336,8 @@ $(obj)/%.dtb.S: $(obj)/%.dtb FORCE $(call if_changed,dt_S_dtb) +.PRECIOUS: $(src)/%.dtb.S + quiet_cmd_dtc = DTC $@ cmd_dtc = $(HOSTCC) -E $(dtc_cpp_flags) -x assembler-with-cpp -o $(dtc-tmp) $< ; \ $(DTC) -o $@ -b 0 \ diff -ruw linux-5.15.42/scripts/dtc/include-prefixes/arm/Makefile linux-5.15.42-fbx/scripts/dtc/include-prefixes/arm/Makefile --- linux-5.15.42/scripts/dtc/include-prefixes/arm/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/scripts/dtc/include-prefixes/arm/Makefile 2024-04-22 14:46:50.216057952 +0200 @@ -139,7 +139,9 @@ bcm47189-tenda-ac9.dtb \ bcm947189acdbmr.dtb dtb-$(CONFIG_ARCH_BCM_63XX) += \ - bcm963138dvt.dtb + bcm963138dvt.dtb \ + bcm963138ref-rnc.dtb \ + fbxgw7a.dtb dtb-$(CONFIG_ARCH_BCM_CYGNUS) += \ bcm911360_entphn.dtb \ bcm911360k.dtb \ @@ -263,7 +265,7 @@ keystone-k2e-evm.dtb \ keystone-k2g-evm.dtb \ keystone-k2g-ice.dtb -dtb-$(CONFIG_MACH_KIRKWOOD) += \ +dtb-$(CONFIG_MACH_KIRKWOOD_DTB) += \ kirkwood-b3.dtb \ kirkwood-blackarmor-nas220.dtb \ kirkwood-cloudbox.dtb \ @@ -341,6 +343,8 @@ kirkwood-ts219-6282.dtb \ kirkwood-ts419-6281.dtb \ kirkwood-ts419-6282.dtb +dtb-$(CONFIG_FBXGW_COMMON) += \ + fbxgwr_exp_stb.dtb dtb-$(CONFIG_ARCH_LPC18XX) += \ lpc4337-ciaa.dtb \ lpc4350-hitex-eval.dtb \ @@ -1499,3 +1503,17 @@ aspeed-bmc-portwell-neptune.dtb \ aspeed-bmc-quanta-q71l.dtb \ aspeed-bmc-supermicro-x11spi.dtb + +$(foreach file, $(subst $\",,$(CONFIG_OF_DTB_BUILTIN_LIST)), \ + $(eval dtb-y += $(file).dtb)) + +$(foreach file, $(subst $\",,$(CONFIG_OF_DTB_BUILTIN_LIST)), \ + $(eval obj-y += $(file).dtb.o)) + +dtstree := $(srctree)/$(src) +dtb-$(CONFIG_OF_ALL_DTBS) := $(patsubst $(dtstree)/%.dts,%.dtb, $(wildcard $(dtstree)/*.dts)) + +DTC_FLAGS += -@ +always-y := $(dtb-y) +clean-files := *.dtb *.dtb.S +obj- += dummy diff -ruw linux-5.15.42/scripts/dtc/include-prefixes/arm/kirkwood-6282.dtsi linux-5.15.42-fbx/scripts/dtc/include-prefixes/arm/kirkwood-6282.dtsi --- linux-5.15.42/scripts/dtc/include-prefixes/arm/kirkwood-6282.dtsi 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/scripts/dtc/include-prefixes/arm/kirkwood-6282.dtsi 2024-04-22 14:46:50.328061012 +0200 @@ -80,6 +80,11 @@ marvell,function = "twsi1"; }; + pmx_twsi1_gpio: pmx-twsi1-gpio { + marvell,pins = "mpp36", "mpp37"; + marvell,function = "gpio"; + }; + pmx_sdio: pmx-sdio { marvell,pins = "mpp12", "mpp13", "mpp14", "mpp15", "mpp16", "mpp17"; @@ -109,7 +114,10 @@ clock-frequency = <100000>; clocks = <&gate_clk 7>; pinctrl-0 = <&pmx_twsi1>; - pinctrl-names = "default"; + pinctrl-1 = <&pmx_twsi1_gpio>; + pinctrl-names = "default", "gpio"; + sda-gpios = <&gpio1 4 GPIO_ACTIVE_HIGH>; + scl-gpios = <&gpio1 5 GPIO_ACTIVE_HIGH>; status = "disabled"; }; diff -ruw linux-5.15.42/scripts/dtc/include-prefixes/arm/kirkwood.dtsi linux-5.15.42-fbx/scripts/dtc/include-prefixes/arm/kirkwood.dtsi --- linux-5.15.42/scripts/dtc/include-prefixes/arm/kirkwood.dtsi 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/scripts/dtc/include-prefixes/arm/kirkwood.dtsi 2024-04-22 14:46:50.332061122 +0200 @@ -99,11 +99,28 @@ marvell,function = "spi"; }; + pmx_tdm_spi: pmx-tdm-spi { + marvell,pins = "mpp24", "mpp25", "mpp26", + "mpp27"; + marvell,function = "tdm"; + }; + + pmx_alt_tdm_spi: pmx-alt-tdm-spi { + marvell,pins = "mpp39", "mpp40", "mpp41", + "mpp42"; + marvell,function = "tdm"; + }; + pmx_twsi0: pmx-twsi0 { marvell,pins = "mpp8", "mpp9"; marvell,function = "twsi0"; }; + pmx_twsi0_gpio: pmx-twsi0-gpio { + marvell,pins = "mpp8", "mpp9"; + marvell,function = "gpio"; + }; + /* * Default UART pinctrl setting without RTS/CTS, * overwrite marvell,pins on board level if required. @@ -138,6 +155,17 @@ status = "disabled"; }; + tdm_spi0: tdm_spi@d0000 { + compatible = "marvell,orion-tdm-spi"; + #address-cells = <1>; + #size-cells = <0>; + reg = <0xd0000 65536>; + clocks = <&gate_clk 20>; + pinctrl-0 = <&pmx_tdm_spi>; + pinctrl-names = "default"; + status = "disabled"; + }; + gpio0: gpio@10100 { compatible = "marvell,orion-gpio"; #gpio-cells = <2>; @@ -148,6 +176,7 @@ #interrupt-cells = <2>; interrupts = <35>, <36>, <37>, <38>; clocks = <&gate_clk 7>; + gpio-ranges = <&pinctrl 0 0 32>; }; gpio1: gpio@10140 { @@ -160,6 +189,7 @@ #interrupt-cells = <2>; interrupts = <39>, <40>, <41>; clocks = <&gate_clk 7>; + gpio-ranges = <&pinctrl 0 32 18>; }; i2c0: i2c@11000 { @@ -171,7 +201,10 @@ clock-frequency = <100000>; clocks = <&gate_clk 7>; pinctrl-0 = <&pmx_twsi0>; - pinctrl-names = "default"; + pinctrl-1 = <&pmx_twsi0_gpio>; + pinctrl-names = "default", "gpio"; + sda-gpios = <&gpio0 8 GPIO_ACTIVE_HIGH>; + scl-gpios = <&gpio0 9 GPIO_ACTIVE_HIGH>; status = "disabled"; }; @@ -319,6 +352,7 @@ clocks = <&gate_clk 0>; marvell,tx-checksum-limit = <1600>; status = "disabled"; + mdio-bus = <&mdio>; eth0port: ethernet0-port@0 { compatible = "marvell,kirkwood-eth-port"; diff -ruw linux-5.15.42/scripts/dtc/include-prefixes/dt-bindings/input/linux-event-codes.h linux-5.15.42-fbx/scripts/dtc/include-prefixes/dt-bindings/input/linux-event-codes.h --- linux-5.15.42/scripts/dtc/include-prefixes/dt-bindings/input/linux-event-codes.h 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/scripts/dtc/include-prefixes/dt-bindings/input/linux-event-codes.h 2024-04-22 14:46:57.776264505 +0200 @@ -779,6 +779,18 @@ #define BTN_TRIGGER_HAPPY39 0x2e6 #define BTN_TRIGGER_HAPPY40 0x2e7 +#define KEY_APP_TV 0x2f1 +#define KEY_APP_REPLAY 0x2f2 +#define KEY_APP_VIDEOCLUB 0x2f3 +#define KEY_APP_WHATSON 0x2f4 +#define KEY_APP_RECORDS 0x2f5 +#define KEY_APP_MEDIA 0x2f6 +#define KEY_APP_YOUTUBE 0x2f7 +#define KEY_APP_RADIOS 0x2f8 +#define KEY_APP_CANALVOD 0x2f9 +#define KEY_APP_PIP 0x2fa +#define KEY_APP_NETFLIX 0x2fb + /* We avoid low common keys in module aliases so they don't get huge. */ #define KEY_MIN_INTERESTING KEY_MUTE #define KEY_MAX 0x2ff diff -ruw linux-5.15.42/scripts/extract-cert.c linux-5.15.42-fbx/scripts/extract-cert.c --- linux-5.15.42/scripts/extract-cert.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/scripts/extract-cert.c 2024-04-22 14:46:58.440282646 +0200 @@ -23,6 +23,13 @@ #include #include +/* + * OpenSSL 3.0 deprecates the OpenSSL's ENGINE API. + * + * Remove this if/when that API is no longer used + */ +#pragma GCC diagnostic ignored "-Wdeprecated-declarations" + #define PKEY_ID_PKCS7 2 static __attribute__((noreturn)) diff -ruw linux-5.15.42/scripts/gen_autoksyms.sh linux-5.15.42-fbx/scripts/gen_autoksyms.sh --- linux-5.15.42/scripts/gen_autoksyms.sh 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/scripts/gen_autoksyms.sh 2024-04-22 14:46:58.444282756 +0200 @@ -19,7 +19,7 @@ # We need access to CONFIG_ symbols . include/config/auto.conf -needed_symbols= +needed_symbols="$CONFIG_UNUSED_KSYMS_WHITELIST_SYMS" # Special case for modversions (see modpost.c) if [ -n "$CONFIG_MODVERSIONS" ]; then diff -ruw linux-5.15.42/sound/soc/codecs/cs42l52.c linux-5.15.42-fbx/sound/soc/codecs/cs42l52.c --- linux-5.15.42/sound/soc/codecs/cs42l52.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/sound/soc/codecs/cs42l52.c 2024-04-22 14:46:58.592286799 +0200 @@ -127,19 +127,25 @@ } } -static DECLARE_TLV_DB_SCALE(hl_tlv, -10200, 50, 0); +static DECLARE_TLV_DB_SCALE(bass_gain_tlv, -1050, 150, 0); -static DECLARE_TLV_DB_SCALE(hpd_tlv, -9600, 50, 1); +static DECLARE_TLV_DB_SCALE(mst_tlv, -6000, 50, 0); + +static DECLARE_TLV_DB_SCALE(hpd_tlv, -9600, 50, 0); static DECLARE_TLV_DB_SCALE(ipd_tlv, -9600, 100, 0); static DECLARE_TLV_DB_SCALE(mic_tlv, 1600, 100, 0); +static DECLARE_TLV_DB_SCALE(adc_mix_tlv, -5150, 50, 0); + static DECLARE_TLV_DB_SCALE(pga_tlv, -600, 50, 0); -static DECLARE_TLV_DB_SCALE(mix_tlv, -50, 50, 0); +static DECLARE_TLV_DB_SCALE(mix_tlv, -5150, 50, 0); -static DECLARE_TLV_DB_SCALE(beep_tlv, -56, 200, 0); +static DECLARE_TLV_DB_SCALE(bypass_tlv, -6000, 50, 0); + +static DECLARE_TLV_DB_SCALE(beep_tlv, -5600, 200, 0); static const DECLARE_TLV_DB_RANGE(limiter_tlv, 0, 2, TLV_DB_SCALE_ITEM(-3000, 600, 0), @@ -340,18 +346,18 @@ static const struct snd_kcontrol_new cs42l52_snd_controls[] = { SOC_DOUBLE_R_SX_TLV("Master Volume", CS42L52_MASTERA_VOL, - CS42L52_MASTERB_VOL, 0, 0x34, 0xE4, hl_tlv), + CS42L52_MASTERB_VOL, 0, 0x88, 0x90, mst_tlv), SOC_DOUBLE_R_SX_TLV("Headphone Volume", CS42L52_HPA_VOL, - CS42L52_HPB_VOL, 0, 0x34, 0xC0, hpd_tlv), + CS42L52_HPB_VOL, 0, 0x40, 0xc0, hpd_tlv), SOC_ENUM("Headphone Analog Gain", hp_gain_enum), SOC_DOUBLE_R_SX_TLV("Speaker Volume", CS42L52_SPKA_VOL, - CS42L52_SPKB_VOL, 0, 0x40, 0xC0, hl_tlv), + CS42L52_SPKB_VOL, 0, 0x40, 0xc0, hpd_tlv), SOC_DOUBLE_R_SX_TLV("Bypass Volume", CS42L52_PASSTHRUA_VOL, - CS42L52_PASSTHRUB_VOL, 0, 0x88, 0x90, pga_tlv), + CS42L52_PASSTHRUB_VOL, 0, 0x88, 0x90, bypass_tlv), SOC_DOUBLE("Bypass Mute", CS42L52_MISC_CTL, 4, 5, 1, 0), @@ -364,7 +370,7 @@ CS42L52_ADCB_VOL, 0, 0xA0, 0x78, ipd_tlv), SOC_DOUBLE_R_SX_TLV("ADC Mixer Volume", CS42L52_ADCA_MIXER_VOL, CS42L52_ADCB_MIXER_VOL, - 0, 0x19, 0x7F, ipd_tlv), + 0, 0x19, 0x7F, adc_mix_tlv), SOC_DOUBLE("ADC Switch", CS42L52_ADC_MISC_CTL, 0, 1, 1, 0), @@ -372,7 +378,7 @@ CS42L52_ADCB_MIXER_VOL, 7, 1, 1), SOC_DOUBLE_R_SX_TLV("PGA Volume", CS42L52_PGAA_CTL, - CS42L52_PGAB_CTL, 0, 0x28, 0x24, pga_tlv), + CS42L52_PGAB_CTL, 0, 0xF4, 0x24, pga_tlv), SOC_DOUBLE_R_SX_TLV("PCM Mixer Volume", CS42L52_PCMA_MIXER_VOL, CS42L52_PCMB_MIXER_VOL, @@ -392,15 +398,15 @@ SOC_SINGLE("Tone Control Switch", CS42L52_BEEP_TONE_CTL, 0, 1, 1), SOC_SINGLE_TLV("Treble Gain Volume", - CS42L52_TONE_CTL, 4, 15, 1, hl_tlv), + CS42L52_TONE_CTL, 4, 0xf, 1, bass_gain_tlv), SOC_SINGLE_TLV("Bass Gain Volume", - CS42L52_TONE_CTL, 0, 15, 1, hl_tlv), + CS42L52_TONE_CTL, 0, 0xf, 1, bass_gain_tlv), /* Limiter */ SOC_SINGLE_TLV("Limiter Max Threshold Volume", - CS42L52_LIMITER_CTL1, 5, 7, 0, limiter_tlv), + CS42L52_LIMITER_CTL1, 5, 7, 1, limiter_tlv), SOC_SINGLE_TLV("Limiter Cushion Threshold Volume", - CS42L52_LIMITER_CTL1, 2, 7, 0, limiter_tlv), + CS42L52_LIMITER_CTL1, 2, 7, 1, limiter_tlv), SOC_SINGLE_TLV("Limiter Release Rate Volume", CS42L52_LIMITER_CTL2, 0, 63, 0, limiter_tlv), SOC_SINGLE_TLV("Limiter Attack Rate Volume", @@ -571,8 +577,8 @@ {"ADC Left", NULL, "Charge Pump"}, {"ADC Right", NULL, "Charge Pump"}, - {"Charge Pump", NULL, "ADC Left Mux"}, - {"Charge Pump", NULL, "ADC Right Mux"}, + {"ADC Left Mux", NULL, "Charge Pump"}, + {"ADC Right Mux", NULL, "Charge Pump"}, {"ADC Left Mux", "Input1A", "AIN1L"}, {"ADC Right Mux", "Input1B", "AIN1R"}, @@ -585,19 +591,19 @@ {"ADC Left Mux", "PGA Input Left", "PGA Left"}, {"ADC Right Mux", "PGA Input Right" , "PGA Right"}, - {"PGA Left", "Switch", "AIN1L"}, - {"PGA Right", "Switch", "AIN1R"}, - {"PGA Left", "Switch", "AIN2L"}, - {"PGA Right", "Switch", "AIN2R"}, - {"PGA Left", "Switch", "AIN3L"}, - {"PGA Right", "Switch", "AIN3R"}, - {"PGA Left", "Switch", "AIN4L"}, - {"PGA Right", "Switch", "AIN4R"}, + {"PGA Left", NULL, "AIN1L"}, + {"PGA Right", NULL, "AIN1R"}, + {"PGA Left", NULL, "AIN2L"}, + {"PGA Right", NULL, "AIN2R"}, + {"PGA Left", NULL, "AIN3L"}, + {"PGA Right", NULL, "AIN3R"}, + {"PGA Left", NULL, "AIN4L"}, + {"PGA Right", NULL, "AIN4R"}, - {"PGA Left", "Switch", "PGA MICA"}, + {"PGA Left", NULL, "PGA MICA"}, {"PGA MICA", NULL, "MICA"}, - {"PGA Right", "Switch", "PGA MICB"}, + {"PGA Right", NULL, "PGA MICB"}, {"PGA MICB", NULL, "MICB"}, {"HPOUTA", NULL, "HP Left Amp"}, @@ -842,14 +848,12 @@ break; case SND_SOC_BIAS_STANDBY: if (snd_soc_component_get_bias_level(component) == SND_SOC_BIAS_OFF) { - regcache_cache_only(cs42l52->regmap, false); regcache_sync(cs42l52->regmap); } snd_soc_component_write(component, CS42L52_PWRCTL1, CS42L52_PWRCTL1_PDN_ALL); break; case SND_SOC_BIAS_OFF: snd_soc_component_write(component, CS42L52_PWRCTL1, CS42L52_PWRCTL1_PDN_ALL); - regcache_cache_only(cs42l52->regmap, true); break; } @@ -1028,8 +1032,6 @@ { struct cs42l52_private *cs42l52 = snd_soc_component_get_drvdata(component); - regcache_cache_only(cs42l52->regmap, true); - cs42l52_add_mic_controls(component); cs42l52_init_beep(component); @@ -1091,6 +1093,7 @@ { struct cs42l52_private *cs42l52; struct cs42l52_platform_data *pdata = dev_get_platdata(&i2c_client->dev); + struct gpio_desc *reset; int ret; unsigned int devid; unsigned int reg; @@ -1131,26 +1134,26 @@ if (of_property_read_u32(i2c_client->dev.of_node, "cirrus,chgfreq-divisor", &val32) >= 0) pdata->chgfreq = val32; - - pdata->reset_gpio = - of_get_named_gpio(i2c_client->dev.of_node, - "cirrus,reset-gpio", 0); } cs42l52->pdata = *pdata; } - if (cs42l52->pdata.reset_gpio) { - ret = devm_gpio_request_one(&i2c_client->dev, - cs42l52->pdata.reset_gpio, - GPIOF_OUT_INIT_HIGH, - "CS42L52 /RST"); - if (ret < 0) { - dev_err(&i2c_client->dev, "Failed to request /RST %d: %d\n", - cs42l52->pdata.reset_gpio, ret); + reset = devm_gpiod_get_optional(&i2c_client->dev, + "reset", + GPIOD_OUT_HIGH); + if (reset) { + if (IS_ERR(reset)) { + ret = PTR_ERR(reset); + if (ret != -EPROBE_DEFER) + dev_err(&i2c_client->dev, + "failed to get reset gpio :%d", + ret); return ret; } - gpio_set_value_cansleep(cs42l52->pdata.reset_gpio, 0); - gpio_set_value_cansleep(cs42l52->pdata.reset_gpio, 1); + + msleep(100); + gpiod_set_value_cansleep(reset, 0); + msleep(100); } i2c_set_clientdata(i2c_client, cs42l52); diff -ruw linux-5.15.42/sound/soc/kirkwood/Kconfig linux-5.15.42-fbx/sound/soc/kirkwood/Kconfig --- linux-5.15.42/sound/soc/kirkwood/Kconfig 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/sound/soc/kirkwood/Kconfig 2023-02-27 19:50:24.596313402 +0100 @@ -16,3 +16,8 @@ Say Y if you want to add support for SoC audio on the Armada 370 Development Board. +config SND_KIRKWOOD_SOC_FBXGW2R + tristate "Soc Audio support for fbxgw2r" + depends on SND_KIRKWOOD_SOC && MACH_FBXGW2R && I2C + select SND_KIRKWOOD_SOC_I2S + select SND_SOC_CS42L52 diff -ruw linux-5.15.42/sound/soc/kirkwood/Makefile linux-5.15.42-fbx/sound/soc/kirkwood/Makefile --- linux-5.15.42/sound/soc/kirkwood/Makefile 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/sound/soc/kirkwood/Makefile 2023-02-27 19:50:24.596313402 +0100 @@ -6,3 +6,6 @@ snd-soc-armada-370-db-objs := armada-370-db.o obj-$(CONFIG_SND_KIRKWOOD_SOC_ARMADA370_DB) += snd-soc-armada-370-db.o + +snd-soc-fbxgw2r-objs := kirkwood-fbxgw2r.o +obj-$(CONFIG_SND_KIRKWOOD_SOC_FBXGW2R) += snd-soc-fbxgw2r.o diff -ruw linux-5.15.42/sound/soc/soc-ops.c linux-5.15.42-fbx/sound/soc/soc-ops.c --- linux-5.15.42/sound/soc/soc-ops.c 2022-05-25 09:57:37.000000000 +0200 +++ linux-5.15.42-fbx/sound/soc/soc-ops.c 2024-04-22 14:46:58.748291061 +0200 @@ -430,15 +430,8 @@ int ret; unsigned int val, val_mask; - val = ucontrol->value.integer.value[0]; - if (mc->platform_max && val > mc->platform_max) - return -EINVAL; - if (val > max - min) - return -EINVAL; - if (val < 0) - return -EINVAL; val_mask = mask << shift; - val = (val + min) & mask; + val = (ucontrol->value.integer.value[0] + min) & mask; val = val << shift; err = snd_soc_component_update_bits(component, reg, val_mask, val); --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/arch/arm/boot/dts/fbxgw.dtsi 2024-04-22 14:46:50.276059592 +0200 @@ -0,0 +1,156 @@ +/ { + ocp@f1000000 { + fbxwdt: fbxwatchdog-timer@20300 { + compatible = "marvell,orion-fbxwdt"; + reg = <0x20300 0x28>, <0x20108 0x4>; + clocks = <&gate_clk 7>; + status = "okay"; + }; + }; +}; + +&i2c0 { + status = "okay"; + clock-frequency = <25000>; + + cap1066@28 { + /* SMSC cap1066 */ + compatible = "smsc,smsc_cap1066"; + reg = <0x28>; + keymap = ; + }; + + eeprom@53 { + /* expansion eeprom */ + compatible = "atmel,24c256"; + read-only; + reg = <0x53>; + }; + + eeprom@57 { + /* midlane eeprom */ + compatible = "atmel,24c32"; + read-only; + reg = <0x57>; + pagesize = <8>; + }; +}; + +&tdm_spi0 { + status = "okay"; + num-cs = <1>; + + ssd1327@0 { + compatible = "solomon,ssd1327"; + reg = <0>; + spi-max-frequency = <(9 * 1000 * 1000)>; + ssd1327,width = <128>; + ssd1327,height = <128>; + ssd1327,rotate = <270>; + ssd1327,watchdog = <300>; + }; + + bcm-flash@1 { + compatible = "m25p80"; + reg = <1>; + spi-max-frequency = <(1 * 1000 * 1000)>; + label = "bcmflash"; + }; +}; + +&nand { + status = "okay"; + chip-delay = <35>; + + partitions { + compatible = "fixed-partitions"; + #address-cells = <1>; + #size-cells = <1>; + + all@0 { + label = "all"; + /* MTDPART_SIZ_FULL=0 */ + reg = <0x0 0>; + read-only; + }; + + u-boot@0 { + label = "u-boot"; + reg = <0x0 (1 * 1024 * 1024)>; + read-only; + }; + + serial@ { + label = "serial"; + reg = <(1 * 1024 * 1024) (1 * 1024 * 1024)>; + read-only; + }; + + calibration@0 { + label = "calibration"; + reg = <(2 * 1024 * 1024) (1 * 1024 * 1024)>; + read-only; + }; + + bank0@0 { + label = "bank0"; + reg = <(3 * 1024 * 1024) (18 * 1024 * 1024)>; + read-only; + }; + + nvram@0 { + label = "nvram"; + reg = <(21 * 1024 * 1024) (3 * 1024 * 1024)>; + }; + + bank1@0 { + label = "bank1"; + reg = <(24 * 1024 * 1024) (62 * 1024 * 1024)>; + }; + + femto@0 { + label = "femto"; + reg = <(86 * 1024 * 1024) (16 * 1024 * 1024)>; + }; + + config@0 { + label = "config"; + reg = <(120 * 1024 * 1024) (8 * 1024 * 1024)>; + }; + + partition@0 { + label = "new_bank0"; + reg = <(102 * 1024 * 1024) (18 * 1024 * 1024)>; + }; + }; +}; + +ð0 { + marvell,unit = <0>; +}; + +ð1 { + marvell,unit = <1>; +}; + +&uart0 { + status = "okay"; +}; + +&uart1 { + status = "okay"; +}; + +&pmx_uart1 { + marvell,pins = "mpp15", "mpp16"; + marvell,function = "uart1"; +}; + +&usb0 { + status = "okay"; +}; --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/arch/arm/boot/dts/fbxgw1r.dts 2023-02-27 20:05:23.232298512 +0100 @@ -0,0 +1,360 @@ +/dts-v1/; + +#include + +#include "kirkwood.dtsi" +#include "kirkwood-6281.dtsi" +#include "fbxgw.dtsi" + +/ { + model = "Freebox Gateway V1"; + compatible = "freebox,fbxgw1r", "arm-machtype,527"; + + chosen { + stdout-path = &uart1; + }; + + memory { + device_type = "memory"; + reg = <0x00000000 0x20000000>; /* 512 MB */ + }; + + reserved-memory { + #address-cells = <1>; + #size-cells = <1>; + ranges; + + ramoops@1fff8000 { + compatible = "ramoops"; + /* RAM top - 32k, just below bootloader page table */ + reg = <0x1fff8000 (16 * 1024)>; + record-size = <(16 * 1024)>; + ecc-size = <16>; + no-dump-oops; + }; + }; + + gpio_sr: gpio-sr@0 { + compatible = "freebox,fbxgw1r-gpio-sr"; + #gpio-cells = <2>; + gpio-controller; + ngpios = <8>; + + gpio-line-names = "sfp-pwren", /* 0 */ + "usb-rst", /* 1 */ + "audio-rst", /* 2 */ + "exp-pwren", /* 3 */ + "bcm-rst", /* 4 */ + "pcie-rst", /* 5 */ + "keypad-oled-rst", /* 6 */ + "oled-vcc"; /* 7 */ + + /* presumed bootloader state */ + sr,init-value = <((1 << 1) | (1 << 6) | (1 << 7))>; + sr,gpio-din = <&gpio0 12 0>; + sr,gpio-load = <&gpio0 17 0>; + sr,gpio-clk = <&gpio0 10 0>; + }; + + fbxgw1r_rst: fbxgw1r-rst@0 { + compatible = "freebox,fbxgw1r-rst"; + #reset-cells = <1>; + + usb-gpio = <&gpio_sr 1 GPIO_ACTIVE_LOW>; + audio-gpio = <&gpio_sr 2 GPIO_ACTIVE_LOW>; + keypad-oled-gpio = <&gpio_sr 6 GPIO_ACTIVE_LOW>; + }; + + fbxgpio@0 { + compatible = "fbx,fbxgpio"; + + /* claimed for userspace */ + pos-sense { + name = "pos-sense"; + gpio = <&gpio1 13 0>; + input; + }; + + board-id-0 { + name = "board-id-0"; + gpio = <&gpio1 11 0>; + input; + }; + + board-id-1 { + name = "board-id-1"; + gpio = <&gpio1 17 0>; + input; + }; + + test-mode { + name = "test-mode"; + gpio = <&gpio0 13 0>; + input; + }; + + sw-reset { + name = "sw-reset"; + gpio = <&gpio0 28 0>; + output-high; + no-claim; + }; + + sw-int { + name = "sw-int"; + gpio = <&gpio0 29 0>; + input; + }; + + sfp-txdis { + name = "sfp-txdis"; + gpio = <&gpio0 14 0>; + output-high; + }; + + sfp-pwrgood { + name = "sfp-pwrgood"; + gpio = <&gpio1 2 0>; + input; + }; + + sfp-txfault { + name = "sfp-txfault"; + gpio = <&gpio1 3 0>; + input; + }; + + sfp-presence { + name = "sfp-presence"; + gpio = <&gpio1 5 0>; + input; + }; + + sfp-rxloss { + name = "sfp-rxloss"; + gpio = <&gpio1 6 0>; + input; + }; + + sfp-pwren { + name = "sfp-pwren"; + gpio = <&gpio_sr 0 0>; + output-low; + }; + + exp-rst { + name = "exp-rst"; + gpio = <&gpio1 12 0>; + output-low; + }; + + exp-pwrgood { + name = "exp-pwrgood"; + gpio = <&gpio1 14 0>; + input; + }; + + exp-presence { + name = "exp-presence"; + gpio = <&gpio1 15 0>; + input; + }; + + exp-pwren { + name = "exp-pwren"; + gpio = <&gpio_sr 3 0>; + output-low; + }; + + bcm-rst { + name = "bcm-rst"; + gpio = <&gpio_sr 4 0>; + output-low; + }; + + + /* unclaimed, exported for debug only */ + oled-data-select { + name = "oled-data-select"; + gpio = <&gpio0 7 0>; + output-low; + no-claim; + }; + + kp-int { + name = "kp-int"; + gpio = <&gpio1 16 0>; + input; + no-claim; + }; + + usb-rst { + name = "usb-rst"; + gpio = <&gpio_sr 1 0>; + output-low; + no-claim; + }; + + audio-rst { + name = "audio-rst"; + gpio = <&gpio_sr 2 0>; + output-low; + no-claim; + }; + + pcie-rst { + name = "pcie-rst"; + gpio = <&gpio_sr 5 0>; + output-low; + no-claim; + }; + + keypad-oled-rst { + name = "keypad-oled-rst"; + gpio = <&gpio_sr 6 0>; + output-low; + no-claim; + }; + + oled-vcc { + name = "oled-vcc"; + gpio = <&gpio_sr 7 0>; + output-low; + no-claim; + }; + }; +}; + +&gpio0 { + gpio-line-names = "", + "", + "", + "", + "", + "", + "", + "oled-data-select", /* 7 */ + "", + "", + "sr-clk", /* 10 */ + "bcm-down", /* 11 */ + "sr-din", /* 12 */ + "test-mode", /* 13 */ + "sfp-txdis", /* 14 */ + "", + "", + "sr-load", /* 17 */ + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "sw-reset", /* 28 */ + "sw-int", /* 29 */ + "", + ""; +}; + +&gpio1 { + gpio-line-names = "", + "", + "sfp-pwrgood", /* 2 */ + "sfp-txfault", /* 3 */ + "spi-cs-bcm", /* 4 */ + "sfp-presence", /* 5 */ + "sfp-rxloss", /* 6*/ + "", /* 7 */ + "", /* 8 */ + "", /* 9 */ + "", /* 10 */ + "board-id-0", /* 11 */ + "exp-rst", /* 12 */ + "pos-sense", /* 13 */ + "exp-pwrgood", /* 14 */ + "exp-presence", /* 15 */ + "kp-int", /* 16 */ + "board-id-1"; /* 17 */ +}; + +&usb0 { + resets = <&fbxgw1r_rst 0>, + <&fbxgw1r_rst 1>; +}; + +&mdio { + status = "okay"; + + mv6161: mv6161@0 { + compatible = "freebox,fbxgw-mv6161"; + reg = <0>; + gpio-reset = <&gpio0 28 0>; + }; +}; + +ð0 { + status = "okay"; +}; + +ð0port { + fbxserial-mac-address = <0>; + speed = <1000>; + duplex = <1>; +}; + +&i2c0 { + cap1066@28 { + resets = <&fbxgw1r_rst 2>; + irq-gpio = <&gpio1 16 0>; + }; +}; + +&tdm_spi0 { + pinctrl-0 = <&pmx_alt_tdm_spi>; + cs-gpios = <0>, <&gpio1 4 GPIO_ACTIVE_HIGH>; + + ssd1327@0 { + ssd1327,data-select-gpio = <&gpio0 7 GPIO_ACTIVE_HIGH>; + ssd1327,vcc-gpio = <&gpio_sr 7 GPIO_ACTIVE_HIGH>; + resets = <&fbxgw1r_rst 2>; + }; +}; + +&sata { + status = "okay"; + nr-ports = <2>; +}; + +&pciec { + status = "okay"; + reset-gpios = <&gpio_sr 5 GPIO_ACTIVE_LOW>; +}; + +&pcie0 { + status = "okay"; +}; + +&nand { + nand-ecc-mode = "soft"; + nand-ecc-algo = "hamming"; +}; + +ð1 { + status = "okay"; +}; + +ð1port { + fbxserial-mac-address = <0>; + speed = <1000>; + duplex = <1>; +}; + +&pmx_uart0 { + /* only mpp11 here (uart rx) as mpp10 is used as a gpio */ + marvell,pins = "mpp11"; + marvell,function = "uart0"; +}; --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/arch/arm/boot/dts/fbxgw2r.dts 2023-02-27 20:05:23.232298512 +0100 @@ -0,0 +1,351 @@ +/dts-v1/; + +#include + +#include "kirkwood.dtsi" +#include "kirkwood-6282.dtsi" +#include "fbxgw.dtsi" + +/ { + model = "Freebox Gateway V2"; + compatible = "freebox,fbxgw2r", "arm-machtype,4242"; + + chosen { + stdout-path = &uart1; + }; + + memory { + device_type = "memory"; + reg = <0x00000000 0x40000000>; /* 1024M */ + }; + + reserved-memory { + #address-cells = <1>; + #size-cells = <1>; + ranges; + + ramoops@3fff8000 { + compatible = "ramoops"; + /* RAM top - 32k, just below bootloader page table */ + reg = <0x3fff8000 (16 * 1024)>; + record-size = <(16 * 1024)>; + ecc-size = <16>; + no-dump-oops; + }; + }; + + fbxgw2r_rst: fbxgw2r-rst@0 { + compatible = "freebox,fbxgw2r-rst"; + #reset-cells = <1>; + + usb-gpio = <&gpio0 23 GPIO_ACTIVE_LOW>; + keypad-oled-gpio = <&gpio0 21 GPIO_ACTIVE_LOW>; + }; + + fbxgw2r-audio@0 { + compatible = "freebox,fbxgw2r-audio"; + }; + + ocp@f1000000 { + kirkwood-coretemp@10078 { + compatible = "marvell,kirkwood-coretemp"; + reg = <0x10078 0x4>; + status = "okay"; + }; + + thermal: thermal@10078 { + status = "disabled"; + }; + }; + + fbxgpio@0 { + compatible = "fbx,fbxgpio"; + + /* claimed for userspace */ + pos-sense { + name = "pos-sense"; + gpio = <&gpio1 13 0>; + input; + }; + + test-mode { + name = "test-mode"; + gpio = <&gpio0 13 0>; + input; + }; + + sw-reset { + name = "sw-reset"; + gpio = <&gpio0 28 0>; + output-high; + no-claim; + }; + + sw-int { + name = "sw-int"; + gpio = <&gpio0 29 0>; + input; + }; + + sfp-txdis { + name = "sfp-txdis"; + gpio = <&gpio0 12 0>; + output-high; + }; + + sfp-pwrgood { + name = "sfp-pwrgood"; + gpio = <&gpio1 0 0>; + input; + }; + + sfp-txfault { + name = "sfp-txfault"; + gpio = <&gpio1 3 0>; + input; + }; + + sfp-presence { + name = "sfp-presence"; + gpio = <&gpio0 31 0>; + input; + }; + + sfp-rxloss { + name = "sfp-rxloss"; + gpio = <&gpio1 6 0>; + input; + }; + + sfp-pwren { + name = "sfp-pwren"; + gpio = <&gpio1 17 0>; + output-low; + }; + + exp-rst { + name = "exp-rst"; + gpio = <&gpio1 12 0>; + output-low; + }; + + exp-pwrgood { + name = "exp-pwrgood"; + gpio = <&gpio1 14 0>; + input; + }; + + exp-presence { + name = "exp-presence"; + gpio = <&gpio1 15 0>; + input; + }; + + exp-pwren { + name = "exp-pwren"; + gpio = <&gpio0 22 0>; + output-low; + }; + + bcm-rst { + name = "bcm-rst"; + gpio = <&gpio0 30 0>; + output-low; + }; + + + /* unclaimed, exported for debug only */ + oled-data-select { + name = "oled-data-select"; + gpio = <&gpio0 7 0>; + output-low; + no-claim; + }; + + kp-int { + name = "kp-int"; + gpio = <&gpio1 16 0>; + input; + no-claim; + }; + + usb-rst { + name = "usb-rst"; + gpio = <&gpio0 23 0>; + output-low; + no-claim; + }; + + audio-rst { + name = "audio-rst"; + gpio = <&gpio1 1 0>; + output-low; + no-claim; + }; + + pcie-rst { + name = "pcie-rst"; + gpio = <&gpio0 17 0>; + output-low; + no-claim; + }; + + keypad-oled-rst { + name = "keypad-oled-rst"; + gpio = <&gpio0 21 0>; + output-low; + no-claim; + }; + + oled-vcc { + name = "oled-vcc"; + gpio = <&gpio0 20 0>; + output-low; + no-claim; + }; + }; +}; + +&gpio0 { + gpio-line-names = "", /* 0 */ + "", /* 1 */ + "", /* 2 */ + "", /* 3 */ + "", /* 4 */ + "", /* 5 */ + "", /* 6 */ + "oled-data-select", /* 7 */ + "", /* 8 */ + "", /* 9 */ + "", /* 10 */ + "", /* 11 */ + "sfp-txdis", /* 12 */ + "test-mode", /* 13 */ + "wlan-rst", /* 14 */ + "", /* 15 */ + "", /* 16 */ + "pcie-rst", /* 17 */ + "", /* 18 */ + "", /* 19 */ + "oled-vcc", /* 20 */ + "keypad-oled-rst", /* 21 */ + "exp-pwren", /* 22 */ + "usb-rst", /* 23 */ + "", /* 24 */ + "", /* 25 */ + "", /* 26 */ + "", /* 27 */ + "sw-reset", /* 28 */ + "sw-int", /* 29 */ + "bcm-rst", /* 30 */ + "sfp-presence"; /* 31 */ +}; + +&gpio1 { + gpio-line-names = "sfp-pwrgood", /* 0 */ + "audio-rst", /* 1 */ + "spi-cs-bcm", /* 2 */ + "sfp-txfault", /* 3 */ + "", /* 4 */ + "", /* 5 */ + "sfp-rxloss", /* 6*/ + "", /* 7 */ + "", /* 8 */ + "", /* 9 */ + "", /* 10 */ + "", /* 11 */ + "exp-rst", /* 12 */ + "pos-sense", /* 13 */ + "exp-pwrgood", /* 14 */ + "exp-presence", /* 15 */ + "kp-int", /* 16 */ + "sfp-pwren"; /* 17 */ +}; + +&usb0 { + status = "okay"; + resets = <&fbxgw2r_rst 0>; +}; + +&mdio { + status = "okay"; + + mv6176: mv6176@0 { + compatible = "freebox,fbxgw-mv6176"; + reg = <0>; + gpio-reset = <&gpio0 28 0>; + }; +}; + +ð0 { + status = "okay"; +}; + +ð0port { + fbxserial-mac-address = <0>; + speed = <1000>; + duplex = <1>; +}; + +&i2c0 { + cap1066@28 { + resets = <&fbxgw2r_rst 2>; + irq-gpio = <&gpio1 16 0>; + }; +}; + +&tdm_spi0 { + cs-gpios = <0>, <&gpio1 2 GPIO_ACTIVE_HIGH>; + + ssd1327@0 { + ssd1327,data-select-gpio = <&gpio0 7 GPIO_ACTIVE_HIGH>; + ssd1327,vcc-gpio = <&gpio0 20 GPIO_ACTIVE_HIGH>; + resets = <&fbxgw2r_rst 2>; + }; +}; + +&sata { + status = "okay"; + nr-ports = <2>; +}; + +&pciec { + status = "okay"; + reset-gpios = <&gpio0 17 GPIO_ACTIVE_LOW>, + <&gpio0 14 GPIO_ACTIVE_LOW>; +}; + +&pcie0 { + status = "okay"; +}; + +&nand { + nand-ecc-mode = "soft"; + nand-ecc-algo = "bch"; + /* this will make ecc_bytes == 7 */ + nand-ecc-strength = <4>; + nand-ecc-step-size = <512>; +}; + +&gpio1 { + marvell,broken-mpp33-dir = <1>; +}; + +&audio0 { + status = "okay"; +}; + +&i2c1 { + status = "okay"; + clock-frequency = <25000>; + + codec@4a { + compatible = "cirrus,cs42l52"; + reset-gpio = <&gpio1 1 GPIO_ACTIVE_LOW>; + reg = <0x4a>; + }; +}; + +&pcie1 { + status = "okay"; +}; --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/arch/arm/boot/dts/fbxgwr_exp_stb.dts 2023-02-27 20:56:44.638543009 +0100 @@ -0,0 +1,55 @@ +#include + +/dts-v1/; +/plugin/; + +/ { + compatible = "freebox,fbxgw1r", "freebox,fbxgw2r"; + + fragment@0 { + target = <&i2c0>; + __overlay__ { + #address-cells = <0x1>; + #size-cells = <0x0>; + + // IO expander + exp_gpio_extender: exp@41 { + compatible = "ti,pca9536"; + reg = <0x41>; + gpio-controller; + ngpios = <4>; + #gpio-cells = <2>; + gpio-line-names = "bank0-mode", /* 0 */ + "stb-rear-button-feedback", /* 1 */ + "test-mode", /* 2 */ + "stb-test-mode-feedback"; /* 3 */ + }; + }; + }; + + fragment@1 { + target-path="/"; + __overlay__ { + exp-fbxgpio { + compatible = "fbx,fbxgpio"; + exp-bank0-mode { + gpio = <&exp_gpio_extender 0 GPIO_ACTIVE_LOW>; + output-low; + }; + exp-stb-rear-button-feedback { + gpio = <&exp_gpio_extender 1 GPIO_ACTIVE_LOW>; + input; + }; + exp-test-mode { + gpio = <&exp_gpio_extender 2 GPIO_ACTIVE_HIGH>; + output-low; + }; + exp-stb-test-mode-feedback { + gpio = <&exp_gpio_extender 3 GPIO_ACTIVE_HIGH>; + input; + }; + }; + }; + }; + +}; --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/arch/arm/mach-mvebu/fbxgw-common.c 2024-04-22 14:46:50.508065930 +0200 @@ -0,0 +1,281 @@ +#include +#include +#include +#include +#include + +#include + +#include "kirkwood.h" + +#define PFX "fbxgw: " + +#define CPU_CONTROL_PEX0EN (1 << 0) +#define CPU_CONTROL_PEX1EN (1 << 4) + +#define KIRKWOOD_NAND_MEM_PHYS_BASE 0xf4000000 +#define KIRKWOOD_NAND_MEM_SIZE SZ_1K + +#define NAND_PHYS_BASE (0xf1010400) +#define NAND_RD_PARAM_OFF 0x0018 +#define NAND_WR_PARAM_OFF 0x001C +#define NAND_FLASH_CTL_OFF 0x0070 + +static inline bool machine_is_fbxgw1r(void) +{ + return of_machine_is_compatible("freebox,fbxgw1r"); +} + +static inline bool machine_is_fbxgw2r(void) +{ + return of_machine_is_compatible("freebox,fbxgw2r"); +} + +/* + * Hardcoded timings for two known NAND parts: + * - NUMONYX NAND01GW3B2CZA6F + * - TOSHIBA TC58NVG0S3EBAI4 + * + * Kirkwood to ONFI mapping (from Marvell) + * ======================================= + * TurnOff => tRHW + * Acc2First => tCEA + * Acc2Next => tRC + * NFOEnW => tREH + * CEn2WEn => tCS – tWP + * WrLow => tWP + * WrHigh => tWH + * + * = Numonyx + * tRHW = 100ns | 20 Turnoff cycles (regvalue = 16) + * tCEA = 25ns | 5 Acc2first cycles (regvalue = 9) + * tRC = 25ns | 5 Acc2next cycles (regvalue = 5) + * tREH = 10ns | 2 NOFEnW cycles (regvalue = 1) + * tCS - tWP = 20ns - 12ns = 8ns | 2 CEn2WEn cycles (regvalue = 6) + * tWp = 12ns | 3 WrLow cycles (regvalue = 3) + * tWh = 10ns | 2 WrHigh cycles (regvalue = 2) + * command delay: 25ns + * + * = Toshiba + * tRHW = 30ns | 6 Turnoff cycles (regvalue 2) + * tCEA = 25ns | 5 Acc2first cycles (regvalue 9) + * tRC = 25ns | 5 Acc2next cycles (regvalue 5) + * tREH = 10ns | 5 NOFEnW cycles (regvalue 2) + * tCS - tWP = 20ns - 12ns = 8ns | 2 CEn2WEn cycles (regvalue = 6) + * tWp = 12ns | 3 WrLow cycles (regvalue = 3) + * tWh = 10ns | 2 WrHigh cycles (regvalue = 2) + * command delay: 30ns + * + * all values are the same besides Turnoff + * add one cycle for all values + * + * BEWARE: Acc2next & NFOEnW ARE LINKED ! Any additional cycles given + * to NOFEnW must be accounted for in Acc2next + */ +#define NAND_COMMAND_DELAY 35 + +static void __init set_nand_timings(void) +{ + u32 val; + u32 turnoff, acc2first, acc2next, nofenw, cen2wen, wrlow, wrhigh; + void __iomem *nand_regs; + +#ifdef CONFIG_FBXGW_COMMON_NAND_SAFE_READ_TIMINGS + turnoff = 0x1f; + acc2first = 0x1f; + acc2next = 0x1f; + nofenw = 0xc; +#else + turnoff = 0x11; + acc2first = 0xa; + acc2next = 0x7; + nofenw = 0x2; +#endif + +#ifdef CONFIG_FBXGW_COMMON_NAND_SAFE_WRITE_TIMINGS + cen2wen = 0xf; + wrlow = 0xf; + wrhigh = 0xf; +#else + cen2wen = 0x7; + wrlow = 0x4; + wrhigh = 0x3; +#endif + + nand_regs = ioremap(NAND_PHYS_BASE, 0x100); + if (!nand_regs) { + /* + * FIXME: does this warrant a panic() ? + */ + pr_crit("unable to remap NAND registers to configure " + "timings.\n"); + return ; + } + + val = readl(nand_regs + NAND_RD_PARAM_OFF); + /* turnoff */ + val &= ~(0x1f << 0); + val |= (turnoff << 0); + /* acc2first */ + val &= ~(0x1f << 6); + val |= (acc2first << 6); + /* acc2next */ + val &= ~(0x1f << 17); + val |= (acc2next << 17); + writel(val, nand_regs + NAND_RD_PARAM_OFF); + + val = readl(nand_regs + NAND_FLASH_CTL_OFF); + /* nfoenw */ + val &= ~(0x1f << 9); + val |= (nofenw << 9); + writel(val, nand_regs + NAND_FLASH_CTL_OFF); + + val = readl(nand_regs + NAND_WR_PARAM_OFF); + /* CEn2WEn */ + val &= ~(0xf << 0); + val |= (cen2wen << 0); + /* WrLow */ + val &= ~(0xf << 8); + val |= (wrlow << 8); + /* WrHigh */ + val &= ~(0xf << 16); + val |= (wrhigh << 16); + writel(val, nand_regs + NAND_WR_PARAM_OFF); + + iounmap(nand_regs); +} + +/* + * fbxhwinfo fields, retrieved from ATAG list. + */ +char loader_version_str[128]; +int loader_erase_nvram = 0; +int loader_bank0_forced = 0; +EXPORT_SYMBOL(loader_version_str); +EXPORT_SYMBOL(loader_erase_nvram); +EXPORT_SYMBOL(loader_bank0_forced); + +static int parse_tag_loader_version(const struct tag *tag) +{ + const char *version; + + version = tag->u.loader_version.version; + if (strncmp(version, "u-boot-", 7) || + strlen(version) > sizeof (loader_version_str) - 1) { + pr_info(PFX "invalid loader version.\n"); + return 0; + } + + strcpy(loader_version_str, version); + pr_info(PFX "loader version is '%s'\n", loader_version_str); + return 0; +} +__tagtable(ATAG_LOADER_VERSION, parse_tag_loader_version); + +static int __init fbxgw_parse_boot_info(const struct tag *tag) +{ + if (tag->u.boot_info.erase_nvram) { + printk(KERN_INFO PFX "loader asked for nvram erase.\n"); + loader_erase_nvram = 1; + } + if (tag->u.boot_info.bank0_forced) { + printk(KERN_INFO PFX "loader user forced a bank0 boot.\n"); + loader_bank0_forced = 1; + } + return 0; +} +__tagtable(ATAG_BOOT_INFO, fbxgw_parse_boot_info); + +/* + * fbxserialinfo stuff. + */ +struct fbx_serial serial; +static int got_serial; + +const struct fbx_serial *arch_get_fbxserial(void) +{ + if (got_serial) + return &serial; + return NULL; +} +EXPORT_SYMBOL(arch_get_fbxserial); + +static int __init parse_fbxserial_tag(const struct tag *tag) +{ + memcpy(&serial, &tag->u.fbxserial, sizeof (serial)); + add_device_randomness(&serial, sizeof (serial)); + got_serial = 1; + return 0; +} +__tagtable(ATAG_FBXSERIAL, parse_fbxserial_tag); + +/* + * broadcom 6358 remote atm device + */ +static struct fbxatm_remote_pdata bcm6358_remote_pdata = { + .remote_mac = "\x00\x07\xcb\x00\x00\xfe", + .netdev_name = "bcmfbxatm0", + .remote_name = "bcm63xx_fbxxtm0", +}; + +static struct platform_device fbxatm_remote_device = { + .name = "fbxatm_remote", + .id = -1, + .dev = { + .platform_data = &bcm6358_remote_pdata, + }, +}; + +/* + * mainline pci-mvebu driver does not make sure PCIe is enabled at SOC + * level + */ +static void __init pcie_ensure_enabled(void) +{ + void __iomem *cpu_control; + u32 val; + + cpu_control = ioremap(CPU_CONTROL_PHYS, 4); + val = readl(cpu_control); + + if (!(val & CPU_CONTROL_PEX0EN)) + printk(KERN_INFO PFX "enabling PCIe0 hw\n"); + val |= CPU_CONTROL_PEX0EN; + + if (machine_is_fbxgw2r()) { + if (!(val & CPU_CONTROL_PEX1EN)) + printk(KERN_INFO PFX "enabling PCIe1 hw\n"); + val |= CPU_CONTROL_PEX1EN; + } + + writel(val, cpu_control); + iounmap(cpu_control); +} + +/* + * called from machine_init() (arch_initcall) + */ +static void __init fbxgw_init(void) +{ + panic_timeout = 10; + panic_on_oops = 1; + + pcie_ensure_enabled(); + set_nand_timings(); + platform_device_register(&fbxatm_remote_device); +} + +void __init fbxgw1r_init(void) +{ + printk("fbxgw1r-init.\n"); + fbxgw_init(); +} + +/* + * called from machine_init() (arch_initcall) + */ +void __init fbxgw2r_init(void) +{ + printk("fbxgw2r-init.\n"); + fbxgw_init(); +} --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/arch/arm/mach-mvebu/fbxgw-rst.c 2023-02-27 20:05:23.232298512 +0100 @@ -0,0 +1,164 @@ +#include +#include +#include +#include +#include +#include +#include + +struct rst_desc { + const char *name; + bool shared; +}; + +static const struct rst_desc descs[]= { + { "usb", false }, + { "audio", false }, + { "keypad-oled", true }, +}; + +struct rst_control_priv { + struct gpio_desc *gpio; + const struct rst_desc *desc; +}; + +struct rst_priv { + struct rst_control_priv controls[ARRAY_SIZE(descs)]; + struct reset_controller_dev rcdev; +}; + +/* + * + */ +static int op_assert(struct reset_controller_dev *rcdev, unsigned long id) +{ + struct rst_priv *priv = container_of((rcdev), struct rst_priv, rcdev); + struct rst_control_priv *rcp = &priv->controls[id]; + + if (WARN_ON(!rcp->gpio)) + return 0; + + if (gpiod_get_value(rcp->gpio)) + return 0; + + if (rcp->desc->shared) + return -EBUSY; + + gpiod_set_value(rcp->gpio, 1); + return 0; +} + +/* + * + */ +static int op_deassert(struct reset_controller_dev *rcdev, unsigned long id) +{ + struct rst_priv *priv = container_of((rcdev), struct rst_priv, rcdev); + struct rst_control_priv *rcp = &priv->controls[id]; + + if (WARN_ON(!rcp->gpio)) + return 0; + + gpiod_set_value(rcp->gpio, 0); + return 0; +} + +/* + * + */ +static int op_status(struct reset_controller_dev *rcdev, unsigned long id) +{ + struct rst_priv *priv = container_of((rcdev), struct rst_priv, rcdev); + struct rst_control_priv *rcp = &priv->controls[id]; + + if (WARN_ON(!rcp->gpio)) + return 0; + + return gpiod_get_value(rcp->gpio); +} + +static const struct reset_control_ops fbxgw_rst_ops = { + .assert = op_assert, + .deassert = op_deassert, + .status = op_status, +}; + +/* + * + */ +static int fbxgw_rst_probe(struct platform_device *pdev) +{ + struct reset_controller_dev *rcdev; + struct rst_priv *priv; + unsigned int i; + int ret; + + priv = devm_kzalloc(&pdev->dev, sizeof (*priv), GFP_KERNEL); + if (!priv) + return -ENOMEM; + + /* get all GPIOs */ + for (i = 0; i < ARRAY_SIZE(priv->controls); i++) { + struct rst_control_priv *rcp = &priv->controls[i]; + int ret; + + rcp->gpio = devm_gpiod_get_optional(&pdev->dev, descs[i].name, + GPIOD_ASIS); + if (!rcp->gpio) + continue; + + if (IS_ERR(rcp->gpio)) { + ret = PTR_ERR(rcp->gpio); + + if (ret != -EPROBE_DEFER) + dev_err(&pdev->dev, + "failed to get %s gpio :%d", + descs[i].name, ret); + return ret; + } + + ret = gpiod_get_direction(rcp->gpio); + WARN_ON(ret < 0); + + if (ret != GPIOF_DIR_OUT) { + dev_warn(&pdev->dev, + "reset gpio for %s was not previously " + "configured, forcing assert", descs[i].name); + gpiod_direction_output(rcp->gpio, 1); + } + + rcp->desc = &descs[i]; + } + + /* register controller */ + rcdev = &priv->rcdev; + rcdev->ops = &fbxgw_rst_ops; + rcdev->of_node = pdev->dev.of_node; + rcdev->of_reset_n_cells = 1; + rcdev->nr_resets = ARRAY_SIZE(priv->controls); + + ret = devm_reset_controller_register(&pdev->dev, rcdev); + if (ret) { + dev_err(&pdev->dev, + "failed to register reset controller: %d", ret); + return ret; + } + + return 0; +} + +static const struct of_device_id fbxgw_rst_ids[] = { + { .compatible = "freebox,fbxgw1r-rst" }, + { .compatible = "freebox,fbxgw2r-rst" }, + { } +}; + +static struct platform_driver fbxgw_rst_driver = { + .driver = { + .name = "fbxgw-rst", + .of_match_table = of_match_ptr(fbxgw_rst_ids), + }, + .probe = fbxgw_rst_probe, +}; + +builtin_platform_driver(fbxgw_rst_driver); --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/arch/arm/mach-mvebu/fbxgw-switch.c 2024-04-22 14:46:50.508065930 +0200 @@ -0,0 +1,502 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define PFX "fbxgw-switch: " + +#define PORTREG_SWITCH_IDENTIFIER 0x3 +#define PRODUCT_NUM(x) (((x) >> 4) & 0xfff) + +#define PDATA_MEMBER_UNMODIFIED 0 +#define PDATA_MEMBER_UNTAGGED 1 +#define PDATA_MEMBER_TAGGED 2 +#define PDATA_NOT_MEMBER 3 + +#define NFS_VLAN_ID 41 + +#define SWPORT(X) ((X) + 0x10) +#define PHYPORT(X) (X) +#define MARVELL_PHYPORT0 0x00 +#define MARVELL_SWPORT0 0x10 +#define MARVELL_SWPORT4 0x14 +#define MARVELL_SWPORT5 0x15 + +#define PORTREG_PCS 0x1 + +#define PCS_RGMII_RX_DELAY (1 << 15) +#define PCS_RGMII_TX_DELAY (1 << 14) +#define PCS_FORCELINK_UP (1 << 5) +#define PCS_FORCELINK (1 << 4) +#define PCS_FORCEDUPLEX_FULL (1 << 3) +#define PCS_FORCEDUPLEX (1 << 2) +#define PCS_FORCESPEED_10 0x0 +#define PCS_FORCESPEED_100 0x1 +#define PCS_FORCESPEED_1000 0x2 +#define PCS_FORCESPEED_AUTO 0x3 + +#define PORTREG_PCR 0x4 +#define PCR_PORTSTATE_DISABLED 0x0 +#define PCR_PORTSTATE_FORWARDING 0x3 + +#define PORTREG_VLANID 0x7 + +#define PORTREG_PCR2 0x8 +#define PCR2_MODE_SHIFT 10 +#define PCR2_MODE_SECURE 3 + +#define MARVELL_GLOBAL1 0x1b +#define MARVELL_GLOBAL2 0x1c + +#define GLOBREG_VTUFID 0x2 +#define GLOBREG_VTUSID 0x3 + +#define GLOBREG_GCR 0x4 +#define GCR_PPUEN (1 << 14) + +#define GLOBREG_VTUOP 0x5 +#define VTUOP_BUSY (1 << 15) +#define VTUOP_OP_LOAD (0x3 << 12) +#define VTUOP_OP_STU_LOAD (0x5 << 12) +#define VTUOP_OP_GETNEXT (0x4 << 12) + +#define GLOBREG_VTUVID 0x6 +#define VTUVID_VALID (1 << 12) + +#define GLOBREG_VTU_P03_DATA 0x7 +#define GLOBREG_VTU_P46_DATA 0x8 + +#define GLOBREG_VTU_DATA 0x9 + +#define GLOBREG_SMI_CMD 0x18 +# define SMI_CMD_BUSY (1 << 15) +# define SMI_CLAUSE_22 (1 << 12) +# define SMI_CMD_READ (2 << 10) +# define SMI_CMD_WRITE (1 << 10) +# define SMI_DEVADDR(DevAddr) (DevAddr << 5) +# define SMI_REGADDR(RegAddr) (RegAddr) +#define GLOBREG_SMI_DATA 0x19 + +#define GLOBREG_GSR 0x0 +# define GSR_PPU_POLLING (1 << 15) + + +/* + * voodo register content. P4_RGMII_FORCE is effective on revision A2 + * of mv6161 chip. see revision A2 release notes for details. + */ +#define P4_RGMII_DELAY 0x03 +#define P5_RGMII_DELAY 0x18 + +/* + * + */ +struct sw_priv { + int dev_id; + bool indirect_phy_access; + struct mdio_device *mdiodev; +}; + +/* + * hardcoded for now + */ +static inline bool do_vlan(void) +{ + return true; +} + +static int __sw_read(struct sw_priv *priv, int addr, u32 regnum) +{ + return mdiobus_read(priv->mdiodev->bus, addr, regnum); +} + +static int __sw_write(struct sw_priv *priv, int addr, u32 regnum, u16 val) +{ + return mdiobus_write(priv->mdiodev->bus, addr, regnum, val); +} + +static int __sw_indirect_wait(struct sw_priv *priv, int tries) +{ + while (tries) { + u16 val = __sw_read(priv, MARVELL_GLOBAL2, GLOBREG_SMI_CMD); + if ((val & SMI_CMD_BUSY) == 0) + return 0; + udelay(1000); + --tries; + } + return -ETIMEDOUT; +} + +static int __sw_indirect_read(struct sw_priv *priv, int phy_id, int reg) +{ + u16 smi_cmd = SMI_CMD_BUSY | SMI_CLAUSE_22 | SMI_CMD_READ | + SMI_DEVADDR(phy_id) | SMI_REGADDR(reg); + + __sw_write(priv, MARVELL_GLOBAL2, GLOBREG_SMI_CMD, smi_cmd); + if (__sw_indirect_wait(priv, 1000) < 0) { + printk(KERN_WARNING PFX "indirect phy read did not " + "complete.\n"); + return 0xffff; + } + return __sw_read(priv, MARVELL_GLOBAL2, GLOBREG_SMI_DATA); +} + +static int sw_phy_read(struct sw_priv *priv, int phy_id, int reg) +{ + if (priv->indirect_phy_access == false) + return __sw_read(priv, phy_id, reg); + else + return __sw_indirect_read(priv, phy_id, reg); +} + +static void __sw_indirect_write(struct sw_priv *priv, int phy_id, int reg, + int val) +{ + u16 smi_cmd = SMI_CMD_BUSY | SMI_CLAUSE_22 | SMI_CMD_WRITE | + SMI_DEVADDR(phy_id) | SMI_REGADDR(reg); + + __sw_write(priv, MARVELL_GLOBAL2, GLOBREG_SMI_DATA, val); + __sw_write(priv, MARVELL_GLOBAL2, GLOBREG_SMI_CMD, smi_cmd); + if (__sw_indirect_wait(priv, 1000) < 0) { + printk(KERN_WARNING PFX "indirect phy write did not " + "complete.\n"); + } +} + +static void sw_phy_write(struct sw_priv *priv, int phy_id, int reg, int val) +{ + + if (priv->indirect_phy_access == false) + __sw_write(priv, phy_id, reg, val); + else + __sw_indirect_write(priv, phy_id, reg, val); +} + +static void __vtu_wait(struct sw_priv *priv) +{ + for (;;) { + u16 val = __sw_read(priv, MARVELL_GLOBAL1, GLOBREG_VTUOP); + if ((val & (1 << 15)) == 0) + break; + msleep(10); + } +} + +static void fbxgw_sw_vtu_stu_init(struct sw_priv *priv, int port_state, + size_t nr_ports) +{ + u16 vtu_op = VTUOP_OP_STU_LOAD; + u16 regs[2] = { 0 , 0 }; + int i; + + __sw_write(priv, MARVELL_GLOBAL1, GLOBREG_VTUOP, vtu_op); + + __sw_write(priv, MARVELL_GLOBAL1, GLOBREG_VTUSID, 0); + __sw_write(priv, MARVELL_GLOBAL1, GLOBREG_VTUVID, VTUVID_VALID); + + + for (i = 0; i < nr_ports; ++i) { + int off; + int shift; + + off = i / 4; + shift = 4 * (i % 4) + 2; + + regs[off] |= port_state << shift; + } + + __sw_write(priv, MARVELL_GLOBAL1, GLOBREG_VTU_P03_DATA, regs[0]); + __sw_write(priv, MARVELL_GLOBAL1, GLOBREG_VTU_P46_DATA, regs[1]); + + vtu_op |= VTUOP_BUSY; + __sw_write(priv, MARVELL_GLOBAL1, GLOBREG_VTUOP, vtu_op); + __vtu_wait(priv); +} + +static void fbxgw_sw_vtu_load(struct sw_priv *priv, u16 vid, const u8 *ports, + size_t nr_ports) +{ + u16 vtu_op; + u16 regs[2] = { 0, 0 }; + int i; + + vtu_op = VTUOP_OP_LOAD; + __sw_write(priv, MARVELL_GLOBAL1, GLOBREG_VTUOP, vtu_op); + + __sw_write(priv, MARVELL_GLOBAL1, GLOBREG_VTUFID, 1); + __sw_write(priv, MARVELL_GLOBAL1, GLOBREG_VTUSID, 0); + + __sw_write(priv, MARVELL_GLOBAL1, GLOBREG_VTUVID, + vid | VTUVID_VALID); + + for (i = 0; i < nr_ports; ++i) { + int off; + int shift; + + off = (i / 4); + shift = (i % 4) * 4; + + regs[off] |= ports[i] << shift; + } + + __sw_write(priv, MARVELL_GLOBAL1, GLOBREG_VTU_P03_DATA, regs[0]); + __sw_write(priv, MARVELL_GLOBAL1, GLOBREG_VTU_P46_DATA, regs[1]); + + vtu_op |= VTUOP_BUSY; + __sw_write(priv, MARVELL_GLOBAL1, GLOBREG_VTUOP, vtu_op); + + __vtu_wait(priv); +} + +static void fbxgw_sw_config_cpu_port(struct sw_priv *priv, int swport) +{ + u16 pcs = PCS_FORCEDUPLEX_FULL | PCS_FORCEDUPLEX | + PCS_FORCESPEED_1000 | + PCS_FORCELINK | PCS_FORCELINK_UP; + + if (priv->dev_id == 0x6176) + pcs |= PCS_RGMII_TX_DELAY | PCS_RGMII_RX_DELAY; + else { + static u16 delay; + /* + * set rgmii delay for cpu port (5) and ftth port (4), also + * force ftth port in RGMII mode + */ + if (swport == 5) + delay = P5_RGMII_DELAY; + else + delay = P4_RGMII_DELAY; + __sw_write(priv, MARVELL_SWPORT4, 0x1a, 0x81e7); + (void)__sw_read(priv, MARVELL_SWPORT5, 0x1a); + __sw_write(priv, MARVELL_SWPORT5, 0x1a, P5_RGMII_DELAY); + __sw_write(priv, MARVELL_SWPORT4, 0x1a, 0xc1e7); + } + + __sw_write(priv, swport, PORTREG_PCS, pcs); +} + +static void fbxgw_sw_config_phy_port(struct sw_priv *priv, int phy_port) +{ + u16 val; + + if (priv->indirect_phy_access == false) { + val = __sw_read(priv, MARVELL_GLOBAL1, GLOBREG_GCR); + val &= ~GCR_PPUEN; + __sw_write(priv, MARVELL_GLOBAL1, GLOBREG_GCR, val); + } + + + /* power up phy for eth port 0 */ + val = sw_phy_read(priv, phy_port, 0x00); + val &= ~0x0800; + sw_phy_write(priv, phy_port, 0x00, val); + + + /* restart autoneg */ + val = sw_phy_read(priv, phy_port, 0x00); + val |= 0x0200; + sw_phy_write(priv, phy_port, 0x00, val); + + sw_phy_write(priv, phy_port, 20, 0); + + if (priv->indirect_phy_access == false) { + val = __sw_read(priv, MARVELL_GLOBAL1, GLOBREG_GCR); + val |= GCR_PPUEN; + __sw_write(priv, MARVELL_GLOBAL1, GLOBREG_GCR, val); + } +} + +static void fbxgw_sw_port_default_vid(struct sw_priv *priv, + int swport, u16 vid) +{ + u16 val; + + val = __sw_read(priv, swport, PORTREG_VLANID); + val &= ~0xfff; + val |= vid; + __sw_write(priv, swport, PORTREG_VLANID, val); +} + +static void fbxgw_sw_port_dot1q_secure(struct sw_priv *priv, int swport) +{ + u16 val; + + val = __sw_read(priv, swport, PORTREG_PCR2); + val &= ~(3 << PCR2_MODE_SHIFT); + val |= (PCR2_MODE_SECURE << PCR2_MODE_SHIFT); + __sw_write(priv, swport, PORTREG_PCR2, val); +} + +static void fbxgw_sw_port_forward_enable(struct sw_priv *priv, int swport) +{ + u16 val; + + /* enable forwarding */ + val = __sw_read(priv, swport, PORTREG_PCR); + val |= PCR_PORTSTATE_FORWARDING; + __sw_write(priv, swport, PORTREG_PCR, val); +} + +static int mv6161_config(struct sw_priv *priv) +{ + struct device *dev = &priv->mdiodev->dev; + u16 val; + + /* probe */ + val = __sw_read(priv, SWPORT(0), PORTREG_SWITCH_IDENTIFIER); + if (PRODUCT_NUM(val) != 0x161) { + printk(KERN_ERR PFX "unknown switch id: 0x%08x\n", + PRODUCT_NUM(val)); + return 1; + } + + priv->dev_id = 0x6161; + priv->indirect_phy_access = false; + + fbxgw_sw_config_cpu_port(priv, SWPORT(5)); + fbxgw_sw_config_phy_port(priv, PHYPORT(1)); + + if (do_vlan()) { + const u8 config[6] = { + PDATA_NOT_MEMBER, + PDATA_MEMBER_UNTAGGED, + PDATA_NOT_MEMBER, + PDATA_NOT_MEMBER, + PDATA_NOT_MEMBER, + PDATA_MEMBER_TAGGED, + }; + + fbxgw_sw_vtu_load(priv, NFS_VLAN_ID, config, sizeof (config)); + + fbxgw_sw_port_default_vid(priv, SWPORT(1), NFS_VLAN_ID); + fbxgw_sw_port_dot1q_secure(priv, SWPORT(1)); + fbxgw_sw_port_dot1q_secure(priv, SWPORT(5)); + } + + fbxgw_sw_port_forward_enable(priv, SWPORT(1)); + fbxgw_sw_port_forward_enable(priv, SWPORT(5)); + + dev_info(dev, "marvell 6161 initialized\n"); + return 0; +} + +static int mv6176_config(struct sw_priv *priv) +{ + struct device *dev = &priv->mdiodev->dev; + u16 val; + + /* probe */ + val = __sw_read(priv, SWPORT(0), PORTREG_SWITCH_IDENTIFIER); + if (PRODUCT_NUM(val) != 0x176) { + printk(KERN_ERR PFX "unknown switch id: 0x%08x\n", + PRODUCT_NUM(val)); + return 1; + } + + priv->dev_id = 0x6176; + priv->indirect_phy_access = true; + + fbxgw_sw_config_cpu_port(priv, SWPORT(5)); + fbxgw_sw_config_phy_port(priv, PHYPORT(0)); + + __sw_write(priv, SWPORT(0), 0x16, 0x8011); + __sw_write(priv, SWPORT(1), 0x16, 0x8011); + __sw_write(priv, SWPORT(2), 0x16, 0x8011); + __sw_write(priv, SWPORT(3), 0x16, 0x8011); + + if (do_vlan()) { + const u8 config[7] = { + PDATA_MEMBER_UNTAGGED, + PDATA_NOT_MEMBER, + PDATA_NOT_MEMBER, + PDATA_NOT_MEMBER, + PDATA_NOT_MEMBER, + PDATA_MEMBER_TAGGED, + PDATA_NOT_MEMBER, + }; + + fbxgw_sw_vtu_stu_init(priv, PCR_PORTSTATE_FORWARDING, + sizeof (config)); + fbxgw_sw_vtu_load(priv, NFS_VLAN_ID, config, sizeof (config)); + + fbxgw_sw_port_default_vid(priv, SWPORT(0), NFS_VLAN_ID); + fbxgw_sw_port_dot1q_secure(priv, SWPORT(0)); + fbxgw_sw_port_dot1q_secure(priv, SWPORT(5)); + } + + fbxgw_sw_port_forward_enable(priv, SWPORT(5)); + fbxgw_sw_port_forward_enable(priv, SWPORT(0)); + + dev_info(dev, "marvell 6176 initialized\n"); + return 0; +} + +static int fbxgw_mv61xx_probe(struct mdio_device *mdiodev) +{ + struct device *dev = &mdiodev->dev; + struct sw_priv *priv; + int reset_gpio; + unsigned int flags; + u32 id; + + reset_gpio = of_get_named_gpio_flags(dev->of_node, + "gpio-reset", 0, &flags); + if (reset_gpio < 0) + return reset_gpio; + + priv = devm_kzalloc(dev, sizeof (*priv), GFP_KERNEL); + if (!priv) + return -ENOMEM; + + priv->mdiodev = mdiodev; + dev_info(dev, "resetting switch\n"); + + gpio_direction_output(reset_gpio, 0); + msleep(1); + gpio_set_value(reset_gpio, 1); + msleep(2000); + + id = (u32)of_device_get_match_data(dev); + switch (id) { + case 0x6161: + return mv6161_config(priv); + + case 0x6176: + return mv6176_config(priv); + + default: + dev_err(dev, "unsupported model\n"); + return -ENODEV; + } + + mdiodev->flags = MDIO_DEVICE_FLAG_PHY; + return 0; +} + +static const struct of_device_id fbxgw_mv61xx_of_match[] = { + { + .compatible = "freebox,fbxgw-mv6161", + .data = (void *)0x6161, + }, + { + .compatible = "freebox,fbxgw-mv6176", + .data = (void *)0x6176, + }, + { /* sentinel */ }, +}; + +static struct mdio_driver fbxgw_mv61xx_driver = { + .probe = fbxgw_mv61xx_probe, + .mdiodrv.driver = { + .name = "fbxgw-mv61xx", + .of_match_table = of_match_ptr(fbxgw_mv61xx_of_match), + }, +}; + +mdio_module_driver(fbxgw_mv61xx_driver); --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/arch/arm/mach-mvebu/fbxgw1r-gpio-sr.c 2024-04-22 14:46:50.512066040 +0200 @@ -0,0 +1,204 @@ +#include +#include +#include +#include +#include +#include +#include +#include + +/* + * priv + */ +struct gpio_sr_priv { + int gpio_din; + int gpio_clk; + int gpio_load; + + struct gpio_chip gc; + spinlock_t lock; + + /* + * reset values can not be read back from shift registers, we + * have to keep them + */ + unsigned long cache_value; +}; + +/* + * set shift registers output to given value + */ +static void __set_shift_register(struct gpio_sr_priv *priv, u8 val) +{ + int i; + + gpio_set_value(priv->gpio_clk, 0); + gpio_set_value(priv->gpio_load, 0); + + udelay(1); + + for (i = 7; i >= 0; i--) { + gpio_set_value(priv->gpio_din, (val & (1 << i)) ? 1 : 0); + udelay(100); + gpio_set_value(priv->gpio_clk, 1); + udelay(100); + gpio_set_value(priv->gpio_clk, 0); + } + + udelay(1); + gpio_set_value(priv->gpio_load, 1); + udelay(1); +} + +/* + * clear or set sr bit + */ +static void sr_gpio_set(struct gpio_chip *chip, unsigned offset, int value) +{ + struct gpio_sr_priv *priv = gpiochip_get_data(chip); + unsigned long flags; + + if (!(test_bit(offset, &priv->cache_value) ^ value)) + return; + + spin_lock_irqsave(&priv->lock, flags); + if (value) + __set_bit(offset, &priv->cache_value); + else + __clear_bit(offset, &priv->cache_value); + __set_shift_register(priv, (u8)priv->cache_value); + spin_unlock_irqrestore(&priv->lock, flags); +} + +/* + * return cached bit value + */ +static int sr_gpio_get(struct gpio_chip *chip, unsigned int offset) +{ + struct gpio_sr_priv *priv = gpiochip_get_data(chip); + return test_bit(offset, &priv->cache_value); +} + +/* + * fixed direction + */ +static int sr_gpio_direction_output(struct gpio_chip *chip, + unsigned int offset, + int value) +{ + sr_gpio_set(chip, offset, value); + return 0; +} + +/* + * fixed direction + */ +static int sr_gpio_get_direction(struct gpio_chip *chip, unsigned int offset) +{ + return 0; +} + +static int fbxgw1r_gpio_sr_probe(struct platform_device *pdev) +{ + struct device_node *np = pdev->dev.of_node; + struct gpio_sr_priv *priv; + struct gpio_chip *gc; + unsigned int flags; + u32 init_val, ngpios; + int ret; + + priv = devm_kzalloc(&pdev->dev, sizeof (*priv), GFP_KERNEL); + if (!priv) + return -ENOMEM; + + spin_lock_init(&priv->lock); + + if (of_property_read_u32(np, "ngpios", &ngpios)) { + dev_err(&pdev->dev, "Missing ngpios OF property\n"); + return -ENODEV; + } + + if (ngpios > 8) { + dev_err(&pdev->dev, "invalid number of gpios\n"); + return -ENODEV; + } + + /* get all GPIOs */ + priv->gpio_din = of_get_named_gpio_flags(np, "sr,gpio-din", 0, &flags); + if (priv->gpio_din < 0) + return priv->gpio_din; + + priv->gpio_clk = of_get_named_gpio_flags(np, "sr,gpio-clk", 0, &flags); + if (priv->gpio_clk < 0) + return priv->gpio_clk; + + priv->gpio_load = of_get_named_gpio_flags(np, "sr,gpio-load", 0, &flags); + if (priv->gpio_load < 0) + return priv->gpio_load; + + ret = of_property_read_u32(np, "sr,init-value", &init_val); + if (ret) { + dev_err(&pdev->dev, "missing \n"); + return ret; + } + + ret = devm_gpio_request(&pdev->dev, priv->gpio_din, + "sr-gpio-din"); + if (ret < 0) { + dev_err(&pdev->dev, "failed to request gpio din"); + return ret; + } + + ret = devm_gpio_request(&pdev->dev, priv->gpio_load, + "sr-gpio-load"); + if (ret < 0) { + dev_err(&pdev->dev, "failed to request gpio load"); + return ret; + } + + ret = devm_gpio_request(&pdev->dev, priv->gpio_clk, + "sr-gpio-clk"); + if (ret < 0) { + dev_err(&pdev->dev, "failed to request gpio clk"); + return ret; + } + + priv->cache_value = init_val; + __set_shift_register(priv, (u8)priv->cache_value); + + /* register gpiochip */ + gc = &priv->gc; + gc->base = -1; + gc->label = "fbxgw1r-gpio-sr"; + gc->get = sr_gpio_get; + gc->set = sr_gpio_set; + gc->get_direction = sr_gpio_get_direction; + gc->direction_output = sr_gpio_direction_output; + gc->ngpio = 8; + gc->of_node = np; + gc->parent = &pdev->dev; + + ret = gpiochip_add_data(&priv->gc, priv); + if (ret) { + dev_err(&pdev->dev, + "cannot add fbxgw1r GPIO SR chip, error=%d", ret); + return ret; + } + + return 0; +} + +static const struct of_device_id fbxgw1r_gpio_sr_ids[] = { + { .compatible = "freebox,fbxgw1r-gpio-sr" }, + { } +}; + +static struct platform_driver fbxgw1r_gpio_sr_driver = { + .driver = { + .name = "fbxgw1r-gpio-sr", + .of_match_table = of_match_ptr(fbxgw1r_gpio_sr_ids), + }, + .probe = fbxgw1r_gpio_sr_probe, +}; + +builtin_platform_driver(fbxgw1r_gpio_sr_driver); --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/config 2024-04-22 14:50:09.701508095 +0200 @@ -0,0 +1,4603 @@ +# +# Automatically generated file; DO NOT EDIT. +# Linux/arm 5.15.42 Kernel Configuration +# +CONFIG_CC_VERSION_TEXT="arm-linux-muslgnueabi-gcc (freebox) 10.4.0" +CONFIG_CC_IS_GCC=y +CONFIG_GCC_VERSION=100400 +CONFIG_CLANG_VERSION=0 +CONFIG_AS_IS_GNU=y +CONFIG_AS_VERSION=23800 +CONFIG_LD_IS_BFD=y +CONFIG_LD_VERSION=23800 +CONFIG_LLD_VERSION=0 +CONFIG_CC_CAN_LINK=y +CONFIG_CC_CAN_LINK_STATIC=y +CONFIG_CC_HAS_ASM_GOTO=y +CONFIG_CC_HAS_ASM_INLINE=y +CONFIG_CC_HAS_NO_PROFILE_FN_ATTR=y +CONFIG_IRQ_WORK=y +CONFIG_BUILDTIME_TABLE_SORT=y + +# +# General setup +# +CONFIG_BROKEN_ON_SMP=y +CONFIG_INIT_ENV_ARG_LIMIT=32 +CONFIG_CROSS_COMPILE="/opt/toolchains/armeabi-musl-1.2.2-gcc-10.4.0-binutils-2.38-gdb-11.2-1/bin/arm-linux-muslgnueabi-" +# CONFIG_COMPILE_TEST is not set +# CONFIG_WERROR is not set +CONFIG_LOCALVERSION="" +CONFIG_LOCALVERSION_AUTO=y +CONFIG_BUILD_SALT="" +CONFIG_HAVE_KERNEL_GZIP=y +CONFIG_HAVE_KERNEL_LZMA=y +CONFIG_HAVE_KERNEL_XZ=y +CONFIG_HAVE_KERNEL_LZO=y +CONFIG_HAVE_KERNEL_LZ4=y +CONFIG_KERNEL_GZIP=y +# CONFIG_KERNEL_LZMA is not set +# CONFIG_KERNEL_XZ is not set +# CONFIG_KERNEL_LZO is not set +# CONFIG_KERNEL_LZ4 is not set +CONFIG_DEFAULT_INIT="" +CONFIG_DEFAULT_HOSTNAME="(none)" +CONFIG_SWAP=y +CONFIG_SYSVIPC=y +CONFIG_SYSVIPC_SYSCTL=y +# CONFIG_POSIX_MQUEUE is not set +# CONFIG_WATCH_QUEUE is not set +# CONFIG_CROSS_MEMORY_ATTACH is not set +# CONFIG_USELIB is not set +CONFIG_AUDIT=y +CONFIG_HAVE_ARCH_AUDITSYSCALL=y +CONFIG_AUDITSYSCALL=y + +# +# IRQ subsystem +# +CONFIG_GENERIC_IRQ_PROBE=y +CONFIG_GENERIC_IRQ_SHOW=y +CONFIG_GENERIC_IRQ_SHOW_LEVEL=y +CONFIG_HARDIRQS_SW_RESEND=y +CONFIG_GENERIC_IRQ_CHIP=y +CONFIG_IRQ_DOMAIN=y +CONFIG_HANDLE_DOMAIN_IRQ=y +CONFIG_IRQ_FORCED_THREADING=y +CONFIG_SPARSE_IRQ=y +# CONFIG_GENERIC_IRQ_DEBUGFS is not set +# end of IRQ subsystem + +CONFIG_GENERIC_IRQ_MULTI_HANDLER=y +CONFIG_GENERIC_CLOCKEVENTS=y + +# +# Timers subsystem +# +CONFIG_TICK_ONESHOT=y +CONFIG_HZ_PERIODIC=y +# CONFIG_NO_HZ_IDLE is not set +# CONFIG_NO_HZ is not set +CONFIG_HIGH_RES_TIMERS=y +# end of Timers subsystem + +CONFIG_BPF=y +CONFIG_HAVE_EBPF_JIT=y + +# +# BPF subsystem +# +# CONFIG_BPF_SYSCALL is not set +CONFIG_BPF_JIT=y +# end of BPF subsystem + +CONFIG_PREEMPT_NONE=y +# CONFIG_PREEMPT_VOLUNTARY is not set +# CONFIG_PREEMPT is not set +CONFIG_PREEMPT_COUNT=y + +# +# CPU/Task time and stats accounting +# +CONFIG_TICK_CPU_ACCOUNTING=y +# CONFIG_VIRT_CPU_ACCOUNTING_GEN is not set +CONFIG_IRQ_TIME_ACCOUNTING=y +# CONFIG_BSD_PROCESS_ACCT is not set +# CONFIG_TASKSTATS is not set +# CONFIG_PSI is not set +# end of CPU/Task time and stats accounting + +# +# RCU Subsystem +# +CONFIG_TINY_RCU=y +# CONFIG_RCU_EXPERT is not set +CONFIG_SRCU=y +CONFIG_TINY_SRCU=y +# end of RCU Subsystem + +# CONFIG_IKCONFIG is not set +# CONFIG_IKHEADERS is not set +CONFIG_LOG_BUF_SHIFT=16 +CONFIG_PRINTK_SAFE_LOG_BUF_SHIFT=13 +# CONFIG_PRINTK_INDEX is not set +# CONFIG_FBX_DECRYPT_INITRD is not set +CONFIG_GENERIC_SCHED_CLOCK=y + +# +# Scheduler features +# +# end of Scheduler features + +CONFIG_CGROUPS=y +# CONFIG_MEMCG is not set +# CONFIG_BLK_CGROUP is not set +# CONFIG_CGROUP_SCHED is not set +# CONFIG_CGROUP_PIDS is not set +# CONFIG_CGROUP_RDMA is not set +# CONFIG_CGROUP_FREEZER is not set +# CONFIG_CGROUP_DEVICE is not set +# CONFIG_CGROUP_CPUACCT is not set +# CONFIG_CGROUP_MISC is not set +# CONFIG_CGROUP_DEBUG is not set +CONFIG_NAMESPACES=y +CONFIG_UTS_NS=y +CONFIG_IPC_NS=y +# CONFIG_USER_NS is not set +# CONFIG_PID_NS is not set +CONFIG_NET_NS=y +# CONFIG_CHECKPOINT_RESTORE is not set +# CONFIG_SCHED_AUTOGROUP is not set +# CONFIG_SYSFS_DEPRECATED is not set +# CONFIG_RELAY is not set +CONFIG_BLK_DEV_INITRD=y +CONFIG_INITRAMFS_SOURCE="" +# CONFIG_INITRAMFS_FORCE is not set +# CONFIG_RD_GZIP is not set +# CONFIG_RD_BZIP2 is not set +# CONFIG_RD_LZMA is not set +# CONFIG_RD_XZ is not set +# CONFIG_RD_LZO is not set +# CONFIG_RD_LZ4 is not set +# CONFIG_RD_ZSTD is not set +# CONFIG_BOOT_CONFIG is not set +# CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE is not set +CONFIG_CC_OPTIMIZE_FOR_SIZE=y +CONFIG_LD_ORPHAN_WARN=y +CONFIG_SYSCTL=y +CONFIG_HAVE_UID16=y +CONFIG_EXPERT=y +CONFIG_UID16=y +CONFIG_MULTIUSER=y +# CONFIG_SGETMASK_SYSCALL is not set +# CONFIG_SYSFS_SYSCALL is not set +# CONFIG_FHANDLE is not set +CONFIG_POSIX_TIMERS=y +CONFIG_PRINTK=y +CONFIG_BUG=y +CONFIG_ELF_CORE=y +CONFIG_BASE_FULL=y +CONFIG_FUTEX=y +CONFIG_FUTEX_PI=y +CONFIG_HAVE_FUTEX_CMPXCHG=y +CONFIG_EPOLL=y +CONFIG_SIGNALFD=y +CONFIG_TIMERFD=y +CONFIG_EVENTFD=y +CONFIG_SHMEM=y +CONFIG_AIO=y +# CONFIG_IO_URING is not set +CONFIG_ADVISE_SYSCALLS=y +CONFIG_MEMBARRIER=y +CONFIG_KALLSYMS=y +# CONFIG_KALLSYMS_ALL is not set +CONFIG_KALLSYMS_BASE_RELATIVE=y +# CONFIG_USERFAULTFD is not set +CONFIG_ARCH_HAS_MEMBARRIER_SYNC_CORE=y +# CONFIG_KCMP is not set +# CONFIG_RSEQ is not set +CONFIG_EMBEDDED=y +CONFIG_HAVE_PERF_EVENTS=y +CONFIG_PERF_USE_VMALLOC=y +# CONFIG_PC104 is not set + +# +# Kernel Performance Events And Counters +# +# CONFIG_PERF_EVENTS is not set +# end of Kernel Performance Events And Counters + +CONFIG_VM_EVENT_COUNTERS=y +CONFIG_SLUB_DEBUG=y +CONFIG_COMPAT_BRK=y +# CONFIG_SLAB is not set +CONFIG_SLUB=y +# CONFIG_SLOB is not set +CONFIG_SLAB_MERGE_DEFAULT=y +# CONFIG_SLAB_FREELIST_RANDOM is not set +# CONFIG_SLAB_FREELIST_HARDENED is not set +# CONFIG_SHUFFLE_PAGE_ALLOCATOR is not set +# CONFIG_PROFILING is not set +# end of General setup + +CONFIG_ARM=y +CONFIG_ARM_HAS_SG_CHAIN=y +CONFIG_SYS_SUPPORTS_APM_EMULATION=y +CONFIG_HAVE_PROC_CPU=y +CONFIG_STACKTRACE_SUPPORT=y +CONFIG_LOCKDEP_SUPPORT=y +CONFIG_FIX_EARLYCON_MEM=y +CONFIG_GENERIC_HWEIGHT=y +CONFIG_GENERIC_CALIBRATE_DELAY=y +CONFIG_ARCH_SUPPORTS_UPROBES=y +CONFIG_ARM_PATCH_PHYS_VIRT=y +CONFIG_GENERIC_BUG=y +CONFIG_PGTABLE_LEVELS=2 + +# +# System Type +# +CONFIG_MMU=y +CONFIG_ARCH_MMAP_RND_BITS_MIN=8 +CONFIG_ARCH_MMAP_RND_BITS_MAX=15 +CONFIG_ARCH_MULTIPLATFORM=y +# CONFIG_ARCH_EP93XX is not set +# CONFIG_ARCH_FOOTBRIDGE is not set +# CONFIG_ARCH_IOP32X is not set +# CONFIG_ARCH_IXP4XX is not set +# CONFIG_ARCH_DOVE is not set +# CONFIG_ARCH_PXA is not set +# CONFIG_ARCH_RPC is not set +# CONFIG_ARCH_SA1100 is not set +# CONFIG_ARCH_S3C24XX is not set +# CONFIG_ARCH_OMAP1 is not set + +# +# Multiple platform selection +# + +# +# CPU Core family selection +# +# CONFIG_ARCH_MULTI_V4 is not set +# CONFIG_ARCH_MULTI_V4T is not set +CONFIG_ARCH_MULTI_V5=y +CONFIG_ARCH_MULTI_V4_V5=y +# CONFIG_ARCH_MULTI_V6 is not set +# CONFIG_ARCH_MULTI_V7 is not set +CONFIG_ARCH_MULTI_CPU_AUTO=y +# end of Multiple platform selection + +# CONFIG_MACH_ASM9260 is not set +# CONFIG_ARCH_ASPEED is not set +# CONFIG_ARCH_AT91 is not set +# CONFIG_ARCH_DAVINCI is not set +# CONFIG_ARCH_HISI is not set +# CONFIG_ARCH_MXC is not set +# CONFIG_ARCH_INTEGRATOR is not set +# CONFIG_ARCH_LPC32XX is not set +# CONFIG_ARCH_MMP is not set +# CONFIG_ARCH_MV78XX0 is not set +CONFIG_ARCH_MVEBU=y +CONFIG_MACH_MVEBU_ANY=y +CONFIG_MACH_KIRKWOOD=y +# CONFIG_MACH_KIRKWOOD_DTB is not set +CONFIG_FBXGW_COMMON=y +CONFIG_MACH_FBXGW2R=y +CONFIG_MACH_FBXGW1R=y +CONFIG_FBXGW_COMMON_ETHSW=y +# CONFIG_FBXGW_COMMON_NAND_SAFE_READ_TIMINGS is not set +# CONFIG_FBXGW_COMMON_NAND_SAFE_WRITE_TIMINGS is not set +# CONFIG_ARCH_MXS is not set +# CONFIG_ARCH_NOMADIK is not set +# CONFIG_ARCH_NPCM is not set +# CONFIG_ARCH_NSPIRE is not set +# CONFIG_ARCH_ORION5X is not set +# CONFIG_ARCH_OXNAS is not set +# CONFIG_ARCH_REALVIEW is not set +# CONFIG_PLAT_SPEAR is not set +# CONFIG_ARCH_SUNXI is not set +# CONFIG_ARCH_VERSATILE is not set +# CONFIG_ARCH_WM8505 is not set +CONFIG_PLAT_ORION=y + +# +# Processor Type +# +CONFIG_CPU_FEROCEON=y +# CONFIG_CPU_FEROCEON_OLD_ID is not set +CONFIG_CPU_THUMB_CAPABLE=y +CONFIG_CPU_32v5=y +CONFIG_CPU_ABRT_EV5T=y +CONFIG_CPU_PABRT_LEGACY=y +CONFIG_CPU_CACHE_VIVT=y +CONFIG_CPU_COPY_FEROCEON=y +CONFIG_CPU_TLB_FEROCEON=y +CONFIG_CPU_CP15=y +CONFIG_CPU_CP15_MMU=y +CONFIG_CPU_USE_DOMAINS=y + +# +# Processor Features +# +# CONFIG_ARM_THUMB is not set +# CONFIG_CPU_BIG_ENDIAN is not set +# CONFIG_CPU_ICACHE_DISABLE is not set +# CONFIG_CPU_DCACHE_DISABLE is not set +CONFIG_NEED_KUSER_HELPERS=y +CONFIG_KUSER_HELPERS=y +CONFIG_OUTER_CACHE=y +CONFIG_CACHE_FEROCEON_L2=y +# CONFIG_CACHE_FEROCEON_L2_WRITETHROUGH is not set +CONFIG_ARM_L1_CACHE_SHIFT=5 +CONFIG_ARCH_SUPPORTS_BIG_ENDIAN=y +CONFIG_DEBUG_ALIGN_RODATA=y +# end of System Type + +# +# Bus support +# +# end of Bus support + +# +# Kernel Features +# +# CONFIG_VMSPLIT_3G is not set +# CONFIG_VMSPLIT_3G_OPT is not set +CONFIG_VMSPLIT_2G=y +# CONFIG_VMSPLIT_1G is not set +CONFIG_PAGE_OFFSET=0x80000000 +CONFIG_ARCH_NR_GPIO=0 +CONFIG_HZ_FIXED=0 +CONFIG_HZ_100=y +# CONFIG_HZ_200 is not set +# CONFIG_HZ_250 is not set +# CONFIG_HZ_300 is not set +# CONFIG_HZ_500 is not set +# CONFIG_HZ_1000 is not set +CONFIG_HZ=100 +CONFIG_SCHED_HRTICK=y +CONFIG_AEABI=y +# CONFIG_OABI_COMPAT is not set +CONFIG_ARCH_SELECT_MEMORY_MODEL=y +CONFIG_ARCH_FLATMEM_ENABLE=y +CONFIG_ARCH_SPARSEMEM_ENABLE=y +# CONFIG_HIGHMEM is not set +# CONFIG_CPU_SW_DOMAIN_PAN is not set +CONFIG_ARCH_WANT_GENERAL_HUGETLB=y +# CONFIG_ARM_MODULE_PLTS is not set +CONFIG_FORCE_MAX_ZONEORDER=11 +CONFIG_ALIGNMENT_TRAP=y +# CONFIG_UACCESS_WITH_MEMCPY is not set +# CONFIG_PARAVIRT is not set +# CONFIG_PARAVIRT_TIME_ACCOUNTING is not set +# end of Kernel Features + +# +# Boot options +# +CONFIG_USE_OF=y +# CONFIG_DT_OVERRIDE_BUILTIN is not set +CONFIG_ATAGS=y +# CONFIG_DEPRECATED_PARAM_STRUCT is not set +CONFIG_DT_FROM_MACHTYPE=y +CONFIG_ZBOOT_ROM_TEXT=0x0 +CONFIG_ZBOOT_ROM_BSS=0x0 +# CONFIG_ARM_APPENDED_DTB is not set +CONFIG_CMDLINE="root=/dev/nfs ro ip=:::::eth0.41:dhcp console=ttyS1,115200 user_debug=28 dhcpclass=linux-fbxgw2r coherent_pool=1M" +# CONFIG_CMDLINE_FROM_BOOTLOADER is not set +# CONFIG_CMDLINE_EXTEND is not set +CONFIG_CMDLINE_FORCE=y +# CONFIG_KEXEC is not set +# CONFIG_CRASH_DUMP is not set +CONFIG_AUTO_ZRELADDR=y +# CONFIG_EFI is not set +# end of Boot options + +# +# CPU Power Management +# + +# +# CPU Frequency scaling +# +# CONFIG_CPU_FREQ is not set +# end of CPU Frequency scaling + +# +# CPU Idle +# +# CONFIG_CPU_IDLE is not set +# end of CPU Idle +# end of CPU Power Management + +# +# Floating point emulation +# + +# +# At least one emulation must be selected +# +# CONFIG_VFP is not set +# end of Floating point emulation + +# +# Power management options +# +# CONFIG_SUSPEND is not set +# CONFIG_HIBERNATION is not set +# CONFIG_PM is not set +# CONFIG_APM_EMULATION is not set +CONFIG_ARCH_SUSPEND_POSSIBLE=y +CONFIG_ARCH_HIBERNATION_POSSIBLE=y +# end of Power management options + +CONFIG_ARM_CRYPTO=y +# CONFIG_CRYPTO_SHA1_ARM is not set +# CONFIG_CRYPTO_SHA256_ARM is not set +# CONFIG_CRYPTO_SHA512_ARM is not set +CONFIG_CRYPTO_BLAKE2S_ARM=y +# CONFIG_CRYPTO_AES_ARM is not set +CONFIG_CRYPTO_CHACHA20_NEON=y +CONFIG_CRYPTO_POLY1305_ARM=y +CONFIG_AS_VFP_VMRS_FPINST=y + +# +# General architecture-dependent options +# +# CONFIG_KPROBES is not set +# CONFIG_JUMP_LABEL is not set +CONFIG_ARCH_USE_BUILTIN_BSWAP=y +CONFIG_HAVE_KPROBES=y +CONFIG_HAVE_KRETPROBES=y +CONFIG_HAVE_OPTPROBES=y +CONFIG_HAVE_NMI=y +CONFIG_TRACE_IRQFLAGS_SUPPORT=y +CONFIG_HAVE_ARCH_TRACEHOOK=y +CONFIG_HAVE_DMA_CONTIGUOUS=y +CONFIG_GENERIC_SMP_IDLE_THREAD=y +CONFIG_GENERIC_IDLE_POLL_SETUP=y +CONFIG_ARCH_HAS_FORTIFY_SOURCE=y +CONFIG_ARCH_HAS_KEEPINITRD=y +CONFIG_ARCH_HAS_SET_MEMORY=y +CONFIG_HAVE_ARCH_THREAD_STRUCT_WHITELIST=y +CONFIG_ARCH_32BIT_OFF_T=y +CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y +CONFIG_HAVE_RSEQ=y +CONFIG_HAVE_PERF_REGS=y +CONFIG_HAVE_PERF_USER_STACK_DUMP=y +CONFIG_HAVE_ARCH_JUMP_LABEL=y +CONFIG_ARCH_WANT_IPC_PARSE_VERSION=y +CONFIG_HAVE_ARCH_SECCOMP=y +CONFIG_HAVE_ARCH_SECCOMP_FILTER=y +CONFIG_SECCOMP=y +CONFIG_SECCOMP_FILTER=y +# CONFIG_SECCOMP_CACHE_DEBUG is not set +CONFIG_HAVE_STACKPROTECTOR=y +# CONFIG_STACKPROTECTOR is not set +CONFIG_LTO_NONE=y +CONFIG_HAVE_CONTEXT_TRACKING=y +CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y +CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y +CONFIG_HAVE_MOD_ARCH_SPECIFIC=y +CONFIG_MODULES_USE_ELF_REL=y +CONFIG_ARCH_HAS_ELF_RANDOMIZE=y +CONFIG_HAVE_ARCH_MMAP_RND_BITS=y +CONFIG_HAVE_EXIT_THREAD=y +CONFIG_ARCH_MMAP_RND_BITS=8 +CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT=y +CONFIG_CLONE_BACKWARDS=y +CONFIG_OLD_SIGSUSPEND3=y +CONFIG_OLD_SIGACTION=y +CONFIG_COMPAT_32BIT_TIME=y +CONFIG_ARCH_OPTIONAL_KERNEL_RWX=y +CONFIG_ARCH_HAS_STRICT_KERNEL_RWX=y +CONFIG_STRICT_KERNEL_RWX=y +CONFIG_ARCH_HAS_STRICT_MODULE_RWX=y +CONFIG_STRICT_MODULE_RWX=y +CONFIG_ARCH_HAS_PHYS_TO_DMA=y +# CONFIG_LOCK_EVENT_COUNTS is not set +CONFIG_ARCH_WANT_LD_ORPHAN_WARN=y +CONFIG_HAVE_ARCH_PFN_VALID=y + +# +# GCOV-based kernel profiling +# +# CONFIG_GCOV_KERNEL is not set +CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y +# end of GCOV-based kernel profiling + +CONFIG_HAVE_GCC_PLUGINS=y +CONFIG_GCC_PLUGINS=y +# CONFIG_GCC_PLUGIN_CYC_COMPLEXITY is not set +# CONFIG_GCC_PLUGIN_LATENT_ENTROPY is not set +# CONFIG_GCC_PLUGIN_RANDSTRUCT is not set +# end of General architecture-dependent options + +CONFIG_RT_MUTEXES=y +CONFIG_BASE_SMALL=0 +CONFIG_MODULES=y +# CONFIG_MODULE_FORCE_LOAD is not set +CONFIG_MODULE_UNLOAD=y +# CONFIG_MODULE_FORCE_UNLOAD is not set +# CONFIG_MODVERSIONS is not set +# CONFIG_MODULE_SRCVERSION_ALL is not set +# CONFIG_MODULE_SIG is not set +CONFIG_MODULE_COMPRESS_NONE=y +# CONFIG_MODULE_COMPRESS_GZIP is not set +# CONFIG_MODULE_COMPRESS_XZ is not set +# CONFIG_MODULE_COMPRESS_ZSTD is not set +# CONFIG_MODULE_ALLOW_MISSING_NAMESPACE_IMPORTS is not set +CONFIG_MODPROBE_PATH="/sbin/modprobe" +CONFIG_TRIM_UNUSED_KSYMS=y +CONFIG_UNUSED_KSYMS_WHITELIST="" +CONFIG_UNUSED_KSYMS_WHITELIST_SYMS="dib7000p_attach" +CONFIG_BLOCK=y +# CONFIG_BLK_DEV_BSGLIB is not set +# CONFIG_BLK_DEV_INTEGRITY is not set +# CONFIG_BLK_DEV_ZONED is not set +# CONFIG_BLK_WBT is not set +CONFIG_BLK_DEBUG_FS=y +# CONFIG_BLK_SED_OPAL is not set +# CONFIG_BLK_INLINE_ENCRYPTION is not set + +# +# Partition Types +# +CONFIG_PARTITION_ADVANCED=y +# CONFIG_ACORN_PARTITION is not set +# CONFIG_AIX_PARTITION is not set +# CONFIG_OSF_PARTITION is not set +# CONFIG_AMIGA_PARTITION is not set +# CONFIG_ATARI_PARTITION is not set +# CONFIG_MAC_PARTITION is not set +CONFIG_MSDOS_PARTITION=y +# CONFIG_BSD_DISKLABEL is not set +# CONFIG_MINIX_SUBPARTITION is not set +# CONFIG_SOLARIS_X86_PARTITION is not set +# CONFIG_UNIXWARE_DISKLABEL is not set +# CONFIG_LDM_PARTITION is not set +# CONFIG_SGI_PARTITION is not set +# CONFIG_ULTRIX_PARTITION is not set +# CONFIG_SUN_PARTITION is not set +# CONFIG_KARMA_PARTITION is not set +CONFIG_EFI_PARTITION=y +# CONFIG_SYSV68_PARTITION is not set +# CONFIG_CMDLINE_PARTITION is not set +# CONFIG_OF_PARTITION is not set +# end of Partition Types + +CONFIG_BLK_MQ_PCI=y +CONFIG_BLOCK_HOLDER_DEPRECATED=y + +# +# IO Schedulers +# +CONFIG_MQ_IOSCHED_DEADLINE=y +CONFIG_MQ_IOSCHED_KYBER=y +# CONFIG_IOSCHED_BFQ is not set +# end of IO Schedulers + +CONFIG_ASN1=y +CONFIG_UNINLINE_SPIN_UNLOCK=y +CONFIG_ARCH_SUPPORTS_ATOMIC_RMW=y +CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE=y + +# +# Executable file formats +# +CONFIG_BINFMT_ELF=y +# CONFIG_BINFMT_ELF_FDPIC is not set +CONFIG_ELFCORE=y +# CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set +CONFIG_BINFMT_SCRIPT=y +CONFIG_ARCH_HAS_BINFMT_FLAT=y +# CONFIG_BINFMT_FLAT is not set +CONFIG_BINFMT_FLAT_ARGVP_ENVP_ON_STACK=y +# CONFIG_BINFMT_MISC is not set +CONFIG_COREDUMP=y +# end of Executable file formats + +# +# Memory Management options +# +CONFIG_SELECT_MEMORY_MODEL=y +CONFIG_FLATMEM_MANUAL=y +# CONFIG_SPARSEMEM_MANUAL is not set +CONFIG_FLATMEM=y +CONFIG_ARCH_KEEP_MEMBLOCK=y +CONFIG_SPLIT_PTLOCK_CPUS=999999 +# CONFIG_COMPACTION is not set +# CONFIG_PAGE_REPORTING is not set +# CONFIG_KSM is not set +CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 +CONFIG_PAGE_FRAG_CACHE_ORDER=3 +CONFIG_NEED_PER_CPU_KM=y +# CONFIG_CLEANCACHE is not set +# CONFIG_FRONTSWAP is not set +# CONFIG_CMA is not set +# CONFIG_ZPOOL is not set +# CONFIG_ZSMALLOC is not set +CONFIG_GENERIC_EARLY_IOREMAP=y +# CONFIG_IDLE_PAGE_TRACKING is not set +# CONFIG_PERCPU_STATS is not set +# CONFIG_GUP_TEST is not set + +# +# Data Access Monitoring +# +# CONFIG_DAMON is not set +# end of Data Access Monitoring +# end of Memory Management options + +CONFIG_NET=y +CONFIG_NET_INGRESS=y +CONFIG_NET_EGRESS=y +CONFIG_SKB_EXTENSIONS=y + +# +# Networking options +# +CONFIG_NETSKBPAD=64 +CONFIG_NETRXTHREAD=y +CONFIG_NETRXTHREAD_RX_QUEUE=2 +CONFIG_NET_NMESH_MBH=y +CONFIG_PACKET=y +# CONFIG_PACKET_DIAG is not set +CONFIG_UNIX=y +CONFIG_UNIX_SCM=y +CONFIG_AF_UNIX_OOB=y +CONFIG_UNIX_ABSTRACT_IGNORE_NETNS=y +# CONFIG_UNIX_DIAG is not set +# CONFIG_TLS is not set +CONFIG_XFRM=y +CONFIG_XFRM_OFFLOAD=y +CONFIG_XFRM_ALGO=y +CONFIG_XFRM_USER=y +CONFIG_XFRM_INTERFACE=y +# CONFIG_XFRM_SUB_POLICY is not set +# CONFIG_XFRM_MIGRATE is not set +# CONFIG_XFRM_STATISTICS is not set +CONFIG_XFRM_AH=y +CONFIG_XFRM_ESP=y +CONFIG_NET_KEY=y +# CONFIG_NET_KEY_MIGRATE is not set +CONFIG_INET=y +CONFIG_IP_MULTICAST=y +CONFIG_IP_ADVANCED_ROUTER=y +# CONFIG_IP_FIB_TRIE_STATS is not set +CONFIG_IP_MULTIPLE_TABLES=y +# CONFIG_IP_ROUTE_MULTIPATH is not set +# CONFIG_IP_ROUTE_VERBOSE is not set +CONFIG_IP_PNP=y +CONFIG_IP_PNP_DHCP=y +CONFIG_IP_PNP_BOOTP=y +# CONFIG_IP_PNP_RARP is not set +# CONFIG_NET_IPIP is not set +CONFIG_NET_IPGRE_DEMUX=y +CONFIG_NET_IP_TUNNEL=y +# CONFIG_NET_IPGRE is not set +# CONFIG_IP_MROUTE is not set +# CONFIG_SYN_COOKIES is not set +# CONFIG_NET_IPVTI is not set +CONFIG_NET_UDP_TUNNEL=y +# CONFIG_NET_FOU is not set +# CONFIG_NET_FOU_IP_TUNNELS is not set +CONFIG_INET_AH=y +CONFIG_INET_ESP=y +# CONFIG_INET_ESP_OFFLOAD is not set +# CONFIG_INET_ESPINTCP is not set +# CONFIG_INET_IPCOMP is not set +CONFIG_INET_TUNNEL=y +CONFIG_INET_DIAG=y +CONFIG_INET_TCP_DIAG=y +# CONFIG_INET_UDP_DIAG is not set +# CONFIG_INET_RAW_DIAG is not set +# CONFIG_INET_DIAG_DESTROY is not set +# CONFIG_TCP_CONG_ADVANCED is not set +CONFIG_TCP_CONG_CUBIC=y +CONFIG_DEFAULT_TCP_CONG="cubic" +# CONFIG_TCP_MD5SIG is not set +CONFIG_IPV6=y +# CONFIG_IPV6_ROUTER_PREF is not set +# CONFIG_IPV6_OPTIMISTIC_DAD is not set +CONFIG_INET6_AH=y +CONFIG_INET6_ESP=y +CONFIG_INET6_ESP_OFFLOAD=y +# CONFIG_INET6_ESPINTCP is not set +# CONFIG_INET6_IPCOMP is not set +# CONFIG_IPV6_MIP6 is not set +# CONFIG_IPV6_ILA is not set +CONFIG_INET6_TUNNEL=y +# CONFIG_IPV6_VTI is not set +CONFIG_IPV6_SIT=y +CONFIG_IPV6_SIT_6RD=y +CONFIG_IPV6_NDISC_NODETYPE=y +CONFIG_IPV6_TUNNEL=y +# CONFIG_IPV6_GRE is not set +CONFIG_IPV6_MULTIPLE_TABLES=y +CONFIG_IPV6_SUBTREES=y +# CONFIG_IPV6_MROUTE is not set +# CONFIG_IPV6_SEG6_LWTUNNEL is not set +# CONFIG_IPV6_SEG6_HMAC is not set +# CONFIG_IPV6_RPL_LWTUNNEL is not set +# CONFIG_IPV6_IOAM6_LWTUNNEL is not set +# CONFIG_MPTCP is not set +# CONFIG_NETWORK_SECMARK is not set +# CONFIG_NETWORK_PHY_TIMESTAMPING is not set +CONFIG_NETFILTER=y +CONFIG_NETFILTER_ADVANCED=y +# CONFIG_BRIDGE_NETFILTER is not set + +# +# Core Netfilter Configuration +# +# CONFIG_NETFILTER_INGRESS is not set +CONFIG_NETFILTER_NETLINK=y +# CONFIG_NETFILTER_NETLINK_ACCT is not set +# CONFIG_NETFILTER_NETLINK_QUEUE is not set +# CONFIG_NETFILTER_NETLINK_LOG is not set +# CONFIG_NETFILTER_NETLINK_OSF is not set +CONFIG_NF_CONNTRACK=y +# CONFIG_NF_LOG_SYSLOG is not set +# CONFIG_NF_CONNTRACK_MARK is not set +# CONFIG_NF_CONNTRACK_ZONES is not set +CONFIG_NF_CONNTRACK_PROCFS=y +# CONFIG_NF_CONNTRACK_EVENTS is not set +# CONFIG_NF_CONNTRACK_TIMEOUT is not set +# CONFIG_NF_CONNTRACK_TIMESTAMP is not set +# CONFIG_NF_CONNTRACK_LABELS is not set +CONFIG_NF_CT_PROTO_DCCP=y +CONFIG_NF_CT_PROTO_GRE=y +CONFIG_NF_CT_PROTO_SCTP=y +# CONFIG_NF_CT_PROTO_UDPLITE is not set +# CONFIG_NF_CONNTRACK_AMANDA is not set +CONFIG_NF_CONNTRACK_FTP=y +CONFIG_NF_CONNTRACK_H323=m +CONFIG_NF_CONNTRACK_IRC=m +# CONFIG_NF_CONNTRACK_NETBIOS_NS is not set +# CONFIG_NF_CONNTRACK_SNMP is not set +CONFIG_NF_CONNTRACK_PPTP=m +# CONFIG_NF_CONNTRACK_SANE is not set +CONFIG_NF_CONNTRACK_SIP=m +CONFIG_NF_CONNTRACK_TFTP=y +CONFIG_NF_CT_NETLINK=y +CONFIG_NF_NAT=y +CONFIG_NF_NAT_FTP=y +CONFIG_NF_NAT_IRC=m +CONFIG_NF_NAT_SIP=m +CONFIG_NF_NAT_TFTP=y +CONFIG_NF_NAT_REDIRECT=y +CONFIG_NF_NAT_MASQUERADE=y +# CONFIG_NF_TABLES is not set +CONFIG_NETFILTER_XTABLES=y + +# +# Xtables combined modules +# +CONFIG_NETFILTER_XT_MARK=y +# CONFIG_NETFILTER_XT_CONNMARK is not set + +# +# Xtables targets +# +# CONFIG_NETFILTER_XT_TARGET_AUDIT is not set +# CONFIG_NETFILTER_XT_TARGET_CHECKSUM is not set +CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y +# CONFIG_NETFILTER_XT_TARGET_CONNMARK is not set +CONFIG_NETFILTER_XT_TARGET_DSCP=y +# CONFIG_NETFILTER_XT_TARGET_HL is not set +# CONFIG_NETFILTER_XT_TARGET_HMARK is not set +# CONFIG_NETFILTER_XT_TARGET_IDLETIMER is not set +# CONFIG_NETFILTER_XT_TARGET_LED is not set +# CONFIG_NETFILTER_XT_TARGET_LOG is not set +CONFIG_NETFILTER_XT_TARGET_MARK=y +CONFIG_NETFILTER_XT_NAT=y +# CONFIG_NETFILTER_XT_TARGET_NETMAP is not set +# CONFIG_NETFILTER_XT_TARGET_NFLOG is not set +# CONFIG_NETFILTER_XT_TARGET_NFQUEUE is not set +# CONFIG_NETFILTER_XT_TARGET_RATEEST is not set +CONFIG_NETFILTER_XT_TARGET_REDIRECT=y +CONFIG_NETFILTER_XT_TARGET_MASQUERADE=y +# CONFIG_NETFILTER_XT_TARGET_TEE is not set +CONFIG_NETFILTER_XT_TARGET_TPROXY=y +CONFIG_NETFILTER_XT_TARGET_TCPMSS=y +# CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP is not set + +# +# Xtables matches +# +# CONFIG_NETFILTER_XT_MATCH_ADDRTYPE is not set +# CONFIG_NETFILTER_XT_MATCH_BPF is not set +# CONFIG_NETFILTER_XT_MATCH_CGROUP is not set +# CONFIG_NETFILTER_XT_MATCH_CLUSTER is not set +# CONFIG_NETFILTER_XT_MATCH_COMMENT is not set +# CONFIG_NETFILTER_XT_MATCH_CONNBYTES is not set +# CONFIG_NETFILTER_XT_MATCH_CONNLABEL is not set +# CONFIG_NETFILTER_XT_MATCH_CONNLIMIT is not set +# CONFIG_NETFILTER_XT_MATCH_CONNMARK is not set +CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y +# CONFIG_NETFILTER_XT_MATCH_CPU is not set +CONFIG_NETFILTER_XT_MATCH_DCCP=y +# CONFIG_NETFILTER_XT_MATCH_DEVGROUP is not set +CONFIG_NETFILTER_XT_MATCH_DSCP=y +# CONFIG_NETFILTER_XT_MATCH_ECN is not set +# CONFIG_NETFILTER_XT_MATCH_ESP is not set +# CONFIG_NETFILTER_XT_MATCH_HASHLIMIT is not set +# CONFIG_NETFILTER_XT_MATCH_HELPER is not set +# CONFIG_NETFILTER_XT_MATCH_HL is not set +# CONFIG_NETFILTER_XT_MATCH_IPCOMP is not set +CONFIG_NETFILTER_XT_MATCH_IPRANGE=y +# CONFIG_NETFILTER_XT_MATCH_L2TP is not set +# CONFIG_NETFILTER_XT_MATCH_LENGTH is not set +CONFIG_NETFILTER_XT_MATCH_LIMIT=y +CONFIG_NETFILTER_XT_MATCH_MAC=y +CONFIG_NETFILTER_XT_MATCH_MARK=y +# CONFIG_NETFILTER_XT_MATCH_MULTIPORT is not set +# CONFIG_NETFILTER_XT_MATCH_NFACCT is not set +# CONFIG_NETFILTER_XT_MATCH_OSF is not set +CONFIG_NETFILTER_XT_MATCH_OWNER=y +# CONFIG_NETFILTER_XT_MATCH_POLICY is not set +# CONFIG_NETFILTER_XT_MATCH_PKTTYPE is not set +# CONFIG_NETFILTER_XT_MATCH_QUOTA is not set +# CONFIG_NETFILTER_XT_MATCH_RATEEST is not set +# CONFIG_NETFILTER_XT_MATCH_REALM is not set +# CONFIG_NETFILTER_XT_MATCH_RECENT is not set +CONFIG_NETFILTER_XT_MATCH_SCTP=y +# CONFIG_NETFILTER_XT_MATCH_SOCKET is not set +CONFIG_NETFILTER_XT_MATCH_STATE=y +# CONFIG_NETFILTER_XT_MATCH_STATISTIC is not set +# CONFIG_NETFILTER_XT_MATCH_STRING is not set +# CONFIG_NETFILTER_XT_MATCH_TCPMSS is not set +# CONFIG_NETFILTER_XT_MATCH_TIME is not set +# CONFIG_NETFILTER_XT_MATCH_U32 is not set +# end of Core Netfilter Configuration + +# CONFIG_IP_SET is not set +# CONFIG_IP_VS is not set + +# +# IP: Netfilter Configuration +# +CONFIG_IP_FFN=y +CONFIG_IP_FFN_PROCFS=y +CONFIG_NF_DEFRAG_IPV4=y +# CONFIG_NF_SOCKET_IPV4 is not set +CONFIG_NF_TPROXY_IPV4=y +# CONFIG_NF_DUP_IPV4 is not set +# CONFIG_NF_LOG_ARP is not set +# CONFIG_NF_LOG_IPV4 is not set +CONFIG_NF_REJECT_IPV4=y +CONFIG_NF_NAT_PPTP=m +CONFIG_NF_NAT_H323=m +CONFIG_IP_NF_IPTABLES=y +# CONFIG_IP_NF_MATCH_AH is not set +# CONFIG_IP_NF_MATCH_ECN is not set +# CONFIG_IP_NF_MATCH_RPFILTER is not set +# CONFIG_IP_NF_MATCH_TTL is not set +CONFIG_IP_NF_FILTER=y +CONFIG_IP_NF_TARGET_REJECT=y +# CONFIG_IP_NF_TARGET_SYNPROXY is not set +CONFIG_IP_NF_NAT=y +CONFIG_IP_NF_TARGET_MASQUERADE=y +# CONFIG_IP_NF_TARGET_NETMAP is not set +CONFIG_IP_NF_TARGET_REDIRECT=y +CONFIG_IP_NF_MANGLE=y +# CONFIG_IP_NF_TARGET_CLUSTERIP is not set +# CONFIG_IP_NF_TARGET_ECN is not set +# CONFIG_IP_NF_TARGET_TTL is not set +# CONFIG_IP_NF_RAW is not set +# CONFIG_IP_NF_ARPTABLES is not set +# end of IP: Netfilter Configuration + +# +# IPv6: Netfilter Configuration +# +CONFIG_IPV6_FFN=y +CONFIG_IPV6_FFN_PROCFS=y +# CONFIG_NF_SOCKET_IPV6 is not set +CONFIG_NF_TPROXY_IPV6=y +# CONFIG_NF_DUP_IPV6 is not set +CONFIG_NF_REJECT_IPV6=y +# CONFIG_NF_LOG_IPV6 is not set +CONFIG_IP6_NF_IPTABLES=y +# CONFIG_IP6_NF_MATCH_AH is not set +# CONFIG_IP6_NF_MATCH_EUI64 is not set +# CONFIG_IP6_NF_MATCH_FRAG is not set +# CONFIG_IP6_NF_MATCH_OPTS is not set +# CONFIG_IP6_NF_MATCH_HL is not set +# CONFIG_IP6_NF_MATCH_IPV6HEADER is not set +# CONFIG_IP6_NF_MATCH_MH is not set +# CONFIG_IP6_NF_MATCH_RPFILTER is not set +# CONFIG_IP6_NF_MATCH_RT is not set +# CONFIG_IP6_NF_MATCH_SRH is not set +# CONFIG_IP6_NF_TARGET_HL is not set +CONFIG_IP6_NF_FILTER=y +CONFIG_IP6_NF_TARGET_REJECT=y +# CONFIG_IP6_NF_TARGET_SYNPROXY is not set +CONFIG_IP6_NF_MANGLE=y +# CONFIG_IP6_NF_RAW is not set +CONFIG_IP6_NF_NAT=y +CONFIG_IP6_NF_TARGET_MASQUERADE=y +# CONFIG_IP6_NF_TARGET_NPT is not set +# end of IPv6: Netfilter Configuration + +CONFIG_NF_DEFRAG_IPV6=y +# CONFIG_NF_CONNTRACK_BRIDGE is not set +# CONFIG_BRIDGE_NF_EBTABLES is not set +# CONFIG_BPFILTER is not set +# CONFIG_IP_DCCP is not set +# CONFIG_IP_SCTP is not set +# CONFIG_RDS is not set +# CONFIG_TIPC is not set +# CONFIG_ATM is not set +# CONFIG_L2TP is not set +CONFIG_FBXATM=y +CONFIG_FBXATM_REMOTE=y +CONFIG_FBXATM_STACK=y +# CONFIG_FBXATM_REMOTE_STUB is not set +CONFIG_FBXATM_REMOTE_DRIVER=y +CONFIG_FBXBRIDGE=y +CONFIG_STP=y +CONFIG_BRIDGE=y +# CONFIG_BRIDGE_IGMP_SNOOPING is not set +# CONFIG_BRIDGE_VLAN_FILTERING is not set +# CONFIG_BRIDGE_MRP is not set +# CONFIG_BRIDGE_CFM is not set +# CONFIG_NET_DSA is not set +CONFIG_VLAN_8021Q=y +# CONFIG_VLAN_8021Q_GVRP is not set +# CONFIG_VLAN_8021Q_MVRP is not set +# CONFIG_DECNET is not set +CONFIG_LLC=y +# CONFIG_LLC2 is not set +# CONFIG_ATALK is not set +# CONFIG_X25 is not set +# CONFIG_LAPB is not set +# CONFIG_PHONET is not set +# CONFIG_6LOWPAN is not set +# CONFIG_IEEE802154 is not set +CONFIG_NET_SCHED=y + +# +# Queueing/Scheduling +# +# CONFIG_NET_SCH_CBQ is not set +# CONFIG_NET_SCH_HTB is not set +# CONFIG_NET_SCH_HFSC is not set +CONFIG_NET_SCH_PRIO=y +CONFIG_NET_SCH_MULTIQ=y +# CONFIG_NET_SCH_RED is not set +# CONFIG_NET_SCH_SFB is not set +CONFIG_NET_SCH_SFQ=y +# CONFIG_NET_SCH_TEQL is not set +# CONFIG_NET_SCH_TBF is not set +# CONFIG_NET_SCH_CBS is not set +# CONFIG_NET_SCH_ETF is not set +# CONFIG_NET_SCH_TAPRIO is not set +# CONFIG_NET_SCH_GRED is not set +# CONFIG_NET_SCH_DSMARK is not set +# CONFIG_NET_SCH_NETEM is not set +CONFIG_NET_SCH_DRR=y +# CONFIG_NET_SCH_MQPRIO is not set +# CONFIG_NET_SCH_SKBPRIO is not set +# CONFIG_NET_SCH_CHOKE is not set +# CONFIG_NET_SCH_QFQ is not set +# CONFIG_NET_SCH_CODEL is not set +CONFIG_NET_SCH_FQ_CODEL=y +# CONFIG_NET_SCH_CAKE is not set +# CONFIG_NET_SCH_FQ is not set +# CONFIG_NET_SCH_HHF is not set +# CONFIG_NET_SCH_PIE is not set +CONFIG_NET_SCH_INGRESS=y +# CONFIG_NET_SCH_PLUG is not set +# CONFIG_NET_SCH_ETS is not set +# CONFIG_NET_SCH_DEFAULT is not set + +# +# Classification +# +CONFIG_NET_CLS=y +# CONFIG_NET_CLS_BASIC is not set +# CONFIG_NET_CLS_TCINDEX is not set +# CONFIG_NET_CLS_ROUTE4 is not set +# CONFIG_NET_CLS_FW is not set +CONFIG_NET_CLS_U32=y +# CONFIG_CLS_U32_PERF is not set +CONFIG_CLS_U32_MARK=y +# CONFIG_NET_CLS_RSVP is not set +# CONFIG_NET_CLS_RSVP6 is not set +# CONFIG_NET_CLS_FLOW is not set +# CONFIG_NET_CLS_CGROUP is not set +# CONFIG_NET_CLS_BPF is not set +# CONFIG_NET_CLS_FLOWER is not set +# CONFIG_NET_CLS_MATCHALL is not set +# CONFIG_NET_EMATCH is not set +CONFIG_NET_CLS_ACT=y +CONFIG_NET_ACT_POLICE=y +# CONFIG_NET_ACT_GACT is not set +# CONFIG_NET_ACT_MIRRED is not set +# CONFIG_NET_ACT_SAMPLE is not set +# CONFIG_NET_ACT_IPT is not set +# CONFIG_NET_ACT_NAT is not set +# CONFIG_NET_ACT_PEDIT is not set +# CONFIG_NET_ACT_SIMP is not set +CONFIG_NET_ACT_SKBEDIT=y +# CONFIG_NET_ACT_CSUM is not set +# CONFIG_NET_ACT_MPLS is not set +# CONFIG_NET_ACT_VLAN is not set +# CONFIG_NET_ACT_BPF is not set +# CONFIG_NET_ACT_SKBMOD is not set +# CONFIG_NET_ACT_IFE is not set +# CONFIG_NET_ACT_TUNNEL_KEY is not set +# CONFIG_NET_ACT_GATE is not set +# CONFIG_NET_TC_SKB_EXT is not set +CONFIG_NET_SCH_FIFO=y +# CONFIG_DCB is not set +# CONFIG_DNS_RESOLVER is not set +# CONFIG_BATMAN_ADV is not set +# CONFIG_OPENVSWITCH is not set +# CONFIG_VSOCKETS is not set +# CONFIG_NETLINK_DIAG is not set +# CONFIG_MPLS is not set +# CONFIG_NET_NSH is not set +# CONFIG_HSR is not set +# CONFIG_NET_SWITCHDEV is not set +# CONFIG_NET_L3_MASTER_DEV is not set +# CONFIG_QRTR is not set +# CONFIG_NET_NCSI is not set +# CONFIG_CGROUP_NET_PRIO is not set +# CONFIG_CGROUP_NET_CLASSID is not set +CONFIG_NET_RX_BUSY_POLL=y +CONFIG_BQL=y + +# +# Network testing +# +# CONFIG_NET_PKTGEN is not set +# end of Network testing +# end of Networking options + +# CONFIG_HAMRADIO is not set +# CONFIG_CAN is not set +CONFIG_BT=y +CONFIG_BT_BREDR=y +# CONFIG_BT_RFCOMM is not set +CONFIG_BT_BNEP=y +# CONFIG_BT_BNEP_MC_FILTER is not set +# CONFIG_BT_BNEP_PROTO_FILTER is not set +# CONFIG_BT_HIDP is not set +CONFIG_BT_HS=y +# CONFIG_BT_LE is not set +# CONFIG_BT_LEDS is not set +# CONFIG_BT_MSFTEXT is not set +# CONFIG_BT_AOSPEXT is not set +# CONFIG_BT_DEBUGFS is not set +# CONFIG_BT_SELFTEST is not set +# CONFIG_BT_FEATURE_DEBUG is not set + +# +# Bluetooth device drivers +# +CONFIG_BT_INTEL=y +CONFIG_BT_HCIBTUSB=y +# CONFIG_BT_HCIBTUSB_AUTOSUSPEND is not set +# CONFIG_BT_HCIBTUSB_BCM is not set +# CONFIG_BT_HCIBTUSB_MTK is not set +# CONFIG_BT_HCIBTUSB_RTL is not set +# CONFIG_BT_HCIUART is not set +CONFIG_BT_HCIBCM203X=y +# CONFIG_BT_HCIBPA10X is not set +# CONFIG_BT_HCIBFUSB is not set +# CONFIG_BT_HCIVHCI is not set +CONFIG_BT_MRVL=y +CONFIG_BT_ATH3K=y +# end of Bluetooth device drivers + +# CONFIG_AF_RXRPC is not set +# CONFIG_AF_KCM is not set +# CONFIG_MCTP is not set +CONFIG_FIB_RULES=y +CONFIG_WIRELESS=y +CONFIG_CFG80211=y +CONFIG_NL80211_TESTMODE=y +# CONFIG_CFG80211_DEVELOPER_WARNINGS is not set +CONFIG_CFG80211_CERTIFICATION_ONUS=y +# CONFIG_CFG80211_REQUIRE_SIGNED_REGDB is not set +# CONFIG_CFG80211_REG_CELLULAR_HINTS is not set +# CONFIG_CFG80211_REG_RELAX_NO_IR is not set +CONFIG_CFG80211_DEFAULT_PS=y +# CONFIG_CFG80211_DEBUGFS is not set +CONFIG_CFG80211_CRDA_SUPPORT=y +# CONFIG_CFG80211_WEXT is not set +CONFIG_MAC80211=y +CONFIG_MAC80211_HAS_RC=y +CONFIG_MAC80211_RC_MINSTREL=y +CONFIG_MAC80211_RC_DEFAULT_MINSTREL=y +CONFIG_MAC80211_RC_DEFAULT="minstrel_ht" +CONFIG_MAC80211_MESH=y +CONFIG_MAC80211_LEDS=y +CONFIG_MAC80211_DEBUGFS=y +# CONFIG_MAC80211_MESSAGE_TRACING is not set +# CONFIG_MAC80211_DEBUG_MENU is not set +CONFIG_MAC80211_STA_HASH_MAX_SIZE=0 +# CONFIG_RFKILL is not set +# CONFIG_NET_9P is not set +# CONFIG_CAIF is not set +# CONFIG_CEPH_LIB is not set +# CONFIG_NFC is not set +# CONFIG_PSAMPLE is not set +# CONFIG_NET_IFE is not set +# CONFIG_LWTUNNEL is not set +CONFIG_DST_CACHE=y +CONFIG_GRO_CELLS=y +CONFIG_NET_SELFTESTS=y +# CONFIG_FAILOVER is not set +# CONFIG_ETHTOOL_NETLINK is not set + +# +# Device Drivers +# +CONFIG_HAVE_PCI=y +CONFIG_FORCE_PCI=y +CONFIG_PCI=y +CONFIG_PCI_DOMAINS=y +CONFIG_PCI_DOMAINS_GENERIC=y +CONFIG_PCI_SYSCALL=y +CONFIG_PCIEPORTBUS=y +CONFIG_PCIEAER=y +# CONFIG_PCIEAER_INJECT is not set +# CONFIG_PCIE_ECRC is not set +# CONFIG_PCIEASPM is not set +# CONFIG_PCIE_DPC is not set +# CONFIG_PCIE_PTM is not set +# CONFIG_PCI_MSI is not set +CONFIG_PCI_QUIRKS=y +# CONFIG_PCI_DEBUG is not set +# CONFIG_PCI_STUB is not set +CONFIG_PCI_BRIDGE_EMUL=y +# CONFIG_PCI_IOV is not set +# CONFIG_PCI_PRI is not set +# CONFIG_PCI_PASID is not set +# CONFIG_PCIE_BUS_TUNE_OFF is not set +CONFIG_PCIE_BUS_DEFAULT=y +# CONFIG_PCIE_BUS_SAFE is not set +# CONFIG_PCIE_BUS_PERFORMANCE is not set +# CONFIG_PCIE_BUS_PEER2PEER is not set +# CONFIG_HOTPLUG_PCI is not set + +# +# PCI controller drivers +# +CONFIG_PCI_MVEBU=y +# CONFIG_PCI_FTPCI100 is not set +# CONFIG_PCI_HOST_GENERIC is not set +# CONFIG_PCI_V3_SEMI is not set +# CONFIG_PCIE_ALTERA is not set + +# +# DesignWare PCI Core Support +# +# end of DesignWare PCI Core Support + +# +# Mobiveil PCIe Core Support +# +# end of Mobiveil PCIe Core Support + +# +# Cadence PCIe controllers support +# +# CONFIG_PCIE_CADENCE_PLAT_HOST is not set +# CONFIG_PCI_J721E_HOST is not set +# end of Cadence PCIe controllers support +# end of PCI controller drivers + +# +# PCI Endpoint +# +# CONFIG_PCI_ENDPOINT is not set +# end of PCI Endpoint + +# +# PCI switch controller drivers +# +# CONFIG_PCI_SW_SWITCHTEC is not set +# end of PCI switch controller drivers + +# CONFIG_CXL_BUS is not set +# CONFIG_PCCARD is not set +# CONFIG_RAPIDIO is not set + +# +# Generic Driver Options +# +# CONFIG_UEVENT_HELPER is not set +CONFIG_DEVTMPFS=y +CONFIG_DEVTMPFS_MOUNT=y +CONFIG_STANDALONE=y +CONFIG_PREVENT_FIRMWARE_BUILD=y + +# +# Firmware loader +# +CONFIG_FW_LOADER=y +CONFIG_FW_LOADER_PAGED_BUF=y +CONFIG_EXTRA_FIRMWARE="" +CONFIG_FW_LOADER_USER_HELPER=y +CONFIG_FW_LOADER_USER_HELPER_FALLBACK=y +# CONFIG_FW_LOADER_COMPRESS is not set +# end of Firmware loader + +CONFIG_WANT_DEV_COREDUMP=y +# CONFIG_ALLOW_DEV_COREDUMP is not set +# CONFIG_DEBUG_DRIVER is not set +# CONFIG_DEBUG_DEVRES is not set +# CONFIG_DEBUG_TEST_DRIVER_REMOVE is not set +# CONFIG_TEST_ASYNC_DRIVER_PROBE is not set +CONFIG_GENERIC_CPU_AUTOPROBE=y +CONFIG_SOC_BUS=y +CONFIG_REGMAP=y +CONFIG_REGMAP_I2C=y +CONFIG_REGMAP_SPI=y +CONFIG_REGMAP_MMIO=y +# end of Generic Driver Options + +# +# Bus devices +# +# CONFIG_BRCMSTB_GISB_ARB is not set +# CONFIG_MOXTET is not set +CONFIG_MVEBU_MBUS=y +# CONFIG_VEXPRESS_CONFIG is not set +# CONFIG_MHI_BUS is not set +# end of Bus devices + +# CONFIG_CONNECTOR is not set + +# +# Firmware Drivers +# + +# +# ARM System Control and Management Interface Protocol +# +# CONFIG_ARM_SCMI_PROTOCOL is not set +# end of ARM System Control and Management Interface Protocol + +# CONFIG_FIRMWARE_MEMMAP is not set +# CONFIG_FW_CFG_SYSFS is not set +# CONFIG_GOOGLE_FIRMWARE is not set + +# +# Tegra firmware driver +# +# end of Tegra firmware driver +# end of Firmware Drivers + +# CONFIG_GNSS is not set +CONFIG_FREEBOX_PROCFS=y +CONFIG_MTD=y +# CONFIG_MTD_TESTS is not set +CONFIG_MTD_ERASE_PRINTK=y + +# +# Partition parsers +# +# CONFIG_MTD_AR7_PARTS is not set +CONFIG_MTD_CMDLINE_PARTS=y +CONFIG_MTD_OF_PARTS=y +# CONFIG_MTD_OF_PARTS_IGNORE_RO is not set +# CONFIG_MTD_AFS_PARTS is not set +# CONFIG_MTD_REDBOOT_PARTS is not set +# CONFIG_MTD_FBX6HD_PARTS is not set +# end of Partition parsers + +# +# User Modules And Translation Layers +# +CONFIG_MTD_BLKDEVS=y +CONFIG_MTD_BLOCK=y + +# +# Note that in some cases UBI block is preferred. See MTD_UBI_BLOCK. +# +# CONFIG_FTL is not set +# CONFIG_NFTL is not set +# CONFIG_INFTL is not set +# CONFIG_RFD_FTL is not set +# CONFIG_SSFDC is not set +# CONFIG_SM_FTL is not set +# CONFIG_MTD_OOPS is not set +# CONFIG_MTD_SWAP is not set +# CONFIG_MTD_PARTITIONED_MASTER is not set + +# +# RAM/ROM/Flash chip drivers +# +# CONFIG_MTD_CFI is not set +# CONFIG_MTD_JEDECPROBE is not set +CONFIG_MTD_MAP_BANK_WIDTH_1=y +CONFIG_MTD_MAP_BANK_WIDTH_2=y +CONFIG_MTD_MAP_BANK_WIDTH_4=y +CONFIG_MTD_CFI_I1=y +CONFIG_MTD_CFI_I2=y +# CONFIG_MTD_RAM is not set +# CONFIG_MTD_ROM is not set +# CONFIG_MTD_ABSENT is not set +# end of RAM/ROM/Flash chip drivers + +# +# Mapping drivers for chip access +# +# CONFIG_MTD_COMPLEX_MAPPINGS is not set +# CONFIG_MTD_INTEL_VR_NOR is not set +# CONFIG_MTD_PLATRAM is not set +# end of Mapping drivers for chip access + +# +# Self-contained MTD device drivers +# +# CONFIG_MTD_PMC551 is not set +# CONFIG_MTD_DATAFLASH is not set +# CONFIG_MTD_MCHP23K256 is not set +# CONFIG_MTD_MCHP48L640 is not set +# CONFIG_MTD_SST25L is not set +# CONFIG_MTD_SLRAM is not set +# CONFIG_MTD_PHRAM is not set +# CONFIG_MTD_MTDRAM is not set +# CONFIG_MTD_BLOCK2MTD is not set + +# +# Disk-On-Chip Device Drivers +# +# CONFIG_MTD_DOCG3 is not set +# end of Self-contained MTD device drivers + +# +# NAND +# +CONFIG_MTD_NAND_CORE=y +# CONFIG_MTD_ONENAND is not set +CONFIG_MTD_RAW_NAND=y + +# +# Raw/parallel NAND flash controllers +# +# CONFIG_MTD_FORCE_BAD_BLOCK_ERASE is not set +# CONFIG_MTD_NAND_DENALI_PCI is not set +# CONFIG_MTD_NAND_DENALI_DT is not set +# CONFIG_MTD_NAND_DENALI_FBX is not set +# CONFIG_MTD_NAND_CAFE is not set +CONFIG_MTD_NAND_ORION=y +# CONFIG_MTD_NAND_MARVELL is not set +# CONFIG_MTD_NAND_BRCMNAND is not set +# CONFIG_MTD_NAND_MXIC is not set +# CONFIG_MTD_NAND_GPIO is not set +# CONFIG_MTD_NAND_PLATFORM is not set +# CONFIG_MTD_NAND_CADENCE is not set +# CONFIG_MTD_NAND_ARASAN is not set +# CONFIG_MTD_NAND_INTEL_LGM is not set + +# +# Misc +# +# CONFIG_MTD_NAND_NANDSIM is not set +# CONFIG_MTD_NAND_RICOH is not set +# CONFIG_MTD_NAND_DISKONCHIP is not set +# CONFIG_MTD_SPI_NAND is not set + +# +# ECC engine support +# +CONFIG_MTD_NAND_ECC=y +CONFIG_MTD_NAND_ECC_SW_HAMMING=y +# CONFIG_MTD_NAND_ECC_SW_HAMMING_SMC is not set +CONFIG_MTD_NAND_ECC_SW_BCH=y +# end of ECC engine support +# end of NAND + +# +# LPDDR & LPDDR2 PCM memory drivers +# +# CONFIG_MTD_LPDDR is not set +# CONFIG_MTD_LPDDR2_NVM is not set +# end of LPDDR & LPDDR2 PCM memory drivers + +CONFIG_MTD_SPI_NOR=y +# CONFIG_MTD_SPI_NOR_USE_4K_SECTORS is not set +# CONFIG_MTD_SPI_NOR_SWP_DISABLE is not set +CONFIG_MTD_SPI_NOR_SWP_DISABLE_ON_VOLATILE=y +# CONFIG_MTD_SPI_NOR_SWP_KEEP is not set +CONFIG_MTD_UBI=y +CONFIG_MTD_UBI_WL_THRESHOLD=4096 +CONFIG_MTD_UBI_BEB_LIMIT=20 +# CONFIG_MTD_UBI_FASTMAP is not set +# CONFIG_MTD_UBI_GLUEBI is not set +# CONFIG_MTD_UBI_BLOCK is not set +# CONFIG_MTD_HYPERBUS is not set +CONFIG_DTC=y +CONFIG_OF=y +# CONFIG_OF_UNITTEST is not set +CONFIG_OF_DTB_BUILTIN_LIST="fbxgw1r fbxgw2r" +CONFIG_OF_FLATTREE=y +CONFIG_OF_EARLY_FLATTREE=y +CONFIG_OF_KOBJ=y +CONFIG_OF_DYNAMIC=y +CONFIG_OF_ADDRESS=y +CONFIG_OF_IRQ=y +CONFIG_OF_RESERVED_MEM=y +CONFIG_OF_RESOLVE=y +CONFIG_OF_OVERLAY=y +CONFIG_OF_CONFIGFS=y +CONFIG_ARCH_MIGHT_HAVE_PC_PARPORT=y +# CONFIG_PARPORT is not set +CONFIG_BLK_DEV=y +# CONFIG_BLK_DEV_NULL_BLK is not set +# CONFIG_BLK_DEV_PCIESSD_MTIP32XX is not set +CONFIG_BLK_DEV_LOOP=y +CONFIG_BLK_DEV_LOOP_MIN_COUNT=8 +# CONFIG_BLK_DEV_CRYPTOLOOP is not set +# CONFIG_BLK_DEV_DRBD is not set +# CONFIG_BLK_DEV_NBD is not set +# CONFIG_BLK_DEV_SX8 is not set +CONFIG_BLK_DEV_RAM=y +CONFIG_BLK_DEV_RAM_COUNT=1 +CONFIG_BLK_DEV_RAM_SIZE=65536 +# CONFIG_CDROM_PKTCDVD is not set +# CONFIG_ATA_OVER_ETH is not set +# CONFIG_BLK_DEV_RBD is not set +# CONFIG_BLK_DEV_RSXX is not set + +# +# NVME Support +# +# CONFIG_BLK_DEV_NVME is not set +# CONFIG_NVME_FC is not set +# CONFIG_NVME_TCP is not set +# CONFIG_NVME_TARGET is not set +# end of NVME Support + +# +# Misc devices +# +# CONFIG_WINTEGRA_MMAP is not set +# CONFIG_AD525X_DPOT is not set +# CONFIG_DUMMY_IRQ is not set +# CONFIG_PHANTOM is not set +# CONFIG_TIFM_CORE is not set +# CONFIG_ICS932S401 is not set +# CONFIG_ENCLOSURE_SERVICES is not set +# CONFIG_HP_ILO is not set +# CONFIG_APDS9802ALS is not set +# CONFIG_ISL29003 is not set +# CONFIG_ISL29020 is not set +# CONFIG_SENSORS_TSL2550 is not set +# CONFIG_SENSORS_BH1770 is not set +# CONFIG_SENSORS_APDS990X is not set +# CONFIG_HMC6352 is not set +# CONFIG_DS1682 is not set +# CONFIG_INTELCE_PIC16PMU is not set +# CONFIG_FBXSERIAL_OF is not set +# CONFIG_RANDOM_OF is not set +# CONFIG_LATTICE_ECP3_CONFIG is not set +# CONFIG_SRAM is not set +# CONFIG_DW_XDATA_PCIE is not set +# CONFIG_PCI_ENDPOINT_TEST is not set +# CONFIG_XILINX_SDFEC is not set +# CONFIG_C2PORT is not set + +# +# EEPROM support +# +CONFIG_EEPROM_AT24=m +# CONFIG_EEPROM_AT25 is not set +# CONFIG_EEPROM_LEGACY is not set +# CONFIG_EEPROM_MAX6875 is not set +# CONFIG_EEPROM_93CX6 is not set +# CONFIG_EEPROM_93XX46 is not set +# CONFIG_EEPROM_IDT_89HPESX is not set +# CONFIG_EEPROM_EE1004 is not set +# CONFIG_EEPROM_EE1004_RAW is not set +# end of EEPROM support + +# CONFIG_CB710_CORE is not set + +# +# Texas Instruments shared transport line discipline +# +# CONFIG_TI_ST is not set +# end of Texas Instruments shared transport line discipline + +# CONFIG_SENSORS_LIS3_SPI is not set +# CONFIG_SENSORS_LIS3_I2C is not set +# CONFIG_ALTERA_STAPL is not set +# CONFIG_ECHO is not set +# CONFIG_MISC_ALCOR_PCI is not set +# CONFIG_MISC_RTSX_PCI is not set +# CONFIG_MISC_RTSX_USB is not set +# CONFIG_HABANA_AI is not set +# CONFIG_PVPANIC is not set + +# +# RemoTI support +# +# end of RemoTI support + +# +# HDMI CEC support +# +# CONFIG_HDMI_CEC is not set +# end of HDMI CEC support +# end of Misc devices + +# +# SCSI device support +# +CONFIG_SCSI_MOD=y +# CONFIG_RAID_ATTRS is not set +CONFIG_SCSI_COMMON=y +CONFIG_SCSI=y +CONFIG_SCSI_DMA=y +# CONFIG_SCSI_PROC_FS is not set + +# +# SCSI support type (disk, tape, CD-ROM) +# +CONFIG_BLK_DEV_SD=y +# CONFIG_CHR_DEV_ST is not set +# CONFIG_BLK_DEV_SR is not set +CONFIG_CHR_DEV_SG=y +# CONFIG_BLK_DEV_BSG is not set +# CONFIG_CHR_DEV_SCH is not set +# CONFIG_SCSI_CONSTANTS is not set +# CONFIG_SCSI_LOGGING is not set +CONFIG_SCSI_SCAN_ASYNC=y + +# +# SCSI Transports +# +# CONFIG_SCSI_SPI_ATTRS is not set +# CONFIG_SCSI_FC_ATTRS is not set +# CONFIG_SCSI_ISCSI_ATTRS is not set +# CONFIG_SCSI_SAS_ATTRS is not set +# CONFIG_SCSI_SAS_LIBSAS is not set +# CONFIG_SCSI_SRP_ATTRS is not set +# end of SCSI Transports + +# CONFIG_SCSI_LOWLEVEL is not set +# CONFIG_SCSI_DH is not set +# end of SCSI device support + +CONFIG_ATA=y +CONFIG_SATA_HOST=y +CONFIG_ATA_VERBOSE_ERROR=y +# CONFIG_ATA_FORCE is not set +CONFIG_SATA_PMP=y + +# +# Controllers with non-SFF native interface +# +# CONFIG_SATA_AHCI is not set +# CONFIG_SATA_AHCI_PLATFORM is not set +# CONFIG_AHCI_CEVA is not set +# CONFIG_AHCI_MVEBU is not set +# CONFIG_AHCI_QORIQ is not set +# CONFIG_SATA_INIC162X is not set +# CONFIG_SATA_ACARD_AHCI is not set +# CONFIG_SATA_SIL24 is not set +CONFIG_ATA_SFF=y + +# +# SFF controllers with custom DMA interface +# +# CONFIG_PDC_ADMA is not set +# CONFIG_SATA_QSTOR is not set +# CONFIG_SATA_SX4 is not set +CONFIG_ATA_BMDMA=y + +# +# SATA SFF controllers with BMDMA +# +# CONFIG_ATA_PIIX is not set +CONFIG_SATA_MV=m +# CONFIG_SATA_NV is not set +# CONFIG_SATA_PROMISE is not set +# CONFIG_SATA_SIL is not set +# CONFIG_SATA_SIS is not set +# CONFIG_SATA_SVW is not set +# CONFIG_SATA_ULI is not set +# CONFIG_SATA_VIA is not set +# CONFIG_SATA_VITESSE is not set + +# +# PATA SFF controllers with BMDMA +# +# CONFIG_PATA_ALI is not set +# CONFIG_PATA_AMD is not set +# CONFIG_PATA_ARTOP is not set +# CONFIG_PATA_ATIIXP is not set +# CONFIG_PATA_ATP867X is not set +# CONFIG_PATA_CMD64X is not set +# CONFIG_PATA_CYPRESS is not set +# CONFIG_PATA_EFAR is not set +# CONFIG_PATA_HPT366 is not set +# CONFIG_PATA_HPT37X is not set +# CONFIG_PATA_HPT3X2N is not set +# CONFIG_PATA_HPT3X3 is not set +# CONFIG_PATA_IT8213 is not set +# CONFIG_PATA_IT821X is not set +# CONFIG_PATA_JMICRON is not set +# CONFIG_PATA_MARVELL is not set +# CONFIG_PATA_NETCELL is not set +# CONFIG_PATA_NINJA32 is not set +# CONFIG_PATA_NS87415 is not set +# CONFIG_PATA_OLDPIIX is not set +# CONFIG_PATA_OPTIDMA is not set +# CONFIG_PATA_PDC2027X is not set +# CONFIG_PATA_PDC_OLD is not set +# CONFIG_PATA_RADISYS is not set +# CONFIG_PATA_RDC is not set +# CONFIG_PATA_SCH is not set +# CONFIG_PATA_SERVERWORKS is not set +# CONFIG_PATA_SIL680 is not set +# CONFIG_PATA_SIS is not set +# CONFIG_PATA_TOSHIBA is not set +# CONFIG_PATA_TRIFLEX is not set +# CONFIG_PATA_VIA is not set +# CONFIG_PATA_WINBOND is not set + +# +# PIO-only SFF controllers +# +# CONFIG_PATA_CMD640_PCI is not set +# CONFIG_PATA_MPIIX is not set +# CONFIG_PATA_NS87410 is not set +# CONFIG_PATA_OPTI is not set +# CONFIG_PATA_PLATFORM is not set +# CONFIG_PATA_RZ1000 is not set + +# +# Generic fallback / legacy drivers +# +# CONFIG_ATA_GENERIC is not set +# CONFIG_PATA_LEGACY is not set +CONFIG_MD=y +# CONFIG_BLK_DEV_MD is not set +# CONFIG_BCACHE is not set +CONFIG_BLK_DEV_DM_BUILTIN=y +CONFIG_BLK_DEV_DM=y +# CONFIG_DM_DEBUG is not set +# CONFIG_DM_UNSTRIPED is not set +CONFIG_DM_CRYPT=y +# CONFIG_DM_SNAPSHOT is not set +# CONFIG_DM_THIN_PROVISIONING is not set +# CONFIG_DM_CACHE is not set +# CONFIG_DM_WRITECACHE is not set +# CONFIG_DM_EBS is not set +# CONFIG_DM_ERA is not set +# CONFIG_DM_CLONE is not set +# CONFIG_DM_MIRROR is not set +# CONFIG_DM_RAID is not set +# CONFIG_DM_ZERO is not set +# CONFIG_DM_MULTIPATH is not set +# CONFIG_DM_DELAY is not set +# CONFIG_DM_DUST is not set +# CONFIG_DM_INIT is not set +# CONFIG_DM_UEVENT is not set +# CONFIG_DM_FLAKEY is not set +# CONFIG_DM_VERITY is not set +# CONFIG_DM_SWITCH is not set +# CONFIG_DM_LOG_WRITES is not set +# CONFIG_DM_INTEGRITY is not set +# CONFIG_TARGET_CORE is not set +# CONFIG_FUSION is not set + +# +# IEEE 1394 (FireWire) support +# +# CONFIG_FIREWIRE is not set +# CONFIG_FIREWIRE_NOSY is not set +# end of IEEE 1394 (FireWire) support + +CONFIG_NETDEVICES=y +CONFIG_MII=y +CONFIG_NET_CORE=y +# CONFIG_BONDING is not set +CONFIG_DUMMY=y +CONFIG_WIREGUARD=y +# CONFIG_WIREGUARD_DEBUG is not set +# CONFIG_EQUALIZER is not set +# CONFIG_NET_FC is not set +# CONFIG_NET_TEAM is not set +# CONFIG_MACVLAN is not set +# CONFIG_IPVLAN is not set +# CONFIG_VXLAN is not set +# CONFIG_GENEVE is not set +# CONFIG_BAREUDP is not set +# CONFIG_GTP is not set +# CONFIG_MACSEC is not set +# CONFIG_NETCONSOLE is not set +CONFIG_TUN=y +# CONFIG_TUN_VNET_CROSS_LE is not set +CONFIG_VETH=y +# CONFIG_NLMON is not set +# CONFIG_ARCNET is not set +CONFIG_ETHERNET=y +# CONFIG_NET_VENDOR_3COM is not set +# CONFIG_NET_VENDOR_ADAPTEC is not set +# CONFIG_NET_VENDOR_AGERE is not set +# CONFIG_NET_VENDOR_ALACRITECH is not set +# CONFIG_NET_VENDOR_ALTEON is not set +# CONFIG_ALTERA_TSE is not set +# CONFIG_NET_VENDOR_AMAZON is not set +# CONFIG_NET_VENDOR_AMD is not set +# CONFIG_NET_VENDOR_AQUANTIA is not set +# CONFIG_NET_VENDOR_ARC is not set +CONFIG_NET_VENDOR_ATHEROS=y +# CONFIG_ATL2 is not set +# CONFIG_ATL1 is not set +# CONFIG_ATL1E is not set +CONFIG_ATL1C=m +# CONFIG_ALX is not set +# CONFIG_NET_VENDOR_BROADCOM is not set +# CONFIG_NET_VENDOR_CADENCE is not set +# CONFIG_NET_VENDOR_CAVIUM is not set +# CONFIG_NET_VENDOR_CHELSIO is not set +# CONFIG_NET_VENDOR_CIRRUS is not set +# CONFIG_NET_VENDOR_CISCO is not set +# CONFIG_NET_VENDOR_CORTINA is not set +# CONFIG_DM9000 is not set +# CONFIG_DNET is not set +# CONFIG_NET_VENDOR_DEC is not set +# CONFIG_NET_VENDOR_DLINK is not set +# CONFIG_NET_VENDOR_EMULEX is not set +# CONFIG_NET_VENDOR_EZCHIP is not set +# CONFIG_NET_VENDOR_FARADAY is not set +# CONFIG_NET_VENDOR_GOOGLE is not set +# CONFIG_NET_VENDOR_HISILICON is not set +# CONFIG_NET_VENDOR_HUAWEI is not set +# CONFIG_NET_VENDOR_INTEL is not set +# CONFIG_JME is not set +# CONFIG_NET_VENDOR_LITEX is not set +CONFIG_NET_VENDOR_MARVELL=y +CONFIG_MV643XX_ETH=y +CONFIG_MV643XX_ETH_FBX_FF=y +CONFIG_MVMDIO=y +# CONFIG_MVNETA is not set +# CONFIG_MVPP2 is not set +# CONFIG_SKGE is not set +CONFIG_SKY2=m +# CONFIG_SKY2_DEBUG is not set +# CONFIG_NET_VENDOR_MELLANOX is not set +# CONFIG_NET_VENDOR_MICREL is not set +# CONFIG_NET_VENDOR_MICROCHIP is not set +# CONFIG_NET_VENDOR_MICROSEMI is not set +# CONFIG_NET_VENDOR_MICROSOFT is not set +# CONFIG_NET_VENDOR_MYRI is not set +# CONFIG_FEALNX is not set +# CONFIG_NET_VENDOR_NI is not set +# CONFIG_NET_VENDOR_NATSEMI is not set +# CONFIG_NET_VENDOR_NETERION is not set +# CONFIG_NET_VENDOR_NETRONOME is not set +# CONFIG_NET_VENDOR_NVIDIA is not set +# CONFIG_NET_VENDOR_OKI is not set +# CONFIG_ETHOC is not set +# CONFIG_NET_VENDOR_PACKET_ENGINES is not set +# CONFIG_NET_VENDOR_PENSANDO is not set +# CONFIG_NET_VENDOR_QLOGIC is not set +# CONFIG_NET_VENDOR_BROCADE is not set +# CONFIG_NET_VENDOR_QUALCOMM is not set +# CONFIG_NET_VENDOR_RDC is not set +# CONFIG_NET_VENDOR_REALTEK is not set +# CONFIG_NET_VENDOR_RENESAS is not set +# CONFIG_NET_VENDOR_ROCKER is not set +# CONFIG_NET_VENDOR_SAMSUNG is not set +# CONFIG_NET_VENDOR_SEEQ is not set +# CONFIG_NET_VENDOR_SILAN is not set +# CONFIG_NET_VENDOR_SIS is not set +# CONFIG_NET_VENDOR_SOLARFLARE is not set +# CONFIG_NET_VENDOR_SMSC is not set +# CONFIG_NET_VENDOR_SOCIONEXT is not set +# CONFIG_NET_VENDOR_STMICRO is not set +# CONFIG_NET_VENDOR_SUN is not set +# CONFIG_NET_VENDOR_SYNOPSYS is not set +# CONFIG_NET_VENDOR_TEHUTI is not set +# CONFIG_NET_VENDOR_TI is not set +# CONFIG_NET_VENDOR_VIA is not set +# CONFIG_NET_VENDOR_WIZNET is not set +# CONFIG_NET_VENDOR_XILINX is not set +# CONFIG_FDDI is not set +# CONFIG_HIPPI is not set +CONFIG_PHYLIB=y +CONFIG_SWPHY=y +# CONFIG_LED_TRIGGER_PHY is not set +CONFIG_FIXED_PHY=y + +# +# MII PHY device drivers +# +# CONFIG_AMD_PHY is not set +# CONFIG_ADIN_PHY is not set +# CONFIG_AQUANTIA_PHY is not set +# CONFIG_AX88796B_PHY is not set +# CONFIG_BROADCOM_PHY is not set +# CONFIG_BCM54140_PHY is not set +# CONFIG_BCM7XXX_PHY is not set +# CONFIG_BCM84881_PHY is not set +# CONFIG_BCM87XX_PHY is not set +# CONFIG_CICADA_PHY is not set +# CONFIG_CORTINA_PHY is not set +# CONFIG_DAVICOM_PHY is not set +# CONFIG_ICPLUS_PHY is not set +# CONFIG_LXT_PHY is not set +# CONFIG_INTEL_XWAY_PHY is not set +# CONFIG_LSI_ET1011C_PHY is not set +# CONFIG_MARVELL_PHY is not set +# CONFIG_MARVELL_10G_PHY is not set +# CONFIG_MARVELL_88X2222_PHY is not set +# CONFIG_MAXLINEAR_GPHY is not set +# CONFIG_MEDIATEK_GE_PHY is not set +# CONFIG_MICREL_PHY is not set +# CONFIG_MICROCHIP_PHY is not set +# CONFIG_MICROCHIP_T1_PHY is not set +# CONFIG_MICROSEMI_PHY is not set +# CONFIG_MOTORCOMM_PHY is not set +# CONFIG_NATIONAL_PHY is not set +# CONFIG_NXP_C45_TJA11XX_PHY is not set +# CONFIG_NXP_TJA11XX_PHY is not set +# CONFIG_QSEMI_PHY is not set +# CONFIG_REALTEK_PHY is not set +# CONFIG_RENESAS_PHY is not set +# CONFIG_ROCKCHIP_PHY is not set +# CONFIG_SMSC_PHY is not set +# CONFIG_STE10XP is not set +# CONFIG_TERANETICS_PHY is not set +# CONFIG_DP83822_PHY is not set +# CONFIG_DP83TC811_PHY is not set +# CONFIG_DP83848_PHY is not set +# CONFIG_DP83867_PHY is not set +# CONFIG_DP83869_PHY is not set +# CONFIG_VITESSE_PHY is not set +# CONFIG_XILINX_GMII2RGMII is not set +# CONFIG_MICREL_KS8995MA is not set +CONFIG_MDIO_DEVICE=y +CONFIG_MDIO_BUS=y +CONFIG_FWNODE_MDIO=y +CONFIG_OF_MDIO=y +CONFIG_MDIO_DEVRES=y +# CONFIG_MDIO_BITBANG is not set +# CONFIG_MDIO_BCM_UNIMAC is not set +# CONFIG_MDIO_HISI_FEMAC is not set +# CONFIG_MDIO_MVUSB is not set +# CONFIG_MDIO_MSCC_MIIM is not set +# CONFIG_MDIO_IPQ4019 is not set + +# +# MDIO Multiplexers +# +# CONFIG_MDIO_BUS_MUX_GPIO is not set +# CONFIG_MDIO_BUS_MUX_MULTIPLEXER is not set +# CONFIG_MDIO_BUS_MUX_MMIOREG is not set + +# +# PCS device drivers +# +# CONFIG_PCS_XPCS is not set +# end of PCS device drivers + +CONFIG_PPP=y +# CONFIG_PPP_BSDCOMP is not set +# CONFIG_PPP_DEFLATE is not set +# CONFIG_PPP_FILTER is not set +CONFIG_PPP_MPPE=y +# CONFIG_PPP_MULTILINK is not set +CONFIG_PPPOE=y +CONFIG_PPTP=y +# CONFIG_PPP_ASYNC is not set +# CONFIG_PPP_SYNC_TTY is not set +# CONFIG_SLIP is not set +CONFIG_SLHC=y +# CONFIG_USB_NET_DRIVERS is not set +CONFIG_WLAN=y +# CONFIG_WLAN_VENDOR_ADMTEK is not set +CONFIG_ATH_COMMON=y +CONFIG_WLAN_VENDOR_ATH=y +# CONFIG_ATH_DEBUG is not set +CONFIG_ATH_REG_IGNORE=y +# CONFIG_ATH_REG_DYNAMIC_USER_REG_HINTS is not set +# CONFIG_ATH5K is not set +# CONFIG_ATH5K_PCI is not set +# CONFIG_ATH9K is not set +# CONFIG_ATH9K_HTC is not set +# CONFIG_CARL9170 is not set +# CONFIG_ATH6KL is not set +# CONFIG_AR5523 is not set +# CONFIG_WIL6210 is not set +CONFIG_ATH10K=y +CONFIG_ATH10K_CE=y +CONFIG_ATH10K_PCI=m +# CONFIG_ATH10K_AHB is not set +# CONFIG_ATH10K_USB is not set +# CONFIG_ATH10K_DEBUG is not set +CONFIG_ATH10K_DEBUGFS=y +# CONFIG_ATH10K_SPECTRAL is not set +CONFIG_ATH10K_DFS_CERTIFIED=y +# CONFIG_WCN36XX is not set +# CONFIG_WLAN_VENDOR_ATMEL is not set +# CONFIG_WLAN_VENDOR_BROADCOM is not set +# CONFIG_WLAN_VENDOR_CISCO is not set +# CONFIG_WLAN_VENDOR_INTEL is not set +# CONFIG_WLAN_VENDOR_INTERSIL is not set +CONFIG_WLAN_VENDOR_MARVELL=y +# CONFIG_LIBERTAS is not set +# CONFIG_LIBERTAS_THINFIRM is not set +# CONFIG_MWIFIEX is not set +CONFIG_MWL8K=m +CONFIG_MWL8K_NEW=m +# CONFIG_WLAN_VENDOR_MEDIATEK is not set +# CONFIG_WLAN_VENDOR_MICROCHIP is not set +# CONFIG_WLAN_VENDOR_RALINK is not set +# CONFIG_WLAN_VENDOR_REALTEK is not set +# CONFIG_WLAN_VENDOR_RSI is not set +# CONFIG_WLAN_VENDOR_ST is not set +# CONFIG_WLAN_VENDOR_TI is not set +# CONFIG_WLAN_VENDOR_ZYDAS is not set +# CONFIG_WLAN_VENDOR_QUANTENNA is not set +CONFIG_MAC80211_HWSIM=m +# CONFIG_USB_NET_RNDIS_WLAN is not set +# CONFIG_VIRT_WIFI is not set +# CONFIG_WAN is not set + +# +# Wireless WAN +# +# CONFIG_WWAN is not set +# end of Wireless WAN + +# CONFIG_VMXNET3 is not set +# CONFIG_NETDEVSIM is not set +# CONFIG_NET_FAILOVER is not set +# CONFIG_ISDN is not set + +# +# Input device support +# +CONFIG_INPUT=y +# CONFIG_INPUT_LEDS is not set +# CONFIG_INPUT_FF_MEMLESS is not set +# CONFIG_INPUT_SPARSEKMAP is not set +# CONFIG_INPUT_MATRIXKMAP is not set + +# +# Userland interfaces +# +# CONFIG_INPUT_MOUSEDEV is not set +# CONFIG_INPUT_JOYDEV is not set +CONFIG_INPUT_EVDEV=y +# CONFIG_INPUT_EVBUG is not set + +# +# Input Device Drivers +# +# CONFIG_INPUT_KEYBOARD is not set +# CONFIG_INPUT_MOUSE is not set +# CONFIG_INPUT_JOYSTICK is not set +# CONFIG_INPUT_TABLET is not set +# CONFIG_INPUT_TOUCHSCREEN is not set +CONFIG_INPUT_MISC=y +# CONFIG_INPUT_AD714X is not set +# CONFIG_INPUT_ATMEL_CAPTOUCH is not set +# CONFIG_INPUT_BMA150 is not set +# CONFIG_INPUT_E3X0_BUTTON is not set +# CONFIG_INPUT_MMA8450 is not set +# CONFIG_INPUT_GPIO_BEEPER is not set +# CONFIG_INPUT_GPIO_DECODER is not set +# CONFIG_INPUT_GPIO_VIBRA is not set +# CONFIG_INPUT_ATI_REMOTE2 is not set +# CONFIG_INPUT_KEYSPAN_REMOTE is not set +# CONFIG_INPUT_KXTJ9 is not set +# CONFIG_INPUT_POWERMATE is not set +# CONFIG_INPUT_YEALINK is not set +# CONFIG_INPUT_CM109 is not set +# CONFIG_INPUT_UINPUT is not set +# CONFIG_INPUT_PCF8574 is not set +# CONFIG_INPUT_GPIO_ROTARY_ENCODER is not set +# CONFIG_INPUT_DA7280_HAPTICS is not set +# CONFIG_INPUT_ADXL34X is not set +# CONFIG_INPUT_IMS_PCU is not set +# CONFIG_INPUT_IQS269A is not set +# CONFIG_INPUT_IQS626A is not set +# CONFIG_INPUT_CMA3000 is not set +# CONFIG_INPUT_DRV260X_HAPTICS is not set +# CONFIG_INPUT_DRV2665_HAPTICS is not set +# CONFIG_INPUT_DRV2667_HAPTICS is not set +CONFIG_INPUT_SMSC_CAP1066=m +# CONFIG_RMI4_CORE is not set + +# +# Hardware I/O ports +# +# CONFIG_SERIO is not set +# CONFIG_GAMEPORT is not set +# end of Hardware I/O ports +# end of Input device support + +# +# Character devices +# +CONFIG_TTY=y +CONFIG_VT=y +CONFIG_CONSOLE_TRANSLATIONS=y +CONFIG_VT_CONSOLE=y +CONFIG_HW_CONSOLE=y +CONFIG_VT_HW_CONSOLE_BINDING=y +CONFIG_UNIX98_PTYS=y +CONFIG_LEGACY_PTYS=y +CONFIG_LEGACY_PTY_COUNT=16 +# CONFIG_LDISC_AUTOLOAD is not set + +# +# Serial drivers +# +CONFIG_SERIAL_EARLYCON=y +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_DEPRECATED_OPTIONS=y +# CONFIG_SERIAL_8250_16550A_VARIANTS is not set +# CONFIG_SERIAL_8250_FINTEK is not set +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_SERIAL_8250_PCI=y +# CONFIG_SERIAL_8250_EXAR is not set +CONFIG_SERIAL_8250_NR_UARTS=4 +CONFIG_SERIAL_8250_RUNTIME_UARTS=2 +# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_FSL=y +# CONFIG_SERIAL_8250_DW is not set +# CONFIG_SERIAL_8250_EM is not set +# CONFIG_SERIAL_8250_RT288X is not set +CONFIG_SERIAL_OF_PLATFORM=y + +# +# Non-8250 serial port support +# +# CONFIG_SERIAL_EARLYCON_ARM_SEMIHOST is not set +# CONFIG_SERIAL_MAX3100 is not set +# CONFIG_SERIAL_MAX310X is not set +# CONFIG_SERIAL_UARTLITE is not set +CONFIG_SERIAL_CORE=y +CONFIG_SERIAL_CORE_CONSOLE=y +# CONFIG_SERIAL_JSM is not set +# CONFIG_SERIAL_SIFIVE is not set +# CONFIG_SERIAL_SCCNXP is not set +# CONFIG_SERIAL_SC16IS7XX is not set +# CONFIG_SERIAL_BCM63XX is not set +# CONFIG_SERIAL_ALTERA_JTAGUART is not set +# CONFIG_SERIAL_ALTERA_UART is not set +# CONFIG_SERIAL_XILINX_PS_UART is not set +# CONFIG_SERIAL_ARC is not set +# CONFIG_SERIAL_RP2 is not set +# CONFIG_SERIAL_FSL_LPUART is not set +# CONFIG_SERIAL_FSL_LINFLEXUART is not set +# CONFIG_SERIAL_CONEXANT_DIGICOLOR is not set +# CONFIG_SERIAL_ST_ASC is not set +# CONFIG_SERIAL_SPRD is not set +# CONFIG_SERIAL_MVEBU_UART is not set +# end of Serial drivers + +CONFIG_SERIAL_MCTRL_GPIO=y +# CONFIG_SERIAL_NONSTANDARD is not set +# CONFIG_N_GSM is not set +# CONFIG_NOZOMI is not set +# CONFIG_NULL_TTY is not set +# CONFIG_HVC_DCC is not set +# CONFIG_SERIAL_DEV_BUS is not set +# CONFIG_TTY_PRINTK is not set +# CONFIG_VIRTIO_CONSOLE is not set +# CONFIG_IPMI_HANDLER is not set +# CONFIG_HW_RANDOM is not set +# CONFIG_APPLICOM is not set +# CONFIG_DEVMEM is not set +# CONFIG_DEVPHYSMEM is not set +CONFIG_DEVPORT=y +# CONFIG_TCG_TPM is not set +# CONFIG_XILLYBUS is not set +# CONFIG_XILLYUSB is not set +# CONFIG_RANDOM_TRUST_BOOTLOADER is not set +# end of Character devices + +# +# Diag Support +# +# CONFIG_DIAG_CHAR is not set +# end of Diag Support + +# +# DIAG traffic over USB +# +# end of DIAG traffic over USB + +# +# DIAG traffic over QRTR +# +# end of DIAG traffic over QRTR + +# +# HSIC/SMUX support for DIAG +# +# end of HSIC/SMUX support for DIAG + +# +# I2C support +# +CONFIG_I2C=y +CONFIG_I2C_BOARDINFO=y +CONFIG_I2C_COMPAT=y +CONFIG_I2C_CHARDEV=y +# CONFIG_I2C_MUX is not set +CONFIG_I2C_HELPER_AUTO=y + +# +# I2C Hardware Bus support +# + +# +# PC SMBus host controller drivers +# +# CONFIG_I2C_ALI1535 is not set +# CONFIG_I2C_ALI1563 is not set +# CONFIG_I2C_ALI15X3 is not set +# CONFIG_I2C_AMD756 is not set +# CONFIG_I2C_AMD8111 is not set +# CONFIG_I2C_I801 is not set +# CONFIG_I2C_ISCH is not set +# CONFIG_I2C_PIIX4 is not set +# CONFIG_I2C_NFORCE2 is not set +# CONFIG_I2C_NVIDIA_GPU is not set +# CONFIG_I2C_SIS5595 is not set +# CONFIG_I2C_SIS630 is not set +# CONFIG_I2C_SIS96X is not set +# CONFIG_I2C_VIA is not set +# CONFIG_I2C_VIAPRO is not set + +# +# I2C system bus drivers (mostly embedded / system-on-chip) +# +# CONFIG_I2C_CBUS_GPIO is not set +# CONFIG_I2C_DESIGNWARE_PLATFORM is not set +# CONFIG_I2C_DESIGNWARE_PCI is not set +# CONFIG_I2C_EMEV2 is not set +# CONFIG_I2C_GPIO is not set +CONFIG_I2C_MV64XXX=y +# CONFIG_I2C_OCORES is not set +# CONFIG_I2C_PCA_PLATFORM is not set +# CONFIG_I2C_PXA is not set +# CONFIG_I2C_RK3X is not set +# CONFIG_I2C_SIMTEC is not set +# CONFIG_I2C_XILINX is not set + +# +# External I2C/SMBus adapter drivers +# +# CONFIG_I2C_DIOLAN_U2C is not set +# CONFIG_I2C_CP2615 is not set +# CONFIG_I2C_ROBOTFUZZ_OSIF is not set +# CONFIG_I2C_TAOS_EVM is not set +# CONFIG_I2C_TINY_USB is not set + +# +# Other I2C/SMBus bus drivers +# +# CONFIG_I2C_VIRTIO is not set +# end of I2C Hardware Bus support + +# CONFIG_I2C_STUB is not set +# CONFIG_I2C_SLAVE is not set +# CONFIG_I2C_DEBUG_CORE is not set +# CONFIG_I2C_DEBUG_ALGO is not set +# CONFIG_I2C_DEBUG_BUS is not set +# end of I2C support + +# CONFIG_I3C is not set +CONFIG_SPI=y +# CONFIG_SPI_DEBUG is not set +CONFIG_SPI_MASTER=y +CONFIG_SPI_MEM=y + +# +# SPI Master Controller Drivers +# +# CONFIG_SPI_ALTERA is not set +# CONFIG_SPI_ARMADA_3700 is not set +# CONFIG_SPI_AXI_SPI_ENGINE is not set +# CONFIG_SPI_BITBANG is not set +# CONFIG_SPI_CADENCE is not set +# CONFIG_SPI_CADENCE_QUADSPI is not set +# CONFIG_SPI_DESIGNWARE is not set +# CONFIG_SPI_NXP_FLEXSPI is not set +# CONFIG_SPI_GPIO is not set +# CONFIG_SPI_FSL_SPI is not set +# CONFIG_SPI_OC_TINY is not set +CONFIG_SPI_ORION=y +CONFIG_SPI_TDM_ORION=y +# CONFIG_SPI_PXA2XX is not set +# CONFIG_SPI_ROCKCHIP is not set +# CONFIG_SPI_SC18IS602 is not set +# CONFIG_SPI_SIFIVE is not set +# CONFIG_SPI_MXIC is not set +# CONFIG_SPI_XCOMM is not set +# CONFIG_SPI_XILINX is not set +# CONFIG_SPI_ZYNQMP_GQSPI is not set +# CONFIG_SPI_AMD is not set + +# +# SPI Multiplexer support +# +# CONFIG_SPI_MUX is not set + +# +# SPI Protocol Masters +# +# CONFIG_SPI_SPIDEV is not set +# CONFIG_SPI_LOOPBACK_TEST is not set +# CONFIG_SPI_TLE62X0 is not set +# CONFIG_SPI_SLAVE is not set +CONFIG_SPI_DYNAMIC=y +# CONFIG_SPMI is not set +# CONFIG_HSI is not set +# CONFIG_PPS is not set + +# +# PTP clock support +# +# CONFIG_PTP_1588_CLOCK is not set +CONFIG_PTP_1588_CLOCK_OPTIONAL=y + +# +# Enable PHYLIB and NETWORK_PHY_TIMESTAMPING to see the additional clocks. +# +# end of PTP clock support + +CONFIG_PINCTRL=y +CONFIG_PINMUX=y +CONFIG_PINCONF=y +# CONFIG_DEBUG_PINCTRL is not set +# CONFIG_PINCTRL_MCP23S08 is not set +# CONFIG_PINCTRL_SINGLE is not set +# CONFIG_PINCTRL_SX150X is not set +# CONFIG_PINCTRL_STMFX is not set +# CONFIG_PINCTRL_OCELOT is not set +# CONFIG_PINCTRL_MICROCHIP_SGPIO is not set +CONFIG_PINCTRL_MVEBU=y +CONFIG_PINCTRL_KIRKWOOD=y + +# +# Renesas pinctrl drivers +# +# end of Renesas pinctrl drivers + +CONFIG_ARCH_HAVE_CUSTOM_GPIO_H=y +CONFIG_GPIOLIB=y +CONFIG_GPIOLIB_FASTPATH_LIMIT=512 +CONFIG_OF_GPIO=y +# CONFIG_DEBUG_GPIO is not set +CONFIG_GPIO_SYSFS=y +CONFIG_GPIO_CDEV=y +# CONFIG_GPIO_CDEV_V1 is not set + +# +# Memory mapped GPIO drivers +# +# CONFIG_GPIO_74XX_MMIO is not set +# CONFIG_GPIO_ALTERA is not set +# CONFIG_GPIO_CADENCE is not set +# CONFIG_GPIO_DWAPB is not set +# CONFIG_GPIO_FTGPIO010 is not set +# CONFIG_GPIO_GENERIC_PLATFORM is not set +# CONFIG_GPIO_GRGPIO is not set +# CONFIG_GPIO_HLWD is not set +# CONFIG_GPIO_MB86S7X is not set +# CONFIG_GPIO_MPC8XXX is not set +CONFIG_GPIO_MVEBU=y +# CONFIG_GPIO_SIFIVE is not set +# CONFIG_GPIO_XILINX is not set +# CONFIG_GPIO_ZEVIO is not set +# CONFIG_GPIO_AMD_FCH is not set +# end of Memory mapped GPIO drivers + +# +# I2C GPIO expanders +# +# CONFIG_GPIO_ADP5588 is not set +# CONFIG_GPIO_ADNP is not set +# CONFIG_GPIO_GW_PLD is not set +# CONFIG_GPIO_MAX7300 is not set +# CONFIG_GPIO_MAX732X is not set +CONFIG_GPIO_PCA953X=y +# CONFIG_GPIO_PCA953X_IRQ is not set +# CONFIG_GPIO_PCA9570 is not set +# CONFIG_GPIO_PCF857X is not set +# CONFIG_GPIO_TPIC2810 is not set +# end of I2C GPIO expanders + +# +# MFD GPIO expanders +# +# CONFIG_HTC_EGPIO is not set +# end of MFD GPIO expanders + +# +# PCI GPIO expanders +# +# CONFIG_GPIO_BT8XX is not set +# CONFIG_GPIO_PCI_IDIO_16 is not set +# CONFIG_GPIO_PCIE_IDIO_24 is not set +# CONFIG_GPIO_RDC321X is not set +# end of PCI GPIO expanders + +# +# SPI GPIO expanders +# +# CONFIG_GPIO_74X164 is not set +# CONFIG_GPIO_MAX3191X is not set +# CONFIG_GPIO_MAX7301 is not set +# CONFIG_GPIO_MC33880 is not set +# CONFIG_GPIO_PISOSR is not set +# CONFIG_GPIO_XRA1403 is not set +# end of SPI GPIO expanders + +# +# USB GPIO expanders +# +# end of USB GPIO expanders + +# +# Virtual GPIO drivers +# +# CONFIG_GPIO_AGGREGATOR is not set +# CONFIG_GPIO_MOCKUP is not set +# end of Virtual GPIO drivers + +CONFIG_FREEBOX_GPIO=y +CONFIG_FREEBOX_GPIO_DT=y +# CONFIG_FREEBOX_JTAG is not set +# CONFIG_W1 is not set +# CONFIG_POWER_RESET is not set +# CONFIG_POWER_SUPPLY is not set +CONFIG_HWMON=y +CONFIG_HWMON_VID=y +# CONFIG_HWMON_DEBUG_CHIP is not set + +# +# Native drivers +# +# CONFIG_SENSORS_AD7314 is not set +# CONFIG_SENSORS_AD7414 is not set +# CONFIG_SENSORS_AD7418 is not set +# CONFIG_SENSORS_ADM1021 is not set +# CONFIG_SENSORS_ADM1025 is not set +# CONFIG_SENSORS_ADM1026 is not set +# CONFIG_SENSORS_ADM1029 is not set +# CONFIG_SENSORS_ADM1031 is not set +# CONFIG_SENSORS_ADM1177 is not set +# CONFIG_SENSORS_ADM9240 is not set +# CONFIG_SENSORS_ADT7310 is not set +# CONFIG_SENSORS_ADT7410 is not set +# CONFIG_SENSORS_ADT7411 is not set +# CONFIG_SENSORS_ADT7462 is not set +# CONFIG_SENSORS_ADT7470 is not set +CONFIG_SENSORS_ADT7475=y +# CONFIG_SENSORS_AHT10 is not set +# CONFIG_SENSORS_AS370 is not set +# CONFIG_SENSORS_ASC7621 is not set +# CONFIG_SENSORS_AXI_FAN_CONTROL is not set +# CONFIG_SENSORS_ASPEED is not set +# CONFIG_SENSORS_ATXP1 is not set +# CONFIG_SENSORS_CORSAIR_CPRO is not set +# CONFIG_SENSORS_CORSAIR_PSU is not set +# CONFIG_SENSORS_DRIVETEMP is not set +# CONFIG_SENSORS_DS620 is not set +# CONFIG_SENSORS_DS1621 is not set +# CONFIG_SENSORS_I5K_AMB is not set +# CONFIG_SENSORS_F71805F is not set +# CONFIG_SENSORS_F71882FG is not set +# CONFIG_SENSORS_F75375S is not set +# CONFIG_SENSORS_GL518SM is not set +# CONFIG_SENSORS_GL520SM is not set +# CONFIG_SENSORS_G760A is not set +# CONFIG_SENSORS_G762 is not set +# CONFIG_SENSORS_GPIO_FAN is not set +# CONFIG_SENSORS_HIH6130 is not set +# CONFIG_SENSORS_IT87 is not set +# CONFIG_SENSORS_JC42 is not set +# CONFIG_SENSORS_POWR1220 is not set +# CONFIG_SENSORS_LINEAGE is not set +# CONFIG_SENSORS_LTC2945 is not set +# CONFIG_SENSORS_LTC2947_I2C is not set +# CONFIG_SENSORS_LTC2947_SPI is not set +# CONFIG_SENSORS_LTC2990 is not set +# CONFIG_SENSORS_LTC2992 is not set +# CONFIG_SENSORS_LTC4151 is not set +# CONFIG_SENSORS_LTC4215 is not set +# CONFIG_SENSORS_LTC4222 is not set +# CONFIG_SENSORS_LTC4245 is not set +# CONFIG_SENSORS_LTC4260 is not set +# CONFIG_SENSORS_LTC4261 is not set +# CONFIG_SENSORS_MAX1111 is not set +# CONFIG_SENSORS_MAX127 is not set +# CONFIG_SENSORS_MAX16065 is not set +# CONFIG_SENSORS_MAX1619 is not set +# CONFIG_SENSORS_MAX1668 is not set +# CONFIG_SENSORS_MAX197 is not set +# CONFIG_SENSORS_MAX31722 is not set +# CONFIG_SENSORS_MAX31730 is not set +# CONFIG_SENSORS_MAX6621 is not set +# CONFIG_SENSORS_MAX6639 is not set +# CONFIG_SENSORS_MAX6642 is not set +# CONFIG_SENSORS_MAX6650 is not set +# CONFIG_SENSORS_MAX6697 is not set +# CONFIG_SENSORS_MAX31790 is not set +# CONFIG_SENSORS_MCP3021 is not set +# CONFIG_SENSORS_TC654 is not set +# CONFIG_SENSORS_TPS23861 is not set +# CONFIG_SENSORS_MR75203 is not set +# CONFIG_SENSORS_ADCXX is not set +# CONFIG_SENSORS_LM63 is not set +# CONFIG_SENSORS_LM70 is not set +# CONFIG_SENSORS_LM73 is not set +# CONFIG_SENSORS_LM75 is not set +# CONFIG_SENSORS_LM77 is not set +# CONFIG_SENSORS_LM78 is not set +# CONFIG_SENSORS_LM80 is not set +# CONFIG_SENSORS_LM83 is not set +CONFIG_SENSORS_LM85=y +# CONFIG_SENSORS_LM87 is not set +# CONFIG_SENSORS_LM90 is not set +# CONFIG_SENSORS_LM92 is not set +# CONFIG_SENSORS_LM93 is not set +# CONFIG_SENSORS_LM95234 is not set +# CONFIG_SENSORS_LM95241 is not set +# CONFIG_SENSORS_LM95245 is not set +# CONFIG_SENSORS_PC87360 is not set +# CONFIG_SENSORS_PC87427 is not set +# CONFIG_SENSORS_NTC_THERMISTOR is not set +# CONFIG_SENSORS_NCT6683 is not set +# CONFIG_SENSORS_NCT6775 is not set +# CONFIG_SENSORS_NCT7802 is not set +# CONFIG_SENSORS_NPCM7XX is not set +# CONFIG_SENSORS_NSA320 is not set +# CONFIG_SENSORS_OCC_P8_I2C is not set +# CONFIG_SENSORS_PCF8591 is not set +# CONFIG_PMBUS is not set +# CONFIG_SENSORS_SBTSI is not set +# CONFIG_SENSORS_SBRMI is not set +# CONFIG_SENSORS_SHT15 is not set +# CONFIG_SENSORS_SHT21 is not set +# CONFIG_SENSORS_SHT3x is not set +# CONFIG_SENSORS_SHT4x is not set +# CONFIG_SENSORS_SHTC1 is not set +# CONFIG_SENSORS_SIS5595 is not set +# CONFIG_SENSORS_DME1737 is not set +# CONFIG_SENSORS_EMC1403 is not set +# CONFIG_SENSORS_EMC2103 is not set +# CONFIG_SENSORS_EMC6W201 is not set +# CONFIG_SENSORS_SMSC47M1 is not set +# CONFIG_SENSORS_SMSC47M192 is not set +# CONFIG_SENSORS_SMSC47B397 is not set +# CONFIG_SENSORS_STTS751 is not set +# CONFIG_SENSORS_SMM665 is not set +# CONFIG_SENSORS_ADC128D818 is not set +# CONFIG_SENSORS_ADS7828 is not set +# CONFIG_SENSORS_ADS7871 is not set +# CONFIG_SENSORS_AMC6821 is not set +# CONFIG_SENSORS_INA209 is not set +# CONFIG_SENSORS_INA2XX is not set +# CONFIG_SENSORS_INA3221 is not set +# CONFIG_SENSORS_TC74 is not set +# CONFIG_SENSORS_THMC50 is not set +# CONFIG_SENSORS_TMP102 is not set +# CONFIG_SENSORS_TMP103 is not set +# CONFIG_SENSORS_TMP108 is not set +# CONFIG_SENSORS_TMP401 is not set +# CONFIG_SENSORS_TMP421 is not set +# CONFIG_SENSORS_TMP513 is not set +# CONFIG_SENSORS_VIA686A is not set +# CONFIG_SENSORS_VT1211 is not set +# CONFIG_SENSORS_VT8231 is not set +# CONFIG_SENSORS_W83773G is not set +# CONFIG_SENSORS_W83781D is not set +# CONFIG_SENSORS_W83791D is not set +# CONFIG_SENSORS_W83792D is not set +# CONFIG_SENSORS_W83793 is not set +# CONFIG_SENSORS_W83795 is not set +# CONFIG_SENSORS_W83L785TS is not set +# CONFIG_SENSORS_W83L786NG is not set +# CONFIG_SENSORS_W83627HF is not set +# CONFIG_SENSORS_W83627EHF is not set +CONFIG_SENSORS_KIRKWOOD_CORETEMP=m +# CONFIG_SENSORS_LD6710_FBX is not set +# CONFIG_SENSORS_AP806 is not set +CONFIG_THERMAL=y +# CONFIG_THERMAL_NETLINK is not set +# CONFIG_THERMAL_STATISTICS is not set +CONFIG_THERMAL_EMERGENCY_POWEROFF_DELAY_MS=0 +CONFIG_THERMAL_HWMON=y +# CONFIG_THERMAL_OF is not set +# CONFIG_THERMAL_WRITABLE_TRIPS is not set +CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE=y +# CONFIG_THERMAL_DEFAULT_GOV_FAIR_SHARE is not set +# CONFIG_THERMAL_DEFAULT_GOV_USER_SPACE is not set +# CONFIG_THERMAL_GOV_FAIR_SHARE is not set +CONFIG_THERMAL_GOV_STEP_WISE=y +# CONFIG_THERMAL_GOV_BANG_BANG is not set +# CONFIG_THERMAL_GOV_USER_SPACE is not set +# CONFIG_THERMAL_EMULATION is not set +# CONFIG_THERMAL_MMIO is not set +# CONFIG_KIRKWOOD_THERMAL is not set +# CONFIG_ARMADA_THERMAL is not set +CONFIG_FREEBOX_WATCHDOG=y +CONFIG_FREEBOX_WATCHDOG_CHAR=y +CONFIG_FREEBOX_WATCHDOG_ORION=y +# CONFIG_FREEBOX_WATCHDOG_BCM63XX_OF is not set +# CONFIG_WATCHDOG is not set +CONFIG_SSB_POSSIBLE=y +# CONFIG_SSB is not set +CONFIG_BCMA_POSSIBLE=y +# CONFIG_BCMA is not set + +# +# Multifunction device drivers +# +# CONFIG_MFD_ACT8945A is not set +# CONFIG_MFD_AS3711 is not set +# CONFIG_MFD_AS3722 is not set +# CONFIG_PMIC_ADP5520 is not set +# CONFIG_MFD_AAT2870_CORE is not set +# CONFIG_MFD_ATMEL_FLEXCOM is not set +# CONFIG_MFD_ATMEL_HLCDC is not set +# CONFIG_MFD_BCM590XX is not set +# CONFIG_MFD_BD9571MWV is not set +# CONFIG_MFD_AXP20X_I2C is not set +# CONFIG_MFD_MADERA is not set +# CONFIG_MFD_ASIC3 is not set +# CONFIG_PMIC_DA903X is not set +# CONFIG_MFD_DA9052_SPI is not set +# CONFIG_MFD_DA9052_I2C is not set +# CONFIG_MFD_DA9055 is not set +# CONFIG_MFD_DA9062 is not set +# CONFIG_MFD_DA9063 is not set +# CONFIG_MFD_DA9150 is not set +# CONFIG_MFD_DLN2 is not set +# CONFIG_MFD_GATEWORKS_GSC is not set +# CONFIG_MFD_MC13XXX_SPI is not set +# CONFIG_MFD_MC13XXX_I2C is not set +# CONFIG_MFD_MP2629 is not set +# CONFIG_MFD_HI6421_PMIC is not set +# CONFIG_HTC_PASIC3 is not set +# CONFIG_HTC_I2CPLD is not set +# CONFIG_LPC_ICH is not set +# CONFIG_LPC_SCH is not set +# CONFIG_MFD_INTEL_PMT is not set +# CONFIG_MFD_IQS62X is not set +# CONFIG_MFD_JANZ_CMODIO is not set +# CONFIG_MFD_KEMPLD is not set +# CONFIG_MFD_88PM800 is not set +# CONFIG_MFD_88PM805 is not set +# CONFIG_MFD_88PM860X is not set +# CONFIG_MFD_MAX14577 is not set +# CONFIG_MFD_MAX77620 is not set +# CONFIG_MFD_MAX77650 is not set +# CONFIG_MFD_MAX77686 is not set +# CONFIG_MFD_MAX77693 is not set +# CONFIG_MFD_MAX77843 is not set +# CONFIG_MFD_MAX8907 is not set +# CONFIG_MFD_MAX8925 is not set +# CONFIG_MFD_MAX8997 is not set +# CONFIG_MFD_MAX8998 is not set +# CONFIG_MFD_MT6360 is not set +# CONFIG_MFD_MT6397 is not set +# CONFIG_MFD_MENF21BMC is not set +# CONFIG_EZX_PCAP is not set +# CONFIG_MFD_CPCAP is not set +# CONFIG_MFD_VIPERBOARD is not set +# CONFIG_MFD_NTXEC is not set +# CONFIG_MFD_RETU is not set +# CONFIG_MFD_PCF50633 is not set +# CONFIG_MFD_PM8XXX is not set +# CONFIG_MFD_RDC321X is not set +# CONFIG_MFD_RT4831 is not set +# CONFIG_MFD_RT5033 is not set +# CONFIG_MFD_RC5T583 is not set +# CONFIG_MFD_RK808 is not set +# CONFIG_MFD_RN5T618 is not set +# CONFIG_MFD_SEC_CORE is not set +# CONFIG_MFD_SI476X_CORE is not set +# CONFIG_MFD_SM501 is not set +# CONFIG_MFD_SKY81452 is not set +# CONFIG_MFD_STMPE is not set +# CONFIG_MFD_SYSCON is not set +# CONFIG_MFD_TI_AM335X_TSCADC is not set +# CONFIG_MFD_LP3943 is not set +# CONFIG_MFD_LP8788 is not set +# CONFIG_MFD_TI_LMU is not set +# CONFIG_MFD_PALMAS is not set +# CONFIG_TPS6105X is not set +# CONFIG_TPS65010 is not set +# CONFIG_TPS6507X is not set +# CONFIG_MFD_TPS65086 is not set +# CONFIG_MFD_TPS65090 is not set +# CONFIG_MFD_TPS65217 is not set +# CONFIG_MFD_TI_LP873X is not set +# CONFIG_MFD_TI_LP87565 is not set +# CONFIG_MFD_TPS65218 is not set +# CONFIG_MFD_TPS6586X is not set +# CONFIG_MFD_TPS65910 is not set +# CONFIG_MFD_TPS65912_I2C is not set +# CONFIG_MFD_TPS65912_SPI is not set +# CONFIG_MFD_TPS80031 is not set +# CONFIG_TWL4030_CORE is not set +# CONFIG_TWL6040_CORE is not set +# CONFIG_MFD_WL1273_CORE is not set +# CONFIG_MFD_LM3533 is not set +# CONFIG_MFD_TC3589X is not set +# CONFIG_MFD_T7L66XB is not set +# CONFIG_MFD_TC6387XB is not set +# CONFIG_MFD_TC6393XB is not set +# CONFIG_MFD_TQMX86 is not set +# CONFIG_MFD_VX855 is not set +# CONFIG_MFD_LOCHNAGAR is not set +# CONFIG_MFD_ARIZONA_I2C is not set +# CONFIG_MFD_ARIZONA_SPI is not set +# CONFIG_MFD_WM8400 is not set +# CONFIG_MFD_WM831X_I2C is not set +# CONFIG_MFD_WM831X_SPI is not set +# CONFIG_MFD_WM8350_I2C is not set +# CONFIG_MFD_WM8994 is not set +# CONFIG_MFD_ROHM_BD718XX is not set +# CONFIG_MFD_ROHM_BD70528 is not set +# CONFIG_MFD_ROHM_BD71828 is not set +# CONFIG_MFD_ROHM_BD957XMUF is not set +# CONFIG_MFD_STPMIC1 is not set +# CONFIG_MFD_STMFX is not set +# CONFIG_MFD_FBXGW7R_PANEL is not set +# CONFIG_MFD_ATC260X_I2C is not set +# CONFIG_MFD_QCOM_PM8008 is not set +# CONFIG_MFD_INTEL_M10_BMC is not set +# CONFIG_MFD_RSMU_I2C is not set +# CONFIG_MFD_RSMU_SPI is not set +# end of Multifunction device drivers + +# CONFIG_REGULATOR is not set +CONFIG_RC_CORE=y +# CONFIG_RC_MAP is not set +# CONFIG_LIRC is not set +# CONFIG_RC_DECODERS is not set +# CONFIG_RC_DEVICES is not set +# CONFIG_MEDIA_CEC_SUPPORT is not set +CONFIG_MEDIA_SUPPORT=y +# CONFIG_MEDIA_SUPPORT_FILTER is not set +# CONFIG_MEDIA_SUBDRV_AUTOSELECT is not set + +# +# Media device types +# +CONFIG_MEDIA_CAMERA_SUPPORT=y +CONFIG_MEDIA_ANALOG_TV_SUPPORT=y +CONFIG_MEDIA_DIGITAL_TV_SUPPORT=y +CONFIG_MEDIA_RADIO_SUPPORT=y +CONFIG_MEDIA_SDR_SUPPORT=y +CONFIG_MEDIA_PLATFORM_SUPPORT=y +CONFIG_MEDIA_TEST_SUPPORT=y +# end of Media device types + +# +# Media core support +# +# CONFIG_VIDEO_DEV is not set +# CONFIG_MEDIA_CONTROLLER is not set +CONFIG_DVB_CORE=y +# end of Media core support + +# +# Digital TV options +# +# CONFIG_DVB_NET is not set +CONFIG_DVB_MAX_ADAPTERS=8 +# CONFIG_DVB_DYNAMIC_MINORS is not set +# CONFIG_DVB_DEMUX_SECTION_LOSS_LOG is not set +# CONFIG_DVB_ULE_DEBUG is not set +# end of Digital TV options + +# +# Media drivers +# +CONFIG_MEDIA_USB_SUPPORT=y + +# +# Webcam devices +# + +# +# Analog TV USB devices +# + +# +# Analog/digital TV USB devices +# + +# +# Digital TV USB devices +# +CONFIG_DVB_USB=y +# CONFIG_DVB_USB_DEBUG is not set +# CONFIG_DVB_USB_A800 is not set +# CONFIG_DVB_USB_DIBUSB_MB is not set +# CONFIG_DVB_USB_DIBUSB_MC is not set +CONFIG_DVB_USB_DIB0700=m +# CONFIG_DVB_USB_UMT_010 is not set +# CONFIG_DVB_USB_CXUSB is not set +# CONFIG_DVB_USB_M920X is not set +# CONFIG_DVB_USB_DIGITV is not set +# CONFIG_DVB_USB_VP7045 is not set +# CONFIG_DVB_USB_VP702X is not set +# CONFIG_DVB_USB_GP8PSK is not set +# CONFIG_DVB_USB_NOVA_T_USB2 is not set +# CONFIG_DVB_USB_TTUSB2 is not set +# CONFIG_DVB_USB_DTT200U is not set +# CONFIG_DVB_USB_OPERA1 is not set +# CONFIG_DVB_USB_AF9005 is not set +# CONFIG_DVB_USB_PCTV452E is not set +# CONFIG_DVB_USB_DW2102 is not set +# CONFIG_DVB_USB_CINERGY_T2 is not set +# CONFIG_DVB_USB_DTV5100 is not set +# CONFIG_DVB_USB_AZ6027 is not set +# CONFIG_DVB_USB_TECHNISAT_USB2 is not set +CONFIG_DVB_USB_V2=y +CONFIG_DVB_USB_AF9035=m +# CONFIG_DVB_USB_ANYSEE is not set +# CONFIG_DVB_USB_AU6610 is not set +# CONFIG_DVB_USB_AZ6007 is not set +# CONFIG_DVB_USB_CE6230 is not set +# CONFIG_DVB_USB_EC168 is not set +# CONFIG_DVB_USB_GL861 is not set +# CONFIG_DVB_USB_LME2510 is not set +# CONFIG_DVB_USB_MXL111SF is not set +# CONFIG_DVB_USB_DVBSKY is not set +# CONFIG_DVB_USB_ZD1301 is not set +# CONFIG_DVB_TTUSB_BUDGET is not set +# CONFIG_DVB_TTUSB_DEC is not set +# CONFIG_SMS_USB_DRV is not set +# CONFIG_DVB_B2C2_FLEXCOP_USB is not set +# CONFIG_DVB_AS102 is not set + +# +# Webcam, TV (analog/digital) USB devices +# + +# +# Software defined radio USB devices +# +# CONFIG_MEDIA_PCI_SUPPORT is not set +CONFIG_CYPRESS_FIRMWARE=y +# CONFIG_V4L_PLATFORM_DRIVERS is not set +# CONFIG_DVB_PLATFORM_DRIVERS is not set +# CONFIG_SDR_PLATFORM_DRIVERS is not set +# CONFIG_DVB_TEST_DRIVERS is not set +# end of Media drivers + +# +# Media ancillary drivers +# +CONFIG_MEDIA_ATTACH=y + +# +# Media SPI Adapters +# +# CONFIG_CXD2880_SPI_DRV is not set +# end of Media SPI Adapters + +CONFIG_MEDIA_TUNER=y + +# +# Customize TV tuners +# +# CONFIG_MEDIA_TUNER_SIMPLE is not set +# CONFIG_MEDIA_TUNER_TDA18250 is not set +# CONFIG_MEDIA_TUNER_TDA8290 is not set +# CONFIG_MEDIA_TUNER_TDA827X is not set +# CONFIG_MEDIA_TUNER_TDA18271 is not set +# CONFIG_MEDIA_TUNER_TDA9887 is not set +# CONFIG_MEDIA_TUNER_TEA5761 is not set +# CONFIG_MEDIA_TUNER_TEA5767 is not set +# CONFIG_MEDIA_TUNER_MT20XX is not set +# CONFIG_MEDIA_TUNER_MT2060 is not set +# CONFIG_MEDIA_TUNER_MT2063 is not set +# CONFIG_MEDIA_TUNER_MT2266 is not set +# CONFIG_MEDIA_TUNER_MT2131 is not set +# CONFIG_MEDIA_TUNER_QT1010 is not set +# CONFIG_MEDIA_TUNER_XC2028 is not set +# CONFIG_MEDIA_TUNER_XC5000 is not set +# CONFIG_MEDIA_TUNER_XC4000 is not set +# CONFIG_MEDIA_TUNER_MXL5005S is not set +# CONFIG_MEDIA_TUNER_MXL5007T is not set +# CONFIG_MEDIA_TUNER_MC44S803 is not set +# CONFIG_MEDIA_TUNER_MAX2165 is not set +# CONFIG_MEDIA_TUNER_TDA18218 is not set +# CONFIG_MEDIA_TUNER_FC0011 is not set +# CONFIG_MEDIA_TUNER_FC0012 is not set +# CONFIG_MEDIA_TUNER_FC0013 is not set +# CONFIG_MEDIA_TUNER_TDA18212 is not set +# CONFIG_MEDIA_TUNER_M88RS6000T is not set +# CONFIG_MEDIA_TUNER_TUA9001 is not set +# CONFIG_MEDIA_TUNER_SI2157 is not set +CONFIG_MEDIA_TUNER_IT913X=m +# CONFIG_MEDIA_TUNER_R820T is not set +# CONFIG_MEDIA_TUNER_MXL301RF is not set +# CONFIG_MEDIA_TUNER_QM1D1C0042 is not set +# CONFIG_MEDIA_TUNER_QM1D1B0004 is not set +# end of Customize TV tuners + +# +# Customise DVB Frontends +# + +# +# Multistandard (satellite) frontends +# +# CONFIG_DVB_STB0899 is not set +# CONFIG_DVB_STB6100 is not set +# CONFIG_DVB_STV090x is not set +# CONFIG_DVB_STV0910 is not set +# CONFIG_DVB_STV6110x is not set +# CONFIG_DVB_STV6111 is not set +# CONFIG_DVB_MXL5XX is not set + +# +# Multistandard (cable + terrestrial) frontends +# +# CONFIG_DVB_DRXK is not set +# CONFIG_DVB_TDA18271C2DD is not set +# CONFIG_DVB_SI2165 is not set +# CONFIG_DVB_MN88472 is not set +# CONFIG_DVB_MN88473 is not set + +# +# DVB-S (satellite) frontends +# +# CONFIG_DVB_CX24110 is not set +# CONFIG_DVB_CX24123 is not set +# CONFIG_DVB_MT312 is not set +# CONFIG_DVB_ZL10036 is not set +# CONFIG_DVB_ZL10039 is not set +# CONFIG_DVB_S5H1420 is not set +# CONFIG_DVB_STV0288 is not set +# CONFIG_DVB_STB6000 is not set +# CONFIG_DVB_STV0299 is not set +# CONFIG_DVB_STV6110 is not set +# CONFIG_DVB_STV0900 is not set +# CONFIG_DVB_TDA8083 is not set +# CONFIG_DVB_TDA10086 is not set +# CONFIG_DVB_TDA8261 is not set +# CONFIG_DVB_VES1X93 is not set +# CONFIG_DVB_TUNER_ITD1000 is not set +# CONFIG_DVB_TUNER_CX24113 is not set +# CONFIG_DVB_TDA826X is not set +# CONFIG_DVB_TUA6100 is not set +# CONFIG_DVB_CX24116 is not set +# CONFIG_DVB_CX24117 is not set +# CONFIG_DVB_CX24120 is not set +# CONFIG_DVB_SI21XX is not set +# CONFIG_DVB_TS2020 is not set +# CONFIG_DVB_DS3000 is not set +# CONFIG_DVB_MB86A16 is not set +# CONFIG_DVB_TDA10071 is not set + +# +# DVB-T (terrestrial) frontends +# +# CONFIG_DVB_SP887X is not set +# CONFIG_DVB_CX22700 is not set +# CONFIG_DVB_CX22702 is not set +# CONFIG_DVB_S5H1432 is not set +# CONFIG_DVB_DRXD is not set +# CONFIG_DVB_L64781 is not set +# CONFIG_DVB_TDA1004X is not set +# CONFIG_DVB_NXT6000 is not set +# CONFIG_DVB_MT352 is not set +# CONFIG_DVB_ZL10353 is not set +# CONFIG_DVB_DIB3000MB is not set +# CONFIG_DVB_DIB3000MC is not set +CONFIG_DVB_DIB7000M=m +CONFIG_DVB_DIB7000P=m +# CONFIG_DVB_DIB9000 is not set +# CONFIG_DVB_TDA10048 is not set +# CONFIG_DVB_EC100 is not set +# CONFIG_DVB_STV0367 is not set +# CONFIG_DVB_CXD2820R is not set +# CONFIG_DVB_CXD2841ER is not set +# CONFIG_DVB_ZD1301_DEMOD is not set +# CONFIG_DVB_CXD2880 is not set + +# +# DVB-C (cable) frontends +# +# CONFIG_DVB_VES1820 is not set +# CONFIG_DVB_TDA10021 is not set +# CONFIG_DVB_TDA10023 is not set +# CONFIG_DVB_STV0297 is not set + +# +# ATSC (North American/Korean Terrestrial/Cable DTV) frontends +# +# CONFIG_DVB_NXT200X is not set +# CONFIG_DVB_OR51211 is not set +# CONFIG_DVB_OR51132 is not set +# CONFIG_DVB_BCM3510 is not set +# CONFIG_DVB_LGDT330X is not set +# CONFIG_DVB_LGDT3305 is not set +# CONFIG_DVB_LG2160 is not set +# CONFIG_DVB_S5H1409 is not set +# CONFIG_DVB_AU8522_DTV is not set +# CONFIG_DVB_S5H1411 is not set +# CONFIG_DVB_MXL692 is not set + +# +# ISDB-T (terrestrial) frontends +# +# CONFIG_DVB_S921 is not set +# CONFIG_DVB_DIB8000 is not set +# CONFIG_DVB_MB86A20S is not set + +# +# ISDB-S (satellite) & ISDB-T (terrestrial) frontends +# +# CONFIG_DVB_TC90522 is not set +# CONFIG_DVB_MN88443X is not set + +# +# Digital terrestrial only tuners/PLL +# +# CONFIG_DVB_PLL is not set +CONFIG_DVB_TUNER_DIB0070=m +# CONFIG_DVB_TUNER_DIB0090 is not set + +# +# SEC control devices for DVB-S +# +# CONFIG_DVB_DRX39XYJ is not set +# CONFIG_DVB_LNBH25 is not set +# CONFIG_DVB_LNBH29 is not set +# CONFIG_DVB_LNBP21 is not set +# CONFIG_DVB_LNBP22 is not set +# CONFIG_DVB_ISL6405 is not set +# CONFIG_DVB_ISL6421 is not set +# CONFIG_DVB_ISL6423 is not set +# CONFIG_DVB_A8293 is not set +# CONFIG_DVB_LGS8GL5 is not set +# CONFIG_DVB_LGS8GXX is not set +# CONFIG_DVB_ATBM8830 is not set +# CONFIG_DVB_TDA665x is not set +# CONFIG_DVB_IX2505V is not set +# CONFIG_DVB_M88RS2000 is not set +CONFIG_DVB_AF9033=m +# CONFIG_DVB_HORUS3A is not set +# CONFIG_DVB_ASCOT2E is not set +# CONFIG_DVB_HELENE is not set + +# +# Common Interface (EN50221) controller drivers +# +# CONFIG_DVB_CXD2099 is not set +# CONFIG_DVB_SP2 is not set +# end of Customise DVB Frontends + +# +# Tools to develop new frontends +# +# CONFIG_DVB_DUMMY_FE is not set +# end of Media ancillary drivers + +# +# Graphics support +# +# CONFIG_VGA_ARB is not set +# CONFIG_IMX_IPUV3_CORE is not set +# CONFIG_DRM is not set + +# +# ARM devices +# +# end of ARM devices + +# +# Frame buffer Devices +# +CONFIG_FB_CMDLINE=y +CONFIG_FB_NOTIFY=y +CONFIG_FB=y +# CONFIG_FIRMWARE_EDID is not set +CONFIG_FB_SYS_FILLRECT=y +CONFIG_FB_SYS_COPYAREA=y +CONFIG_FB_SYS_IMAGEBLIT=y +# CONFIG_FB_FOREIGN_ENDIAN is not set +CONFIG_FB_SYS_FOPS=y +CONFIG_FB_BACKLIGHT=y +# CONFIG_FB_MODE_HELPERS is not set +# CONFIG_FB_TILEBLITTING is not set + +# +# Frame buffer hardware drivers +# +# CONFIG_FB_CIRRUS is not set +# CONFIG_FB_PM2 is not set +# CONFIG_FB_CYBER2000 is not set +# CONFIG_FB_ASILIANT is not set +# CONFIG_FB_IMSTT is not set +# CONFIG_FB_OPENCORES is not set +# CONFIG_FB_S1D13XXX is not set +# CONFIG_FB_NVIDIA is not set +# CONFIG_FB_RIVA is not set +# CONFIG_FB_I740 is not set +# CONFIG_FB_MATROX is not set +# CONFIG_FB_RADEON is not set +# CONFIG_FB_ATY128 is not set +# CONFIG_FB_ATY is not set +# CONFIG_FB_S3 is not set +# CONFIG_FB_SAVAGE is not set +# CONFIG_FB_SIS is not set +# CONFIG_FB_NEOMAGIC is not set +# CONFIG_FB_KYRO is not set +# CONFIG_FB_3DFX is not set +# CONFIG_FB_VOODOO1 is not set +# CONFIG_FB_VT8623 is not set +# CONFIG_FB_TRIDENT is not set +# CONFIG_FB_ARK is not set +# CONFIG_FB_PM3 is not set +# CONFIG_FB_CARMINE is not set +# CONFIG_FB_SMSCUFX is not set +# CONFIG_FB_UDL is not set +# CONFIG_FB_IBM_GXT4500 is not set +# CONFIG_FB_VIRTUAL is not set +# CONFIG_FB_METRONOME is not set +# CONFIG_FB_MB862XX is not set +# CONFIG_FB_SIMPLE is not set +# CONFIG_FB_SSD1307 is not set +# CONFIG_FB_SM712 is not set +# CONFIG_FB_SSD1320 is not set +CONFIG_FB_SSD1327=y +# end of Frame buffer Devices + +# +# Backlight & LCD device support +# +# CONFIG_LCD_CLASS_DEVICE is not set +CONFIG_BACKLIGHT_CLASS_DEVICE=y +# CONFIG_BACKLIGHT_KTD253 is not set +# CONFIG_BACKLIGHT_QCOM_WLED is not set +# CONFIG_BACKLIGHT_ADP8860 is not set +# CONFIG_BACKLIGHT_ADP8870 is not set +# CONFIG_BACKLIGHT_LM3639 is not set +# CONFIG_BACKLIGHT_GPIO is not set +# CONFIG_BACKLIGHT_LV5207LP is not set +# CONFIG_BACKLIGHT_BD6107 is not set +# CONFIG_BACKLIGHT_ARCXCNN is not set +# CONFIG_BACKLIGHT_LED is not set +# end of Backlight & LCD device support + +# +# Console display driver support +# +CONFIG_DUMMY_CONSOLE=y +# CONFIG_FRAMEBUFFER_CONSOLE is not set +# end of Console display driver support + +# CONFIG_LOGO is not set +# end of Graphics support + +CONFIG_SOUND=y +CONFIG_SND=y +CONFIG_SND_TIMER=y +CONFIG_SND_PCM=y +CONFIG_SND_HWDEP=y +CONFIG_SND_RAWMIDI=y +CONFIG_SND_JACK=y +CONFIG_SND_JACK_INPUT_DEV=y +# CONFIG_SND_OSSEMUL is not set +CONFIG_SND_PCM_TIMER=y +# CONFIG_SND_HRTIMER is not set +# CONFIG_SND_DYNAMIC_MINORS is not set +# CONFIG_SND_SUPPORT_OLD_API is not set +# CONFIG_SND_PROC_FS is not set +CONFIG_SND_VERBOSE_PRINTK=y +# CONFIG_SND_DEBUG is not set +# CONFIG_SND_SEQUENCER is not set +# CONFIG_SND_DRIVERS is not set +# CONFIG_SND_PCI is not set + +# +# HD-Audio +# +# end of HD-Audio + +CONFIG_SND_HDA_PREALLOC_SIZE=64 +# CONFIG_SND_ARM is not set +# CONFIG_SND_SPI is not set +CONFIG_SND_USB=y +CONFIG_SND_USB_AUDIO=y +# CONFIG_SND_USB_UA101 is not set +# CONFIG_SND_USB_CAIAQ is not set +# CONFIG_SND_USB_6FIRE is not set +# CONFIG_SND_USB_HIFACE is not set +# CONFIG_SND_BCD2000 is not set +# CONFIG_SND_USB_POD is not set +# CONFIG_SND_USB_PODHD is not set +# CONFIG_SND_USB_TONEPORT is not set +# CONFIG_SND_USB_VARIAX is not set +CONFIG_SND_SOC=y +# CONFIG_SND_SOC_ADI is not set +# CONFIG_SND_SOC_AMD_ACP is not set +# CONFIG_SND_ATMEL_SOC is not set +# CONFIG_SND_BCM63XX_I2S_WHISTLER is not set +# CONFIG_SND_DESIGNWARE_I2S is not set + +# +# SoC Audio for Freescale CPUs +# + +# +# Common SoC Audio options for Freescale CPUs: +# +# CONFIG_SND_SOC_FSL_ASRC is not set +# CONFIG_SND_SOC_FSL_SAI is not set +# CONFIG_SND_SOC_FSL_AUDMIX is not set +# CONFIG_SND_SOC_FSL_SSI is not set +# CONFIG_SND_SOC_FSL_SPDIF is not set +# CONFIG_SND_SOC_FSL_ESAI is not set +# CONFIG_SND_SOC_FSL_MICFIL is not set +# CONFIG_SND_SOC_FSL_XCVR is not set +# CONFIG_SND_SOC_IMX_AUDMUX is not set +# end of SoC Audio for Freescale CPUs + +# CONFIG_SND_I2S_HI6210_I2S is not set +CONFIG_SND_KIRKWOOD_SOC=m +# CONFIG_SND_KIRKWOOD_SOC_ARMADA370_DB is not set +CONFIG_SND_KIRKWOOD_SOC_FBXGW2R=m +# CONFIG_SND_SOC_IMG is not set +# CONFIG_SND_SOC_MTK_BTCVSD is not set +# CONFIG_SND_SOC_SOF_TOPLEVEL is not set + +# +# STMicroelectronics STM32 SOC audio support +# +# end of STMicroelectronics STM32 SOC audio support + +# CONFIG_SND_SOC_XILINX_I2S is not set +# CONFIG_SND_SOC_XILINX_AUDIO_FORMATTER is not set +# CONFIG_SND_SOC_XILINX_SPDIF is not set +# CONFIG_SND_SOC_XTFPGA_I2S is not set +CONFIG_SND_SOC_I2C_AND_SPI=y + +# +# CODEC drivers +# +# CONFIG_SND_SOC_AC97_CODEC is not set +# CONFIG_SND_SOC_ADAU1372_I2C is not set +# CONFIG_SND_SOC_ADAU1372_SPI is not set +# CONFIG_SND_SOC_ADAU1701 is not set +# CONFIG_SND_SOC_ADAU1761_I2C is not set +# CONFIG_SND_SOC_ADAU1761_SPI is not set +# CONFIG_SND_SOC_ADAU7002 is not set +# CONFIG_SND_SOC_ADAU7118_HW is not set +# CONFIG_SND_SOC_ADAU7118_I2C is not set +# CONFIG_SND_SOC_AK4104 is not set +# CONFIG_SND_SOC_AK4118 is not set +# CONFIG_SND_SOC_AK4458 is not set +# CONFIG_SND_SOC_AK4554 is not set +# CONFIG_SND_SOC_AK4613 is not set +# CONFIG_SND_SOC_AK4642 is not set +# CONFIG_SND_SOC_AK5386 is not set +# CONFIG_SND_SOC_AK5558 is not set +# CONFIG_SND_SOC_ALC5623 is not set +# CONFIG_SND_SOC_BD28623 is not set +# CONFIG_SND_SOC_BT_SCO is not set +# CONFIG_SND_SOC_CS35L32 is not set +# CONFIG_SND_SOC_CS35L33 is not set +# CONFIG_SND_SOC_CS35L34 is not set +# CONFIG_SND_SOC_CS35L35 is not set +# CONFIG_SND_SOC_CS35L36 is not set +# CONFIG_SND_SOC_CS42L42 is not set +# CONFIG_SND_SOC_CS42L51_I2C is not set +CONFIG_SND_SOC_CS42L52=m +# CONFIG_SND_SOC_CS42L56 is not set +# CONFIG_SND_SOC_CS42L73 is not set +# CONFIG_SND_SOC_CS4234 is not set +# CONFIG_SND_SOC_CS4265 is not set +# CONFIG_SND_SOC_CS4270 is not set +# CONFIG_SND_SOC_CS4271_I2C is not set +# CONFIG_SND_SOC_CS4271_SPI is not set +# CONFIG_SND_SOC_CS42XX8_I2C is not set +# CONFIG_SND_SOC_CS43130 is not set +# CONFIG_SND_SOC_CS4341 is not set +# CONFIG_SND_SOC_CS4349 is not set +# CONFIG_SND_SOC_CS53L30 is not set +# CONFIG_SND_SOC_CX2072X is not set +# CONFIG_SND_SOC_DA7213 is not set +# CONFIG_SND_SOC_DMIC is not set +# CONFIG_SND_SOC_ES7134 is not set +# CONFIG_SND_SOC_ES7241 is not set +# CONFIG_SND_SOC_ES8316 is not set +# CONFIG_SND_SOC_ES8328_I2C is not set +# CONFIG_SND_SOC_ES8328_SPI is not set +# CONFIG_SND_SOC_GTM601 is not set +# CONFIG_SND_SOC_ICS43432 is not set +# CONFIG_SND_SOC_INNO_RK3036 is not set +# CONFIG_SND_SOC_MAX98088 is not set +# CONFIG_SND_SOC_MAX98357A is not set +# CONFIG_SND_SOC_MAX98504 is not set +# CONFIG_SND_SOC_MAX9867 is not set +# CONFIG_SND_SOC_MAX98927 is not set +# CONFIG_SND_SOC_MAX98373_I2C is not set +# CONFIG_SND_SOC_MAX98390 is not set +# CONFIG_SND_SOC_MAX9860 is not set +# CONFIG_SND_SOC_MSM8916_WCD_DIGITAL is not set +# CONFIG_SND_SOC_PCM1681 is not set +# CONFIG_SND_SOC_PCM1789_I2C is not set +# CONFIG_SND_SOC_PCM179X_I2C is not set +# CONFIG_SND_SOC_PCM179X_SPI is not set +# CONFIG_SND_SOC_PCM186X_I2C is not set +# CONFIG_SND_SOC_PCM186X_SPI is not set +# CONFIG_SND_SOC_PCM3060_I2C is not set +# CONFIG_SND_SOC_PCM3060_SPI is not set +# CONFIG_SND_SOC_PCM3168A_I2C is not set +# CONFIG_SND_SOC_PCM3168A_SPI is not set +# CONFIG_SND_SOC_PCM5102A is not set +# CONFIG_SND_SOC_PCM512x_I2C is not set +# CONFIG_SND_SOC_PCM512x_SPI is not set +# CONFIG_SND_SOC_RK3328 is not set +# CONFIG_SND_SOC_RT5616 is not set +# CONFIG_SND_SOC_RT5631 is not set +# CONFIG_SND_SOC_RT5640 is not set +# CONFIG_SND_SOC_RT5659 is not set +# CONFIG_SND_SOC_SGTL5000 is not set +# CONFIG_SND_SOC_SIMPLE_AMPLIFIER is not set +# CONFIG_SND_SOC_SIMPLE_MUX is not set +# CONFIG_SND_SOC_SPDIF is not set +# CONFIG_SND_SOC_SSM2305 is not set +# CONFIG_SND_SOC_SSM2518 is not set +# CONFIG_SND_SOC_SSM2602_SPI is not set +# CONFIG_SND_SOC_SSM2602_I2C is not set +# CONFIG_SND_SOC_SSM4567 is not set +# CONFIG_SND_SOC_STA32X is not set +# CONFIG_SND_SOC_STA350 is not set +# CONFIG_SND_SOC_STI_SAS is not set +# CONFIG_SND_SOC_TAS2552 is not set +# CONFIG_SND_SOC_TAS2562 is not set +# CONFIG_SND_SOC_TAS2764 is not set +# CONFIG_SND_SOC_TAS2770 is not set +# CONFIG_SND_SOC_TAS5086 is not set +# CONFIG_SND_SOC_TAS571X is not set +# CONFIG_SND_SOC_TAS5720 is not set +# CONFIG_SND_SOC_TAS6424 is not set +# CONFIG_SND_SOC_TDA7419 is not set +# CONFIG_SND_SOC_TFA9879 is not set +# CONFIG_SND_SOC_TFA989X is not set +# CONFIG_SND_SOC_TLV320AIC23_I2C is not set +# CONFIG_SND_SOC_TLV320AIC23_SPI is not set +# CONFIG_SND_SOC_TLV320AIC31XX is not set +# CONFIG_SND_SOC_TLV320AIC32X4_I2C is not set +# CONFIG_SND_SOC_TLV320AIC32X4_SPI is not set +# CONFIG_SND_SOC_TLV320AIC3X_I2C is not set +# CONFIG_SND_SOC_TLV320AIC3X_SPI is not set +# CONFIG_SND_SOC_TLV320ADCX140 is not set +# CONFIG_SND_SOC_TS3A227E is not set +# CONFIG_SND_SOC_TSCS42XX is not set +# CONFIG_SND_SOC_TSCS454 is not set +# CONFIG_SND_SOC_UDA1334 is not set +# CONFIG_SND_SOC_WM8510 is not set +# CONFIG_SND_SOC_WM8523 is not set +# CONFIG_SND_SOC_WM8524 is not set +# CONFIG_SND_SOC_WM8580 is not set +# CONFIG_SND_SOC_WM8711 is not set +# CONFIG_SND_SOC_WM8728 is not set +# CONFIG_SND_SOC_WM8731 is not set +# CONFIG_SND_SOC_WM8737 is not set +# CONFIG_SND_SOC_WM8741 is not set +# CONFIG_SND_SOC_WM8750 is not set +# CONFIG_SND_SOC_WM8753 is not set +# CONFIG_SND_SOC_WM8770 is not set +# CONFIG_SND_SOC_WM8776 is not set +# CONFIG_SND_SOC_WM8782 is not set +# CONFIG_SND_SOC_WM8804_I2C is not set +# CONFIG_SND_SOC_WM8804_SPI is not set +# CONFIG_SND_SOC_WM8903 is not set +# CONFIG_SND_SOC_WM8904 is not set +# CONFIG_SND_SOC_WM8960 is not set +# CONFIG_SND_SOC_WM8962 is not set +# CONFIG_SND_SOC_WM8974 is not set +# CONFIG_SND_SOC_WM8978 is not set +# CONFIG_SND_SOC_WM8985 is not set +# CONFIG_SND_SOC_ZL38060 is not set +# CONFIG_SND_SOC_MAX9759 is not set +# CONFIG_SND_SOC_MT6351 is not set +# CONFIG_SND_SOC_MT6358 is not set +# CONFIG_SND_SOC_MT6660 is not set +# CONFIG_SND_SOC_NAU8315 is not set +# CONFIG_SND_SOC_NAU8540 is not set +# CONFIG_SND_SOC_NAU8810 is not set +# CONFIG_SND_SOC_NAU8822 is not set +# CONFIG_SND_SOC_NAU8824 is not set +# CONFIG_SND_SOC_TPA6130A2 is not set +# CONFIG_SND_SOC_LPASS_WSA_MACRO is not set +# CONFIG_SND_SOC_LPASS_VA_MACRO is not set +# CONFIG_SND_SOC_LPASS_RX_MACRO is not set +# CONFIG_SND_SOC_LPASS_TX_MACRO is not set +# end of CODEC drivers + +# CONFIG_SND_SIMPLE_CARD is not set +# CONFIG_SND_AUDIO_GRAPH_CARD is not set + +# +# HID support +# +CONFIG_HID=y +# CONFIG_HID_BATTERY_STRENGTH is not set +# CONFIG_HIDRAW is not set +# CONFIG_UHID is not set +# CONFIG_HID_GENERIC is not set + +# +# Special HID drivers +# +# CONFIG_HID_A4TECH is not set +# CONFIG_HID_ACRUX is not set +# CONFIG_HID_APPLE is not set +# CONFIG_HID_AUREAL is not set +# CONFIG_HID_BELKIN is not set +# CONFIG_HID_CHERRY is not set +# CONFIG_HID_COUGAR is not set +# CONFIG_HID_MACALLY is not set +# CONFIG_HID_CMEDIA is not set +# CONFIG_HID_CYPRESS is not set +# CONFIG_HID_DRAGONRISE is not set +# CONFIG_HID_EMS_FF is not set +# CONFIG_HID_ELECOM is not set +# CONFIG_HID_EZKEY is not set +# CONFIG_HID_GEMBIRD is not set +# CONFIG_HID_GFRM is not set +# CONFIG_HID_GLORIOUS is not set +# CONFIG_HID_VIVALDI is not set +# CONFIG_HID_KEYTOUCH is not set +# CONFIG_HID_KYE is not set +# CONFIG_HID_WALTOP is not set +# CONFIG_HID_VIEWSONIC is not set +# CONFIG_HID_FBX_REMOTE_AUDIO is not set +# CONFIG_HID_GYRATION is not set +# CONFIG_HID_ICADE is not set +# CONFIG_HID_ITE is not set +# CONFIG_HID_JABRA is not set +# CONFIG_HID_TWINHAN is not set +# CONFIG_HID_KENSINGTON is not set +# CONFIG_HID_LCPOWER is not set +# CONFIG_HID_LED is not set +# CONFIG_HID_LENOVO is not set +# CONFIG_HID_MAGICMOUSE is not set +# CONFIG_HID_MALTRON is not set +# CONFIG_HID_MAYFLASH is not set +# CONFIG_HID_REDRAGON is not set +# CONFIG_HID_MICROSOFT is not set +# CONFIG_HID_MONTEREY is not set +# CONFIG_HID_MULTITOUCH is not set +# CONFIG_HID_NTI is not set +# CONFIG_HID_ORTEK is not set +# CONFIG_HID_PANTHERLORD is not set +# CONFIG_HID_PETALYNX is not set +# CONFIG_HID_PICOLCD is not set +# CONFIG_HID_PLANTRONICS is not set +# CONFIG_HID_PLAYSTATION is not set +# CONFIG_HID_PRIMAX is not set +# CONFIG_HID_SAITEK is not set +# CONFIG_HID_SEMITEK is not set +# CONFIG_HID_SPEEDLINK is not set +# CONFIG_HID_STEAM is not set +# CONFIG_HID_STEELSERIES is not set +# CONFIG_HID_SUNPLUS is not set +# CONFIG_HID_RMI is not set +# CONFIG_HID_GREENASIA is not set +# CONFIG_HID_SMARTJOYPLUS is not set +# CONFIG_HID_TIVO is not set +# CONFIG_HID_TOPSEED is not set +# CONFIG_HID_THINGM is not set +# CONFIG_HID_UDRAW_PS3 is not set +# CONFIG_HID_WIIMOTE is not set +# CONFIG_HID_XINMO is not set +# CONFIG_HID_ZEROPLUS is not set +# CONFIG_HID_ZYDACRON is not set +# CONFIG_HID_SENSOR_HUB is not set +# CONFIG_HID_ALPS is not set +# end of Special HID drivers + +# +# USB HID support +# +# CONFIG_USB_HID is not set +# CONFIG_HID_PID is not set + +# +# USB HID Boot Protocol drivers +# +# CONFIG_USB_KBD is not set +# CONFIG_USB_MOUSE is not set +# end of USB HID Boot Protocol drivers +# end of USB HID support + +# +# I2C HID support +# +# CONFIG_I2C_HID_OF is not set +# CONFIG_I2C_HID_OF_GOODIX is not set +# end of I2C HID support +# end of HID support + +CONFIG_USB_OHCI_LITTLE_ENDIAN=y +CONFIG_USB_SUPPORT=y +CONFIG_USB_COMMON=y +# CONFIG_USB_LED_TRIG is not set +# CONFIG_USB_ULPI_BUS is not set +# CONFIG_USB_CONN_GPIO is not set +CONFIG_USB_ARCH_HAS_HCD=y +CONFIG_USB=y +# CONFIG_USB_PCI is not set +CONFIG_USB_ANNOUNCE_NEW_DEVICES=y + +# +# Miscellaneous USB options +# +CONFIG_USB_DEFAULT_PERSIST=y +# CONFIG_USB_FEW_INIT_RETRIES is not set +# CONFIG_USB_DYNAMIC_MINORS is not set +# CONFIG_USB_OTG_PRODUCTLIST is not set +# CONFIG_USB_OTG_DISABLE_EXTERNAL_HUB is not set +# CONFIG_USB_LEDS_TRIGGER_USBPORT is not set +CONFIG_USB_AUTOSUSPEND_DELAY=2 +# CONFIG_USB_MON is not set + +# +# USB Host Controller Drivers +# +# CONFIG_USB_C67X00_HCD is not set +# CONFIG_USB_XHCI_HCD is not set +CONFIG_USB_EHCI_HCD=m +CONFIG_USB_EHCI_ROOT_HUB_TT=y +# CONFIG_USB_EHCI_TT_NEWSCHED is not set +# CONFIG_USB_EHCI_FSL is not set +CONFIG_USB_EHCI_HCD_ORION=m +# CONFIG_USB_EHCI_HCD_PLATFORM is not set +# CONFIG_USB_OXU210HP_HCD is not set +# CONFIG_USB_ISP116X_HCD is not set +# CONFIG_USB_FOTG210_HCD is not set +# CONFIG_USB_MAX3421_HCD is not set +# CONFIG_USB_OHCI_HCD is not set +# CONFIG_USB_SL811_HCD is not set +# CONFIG_USB_R8A66597_HCD is not set +# CONFIG_USB_HCD_TEST_MODE is not set + +# +# USB Device Class drivers +# +CONFIG_USB_ACM=y +CONFIG_USB_PRINTER=y +# CONFIG_USB_WDM is not set +# CONFIG_USB_TMC is not set + +# +# NOTE: USB_STORAGE depends on SCSI but BLK_DEV_SD may +# + +# +# also be needed; see USB_STORAGE Help for more info +# +CONFIG_USB_STORAGE=y +# CONFIG_USB_STORAGE_DEBUG is not set +# CONFIG_USB_STORAGE_REALTEK is not set +# CONFIG_USB_STORAGE_DATAFAB is not set +# CONFIG_USB_STORAGE_FREECOM is not set +# CONFIG_USB_STORAGE_ISD200 is not set +# CONFIG_USB_STORAGE_USBAT is not set +# CONFIG_USB_STORAGE_SDDR09 is not set +# CONFIG_USB_STORAGE_SDDR55 is not set +# CONFIG_USB_STORAGE_JUMPSHOT is not set +# CONFIG_USB_STORAGE_ALAUDA is not set +# CONFIG_USB_STORAGE_ONETOUCH is not set +# CONFIG_USB_STORAGE_KARMA is not set +# CONFIG_USB_STORAGE_CYPRESS_ATACB is not set +# CONFIG_USB_STORAGE_ENE_UB6250 is not set +# CONFIG_USB_UAS is not set + +# +# USB Imaging devices +# +# CONFIG_USB_MDC800 is not set +# CONFIG_USB_MICROTEK is not set +# CONFIG_USBIP_CORE is not set +# CONFIG_USB_CDNS_SUPPORT is not set +# CONFIG_USB_MUSB_HDRC is not set +# CONFIG_USB_DWC3 is not set +# CONFIG_USB_DWC2 is not set +# CONFIG_USB_CHIPIDEA is not set +# CONFIG_USB_ISP1760 is not set + +# +# USB port drivers +# +# CONFIG_USB_SERIAL is not set + +# +# USB Miscellaneous drivers +# +# CONFIG_USB_EMI62 is not set +# CONFIG_USB_EMI26 is not set +# CONFIG_USB_ADUTUX is not set +# CONFIG_USB_SEVSEG is not set +# CONFIG_USB_LEGOTOWER is not set +# CONFIG_USB_LCD is not set +# CONFIG_USB_CYPRESS_CY7C63 is not set +# CONFIG_USB_CYTHERM is not set +# CONFIG_USB_IDMOUSE is not set +# CONFIG_USB_FTDI_ELAN is not set +# CONFIG_USB_APPLEDISPLAY is not set +# CONFIG_APPLE_MFI_FASTCHARGE is not set +# CONFIG_USB_SISUSBVGA is not set +# CONFIG_USB_LD is not set +# CONFIG_USB_TRANCEVIBRATOR is not set +# CONFIG_USB_IOWARRIOR is not set +# CONFIG_USB_TEST is not set +# CONFIG_USB_EHSET_TEST_FIXTURE is not set +# CONFIG_USB_ISIGHTFW is not set +# CONFIG_USB_YUREX is not set +# CONFIG_USB_EZUSB_FX2 is not set +# CONFIG_USB_HUB_USB251XB is not set +# CONFIG_USB_HSIC_USB3503 is not set +# CONFIG_USB_HSIC_USB4604 is not set +# CONFIG_USB_LINK_LAYER_TEST is not set + +# +# USB Physical Layer drivers +# +# CONFIG_NOP_USB_XCEIV is not set +# CONFIG_USB_GPIO_VBUS is not set +# CONFIG_USB_ISP1301 is not set +# CONFIG_USB_ULPI is not set +# end of USB Physical Layer drivers + +# CONFIG_USB_GADGET is not set +# CONFIG_TYPEC is not set +# CONFIG_USB_ROLE_SWITCH is not set +# CONFIG_MMC is not set +# CONFIG_MEMSTICK is not set +CONFIG_NEW_LEDS=y +CONFIG_LEDS_CLASS=y +# CONFIG_LEDS_CLASS_FLASH is not set +# CONFIG_LEDS_CLASS_MULTICOLOR is not set +# CONFIG_LEDS_BRIGHTNESS_HW_CHANGED is not set + +# +# LED drivers +# +# CONFIG_LEDS_AN30259A is not set +# CONFIG_LEDS_AW2013 is not set +# CONFIG_LEDS_BCM6328 is not set +# CONFIG_LEDS_BCM6358 is not set +# CONFIG_LEDS_CR0014114 is not set +# CONFIG_LEDS_EL15203000 is not set +# CONFIG_LEDS_LM3530 is not set +# CONFIG_LEDS_LM3532 is not set +# CONFIG_LEDS_LM3642 is not set +# CONFIG_LEDS_LM3692X is not set +# CONFIG_LEDS_PCA9532 is not set +# CONFIG_LEDS_GPIO is not set +# CONFIG_LEDS_LP3944 is not set +# CONFIG_LEDS_LP3952 is not set +# CONFIG_LEDS_LP50XX is not set +# CONFIG_LEDS_LP55XX_COMMON is not set +# CONFIG_LEDS_LP8860 is not set +# CONFIG_LEDS_PCA955X is not set +# CONFIG_LEDS_PCA963X is not set +# CONFIG_LEDS_DAC124S085 is not set +# CONFIG_LEDS_BD2802 is not set +# CONFIG_LEDS_LT3593 is not set +# CONFIG_LEDS_NS2 is not set +# CONFIG_LEDS_NETXBIG is not set +# CONFIG_LEDS_TCA6507 is not set +# CONFIG_LEDS_TLC591XX is not set +# CONFIG_LEDS_LM355x is not set +# CONFIG_LEDS_IS31FL319X is not set +# CONFIG_LEDS_IS31FL32XX is not set + +# +# LED driver for blink(1) USB RGB LED is under Special HID drivers (HID_THINGM) +# +# CONFIG_LEDS_BLINKM is not set +# CONFIG_LEDS_MLXREG is not set +# CONFIG_LEDS_USER is not set +# CONFIG_LEDS_SPI_BYTE is not set +# CONFIG_LEDS_TI_LMU_COMMON is not set +# CONFIG_LEDS_LED1202 is not set + +# +# Flash and Torch LED drivers +# + +# +# LED Triggers +# +CONFIG_LEDS_TRIGGERS=y +# CONFIG_LEDS_TRIGGER_TIMER is not set +# CONFIG_LEDS_TRIGGER_ONESHOT is not set +# CONFIG_LEDS_TRIGGER_DISK is not set +# CONFIG_LEDS_TRIGGER_MTD is not set +# CONFIG_LEDS_TRIGGER_HEARTBEAT is not set +# CONFIG_LEDS_TRIGGER_BACKLIGHT is not set +# CONFIG_LEDS_TRIGGER_CPU is not set +# CONFIG_LEDS_TRIGGER_ACTIVITY is not set +# CONFIG_LEDS_TRIGGER_GPIO is not set +# CONFIG_LEDS_TRIGGER_DEFAULT_ON is not set + +# +# iptables trigger is under Netfilter config (LED target) +# +# CONFIG_LEDS_TRIGGER_TRANSIENT is not set +# CONFIG_LEDS_TRIGGER_CAMERA is not set +# CONFIG_LEDS_TRIGGER_PANIC is not set +# CONFIG_LEDS_TRIGGER_NETDEV is not set +# CONFIG_LEDS_TRIGGER_PATTERN is not set +# CONFIG_LEDS_TRIGGER_AUDIO is not set +# CONFIG_LEDS_TRIGGER_TTY is not set +# CONFIG_ACCESSIBILITY is not set +# CONFIG_INFINIBAND is not set +CONFIG_EDAC_ATOMIC_SCRUB=y +CONFIG_EDAC_SUPPORT=y +# CONFIG_EDAC is not set +CONFIG_RTC_LIB=y +# CONFIG_RTC_CLASS is not set +# CONFIG_DMADEVICES is not set + +# +# DMABUF options +# +# CONFIG_SYNC_FILE is not set +# CONFIG_DMABUF_HEAPS is not set +# end of DMABUF options + +# CONFIG_AUXDISPLAY is not set +# CONFIG_UIO is not set +# CONFIG_VFIO is not set +# CONFIG_VIRT_DRIVERS is not set +# CONFIG_VIRTIO_MENU is not set +# CONFIG_VDPA is not set +# CONFIG_VHOST_MENU is not set + +# +# Microsoft Hyper-V guest support +# +# end of Microsoft Hyper-V guest support + +# CONFIG_GREYBUS is not set +# CONFIG_COMEDI is not set +# CONFIG_STAGING is not set +# CONFIG_GOLDFISH is not set +# CONFIG_CHROME_PLATFORMS is not set +# CONFIG_MELLANOX_PLATFORM is not set +# CONFIG_FBXGW7R_PLATFORM is not set +CONFIG_HAVE_CLK=y +CONFIG_HAVE_CLK_PREPARE=y +CONFIG_COMMON_CLK=y + +# +# Clock driver for ARM Reference designs +# +# CONFIG_ICST is not set +# CONFIG_CLK_SP810 is not set +# end of Clock driver for ARM Reference designs + +# CONFIG_LMK04832 is not set +# CONFIG_COMMON_CLK_MAX9485 is not set +# CONFIG_COMMON_CLK_SI5341 is not set +# CONFIG_COMMON_CLK_SI5351 is not set +# CONFIG_COMMON_CLK_SI514 is not set +# CONFIG_COMMON_CLK_SI544 is not set +# CONFIG_COMMON_CLK_SI570 is not set +# CONFIG_COMMON_CLK_CDCE706 is not set +# CONFIG_COMMON_CLK_CDCE925 is not set +# CONFIG_COMMON_CLK_CS2000_CP is not set +# CONFIG_COMMON_CLK_AXI_CLKGEN is not set +# CONFIG_COMMON_CLK_VC5 is not set +# CONFIG_COMMON_CLK_FIXED_MMIO is not set +CONFIG_MVEBU_CLK_COMMON=y +CONFIG_KIRKWOOD_CLK=y +# CONFIG_XILINX_VCU is not set +# CONFIG_HWSPINLOCK is not set + +# +# Clock Source drivers +# +CONFIG_TIMER_OF=y +CONFIG_TIMER_PROBE=y +CONFIG_CLKSRC_MMIO=y +CONFIG_ORION_TIMER=y +# CONFIG_MICROCHIP_PIT64B is not set +# end of Clock Source drivers + +# CONFIG_MAILBOX is not set +# CONFIG_IOMMU_SUPPORT is not set + +# +# Remoteproc drivers +# +# CONFIG_REMOTEPROC is not set +# end of Remoteproc drivers + +# +# Rpmsg drivers +# +# CONFIG_RPMSG_VIRTIO is not set +# end of Rpmsg drivers + +# CONFIG_SOUNDWIRE is not set + +# +# SOC (System On Chip) specific Drivers +# + +# +# Amlogic SoC drivers +# +# end of Amlogic SoC drivers + +# +# Broadcom SoC drivers +# +# CONFIG_SOC_BRCMSTB is not set +# end of Broadcom SoC drivers + +# +# NXP/Freescale QorIQ SoC drivers +# +# CONFIG_QUICC_ENGINE is not set +# end of NXP/Freescale QorIQ SoC drivers + +# +# i.MX SoC drivers +# +# end of i.MX SoC drivers + +# +# Enable LiteX SoC Builder specific drivers +# +# CONFIG_LITEX_SOC_CONTROLLER is not set +# end of Enable LiteX SoC Builder specific drivers + +# +# Qualcomm SoC drivers +# +# end of Qualcomm SoC drivers + +# CONFIG_SOC_TI is not set + +# +# Xilinx SoC drivers +# +# end of Xilinx SoC drivers +# end of SOC (System On Chip) specific Drivers + +# CONFIG_PM_DEVFREQ is not set +# CONFIG_EXTCON is not set +# CONFIG_MEMORY is not set +# CONFIG_IIO is not set +# CONFIG_NTB is not set +# CONFIG_VME_BUS is not set +# CONFIG_PWM is not set + +# +# IRQ chip support +# +CONFIG_IRQCHIP=y +# CONFIG_AL_FIC is not set +CONFIG_ORION_IRQCHIP=y +# end of IRQ chip support + +# CONFIG_IPACK_BUS is not set +CONFIG_RESET_CONTROLLER=y +# CONFIG_RESET_TI_SYSCON is not set + +# +# PHY Subsystem +# +CONFIG_GENERIC_PHY=y +# CONFIG_PHY_CAN_TRANSCEIVER is not set +# CONFIG_XDSL_PHY_API is not set +# CONFIG_BCM_KONA_USB2_PHY is not set +# CONFIG_PHY_CADENCE_TORRENT is not set +# CONFIG_PHY_CADENCE_DPHY is not set +# CONFIG_PHY_CADENCE_SIERRA is not set +# CONFIG_PHY_CADENCE_SALVO is not set +# CONFIG_PHY_FSL_IMX8MQ_USB is not set +# CONFIG_PHY_MIXEL_MIPI_DPHY is not set +# CONFIG_PHY_MVEBU_A3700_UTMI is not set +# CONFIG_PHY_MVEBU_A38X_COMPHY is not set +# CONFIG_PHY_MVEBU_CP110_UTMI is not set +CONFIG_PHY_MVEBU_SATA=y +# CONFIG_PHY_PXA_28NM_HSIC is not set +# CONFIG_PHY_PXA_28NM_USB2 is not set +# CONFIG_PHY_UTMI_CP110 is not set +# CONFIG_PHY_MAPPHONE_MDM6600 is not set +# end of PHY Subsystem + +# CONFIG_POWERCAP is not set +# CONFIG_MCB is not set +CONFIG_RAS=y +# CONFIG_USB4 is not set + +# +# Android +# +# CONFIG_ANDROID is not set +# end of Android + +CONFIG_DAX=y +CONFIG_NVMEM=y +CONFIG_NVMEM_SYSFS=y +# CONFIG_NVMEM_IGNORE_RO is not set +# CONFIG_NVMEM_RMEM is not set + +# +# HW tracing support +# +# CONFIG_STM is not set +# CONFIG_INTEL_TH is not set +# end of HW tracing support + +# CONFIG_FPGA is not set +# CONFIG_FSI is not set +# CONFIG_SIOX is not set +# CONFIG_SLIMBUS is not set +# CONFIG_INTERCONNECT is not set +# CONFIG_COUNTER is not set +# CONFIG_MOST is not set +# end of Device Drivers + +# +# File systems +# +# CONFIG_VALIDATE_FS_PARSER is not set +CONFIG_FS_IOMAP=y +CONFIG_EXT2_FS=y +# CONFIG_EXT2_FS_XATTR is not set +CONFIG_EXT3_FS=y +# CONFIG_EXT3_FS_POSIX_ACL is not set +# CONFIG_EXT3_FS_SECURITY is not set +CONFIG_EXT4_FS=y +# CONFIG_EXT4_FS_POSIX_ACL is not set +# CONFIG_EXT4_FS_SECURITY is not set +# CONFIG_EXT4_DEBUG is not set +CONFIG_JBD2=y +# CONFIG_JBD2_DEBUG is not set +CONFIG_FS_MBCACHE=y +# CONFIG_REISERFS_FS is not set +# CONFIG_JFS_FS is not set +CONFIG_XFS_FS=y +# CONFIG_XFS_SUPPORT_V4 is not set +# CONFIG_XFS_QUOTA is not set +# CONFIG_XFS_POSIX_ACL is not set +# CONFIG_XFS_RT is not set +# CONFIG_XFS_ONLINE_SCRUB is not set +# CONFIG_XFS_WARN is not set +# CONFIG_XFS_DEBUG is not set +# CONFIG_GFS2_FS is not set +# CONFIG_OCFS2_FS is not set +# CONFIG_BTRFS_FS is not set +# CONFIG_NILFS2_FS is not set +# CONFIG_F2FS_FS is not set +CONFIG_FS_POSIX_ACL=y +CONFIG_EXPORTFS=y +# CONFIG_EXPORTFS_BLOCK_OPS is not set +CONFIG_FILE_LOCKING=y +# CONFIG_FS_ENCRYPTION is not set +# CONFIG_FS_VERITY is not set +CONFIG_FSNOTIFY=y +CONFIG_DNOTIFY=y +CONFIG_INOTIFY_USER=y +CONFIG_FANOTIFY=y +# CONFIG_QUOTA is not set +# CONFIG_AUTOFS4_FS is not set +# CONFIG_AUTOFS_FS is not set +CONFIG_FUSE_FS=y +# CONFIG_CUSE is not set +# CONFIG_VIRTIO_FS is not set +# CONFIG_OVERLAY_FS is not set + +# +# Caches +# +# CONFIG_FSCACHE is not set +# end of Caches + +# +# CD-ROM/DVD Filesystems +# +# CONFIG_ISO9660_FS is not set +# CONFIG_UDF_FS is not set +# end of CD-ROM/DVD Filesystems + +# +# DOS/FAT/EXFAT/NT Filesystems +# +CONFIG_FAT_FS=y +CONFIG_MSDOS_FS=y +CONFIG_VFAT_FS=y +CONFIG_FAT_DEFAULT_CODEPAGE=850 +CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" +# CONFIG_FAT_DEFAULT_UTF8 is not set +# CONFIG_EXFAT_FS is not set +CONFIG_NTFS_FS=y +# CONFIG_NTFS_DEBUG is not set +# CONFIG_NTFS_RW is not set +# CONFIG_NTFS3_FS is not set +CONFIG_EXFAT_FS_FBX=y +# end of DOS/FAT/EXFAT/NT Filesystems + +# +# Pseudo filesystems +# +CONFIG_PROC_FS=y +CONFIG_PROC_SYSCTL=y +CONFIG_PROC_PAGE_MONITOR=y +# CONFIG_PROC_CHILDREN is not set +CONFIG_KERNFS=y +CONFIG_SYSFS=y +CONFIG_TMPFS=y +# CONFIG_TMPFS_POSIX_ACL is not set +# CONFIG_TMPFS_XATTR is not set +CONFIG_MEMFD_CREATE=y +CONFIG_CONFIGFS_FS=y +# end of Pseudo filesystems + +CONFIG_MISC_FILESYSTEMS=y +# CONFIG_ORANGEFS_FS is not set +# CONFIG_ADFS_FS is not set +# CONFIG_AFFS_FS is not set +# CONFIG_ECRYPT_FS is not set +CONFIG_HFS_FS=y +CONFIG_HFSPLUS_FS=y +# CONFIG_BEFS_FS is not set +# CONFIG_BFS_FS is not set +# CONFIG_EFS_FS is not set +# CONFIG_JFFS2_FS is not set +CONFIG_UBIFS_FS=y +CONFIG_UBIFS_FS_ADVANCED_COMPR=y +CONFIG_UBIFS_FS_LZO=y +CONFIG_UBIFS_FS_ZLIB=y +# CONFIG_UBIFS_FS_ZSTD is not set +# CONFIG_UBIFS_ATIME_SUPPORT is not set +# CONFIG_UBIFS_FS_XATTR is not set +# CONFIG_UBIFS_FS_AUTHENTICATION is not set +CONFIG_CRAMFS=y +CONFIG_CRAMFS_BLOCKDEV=y +CONFIG_CRAMFS_MTD=y +CONFIG_SQUASHFS=y +# CONFIG_SQUASHFS_FILE_CACHE is not set +CONFIG_SQUASHFS_FILE_DIRECT=y +CONFIG_SQUASHFS_DECOMP_SINGLE=y +# CONFIG_SQUASHFS_DECOMP_MULTI is not set +# CONFIG_SQUASHFS_DECOMP_MULTI_PERCPU is not set +# CONFIG_SQUASHFS_XATTR is not set +# CONFIG_SQUASHFS_ZLIB is not set +# CONFIG_SQUASHFS_LZ4 is not set +# CONFIG_SQUASHFS_LZO is not set +CONFIG_SQUASHFS_XZ=y +# CONFIG_SQUASHFS_ZSTD is not set +# CONFIG_SQUASHFS_4K_DEVBLK_SIZE is not set +# CONFIG_SQUASHFS_EMBEDDED is not set +CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3 +# CONFIG_VXFS_FS is not set +# CONFIG_MINIX_FS is not set +# CONFIG_OMFS_FS is not set +# CONFIG_HPFS_FS is not set +# CONFIG_QNX4FS_FS is not set +# CONFIG_QNX6FS_FS is not set +# CONFIG_ROMFS_FS is not set +CONFIG_PSTORE=y +CONFIG_PSTORE_DEFAULT_KMSG_BYTES=10240 +# CONFIG_PSTORE_DEFLATE_COMPRESS is not set +# CONFIG_PSTORE_LZO_COMPRESS is not set +# CONFIG_PSTORE_LZ4_COMPRESS is not set +# CONFIG_PSTORE_LZ4HC_COMPRESS is not set +# CONFIG_PSTORE_842_COMPRESS is not set +# CONFIG_PSTORE_ZSTD_COMPRESS is not set +# CONFIG_PSTORE_CONSOLE is not set +# CONFIG_PSTORE_PMSG is not set +CONFIG_PSTORE_RAM=y +# CONFIG_PSTORE_BLK is not set +# CONFIG_SYSV_FS is not set +# CONFIG_UFS_FS is not set +# CONFIG_EROFS_FS is not set +CONFIG_NETWORK_FILESYSTEMS=y +CONFIG_NFS_FS=y +CONFIG_NFS_V2=y +CONFIG_NFS_V3=y +# CONFIG_NFS_V3_ACL is not set +# CONFIG_NFS_V4 is not set +# CONFIG_NFS_SWAP is not set +CONFIG_ROOT_NFS=y +# CONFIG_NFS_DISABLE_UDP_SUPPORT is not set +CONFIG_NFSD=y +CONFIG_NFSD_V3=y +# CONFIG_NFSD_V3_ACL is not set +CONFIG_NFSD_V4=y +# CONFIG_NFSD_BLOCKLAYOUT is not set +# CONFIG_NFSD_SCSILAYOUT is not set +# CONFIG_NFSD_FLEXFILELAYOUT is not set +CONFIG_GRACE_PERIOD=y +CONFIG_LOCKD=y +CONFIG_LOCKD_V4=y +CONFIG_NFS_COMMON=y +CONFIG_SUNRPC=y +CONFIG_SUNRPC_GSS=y +# CONFIG_SUNRPC_DEBUG is not set +# CONFIG_CEPH_FS is not set +# CONFIG_CIFS is not set +CONFIG_SMB_SERVER=y +CONFIG_SMB_INSECURE_SERVER=y +CONFIG_SMB_SERVER_CHECK_CAP_NET_ADMIN=y +# CONFIG_SMB_SERVER_KERBEROS5 is not set +# CONFIG_CODA_FS is not set +# CONFIG_AFS_FS is not set +CONFIG_NLS=y +CONFIG_NLS_DEFAULT="iso8859-1" +CONFIG_NLS_CODEPAGE_437=y +# CONFIG_NLS_CODEPAGE_737 is not set +# CONFIG_NLS_CODEPAGE_775 is not set +CONFIG_NLS_CODEPAGE_850=y +# CONFIG_NLS_CODEPAGE_852 is not set +# CONFIG_NLS_CODEPAGE_855 is not set +# CONFIG_NLS_CODEPAGE_857 is not set +# CONFIG_NLS_CODEPAGE_860 is not set +# CONFIG_NLS_CODEPAGE_861 is not set +# CONFIG_NLS_CODEPAGE_862 is not set +# CONFIG_NLS_CODEPAGE_863 is not set +# CONFIG_NLS_CODEPAGE_864 is not set +# CONFIG_NLS_CODEPAGE_865 is not set +# CONFIG_NLS_CODEPAGE_866 is not set +# CONFIG_NLS_CODEPAGE_869 is not set +# CONFIG_NLS_CODEPAGE_936 is not set +# CONFIG_NLS_CODEPAGE_950 is not set +# CONFIG_NLS_CODEPAGE_932 is not set +# CONFIG_NLS_CODEPAGE_949 is not set +# CONFIG_NLS_CODEPAGE_874 is not set +# CONFIG_NLS_ISO8859_8 is not set +# CONFIG_NLS_CODEPAGE_1250 is not set +# CONFIG_NLS_CODEPAGE_1251 is not set +# CONFIG_NLS_ASCII is not set +CONFIG_NLS_ISO8859_1=y +CONFIG_NLS_ISO8859_2=y +# CONFIG_NLS_ISO8859_3 is not set +# CONFIG_NLS_ISO8859_4 is not set +# CONFIG_NLS_ISO8859_5 is not set +# CONFIG_NLS_ISO8859_6 is not set +# CONFIG_NLS_ISO8859_7 is not set +# CONFIG_NLS_ISO8859_9 is not set +# CONFIG_NLS_ISO8859_13 is not set +# CONFIG_NLS_ISO8859_14 is not set +# CONFIG_NLS_ISO8859_15 is not set +# CONFIG_NLS_KOI8_R is not set +# CONFIG_NLS_KOI8_U is not set +# CONFIG_NLS_MAC_ROMAN is not set +# CONFIG_NLS_MAC_CELTIC is not set +# CONFIG_NLS_MAC_CENTEURO is not set +# CONFIG_NLS_MAC_CROATIAN is not set +# CONFIG_NLS_MAC_CYRILLIC is not set +# CONFIG_NLS_MAC_GAELIC is not set +# CONFIG_NLS_MAC_GREEK is not set +# CONFIG_NLS_MAC_ICELAND is not set +# CONFIG_NLS_MAC_INUIT is not set +# CONFIG_NLS_MAC_ROMANIAN is not set +# CONFIG_NLS_MAC_TURKISH is not set +CONFIG_NLS_UTF8=y +# CONFIG_DLM is not set +# CONFIG_UNICODE is not set +# end of File systems + +# +# Security options +# +CONFIG_KEYS=y +# CONFIG_KEYS_REQUEST_CACHE is not set +# CONFIG_PERSISTENT_KEYRINGS is not set +# CONFIG_BIG_KEYS is not set +# CONFIG_ENCRYPTED_KEYS is not set +# CONFIG_KEY_DH_OPERATIONS is not set +# CONFIG_SECURITY_DMESG_RESTRICT is not set +# CONFIG_SECURITY is not set +# CONFIG_SECURITYFS is not set +CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=y +# CONFIG_HARDENED_USERCOPY is not set +# CONFIG_FORTIFY_SOURCE is not set +# CONFIG_STATIC_USERMODEHELPER is not set +CONFIG_DEFAULT_SECURITY_DAC=y +CONFIG_LSM="yama,loadpin,safesetid,integrity" + +# +# Kernel hardening options +# + +# +# Memory initialization +# +CONFIG_INIT_STACK_NONE=y +# CONFIG_GCC_PLUGIN_STRUCTLEAK_USER is not set +# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF is not set +# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL is not set +# CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set +# CONFIG_INIT_ON_FREE_DEFAULT_ON is not set +# end of Memory initialization +# end of Kernel hardening options +# end of Security options + +CONFIG_CRYPTO=y + +# +# Crypto core or helper +# +CONFIG_CRYPTO_ALGAPI=y +CONFIG_CRYPTO_ALGAPI2=y +CONFIG_CRYPTO_AEAD=y +CONFIG_CRYPTO_AEAD2=y +CONFIG_CRYPTO_SKCIPHER=y +CONFIG_CRYPTO_SKCIPHER2=y +CONFIG_CRYPTO_HASH=y +CONFIG_CRYPTO_HASH2=y +CONFIG_CRYPTO_RNG=y +CONFIG_CRYPTO_RNG2=y +CONFIG_CRYPTO_RNG_DEFAULT=y +CONFIG_CRYPTO_AKCIPHER2=y +CONFIG_CRYPTO_AKCIPHER=y +CONFIG_CRYPTO_KPP2=y +CONFIG_CRYPTO_KPP=y +CONFIG_CRYPTO_ACOMP2=y +CONFIG_CRYPTO_MANAGER=y +CONFIG_CRYPTO_MANAGER2=y +# CONFIG_CRYPTO_USER is not set +CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y +CONFIG_CRYPTO_GF128MUL=y +CONFIG_CRYPTO_NULL=y +CONFIG_CRYPTO_NULL2=y +# CONFIG_CRYPTO_CRYPTD is not set +CONFIG_CRYPTO_AUTHENC=y +# CONFIG_CRYPTO_TEST is not set + +# +# Public-key cryptography +# +CONFIG_CRYPTO_RSA=y +# CONFIG_CRYPTO_DH is not set +CONFIG_CRYPTO_ECC=y +CONFIG_CRYPTO_ECDH=y +CONFIG_CRYPTO_ECDSA=y +# CONFIG_CRYPTO_ECRDSA is not set +# CONFIG_CRYPTO_SM2 is not set +# CONFIG_CRYPTO_CURVE25519 is not set + +# +# Authenticated Encryption with Associated Data +# +CONFIG_CRYPTO_CCM=y +CONFIG_CRYPTO_GCM=y +CONFIG_CRYPTO_CHACHA20POLY1305=y +# CONFIG_CRYPTO_AEGIS128 is not set +CONFIG_CRYPTO_SEQIV=y +CONFIG_CRYPTO_ECHAINIV=y + +# +# Block modes +# +CONFIG_CRYPTO_CBC=y +# CONFIG_CRYPTO_CFB is not set +CONFIG_CRYPTO_CTR=y +# CONFIG_CRYPTO_CTS is not set +CONFIG_CRYPTO_ECB=y +# CONFIG_CRYPTO_LRW is not set +# CONFIG_CRYPTO_OFB is not set +# CONFIG_CRYPTO_PCBC is not set +# CONFIG_CRYPTO_XTS is not set +# CONFIG_CRYPTO_KEYWRAP is not set +# CONFIG_CRYPTO_ADIANTUM is not set +CONFIG_CRYPTO_ESSIV=y + +# +# Hash modes +# +CONFIG_CRYPTO_CMAC=y +CONFIG_CRYPTO_HMAC=y +# CONFIG_CRYPTO_XCBC is not set +# CONFIG_CRYPTO_VMAC is not set + +# +# Digest +# +CONFIG_CRYPTO_CRC32C=y +# CONFIG_CRYPTO_CRC32 is not set +# CONFIG_CRYPTO_XXHASH is not set +# CONFIG_CRYPTO_BLAKE2B is not set +# CONFIG_CRYPTO_BLAKE2S is not set +# CONFIG_CRYPTO_CRCT10DIF is not set +CONFIG_CRYPTO_GHASH=y +CONFIG_CRYPTO_POLY1305=y +CONFIG_CRYPTO_MD4=y +CONFIG_CRYPTO_MD5=y +# CONFIG_CRYPTO_MICHAEL_MIC is not set +# CONFIG_CRYPTO_RMD160 is not set +CONFIG_CRYPTO_SHA1=y +CONFIG_CRYPTO_SHA256=y +CONFIG_CRYPTO_SHA512=y +CONFIG_CRYPTO_SHA3=y +# CONFIG_CRYPTO_SM3 is not set +# CONFIG_CRYPTO_STREEBOG is not set +# CONFIG_CRYPTO_WP512 is not set + +# +# Ciphers +# +CONFIG_CRYPTO_AES=y +# CONFIG_CRYPTO_AES_TI is not set +# CONFIG_CRYPTO_BLOWFISH is not set +# CONFIG_CRYPTO_CAMELLIA is not set +# CONFIG_CRYPTO_CAST5 is not set +# CONFIG_CRYPTO_CAST6 is not set +CONFIG_CRYPTO_DES=y +# CONFIG_CRYPTO_FCRYPT is not set +CONFIG_CRYPTO_CHACHA20=y +# CONFIG_CRYPTO_SERPENT is not set +# CONFIG_CRYPTO_SM4 is not set +# CONFIG_CRYPTO_TWOFISH is not set + +# +# Compression +# +CONFIG_CRYPTO_DEFLATE=y +CONFIG_CRYPTO_LZO=y +# CONFIG_CRYPTO_842 is not set +# CONFIG_CRYPTO_LZ4 is not set +# CONFIG_CRYPTO_LZ4HC is not set +# CONFIG_CRYPTO_ZSTD is not set + +# +# Random Number Generation +# +# CONFIG_CRYPTO_ANSI_CPRNG is not set +CONFIG_CRYPTO_DRBG_MENU=y +CONFIG_CRYPTO_DRBG_HMAC=y +# CONFIG_CRYPTO_DRBG_HASH is not set +# CONFIG_CRYPTO_DRBG_CTR is not set +CONFIG_CRYPTO_DRBG=y +CONFIG_CRYPTO_JITTERENTROPY=y +# CONFIG_CRYPTO_USER_API_HASH is not set +# CONFIG_CRYPTO_USER_API_SKCIPHER is not set +# CONFIG_CRYPTO_USER_API_RNG is not set +# CONFIG_CRYPTO_USER_API_AEAD is not set +CONFIG_CRYPTO_HASH_INFO=y + +# +# Crypto library routines +# +CONFIG_CRYPTO_LIB_AES=y +CONFIG_CRYPTO_LIB_ARC4=y +CONFIG_CRYPTO_ARCH_HAVE_LIB_BLAKE2S=y +CONFIG_CRYPTO_LIB_BLAKE2S=y +CONFIG_CRYPTO_ARCH_HAVE_LIB_CHACHA=y +CONFIG_CRYPTO_LIB_CHACHA_GENERIC=y +CONFIG_CRYPTO_LIB_CHACHA=y +CONFIG_CRYPTO_LIB_CURVE25519_GENERIC=y +CONFIG_CRYPTO_LIB_CURVE25519=y +CONFIG_CRYPTO_LIB_DES=y +CONFIG_CRYPTO_LIB_POLY1305_RSIZE=9 +CONFIG_CRYPTO_ARCH_HAVE_LIB_POLY1305=y +CONFIG_CRYPTO_LIB_POLY1305_GENERIC=y +CONFIG_CRYPTO_LIB_POLY1305=y +CONFIG_CRYPTO_LIB_CHACHA20POLY1305=y +CONFIG_CRYPTO_LIB_SHA256=y +# CONFIG_CRYPTO_HW is not set +CONFIG_ASYMMETRIC_KEY_TYPE=y +CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y +CONFIG_X509_CERTIFICATE_PARSER=y +# CONFIG_PKCS8_PRIVATE_KEY_PARSER is not set +CONFIG_PKCS7_MESSAGE_PARSER=y + +# +# Certificates for signature checking +# +CONFIG_SYSTEM_TRUSTED_KEYRING=y +CONFIG_SYSTEM_TRUSTED_KEYS="" +# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set +# CONFIG_SECONDARY_TRUSTED_KEYRING is not set +# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set +# end of Certificates for signature checking + +# +# Library routines +# +# CONFIG_PACKING is not set +CONFIG_BITREVERSE=y +CONFIG_GENERIC_STRNCPY_FROM_USER=y +CONFIG_GENERIC_STRNLEN_USER=y +CONFIG_GENERIC_NET_UTILS=y +# CONFIG_CORDIC is not set +# CONFIG_PRIME_NUMBERS is not set +CONFIG_RATIONAL=y +CONFIG_GENERIC_PCI_IOMAP=y +CONFIG_ARCH_USE_CMPXCHG_LOCKREF=y +CONFIG_CRC_CCITT=y +CONFIG_CRC16=y +# CONFIG_CRC_T10DIF is not set +# CONFIG_CRC_ITU_T is not set +CONFIG_CRC32=y +# CONFIG_CRC32_SELFTEST is not set +CONFIG_CRC32_SLICEBY8=y +# CONFIG_CRC32_SLICEBY4 is not set +# CONFIG_CRC32_SARWATE is not set +# CONFIG_CRC32_BIT is not set +# CONFIG_CRC64 is not set +# CONFIG_CRC4 is not set +# CONFIG_CRC7 is not set +CONFIG_LIBCRC32C=y +# CONFIG_CRC8 is not set +CONFIG_AUDIT_GENERIC=y +# CONFIG_RANDOM32_SELFTEST is not set +CONFIG_ZLIB_INFLATE=y +CONFIG_ZLIB_DEFLATE=y +CONFIG_LZO_COMPRESS=y +CONFIG_LZO_DECOMPRESS=y +CONFIG_XZ_DEC=y +# CONFIG_XZ_DEC_X86 is not set +# CONFIG_XZ_DEC_POWERPC is not set +# CONFIG_XZ_DEC_IA64 is not set +CONFIG_XZ_DEC_ARM=y +# CONFIG_XZ_DEC_ARMTHUMB is not set +# CONFIG_XZ_DEC_SPARC is not set +CONFIG_XZ_DEC_BCJ=y +# CONFIG_XZ_DEC_TEST is not set +CONFIG_GENERIC_ALLOCATOR=y +CONFIG_REED_SOLOMON=y +CONFIG_REED_SOLOMON_ENC8=y +CONFIG_REED_SOLOMON_DEC8=y +CONFIG_BCH=y +CONFIG_ASSOCIATIVE_ARRAY=y +CONFIG_HAS_IOMEM=y +CONFIG_HAS_IOPORT_MAP=y +CONFIG_HAS_DMA=y +CONFIG_DMA_OPS=y +CONFIG_NEED_DMA_MAP_STATE=y +CONFIG_ARCH_HAS_DMA_WRITE_COMBINE=y +CONFIG_DMA_DECLARE_COHERENT=y +CONFIG_ARCH_HAS_SETUP_DMA_OPS=y +CONFIG_ARCH_HAS_TEARDOWN_DMA_OPS=y +CONFIG_DMA_NONCOHERENT_MMAP=y +CONFIG_DMA_REMAP=y +# CONFIG_DMA_API_DEBUG is not set +# CONFIG_DMA_MAP_BENCHMARK is not set +CONFIG_SGL_ALLOC=y +CONFIG_DQL=y +CONFIG_GLOB=y +# CONFIG_GLOB_SELFTEST is not set +CONFIG_NLATTR=y +CONFIG_GENERIC_ATOMIC64=y +CONFIG_CLZ_TAB=y +# CONFIG_IRQ_POLL is not set +CONFIG_MPILIB=y +CONFIG_LIBFDT=y +CONFIG_OID_REGISTRY=y +CONFIG_SG_POOL=y +CONFIG_SBITMAP=y +CONFIG_ARCH_HAS_FBXSERIAL=y +CONFIG_FBXSERIAL=y +# end of Library routines + +CONFIG_GENERIC_LIB_DEVMEM_IS_ALLOWED=y + +# +# Kernel hacking +# + +# +# printk and dmesg options +# +CONFIG_PRINTK_TIME=y +# CONFIG_PRINTK_CALLER is not set +# CONFIG_STACKTRACE_BUILD_ID is not set +CONFIG_CONSOLE_LOGLEVEL_DEFAULT=7 +CONFIG_CONSOLE_LOGLEVEL_QUIET=4 +CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4 +# CONFIG_BOOT_PRINTK_DELAY is not set +# CONFIG_DYNAMIC_DEBUG is not set +# CONFIG_DYNAMIC_DEBUG_CORE is not set +# CONFIG_SYMBOLIC_ERRNAME is not set +CONFIG_DEBUG_BUGVERBOSE=y +# end of printk and dmesg options + +# +# Compile-time checks and compiler options +# +# CONFIG_DEBUG_INFO is not set +CONFIG_FRAME_WARN=1024 +# CONFIG_STRIP_ASM_SYMS is not set +CONFIG_READABLE_ASM=y +# CONFIG_HEADERS_INSTALL is not set +# CONFIG_DEBUG_SECTION_MISMATCH is not set +CONFIG_SECTION_MISMATCH_WARN_ONLY=y +# CONFIG_VMLINUX_MAP is not set +# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set +# end of Compile-time checks and compiler options + +# +# Generic Kernel Debugging Instruments +# +CONFIG_MAGIC_SYSRQ=y +CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE=0x1 +CONFIG_MAGIC_SYSRQ_SERIAL=y +CONFIG_MAGIC_SYSRQ_SERIAL_SEQUENCE="" +CONFIG_DEBUG_FS=y +CONFIG_DEBUG_FS_ALLOW_ALL=y +# CONFIG_DEBUG_FS_DISALLOW_MOUNT is not set +# CONFIG_DEBUG_FS_ALLOW_NONE is not set +CONFIG_HAVE_ARCH_KGDB=y +# CONFIG_KGDB is not set +# CONFIG_UBSAN is not set +# end of Generic Kernel Debugging Instruments + +CONFIG_DEBUG_KERNEL=y +# CONFIG_DEBUG_MISC is not set + +# +# Memory Debugging +# +# CONFIG_PAGE_EXTENSION is not set +# CONFIG_DEBUG_PAGEALLOC is not set +# CONFIG_PAGE_OWNER is not set +CONFIG_PAGE_POISONING=y +# CONFIG_DEBUG_RODATA_TEST is not set +# CONFIG_DEBUG_WX is not set +CONFIG_DEBUG_OBJECTS=y +# CONFIG_DEBUG_OBJECTS_SELFTEST is not set +# CONFIG_DEBUG_OBJECTS_FREE is not set +CONFIG_DEBUG_OBJECTS_TIMERS=y +CONFIG_DEBUG_OBJECTS_WORK=y +CONFIG_DEBUG_OBJECTS_RCU_HEAD=y +# CONFIG_DEBUG_OBJECTS_PERCPU_COUNTER is not set +CONFIG_DEBUG_OBJECTS_ENABLE_DEFAULT=1 +# CONFIG_SLUB_DEBUG_ON is not set +# CONFIG_SLUB_STATS is not set +CONFIG_HAVE_DEBUG_KMEMLEAK=y +# CONFIG_DEBUG_KMEMLEAK is not set +# CONFIG_DEBUG_STACK_USAGE is not set +# CONFIG_SCHED_STACK_END_CHECK is not set +# CONFIG_DEBUG_VM is not set +CONFIG_ARCH_HAS_DEBUG_VIRTUAL=y +# CONFIG_DEBUG_VIRTUAL is not set +CONFIG_DEBUG_MEMORY_INIT=y +CONFIG_HAVE_ARCH_KASAN=y +CONFIG_CC_HAS_KASAN_GENERIC=y +CONFIG_CC_HAS_WORKING_NOSANITIZE_ADDRESS=y +# CONFIG_KASAN is not set +# end of Memory Debugging + +# CONFIG_DEBUG_SHIRQ is not set + +# +# Debug Oops, Lockups and Hangs +# +CONFIG_PANIC_ON_OOPS=y +CONFIG_PANIC_ON_OOPS_VALUE=1 +CONFIG_PANIC_TIMEOUT=10 +# CONFIG_SOFTLOCKUP_DETECTOR is not set +CONFIG_DETECT_HUNG_TASK=y +CONFIG_DEFAULT_HUNG_TASK_TIMEOUT=120 +CONFIG_BOOTPARAM_HUNG_TASK_PANIC=y +CONFIG_BOOTPARAM_HUNG_TASK_PANIC_VALUE=1 +# CONFIG_WQ_WATCHDOG is not set +# CONFIG_TEST_LOCKUP is not set +# end of Debug Oops, Lockups and Hangs + +# +# Scheduler Debugging +# +# CONFIG_SCHED_DEBUG is not set +# CONFIG_SCHEDSTATS is not set +# end of Scheduler Debugging + +# CONFIG_DEBUG_TIMEKEEPING is not set + +# +# Lock Debugging (spinlocks, mutexes, etc...) +# +CONFIG_LOCK_DEBUGGING_SUPPORT=y +# CONFIG_PROVE_LOCKING is not set +# CONFIG_LOCK_STAT is not set +CONFIG_DEBUG_RT_MUTEXES=y +CONFIG_DEBUG_SPINLOCK=y +CONFIG_DEBUG_MUTEXES=y +# CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set +# CONFIG_DEBUG_RWSEMS is not set +# CONFIG_DEBUG_LOCK_ALLOC is not set +CONFIG_DEBUG_ATOMIC_SLEEP=y +# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set +# CONFIG_LOCK_TORTURE_TEST is not set +# CONFIG_WW_MUTEX_SELFTEST is not set +# CONFIG_SCF_TORTURE_TEST is not set +# end of Lock Debugging (spinlocks, mutexes, etc...) + +# CONFIG_DEBUG_IRQFLAGS is not set +CONFIG_STACKTRACE=y +# CONFIG_WARN_ALL_UNSEEDED_RANDOM is not set +# CONFIG_DEBUG_KOBJECT is not set +# CONFIG_DEBUG_KOBJECT_RELEASE is not set + +# +# Debug kernel data structures +# +CONFIG_DEBUG_LIST=y +# CONFIG_DEBUG_PLIST is not set +CONFIG_DEBUG_SG=y +CONFIG_DEBUG_NOTIFIERS=y +# CONFIG_BUG_ON_DATA_CORRUPTION is not set +# end of Debug kernel data structures + +# CONFIG_DEBUG_CREDENTIALS is not set + +# +# RCU Debugging +# +# CONFIG_RCU_SCALE_TEST is not set +# CONFIG_RCU_TORTURE_TEST is not set +# CONFIG_RCU_REF_SCALE_TEST is not set +# CONFIG_RCU_TRACE is not set +# CONFIG_RCU_EQS_DEBUG is not set +# end of RCU Debugging + +# CONFIG_DEBUG_WQ_FORCE_RR_CPU is not set +# CONFIG_LATENCYTOP is not set +CONFIG_HAVE_FUNCTION_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y +CONFIG_HAVE_DYNAMIC_FTRACE=y +CONFIG_HAVE_DYNAMIC_FTRACE_WITH_REGS=y +CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y +CONFIG_HAVE_SYSCALL_TRACEPOINTS=y +CONFIG_HAVE_C_RECORDMCOUNT=y +CONFIG_TRACING_SUPPORT=y +# CONFIG_FTRACE is not set +# CONFIG_SAMPLES is not set + +# +# arm Debugging +# +# CONFIG_ARM_PTDUMP_DEBUGFS is not set +# CONFIG_UNWINDER_FRAME_POINTER is not set +CONFIG_UNWINDER_ARM=y +CONFIG_ARM_UNWIND=y +CONFIG_DEBUG_USER=y +# CONFIG_DEBUG_LL is not set +CONFIG_DEBUG_LL_INCLUDE="mach/debug-macro.S" +CONFIG_UNCOMPRESS_INCLUDE="debug/uncompress.h" +# CONFIG_CORESIGHT is not set +# end of arm Debugging + +# +# Kernel Testing and Coverage +# +# CONFIG_KUNIT is not set +# CONFIG_NOTIFIER_ERROR_INJECTION is not set +# CONFIG_FAULT_INJECTION is not set +CONFIG_ARCH_HAS_KCOV=y +CONFIG_CC_HAS_SANCOV_TRACE_PC=y +# CONFIG_KCOV is not set +# CONFIG_RUNTIME_TESTING_MENU is not set +CONFIG_ARCH_USE_MEMTEST=y +# CONFIG_MEMTEST is not set +# end of Kernel Testing and Coverage +# end of Kernel hacking diff -Nruw linux-5.15.42-fbx/drivers/char/diag./Kconfig linux-5.15.42-fbx/drivers/char/diag/Kconfig --- linux-5.15.42-fbx/drivers/char/diag./Kconfig 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/char/diag/Kconfig 2023-03-15 19:52:23.513979080 +0100 @@ -0,0 +1,38 @@ +menu "Diag Support" + +config DIAG_CHAR + tristate "char driver interface and diag forwarding to/from modem" + select CRC_CCITT + help + Char driver interface for diag user space and diag-forwarding to modem ARM and back. + This enables diagchar for maemo usb gadget or android usb gadget based on config selected. +endmenu + +menu "DIAG traffic over USB" + +config DIAG_OVER_USB + bool "Enable DIAG traffic to go over USB" + depends on DIAG_CHAR + help + This feature helps segregate code required for DIAG traffic to go over USB. +endmenu + +menu "DIAG traffic over QRTR" + +config DIAG_OVER_QRTR + bool "Enable DIAG traffic to go over QRTR" + depends on QRTR && DIAG_CHAR + default n + help + This feature helps segregate code required for DIAG traffic to go over QRTR. +endmenu + +menu "HSIC/SMUX support for DIAG" + +config DIAGFWD_BRIDGE_CODE + bool "Enable QSC/9K DIAG traffic over SMUX/HSIC" + depends on DIAG_CHAR + depends on USB_QCOM_DIAG_BRIDGE || MHI_BUS + help + SMUX/HSIC Transport Layer for DIAG Router +endmenu diff -Nruw linux-5.15.42-fbx/drivers/char/diag./Makefile linux-5.15.42-fbx/drivers/char/diag/Makefile --- linux-5.15.42-fbx/drivers/char/diag./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/char/diag/Makefile 2023-03-15 19:52:23.513979080 +0100 @@ -0,0 +1,19 @@ +obj-$(CONFIG_DIAG_CHAR) := diagchar.o +obj-$(CONFIG_USB_QCOM_DIAG_BRIDGE) += diagfwd_hsic.o +obj-$(CONFIG_USB_QCOM_DIAG_BRIDGE) += diagfwd_smux.o +diagchar-objs := diagchar_core.o diagchar_hdlc.o diagfwd.o diagfwd_peripheral.o diag_mux.o diag_memorydevice.o diag_usb.o diagmem.o diagfwd_cntl.o diag_dci.o diag_masks.o diag_debugfs.o + +ifdef CONFIG_DIAG_OVER_QRTR +diagchar-objs += qcom_diagfwd_socket.o +else +diagchar-objs += diagfwd_socket.o +endif + +ifdef CONFIG_DIAGFWD_BRIDGE_CODE +diagchar-objs += diagfwd_bridge.o + +ifdef CONFIG_MHI_BUS +diagchar-objs += diagfwd_mhi.o +endif + +endif diff -Nruw linux-5.15.42-fbx/drivers/fbxgpio./Kconfig linux-5.15.42-fbx/drivers/fbxgpio/Kconfig --- linux-5.15.42-fbx/drivers/fbxgpio./Kconfig 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/fbxgpio/Kconfig 2023-02-27 17:08:58.870666225 +0100 @@ -0,0 +1,7 @@ +config FREEBOX_GPIO + tristate "Freebox GPIO control interface" + default n + +config FREEBOX_GPIO_DT + tristate "Freebox GPIO DT binding." + default n diff -Nruw linux-5.15.42-fbx/drivers/fbxgpio./Makefile linux-5.15.42-fbx/drivers/fbxgpio/Makefile --- linux-5.15.42-fbx/drivers/fbxgpio./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/fbxgpio/Makefile 2023-02-27 17:08:58.870666225 +0100 @@ -0,0 +1,2 @@ +obj-$(CONFIG_FREEBOX_GPIO) += fbxgpio_core.o +obj-$(CONFIG_FREEBOX_GPIO_DT) += fbxgpio_dt.o diff -Nruw linux-5.15.42-fbx/drivers/fbxgpio./fbxgpio_core.c linux-5.15.42-fbx/drivers/fbxgpio/fbxgpio_core.c --- linux-5.15.42-fbx/drivers/fbxgpio./fbxgpio_core.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/fbxgpio/fbxgpio_core.c 2024-04-22 14:46:52.168111284 +0200 @@ -0,0 +1,361 @@ +#include +#include +#include +#include +#include +#include +#include +#include + +#define PFX "fbxgpio_core: " + +/* #define DEBUG */ +#ifdef DEBUG +#define dprint(Fmt, Arg...) printk(PFX Fmt, Arg) +#else +#define dprint(Fmt, Arg...) do { } while (0) +#endif + +static struct class *fbxgpio_class; + +/* + * retrieval of a struct fbxgpio_pin from a phandle in the device + * tree. + */ +struct fbxgpio_of_mach_data { + struct fbxgpio_pin *match; + struct device_node *np; +}; + +static int match_fbxgpio_of_node(struct device *dev, void *data) +{ + struct fbxgpio_of_mach_data *md = data; + struct fbxgpio_pin *pin = dev_get_drvdata(dev); + + if (pin->of_node == md->np) { + md->match = pin; + return 1; + } + return 0; +} + +struct fbxgpio_pin *fbxgpio_of_get(struct device_node *np, const char *propname, + int index) +{ + struct fbxgpio_of_mach_data md; + + /* + * get the pin device_node. + */ + md.match = NULL; + md.np = of_parse_phandle(np, propname, index); + if (!md.np) + return ERR_PTR(-ENOENT); + + /* + * find the struct fbxgpio_pin behind that device_node. + */ + class_for_each_device(fbxgpio_class, NULL, &md, + match_fbxgpio_of_node); + + return md.match ? md.match : ERR_PTR(-ENOENT); +} +EXPORT_SYMBOL(fbxgpio_of_get); + +/* + * show direction in for gpio associated with class_device dev. + */ +static ssize_t show_direction(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct fbxgpio_pin *p; + int dir, ret = 0; + + p = dev_get_drvdata(dev); + + if (p->ops->get_direction) + dir = p->ops->get_direction(p->pin_num); + else + dir = p->direction; + + switch (dir) { + case GPIO_DIR_IN: + ret += sprintf(buf, "input\n"); + break; + case GPIO_DIR_OUT: + ret += sprintf(buf, "output\n"); + break; + default: + ret += sprintf(buf, "unknown\n"); + break; + } + return ret; +} + +/* + * store direction. return -EINVAL if direction string is bad. return + * -EPERM if flag FBXGPIO_PIN_DIR_RW is set in flags. + */ +static ssize_t store_direction(struct device *dev, + struct device_attribute *attr, const char *buf, size_t size) +{ + int dir; + struct fbxgpio_pin *p; + int match_len = 0; + int i, ret; + static const char *word_match[] = { + [GPIO_DIR_IN] = "input", + [GPIO_DIR_OUT] = "output", + }; + + if (*buf == ' ' || *buf == '\t' || *buf == '\r' || *buf == '\n') + /* silently eat any spaces/tab/linefeed/carriagereturn */ + return 1; + + p = dev_get_drvdata(dev); + if (!(p->flags & FBXGPIO_PIN_DIR_RW)) { + dprint("pin %s direction is read only.\n", p->pin_name); + return -EPERM; + } + dir = 0; + for (i = 0; i < 2; ++i) { + if (size >= strlen(word_match[i]) && + !strncmp(buf, word_match[i], strlen(word_match[i]))) { + dir = i; + match_len = strlen(word_match[i]); + break ; + } + } + if (i == 2) + return -EINVAL; + + ret = p->ops->set_direction(p->pin_num, dir); + if (ret) + return ret; + p->direction = dir; + + return match_len; +} + +/* + * show input data for input gpio pins. + */ +static ssize_t show_datain(struct device *dev, + struct device_attribute *attr, char *buf) +{ + int val; + struct fbxgpio_pin *p; + + p = dev_get_drvdata(dev); + if (p->direction == GPIO_DIR_OUT) + return -EINVAL; + val = p->ops->get_datain(p->pin_num); + + if (p->flags & FBXGPIO_PIN_REVERSE_POL) + val = 1 - val; + return sprintf(buf, "%i\n", val); +} + +/* + * show output data for output gpio pins. + */ +static ssize_t show_dataout(struct device *dev, + struct device_attribute *attr, char *buf) +{ + int val; + struct fbxgpio_pin *p; + + p = dev_get_drvdata(dev); + if (p->direction == GPIO_DIR_IN) + return -EINVAL; + if (p->ops->get_dataout) + val = p->ops->get_dataout(p->pin_num); + else + val = p->cur_dataout; + + if (p->flags & FBXGPIO_PIN_REVERSE_POL) + val = 1 - val; + return sprintf(buf, "%i\n", val); +} + +/* + * store new dataout value for output gpio pins. + */ +static ssize_t store_dataout(struct device *dev, + struct device_attribute *attr, const char *buf, size_t size) +{ + int val; + struct fbxgpio_pin *p; + + if (*buf == ' ' || *buf == '\t' || *buf == '\r' || *buf == '\n') + /* silently eat any spaces/tab/linefeed/carriagereturn */ + return 1; + + p = dev_get_drvdata(dev); + + if (p->direction != GPIO_DIR_OUT) + return -EINVAL; + + switch (*buf) { + case '0': + val = 0; + break ; + case '1': + val = 1; + break ; + default: + return -EINVAL; + } + + p->cur_dataout = val; + + if (p->flags & FBXGPIO_PIN_REVERSE_POL) + val = 1 - val; + p->ops->set_dataout(p->pin_num, val); + return 1; +} + +/* + * show pin number associated with gpio pin. + */ +static ssize_t show_pinnum(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct fbxgpio_pin *p; + + p = dev_get_drvdata(dev); + return sprintf(buf, "%i\n", p->pin_num); +} + +/* + * attribute list associated with each class device. + */ +static struct device_attribute gpio_attributes[] = { + __ATTR(direction, 0600, show_direction, store_direction), + __ATTR(data_in, 0400, show_datain, NULL), + __ATTR(data_out, 0600, show_dataout, store_dataout), + __ATTR(pin_num, 0400, show_pinnum, NULL), +}; + +static int fbxgpio_register_pin(struct platform_device *ppdev, + struct fbxgpio_pin *pin) +{ + struct device *dev; + int i, ret; + + dprint("registering pin %s\n", pin->pin_name); + + /* ensure ops is valid */ + if (!pin->ops) { + printk(KERN_ERR PFX "no operation set for pin %s\n", + pin->pin_name); + return -EINVAL; + } + + dev = device_create(fbxgpio_class, &ppdev->dev, 0, pin, + "%s", pin->pin_name); + if (IS_ERR(dev)) + return PTR_ERR(dev); + + for (i = 0; i < ARRAY_SIZE(gpio_attributes); i++) { + ret = device_create_file(dev, &gpio_attributes[i]); + if (ret) + goto err_out; + } + + /* ensure pin direction matches hardware state */ + if (pin->ops->get_direction && + pin->direction != pin->ops->get_direction(pin->pin_num)) { + printk(KERN_WARNING PFX "pin %s default direction does not " + "match current hardware state, fixing.\n", + pin->pin_name); + pin->ops->set_direction(pin->pin_num, pin->direction); + } + pin->dev = dev; + return 0; + +err_out: + for (; i >= 0; i--) + device_remove_file(dev, &gpio_attributes[i]); + device_unregister(dev); + return ret; +} + +static void fbxgpio_unregister_pin(struct fbxgpio_pin *pin) +{ + struct device *dev; + int i; + + dprint("unregistering pin %s\n", pin->pin_name); + dev = pin->dev; + pin->dev = NULL; + + for (i = 0; i < ARRAY_SIZE(gpio_attributes); i++) + device_remove_file(dev, &gpio_attributes[i]); + device_unregister(dev); +} + +static int fbxgpio_platform_probe(struct platform_device *pdev) +{ + struct fbxgpio_pin *p; + int err = 0; + + p = pdev->dev.platform_data; + while (p->pin_name) { + err = fbxgpio_register_pin(pdev, p); + if (err) + return err; + ++p; + } + return 0; +} + +static int fbxgpio_platform_remove(struct platform_device *pdev) +{ + struct fbxgpio_pin *p; + + p = pdev->dev.platform_data; + while (p->pin_name) { + fbxgpio_unregister_pin(p); + ++p; + } + return 0; +} + +static struct platform_driver fbxgpio_platform_driver = +{ + .probe = fbxgpio_platform_probe, + .remove = fbxgpio_platform_remove, + .driver = { + .name = "fbxgpio", + } +}; + +static int __init fbxgpio_init(void) +{ + int ret; + + fbxgpio_class = class_create(THIS_MODULE, "fbxgpio"); + if (IS_ERR(fbxgpio_class)) + return PTR_ERR(fbxgpio_class); + + ret = platform_driver_register(&fbxgpio_platform_driver); + if (ret) { + printk(KERN_ERR PFX "unable to register fbxgpio driver.\n"); + class_destroy(fbxgpio_class); + return ret; + } + return 0; +} + +static void __exit fbxgpio_exit(void) +{ + platform_driver_unregister(&fbxgpio_platform_driver); + class_destroy(fbxgpio_class); +} + +subsys_initcall(fbxgpio_init); +module_exit(fbxgpio_exit); + +MODULE_LICENSE("GPL"); +MODULE_AUTHOR("Nicolas Schichan "); diff -Nruw linux-5.15.42-fbx/drivers/fbxgpio./fbxgpio_dt.c linux-5.15.42-fbx/drivers/fbxgpio/fbxgpio_dt.c --- linux-5.15.42-fbx/drivers/fbxgpio./fbxgpio_dt.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/fbxgpio/fbxgpio_dt.c 2024-04-22 14:46:52.168111284 +0200 @@ -0,0 +1,264 @@ +/* + * fbxgpio_dt.c for fbxgpio + * Created by on Tue Aug 1 14:01:01 2017 + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +static atomic_t last_id = ATOMIC_INIT(0); + +/* + * fbxgpio driver fetching gpios names and configuration from + * device-tree. + */ + +struct fbxgpio_dt_priv { + struct fbxgpio_pin *pins; + unsigned int npins; + + /* dynamically created platform_device for fbxgpio_core */ + struct platform_device *top_pdev; +}; + + +/* + * small shim layer for gpiolib <-> fbxgpio_operations. + * + * gpio direction change is unsupported, does userspace really need + * it? + */ +static int fbxgpio_dt_get_data(int gpio) +{ + return gpio_get_value_cansleep(gpio); +} + +static void fbxgpio_dt_set_dataout(int gpio, int value) +{ + gpio_set_value_cansleep(gpio, value); +} + +static int fbxgpio_dt_set_direction(int gpio, int dir) +{ + if (dir == GPIO_DIR_OUT) + return gpio_direction_output(gpio, 0); + else + return gpio_direction_input(gpio); +} + +static const struct fbxgpio_operations fbxgpio_dt_ops = { + .get_datain = fbxgpio_dt_get_data, + .get_dataout = fbxgpio_dt_get_data, + .set_dataout = fbxgpio_dt_set_dataout, + .set_direction = fbxgpio_dt_set_direction, +}; + +/* + * fill an fbxgpio_pin with the configuration found in a device tree + * node. + * + * required properties are: + * - gpio: a phandle to a standard linux gpio. + * + * - the name of the node: the name of the gpio as it will appear under + * /sys/class/fbxgpio/ + * + * - //: how to declare gpio and + * actually setup it unless no-claim is given + * + * - : just declare gpio, but don't request & setup it + */ +static int fbxgpio_dt_fill_gpio(struct platform_device *pdev, + struct device_node *np, + struct fbxgpio_pin *pin) +{ + enum of_gpio_flags flags; + int error; + + error = of_property_read_string(np, "name", &pin->pin_name); + if (error) { + dev_err(&pdev->dev, "gpio has no name.\n"); + return error; + } + + pin->pin_num = of_get_named_gpio_flags(np, "gpio", 0, &flags); + if (pin->pin_num < 0) { + if (pin->pin_num != -EPROBE_DEFER) + dev_err(&pdev->dev, + "unable to get gpio desc for %s: %d.\n", + pin->pin_name, pin->pin_num); + return pin->pin_num; + } + + if (of_property_read_bool(np, "input")) { + pin->direction = GPIO_DIR_IN; + } else if (of_property_read_bool(np, "output-low")) { + pin->direction = GPIO_DIR_OUT; + pin->cur_dataout = 0; + } else if (of_property_read_bool(np, "output-high")) { + pin->direction = GPIO_DIR_OUT; + pin->cur_dataout = 1; + } else { + dev_err(&pdev->dev, + "no state specified for %s\n", + pin->pin_name); + return -EINVAL; + } + + if (flags & OF_GPIO_ACTIVE_LOW) { + pin->flags |= FBXGPIO_PIN_REVERSE_POL; + if (pin->direction == GPIO_DIR_OUT) + pin->cur_dataout = 1 - pin->cur_dataout; + } + + if (!of_property_read_bool(np, "no-claim")) { + error = gpio_request(pin->pin_num, "fbxgpio-dt"); + if (error) { + dev_err(&pdev->dev, "unable to request gpio%d (%s): %d\n", + pin->pin_num, pin->pin_name, error); + return error; + } + pin->claimed = true; + + if (pin->direction == GPIO_DIR_OUT) + gpio_direction_output(pin->pin_num, pin->cur_dataout); + else + gpio_direction_input(pin->pin_num); + } + + if (of_property_read_bool(np, "bidir")) + pin->flags = FBXGPIO_PIN_DIR_RW; + + pin->of_node = np; + pin->ops = &fbxgpio_dt_ops; + return 0; +} + +static int fbxgpio_dt_probe(struct platform_device *pdev) +{ + struct fbxgpio_dt_priv *priv; + struct device_node *fbxgpio_node; + u32 cur_gpio; + int error = 0; + size_t priv_alloc_size; + int i; + + priv = devm_kzalloc(&pdev->dev, sizeof (*priv), GFP_KERNEL); + if (!priv) + return -ENOMEM; + + dev_set_drvdata(&pdev->dev, priv); + + /* + * first pass to get the number of struct fbxgpio_pin to + * allocate. + */ + for_each_available_child_of_node(pdev->dev.of_node, fbxgpio_node) { + ++priv->npins; + } + + /* + * allocate pins: use npins + 1 for zeroed end sentinel. + */ + priv_alloc_size = (priv->npins + 1) * sizeof (struct fbxgpio_pin); + priv->pins = devm_kzalloc(&pdev->dev, priv_alloc_size, GFP_KERNEL); + if (!priv->pins) + return -ENOMEM; + + /* + * second pass to fill the priv->pins array. + */ + cur_gpio = 0; + for_each_available_child_of_node(pdev->dev.of_node, fbxgpio_node) { + error = fbxgpio_dt_fill_gpio(pdev, fbxgpio_node, + &priv->pins[cur_gpio]); + if (error) + goto out_free_gpios; + ++cur_gpio; + } + + dev_info(&pdev->dev, "%u gpios.\n", priv->npins); + + /* + * create and register a platform device for fbxgpio_core. + */ + priv->top_pdev = platform_device_register_data(&pdev->dev, + "fbxgpio", + atomic_inc_return(&last_id), + priv->pins, + priv_alloc_size); + + if (IS_ERR(priv->top_pdev)) { + dev_err(&pdev->dev, "unable to register fbxgpio platform " + "device: %ld\n", PTR_ERR(priv->top_pdev)); + return PTR_ERR(priv->top_pdev); + } + + for (i = 0; i < priv->npins; i++) { + struct fbxgpio_pin *pin = &priv->pins[i]; + + if (pin->direction == GPIO_DIR_OUT) + dev_dbg(&pdev->dev, + "%sgpio %d (%s) is output, default %d\n", + pin->claimed ? "unclaimed " : "", + pin->pin_num, pin->pin_name, pin->cur_dataout); + else + dev_dbg(&pdev->dev, + "%sgpio %d (%s) is input\n", + pin->claimed ? "unclaimed " : "", + pin->pin_num, pin->pin_name); + } + + return 0; + +out_free_gpios: + while (cur_gpio) { + --cur_gpio; + if (priv->pins[cur_gpio].claimed) + gpio_free(priv->pins[cur_gpio].pin_num); + } + return error; +} + +static int fbxgpio_dt_remove(struct platform_device *pdev) +{ + struct fbxgpio_dt_priv *priv = dev_get_drvdata(&pdev->dev); + unsigned int i; + + platform_device_unregister(priv->top_pdev); + + for (i = 0; i < priv->npins; ++i) { + if (priv->pins[i].claimed) + gpio_free(priv->pins[i].pin_num); + } + + return 0; +} + +static const struct of_device_id fbxgpio_dt_of_match_table[] = { + { .compatible = "fbx,fbxgpio" }, + { }, +}; +MODULE_DEVICE_TABLE(of, fbxgpio_dt_of_match_table); + +static struct platform_driver fbxgpio_dt_platform_driver = { + .probe = fbxgpio_dt_probe, + .remove = fbxgpio_dt_remove, + .driver = { + .name = "fbxgpio-dt", + .of_match_table = fbxgpio_dt_of_match_table, + }, +}; + +module_platform_driver(fbxgpio_dt_platform_driver); + +MODULE_AUTHOR("Nicolas Schichan "); +MODULE_DESCRIPTION("DT Freebox GPIO Driver"); +MODULE_LICENSE("GPL v2"); diff -Nruw linux-5.15.42-fbx/drivers/fbxjtag./Kconfig linux-5.15.42-fbx/drivers/fbxjtag/Kconfig --- linux-5.15.42-fbx/drivers/fbxjtag./Kconfig 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/fbxjtag/Kconfig 2023-03-09 15:06:11.348233797 +0100 @@ -0,0 +1,3 @@ +config FREEBOX_JTAG + tristate "Freebox JTAG control interface" + default n diff -Nruw linux-5.15.42-fbx/drivers/fbxjtag./Makefile linux-5.15.42-fbx/drivers/fbxjtag/Makefile --- linux-5.15.42-fbx/drivers/fbxjtag./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/fbxjtag/Makefile 2023-03-09 15:06:11.348233797 +0100 @@ -0,0 +1 @@ +obj-$(CONFIG_FREEBOX_JTAG) += fbxjtag.o diff -Nruw linux-5.15.42-fbx/drivers/fbxprocfs./Kconfig linux-5.15.42-fbx/drivers/fbxprocfs/Kconfig --- linux-5.15.42-fbx/drivers/fbxprocfs./Kconfig 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/fbxprocfs/Kconfig 2023-02-27 19:50:21.524231407 +0100 @@ -0,0 +1,2 @@ +config FREEBOX_PROCFS + tristate "Freebox procfs interface" diff -Nruw linux-5.15.42-fbx/drivers/fbxprocfs./Makefile linux-5.15.42-fbx/drivers/fbxprocfs/Makefile --- linux-5.15.42-fbx/drivers/fbxprocfs./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/fbxprocfs/Makefile 2023-02-27 19:50:21.524231407 +0100 @@ -0,0 +1 @@ +obj-$(CONFIG_FREEBOX_PROCFS) += fbxprocfs.o diff -Nruw linux-5.15.42-fbx/drivers/fbxprocfs./fbxprocfs.c linux-5.15.42-fbx/drivers/fbxprocfs/fbxprocfs.c --- linux-5.15.42-fbx/drivers/fbxprocfs./fbxprocfs.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/fbxprocfs/fbxprocfs.c 2024-04-22 14:46:52.168111284 +0200 @@ -0,0 +1,299 @@ +/* + * Freebox ProcFs interface + */ + +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#define PFX "fbxprocfs: " + + +static struct list_head clients; +static struct mutex clients_mutex; + +static struct proc_dir_entry *root; + +/* + * register a fbxprocfs client with given dirname, caller should + * consider returned struct opaque + */ +struct fbxprocfs_client *fbxprocfs_add_client(const char *dirname, + struct module *owner) +{ + struct fbxprocfs_client *ret, *p; + + ret = NULL; + mutex_lock(&clients_mutex); + + /* check for duplicate */ + list_for_each_entry(p, &clients, list) { + if (!strcmp(dirname, p->dirname)) + goto out; + } + + if (!(ret = kmalloc(sizeof (*ret), GFP_KERNEL))) { + printk(KERN_ERR PFX "kmalloc failed\n"); + goto out; + } + + /* try to create client directory */ + if (!(ret->dir = proc_mkdir(dirname, root))) { + printk(KERN_ERR PFX "can't create %s dir\n", dirname); + kfree(ret); + ret = NULL; + goto out; + } + + atomic_set(&ret->refcount, 1); + ret->dirname = dirname; + list_add(&ret->list, &clients); + +out: + mutex_unlock(&clients_mutex); + return ret; +} + +/* + * unregister a fbxprocfs client, make sure usage count is zero + */ +int fbxprocfs_remove_client(struct fbxprocfs_client *client) +{ + int ret; + + mutex_lock(&clients_mutex); + + ret = 0; + if (atomic_read(&client->refcount) > 1) { + ret = -EBUSY; + goto out; + } + + remove_proc_entry(client->dirname, root); + list_del(&client->list); + kfree(client); + +out: + mutex_unlock(&clients_mutex); + return ret; +} + +/* + * remove given entries from client directory + */ +static int +__remove_entries(struct fbxprocfs_client *client, + const struct fbxprocfs_desc *ro_desc, + const struct fbxprocfs_desc *rw_desc) +{ + int i; + + for (i = 0; ro_desc && ro_desc[i].name; i++) { + remove_proc_entry(ro_desc[i].name, client->dir); + atomic_dec(&client->refcount); + } + + for (i = 0; rw_desc && rw_desc[i].name; i++) { + remove_proc_entry(rw_desc[i].name, client->dir); + atomic_dec(&client->refcount); + } + + return 0; +} + +/* + * replacement for NULL rfunc. + */ +static int bad_rfunc(struct seq_file *m, void *ptr) +{ + return -EACCES; +} + +/* + * fbxprocfs write path is now handled by seq_file code. this + * simplifies client code greatly. + */ +static int fbxprocfs_open(struct inode *inode, struct file *file) +{ + const struct fbxprocfs_desc *desc = PDE_DATA(inode); + + return single_open(file, desc->rfunc ? desc->rfunc : bad_rfunc, + (void*)desc->id); +} + +/* + * no particular help from kernel in the write path, fetch user buffer + * in a kernel buffer and call write func. + */ +static ssize_t fbxprocfs_write(struct file *file, const char __user *ubuf, + size_t len, loff_t *off) +{ + /* + * get fbxprocfs desc via the proc_dir_entry in file inode + */ + struct fbxprocfs_desc *d = PDE_DATA(file_inode(file)); + char *kbuf; + int ret; + + /* + * must have a wfunc callback. + */ + if (!d->wfunc) + return -EACCES; + + /* + * allow up to SZ_4K bytes to be written. + */ + if (len > SZ_4K) + return -EOVERFLOW; + + /* + * alloc and fetch kernel buffer containing user data. + */ + kbuf = kmalloc(SZ_4K, GFP_KERNEL); + if (!kbuf) + return -ENOMEM; + + ret = -EFAULT; + if (copy_from_user(kbuf, ubuf, len)) + goto kfree; + + ret = d->wfunc(file, kbuf, len, (void*)d->id); + +kfree: + kfree(kbuf); + return ret; +} + +/* + * fbxprocfs file operations, read stuff is handled by seq_file code. + */ +static const struct proc_ops fbxprocfs_fops = { + .proc_open = fbxprocfs_open, + .proc_lseek = seq_lseek, + .proc_read = seq_read, + .proc_release = single_release, + .proc_write = fbxprocfs_write, +}; + +/* + * replaces create_proc_read_entry removed in latest kernels. + */ +static struct proc_dir_entry *__create_proc_read_entry( + const struct fbxprocfs_desc *desc, + struct proc_dir_entry *base) +{ + return proc_create_data(desc->name, 0, base, &fbxprocfs_fops, + (void*)desc); +} + +/* + * replaces create_proc_entry removed in latest kernels. + */ +static struct proc_dir_entry *__create_proc_entry( + const struct fbxprocfs_desc *desc, + struct proc_dir_entry *base) +{ + return proc_create_data(desc->name, S_IFREG | S_IWUSR | S_IRUGO, + base, &fbxprocfs_fops, (void*)desc); +} + +/* + * create given entries in client directory + */ +static int +__create_entries(struct fbxprocfs_client *client, + const struct fbxprocfs_desc *ro_desc, + const struct fbxprocfs_desc *rw_desc) +{ + struct proc_dir_entry *proc; + int i; + + for (i = 0; ro_desc && ro_desc[i].name; i++) { + if (!(proc = __create_proc_read_entry(&ro_desc[i], + client->dir))) { + printk(KERN_ERR PFX "can't create %s/%s entry\n", + client->dirname, ro_desc[i].name); + goto err; + } + atomic_inc(&client->refcount); + } + + for (i = 0; rw_desc && rw_desc[i].name; i++) { + if (!(proc = __create_proc_entry(&rw_desc[i], client->dir))) { + printk(KERN_ERR PFX "can't create %s/%s entry\n", + client->dirname, ro_desc[i].name); + goto err; + } + atomic_inc(&client->refcount); + } + + return 0; + +err: + __remove_entries(client, ro_desc, rw_desc); + return -1; +} + +int +fbxprocfs_create_entries(struct fbxprocfs_client *client, + const struct fbxprocfs_desc *ro_desc, + const struct fbxprocfs_desc *rw_desc) +{ + int ret; + + ret = __create_entries(client, ro_desc, rw_desc); + return ret; +} + +int +fbxprocfs_remove_entries(struct fbxprocfs_client *client, + const struct fbxprocfs_desc *ro_desc, + const struct fbxprocfs_desc *rw_desc) +{ + int ret; + + ret = __remove_entries(client, ro_desc, rw_desc); + return ret; +} + + +static int __init +fbxprocfs_init(void) +{ + INIT_LIST_HEAD(&clients); + mutex_init(&clients_mutex); + + /* create freebox directory */ + if (!(root = proc_mkdir("freebox", NULL))) { + printk(KERN_ERR PFX "can't create freebox/ dir\n"); + return -EIO; + } + return 0; +} + +static void __exit +fbxprocfs_exit(void) +{ + remove_proc_entry("freebox", NULL); +} + +module_init(fbxprocfs_init); +module_exit(fbxprocfs_exit); + +EXPORT_SYMBOL(fbxprocfs_create_entries); +EXPORT_SYMBOL(fbxprocfs_remove_entries); +EXPORT_SYMBOL(fbxprocfs_add_client); +EXPORT_SYMBOL(fbxprocfs_remove_client); + +MODULE_LICENSE("GPL"); +MODULE_VERSION("1.0"); +MODULE_AUTHOR("Maxime Bizon "); + diff -Nruw linux-5.15.42-fbx/drivers/fbxwatchdog./Kconfig linux-5.15.42-fbx/drivers/fbxwatchdog/Kconfig --- linux-5.15.42-fbx/drivers/fbxwatchdog./Kconfig 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/fbxwatchdog/Kconfig 2024-04-22 14:46:52.168111284 +0200 @@ -0,0 +1,24 @@ +menuconfig FREEBOX_WATCHDOG + tristate "Freebox Watchdog" + default n + +if FREEBOX_WATCHDOG + +config FREEBOX_WATCHDOG_CHAR + bool "Freebox Watchdog char device interface." + default n + +config FREEBOX_WATCHDOG_ORION + tristate "Marvell Orion support" + depends on PLAT_ORION + +config FREEBOX_WATCHDOG_BCM63XX + tristate "Broadcom 63xx Freebox Watchdog support" + depends on BCM63XX + default n + +config FREEBOX_WATCHDOG_BCM63XX_OF + tristate "Broadcom 63xx Freebox Watchdog support (generic)" + depends on OF && !FREEBOX_WATCHDOG_BCM63XX + +endif diff -Nruw linux-5.15.42-fbx/drivers/fbxwatchdog./Makefile linux-5.15.42-fbx/drivers/fbxwatchdog/Makefile --- linux-5.15.42-fbx/drivers/fbxwatchdog./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/fbxwatchdog/Makefile 2024-04-22 14:46:52.168111284 +0200 @@ -0,0 +1,10 @@ +obj-$(CONFIG_FREEBOX_WATCHDOG) += fbxwatchdog.o + +fbxwatchdog-objs = fbxwatchdog_core.o +ifeq ($(CONFIG_FREEBOX_WATCHDOG_CHAR),y) +fbxwatchdog-objs += fbxwatchdog_char.o +endif + +obj-$(CONFIG_FREEBOX_WATCHDOG_ORION) += fbxwatchdog_orion.o +obj-$(CONFIG_FREEBOX_WATCHDOG_BCM63XX) += fbxwatchdog_bcm63xx.o +obj-$(CONFIG_FREEBOX_WATCHDOG_BCM63XX_OF) += fbxwatchdog_bcm63xx_of.o diff -Nruw linux-5.15.42-fbx/drivers/fbxwatchdog./fbxwatchdog.h linux-5.15.42-fbx/drivers/fbxwatchdog/fbxwatchdog.h --- linux-5.15.42-fbx/drivers/fbxwatchdog./fbxwatchdog.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/fbxwatchdog/fbxwatchdog.h 2024-04-22 14:46:52.168111284 +0200 @@ -0,0 +1,47 @@ +#ifndef FBXWATCHDOG_H +# define FBXWATCHDOG_H + +struct fbxwatchdog { + const char *name; + void *priv; + + int enabled; + int countdown; + int countdown_min; + + int (*wdt_init)(struct fbxwatchdog *wdt); + int (*wdt_cleanup)(struct fbxwatchdog *wdt); + + /* + * wdt_start and wdt_stop are called with wdt->lock held and irq + * disabled. + */ + int (*wdt_start)(struct fbxwatchdog *wdt); + int (*wdt_stop)(struct fbxwatchdog *wdt); + + /* + * cb is called from interrupt/softirq context (depends on the + * underlying driver/hardware). + */ + void (*cb)(struct fbxwatchdog *wdt); + + struct timer_list timer; + + struct device *dev; + + /* + * protect interrupt handlers & start/stop methods running in + * thead context. + */ + spinlock_t lock; +}; + +int fbxwatchdog_register(struct fbxwatchdog *wdt); +int fbxwatchdog_unregister(struct fbxwatchdog *wdt); + +#ifdef CONFIG_FREEBOX_WATCHDOG_CHAR +int fbxwatchdog_char_add(struct fbxwatchdog *wdt); +void fbxwatchdog_char_remove(struct fbxwatchdog *wdt); +#endif + +#endif /* !FBXWATCHDOG_H */ diff -Nruw linux-5.15.42-fbx/drivers/fbxwatchdog./fbxwatchdog_char.c linux-5.15.42-fbx/drivers/fbxwatchdog/fbxwatchdog_char.c --- linux-5.15.42-fbx/drivers/fbxwatchdog./fbxwatchdog_char.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/fbxwatchdog/fbxwatchdog_char.c 2024-04-22 14:46:52.168111284 +0200 @@ -0,0 +1,219 @@ +/* + * add standard char device interface for fbxwatchdog. + */ + +/* + * XXX: results are undefined if attemps are made to access watchdog + * from char device interface and sysfs at the same time. + */ + +#define PFX "fbxwatchdog_char: " + +#include +#include +#include +#include +#include +#include +#include +#include "fbxwatchdog.h" + +#include + +static struct fbxwatchdog *chardev_wdt; +static unsigned long chardev_users; +static unsigned long default_countdown = 60 * 1000; +static int expect_close; + +/* + * we support the WDIOF_MAGICCLOSE: is the user writes 'V' to the device, + * the release method will stop the watchdog. + */ +static int +wdt_write(struct file *file, const char *__user buf, size_t len, loff_t *ppos) +{ + int i; + + if (!len) + return 0; + + for (i = 0; i < len; ++i) { + char c; + + if (get_user(c, buf + i)) + return -EFAULT; + if (c == 'V') + expect_close = 1; + } + if (len) + chardev_wdt->countdown = default_countdown; + return len; +} + +static long +wdt_ioctl(struct file *file, + unsigned int cmd, unsigned long arg) +{ + static const struct watchdog_info winfo = { + .options = WDIOF_SETTIMEOUT | WDIOF_MAGICCLOSE | + WDIOF_KEEPALIVEPING, + .firmware_version = 0x42, + .identity = "fbxwatchdog", + }; + int tmp; + + switch (cmd) { + case WDIOC_GETSUPPORT: + /* + * return watchdog information structure to userland. + */ + return copy_to_user((struct watchdog_info __user *)arg, + &winfo, sizeof (winfo)) ? -EFAULT: 0; + + case WDIOC_SETTIMEOUT: + /* + * set watchdog timeout: if current countdown is + * higher than timeout, set countdown to timeout + * value. + */ + if (copy_from_user(&tmp, (void __user *) arg, + sizeof (tmp))) { + return -EFAULT; + } + if (1000 * tmp < 0) + return -EINVAL; + default_countdown = 1000 * tmp; + if (chardev_wdt->countdown > default_countdown) + chardev_wdt->countdown = default_countdown; + return 0; + + case WDIOC_GETTIMEOUT: + /* + * get current timeout value. + */ + tmp = default_countdown / 1000; + return copy_to_user((void __user *)arg, &tmp, + sizeof (tmp)) ? -EFAULT : 0; + + case WDIOC_KEEPALIVE: + /* + * ping watchdog. + */ + chardev_wdt->countdown = default_countdown; + return 0; + + case WDIOC_GETTIMELEFT: + /* + * return current countdown value to userland. + */ + tmp = chardev_wdt->countdown / 1000; + return copy_to_user((void __user *)arg, &tmp, sizeof (tmp)) ? + -EFAULT : 0; + + default: + return -ENOIOCTLCMD; + } +} + +/* + * called when remote process calls close(2) on watchdog fd or + * exit(2). + */ +static int +wdt_release(struct inode *inode, struct file *file) +{ + unsigned long flags; + + if (expect_close && chardev_wdt->enabled) { + spin_lock_irqsave(&chardev_wdt->lock, flags); + chardev_wdt->enabled = 0; + chardev_wdt->wdt_stop(chardev_wdt); + spin_unlock_irqrestore(&chardev_wdt->lock, flags); + } else + printk(KERN_CRIT PFX "unexpected close: not stopping " + "watchdog.\n"); + chardev_users = 0; + return 0; +} + +/* + * open watchdog device file: the test_and_set_bit enforces the fact + * that only one process opens the watchdog device file as long as it + * does not try to fork(2). dup(2)/dup2(2) might be problematic + * too. thus, we assume that watchdogd will do "The right thing" and + * won't try to do anything too fancy with the fd opened to + * /dev/watchdog. + */ +static int wdt_open(struct inode *inode, struct file *file) +{ + unsigned long flags; + + if (test_and_set_bit(1, &chardev_users)) + return -EBUSY; + + expect_close = 0; + + /* + * watchdog is to be enabled when opened. + */ + if (!chardev_wdt->enabled) { + spin_lock_irqsave(&chardev_wdt->lock, flags); + chardev_wdt->enabled = 1; + chardev_wdt->countdown = default_countdown; + chardev_wdt->wdt_start(chardev_wdt); + chardev_wdt->countdown_min = INT_MAX; + spin_unlock_irqrestore(&chardev_wdt->lock, flags); + } + return 0; +} + +static struct file_operations wdt_fops = { + .owner = THIS_MODULE, + .open = wdt_open, + .write = wdt_write, + .unlocked_ioctl = wdt_ioctl, + .release = wdt_release, +}; + +static struct miscdevice wdt_miscdev = { + .minor = WATCHDOG_MINOR, + .name = "watchdog", + .fops = &wdt_fops, +}; + +/* + * add watchdog to the char interface. if we are already bound to a + * watchdog, return 0, this is not a major no-no. + */ +int +fbxwatchdog_char_add(struct fbxwatchdog *wdt) +{ + int err; + + err = misc_register(&wdt_miscdev); + if (err) { + printk("unable to register misc device.\n"); + if (err == -EEXIST) + return 0; + return err; + } + chardev_wdt = wdt; + return 0; +} + +/* + * if the watchdog is bound to the char device interface, unregister + * the misc device and tell that we are no more bound to a + * watchdog. otherwise, do nothing. + */ +void +fbxwatchdog_char_remove(struct fbxwatchdog *wdt) +{ + if (wdt != chardev_wdt) + return ; + misc_deregister(&wdt_miscdev); + chardev_wdt = NULL; +} + +EXPORT_SYMBOL(fbxwatchdog_char_add); +EXPORT_SYMBOL(fbxwatchdog_char_remove); diff -Nruw linux-5.15.42-fbx/drivers/fbxwatchdog./fbxwatchdog_core.c linux-5.15.42-fbx/drivers/fbxwatchdog/fbxwatchdog_core.c --- linux-5.15.42-fbx/drivers/fbxwatchdog./fbxwatchdog_core.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/fbxwatchdog/fbxwatchdog_core.c 2024-04-22 14:46:52.168111284 +0200 @@ -0,0 +1,297 @@ +#include +#include +#include +#include +#include +#include +#include +#include + +#include "fbxwatchdog.h" + +#define SOFTTIMER_FREQ (HZ / 10) + +#define PFX "fbxwatchdog: " + +static struct class *fbxwatchdog_class; + +static ssize_t +show_enabled(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct fbxwatchdog *wdt; + + wdt = dev_get_drvdata(dev); + if (!wdt) { + printk(KERN_DEBUG "ignoring request to dead watchdog.\n"); + return -ENODEV; + } + + return snprintf(buf, PAGE_SIZE, "%i\n", wdt->enabled); +} + +/* + * start/stop watchdog depending on the value of the first character + * of buf. set countdown_min to a sane value. + */ +static ssize_t +store_enabled(struct device *dev, + struct device_attribute *attr, const char *buf, size_t size) +{ + struct fbxwatchdog *wdt; + unsigned long flags; + + wdt = dev_get_drvdata(dev); + if (!wdt) { + printk(KERN_DEBUG "ignoring request to dead watchdog.\n"); + return -ENODEV; + } + + if (size == 0) + return 0; + + + spin_lock_irqsave(&wdt->lock, flags); + switch (*buf) { + case '0': + if (wdt->enabled) { + wdt->enabled = 0; + wdt->wdt_stop(wdt); + } + break; + + case '1': + if (!wdt->enabled) { + wdt->enabled = 1; + wdt->wdt_start(wdt); + wdt->countdown_min = INT_MAX; + } + break; + + default: + break; + } + spin_unlock_irqrestore(&wdt->lock, flags); + + return size; +} + +static ssize_t +show_countdown(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct fbxwatchdog *wdt; + + wdt = dev_get_drvdata(dev); + if (!wdt) { + printk(KERN_DEBUG "ignoring request to dead watchdog.\n"); + return -ENODEV; + } + + return snprintf(buf, PAGE_SIZE, "%i\n", wdt->countdown); +} + +/* + * update watchdog countdown with the userland value given in buf. + */ +static ssize_t +store_countdown(struct device *dev, + struct device_attribute *attr, const char *buf, size_t size) +{ + struct fbxwatchdog *wdt; + int countdown; + char *ptr; + + wdt = dev_get_drvdata(dev); + if (!wdt) { + printk(KERN_DEBUG "ignoring request to dead watchdog.\n"); + return -ENODEV; + } + + if (size == 0) + return 0; + + ptr = kzalloc(size + 1, GFP_KERNEL); + if (!ptr) + return -ENOMEM; + strlcpy(ptr, buf, size + 1); + + countdown = simple_strtoul(ptr, NULL, 10); + wdt->countdown = countdown; + kfree(ptr); + + return size; +} + +static ssize_t +show_countdown_min(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct fbxwatchdog *wdt; + + wdt = dev_get_drvdata(dev); + if (!wdt) { + printk(KERN_DEBUG "ignoring request to dead watchdog.\n"); + return -ENODEV; + } + + return snprintf(buf, PAGE_SIZE, "%i\n", wdt->countdown_min); +} + +static struct device_attribute wdt_attributes[] = { + __ATTR(enabled, 0600, show_enabled, store_enabled), + __ATTR(countdown, 0600, show_countdown, store_countdown), + __ATTR(countdown_min, 0400, show_countdown_min, NULL), +}; + +/* + * software timer callback: decrement countdown and update + * countdown_min if needed. this is called 10 times per second. + */ +static void fbxwatchdog_timer_cb(struct timer_list *t) +{ + struct fbxwatchdog *wdt = from_timer(wdt, t, timer); + + if (wdt->enabled) { + wdt->countdown -= jiffies_to_msecs(SOFTTIMER_FREQ); + if (wdt->countdown < wdt->countdown_min) + wdt->countdown_min = wdt->countdown; + } + + wdt->timer.expires = jiffies + SOFTTIMER_FREQ; + add_timer(&wdt->timer); +} + +/* + * called from half life interrupt handler, panic if countdown is too + * low (ie if userland has not reset countdown to before it reached + * 0). + */ +static void fbxwatchdog_halflife_cb(struct fbxwatchdog *wdt) +{ + if (wdt->countdown <= 0) { + wdt->wdt_stop(wdt); + panic("software fbxwatchdog triggered"); + } +} + +/* + * register a new watchdog device. + */ +int fbxwatchdog_register(struct fbxwatchdog *wdt) +{ + struct device *dev; + int i = 0, err = 0; + + if (wdt == NULL) + return -EFAULT; + + printk(KERN_INFO PFX "registering watchdog %s\n", wdt->name); + + dev = device_create(fbxwatchdog_class, NULL, 0, wdt, "%s", wdt->name); + if (IS_ERR(dev)) { + printk(KERN_ERR PFX "unable to allocate device.\n"); + err = PTR_ERR(dev); + goto out_error; + } + wdt->dev = dev; + + for (i = 0; i < ARRAY_SIZE(wdt_attributes); i++) { + err = device_create_file(dev, &wdt_attributes[i]); + if (err) + goto out_error; + } + + /* start countdown soft timer */ + timer_setup(&wdt->timer, fbxwatchdog_timer_cb, 0); + wdt->timer.expires = jiffies + SOFTTIMER_FREQ; + add_timer(&wdt->timer); + + spin_lock_init(&wdt->lock); + + wdt->cb = fbxwatchdog_halflife_cb; + err = wdt->wdt_init(wdt); + if (err) { + printk(KERN_ERR PFX "unable to do low level init of " + "watchdog %s.\n", wdt->name); + goto out_del_timer; + } + +#ifdef CONFIG_FREEBOX_WATCHDOG_CHAR + err = fbxwatchdog_char_add(wdt); + if (err) { + printk(KERN_ERR PFX "unable to add %s to the fbxwatchdog char " + "device interface.\n", wdt->name); + goto out_wdt_cleanup; + } +#endif + + return 0; + +#ifdef CONFIG_FREEBOX_WATCHDOG_CHAR +out_wdt_cleanup: + wdt->wdt_cleanup(wdt); +#endif + +out_del_timer: + del_timer_sync(&wdt->timer); +out_error: + if (wdt->dev) { + for (; i >= 0; i--) + device_remove_file(dev, &wdt_attributes[i]); + device_unregister(dev); + } + return err; +} + +int fbxwatchdog_unregister(struct fbxwatchdog *wdt) +{ + int i; + + printk(KERN_INFO PFX "registering watchdog %s\n", wdt->name); + + if (wdt->enabled) { + unsigned long flags; + + printk(KERN_WARNING "removing enabled watchdog.\n"); + spin_lock_irqsave(&wdt->lock, flags); + wdt->wdt_stop(wdt); + spin_unlock_irqrestore(&wdt->lock, flags); + } + +#ifdef CONFIG_FREEBOX_WATCHDOG_CHAR + fbxwatchdog_char_remove(wdt); +#endif + wdt->wdt_cleanup(wdt); + del_timer_sync(&wdt->timer); + for (i = 0; i < ARRAY_SIZE(wdt_attributes); i++) + device_remove_file(wdt->dev, &wdt_attributes[i]); + device_unregister(wdt->dev); + wdt->dev = NULL; + return 0; +} + +static int __init fbxwatchdog_init(void) +{ + printk(KERN_INFO PFX "2007, Freebox SA.\n"); + fbxwatchdog_class = class_create(THIS_MODULE, "fbxwatchdog"); + if (IS_ERR(fbxwatchdog_class)) + return PTR_ERR(fbxwatchdog_class); + return 0; +} + +static void __exit fbxwatchdog_exit(void) +{ + class_destroy(fbxwatchdog_class); +} + + +EXPORT_SYMBOL_GPL(fbxwatchdog_register); +EXPORT_SYMBOL_GPL(fbxwatchdog_unregister); + +module_init(fbxwatchdog_init); +module_exit(fbxwatchdog_exit); + +MODULE_LICENSE("GPL"); +MODULE_AUTHOR("Nicolas Schichan "); +MODULE_DESCRIPTION("Freebox Watchdog Core - www.freebox.fr"); diff -Nruw linux-5.15.42-fbx/drivers/fbxwatchdog./fbxwatchdog_orion.c linux-5.15.42-fbx/drivers/fbxwatchdog/fbxwatchdog_orion.c --- linux-5.15.42-fbx/drivers/fbxwatchdog./fbxwatchdog_orion.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/fbxwatchdog/fbxwatchdog_orion.c 2023-02-27 19:50:20.928215499 +0100 @@ -0,0 +1,301 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "fbxwatchdog.h" + +struct fbxwatchdog_orion_priv { + struct clk *clk; + unsigned int tclk; + void __iomem *wdt_base; + void __iomem *rstout_base; + struct timer_list half_life_timer; + struct fbxwatchdog *wdt; +}; + +/* + * Watchdog timer block registers. + */ +#define RSTOUTn_MASK (0x0108) +#define TIMER_CTRL (0x0000) +#define WDT_EN 0x0010 +#define WDT_COUNTER (0x0024) + +#define WDT_MAX_CYCLE_COUNT 0xffffffff +#define WDT_IN_USE 0 +#define WDT_OK_TO_CLOSE 1 + +#define WDT_RESET_OUT_EN BIT(1) + +static u32 read_rstout_mask(struct fbxwatchdog_orion_priv *priv) +{ + return readl(priv->rstout_base); +} + +static void write_rstout_mask(struct fbxwatchdog_orion_priv *priv, u32 val) +{ + writel(val, priv->rstout_base); +} + +static u32 read_wdt_timer_ctrl(struct fbxwatchdog_orion_priv *priv) +{ + return readl(priv->wdt_base + TIMER_CTRL); +} + +static void write_wdt_timer_ctrl(struct fbxwatchdog_orion_priv *priv, u32 val) +{ + writel(val, priv->wdt_base + TIMER_CTRL); +} + +static void write_wdt_counter(struct fbxwatchdog_orion_priv *priv, u32 val) +{ + writel(val, priv->wdt_base + WDT_COUNTER); +} + +/* + * orion does not trigger interrupts each times the watchdog reaches + * the half of it's count down. we emulate this behaviour using a + * linux timer that fires every 500 msec. + */ +static void +half_life_timer_cb(struct timer_list *t) +{ + struct fbxwatchdog_orion_priv *priv = from_timer(priv, t, half_life_timer); + struct fbxwatchdog *wdt = priv->wdt; + unsigned long flags; + + spin_lock_irqsave(&wdt->lock, flags); + + /* reload counter */ + write_wdt_counter(priv, priv->tclk * 10); + + if (wdt->cb) + wdt->cb(wdt); + + priv->half_life_timer.expires = jiffies + HZ / 2; + add_timer(&priv->half_life_timer); + + spin_unlock_irqrestore(&wdt->lock, flags); +} + +/* + * setup half life timer. + */ +static int orion_wdt_init(struct fbxwatchdog *wdt) +{ + struct fbxwatchdog_orion_priv *priv; + + priv = wdt->priv; + timer_setup(&priv->half_life_timer, half_life_timer_cb, 0); + return 0; +} + +static int orion_wdt_cleanup(struct fbxwatchdog *wdt) +{ + return 0; +} + +static int orion_wdt_start(struct fbxwatchdog *wdt) +{ + struct fbxwatchdog_orion_priv *priv; + uint32_t val; + + dev_info(wdt->dev, "starting watchdog ...\n"); + + priv = wdt->priv; + val = read_wdt_timer_ctrl(priv); + if (val & WDT_EN) { + dev_warn(wdt->dev, "watchdog has been enabled by " + "bootloader.!\n"); + /* disable it */ + val &= ~WDT_EN; + write_wdt_timer_ctrl(priv, val); + } + + /* watchdog will blow up after 10 seconds if not refreshed */ + write_wdt_counter(priv, priv->tclk * 10); + + /* enable it */ + val = read_wdt_timer_ctrl(priv); + val |= WDT_EN; + write_wdt_timer_ctrl(priv, val); + + /* enable reset on watchdog */ + val = read_rstout_mask(priv); + val |= WDT_RESET_OUT_EN; + write_rstout_mask(priv, val); + + /* will fire every 500 ms */ + priv->half_life_timer.expires = jiffies + HZ / 2; + add_timer(&priv->half_life_timer); + + return 0; +} + +int orion_wdt_stop(struct fbxwatchdog *wdt) +{ + struct fbxwatchdog_orion_priv *priv; + uint32_t val; + + dev_info(wdt->dev, "stopping watchdog ...\n"); + + priv = wdt->priv; + del_timer_sync(&priv->half_life_timer); + + /* disable it */ + val = read_wdt_timer_ctrl(priv); + val &= ~WDT_EN; + write_wdt_timer_ctrl(priv, val); + + /* disable reset on watchdog */ + val = read_rstout_mask(priv); + val |= WDT_RESET_OUT_EN; + write_rstout_mask(priv, val); + + return 0; +} + +static int fbxwatchdog_platform_probe(struct platform_device *pdev) +{ + struct fbxwatchdog_orion_priv *priv = NULL; + struct fbxwatchdog *wdt; + struct clk *clk; + struct resource *r_wdt, *r_rstout; + int err = 0; + + clk = devm_clk_get(&pdev->dev, NULL); + if (IS_ERR(clk)) { + dev_err(&pdev->dev, "Orion Watchdog missing clock\n"); + return -ENODEV; + } + clk_prepare_enable(clk); + + r_wdt = platform_get_resource(pdev, IORESOURCE_MEM, 0); + r_rstout = platform_get_resource(pdev, IORESOURCE_MEM, 1); + + if (!r_rstout || !r_wdt) { + dev_err(&pdev->dev, "Orion Watchdog missing resource.\n"); + return -ENODEV; + + } + + wdt = devm_kzalloc(&pdev->dev, sizeof (*wdt), GFP_KERNEL); + if (!wdt) { + dev_err(&pdev->dev, "unable allocate memory for watchdog.\n"); + err = -ENOMEM; + goto out_error; + } + + priv = devm_kzalloc(&pdev->dev, sizeof (*priv), GFP_KERNEL); + if (!priv) { + dev_err(&pdev->dev, "unable to allocate memory for private " + "structure.\n"); + err = -ENOMEM; + goto out_error; + } + + priv->wdt = wdt; + wdt->priv = priv; + wdt->name = pdev->name; + + wdt->wdt_init = orion_wdt_init; + wdt->wdt_cleanup = orion_wdt_cleanup; + wdt->wdt_start = orion_wdt_start; + wdt->wdt_stop = orion_wdt_stop; + + priv->wdt_base = devm_ioremap_resource(&pdev->dev, r_wdt); + if (!priv->wdt_base) { + dev_err(&pdev->dev, "unable to ioremap watchdog registers."); + err = -ENOMEM; + goto out_error; + } + + priv->rstout_base = devm_ioremap_resource(&pdev->dev, r_rstout); + if (!priv->rstout_base) { + dev_err(&pdev->dev, "unable to ioremap rstou mask register."); + err = -ENOMEM; + goto out_error; + } + + priv->tclk = clk_get_rate(clk); + priv->clk = clk; + dev_notice(&pdev->dev, "TCLK rate is %d Mhz.\n", priv->tclk / 1000000); + + + err = fbxwatchdog_register(wdt); + if (err) { + dev_err(&pdev->dev, "unable to register watchdog %s\n", + wdt->name); + goto out_error; + } + + platform_set_drvdata(pdev, wdt); + + return 0; + + out_error: + clk_disable_unprepare(clk); + return err; +} + +/* + * unregister and free memory allocated by the probe function. + */ +static int +fbxwatchdog_platform_remove(struct platform_device *pdev) +{ + struct fbxwatchdog *wdt; + struct fbxwatchdog_orion_priv *priv; + + wdt = platform_get_drvdata(pdev); + if (!wdt) { + BUG(); + return -ENODEV; + } + + fbxwatchdog_unregister(wdt); + + priv = wdt->priv; + clk_disable_unprepare(priv->clk); + + return 0; +} + +static const struct of_device_id orion_fbxwdt_match_table[] = { + { .compatible = "marvell,orion-fbxwdt" }, + {}, +}; + +struct platform_driver fbxwatchdog_platform_driver = { + .probe = fbxwatchdog_platform_probe, + .remove = fbxwatchdog_platform_remove, + .driver = { + .name = "orion_fbxwdt", + .of_match_table = orion_fbxwdt_match_table, + } +}; + +static int __init fbxwatchdog_orion_init(void) +{ + platform_driver_register(&fbxwatchdog_platform_driver); + return 0; +} + +static void __exit fbxwatchdog_orion_exit(void) +{ + platform_driver_unregister(&fbxwatchdog_platform_driver); +} + +module_init(fbxwatchdog_orion_init); +module_exit(fbxwatchdog_orion_exit); + +MODULE_LICENSE("GPL"); +MODULE_AUTHOR("Nicolas Schichan "); +MODULE_DESCRIPTION("Freebox Watchdog, orion specific bits"); + --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/drivers/hwmon/kirkwood-coretemp.c 2023-02-27 19:50:21.284225001 +0100 @@ -0,0 +1,119 @@ +/* + * kirkwood-coretemp.c for kirkwood-coretemp + * Created by on Wed Jul 11 19:59:27 2012 + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define PFX "kirkwood-coretemp: " + +struct kirkwood_coretemp_priv { + void __iomem *reg; +}; + +static int show_kirkwood_coretemp(struct device *dev, + struct device_attribute *devattr, + char *buf) +{ + struct platform_device *pdev = to_platform_device(dev); + struct kirkwood_coretemp_priv *priv = platform_get_drvdata(pdev); + u32 reg; + u32 raw_temp; + s32 temp_out; + + reg = readl(priv->reg); + + /* + * TermTValid shall be set. + */ + if ((reg & (1 << 9)) == 0) + return -EIO; + + raw_temp = (reg >> 10) & 0x1ff; + + /* + * out temperature = (322 - raw) / 1.3625 + * + * can't use float here, so be creative. + * + * we also have to avoid 32bit integer overflow (hence the + * 1000000 / 1363 division instead of 10000000 / 13625) + */ + temp_out = (322 - raw_temp); + temp_out = (temp_out * 1000000) / 1363; + + return sprintf(buf, "%i\n", temp_out); +} + +static SENSOR_DEVICE_ATTR(temp1_input, S_IRUGO, show_kirkwood_coretemp, + NULL, 0); + +static struct attribute *kirkwood_coretemp_attrs[] = { + &sensor_dev_attr_temp1_input.dev_attr.attr, + NULL, +}; + +ATTRIBUTE_GROUPS(kirkwood_coretemp); + +static int kirkwood_coretemp_probe(struct platform_device *pdev) +{ + struct device *dev = &pdev->dev; + struct kirkwood_coretemp_priv *priv; + struct resource *res; + struct device *hwmon_dev; + void __iomem *regs; + + res = platform_get_resource(pdev, IORESOURCE_MEM, 0); + if (!res) + return -ENOENT; + + regs = devm_ioremap_resource(dev, res); + if (IS_ERR(regs)) + return PTR_ERR(regs); + + priv = devm_kzalloc(dev, sizeof (*priv), GFP_KERNEL); + if (!priv) + return -ENOMEM; + + priv->reg = regs; + platform_set_drvdata(pdev, priv); + + hwmon_dev = devm_hwmon_device_register_with_groups(dev, + "kirkwood_coretemp", + priv, + kirkwood_coretemp_groups); + return PTR_ERR_OR_ZERO(hwmon_dev); +} + +static int kirkwood_coretemp_remove(struct platform_device *pdev) +{ + return 0; +} + + +static const struct of_device_id kirkwood_coretemp_match[] = { + { .compatible = "marvell,kirkwood-coretemp" }, + { }, +}; +MODULE_DEVICE_TABLE(of, kirkwood_coretemp_match); + +static struct platform_driver kirkwood_coretemp_driver = { + .probe = kirkwood_coretemp_probe, + .remove = kirkwood_coretemp_remove, + .driver = { + .name = "kirkwood-coretemp", + .of_match_table = kirkwood_coretemp_match, + }, +}; + +module_platform_driver(kirkwood_coretemp_driver); +MODULE_LICENSE("GPL"); +MODULE_AUTHOR("Nicolas Schichan "); --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/drivers/input/misc/smsc_cap1066.c 2024-04-22 14:46:53.788155546 +0200 @@ -0,0 +1,1118 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define PFX "cap1066: " + +/* + * list of registers + */ +#define SMSC_REG_MAIN_CTRL 0x00 +#define SMSC_REG_BTN_STATUS1 0x03 +#define SMSC_REG_DATA_SENSITIVITY 0x1f +#define SMSC_REG_CFG 0x20 +#define SMSC_REG_SENS_CFG 0x22 +#define SMSC_REG_MTOUCH_CFG_REG 0x2a +#define SMSC_REG_CFG2 0x44 +#define SMSC_REG_LED_OUT_TYPE 0x71 +#define SMSC_REG_LED_LINK 0x72 +#define SMSC_REG_LED_OUTPUT_CTL 0x74 +#define SMSC_REG_LED_BEHAVIOUR1 0x81 +#define SMSC_REG_LED_BEHAVIOUR2 0x82 +#define SMSC_REG_LED_DIRECT_DCYCLE 0x93 +#define SMSC_REG_LED_DIRECT_RAMP_RATE 0x94 +#define SMSC_REG_LED_OFF_DELAY 0x95 +#define SMSC_REG_DID 0xfd +#define SMSC_REG_VID 0xfe + +/* + * used in cap1066_init_hw and during priv initialization. + */ +#define DEFAULT_DUTY_CYCLE_MIN 0x4 +#define DEFAULT_DUTY_CYCLE_MAX 0xf +#define DEFAULT_RAMP_TIME_FALL 0x1 +#define DEFAULT_RAMP_TIME_RISE 0x2 + +/* + * vendor id / device id + */ +#define SMSC_CAP1066_VID 0x5d +#define SMSC_CAP1066_DID 0x41 +#define SMSC_CAP1166_DID 0x51 + +static const unsigned short normal_i2c[] = { 0x28, I2C_CLIENT_END }; + +static const struct i2c_device_id cap1066_id[] = { + { "cap1066", 0 }, + { } +}; + +/* + * private context + */ +static u32 default_map[CAP1066_MAX_BTNS] = { + BTN_0, + BTN_1, + BTN_2, + BTN_3, + BTN_4, + BTN_5, +}; + +struct led_btn_name +{ + int code; + const char *name; +}; + +/* + * whenever possible symlinks will be created from led_btn_X to + * led_key_y, depending on user provided keymap. add entries here as + * you see fit. + */ +static const struct led_btn_name led_btn_names[] = { + { KEY_UP, "led_key_up", }, + { KEY_DOWN, "led_key_down", }, + { KEY_LEFT, "led_key_left", }, + { KEY_RIGHT, "led_key_right", }, + { KEY_ENTER, "led_key_enter", }, +}; + +enum { + E_SMSC_CAP1066_LED_MODE_AUTO, + E_SMSC_CAP1066_LED_MODE_ON, + E_SMSC_CAP1066_LED_MODE_OFF, +}; + +struct cap1066_led_dev +{ + struct cap1066_priv *parent_priv; + struct device dev; + int led_mode; + int led_index; + const char *btn_link; +}; + +struct cap1066_priv { + struct input_dev *input; + struct i2c_client *client; + u32 keymap[CAP1066_MAX_BTNS]; + struct cap1066_led_dev *led_devices[CAP1066_MAX_BTNS]; + + u8 duty_cycle_min; + u8 duty_cycle_max; + u8 raw_ramp_time_fall; + u8 raw_ramp_time_rise; + + struct gpio_desc *irq_gpio; +}; + +static const char *get_keycode_btn_name(int key_code) +{ + int i; + + for (i = 0; i < ARRAY_SIZE(led_btn_names); ++i) { + if (key_code == led_btn_names[i].code) + return led_btn_names[i].name; + } + return NULL; +} + +/* + * single register read + */ +static int cap1066_read_reg(struct i2c_client *client, u8 reg, u8 *val) +{ + int ret; + + ret = i2c_smbus_read_byte_data(client, reg); + if (ret < 0) { + printk(KERN_ERR PFX "read failed: %d\n", ret); + return ret; + } + + *val = (u8)ret; + return 0; +} + +/* + * single register write + */ +static int cap1066_write_reg(struct i2c_client *client, u8 reg, u8 val) +{ + int ret; + + ret = i2c_smbus_write_byte_data(client, reg, val); + if (ret < 0) { + printk(KERN_ERR PFX "write failed: %d\n", ret); + return ret; + } + return 0; +} + +/* + * called when an smbus device is detected, make sure it's a cap1066 + */ +static int cap1066_detect(struct i2c_client *client, + struct i2c_board_info *info) + +{ + int ret; + u8 vid, did; + const char *name = NULL; + + ret = cap1066_read_reg(client, SMSC_REG_VID, &vid); + if (ret) + return ret; + + ret = cap1066_read_reg(client, SMSC_REG_DID, &did); + if (ret) + return ret; + + if (vid != SMSC_CAP1066_VID) + goto no_dev; + + switch (did) { + case SMSC_CAP1066_DID: + name = "cap1066"; + break; + case SMSC_CAP1166_DID: + name = "cap1166"; + break; + default: + goto no_dev; + } + + printk(KERN_INFO PFX "detected SMSC %s chip\n", name); + if (info) + strlcpy(info->type, name, I2C_NAME_SIZE); + return 0; + +no_dev: + printk(KERN_ERR PFX "bad vid/did: 0x%04x/0x%04x\n", vid, did); + return -ENODEV; +} + +/* + * reset registers value + */ +static int cap1066_init_hw(struct i2c_client *client) +{ + unsigned int i; + u8 did; + int ret; + + static const u8 init_regs[] = { + /* power on */ + SMSC_REG_MAIN_CTRL, 0x0, + + /* default sensitivity */ + SMSC_REG_DATA_SENSITIVITY, 0x2f, + + /* max duration */ + SMSC_REG_SENS_CFG, 0xf4, + + /* default configuration */ + SMSC_REG_CFG, 0x38, + + /* open drain output on all gpios */ + SMSC_REG_LED_OUT_TYPE, 0x00, + + /* link leds with sensors */ + SMSC_REG_LED_LINK, 0x3f, + + /* setup direct mode */ + SMSC_REG_LED_BEHAVIOUR1, 0x00, + SMSC_REG_LED_BEHAVIOUR2, 0x00, + + /* set led duty cycle min/max to 10% => 100% */ + SMSC_REG_LED_DIRECT_DCYCLE, + (DEFAULT_DUTY_CYCLE_MAX << 4) | + (DEFAULT_DUTY_CYCLE_MIN), + + /* set ramp rate time to 500ms/250ms */ + SMSC_REG_LED_DIRECT_RAMP_RATE, + (DEFAULT_RAMP_TIME_RISE << 3) | + (DEFAULT_RAMP_TIME_FALL), + }; + + static const u8 init_cap11_regs[] = { + /* default configuration2 */ + SMSC_REG_CFG2, 0x44, + }; + + for (i = 0; i < ARRAY_SIZE(init_regs); i += 2) { + int ret; + + ret = cap1066_write_reg(client, + init_regs[i], init_regs[i + 1]); + if (ret) + return ret; + } + + ret = cap1066_read_reg(client, SMSC_REG_DID, &did); + if (ret) + return ret; + + if (did != SMSC_CAP1166_DID) + return 0; + + for (i = 0; i < ARRAY_SIZE(init_cap11_regs); i += 2) { + int ret; + + ret = cap1066_write_reg(client, + init_cap11_regs[i], + init_cap11_regs[i + 1]); + if (ret) + return ret; + } + + return 0; +} + +/* + * input core poll callback + */ +static void cap1066_input_poll(struct input_dev *input) +{ + struct cap1066_priv *priv = input_get_drvdata(input); + unsigned int i; + int ret; + u8 stat; + + if (priv->irq_gpio && gpiod_get_value(priv->irq_gpio)) + return; + + /* clear interrupt flag */ + cap1066_write_reg(priv->client, SMSC_REG_MAIN_CTRL, 0); + + ret = cap1066_read_reg(priv->client, SMSC_REG_BTN_STATUS1, &stat); + if (ret) { + printk(KERN_ERR PFX "unable to read status\n"); + return; + } + + for (i = 0; i < CAP1066_MAX_BTNS; i++) + input_report_key(input, priv->keymap[i], + (stat & (1 << i)) ? 1 : 0); + input_sync(input); +} + +#define to_cap1066_led_dev(Dev) container_of(Dev, struct cap1066_led_dev, dev) + +/* + * called when all sysfs references to the cap1066_led_dev are gone. + */ +static void cap1066_led_dev_release(struct device *dev) +{ + struct cap1066_led_dev *led_dev; + + led_dev = to_cap1066_led_dev(dev); + kfree(led_dev); +} + +static int is_white(int c) +{ + return c == '\0' || c == ' ' || c == '\t' || c == '\n' || c == '\r'; +} + +/* + * store a new control value for a given cap1066_led_dev: + * - auto means that the led is linked to the capacitive keys + * - on means that the led is always on + * - off means that the led is always off + */ +static ssize_t store_control(struct device *dev, + struct device_attribute *attr, + const char *buf, size_t count) +{ + struct cap1066_led_dev *led_dev; + int new_mode; + int read_len = 0; + const char *end; + int key; + u8 reg; + struct i2c_client *client; + static const char *valid_keys[] = { + [E_SMSC_CAP1066_LED_MODE_AUTO] = "auto", + [E_SMSC_CAP1066_LED_MODE_ON] = "on", + [E_SMSC_CAP1066_LED_MODE_OFF] = "off", + }; + + + led_dev = to_cap1066_led_dev(dev); + client = led_dev->parent_priv->client; + + if (is_white(*buf)) + /* + * eat white spaces silently, upper layer will call us + * again. + */ + return 1; + + for (key = 0; key < ARRAY_SIZE(valid_keys); ++key) { + if (count < strlen(valid_keys[key])) + continue ; + if (!strncmp(buf, valid_keys[key], strlen(valid_keys[key]))) { + break; + } + } + + if (key == ARRAY_SIZE(valid_keys)) { + /* + * end of valid_keys array reached and nothing valid + * was recognized. + */ + printk(KERN_ERR PFX "invalid control value.\n"); + return -EINVAL; + } + new_mode = key; + read_len = strlen(valid_keys[key]); + + /* + * check that no garbage is present at end of input. + */ + end = buf + read_len; + if (end < buf + count && !is_white(*end)) { + /* + * garbage at end of input. + */ + printk(KERN_ERR PFX "garbage at end of value for led " + "control.\n"); + return -EINVAL; + } + + if (new_mode == led_dev->led_mode) + return read_len; + + if (new_mode == E_SMSC_CAP1066_LED_MODE_AUTO) { + cap1066_read_reg(client, SMSC_REG_LED_LINK, ®); + reg |= (1 << led_dev->led_index); + cap1066_write_reg(client, SMSC_REG_LED_LINK, reg); + } else { + cap1066_read_reg(client, SMSC_REG_LED_LINK, ®); + reg &= ~(1 << led_dev->led_index); + cap1066_write_reg(client, SMSC_REG_LED_LINK, reg); + + cap1066_read_reg(client, SMSC_REG_LED_OUTPUT_CTL, ®); + if (new_mode == E_SMSC_CAP1066_LED_MODE_ON) + reg |= (1 << led_dev->led_index); + else + reg &= ~(1 << led_dev->led_index); + cap1066_write_reg(client, SMSC_REG_LED_OUTPUT_CTL, reg); + } + led_dev->led_mode = new_mode; + + return read_len; +} + +static ssize_t show_control(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct cap1066_led_dev *led_dev; + const char *str; + + led_dev = to_cap1066_led_dev(dev); + switch (led_dev->led_mode) { + case E_SMSC_CAP1066_LED_MODE_AUTO: + str = "auto"; + break; + + case E_SMSC_CAP1066_LED_MODE_ON: + str = "on"; + break; + + case E_SMSC_CAP1066_LED_MODE_OFF: + str = "off"; + break; + + default: + str = "invalid"; + break; + } + + return sprintf(buf, "%s\n", str); +} + +static DEVICE_ATTR(control, S_IWUSR | S_IRUSR, show_control, store_control); + +static struct device_attribute *cap1066_led_dev_attrs[] = { + &dev_attr_control, +}; + +/* + * helper used to create all attributes given in the attr array. + * + * if something goes wrong during creation, remove attributes that + * have already been created. + */ +static int create_sysfs_files(struct device *dev, + struct device_attribute **attrs, + size_t count) +{ + int created; + int error = 0; + + for (created = 0; created < count; ++created) { + error = device_create_file(dev, attrs[created]); + if (error) + break; + } + + if (!error) + /* + * no errors, can return. + */ + return 0; + + /* + * errors during creation, remove already created + * files. + */ + while (--created >= 0) + device_remove_file(dev, attrs[created]); + + return error; +} + +/* + * create a led device. This will create a new directory in the sysfs + * base of the parent. a symlink will be created if a button name is + * found via get_keycode_btn_name(). + */ +static struct cap1066_led_dev *cap1066_create_led_dev(struct device *parent, + struct cap1066_priv *priv, + int index, int key_code) +{ + struct cap1066_led_dev *dev; + int error = 0; + + dev = kzalloc(sizeof (*dev), GFP_KERNEL); + if (!dev) + return NULL; + + dev->led_index = index; + dev->parent_priv = priv; + dev_set_name(&dev->dev, "led_btn_%i", index); + dev->dev.release = cap1066_led_dev_release; + dev->dev.parent = parent; + if (device_register(&dev->dev) < 0) { + kfree(dev); + return NULL; + } + + /* + * create sysfs attributes. + */ + error = create_sysfs_files(&dev->dev, cap1066_led_dev_attrs, + ARRAY_SIZE(cap1066_led_dev_attrs)); + if (error) { + device_unregister(&dev->dev); + return NULL; + } + + /* + * create sysfs symlinks to friendly names, wherever possible. + */ + dev->btn_link = get_keycode_btn_name(key_code); + if (dev->btn_link) { + error = sysfs_create_link(&parent->kobj, &dev->dev.kobj, + dev->btn_link); + if (error) + dev->btn_link = NULL; + } + return dev; +} + +static void cap1066_remove_led_dev(struct cap1066_led_dev *dev) +{ + int i; + + if (dev->btn_link) + sysfs_remove_link(&dev->dev.parent->kobj, dev->btn_link); + + for (i = 0; i < ARRAY_SIZE(cap1066_led_dev_attrs); ++i) + device_remove_file(&dev->dev, cap1066_led_dev_attrs[i]); + device_unregister(&dev->dev); + + /* + * dev->release() kfree the cap1066_led_dev struct + */ +} + +/* + * helper to exctract an unsigned long from the buffer given in + * parameter. + * + * first store buf in a zero terminated string and strtoul() it. + */ +static int get_ulong(const char *buf, size_t count, unsigned long *ret) +{ + char local_buf[32]; + unsigned long val; + const char *end; + + strncpy(local_buf, buf, min(count , sizeof (local_buf))); + local_buf[min(count, sizeof (local_buf) - 1)] = 0; + + val = simple_strtoul(local_buf, (char**)&end, 0); + if (!is_white(*end)) + /* + * garbage after end of input. + */ + return -EINVAL; + + *ret = val; + + return 0; +} + +/* + * duty cycle sysfs callbacks: things may not work as expected if + * duty_cycle_min is >= duty_cycle_max. + * + * values that can be written in duty_cycle_max/duty_cycle_min + * attributes can be on the range [0, 16 [. + * + * 0 means the lowest possible pwm duty cycle. + * 1 means the highest possible pwm duty cycle. + */ + +static ssize_t store_duty_cycle_min(struct device *dev, + struct device_attribute *attr, + const char *buf, size_t count) +{ + unsigned long val; + struct i2c_client *client; + struct cap1066_priv *priv; + int error; + u8 reg; + + client = to_i2c_client(dev); + priv = i2c_get_clientdata(client); + + if (is_white(*buf)) + return 1; + + error = get_ulong(buf, count, &val); + if (error) + return error; + + if (val > 0xf) + return -ERANGE; + + cap1066_read_reg(client, SMSC_REG_LED_DIRECT_DCYCLE, ®); + reg &= ~0xf; + reg |= val; + cap1066_write_reg(client, SMSC_REG_LED_DIRECT_DCYCLE, reg); + + priv->duty_cycle_min = val; + + pr_debug(PFX "store_duty_cycle_min: reg = 0x%02x\n", reg); + return count; +} + +static ssize_t show_duty_cycle_min(struct device *dev, + struct device_attribute *attr, + char *buf) +{ + struct i2c_client *client; + struct cap1066_priv *priv; + + client = to_i2c_client(dev); + priv = i2c_get_clientdata(client); + + return sprintf(buf, "%u\n", priv->duty_cycle_min); +} + +static ssize_t store_duty_cycle_max(struct device *dev, + struct device_attribute *attr, + const char *buf, size_t count) +{ + unsigned long val; + struct i2c_client *client; + struct cap1066_priv *priv; + int error; + u8 reg; + + client = to_i2c_client(dev); + priv = i2c_get_clientdata(client); + + if (is_white(*buf)) + return 1; + + error = get_ulong(buf, count, &val); + if (error) + return error; + + if (val > 0xf) + return -ERANGE; + + cap1066_read_reg(client, SMSC_REG_LED_DIRECT_DCYCLE, ®); + reg &= ~0xf0; + reg |= val << 4; + cap1066_write_reg(client, SMSC_REG_LED_DIRECT_DCYCLE, reg); + + priv->duty_cycle_max = val; + + pr_debug(PFX "store_duty_cycle_max: reg = 0x%02x\n", reg); + return count; +} + +static ssize_t show_duty_cycle_max(struct device *dev, + struct device_attribute *attr, + char *buf) +{ + struct i2c_client *client; + struct cap1066_priv *priv; + + client = to_i2c_client(dev); + priv = i2c_get_clientdata(client); + + return sprintf(buf, "%u\n", priv->duty_cycle_max); +} + +/* + * convert millisecond value to a "raw" value ready to be written to + * the register. + */ +static u8 msec_to_raw_ramp_time(unsigned long msec) +{ + u8 ret; + + if (msec <= 1500) + /* + * register handles 250 msec increments if below 1500 + * msec. + */ + ret = msec / 250; + else + /* + * there is no 1750 msec step, and 2000 msec is + * encoded as 0x7. + */ + ret = 0x7; + + return ret; +} + +/* + * convert raw register value to a millisecond value. + */ +static unsigned long raw_ramp_time_to_msec(u8 raw) +{ + unsigned long ret; + + if (raw < 7) + ret = 250 * raw; + else + ret = 2000; + + return ret; +} + +/* + * ramp time sysfs callbacks. delays are not reliable if programmed + * want time is higher than 1000 msec. + * + * values that can be written are on the range [0, 2000] and are given + * in milliseconds. Values higher than 2000 are clamped to 2000. shown + * values are rounded up to the next value supported by the hardware. + */ + +static ssize_t store_ramp_time_rise(struct device *dev, + struct device_attribute *attr, + const char *buf, size_t count) +{ + unsigned long val; + u8 raw_val; + struct i2c_client *client; + struct cap1066_priv *priv; + int error; + u8 reg; + + client = to_i2c_client(dev); + priv = i2c_get_clientdata(client); + + if (is_white(*buf)) + return 1; + + error = get_ulong(buf, count, &val); + if (error) + return error; + + raw_val = msec_to_raw_ramp_time(val); + + cap1066_read_reg(client, SMSC_REG_LED_DIRECT_RAMP_RATE, ®); + reg &= ~(0x7 << 3); + reg |= raw_val << 3; + cap1066_write_reg(client, SMSC_REG_LED_DIRECT_RAMP_RATE, reg); + + priv->raw_ramp_time_rise = raw_val; + + pr_debug(PFX "store_ramp_time_rise: reg = %02x\n", reg); + return count; +} + +static ssize_t show_ramp_time_rise(struct device *dev, + struct device_attribute *attr, + char *buf) +{ + struct i2c_client *client; + struct cap1066_priv *priv; + unsigned long msec; + + client = to_i2c_client(dev); + priv = i2c_get_clientdata(client); + + msec = raw_ramp_time_to_msec(priv->raw_ramp_time_rise); + + return sprintf(buf, "%lu\n", msec); +} + +static ssize_t store_ramp_time_fall(struct device *dev, + struct device_attribute *attr, + const char *buf, size_t count) +{ + unsigned long val; + u8 raw_val; + struct i2c_client *client; + struct cap1066_priv *priv; + int error; + u8 reg; + + client = to_i2c_client(dev); + priv = i2c_get_clientdata(client); + + if (is_white(*buf)) + return 1; + + error = get_ulong(buf, count, &val); + if (error) + return error; + + raw_val = msec_to_raw_ramp_time(val); + + cap1066_read_reg(client, SMSC_REG_LED_DIRECT_RAMP_RATE, ®); + reg &= ~0x7; + reg |= raw_val; + cap1066_write_reg(client, SMSC_REG_LED_DIRECT_RAMP_RATE, reg); + + priv->raw_ramp_time_fall = raw_val; + + pr_debug(PFX "store_ramp_time_rise: reg = %02x\n", reg); + return count; +} + +static ssize_t show_ramp_time_fall(struct device *dev, + struct device_attribute *attr, + char *buf) +{ + struct i2c_client *client; + struct cap1066_priv *priv; + unsigned long msec; + + client = to_i2c_client(dev); + priv = i2c_get_clientdata(client); + + msec = raw_ramp_time_to_msec(priv->raw_ramp_time_fall); + + return sprintf(buf, "%lu\n", msec); +} + +#define MTOUCH_ENABLE (1 << 7) +#define MTOUCH_COUNT_MASK (3 << 2) +#define MTOUCH_COUNT_SHIFT (2) + +/* + * touch limit handling: the hardware can report at most 1 to 4 key + * press event or no limit at all. + * + * Accepted values in touch_limit attribte: + * 0 -> no limit + * [1, 4] -> limit to the indicated count + * [4, +inf [ -> invalid + */ +static ssize_t store_touch_limit(struct device *dev, + struct device_attribute *attr, const char *buf, + size_t count) +{ + struct i2c_client *client; + unsigned long limit; + int err; + u8 mtouch_reg; + + client = to_i2c_client(dev); + + if (is_white(*buf)) + return 1; + + err = get_ulong(buf, count, &limit); + if (err) + return err; + + if (limit > 4) + return -EINVAL; + + if (limit == 0) { + mtouch_reg = 0; + } else { + mtouch_reg = MTOUCH_ENABLE | + ((limit - 1) << MTOUCH_COUNT_SHIFT); + } + cap1066_write_reg(client, SMSC_REG_MTOUCH_CFG_REG, mtouch_reg); + + return count; +} + +static ssize_t show_touch_limit(struct device *dev, + struct device_attribute *attr, + char *buf) +{ + struct i2c_client *client; + u8 mtouch_reg; + + client = to_i2c_client(dev); + + cap1066_read_reg(client, SMSC_REG_MTOUCH_CFG_REG, &mtouch_reg); + + if (mtouch_reg & MTOUCH_ENABLE) { + u8 count = (mtouch_reg & MTOUCH_COUNT_MASK) >> + MTOUCH_COUNT_SHIFT; + return sprintf(buf, "%d\n", count + 1); + } else { + return sprintf(buf, "0\n"); + } +} + +static DEVICE_ATTR(duty_cycle_min, S_IRUSR | S_IWUSR, show_duty_cycle_min, + store_duty_cycle_min); + +static DEVICE_ATTR(duty_cycle_max, S_IRUSR | S_IWUSR, show_duty_cycle_max, + store_duty_cycle_max); + +static DEVICE_ATTR(ramp_time_rise, S_IRUSR | S_IWUSR, show_ramp_time_rise, + store_ramp_time_rise); + +static DEVICE_ATTR(ramp_time_fall, S_IRUSR | S_IWUSR, show_ramp_time_fall, + store_ramp_time_fall); + +static DEVICE_ATTR(touch_limit, S_IWUSR | S_IRUSR, show_touch_limit, + store_touch_limit); + +static struct device_attribute *cap1066_base_attributes[] = { + &dev_attr_duty_cycle_min, + &dev_attr_duty_cycle_max, + &dev_attr_ramp_time_rise, + &dev_attr_ramp_time_fall, + &dev_attr_touch_limit, +}; + +/* + * i2c core probe callback, called after sucessful detect + */ +static int cap1066_probe(struct i2c_client *client, + const struct i2c_device_id *id) +{ + struct device_node *np = client->dev.of_node; + struct input_dev *input; + struct cap1066_priv *priv; + struct reset_control *reset; + int ret, i; + + priv = devm_kzalloc(&client->dev, sizeof (*priv), GFP_KERNEL); + if (!priv) + return -ENOMEM; + + priv->irq_gpio = devm_gpiod_get_optional(&client->dev, + "irq", + GPIOD_IN); + if (IS_ERR(priv->irq_gpio)) { + ret = PTR_ERR(priv->irq_gpio); + if (ret != -EPROBE_DEFER) + dev_err(&client->dev, + "failed to get irq gpio :%d", ret); + return ret; + } + + if (np) { + ret = of_property_read_u32_array(np, + "keymap", + priv->keymap, + ARRAY_SIZE(priv->keymap)); + if (ret < 0) { + dev_err(&client->dev, + "bad/missing keymap property: %d", ret); + return ret; + } + } else + memcpy(priv->keymap, default_map, sizeof (priv->keymap)); + + /* un-reset if needed */ + reset = devm_reset_control_get_shared_by_index(&client->dev, 0); + if (IS_ERR(reset)) { + ret = PTR_ERR(reset); + if (ret == -ENOENT) + reset = NULL; + else if (ret != -EPROBE_DEFER){ + dev_err(&client->dev, "failed to get reset: %d\n", + ret); + return ret; + } + } + + if (reset && reset_control_status(reset)) { + reset_control_deassert(reset); + msleep(10); + } + + ret = cap1066_detect(client, NULL); + if (ret) { + if (ret != -ENODEV) + return ret; + + dev_warn(&client->dev, "unknown cap1x66 device, try anyway.\n"); + } + + /* initialize controller */ + ret = cap1066_init_hw(client); + if (ret) + return ret; + + /* allocate context */ + input = input_allocate_device(); + if (!priv || !input) { + ret = -ENOMEM; + goto out_fail; + } + + /* + * must match what has been setup in cap1066_init_hw(). + */ + priv->duty_cycle_min = DEFAULT_DUTY_CYCLE_MIN; + priv->duty_cycle_max = DEFAULT_DUTY_CYCLE_MAX; + priv->raw_ramp_time_rise = DEFAULT_RAMP_TIME_RISE; + priv->raw_ramp_time_fall = DEFAULT_RAMP_TIME_FALL; + + priv->input = input; + priv->client = client; + + input_set_drvdata(input, priv); + + ret = input_setup_polling(input, cap1066_input_poll); + if (ret) + goto out_fail; + + input_set_poll_interval(input, 50 /* ms */); + + input->name = "smsc_cap1066"; + input->phys = "smsc_cap1066/input0"; + input->id.bustype = BUS_I2C; + input->dev.parent = &client->dev; + + input->keycode = priv->keymap; + input->keycodemax = ARRAY_SIZE(priv->keymap); + input->keycodesize = sizeof (unsigned short); + + set_bit(EV_REP, input->evbit); + set_bit(EV_KEY, input->evbit); + for (i = 0; i < ARRAY_SIZE(priv->keymap); i++) + set_bit(priv->keymap[i], input->keybit); + + i2c_set_clientdata(client, priv); + + ret = input_register_device(input); + if (ret) + goto out_fail; + + for (i = 0; i < ARRAY_SIZE(priv->keymap); ++i) { + if (!priv->keymap[i]) + continue; + priv->led_devices[i] = + cap1066_create_led_dev(&client->dev, + priv, i, priv->keymap[i]); + } + + if (create_sysfs_files(&client->dev, cap1066_base_attributes, + ARRAY_SIZE(cap1066_base_attributes)) < 0) + goto out_free_led_devs; + + return 0; + +out_free_led_devs: + for (i = 0; i < ARRAY_SIZE(priv->keymap); ++i) + if (priv->led_devices[i]) + cap1066_remove_led_dev(priv->led_devices[i]); +out_fail: + input_free_device(input); + i2c_set_clientdata(client, NULL); + return ret; +} + +/* + * i2c core remove callback + */ +static int cap1066_remove(struct i2c_client *client) +{ + int i; + struct cap1066_priv *priv = i2c_get_clientdata(client); + + for (i = 0; i < ARRAY_SIZE(cap1066_base_attributes); ++i) + device_remove_file(&client->dev, cap1066_base_attributes[i]); + + for (i = 0; i < ARRAY_SIZE(priv->keymap); ++i) { + if (priv->led_devices[i]) + cap1066_remove_led_dev(priv->led_devices[i]); + } + + input_unregister_device(priv->input); + input_free_device(priv->input); + + return 0; +} + +static const struct of_device_id cap1066_of_table[] = { + { .compatible = "smsc,smsc_cap1066" }, + { } +}; +MODULE_DEVICE_TABLE(of, cap1066_of_table); + +static struct i2c_driver cap1066_driver = { + .driver = { + .name = "cap1066", + .of_match_table = of_match_ptr(cap1066_of_table), + }, + .probe = cap1066_probe, + .remove = cap1066_remove, + .id_table = cap1066_id, + + .detect = cap1066_detect, + .class = I2C_CLASS_HWMON, + .address_list = normal_i2c, +}; + +static int __init cap1066_init(void) +{ + return i2c_add_driver(&cap1066_driver); +} + +static void __exit cap1066_exit(void) +{ + i2c_del_driver(&cap1066_driver); +} + + +MODULE_AUTHOR("Maxime Bizon "); +MODULE_DESCRIPTION("SMSC CAP1066 driver"); +MODULE_LICENSE("GPL"); + +module_init(cap1066_init); +module_exit(cap1066_exit); diff -Nruw linux-5.15.42-fbx/drivers/misc/hdmi-cec./Kconfig linux-5.15.42-fbx/drivers/misc/hdmi-cec/Kconfig --- linux-5.15.42-fbx/drivers/misc/hdmi-cec./Kconfig 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/misc/hdmi-cec/Kconfig 2023-03-09 15:06:11.352233904 +0100 @@ -0,0 +1,15 @@ +menu "HDMI CEC support" + +config HDMI_CEC + tristate "HDMI CEC (Consumer Electronics Control) support" + help + HDMI Consumer Electronics Control support. + +config HDMI_CEC_REMOTI + tristate "RemoTI CEC driver" + depends on HDMI_CEC + select REMOTI + help + HDMI CEC driver using RemoTI IPCs. + +endmenu diff -Nruw linux-5.15.42-fbx/drivers/misc/hdmi-cec./Makefile linux-5.15.42-fbx/drivers/misc/hdmi-cec/Makefile --- linux-5.15.42-fbx/drivers/misc/hdmi-cec./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/misc/hdmi-cec/Makefile 2023-03-09 15:06:11.352233904 +0100 @@ -0,0 +1,6 @@ +obj-$(CONFIG_HDMI_CEC) += hdmi-cec.o +hdmi-cec-objs += core.o dev.o + +# drivers +obj-$(CONFIG_HDMI_CEC_REMOTI) += remoti-cec.o +remoti-cec-objs := remoti.o diff -Nruw linux-5.15.42-fbx/drivers/misc/remoti./Kconfig linux-5.15.42-fbx/drivers/misc/remoti/Kconfig --- linux-5.15.42-fbx/drivers/misc/remoti./Kconfig 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/misc/remoti/Kconfig 2023-03-09 15:06:11.352233904 +0100 @@ -0,0 +1,26 @@ +menu "RemoTI support" + +config REMOTI + tristate "RemoTI support" + depends on FBX6HD + help + Texas Instruments RemoTI stack. + +config REMOTI_LEDS + tristate "RemoTI LEDS support" + depends on REMOTI + depends on LEDS_CLASS + help + RemoTI LEDS class driver support. + +config REMOTI_GPIO + tristate "RemoTI gpio support" + depends on REMOTI + help + gpiochip driver for the RemoTI RNP + +config REMOTI_USER + tristate "RemoTI userspace access" + depends on REMOTI + +endmenu diff -Nruw linux-5.15.42-fbx/drivers/misc/remoti./Makefile linux-5.15.42-fbx/drivers/misc/remoti/Makefile --- linux-5.15.42-fbx/drivers/misc/remoti./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/misc/remoti/Makefile 2023-03-09 15:06:11.352233904 +0100 @@ -0,0 +1,9 @@ +obj-$(CONFIG_REMOTI) += remoti.o +obj-$(CONFIG_REMOTI_GPIO) += remoti-gpio.o +obj-$(CONFIG_REMOTI_LEDS) += remoti-leds.o +obj-$(CONFIG_REMOTI_USER) += remoti-user.o + +remoti-objs := core.o core-sysfs.o +remoti-gpio-objs := gpio.o +remoti-leds-objs := leds.o +remoti-user-objs := user.o diff -Nruw linux-5.15.42-fbx/drivers/net/ethernet/broadcom/bcm63158./Makefile linux-5.15.42-fbx/drivers/net/ethernet/broadcom/bcm63158/Makefile --- linux-5.15.42-fbx/drivers/net/ethernet/broadcom/bcm63158./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/ethernet/broadcom/bcm63158/Makefile 2024-04-22 14:46:54.604177840 +0200 @@ -0,0 +1,3 @@ +obj-$(CONFIG_BCM63158_SYSTEMPORT) += bcmsysport_63158.o +obj-$(CONFIG_BCM63158_ENET_RUNNER) += enet/ +obj-$(CONFIG_BCM63158_SF2) += sf2/ diff -Nruw linux-5.15.42-fbx/drivers/net/ethernet/broadcom/bcm63158./enet/Makefile linux-5.15.42-fbx/drivers/net/ethernet/broadcom/bcm63158/enet/Makefile --- linux-5.15.42-fbx/drivers/net/ethernet/broadcom/bcm63158./enet/Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/ethernet/broadcom/bcm63158/enet/Makefile 2023-03-09 15:06:11.356234011 +0100 @@ -0,0 +1,11 @@ +obj-$(CONFIG_BCM63158_ENET_RUNNER) += bcm63158_enet_runner.o + +bcm63158_enet_runner-y := \ + ethtool.o \ + main.o \ + port_unimac.o \ + port_xport.o \ + port_xport_serdes.o \ + port_xport_epon.o \ + port_xport_epon_dbg.o \ + port_xport_xlmac.o diff -Nruw linux-5.15.42-fbx/drivers/net/ethernet/broadcom/bcm63158./sf2/Makefile linux-5.15.42-fbx/drivers/net/ethernet/broadcom/bcm63158/sf2/Makefile --- linux-5.15.42-fbx/drivers/net/ethernet/broadcom/bcm63158./sf2/Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/ethernet/broadcom/bcm63158/sf2/Makefile 2023-03-09 15:06:11.364234225 +0100 @@ -0,0 +1,4 @@ +obj-$(CONFIG_BCM63158_SF2) += bcm63158_sf2.o + +bcm63158_sf2-y += sf2_main.o sf2_fdb.o +bcm63158_sf2-$(CONFIG_DEBUG_FS) += sf2_debug.o diff -Nruw linux-5.15.42-fbx/drivers/net/ethernet/broadcom/bcm63xx_enet_runner./Makefile linux-5.15.42-fbx/drivers/net/ethernet/broadcom/bcm63xx_enet_runner/Makefile --- linux-5.15.42-fbx/drivers/net/ethernet/broadcom/bcm63xx_enet_runner./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/ethernet/broadcom/bcm63xx_enet_runner/Makefile 2023-03-09 15:06:11.368234332 +0100 @@ -0,0 +1,5 @@ +obj-$(CONFIG_BCM63XX_ENET_RUNNER) += bcm63xx_enet_runner_mod.o +obj-$(CONFIG_BCM63XX_ENET_RUNNER) += bcm63xx_sf2.o + +bcm63xx_enet_runner_mod-y += bcm63xx_enet_runner.o +bcm63xx_enet_runner_mod-$(CONFIG_DEBUG_FS) += bcm63xx_enet_runner_debug.o diff -Nruw linux-5.15.42-fbx/drivers/net/ethernet/wintegra./Kconfig linux-5.15.42-fbx/drivers/net/ethernet/wintegra/Kconfig --- linux-5.15.42-fbx/drivers/net/ethernet/wintegra./Kconfig 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/ethernet/wintegra/Kconfig 2023-03-09 15:06:11.368234332 +0100 @@ -0,0 +1,10 @@ +config NET_VENDOR_WINTEGRA + bool + +config WINTEGRA_WINPATH3_ETH + tristate "Wintegra Winpath3 internal mac support" + depends on WINTEGRA_WINPATH3 + select NET_VENDOR_WINTEGRA + select NET_CORE + select MII + select PHYLIB diff -Nruw linux-5.15.42-fbx/drivers/net/ethernet/wintegra./Makefile linux-5.15.42-fbx/drivers/net/ethernet/wintegra/Makefile --- linux-5.15.42-fbx/drivers/net/ethernet/wintegra./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/ethernet/wintegra/Makefile 2023-03-09 15:06:11.368234332 +0100 @@ -0,0 +1 @@ +obj-$(CONFIG_WINTEGRA_WINPATH3_ETH) += wp3_eth.o diff -Nruw linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./Makefile linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/Makefile --- linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/Makefile 2023-03-10 17:18:24.474042758 +0100 @@ -0,0 +1,12 @@ +mwl8k_new-$(CONFIG_DEBUG_FS) += debugfs.o +mwl8k_new-y += fw.o +mwl8k_new-y += main.o +mwl8k_new-y += utils.o + +mwl8k_new-y += svc_console.o +mwl8k_new-y += svc_dma_test.o +mwl8k_new-y += svc_vtty.o + +mwl8k_new-y += wifi_core.o + +obj-$(CONFIG_MWL8K_NEW) += mwl8k_new.o diff -Nruw linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./d11_defs.h linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/d11_defs.h --- linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./d11_defs.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/d11_defs.h 2023-03-10 17:18:24.474042758 +0100 @@ -0,0 +1,59 @@ +#ifndef D11_DEFS_H_ +#define D11_DEFS_H_ + +/* + * + */ +static const u16 bits_per_symbol[][2] = { + /* 20MHz 40MHz */ + { 26, 54 }, /* 0: BPSK */ + { 52, 108 }, /* 1: QPSK 1/2 */ + { 78, 162 }, /* 2: QPSK 3/4 */ + { 104, 216 }, /* 3: 16-QAM 1/2 */ + { 156, 324 }, /* 4: 16-QAM 3/4 */ + { 208, 432 }, /* 5: 64-QAM 2/3 */ + { 234, 486 }, /* 6: 64-QAM 3/4 */ + { 260, 540 }, /* 7: 64-QAM 5/6 */ +}; + +#define IEEE80211_SEQ_SEQ_SHIFT 4 +#define IEEE80211_SEQ_MAX 4096 + +#define IEEE80211_AGGR_MAX_MPDU 64 + +#define AMPDU_DELIM_SZ 4 +#define BITS_PER_BYTE 8 +#define OFDM_PLCP_BITS 22 +#define HT_RC_2_STREAMS(_rc) ((((_rc) & 0x78) >> 3) + 1) +#define L_STF 8 +#define L_LTF 8 +#define L_SIG 4 +#define HT_SIG 8 +#define HT_STF 4 +#define HT_LTF(_ns) (4 * (_ns)) +#define SYMBOL_TIME(_ns) ((_ns) << 2) /* ns * 4 us */ +#define SYMBOL_TIME_HALFGI(_ns) (((_ns) * 18 + 4) / 5) /* ns * 3.6 us */ +#define TIME_SYMBOLS(t) ((t) >> 2) +#define TIME_SYMBOLS_HALFGI(t) (((t) * 5 - 4) / 18) +#define NUM_SYMBOLS_PER_USEC(_usec) (_usec >> 2) +#define NUM_SYMBOLS_PER_USEC_HALFGI(_usec) (((_usec*5)-4)/18) + +#define TID_TO_WME_AC(_tid) \ + ((((_tid) == 0) || ((_tid) == 3)) ? IEEE80211_AC_BE : \ + (((_tid) == 1) || ((_tid) == 2)) ? IEEE80211_AC_BK : \ + (((_tid) == 4) || ((_tid) == 5)) ? IEEE80211_AC_VI : \ + IEEE80211_AC_VO) + + +/* compressed blockack bitmap size (in bits) */ +#define D11_BA_BMP_SIZE 64 + +/* return block-ack bitmap index given sequence and starting sequence */ +#define D11_BA_INDEX(_st, _seq) (((_seq) - (_st)) & (IEEE80211_SEQ_MAX - 1)) + +/* return whether a bit at index _n in bitmap _bm is set + * _sz is the size of the bitmap */ +#define D11_BA_ISSET(_bm, _n) (((_n) < (D11_BA_BMP_SIZE)) && \ + ((_bm)[(_n) >> 3] & (1 << ((_n) & 7)))) + +#endif /* !D11_DEFS_H_ */ diff -Nruw linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./debugfs.c linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/debugfs.c --- linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./debugfs.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/debugfs.c 2023-03-10 17:18:24.474042758 +0100 @@ -0,0 +1,81 @@ +#include "mwl8k_priv.h" + +static struct dentry *dbg_dir; + +/* + * + */ +static int mwl8k_debugfs_show_test(void *data, u64 *val) +{ + struct mwl8k_priv *priv = data; + size_t i; + + printk("test\n"); + for (i = 0; i < 1000 * 1000; i++) { + (void)ioread32(priv->sram); + (void)iowrite32(0x0, priv->sram); + if (i % 10000 == 0) + msleep(1); + if (signal_pending(current)) + break; + } + + *val = 0; + return 0; +} + +DEFINE_DEBUGFS_ATTRIBUTE(mwl8k_debugfs_test, mwl8k_debugfs_show_test, + NULL, "%lld\n"); + +/* + * This function creates the debug FS directory structure and the files. + */ +void mwl8k_debugfs_dev_init(struct mwl8k_priv *priv) +{ + if (!dbg_dir) + return; + + /* export regs */ + priv->blob_regs.data = priv->regs; + priv->blob_regs.size = 64 * 1024; + priv->blob_sram.data = priv->sram; + priv->blob_sram.size = 64 * 1024; + + priv->dbg_regs = debugfs_create_blob("regs", 0644, dbg_dir, + &priv->blob_regs); + priv->dbg_sram = debugfs_create_blob("sram", 0644, dbg_dir, + &priv->blob_sram); + priv->dbg_test = debugfs_create_file("test", 0644, dbg_dir, + priv, &mwl8k_debugfs_test); +} + +/* + * This function removes the debug FS directory structure and the files. + */ +void mwl8k_debugfs_dev_remove(struct mwl8k_priv *priv) +{ + if (priv->dbg_regs) + debugfs_remove(priv->dbg_regs); + if (priv->dbg_sram) + debugfs_remove(priv->dbg_sram); + if (priv->dbg_test) + debugfs_remove(priv->dbg_test); +} + +/* + * This function creates the top level proc directory. + */ +void mwl8k_debugfs_init(void) +{ + dbg_dir = debugfs_create_dir("mwl8k_new", NULL); + if (!dbg_dir) + printk(KERN_ERR "failed to create debugfs dir\n"); +} + +/* + * This function removes the top level proc directory. + */ +void mwl8k_debugfs_remove(void) +{ + debugfs_remove(dbg_dir); +} diff -Nruw linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./fw.c linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/fw.c --- linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./fw.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/fw.c 2024-04-22 14:46:55.456201118 +0200 @@ -0,0 +1,290 @@ +#include "mwl8k_priv.h" + +/* + * LEGACY INTERFACE, used to exchange with helper + */ +struct mwl8k_cmd_pkt { + __le16 code; + __le16 length; + __u8 seq_num; + __u8 macid; + __le16 result; + char payload[0]; +} __packed; + +#define MWL8K_HIU_GEN_PTR 0x00000c10 +#define MWL8K_HIU_INT_CODE 0x00000c14 +#define MWL8K_INT_CODE_CMD_FINISHED 0x00000005 +#define MWL8K_HIU_H2A_INTERRUPT_STATUS 0x00000c1c +#define MWL8K_HIU_SCRATCH 0x00000c40 + +#define MWL8K_H2A_INT_DUMMY (1 << 20) +#define MWL8K_H2A_INT_RESET (1 << 15) +#define MWL8K_H2A_INT_DOORBELL (1 << 1) + +#define MWL8K_CMD_CODE_DNLD 0x0001 + +/* + * end LEGACY INTERFACE + */ + + +/* + * + */ +static int mwl8k_send_fw_load_cmd(struct mwl8k_priv *priv, void *data, int length) +{ + void __iomem *regs = priv->regs; + dma_addr_t dma_addr; + int loops; + + dma_addr = pci_map_single(priv->pdev, data, length, PCI_DMA_TODEVICE); + if (pci_dma_mapping_error(priv->pdev, dma_addr)) + return -ENOMEM; + + iowrite32(dma_addr, regs + MWL8K_HIU_GEN_PTR); + iowrite32(0, regs + MWL8K_HIU_INT_CODE); + iowrite32(MWL8K_H2A_INT_DOORBELL, + regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS); + iowrite32(MWL8K_H2A_INT_DUMMY, + regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS); + + loops = 10000; + do { + if (priv->info->helper_image) { + u32 int_code = ioread32(regs + MWL8K_HIU_INT_CODE); + //printk("int code: %08x\n", int_code); + if (int_code == MWL8K_INT_CODE_CMD_FINISHED) { + iowrite32(0, regs + MWL8K_HIU_INT_CODE); + break; + } + } else { + u32 int_code; + + int_code = ioread32(regs + + MWL8K_HIU_H2A_INTERRUPT_STATUS); + //printk("int code: %08x\n", int_code); + if (int_code == 0) + break; + } + + cond_resched(); + udelay(1); + } while (--loops); + + pci_unmap_single(priv->pdev, dma_addr, length, PCI_DMA_TODEVICE); + + if (!loops) { + dev_dbg(&priv->pdev->dev, + "mwl8k_send_fw_load_cmd %u timeout\n", + length); + } + + return loops ? 0 : -ETIMEDOUT; +} + +/* + * firmware loading for 8366, bootrom interface + */ +static int mwl8k_load_fw_image(struct mwl8k_priv *priv, + const u8 *data, size_t length) +{ + struct mwl8k_cmd_pkt *cmd; + int done; + int rc = 0; + + //printk("mwl8k_load_fw_image len:%u\n", length); + + cmd = kmalloc(sizeof(*cmd) + 256, GFP_KERNEL); + if (cmd == NULL) + return -ENOMEM; + + cmd->code = cpu_to_le16(MWL8K_CMD_CODE_DNLD); + cmd->seq_num = 0; + cmd->macid = 0; + cmd->result = 0; + + done = 0; + while (length) { + int block_size = length > 256 ? 256 : length; + + memcpy(cmd->payload, data + done, block_size); + cmd->length = cpu_to_le16(block_size); + + //printk("load size: %u\n", block_size); + rc = mwl8k_send_fw_load_cmd(priv, cmd, + sizeof(*cmd) + block_size); + if (rc) + break; + + done += block_size; + length -= block_size; + + msleep(1); + } + + if (!rc) { + //printk("final block\n"); + cmd->length = 0; + rc = mwl8k_send_fw_load_cmd(priv, cmd, sizeof(*cmd)); + } + + kfree(cmd); + + return rc; +} + +/* + * firmware loading for 8366 helper & 8764 bootrom + */ +static int mwl8k_feed_fw_image(struct mwl8k_priv *priv, + const u8 *data, size_t length) +{ + unsigned char *buffer; + int may_continue, rc = 0; + u32 done, prev_block_size; + + //printk("mwl8k_feed_fw_image: len:%u\n", length); + + buffer = kmalloc(1024, GFP_KERNEL); + if (buffer == NULL) { + return -ENOMEM; + } + + done = 0; + prev_block_size = 0; + may_continue = 1000; + while (may_continue > 0) { + u32 block_size; + + block_size = ioread32(priv->regs + MWL8K_HIU_SCRATCH); + if (block_size & 1) { + //printk("BLOCK SIZE : %x\n", block_size); + rc = -EREMOTEIO; + break; + } else { + done += prev_block_size; + length -= prev_block_size; + //printk("total done: %u\n", done); + } + + if (block_size > 1024 || block_size > length) { + rc = -EOVERFLOW; + //printk("OVERFLOW\n"); + break; + } + + if (length == 0) { + //printk("length finished\n"); + rc = 0; + break; + } + + if (block_size == 0) { + //printk("block_size == 0\n"); + rc = -EPROTO; + may_continue--; + udelay(1); + continue; + } + + //printk("block_size == %d\n", block_size); + prev_block_size = block_size; + memcpy(buffer, data + done, block_size); + + rc = mwl8k_send_fw_load_cmd(priv, buffer, block_size); + if (rc) { + printk("send_fw_load_cmd failed\n"); + break; + } + } + + if (!rc && length != 0) { + rc = -EREMOTEIO; + } + + kfree(buffer); + + return rc; +} + +/* + * + */ +int mwl8k_fw_upload(struct mwl8k_priv *priv) +{ + const struct firmware *fw = priv->fw_ucode; + const struct firmware *helper = priv->fw_helper; + int rc; + + if (helper) { + rc = mwl8k_load_fw_image(priv, helper->data, helper->size); + if (rc) { + dev_err(&priv->pdev->dev, + "unable to load firmware helper image\n"); + return rc; + } + + /* give time for helper to load */ + msleep(10); + } + + rc = mwl8k_feed_fw_image(priv, fw->data, fw->size); + if (rc) { + dev_err(&priv->pdev->dev, + "unable to load firmware image\n"); + return rc; + } + + return 0; +} + +/* + * + */ +int mwl8k_fw_request(struct mwl8k_priv *priv) +{ + int ret; + + if (priv->info->helper_image) { + ret = request_firmware(&priv->fw_helper, + priv->info->helper_image, + &priv->pdev->dev); + if (ret) { + dev_err(&priv->pdev->dev, + "error requesting helper fw\n"); + return ret; + } + } + + ret = request_firmware(&priv->fw_ucode, + priv->info->fw_image, + &priv->pdev->dev); + if (ret) { + dev_err(&priv->pdev->dev, + "error requesting fw image\n"); + return ret; + } + + return 0; +} + +/* + * + */ +static void fw_free(const struct firmware **fw) +{ + if (*fw == NULL) + return; + release_firmware(*fw); + *fw = NULL; +} + +/* + * + */ +void mwl8k_fw_release(struct mwl8k_priv *priv) +{ + fw_free(&priv->fw_ucode); + fw_free(&priv->fw_helper); +} diff -Nruw linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./hostif.h linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/hostif.h --- linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./hostif.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/hostif.h 2023-03-10 17:18:26.098086785 +0100 @@ -0,0 +1,83 @@ +#ifndef HOSTIF_H_ +#define HOSTIF_H_ + +#ifndef __KERNEL__ +/* + * map to linux kernel types for easier sharing + */ +#include +#endif + +#ifndef __packed +#define __packed __attribute__((packed)) +#endif + +/* + * generic exchange ring buffer + */ +struct ixzone_ring_buf { + __le32 buf_offset; + __le32 buf_size; + + /* + * 'producer' & 'consumer' are relative (0 < val < buf_size) + * + * (consumer == producer) => buffer is empty + * (producer == consumer - 1) => buffer is full + */ + __le32 producer; + __le32 consumer; +} __packed; + +/* + * CONSOLE service + */ +#define SVC_CONSOLE_UUID 0x00010001 + +struct ixzone_svc_console { + /* + * producer == FW + * consumer == HOST + */ + struct ixzone_ring_buf rb; + __le32 irq_mask; +} __packed; + +/* + * TTY service + */ +#define SVC_TTY_UUID 0x00010002 + +struct ixzone_svc_tty { + /* producer is FW */ + struct ixzone_ring_buf f2h_rb; + __le32 f2h_irq_mask; + + /* producer is host */ + struct ixzone_ring_buf h2f_rb; + __le32 h2f_irq_mask; +} __packed; + +/* + * BOOT_AREA headers + */ +#define BOOTAREA_MAGIC 0x2cc4189b + +struct bootarea_root { + __le32 magic; + __u8 early_svc_count; + __u8 boot_done; + __le16 svc_count; +} __packed; + +#define BOOTAREA_SVC_FLAG_SYNCH (1 << 0) + +struct bootarea_svc { + __le32 svc_uuid; + __le32 svc_flags; + + /* relative to root */ + __le32 off; +} __packed; + +#endif diff -Nruw linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./hostif_dmatest.h linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/hostif_dmatest.h --- linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./hostif_dmatest.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/hostif_dmatest.h 2023-03-10 17:18:24.474042758 +0100 @@ -0,0 +1,32 @@ +#ifndef HOSTIF_DMATEST_H_ +#define HOSTIF_DMATEST_H_ + +#ifndef __KERNEL__ +/* + * map to linux kernel types for easier sharing + */ +#include +#endif + +#ifndef __packed +#define __packed __attribute__((packed)) +#endif + +/* + * DMA test service + */ +#define SVC_DMATEST_UUID 0x3bdb253c + +struct ixzone_svc_dma_test { + + struct { + /* + * single area used by firmware for doing read/write + * test transfers to host RAM + */ + __le32 fw_req_size; + __le32 host_dma_address; + } test; +} __packed; + +#endif /* HOSTIF_DMATEST_H_ */ diff -Nruw linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./hostif_wifi.h linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/hostif_wifi.h --- linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./hostif_wifi.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/hostif_wifi.h 2023-03-10 17:18:27.334120292 +0100 @@ -0,0 +1,613 @@ +#ifndef HOSTIF_WIFI_H_ +#define HOSTIF_WIFI_H_ + +#ifndef __KERNEL__ +/* + * map to linux kernel types for easier sharing + */ +#include +#endif + +#ifndef __packed +#define __packed __attribute__((packed)) +#endif + +/* + * wifi service + */ +#define SVC_WIFI_UUID 0x43b2cab9 + +#define WIFI_API_VERSION 2 +#define WIFI_MAX_TX_QUEUES 16 + +enum wifi_cmd_id { + /* global commands */ + WIFI_CMD_ADD_VIF, + WIFI_CMD_API_VERSION, + WIFI_CMD_DRAIN_QUEUE_SCHED, + WIFI_CMD_FW_VERSION, + WIFI_CMD_GET_MAC_ADDRESS, + WIFI_CMD_RADIO_CONTROL, + WIFI_CMD_GET_CHAN_SURVEY, + WIFI_CMD_RELEASE_VIF, + WIFI_CMD_SET_RX_FILTER, + WIFI_CMD_START, + WIFI_CMD_STOP, + + /* PER VIF commands */ + WIFI_CMD_VIF_ADD_STA, + WIFI_CMD_VIF_DEL_STA, + WIFI_CMD_VIF_ADD_KEY, + WIFI_CMD_VIF_DEL_KEY, + WIFI_CMD_VIF_ENABLE_BEACON, + WIFI_CMD_VIF_GET_DTIM_COUNT, + WIFI_CMD_VIF_SET_BEACON_PARAMS, + WIFI_CMD_VIF_SET_BSS_PARAMS, + WIFI_CMD_VIF_SET_EDCA_PARAMS, + WIFI_CMD_VIF_SET_SHORT_SLOT, + WIFI_CMD_VIF_START, + WIFI_CMD_VIF_STOP, + WIFI_CMD_VIF_UPDATE_BEACON, + + WIFI_CMD_LAST, +}; + +enum wifi_chan_bw { + WIFI_CHAN_BW_10MHZ, + WIFI_CHAN_BW_20MHZ, + WIFI_CHAN_BW_40MHZ_ABOVE, + WIFI_CHAN_BW_40MHZ_BELOW, + WIFI_CHAN_BW_5MHZ, +}; + +enum wifi_vif_type { + WIFI_VIF_TYPE_STA, + WIFI_VIF_TYPE_AP, +}; + +struct wifi_cmd_radio_control_req { + __u8 channel; + __u8 bw; /* enum wifi_chan_bw */ + __u8 antenna_mask; +} __packed; + +struct wifi_cmd_start_req { + struct { + __le32 dma_addr; + __le32 len; + } rx; + + struct { + /* set len to 0 when not used */ + __le32 dma_addr; + __le32 len; + } tx[WIFI_MAX_TX_QUEUES]; + +} __packed; + +enum { + /* disable FCS fail filter */ + WIFI_FILTER_FCS_FAIL = (1 << 0), + + /* disable all filters (include ftype filters) */ + WIFI_FILTER_PROMISC = (1 << 1), + + /* disable multicast filter */ + WIFI_FILTER_ALL_MULTI = (1 << 2), + + /* disable BSSID filter */ + WIFI_FILTER_ALL_BSSID = (1 << 3), + + /* various per-ftype filter */ + WIFI_FILTER_FTYPE_CONTROL = (1 << 4), + WIFI_FILTER_FTYPE_PS_POLL = (1 << 5), + WIFI_FILTER_FTYPE_PROBE_REQ = (1 << 6), +}; + +enum wifi_ac { + WIFI_AC_BK = 0, + WIFI_AC_BE, + WIFI_AC_VI, + WIFI_AC_VO, +}; + +#define WIFI_AC_COUNT 4 + +enum { + WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_CHAN_ATOMIC, + + WIFI_CMD_CHAN_LAST, +}; + +enum wifi_cmd_result { + WIFI_RESULT_OK, + WIFI_RESULT_INVAL, + WIFI_RESULT_UNKNOWN_CMD, + WIFI_RESULT_IO_ERROR, + WIFI_RESULT_NOSPC, + WIFI_RESULT_NOENT, + WIFI_RESULT_BUSY, + WIFI_RESULT_EAGAIN, + WIFI_RESULT_EXISTS, +}; + +#define WIFI_INVALID_VIF_HWID 0xffff +#define WIFI_INVALID_STA_HWID 0xffff +#define WIFI_INVALID_KEY_HWID 0xff +#define WIFI_INVALID_TBTT_IDX 0xff + +struct wifi_cmd_set_rx_filter_req { + __le32 filter; +} __packed; + +struct wifi_cmd_add_vif_req { + __u8 type; /* enum wifi_vif_type */ + __u8 mac_addr[6]; +} __packed; + +struct wifi_cmd_get_chan_survey_resp { + __s8 avg_nf; + __u64 chan_time; + __u64 chan_busy; + __u64 chan_rx; + __u64 chan_tx; +} __packed; + +struct wifi_cmd_add_vif_resp { + __le16 vif_hwid; + __u8 tbtt_idx; + __u8 ac_to_qid[WIFI_AC_COUNT]; + __u8 cab_qid; +} __packed; + +struct wifi_cmd_release_vif_req { + __le16 vif_hwid; +} __packed; + +struct wifi_cmd_vif_start_req { + __le16 vif_hwid; +} __packed; + +struct wifi_cmd_vif_stop_req { + __le16 vif_hwid; +} __packed; + +struct wifi_cmd_vif_set_bss_params_req { + __le16 vif_hwid; + __u8 bssid[6]; +} __packed; + +struct wifi_cmd_vif_add_sta_req { + __le16 vif_hwid; + __u8 mac[6]; +} __packed; + +struct wifi_cmd_vif_add_sta_resp { + __le16 sta_hwid; +} __packed; + +struct wifi_cmd_vif_del_sta_req { + __le16 vif_hwid; + __le16 sta_hwid; +} __packed; + +struct wifi_cmd_vif_add_key_req { + __le16 vif_hwid; + __le16 sta_hwid; + __u8 key[16]; + __u8 key_idx; +} __packed; + +struct wifi_cmd_vif_add_key_resp { + __u8 key_hwid; +} __packed; + +struct wifi_cmd_vif_del_key_req { + __le16 vif_hwid; + __le16 sta_hwid; + __u8 key_hwid; +} __packed; + +struct wifi_cmd_vif_set_edca_params_req { + __le16 vif_hwid; + __u8 txq_idx; + __le16 aifsn; + __le16 cw_min; + __le16 cw_max; + __le16 txop; +} __packed; + +struct wifi_cmd_vif_set_beacon_params_req { + __le16 vif_hwid; + + /* + * those parameters cannot be changed while beaconing is + * enabled + */ + __u8 rate_idx; + __le16 beacon_interval; + __u8 dtim_period; + +} __packed; + +struct wifi_cmd_vif_enable_beacon_req { + __le16 vif_hwid; + __u8 enabled; +} __packed; + +struct wifi_cmd_vif_set_short_slot_req { + __le16 vif_hwid; + __u8 is_short; +} __packed; + +struct wifi_cmd_drain_queue_sched_req { + __u8 qid; +} __packed; + +struct wifi_cmd_vif_get_dtim_count_req { + __le16 vif_hwid; +} __packed; + +struct wifi_cmd_vif_update_beacon_req { + __le16 vif_hwid; + __le32 bcn_host_addr; + __le16 bcn_size; +} __packed; + + +struct wifi_cmd_api_version_resp { + __le32 version; +} __packed; + +struct wifi_cmd_fw_version_resp { + __le16 major; + __le16 minor; +} __packed; + +struct wifi_cmd_get_mac_address_resp { + __u8 mac_addr[6]; + __le16 mac_addr_count; +} __packed; + +struct wifi_cmd_vif_get_dtim_count_resp { + __u8 dtim_count; +}; + +struct wifi_cmd_hdr { + __le32 id; + __le32 size; +} __packed; + +struct wifi_cmd_req { + union { + /* async command */ + struct wifi_cmd_radio_control_req radio_control; + struct wifi_cmd_start_req start; + struct wifi_cmd_set_rx_filter_req set_rx_filter; + struct wifi_cmd_add_vif_req add_vif; + struct wifi_cmd_release_vif_req release_vif; + + struct wifi_cmd_vif_start_req vif_start; + struct wifi_cmd_vif_stop_req vif_stop; + struct wifi_cmd_vif_set_bss_params_req vif_set_bss_params; + struct wifi_cmd_vif_set_short_slot_req vif_set_short_slot; + struct wifi_cmd_vif_set_beacon_params_req vif_set_beacon_params; + struct wifi_cmd_vif_enable_beacon_req vif_enable_beacon; + struct wifi_cmd_vif_set_edca_params_req vif_set_edca_params; + struct wifi_cmd_vif_add_sta_req vif_add_sta; + struct wifi_cmd_vif_del_sta_req vif_del_sta; + struct wifi_cmd_vif_add_key_req vif_add_key; + struct wifi_cmd_vif_del_key_req vif_del_key; + + /* atomic commands */ + struct wifi_cmd_drain_queue_sched_req drain_queue_sched; + struct wifi_cmd_vif_get_dtim_count_req vif_get_dtim_count; + struct wifi_cmd_vif_update_beacon_req vif_update_beacon; + }; +} __packed; + +struct wifi_cmd_resp { + __le32 result; + union { + /* async commands */ + struct wifi_cmd_api_version_resp api_version; + struct wifi_cmd_fw_version_resp fw_version; + struct wifi_cmd_get_mac_address_resp get_mac_address; + struct wifi_cmd_get_chan_survey_resp get_chan_survey; + struct wifi_cmd_add_vif_resp add_vif; + struct wifi_cmd_vif_add_sta_resp vif_add_sta; + struct wifi_cmd_vif_add_key_resp vif_add_key; + + /* atomic command */ + struct wifi_cmd_vif_get_dtim_count_resp vif_get_dtim_count; + }; +} __packed; + +#define WIFI_HDR_SIZE (sizeof (struct wifi_cmd_hdr)) +#define WIFI_MAX_REQ_SIZE (sizeof (struct wifi_cmd_req)) +#define WIFI_MAX_REPLY_SIZE (sizeof (struct wifi_cmd_resp)) +#define WIFI_MAX_CMD_SIZE \ + (WIFI_HDR_SIZE + \ + ((WIFI_MAX_REQ_SIZE > WIFI_MAX_REPLY_SIZE) ? \ + WIFI_MAX_REQ_SIZE : WIFI_MAX_REPLY_SIZE)) + + +/* + * rx descriptors + */ +enum { + /* set if FCS is valid */ + RXD_F_FCS_VALID = (1 << 0), + + /* set if frame was received with cck modulation */ + RXD_F_CCK = (1 << 1), + + /* set if frame was received with short preamble */ + RXD_F_SHORT_PREAMBLE = (1 << 2), + + /* set if frame was received using short GI */ + RXD_F_SHORT_GI = (1 << 3), + + /* set if frame was received using HT */ + RXD_F_HT = (1 << 4), + + /* set if frame was received inside AMPDU */ + RXD_F_AMPDU = (1 << 5), + + /* set if frame was received using 40Mhz mod */ + RXD_F_40MHZ = (1 << 6), + + /* set if frame was decrypted by hardware */ + RXD_F_DECRYPTED = (1 << 7), + + /* set if firmware owns the buffer */ + RXD_F_FW_OWNED = (1 << 15), +}; + +struct wifi_rxd { + /* keep status at the beginning */ + __le16 status; + __u8 pad[2]; + + __le32 buf_addr; + + /* rssi per chain */ + __s8 rssi_per_chain[4]; + + /* received rate, either MCS or hw index depending on HT flag + * (status) */ + __u8 rate; + + /* global rssi */ + __s8 rssi; + + /* noise floor */ + __s8 noise_floor; + + /* received channel */ + __s8 channel; + + /* TSF value at rx */ + __le32 tsf; + + /* buf size must be > 128, updated by hardware */ + __le16 buf_size; + + __u8 pad2[10]; +}; + +#ifndef __KERNEL__ +STATIC_ASSERT(sz_rxd, sizeof (struct wifi_rxd) == 32); +#endif + +/* + * tx descriptors + */ +enum { + TXD_RF_SHORT_PRE = (1 << 0), + TXD_RF_RTS_CTS = (1 << 1), + TXD_RF_CTS_PROTECT = (1 << 2), + TXD_RF_HT = (1 << 3), + TXD_RF_SHORT_GI = (1 << 4), + TXD_RF_40MHZ = (1 << 5), + TXD_RF_VALID = (1 << 7), +}; + +/* + * rate information, hardware has 4 fallback rates + * + * only first rate is used on A-MPDU + */ +struct wifi_txd_rinfo { + __u8 flags; + __u8 rate; + __u8 count:4; + __u8 antenna_mask:4; +}; + +/* + * status field + */ +enum { + /* + * host to fw + */ + + /* no-ack policy */ + TXD_F_TX_NO_ACK = (1 << 0), + + /* clear STA PS filter for this frame */ + TXD_F_TX_CLEAR_PS = (1 << 1), + + /* bypass STA PS filter for this frame */ + TXD_F_TX_BYPASS_PS = (1 << 2), + + /* only 1 supported at MCS <= 7 (Nsts=2 && Nss=1) */ + TXD_F_TX_STBC = (1 << 3), + + /* this is the first MPDU of an A-MPDU aggregate, all further + * MPDUs to include in this aggregate must have AMPDU_MORE or + * AMPDU_LAST flag, status reporting (BlockACK) will be done + * only in last MPDU */ + TXD_F_TX_AMPDU_START = (1 << 4), + + /* set on all MPDUs to include in current AMPDU besides + * first & last */ + TXD_F_TX_AMPDU_MORE = (1 << 5), + + /* set on last MPDUs to include in current AMPDU */ + TXD_F_TX_AMPDU_LAST = (1 << 6), + + /* has to set on BAR to ensure fw will report BlockAck status, + * tid field and sta are also mandatory */ + TXD_F_TX_BAR = (1 << 7), + + + /* + * fw to host + */ + + /* set by firmware if frame was sent successfully (unless + * NO_ACK, this means that ACK or BlockACK was received) */ + TXD_F_TX_SUCCESS = (1 << 8), + + /* set by firmware if frame was filtered because of STA ps + * status, tx_success will not be set */ + TXD_F_TX_PS_FILTERED = (1 << 9), + + /* set by firmware if frame was too big, tx success will not + * be set */ + TXD_F_TX_TOO_BIG = (1 << 10), + + /* set if firmware owns the buffer */ + TXD_F_FW_OWNED = (1 << 15), +}; + +#define WIFI_TXD_MAX_RATES 4 + +struct wifi_txd { + /* keep status at beginning */ + __le16 status; + __u8 pad[2]; + + __le32 buf_addr; + + union { + /* filled by SW before transmit */ + struct wifi_txd_rinfo rinfo[WIFI_TXD_MAX_RATES]; + + /* filled by FW when tx is done, on last AMPDU + * frame or BAR frames */ + struct { + __u8 bitmap[8]; + /* start sn only has the seqno part (12 bits) */ + __le16 start_seq; + } ba; + }; + + /* filled by FW, number of total tries the hardware did */ + __u8 tries_done:4; + + /* can be 2, 3 or 4, implies corresponding header len without + * QOS control field (16, 24, 30) */ + __u8 addr_count:4; + + /* offset in buf_addr where data starts (after header and qos + * control if present) */ + __u8 data_offset:7; + __u8 has_qos_control:1; + + /* qos control field value if frame has one */ + __le16 qos_control; + + /* MSDU size (data size excluding header len) */ + __le16 data_size; + + /* index from 0 to 7 (from HT spec), only valid for first + * packet of AMPDU */ + __le16 ampdu_density:4; + + /* host side current BA window start, needs to be filled when + * sending an AMPDU, for the first packet */ + __le16 ampdu_baw_ssn:12; + + /* + * VIF and STA (can be WIFI_INVALID_STA/VIF_HWID for none) + * + * needed by firmware to apply correct powersave policy for + * the station, no PS update will be done if not set + * + * set neither of them for raw frame injection + * set only vif_hwid for broadcast/multicast frames + */ + __le16 vif_hwid; + __le16 sta_hwid; + + /* + * CCMP PN, only used if key hwid if valid + */ + __u8 ccmp_pn[8]; + + /* + * Key hwid (or WIFI_INVALID_KEY_HWID) + * + * if sta_hwid is set, this is a sta key index, otherwise it's + * a vif key index (so vif_hwid has to bet set) + */ + __u8 key_hwid; + + /* + * TID must be set on last packet of AMDPU and on BAR frames + * (in addition to the TXD_F_BAR) + */ + __u8 tid; + + __u8 pad2[22]; +}; + +#ifndef __KERNEL__ +STATIC_ASSERT(sz_txd, sizeof (struct wifi_txd) == 64); +#endif + +struct ixzone_svc_wifi_cmd_chan { + __le32 buf_offset; + __le32 buf_size; + __le32 host_ctr; + __le32 fw_ctr; + __le32 h2f_irq_mask; + __le32 f2h_irq_mask; +} __packed; + +struct ixzone_svc_wifi { + struct ixzone_svc_wifi_cmd_chan cmd_chans[WIFI_CMD_CHAN_LAST]; + + struct { + __le32 chain_count; + } radio; + + struct { + __le32 f2h_irq_mask; + } rx; + + struct { + __le32 f2h_irq_mask; + __le32 h2f_irq_mask; + __le16 txq_count; + __le16 max_ampdu_chain; + } tx; + + struct { + __u8 max_sta_vif; + __u8 max_ap_vif; + __le16 bcn_interval_gcd; + __le32 tbtt_f2h_irq_mask; + } vif; + +} __packed; + +#ifndef __KERNEL__ +STATIC_ASSERT(sz_wifi, (sizeof (struct ixzone_svc_wifi) % 4) == 0); +#endif + +#endif /* HOSTIF_WIFI_H_ */ diff -Nruw linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./main.c linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/main.c --- linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./main.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/main.c 2024-04-22 14:46:55.456201118 +0200 @@ -0,0 +1,647 @@ +#include +#include + +#include "mwl8k_priv.h" + +static const struct dbg_svc_ops *dbg_services_ops[8]; +static size_t dbg_services_ops_count; + +/* + * + */ +static u32 dbg_services_process(struct mwl8k_priv *priv, + bool sync, + u32 mask) +{ + struct dbg_svc_priv *dsp; + struct list_head *head; + u32 remain = 0; + + head = sync ? &priv->dbg_sync_services : &priv->dbg_services; + list_for_each_entry(dsp, head, next) { + u32 svc_mask; + + if (unlikely(!dsp->ops->svc_process)) + continue; + + svc_mask = dsp->poll_mask & mask; + if (svc_mask) + remain |= dsp->ops->svc_process(dsp->svc_priv, + svc_mask); + } + return remain; +} + +/* + * + */ +static u32 dbg_services_process_synch(struct mwl8k_priv *priv, u32 mask) +{ + return dbg_services_process(priv, true, mask); +} + +/* + * + */ +static u32 dbg_services_process_normal(struct mwl8k_priv *priv, + u32 mask) +{ + return dbg_services_process(priv, false, mask); +} + +/* + * + */ +static void dbg_services_exit(struct list_head *head) +{ + struct dbg_svc_priv *dsp, *tmp; + + list_for_each_entry_safe(dsp, tmp, head, next) { + if (!dsp->ops->svc_exit) + continue; + dsp->ops->svc_exit(dsp->svc_priv); + } +} + +/* + * + */ +static void dbg_services_exit_all(struct mwl8k_priv *priv) +{ + dbg_services_exit(&priv->dbg_services); + dbg_services_exit(&priv->dbg_sync_services); +} + +/* + * + */ +static void dbg_services_free(struct list_head *head) +{ + struct dbg_svc_priv *dsp, *tmp; + + list_for_each_entry_safe(dsp, tmp, head, next) { + dsp->ops->svc_free(dsp->svc_priv); + kfree(dsp); + } +} + +/* + * + */ +static void dbg_services_free_all(struct mwl8k_priv *priv) +{ + dbg_services_free(&priv->dbg_services); + dbg_services_free(&priv->dbg_sync_services); +} + +/* + * + */ +static int dbg_services_add(struct mwl8k_priv *priv, + u32 uuid, + u16 flags, + u32 poll_mask, + const struct dbg_svc_ops *ops, + void *svc_priv) +{ + struct dbg_svc_priv *dsp; + struct list_head *head; + + dsp = kzalloc(sizeof (*dsp), GFP_KERNEL); + if (!dsp) + return -ENOMEM; + + if (flags & BOOTAREA_SVC_FLAG_SYNCH) { + head = &priv->dbg_sync_services; + priv->dbg_sync_services_poll_mask |= poll_mask; + } else { + head = &priv->dbg_services; + priv->dbg_services_poll_mask |= poll_mask; + } + + dsp->ops = ops; + dsp->poll_mask = poll_mask; + dsp->svc_uuid = uuid; + dsp->svc_priv = svc_priv; + list_add_tail(&dsp->next, head); + return 0; +} + +/* + * Host work handling + */ +static void mwl8k_poll(unsigned long data) +{ + struct mwl8k_priv *priv = (struct mwl8k_priv *)data; + unsigned long flags; + u32 status, normal_status, sync_status, remain = 0; + + /* don't rearm tasklet if we are stopping */ + if (priv->poll_stop) + return; + + /* + * "dequeue" work to todo + */ + spin_lock_irqsave(&priv->poll_lock, flags); + normal_status = priv->poll_todo; + priv->poll_todo = 0; + spin_unlock_irqrestore(&priv->poll_lock, flags); + + if (normal_status) + remain = dbg_services_process_normal(priv, normal_status); + + /* + * check for additionnal work + */ + spin_lock_irqsave(&priv->poll_lock, flags); + status = ioread32(priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS); + + /* because of read side effect, if we dequeue some sync + * services interrupt, we have to process them and make sure + * they are unmasked */ + sync_status = status & priv->dbg_sync_services_poll_mask; + if (unlikely(sync_status)) { + spin_lock(&priv->dbg_sync_services_lock); + dbg_services_process_synch(priv, sync_status); + spin_unlock(&priv->dbg_sync_services_lock); + iowrite32(~sync_status, priv->regs + + MWL8K_HIU_A2H_INTERRUPT_STATUS); + } + + normal_status = status & priv->dbg_services_poll_mask; + priv->poll_todo |= normal_status | remain; + + if (priv->poll_todo) { + /* printk(KERN_DEBUG "poll: todo: %08x\n", priv->poll_todo); */ + tasklet_schedule(&priv->poll_task); + } else { + /* ack all possible interrupts, will reset the hidden + * internal IRQ mask */ + /* printk(KERN_DEBUG "poll: no-todo\n"); */ + iowrite32(~priv->poll_mask, priv->regs + + MWL8K_HIU_A2H_INTERRUPT_STATUS); + /* printk(KERN_DEBUG "poll: out\n"); */ + + /* unmask all IRQ */ + iowrite32(priv->poll_mask, + priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK); + } + spin_unlock_irqrestore(&priv->poll_lock, flags); +} + +/* + * Interrupt handling. + */ +static irqreturn_t mwl8k_interrupt(int irq, void *dev_id) +{ + struct mwl8k_priv *priv = dev_id; + u32 status, normal_status, sync_status; + + status = ioread32(priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS); + if (!status) + return IRQ_NONE; + + status &= priv->poll_mask; + if (!status) + return IRQ_HANDLED; + + sync_status = status & priv->dbg_sync_services_poll_mask; + if (unlikely(sync_status)) { + spin_lock(&priv->dbg_sync_services_lock); + dbg_services_process_synch(priv, sync_status); + spin_unlock(&priv->dbg_sync_services_lock); + + /* ack interrupt for sync services otherwise they are + * internaly masked */ + iowrite32(~sync_status, priv->regs + + MWL8K_HIU_A2H_INTERRUPT_STATUS); + } + + normal_status = status & priv->dbg_services_poll_mask; + if (likely(normal_status)) { + spin_lock(&priv->poll_lock); + priv->poll_todo |= normal_status; + spin_unlock(&priv->poll_lock); + tasklet_schedule(&priv->poll_task); + + /* mask any further host interrupts for non sync + * services */ + iowrite32(priv->dbg_sync_services_poll_mask, + priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK); + + /* this write seems posted and we can re-enter IRQ + * even after clearing mask, so make sure it's + * actually disabled */ + (void)ioread32(priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK); + } + + return IRQ_HANDLED; +} + +/* + * + */ +static int init_svc(struct mwl8k_priv *priv, + struct __iomem bootarea_svc *svc) +{ + const struct dbg_svc_ops *ops; + u32 uuid = le32_to_cpu(svc->svc_uuid); + u32 flags = le32_to_cpu(svc->svc_flags); + u32 off = le32_to_cpu(svc->off); + u32 poll_mask; + void __iomem *vdesc; + void *data; + int ret; + size_t i; + + ops = NULL; + for (i = 0; i < dbg_services_ops_count; i++) { + const struct dbg_svc_ops *tops = dbg_services_ops[i]; + + if (tops->uuid == uuid) { + ops = tops; + break; + } + } + + if (!ops) { + dev_dbg(&priv->pdev->dev, + "unsupported service uuid %x\n", uuid); + return 0; + } + + if (check_bound(SRAM_SIZE, off, ops->desc_size)) { + dev_err(&priv->pdev->dev, + "dbg node %s has bad offsets: %x\n", + ops->name, off); + return 0; + } + + vdesc = priv->sram + off; + data = ops->svc_alloc(priv, vdesc, &poll_mask); + if (!data) + return -ENOMEM; + + ret = dbg_services_add(priv, uuid, flags, poll_mask, ops, data); + if (ret) { + ops->svc_free(data); + return ret; + } + + priv->poll_mask |= poll_mask; + dev_info(&priv->pdev->dev, "%s service detected\n", ops->name); + + return 0; +} + +/* + * + */ +static int mwl8k_init(struct mwl8k_priv *priv) +{ + struct __iomem bootarea_root *root; + struct __iomem bootarea_svc *svc; + unsigned long timeout; + u32 i, early_svc_count, svc_count; + bool booted; + int ret; + + /* + * wait for magic data to appear in sram + */ + msleep(1); + + booted = false; + root = (struct __iomem bootarea_root *)priv->sram; + for (i = 0; i < 100; i++) { + u32 magic = le32_to_cpu(ioread32(&root->magic)); + + if (magic == BOOTAREA_MAGIC) { + booted = true; + break; + } + + msleep(1); + } + + if (!booted) { + dev_err(&priv->pdev->dev, + "firmware did not boot\n"); + return -EIO; + } + + /* + * parse bootarea, register early debug services + */ + early_svc_count = root->early_svc_count; + for (i = 0; i < early_svc_count; i++) { + svc = (struct __iomem bootarea_svc *)(root + 1) + i; + + ret = init_svc(priv, svc); + if (ret) + return ret; + } + + /* wait for boot to finish */ + timeout = jiffies + HZ * 5; + booted = false; + + while (jiffies < timeout) { + if (ioread8(&root->boot_done)) { + booted = true; + break; + } + + /* process synchronous services in case firmware spins + * on it */ + dbg_services_process_synch(priv, ~0); + cpu_relax(); + + if (need_resched()) + yield(); + } + + if (!booted) { + dev_err(&priv->pdev->dev, + "firmware did not complete boot\n"); + return -EIO; + } + + svc_count = le32_to_cpu(root->svc_count); + for (i = early_svc_count; i < early_svc_count + svc_count; i++) { + svc = (struct __iomem bootarea_svc *)(root + 1) + i; + + ret = init_svc(priv, svc); + if (ret) + return ret; + } + + return 0; +} + +/* + * + */ +static int mwl8k_init_post(struct mwl8k_priv *priv) +{ + struct dbg_svc_priv *dsp; + int ret = 0; + + list_for_each_entry(dsp, &priv->dbg_sync_services, next) { + if (!dsp->ops->svc_init) + continue; + + ret = dsp->ops->svc_init(dsp->svc_priv); + if (ret) + break; + } + + list_for_each_entry(dsp, &priv->dbg_services, next) { + if (!dsp->ops->svc_init) + continue; + + ret = dsp->ops->svc_init(dsp->svc_priv); + if (ret) + break; + } + + return ret; +} + +/* + * + */ +static void mwl8k_release(struct mwl8k_priv *priv) +{ + dbg_services_free_all(priv); + mwl8k_fw_release(priv); +} + +enum { + MWL8366 = 0, + MWL8764, +}; + +static const struct mwl8k_device_info mwl8k_info_tbl[] = { + [MWL8366] = { + .part_name = "88w8366", + .helper_image = "mwl8k_new/helper_8366.fw", + .fw_image = "mwl8k_new/8366.fw", + .dma_mask = DMA_BIT_MASK(31), + }, + [MWL8764] = { + .part_name = "88w8764", + .fw_image = "mwl8k_new/8764.fw", + .dma_mask = DMA_BIT_MASK(32), + }, +}; + +/* + * PCI probe function + */ +static int mwl8k_probe(struct pci_dev *pdev, + const struct pci_device_id *id) +{ + struct mwl8k_priv *priv; + int rc; + + priv = devm_kzalloc(&pdev->dev, sizeof(*priv), GFP_KERNEL); + if (!priv) + return -ENOMEM; + + INIT_LIST_HEAD(&priv->dbg_services); + INIT_LIST_HEAD(&priv->dbg_sync_services); + spin_lock_init(&priv->dbg_sync_services_lock); + tasklet_init(&priv->poll_task, mwl8k_poll, (unsigned long)priv); + spin_lock_init(&priv->poll_lock); + + rc = pcim_enable_device(pdev); + if (rc) { + dev_err(&pdev->dev, + "Cannot enable new PCI device\n"); + return rc; + } + + rc = pcim_iomap_regions(pdev, 0x5, MWL8K_NAME); + if (rc) { + dev_err(&pdev->dev, + "cannot obtain PCI resources\n"); + return rc; + } + + pci_set_master(pdev); + pci_set_drvdata(pdev, priv); + priv->pdev = pdev; + priv->info = &mwl8k_info_tbl[id->driver_data]; + priv->sram = pcim_iomap_table(pdev)[0]; + priv->regs = pcim_iomap_table(pdev)[2]; + + rc = pci_set_consistent_dma_mask(pdev, priv->info->dma_mask); + if (rc) { + dev_err(&pdev->dev, "failed to set consistent dma mask\n"); + return rc; + } + + rc = pci_set_dma_mask(pdev, priv->info->dma_mask); + if (rc) { + dev_err(&pdev->dev, "failed to set dma mask\n"); + return rc; + } + + rc = mwl8k_fw_request(priv); + if (rc) + return rc; + + /* switch interrupt mode to clear on read */ + iowrite32(0xffffffff, priv->regs + MWL8K_HIU_A2H_INTERRUPT_CLEAR_SEL); + /* clear all interrupts & reset internal mask */ + (void)ioread32(priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS); + iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS); + + /* don't use interrupt event mask, make it passthrough */ + iowrite32(0xffffffff, + priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS_MASK); + + /* mask all IRQ for now */ + iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK); + + /* Load firmware into hardware */ + rc = mwl8k_fw_upload(priv); + if (rc) + goto err_release; + + rc = mwl8k_init(priv); + if (rc) { + dev_err(&pdev->dev, + "failed to init chip\n"); + goto err_release; + } + + rc = request_irq(priv->pdev->irq, mwl8k_interrupt, + IRQF_SHARED, MWL8K_NAME, priv); + if (rc) { + dev_err(&pdev->dev, + "failed to register IRQ handler\n"); + goto err_release; + } + + /* unmask IRQ */ + iowrite32(priv->poll_mask, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK); + + rc = mwl8k_init_post(priv); + if (rc) { + dev_err(&pdev->dev, "post init failed\n"); + goto err_irq; + } + +#ifdef CONFIG_DEBUG_FS + mwl8k_debugfs_dev_init(priv); +#endif + return 0; + +err_irq: + dbg_services_exit_all(priv); + free_irq(pdev->irq, priv); + +err_release: + mwl8k_release(priv); + + return rc; +} + +static void mwl8k_remove(struct pci_dev *pdev) +{ + struct mwl8k_priv *priv = pci_get_drvdata(pdev); + +#ifdef CONFIG_DEBUG_FS + mwl8k_debugfs_dev_remove(priv); +#endif + + dbg_services_exit_all(priv); + + /* disable IRQ & kill tasklet */ + iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK); + priv->poll_stop = 1; + tasklet_kill(&priv->poll_task); + + mwl8k_release(priv); + free_irq(pdev->irq, priv); +} + +MODULE_FIRMWARE("mwl8k/helper_8366.fw"); +MODULE_FIRMWARE("mwl8k/8366.fw"); +MODULE_FIRMWARE("mwl8k/8764.fw"); + +static const struct pci_device_id mwl8k_pci_id_table[] = { + { PCI_VDEVICE(MARVELL, 0x2a40), .driver_data = MWL8366, }, + { PCI_VDEVICE(MARVELL, 0x2a41), .driver_data = MWL8366, }, + { PCI_VDEVICE(MARVELL, 0x2a42), .driver_data = MWL8366, }, + { PCI_VDEVICE(MARVELL, 0x2a43), .driver_data = MWL8366, }, + { PCI_VDEVICE(MARVELL, 0x2b36), .driver_data = MWL8764, }, + { }, +}; + +MODULE_DEVICE_TABLE(pci, mwl8k_pci_id_table); + +static struct pci_driver mwl8k_new_driver = { + .name = MWL8K_NAME, + .id_table = mwl8k_pci_id_table, + .probe = mwl8k_probe, + .remove = mwl8k_remove, +}; + +/* + * + */ +static void __init register_dbg_service_ops(const struct dbg_svc_ops *ops) +{ + if (WARN_ON(dbg_services_ops_count >= ARRAY_SIZE(dbg_services_ops))) + return; + dbg_services_ops[dbg_services_ops_count] = ops; + dbg_services_ops_count++; + if (ops->init) + ops->init(); +} + +/* + * + */ +static int __init mwl8k_new_init(void) +{ +#ifdef CONFIG_DEBUG_FS + mwl8k_debugfs_init(); +#endif + register_dbg_service_ops(&console_dbg_svc_ops); + register_dbg_service_ops(&vtty_dbg_svc_ops); + register_dbg_service_ops(&dma_test_dbg_svc_ops); + register_dbg_service_ops(&wifi_svc_ops); + + return pci_register_driver(&mwl8k_new_driver); +} + +/* + * + */ +static void __exit mwl8k_new_exit(void) +{ + size_t i; + + pci_unregister_driver(&mwl8k_new_driver); +#ifdef CONFIG_DEBUG_FS + mwl8k_debugfs_remove(); +#endif + for (i = 0; i < dbg_services_ops_count; i++) { + const struct dbg_svc_ops *ops = dbg_services_ops[i]; + if (ops->exit) + ops->exit(); + } +} + +module_init(mwl8k_new_init); +module_exit(mwl8k_new_exit); + +MODULE_AUTHOR("Maxime Bizon "); +MODULE_DESCRIPTION("Marvel mwl8k new driver"); +MODULE_VERSION("1.0"); +MODULE_LICENSE("GPL"); diff -Nruw linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./mwl8k_priv.h linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/mwl8k_priv.h --- linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./mwl8k_priv.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/mwl8k_priv.h 2023-03-10 17:18:26.602100448 +0100 @@ -0,0 +1,199 @@ +#ifndef MWL8K_PRIV_H_ +#define MWL8K_PRIV_H_ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "hostif.h" + +#define MWL8K_NAME "mwl8k_new" +#define MWL8K_PFX MWL8K_NAME ": " + +/* + * registers + */ + +/* Host->device communications */ +#define MWL8K_HIU_H2A_INTERRUPT_EVENTS 0x00000c18 +#define MWL8K_HIU_H2A_INTERRUPT_STATUS 0x00000c1c +#define MWL8K_HIU_H2A_INTERRUPT_MASK 0x00000c20 +#define MWL8K_HIU_H2A_INTERRUPT_CLEAR_SEL 0x00000c24 +#define MWL8K_HIU_H2A_INTERRUPT_STATUS_MASK 0x00000c28 + +/* Device->host communications */ +#define MWL8K_HIU_A2H_INTERRUPT_EVENTS 0x00000c2c +#define MWL8K_HIU_A2H_INTERRUPT_STATUS 0x00000c30 +#define MWL8K_HIU_A2H_INTERRUPT_MASK 0x00000c34 +#define MWL8K_HIU_A2H_INTERRUPT_CLEAR_SEL 0x00000c38 +#define MWL8K_HIU_A2H_INTERRUPT_STATUS_MASK 0x00000c3c + +#define SRAM_SIZE (64 * 1024) + +/* + * + */ +struct mwl8k_ring_buf { + u8 __iomem *start; + u32 size; + u32 __iomem *fw_ptr; + u32 __iomem *host_ptr; + u32 host_off; +}; + +/* + * + */ +struct mwl8k_priv; + +struct dbg_svc_ops { + const char *name; + u32 uuid; + size_t desc_size; + void *(*svc_alloc)(struct mwl8k_priv *priv, + void __iomem *vdesc, + u32 *poll_mask); + int (*svc_init)(void *data); + u32 (*svc_process)(void *data, u32 irq_status); + void (*svc_exit)(void *data); + void (*svc_free)(void *data); + + void (*init)(void); + void (*exit)(void); +}; + +/* + * + */ +struct dbg_svc_priv { + u32 svc_uuid; + void *svc_priv; + u32 poll_mask; + const struct dbg_svc_ops *ops; + struct list_head next; +}; + +/* + * + */ +struct mwl8k_device_info { + const char *part_name; + const char *helper_image; + const char *fw_image; + u64 dma_mask; +}; + +/* + * main per-device private data + */ +struct mwl8k_priv { + struct ieee80211_hw *hw; + struct pci_dev *pdev; + + void __iomem *sram; + void __iomem *regs; + + const struct mwl8k_device_info *info; + const struct firmware *fw_helper; + const struct firmware *fw_ucode; + + spinlock_t poll_lock; + bool poll_stop; + u32 poll_todo; + u32 poll_mask; + struct tasklet_struct poll_task; + + spinlock_t dbg_sync_services_lock; + u32 dbg_sync_services_poll_mask; + u32 dbg_services_poll_mask; + struct list_head dbg_sync_services; + struct list_head dbg_services; + + unsigned int vtty_count; + +#ifdef CONFIG_DEBUG_FS + struct dentry *dbg_regs; + struct dentry *dbg_sram; + struct dentry *dbg_test; + struct debugfs_blob_wrapper blob_regs, blob_sram; +#endif +}; + +/* + * + */ +static inline int check_bound(u32 bsize, u32 off, u32 size) +{ + if (off >= bsize) + return 1; + + if (off + size < off) + return 1; + + if (off + size >= bsize) + return 1; + + return 0; +} + +/* + * + */ +static inline void mwl8k_raise_fw_irq(struct mwl8k_priv *priv, u32 mask) +{ + iowrite32(mask, priv->regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS); +} + +/* + * debugfs.c + */ +void mwl8k_debugfs_dev_init(struct mwl8k_priv *priv); +void mwl8k_debugfs_dev_remove(struct mwl8k_priv *priv); +void mwl8k_debugfs_init(void); +void mwl8k_debugfs_remove(void); + +/* + * fw.c + */ +int mwl8k_fw_upload(struct mwl8k_priv *priv); +int mwl8k_fw_request(struct mwl8k_priv *priv); +void mwl8k_fw_release(struct mwl8k_priv *priv); + +/* + * utils.c + */ +void memcpy_fromio_iovec(u8 *kdata, struct iovec *iov, int len); + +size_t rb_gen_iov(struct mwl8k_ring_buf *rb, + struct iovec iov[2], + u32 fw_off, + u32 max_size); + +int rb_init(const char *name, + unsigned int off, + struct __iomem ixzone_ring_buf *rb_io, + struct mwl8k_ring_buf *rb, + bool host_is_consumer); + +/* + * debug services + */ +extern const struct dbg_svc_ops console_dbg_svc_ops; +extern const struct dbg_svc_ops vtty_dbg_svc_ops; +extern const struct dbg_svc_ops dma_test_dbg_svc_ops; +extern const struct dbg_svc_ops wifi_svc_ops; + +#endif diff -Nruw linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./svc_console.c linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/svc_console.c --- linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./svc_console.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/svc_console.c 2023-03-10 17:18:24.990056747 +0100 @@ -0,0 +1,151 @@ +#include "mwl8k_priv.h" +#include "hostif.h" + +struct mwl8k_console_priv { + char line_buf[256]; + size_t char_count; + struct mwl8k_ring_buf rb; + u32 irq_mask; + bool enabled; + struct mwl8k_priv *priv; +}; + +/* + * + */ +static void console_print_lines(struct mwl8k_console_priv *cp) +{ + size_t i, start; + + for (start = i = 0; i < cp->char_count; i++) { + if (cp->line_buf[i] != '\n') + continue; + + /* end of line */ + if (i - start) { + dev_info(&cp->priv->pdev->dev, + "fw: %.*s\n", + (int)(i - start), + cp->line_buf + start); + } + + start = i + 1; + } + + if (start < cp->char_count) + memmove(cp->line_buf, + cp->line_buf + start, + cp->char_count - start); + + cp->char_count -= start; +} + +/* + * + */ +static void console_read_data(struct mwl8k_console_priv *cp) +{ + struct mwl8k_ring_buf *rb = &cp->rb; + u32 fw_off; + + if (!cp->enabled) + return; + + fw_off = le32_to_cpu(ioread32(rb->fw_ptr)); + if (fw_off >= rb->size) { + dev_err(&cp->priv->pdev->dev, + "console fw off OOB: %08x\n", fw_off); + /* hard firmware crash, panic to get log */ +// panic("mwl8k firmware crashed"); + cp->enabled = false; + return; + } + + do { + struct iovec iov[2]; + size_t local_remain; + size_t len; + + local_remain = sizeof (cp->line_buf) - cp->char_count; + if (!local_remain) { + cp->char_count = 0; + local_remain = sizeof (cp->line_buf); + } + + len = rb_gen_iov(rb, iov, fw_off, local_remain); + if (!len) + break; + + memcpy_fromio_iovec(cp->line_buf + cp->char_count, iov, len); + cp->char_count += len; + + rb->host_off += len; + if (rb->host_off >= rb->size) + rb->host_off -= rb->size; + + console_print_lines(cp); + + } while (rb->host_off != fw_off); + + iowrite32(rb->host_off, rb->host_ptr); +} + +/* + * + */ +static u32 console_process(void *data, u32 irq_status) +{ + struct mwl8k_console_priv *cp = (struct mwl8k_console_priv *)data; + console_read_data(cp); + return 0; +} + +/* + * + */ +static void *console_alloc(struct mwl8k_priv *priv, void __iomem *vdesc, + u32 *poll_mask) +{ + struct __iomem ixzone_svc_console *desc = vdesc; + struct mwl8k_console_priv *cp; + unsigned int off; + + if (!desc->irq_mask) { + dev_err(&priv->pdev->dev, + "console has no irq mask\n"); + return NULL; + } + + cp = kzalloc(sizeof (*cp), GFP_KERNEL); + if (!cp) + return NULL; + + off = (void *)&desc->rb - (void *)priv->sram; + if (rb_init("console", off, &desc->rb, &cp->rb, true)) { + kfree(cp); + return NULL; + } + + *poll_mask = le32_to_cpu(desc->irq_mask); + cp->priv = priv; + cp->enabled = true; + return cp; +} + +/* + * + */ +static void console_free(void *data) +{ + struct mwl8k_console_priv *cp = (struct mwl8k_console_priv *)data; + kfree(cp); +} + +const struct dbg_svc_ops console_dbg_svc_ops = { + .name = "console", + .uuid = SVC_CONSOLE_UUID, + .desc_size = sizeof (struct ixzone_svc_console), + .svc_alloc = console_alloc, + .svc_process = console_process, + .svc_free = console_free, +}; diff -Nruw linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./svc_dma_test.c linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/svc_dma_test.c --- linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./svc_dma_test.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/svc_dma_test.c 2024-04-22 14:46:55.460201228 +0200 @@ -0,0 +1,72 @@ +#include "mwl8k_priv.h" +#include "hostif_dmatest.h" + +struct dma_test_priv { + uint8_t *area; + unsigned int area_size; + dma_addr_t area_dma; + struct mwl8k_priv *priv; +}; + +/* + * + */ +static u32 dma_test_process(void *data, u32 irq_status) +{ + return 0; +} + +/* + * + */ +static void * +dma_test_alloc(struct mwl8k_priv *priv, void __iomem *vdesc, + u32 *poll_mask) +{ + struct __iomem ixzone_svc_dma_test *desc = vdesc; + struct dma_test_priv *ds; + unsigned int i; + + ds = kzalloc(sizeof (*ds), GFP_KERNEL); + if (!ds) + return NULL; + + ds->area_size = le32_to_cpu(ioread32(&desc->test.fw_req_size)); + ds->area = pci_alloc_consistent(priv->pdev, ds->area_size, + &ds->area_dma); + if (!ds->area) { + dev_err(&priv->pdev->dev, + "failed to alloc DMA server %u bytes\n", + ds->area_size); + kfree(ds); + return NULL; + } + + for (i = 0; i < ds->area_size; i++) + ds->area[i] = i; + + ds->priv = priv; + iowrite32(cpu_to_le32(ds->area_dma), &desc->test.host_dma_address); + + return ds; +} + +/* + * + */ +static void dma_test_free(void *data) +{ + struct dma_test_priv *ds = (struct dma_test_priv *)data; + pci_free_consistent(ds->priv->pdev, ds->area_size, + ds->area, ds->area_dma); + kfree(ds); +} + +const struct dbg_svc_ops dma_test_dbg_svc_ops = { + .name = "dma_test", + .uuid = SVC_DMATEST_UUID, + .desc_size = sizeof (struct ixzone_svc_dma_test), + .svc_alloc = dma_test_alloc, + .svc_process = dma_test_process, + .svc_free = dma_test_free, +}; diff -Nruw linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./svc_vtty.c linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/svc_vtty.c --- linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./svc_vtty.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/svc_vtty.c 2024-04-22 14:46:55.460201228 +0200 @@ -0,0 +1,496 @@ +#include +#include +#include +#include + +#include "mwl8k_priv.h" +#include "hostif.h" + +struct mwl8k_vtty_priv { + /* rx from firmware */ + struct mwl8k_ring_buf f2h_rb; + u32 f2h_irq_mask; + + /* tx to firmware */ + struct mwl8k_ring_buf h2f_rb; + u32 h2f_irq_mask; + + /* uart emulation */ + struct uart_port port; + bool uart_started; + struct tasklet_struct tx_task; + + bool enabled; + struct mwl8k_priv *priv; +}; + +/* + * + */ +static struct uart_driver mwl8k_vtty_driver = { + .owner = THIS_MODULE, + .driver_name = "mwl8k_vtty", + .dev_name = "mwl8k_vtty", + /* experimental major number */ + .major = 240, + .minor = 0, + .nr = 4, +}; + +/* + * + */ +static inline struct mwl8k_vtty_priv *to_vtty(struct uart_port *port) +{ + return container_of(port, struct mwl8k_vtty_priv, port); +} + +/* + * serial core request to check if uart tx fifo is empty + */ +static unsigned int vtty_uart_tx_empty(struct uart_port *port) +{ + struct mwl8k_vtty_priv *vp = to_vtty(port); + struct mwl8k_ring_buf *rb = &vp->h2f_rb; + u32 fw_off; + + printk("%s\n", __FUNCTION__); + fw_off = le32_to_cpu(ioread32(rb->fw_ptr)); + if (fw_off == rb->host_off) + return 1; + return 0; +} + +/* + * serial core request to return RI, CTS, DCD and DSR pin state + */ +static unsigned int vtty_uart_get_mctrl(struct uart_port *port) +{ + /* printk("%s\n", __FUNCTION__); */ + return TIOCM_CTS | TIOCM_CD; +} + +/* + * serial core request to set RTS and DTR pin state and loopback mode + */ +static void vtty_uart_set_mctrl(struct uart_port *port, unsigned int mctrl) +{ + /* struct mwl8k_vtty_priv *vp = to_vtty(port); */ + /* printk("%s\n", __FUNCTION__); */ +} + +/* + * serial core request to start tx ASAP (used for flow control) + */ +static void vtty_uart_stop_tx(struct uart_port *port) +{ + /* printk("%s\n", __FUNCTION__); */ +} + +/* + * serial core request to (re)enable tx + */ +static void vtty_uart_start_tx(struct uart_port *port) +{ + struct mwl8k_vtty_priv *vp = to_vtty(port); + /* printk("%s\n", __FUNCTION__); */ + tasklet_schedule(&vp->tx_task); +} + +/* + * serial core request to stop rx, called before port shutdown + */ +static void vtty_uart_stop_rx(struct uart_port *port) +{ + struct mwl8k_vtty_priv *vp = to_vtty(port); + + /* printk("%s\n", __FUNCTION__); */ + /* irq are disabled */ + vp->uart_started = false; +} + +/* + * serial core request to enable modem status interrupt reporting + */ +static void vtty_uart_enable_ms(struct uart_port *port) +{ + /* printk("%s\n", __FUNCTION__); */ +} + +/* + * serial core request to start/stop emitting break char + */ +static void vtty_uart_break_ctl(struct uart_port *port, int ctl) +{ + /* printk("%s\n", __FUNCTION__); */ +} + +/* + * return port type in string format + */ +static const char *vtty_uart_type(struct uart_port *port) +{ + return "mwl8k_vtty"; +} + +/* + * serial core request to initialize uart and start rx operation + */ +static int vtty_uart_startup(struct uart_port *port) +{ + struct mwl8k_vtty_priv *vp = to_vtty(port); + unsigned long flags; + + /* printk("%s\n", __FUNCTION__); */ + spin_lock_irqsave(&port->lock, flags); + vp->uart_started = true; + spin_unlock_irqrestore(&port->lock, flags); + dev_info(&vp->priv->pdev->dev, "vtty line %d enabled\n", port->line); + return 0; +} + +/* + * serial core request to flush & disable uart + */ +static void vtty_uart_shutdown(struct uart_port *port) +{ + struct mwl8k_vtty_priv *vp = to_vtty(port); + /* printk("%s\n", __FUNCTION__); */ + dev_info(&vp->priv->pdev->dev, "vtty line %d disabled\n", port->line); +} + +/* + * serial core request to change current uart setting + */ +static void vtty_uart_set_termios(struct uart_port *port, + struct ktermios *new, + struct ktermios *old) +{ + /* printk("%s\n", __FUNCTION__); */ +} + +/* + * serial core request to claim uart iomem + */ +static int vtty_uart_request_port(struct uart_port *port) +{ + /* printk("%s\n", __FUNCTION__); */ + return 0; +} + +/* + * serial core request to release uart iomem + */ +static void vtty_uart_release_port(struct uart_port *port) +{ + /* printk("%s\n", __FUNCTION__); */ +} + +/* + * serial core request to do any port required autoconfiguration + */ +static void vtty_uart_config_port(struct uart_port *port, int flags) +{ + /* printk("%s\n", __FUNCTION__); */ + port->type = 1; +} + +/* + * serial core request to check that port information in serinfo are + * suitable + */ +static int vtty_uart_verify_port(struct uart_port *port, + struct serial_struct *serinfo) +{ + printk("%s\n", __FUNCTION__); + /* if (port->type != PORT_BCM63XX) */ + /* return -EINVAL; */ + return 0; +} + +/* + * serial core callbacks + */ +static const struct uart_ops vtty_uart_ops = { + .tx_empty = vtty_uart_tx_empty, + .get_mctrl = vtty_uart_get_mctrl, + .set_mctrl = vtty_uart_set_mctrl, + .start_tx = vtty_uart_start_tx, + .stop_tx = vtty_uart_stop_tx, + .stop_rx = vtty_uart_stop_rx, + .enable_ms = vtty_uart_enable_ms, + .break_ctl = vtty_uart_break_ctl, + .type = vtty_uart_type, + .startup = vtty_uart_startup, + .shutdown = vtty_uart_shutdown, + .set_termios = vtty_uart_set_termios, + .release_port = vtty_uart_release_port, + .request_port = vtty_uart_request_port, + .config_port = vtty_uart_config_port, + .verify_port = vtty_uart_verify_port, +}; + +/* + * + */ +static void vtty_read_data(struct mwl8k_vtty_priv *vp) +{ + struct mwl8k_ring_buf *rb = &vp->f2h_rb; + struct uart_port *port = &vp->port; + unsigned long flags; + unsigned int count; + u32 fw_off; + + if (!vp->enabled) + return; + + fw_off = le32_to_cpu(ioread32(rb->fw_ptr)); + if (fw_off >= rb->size) { + dev_err(&vp->priv->pdev->dev, + "vtty f2h fw off OOB: %08x\n", fw_off); + vp->enabled = false; + return; + } + + count = 0; + do { + u8 c; + + if (rb->host_off == fw_off) + break; + + c = ioread8(rb->start + rb->host_off); + + spin_lock_irqsave(&port->lock, flags); + if (vp->uart_started) { + vp->port.icount.rx++; + uart_insert_char(&vp->port, 0, 0, c, TTY_NORMAL); + } + spin_unlock_irqrestore(&port->lock, flags); + + count++; + rb->host_off++; + if (rb->host_off >= rb->size) + rb->host_off -= rb->size; + + } while (rb->host_off != fw_off); + + if (count) { + iowrite32(rb->host_off, rb->host_ptr); + mwl8k_raise_fw_irq(vp->priv, vp->h2f_irq_mask); + } + + spin_lock_irqsave(&port->lock, flags); + if (vp->uart_started) + tty_flip_buffer_push(&vp->port.state->port); + spin_unlock_irqrestore(&port->lock, flags); +} + +/* + * + */ +static void vtty_write_task(unsigned long data) +{ + struct mwl8k_vtty_priv *vp = (struct mwl8k_vtty_priv *)data; + struct mwl8k_ring_buf *rb = &vp->h2f_rb; + struct uart_port *port = &vp->port; + struct circ_buf *xmit; + unsigned long flags; + u32 fw_off, xmit_done; + + if (!vp->enabled) + return; + + spin_lock_irqsave(&port->lock, flags); + + if (!vp->uart_started || uart_tx_stopped(port)) + goto out_unlock; + + fw_off = le32_to_cpu(ioread32(rb->fw_ptr)); + if (fw_off >= rb->size) { + dev_err(&vp->priv->pdev->dev, + "vtty h2f fw off OOB: %08x\n", fw_off); + vp->enabled = false; + goto out_unlock; + } + + xmit = &port->state->xmit; + xmit_done = 0; + while (1) { + u32 next; + u8 c; + + /* do we have data to send ? */ + if (uart_circ_empty(xmit)) + break; + + next = rb->host_off + 1; + if (next >= rb->size) + next -= rb->size; + + /* is tx fifo full ? */ + if (next == fw_off) { + dev_warn(&vp->priv->pdev->dev, "vtty tx fifo full\n"); + break; + } + + /* queue this char */ + c = xmit->buf[xmit->tail]; + iowrite8(c, rb->start + rb->host_off); + rb->host_off = next; + xmit->tail = (xmit->tail + 1) & (UART_XMIT_SIZE - 1); + port->icount.tx++; + xmit_done++; + } + + if (xmit_done) { + iowrite32(rb->host_off, rb->host_ptr); + mwl8k_raise_fw_irq(vp->priv, vp->h2f_irq_mask); + } + + if (uart_circ_chars_pending(xmit) < WAKEUP_CHARS) + uart_write_wakeup(port); + +out_unlock: + spin_unlock_irqrestore(&port->lock, flags); +} + + +/* + * + */ +static u32 vtty_process(void *data, u32 irq_status) +{ + struct mwl8k_vtty_priv *vp = (struct mwl8k_vtty_priv *)data; + vtty_read_data(vp); + tasklet_schedule(&vp->tx_task); + return 0; +} + +/* + * + */ +static bool uart_driver_registered; + +static int vtty_register_uart_driver(struct mwl8k_priv *priv) +{ + int ret; + + if (uart_driver_registered) + return 0; + + ret = uart_register_driver(&mwl8k_vtty_driver); + if (ret) { + dev_err(&priv->pdev->dev, + "failed to register uart driver: %d\n", ret); + return ret; + } + + uart_driver_registered = true; + return 0; +} + +/* + * + */ +static void vtty_unregister_uart_driver(void) +{ + if (uart_driver_registered) { + uart_unregister_driver(&mwl8k_vtty_driver); + uart_driver_registered = false; + } +} + +/* + * + */ +static void *vtty_alloc(struct mwl8k_priv *priv, void __iomem *vdesc, + u32 *poll_mask) +{ + struct __iomem ixzone_svc_tty *desc = vdesc; + struct mwl8k_vtty_priv *vp; + struct uart_port *port; + unsigned int off; + int ret; + + if (vtty_register_uart_driver(priv)) + return NULL; + + if (!desc->f2h_irq_mask || !desc->h2f_irq_mask) { + dev_err(&priv->pdev->dev, + "vtty has no irq mask\n"); + return NULL; + } + + vp = kzalloc(sizeof (*vp), GFP_KERNEL); + if (!vp) + return NULL; + + off = (void *)&desc->f2h_rb - (void *)priv->sram; + if (rb_init("vtty_f2h", off, &desc->f2h_rb, &vp->f2h_rb, true)) { + kfree(vp); + return NULL; + } + + off = (void *)&desc->h2f_rb - (void *)priv->sram; + if (rb_init("vtty_h2f", off, &desc->h2f_rb, &vp->h2f_rb, false)) { + kfree(vp); + return NULL; + } + + tasklet_init(&vp->tx_task, vtty_write_task, (unsigned long)vp); + port = &vp->port; + port->ops = &vtty_uart_ops; + port->dev = &priv->pdev->dev; + port->line = priv->vtty_count; + port->membase = (void *)vp->f2h_rb.host_ptr; + port->iotype = SERIAL_IO_MEM; + port->flags = UPF_BOOT_AUTOCONF; + port->type = 1; + + ret = uart_add_one_port(&mwl8k_vtty_driver, port); + if (ret) { + dev_err(&priv->pdev->dev, + "failed to add uart port: %d\n", ret); + kfree(vp); + return NULL; + } + + vp->f2h_irq_mask = le32_to_cpu(desc->f2h_irq_mask); + *poll_mask = vp->f2h_irq_mask; + vp->h2f_irq_mask = le32_to_cpu(desc->h2f_irq_mask); + vp->priv = priv; + vp->enabled = true; + priv->vtty_count++; + return vp; +} + +/* + * + */ +static void vtty_free(void *data) +{ + struct mwl8k_vtty_priv *vp = (struct mwl8k_vtty_priv *)data; + uart_remove_one_port(&mwl8k_vtty_driver, &vp->port); + vp->enabled = false; + tasklet_kill(&vp->tx_task); + kfree(vp); +} + +/* + * + */ +static void __exit vtty_exit(void) +{ + vtty_unregister_uart_driver(); +} + +const struct dbg_svc_ops vtty_dbg_svc_ops = { + .name = "vtty", + .uuid = SVC_TTY_UUID, + .desc_size = sizeof (struct ixzone_svc_tty), + .svc_alloc = vtty_alloc, + .svc_process = vtty_process, + .svc_free = vtty_free, + .exit = vtty_exit, +}; diff -Nruw linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./utils.c linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/utils.c --- linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./utils.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/utils.c 2023-03-10 17:18:24.474042758 +0100 @@ -0,0 +1,113 @@ +#include "mwl8k_priv.h" + +/* + * + */ +void memcpy_fromio_iovec(u8 *kdata, struct iovec *iov, int len) +{ + while (len > 0) { + if (iov->iov_len) { + int copy = min_t(unsigned int, len, iov->iov_len); + memcpy_fromio(kdata, iov->iov_base, copy); + len -= copy; + kdata += copy; + iov->iov_base += copy; + iov->iov_len -= copy; + } + iov++; + } +} + +/* + * Reduce an iovec's length in-place. Return the resulting number of segments + */ +static unsigned long iov_shorten(struct iovec *iov, + unsigned long nr_segs, size_t to) +{ + unsigned long seg = 0; + size_t len = 0; + + while (seg < nr_segs) { + seg++; + if (len + iov->iov_len >= to) { + iov->iov_len = to - len; + break; + } + len += iov->iov_len; + iov++; + } + return seg; +} + +/* + * + */ +size_t rb_gen_iov(struct mwl8k_ring_buf *rb, + struct iovec iov[2], + u32 fw_off, + u32 max_size) +{ + size_t iov_count; + + if (fw_off >= rb->host_off) { + iov[0].iov_base = rb->start + rb->host_off; + iov[0].iov_len = fw_off - rb->host_off; + iov[1].iov_base = NULL; + iov[1].iov_len = 0; + } else { + iov[0].iov_base = rb->start + rb->host_off; + iov[0].iov_len = rb->size - rb->host_off; + iov[1].iov_base = rb->start; + iov[1].iov_len = fw_off; + } + + if (max_size) + iov_count = iov_shorten(iov, 2, max_size); + else + iov_count = 2; + + return iov_length(iov, iov_count); +} + +/* + * + */ +int rb_init(const char *name, + unsigned int off, + struct __iomem ixzone_ring_buf *rb_io, + struct mwl8k_ring_buf *rb, + bool host_is_consumer) +{ + u32 boff, bsize; + + boff = le32_to_cpu(rb_io->buf_offset); + bsize = le32_to_cpu(rb_io->buf_size); + + if (check_bound(SRAM_SIZE, off + boff, bsize)) { + printk(KERN_ERR MWL8K_PFX + "%s ring buf has bad buf offsets\n", name); + return 1; + } + + rb->start = (void *)rb_io + boff; + rb->size = bsize; + + if (host_is_consumer) { + rb->fw_ptr = &rb_io->producer; + rb->host_ptr = &rb_io->consumer; + rb->host_off = le32_to_cpu(rb_io->consumer); + } else { + rb->fw_ptr = &rb_io->consumer; + rb->host_ptr = &rb_io->producer; + rb->host_off = le32_to_cpu(rb_io->producer); + } + + if (rb->host_off >= rb->size) { + printk(KERN_ERR MWL8K_PFX + "%s ring buf has bad idx offsets\n", name); + return 1; + } + + return 0; +} + diff -Nruw linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./wifi_core.c linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/wifi_core.c --- linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new./wifi_core.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/net/wireless/marvell/mwl8k_new/wifi_core.c 2024-04-22 14:46:55.460201228 +0200 @@ -0,0 +1,6120 @@ +#include +#include + +#include "mwl8k_priv.h" +#include "hostif_wifi.h" +#include "d11_defs.h" + +static u8 base_mac_addr[18] = "00:00:00:00:00:00"; +module_param_string(base_mac_addr, base_mac_addr, 18, 0); +MODULE_PARM_DESC(base_mac_addr, + "Override EEPROM defined base mac address in AP mode"); + +static int mac_addr_count = -1; +module_param(mac_addr_count, int, 0); +MODULE_PARM_DESC(mac_addr_count, + "Override EEPROM defined mac address count"); + +static int create_vif = 0; +module_param(create_vif, int, 0); +MODULE_PARM_DESC(mac_addr_count, + "Allow mac80211 to create VIF(s) on module load"); + +#undef TX_DBG_PRINT + +#ifdef TX_DBG_PRINT +#define txdbg(...) printk(__VA_ARGS__) +#define psdbg(...) printk(__VA_ARGS__) +#define badbg(...) printk(__VA_ARGS__) +#define aggdbg(...) printk(__VA_ARGS__) +#else +#define txdbg(...) +#define psdbg(...) +#define badbg(...) +#define aggdbg(...) +#endif + +#define RND_DROP_PPK 0 + +#define WIFI_MAX_AP_VIFS 8 +#define WIFI_STA_MAGIC 0x12345678 + +/* + * number of rx descriptors + */ +#define WIFI_RX_DESCS 256 + +/* + * maximum number of descriptors we are allowed to use from the + * .wake_tx_queue interface + * + * we will be pushing at best two full aggregates (could be for two + * different TID), and/or 8 non aggregates. + * + * if not using aggregation, even the fastest packet takes no less + * than 100us to transmit (including ACK), so with about 8 of those, + * we can push 1ms of data into FIFO and make sure we don't starve + */ +#define WIFI_TX_MAX_AGGR 2 +#define WIFI_TX_MAX_NON_AGGR 8 + +#define WIFI_TX_DESCS_WAKE (WIFI_TX_MAX_AGGR * IEEE80211_AGGR_MAX_MPDU + \ + WIFI_TX_MAX_NON_AGGR) + +/* + * number of tx descriptors to allocate, we reserve some for drv_tx() + * callback which can only push control frames or ps response frames + */ +#define WIFI_TX_DESCS (WIFI_TX_DESCS_WAKE + 8) + + +/* + * rx buffer size, big enough to receive the minimum size AMSDU, + * mandatory for 802.11n + */ +#define WIFI_RX_BUF_SIZE 3839 + +/* + * maximum number of time we will software retry a single mpdu from + * aggregate + */ +#define WIFI_MAX_SW_TRIES 20 + +/* since hardware does not do multi rate retry on AMPDU, if we cannot + * build a large chain, better send them as individual packets, this + * is the minimum number of packets to send as AMPDU */ +#define WIFI_MIN_AGGR_COUNT 4 + +/* + * rx queue (interface between host & firmware) + */ +struct wifi_rxq { + u32 count; + u32 refill_off; + u32 fw_off; + + struct wifi_rxd *descs; + dma_addr_t descs_dma; + + struct { + struct sk_buff *skb; + DEFINE_DMA_UNMAP_ADDR(dma); + } *bufs; +}; + +/* + * we will be doing some internal queing inside the driver to handle + * aggregation and software retransmit, the skb->cb leftover after + * mac80211 took its share is not big enough to contain all the extra + * data we need, so for each skb we track in tx path, there is an + * associated wifi_tx_skb struct + */ +enum wifi_tx_skb_type { + WIFI_TXSKB_QOS_DATA, + WIFI_TXSKB_BAR, + WIFI_TXSKB_OTHER, +}; + +struct wifi_tx_skb { + /* frame to transmit */ + struct sk_buff *skb; + DEFINE_DMA_UNMAP_ADDR(skb_dma); + DEFINE_DMA_UNMAP_LEN(skb_len); + + /* txq it belongs to */ + struct wifi_txq *txq; + + /* for packets aggregated, we will be doing software retries + * of single failed mpdu, this is the total try count */ + u8 sw_tries_done; + + /* + * whether the frame was sent has a valid tid field, it means + * it got transmitted to a known STA, and that the frame will + * be accounted in wifi_tid tx_pending + */ + bool has_tid:1; + + /* type of frame (valid if has_tid == true) */ + enum wifi_tx_skb_type type:2; + + /* + * if the frame has a known TID, this is the corresponding STA + * version when it's created + */ + u32 sta_version; + + /* tid of frame, used after tx completion to find back the + * correct wifi_tid, only valid when has_tid is true */ + u8 tid; + + /* + * when type is WIFI_TXSKB_BAR, this is the tid for which the + * BAR request was sent (not the TID the frame was sent on) + */ + u8 bar_tid; + + /* true size of frame that will be transmitted in the air, + * including encryption and FCS, filled when we create this + * wrapper */ + u16 frame_len; + + /* sequence number of frame, only valid for QOS data frames + * (type == WIFI_TXSKB_QOS_DATA), extracted from header when + * we create the wrapper */ + u16 seq_no; + + /* most invariant fields of tx descriptor are pre-computed + * here, others like ampdu flags are updated just before + * queuing to hardware */ + struct wifi_txd txdesc; + + /* used when queing frame into hardware, aggr_member will be + * true if frame is part of AMPDU, aggr_list will be non empty + * for the last MPDU of the aggregate */ + bool aggr_member; + struct list_head aggr_list; + + struct list_head next; +}; + +/* + * tx queue (interface between host & firmware) + */ +struct wifi_txq { + spinlock_t lock; + u16 idx; + u16 ac; + + /* DMA queue offsets */ + u32 head_off; + u32 reclaim_off; + + /* count of total descriptors we pushed in queue */ + u32 count; + + /* count of aggregates & non-aggregate packets we pushed via + * the wake_tx_queue interface */ + u32 aggr_count; + u32 non_aggr_count; + + /* pre-allocated list of wifi_tx_skb, same size as total + * number of descriptors */ + struct list_head wifi_tx_skbs_pool; + + /* tx hardware descriptors queue */ + struct wifi_txd *descs; + dma_addr_t descs_dma; + + /* pending packets */ + struct wifi_tx_skb **pending_wskb; + + /* pre-computed aggregate maximum size for each; chan-width, + * per-guard-interval, per mcs */ + u16 max_aggr_framelen[2][2][32]; +}; + +enum wifi_ps_action { + WIFI_PS_ACTION_NONE, + WIFI_PS_ACTION_SLEEP, + WIFI_PS_ACTION_TXDONE, + WIFI_PS_ACTION_WAKEUP, +}; + +enum wifi_ps_state { + WIFI_PS_AWAKE, + WIFI_PS_ENTER_SLEEP, + WIFI_PS_SLEEP, +}; + +struct wifi_sta { + /* + * there is a race in mac80211, .sta_notify callback can be + * called before .sta_add has completed, which result in a + * crash because struct wifi_sta is initialized in .sta_add + * + * workaround this with a magic init done marker value + */ + u32 magic; + + /* + * STA is looked up on tx completion by its mac address, but + * since we don't wait for tx queue to drain when removing a + * STA, it's possible for the STA to deauth and re-auth while + * packet are still pending in tx queue, which will mess up + * with the BAW tracking + * + * fix this by having an additional "version" counter + */ + u32 version; + + /* + * hardware id allocated by the firmware + */ + __le16 hw_id; + + + /* this makes tid invisible to tx done handler, used to + * prevent TID rescheduling when flushing aggregation state + * (see ampdu_action) */ + bool dead; + + /* + * reflect current PS state of station, updated via notify + * callback from mac80211, this goes like this + * + * 1) STA is initially in PS_AWAKE state. + * + * 2) If/when stack receives a packet with the PS bit set, it + * will call our .sta_notify callback + * + * 3) if there is no packet pending (in TX DMA queue) for this + * STA, we will switch to SLEEP state (see 5) + + * 4) Otherwise, we get into ENTER_SLEEP state, and call + * ieee80211_sta_block_awake() so that mac80211 will leave the + * STA internal state to sleep if it wakes up.f Each time we + * get tx completion for a packet, we decrement the pending + * counter for the associated STA. When it reaches 0, we will + * unblock mac80211 and switch to SLEEP state. + * + * 5) when entering SLEEP state, we tell mac80211 whether of + * not we have buffered packets in the driver for each STA/TID + * using ieee80211_sta_set_buffered(). This is re-evaluated + * each time we dequeue a packet from the TID retry queue and + * the retry queue becomes empty. Note that there is an + * additional sub state in each TID, ps_sleep_has_buf tracks + * whether we have reported that we still have buffered data + * or not for this TID + * + * when PS state is AWAKE, packets for a tid should flow only + * from the itxq (tid_schedule) + * + * when PS state is ENTER_SLEEP, there should be no tx at all. + * + * when PS state is SLEEP && ps_sleep_has_buf == true for any + * TID, data packets should be sent only as a respond to + * PS-Poll (service period), and done only through + * .release_buffered_frames interface + * + * when PS state is SLEEP && ps_sleep_has_buf == false for all + * TIDs, same as previously, but we will also get packets + * buffered inside mac80211 through drv_tx() interface + */ + enum wifi_ps_state ps_state; + + /* number of packets currently sitting in hw queue waiting for + * tx completion for this STA, only packets sent on a valid + * tid are accounted */ + unsigned int tx_pending; + + /* + * this lock protect the PS state + */ + spinlock_t lock; + + /* + * HW has a persistent filter for STA in powersave, and will + * return all frames as filtered until it's cleared. + * + * usually that's racy because STA PS status gets updated by + * rx path, while we get filtered frame by tx completion. + * + * since we use ieee80211_sta_block_awake() in the driver, + * there can not be any sleep => awake => sleep STA transition + * without the STA pending traffic being drained. The + * clear_ps_filter flag will be set only after we leave the + * SLEEP state, all packets sent during service period are + * flags to bypass that filter. + */ + atomic_t clear_ps_filter; +}; + +#define WIFI_STA(_sta) ((struct wifi_sta *)&((_sta)->drv_priv)) + + +/* + * private per mac80211 intermediate txq info (called it a TID to + * avoid confusion with other txq) + */ +enum wifi_aggr_state { + WIFI_AGGR_STOPPED, + WIFI_AGGR_ACTIVE, + WIFI_AGGR_STOPPING, +}; + +enum wifi_bar_state { + WIFI_BAR_NONE, + WIFI_BAR_NEEDED, + WIFI_BAR_SENT, + WIFI_BAR_WAIT_RETRY, +}; + +enum wifi_tid_type { + /* for itxq associated to VIF, used for multicast traffic, no + * associated STA */ + WIFI_TID_MCAST, + + /* for special itxq with id 16 (IEEE80211_NUM_TIDS), we get + * bufferable management frames on it */ + WIFI_TID_STA_MMPDU, + + /* for itxq with TID 0 and non WME STA, we get data frame only + * on those, but the sequence number will not be monotonic */ + WIFI_TID_STA_DATA, + + /* for itxq with TID 0 to 15 and WME STA, we only get QOS data + * on those */ + WIFI_TID_STA_QOS_DATA, + +}; + +struct wifi_tid { + /* see enum definition */ + enum wifi_tid_type type; + + /* + * see explanation regarding ps_state in wifi_sta + */ + bool ps_sleep_has_buf; + + /* + * internal list of packets that needs to be retried, this is + * used only if tid type is WIFI_TID_STA_QOS_DATA, whether + * aggregation is active or not. + * + * filtered frames (STA is in powersave) for are requeued here + * and not given back to mac80211 + * + * when aggregation is active, frames that we dequeued from + * mac80211 itxq and were not sent (max aggregate len reached) + * or sent but got no ACK are sitting here, waiting to be + * (re)transmitted. + * + * order of packets inside does not matter, the rule is that + * whatever sits here should be part of current BAW. + */ + struct list_head retry_q; + + /* current block ack session state for this tid */ + enum wifi_aggr_state aggr_state; + + /* maximum total number of bytes allowed by remote STA in an + * ampdu, updated when aggregation is started */ + u16 ampdu_max_bytes; + + /* minimum ampdu density requested by remote STA, index from 0 + * to 7 */ + u8 ampdu_density; + + /* + * This is the BlockAck window (BAW) maximum size (number of + * packets), defaults to hardware max, updated to remote STA + * maximum supported value (if lower) when aggr session state + * switches to operational. + * + * It's used even when aggregation is disabled. All PS + * filtered frames will be retried by the driver itself, so + * until a frame is ACKed, it's considered as inflight. When + * aggregation wants to start, we have to return a starting + * SSN, which must include those inflight packets (otherwise + * if we could send packets with a SSN lower than what we + * returned in AddBA). Instead of an alternative inflight + * counters, we re-use the BAW to implement this, baw_size is + * set to an artificial limit. + */ + u16 baw_max_size; + + /* + * After AddBA exchange, chosen BAW size may be lower than + * what remote is using, because mac80211 send a fixed 64 + * value to remote, which may be higher than what our hardware + * support, we remember the remote BAW size, and use it for + * BAR scheduling + */ + u16 remote_baw_max_size; + + /* + * this is the sequence number that correspond the the start + * of our BAW (BlockAck window) + */ + u16 seq_start; + + /* + * scoreboard tracks the blockack window state. + * + * (scb == scoreboard) + * + * scb_inflight bitmap tracks whether given frames is in-flight + * (not yet acked, not yet failed), scb_acked is bitmap of + * positively acknowledged frames + * + * scb_inflight_count is the number of frames in scb_inflight + * bitmap + * + * scb_head is the bit index inside scoreboard corresponding + * to the status of packet with + * + * scb_tail is the bit index inside scoreboard corresponding + * to the next available space in the scoreboard. (scb_tail - + * scb_head) is the number of in-flight packets (from the + * received POV) + * + * bitmap range validity is [ , - 1 ] + * + * NB: scoreboards size needs to be 1 element more because of + * ring buffer structure (scb_head == scb_tail is empty, + * scb_head + 1 == scb_tail is full) + */ +#define WIFI_SCB_MAX (IEEE80211_AGGR_MAX_MPDU + 1) + + unsigned long scb_acked[BITS_TO_LONGS(WIFI_SCB_MAX)]; + unsigned long scb_inflight[BITS_TO_LONGS(WIFI_SCB_MAX)]; + unsigned int scb_inflight_count; + unsigned int scb_head; + unsigned int scb_tail; + + /* + * After a failed MPDU (too many retransmits), there is a + * "hole" in the BAW. If failed MPDU has seq_no N, and + * receiver has successfuly received MPDUs N+1 and N+2, those + * won't be delivered to the higher level until a very large + * timeout. + * + * To make the receiver aware we won't retry the failed MPDU, + * we can send a "BlocAck Request" (BAR) frame, with a field + * Starting Sequence Number (SSN) equal to N+3, which will + * cause it to "flush" all MPDU stored with seq_no < N+3 + * + * Note that it's not mandatory, the receiver side BAW will + * still advance when receiving packets outside the BAW range + * (as long as sequence lies withing 2^11 of current one), so + * if we keep sending MPDU and reach seq_no N+64, then MPDU N + * will be flushed anyway. + * + * So we use a timer, each time we know that a BAR has to be + * sent, we arm the timer and remember the SSN, if after the + * timer the hole is not past SSN+64 we will send the BAR. + * + * Only one BAR will be sent at a time, and we won't send a + * new one unless the previous one has been sent (tx + * completion). + * + * mac80211 has a logic to retry failed BAR, but that causes + * re-entering the tx path from tx completion path + * (ieee80211_tx_status_ext() => drv_tx()), which requires + * careful locking, to avoid this complexity we don't report + * BAR tx failure to mac80211 and schedule bar retry ourselves + * + * BAR can also be sent immediately from the tx path if it's + * pending and we dequeued everything on the TID. + * + * When BAR state is set to BAR_NEEDED, timer will be armed, + * bar_req_limit tracks the maximum SN inside BAW for which + * the BAR is useful, if BAW head goes past this value, then + * BAR is canceled. + * + * When BAR tx fails, state switch to BAR_WAIT_RETRY, timer is not + * armed. In that state, if any MPDU is acked, timer will be + * armed to minimum value. + */ + spinlock_t bar_lock; + enum wifi_bar_state bar_state; + bool bar_inflight; + int bar_retry_count; + struct timer_list bar_timer; + int bar_req_limit; + + /* associated hardware tx queue */ + struct wifi_txq *txq; +}; + +#define WIFI_TID(_txqi) ((struct wifi_tid *)&((_txqi)->drv_priv)) + +#define TID2ITXQ(_tid) container_of((void *)wifi_tid, \ + struct ieee80211_txq, \ + drv_priv) + +/* + * private per-vif info + */ +struct wifi_vif { + __le16 hw_id; + unsigned int tbtt_idx; +}; + +#define WIFI_VIF(_vif) ((struct wifi_vif *)&((_vif)->drv_priv)) + +/* + * command channel + */ +struct wifi_cmd_chan { + u8 __iomem *buf_start; + u32 buf_size; + u32 f2h_irq_mask; + u32 h2f_irq_mask; + u32 __iomem *fw_count_ptr; + u32 __iomem *host_count_ptr; + u32 __iomem host_count; + struct mutex lock; + spinlock_t complete_lock; + struct completion completion; + bool pending; +}; + +/* + * + */ +struct wifi_priv { + /* + * cmd offset + */ + struct wifi_cmd_chan cmd_chans[WIFI_CMD_CHAN_LAST]; + + /* + * rx related + */ + u32 rx_f2h_irq_mask; + struct wifi_rxq rxq; + + /* + * tx related + */ + struct wifi_txq *txqs; + size_t txq_count; + u32 tx_f2h_irq_mask; + u32 tx_f2h_irq_shift; + u32 tx_h2f_irq_mask; + u32 tx_h2f_irq_shift; + + /* + * vif related + */ + u32 tbtt_f2h_irq_mask; + u32 tbtt_f2h_irq_shift; + + /* + * misc + */ + u16 fw_major; + u16 fw_minor; + struct mac_address addresses[8]; + size_t addresses_count; + + /* + * hardware limits + */ + int hw_max_ampdu_chain; + int hw_max_ap_vif; + int hw_max_sta_vif; + int hw_radio_chains; + int hw_bcn_interval_gcd; + + struct ieee80211_supported_band gband; + struct ieee80211_iface_limit if_limits[2]; + struct ieee80211_iface_combination if_comb; + + u32 sta_next_version; + struct survey_info survey[13]; + int cur_chan_idx; + u32 force_ant_mask; + u32 cur_chan_bss_rx; + + spinlock_t vifs_by_tbtt_lock; + struct ieee80211_vif *vifs_by_tbtt_idx[WIFI_MAX_AP_VIFS]; + + struct ieee80211_hw *hw; + bool hw_registered; + struct pci_dev *pdev; + struct device *dev; + struct mwl8k_priv *priv; +}; + +/* + * supported band + */ +#define CHAN2G(_idx, _freq) { \ + .band = NL80211_BAND_2GHZ, \ + .center_freq = (_freq), \ + .hw_value = (_idx), \ + .max_power = 20, \ +} + +static struct ieee80211_channel gchannels[] = { + CHAN2G(1, 2412), + CHAN2G(2, 2417), + CHAN2G(3, 2422), + CHAN2G(4, 2427), + CHAN2G(5, 2432), + CHAN2G(6, 2437), + CHAN2G(7, 2442), + CHAN2G(8, 2447), + CHAN2G(9, 2452), + CHAN2G(10, 2457), + CHAN2G(11, 2462), + CHAN2G(12, 2467), + CHAN2G(13, 2472), +}; + +static struct ieee80211_rate mwl8k_rates[] = { + { + .bitrate = 10, + .hw_value = 0, + }, + { + .bitrate = 20, + .flags = IEEE80211_RATE_SHORT_PREAMBLE, + .hw_value = 1, + }, + { + .bitrate = 55, + .flags = IEEE80211_RATE_SHORT_PREAMBLE, + .hw_value = 2, + }, + { + .bitrate = 110, + .flags = IEEE80211_RATE_SHORT_PREAMBLE, + .hw_value = 3, + }, + { + .bitrate = 60, + .hw_value = 5, + }, + { + .bitrate = 90, + .hw_value = 6, + }, + { + .bitrate = 120, + .hw_value = 7, + }, + { + .bitrate = 180, + .hw_value = 8, + }, + { + .bitrate = 240, + .hw_value = 9, + }, + { + .bitrate = 360, + .hw_value = 10, + }, + { + .bitrate = 480, + .hw_value = 11, + }, + { + .bitrate = 540, + .hw_value = 12, + } +}; + + +static int wifi_rxd_rate_to_rate(uint8_t val, bool is_cck) +{ + switch (val) { + case 8: return 10; + case 9: return 8; + case 10: return is_cck ? 0 : 6; + case 11: return 4; + case 12: return 11; + case 13: return 9; + case 14: return 7; + case 15: return 5; + case 20: return 1; + case 55: return 2; + case 110: return 3; + default: return 0; + } +} + +/* + * + */ +static const char * const wifi_cmd_errors[] = { + [WIFI_RESULT_OK] = "OK", + [WIFI_RESULT_INVAL] = "INVAL", + [WIFI_RESULT_UNKNOWN_CMD] = "UNKNOWN_CMD", + [WIFI_RESULT_IO_ERROR] = "IO_ERROR", + [WIFI_RESULT_NOSPC] = "NOSPC", + [WIFI_RESULT_NOENT] = "NOENT", + [WIFI_RESULT_BUSY] = "BUSY", + [WIFI_RESULT_EAGAIN] = "EAGAIN", + [WIFI_RESULT_EXISTS] = "EXISTS", +}; + +static const char *wifi_cmd_strerror(int ret) +{ + if (ret < 0 || ret >= ARRAY_SIZE(wifi_cmd_errors)) + return "UNKNOWN"; + return wifi_cmd_errors[ret]; +} + +/* + * + */ +static int __cmd_submit(struct wifi_priv *wp, + u32 chan_id, + u32 cmd_id, + const void *req_buf, + size_t req_buf_size, + u32 *presult, + void *resp_buf, + size_t *resp_buf_size, + bool strict_resp_size) +{ + struct wifi_cmd_chan *chan = &wp->cmd_chans[chan_id]; + struct wifi_cmd_hdr __iomem *hdr_io; + struct wifi_cmd_resp __iomem *resp_io; + bool is_atomic = (chan_id == WIFI_CMD_CHAN_ATOMIC); + size_t len; + u32 fw_count, fw_resp_size, result; + int ret; + + len = req_buf_size + WIFI_HDR_SIZE; + if (len > chan->buf_size) { + dev_err(wp->dev, "total cmd size too big for buf\n"); + return -EINVAL; + } + + if (!is_atomic) + mutex_lock(&chan->lock); + + /* extra sanity check */ + fw_count = le32_to_cpu(ioread32(chan->fw_count_ptr)); + if (fw_count != chan->host_count) { + dev_err(wp->dev, "unexpected fw cmd ptr:%x host:%x\n", + fw_count, chan->host_count); + ret = -EIO; + goto fail; + } + + /* write command header */ + hdr_io = (struct wifi_cmd_hdr *)chan->buf_start; + iowrite32(cpu_to_le32(cmd_id), &hdr_io->id); + iowrite32(cpu_to_le32(req_buf_size), &hdr_io->size); + + /* write request data */ + memcpy_toio(hdr_io + 1, req_buf, req_buf_size); + + /* increment queue pointer */ + if (!is_atomic) + init_completion(&chan->completion); + + spin_lock_bh(&chan->complete_lock); + chan->host_count++; + chan->pending = true; + iowrite32(cpu_to_le32(chan->host_count), chan->host_count_ptr); + spin_unlock_bh(&chan->complete_lock); + + mwl8k_raise_fw_irq(wp->priv, chan->h2f_irq_mask); + + ret = 0; + if (!is_atomic) { + /* wait for irq */ + if (!wait_for_completion_timeout(&chan->completion, 10 * HZ)) + ret = 1; + } else { + size_t i; + + for (i = 0; i < 100000; i++) { + u32 fw_off = le32_to_cpu(ioread32(chan->fw_count_ptr)); + + if (fw_off == chan->host_count) + break; + + udelay(5); + } + + if (i > 10000) { + printk("long atomic command: %zu\n", i); + } + + if (i == 100000) + ret = 1; + } + + if (ret) { + dev_err(wp->dev, "%scommand %u timeout, host:%x fw:%x\n", + is_atomic ? "atomic " : "", + cmd_id, + ioread32(chan->fw_count_ptr), + ioread32(chan->host_count_ptr)); + ret = -ETIMEDOUT; + goto fail; + } + + /* extract result */ + fw_resp_size = cpu_to_le32(ioread32(&hdr_io->size)); + if (fw_resp_size < sizeof (resp_io->result)) { + dev_err(wp->dev, "command %u resp too small: %u\n", + cmd_id, + fw_resp_size); + ret = -EIO; + goto fail; + } + + resp_io = (struct wifi_cmd_resp *)(hdr_io + 1); + result = le32_to_cpu(ioread32(&resp_io->result)); + if (presult) + *presult = result; + fw_resp_size -= sizeof (resp_io->result); + + if (resp_buf && fw_resp_size > *resp_buf_size) { + dev_err(wp->dev, "command %u resp too big: %u (buf %zu)\n", + cmd_id, + fw_resp_size, *resp_buf_size); + ret = -EIO; + goto fail; + } + + if (result) { + dev_err(wp->dev, "command %u resp failed with " + "result %u (%s)\n", + cmd_id, result, wifi_cmd_strerror(result)); + ret = -EIO; + goto fail; + } + + if (resp_buf_size && strict_resp_size && + fw_resp_size != *resp_buf_size) { + dev_err(wp->dev, "command %u resp size invalid:%u exp:%zu\n", + cmd_id, + fw_resp_size, + *resp_buf_size); + ret = -EIO; + goto fail; + } + + ret = 0; + if (resp_buf) + memcpy_fromio(resp_buf, + (void *)&resp_io->result + 4, + fw_resp_size); + +fail: + if (!is_atomic) + mutex_unlock(&chan->lock); + return ret; +} + +/* + * + */ +static int cmd_submit_check(struct wifi_priv *wp, + u32 chan_id, + u32 cmd_id, + const void *req_buf, + size_t req_buf_size, + void *resp_buf, + size_t *resp_buf_size) +{ + return __cmd_submit(wp, chan_id, cmd_id, req_buf, req_buf_size, + NULL, resp_buf, resp_buf_size, true); +} + +/* + * + */ +static int cmd_submit_check_no_req(struct wifi_priv *wp, + u32 chan_id, + u32 cmd_id, + void *resp_buf, + size_t *resp_buf_size) +{ + return __cmd_submit(wp, chan_id, cmd_id, NULL, 0, + NULL, resp_buf, resp_buf_size, true); +} + +/* + * + */ +static int cmd_submit_check_no_resp(struct wifi_priv *wp, + u32 chan_id, + u32 cmd_id, + const void *req_buf, + size_t req_buf_size) +{ + return __cmd_submit(wp, chan_id, cmd_id, req_buf, req_buf_size, + NULL, NULL, 0, false); +} + + +/* + * + */ +static int cmd_submit_check_no_req_no_resp(struct wifi_priv *wp, + u32 chan_id, + u32 cmd_id) +{ + return __cmd_submit(wp, chan_id, cmd_id, NULL, 0, + NULL, NULL, 0, true); +} + +/* + * + */ +static void cmd_chan_async_handle_irq(struct wifi_priv *wp) +{ + struct wifi_cmd_chan *chan = &wp->cmd_chans[WIFI_CMD_CHAN_ASYNC]; + + spin_lock(&chan->complete_lock); + if (chan->pending) { + __le32 fw_count = ioread32(chan->fw_count_ptr); + if (le32_to_cpu(fw_count) == chan->host_count) + complete(&chan->completion); + } + spin_unlock(&chan->complete_lock); +} + +/* + * + */ +static int cmd_get_api_version(struct wifi_priv *wp, + u32 *api_version) +{ + struct wifi_cmd_api_version_resp resp; + size_t resp_size = sizeof (resp); + int ret; + + ret = cmd_submit_check_no_req(wp, + WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_API_VERSION, + &resp, &resp_size); + if (ret) + return ret; + + *api_version = le32_to_cpu(resp.version); + return 0; +} + +/* + * + */ +static int cmd_get_fw_version(struct wifi_priv *wp, + u16 *major, + u16 *minor) +{ + struct wifi_cmd_fw_version_resp resp; + size_t resp_size = sizeof (resp); + int ret; + + ret = cmd_submit_check_no_req(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_FW_VERSION, + &resp, &resp_size); + if (ret) + return ret; + + *major = le16_to_cpu(resp.major); + *minor = le16_to_cpu(resp.minor); + return 0; +} + +/* + * + */ +static void inc_mac(u8 *base, unsigned int count) +{ + unsigned int i; + + for (i = 0; i < count; i++) { + int j; + + for (j = 5; j >= 0; j--) { + if (++base[j] != 0) + break; + } + } +} + +/* + * + */ +static int cmd_get_mac_address(struct wifi_priv *wp, + struct mac_address *addresses, size_t *count) +{ + struct wifi_cmd_get_mac_address_resp resp; + size_t resp_size = sizeof (resp); + size_t i, hw_count; + int ret; + + if (!*count) + return -EINVAL; + + ret = cmd_submit_check_no_req(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_GET_MAC_ADDRESS, + &resp, &resp_size); + if (ret) + return ret; + + hw_count = le16_to_cpu(resp.mac_addr_count); + for (i = 0; i < *count && i < hw_count; i++) { + memcpy(addresses[i].addr, resp.mac_addr, 6); + inc_mac(addresses[i].addr, i); + } + + *count = i; + return 0; +} + +/* + * + */ +static int cmd_get_chan_survey(struct wifi_priv *wp, + s8 *nf, + u64 *chan_time, + u64 *chan_busy, + u64 *chan_rx, + u64 *chan_tx) +{ + struct wifi_cmd_get_chan_survey_resp resp; + size_t resp_size = sizeof (resp); + int ret; + + ret = cmd_submit_check_no_req(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_GET_CHAN_SURVEY, + &resp, &resp_size); + if (ret) + return ret; + + *nf = resp.avg_nf; + *chan_time = div_u64(le64_to_cpu(resp.chan_time), 1000); + *chan_busy = div_u64(le64_to_cpu(resp.chan_busy), 1000); + *chan_rx = div_u64(le64_to_cpu(resp.chan_rx), 1000); + *chan_tx = div_u64(le64_to_cpu(resp.chan_tx), 1000); + + return 0; +} + +/* + * + */ +static int cmd_start(struct wifi_priv *wp) +{ + struct wifi_cmd_start_req req; + size_t i; + int ret; + + memset(&req, 0, sizeof (req)); + req.rx.dma_addr = cpu_to_le32(wp->rxq.descs_dma); + req.rx.len = cpu_to_le32(WIFI_RX_DESCS); + + for (i = 0; i < wp->txq_count; i++) { + req.tx[i].dma_addr = cpu_to_le32(wp->txqs[i].descs_dma); + req.tx[i].len = cpu_to_le32(WIFI_TX_DESCS); + } + + ret = cmd_submit_check_no_resp(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_START, + &req, sizeof (req)); + if (ret) + return ret; + + return 0; +} + +/* + * + */ +static int cmd_stop(struct wifi_priv *wp) +{ + int ret; + + ret = cmd_submit_check_no_req_no_resp(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_STOP); + if (ret) + return ret; + + return 0; +} + +/* + * + */ +static int cmd_set_rx_filter(struct wifi_priv *wp, u32 filter) +{ + struct wifi_cmd_set_rx_filter_req req = { + .filter = le32_to_cpu(filter), + }; + int ret; + + ret = cmd_submit_check_no_resp(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_SET_RX_FILTER, + &req, sizeof (req)); + if (ret) + return ret; + + return 0; +} + +/* + * + */ +static int cmd_add_vif(struct wifi_priv *wp, + enum wifi_vif_type type, + const u8 *mac_addr, + __le16 *vif_hwid, + unsigned int *tbtt_idx, + unsigned int ac_mapping[IEEE80211_NUM_ACS], + unsigned int *cab_qid) +{ + struct wifi_cmd_add_vif_req req; + struct wifi_cmd_add_vif_resp resp; + size_t resp_size = sizeof (resp); + int ret; + + req.type = type; + memcpy(req.mac_addr, mac_addr, sizeof (req.mac_addr)); + + ret = cmd_submit_check(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_ADD_VIF, + &req, sizeof (req), + &resp, &resp_size); + if (ret) + return ret; + + *vif_hwid = resp.vif_hwid; + *tbtt_idx = resp.tbtt_idx; + ac_mapping[IEEE80211_AC_BK] = resp.ac_to_qid[WIFI_AC_BK]; + ac_mapping[IEEE80211_AC_BE] = resp.ac_to_qid[WIFI_AC_BE]; + ac_mapping[IEEE80211_AC_VO] = resp.ac_to_qid[WIFI_AC_VO]; + ac_mapping[IEEE80211_AC_VI] = resp.ac_to_qid[WIFI_AC_VI]; + *cab_qid = resp.cab_qid; + + return 0; +} + +/* + * + */ +static int cmd_release_vif(struct wifi_priv *wp, + __le16 vif_hwid) +{ + struct wifi_cmd_release_vif_req req = { + .vif_hwid = vif_hwid, + }; + int ret; + + ret = cmd_submit_check_no_resp(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_RELEASE_VIF, + &req, sizeof (req)); + if (ret) + return ret; + + return 0; +} + +/* + * + */ +static int cmd_vif_start(struct wifi_priv *wp, + __le16 vif_hwid) +{ + struct wifi_cmd_vif_start_req req = { + .vif_hwid = vif_hwid, + }; + int ret; + + ret = cmd_submit_check_no_resp(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_VIF_START, + &req, sizeof (req)); + if (ret) + return ret; + + return 0; +} + +/* + * + */ +static int cmd_vif_stop(struct wifi_priv *wp, + __le16 vif_hwid) +{ + struct wifi_cmd_vif_stop_req req = { + .vif_hwid = vif_hwid, + }; + int ret; + + ret = cmd_submit_check_no_resp(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_VIF_STOP, + &req, sizeof (req)); + if (ret) + return ret; + + return 0; +} + +/* + * + */ +static int cmd_vif_set_bss_params(struct wifi_priv *wp, + __le16 vif_hwid, + const uint8_t *bssid) +{ + struct wifi_cmd_vif_set_bss_params_req req; + int ret; + + req.vif_hwid = vif_hwid; + memcpy(req.bssid, bssid, sizeof (req.bssid)); + + ret = cmd_submit_check_no_resp(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_VIF_SET_BSS_PARAMS, + &req, sizeof (req)); + if (ret) + return ret; + + return 0; +} + +/* + * + */ +static int cmd_vif_set_short_slot(struct wifi_priv *wp, + __le16 vif_hwid, + bool is_short) +{ + struct wifi_cmd_vif_set_short_slot_req req; + int ret; + + req.vif_hwid = vif_hwid; + req.is_short = is_short; + + ret = cmd_submit_check_no_resp(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_VIF_SET_SHORT_SLOT, + &req, sizeof (req)); + if (ret) + return ret; + + return 0; +} + +/* + * + */ +static int cmd_vif_set_edca_params(struct wifi_priv *wp, + __le16 vif_hwid, + unsigned int txq_idx, + unsigned int cw_min, + unsigned int cw_max, + unsigned int aifsn, + unsigned int txop) +{ + struct wifi_cmd_vif_set_edca_params_req req; + int ret; + + req.vif_hwid = vif_hwid; + req.txq_idx = txq_idx; + req.cw_min = le16_to_cpu(cw_min); + req.cw_max = le16_to_cpu(cw_max); + req.aifsn = le16_to_cpu(aifsn); + req.txop = le16_to_cpu(txop); + + ret = cmd_submit_check_no_resp(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_VIF_SET_EDCA_PARAMS, + &req, sizeof (req)); + if (ret) + return ret; + + return 0; +} + +/* + * + */ +static int cmd_vif_set_beacon_params(struct wifi_priv *wp, + __le16 vif_hwid, + unsigned int rate_idx, + unsigned int beacon_int, + unsigned int dtim_period) +{ + struct wifi_cmd_vif_set_beacon_params_req req; + int ret; + + req.vif_hwid = vif_hwid; + req.rate_idx = rate_idx; + req.beacon_interval = le16_to_cpu(beacon_int); + req.dtim_period = dtim_period; + + ret = cmd_submit_check_no_resp(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_VIF_SET_BEACON_PARAMS, + &req, sizeof (req)); + if (ret) + return ret; + + return 0; +} + +/* + * + */ +static int cmd_vif_enable_beacon(struct wifi_priv *wp, + __le16 vif_hwid, + bool enabled) +{ + struct wifi_cmd_vif_enable_beacon_req req; + int ret; + + req.vif_hwid = vif_hwid; + req.enabled = enabled; + + ret = cmd_submit_check_no_resp(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_VIF_ENABLE_BEACON, + &req, sizeof (req)); + if (ret) + return ret; + + return 0; +} + +/* + * + */ +static int cmd_vif_add_sta(struct wifi_priv *wp, + __le16 vif_hwid, + const u8 *addr, + __le16 *hw_id) +{ + struct wifi_cmd_vif_add_sta_req req; + struct wifi_cmd_vif_add_sta_resp resp; + size_t resp_size = sizeof (resp); + int ret; + + req.vif_hwid = vif_hwid; + memcpy(req.mac, addr, ETH_ALEN); + + ret = cmd_submit_check(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_VIF_ADD_STA, + &req, sizeof (req), + &resp, &resp_size); + if (ret) + return ret; + + *hw_id = resp.sta_hwid; + + return 0; +} + +/* + * + */ +static int cmd_vif_del_sta(struct wifi_priv *wp, + __le16 vif_hwid, + unsigned int sta_idx) +{ + struct wifi_cmd_vif_del_sta_req req; + int ret; + + req.vif_hwid = vif_hwid; + req.sta_hwid = cpu_to_le16(sta_idx); + + ret = cmd_submit_check_no_resp(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_VIF_DEL_STA, + &req, sizeof (req)); + if (ret) + return ret; + + return 0; +} + +/* + * + */ +static int cmd_vif_get_dtim_count_atomic(struct wifi_priv *wp, + __le16 vif_hwid, + unsigned int *dtim_count) +{ + struct wifi_cmd_vif_get_dtim_count_req req; + struct wifi_cmd_vif_get_dtim_count_resp resp; + size_t resp_size = sizeof (resp); + int ret; + + req.vif_hwid = vif_hwid; + + ret = cmd_submit_check(wp, WIFI_CMD_CHAN_ATOMIC, + WIFI_CMD_VIF_GET_DTIM_COUNT, + &req, sizeof (req), + &resp, &resp_size); + if (ret) + return ret; + + *dtim_count = resp.dtim_count; + + return 0; +} + +/* + * + */ +static int cmd_vif_update_beacon_atomic(struct wifi_priv *wp, + __le16 vif_hwid, + unsigned int bcn_dma_addr, + unsigned int bcn_size) +{ + struct wifi_cmd_vif_update_beacon_req req; + + req.vif_hwid = vif_hwid; + req.bcn_host_addr = cpu_to_le32(bcn_dma_addr); + req.bcn_size = cpu_to_le16(bcn_size); + + return cmd_submit_check_no_resp(wp, WIFI_CMD_CHAN_ATOMIC, + WIFI_CMD_VIF_UPDATE_BEACON, + &req, sizeof (req)); +} + +/* + * + */ +static int cmd_vif_add_key(struct wifi_priv *wp, + __le16 vif_hwid, + __le16 sta_hwid, + unsigned int key_idx, + const u8 *key, + u8 *hw_id) +{ + struct wifi_cmd_vif_add_key_req req; + struct wifi_cmd_vif_add_key_resp resp; + size_t resp_size = sizeof (resp); + int ret; + + req.vif_hwid = vif_hwid; + req.sta_hwid = sta_hwid; + req.key_idx = key_idx; + memcpy(req.key, key, sizeof (req.key)); + + ret = cmd_submit_check(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_VIF_ADD_KEY, + &req, sizeof (req), + &resp, &resp_size); + if (ret) + return ret; + + *hw_id = resp.key_hwid; + + return 0; +} + +/* + * + */ +static int cmd_vif_del_key(struct wifi_priv *wp, + __le16 vif_hwid, + __le16 sta_hwid, + u8 hw_id) +{ + struct wifi_cmd_vif_del_key_req req; + int ret; + + req.vif_hwid = vif_hwid; + req.sta_hwid = sta_hwid; + req.key_hwid = hw_id; + + ret = cmd_submit_check_no_resp(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_VIF_DEL_KEY, + &req, sizeof (req)); + if (ret) + return ret; + + return 0; +} + +/* + * + */ +static int freq_to_idx(struct ieee80211_hw *hw, int freq) +{ + struct ieee80211_supported_band *sband; + int band, ch, idx = 0; + + for (band = NL80211_BAND_2GHZ; band < NUM_NL80211_BANDS; band++) { + sband = hw->wiphy->bands[band]; + if (!sband) + continue; + + for (ch = 0; ch < sband->n_channels; ch++, idx++) + if (sband->channels[ch].center_freq == freq) + goto exit; + } + +exit: + return idx; +} + +/* + * + */ +static int wifi_set_channel(struct wifi_priv *wp) +{ + struct ieee80211_hw *hw = wp->hw; + const struct cfg80211_chan_def *chandef = &hw->conf.chandef; + const struct ieee80211_channel *channel = chandef->chan; + enum nl80211_chan_width width = chandef->width; + struct wifi_cmd_radio_control_req req; + int ret; + + req.channel = channel->hw_value; + req.antenna_mask = wp->force_ant_mask; + + switch (width) { + case NL80211_CHAN_WIDTH_20_NOHT: + case NL80211_CHAN_WIDTH_20: + req.bw = WIFI_CHAN_BW_20MHZ; + break; + case NL80211_CHAN_WIDTH_40: + req.bw = 40; + if (channel->center_freq > chandef->center_freq1) + req.bw = WIFI_CHAN_BW_40MHZ_BELOW; + else + req.bw = WIFI_CHAN_BW_40MHZ_ABOVE; + break; + default: + return -ENOTSUPP; + } + + ret = cmd_submit_check_no_resp(wp, WIFI_CMD_CHAN_ASYNC, + WIFI_CMD_RADIO_CONTROL, + &req, sizeof (req)); + if (ret) + return ret; + + wp->cur_chan_idx = freq_to_idx(hw, channel->center_freq); + return 0; +} + +/* + * + */ +static void wifi_rx_count_airtime(struct wifi_priv *wp, + struct sk_buff *skb, + int len) +{ + struct ieee80211_rx_status *rx_stat; + struct ieee80211_hdr *hdr; + u32 airtime; + + hdr = (struct ieee80211_hdr *)skb->data; + + if (!ieee80211_is_data(hdr->frame_control)) + return; + + rx_stat = IEEE80211_SKB_RXCB(skb); + + airtime = ieee80211_calc_rx_airtime(wp->hw, rx_stat, len); + wp->cur_chan_bss_rx += airtime; +} + +/* + * + */ +static int wifi_rxq_refill(struct wifi_priv *wp, int limit) +{ + struct wifi_rxq *rxq = &wp->rxq; + int refilled; + + refilled = 0; + while (rxq->count < WIFI_RX_DESCS && limit--) { + struct sk_buff *skb; + struct wifi_rxd *rxd; + dma_addr_t addr; + u32 cur; + + skb = dev_alloc_skb(WIFI_RX_BUF_SIZE); + if (skb == NULL) + break; + + addr = pci_map_single(wp->pdev, skb->data, + WIFI_RX_BUF_SIZE, DMA_FROM_DEVICE); + + if (pci_dma_mapping_error(wp->pdev, addr)) { + dev_kfree_skb(skb); + break; + } + + cur = rxq->refill_off; + + rxq->bufs[cur].skb = skb; + dma_unmap_addr_set(&rxq->bufs[cur], dma, addr); + + rxd = &rxq->descs[cur]; + rxd->buf_addr = cpu_to_le32(addr); + rxd->buf_size = cpu_to_le16(WIFI_RX_BUF_SIZE); + wmb(); + rxd->status = cpu_to_le16(RXD_F_FW_OWNED); + + rxq->refill_off++; + if (rxq->refill_off == WIFI_RX_DESCS) + rxq->refill_off = 0; + + rxq->count++; + refilled++; + } + + return refilled; +} + +/* + * + */ +static int wifi_process_rx(struct wifi_priv *wp, int limit) +{ + struct wifi_rxq *rxq = &wp->rxq; + int processed; + + processed = 0; + while (rxq->count && limit--) { + struct sk_buff *skb; + struct wifi_rxd *rxd; + struct ieee80211_rx_status *rx_stat; + unsigned int len; + u16 rxd_status; + u32 cur; + + cur = rxq->fw_off; + rxd = &rxq->descs[cur]; + rmb(); + + rxd_status = le16_to_cpu(rxd->status); + if (rxd_status & RXD_F_FW_OWNED) + break; + + pci_unmap_single(wp->pdev, + dma_unmap_addr(&rxq->bufs[cur], dma), + WIFI_RX_BUF_SIZE, PCI_DMA_FROMDEVICE); + dma_unmap_addr_set(&rxq->bufs[cur], dma, 0); + + skb = rxq->bufs[cur].skb; + BUG_ON(!skb); + rxq->bufs[cur].skb = NULL; + + len = le16_to_cpu(rxd->buf_size); + if (!len || len > WIFI_RX_BUF_SIZE) { + dev_err(wp->dev, "bad desc RX len: %u\n", len); + dev_kfree_skb(skb); + goto skip; + } + + skb_put(skb, len); + + /* fill rx status */ + rx_stat = IEEE80211_SKB_RXCB(skb); + if (rxd_status & RXD_F_HT) { + rx_stat->rate_idx = rxd->rate; + rx_stat->encoding = RX_ENC_HT; + } else { + bool is_cck = rxd_status & RXD_F_CCK; + rx_stat->rate_idx = wifi_rxd_rate_to_rate(rxd->rate, + is_cck); + rx_stat->encoding = RX_ENC_LEGACY; + } + + if (!(rxd_status & RXD_F_FCS_VALID)) + rx_stat->flag |= RX_FLAG_FAILED_FCS_CRC; + + if (rxd_status & RXD_F_SHORT_PREAMBLE) + rx_stat->enc_flags |= RX_ENC_FLAG_SHORTPRE; + + if (rxd_status & RXD_F_SHORT_GI) + rx_stat->enc_flags |= RX_ENC_FLAG_SHORT_GI; + + if (rxd_status & RXD_F_DECRYPTED) + rx_stat->flag |= RX_FLAG_DECRYPTED; + + if (rxd_status & RXD_F_40MHZ) + rx_stat->bw = RATE_INFO_BW_40; + else + rx_stat->bw = RATE_INFO_BW_20; + + rx_stat->band = 0; + rx_stat->freq = + ieee80211_channel_to_frequency(rxd->channel, + NL80211_BAND_2GHZ); + rx_stat->signal = rxd->rssi; + rx_stat->chains = (1 << wp->hw_radio_chains) - 1; + BUILD_BUG_ON(sizeof (rx_stat->chain_signal) != + sizeof (rxd->rssi_per_chain)); + memcpy(rx_stat->chain_signal, rxd->rssi_per_chain, + sizeof (rx_stat->chain_signal)); + + wifi_rx_count_airtime(wp, skb, len); + + ieee80211_rx(wp->hw, skb); + + skip: + processed++; + rxq->count--; + rxq->fw_off++; + if (rxq->fw_off == WIFI_RX_DESCS) + rxq->fw_off = 0; + } + + return processed; +} + +/* + * release wifi_skb wrapper fields (not the wrapper itself) and return + * it to the pool + */ +static void __wifi_tx_skb_release(struct wifi_priv *wp, + struct wifi_tx_skb *wskb, + bool tx_failed, + bool skip_skb_free) +{ + txdbg("wifi_tx_skb_release wskb:%ps seq:%u failed:%d skip_free:%d\n", + wskb, wskb->seq_no, tx_failed, skip_skb_free); + + pci_unmap_single(wp->pdev, + dma_unmap_addr(wskb, skb_dma), + dma_unmap_len(wskb, skb_len), + PCI_DMA_TODEVICE); + dma_unmap_addr_set(wskb, skb_dma, 0); + list_add(&wskb->next, &wskb->txq->wifi_tx_skbs_pool); + if (!skip_skb_free) { + if (tx_failed) + ieee80211_free_txskb(wp->hw, wskb->skb); + else + dev_kfree_skb(wskb->skb); + } +} + +static void wifi_tx_skb_release_txfail(struct wifi_priv *wp, + struct wifi_tx_skb *wskb) +{ + __wifi_tx_skb_release(wp, wskb, true, false); +} + +static void wifi_tx_skb_release_keep_skb(struct wifi_priv *wp, + struct wifi_tx_skb *wskb) +{ + __wifi_tx_skb_release(wp, wskb, true, true); +} + +/* + * + */ +static int fill_hw_offsets(const struct ieee80211_hdr *d11, struct wifi_txd *txd) +{ + __le16 fc = d11->frame_control; + + if (ieee80211_is_data(fc)) { + unsigned int hdr_size; + + bool has_qos = ieee80211_is_data_qos(fc); + + if (ieee80211_has_a4(fc)) { + hdr_size = 30; + txd->addr_count = 4; + } else { + hdr_size = 24; + txd->addr_count = 3; + } + + txd->has_qos_control = has_qos; + if (has_qos) + memcpy(&txd->qos_control, (u8 *)d11 + hdr_size, + IEEE80211_QOS_CTL_LEN); + + txd->data_offset = !has_qos ? hdr_size : hdr_size + + IEEE80211_QOS_CTL_LEN; + return 0; + } + + if (ieee80211_is_mgmt(fc)) { + txd->addr_count = 3; + txd->data_offset = 24; + txd->has_qos_control = 0; + return 0; + } + + if (ieee80211_is_ctl(fc)) { + if ((fc & cpu_to_le16(0x00E0)) == cpu_to_le16(0x00C0)) { + /* cannot send one address type */ + return 1; + } + + txd->addr_count = 2; + txd->data_offset = 16; + txd->has_qos_control = 0; + return 0; + } + + return 1; +} + +/* + * allocate (from fixed pool) and fill skb wrapper we use inside tx + * path + */ +static struct wifi_tx_skb *wifi_tx_skb_wrap(struct wifi_priv *wp, + struct wifi_txq *txq, + struct sk_buff *skb, + struct ieee80211_sta *sta, + int tid) +{ + const struct ieee80211_hdr *d11; + struct wifi_tx_skb *wskb; + struct ieee80211_tx_info *info; + struct ieee80211_key_conf *hw_key; + struct wifi_vif *wifi_vif; + struct wifi_sta *wifi_sta; + struct wifi_txd *txdesc; + dma_addr_t dma; + u16 frame_len; + + txdbg("wifi_tx_skb_wrap: skb:%pS len:%u sta:%pM\n", + skb, skb->len, sta ? sta->addr : NULL); + + /* we should always have something in the pool, it is pre + * allocated with the same size as txq, and we make sure to + * stop sending before queue becomes full */ + if (WARN_ON(list_empty(&txq->wifi_tx_skbs_pool))) + return NULL; + + info = IEEE80211_SKB_CB(skb); + hw_key = info->control.hw_key; + + wskb = list_first_entry(&txq->wifi_tx_skbs_pool, + struct wifi_tx_skb, + next); + wskb->sw_tries_done = 0; + wskb->txq = txq; + + frame_len = skb->len + FCS_LEN; + if (hw_key) + frame_len += hw_key->icv_len; + wskb->frame_len = frame_len; + + /* lookup sta & vif, we need to write their hw id inside descriptor */ + wifi_sta = NULL; + if (sta) { + wifi_sta = WIFI_STA(sta); + wskb->sta_version = wifi_sta->version; + } + + wifi_vif = NULL; + if (info->control.vif) + wifi_vif = WIFI_VIF(info->control.vif); + + /* + * precompute invariant tx descriptor fields + */ + d11 = (const struct ieee80211_hdr *)skb->data; + txdesc = &wskb->txdesc; + + if (fill_hw_offsets(d11, txdesc)) { + /* should not happen unless raw frame injection */ + wiphy_err(wp->hw->wiphy, "hardware cannot send such frame\n"); + return NULL; + } + + if (WARN_ON(skb->len < txdesc->data_offset)) { + /* catch strange packets */ + return NULL; + } + + txdesc->data_size = cpu_to_le16(skb->len - txdesc->data_offset); + txdesc->sta_hwid = wifi_sta ? wifi_sta->hw_id : WIFI_INVALID_STA_HWID; + txdesc->vif_hwid = wifi_vif ? wifi_vif->hw_id : WIFI_INVALID_VIF_HWID; + txdesc->key_hwid = hw_key ? hw_key->hw_key_idx : WIFI_INVALID_KEY_HWID; + + if (hw_key) { + u64 pn64 = atomic64_inc_return(&hw_key->tx_pn); + memcpy(&txdesc->ccmp_pn, &pn64, 8); + } + + txdesc->status = TXD_F_FW_OWNED; + + if (is_multicast_ether_addr(d11->addr1) || + (info->flags & IEEE80211_TX_CTL_NO_ACK)) + txdesc->status |= TXD_F_TX_NO_ACK; + + if (info->flags & IEEE80211_TX_CTL_STBC) + txdesc->status |= TXD_F_TX_STBC; + + /* tid is used to find back wifi_tid at tx completion and do + * proper STA tx accounting */ + if (tid == -1) { + wskb->has_tid = false; + wskb->tid = 0; + } else { + if (WARN_ON(!sta)) + return NULL; + + wskb->has_tid = true; + wskb->tid = tid; + + /* is_data_present is needed to exclude null func + * frames, which have no valid sequence number and are + * sent on another TID */ + if (ieee80211_is_data_present(d11->frame_control) && + ieee80211_is_data_qos(d11->frame_control)) { + + if (info->flags & IEEE80211_TX_INTFL_RETRANSMISSION) { + WARN(1, "QOS data frame restranmisted by stack\n"); + return NULL; + } + + + wskb->type = WIFI_TXSKB_QOS_DATA; + wskb->seq_no = + (le16_to_cpu(d11->seq_ctrl) & + IEEE80211_SCTL_SEQ) >> + IEEE80211_SEQ_SEQ_SHIFT; + txdesc->tid = wskb->tid; + WARN_ON(tid == IEEE80211_NUM_TIDS); + + } else if (ieee80211_is_back_req(d11->frame_control)) { + const struct ieee80211_bar *bar; + u16 bar_tid; + + /* BAR frames must be tagged */ + bar = (const struct ieee80211_bar *)skb->data; + bar_tid = le16_to_cpu(bar->control) >> + IEEE80211_BAR_CTRL_TID_INFO_SHIFT; + wskb->type = WIFI_TXSKB_BAR; + wskb->bar_tid = bar_tid; + + txdesc->status |= TXD_F_TX_BAR; + txdesc->tid = wskb->bar_tid; + } else + wskb->type = WIFI_TXSKB_OTHER; + } + + /* map skb */ + dma = pci_map_single(wp->pdev, skb->data, skb->len, PCI_DMA_TODEVICE); + if (pci_dma_mapping_error(wp->pdev, dma)) { + wiphy_err(wp->hw->wiphy, "failed to dma map skb\n"); + return NULL; + } + + wskb->skb = skb; + dma_unmap_addr_set(wskb, skb_dma, dma); + dma_unmap_len_set(wskb, skb_len, skb->len); + txdesc->buf_addr = cpu_to_le32(dma); + + /* remove from pool list */ + list_del(&wskb->next); + txdbg("wifi_tx_skb_wrap: returned %ps, has_tid:%d tid:%d type:%u seq:%u\n", + wskb, wskb->has_tid, wskb->tid, wskb->type, wskb->seq_no); + return wskb; +} + +/* + * + */ +static void wifi_tx_skb_inc_sw_tries(struct wifi_priv *wp, + struct wifi_tx_skb *wskb) +{ + struct ieee80211_hdr *hdr; + + ++wskb->sw_tries_done; + if (wskb->sw_tries_done == 1 || wskb->sw_tries_done > 2) + return; + + /* set the retry bit and header, update cache */ + hdr = (struct ieee80211_hdr *)wskb->skb->data; + hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_RETRY); + pci_dma_sync_single_for_device(wp->pdev, + dma_unmap_addr(wskb, skb_dma), + sizeof (*hdr), DMA_TO_DEVICE); +} + +/* + * + */ +static void wifi_tx_skb_set_more_data(struct wifi_priv *wp, + struct wifi_tx_skb *wskb, + bool more_data) +{ + struct ieee80211_hdr *hdr; + + hdr = (struct ieee80211_hdr *)wskb->skb->data; + hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_MOREDATA); + pci_dma_sync_single_for_device(wp->pdev, + dma_unmap_addr(wskb, skb_dma), + sizeof (*hdr), DMA_TO_DEVICE); +} + +/* + * + */ +static void wifi_tx_skb_fill_rates(struct wifi_tx_skb *wskb, + struct ieee80211_vif *vif, + struct ieee80211_sta *sta) +{ + struct ieee80211_tx_info *info; + struct wifi_txd *txdesc; + size_t i; + + txdbg("wifi_tx_skb_fill_rates: wskp:%ps sta:%ps\n", wskb, sta); + /* we use tx_info to store rates */ + info = IEEE80211_SKB_CB(wskb->skb); + ieee80211_get_tx_rates(vif, + sta, + wskb->skb, + info->control.rates, + ARRAY_SIZE(info->control.rates)); + + WARN_ON_ONCE(info->control.rates[0].idx < 0); + + txdesc = &wskb->txdesc; + for (i = 0; i < WIFI_TXD_MAX_RATES; i++) { + const struct ieee80211_tx_rate *r = &info->control.rates[i]; + struct wifi_txd_rinfo *txr = &txdesc->rinfo[i]; + + if (r->idx == -1) { + /* make sure to clear to mark end of list, + * since this can be called multiple times on + * same wskb */ + txr->flags = 0; + break; + } + + txdbg("fill rate[%zu]: idx:%u ht:%d count:%d\n", + i, + r->idx, !!(r->flags & IEEE80211_TX_RC_MCS), r->count); + + txr->flags = TXD_RF_VALID; + + if (r->flags & IEEE80211_TX_RC_USE_RTS_CTS) + txr->flags |= TXD_RF_RTS_CTS; + else if (r->flags & IEEE80211_TX_RC_USE_CTS_PROTECT) + txr->flags |= TXD_RF_CTS_PROTECT; + + if ((r->flags & IEEE80211_TX_RC_USE_SHORT_PREAMBLE)) + txr->flags |= TXD_RF_SHORT_PRE; + + if (!(r->flags & IEEE80211_TX_RC_MCS)) + txr->rate = mwl8k_rates[r->idx].hw_value; + else { + txr->rate = r->idx; + txr->flags |= TXD_RF_HT; + if ((r->flags & IEEE80211_TX_RC_SHORT_GI)) + txr->flags |= TXD_RF_SHORT_GI; + if ((r->flags & IEEE80211_TX_RC_40_MHZ_WIDTH)) + txr->flags |= TXD_RF_40MHZ; + } + + txr->count = r->count; + txr->antenna_mask = 0; + } +} + +/* + * queue a chain of packets into the hardware tx queue, chain is not + * valid after call if packets have been successfully queued + * + * for A-MPDU, first tx desc must have the following fields: + * - ampdu_density + * - ampdu_baw_ssn + * + * caller must hold the txq lock and sta lock + */ +static int wifi_tx_send_chain(struct wifi_priv *wp, + struct list_head *chain, + size_t chain_count, + bool form_aggr, + struct ieee80211_sta *sta, + bool bypass_ps) +{ + struct wifi_tx_skb *wskb; + struct wifi_txq *wifi_txq; + struct wifi_txd *first_txdesc; + __le32 first_desc_status; + bool clear_ps; + /* int tid = -1; */ + + /* if (chain_count > 1) { */ + /* printk("SEND CHAIN count:%d\n", chain_count); */ + + /* list_for_each_entry(wskb, chain, next) { */ + /* printk(" - member: frame_len:%u " */ + /* "addr_count:%u data_size:%u data_offset:%u has_qos:%d\n", */ + /* wskb->skb->len, */ + /* wskb->txdesc.addr_count, */ + /* wskb->txdesc.data_size, */ + /* wskb->txdesc.data_offset, */ + /* wskb->txdesc.has_qos_control); */ + /* } */ + /* } */ + + if (WARN_ON(!chain_count)) + return 1; + + wskb = list_first_entry(chain, struct wifi_tx_skb, next); + + wifi_txq = wskb->txq; + WARN_ON(wifi_txq->idx == 6); + lockdep_assert_held(&wifi_txq->lock); + + txdbg("wifi_tx_send_chain: chain_count:%zu aggr:%d sta:%pM " + "bypass_ps:%d txq_count:%d\n", + chain_count, form_aggr, sta ? sta->addr : NULL, bypass_ps, + wifi_txq->count); + + if (WARN_ON(wifi_txq->count + chain_count > WIFI_TX_DESCS)) + return 1; + + /* + * if traffic if for a STA, and is not sent during the service + * period, we will clear the hardware PS filter if needed + */ + clear_ps = false; + if (sta && !bypass_ps) + clear_ps = atomic_dec_and_test(&WIFI_STA(sta)->clear_ps_filter); + + if (clear_ps) { + /* printk("wifi_tx_send_chain: sta %pM will clear ps\n", */ + /* sta->addr); */ + } + + /* + * tx pending accounting for this tid + */ + if (sta && wskb->has_tid) { + struct wifi_sta *wifi_sta = WIFI_STA(sta); + + lockdep_assert_held(&wifi_sta->lock); + + wifi_sta->tx_pending += chain_count; + txdbg("wifi_tx_send_chain: sta %pM tx pending now %d\n", + sta->addr, wifi_sta->tx_pending); + /* tid = wskb->tid; */ + } + + first_txdesc = NULL; + list_for_each_entry(wskb, chain, next) { + struct wifi_txd *txdesc; + u32 cur_off; + + txdbg("wifi_tx_send_chain: wskb:%ps has_tid:%d tid:%d type:%d seq:%u\n", + wskb, wskb->has_tid, wskb->tid, wskb->type, wskb->seq_no); + + /* raise number of total tries for this skb, it will + * update the retry bit in 802.11 header if needed */ + wifi_tx_skb_inc_sw_tries(wp, wskb); + + /* + * most tx desc fields have been pre-computed, clear + * any previous transient flags in case we resend that + * frame + */ + wskb->txdesc.status &= ~(TXD_F_TX_AMPDU_START | + TXD_F_TX_AMPDU_MORE | + TXD_F_TX_AMPDU_LAST | + TXD_F_TX_CLEAR_PS | + TXD_F_TX_BYPASS_PS); + + /* + * setup powersave & AMPDU flags in tx desc + */ + if (clear_ps) { + wskb->txdesc.status |= TXD_F_TX_CLEAR_PS; + clear_ps = false; + } + + if (bypass_ps) + wskb->txdesc.status |= TXD_F_TX_BYPASS_PS; + + if (form_aggr) { + u32 ampdu_flags = 0; + + if (list_is_first(&wskb->next, chain)) { + ampdu_flags |= TXD_F_TX_AMPDU_START; + wifi_txq->aggr_count++; + } + if (list_is_last(&wskb->next, chain)) { + ampdu_flags |= TXD_F_TX_AMPDU_LAST; + } + if (!ampdu_flags) + ampdu_flags |= TXD_F_TX_AMPDU_MORE; + + wskb->txdesc.status |= ampdu_flags; + wskb->aggr_member = true; + INIT_LIST_HEAD(&wskb->aggr_list); + } else { + wskb->aggr_member = false; + wifi_txq->non_aggr_count++; + } + + /* update memory-mapped descriptor */ + cur_off = wifi_txq->head_off; + txdesc = &wifi_txq->descs[cur_off]; + + if (!first_txdesc) { + /* first descriptor of list, memcpy all but + * status field status field so transmission + * does not start now */ + BUILD_BUG_ON(offsetof(struct wifi_txd, status)); + memcpy((void *)txdesc + sizeof (txdesc->status), + (void *)&wskb->txdesc + sizeof (txdesc->status), + sizeof (*txdesc) - sizeof (txdesc->status)); + + /* remember status */ + first_txdesc = txdesc; + first_desc_status = wskb->txdesc.status; + BUG_ON(first_txdesc->status & TXD_F_FW_OWNED); + } else + memcpy(txdesc, &wskb->txdesc, sizeof (*txdesc)); + + wifi_txq->pending_wskb[cur_off] = wskb; + cur_off++; + if (cur_off >= WIFI_TX_DESCS) + cur_off = 0; + + wifi_txq->head_off = cur_off; + wifi_txq->count++; + } + + if (form_aggr) { + struct wifi_tx_skb *last_wskb; + + /* transfer whole chain in last entry */ + last_wskb = list_last_entry(chain, struct wifi_tx_skb, next); + list_splice(chain, &last_wskb->aggr_list); + } + + /* if (sta && tid != -1) { */ + /* struct wifi_tid *wifi_tid = WIFI_TID(sta->txq[tid]); */ + + /* printk("tx: agg:%u cnt:%d (pnd now aggr:%d nagg:%d) seq:%d\n", */ + /* form_aggr, chain_count, */ + /* wifi_txq->aggr_count, */ + /* wifi_txq->non_aggr_count, */ + /* wifi_tid->seq_start); */ + /* } */ + + /* all set, start tx */ + wmb(); + first_txdesc->status = first_desc_status; + mwl8k_raise_fw_irq(wp->priv, 1 << (wifi_txq->idx + wp->tx_h2f_irq_shift)); + + return 0; +} + +/* + * return actually used size in BAW, ie number of in-flight packets + * seen from the receiver + */ +static inline size_t +wifi_tid_baw_tracked_size(const struct wifi_tid *wifi_tid) +{ + if (wifi_tid->scb_tail >= wifi_tid->scb_head) + return wifi_tid->scb_tail - wifi_tid->scb_head; + + return WIFI_SCB_MAX - wifi_tid->scb_head + wifi_tid->scb_tail; +} + +/* + * return available space BAW + */ +static inline size_t +wifi_tid_baw_space(const struct wifi_tid *wifi_tid) +{ + size_t tracked; + + tracked = wifi_tid_baw_tracked_size(wifi_tid); + if (tracked > wifi_tid->baw_max_size) { + /* this is allowed if the BAW max size is shrinked, + * can happen when enabling aggregation */ + return 0; + } + + return wifi_tid->baw_max_size - tracked; +} + +/* + * check if sequence is being tracked by block ack window + */ +static inline bool +wifi_tid_baw_tracks_seqno(const struct wifi_tid *wifi_tid, + unsigned int seq_no) +{ + unsigned int delta; + + delta = (seq_no - wifi_tid->seq_start) & 0xfff; + return delta < wifi_tid_baw_tracked_size(wifi_tid); +} + +/* + * return next sequence number just after last one being tracked by + * block ack window + */ +static inline u16 +wifi_tid_baw_next_seqno(const struct wifi_tid *wifi_tid) +{ + size_t count = wifi_tid_baw_tracked_size(wifi_tid); + u16 last; + + last = wifi_tid->seq_start + count; + last &= 0xfff; + return last; +} + +/* + * return true if there are packet being tracked by BAW currently + * being transmitted + */ +static inline bool +wifi_tid_baw_has_inflight_packets(const struct wifi_tid *wifi_tid) +{ + return (wifi_tid->scb_inflight_count > 0); +} + +/* + * called after any change that could affect "global" ps state + * + * must be called holding STA lock + */ +static void wifi_sta_ps_transition(struct ieee80211_hw *hw, + struct ieee80211_sta *sta, + enum wifi_ps_action action) +{ + struct wifi_sta *wifi_sta; + struct wifi_tid *wifi_tid; + size_t tidno; + + wifi_sta = WIFI_STA(sta); + lockdep_assert_held(&wifi_sta->lock); + + psdbg("wifi_sta_ps_transition: %pM cur_state:%d action:%d\n", + sta->addr, wifi_sta->ps_state, action); + +again: + switch (wifi_sta->ps_state) { + case WIFI_PS_AWAKE: + if (WARN_ON(action && action != WIFI_PS_ACTION_SLEEP)) + break; + + wifi_sta->ps_state = WIFI_PS_ENTER_SLEEP; + action = WIFI_PS_ACTION_NONE; + ieee80211_sta_block_awake(hw, sta, true); + goto again; + + case WIFI_PS_ENTER_SLEEP: + if (WARN_ON(action && + (action != WIFI_PS_ACTION_TXDONE && + action != WIFI_PS_ACTION_SLEEP))) { + psdbg("wifi_sta_ps_transition: wtf, " + "state is enter sleep, action is :%d\n", + action); + break; + } + + /* wait until all TID has no more data packets in + * flight */ + if (wifi_sta->tx_pending) { + psdbg("wifi_sta_ps_transition: tx " + "still pending (%u packets)\n", + wifi_sta->tx_pending); + break; + } + + if (action == WIFI_PS_ACTION_SLEEP) + break; + + for (tidno = 0; tidno < IEEE80211_NUM_TIDS + 1; tidno++) { + wifi_tid = WIFI_TID(sta->txq[tidno]); + if (wifi_tid_baw_has_inflight_packets(wifi_tid)) { + ieee80211_sta_set_buffered(sta, tidno, true); + psdbg("entering ps with has_buf (%d)\n", + wifi_tid->scb_inflight_count); + wifi_tid->ps_sleep_has_buf = true; + } else + wifi_tid->ps_sleep_has_buf = false; + } + + /* done */ + wifi_sta->ps_state = WIFI_PS_SLEEP; + psdbg("=> now asleep\n"); + ieee80211_sta_block_awake(hw, sta, false); + break; + + case WIFI_PS_SLEEP: + if (action == WIFI_PS_ACTION_SLEEP) { + /* + * this can happen: + * + * sta_ps_start() + * sta_notify(SLEEP) + * driver calls ieee80211_sta_block_awake(true) + * sta_ps_end() + * WLAN_STA_PS_DRIVER is set, just clear PS_STA + * driver calls ieee80211_sta_block_awake(false) + * schedule deliver work queue + * sta_ps_start() + * sta_notify(SLEEP) again + */ + break; + } + + if (WARN_ON(action && action != WIFI_PS_ACTION_WAKEUP)) + break; + + /* make sure mac80211 will resched all STA itxq */ + atomic_set(&wifi_sta->clear_ps_filter, 1); + for (tidno = 0; tidno < IEEE80211_NUM_TIDS + 1; tidno++) { + wifi_tid = WIFI_TID(sta->txq[tidno]); + if (wifi_tid_baw_has_inflight_packets(wifi_tid)) + ieee80211_schedule_txq(hw, TID2ITXQ(wifi_tid)); + } + + wifi_sta->ps_state = WIFI_PS_AWAKE; + psdbg("=> now awake\n"); + break; + } + + /* printk("wifi_sta_ps_transition: new_state:%d\n", wifi_sta->ps_state); */ +} + +/* + * called when TID has no more inflight packet + */ +static void wifi_tid_ps_has_no_more_buffer(struct wifi_tid *wifi_tid) +{ + struct ieee80211_txq *itxq = TID2ITXQ(wifi_tid); + struct wifi_sta *wifi_sta = WIFI_STA(itxq->sta); + + if (!wifi_tid->ps_sleep_has_buf) + return; + + if (wifi_sta->ps_state != WIFI_PS_SLEEP) + return; + + psdbg("wifi_tid_ps_recheck: sta:%pM no more bufferd\n", + itxq->sta->addr); + ieee80211_sta_set_buffered(itxq->sta, itxq->tid, false); + wifi_tid->ps_sleep_has_buf = false; +} + +/* + * dump BAW (debug) + */ +static void wifi_tid_baw_print(struct wifi_tid *wifi_tid) +{ + u32 end = wifi_tid->seq_start + wifi_tid_baw_tracked_size(wifi_tid); + end &= 0xfff; + + badbg("baw: max_size:%u tracked:%zu seq_start:%u => %u head:%u tail:%u inflight:%u\n", + wifi_tid->baw_max_size, + wifi_tid_baw_tracked_size(wifi_tid), + wifi_tid->seq_start, + end, + wifi_tid->scb_head, + wifi_tid->scb_tail, + wifi_tid->scb_inflight_count); +} + +static void wifi_tid_baw_print_nodebug(struct wifi_tid *wifi_tid) +{ + u32 end = wifi_tid->seq_start + wifi_tid_baw_tracked_size(wifi_tid); + end &= 0xfff; + + printk("baw: max_size:%u tracked:%zu seq_start:%u => %u head:%u tail:%u inflight:%u\n", + wifi_tid->baw_max_size, + wifi_tid_baw_tracked_size(wifi_tid), + wifi_tid->seq_start, + end, + wifi_tid->scb_head, + wifi_tid->scb_tail, + wifi_tid->scb_inflight_count); +} + +/* + * actually send the BAR + */ +static void wifi_tid_send_bar(struct wifi_tid *wifi_tid, int seq_no) +{ + struct ieee80211_txq *itxq = TID2ITXQ(wifi_tid); + + badbg("wifi_tid_send_bar: seq_no:%d\n", seq_no); + + /* NB: this re-enter driver via drv_tx_queue() */ + ieee80211_send_bar_sta(itxq->sta, + itxq->tid, + seq_no << IEEE80211_SEQ_SEQ_SHIFT); +} + +/* + * schedule or reschedule BAR timer + */ +static void __wifi_tid_baw_bar_resched_timer(struct wifi_tid *wifi_tid) +{ + badbg("__wifi_tid_baw_bar_resched_timer\n"); + mod_timer(&wifi_tid->bar_timer, jiffies + HZ / 100); +} + +static void __wifi_tid_baw_bar_trigger_timer(struct wifi_tid *wifi_tid) +{ + badbg("__wifi_tid_baw_bar_trigger_timer\n"); + mod_timer(&wifi_tid->bar_timer, jiffies); +} + +static void __wifi_tid_baw_bar_may_trigger_timer(struct wifi_tid *wifi_tid) +{ + if (timer_pending(&wifi_tid->bar_timer)) + return; + __wifi_tid_baw_bar_trigger_timer(wifi_tid); +} + +/* + * BAR timer callback, send BAR unless request was canceled + */ +static void wifi_tid_baw_bar_timer(struct timer_list *t) +{ + struct wifi_tid *wifi_tid = from_timer(wifi_tid, t, bar_timer); + bool send_bar; + + spin_lock(&wifi_tid->bar_lock); + + badbg("wifi_tid_baw_bar_timer: bar_state:%d bar_req_limit:%d seq_start:%d inflight:%d\n", + wifi_tid->bar_state, + wifi_tid->bar_req_limit, + wifi_tid->seq_start, + wifi_tid->bar_inflight); + + send_bar = false; + switch (wifi_tid->bar_state) { + case WIFI_BAR_NONE: + case WIFI_BAR_SENT: + case WIFI_BAR_WAIT_RETRY: + /* request canceled, we don't use del_timer() so it + * might happen */ + break; + + case WIFI_BAR_NEEDED: + if (wifi_tid->bar_inflight) { + /* previous BAR still being transmited, txdone + * will update state */ + break; + } + + wifi_tid->bar_state = WIFI_BAR_SENT; + wifi_tid->bar_inflight = true; + send_bar = true; + break; + } + spin_unlock(&wifi_tid->bar_lock); + + if (send_bar) + wifi_tid_send_bar(wifi_tid, wifi_tid->seq_start); +} + +/* + * if BAR send request is pending, reset timer so it's sent ASAP + */ +static void wifi_tid_baw_bar_flush_any(struct wifi_tid *wifi_tid) +{ + spin_lock(&wifi_tid->bar_lock); + + switch (wifi_tid->bar_state) { + case WIFI_BAR_NONE: + case WIFI_BAR_SENT: + case WIFI_BAR_WAIT_RETRY: + break; + + case WIFI_BAR_NEEDED: + __wifi_tid_baw_bar_trigger_timer(wifi_tid); + break; + } + + spin_unlock(&wifi_tid->bar_lock); +} + +/* + * schedule a BAR for given seq_no, arm a timer to do it later + */ +static void __wifi_tid_baw_bar_schedule(struct wifi_tid *wifi_tid, + unsigned int seq_no) +{ + switch (wifi_tid->bar_state) { + case WIFI_BAR_NEEDED: + case WIFI_BAR_WAIT_RETRY: + /* BAR request already pending, update bar range */ + wifi_tid->bar_req_limit = + (seq_no + wifi_tid->remote_baw_max_size) & 0xfff; + badbg("wifi_tid_baw_bar_schedule: , new seq_no:%d " + "=> extend limit_sn: %d\n", + seq_no, + wifi_tid->bar_req_limit); + break; + + case WIFI_BAR_NONE: + case WIFI_BAR_SENT: + wifi_tid->bar_state = WIFI_BAR_NEEDED; + wifi_tid->bar_req_limit = + (seq_no + wifi_tid->remote_baw_max_size) & 0xfff; + + badbg("wifi_tid_baw_bar_schedule: , seq_no:%d " + "=> limit_sn:%d\n", + seq_no, + wifi_tid->bar_req_limit); + __wifi_tid_baw_bar_resched_timer(wifi_tid); + break; + } +} + +/* + * this is called after any MPDU on this TID is positively + * acknowledged, it will schedule BAR retransmit if BAR was pending + */ +static void wifi_tid_baw_bar_may_retry(struct wifi_tid *wifi_tid) +{ + spin_lock(&wifi_tid->bar_lock); + + switch (wifi_tid->bar_state) { + case WIFI_BAR_NONE: + case WIFI_BAR_SENT: + case WIFI_BAR_NEEDED: + break; + case WIFI_BAR_WAIT_RETRY: + if (wifi_tid->bar_retry_count >= 10) { + wifi_tid->bar_state = WIFI_BAR_NONE; + break; + } + + ++wifi_tid->bar_retry_count; + badbg("wifi_tid_baw_bar_may_retry => will retry ASAP\n"); + wifi_tid->bar_state = WIFI_BAR_NEEDED; + __wifi_tid_baw_bar_trigger_timer(wifi_tid); + break; + } + spin_unlock(&wifi_tid->bar_lock); +} + +/* + * this is called after BAR transmit completion + */ +static void wifi_tid_baw_bar_handle_txdone(struct wifi_tid *wifi_tid, + bool txok) +{ + spin_lock(&wifi_tid->bar_lock); + badbg("wifi_tid_baw_bar_handle_txdone: BAR txdone (txok:%d)\n", + txok); + + WARN_ON(!wifi_tid->bar_inflight); + wifi_tid->bar_inflight = false; + + switch (wifi_tid->bar_state) { + case WIFI_BAR_NONE: + break; + case WIFI_BAR_SENT: + if (!txok) { + /* retry previous request */ + wifi_tid->bar_state = WIFI_BAR_WAIT_RETRY; + wifi_tid->bar_retry_count = 0; + } + break; + case WIFI_BAR_NEEDED: + /* more recent BAR request present, so we don't care + * if previous BAR could be sent or not, make sure + * timer is running (in case timer has already expired) */ + __wifi_tid_baw_bar_may_trigger_timer(wifi_tid); + break; + case WIFI_BAR_WAIT_RETRY: + WARN(1, "bad BAR state"); + break; + } + + spin_unlock(&wifi_tid->bar_lock); +} + +/* + * update BAW after packet transmit success of failure, this will move + * BAW head forward when possible and update the BAR pending state + * + * return true if baw head has moved + */ +static bool +wifi_tid_baw_update(struct wifi_tid *wifi_tid, + struct wifi_tx_skb *wskb, + bool txok) +{ + unsigned int seq_scb_idx; + int bar_seqno; + + txdbg("wifi_tid_baw_update: seq_no:%u txok:%u\n", wskb->seq_no, txok); + if (WARN_ON(!wifi_tid_baw_tracks_seqno(wifi_tid, wskb->seq_no))) { + /* we are not supposed to reduce the BAW while packets + * tracked inside it are in-flight */ + printk("wifi_tid_baw_update: seq_no:%u txok:%u\n", wskb->seq_no, txok); + wifi_tid_baw_print_nodebug(wifi_tid); + return false; + } + + /* compute index in scoreboard for this seqno */ + seq_scb_idx = wifi_tid->scb_head; + seq_scb_idx += (wskb->seq_no - wifi_tid->seq_start) & 0xfff; + if (seq_scb_idx >= WIFI_SCB_MAX) + seq_scb_idx -= WIFI_SCB_MAX; + + /* additional sanity check */ + if (WARN_ON(!test_bit(seq_scb_idx, wifi_tid->scb_inflight))) + return false; + + /* record positive acknowledgement and tx failure */ + if (txok) + __set_bit(seq_scb_idx, wifi_tid->scb_acked); + + __clear_bit(seq_scb_idx, wifi_tid->scb_inflight); + wifi_tid->scb_inflight_count--; + + /* if number of packets in flight reaches 0 and the STA was + * marked as sleeping, we can tell stack that we have no more + * packets buffered for this TID */ + if (!wifi_tid->scb_inflight_count) + wifi_tid_ps_has_no_more_buffer(wifi_tid); + + /* if this packet was not at head of window, head cannot move */ + if (wskb->seq_no != wifi_tid->seq_start) { + txdbg("wifi_tid_baw_update: not head (seq_start:%d)\n", + wifi_tid->seq_start); + wifi_tid_baw_print(wifi_tid); + return false; + } + + /* + * seqno was at the head of the window, we can now move it + * forward + * + * if we find any failed frame, then a BAR will be needed + */ + bar_seqno = -1; + + spin_lock(&wifi_tid->bar_lock); + do { + if (!test_bit(wifi_tid->scb_head, wifi_tid->scb_acked)) + bar_seqno = wifi_tid->seq_start; + + /* move head */ + wifi_tid->seq_start++; + wifi_tid->seq_start &= 0xfff; + + /* we have moved head, cancel existing bar request if + * we step over its SN validity limit */ + switch (wifi_tid->bar_state) { + case WIFI_BAR_NONE: + case WIFI_BAR_SENT: + break; + case WIFI_BAR_NEEDED: + case WIFI_BAR_WAIT_RETRY: + if (wifi_tid->seq_start == wifi_tid->bar_req_limit) { + badbg("wifi_tid_baw_update " + "=> cancel bar_seqno:%d head_seq_no:%d\n", + wifi_tid->bar_req_limit, + wifi_tid->seq_start); + wifi_tid->bar_state = WIFI_BAR_NONE; + } + break; + } + + wifi_tid->scb_head++; + if (wifi_tid->scb_head >= WIFI_SCB_MAX) + wifi_tid->scb_head -= WIFI_SCB_MAX; + + badbg("wifi_tid_baw_update: moved head to seq_no %u\n", + wifi_tid->seq_start); + + /* stop when we reach an in-flight frame */ + if (test_bit(wifi_tid->scb_head, wifi_tid->scb_inflight)) + break; + + } while (wifi_tid->scb_head != wifi_tid->scb_tail); + + /* schedule or unschedule BAR */ + switch (wifi_tid->aggr_state) { + case WIFI_AGGR_STOPPED: + break; + case WIFI_AGGR_ACTIVE: + case WIFI_AGGR_STOPPING: + if (bar_seqno != -1) + __wifi_tid_baw_bar_schedule(wifi_tid, bar_seqno); + break; + } + + spin_unlock(&wifi_tid->bar_lock); + + wifi_tid_baw_print(wifi_tid); + return true; +} + +/* + * mark packet as tracked by BAW + * + * this will enforce its seq_no to be the next seqno after BAW end + */ +static void +wifi_tid_baw_addto(struct wifi_tid *wifi_tid, struct wifi_tx_skb *wskb) +{ + unsigned int seq_scb_idx; + + WARN_ON(wskb->type != WIFI_TXSKB_QOS_DATA); + if (WARN_ON(wifi_tid_baw_tracked_size(wifi_tid) >= + wifi_tid->baw_max_size)) + return; + + badbg("wifi_tid_baw_addto: seq_no:%u\n", wskb->seq_no); + + if (WARN_ON(wifi_tid_baw_next_seqno(wifi_tid) != wskb->seq_no)) { + printk("wifi_tid_baw_addto: NEXT SEQ SHOULD BE:%u, but is %u\n", + wifi_tid_baw_next_seqno(wifi_tid), + wskb->seq_no); + return; + } + + wifi_tid->scb_tail++; + if (wifi_tid->scb_tail >= WIFI_SCB_MAX) + wifi_tid->scb_tail -= WIFI_SCB_MAX; + + /* compute index in scoreboard for this seqno */ + seq_scb_idx = wifi_tid->scb_head; + seq_scb_idx += (wskb->seq_no - wifi_tid->seq_start) & 0xfff; + if (seq_scb_idx >= WIFI_SCB_MAX) + seq_scb_idx -= WIFI_SCB_MAX; + + __clear_bit(seq_scb_idx, wifi_tid->scb_acked); + __set_bit(seq_scb_idx, wifi_tid->scb_inflight); + wifi_tid->scb_inflight_count++; + + badbg("wifi_tid_baw_addto: inflight count now: %u\n", + wifi_tid->scb_inflight_count); + wifi_tid_baw_print(wifi_tid); +} + +/* + * + */ +static void wifi_tid_init(struct wifi_tid *wifi_tid, + struct wifi_txq *wifi_txq, + enum wifi_tid_type type) +{ + memset(wifi_tid, 0, sizeof (*wifi_tid)); + INIT_LIST_HEAD(&wifi_tid->retry_q); + spin_lock_init(&wifi_tid->bar_lock); + timer_setup(&wifi_tid->bar_timer, wifi_tid_baw_bar_timer, 0); + wifi_tid->txq = wifi_txq; + wifi_tid->baw_max_size = WIFI_TX_MAX_NON_AGGR; + wifi_tid->type = type; +} + +/* + * + */ +static void wifi_tid_drain(struct wifi_priv *wp, + struct wifi_tid *wifi_tid) +{ + struct wifi_tx_skb *wskb, *tmp; + + list_for_each_entry_safe(wskb, tmp, &wifi_tid->retry_q, next) + wifi_tx_skb_release_txfail(wp, wskb); + INIT_LIST_HEAD(&wifi_tid->retry_q); +} + +/* + * + */ +static void wifi_tid_release(struct wifi_priv *wp, + struct wifi_tid *wifi_tid) +{ + /* ampdu action callback should have stopped any tx ba + * session before removing STA */ + WARN_ON(wifi_tid->aggr_state != WIFI_AGGR_STOPPED); + + /* tx completion for tx filtered frame can queue frames to + * retry as long as STA struct is visible, we have to drain + * here */ + wifi_tid_drain(wp, wifi_tid); + + del_timer_sync(&wifi_tid->bar_timer); +} + +/* + * + */ +static void wifi_tid_requeue(struct wifi_tid *wifi_tid, + struct wifi_tx_skb *wskb) +{ + txdbg("wifi_tid_requeue: requeing wskb:%ps seq:%u\n", + wskb, wskb->seq_no); + list_add(&wskb->next, &wifi_tid->retry_q); +} + +/* + * + */ +static void wifi_tid_requeue_chain(struct wifi_tid *wifi_tid, + struct list_head *chain, + size_t max_count) +{ + struct wifi_tx_skb *wskb, *tmp; + + list_for_each_entry_safe_reverse(wskb, tmp, chain, next){ + if (!max_count) + break; + wifi_tid_requeue(wifi_tid, wskb); + max_count--; + } +} + +/* + * + */ +static struct wifi_tx_skb * +wifi_tid_dequeue(struct wifi_priv *wp, struct ieee80211_txq *itxq, + bool do_retry, bool do_mac80211, bool *is_retry) +{ + struct wifi_tid *wifi_tid = WIFI_TID(itxq); + struct wifi_tx_skb *wskb; + struct sk_buff *skb; + int tid; + + /* dequeue from retry queue first, it's guaranted to + * be already in BAW */ + if (do_retry && !list_empty(&wifi_tid->retry_q)) { + wskb = list_first_entry(&wifi_tid->retry_q, + struct wifi_tx_skb, next); + list_del(&wskb->next); + txdbg("wifi_tid_dequeue wskb:%ps seq:%u (from retry %u)\n", + wskb, wskb->seq_no, wskb->sw_tries_done); + if (is_retry) + *is_retry = true; + return wskb; + } + + if (!do_mac80211) + return NULL; + + skb = ieee80211_tx_dequeue(wp->hw, itxq); + if (!skb) + return NULL; + + switch (wifi_tid->type) { + case WIFI_TID_MCAST: + tid = -1; + break; + default: + tid = itxq->tid; + break; + } + + wskb = wifi_tx_skb_wrap(wp, wifi_tid->txq, skb, itxq->sta, tid); + if (!wskb) { + ieee80211_free_txskb(wp->hw, skb); + return NULL; + } + + txdbg("wifi_tid_dequeue wskb:%ps has_tid:%d tid:%d seq:%u\n", + wskb, wskb->has_tid, wskb->tid, wskb->seq_no); + if (is_retry) + *is_retry = false; + return wskb; +} + +static struct wifi_tx_skb * +wifi_tid_dequeue_any(struct wifi_priv *wp, struct ieee80211_txq *itxq, + bool *is_retry) +{ + txdbg("wifi_tid_dequeue_any\n"); + return wifi_tid_dequeue(wp, itxq, true, true, is_retry); +} + +static struct wifi_tx_skb * +wifi_tid_dequeue_only_mac80211(struct wifi_priv *wp, struct ieee80211_txq *itxq) +{ + txdbg("wifi_tid_dequeue_mac80211\n"); + return wifi_tid_dequeue(wp, itxq, false, true, NULL); +} + +static struct wifi_tx_skb * +wifi_tid_dequeue_only_retry(struct wifi_priv *wp, struct ieee80211_txq *itxq) +{ + txdbg("wifi_tid_dequeue_only_retry\n"); + return wifi_tid_dequeue(wp, itxq, true, false, NULL); +} + +/* + * dequeue from retry queue first, then mac80211 if BAW allows it, add + * frame to BAW + */ +static struct wifi_tx_skb * +wifi_tid_dequeue_within_baw_limit(struct wifi_priv *wp, + struct ieee80211_txq *itxq) +{ + struct wifi_tid *wifi_tid = WIFI_TID(itxq); + struct wifi_tx_skb *wskb; + size_t space; + + space = wifi_tid_baw_space(wifi_tid); + + txdbg("wifi_tid_dequeue_within_space: baw space:%zu\n", space); + if (space > 0) { + bool from_retry; + + wskb = wifi_tid_dequeue_any(wp, itxq, &from_retry); + if (wskb && !from_retry) + wifi_tid_baw_addto(wifi_tid, wskb); + } else + wskb = wifi_tid_dequeue_only_retry(wp, itxq); + + return wskb; +} + +/* + * + */ +static u16 compute_max_ampdu_bytes(const struct wifi_txq *wifi_txq, + const struct ieee80211_tx_rate *rates) +{ + u32 max_frmlen; + u16 aggr_limit; + bool legacy; + size_t i; + + legacy = false; + max_frmlen = 0; + + for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) { + const struct ieee80211_tx_rate *r = &rates[i]; + int short_gi, bw_40; + + if (r->idx < 0) + break; + + if (!r->count) + continue; + + if (!(r->flags & IEEE80211_TX_RC_MCS)) { + legacy = true; + break; + } + + bw_40 = !!(rates[i].flags & IEEE80211_TX_RC_40_MHZ_WIDTH); + short_gi = !!(rates[i].flags & IEEE80211_TX_RC_SHORT_GI); + max_frmlen = wifi_txq->max_aggr_framelen[bw_40][short_gi][r->idx]; + break; + } + + if (legacy) + return 0; + + aggr_limit = min(max_frmlen, (u32)(64 * 1024 - 1)); + return aggr_limit; +} + +/* + * + */ +static bool has_legacy_rate(const struct ieee80211_tx_rate *rates) +{ + bool legacy; + size_t i; + + legacy = false; + for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) { + const struct ieee80211_tx_rate *r = &rates[i]; + + if (r->idx < 0) + break; + + if (!r->count) + continue; + + if (!(r->flags & IEEE80211_TX_RC_MCS)) + return true; + } + return false; +} + +/* + * Returns the size in bytes of delimiters that need to added to meet + * the minimum required mpdudensity. + */ +static int compute_delims_size(const struct ieee80211_tx_rate *r, + u16 frmlen, u8 density_idx) +{ + unsigned int width, streams, density_us; + u32 nsymbits, nsymbols; + u16 minlen; + u8 mcs; + bool half_gi; + bool bw_40; + + switch (density_idx) { + case 0: + default: + return 0; + case 1: + case 2: + case 3: + density_us = 1; + break; + case 4: + density_us = 2; + break; + case 5: + density_us = 4; + break; + case 6: + density_us = 8; + break; + case 7: + density_us = 16; + break; + } + + mcs = r->idx; + bw_40 = !!(r->flags & IEEE80211_TX_RC_40_MHZ_WIDTH); + half_gi = !!(r->flags & IEEE80211_TX_RC_SHORT_GI); + + if (half_gi) + nsymbols = NUM_SYMBOLS_PER_USEC_HALFGI(density_us); + else + nsymbols = NUM_SYMBOLS_PER_USEC(density_us); + + if (nsymbols == 0) + nsymbols = 1; + + streams = mcs / 8 + 1; + nsymbits = bits_per_symbol[mcs % 8][width] * streams; + minlen = (nsymbols * nsymbits) / BITS_PER_BYTE; + + if (frmlen >= minlen) + return 0; + + return ALIGN(minlen - frmlen, AMPDU_DELIM_SZ); +} + +/* + * build a chain of packets to send as an aggregate, return chain size + */ +static size_t wifi_tid_build_aggr(struct wifi_priv *wp, + struct ieee80211_txq *itxq, + struct list_head *chain, + bool *aggr) +{ + struct wifi_tid *wifi_tid = WIFI_TID(itxq); + struct wifi_tx_skb *first_wskb; + struct ieee80211_tx_info *tx_info; + u16 max_aggr_bytes, mpdu_bytes, aggr_bytes; + ssize_t count; + + /* + * check how many "fresh" packets (from mac80211) we can send + * until being limited by the BAW, if BAW is full only try to + * dequeue from retry queue + */ + first_wskb = wifi_tid_dequeue_within_baw_limit(wp, itxq); + if (!first_wskb) + return 0; + + INIT_LIST_HEAD(chain); + list_add(&first_wskb->next, chain); + count = 1; + + /* fill rates for the first packet */ + tx_info = IEEE80211_SKB_CB(first_wskb->skb); + wifi_tx_skb_fill_rates(first_wskb, itxq->vif, itxq->sta); + + /* if rate is a probe rate or if packet is not supposed to be + * aggregated, stop here */ + if ((tx_info->flags & IEEE80211_TX_CTL_RATE_CTRL_PROBE) || + !(tx_info->flags & IEEE80211_TX_CTL_AMPDU)) { + txdbg("wifi_build_aggr: first has probe rate / non ampdu\n"); + /* printk("bd probe 1\n"); */ + *aggr = false; + return count; + } + + /* find out the maximum allowed aggregate len at this rate + * without going over the 4 milliseconds limit */ + max_aggr_bytes = compute_max_ampdu_bytes(wifi_tid->txq, + tx_info->control.rates); + /* cap to maximum value supported by remote STA */ + if (wifi_tid->ampdu_max_bytes) + max_aggr_bytes = min(max_aggr_bytes, + wifi_tid->ampdu_max_bytes); + + if (!max_aggr_bytes) { + /* packet has legacy rate, don't aggregate */ + *aggr = false; + /* printk("bd leg 1\n"); */ + return count; + } + + /* will build an aggregate, fill mandatory txdesc info */ + first_wskb->txdesc.ampdu_density = wifi_tid->ampdu_density; + first_wskb->txdesc.ampdu_baw_ssn = wifi_tid->seq_start; + + /* dequeue as many frames as we can */ + mpdu_bytes = first_wskb->frame_len; + mpdu_bytes += compute_delims_size(tx_info->control.rates, mpdu_bytes, + wifi_tid->ampdu_density); + mpdu_bytes += AMPDU_DELIM_SZ; + mpdu_bytes = ALIGN(mpdu_bytes, 4); + aggr_bytes = mpdu_bytes; + + while (1) { + struct wifi_tx_skb *wskb; + + /* send at most half the maximum baw size per ampdu, + * in best cast we will have two ampdu inflight with + * full window */ + if (count >= wifi_tid->baw_max_size / 2) { + txdbg("wifi_build_aggr: reached baw size\n"); + /* printk("bd baw 1\n"); */ + break; + } + + wskb = wifi_tid_dequeue_within_baw_limit(wp, itxq); + if (!wskb) { + txdbg("wifi_build_aggr: nothing more to dequeue\n"); + /* printk("bd deq spc:%u\n", */ + /* wifi_tid_baw_space(wifi_tid)); */ + break; + } + + /* stop if next skb is a probe rate, or not supposed + * to be aggregated */ + tx_info = IEEE80211_SKB_CB(wskb->skb); + if ((tx_info->flags & IEEE80211_TX_CTL_RATE_CTRL_PROBE) || + !(tx_info->flags & IEEE80211_TX_CTL_AMPDU)) { + txdbg("wifi_build_aggr: next probe or !ampdu\n"); + wifi_tid_requeue(wifi_tid, wskb); + /* printk("bd probe 2\n"); */ + break; + } + + if (has_legacy_rate(tx_info->control.rates)) { + txdbg("wifi_build_aggr: next has legacy rate\n"); + wifi_tid_requeue(wifi_tid, wskb); + /* printk("bd leg 2\n"); */ + break; + } + + /* compute aggregrated frame len of this packet, and + * check we don't go past limit */ + mpdu_bytes = wskb->frame_len; + mpdu_bytes += compute_delims_size(tx_info->control.rates, + mpdu_bytes, + wifi_tid->ampdu_density); + mpdu_bytes += AMPDU_DELIM_SZ; + mpdu_bytes = ALIGN(mpdu_bytes, 4); + + if (aggr_bytes + mpdu_bytes > max_aggr_bytes) { + txdbg("wifi_build_aggr: too many bytes add %u > %u\n", + aggr_bytes + mpdu_bytes, max_aggr_bytes); + wifi_tid_requeue(wifi_tid, wskb); + /* printk("bd maxb %u\n", max_aggr_bytes); */ + break; + } + + aggr_bytes += mpdu_bytes; + list_add_tail(&wskb->next, chain); + count++; + } + + txdbg("final aggr size is %u / %u\n", aggr_bytes, max_aggr_bytes); + *aggr = true; + return count; +} + +/* + * + */ +static void wifi_tid_schedule_aggr_active(struct ieee80211_hw *hw, + struct ieee80211_txq *itxq) +{ + struct wifi_priv *wp = hw->priv; + struct wifi_tid *wifi_tid = WIFI_TID(itxq); + struct list_head chain; + bool do_aggr; + size_t count; + + WARN_ON(wifi_tid->type != WIFI_TID_STA_QOS_DATA); + + /* + * try to build a chain of packet to aggregate, it may end up + * being a single packet that we have to send without + * aggregation + */ + count = wifi_tid_build_aggr(wp, itxq, &chain, &do_aggr); + if (count) + txdbg("wifi_tid_schedule_aggr_active: built an %saggregate of count:%zu\n", + do_aggr ? "" : "NOT ", count); + else + txdbg("wifi_tid_schedule_aggr_active: nothing to send\n"); + + if (!count) { + if (!wifi_tid_baw_has_inflight_packets(wifi_tid)) { + /* no new packet to send, nothing in flight, + * if the BAR delay timer is running, we can + * send the BAR immediately instead of + * waiting */ + wifi_tid_baw_bar_flush_any(wifi_tid); + } + return; + } + + if (count < WIFI_MIN_AGGR_COUNT) { + struct wifi_tx_skb *wskb; + + /* since hardware does not do multi rate retry on + * AMPDU, if we cannot build a large chain, better + * send them as individual packets */ + wskb = list_first_entry(&chain, struct wifi_tx_skb, next); + wifi_tid_requeue_chain(wifi_tid, &chain, count - 1); + INIT_LIST_HEAD(&chain); + list_add(&wskb->next, &chain); + count = 1; + do_aggr = false; + } + + /* if we end up finally sending it as non aggregated, clear + * the AMPDU tx info flag, otherwise rate control won't be + * updated at tx done */ + if (!do_aggr) { + struct wifi_tx_skb *wskb; + struct ieee80211_tx_info *tx_info; + wskb = list_first_entry(&chain, struct wifi_tx_skb, next); + tx_info = IEEE80211_SKB_CB(wskb->skb); + tx_info->flags &= ~IEEE80211_TX_CTL_AMPDU; + } + + /* { */ + /* struct wifi_tx_skb *wskb; */ + /* wskb = list_first_entry(&chain, struct wifi_tx_skb, next); */ + /* txdbg("send chain count:%u (BAW:%d), seq:%d\n", count, */ + /* wifi_tid_baw_tracked_size(wifi_tid), */ + /* wskb->seq_no); */ + /* } */ + + /* cannot fail since caller made sure not to push too much*/ + WARN_ON(wifi_tx_send_chain(wp, &chain, count, do_aggr, + itxq->sta, false)); +} + +/* + * + */ +static void wifi_tid_schedule_aggr_stopping(struct ieee80211_hw *hw, + struct ieee80211_txq *itxq) +{ + struct wifi_priv *wp = hw->priv; + struct ieee80211_tx_info *tx_info; + struct list_head chain; + struct wifi_tx_skb *wskb; + struct wifi_tid *wifi_tid = WIFI_TID(itxq); + + WARN_ON(wifi_tid->type != WIFI_TID_STA_QOS_DATA); + + wskb = wifi_tid_dequeue_only_retry(wp, itxq); + if (!wskb) + return; + + txdbg("wifi_tid_schedule_aggr_stopping: will *NOT* aggr starting from " + "wskb:%ps seq:%u\n", wskb, wskb->seq_no); + + wifi_tx_skb_fill_rates(wskb, itxq->vif, itxq->sta); + + /* when aggregation state is stopping, frames will still be + * marked as to be aggregated, make sure to clear this */ + tx_info = IEEE80211_SKB_CB(wskb->skb); + tx_info->flags &= ~IEEE80211_TX_CTL_AMPDU; + + INIT_LIST_HEAD(&chain); + list_add(&wskb->next, &chain); + + /* cannot fail since caller made sure not to push too much*/ + WARN_ON(wifi_tx_send_chain(wp, &chain, 1, false, itxq->sta, false)); +} + +/* + * + */ +static void wifi_tid_schedule_non_aggr(struct ieee80211_hw *hw, + struct ieee80211_txq *itxq) +{ + struct wifi_priv *wp = hw->priv; + struct ieee80211_tx_info *tx_info; + struct list_head chain; + struct wifi_tx_skb *wskb; + struct wifi_tid *wifi_tid = WIFI_TID(itxq); + + wskb = NULL; + switch (wifi_tid->type) { + case WIFI_TID_MCAST: + case WIFI_TID_STA_MMPDU: + case WIFI_TID_STA_DATA: + wskb = wifi_tid_dequeue_only_mac80211(wp, itxq); + break; + case WIFI_TID_STA_QOS_DATA: + wskb = wifi_tid_dequeue_within_baw_limit(wp, itxq); + break; + } + + if (!wskb) + return; + + txdbg("wifi_tid_schedule_non_aggr: will *NOT* aggr starting from " + "wskb:%ps seq:%u\n", wskb, wskb->seq_no); + + wifi_tx_skb_fill_rates(wskb, itxq->vif, itxq->sta); + + tx_info = IEEE80211_SKB_CB(wskb->skb); + WARN_ON(tx_info->flags & IEEE80211_TX_CTL_AMPDU); + + INIT_LIST_HEAD(&chain); + list_add(&wskb->next, &chain); + + /* cannot fail since caller made sure not to push too much*/ + WARN_ON(wifi_tx_send_chain(wp, &chain, 1, false, itxq->sta, false)); +} + +/* + * schedule some packets from this tid + * + * return false if we don't want to be rescheduled (tx completion will + * do this), otherwise we want to be called again to schedule more + * packets that we buffer internally + */ +static bool wifi_tid_schedule(struct ieee80211_hw *hw, + struct ieee80211_txq *itxq) +{ + struct wifi_tid *wifi_tid = WIFI_TID(itxq); + struct wifi_sta *wifi_sta; + bool ret; + + wifi_sta = NULL; + if (itxq->sta) { + wifi_sta = WIFI_STA(itxq->sta); + spin_lock(&wifi_sta->lock); + + if (wifi_sta->ps_state != WIFI_PS_AWAKE) { + /* + * we take care to stop scheduling a tid when STA is + * sleeping, but this can happen: + * - ieee80211_tx_stop_ba_cb_irqsafe + * - ieee80211_ba_session_work + * - ieee80211_agg_start_txq + * - wifi_tid_schedule + */ + spin_unlock(&wifi_sta->lock); + return false; + } + } + + switch (wifi_tid->aggr_state) { + case WIFI_AGGR_STOPPED: + txdbg("wifi_tid_schedule: enter aggr stopped (ac:%d/tid:%d)\n", + itxq->ac, itxq->tid); + + wifi_tid_schedule_non_aggr(hw, itxq); + break; + + case WIFI_AGGR_STOPPING: + txdbg("wifi_tid_schedule: enter aggr stopping (ac:%d/tid:%d)\n", + itxq->ac, itxq->tid); + + wifi_tid_schedule_aggr_stopping(hw, itxq); + + /* switch to stopped state when we have completed + * everything that was inflight in BAW */ + if (!wifi_tid_baw_has_inflight_packets(wifi_tid)) { + WARN_ON(!list_empty(&wifi_tid->retry_q)); + wifi_tid->aggr_state = WIFI_AGGR_STOPPED; + ieee80211_stop_tx_ba_cb_irqsafe(itxq->vif, + itxq->sta->addr, + itxq->tid); + } + break; + + case WIFI_AGGR_ACTIVE: + txdbg("wifi_tid_schedule: enter aggr active (ac:%d/tid:%d)\n", + itxq->ac, itxq->tid); + wifi_tid_schedule_aggr_active(hw, itxq); + break; + } + + /* force resched if we have more packets in the retry queue + * ready to be sent */ + if (list_empty(&wifi_tid->retry_q)) + txdbg("wifi_tid_schedule: => don't force resched\n"); + else + txdbg("wifi_tid_schedule: => force resched\n"); + + ret = list_empty(&wifi_tid->retry_q) ? false : true; + if (wifi_sta) + spin_unlock(&wifi_sta->lock); + return ret; +} + +/* + * + */ +static bool wifi_txq_has_enough_buffered_data(struct wifi_txq *wifi_txq) +{ + if (wifi_txq->count >= WIFI_TX_DESCS_WAKE) + return true; + if (wifi_txq->aggr_count >= WIFI_TX_MAX_AGGR) + return true; + if (wifi_txq->non_aggr_count >= WIFI_TX_MAX_NON_AGGR) + return true; + return false; +} + +/* + * must be called with txq lock held + */ +static void wifi_txq_schedule(struct ieee80211_hw *hw, + struct wifi_txq *wifi_txq) +{ + struct ieee80211_txq *itxq; + + WARN_ON(!in_atomic()); + txdbg("wifi_txq_schedule: txq:%ps ac:%d\n", + wifi_txq, wifi_txq->ac); + + /* don't push too much data */ + if (wifi_txq_has_enough_buffered_data(wifi_txq)) { + txdbg("wifi_txq_schedule: enough data\n"); + return; + } + + /* iterate over STA/TID to schedule */ + ieee80211_txq_schedule_start(hw, wifi_txq->ac); + + rcu_read_lock(); + while ((itxq = ieee80211_next_txq(hw, wifi_txq->ac))) { + bool force_resched = wifi_tid_schedule(hw, itxq); + ieee80211_return_txq(hw, itxq, force_resched); + + /* if txq is "full", we can stop scheduling here */ + if (wifi_txq_has_enough_buffered_data(wifi_txq)) + break; + } + rcu_read_unlock(); + ieee80211_txq_schedule_end(hw, wifi_txq->ac); + txdbg("wifi_txq_schedule: schedule end\n"); +} + +/* + * note: hardware only fills tx status for the last descriptor, which + * is the one passed + */ +static void tx_done_process_aggr_chain(struct wifi_priv *wp, + struct list_head *chain, + const struct wifi_txd *txdesc, + struct ieee80211_sta *sta, + struct wifi_tid *wifi_tid) +{ + struct list_head retry_chain, report_chain; + struct wifi_tx_skb *wskb, *wtmp, *wskb_first, *wskb_report; + struct wifi_sta *wifi_sta; + bool wskb_report_txok; + struct ieee80211_tx_info static_info; + struct ieee80211_tx_status tx_status = { 0 }; + u32 desc_status; + bool ba_received, filtered; + size_t i, count, count_bad, tries_done; + u8 bitmap[8]; + u16 ssn; + + if (sta) + wifi_sta = WIFI_STA(sta); + + if (wifi_tid) + WARN_ON(wifi_tid->type != WIFI_TID_STA_QOS_DATA); + + /* + * For aggregated frames and rate control update, reporting tx + * status to mac80211 is not done on a frame-by-frame + * basis. Instead, a single report is done with a field + * containing the total number of frames that were aggregated, + * and the total number of frames from this aggregate that + * were acknowledged. Other frames transmitted in this mpdu + * must still be reported, but without the AMPDU_STAT flags. + * + * All unacknowledged frames will be software retried (unless + * they reach a maximum retry count), we build a chain of + * those + */ + wskb_first = list_first_entry(chain, struct wifi_tx_skb, next); + txdbg("process_aggr_chain_done " + "wifi_tid:%ps wskb_first:%ps first_seq:%u\n", + wifi_tid, wskb_first, wskb_first->seq_no); + desc_status = le32_to_cpu(txdesc->status); + ba_received = !!(desc_status & TXD_F_TX_SUCCESS); + filtered = !!(desc_status & TXD_F_TX_PS_FILTERED); + + if (ba_received) { + memcpy(bitmap, txdesc->ba.bitmap, sizeof (bitmap)); + ssn = le16_to_cpu(txdesc->ba.start_seq); + } + + /* + * RANDOM DROP for testing + */ +#if RND_DROP_PPK > 0 + { + static unsigned int total = 1000 / RND_DROP_PPK; + size_t to_drop = 0, skip; + + count = 0; + list_for_each_entry(wskb, chain, next) + count++; + + if (!total--) { + total = 1000 / RND_DROP_PPK; + to_drop = count / 3; + } + + skip = 2; + list_for_each_entry(wskb, chain, next) { + if (ba_received) { + unsigned int ba_index; + ba_index = D11_BA_INDEX(ssn, wskb->seq_no); + if (ba_index < D11_BA_BMP_SIZE && + D11_BA_ISSET(bitmap, ba_index)) { + if (!to_drop) + continue; + + if (skip--) + continue; + + bitmap[ba_index / 8] &= ~(1 << (ba_index % 8)); + to_drop--; + printk("rnd drop seq:%d\n", wskb->seq_no); + skip = 2; + } + } + } + } +#endif + + INIT_LIST_HEAD(&retry_chain); + INIT_LIST_HEAD(&report_chain); + wskb_report = NULL; + count_bad = count = 0; + + list_for_each_entry_safe(wskb, wtmp, chain, next) { + struct ieee80211_tx_info *info; + unsigned int ba_index; + bool acked; + + acked = false; + if (ba_received) { + /* compute the bitmap index for this frame + * sequence number according to the sequence + * start of the bitmap */ + ba_index = D11_BA_INDEX(ssn, wskb->seq_no); + if (ba_index < D11_BA_BMP_SIZE && + D11_BA_ISSET(bitmap, ba_index)) + acked = true; + } + + if (wifi_tid && + (filtered || + (!acked && wifi_sta->ps_state != WIFI_PS_AWAKE))) { + /* filtered frames, or frame that failed while + * sta was asleep are requeued for software + * retransmit */ + wskb->sw_tries_done--; + txdbg("process_ampdu_mpdu_done: filtered, " + "will requeue\n"); + list_add_tail(&wskb->next, &retry_chain); + continue; + } + + /* actual tx was attempted for this frame */ + count++; + + if (!wifi_tid) { + /* STA went away */ + info = IEEE80211_SKB_CB(wskb->skb); + ieee80211_tx_info_clear_status(info); + list_add_tail(&wskb->next, &report_chain); + continue; + } + + txdbg("process_aggr_chain_done: " + "wskb:%ps seq:%u ba_received:%d ba_ssn:%u acked:%u\n", + wskb, wskb->seq_no, ba_received, ssn, acked); + + if (acked) { + wifi_tid_baw_update(wifi_tid, wskb, true); + + if (!wskb_report) { + /* use this skb for mac80211 report */ + wskb_report = wskb; + wskb_report_txok = true; + continue; + } + + /* we don't need this frame anymore, update tx + * info to reflect transmit success */ + info = IEEE80211_SKB_CB(wskb->skb); + ieee80211_tx_info_clear_status(info); + info->flags |= IEEE80211_TX_STAT_ACK; + list_add_tail(&wskb->next, &report_chain); + continue; + } + + /* !acked */ + count_bad++; + + /* are we going to retry this frame ? */ + if (wskb->sw_tries_done < WIFI_MAX_SW_TRIES) { + txdbg("process_aggr_chain_done: " + "will retry wskb:%ps seq:%u (try %u / %u)\n", + wskb, + wskb->seq_no, + wskb->sw_tries_done, WIFI_MAX_SW_TRIES); + list_add_tail(&wskb->next, &retry_chain); + continue; + } + + wifi_tid_baw_update(wifi_tid, wskb, false); + txdbg("process_aggr_chain_done: " + "too many retries for wskb:%ps seq:%u\n", + wskb, wskb->seq_no); + + /* we don't need this frame anymore, update tx info to + * reflect transmit failure */ + if (!wskb_report) { + /* use this skb for mac80211 report */ + wskb_report = wskb; + wskb_report_txok = false; + continue; + } + + info = IEEE80211_SKB_CB(wskb->skb); + ieee80211_tx_info_clear_status(info); + list_add_tail(&wskb->next, &report_chain); + } + + /* + * any frames to retry goes into the retry chain, if those + * frames have no associated tid (STA removed), just release + * them + */ + if (wifi_tid) { + wifi_tid_requeue_chain(wifi_tid, &retry_chain, ~0); + + /* if we got at least one positive ACK, we may retry + * to send BAR */ + if (count && count != count_bad) + wifi_tid_baw_bar_may_retry(wifi_tid); + + /* + * since we are may be pushing back frames in retry + * queue, make sure itxq is scheduled + * + * also, some aggr state management and BAR flush + * decision is done as schedule time, so we always + * reschedule tid + */ + if (wifi_sta->ps_state == WIFI_PS_AWAKE) + ieee80211_schedule_txq(wp->hw, TID2ITXQ(wifi_tid)); + } else + list_splice_tail(&retry_chain, &report_chain); + + /* + * if no transmit was even attempted (everything filtered), + * stop here + */ + if (!count) + return; + + /* + * report status to mac80211 of the AMPDU, either with or + * without an associated skb so that rate table is always + * updated + */ + tx_status.sta = sta; + + txdbg("process_aggr_chain_done: wskb_report:%ps\n", + wskb_report); + if (wskb_report) { + struct ieee80211_tx_info *info_report; + + info_report = IEEE80211_SKB_CB(wskb_report->skb); + + /* whatever AMPDU we choose to report was transmitted + * using rate from the *first* MPDU of the chain, make + * sure to report the correct one */ + if (wskb_report != wskb_first) { + struct ieee80211_tx_info *info_first; + + info_first = IEEE80211_SKB_CB(wskb_report->skb); + memcpy(info_report->status.rates, + info_first->status.rates, + sizeof (info_report->status.rates)); + } + + tx_status.info = info_report; + tx_status.skb = wskb_report->skb; + } else { + tx_status.info = &static_info; + memcpy(&static_info, + IEEE80211_SKB_CB(wskb_first->skb), + sizeof (static_info)); + } + + /* update rate table, hardware only did 1 try, update rate + * table to reflect this */ + ieee80211_tx_info_clear_status(tx_status.info); + tries_done = 1; + + for (i = 0; i < WIFI_TXD_MAX_RATES; i++) { + struct ieee80211_tx_rate *r = &tx_status.info->status.rates[i]; + + if (r->idx == -1) + break; + + if (tries_done) { + r->count = tries_done; + tries_done = 0; + } else + r->idx = -1; + } + + txdbg("process_aggr_chain_done: will report rate:%u count:%zu ack_len:%zu\n", + tx_status.info->status.rates[0].idx, + count, count - count_bad); + + tx_status.info->flags = IEEE80211_TX_STAT_AMPDU; + if (wskb_report_txok) + tx_status.info->flags |= IEEE80211_TX_STAT_ACK; + tx_status.info->status.ampdu_len = count; + tx_status.info->status.ampdu_ack_len = count - count_bad; + + if (wskb_report) { + /* note: this consumes the skb if any */ + ieee80211_tx_status_ext(wp->hw, &tx_status); + wifi_tx_skb_release_keep_skb(wp, wskb_report); + } else if (sta) { + /* we only want to update rate control here with the + * failed try, don't use ieee80211_tx_status_ext() + * otherwise it will consider it a failed frame */ + ieee80211_tx_rate_update(wp->hw, sta, tx_status.info); + } + + /* now report all other frames to mac80211 as usual, rate + * control will ignore them since they don't have the + * TX_STAT_AMPDU flag */ + list_for_each_entry_safe(wskb, wtmp, &report_chain, next) { + struct ieee80211_tx_status tx_status = { 0 }; + + tx_status.sta = sta; + tx_status.info = IEEE80211_SKB_CB(wskb->skb); + tx_status.skb = wskb->skb; + + txdbg("process_aggr_chain_done: tx complete rem wskb:%p\n", + wskb); + + ieee80211_tx_status_ext(wp->hw, &tx_status); + wifi_tx_skb_release_keep_skb(wp, wskb); + } + + txdbg("process_aggr_chain_done out\n"); +} + +/* + * + */ +static void tx_done_process_single_mpdu(struct wifi_priv *wp, + struct wifi_tx_skb *wskb, + const struct wifi_txd *txdesc, + struct ieee80211_sta *sta, + struct wifi_tid *wifi_tid) +{ + struct ieee80211_tx_info *info; + struct ieee80211_tx_status tx_status = { 0 }; + u8 rcounts[IEEE80211_TX_MAX_RATES], tries_done; + u32 desc_status; + bool txok, filtered, ps_resp; + size_t i; + + txdbg("process_single_mpdu_done: wskb:%pS has_tid:%d tid:%d type:%d seqno:%u\n", + wskb, wskb->has_tid, wskb->tid, wskb->type, wskb->seq_no); + + desc_status = le32_to_cpu(txdesc->status); + info = IEEE80211_SKB_CB(wskb->skb); + + /* prepare tx status reporting */ + tx_status.skb = wskb->skb; + tx_status.info = info; + tx_status.sta = sta; + + txok = !!(desc_status & TXD_F_TX_SUCCESS); + filtered = !!(desc_status & TXD_F_TX_PS_FILTERED); + ps_resp = (info->flags & IEEE80211_TX_CTL_NO_PS_BUFFER); + + if (!sta || !wifi_tid) { + txdbg("process_single_mpdu_done: no STA/TID found\n"); + goto report; + } + + txdbg("process_single_mpdu_done: STA found %pM, tid:%d\n", + sta->addr, wskb->tid); + + if (wskb->type == WIFI_TXSKB_QOS_DATA) { + struct wifi_sta *wifi_sta = WIFI_STA(sta); + + WARN_ON(wifi_tid->type != WIFI_TID_STA_QOS_DATA); + + /* filtered data frames and failed frames while STA is + * in PS mode are requeued for software retransmit */ + if (filtered || + (!txok && !ps_resp && + wifi_sta->ps_state != WIFI_PS_AWAKE)) { + wskb->sw_tries_done--; + txdbg("process_single_mpdu_done: filtered, " + "will requeue\n"); + wifi_tid_requeue(wifi_tid, wskb); + return; + } + + wifi_tid_baw_update(wifi_tid, wskb, txok); + + /* if we got at least one positive ACK, we may retry + * to send BAR */ + if (txok) + wifi_tid_baw_bar_may_retry(wifi_tid); + + /* + * since we are may be pushing back frames in retry + * queue, make sure itxq is scheduled + * + * also, some aggr state management and BAR flush + * decision is done as schedule time, so we always + * reschedule tid + */ + if (wifi_sta->ps_state == WIFI_PS_AWAKE) + ieee80211_schedule_txq(wp->hw, TID2ITXQ(wifi_tid)); + } + + /* continue trying to retransmit any pending BAR whatever aggr + * state is */ + if (wskb->type == WIFI_TXSKB_BAR) { + struct wifi_tid *bar_tid; + + /* lookup bar tid, STA is the same, but tid is not */ + bar_tid = WIFI_TID(sta->txq[wskb->bar_tid]); + WARN_ON(bar_tid->type != WIFI_TID_STA_QOS_DATA); + + wifi_tid_baw_bar_handle_txdone(bar_tid, txok); + + if (!txok) { + /* XXX: a bit of a kludge, don't report BAR tx + * failure to mac80211 to avoid any BAR + * retransmit coming from the stack */ + wifi_tx_skb_release_txfail(wp, wskb); + return; + } + } + +report: + /* keep a copy of rate counts before calling clear_status(), + * the hardware reports a total number of tries, so we need to + * know the original try count per rate */ + for (i = 0; i < ARRAY_SIZE(info->control.rates); i++) { + const struct ieee80211_tx_rate *r = &info->control.rates[i]; + rcounts[i] = r->count; + } + + ieee80211_tx_info_clear_status(info); + + if (txok) { + if (info->flags & IEEE80211_TX_CTL_NO_ACK) + info->flags |= IEEE80211_TX_STAT_NOACK_TRANSMITTED; + else + info->flags |= IEEE80211_TX_STAT_ACK; + } + + if (filtered) + info->flags |= IEEE80211_TX_STAT_TX_FILTERED; + + tries_done = txdesc->tries_done; + for (i = 0; i < WIFI_TXD_MAX_RATES; i++) { + struct ieee80211_tx_rate *r; + unsigned int todo; + + r = &info->control.rates[i]; + if (r->idx == -1) + break; + + todo = rcounts[i]; + if (!tries_done) { + r->idx = -1; + + } else if (tries_done > todo) { + tries_done -= todo; + r->count = todo; + } else { + r->count = tries_done; + tries_done = 0; + } + } + +#ifdef TX_DBG_PRINT + for (i = 0; i < 4; i++) { + struct ieee80211_tx_rate *r = &info->status.rates[i]; + txdbg("process_single_mpdu_done: rate:%u tried %u times\n", + r->idx, r->count); + } +#endif + + /* NOTE: this will consumes skb */ + ieee80211_tx_status_ext(wp->hw, &tx_status); + wifi_tx_skb_release_keep_skb(wp, wskb); +} + +/* + * + */ +static int wifi_process_tx_done(struct wifi_priv *wp, unsigned int qid) +{ + struct wifi_txq *txq; + u32 reclaim_off; + bool need_wake; + struct ieee80211_sta *sta; + + txdbg("===== wifi_process_tx_done\n"); + + txq = &wp->txqs[qid]; + spin_lock(&txq->lock); + + need_wake = false; + + reclaim_off = txq->reclaim_off; + if (txq->count == WIFI_TX_DESCS) { + need_wake = true; + /* WARN_ON(!ieee80211_queue_stopped(wp->hw, txq->idx)); */ + } + + sta = NULL; + while (txq->count) { + struct wifi_tx_skb *wskb; + struct wifi_txd *txdesc; + struct wifi_tid *wifi_tid; + struct wifi_sta *wifi_sta; + const struct ieee80211_hdr *d11; + bool report; + + rmb(); + + txdesc = &txq->descs[reclaim_off]; + if (le32_to_cpu(txdesc->status) & TXD_F_FW_OWNED) + break; + + /* printk("tx done: desc:%p status:%08x buf:%08x\n", */ + /* txdesc, txdesc->status, txdesc->buf_addr); */ + wskb = txq->pending_wskb[reclaim_off]; + txq->pending_wskb[reclaim_off] = NULL; + txdbg("wifi_process_tx_done: tx done on " + "wskb:%ps has_tid:%d tid:%d type:%d seq:%u\n", + wskb, wskb->has_tid, wskb->tid, wskb->type, wskb->seq_no); + + reclaim_off++; + if (reclaim_off >= WIFI_TX_DESCS) + reclaim_off = 0; + + txq->reclaim_off = reclaim_off; + txq->count--; + + /* + * lookup STA & TID, rcu lock is held by caller, since + * all AMPDU members have the same STA, optimize to do + * a single lookup + */ + if (!wskb->has_tid) { + sta = NULL; + } else if (!sta) { + d11 = (const struct ieee80211_hdr *)wskb->skb->data; + sta = ieee80211_find_sta_by_ifaddr(wp->hw, + d11->addr1, + d11->addr2); + } + + wifi_tid = NULL; + wifi_sta = NULL; + if (sta && wskb->has_tid) { + wifi_sta = WIFI_STA(sta); + if (wifi_sta->magic != WIFI_STA_MAGIC || + wifi_sta->version != wskb->sta_version) + wifi_sta = NULL; + else { + spin_lock(&wifi_sta->lock); + if (wifi_sta->dead) { + spin_unlock(&wifi_sta->lock); + wifi_sta = NULL; + } else + wifi_tid = WIFI_TID(sta->txq[wskb->tid]); + } + } + + txdbg("wifi_process_tx_done: sta:%pM tid:%pS\n", + sta ? sta->addr : NULL, wifi_tid); + + /* + * we will only report single mpdu or last mpdu of + * aggreagate + */ + report = !wskb->aggr_member || !list_empty(&wskb->aggr_list); + + if (report) { + if (!wskb->aggr_member) { + tx_done_process_single_mpdu(wp, wskb, txdesc, + sta, wifi_tid); + txq->non_aggr_count--; + } else { + tx_done_process_aggr_chain(wp, + &wskb->aggr_list, + txdesc, + sta, wifi_tid); + txq->aggr_count--; + } + } + + /* + * tx pending accounting for this tid + */ + if (wifi_sta) { + wifi_sta->tx_pending--; + + /* printk("tx pending minus alt now %d\n", */ + /* wifi_sta->tx_pending); */ + if (!wifi_sta->tx_pending && + wifi_sta->ps_state == WIFI_PS_ENTER_SLEEP) { + txdbg("tx pending alt %d reached 0\n", + wifi_sta->tx_pending); + wifi_sta_ps_transition(wp->hw, sta, + WIFI_PS_ACTION_TXDONE); + } + + txdbg("wifi_process_tx_done: sta %pM " + "tx pending now %d\n", + sta->addr, + wifi_sta->tx_pending); + + spin_unlock(&wifi_sta->lock); + } + + /* lookup STA again next loop if frame was single mpdu + * or last ampdu member */ + if (report) + sta = NULL; + } + + if (txq->count != WIFI_TX_DESCS && need_wake) { + /* printk("tx_status: ieee80211_awake %d\n", txq->idx); */ + ieee80211_wake_queue(wp->hw, txq->idx); + } + + if (txq->count < WIFI_TX_DESCS_WAKE) + wifi_txq_schedule(wp->hw, txq); + + spin_unlock(&txq->lock); + return 0; +} + +/* + * @tx: Handler that 802.11 module calls for each transmitted frame. + * skb contains the buffer starting from the IEEE 802.11 header. + * The low-level driver should send the frame out based on + * configuration in the TX control data. This handler should, + * preferably, never fail and stop queues appropriately. + * Must be atomic. + * + */ +static void wifi_ops_tx(struct ieee80211_hw *hw, + struct ieee80211_tx_control *control, + struct sk_buff *skb) +{ + struct wifi_priv *wp = hw->priv; + struct wifi_txq *wifi_txq; + const struct ieee80211_hdr *hdr; + struct ieee80211_tx_info *tx_info; + struct ieee80211_vif *vif; + struct wifi_tx_skb *wskb; + struct wifi_sta *wifi_sta; + struct list_head chain; + bool bypass_ps; + int tid; + + WARN_ON(!in_atomic()); + + tx_info = IEEE80211_SKB_CB(skb); + /* keep VIF before we overwrite it */ + vif = tx_info->control.vif; + + if (WARN_ON(tx_info->hw_queue >= wp->txq_count)) + return; + + /* sanity check on space, should not happen since we stop que + * queue when it becomes full */ + wifi_txq = &wp->txqs[tx_info->hw_queue]; + spin_lock(&wifi_txq->lock); + + txdbg("===== wifi_ops_tx, queue:%d txq:%ps\n", + tx_info->hw_queue, wifi_txq); + + if (WARN_ON(wifi_txq->count == WIFI_TX_DESCS)) { + ieee80211_free_txskb(hw, skb); + spin_unlock(&wifi_txq->lock); + return; + } + + /* + * this is part is a bit kludgy, during powersave service + * period (pspoll), mac80211 will send frames that it would + * normally send through itxq via drv_tx(), thus we lose the + * tid information. + * + * it's important to find back the correct tid to maintain the + * proper tx_pending counter + * + * so we apply the same logic as ieee80211_get_txq() to find + * which tid the frame would have been assigned + */ + tid = -1; + hdr = (const struct ieee80211_hdr *)skb->data; + if (ieee80211_is_ctl(hdr->frame_control)) { + WARN_ON(!ieee80211_is_back_req(hdr->frame_control)); + tid = IEEE80211_NUM_TIDS; + } else if (!ieee80211_is_data_present(hdr->frame_control)) { + if ((!ieee80211_is_mgmt(hdr->frame_control) || + ieee80211_is_bufferable_mmpdu(hdr->frame_control) || + vif->type == NL80211_IFTYPE_STATION) && + control->sta) { + tid = IEEE80211_NUM_TIDS; + } + } else if (control->sta) + tid = skb->priority & IEEE80211_QOS_CTL_TID_MASK; + + wskb = wifi_tx_skb_wrap(wp, wifi_txq, skb, control->sta, tid); + if (!wskb) { + ieee80211_free_txskb(hw, skb); + spin_unlock(&wifi_txq->lock); + return; + } + + bypass_ps = (tx_info->flags & IEEE80211_TX_CTL_NO_PS_BUFFER); + + /* data packet for an existing TID should be only sent from + * drv_tx() during PS-poll, so retryq should be empty */ + wifi_sta = NULL; + if (wskb->has_tid) { + txdbg("wifi_ops_tx is for existing TID %d (seq:%u)\n", + wskb->tid, wskb->seq_no); + + wifi_sta = WIFI_STA(control->sta); + spin_lock(&wifi_sta->lock); + + if (!ieee80211_is_back_req(hdr->frame_control)) { + WARN_ON(!bypass_ps); + WARN_ON(wifi_sta->ps_state != WIFI_PS_SLEEP); + } + + if (wskb->type == WIFI_TXSKB_QOS_DATA) { + struct wifi_tid *wifi_tid; + + /* hopefully mac80211 won't bust the BAW + * window, we are not announcing UAPSD + * support, so it's only frame by frame with + * PS-POLL */ + wifi_tid = WIFI_TID(control->sta->txq[wskb->tid]); + WARN_ON(wifi_tid->ps_sleep_has_buf); + wifi_tid_baw_addto(wifi_tid, wskb); + } + } + + wifi_tx_skb_fill_rates(wskb, vif, control->sta); + INIT_LIST_HEAD(&chain); + list_add(&wskb->next, &chain); + + /* cannot fail since we checked for available size before */ + WARN_ON(wifi_tx_send_chain(wp, &chain, 1, false, + control->sta, bypass_ps)); + + if (wifi_txq->count == WIFI_TX_DESCS) { + /* printk("ops_tx: stop queu %d\n", wifi_txq->idx); */ + ieee80211_stop_queue(hw, wifi_txq->idx); + } + + if (wifi_sta) + spin_unlock(&wifi_sta->lock); + + spin_unlock(&wifi_txq->lock); +} + +/* + * @wake_tx_queue: Called when new packets have been added to the queue. + */ +static void wifi_ops_wake_tx_queue(struct ieee80211_hw *hw, + struct ieee80211_txq *itxq) +{ + struct wifi_tid *wifi_tid = WIFI_TID(itxq); + struct wifi_txq *wifi_txq = wifi_tid->txq; + + txdbg("===== wifi_ops_wake_tx_queue: vif:%pS sta:%pS\n", + itxq->vif, itxq->sta); + WARN_ON(!in_atomic()); + + spin_lock(&wifi_txq->lock); + wifi_txq_schedule(hw, wifi_txq); + spin_unlock(&wifi_txq->lock); +} + +/* + * @release_buffered_frames: Release buffered frames according to the given + * parameters. In the case where the driver buffers some frames for + * sleeping stations mac80211 will use this callback to tell the driver + * to release some frames, either for PS-poll or uAPSD. + * Note that if the @more_data parameter is %false the driver must check + * if there are more frames on the given TIDs, and if there are more than + * the frames being released then it must still set the more-data bit in + * the frame. If the @more_data parameter is %true, then of course the + * more-data bit must always be set. + * The @tids parameter tells the driver which TIDs to release frames + * from, for PS-poll it will always have only a single bit set. + * In the case this is used for a PS-poll initiated release, the + * @num_frames parameter will always be 1 so code can be shared. In + * this case the driver must also set %IEEE80211_TX_STATUS_EOSP flag + * on the TX status (and must report TX status) so that the PS-poll + * period is properly ended. This is used to avoid sending multiple + * responses for a retried PS-poll frame. + * In the case this is used for uAPSD, the @num_frames parameter may be + * bigger than one, but the driver may send fewer frames (it must send + * at least one, however). In this case it is also responsible for + * setting the EOSP flag in the QoS header of the frames. Also, when the + * service period ends, the driver must set %IEEE80211_TX_STATUS_EOSP + * on the last frame in the SP. Alternatively, it may call the function + * ieee80211_sta_eosp() to inform mac80211 of the end of the SP. + * This callback must be atomic. + */ +static void +wifi_ops_release_buffered_frames(struct ieee80211_hw *hw, + struct ieee80211_sta *sta, + u16 tids, int num_frames, + enum ieee80211_frame_release_type reason, + bool more_data) +{ + struct wifi_priv *wp = hw->priv; + struct wifi_sta *wifi_sta = WIFI_STA(sta); + + WARN_ON(!in_atomic()); + psdbg("wifi_ops_release_buffered_frames, sta:%pM tids:%x num_frame:%d\n", + sta->addr, tids, num_frames); + + /* we don't claim support for UAPSD so we will only get one + * frame at a time */ + WARN_ON(num_frames > 1 || + reason != IEEE80211_FRAME_RELEASE_PSPOLL); + + while (tids && num_frames) { + struct wifi_tid *wifi_tid; + struct ieee80211_txq *itxq; + u16 tidno = ffs(tids) - 1; + + tids &= ~(1 << tidno); + wifi_tid = WIFI_TID(sta->txq[tidno]); + itxq = TID2ITXQ(wifi_tid); + + spin_lock(&wifi_tid->txq->lock); + spin_lock(&wifi_sta->lock); + WARN_ON(wifi_sta->ps_state != WIFI_PS_SLEEP); + + while (num_frames) { + struct wifi_tx_skb *wskb; + struct list_head chain; + struct ieee80211_tx_info *info; + + switch (wifi_tid->type) { + case WIFI_TID_MCAST: + case WIFI_TID_STA_MMPDU: + case WIFI_TID_STA_DATA: + wskb = wifi_tid_dequeue_only_mac80211(wp, + itxq); + break; + case WIFI_TID_STA_QOS_DATA: + wskb = wifi_tid_dequeue_within_baw_limit(wp, + itxq); + break; + } + + if (!wskb) { + /* we would not be called if there was + * no frame to dequeue, but with codel + * on txqueue it's actually possible + * that packets sit in itxq for too + * long and are dropped at dequeue + * time, so we get called for + * nothing + * + * this should be fixed to return an + * error to the caller which could + * then send a NULL frame + */ + break; + } + + if (!more_data) { + /* this seems wrong because we don't + * know if itxq became empty */ + more_data = !list_empty(&wifi_tid->retry_q); + } + + wifi_tx_skb_set_more_data(wp, wskb, more_data); + + psdbg("wifi_ops_release_buffered_frames: " + "wskb:%pS more_data:%d\n", + wskb, more_data); + + INIT_LIST_HEAD(&chain); + list_add(&wskb->next, &chain); + + /* mark it so that tx complete path won't + * retry it */ + info = IEEE80211_SKB_CB(wskb->skb); + info->flags |= IEEE80211_TX_CTL_NO_PS_BUFFER; + num_frames--; + + /* mark it so that tx complete path will + * report EOSP to mac80211 */ + if (!num_frames) + info->flags |= IEEE80211_TX_STATUS_EOSP | + IEEE80211_TX_CTL_REQ_TX_STATUS; + + WARN_ON(wifi_tx_send_chain(wp, &chain, 1, false, + sta, true)); + } + + spin_unlock(&wifi_sta->lock); + spin_unlock(&wifi_tid->txq->lock); + } +} + +/* + * @sta_notify: Notifies low level driver about power state transition of an + * associated station, AP, IBSS/WDS/mesh peer etc. For a VIF operating + * in AP mode, this callback will not be called when the flag + * %IEEE80211_HW_AP_LINK_PS is set. Must be atomic. + */ +static void wifi_ops_sta_notify(struct ieee80211_hw *hw, + struct ieee80211_vif *vif, + enum sta_notify_cmd cmd, + struct ieee80211_sta *sta) +{ + struct wifi_priv *wp = hw->priv; + struct wifi_sta *wifi_sta = WIFI_STA(sta); + size_t tidno; + + WARN_ON(!in_atomic()); + + if (wifi_sta->magic != WIFI_STA_MAGIC) + return; + + psdbg("wifi_ops_sta_notify: sta->addr:%pM sleeping:%d\n", + sta->addr, (cmd == STA_NOTIFY_SLEEP)); + + spin_lock(&wifi_sta->lock); + wifi_sta_ps_transition(hw, sta, + (cmd == STA_NOTIFY_SLEEP) ? + WIFI_PS_ACTION_SLEEP : + WIFI_PS_ACTION_WAKEUP); + spin_unlock(&wifi_sta->lock); + + /* when waking up, reschedule all txq used by this STA */ + if (cmd == STA_NOTIFY_AWAKE) { + size_t qid, to_sched; + + to_sched = 0; + for (tidno = 0; tidno < IEEE80211_NUM_TIDS + 1; tidno++) { + struct wifi_tid *wifi_tid = WIFI_TID(sta->txq[tidno]); + to_sched |= (1 << wifi_tid->txq->idx); + } + + while (to_sched) { + struct wifi_txq *wifi_txq; + + qid = ffs(to_sched) - 1; + to_sched &= ~(1 << qid); + wifi_txq = &wp->txqs[qid]; + + spin_lock(&wifi_txq->lock); + wifi_txq_schedule(wp->hw, wifi_txq); + spin_unlock(&wifi_txq->lock); + } + } +} + + +/* + * + */ +static void wifi_vif_update_beacon(struct ieee80211_hw *hw, + struct ieee80211_vif *vif) +{ + struct wifi_priv *wp = hw->priv; + struct wifi_vif *wifi_vif = WIFI_VIF(vif); + dma_addr_t dma; + struct sk_buff *skb; + + skb = ieee80211_beacon_get(hw, vif); + if (!skb) { + wiphy_err(hw->wiphy, "failed to get beacon skb\n"); + return; + } + + dma = pci_map_single(wp->pdev, skb->data, skb->len, + PCI_DMA_TODEVICE); + if (pci_dma_mapping_error(wp->pdev, dma)) { + wiphy_err(hw->wiphy, + "failed to dma map beacon\n"); + dev_kfree_skb(skb); + return; + } + + cmd_vif_update_beacon_atomic(wp, wifi_vif->hw_id, dma, skb->len); + pci_unmap_single(wp->pdev, dma, skb->len, PCI_DMA_TODEVICE); + dev_kfree_skb(skb); +} + +/* +² * + */ +static void wifi_handle_tbtt(struct wifi_priv *wp, u32 tbtt_idx) +{ + struct ieee80211_vif *vif; + unsigned int dtim_count; + struct wifi_txq *cab_txq; + struct wifi_vif *wifi_vif; + + if (WARN_ON(tbtt_idx >= ARRAY_SIZE(wp->vifs_by_tbtt_idx))) + return; + + spin_lock(&wp->vifs_by_tbtt_lock); + vif = wp->vifs_by_tbtt_idx[tbtt_idx]; + if (!vif) { + spin_unlock(&wp->vifs_by_tbtt_lock); + if (net_ratelimit()) + dev_err(wp->dev, "tbtt interrupt on unknown vif %u", + tbtt_idx); + return; + } + + /* get current DTIM count */ + wifi_vif = WIFI_VIF(vif); + if (cmd_vif_get_dtim_count_atomic(wp, wifi_vif->hw_id, &dtim_count)) { + spin_unlock(&wp->vifs_by_tbtt_lock); + return; + } + + /* resync with hardware, we get this interrupt early before + * next TBTT, dtim count we read here will change at next TBTT + * interrupt */ + ieee80211_force_dtim(vif, dtim_count); + + /* this will call get_beacon, which will decrement dtim + * count */ + wifi_vif_update_beacon(wp->hw, vif); + + cab_txq = &wp->txqs[vif->cab_queue]; + spin_lock(&cab_txq->lock); + + /* FIXME: limit number of packet we push here */ + while (cab_txq->count < WIFI_TX_DESCS) { + struct sk_buff *skb; + struct wifi_tx_skb *wskb; + struct list_head chain; + + skb = ieee80211_get_buffered_bc(wp->hw, vif); + if (!skb) + break; + + wskb = wifi_tx_skb_wrap(wp, cab_txq, skb, NULL, -1); + if (!wskb) + dev_kfree_skb(skb); + + wifi_tx_skb_fill_rates(wskb, vif, NULL); + INIT_LIST_HEAD(&chain); + list_add(&wskb->next, &chain); + + if (wifi_tx_send_chain(wp, &chain, 1, false, NULL, false)) + wifi_tx_skb_release_txfail(wp, wskb); + } + spin_unlock(&cab_txq->lock); + spin_unlock(&wp->vifs_by_tbtt_lock); +} + +/* + * + */ +static u32 wifi_process(void *data, u32 irq_status) +{ + struct wifi_priv *wp = (struct wifi_priv *)data; + u32 remain = 0; + + /* check for async command completion */ + if (irq_status & wp->cmd_chans[WIFI_CMD_CHAN_ASYNC].f2h_irq_mask) + cmd_chan_async_handle_irq(wp); + + /* check for TBTT */ + if (irq_status & wp->tbtt_f2h_irq_mask) { + u32 tbtt_mask; + + tbtt_mask = (irq_status & wp->tbtt_f2h_irq_mask) >> + wp->tbtt_f2h_irq_shift; + while (tbtt_mask) { + u32 tbtt_idx = ffs(tbtt_mask) - 1; + wifi_handle_tbtt(wp, tbtt_idx); + tbtt_mask &= ~(1 << tbtt_idx); + } + } + + /* check for rx */ + if (irq_status & wp->rx_f2h_irq_mask) { + int done; + + done = wifi_process_rx(wp, 128); + wifi_rxq_refill(wp, 128); + if (done >= 128) + remain |= wp->rx_f2h_irq_mask; + } + + /* check for tx done */ + if (irq_status & wp->tx_f2h_irq_mask) { + u32 queue_mask; + + queue_mask = (irq_status & wp->tx_f2h_irq_mask) >> + wp->tx_f2h_irq_shift; + + /* tx completion will usually lookup STA which needs + * to be done under RCU lock */ + rcu_read_lock(); + while (queue_mask) { + u32 qid = ffs(queue_mask) - 1; + wifi_process_tx_done(wp, qid); + queue_mask &= ~(1 << qid); + } + rcu_read_unlock(); + } + + return remain; +} + +/** + * @get_stats: Return low-level statistics. + * Returns zero if statistics are available. + * The callback can sleep. + */ +static int wifi_ops_get_stats(struct ieee80211_hw *hw, + struct ieee80211_low_level_stats *stats) +{ + printk("ops get stats\n"); + + /* struct wifi_priv *wp = hw->priv; */ + /* struct wifi_txq *wifi_txq; */ + /* wifi_txq = &wp->txqs[0]; */ + + return 0; +} + +/** + * @ampdu_action: + * Perform a certain A-MPDU action. + * The RA/TID combination determines the destination and TID we want + * the ampdu action to be performed for. The action is defined through + * ieee80211_ampdu_mlme_action. + * When the action is set to %IEEE80211_AMPDU_TX_OPERATIONAL the driver + * may neither send aggregates containing more subframes than @buf_size + * nor send aggregates in a way that lost frames would exceed the + * buffer size. If just limiting the aggregate size, this would be + * possible with a buf_size of 8: + * + * - ``TX: 1.....7`` + * - ``RX: 2....7`` (lost frame #1) + * - ``TX: 8..1...`` + * + * which is invalid since #1 was now re-transmitted well past the + * buffer size of 8. Correct ways to retransmit #1 would be: + * + * - ``TX: 1 or`` + * - ``TX: 18 or`` + * - ``TX: 81`` + * + * Even ``189`` would be wrong since 1 could be lost again. + * + * Returns a negative error code on failure. + * The callback can sleep. + */ +static int +wifi_ops_ampdu_action(struct ieee80211_hw *hw, struct ieee80211_vif *vif, + struct ieee80211_ampdu_params *params) +{ + struct wifi_priv *wp = hw->priv; + struct ieee80211_sta *sta = params->sta; + struct wifi_sta *wifi_sta = WIFI_STA(sta); + int ret; + + spin_lock_bh(&wifi_sta->lock); + + switch (params->action) { + case IEEE80211_AMPDU_RX_START: + aggdbg("%pM ampdu action rx start called\n", sta->addr); + ret = 0; + break; + + case IEEE80211_AMPDU_RX_STOP: + aggdbg("%pM ampdu action rx stop called\n", sta->addr); + ret = 0; + break; + + case IEEE80211_AMPDU_TX_START: + { + struct wifi_tid *wifi_tid = WIFI_TID(sta->txq[params->tid]); + + WARN_ON(wifi_tid->aggr_state != WIFI_AGGR_STOPPED); + wifi_tid->ampdu_max_bytes = + (1 << (IEEE80211_HT_MAX_AMPDU_FACTOR + + sta->ht_cap.ampdu_factor)) - 1; + wifi_tid->ampdu_density = sta->ht_cap.ampdu_density; + wifi_tid->aggr_state = WIFI_AGGR_ACTIVE; + /* start with minimal BAW size, until it's updated + * when going into operational */ + wifi_tid->baw_max_size = 1; + wifi_tid->remote_baw_max_size = 1; + /* update BA SSN with current BAW sequence start */ + params->ssn = wifi_tid->seq_start; + aggdbg("%pM ampdu action tx start called, " + "tid:%u ssn:%u max:%u dens:%u\n", + sta->addr, + params->tid, + params->ssn, + wifi_tid->ampdu_max_bytes, + wifi_tid->ampdu_density); + ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, params->tid); + break; + } + + case IEEE80211_AMPDU_TX_OPERATIONAL: + { + struct wifi_tid *wifi_tid = WIFI_TID(sta->txq[params->tid]); + + /* don't go larger than what both our hardware and + * remote can support */ + WARN_ON(params->buf_size < 1); + wifi_tid->remote_baw_max_size = params->buf_size; + wifi_tid->baw_max_size = min(wp->hw_max_ampdu_chain, + (int)wifi_tid->remote_baw_max_size); + + aggdbg("%pM ampdu action tx operational called, " + "tid:%u baw_max_size:%u\n", + sta->addr, + params->tid, + wifi_tid->baw_max_size); + break; + } + + case IEEE80211_AMPDU_TX_STOP_CONT: + { + struct wifi_tid *wifi_tid = WIFI_TID(sta->txq[params->tid]); + + aggdbg("%pM ampdu action tx stop called\n", + sta->addr); + + /* + * note: we could stop aggregation from here instead + * of letting it drain while + */ + if (!wifi_tid_baw_has_inflight_packets(wifi_tid)) { + wifi_tid->aggr_state = WIFI_AGGR_STOPPED; + ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, + params->tid); + aggdbg("%pM stopped aggr!\n", sta->addr); + } else { + wifi_tid->aggr_state = WIFI_AGGR_STOPPING; + aggdbg("%pM mark aggr as stopping...\n", + sta->addr); + } + break; + } + + case IEEE80211_AMPDU_TX_STOP_FLUSH: + case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT: + { + struct wifi_tid *wifi_tid = WIFI_TID(sta->txq[params->tid]); + + aggdbg("%pM ampdu action tx stop FLUSH called\n", + sta->addr); + + /* this is called before STA removal, but the STA/TID + * is still be visible to tx done handler, which can + * requeue packets to retry_q and reschedule the + * TID, this flag prevents this */ + wifi_sta->dead = true; + wifi_tid_drain(wp, wifi_tid); + wifi_tid->aggr_state = WIFI_AGGR_STOPPED; + break; + } + + default: + /* should not be called */ + break; + } + + spin_unlock_bh(&wifi_sta->lock); + return ret; +} + +/* + * @can_aggregate_in_amsdu: Called in order to determine if HW supports + * aggregating two specific frames in the same A-MSDU. The relation + * between the skbs should be symmetric and transitive. Note that while + * skb is always a real frame, head may or may not be an A-MSDU. + */ +static bool wifi_ops_can_aggregate_in_amsdu(struct ieee80211_hw *hw, + struct sk_buff *head, + struct sk_buff *skb) +{ + /* should be ok to do this, but requires testing, rtw88 dev + * says it does not bring anything in performance for 2.4G + * band, and confuses some AP */ + return false; +} + +/* + * @sta_add: Notifies low level driver about addition of an associated + * station, AP, IBSS/WDS/mesh peer etc. This callback can sleep. + */ +static int wifi_ops_set_key(struct ieee80211_hw *hw, + enum set_key_cmd cmd_param, + struct ieee80211_vif *vif, + struct ieee80211_sta *sta, + struct ieee80211_key_conf *key) +{ + struct wifi_priv *wp = hw->priv; + struct wifi_vif *wifi_vif = WIFI_VIF(vif); + struct wifi_sta *wifi_sta; + int ret; + __le16 sta_hwid; + + switch (key->cipher) { + case WLAN_CIPHER_SUITE_CCMP: + if (vif->type == NL80211_IFTYPE_MESH_POINT && + !(key->flags & IEEE80211_KEY_FLAG_PAIRWISE)) { + /* IBSS RSN group keys */ + return -EOPNOTSUPP; + } + break; + default: + return -EOPNOTSUPP; + } + + sta_hwid = WIFI_INVALID_STA_HWID; + if (sta) { + if (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE)) + return -EOPNOTSUPP; + wifi_sta = WIFI_STA(sta); + sta_hwid = wifi_sta->hw_id; + } + + switch (cmd_param) { + case SET_KEY: + ret = cmd_vif_add_key(wp, + wifi_vif->hw_id, + sta_hwid, + key->keyidx, + key->key, + &key->hw_key_idx); + break; + + case DISABLE_KEY: + ret = cmd_vif_del_key(wp, + wifi_vif->hw_id, + sta_hwid, + key->hw_key_idx); + break; + + default: + ret = -EOPNOTSUPP; + break; + } + + return ret; +} + +/* + * @sta_add: Notifies low level driver about addition of an associated + * station, AP, IBSS/WDS/mesh peer etc. This callback can sleep. + */ +static int +wifi_ops_sta_add(struct ieee80211_hw *hw, + struct ieee80211_vif *vif, + struct ieee80211_sta *sta) +{ + struct wifi_priv *wp = hw->priv; + struct wifi_vif *wifi_vif = WIFI_VIF(vif); + struct wifi_sta *wifi_sta = WIFI_STA(sta); + size_t tidno; + int ret; + + ret = cmd_vif_add_sta(wp, wifi_vif->hw_id, + sta->addr, &wifi_sta->hw_id); + if (ret < 0) + return 0; + + spin_lock_init(&wifi_sta->lock); + wifi_sta->version = ++wp->sta_next_version; + wifi_sta->tx_pending = 0; + wifi_sta->ps_state = WIFI_PS_AWAKE; + + /* initialize all itxq private data */ + for (tidno = 0; tidno < IEEE80211_NUM_TIDS + 1; tidno++) { + struct wifi_tid *wifi_tid = WIFI_TID(sta->txq[tidno]); + unsigned int acno = TID_TO_WME_AC(tidno); + unsigned int qid = vif->hw_queue[acno]; + enum wifi_tid_type type; + + if (tidno == IEEE80211_NUM_TIDS) + type = WIFI_TID_STA_MMPDU; + else if (sta->wme) + type = WIFI_TID_STA_QOS_DATA; + else + type = WIFI_TID_STA_DATA; + + wifi_tid_init(wifi_tid, &wp->txqs[qid], type); + } + + wmb(); + wifi_sta->magic = WIFI_STA_MAGIC; + + return 0; +} + +/* + * @sta_remove: Notifies low level driver about removal of an associated + * station, AP, IBSS/WDS/mesh peer etc. Note that after the callback + * returns it isn't safe to use the pointer, not even RCU protected; + * no RCU grace period is guaranteed between returning here and freeing + * the station. See @sta_pre_rcu_remove if needed. + * This callback can sleep. + */ +static int wifi_ops_sta_remove(struct ieee80211_hw *hw, + struct ieee80211_vif *vif, + struct ieee80211_sta *sta) +{ + struct wifi_priv *wp = hw->priv; + struct wifi_vif *wifi_vif = WIFI_VIF(vif); + struct wifi_sta *wifi_sta = WIFI_STA(sta); + size_t tidno; + int ret; + + for (tidno = 0; tidno < IEEE80211_NUM_TIDS + 1; tidno++) { + struct wifi_tid *wifi_tid = WIFI_TID(sta->txq[tidno]); + wifi_tid_release(wp, wifi_tid); + } + + ret = cmd_vif_del_sta(wp, wifi_vif->hw_id, + wifi_sta->hw_id); + if (ret < 0) + return 0; + + return 0; +} + + +/* + * @bss_info_changed: Handler for configuration requests related to BSS + * parameters that may vary during BSS's lifespan, and may affect low + * level driver (e.g. assoc/disassoc status, erp parameters). + * This function should not be used if no BSS has been set, unless + * for association indication. The @changed parameter indicates which + * of the bss parameters has changed when a call is made. The callback + * can sleep. + */ +static void +wifi_ops_bss_info_changed(struct ieee80211_hw *hw, struct ieee80211_vif *vif, + struct ieee80211_bss_conf *info, u32 changed) +{ + struct wifi_priv *wp = hw->priv; + struct wifi_vif *wifi_vif = WIFI_VIF(vif); + + /* printk("wifi_ops_bss_info_changed: changed:0x%08x\n", changed); */ + if (changed & BSS_CHANGED_ERP_CTS_PROT) { + /* nothing to do, rate control will flag packets with + * RTS/CTS as needed */ + } + + if (changed & BSS_CHANGED_ERP_PREAMBLE) { + /* nothing to do, rate control will flag packets with + * short/long preamble as needed */ + } + + if (changed & BSS_CHANGED_ERP_SLOT) + cmd_vif_set_short_slot(wp, wifi_vif->hw_id, + info->use_short_slot); + + if (changed & BSS_CHANGED_BSSID) + cmd_vif_set_bss_params(wp, wifi_vif->hw_id, info->bssid); + + if (changed & BSS_CHANGED_BEACON_ENABLED) { + if (info->enable_beacon) { + struct ieee80211_rate *bcn_rate; + struct sk_buff *skb; + struct ieee80211_tx_info *tx_info; + + skb = ieee80211_beacon_get_template(hw, vif, NULL); + if (!skb) + return; + + tx_info = IEEE80211_SKB_CB(skb); + bcn_rate = ieee80211_get_tx_rate(hw, tx_info); + cmd_vif_set_beacon_params(wp, wifi_vif->hw_id, + bcn_rate->hw_value, + info->beacon_int, + info->dtim_period); + dev_kfree_skb(skb); + } + + cmd_vif_enable_beacon(wp, wifi_vif->hw_id, + info->enable_beacon); + } + + if (changed & BSS_CHANGED_HT) { + } +} + +/* + * compute number of bytes for a frames of usecs duration at given + * rate + */ +static int usec_to_framelen(int usecs, int mcs, bool ht40, bool sgi) +{ + int streams = (mcs / 8) + 1; + int symbols, bits; + int bytes = 0; + + usecs -= L_STF + L_LTF + L_SIG + HT_SIG + HT_STF + HT_LTF(streams); + symbols = sgi ? TIME_SYMBOLS_HALFGI(usecs) : TIME_SYMBOLS(usecs); + bits = symbols * bits_per_symbol[mcs % 8][ht40] * streams; + bits -= OFDM_PLCP_BITS; + bytes = bits / 8; + + /* if (mcs == 15) */ + /* printk("mcs:%d ht40:%u sgi:%u => %u usecs == %u bytes\n", */ + /* mcs, ht40, sgi, usecs, bytes); */ + if (bytes > 65532) + bytes = 65532; + + return bytes; +} + +/** + * @conf_tx: Configure TX queue parameters (EDCF (aifs, cw_min, cw_max), + * bursting) for a hardware TX queue. + * Returns a negative error code on failure. + * The callback can sleep. + */ +static int wifi_ops_conf_tx(struct ieee80211_hw *hw, + struct ieee80211_vif *vif, u16 ac, + const struct ieee80211_tx_queue_params *params) +{ + struct wifi_priv *wp = hw->priv; + struct wifi_vif *wifi_vif = WIFI_VIF(vif); + struct wifi_txq *wifi_txq; + u16 *cur_ht20, *cur_ht20_sgi, *cur_ht40, *cur_ht40_sgi; + int mcs; + u32 txop; + + /* printk("conf tx called, ac:%d cw:%d/%d aifsn:%d txop:%d\n", */ + /* ac, */ + /* params->cw_min, */ + /* params->cw_max, */ + /* params->aifs, */ + /* params->txop); */ + + if (cmd_vif_set_edca_params(wp, + wifi_vif->hw_id, + vif->hw_queue[ac], + params->cw_min, + params->cw_max, + params->aifs, + params->txop)) + return 1; + + /* compute aggregate max len for this queue */ + wifi_txq = &wp->txqs[vif->hw_queue[ac]]; + + /* 4ms is the default (and maximum) duration */ + txop = params->txop; + if (!txop || txop > 4096) + txop = 4096; + + cur_ht20 = wifi_txq->max_aggr_framelen[0][0]; + cur_ht20_sgi = wifi_txq->max_aggr_framelen[0][1]; + cur_ht40 = wifi_txq->max_aggr_framelen[1][0]; + cur_ht40_sgi = wifi_txq->max_aggr_framelen[1][1]; + + for (mcs = 0; mcs < 32; mcs++) { + cur_ht20[mcs] = usec_to_framelen(txop, mcs, false, false); + cur_ht20_sgi[mcs] = usec_to_framelen(txop, mcs, false, true); + cur_ht40[mcs] = usec_to_framelen(txop, mcs, true, false); + cur_ht40_sgi[mcs] = usec_to_framelen(txop, mcs, true, true); + } + + return 0; +} + + +/* + * @add_interface: Called when a netdevice attached to the hardware is + * enabled. Because it is not called for monitor mode devices, @start + * and @stop must be implemented. + * The driver should perform any initialization it needs before + * the device can be enabled. The initial configuration for the + * interface is given in the conf parameter. + * The callback may refuse to add an interface by returning a + * negative error code (which will be seen in userspace.) + * Must be implemented and can sleep. + */ +static int wifi_ops_add_interface(struct ieee80211_hw *hw, + struct ieee80211_vif *vif) +{ + struct wifi_priv *wp = hw->priv; + struct wifi_vif *wifi_vif = WIFI_VIF(vif); + struct wifi_tid *wifi_tid_mc = WIFI_TID(vif->txq); + enum wifi_vif_type vif_type; + unsigned int ac_mapping[IEEE80211_NUM_ACS], cab_qid; + size_t i; + int ret; + + /* printk("wifi_ops_add_interface\n"); */ + + switch (vif->type) { + case NL80211_IFTYPE_STATION: + case NL80211_IFTYPE_MONITOR: + vif_type = WIFI_VIF_TYPE_STA; + break; + case NL80211_IFTYPE_AP: + case NL80211_IFTYPE_MESH_POINT: + vif_type = WIFI_VIF_TYPE_AP; + break; + default: + return -ENOTSUPP; + } + + ret = cmd_add_vif(wp, vif_type, vif->addr, + &wifi_vif->hw_id, + &wifi_vif->tbtt_idx, + ac_mapping, &cab_qid); + if (ret) + return ret; + + if (wifi_vif->tbtt_idx != WIFI_INVALID_TBTT_IDX) { + if (wifi_vif->tbtt_idx >= ARRAY_SIZE(wp->vifs_by_tbtt_idx) || + wp->vifs_by_tbtt_idx[wifi_vif->tbtt_idx]) { + dev_err(wp->dev, "invalid VIF tbtt idx %x\n", + wifi_vif->tbtt_idx); + cmd_release_vif(wp, wifi_vif->hw_id); + return -EIO; + } + } + + for (i = 0; i < IEEE80211_NUM_ACS; i++) { + vif->hw_queue[i] = ac_mapping[i]; + /* FIXME: mac80211 limitation here */ + wp->txqs[vif->hw_queue[i]].ac = i; + BUG_ON(vif->hw_queue[i] >= wp->txq_count); + } + vif->cab_queue = cab_qid; + + ret = cmd_vif_start(wp, wifi_vif->hw_id); + if (ret) { + cmd_release_vif(wp, wifi_vif->hw_id); + return ret; + } + + /* init the itxq used to send multicast, we will mix mcast + * with BE traffic, cabq will be used instead when at least + * one STA is in powersave */ + wifi_tid_init(wifi_tid_mc, + &wp->txqs[ac_mapping[IEEE80211_AC_BE]], + WIFI_TID_MCAST); + + if (wifi_vif->tbtt_idx != WIFI_INVALID_TBTT_IDX) { + spin_lock_bh(&wp->vifs_by_tbtt_lock); + wp->vifs_by_tbtt_idx[wifi_vif->tbtt_idx] = vif; + spin_unlock_bh(&wp->vifs_by_tbtt_lock); + } + + return 0; +} + +/* + * @remove_interface: Notifies a driver that an interface is going down. + * The @stop callback is called after this if it is the last interface + * and no monitor interfaces are present. + * When all interfaces are removed, the MAC address in the hardware + * must be cleared so the device no longer acknowledges packets, + * the mac_addr member of the conf structure is, however, set to the + * MAC address of the device going away. + * Hence, this callback must be implemented. It can sleep. + */ +static void wifi_ops_remove_interface(struct ieee80211_hw *hw, + struct ieee80211_vif *vif) +{ + struct wifi_priv *wp = hw->priv; + struct wifi_vif *wifi_vif = WIFI_VIF(vif); + struct wifi_tid *wifi_tid_mc = WIFI_TID(vif->txq); + int ret; + + /* printk("wifi_ops_remove_interface\n"); */ + + /* hide it from interrupt handler */ + if (wifi_vif->tbtt_idx != WIFI_INVALID_TBTT_IDX) { + spin_lock_bh(&wp->vifs_by_tbtt_lock); + wp->vifs_by_tbtt_idx[wifi_vif->tbtt_idx] = NULL; + spin_unlock_bh(&wp->vifs_by_tbtt_lock); + } + + wifi_tid_release(wp, wifi_tid_mc); + + ret = cmd_vif_stop(wp, wifi_vif->hw_id); + if (ret) { + dev_err(wp->dev, "failed to stop wifi vif\n"); + return; + } + cmd_release_vif(wp, wifi_vif->hw_id); +} + +/* + * + */ +static int wifi_rxq_init(struct wifi_priv *wp) +{ + struct wifi_rxq *rxq = &wp->rxq; + size_t size; + + rxq->count = 0; + rxq->refill_off = 0; + rxq->fw_off = 0; + + size = WIFI_RX_DESCS * sizeof (*rxq->descs); + + rxq->descs = pci_zalloc_consistent(wp->pdev, size, &rxq->descs_dma); + if (rxq->descs == NULL) { + dev_err(wp->dev, "failed to alloc rx descs\n"); + return -ENOMEM; + } + + rxq->bufs = kcalloc(WIFI_RX_DESCS, sizeof(*rxq->bufs), GFP_KERNEL); + if (rxq->bufs == NULL) { + pci_free_consistent(wp->pdev, size, + rxq->descs, rxq->descs_dma); + return -ENOMEM; + } + + return 0; +} + +/* + * + */ +static void wifi_rxq_release(struct wifi_priv *wp) +{ + struct wifi_rxq *rxq = &wp->rxq; + int i; + + if (rxq->descs == NULL) + return; + + for (i = 0; i < WIFI_RX_DESCS; i++) { + if (!rxq->bufs[i].skb) + continue; + + pci_unmap_single(wp->pdev, + dma_unmap_addr(&rxq->bufs[i], dma), + WIFI_RX_BUF_SIZE, PCI_DMA_FROMDEVICE); + dma_unmap_addr_set(&rxq->bufs[i], dma, 0); + kfree_skb(rxq->bufs[i].skb); + rxq->bufs[i].skb = NULL; + } + + kfree(rxq->bufs); + rxq->bufs = NULL; + pci_free_consistent(wp->pdev, + WIFI_RX_DESCS * sizeof (*rxq->descs), + rxq->descs, rxq->descs_dma); + rxq->descs = NULL; +} + + +/* + * + */ +static void wifi_txq_release(struct wifi_priv *wp, struct wifi_txq *txq) +{ + struct wifi_tx_skb *wskb, *tmp; + int i; + + for (i = 0; i < WIFI_TX_DESCS; i++) { + struct wifi_tx_skb *wskb = txq->pending_wskb[i]; + if (wskb) { + wifi_tx_skb_release_txfail(wp, wskb); + txq->pending_wskb[i] = NULL; + } + } + + list_for_each_entry_safe(wskb, tmp, &txq->wifi_tx_skbs_pool, next) + kfree(wskb); + + kfree(txq->pending_wskb); + pci_free_consistent(wp->pdev, + WIFI_TX_DESCS * sizeof (*txq->descs), + txq->descs, txq->descs_dma); +} + +/* + * + */ +static int wifi_txq_init(struct wifi_priv *wp, unsigned int idx) +{ + struct wifi_txq *txq = &wp->txqs[idx]; + size_t i, size; + + spin_lock_init(&txq->lock); + txq->idx = idx; + txq->head_off = 0; + txq->reclaim_off = 0; + INIT_LIST_HEAD(&txq->wifi_tx_skbs_pool); + + size = WIFI_TX_DESCS * sizeof (*txq->descs); + + txq->descs = pci_zalloc_consistent(wp->pdev, size, &txq->descs_dma); + if (txq->descs == NULL) { + dev_err(wp->dev, "failed to alloc tx descs\n"); + goto free; + } + + txq->pending_wskb = kcalloc(WIFI_TX_DESCS, + sizeof(*txq->pending_wskb), GFP_KERNEL); + if (txq->pending_wskb == NULL) + goto free; + + /* + * prefill the wifi_tx_skb pool + * + * When doing tx completion for aggregate, the actual release + * happen when the last packet of the aggregate is marked as + * done by the hardware. So even the tx queue seems to be + * almost empty, some wifi_tx_skb are not yet released. This + * can be at most the maximum size of an aggregate, so we + * alloc a bit more. + */ + for (i = 0; i < WIFI_TX_DESCS + IEEE80211_AGGR_MAX_MPDU; i++) { + struct wifi_tx_skb *wskb; + + wskb = kzalloc(sizeof(*wskb), GFP_KERNEL); + if (!wskb) + goto free; + + list_add_tail(&wskb->next, &txq->wifi_tx_skbs_pool); + } + + return 0; + +free: + wifi_txq_release(wp, txq); + return -ENOMEM; +} + +/* + * @start: Called before the first netdevice attached to the hardware + * is enabled. This should turn on the hardware and must turn on + * frame reception (for possibly enabled monitor interfaces.) + * Returns negative error codes, these may be seen in userspace, + * or zero. + * When the device is started it should not have a MAC address + * to avoid acknowledging frames before a non-monitor device + * is added. + * Must be implemented and can sleep. + */ +static int wifi_ops_start(struct ieee80211_hw *hw) +{ + struct wifi_priv *wp = hw->priv; + size_t i; + int ret; + + /* printk("wifi_ops_start\n"); */ + + ret = wifi_rxq_init(wp); + if (ret) + goto fail; + + if (wifi_rxq_refill(wp, INT_MAX) != WIFI_RX_DESCS) { + dev_err(wp->dev, "failed to refill rxq\n"); + ret = -ENOMEM; + goto fail; + } + + wp->txqs = kcalloc(wp->txq_count, sizeof (*wp->txqs), GFP_KERNEL); + if (!wp->txqs) { + ret = -ENOMEM; + goto fail; + } + + for (i = 0; i < wp->txq_count; i++) { + ret = wifi_txq_init(wp, i); + if (ret) + goto fail; + } + + if (cmd_start(wp)) { + dev_err(wp->dev, "failed to start device\n"); + ret = -EIO; + goto fail; + } + + return 0; + +fail: + if (wp->txqs) { + size_t i; + for (i = 0; i < wp->txq_count; i++) + wifi_txq_release(wp, &wp->txqs[i]); + kfree(wp->txqs); + wp->txqs = NULL; + } + wifi_rxq_release(wp); + return ret; +} + +/* + * @stop: Called after last netdevice attached to the hardware + * is disabled. This should turn off the hardware (at least + * it must turn off frame reception.) + * May be called right after add_interface if that rejects + * an interface. If you added any work onto the mac80211 workqueue + * you should ensure to cancel it on this callback. + * Must be implemented and can sleep. + */ +static void wifi_ops_stop(struct ieee80211_hw *hw) +{ + struct wifi_priv *wp = hw->priv; + size_t i; + + /* printk("wifi_ops_stop\n"); */ + + if (cmd_stop(wp)) + dev_err(wp->dev, "failed to stop device\n"); + + for (i = 0; i < wp->txq_count; i++) { + wifi_txq_release(wp, &wp->txqs[i]); + } + + kfree(wp->txqs); + wifi_rxq_release(wp); +} + +/* + * + */ +static int update_survey(struct ieee80211_hw *hw, + unsigned int chan_idx) +{ + struct wifi_priv *wp = hw->priv; + struct survey_info *survey = &wp->survey[chan_idx]; + int ret; + + ret = cmd_get_chan_survey(wp, + &survey->noise, + &survey->time, + &survey->time_busy, + &survey->time_rx, + &survey->time_tx); + if (ret) + return ret; + + /* convert cur_chan_bss_rx from usec to msec */ + survey->time_bss_rx += wp->cur_chan_bss_rx / 1000; + wp->cur_chan_bss_rx = 0; + + return 0; +} + +/* + * @get_survey: Return per-channel survey information + */ +static int wifi_ops_get_survey(struct ieee80211_hw *hw, int idx, + struct survey_info *survey) +{ + struct wifi_priv *wp = hw->priv; + struct ieee80211_supported_band *sband; + + if (idx >= ARRAY_SIZE(wp->survey)) + return -ENOENT; + + if (idx == wp->cur_chan_idx) { + int ret = update_survey(hw, idx); + if (ret) + return ret; + } + + memcpy(survey, &wp->survey[idx], sizeof (*survey)); + + sband = hw->wiphy->bands[NL80211_BAND_2GHZ]; + survey->channel = &sband->channels[idx]; + + survey->filled = + SURVEY_INFO_NOISE_DBM | + SURVEY_INFO_TIME | + SURVEY_INFO_TIME_BUSY | + SURVEY_INFO_TIME_RX | + SURVEY_INFO_TIME_BSS_RX | + SURVEY_INFO_TIME_TX; + + if (idx == wp->cur_chan_idx) + survey->filled |= SURVEY_INFO_IN_USE; + + return 0; +} + +/* + * @config: Handler for configuration requests. IEEE 802.11 code calls this + * function to change hardware configuration, e.g., channel. + * This function should never fail but returns a negative error code + * if it does. The callback can sleep. + */ +static int wifi_ops_config(struct ieee80211_hw *hw, u32 changed) +{ + struct wifi_priv *wp = hw->priv; + int ret; + + /* printk("wifi_ops_config: changed:%08x\n", changed); */ + + if (changed & IEEE80211_CONF_CHANGE_CHANNEL) { + if (wp->cur_chan_idx != -1) + update_survey(hw, wp->cur_chan_idx); + + ret = wifi_set_channel(wp); + if (ret) + return ret; + } + + return 0; +} + +/* + * @prepare_multicast: Prepare for multicast filter configuration. + * This callback is optional, and its return value is passed + * to configure_filter(). This callback must be atomic. + */ +static u64 wifi_ops_prepare_multicast(struct ieee80211_hw *hw, + struct netdev_hw_addr_list *mc_list) +{ + /* don't try to filter multicast for now */ + return WIFI_FILTER_ALL_MULTI; +} + +/* + * @configure_filter: Configure the device's RX filter. + * See the section "Frame filtering" for more information. + * This callback must be implemented and can sleep. + */ +static void wifi_ops_configure_filter(struct ieee80211_hw *hw, + unsigned int changed_flags, + unsigned int *total_flags, + u64 multicast) +{ + struct wifi_priv *wp = hw->priv; + u32 f; + + /* keep only what we support */ + *total_flags &= + FIF_ALLMULTI | + FIF_FCSFAIL | + FIF_BCN_PRBRESP_PROMISC | + FIF_CONTROL | + FIF_OTHER_BSS | + FIF_PSPOLL | + FIF_PROBE_REQ; + + /* printk("wifi_ops_configure_filter: total_flags:%08x\n", */ + /* *total_flags); */ + + f = 0; + if (*total_flags & FIF_ALLMULTI) + f |= WIFI_FILTER_ALL_MULTI; + else + f |= multicast; + if (*total_flags & FIF_FCSFAIL) + f |= WIFI_FILTER_FCS_FAIL; + if (*total_flags & FIF_OTHER_BSS) + f |= WIFI_FILTER_PROMISC; + if (*total_flags & FIF_BCN_PRBRESP_PROMISC) + f |= WIFI_FILTER_ALL_BSSID; + if (*total_flags & FIF_CONTROL) + f |= WIFI_FILTER_FTYPE_CONTROL; + if (*total_flags & FIF_PSPOLL) + f |= WIFI_FILTER_FTYPE_PS_POLL; + if (*total_flags & FIF_PROBE_REQ) + f |= WIFI_FILTER_FTYPE_PROBE_REQ; + + cmd_set_rx_filter(wp, f); +} + +/* + * + */ +static int wifi_ops_set_antenna(struct ieee80211_hw *hw, + u32 tx_ant, u32 rx_ant) +{ + struct wifi_priv *wp = hw->priv; + u32 hw_ant = (1 << wp->hw_radio_chains) - 1; + + /* rx & tx must match */ + if (rx_ant != tx_ant) + return -ENOTSUPP; + + /* cannot use non existing antennas */ + if (tx_ant & ~hw_ant) + return -ENOTSUPP; + + wp->force_ant_mask = tx_ant; + return 0; +} + +/* + * + */ +static int wifi_ops_get_antenna(struct ieee80211_hw *hw, + u32 *tx_ant, u32 *rx_ant) +{ + struct wifi_priv *wp = hw->priv; + u32 hw_ant = (1 << wp->hw_radio_chains) - 1; + + if (wp->force_ant_mask) { + *rx_ant = wp->force_ant_mask; + *tx_ant = wp->force_ant_mask; + } else { + *rx_ant = hw_ant; + *tx_ant = hw_ant; + } + + return 0; +} + +/* + * mac80211 device ops + */ +static const struct ieee80211_ops wifi_mac80211_ops = { + .tx = wifi_ops_tx, + .wake_tx_queue = wifi_ops_wake_tx_queue, + .release_buffered_frames= wifi_ops_release_buffered_frames, + .start = wifi_ops_start, + .stop = wifi_ops_stop, + .add_interface = wifi_ops_add_interface, + .remove_interface = wifi_ops_remove_interface, + .bss_info_changed = wifi_ops_bss_info_changed, + .get_survey = wifi_ops_get_survey, + .config = wifi_ops_config, + .configure_filter = wifi_ops_configure_filter, + .sta_add = wifi_ops_sta_add, + .sta_remove = wifi_ops_sta_remove, + .sta_notify = wifi_ops_sta_notify, + .set_key = wifi_ops_set_key, + .conf_tx = wifi_ops_conf_tx, + .prepare_multicast = wifi_ops_prepare_multicast, + .ampdu_action = wifi_ops_ampdu_action, + .can_aggregate_in_amsdu = wifi_ops_can_aggregate_in_amsdu, + .get_stats = wifi_ops_get_stats, + .get_antenna = wifi_ops_get_antenna, + .set_antenna = wifi_ops_set_antenna, +}; + +/* + * + */ +static void setup_24hz_band(struct wifi_priv *wp, + struct ieee80211_supported_band *b) +{ + struct ieee80211_sta_ht_cap *ht = &b->ht_cap; + size_t i; + + b->band = NL80211_BAND_2GHZ; + b->channels = gchannels; + b->n_channels = ARRAY_SIZE(gchannels); + b->bitrates = mwl8k_rates; + b->n_bitrates = ARRAY_SIZE(mwl8k_rates); + + ht->ht_supported = true; + ht->cap = IEEE80211_HT_CAP_SUP_WIDTH_20_40 | + IEEE80211_HT_CAP_SGI_20 | + IEEE80211_HT_CAP_SGI_40 | + IEEE80211_HT_CAP_TX_STBC | + IEEE80211_HT_CAP_RX_STBC; + + ht->ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K; + ht->ampdu_density = IEEE80211_HT_MPDU_DENSITY_NONE; + + for (i = 0; i < wp->hw_radio_chains; i++) + ht->mcs.rx_mask[i] = 0xff; + /* MCS32 */ + ht->mcs.rx_mask[4] = 0x1; + + ht->mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED; +} + +/* + * + */ +static int wifi_ieee80211_register(struct wifi_priv *wp) +{ + struct ieee80211_hw *hw = wp->hw; + size_t count; + int ret; + + /* setup wiphy */ + SET_IEEE80211_PERM_ADDR(hw, wp->addresses[0].addr); + hw->wiphy->addresses = wp->addresses; + hw->wiphy->n_addresses = wp->addresses_count; + count = wp->addresses_count; + if (count > 256) + count = 256; + + hw->wiphy->interface_modes = + BIT(NL80211_IFTYPE_MONITOR) | + BIT(NL80211_IFTYPE_AP) | + BIT(NL80211_IFTYPE_MESH_POINT) | + BIT(NL80211_IFTYPE_STATION); + + wp->if_limits[0].types = BIT(NL80211_IFTYPE_STATION); + wp->if_limits[0].max = wp->hw_max_sta_vif; + + wp->if_limits[1].types = BIT(NL80211_IFTYPE_AP); +#ifdef CONFIG_MAC80211_MESH + wp->if_limits[1].types |= BIT(NL80211_IFTYPE_MESH_POINT); +#endif + wp->if_limits[1].max = wp->hw_max_ap_vif; + + wp->if_comb.limits = wp->if_limits; + wp->if_comb.n_limits = ARRAY_SIZE(wp->if_limits); + wp->if_comb.max_interfaces = wp->hw_max_sta_vif + wp->hw_max_ap_vif; + wp->if_comb.num_different_channels = 1; + wp->if_comb.beacon_int_min_gcd = wp->hw_bcn_interval_gcd; + + hw->wiphy->iface_combinations = &wp->if_comb; + hw->wiphy->n_iface_combinations = 1; + + setup_24hz_band(wp, &wp->gband); + hw->wiphy->bands[0] = &wp->gband; + + scnprintf(hw->wiphy->fw_version, sizeof (hw->wiphy->fw_version), + "%u.%u", wp->fw_major, wp->fw_minor); + + hw->wiphy->available_antennas_rx = (1 << wp->hw_radio_chains) - 1; + hw->wiphy->available_antennas_tx = (1 << wp->hw_radio_chains) - 1; + + /* disabled until release_buffered_frames is fixed */ + /* hw->wiphy->flags |= WIPHY_FLAG_AP_UAPSD; */ + hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN; + + /* setup remaining hw fields */ + ieee80211_hw_set(hw, SIGNAL_DBM); + ieee80211_hw_set(hw, PS_NULLFUNC_STACK); + ieee80211_hw_set(hw, SUPPORTS_RC_TABLE); + ieee80211_hw_set(hw, HOST_BROADCAST_PS_BUFFERING); + ieee80211_hw_set(hw, REPORTS_TX_ACK_STATUS); + if (!create_vif) + ieee80211_hw_set(hw, NO_AUTO_VIF); + ieee80211_hw_set(hw, QUEUE_CONTROL); + ieee80211_hw_set(hw, SUPPORTS_AMSDU_IN_AMPDU); + ieee80211_hw_set(hw, SUPPORTS_CLONED_SKBS); + ieee80211_hw_set(hw, SUPPORT_FAST_XMIT); + ieee80211_hw_set(hw, AMPDU_AGGREGATION); + ieee80211_hw_set(hw, BUFF_MMPDU_TXQ); + ieee80211_hw_set(hw, STA_MMPDU_TXQ); + ieee80211_hw_set(hw, MFP_CAPABLE); + hw->wiphy->features |= NL80211_FEATURE_ACTIVE_MONITOR; + + hw->vif_data_size = sizeof (struct wifi_vif); + hw->sta_data_size = sizeof (struct wifi_sta); + hw->txq_data_size = sizeof (struct wifi_tid); + hw->queues = wp->txq_count; + hw->max_rates = WIFI_TXD_MAX_RATES; + hw->max_report_rates = WIFI_TXD_MAX_RATES; + hw->max_rate_tries = 15; + hw->offchannel_tx_hw_queue = 6; + + ret = ieee80211_register_hw(hw); + if (ret) { + wiphy_err(hw->wiphy, "cannot register device: %d\n", ret); + return ret; + } + + wp->hw_registered = true; + return 0; +} + +/* + * + */ +static void wifi_release(struct wifi_priv *wp) +{ +} + +/* + * + */ +static int wifi_init(void *data) +{ + struct wifi_priv *wp = (struct wifi_priv *)data; + u8 force_mac[ETH_ALEN]; + u32 api_version; + int ret; + + if (cmd_get_api_version(wp, &api_version)) { + dev_err(wp->dev, "failed to get api_version\n"); + return -EIO; + } + + if (api_version != WIFI_API_VERSION) { + dev_err(wp->dev, "API version mismatch %u\n", api_version); + return -EIO; + } + + if (cmd_get_fw_version(wp, &wp->fw_major, &wp->fw_minor)) { + dev_err(wp->dev, "failed to get fw version\n"); + return -EIO; + } + + dev_info(wp->dev, "wifi firmware version [%u.%u]\n", + wp->fw_major, + wp->fw_minor); + + if (mac_pton(base_mac_addr, force_mac) && + !is_zero_ether_addr(force_mac) && + mac_addr_count > 0) { + unsigned int i; + + dev_info(wp->dev, "using mac address from module params\n"); + + for (i = 0; i < mac_addr_count && + i < ARRAY_SIZE(wp->addresses); i++) { + memcpy(&wp->addresses[i], force_mac, 6); + inc_mac(wp->addresses[i].addr, i); + } + + wp->addresses_count = mac_addr_count; + + } else { + wp->addresses_count = ARRAY_SIZE(wp->addresses); + if (cmd_get_mac_address(wp, wp->addresses, + &wp->addresses_count)) { + dev_err(wp->dev, "failed to get mac address\n"); + return -EIO; + } + } + + ret = wifi_ieee80211_register(wp); + if (ret) + goto fail; + + return 0; + +fail: + wifi_release(wp); + return ret; +} + +/* + * + */ +static void wifi_exit(void *data) +{ + struct wifi_priv *wp = (struct wifi_priv *)data; + + if (!wp->hw_registered) + return; + + /* stop processing irq, FIXME: need spinlock for SMP */ + wp->rx_f2h_irq_mask = 0; + wp->tx_f2h_irq_mask = 0; + wp->tbtt_f2h_irq_mask = 0; + + ieee80211_unregister_hw(wp->hw); + wifi_release(wp); +} + +/* + * + */ +static void * +wifi_alloc(struct mwl8k_priv *priv, void __iomem *vdesc, u32 *poll_mask) +{ + struct __iomem ixzone_svc_wifi *desc = vdesc; + struct ieee80211_hw *hw; + struct wifi_priv *wp; + size_t i; + u32 off; + + if (!desc->radio.chain_count || + desc->radio.chain_count > 4) { + dev_err(&priv->pdev->dev, + "wifi service has invalid radio chains\n"); + return NULL; + } + + if (!desc->tx.max_ampdu_chain) { + dev_err(&priv->pdev->dev, + "wifi service has invalid max_ampdu_chain\n"); + return NULL; + } + + if (!desc->rx.f2h_irq_mask) { + dev_err(&priv->pdev->dev, "wifi service has no rx irq mask\n"); + return NULL; + } + + if (!desc->tx.f2h_irq_mask || !desc->tx.h2f_irq_mask) { + dev_err(&priv->pdev->dev, "wifi service has no tx irq mask\n"); + return NULL; + } + + if (desc->vif.max_ap_vif) { + if (!desc->vif.bcn_interval_gcd) { + dev_err(&priv->pdev->dev, + "wifi service has no beacon interval gcd\n"); + return NULL; + } + + if (!desc->vif.tbtt_f2h_irq_mask) { + dev_err(&priv->pdev->dev, + "wifi service has no tbtt irq mask\n"); + return NULL; + } + } + + off = (void *)desc - (void *)priv->sram; + + for (i = 0; i < ARRAY_SIZE(desc->cmd_chans); i++) { + const __iomem struct ixzone_svc_wifi_cmd_chan *cdesc; + u32 boff, bsize; + + cdesc = &desc->cmd_chans[i]; + + if (!cdesc->f2h_irq_mask || !cdesc->h2f_irq_mask) { + dev_err(&priv->pdev->dev, + "wifi cmd chan %zu has no irq mask\n", i); + return NULL; + } + + if (cdesc->buf_offset % 4) { + dev_err(&priv->pdev->dev, + "wifi cmd chan %zu buf not aligned\n", i); + return NULL; + } + + boff = le32_to_cpu(cdesc->buf_offset); + bsize = le32_to_cpu(cdesc->buf_size); + + if (check_bound(SRAM_SIZE, off + boff, bsize)) { + dev_err(&priv->pdev->dev, + "wifi cmd chan %zu buf has bad offsets\n", i); + return NULL; + } + } + + hw = ieee80211_alloc_hw(sizeof (*wp), &wifi_mac80211_ops); + if (!hw) { + dev_err(wp->dev, "ieee80211 alloc failed\n"); + return NULL; + } + + wp = hw->priv; + wp->hw = hw; + wp->priv = priv; + wp->cur_chan_idx = -1; + spin_lock_init(&wp->vifs_by_tbtt_lock); + + *poll_mask = 0; + + for (i = 0; i < ARRAY_SIZE(desc->cmd_chans); i++) { + struct __iomem ixzone_svc_wifi_cmd_chan *cdesc; + struct wifi_cmd_chan *chan; + u32 boff, bsize; + + cdesc = &desc->cmd_chans[i]; + boff = le32_to_cpu(cdesc->buf_offset); + bsize = le32_to_cpu(cdesc->buf_size); + + chan = &wp->cmd_chans[i]; + chan->buf_start = priv->sram + off + boff; + chan->buf_size = bsize; + chan->f2h_irq_mask = le32_to_cpu(cdesc->f2h_irq_mask); + chan->h2f_irq_mask = le32_to_cpu(cdesc->h2f_irq_mask); + chan->host_count_ptr = &cdesc->host_ctr; + chan->fw_count_ptr = &cdesc->fw_ctr; + + mutex_init(&chan->lock); + spin_lock_init(&chan->complete_lock); + + /* only watch irq done for async channel, we will + * busy wait for completion on atomic channel */ + if (i == WIFI_CMD_CHAN_ASYNC) + *poll_mask |= chan->f2h_irq_mask; + } + + wp->rx_f2h_irq_mask = desc->rx.f2h_irq_mask; + + wp->txq_count = le16_to_cpu(desc->tx.txq_count); + wp->hw_max_ampdu_chain = le16_to_cpu(desc->tx.max_ampdu_chain); + wp->tx_f2h_irq_mask = le32_to_cpu(desc->tx.f2h_irq_mask); + wp->tx_f2h_irq_shift = ffs(wp->tx_f2h_irq_mask) - 1; + wp->tx_h2f_irq_mask = le32_to_cpu(desc->tx.h2f_irq_mask); + wp->tx_h2f_irq_shift = ffs(wp->tx_h2f_irq_mask) - 1; + + wp->tbtt_f2h_irq_mask = le32_to_cpu(desc->vif.tbtt_f2h_irq_mask); + wp->tbtt_f2h_irq_shift = ffs(wp->tbtt_f2h_irq_mask) - 1; + + wp->hw_max_sta_vif = desc->vif.max_sta_vif; + wp->hw_max_ap_vif = desc->vif.max_ap_vif; + wp->hw_bcn_interval_gcd = desc->vif.bcn_interval_gcd; + if (wp->hw_max_ap_vif > WIFI_MAX_AP_VIFS) + wp->hw_max_ap_vif = WIFI_MAX_AP_VIFS; + wp->hw_radio_chains = le32_to_cpu(desc->radio.chain_count); + + wp->dev = &priv->pdev->dev; + wp->pdev = priv->pdev; + + SET_IEEE80211_DEV(hw, &priv->pdev->dev); + + *poll_mask |= wp->rx_f2h_irq_mask | + wp->tx_f2h_irq_mask | + wp->tbtt_f2h_irq_mask; + + return wp; +} + +/* + * + */ +static void wifi_free(void *data) +{ + struct wifi_priv *wp = (struct wifi_priv *)data; + ieee80211_free_hw(wp->hw); +} + +const struct dbg_svc_ops wifi_svc_ops = { + .name = "wifi", + .uuid = SVC_WIFI_UUID, + .desc_size = sizeof (struct ixzone_svc_wifi), + .svc_alloc = wifi_alloc, + .svc_init = wifi_init, + .svc_process = wifi_process, + .svc_exit = wifi_exit, + .svc_free = wifi_free, +}; + --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/drivers/of/configfs.c 2023-02-27 20:55:42.852893915 +0100 @@ -0,0 +1,279 @@ +/* + * Configfs entries for device-tree + * + * Copyright (C) 2013 - Pantelis Antoniou + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version + * 2 of the License, or (at your option) any later version. + */ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "of_private.h" + +struct cfs_overlay_item { + struct config_item item; + + char path[PATH_MAX]; + + const struct firmware *fw; + struct device_node *overlay; + int ov_id; + + void *dtbo; + int dtbo_size; +}; + +static inline struct cfs_overlay_item *to_cfs_overlay_item( + struct config_item *item) +{ + return item ? container_of(item, struct cfs_overlay_item, item) : NULL; +} + +static ssize_t cfs_overlay_item_path_show(struct config_item *item, + char *page) +{ + struct cfs_overlay_item *overlay = to_cfs_overlay_item(item); + return sprintf(page, "%s\n", overlay->path); +} + +static ssize_t cfs_overlay_item_path_store(struct config_item *item, + const char *page, size_t count) +{ + struct cfs_overlay_item *overlay = to_cfs_overlay_item(item); + const char *p = page; + char *s; + int err; + + /* if it's set do not allow changes */ + if (overlay->path[0] != '\0' || overlay->dtbo_size > 0) + return -EPERM; + + /* copy to path buffer (and make sure it's always zero terminated */ + count = snprintf(overlay->path, sizeof(overlay->path) - 1, "%s", p); + overlay->path[sizeof(overlay->path) - 1] = '\0'; + + /* strip trailing newlines */ + s = overlay->path + strlen(overlay->path); + while (s > overlay->path && *--s == '\n') + *s = '\0'; + + pr_debug("%s: path is '%s'\n", __func__, overlay->path); + + err = request_firmware(&overlay->fw, overlay->path, NULL); + if (err != 0) + goto out_err; + + err = of_overlay_fdt_apply((void *)overlay->fw->data, + overlay->fw->size, + &overlay->ov_id); + if (err != 0) + goto out_err; + + return count; + +out_err: + + release_firmware(overlay->fw); + overlay->fw = NULL; + + overlay->path[0] = '\0'; + return err; +} + +static ssize_t cfs_overlay_item_status_show(struct config_item *item, + char *page) +{ + struct cfs_overlay_item *overlay = to_cfs_overlay_item(item); + + return sprintf(page, "%s\n", + overlay->ov_id >= 0 ? "applied" : "unapplied"); +} + +CONFIGFS_ATTR(cfs_overlay_item_, path); +CONFIGFS_ATTR_RO(cfs_overlay_item_, status); + +static struct configfs_attribute *cfs_overlay_attrs[] = { + &cfs_overlay_item_attr_path, + &cfs_overlay_item_attr_status, + NULL, +}; + +ssize_t cfs_overlay_item_dtbo_read(struct config_item *item, + void *buf, size_t max_count) +{ + struct cfs_overlay_item *overlay = to_cfs_overlay_item(item); + + pr_debug("%s: buf=%p max_count=%zu\n", __func__, + buf, max_count); + + if (overlay->dtbo == NULL) + return 0; + + /* copy if buffer provided */ + if (buf != NULL) { + /* the buffer must be large enough */ + if (overlay->dtbo_size > max_count) + return -ENOSPC; + + memcpy(buf, overlay->dtbo, overlay->dtbo_size); + } + + return overlay->dtbo_size; +} + +ssize_t cfs_overlay_item_dtbo_write(struct config_item *item, + const void *buf, size_t count) +{ + struct cfs_overlay_item *overlay = to_cfs_overlay_item(item); + int err; + + /* if it's set do not allow changes */ + if (overlay->path[0] != '\0' || overlay->dtbo_size > 0) + return -EPERM; + + /* copy the contents */ + overlay->dtbo = kmemdup(buf, count, GFP_KERNEL); + if (overlay->dtbo == NULL) + return -ENOMEM; + + overlay->dtbo_size = count; + + err = of_overlay_fdt_apply((void *)overlay->fw->data, + overlay->dtbo_size, + &overlay->ov_id); + if (err != 0) + goto out_err; + + return count; + +out_err: + kfree(overlay->dtbo); + overlay->dtbo = NULL; + overlay->dtbo_size = 0; + + return err; +} + +CONFIGFS_BIN_ATTR(cfs_overlay_item_, dtbo, NULL, SZ_1M); + +static struct configfs_bin_attribute *cfs_overlay_bin_attrs[] = { + &cfs_overlay_item_attr_dtbo, + NULL, +}; + +static void cfs_overlay_release(struct config_item *item) +{ + struct cfs_overlay_item *overlay = to_cfs_overlay_item(item); + + if (overlay->ov_id >= 0) + of_overlay_remove(&overlay->ov_id); + if (overlay->fw) + release_firmware(overlay->fw); + /* kfree with NULL is safe */ + kfree(overlay->dtbo); + kfree(overlay); +} + +static struct configfs_item_operations cfs_overlay_item_ops = { + .release = cfs_overlay_release, +}; + +static struct config_item_type cfs_overlay_type = { + .ct_item_ops = &cfs_overlay_item_ops, + .ct_attrs = cfs_overlay_attrs, + .ct_bin_attrs = cfs_overlay_bin_attrs, + .ct_owner = THIS_MODULE, +}; + +static struct config_item *cfs_overlay_group_make_item( + struct config_group *group, const char *name) +{ + struct cfs_overlay_item *overlay; + + overlay = kzalloc(sizeof(*overlay), GFP_KERNEL); + if (!overlay) + return ERR_PTR(-ENOMEM); + overlay->ov_id = -1; + + config_item_init_type_name(&overlay->item, name, &cfs_overlay_type); + return &overlay->item; +} + +static void cfs_overlay_group_drop_item(struct config_group *group, + struct config_item *item) +{ + struct cfs_overlay_item *overlay = to_cfs_overlay_item(item); + + config_item_put(&overlay->item); +} + +static struct configfs_group_operations overlays_ops = { + .make_item = cfs_overlay_group_make_item, + .drop_item = cfs_overlay_group_drop_item, +}; + +static struct config_item_type overlays_type = { + .ct_group_ops = &overlays_ops, + .ct_owner = THIS_MODULE, +}; + +static struct configfs_group_operations of_cfs_ops = { + /* empty - we don't allow anything to be created */ +}; + +static struct config_item_type of_cfs_type = { + .ct_group_ops = &of_cfs_ops, + .ct_owner = THIS_MODULE, +}; + +struct config_group of_cfs_overlay_group; + +static struct configfs_subsystem of_cfs_subsys = { + .su_group = { + .cg_item = { + .ci_namebuf = "device-tree", + .ci_type = &of_cfs_type, + }, + }, + .su_mutex = __MUTEX_INITIALIZER(of_cfs_subsys.su_mutex), +}; + +static int __init of_cfs_init(void) +{ + int ret; + + pr_info("%s\n", __func__); + + config_group_init(&of_cfs_subsys.su_group); + config_group_init_type_name(&of_cfs_overlay_group, "overlays", + &overlays_type); + configfs_add_default_group(&of_cfs_overlay_group, + &of_cfs_subsys.su_group); + + ret = configfs_register_subsystem(&of_cfs_subsys); + if (ret != 0) { + pr_err("%s: failed to register subsys\n", __func__); + goto out; + } + pr_info("%s: OK\n", __func__); +out: + return ret; +} +late_initcall(of_cfs_init); diff -Nruw linux-5.15.42-fbx/drivers/platform/fbxgw7r./Kconfig linux-5.15.42-fbx/drivers/platform/fbxgw7r/Kconfig --- linux-5.15.42-fbx/drivers/platform/fbxgw7r./Kconfig 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/platform/fbxgw7r/Kconfig 2023-03-09 15:24:23.846931646 +0100 @@ -0,0 +1,6 @@ +config FBXGW7R_PLATFORM + bool "Freebox Gateway V7 specific drivers" + +config FBXGW7R_SWITCH + bool "Freebox Gateway V7 in kernel switch init code." + depends on FBXGW7R_PLATFORM diff -Nruw linux-5.15.42-fbx/drivers/platform/fbxgw7r./Makefile linux-5.15.42-fbx/drivers/platform/fbxgw7r/Makefile --- linux-5.15.42-fbx/drivers/platform/fbxgw7r./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/platform/fbxgw7r/Makefile 2023-03-09 15:24:23.846931646 +0100 @@ -0,0 +1 @@ +obj-$(CONFIG_FBXGW7R_SWITCH) += fbxgw7r-switch.o diff -Nruw linux-5.15.42-fbx/drivers/platform/intelce./Kconfig linux-5.15.42-fbx/drivers/platform/intelce/Kconfig --- linux-5.15.42-fbx/drivers/platform/intelce./Kconfig 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/platform/intelce/Kconfig 2023-03-09 15:06:11.376234546 +0100 @@ -0,0 +1,18 @@ +# +# IntelCE devices configuration +# + +menu "IntelCE devices" + +config INTELCE_GPIO + tristate "GPIO support" + select ARCH_REQUIRE_GPIOLIB + help + IntelCE 3100/4100 GPIO support. + +config INTELCE_DFX + tristate "DFX reporting support" + help + IntelCE 3100/4100 DFX fuse reporting support. + +endmenu diff -Nruw linux-5.15.42-fbx/drivers/platform/intelce./Makefile linux-5.15.42-fbx/drivers/platform/intelce/Makefile --- linux-5.15.42-fbx/drivers/platform/intelce./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/platform/intelce/Makefile 2023-03-09 15:06:11.376234546 +0100 @@ -0,0 +1,2 @@ +obj-$(CONFIG_INTELCE_GPIO) += gpio-intelce.o +obj-$(CONFIG_INTELCE_DFX) += dfx.o diff -Nruw linux-5.15.42-fbx/drivers/soc/bcm/bcm63xx/rdp./Makefile linux-5.15.42-fbx/drivers/soc/bcm/bcm63xx/rdp/Makefile --- linux-5.15.42-fbx/drivers/soc/bcm/bcm63xx/rdp./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/soc/bcm/bcm63xx/rdp/Makefile 2023-03-09 15:06:11.376234546 +0100 @@ -0,0 +1,9 @@ +obj-y += rdp_drv.o + +rdp_drv-y += \ + rdp.o \ + rdp_api.o \ + rdp_io.o \ + rdp_ioctl.o + +rdp_drv-$(CONFIG_DEBUG_FS) += rdp_debug.o diff -Nruw linux-5.15.42-fbx/drivers/soc/bcm/bcm63xx/xrdp./Makefile linux-5.15.42-fbx/drivers/soc/bcm/bcm63xx/xrdp/Makefile --- linux-5.15.42-fbx/drivers/soc/bcm/bcm63xx/xrdp./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/drivers/soc/bcm/bcm63xx/xrdp/Makefile 2023-03-09 15:06:11.380234652 +0100 @@ -0,0 +1,8 @@ +obj-$(CONFIG_SOC_BCM63XX_XRDP) += xrdp_drv.o + +xrdp_drv-y += \ + xrdp.o \ + xrdp_api.o + +xrdp_drv-$(CONFIG_SOC_BCM63XX_XRDP_IOCTL) += xrdp_ioctl.o +xrdp_drv-$(CONFIG_DEBUG_FS) += xrdp_debug.o --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/drivers/spi/orion_tdm_spi.c 2024-04-22 14:46:56.236222429 +0200 @@ -0,0 +1,605 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define DRIVER_NAME "orion_tdm_spi" + +/* + * registers + */ +#define PCM_CTRL_REG 0x0000 +#define PCM_DAA_CSS_CTRL_MASK (1 << 15) + +#define SPI_CLK_PRESCALE_REG 0x3100 +#define SCLOCK_LOW_SHIFT 0 +#define SCLOCK_LOW_MASK (0xff << SCLOCK_LOW_SHIFT) +#define SCLOCK_HIGH_SHIFT 8 +#define SCLOCK_HIGH_MASK (0xff << SCLOCK_HIGH_SHIFT) + +#define SPI_GLOBAL_CTRL_REG 0x3104 +#define CODEC_ENABLE_MASK (1 << 0) + +#define SPI_CTRL_REG 0x3108 +#define SPI_STAT_MASK (1 << 10) + +#define SPI_CODEC_ACCESS_L_REG 0x3130 +#define ACCESS_BYTE0_SHIFT 0 +#define ACCESS_BYTE1_SHIFT 8 + +#define SPI_CODEC_ACCESS_H_REG 0x3134 +#define ACCESS_BYTE2_SHIFT 0 +#define ACCESS_BYTE3_SHIFT 8 + +#define SPI_REG_ACCESS_CTRL_REG 0x3138 +#define BYTES_TO_XFER_MASK 0x3 +#define SPI_LSB_MSB_MASK (1 << 2) +#define SPI_RD_WR_MASK (1 << 3) +#define SPI_BYTES_TO_READ_SHIFT 4 +#define SPI_LO_SPEED_CLK_MASK (1 << 5) +#define SPI_READ_CS_HOLD_SHIFT 6 + +#define SPI_READ_DATA_REG 0x313c + +#define SPI_REG_ACCESS_CTRL1_REG 0x3140 +#define SPI_WRITE_CS_HOLD_SHIFT 0 + +#define SPI_OUT_EN_CTRL_REG 0x4000 +#define SPI_OUT_EN_DISABLE_MASK (1 << 0) + + +struct orion_tdm_spi { + struct spi_master *master; + void __iomem *base; + + unsigned int max_speed; + unsigned int min_speed; + + /* current configured speed/divs for each CS, drivers uses "low" + * for CS0 and "high" for CS1 */ + unsigned int speeds[2]; + u32 divs[2]; + + unsigned int hardware_cs_selected; + struct clk *clk; +}; + +MODULE_ALIAS("platform:" DRIVER_NAME); + +static inline u32 spi_readl(struct orion_tdm_spi *priv, u32 reg) +{ + u32 val; + + val = readl(priv->base + reg); + return val; +} + +static inline void spi_writel(struct orion_tdm_spi *priv, u32 val, u32 reg) +{ + writel(val, priv->base + reg); +} + +static int spi_baudrate_set(struct orion_tdm_spi *priv, + unsigned int cs, unsigned int speed) +{ + u32 tclk_hz; + u32 div, val; + + if (priv->speeds[cs] == speed) + return 0; + + tclk_hz = clk_get_rate(priv->clk); + + /* find divider, the supported values are: 2...254 (even only) */ + div = DIV_ROUND_UP(tclk_hz, speed); + div = roundup(div, 2); + + if (div > 254) + return 1; + + if (div < 2) + div = 2; + + /* don't reprogram div if not needed */ + if (priv->divs[cs] == div) { + priv->speeds[cs] = speed; + return 0; + } + + /* Convert the rate to SPI clock divisor value. */ + val = spi_readl(priv, SPI_CLK_PRESCALE_REG); + if (cs) { + val &= ~SCLOCK_HIGH_MASK; + val |= div << SCLOCK_HIGH_SHIFT; + } else { + val &= ~SCLOCK_LOW_MASK; + val |= div << SCLOCK_LOW_SHIFT; + } + spi_writel(priv, val, SPI_CLK_PRESCALE_REG); + + priv->speeds[cs] = speed; + priv->divs[cs] = div; + return 0; +} + +static void spi_set_cs(struct orion_tdm_spi *priv, + struct spi_device *spi, + int active) +{ + unsigned int use_hardware_cs; + + /* if not using gpio, hardware moves cs for us */ + if (gpio_is_valid(spi->cs_gpio)) + use_hardware_cs = 0; + else { + WARN_ON_ONCE(spi->chip_select > 0); + use_hardware_cs = 1; + } + + /* toggle hardware CS usage (with small cache) */ + if (use_hardware_cs != priv->hardware_cs_selected) { + u32 val; + + val = spi_readl(priv, PCM_CTRL_REG); + if (!use_hardware_cs) + val |= PCM_DAA_CSS_CTRL_MASK; + else + val &= ~PCM_DAA_CSS_CTRL_MASK; + spi_writel(priv, val, PCM_CTRL_REG); + priv->hardware_cs_selected = use_hardware_cs; + } + + /* toggle GPIO usage */ + if (!use_hardware_cs) + gpio_set_value(spi->cs_gpio, 1 - active); +} + +static int do_spi_poll(struct orion_tdm_spi *priv) +{ + unsigned int loop; + u32 val; + + for (loop = 0; loop < 1000; loop++) { + val = spi_readl(priv, SPI_CTRL_REG); + if (!(val & SPI_STAT_MASK)) + return 0; + } + return 1; +} + +static int do_write_read(struct orion_tdm_spi *priv, struct spi_device *spi, + const u8 *tx, unsigned int tx_len, + u8 *rx, unsigned int rx_len) +{ + u32 val; + + if (do_spi_poll(priv)) { + dev_err(&spi->dev, "spi_poll timed out\n"); + return 1; + } + + val = tx[0]; + if (tx_len > 1) + val |= tx[1] << 8; + spi_writel(priv, val, SPI_CODEC_ACCESS_L_REG); + + if (tx_len > 2) { + val = tx[2]; + if (tx_len > 3) + val |= tx[3] << 8; + spi_writel(priv, val, SPI_CODEC_ACCESS_H_REG); + } + + + val = tx_len - 1; + if (rx_len) + val |= SPI_RD_WR_MASK; + if (rx_len > 1) + val |= (1 << SPI_BYTES_TO_READ_SHIFT); + if (spi->chip_select) { + /* note: bit set to 1 => use high speed */ + val |= SPI_LO_SPEED_CLK_MASK; + } + spi_writel(priv, val, SPI_REG_ACCESS_CTRL_REG); + + val = spi_readl(priv, SPI_CTRL_REG); + val |= SPI_STAT_MASK; + spi_writel(priv, val, SPI_CTRL_REG); + + if (do_spi_poll(priv)) { + dev_err(&spi->dev, "spi_poll timed out\n"); + return 1; + } + + if (rx_len) { + val = spi_readl(priv, SPI_READ_DATA_REG); + rx[0] = val & 0xff; + if (rx_len > 1) + rx[1] = (val >> 8) & 0xff; + } + + return 0; +} + +static int orion_tdm_spi_setup(struct spi_device *spi) +{ + struct orion_tdm_spi *priv; + + priv = spi_master_get_devdata(spi->master); + + if (spi->bits_per_word == 0) + spi->bits_per_word = 8; + + if (spi->bits_per_word != 8) { + dev_err(&spi->dev, "setup: unsupported transfer width %u\n", + spi->bits_per_word); + return -EINVAL; + } + + if ((spi->max_speed_hz == 0) || + (spi->max_speed_hz > priv->max_speed)) + spi->max_speed_hz = priv->max_speed; + + if (spi->max_speed_hz < priv->min_speed) { + dev_err(&spi->dev, "setup: requested speed too low %d Hz\n", + spi->max_speed_hz); + return -EINVAL; + } + + if (gpio_is_valid(spi->cs_gpio)) { + unsigned long flags; + + flags = GPIOF_DIR_OUT; + if (spi->mode & SPI_CS_HIGH) + flags |= GPIOF_INIT_LOW; + else + flags |= GPIOF_INIT_HIGH; + + return gpio_request_one(spi->cs_gpio, flags, + dev_name(&spi->dev)); + } + + return 0; +} + +static void orion_tdm_spi_cleanup(struct spi_device *spi) +{ + if (gpio_is_valid(spi->cs_gpio)) { + gpio_free(spi->cs_gpio); + } +} + +static void orion_tdm_spi_transfer_delay(struct spi_transfer *t) +{ + unsigned int delay_ns = spi_delay_to_ns(&t->delay, t); + + if (!delay_ns) + return ; + if (delay_ns < 1000) + ndelay(delay_ns); + else + udelay(delay_ns / 1000 + 1); +} + +static int orion_tdm_spi_transfer(struct spi_device *spi, + struct spi_message *m) +{ + struct orion_tdm_spi *priv; + struct spi_transfer *t; + int want_write, cs_active; + + m->actual_length = 0; + m->status = 0; + + /* reject invalid messages and transfers */ + if (list_empty(&m->transfers) || !m->complete) + return -EINVAL; + + priv = spi_master_get_devdata(spi->master); + + /* + * first pass for sanity check + * + * hardware is dumb, and can't read/write at the same + * time. Worst, you have to write at least one byte to be able + * to read, and you can't not read more than two bytes. + */ + want_write = 0; + + list_for_each_entry(t, &m->transfers, transfer_list) { + + if (!t->len) + continue; + + if (t->tx_buf && t->rx_buf) { + dev_err(&spi->dev, + "message rejected : " + "full duplex transfer not supported\n"); + m->status = -ENOTSUPP; + goto msg_done; + } + + if (!t->tx_buf && !t->rx_buf && t->len) { + dev_err(&spi->dev, + "message rejected : " + "invalid transfer data buffers\n"); + m->status = -EINVAL; + goto msg_done; + } + + /* check if forced transfer width is valid */ + if (t->bits_per_word && t->bits_per_word != 8) { + dev_err(&spi->dev, + "message rejected : " + "invalid transfer bits_per_word (%d bits)\n", + t->bits_per_word); + m->status = -EINVAL; + goto msg_done; + } + + /* check if forced transfer speed if ok */ + if (t->speed_hz && t->speed_hz < priv->min_speed) { + dev_err(&spi->dev, + "message rejected : " + "device min speed (%d Hz) exceeds " + "required transfer speed (%d Hz)\n", + priv->min_speed, t->speed_hz); + m->status = -EINVAL; + goto msg_done; + } + + if (t->tx_buf) + want_write += t->len; + if (t->rx_buf) { + if (t->len > 2) { + dev_err(&spi->dev, + "message rejected : " + "marvell dumb spi can't read " + "more than 2 bytes\n"); + m->status = -EINVAL; + goto msg_done; + + } + + if (want_write) + want_write = 0; + else { + dev_err(&spi->dev, + "message rejected : " + "marvell dumb spi can't read " + "without write first\n"); + m->status = -EINVAL; + goto msg_done; + } + } + } + + spi_set_cs(priv, spi, 0); + cs_active = 0; + + /* do the actual transfer, we need to coalesce write and read + * transfer */ + list_for_each_entry(t, &m->transfers, transfer_list) { + unsigned int i, speed; + + if (!t->len) + continue; + + /* get and configure speed for this transfer */ + if (t->speed_hz) + speed = t->speed_hz; + else + speed = spi->max_speed_hz; + + if (spi_baudrate_set(priv, spi->chip_select, speed)) { + m->status = -EINVAL; + goto msg_done; + } + + /* write always one byte, if this is the last byte to + * transfer, lookahead next transfer and read if + * needed */ + BUG_ON(!t->tx_buf); + + for (i = 0; i < t->len;) { + struct spi_transfer *nt; + u8 *rx; + const u8 *tx; + unsigned int rx_len, tx_remain; + + rx = NULL; + nt = NULL; + rx_len = 0; + + tx_remain = t->len - i; + if (tx_remain == 1) { + struct list_head *e; + + /* last byte to write, check if next + * transfer is a read and coalesce */ + e = t->transfer_list.next; + if (e != &m->transfers) { + nt = list_entry(e, struct spi_transfer, + transfer_list); + if (nt->rx_buf) { + rx = nt->rx_buf; + rx_len = nt->len; + } else + nt = NULL; + } + } + + /* we can write 4 bytes at a time if not + * reading */ + if (tx_remain > 4) + tx_remain = 4; + else { + /* make sure we leave at least one + * byte in case we need to coalesce + * with next read */ + if (tx_remain > 1) + tx_remain--; + } + tx = t->tx_buf + i; + + if (!cs_active) { + spi_set_cs(priv, spi, 1); + cs_active = 1; + } + + if (do_write_read(priv, spi, tx, tx_remain, + rx, rx_len)) { + m->status = -EIO; + goto msg_done; + } + + if (t->cs_change) { + spi_set_cs(priv, spi, 0); + cs_active = 0; + } + + m->actual_length += tx_remain + rx_len; + + /* skip next transfer if we coalesced it */ + if (nt) { + t = nt; + break; + } + + i += tx_remain; + } + + /* + * can't use spi_transfer_delay_exec() here as we are + * holding spinlocks and it may call sleeping + * functions. + */ + orion_tdm_spi_transfer_delay(t); + } + +msg_done: + if (cs_active) + spi_set_cs(priv, spi, 0); + + if (m->complete) + m->complete(m->context); + return m->status; +} + +static int orion_tdm_spi_probe(struct platform_device *pdev) +{ + struct spi_master *master; + struct orion_tdm_spi *priv; + struct resource *r; + unsigned int tclk_hz; + int status = 0; + u32 val; + + master = spi_alloc_master(&pdev->dev, sizeof (*priv)); + if (master == NULL) { + dev_dbg(&pdev->dev, "master allocation failed\n"); + return -ENOMEM; + } + + if (pdev->id != -1) + master->bus_num = pdev->id; + + master->setup = orion_tdm_spi_setup; + master->cleanup = orion_tdm_spi_cleanup; + master->transfer = orion_tdm_spi_transfer; + master->num_chipselect = 1; + master->mode_bits = 0; + + platform_set_drvdata(pdev, master); + + priv = spi_master_get_devdata(master); + priv->master = master; + + priv->clk = devm_clk_get(&pdev->dev, NULL); + if (IS_ERR(priv->clk)) { + dev_err(&pdev->dev, "no associated clk\n"); + status = PTR_ERR(priv->clk); + goto out; + } + + status = clk_prepare_enable(priv->clk); + if (status < 0) + goto out; + + tclk_hz = clk_get_rate(priv->clk); + priv->max_speed = DIV_ROUND_UP(tclk_hz, 4); + priv->min_speed = DIV_ROUND_UP(tclk_hz, 254); + priv->hardware_cs_selected = ~0; + + r = platform_get_resource(pdev, IORESOURCE_MEM, 0); + priv->base = devm_ioremap_resource(&pdev->dev, r); + if (IS_ERR(priv->base)) { + status = PTR_ERR(priv->base); + goto out_clk; + } + + /* configure TDM SPI */ + val = spi_readl(priv, SPI_OUT_EN_CTRL_REG); + val &= ~SPI_OUT_EN_DISABLE_MASK; + spi_writel(priv, val, SPI_OUT_EN_CTRL_REG); + + val = spi_readl(priv, SPI_GLOBAL_CTRL_REG); + val |= CODEC_ENABLE_MASK; + spi_writel(priv, val, SPI_GLOBAL_CTRL_REG); + + master->dev.of_node = pdev->dev.of_node; + status = spi_register_master(master); + if (status < 0) + goto out_clk; + + return status; + +out_clk: + clk_disable_unprepare(priv->clk); + +out: + spi_master_put(master); + return status; +} + +static int orion_tdm_spi_remove(struct platform_device *pdev) +{ + struct spi_master *master; + struct orion_tdm_spi *priv; + + master = dev_get_drvdata(&pdev->dev); + priv = spi_master_get_devdata(master); + + clk_disable_unprepare(priv->clk); + spi_unregister_master(master); + + return 0; +} + +static const struct of_device_id orion_tdm_spi_match_table[] = { + { .compatible = "marvell,orion-tdm-spi", .data = NULL }, + {}, +}; + +static struct platform_driver orion_tdm_spi_driver = { + .driver = { + .name = DRIVER_NAME, + .owner = THIS_MODULE, + .of_match_table = orion_tdm_spi_match_table, + }, + .remove = orion_tdm_spi_remove, + .probe = orion_tdm_spi_probe, +}; + +module_platform_driver(orion_tdm_spi_driver); + +MODULE_DESCRIPTION("Orion TDM SPI driver"); +MODULE_AUTHOR("Maxime Bizon "); +MODULE_LICENSE("GPL"); --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/drivers/video/fbdev/ssd1327.c 2024-04-22 14:46:56.816238276 +0200 @@ -0,0 +1,873 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + + +/* + * commands + */ +#define OPCODE_CONTRAST 0x81 + +#define OPCODE_SET_COLUMN 0x15 +#define OPCODE_SET_ROW 0x75 +#define OPCODE_SET_REMAP 0xa0 +#define OPCODE_DISPLAY_NORMAL 0xa4 +#define OPCODE_DISPLAY_ALL_ON 0xa5 +#define OPCODE_DISPLAY_ALL_OFF 0xa6 + +#define OPCODE_SET_MULTIPLEX_RATIO 0xa8 +#define OPCODE_SET_FUNC_A 0xab + +#define OPCODE_DISPLAY_OFF 0xae +#define OPCODE_DISPLAY_ON 0xaf + +#define OPCODE_SET_PHASE_LENGTH 0xb1 +#define OPCODE_SET_FRONT_CLOCK_DIV 0xb3 +#define OPCODE_UNKNOWN 0xb4 // for brightness enhancement? +#define OPCODE_SET_2ND_PRECHARGE 0xb6 +#define OPCODE_SET_GRAYSCALE_TBL 0xb8 +#define OPCODE_DEF_GRAY 0xb9 + +#define OPCODE_SET_PRECHARGE_VOLTAGE 0xbc +#define OPCODE_SET_VCOMM_VOLTAGE 0xbe + +#define OPCODE_SET_FUNC_B 0xd5 + +#define SSD1327_MAX_BRIGHTNESS 0x81 +#define SSD1327_NOMINAL_BRIGHTNESS 0x64 + +/* + * fbinfo + */ +static struct fb_fix_screeninfo ssd1327_fb_fix = { + .id = "ssd1327", + .type = FB_TYPE_PACKED_PIXELS, + .visual = FB_VISUAL_STATIC_PSEUDOCOLOR, + .xpanstep = 0, + .ypanstep = 1, + .ywrapstep = 0, + .accel = FB_ACCEL_NONE, +}; + +static struct fb_var_screeninfo ssd1327_fb_var = { + .bits_per_pixel = 8, + .grayscale = 1, + .nonstd = 1, + .red.length = 8, + .green.length = 8, + .blue.length = 8, +}; + +/* + * private data + */ +#define SSD1327_COLS 64 +#define SSD1327_ROWS 128 +#define GDDRAM_SIZE SSD1327_COLS * SSD1327_ROWS + +struct ssd1327 { + struct mutex mutex; + + /* configuration from device tree */ + u32 width; + u32 height; + u32 rotate; + u32 watchdog; + + /* image of display ram */ + u8 gddram[GDDRAM_SIZE]; + u8 old_gddram[GDDRAM_SIZE]; + + /* data ram, 8 bits per pixel */ + u8 *vmem; + unsigned int vmem_size; + + + struct fb_info *fb; + struct gpio_desc *vcc_gpio; + struct reset_control *reset; + struct gpio_desc *reset_gpio; + struct gpio_desc *data_gpio; + struct spi_device *spi; + + struct backlight_device *backlight; + unsigned int brightness; + + /* watchog timer */ + struct delayed_work wtd_work; + atomic_t wtd_count; + + const char *init_seq; +}; + +/* + * send command to device + */ +static int send_cmd(struct ssd1327 *priv, u8 cmd) +{ + int ret; + + mutex_lock(&priv->mutex); + gpiod_set_value(priv->data_gpio, 0); + ret = spi_write_then_read(priv->spi, &cmd, 1, NULL, 0); + mutex_unlock(&priv->mutex); + return ret; +} + +/* + * send command list to device + */ +static int send_cmds(struct ssd1327 *priv, const u8 *cmd, unsigned int len) +{ + unsigned int i; + int ret; + + for (i = 0; i < len; i++) { + ret = send_cmd(priv, cmd[i]); + if (ret < 0) + return ret; + } + return 0; +} + +/* + * write given data into device gddram + */ +static int write_data(struct ssd1327 *priv, u8 *tx, unsigned int size) +{ + int ret; + + mutex_lock(&priv->mutex); + gpiod_set_value(priv->data_gpio, 1); + ret = spi_write(priv->spi, tx, size); + mutex_unlock(&priv->mutex); + return ret; +} + +static inline bool ssd1327_reset_needed(struct ssd1327 *priv) +{ + return priv->reset_gpio || + (priv->reset && reset_control_status(priv->reset)); +} + +static inline void ssd1327_reset_assert(struct ssd1327 *priv) +{ + if (priv->reset) + reset_control_assert(priv->reset); + if (priv->reset_gpio) + gpiod_direction_output(priv->reset_gpio, 0); +} + +static inline void ssd1327_reset_deassert(struct ssd1327 *priv) +{ + if (priv->reset) + reset_control_deassert(priv->reset); + if (priv->reset_gpio) + gpiod_direction_output(priv->reset_gpio, 1); +} + +/* + * soft reset & initialize ssd1327 + */ +static int ssd1327_init(struct ssd1327 *priv) +{ + /* + * init sequence used in fbxgw1r/fbxgw2r (incl. FreeboxOne, + * even if it should use the p32202 init sequence). + */ + const u8 init_cmds_other[] = { OPCODE_DISPLAY_ON, + + /* set even/odd splitting */ + OPCODE_SET_REMAP, (1 << 6), + OPCODE_CONTRAST, SSD1327_NOMINAL_BRIGHTNESS, + OPCODE_DEF_GRAY, + OPCODE_DISPLAY_NORMAL, + }; + /* + * init sequence for p32202 screen, found on jbxgw7r + */ + const u8 init_cmds_p32202[] = { + OPCODE_DISPLAY_OFF, + /* set even/odd splitting */ + OPCODE_SET_REMAP, (1 << 6), + OPCODE_DISPLAY_NORMAL, + + OPCODE_SET_MULTIPLEX_RATIO, 0x7f, + OPCODE_SET_FUNC_A, 0x01, + OPCODE_CONTRAST, 0xa5, + OPCODE_SET_PHASE_LENGTH, 0x31, + OPCODE_SET_FRONT_CLOCK_DIV, 0xc1, + OPCODE_UNKNOWN, 0xb5, + OPCODE_SET_2ND_PRECHARGE, 0x0d, + OPCODE_SET_PRECHARGE_VOLTAGE, 0x04, + OPCODE_SET_VCOMM_VOLTAGE, 0x07, + OPCODE_SET_FUNC_B, 0x60, + + OPCODE_DISPLAY_ON, + }; + const u8 *init_cmds; + size_t init_cmds_size; + int ret; + + /* check if we need to powerup */ + if (ssd1327_reset_needed(priv)) { + dev_info(&priv->spi->dev, "reset held, powerup needed"); + + ssd1327_reset_assert(priv); + msleep(500); + + gpiod_direction_output(priv->vcc_gpio, 0); + ssd1327_reset_deassert(priv); + msleep(10); + gpiod_direction_output(priv->vcc_gpio, 1); + msleep(100); + } + + /* zero ram */ + ret = write_data(priv, priv->gddram, GDDRAM_SIZE); + if (ret) + return ret; + + /* + * select init command depending on device tree property, use + * init_cmds_other by default. + */ + if (priv->init_seq && !strcmp(priv->init_seq, "p32202")) { + dev_dbg(&priv->spi->dev, "using init sequence for " + "p32202 part.\n"); + init_cmds = init_cmds_p32202; + init_cmds_size = sizeof (init_cmds_p32202); + } else { + init_cmds = init_cmds_other; + init_cmds_size = sizeof (init_cmds_other); + } + + return send_cmds(priv, init_cmds, init_cmds_size); +} + +/* + * update area + */ +static int ssd1327_fb_update(struct ssd1327 *priv) +{ + unsigned int col, row, w, h, i, count; + unsigned char *vmem; + u8 *start; + u8 ccmds[3] = { OPCODE_SET_COLUMN, 0, 0x3f }; + u8 rcmds[3] = { OPCODE_SET_ROW, 0, 0x7f }; + int toggle, last_toggle_pos, moved; + + w = priv->width; + h = priv->height; + + /* backup previous gddram */ + memcpy(priv->old_gddram, priv->gddram, GDDRAM_SIZE); + + vmem = priv->vmem + w * priv->fb->var.yoffset; + + for (row = 0; row < SSD1327_ROWS; row++) { + + if (row >= h) + break; + + for (col = 0; col < SSD1327_COLS; col++) { + unsigned int nibble; + u8 val; + + val = 0; + for (nibble = 0; nibble < 2; nibble++) { + unsigned int off, x; + u8 vval; + + x = col * 2 + nibble; + if (x >= w) + break; + + switch (priv->fb->var.rotate) { + case 0: + default: + off = row * w + x; + break; + + case 180: + off = w * h - (row * w + x) - 1; + break; + + case 90: + off = (w - x - 1) * w + row; + break; + + case 270: + off = x * w + (h - row - 1); + break; + } + + vval = vmem[off] >> 4; + val |= vval << (nibble * 4); + } + + priv->gddram[row * SSD1327_COLS + col] = val; + } + } + + /* count consecutive toggled bytes, each column/row address + * change adds 6 bytes to send */ + moved = toggle = 0; + last_toggle_pos = -INT_MAX; + count = 0; + for (i = 0; i < GDDRAM_SIZE; i++) { + if (priv->gddram[i] ^ priv->old_gddram[i]) { + /* if crossing column boundary and first + * address is not 0, we must send column + * command */ + if (moved && ((i % SSD1327_COLS) == 0)) { + count += 3; + moved = 0; + } + + if (!toggle) { + if (i - last_toggle_pos < 6) { + unsigned int j; + + /* fake last columns as dirty, + * cheaper than repositionning + * cursor */ + for (j = last_toggle_pos; j < i; j++) + priv->old_gddram[j] = + ~priv->gddram[j]; + + count += i - last_toggle_pos - 1; + } else { + /* send command to change + * address & column */ + count += 6; + + /* if we changed first column address + * to non 0, remember it */ + if ((i % SSD1327_COLS)) + moved = 1; + else + moved = 0; + } + } + + toggle = 1; + count++; + + } else { + if (toggle) + last_toggle_pos = i - 1; + toggle = 0; + } + } + + /* force full gddram update if we would send more bytes + * using clever update */ + if (count > GDDRAM_SIZE) + return write_data(priv, priv->gddram, GDDRAM_SIZE); + + moved = toggle = 0; + count = 0; + start = NULL; + for (i = 0; i < GDDRAM_SIZE; i++) { + + if (priv->gddram[i] ^ priv->old_gddram[i]) { + /* if crossed column boundary and first + * address is not 0, we must send command to + * reset column*/ + if (moved && ((i % SSD1327_COLS) == 0)) { + write_data(priv, start, count); + start += count; + count = 0; + ccmds[1] = 0; + send_cmds(priv, ccmds, 3); + moved = 0; + } + + if (!toggle) { + ccmds[1] = i % SSD1327_COLS; + rcmds[1] = i / SSD1327_COLS; + send_cmds(priv, ccmds, 3); + send_cmds(priv, rcmds, 3); + + /* if we changed first column address + * to non 0, remember it */ + if ((i % SSD1327_COLS)) + moved = 1; + else + moved = 0; + start = &priv->gddram[i]; + } + + count++; + toggle = 1; + + } else { + if (count) { + write_data(priv, start, count); + count = 0; + } + toggle = 0; + } + } + + if (count) + write_data(priv, start, count); + + /* reset position */ + ccmds[1] = 0; + send_cmds(priv, ccmds, 3); + rcmds[1] = 0; + send_cmds(priv, rcmds, 3); + return 0; +} + +/* + * frame buffer fill rect callback + */ +static void ssd1327_fb_fillrect(struct fb_info *info, + const struct fb_fillrect *rect) +{ + struct ssd1327 *priv = info->par; + sys_fillrect(info, rect); + atomic_set(&priv->wtd_count, priv->watchdog); + ssd1327_fb_update(priv); +} + +/* + * frame buffer copy area callback + */ +static void ssd1327_fb_copyarea(struct fb_info *info, + const struct fb_copyarea *area) +{ + struct ssd1327 *priv = info->par; + sys_copyarea(info, area); + atomic_set(&priv->wtd_count, priv->watchdog); + ssd1327_fb_update(priv); +} + +/* + * frame buffer image blit + */ +static void ssd1327_fb_imageblit(struct fb_info *info, + const struct fb_image *image) +{ + struct ssd1327 *priv = info->par; + sys_imageblit(info, image); + atomic_set(&priv->wtd_count, priv->watchdog); + ssd1327_fb_update(priv); +} + +/* + * frame buffer pan callback + */ +static int ssd1327_fb_pan(struct fb_var_screeninfo *var, struct fb_info *info) +{ + struct ssd1327 *priv = info->par; + priv->fb->var.xoffset = var->xoffset; + priv->fb->var.yoffset = var->yoffset; + atomic_set(&priv->wtd_count, priv->watchdog); + ssd1327_fb_update(priv); + return 0; +} + +/* + * fram buffer set_par callback, set videomode + */ +static int ssd1327_fb_set_par(struct fb_info *info) +{ + struct ssd1327 *priv = info->par; + /* called after rotate update */ + atomic_set(&priv->wtd_count, priv->watchdog); + ssd1327_fb_update(priv); + return 0; +} + +static int ssd1327_fb_check_var(struct fb_var_screeninfo *var, + struct fb_info *info) +{ + unsigned int rotate; + + rotate = var->rotate; + if (rotate != 0 && rotate != 90 && rotate != 180 && rotate != 270) + rotate = 0; + *var = info->var; + var->rotate = rotate; + return 0; +} + +/* + * frame buffer blank callback + */ +static int ssd1327_fb_blank(int blank, struct fb_info *info) +{ + return 0; +} + +/* + * frame buffer write from userspace + */ +static ssize_t ssd1327_fb_write(struct fb_info *info, const char __user *buf, + size_t count, loff_t *ppos) +{ + struct ssd1327 *priv = info->par; + unsigned long p = *ppos; + void *dst; + int err = 0; + unsigned long total_size; + + if (info->state != FBINFO_STATE_RUNNING) + return -EPERM; + + total_size = info->fix.smem_len; + + if (p > total_size) + return -EFBIG; + + if (count > total_size) { + err = -EFBIG; + count = total_size; + } + + if (count + p > total_size) { + if (!err) + err = -ENOSPC; + + count = total_size - p; + } + + dst = (void __force *)(info->screen_base + p); + + if (copy_from_user(dst, buf, count)) + err = -EFAULT; + + if (!err) + *ppos += count; + + atomic_set(&priv->wtd_count, priv->watchdog); + ssd1327_fb_update(priv); + + return (err) ? err : count; +} + +static struct fb_ops ssd1327_fb_ops = { + .owner = THIS_MODULE, + .fb_write = ssd1327_fb_write, + .fb_fillrect = ssd1327_fb_fillrect, + .fb_copyarea = ssd1327_fb_copyarea, + .fb_imageblit = ssd1327_fb_imageblit, + .fb_pan_display = ssd1327_fb_pan, + .fb_blank = ssd1327_fb_blank, + .fb_check_var = ssd1327_fb_check_var, + .fb_set_par = ssd1327_fb_set_par, +}; + +/* + * watchdog timer + */ +static void wtd_work_cb(struct work_struct *t) +{ + struct ssd1327 *priv; + struct delayed_work *dwork; + + dwork = container_of(t, struct delayed_work, work); + priv = container_of(dwork, struct ssd1327, wtd_work); + + if (atomic_dec_and_test(&priv->wtd_count)) { + dev_err(&priv->spi->dev, "watchdog triggered\n"); + memset(priv->vmem, 0, priv->vmem_size); + ssd1327_fb_update(priv); + } + + schedule_delayed_work(&priv->wtd_work, HZ); +} + +/* + * backlight control + */ +static int ssd1327_bl_update_status(struct backlight_device *bl) +{ + struct ssd1327 *priv; + u8 bl_cmds[2]; + int ret; + + priv = bl_get_data(bl); + + bl_cmds[0] = OPCODE_CONTRAST; + bl_cmds[1] = bl->props.brightness; + + ret = send_cmds(priv, bl_cmds, sizeof (bl_cmds)); + if (ret < 0) + return ret; + priv->brightness = bl->props.brightness; + return 0; +} + +static int ssd1327_bl_get_brightness(struct backlight_device *bl) +{ + struct ssd1327 *priv; + priv = bl_get_data(bl); + return priv->brightness; +} + +static struct backlight_ops ssd1327_bl_ops = { + .update_status = ssd1327_bl_update_status, + .get_brightness = ssd1327_bl_get_brightness, +}; + +static const struct backlight_properties ssd1327_bl_props = { + .power = FB_BLANK_UNBLANK, + .fb_blank = FB_BLANK_UNBLANK, + .max_brightness = SSD1327_MAX_BRIGHTNESS, + .type = BACKLIGHT_RAW, +}; + +static int init_backlight(struct ssd1327 *priv) +{ + struct backlight_device *bl; + + bl = backlight_device_register("ssd1327", &priv->spi->dev, + priv, &ssd1327_bl_ops, + &ssd1327_bl_props); + if (IS_ERR(bl)) { + dev_err(&priv->spi->dev, "error %ld on backlight register\n", + PTR_ERR(bl)); + return PTR_ERR(bl); + } + priv->backlight = bl; + bl->props.brightness = priv->brightness; + return 0; +} + +/* + * platform device probe callback + */ +static int ssd1327_probe(struct spi_device *spi) +{ + struct device_node *node = spi->dev.of_node; + struct ssd1327 *priv; + struct fb_info *fb; + int ret; + + if (!node) { + dev_err(&spi->dev, "No device tree data found!\n"); + return -EINVAL; + } + + fb = framebuffer_alloc(sizeof (*priv), &spi->dev); + if (!fb) + return -ENOMEM; + + priv = fb->par; + mutex_init(&priv->mutex); + priv->spi = spi; + priv->fb = fb; + priv->brightness = SSD1327_NOMINAL_BRIGHTNESS; + + priv->reset = devm_reset_control_get_shared_by_index(&spi->dev, 0); + if (IS_ERR(priv->reset)) { + ret = PTR_ERR(priv->reset); + if (ret == -ENOENT) + priv->reset = NULL; + else { + if (ret != -EPROBE_DEFER) + dev_err(&spi->dev, "failed to get reset: %d\n", + ret); + goto fail; + } + } + + priv->reset_gpio = devm_gpiod_get(&spi->dev, "ssd1327,reset", + GPIOD_ASIS); + if (IS_ERR(priv->reset_gpio)) { + ret = PTR_ERR(priv->reset_gpio); + if (ret == -ENOENT) + priv->reset_gpio = NULL; + else { + if (ret != -EPROBE_DEFER) + dev_err(&spi->dev, "failed to get reset gpio: " + "%d\n", ret); + goto fail; + } + } + + priv->vcc_gpio = NULL; + if (priv->reset_gpio || priv->reset) { + priv->vcc_gpio = devm_gpiod_get(&spi->dev, "ssd1327,vcc", + GPIOD_ASIS); + if (IS_ERR(priv->vcc_gpio)) { + ret = PTR_ERR(priv->vcc_gpio); + if (ret != -EPROBE_DEFER) + dev_err(&spi->dev, + "failed to get vcc gpio: %d\n", ret); + goto fail; + } + } + + priv->data_gpio = devm_gpiod_get(&spi->dev, + "ssd1327,data-select", + GPIOD_OUT_LOW); + if (IS_ERR(priv->data_gpio)) { + ret = PTR_ERR(priv->data_gpio); + if (ret != -EPROBE_DEFER) + dev_err(&spi->dev, "failed to get data gpio: %d\n", + ret); + goto fail; + } + + ret = of_property_read_u32(node, "ssd1327,width", &priv->width); + if (ret) { + dev_err(&spi->dev, "failed to get width\n"); + goto fail; + } + + ret = of_property_read_u32(node, "ssd1327,height", &priv->height); + if (ret) { + dev_err(&spi->dev, "failed to get height\n"); + goto fail; + } + + /* sanity check on screen size */ + if (priv->width > SSD1327_COLS * 2 || + priv->height > SSD1327_ROWS) { + dev_err(&spi->dev, "unsupported screen dimension\n"); + goto fail; + } + + ret = of_property_read_u32(node, "ssd1327,rotate", &priv->rotate); + if (ret) { + dev_err(&spi->dev, "failed to get rotate\n"); + goto fail; + } + + ret = of_property_read_u32(node, "ssd1327,watchdog", &priv->watchdog); + if (ret) { + dev_err(&spi->dev, "failed to get watchdog\n"); + goto fail; + } + + priv->init_seq = NULL; + of_property_read_string(node, "ssd1327,init-sequence", &priv->init_seq); + + /* setup framebuffer */ + fb->fbops = &ssd1327_fb_ops; + fb->flags = FBINFO_FLAG_DEFAULT | FBINFO_HWACCEL_YPAN; + fb->var = ssd1327_fb_var; + fb->fix = ssd1327_fb_fix; + + fb->var.xres = priv->width; + fb->var.yres = priv->height; + fb->var.xres_virtual = priv->width; + fb->var.yres_virtual = priv->height * 2; + + /* twice lcd size so we can pan in one direction */ + fb->fix.smem_len = (priv->width * priv->height) * 2; + fb->fix.line_length = priv->width; + fb->var.rotate = priv->rotate; + + /* allocate video memory */ + priv->vmem_size = PAGE_ALIGN(fb->fix.smem_len); + priv->vmem = vmalloc(priv->vmem_size); + if (!priv->vmem) { + ret = -ENOMEM; + goto fail; + } + memset(priv->vmem, 0, priv->vmem_size); + fb->screen_base = (char __iomem *)priv->vmem; + + ret = ssd1327_init(priv); + if (ret) + goto fail; + + if (init_backlight(priv)) + goto fail; + + /* register frame buffer */ + ret = register_framebuffer(fb); + if (ret < 0) + goto fail; + + INIT_DELAYED_WORK(&priv->wtd_work, wtd_work_cb); + + if (priv->watchdog) { + atomic_set(&priv->wtd_count, priv->watchdog); + schedule_delayed_work(&priv->wtd_work, HZ); + } + + dev_info(&spi->dev, + "fb%d: SSD1327 frame buffer device (%ux%u screen)\n", + fb->node, priv->width, priv->height); + + dev_set_drvdata(&spi->dev, priv); + return 0; + +fail: + if (priv->vmem) + vfree(priv->vmem); + if (priv->backlight) + backlight_device_unregister(priv->backlight); + framebuffer_release(fb); + return ret; +} + +/* + * platform device remove callback + */ +static int ssd1327_remove(struct spi_device *spi) +{ + struct ssd1327 *priv; + unsigned int i; + + priv = dev_get_drvdata(&spi->dev); + cancel_delayed_work_sync(&priv->wtd_work); + unregister_framebuffer(priv->fb); + for (i = 0; i < priv->vmem_size; i += PAGE_SIZE) { + struct page *page; + page = vmalloc_to_page(priv->vmem + i); + page->mapping = NULL; + } + vfree(priv->vmem); + backlight_device_unregister(priv->backlight); + framebuffer_release(priv->fb); + return 0; +} + + +static const struct of_device_id ssd1327_of_match[] = { + { + .compatible = "solomon,ssd1327", + }, + {}, +}; +MODULE_DEVICE_TABLE(of, ssd1327_of_match); + +static struct spi_driver ssd1327_driver = { + .driver = { + .name = "ssd1327", + .of_match_table = ssd1327_of_match, + }, + .probe = ssd1327_probe, + .remove = ssd1327_remove, +}; + +module_spi_driver(ssd1327_driver); + +MODULE_DESCRIPTION("SSD1327 driver"); +MODULE_AUTHOR("Maxime Bizon "); +MODULE_LICENSE("GPL"); diff -Nruw linux-5.15.42-fbx/fs/exfat-fbx./Kconfig linux-5.15.42-fbx/fs/exfat-fbx/Kconfig --- linux-5.15.42-fbx/fs/exfat-fbx./Kconfig 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/fs/exfat-fbx/Kconfig 2023-02-24 19:09:23.405368085 +0100 @@ -0,0 +1,3 @@ + +config EXFAT_FS_FBX + tristate "exFAT fs support (fbx)" diff -Nruw linux-5.15.42-fbx/fs/exfat-fbx./Makefile linux-5.15.42-fbx/fs/exfat-fbx/Makefile --- linux-5.15.42-fbx/fs/exfat-fbx./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/fs/exfat-fbx/Makefile 2023-02-24 19:09:23.405368085 +0100 @@ -0,0 +1,13 @@ + +obj-$(CONFIG_EXFAT_FS_FBX) += exfat.o + +exfat-y = super.o \ + inode.o \ + fat.o \ + read-write.o \ + upcase.o \ + bitmap.o \ + time.o \ + dir.o \ + namei.o \ + file.o diff -Nruw linux-5.15.42-fbx/fs/exfat-fbx./bitmap.c linux-5.15.42-fbx/fs/exfat-fbx/bitmap.c --- linux-5.15.42-fbx/fs/exfat-fbx./bitmap.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/fs/exfat-fbx/bitmap.c 2023-02-24 19:09:35.701702339 +0100 @@ -0,0 +1,606 @@ +/* + * bitmap.c for exfat + * Created by on Thu Aug 8 19:21:05 2013 + */ + +#include +#include + +#include "exfat.h" +#include "exfat_fs.h" + + +static inline sector_t exfat_bitmap_sector(struct exfat_sb_info *sbi, + u32 cluster) +{ + return sbi->first_bitmap_sector + ((cluster / 8) >> sbi->sectorbits); +} + +static inline u32 exfat_bitmap_off(struct exfat_sb_info *sbi, + u32 cluster) +{ + return (cluster / 8) & sbi->sectormask; +} + +static inline u32 exfat_bitmap_shift(u32 cluster) +{ + return cluster & 7; +} + +static int __find_get_free_cluster(struct inode *inode, u32 *out_cluster) +{ + struct exfat_sb_info *sbi = EXFAT_SB(inode->i_sb); + + while (1) { + sector_t sect = exfat_bitmap_sector(sbi, + sbi->cur_bitmap_cluster); + u32 off = exfat_bitmap_off(sbi, sbi->cur_bitmap_cluster); + u32 shift = exfat_bitmap_shift(sbi->cur_bitmap_cluster); + + /* disk is full */ + if (!sbi->free_clusters) + break; + + if (!sbi->cur_bitmap_bh || + sect != sbi->cur_bitmap_sector) { + if (sbi->cur_bitmap_bh) + brelse(sbi->cur_bitmap_bh); + sbi->cur_bitmap_bh = sb_bread(inode->i_sb, sect); + sbi->cur_bitmap_sector = sect; + if (!sbi->cur_bitmap_bh) { + exfat_msg(inode->i_sb, KERN_ERR, + "unable to read bitmap sector " + "at %llu", (unsigned long long)sect); + return -EIO; + } + } + + if (!(sbi->cur_bitmap_bh->b_data[off] & (1 << shift))) { + sbi->cur_bitmap_bh->b_data[off] |= (1 << shift); + *out_cluster = sbi->cur_bitmap_cluster; + goto found; + } + + ++sbi->cur_bitmap_cluster; + if (sbi->cur_bitmap_cluster == sbi->cluster_count) + sbi->cur_bitmap_cluster = 0; + } + return -ENOSPC; + +found: + sbi->prev_free_cluster = *out_cluster; + --sbi->free_clusters; + mark_buffer_dirty(sbi->cur_bitmap_bh); + return 0; +} + +static int __put_cluster(struct inode *inode, u32 cluster) +{ + struct exfat_sb_info *sbi = EXFAT_SB(inode->i_sb); + sector_t sect = exfat_bitmap_sector(sbi, cluster); + u32 off = exfat_bitmap_off(sbi, cluster); + u32 shift = exfat_bitmap_shift(cluster); + + + if (!sbi->cur_bitmap_bh || sect != sbi->cur_bitmap_sector) { + if (sbi->cur_bitmap_bh) + brelse(sbi->cur_bitmap_bh); + sbi->cur_bitmap_bh = sb_bread(inode->i_sb, sect); + if (!sbi->cur_bitmap_bh) { + exfat_msg(inode->i_sb, KERN_ERR, + "unable to read bitmap sector at %llu", + (unsigned long long)sect); + return -EIO; + } + sbi->cur_bitmap_sector = sect; + sbi->cur_bitmap_cluster = cluster; + } + if ((sbi->cur_bitmap_bh->b_data[off] & (1 << shift)) == 0) { + exfat_fs_error(inode->i_sb, "put_cluster: cluster %u " + "already free.", cluster); + return -EIO; + } + + ++sbi->free_clusters; + sbi->cur_bitmap_bh->b_data[off] &= ~(1 << shift); + sbi->prev_free_cluster = cluster; + mark_buffer_dirty(sbi->cur_bitmap_bh); + /* sync_dirty_buffer(sbi->cur_bitmap_bh); */ + return 0; +} + +/* + * setup search to start at given cluster. + */ +static void __exfat_reset_bitmap(struct exfat_sb_info *sbi, u32 cluster) +{ + sector_t sect; + + if (cluster >= sbi->cluster_count) + cluster = 0; + + sect = exfat_bitmap_sector(sbi, cluster); + if (sbi->cur_bitmap_sector != sect) { + sbi->cur_bitmap_sector = sect; + if (sbi->cur_bitmap_bh) { + brelse(sbi->cur_bitmap_bh); + sbi->cur_bitmap_bh = NULL; + } + } + sbi->cur_bitmap_cluster = cluster; +} + +static bool all_contiguous(u32 *clusters, u32 nr) +{ + u32 i; + + for (i = 0; i < nr - 1; ++i) { + if (clusters[i] != clusters[i + 1] - 1) + return false; + } + return true; +} + +/* + * hint must be the immediately after the last allocated cluster of + * the inode. + */ +int exfat_alloc_clusters(struct inode *inode, u32 hint, u32 *clusters, u32 nr) +{ + struct exfat_sb_info *sbi = EXFAT_SB(inode->i_sb); + struct exfat_inode_info *info = EXFAT_I(inode); + u32 i; + + mutex_lock(&sbi->bitmap_mutex); + __exfat_reset_bitmap(sbi, hint - 2); + for (i = 0; i < nr; ++i) { + u32 new; + int error; + + error = __find_get_free_cluster(inode, &new); + if (error) { + mutex_unlock(&sbi->bitmap_mutex); + return error; + } + + clusters[i] = new + 2; + } + mutex_unlock(&sbi->bitmap_mutex); + + /* + * all clusters found: now see if we need to update/create a + * fat chain. + */ + if (info->first_cluster == 0) { + info->first_cluster = clusters[0]; + if (all_contiguous(clusters, nr)) { + /* + * first cluster alloc on inode and all + * clusters are contiguous. + */ + info->flags |= EXFAT_I_FAT_INVALID; + } else { + /* + * first alloc and already fragmented. + */ + return exfat_write_fat(inode, 0, clusters, nr); + } + } else { + int error; + if ((info->flags & EXFAT_I_FAT_INVALID) && + (clusters[0] != hint || !all_contiguous(clusters, nr))) { + /* + * must now use fat chain instead of bitmap. + */ + info->flags &= ~(EXFAT_I_FAT_INVALID); + + /* + * write the contiguous chain that would + * previously be accessed without the FAT + * chain. + */ + error = exfat_write_fat_contiguous(inode, + info->first_cluster, + hint - info->first_cluster); + if (error) + return error; + } + + if ((info->flags & EXFAT_I_FAT_INVALID) == 0) { + /* + * link the allocated clusters after hint. + */ + error = exfat_write_fat(inode, hint - 1, clusters, nr); + if (error) + return error; + } + + } + + /* + * update i_blocks. + */ + inode->i_blocks += nr << (sbi->clusterbits - 9); + info->allocated_clusters += nr; + + /* + * caller must call mark_inode_dirty so that inode + * first_cluster and inode flags get written to the disk. + * caller must update inode size (directory and regular file + * have different rules). + */ + return 0; +} + + +static int exfat_free_clusters_contiguous(struct inode *inode, + u32 start, u32 nr) +{ + u32 cluster; + struct exfat_sb_info *sbi = EXFAT_SB(inode->i_sb); + int error = 0; + + mutex_lock(&sbi->bitmap_mutex); + for (cluster = start; cluster < start + nr; ++cluster) { + error = __put_cluster(inode, cluster - 2); + if (error) + break; + } + mutex_unlock(&sbi->bitmap_mutex); + return error; +} + +static int exfat_free_clusters_fat(struct inode *inode, + u32 fcluster_start, u32 nr) +{ + struct exfat_sb_info *sbi = EXFAT_SB(inode->i_sb); + u32 fcluster; + int error = 0; + + mutex_lock(&sbi->bitmap_mutex); + for (fcluster = fcluster_start; fcluster < fcluster_start + nr; + ++fcluster) { + u32 dcluster; + int error; + + error = exfat_get_fat_cluster(inode, fcluster, &dcluster); + if (error) + break; + + error = __put_cluster(inode, dcluster - 2); + if (error) + break; + } + mutex_unlock(&sbi->bitmap_mutex); + + /* + * per-inode file cluster to disk cluster translation cache + * mostly now holds entries to the zone we just truncated, so + * they must not be kept (this could lead to FS corruption). + */ + exfat_inode_cache_drop(inode); + + return error; +} + +int exfat_free_clusters_inode(struct inode *inode, u32 fcluster_start) +{ + struct exfat_inode_info *info = EXFAT_I(inode); + int error; + u32 nr_to_free = info->allocated_clusters - fcluster_start; + + if (info->first_cluster == 0 || nr_to_free == 0) + /* + * no clusters allocated, or nothing to do + */ + return 0; + + if (info->flags & EXFAT_I_FAT_INVALID) + error = exfat_free_clusters_contiguous(inode, + info->first_cluster + fcluster_start, + nr_to_free); + else + error = exfat_free_clusters_fat(inode, fcluster_start, + nr_to_free); + if (error) + return error; + + info->allocated_clusters -= nr_to_free; + inode->i_blocks = EXFAT_I(inode)->allocated_clusters << + (EXFAT_SB(inode->i_sb)->clusterbits - 9); + + /* + * update inode info, caller must call mark_inode_dirty and + * update inode->i_size. + */ + if (fcluster_start == 0) { + info->first_cluster = 0; + info->flags &= ~(EXFAT_I_FAT_INVALID); + } + return 0; +} + +static u32 count_clusters_bh(struct buffer_head *bh, u32 count) +{ + u8 *ptr = bh->b_data; + u32 ret = 0; + u8 val; + + while (count >= sizeof (u64) * 8) { + u64 val = *(u64*)ptr; + + ret += hweight64(~val); + count -= sizeof (u64) * 8; + ptr += sizeof (u64); + } + if (count >= sizeof (u32) * 8) { + u32 val = *(u32*)ptr; + + ret += hweight32(~val); + count -= sizeof (u32) * 8; + ptr += sizeof (u32); + } + if (count >= sizeof (u16) * 8) { + u16 val = *(u16*)ptr; + + ret += hweight16(~val); + count -= sizeof (u16) * 8; + ptr += sizeof (u16); + } + if (count >= sizeof (u8) * 8) { + u8 val = *ptr; + + ret += hweight8(~val); + count -= sizeof (u8) * 8; + ptr += sizeof (u8); + } + + if (count) { + val = *ptr; + while (count) { + ret += (~val & 1); + val >>= 1; + --count; + } + } + return ret; +} + +/* + * only called during mount, so taking sbi->bitmap_mutex should not be + * needed. + */ +static int exfat_get_free_cluster_count(struct super_block *sb, u32 *out_count) +{ + struct exfat_sb_info *sbi = EXFAT_SB(sb); + u32 clusters_per_sector = 8 * sbi->sectorsize; + u32 cluster; + + *out_count = 0; + for (cluster = 0; cluster < sbi->cluster_count; + cluster += clusters_per_sector) { + sector_t sect = exfat_bitmap_sector(sbi, cluster); + struct buffer_head *bh; + u32 count = clusters_per_sector; + + if (cluster + clusters_per_sector > sbi->cluster_count) + count = sbi->cluster_count - cluster; + + bh = sb_bread(sb, sect); + if (!bh) { + exfat_msg(sb, KERN_ERR, + "unable to read bitmap sector at %llu", + (unsigned long long)sect); + return -EIO; + } + *out_count += count_clusters_bh(bh, count); + brelse(bh); + } + return 0; +} + +/* + * setup a bitmap context, preload a bh from the requested starting + * cluster. + */ +int exfat_init_bitmap_context(struct super_block *sb, + struct exfat_bitmap_ctx *ctx, + u32 cluster) +{ + memset(ctx, 0, sizeof (*ctx)); + ctx->sb = sb; + + cluster -= 2; + if (cluster >= EXFAT_SB(sb)->cluster_count) + return -ENOSPC; + + ctx->cur_sector = exfat_bitmap_sector(EXFAT_SB(sb), cluster); + ctx->bh = sb_bread(ctx->sb, ctx->cur_sector); + + if (!ctx->bh) { + exfat_msg(sb, KERN_ERR, "unable to read bitmap sector at %llu", + (unsigned long long)ctx->cur_sector); + return -EIO; + } + return 0; +} + +/* + * release bh in an already setup bitmap context. + */ +void exfat_exit_bitmap_context(struct exfat_bitmap_ctx *ctx) +{ + if (ctx->bh) + brelse(ctx->bh); +} + +/* + * test a specific cluster usage in the bitmap. reuse the bh in the + * exfat_bitmap_ctx or read a new one if starting cluster is outside + * the current one. + */ +static int exfat_test_bitmap_cluster(struct exfat_bitmap_ctx *ctx, + uint32_t cluster, bool *cluster_in_use) +{ + sector_t sect; + uint32_t off = exfat_bitmap_off(EXFAT_SB(ctx->sb), cluster); + int shift = exfat_bitmap_shift(cluster); + + sect = exfat_bitmap_sector(EXFAT_SB(ctx->sb), cluster); + if (sect != ctx->cur_sector) { + ctx->cur_sector = sect; + ctx->bh = sb_bread(ctx->sb, ctx->cur_sector); + if (!ctx->bh) { + exfat_msg(ctx->sb, KERN_ERR, + "unable to read bitmap sector at %llu", + (unsigned long long)sect); + return -EIO; + } + } + + *cluster_in_use = !!(ctx->bh->b_data[off] & (1 << shift)); + return 0; +} + +/* + * update first_in_use and nr_in_use with the first zone of used + * clusters starting from start_cluster. + */ +int exfat_test_bitmap(struct exfat_bitmap_ctx *ctx, uint32_t start_cluster, + uint32_t *first_in_use, uint32_t *nr_in_use) +{ + bool in_use = false; + int error = 0; + struct exfat_sb_info *sbi = EXFAT_SB(ctx->sb); + + start_cluster -= 2; + + /* + * scan bitmap until we find a cluster that is in use. + */ + while (1) { + if (start_cluster == sbi->cluster_count) { + /* + * readched end of disk: no more in use + * cluster found. + */ + *first_in_use = sbi->cluster_count; + *nr_in_use = 0; + return 0; + } + error = exfat_test_bitmap_cluster(ctx, start_cluster, &in_use); + if (error) + return error; + if (in_use) + break; + ++start_cluster; + } + + + /* + * update first_in_use, and scan until a free cluster is + * found. + */ + *first_in_use = start_cluster + 2; + *nr_in_use = 0; + while (1) { + error = exfat_test_bitmap_cluster(ctx, start_cluster, &in_use); + if (error) + return error; + if (!in_use) + break; + ++(*nr_in_use); + ++start_cluster; + } + return 0; +} + +int exfat_init_bitmap(struct inode *root) +{ + struct exfat_sb_info *sbi = EXFAT_SB(root->i_sb); + struct exfat_bitmap_entry *be; + struct exfat_dir_ctx dctx; + u32 first_bitmap_cluster; + u32 last_bitmap_cluster; + + int error; + + mutex_init(&sbi->bitmap_mutex); + + error = exfat_init_dir_ctx(root, &dctx, 0); + if (error) + return error; + +try_bitmap: + error = -ENOENT; + be = __exfat_dentry_next(&dctx, E_EXFAT_BITMAP, 0xff, true, NULL); + if (!be) { + exfat_msg(root->i_sb, KERN_ERR, "root directory does not " + "have a bitmap entry."); + goto fail; + } + + if (exfat_bitmap_nr(be->flags) != 0) + /* + * not expected to find a second bitmap entry here + * since we checked during superblock fill that we + * were not on a texFAT volume ... + */ + goto try_bitmap; + + + error = -EINVAL; + if (__le64_to_cpu(be->length) * 8 < sbi->cluster_count) { + exfat_msg(root->i_sb, KERN_INFO, "bitmap does not cover " + "the whole cluster heap."); + goto fail; + } + + first_bitmap_cluster = __le32_to_cpu(be->cluster_addr); + last_bitmap_cluster = first_bitmap_cluster + + (__le32_to_cpu(be->length) >> sbi->clusterbits); + + /* + * check that bitmap start and end clusters are inside the + * disk. + */ + error = -ERANGE; + if (first_bitmap_cluster < 2 && + first_bitmap_cluster >= sbi->cluster_count) { + exfat_msg(root->i_sb, KERN_ERR, "bitmap start cluster is " + "outside disk limits."); + goto fail; + } + if (last_bitmap_cluster < 2 && + last_bitmap_cluster >= sbi->cluster_count) { + exfat_msg(root->i_sb, KERN_ERR, "bitmap last cluster is " + "outside disk limits."); + goto fail; + } + + sbi->bitmap_length = __le32_to_cpu(be->length); + sbi->first_bitmap_sector = exfat_cluster_sector(sbi, + __le32_to_cpu(be->cluster_addr)); + sbi->last_bitmap_sector = sbi->first_bitmap_sector + + DIV_ROUND_UP(sbi->bitmap_length, sbi->sectorsize); + + error = exfat_get_free_cluster_count(root->i_sb, &sbi->free_clusters); + if (error) + goto fail; + + sbi->prev_free_cluster = 0; + + exfat_cleanup_dir_ctx(&dctx); + return 0; +fail: + exfat_cleanup_dir_ctx(&dctx); + return error; +} + +void exfat_exit_bitmap(struct super_block *sb) +{ + struct exfat_sb_info *sbi = EXFAT_SB(sb); + + if (sbi->cur_bitmap_bh) + brelse(sbi->cur_bitmap_bh); +} diff -Nruw linux-5.15.42-fbx/fs/exfat-fbx./dir.c linux-5.15.42-fbx/fs/exfat-fbx/dir.c --- linux-5.15.42-fbx/fs/exfat-fbx./dir.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/fs/exfat-fbx/dir.c 2023-03-14 12:13:36.307603128 +0100 @@ -0,0 +1,402 @@ +/* + * dir.c for exfat + * Created by on Tue Aug 20 11:42:46 2013 + */ + +#include +#include +#include +#include +#include + +#include "exfat.h" +#include "exfat_fs.h" + +/* + * setup an exfat_dir_ctx structure so that __exfat_dentry_next can + * work with it. + */ +int exfat_init_dir_ctx(struct inode *inode, struct exfat_dir_ctx *ctx, + off_t start) +{ + u32 cluster = EXFAT_I(inode)->first_cluster; + + memset(ctx, 0, sizeof (*ctx)); + + if (cluster == 0) { + ctx->empty = true; + ctx->sb = inode->i_sb; + return 0; + } + + if (cluster < EXFAT_CLUSTER_FIRSTVALID || + cluster > EXFAT_CLUSTER_LASTVALID) { + exfat_msg(inode->i_sb, KERN_ERR, "exfat_init_dir_ctx: invalid " + "cluster %u", cluster); + return -EINVAL; + } + + start &= ~(0x20 - 1); + if (start == 0) + ctx->off = -1; + else + ctx->off = start - 0x20; + + ctx->sb = inode->i_sb; + ctx->inode = inode; + + return 0; +} + +void exfat_cleanup_dir_ctx(struct exfat_dir_ctx *dctx) +{ + if (dctx->bh) + brelse(dctx->bh); +} + +/* + * calculate the checksum for the current direntry. fields containing + * the checksum for the first entry is not part of the checksum + * calculation. + */ +u16 exfat_direntry_checksum(void *data, u16 checksum, bool first) +{ + u8 *ptr = data; + int i; + + for (i = 0; i < 0x20; ++i) { + if (first && (i == 2 || i == 3)) + continue ; + checksum = ((checksum << 15) | (checksum >> 1)) + (u16)ptr[i]; + } + return checksum; +} + +u32 exfat_dctx_fpos(struct exfat_dir_ctx *dctx) +{ + return dctx->off; +} + +u64 exfat_dctx_dpos(struct exfat_dir_ctx *dctx) +{ + struct exfat_sb_info *sbi = EXFAT_SB(dctx->sb); + + return (dctx->sector << sbi->sectorbits) + + (dctx->off & sbi->sectormask); +} + +static int exfat_get_dctx_disk_cluster(struct exfat_dir_ctx *dctx, + u32 file_cluster, u32 *disk_cluster) +{ + struct exfat_inode_info *info = EXFAT_I(dctx->inode); + + if (info->flags & EXFAT_I_FAT_INVALID) { + *disk_cluster = info->first_cluster + file_cluster; + return 0; + } else { + return exfat_get_fat_cluster(dctx->inode, file_cluster, + disk_cluster); + } +} + +/* + * get the next typed dentry in the exfat_dir_ctx structure. can_skip + * indicates whether the entry must be immediately there in the entry + * stream. *end indicates whether end of directory entry stream is + * reached or not. + * + * only one buffer_head is kept at a time. subsequent calls to + * __exfat_dentry_next can invalidate pointers from previous calls due + * to that. + */ +void *__exfat_dentry_next(struct exfat_dir_ctx *dctx, int type, int mask, + bool can_skip, bool *end) +{ + struct exfat_sb_info *sbi = EXFAT_SB(dctx->sb); + + if (dctx->empty) { + if (end) + *end = true; + return NULL; + } + + if (end) + *end = false; + + if (dctx->off == -1) + dctx->off = 0; + else + dctx->off += 0x20; + + for (;;) { + sector_t wanted_sector; + u32 file_cluster = dctx->off >> sbi->clusterbits; + u32 disk_cluster; + int error; + int sector_offset; + sector_t sector_in_cluster; + + if (dctx->off >= dctx->inode->i_size) { + *end = true; + return NULL; + } + + + error = exfat_get_dctx_disk_cluster(dctx, file_cluster, + &disk_cluster); + if (error) + return NULL; + + sector_in_cluster = (dctx->off >> sbi->sectorbits) % + sbi->sectors_per_cluster; + + wanted_sector = exfat_cluster_sector(sbi, disk_cluster) + + sector_in_cluster; + if (wanted_sector != dctx->sector || !dctx->bh) { + /* + * need to fetch a new sector from the current + * cluster. + */ + dctx->sector = wanted_sector; + if (dctx->bh) + brelse(dctx->bh); + dctx->bh = sb_bread(dctx->sb, dctx->sector); + if (!dctx->bh) + return NULL; + } + + sector_offset = dctx->off & sbi->sectormask; + if ((dctx->bh->b_data[sector_offset] & mask) == (type & mask)) + /* + * return pointer to entry if type matches the + * one given. + */ + return dctx->bh->b_data + sector_offset; + + if (dctx->bh->b_data[sector_offset] == 0 && end) + /* + * set end if no more entries in this directory. + */ + *end = true; + + if (dctx->bh->b_data[sector_offset] == 0 || !can_skip) + /* + * handle can_skip / end of directory. + */ + return NULL; + + /* + * move to next entry. + */ + dctx->off += 0x20; + } + return NULL; +} + +/* + * helper around __exfat_dentry_next that copies the content of the + * found entry in a user supplied buffer. + */ +int exfat_dentry_next(void *out, struct exfat_dir_ctx *dctx, + int type, bool can_skip) +{ + bool end; + + void *ptr = __exfat_dentry_next(dctx, type, 0xff, can_skip, &end); + + if (!ptr) { + if (end) + return -ENOENT; + else { + exfat_msg(dctx->sb, KERN_INFO, "no ptr and " + "end not reached: " + "type %02x, can_skip %s\n", type, + can_skip ? "true" : "false"); + return -EIO; + } + } + memcpy(out, ptr, 0x20); + return 0; +} + +/* + * extract name by parsing consecutive E_EXFAT_FILENAME entries in a + * caller provided buffer. also update the checksum on the fly. + * + * no utf16 to utf8 conversion is performed. + */ +int __exfat_get_name(struct exfat_dir_ctx *dctx, u32 name_length, + __le16 *name, u16 *calc_checksum, + struct exfat_iloc *iloc) +{ + __le16 *ptr; + int error; + int nr; + + ptr = name; + + error = -EIO; + nr = 0; + while (name_length) { + struct exfat_filename_entry *e; + u32 len = 15; + + e = __exfat_dentry_next(dctx, E_EXFAT_FILENAME, 0xff, + false, NULL); + if (!e) + goto fail; + *calc_checksum = exfat_direntry_checksum(e, *calc_checksum, + false); + + if (iloc) + iloc->disk_offs[nr + 2] = exfat_dctx_dpos(dctx); + if (name_length < 15) + len = name_length; + + memcpy(ptr, e->name_frag, len * sizeof (__le16)); + name_length -= len; + ptr += len; + nr++; + } + return 0; + +fail: + return error; +} + +/* + * walk the directory and invoke filldir on all found entries. + */ +static int __exfat_iterate(struct exfat_dir_ctx *dctx, struct file *file, + struct dir_context *ctx) +{ + int error; + char *name = __getname(); + __le16 *utf16name = __getname(); + + if (!name) + return -ENOMEM; + if (!utf16name) { + __putname(name); + return -ENOMEM; + } + + for (;;) { + struct exfat_filedir_entry *efd; + struct exfat_stream_extension_entry *esx; + int dtype = DT_REG; + int name_length; + bool end; + u16 calc_checksum; + u16 expect_checksum; + + /* + * get the next filedir entry, we are allowed to skip + * entries for that. + */ + error = -EIO; + efd = __exfat_dentry_next(dctx, E_EXFAT_FILEDIR, 0xff, + true, &end); + if (!efd) { + if (end) + break; + else + goto fail; + } + expect_checksum = __le16_to_cpu(efd->set_checksum); + calc_checksum = exfat_direntry_checksum(efd, 0, true); + + if (__le16_to_cpu(efd->attributes & E_EXFAT_ATTR_DIRECTORY)) + dtype = DT_DIR; + + /* + * get immediate stream extension entry. + */ + esx = __exfat_dentry_next(dctx, E_EXFAT_STREAM_EXT, 0xff, false, + NULL); + if (!esx) + goto fail; + calc_checksum = exfat_direntry_checksum(esx, calc_checksum, + false); + + /* + * get immediate name. + */ + error = __exfat_get_name(dctx, esx->name_length, utf16name, + &calc_checksum, NULL); + if (error) { + exfat_msg(dctx->sb, KERN_INFO, "__exfat_get_name " + "has failed with %i", error); + goto fail; + } + + if (calc_checksum != expect_checksum) { + exfat_msg(dctx->sb, KERN_INFO, "checksum: " + "calculated %04x, expect %04x", + calc_checksum, expect_checksum); + error = -EIO; + goto fail; + } + + /* + * convert utf16 to utf8 for kernel filldir callback. + */ + name_length = utf16s_to_utf8s(utf16name, esx->name_length, + UTF16_LITTLE_ENDIAN, + name, NAME_MAX + 2); + if (name_length < 0) { + error = name_length; + goto fail; + } + if (name_length > 255) { + error = -ENAMETOOLONG; + goto fail; + } + + /* + * tell the kernel we have an entry by calling + * dir_emit + */ + if (dir_emit(ctx, name, name_length, 1, dtype)) + ctx->pos = 2 + exfat_dctx_fpos(dctx); + else + goto fail; + } + __putname(name); + __putname(utf16name); + ctx->pos = file_inode(file)->i_size + 2; + return 0; +fail: + __putname(name); + __putname(utf16name); + return error; +} + +/* + * readdir callback for VFS. fill "." and "..", then invoke + * __exfat_iterate. + */ +int exfat_iterate(struct file *file, struct dir_context *ctx) +{ + struct exfat_dir_ctx dctx; + int error; + struct inode *inode = file_inode(file); + + switch (ctx->pos) { + case 0: + if (!dir_emit_dots(file, ctx)) + return 0; + fallthrough; + default: + if (ctx->pos >= inode->i_size + 2) + return 0; + error = exfat_init_dir_ctx(inode, &dctx, ctx->pos - 2); + if (error) + return error; + exfat_lock_super(inode->i_sb); + error = __exfat_iterate(&dctx, file, ctx); + exfat_unlock_super(inode->i_sb); + exfat_cleanup_dir_ctx(&dctx); + return error; + } +} diff -Nruw linux-5.15.42-fbx/fs/exfat-fbx./exfat.h linux-5.15.42-fbx/fs/exfat-fbx/exfat.h --- linux-5.15.42-fbx/fs/exfat-fbx./exfat.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/fs/exfat-fbx/exfat.h 2024-04-22 14:46:57.024243959 +0200 @@ -0,0 +1,326 @@ +/* + * exfat.h for exfat + * Created by on Tue Jul 23 12:37:12 2013 + */ + +#ifndef __EXFAT_H +# define __EXFAT_H + +#define EXFAT_HASH_BITS (8) +#define EXFAT_HASH_SIZE (1 << EXFAT_HASH_BITS) + +/* + * special inode number for root directory. + */ +#define EXFAT_ROOT_INO 1 + +enum { + EXFAT_ERROR_ACTION_CONTINUE, + EXFAT_ERROR_ACTION_REMOUNT_RO, + EXFAT_ERROR_ACTION_PANIC, +}; + +struct exfat_sb_options { + kuid_t uid; + kgid_t gid; + mode_t dmask; + mode_t fmask; + int time_offset; + int time_offset_set; + int error_action; +}; + +struct exfat_sb_info { + struct exfat_sb_options options; + + struct buffer_head *sb_bh; + struct exfat_vbr *vbr; + bool dirty; + + u32 sectorsize; /* in bytes*/ + u32 clustersize; /* in bytes */ + u32 sectors_per_cluster; + int sectorbits; + int clusterbits; + u32 sectormask; + u32 clustermask; + + u32 fat_offset; + u32 fat_length; + + u32 root_dir_cluster; + u32 cluster_heap_offset; + u32 cluster_count; + + __le16 *upcase_table; + u32 upcase_len; + + /* + * bitmap fields + */ + struct mutex bitmap_mutex; + u32 bitmap_length; + sector_t first_bitmap_sector; + sector_t last_bitmap_sector; + sector_t cur_bitmap_sector; + u32 cur_bitmap_cluster; + struct buffer_head *cur_bitmap_bh; + u32 free_clusters; + u32 prev_free_cluster; + + /* + * inode hash fields + */ + spinlock_t inode_hash_lock; + struct hlist_head inode_hash[EXFAT_HASH_SIZE]; + + struct mutex sb_mutex; +}; + +struct exfat_cache_entry { + struct list_head list; + u32 file_cluster; + u32 disk_cluster; + u32 nr_contig; +}; + +struct exfat_cache { + struct mutex mutex; + struct list_head entries; + u32 nr_entries; +}; + +struct exfat_iloc { + u8 nr_secondary; + u32 file_off; + u64 disk_offs[19]; +}; + +struct exfat_inode_info { + u8 flags; + u16 attributes; + u32 first_cluster; + u32 allocated_clusters; + loff_t mmu_private; + struct exfat_iloc iloc; + struct hlist_node hash_list; + + struct exfat_cache exfat_cache; + struct inode vfs_inode; +}; + +static inline struct exfat_sb_info *EXFAT_SB(struct super_block *sb) +{ + return sb->s_fs_info; +} + +static inline struct exfat_inode_info *EXFAT_I(struct inode *inode) +{ + return container_of(inode, struct exfat_inode_info, vfs_inode); +} + +loff_t exfat_dir_links(struct inode *inode); + +int exfat_write_fat_contiguous(struct inode *inode, u32 first_cluster, + u32 nr_clusters); +int exfat_write_fat(struct inode *inode, u32 prev_cluster, u32 *clusters, + u32 nr_clusters); + +__printf(3, 4) void exfat_msg(struct super_block *sb, const char *level, + const char *fmt, ...); +__printf(2, 3) void exfat_fs_error(struct super_block *sb, + const char *fmt, ...); +int exfat_get_fat_cluster(struct inode *inode, u32 fcluster, u32 *dcluster); +int __exfat_get_fat_cluster(struct inode *inode, u32 fcluster, u32 *dcluster, + bool eof_is_fatal); + +void exfat_inode_cache_init(struct inode *inode); +void exfat_inode_cache_drop(struct inode *inode); + +int exfat_init_fat(struct super_block *sb); + +int exfat_init_bitmap(struct inode *root); +void exfat_exit_bitmap(struct super_block *sb); +int exfat_alloc_clusters(struct inode *inode, u32 hint_cluster, + u32 *cluster, u32 nr); +int exfat_free_clusters_inode(struct inode *inode, u32 start); + + +/* + * read only bitmap accessors: used by EXFAT_IOCGETBITMAP ioctl. + */ +struct exfat_bitmap_ctx { + struct super_block *sb; + struct buffer_head *bh; + sector_t cur_sector; +}; + +int exfat_init_bitmap_context(struct super_block *sb, + struct exfat_bitmap_ctx *ctx, u32 cluster); +void exfat_exit_bitmap_context(struct exfat_bitmap_ctx *ctx); +int exfat_test_bitmap(struct exfat_bitmap_ctx *ctx, uint32_t start_cluster, + uint32_t *first_in_use, uint32_t *nr_in_use); + + +/* + * return the physical sector address for a given cluster. + */ +static inline sector_t exfat_cluster_sector(struct exfat_sb_info *sbi, + u32 cluster) +{ + return (sector_t)sbi->cluster_heap_offset + (cluster - 2) * + (sector_t)sbi->sectors_per_cluster; +} + +/* + * in dir.c + */ +struct exfat_dir_ctx { + struct super_block *sb; + struct inode *inode; + struct buffer_head *bh; + + off_t off; /* from beginning of directory */ + sector_t sector; + bool empty; +}; + +int exfat_init_dir_ctx(struct inode *inode, struct exfat_dir_ctx *ctx, + off_t off); +void exfat_cleanup_dir_ctx(struct exfat_dir_ctx *dctx); +int exfat_get_cluster_hint(struct inode *inode, u32 *out_hint); +int exfat_dentry_next(void *, struct exfat_dir_ctx *, int, bool); +void *__exfat_dentry_next(struct exfat_dir_ctx *dctx, int type, int mask, + bool can_skip, bool *end); +u16 exfat_direntry_checksum(void *data, u16 checksum, bool first); +u32 exfat_dctx_fpos(struct exfat_dir_ctx *dctx); +u64 exfat_dctx_dpos(struct exfat_dir_ctx *dctx); +int __exfat_get_name(struct exfat_dir_ctx *dctx, u32 name_length, __le16 *name, + u16 *calc_checksum, struct exfat_iloc *iloc); + +/* + * in namei.c + */ + +/* + * hold a pointer to an exfat dir entry, with the corresponding bh. + */ +struct dir_entry_buffer { + struct buffer_head *bh; + u32 off; /* in bytes, inside the buffer_head b_data array */ + void *start; +}; + +int exfat_get_dir_entry_buffers(struct inode *dir, struct exfat_iloc *iloc, + struct dir_entry_buffer *entries, + size_t nr_entries); +u16 exfat_dir_entries_checksum(struct dir_entry_buffer *entries, u32 nr); +void exfat_dirty_dir_entries(struct dir_entry_buffer *entries, + size_t nr_entries, bool sync); +void exfat_write_time(struct exfat_sb_info *sbi, struct timespec64 *ts, + __le32 *datetime, u8 *time_cs, u8 *tz_offset); + +/* + * in inode.c + */ + +int exfat_init_inodes(void); +void exfat_exit_inodes(void); + +struct inode *exfat_iget(struct super_block *sb, loff_t disk_pos); +void exfat_insert_inode_hash(struct inode *inode); +void exfat_remove_inode_hash(struct inode *inode); +int __exfat_write_inode(struct inode *inode, bool sync); + +/* + * in upcase.c + */ +int exfat_upcase_init(struct inode *root); +static inline __le16 exfat_upcase_convert(struct super_block *sb, __le16 _c) +{ + u16 c = __le16_to_cpu(_c); + + if (c >= EXFAT_SB(sb)->upcase_len) + return _c; + return EXFAT_SB(sb)->upcase_table[c]; +} + +/* + * superblock operations + */ +struct inode *exfat_alloc_inode(struct super_block *sb); +void exfat_destroy_inode(struct inode *_inode); +int exfat_drop_inode(struct inode *inode); +void exfat_evict_inode(struct inode *inode); + +/* + * file operations + */ +int exfat_iterate(struct file *f, struct dir_context *ctx); +long exfat_ioctl(struct file *, unsigned int, unsigned long); +int exfat_truncate_blocks(struct inode *inode, loff_t newsize); + +/* + * inode operations + */ +struct dentry *exfat_inode_lookup(struct inode *, struct dentry *, + unsigned int); +int exfat_inode_create(struct user_namespace *, struct inode *dir, + struct dentry *dentry, umode_t mode, bool excl); +int exfat_inode_mkdir(struct user_namespace *, struct inode *dir, + struct dentry *dentry, umode_t mode); + +mode_t exfat_make_mode(struct exfat_sb_info *sbi, mode_t mode, u16 attrs); + +int exfat_write_inode(struct inode *inode, struct writeback_control *wbc); + +int exfat_inode_unlink(struct inode *inode, struct dentry *dentry); + +int exfat_inode_rmdir(struct inode *inode, struct dentry *dentry); + +int exfat_getattr(struct user_namespace *, const struct path *, struct kstat *, + u32, unsigned int); +int exfat_setattr(struct user_namespace *, struct dentry *, struct iattr *); +int exfat_rename(struct user_namespace *, struct inode *, struct dentry *, + struct inode *, struct dentry *, unsigned int); + +/* + * address space operations + */ +int exfat_readpage(struct file *file, struct page *page); +void exfat_readahead(struct readahead_control *rac); +int exfat_write_begin(struct file *file, struct address_space *mapping, + loff_t pos, unsigned len, unsigned flags, + struct page **pagep, void **fsdata); +int exfat_write_end(struct file *file, struct address_space *mapping, + loff_t pos, unsigned len, unsigned copied, + struct page *page, void *fsdata); +int exfat_writepage(struct page *page, struct writeback_control *wbc); +int exfat_writepages(struct address_space *, struct writeback_control *); + + +extern const struct inode_operations exfat_dir_inode_operations; +extern const struct inode_operations exfat_file_inode_operations; +extern const struct file_operations exfat_dir_operations; +extern const struct file_operations exfat_file_operations; +extern const struct address_space_operations exfat_address_space_operations; + +/* + * time functions + */ +void exfat_time_2unix(struct timespec64 *ts, u32 datetime, u8 time_cs, + s8 tz_offset); +void exfat_time_2exfat(struct exfat_sb_info *sbi, struct timespec64 *ts, + u32 *datetime, u8 *time_cs, s8 *tz_offset); + +static inline void exfat_lock_super(struct super_block *sb) +{ + mutex_lock(&EXFAT_SB(sb)->sb_mutex); +} + +static inline void exfat_unlock_super(struct super_block *sb) +{ + mutex_unlock(&EXFAT_SB(sb)->sb_mutex); +} + +#endif /*! __EXFAT_H */ diff -Nruw linux-5.15.42-fbx/fs/exfat-fbx./exfat_fs.h linux-5.15.42-fbx/fs/exfat-fbx/exfat_fs.h --- linux-5.15.42-fbx/fs/exfat-fbx./exfat_fs.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/fs/exfat-fbx/exfat_fs.h 2023-02-24 19:09:23.405368085 +0100 @@ -0,0 +1,200 @@ +/* + * exfat_fs.h for exfat + * Created by on Mon Jul 29 15:06:38 2013 + */ + +#ifndef __EXFAT_FS_H +# define __EXFAT_FS_H + +/* + * exfat on disk structures and constants + */ + +#include + +struct exfat_vbr { + u8 jump[3]; + u8 fsname[8]; + u8 reserved1[53]; + + __le64 partition_offset; + __le64 volume_length; + + __le32 fat_offset; + __le32 fat_length; + + __le32 cluster_heap_offset; + __le32 cluster_count; + __le32 cluster_root_dir; + + __le32 serial_number; + + __le16 fs_rev; + __le16 volume_flags; + + u8 bytes_per_sector; + u8 sectors_per_cluster; + + u8 fat_num; + u8 drive_select; + u8 heap_use_percent; + + u8 reserved2[7]; + u8 boot_code[390]; + + u8 boot_sig[2]; +}; + +enum { + EXFAT_CLUSTER_FIRSTVALID = 0x00000002, + EXFAT_CLUSTER_LASTVALID = 0xfffffff6, + EXFAT_CLUSTER_BADBLK = 0xfffffff7, + EXFAT_CLUSTER_MEDIATYPE = 0xfffffff8, + EXFAT_CLUSTER_EOF = 0xffffffff, +}; + +enum { + EXFAT_ACTIVEFAT_MASK = (1 << 0), + EXFAT_FLAG_DIRTY = (1 << 1), + EXFAT_FLAG_MEDIA_FAILURE = (1 << 2), +}; + +static inline int exfat_active_fat(u16 flags) +{ + return flags & EXFAT_ACTIVEFAT_MASK; +} + +#define EXFAT_CHECKSUM_SECTORS 11 + +enum { + EXFAT_I_ALLOC_POSSIBLE = (1 << 0), + EXFAT_I_FAT_INVALID = (1 << 1), +}; + +/* + * directory cluster content + */ + +/* + * entry types + */ +enum { + E_EXFAT_EOD = 0x00, + E_EXFAT_VOLUME_LABEL = 0x83, + E_EXFAT_BITMAP = 0x81, + E_EXFAT_UPCASE_TABLE = 0x82, + E_EXFAT_GUID = 0xa0, + E_EXFAT_PADDING = 0xa1, + E_EXFAT_ACL = 0xe2, + E_EXFAT_FILEDIR = 0x85, + E_EXFAT_STREAM_EXT = 0xc0, + E_EXFAT_FILENAME = 0xc1, +}; + +/* + * file attributes in exfat_filedir_entry + */ +enum { + E_EXFAT_ATTR_RO = (1 << 0), + E_EXFAT_ATTR_HIDDEN = (1 << 1), + E_EXFAT_ATTR_SYSTEM = (1 << 2), + /* bit 3 reserved */ + E_EXFAT_ATTR_DIRECTORY = (1 << 4), + E_EXFAT_ATTR_ARCHIVE = (1 << 5), + /* bits 6-15 reserved */ +}; + +/* type 0x83 */ +struct exfat_volume_label_entry { + u8 type; + u8 charcount; + __u16 label[11]; + u8 reserved1[8]; +}; + +static inline int exfat_bitmap_nr(u8 flags) +{ + return flags & 1; +} + +/* type 0x81 */ +struct exfat_bitmap_entry { + u8 type; + u8 flags; + u8 reserved1[18]; + __le32 cluster_addr; + __le64 length; +}; + +/* type 0x82 */ +struct exfat_upcase_entry { + u8 type; + u8 reserved1[3]; + __le32 checksum; + u8 reserved2[12]; + __le32 cluster_addr; + __le64 length; +}; + +/* type 0xa0 */ +struct exfat_guid_entry { + u8 type; + u8 secondary_count; + __le16 set_checksum; + __le16 flags; + u8 guid[16]; + u8 reserved1[10]; +}; + +/* type 0xa1 */ +struct exfat_padding_entry { + u8 type; + u8 reserved1[31]; +}; + +/* type 0xe2 */ +struct exfat_acl_entry { + u8 type; + u8 reserved1[31]; +}; + +/* type 0x85 */ +struct exfat_filedir_entry { + u8 type; + u8 secondary_count; + __le16 set_checksum; + __le16 attributes; + u8 reserved1[2]; + __le32 create; + __le32 modified; + __le32 accessed; + u8 create_10ms; + u8 modified_10ms; + s8 create_tz_offset; + s8 modified_tz_offset; + s8 accessed_tz_offset; + u8 reserved2[7]; +}; + +/* 0xc0 */ +struct exfat_stream_extension_entry { + u8 type; + u8 flags; + u8 reserved1; + u8 name_length; + __le16 name_hash; + u8 reserved2[2]; + __le64 valid_data_length; + u8 reserved3[4]; + __le32 first_cluster; + __le64 data_length; +}; + +/* 0xc1 */ +struct exfat_filename_entry { + u8 type; + u8 flags; + __le16 name_frag[15]; +}; + +#endif /*! __EXFAT_FS_H */ diff -Nruw linux-5.15.42-fbx/fs/exfat-fbx./fat.c linux-5.15.42-fbx/fs/exfat-fbx/fat.c --- linux-5.15.42-fbx/fs/exfat-fbx./fat.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/fs/exfat-fbx/fat.c 2023-02-24 19:09:26.021439198 +0100 @@ -0,0 +1,424 @@ +/* + * fat.c for exfat + * Created by on Mon Jul 29 19:43:38 2013 + */ + +#include +#include +#include + +#include "exfat.h" +#include "exfat_fs.h" + +#define MAX_CACHED_FAT 16 + +/* + * helpers for exfat_next_fat_cluster. + */ + +/* + * get the sector number in the fat where the next requested cluster + * number is to be found. + */ +static inline sector_t cluster_sector(struct exfat_sb_info *sbi, u32 cluster) +{ + return sbi->fat_offset + (((u64)cluster * sizeof (u32)) >> sbi->sectorbits); +} + +/* + * get the offset in the fat sector where the next requested cluster + * number is to be found. + */ +static inline off_t cluster_offset(struct exfat_sb_info *sbi, u32 cluster) +{ + return (cluster * sizeof (u32)) & sbi->sectormask; +} + +/* + * walk one step in the fat chain. + */ +static int exfat_next_fat_cluster(struct super_block *sb, u32 *cluster) +{ + struct exfat_sb_info *sbi = EXFAT_SB(sb); + sector_t sect = cluster_sector(sbi, *cluster); + off_t off = cluster_offset(sbi, *cluster); + struct buffer_head *bh; + + bh = sb_bread(sb, sect); + if (!bh) { + exfat_msg(sb, KERN_ERR, "unable to read FAT sector at %llu", + (unsigned long long)sect); + return -EIO; + } + + *cluster = __le32_to_cpu(*(u32*)&bh->b_data[off]); + brelse(bh); + return 0; +} + +/* + * setup inode cache + */ +void exfat_inode_cache_init(struct inode *inode) +{ + mutex_init(&EXFAT_I(inode)->exfat_cache.mutex); + EXFAT_I(inode)->exfat_cache.nr_entries = 0; + INIT_LIST_HEAD(&EXFAT_I(inode)->exfat_cache.entries); +} + +/* + * drop inode cache content + */ +void exfat_inode_cache_drop(struct inode *inode) +{ + struct exfat_cache *cache = &EXFAT_I(inode)->exfat_cache; + struct exfat_cache_entry *e, *tmp; + + mutex_lock(&cache->mutex); + list_for_each_entry_safe (e, tmp, &cache->entries, list) { + kfree(e); + } + INIT_LIST_HEAD(&cache->entries); + cache->nr_entries = 0; + mutex_unlock(&cache->mutex); +} + +/* + * move the entry to the head of the list, this will make it less + * likely to be the victim in when caching new entries. + * + * caller must hold cache->mutex. + */ +static void __exfat_fat_lru(struct exfat_cache *cache, + struct exfat_cache_entry *e) +{ + if (cache->entries.next != &e->list) + list_move(&e->list, &cache->entries); +} + +/* + * find a cache entry that is close to the wanted fcluster (ideally + * spanning over the requested file cluster). + * + * caller must hold cache->mutex. + */ +static struct exfat_cache_entry *__exfat_cache_lookup(struct exfat_cache *cache, + u32 fcluster) +{ + struct exfat_cache_entry *e; + struct exfat_cache_entry *best = NULL; + + list_for_each_entry (e, &cache->entries, list) { + if (e->file_cluster <= fcluster && + e->file_cluster + e->nr_contig >= fcluster) + return e; + + if (!best && e->file_cluster < fcluster) + best = e; + if (best && best->file_cluster < e->file_cluster && + e->file_cluster < fcluster) + best = e; + } + return best; +} + +/* + * caller must hold cache->mutex. + */ +static int __exfat_cache_cluster(struct exfat_cache *cache, + struct exfat_cache_entry *nearest, + u32 fcluster, u32 dcluster) +{ + struct exfat_cache_entry *e; + + /* + * see if we can merge with the nearest entry. in the ideal + * case, all cluster in the chain are contiguous, and only + * one entry is needed for a single file. + */ + if (nearest && + nearest->file_cluster + nearest->nr_contig + 1 == fcluster && + nearest->disk_cluster + nearest->nr_contig + 1 == dcluster) { + list_move(&nearest->list, &cache->entries); + nearest->nr_contig++; + return 0; + } + + /* + * allocate a new entry or reuse an existing one if the number + * of cached entries is too hihc. + */ + if (cache->nr_entries < MAX_CACHED_FAT) { + e = kmalloc(sizeof (*e), GFP_NOFS); + list_add(&e->list, &cache->entries); + ++cache->nr_entries; + } else { + e = list_entry(cache->entries.prev, struct exfat_cache_entry, + list); + list_move(&e->list, &cache->entries); + } + + if (!e) + return -ENOMEM; + + e->file_cluster = fcluster; + e->disk_cluster = dcluster; + e->nr_contig = 0; + + return 0; +} + +int __exfat_get_fat_cluster(struct inode *inode, u32 fcluster, u32 *dcluster, + bool eof_is_fatal) +{ + struct exfat_inode_info *info = EXFAT_I(inode); + struct exfat_cache *cache = &info->exfat_cache; + int error; + struct exfat_cache_entry *e; + u32 fcluster_start; + + /* + * intial translation: first file cluster is found in the + * inode info. + */ + if (fcluster == 0) { + *dcluster = info->first_cluster; + return 0; + } + + mutex_lock(&cache->mutex); + /* + * try to find a cached entry either covering the file cluster + * we want or at least close to the file cluster. + */ + e = __exfat_cache_lookup(cache, fcluster); + if (e && e->file_cluster <= fcluster && + e->file_cluster + e->nr_contig >= fcluster) { + /* + * perfect match, entry zone covers the requested file + * cluster. + */ + __exfat_fat_lru(cache, e); + *dcluster = e->disk_cluster + (fcluster - e->file_cluster); + mutex_unlock(&cache->mutex); + return 0; + } + + if (e) { + /* + * we have an entry, hopefully close enough, setup + * cluster walk from there. + */ + *dcluster = e->disk_cluster + e->nr_contig; + fcluster_start = e->file_cluster + e->nr_contig; + } else { + /* + * no entry, walk the FAT chain from the start of the + * file. + */ + fcluster_start = 0; + *dcluster = info->first_cluster; + } + + /* + * walk fhe FAT chain the number of time required to get the + * disk cluster corresponding to the file cluster. + */ + while (fcluster_start != fcluster) { + error = exfat_next_fat_cluster(inode->i_sb, dcluster); + if (error) { + mutex_unlock(&cache->mutex); + return error; + } + if (*dcluster == EXFAT_CLUSTER_EOF) { + if (eof_is_fatal) + /* + * exfat_fill_root uses + * __exfat_get_fat_cluster with + * eof_is_fatal set to false, as the + * root inode does not have a size + * field and thus requires a complete + * FAT walk to compute the size. + */ + exfat_fs_error(inode->i_sb, "premature EOF in FAT " + "chain. file cluster %u out " + "of %u\n", fcluster_start, + fcluster); + mutex_unlock(&cache->mutex); + return -EIO; + } + if (*dcluster < EXFAT_CLUSTER_FIRSTVALID) { + exfat_fs_error(inode->i_sb, "invalid cluster %u found " + "in fat chain.", *dcluster); + mutex_unlock(&cache->mutex); + return -EIO; + } + ++fcluster_start; + } + + /* + * cache the result. + */ + __exfat_cache_cluster(cache, e, fcluster, *dcluster); + mutex_unlock(&cache->mutex); + return 0; +} + +int exfat_get_fat_cluster(struct inode *inode, u32 fcluster, u32 *dcluster) +{ + return __exfat_get_fat_cluster(inode, fcluster, dcluster, true); +} + +int exfat_init_fat(struct super_block *sb) +{ + struct exfat_sb_info *sbi = EXFAT_SB(sb); + struct buffer_head *bh; + int error = 0; + u32 first, second; + + bh = sb_bread(sb, sbi->fat_offset); + if (!bh) { + exfat_msg(sb, KERN_ERR, "unable to read FAT sector at %u", + sbi->fat_offset); + return -EIO; + } + + first = __le32_to_cpu(*(__le32*)(bh->b_data + 0)); + second = __le32_to_cpu(*(__le32*)(bh->b_data + sizeof (__le32))); + + if (first != 0xf8ffffff && second != 0xffffffff) { + exfat_msg(sb, KERN_INFO, "invalid FAT start: %08x, %08x", + first, second); + error = -ENXIO; + } + + brelse(bh); + return error; +} + +/* + * fat write context, store the current buffer_head and current + * cluster to avoid having sb_bread all the time when the clusters are + * contiguous or at least not too far apart. + */ +struct fat_write_ctx { + struct super_block *sb; + struct buffer_head *bh; + u32 cur_cluster; +}; + +static void fat_init_write_ctx(struct fat_write_ctx *fwctx, + struct super_block *sb) +{ + memset(fwctx, 0, sizeof (*fwctx)); + fwctx->sb = sb; +} + +static void fat_exit_write_ctx(struct fat_write_ctx *fwctx) +{ + if (fwctx->bh) + brelse(fwctx->bh); +} + +static int __fat_write_entry(struct fat_write_ctx *fwctx, + u32 cluster, u32 next) +{ + struct exfat_sb_info *sbi = EXFAT_SB(fwctx->sb); + sector_t current_sector = cluster_sector(sbi, fwctx->cur_cluster); + sector_t wanted_sector = cluster_sector(sbi, cluster); + off_t off = cluster_offset(sbi, cluster); + + /* + * first see if we need a different buffer head from the + * current one in the fat_write_ctx. + */ + if (current_sector != wanted_sector || !fwctx->bh) { + if (fwctx->bh) + brelse(fwctx->bh); + fwctx->bh = sb_bread(fwctx->sb, wanted_sector); + if (!fwctx->bh) { + exfat_msg(fwctx->sb, KERN_ERR, + "unable to read FAT sector at %llu", + (unsigned long long)wanted_sector); + return -EIO; + } + } + + /* + * set fat cluster to point to the next cluster, and mark bh + * dirty so that the change hits the storage device. + */ + fwctx->cur_cluster = cluster; + *(__le32*)(fwctx->bh->b_data + off) = __cpu_to_le32(next); + mark_buffer_dirty(fwctx->bh); + return 0; +} + +/* + * write nr_clusters contiguous clusters starting at first_cluster. + */ +int exfat_write_fat_contiguous(struct inode *inode, u32 first_cluster, + u32 nr_clusters) +{ + u32 cluster; + struct fat_write_ctx fwctx; + int error = 0; + + fat_init_write_ctx(&fwctx, inode->i_sb); + for (cluster = first_cluster; + cluster < first_cluster + nr_clusters - 1; + ++cluster) { + error = __fat_write_entry(&fwctx, cluster, cluster + 1); + if (error) + goto end; + } + + /* + * set EOF + */ + error = __fat_write_entry(&fwctx, cluster, EXFAT_CLUSTER_EOF); +end: + fat_exit_write_ctx(&fwctx); + return error; + +} + +/* + * write cluster nr_clusters stored in clusters array, link with prev_cluster. + */ +int exfat_write_fat(struct inode *inode, u32 prev_cluster, u32 *clusters, + u32 nr_clusters) +{ + u32 i; + struct fat_write_ctx fwctx; + int error; + + if (!nr_clusters) + /* ??! */ + return 0; + + fat_init_write_ctx(&fwctx, inode->i_sb); + + if (prev_cluster) { + /* + * link with previous cluster if applicable. + */ + error = __fat_write_entry(&fwctx, prev_cluster, clusters[0]); + if (error) + goto end; + } + for (i = 0; i < nr_clusters - 1; ++i) { + error = __fat_write_entry(&fwctx, clusters[i], clusters[i + 1]); + if (error) + goto end; + } + + /* + * set EOF. + */ + error = __fat_write_entry(&fwctx, clusters[i], EXFAT_CLUSTER_EOF); + + end: + fat_exit_write_ctx(&fwctx); + return error; +} diff -Nruw linux-5.15.42-fbx/fs/exfat-fbx./file.c linux-5.15.42-fbx/fs/exfat-fbx/file.c --- linux-5.15.42-fbx/fs/exfat-fbx./file.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/fs/exfat-fbx/file.c 2024-04-22 14:46:57.024243959 +0200 @@ -0,0 +1,428 @@ +/* + * file.c for exfat + * Created by on Tue Aug 20 14:39:41 2013 + */ + +#include +#include +#include + +#include "exfat.h" +#include "exfat_fs.h" + +static int append_fragment(struct exfat_fragment __user *ufrag, + struct exfat_fragment *kfrag) +{ + if (copy_to_user(ufrag, kfrag, sizeof (*kfrag))) + return -EFAULT; + return 0; +} + +static void setup_fragment(struct exfat_sb_info *sbi, + struct exfat_fragment *fragment, uint32_t fcluster, + uint32_t dcluster) +{ + fragment->fcluster_start = fcluster; + fragment->dcluster_start = dcluster; + fragment->sector_start = exfat_cluster_sector(sbi, dcluster); + fragment->nr_clusters = 1; +} + +static int exfat_ioctl_get_fragments(struct inode *inode, + struct exfat_fragment_head __user *uhead) +{ + struct exfat_fragment_head head; + struct exfat_fragment fragment; + u32 fcluster; + u32 prev_dcluster; + u32 cur_fragment; + struct exfat_inode_info *info = EXFAT_I(inode); + struct exfat_sb_info *sbi = EXFAT_SB(inode->i_sb); + int error; + + memset(&fragment, 0, sizeof (fragment)); + + if (copy_from_user(&head, uhead, sizeof (head))) + return -EFAULT; + + + if (put_user(sbi->sectorsize, &uhead->sector_size) || + put_user(sbi->clustersize, &uhead->cluster_size)) + return -EFAULT; + + if (!head.nr_fragments) { + /* + * user did not provide space for fragments after + * header. + */ + return 0; + } + + if (head.fcluster_start >= info->allocated_clusters) { + /* + * requested start cluster is after file EOF + */ + if (put_user(0, &uhead->nr_fragments)) + return -EFAULT; + return 0; + } + + if (info->flags & EXFAT_I_FAT_INVALID) { + /* + * not FAT chain, this file has only one fragment. + */ + fragment.fcluster_start = head.fcluster_start; + fragment.dcluster_start = + info->first_cluster + head.fcluster_start; + fragment.nr_clusters = info->allocated_clusters - + head.fcluster_start; + fragment.sector_start = + exfat_cluster_sector(sbi, fragment.dcluster_start); + + if (copy_to_user(&uhead->fragments[0], &fragment, + sizeof (fragment))) + return -EFAULT; + if (put_user(1, &uhead->nr_fragments)) + return -EFAULT; + if (put_user(info->first_cluster + info->allocated_clusters, + &uhead->fcluster_start)) + return -EFAULT; + return 0; + } + + fcluster = head.fcluster_start; + cur_fragment = 0; + + /* + * initial fragment setup + */ + error = exfat_get_fat_cluster(inode, fcluster, + &prev_dcluster); + if (error) + return error; + setup_fragment(sbi, &fragment, fcluster, prev_dcluster); + ++fcluster; + while (fcluster < info->allocated_clusters) { + int error; + u32 dcluster; + + /* + * walk one step in the FAT. + */ + error = exfat_get_fat_cluster(inode, fcluster, &dcluster); + if (error) + return error; + + if (prev_dcluster == dcluster - 1) { + /* + * dcluster and prev_dcluster are contiguous. + */ + ++fragment.nr_clusters; + } else { + /* + * put this cluster in the user array + */ + error = append_fragment(&uhead->fragments[cur_fragment], + &fragment); + if (error) + return error; + + ++cur_fragment; + if (cur_fragment == head.nr_fragments) + break; + + /* + * setup a new fragment. + */ + setup_fragment(sbi, &fragment, fcluster, dcluster); + } + ++fcluster; + prev_dcluster = dcluster; + } + + if (cur_fragment < head.nr_fragments) { + append_fragment(&uhead->fragments[cur_fragment], &fragment); + ++cur_fragment; + } + + /* + * update nr_fragments in user supplied head. + */ + if (cur_fragment != head.nr_fragments && + put_user(cur_fragment, &uhead->nr_fragments)) + return -EFAULT; + + /* + * update fcluster_start in user supplied head. + */ + if (put_user(fcluster, &uhead->fcluster_start)) + return -EFAULT; + + + return 0; +} + +static int exfat_ioctl_get_bitmap(struct super_block *sb, + struct exfat_bitmap_head __user *uhead) +{ + struct exfat_sb_info *sbi = EXFAT_SB(sb); + struct exfat_bitmap_head head; + uint32_t i; + int error; + struct exfat_bitmap_ctx ctx; + uint32_t start_cluster; + + if (copy_from_user(&head, uhead, sizeof (head))) + return -EFAULT; + + start_cluster = head.start_cluster; + if (start_cluster < 2) + return -EINVAL; + + + error = exfat_init_bitmap_context(sb, &ctx, head.start_cluster); + if (error) + return error; + for (i = 0; i < head.nr_entries; ++i) { + uint32_t first_in_use; + uint32_t nr_in_use; + int error; + + error = exfat_test_bitmap(&ctx, start_cluster, &first_in_use, + &nr_in_use); + if (error) + goto out_error; + + if (first_in_use == sbi->cluster_count) + break; + if (put_user(first_in_use, &uhead->entries[i].start_cluster)) + goto out_efault; + if (put_user(nr_in_use, &uhead->entries[i].nr_clusters)) + goto out_efault; + if (put_user(exfat_cluster_sector(sbi, first_in_use), + &uhead->entries[i].sector_start)) + goto out_efault; + if (put_user((u64)nr_in_use * sbi->sectors_per_cluster, + &uhead->entries[i].nr_sectors)) + goto out_efault; + start_cluster = first_in_use + nr_in_use + 1; + } + + exfat_exit_bitmap_context(&ctx); + if (put_user(i, &uhead->nr_entries)) + return -EFAULT; + if (put_user(start_cluster, &uhead->start_cluster)) + return -EFAULT; + + return 0; + +out_efault: + error = -EFAULT; +out_error: + exfat_exit_bitmap_context(&ctx); + return error; +} + +static int exfat_ioctl_get_dirents(struct inode *inode, + struct exfat_dirent_head __user *uhead) +{ + struct exfat_dir_ctx dctx; + struct exfat_dirent_head head; + int error; + uint32_t i; + + if (!S_ISDIR(inode->i_mode)) + return -ENOTDIR; + + if (copy_from_user(&head, uhead, sizeof (head))) + return -EFAULT; + + /* make sure we're aligned on an entry boundary */ + head.offset &= ~0x1f; + + error = exfat_init_dir_ctx(inode, &dctx, head.offset); + if (error < 0) + return error; + + error = 0; + for (i = 0; i < head.nr_entries; ++i) { + bool end; + u8 *entry = __exfat_dentry_next(&dctx, 0, 0, false, &end); + u8 type; + + if (!entry && end) + /* genuine end of file */ + break; + if (!entry) { + /* something went wrong */ + error = -EIO; + goto out; + } + type = *entry; + + if (put_user(type, &uhead->entries[i])) { + error = -EFAULT; + goto out; + } + } + + /* + * update head nr_entries and offset. + */ + if (put_user(i, &uhead->nr_entries)) { + error = -EFAULT; + goto out; + } + if (put_user(head.offset + 0x20 * i, &uhead->offset)) { + error = -EFAULT; + goto out; + } + + out: + exfat_cleanup_dir_ctx(&dctx); + return error; +} + +long exfat_ioctl(struct file *file, unsigned int cmd, unsigned long arg) +{ + switch (cmd) { + case EXFAT_IOCGETFRAGMENTS: + return exfat_ioctl_get_fragments(file_inode(file), + (void __user*)arg); + case EXFAT_IOCGETBITMAP: + return exfat_ioctl_get_bitmap(file_inode(file)->i_sb, + (void __user*)arg); + case EXFAT_IOCGETDIRENTS: + return exfat_ioctl_get_dirents(file_inode(file), + (void __user*)arg); + default: + return -ENOTTY; + } +} + +static int exfat_cont_expand(struct inode *inode, loff_t newsize) +{ + int error; + + error = generic_cont_expand_simple(inode, newsize); + if (error) + return error; + + inode->i_mtime = current_time(inode); + mark_inode_dirty(inode); + + if (IS_SYNC(inode)) + exfat_msg(inode->i_sb, KERN_ERR, "TODO: cont_expand with " + "sync mode."); + return 0; +} + +int exfat_truncate_blocks(struct inode *inode, loff_t newsize) +{ + struct exfat_sb_info *sbi = EXFAT_SB(inode->i_sb); + u32 fcluster = (newsize + sbi->clustersize - 1) >> sbi->clusterbits; + int error; + + if (EXFAT_I(inode)->mmu_private > newsize) + EXFAT_I(inode)->mmu_private = newsize; + + error = exfat_free_clusters_inode(inode, fcluster); + if (error) { + exfat_msg(inode->i_sb, KERN_INFO, "exfat_free_clusters_inode: " + "%i", error); + return error; + } + + return 0; +} + +int exfat_getattr(struct user_namespace *ns, const struct path *path, + struct kstat *stat, u32 request_mask, unsigned int flags) +{ + struct inode *inode = d_inode(path->dentry); + generic_fillattr(&init_user_ns, inode, stat); + stat->blksize = EXFAT_SB(inode->i_sb)->clustersize; + return 0; +} + +#define EXFAT_VALID_MODE (S_IFREG | S_IFDIR | S_IRWXUGO) + +static int exfat_mode_fixup(struct inode *inode, umode_t *mode) +{ + mode_t mask, perm; + struct exfat_sb_info *sbi = EXFAT_SB(inode->i_sb); + + if (S_ISDIR(*mode)) + mask = sbi->options.dmask; + else + mask = sbi->options.fmask; + + perm = *mode & ~(S_IFMT | mask); + + /* + * we want 'r' and 'x' bits when mask allows for it. + */ + if ((perm & (S_IRUGO | S_IXUGO)) != + (inode->i_mode & ~mask & (S_IRUGO | S_IXUGO))) { + return -EPERM; + } + + /* + * we want all 'w' bits or none, depending on mask. + */ + if ((perm & S_IWUGO) && (perm & S_IWUGO) != (~mask & S_IWUGO)) + return -EPERM; + *mode &= ~mask; + return 0; +} + +int exfat_setattr(struct user_namespace *ns, struct dentry *dentry, + struct iattr *attrs) +{ + struct inode *inode = dentry->d_inode; + int error; + + /* + * can set uid/gid, only if it the same as the current one in + * the inode. + */ + if (attrs->ia_valid & ATTR_UID && + !uid_eq(inode->i_uid, attrs->ia_uid)) + return -EPERM; + + if (attrs->ia_valid & ATTR_GID && + !gid_eq(inode->i_gid, attrs->ia_gid)) + return -EPERM; + + if (attrs->ia_valid & ATTR_MODE && + (attrs->ia_mode & ~EXFAT_VALID_MODE || + exfat_mode_fixup(inode, &attrs->ia_mode) < 0)) { + /* + * silently ignore mode change if we're not OK with + * it (same behavior as vfat). + */ + attrs->ia_valid &= ~ATTR_MODE; + } + + if (attrs->ia_valid & ATTR_SIZE) { + inode_dio_wait(inode); + if (attrs->ia_size > inode->i_size) { + /* + * expand file + */ + error = exfat_cont_expand(inode, attrs->ia_size); + if (error) + return error; + } else { + /* + * shrink file + */ + truncate_setsize(inode, attrs->ia_size); + exfat_truncate_blocks(inode, attrs->ia_size); + } + } + + setattr_copy(&init_user_ns, inode, attrs); + mark_inode_dirty(inode); + return 0; +} diff -Nruw linux-5.15.42-fbx/fs/exfat-fbx./inode.c linux-5.15.42-fbx/fs/exfat-fbx/inode.c --- linux-5.15.42-fbx/fs/exfat-fbx./inode.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/fs/exfat-fbx/inode.c 2023-02-24 19:09:23.405368085 +0100 @@ -0,0 +1,277 @@ +/* + * inode.c<2> for exfat + * Created by on Wed Jul 24 16:15:52 2013 + */ + +#include +#include +#include +#include +#include +#include + +#include "exfat_fs.h" +#include "exfat.h" + +static struct kmem_cache *exfat_inodes_cachep; + +/* + * inode callbacks. + */ +struct inode *exfat_alloc_inode(struct super_block *sb) +{ + struct exfat_inode_info *ei = kmem_cache_alloc(exfat_inodes_cachep, + GFP_NOFS); + + if (!ei) + return NULL; + + return &ei->vfs_inode; +} + +static void exfat_i_callback(struct rcu_head *head) +{ + struct inode *inode = container_of(head, struct inode, i_rcu); + + kmem_cache_free(exfat_inodes_cachep, EXFAT_I(inode)); +} + +void exfat_destroy_inode(struct inode *_inode) +{ + struct exfat_inode_info *inode = EXFAT_I(_inode); + + call_rcu(&inode->vfs_inode.i_rcu, exfat_i_callback); +} + +static void exfat_inode_init_once(void *ptr) +{ + struct exfat_inode_info *info = ptr; + + INIT_HLIST_NODE(&info->hash_list); + exfat_inode_cache_init(&info->vfs_inode); + inode_init_once(&info->vfs_inode); +} + +/* + * inode cache create/destroy. + */ +int exfat_init_inodes(void) +{ + exfat_inodes_cachep = kmem_cache_create("exfat-inodes", + sizeof (struct exfat_inode_info), 0, + SLAB_RECLAIM_ACCOUNT |SLAB_MEM_SPREAD, + exfat_inode_init_once); + if (!exfat_inodes_cachep) + return -ENOMEM; + return 0; +} + +void exfat_exit_inodes(void) +{ + kmem_cache_destroy(exfat_inodes_cachep); +} + +int exfat_drop_inode(struct inode *inode) +{ + return generic_drop_inode(inode); +} + +void exfat_evict_inode(struct inode *inode) +{ + truncate_inode_pages_final(&inode->i_data); + if (!inode->i_nlink) { + inode->i_size = 0; + exfat_free_clusters_inode(inode, 0); + } + invalidate_inode_buffers(inode); + clear_inode(inode); + exfat_remove_inode_hash(inode); + exfat_inode_cache_drop(inode); +} + +static u32 exfat_hash(loff_t disk_pos) +{ + return hash_32(disk_pos, EXFAT_HASH_BITS); +} + +struct inode *exfat_iget(struct super_block *sb, loff_t disk_pos) +{ + struct exfat_inode_info *info; + struct exfat_sb_info *sbi = EXFAT_SB(sb); + struct hlist_head *head = sbi->inode_hash + exfat_hash(disk_pos); + struct inode *ret = NULL; + + + spin_lock(&sbi->inode_hash_lock); + hlist_for_each_entry (info, head, hash_list) { + if (info->iloc.disk_offs[0] != disk_pos) + continue ; + ret = igrab(&info->vfs_inode); + if (ret) + break; + } + spin_unlock(&sbi->inode_hash_lock); + return ret; +} + +void exfat_insert_inode_hash(struct inode *inode) +{ + struct exfat_sb_info *sbi = EXFAT_SB(inode->i_sb); + struct exfat_inode_info *info = EXFAT_I(inode); + struct hlist_head *head = sbi->inode_hash + + exfat_hash(info->iloc.disk_offs[0]); + + spin_lock(&sbi->inode_hash_lock); + hlist_add_head(&info->hash_list, head); + spin_unlock(&sbi->inode_hash_lock); +} + +void exfat_remove_inode_hash(struct inode *inode) +{ + struct exfat_inode_info *info = EXFAT_I(inode); + struct exfat_sb_info *sbi = EXFAT_SB(inode->i_sb); + + spin_lock(&sbi->inode_hash_lock); + info->iloc.disk_offs[0] = 0; + hlist_del_init(&info->hash_list); + spin_unlock(&sbi->inode_hash_lock); +} + +/* + * calculate the number of links in a directory. this is the number of + * EXFAT_FILEDIR_ENTRY typed elements in the directory stream. This + * does not include the '.' and '..' entries. + */ +loff_t exfat_dir_links(struct inode *inode) +{ + size_t ret = 0; + struct exfat_dir_ctx dctx; + int error; + bool end; + + error = exfat_init_dir_ctx(inode, &dctx, 0); + if (error) + return error; + + error = -EIO; + for (;;) { + struct exfat_filedir_entry *e = + __exfat_dentry_next(&dctx, E_EXFAT_FILEDIR, 0xff, + true, &end); + if (!e) { + if (end) + error = 0; + goto out; + } + ++ret; + } +out: + exfat_cleanup_dir_ctx(&dctx); + if (error) + return error; + return ret; +} + +int exfat_get_cluster_hint(struct inode *inode, u32 *out_hint) +{ + struct exfat_inode_info *info = EXFAT_I(inode); + int error; + u32 first_cluster = info->first_cluster; + + + if (!first_cluster) { + /* + * empty file, return a cluster likely to be free. + */ + *out_hint = EXFAT_SB(inode->i_sb)->prev_free_cluster + 2; + return 0; + } + + if (info->flags & EXFAT_I_FAT_INVALID) { + /* + * not fat run, all clusters are contiguous, set hint + * to next last file cluster. + */ + *out_hint = first_cluster + info->allocated_clusters; + return 0; + } + + /* + * fat run available, walk it to get the last physical cluster + * address and set hint to the immediate next physical + * cluster. + */ + error = exfat_get_fat_cluster(inode, info->allocated_clusters - 1, + out_hint); + if (error) + return error; + (*out_hint)++; + return 0; +} + +int __exfat_write_inode(struct inode *inode, bool sync) +{ + struct exfat_sb_info *sbi = EXFAT_SB(inode->i_sb); + struct exfat_inode_info *info = EXFAT_I(inode); + struct dir_entry_buffer entries[info->iloc.nr_secondary]; + int error; + struct exfat_filedir_entry *efd; + struct exfat_stream_extension_entry *esx; + u16 checksum; + + if (inode->i_ino == EXFAT_ROOT_INO) + return 0; + + if (info->iloc.disk_offs[0] == 0) { + /* + * write_inode() to unlinked inode: don't corrupt + * superblock. + */ + return 0; + } + + error = exfat_get_dir_entry_buffers(inode, &info->iloc, + entries, info->iloc.nr_secondary); + if (error) + return error; + + if (inode->i_mode & S_IWUGO) + info->attributes &= ~E_EXFAT_ATTR_RO; + else + info->attributes |= E_EXFAT_ATTR_RO; + + efd = entries[0].start; + esx = entries[1].start; + + efd->attributes = __cpu_to_le16(info->attributes); + esx->data_length = __cpu_to_le64(inode->i_size); + esx->valid_data_length = esx->data_length = + __cpu_to_le64(inode->i_size); + esx->flags = info->flags; + esx->first_cluster = __cpu_to_le32(info->first_cluster); + + exfat_write_time(sbi, &inode->i_ctime, &efd->create, &efd->create_10ms, + &efd->create_tz_offset); + exfat_write_time(sbi, &inode->i_mtime, &efd->modified, + &efd->modified_10ms, &efd->modified_tz_offset); + exfat_write_time(sbi, &inode->i_atime, &efd->accessed, NULL, + &efd->accessed_tz_offset); + + checksum = exfat_dir_entries_checksum(entries, info->iloc.nr_secondary); + efd->set_checksum = __cpu_to_le16(checksum); + + exfat_dirty_dir_entries(entries, info->iloc.nr_secondary, sync); + + + return 0; +} + +int exfat_write_inode(struct inode *inode, struct writeback_control *wbc) +{ + int ret; + + exfat_lock_super(inode->i_sb); + ret = __exfat_write_inode(inode, wbc->sync_mode == WB_SYNC_ALL); + exfat_unlock_super(inode->i_sb); + return ret; +} diff -Nruw linux-5.15.42-fbx/fs/exfat-fbx./namei.c linux-5.15.42-fbx/fs/exfat-fbx/namei.c --- linux-5.15.42-fbx/fs/exfat-fbx./namei.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/fs/exfat-fbx/namei.c 2024-04-22 14:46:57.024243959 +0200 @@ -0,0 +1,933 @@ +/* + * namei.c for exfat + * Created by on Tue Aug 20 12:00:27 2013 + */ + +#include +#include +#include +#include +#include + +#include "exfat.h" +#include "exfat_fs.h" + +static u16 exfat_filename_hash_cont(struct super_block *sb, + const __le16 *name, u16 hash, size_t len); + + +void exfat_write_time(struct exfat_sb_info *sbi, struct timespec64 *ts, + __le32 *datetime, u8 *time_cs, u8 *tz_offset) +{ + u32 cpu_datetime; + + exfat_time_2exfat(sbi, ts, &cpu_datetime, time_cs, tz_offset); + *datetime = __cpu_to_le32(cpu_datetime); +} + +static void exfat_read_time(struct timespec64 *ts, __le32 datetime, u8 time_cs, + u8 tz_offset) +{ + u32 cpu_datetime = __le32_to_cpu(datetime); + exfat_time_2unix(ts, cpu_datetime, time_cs, tz_offset); +} + +static int exfat_zero_cluster(struct super_block *sb, u32 cluster, bool sync) +{ + sector_t start = exfat_cluster_sector(EXFAT_SB(sb), cluster); + sector_t end = start + EXFAT_SB(sb)->sectors_per_cluster; + sector_t sect; + + for (sect = start; sect < end; ++sect) { + struct buffer_head *bh = sb_bread(sb, sect); + if (!bh) { + exfat_msg(sb, KERN_WARNING, + "unable to read sector %llu for zeroing.", + (unsigned long long)sect); + return -EIO; + } + memset(bh->b_data, 0, bh->b_size); + mark_buffer_dirty(bh); + if (sync) + sync_dirty_buffer(bh); + brelse(bh); + } + return 0; +} + +/* + * use per superblock fmask or dmaks, depending on provided entry + * attribute to restrict the provided mode even more. + */ +mode_t exfat_make_mode(struct exfat_sb_info *sbi, mode_t mode, u16 attrs) +{ + if (attrs & E_EXFAT_ATTR_DIRECTORY) + mode = (mode & ~sbi->options.dmask) | S_IFDIR; + else + mode = (mode & ~sbi->options.fmask) | S_IFREG; + if (attrs & E_EXFAT_ATTR_RO) + mode &= ~S_IWUGO; + return mode; +} + +/* + * populate inode fields. + */ +static struct inode *exfat_populate_inode(struct super_block *sb, + const struct exfat_filedir_entry *efd, + const struct exfat_stream_extension_entry *esx, + const struct exfat_iloc *iloc) +{ + struct exfat_sb_info *sbi = EXFAT_SB(sb); + struct inode *inode; + + inode = exfat_iget(sb, iloc->disk_offs[0]); + if (inode) + return inode; + + inode = new_inode(sb); + if (!inode) + return NULL; + + inode->i_ino = iunique(sb, EXFAT_ROOT_INO); + EXFAT_I(inode)->first_cluster = __le32_to_cpu(esx->first_cluster); + EXFAT_I(inode)->flags = esx->flags; + EXFAT_I(inode)->iloc = *iloc; + EXFAT_I(inode)->attributes = __le16_to_cpu(efd->attributes); + + inode->i_size = __le64_to_cpu(esx->data_length); + EXFAT_I(inode)->allocated_clusters = inode->i_size >> sbi->clusterbits; + if (inode->i_size & sbi->clustermask) + EXFAT_I(inode)->allocated_clusters++; + inode->i_blocks = EXFAT_I(inode)->allocated_clusters << + (sbi->clusterbits - 9); + EXFAT_I(inode)->mmu_private = inode->i_size; + + inode->i_uid = sbi->options.uid; + inode->i_gid = sbi->options.gid; + inode->i_mode = exfat_make_mode(sbi, S_IRWXUGO, + EXFAT_I(inode)->attributes); + + if (EXFAT_I(inode)->attributes & E_EXFAT_ATTR_DIRECTORY) { + loff_t nlinks = exfat_dir_links(inode); + if (nlinks < 0) + goto iput; + set_nlink(inode, nlinks + 2); + } else + set_nlink(inode, 1); + + if (esx->data_length != esx->valid_data_length) + exfat_msg(sb, KERN_WARNING, "data length (%llu) != valid data " + "length (%llu)", __le64_to_cpu(esx->data_length), + __le64_to_cpu(esx->valid_data_length)); + + if (S_ISDIR(inode->i_mode)) { + inode->i_fop = &exfat_dir_operations; + inode->i_op = &exfat_dir_inode_operations; + } else { + /* until we support write */ + inode->i_fop = &exfat_file_operations; + inode->i_op = &exfat_file_inode_operations; + inode->i_data.a_ops = &exfat_address_space_operations; + } + + + exfat_read_time(&inode->i_ctime, efd->create, efd->create_10ms, + efd->create_tz_offset); + exfat_read_time(&inode->i_mtime, efd->modified, efd->modified_10ms, + efd->modified_tz_offset); + exfat_read_time(&inode->i_atime, efd->accessed, 0, + efd->accessed_tz_offset); + + exfat_insert_inode_hash(inode); + insert_inode_hash(inode); + return inode; +iput: + iput(inode); + return NULL; +} + +/* + * lookup an inode. + */ +struct dentry *exfat_inode_lookup(struct inode *parent, struct dentry *dentry, + unsigned int flags) +{ + struct super_block *sb = dentry->d_sb; + struct exfat_dir_ctx dctx; + int error; + struct exfat_filedir_entry efd; + struct exfat_stream_extension_entry esx; + __le16 *name = __getname(); + __le16 *utf16_name = __getname(); + unsigned int utf16_name_length; + __le16 name_hash; + + exfat_lock_super(parent->i_sb); + + if (!name || !utf16_name) { + error = -ENOMEM; + goto putnames; + } + + utf16_name_length = utf8s_to_utf16s(dentry->d_name.name, + dentry->d_name.len, + UTF16_LITTLE_ENDIAN, + utf16_name, 255 + 2); + if (utf16_name_length > 255) { + error = -ENAMETOOLONG; + goto putnames; + } + + /* + * get the name hash of the wanted inode early so that we can + * skip entries with only an efd and an esx entry. + */ + name_hash = __cpu_to_le16(exfat_filename_hash_cont(sb, utf16_name, 0, + utf16_name_length)); + + /* + * create a dir ctx from the parent so that we can iterate on + * it. + */ + error = exfat_init_dir_ctx(parent, &dctx, 0); + if (error) + goto putnames; + + for (;;) { + u32 name_length; + struct inode *inode; + u16 calc_checksum; + u16 expect_checksum; + struct exfat_iloc iloc; + + memset(&iloc, 0, sizeof (iloc)); + /* + * get filedir and stream extension entries. + */ + error = exfat_dentry_next(&efd, &dctx, E_EXFAT_FILEDIR, true); + if (error < 0) + /* end of directory reached, or other error */ + goto cleanup; + + error = -EINVAL; + if (efd.secondary_count > 18) + goto cleanup; + + iloc.file_off = exfat_dctx_fpos(&dctx); + iloc.disk_offs[0] = exfat_dctx_dpos(&dctx); + iloc.nr_secondary = efd.secondary_count + 1; + + error = exfat_dentry_next(&esx, &dctx, E_EXFAT_STREAM_EXT, + false); + if (error) + goto cleanup; + + if (esx.name_hash != name_hash) + /* + * stored name hash is not the same as the + * wanted hash: no point in processing the + * remaining entries for the current efd/esx + * any further. + */ + continue ; + + /* + * now that the hash matches it is ok to update the + * checksum for the efd and esx entries. + */ + expect_checksum = __le16_to_cpu(efd.set_checksum); + calc_checksum = exfat_direntry_checksum(&efd, 0, true); + + calc_checksum = exfat_direntry_checksum(&esx, + calc_checksum, false); + iloc.disk_offs[1] = exfat_dctx_dpos(&dctx); + + /* + * fetch name. + */ + name_length = esx.name_length; + error = __exfat_get_name(&dctx, name_length, name, + &calc_checksum, &iloc); + if (error) + goto cleanup; + + if (calc_checksum != expect_checksum) { + exfat_msg(dctx.sb, KERN_INFO, "checksum: " + "calculated %04x, expect %04x", + calc_checksum, expect_checksum); + error = -EIO; + goto cleanup; + } + + + if (utf16_name_length != name_length) + continue ; + + if (memcmp(utf16_name, name, name_length * sizeof (__le16))) + continue ; + + inode = exfat_populate_inode(sb, &efd, &esx, &iloc); + if (inode) { + d_add(dentry, inode); + error = 0; + } else + error = -EIO; + goto cleanup; + } + +cleanup: + exfat_cleanup_dir_ctx(&dctx); +putnames: + if (name) + __putname(name); + if (utf16_name) + __putname(utf16_name); + exfat_unlock_super(parent->i_sb); + if (error && error != -ENOENT) + return ERR_PTR(error); + return NULL; +} + +/* + * find nr unused directory entries (type & 0x80 == 0). + */ +static int exfat_find_dir_iloc(struct inode *inode, int nr, + struct exfat_iloc *iloc) +{ + struct exfat_dir_ctx dctx; + bool end = false; + int error; + struct exfat_sb_info *sbi = EXFAT_SB(inode->i_sb); + u32 nr_new_clusters, i; + u32 new_clusters[2]; + u32 hint_cluster; + +retry: + memset(iloc, 0, sizeof (*iloc)); + iloc->nr_secondary = nr; + + error = exfat_init_dir_ctx(inode, &dctx, 0); + if (error) + return error; + + while (1) { + int nr_free; + void *ent; + + ent = __exfat_dentry_next(&dctx, 0x00, 0x80, true, &end); + if (end) + break; + if (!ent) { + exfat_cleanup_dir_ctx(&dctx); + return -EIO; + } + + nr_free = 1; + iloc->file_off = exfat_dctx_fpos(&dctx); + iloc->disk_offs[0] = exfat_dctx_dpos(&dctx); + while (__exfat_dentry_next(&dctx, 0x00, 0x80, false, &end) + != NULL && nr_free < nr) { + iloc->disk_offs[nr_free] = exfat_dctx_dpos(&dctx); + ++nr_free; + } + if (nr_free == nr) { + /* + * we found enough consecutive free entries. + */ + exfat_cleanup_dir_ctx(&dctx); + return 0; + } + + } + + /* + * not enough consecutive free entries found, kick the cluster + * allocator and retry. + */ + exfat_cleanup_dir_ctx(&dctx); + + /* + * with the smallest cluster size, a file can take more than + * two clusters. allocate two in that case reardless of what + * is needed to make code simplier. + */ + switch (sbi->clustersize) { + case 512: + nr_new_clusters = 2; + break; + default: + nr_new_clusters = 1; + break; + } + + /* + * get a hint cluster for the cluster allocator. + */ + error = exfat_get_cluster_hint(inode, &hint_cluster); + if (error) + return error; + + /* + * peform the allocation. + */ + error = exfat_alloc_clusters(inode, hint_cluster, new_clusters, + nr_new_clusters); + if (error) + return error; + + /* + * fill new cluster(s) with zero. + */ + for (i = 0; i < nr_new_clusters; ++i) + exfat_zero_cluster(inode->i_sb, new_clusters[i], false); + + /* + * update size and mark inode as dirty so that write_inode() + * can update it's size, and the other fields updated by + * exfat_alloc_clusters. + */ + inode->i_size += nr_new_clusters << sbi->clusterbits; + mark_inode_dirty(inode); + + /* + * kick the whole place search again, this time with the newly + * allocated clusters. + */ + goto retry; +} + +/* + * setup dir_entry_buffers starting at using iloc. + */ +int exfat_get_dir_entry_buffers(struct inode *dir, struct exfat_iloc *iloc, + struct dir_entry_buffer *entries, + size_t nr_entries) +{ + size_t i; + int error; + struct exfat_sb_info *sbi = EXFAT_SB(dir->i_sb); + + BUG_ON(iloc->nr_secondary != nr_entries); + + memset(entries, 0, sizeof (*entries) * nr_entries); + for (i = 0; i < nr_entries; ++i) { + sector_t sector = iloc->disk_offs[i] >> sbi->sectorbits; + + entries[i].off = iloc->disk_offs[i] & sbi->sectormask; + entries[i].bh = sb_bread(dir->i_sb, sector); + if (!entries[i].bh) { + error = -EIO; + goto fail; + } + entries[i].start = entries[i].bh->b_data + entries[i].off; + } + return 0; + +fail: + for (i = 0; i < nr_entries; ++i) + if (entries[i].bh) + brelse(entries[i].bh); + return error; +} + +static u16 exfat_filename_hash_cont(struct super_block *sb, + const __le16 *name, u16 hash, size_t len) +{ + while (len) { + u16 c = __le16_to_cpu(exfat_upcase_convert(sb, *name)); + + hash = ((hash << 15) | (hash >> 1)) + (c & 0xff); + hash = ((hash << 15) | (hash >> 1)) + (c >> 8); + --len; + ++name; + } + return hash; +} + +u16 exfat_dir_entries_checksum(struct dir_entry_buffer *entries, u32 nr) +{ + u32 checksum = 0; + + if (nr) { + checksum = exfat_direntry_checksum(entries->start, + checksum, true); + --nr; + ++entries; + } + while (nr) { + checksum = exfat_direntry_checksum(entries->start, + checksum, false); + --nr; + ++entries; + } + return checksum; +} + +/* + * setup exfat_filedir_entry and exfat_stream_extension_entry for a + * new entry, with attribute attrs, and named name. + */ +static void exfat_fill_dir_entries(struct super_block *sb, + struct dir_entry_buffer *entries, + size_t nr_entries, u8 attrs, + __le16 *name, int name_length) +{ + struct exfat_filedir_entry *efd; + struct exfat_stream_extension_entry *esx; + int i; + u16 name_hash; + u16 checksum; + struct timespec64 ts; + + ktime_get_coarse_real_ts64(&ts); + + efd = entries[0].start; + esx = entries[1].start; + + /* + * fill exfat filedir entry + */ + memset(efd, 0, sizeof (*efd)); + efd->type = E_EXFAT_FILEDIR; + efd->secondary_count = nr_entries - 1; + efd->set_checksum = 0; + efd->attributes = __cpu_to_le16(attrs); + + /* + * update file directory entry times + */ + efd = entries[0].start; + exfat_write_time(EXFAT_SB(sb), &ts, &efd->create, &efd->create_10ms, + &efd->create_tz_offset); + efd->modified = efd->accessed = efd->create; + efd->modified_10ms = efd->create_10ms; + efd->accessed_tz_offset = efd->modified_tz_offset = + efd->create_tz_offset; + + /* + * fill exfat stream extension entry + */ + memset(esx, 0, sizeof (*esx)); + esx->type = E_EXFAT_STREAM_EXT; + esx->flags = EXFAT_I_ALLOC_POSSIBLE; + esx->first_cluster = __cpu_to_le32(0); + esx->data_length = __cpu_to_le64(0); + esx->valid_data_length = __cpu_to_le64(0); + esx->name_length = name_length; + + /* + * fill name fragments. + */ + name_hash = 0; + for (i = 0; i < nr_entries - 2; ++i, name_length -= 15) { + struct exfat_filename_entry *efn = entries[i + 2].start; + int len = 15; + + if (name_length < 15) + len = name_length; + + memset(efn, 0, sizeof (*efn)); + efn->type = E_EXFAT_FILENAME; + memcpy(efn->name_frag, name + i * 15, len * sizeof (__le16)); + name_hash = exfat_filename_hash_cont(sb, efn->name_frag, + name_hash, len); + } + esx->name_hash = __cpu_to_le16(name_hash); + + checksum = exfat_dir_entries_checksum(entries, nr_entries); + efd->set_checksum = __cpu_to_le16(checksum); +} + +/* + * mark all buffer heads in the entries array as dirty. optionally + * sync them if required. + */ +void exfat_dirty_dir_entries(struct dir_entry_buffer *entries, + size_t nr_entries, bool sync) +{ + size_t i; + + for (i = 0; i < nr_entries; ++i) { + mark_buffer_dirty(entries[i].bh); + if (sync) + sync_dirty_buffer(entries[i].bh); + brelse(entries[i].bh); + } +} + +/* + * cleanup all buffer heads in entries. + */ +static void exfat_cleanup_dir_entries(struct dir_entry_buffer *entries, + size_t nr_entries) +{ + size_t i; + + for (i = 0; i < nr_entries; ++i) + brelse(entries[i].bh); +} + +/* + * create an inode + */ +static int __exfat_inode_create(struct inode *dir, struct dentry *dentry, + umode_t mode, bool is_dir) +{ + int nr_entries; + struct dir_entry_buffer entries[19]; + struct inode *new; + struct exfat_iloc iloc; + int error; + u8 attr = 0; + __le16 *utf16_name; + int utf16_name_length; + + if (is_dir) + attr |= E_EXFAT_ATTR_DIRECTORY; + + exfat_lock_super(dir->i_sb); + + utf16_name = __getname(); + if (!utf16_name) { + error = -ENOMEM; + goto unlock_super; + } + + utf16_name_length = utf8s_to_utf16s(dentry->d_name.name, + dentry->d_name.len, + UTF16_LITTLE_ENDIAN, utf16_name, + 255 + 2); + if (utf16_name_length < 0) { + error = utf16_name_length; + goto putname; + } + if (utf16_name_length > 255) { + error = -ENAMETOOLONG; + goto putname; + } + + + nr_entries = 2 + DIV_ROUND_UP(utf16_name_length, 15); + if (nr_entries > 19) { + error = -ENAMETOOLONG; + goto putname; + } + + error = exfat_find_dir_iloc(dir, nr_entries, &iloc); + if (error < 0) + goto putname; + + error = exfat_get_dir_entry_buffers(dir, &iloc, entries, nr_entries); + if (error) + goto putname; + exfat_fill_dir_entries(dir->i_sb, entries, nr_entries, attr, + utf16_name, utf16_name_length); + + /* + * create an inode with it. + */ + error = -ENOMEM; + new = exfat_populate_inode(dir->i_sb, entries[0].start, + entries[1].start, &iloc); + if (!new) + goto cleanup; + inc_nlink(dir); + d_instantiate(dentry, new); + + /* + * update directory atime / ctime. + */ + dir->i_atime = dir->i_mtime = current_time(dir); + if (IS_DIRSYNC(dir)) + __exfat_write_inode(dir, true); + else + mark_inode_dirty(dir); + + /* + * write to disk + */ + exfat_dirty_dir_entries(entries, nr_entries, false); + __putname(utf16_name); + exfat_unlock_super(dir->i_sb); + return 0; + +cleanup: + exfat_cleanup_dir_entries(entries, nr_entries); +putname: + __putname(utf16_name); +unlock_super: + exfat_unlock_super(dir->i_sb); + return error; +} + +int exfat_inode_create(struct user_namespace *ns, struct inode *dir, + struct dentry *dentry, umode_t mode, bool excl) +{ + return __exfat_inode_create(dir, dentry, mode, false); +} + +int exfat_inode_mkdir(struct user_namespace *ns, struct inode *dir, + struct dentry *dentry, umode_t mode) +{ + return __exfat_inode_create(dir, dentry, mode, true); +} + +/* + * inode unlink: find all direntry buffers and clear seventh bit of + * the entry type to mark the as unused. + */ +static int __exfat_inode_unlink(struct inode *dir, struct dentry *dentry) +{ + struct inode *inode = dentry->d_inode; + struct exfat_inode_info *info = EXFAT_I(inode); + struct dir_entry_buffer entries[info->iloc.nr_secondary]; + int error; + u32 i; + + error = exfat_get_dir_entry_buffers(inode, &info->iloc, + entries, info->iloc.nr_secondary); + if (error) + return error; + + for (i = 0; i < info->iloc.nr_secondary; ++i) { + u8 *type = entries[i].start; + + *type &= 0x7f; + } + + drop_nlink(dir); + clear_nlink(inode); + inode->i_mtime = inode->i_atime = current_time(inode); + + /* + * update atime & mtime for parent directory. + */ + dir->i_mtime = dir->i_atime = current_time(dir); + if (IS_DIRSYNC(dir)) + __exfat_write_inode(dir, true); + else + mark_inode_dirty(dir); + + exfat_dirty_dir_entries(entries, info->iloc.nr_secondary, false); + exfat_remove_inode_hash(inode); + return 0; +} + +int exfat_inode_unlink(struct inode *dir, struct dentry *dentry) +{ + int ret; + + exfat_lock_super(dir->i_sb); + ret = __exfat_inode_unlink(dir, dentry); + exfat_unlock_super(dir->i_sb); + return ret; +} + +/* + * inode rmdir: check that links is not greater than 2 (meaning that + * the directory is empty) and invoke unlink. + */ +static int __exfat_inode_rmdir(struct inode *dir, struct dentry *dentry) +{ + struct inode *inode = dentry->d_inode; + + if (inode->i_nlink > 2) + return -ENOTEMPTY; + + return __exfat_inode_unlink(dir, dentry); +} + +int exfat_inode_rmdir(struct inode *dir, struct dentry *dentry) +{ + int ret; + + exfat_lock_super(dir->i_sb); + ret = __exfat_inode_rmdir(dir, dentry); + exfat_unlock_super(dir->i_sb); + return ret; +} + +int exfat_rename(struct user_namespace *ns, + struct inode *old_dir, struct dentry *old_dentry, + struct inode *new_dir, struct dentry *new_dentry, + unsigned int flags) +{ + struct inode *old_inode = old_dentry->d_inode; + struct inode *new_inode = new_dentry->d_inode; + int new_nr_entries; + int error = 0; + struct exfat_iloc new_iloc; + struct exfat_inode_info *old_info = EXFAT_I(old_inode); + struct dir_entry_buffer old_buffers[old_info->iloc.nr_secondary]; + struct dir_entry_buffer new_buffers[19]; + struct exfat_filedir_entry *efd; + struct exfat_stream_extension_entry *esx; + int name_length; + __le16 *name; + u16 name_hash; + int i; + + if (flags & ~RENAME_NOREPLACE) + return -EINVAL; + + exfat_lock_super(new_dir->i_sb); + + /* + * convert new name to utf16 + */ + name = __getname(); + if (!name) { + error = -ENOMEM; + goto unlock_super; + } + name_length = utf8s_to_utf16s(new_dentry->d_name.name, + new_dentry->d_name.len, + UTF16_LITTLE_ENDIAN, name, 255 + 2); + + if (name_length > 255) { + error = -ENAMETOOLONG; + goto err_putname; + } + if (name_length < 0) { + error = name_length; + goto err_putname; + } + + new_nr_entries = 2 + DIV_ROUND_UP(name_length, 15); + + /* + * find space for new entry + */ + error = exfat_find_dir_iloc(new_dir, new_nr_entries, &new_iloc); + if (error < 0) + goto err_putname; + + /* + * get buffers for old and new entries. + */ + error = exfat_get_dir_entry_buffers(old_dir, &old_info->iloc, + old_buffers, old_info->iloc.nr_secondary); + if (error < 0) + goto err_putname; + + error = exfat_get_dir_entry_buffers(new_dir, &new_iloc, new_buffers, + new_nr_entries); + if (error < 0) + goto err_cleanup_old_buffers; + + + /* + * remove new inode, if it exists. + */ + if (new_inode) { + if (S_ISDIR(new_inode->i_mode)) + error = __exfat_inode_rmdir(new_dir, new_dentry); + else + error = __exfat_inode_unlink(new_dir, new_dentry); + if (error < 0) + goto err_cleanup_new_buffers; + } + + /* + * move old esd to new esd (and ditto for esx). + */ + efd = new_buffers[0].start; + esx = new_buffers[1].start; + memcpy(efd, old_buffers[0].start, sizeof (*efd)); + memcpy(esx, old_buffers[1].start, sizeof (*esx)); + + efd->secondary_count = new_nr_entries - 1; + + /* + * patch new name after that. + */ + esx->name_length = __cpu_to_le16(name_length); + + /* + * fill name fragments. + */ + name_hash = 0; + for (i = 0; i < new_nr_entries - 2; ++i, name_length -= 15) { + struct exfat_filename_entry *efn = new_buffers[i + 2].start; + int len = 15; + + if (name_length < 15) + len = name_length; + + memset(efn, 0, sizeof (*efn)); + efn->type = E_EXFAT_FILENAME; + memcpy(efn->name_frag, name + i * 15, len * sizeof (__le16)); + name_hash = exfat_filename_hash_cont(new_dir->i_sb, + efn->name_frag, + name_hash, len); + } + __putname(name); + esx->name_hash = __cpu_to_le16(name_hash); + efd->set_checksum = exfat_dir_entries_checksum(new_buffers, + new_nr_entries); + efd->set_checksum = __cpu_to_le16(efd->set_checksum); + + /* + * mark old buffer entries as unused. + */ + for (i = 0; i < old_info->iloc.nr_secondary; ++i) + *((u8*)old_buffers[i].start) &= 0x7f; + + /* + * dirty old & new entries buffers. + */ + exfat_dirty_dir_entries(new_buffers, new_nr_entries, false); + exfat_dirty_dir_entries(old_buffers, old_info->iloc.nr_secondary, + false); + + /* + * update links if new_dir and old_dir are differents. + */ + if (new_dir != old_dir) { + drop_nlink(old_dir); + inc_nlink(new_dir); + } + + /* + * make old inode use the new iloc, and update sb inode hash. + */ + exfat_remove_inode_hash(old_inode); + old_info->iloc = new_iloc; + exfat_insert_inode_hash(old_inode); + + /* + * update new dir & old dir mtime/atime + */ + if (new_dir == old_dir) { + new_dir->i_mtime = new_dir->i_atime = current_time(new_dir); + if (IS_DIRSYNC(new_dir)) + __exfat_write_inode(new_dir, true); + else + mark_inode_dirty(new_dir); + } else { + new_dir->i_mtime = new_dir->i_atime = + old_dir->i_mtime = old_dir->i_atime = + current_time(old_dir); + if (IS_DIRSYNC(new_dir)) { + __exfat_write_inode(new_dir, true); + __exfat_write_inode(old_dir, true); + } else { + mark_inode_dirty(new_dir); + mark_inode_dirty(old_dir); + } + } + + exfat_unlock_super(new_dir->i_sb); + return 0; + +err_cleanup_new_buffers: + exfat_cleanup_dir_entries(new_buffers, new_nr_entries); +err_cleanup_old_buffers: + exfat_cleanup_dir_entries(old_buffers, old_info->iloc.nr_secondary); +err_putname: + __putname(name); +unlock_super: + exfat_unlock_super(new_dir->i_sb); + return error; +} diff -Nruw linux-5.15.42-fbx/fs/exfat-fbx./read-write.c linux-5.15.42-fbx/fs/exfat-fbx/read-write.c --- linux-5.15.42-fbx/fs/exfat-fbx./read-write.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/fs/exfat-fbx/read-write.c 2024-04-22 14:46:57.024243959 +0200 @@ -0,0 +1,149 @@ +/* + * read-write.c for exfat + * Created by on Wed Jul 31 16:37:51 2013 + */ + +#include +#include +#include +#include +#include + +#include "exfat.h" +#include "exfat_fs.h" + +/* + * map file sector to disk sector. + */ +static int exfat_bmap(struct inode *inode, sector_t fsect, sector_t *dsect) +{ + struct exfat_sb_info *sbi = EXFAT_SB(inode->i_sb); + struct exfat_inode_info *info = EXFAT_I(inode); + u32 cluster_nr = fsect >> (sbi->clusterbits - sbi->sectorbits); + u32 cluster; + unsigned int offset = fsect & (sbi->sectors_per_cluster - 1); + + if (info->flags & EXFAT_I_FAT_INVALID) + cluster = info->first_cluster + cluster_nr; + else { + int error; + + error = exfat_get_fat_cluster(inode, cluster_nr, &cluster); + if (error) + return error; + } + + *dsect = exfat_cluster_sector(sbi, cluster) + offset; + return 0; +} + +static int exfat_get_block(struct inode *inode, sector_t block, + struct buffer_head *bh, int create) +{ + struct exfat_sb_info *sbi = EXFAT_SB(inode->i_sb); + struct exfat_inode_info *info = EXFAT_I(inode); + sector_t last_block; + unsigned int offset; + sector_t dblock; + int error; + + last_block = (i_size_read(inode) + sbi->sectorsize - 1) >> + sbi->sectorbits; + offset = block & (sbi->sectors_per_cluster - 1); + + if (!create && block >= last_block) + return 0; + + if (create && block >= last_block && offset == 0) { + u32 hint, cluster; + + /* + * request for first sector in a cluster immediate to + * the last allocated cluster of the file: must + * allocate a new clluster. + */ + error = exfat_get_cluster_hint(inode, &hint); + if (error) + return error; + + error = exfat_alloc_clusters(inode, hint, &cluster, 1); + if (error) + return error; + } + + error = exfat_bmap(inode, block, &dblock); + if (error) + return error; + + if (create && block >= last_block) { + /* + * currently in create mode: we need to update + * mmu_private. + */ + info->mmu_private += sbi->sectorsize; + set_buffer_new(bh); + } + map_bh(bh, inode->i_sb, dblock); + return 0; +} + +int exfat_readpage(struct file *file, struct page *page) +{ + return mpage_readpage(page, exfat_get_block); +} + +void exfat_readahead(struct readahead_control *rac) +{ + mpage_readahead(rac, exfat_get_block); +} + +static int exfat_write_error(struct inode *inode, loff_t to) +{ + if (to > inode->i_size) { + truncate_pagecache(inode, to); + exfat_truncate_blocks(inode, inode->i_size); + } + return 0; +} + +int exfat_write_begin(struct file *file, struct address_space *mapping, + loff_t pos, unsigned len, unsigned flags, + struct page **pagep, void **fsdata) +{ + struct inode *inode = mapping->host; + int error; + + *pagep = NULL; + error = cont_write_begin(file, mapping, pos, len, flags, pagep, fsdata, + exfat_get_block, &EXFAT_I(inode)->mmu_private); + + if (error) + exfat_write_error(inode, pos + len); + return error; +} + +int exfat_write_end(struct file *file, struct address_space *mapping, + loff_t pos, unsigned len, unsigned copied, + struct page *page, void *fsdata) +{ + struct inode *inode = mapping->host; + int error; + + error = generic_write_end(file, mapping, pos, len, copied, page, + fsdata); + + if (error < len) + exfat_write_error(inode, pos + len); + return error; +} + +int exfat_writepage(struct page *page, struct writeback_control *wbc) +{ + return block_write_full_page(page, exfat_get_block, wbc); +} + +int exfat_writepages(struct address_space *mapping, + struct writeback_control *wbc) +{ + return mpage_writepages(mapping, wbc, exfat_get_block); +} diff -Nruw linux-5.15.42-fbx/fs/exfat-fbx./super.c linux-5.15.42-fbx/fs/exfat-fbx/super.c --- linux-5.15.42-fbx/fs/exfat-fbx./super.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/fs/exfat-fbx/super.c 2024-04-22 14:46:57.024243959 +0200 @@ -0,0 +1,745 @@ +/* + * super.c<2> for exfat + * Created by on Tue Jul 23 12:33:53 2013 + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "exfat_fs.h" +#include "exfat.h" + + +#define PFX "exFAT: " + +static void exfat_put_super(struct super_block *sb); +static int exfat_statfs(struct dentry *dentry, struct kstatfs *kstat); +static int exfat_show_options(struct seq_file *m, struct dentry *root); +static int exfat_remount(struct super_block *sb, int *flags, char *opts); + +static const struct super_operations exfat_super_ops = { + .alloc_inode = exfat_alloc_inode, + .destroy_inode = exfat_destroy_inode, + .drop_inode = exfat_drop_inode, + .evict_inode = exfat_evict_inode, + .write_inode = exfat_write_inode, + .statfs = exfat_statfs, + .put_super = exfat_put_super, + .show_options = exfat_show_options, + .remount_fs = exfat_remount, +}; + +const struct file_operations exfat_dir_operations = { + .llseek = generic_file_llseek, + .read = generic_read_dir, + .iterate = exfat_iterate, + .unlocked_ioctl = exfat_ioctl, +}; + +const struct file_operations exfat_file_operations = { + .llseek = generic_file_llseek, + .read_iter = generic_file_read_iter, + .write_iter = generic_file_write_iter, + .mmap = generic_file_mmap, + .splice_read = generic_file_splice_read, + .splice_write = iter_file_splice_write, + .unlocked_ioctl = exfat_ioctl, + .fsync = generic_file_fsync, +}; + +const struct inode_operations exfat_dir_inode_operations = +{ + .create = exfat_inode_create, + .mkdir = exfat_inode_mkdir, + .lookup = exfat_inode_lookup, + .rmdir = exfat_inode_rmdir, + .unlink = exfat_inode_unlink, + .rename = exfat_rename, + .setattr = exfat_setattr, + .getattr = exfat_getattr, +}; + +const struct inode_operations exfat_file_inode_operations = { + .setattr = exfat_setattr, + .getattr = exfat_getattr, +}; + +const struct address_space_operations exfat_address_space_operations = { + .set_page_dirty = __set_page_dirty_buffers, + .readpage = exfat_readpage, + .readahead = exfat_readahead, + .write_begin = exfat_write_begin, + .write_end = exfat_write_end, + .writepage = exfat_writepage, + .writepages = exfat_writepages, +}; + +void exfat_msg(struct super_block *sb, const char *prefix, + const char *fmt, ...) +{ + struct va_format vaf; + va_list args; + + va_start(args, fmt); + vaf.fmt = fmt; + vaf.va = &args; + printk("%sexFAT-fs (%s): %pV\n", prefix, sb->s_id, &vaf); + va_end(args); +} + +void exfat_fs_error(struct super_block *sb, const char *fmt, ...) +{ + struct exfat_sb_info *sbi = EXFAT_SB(sb); + struct va_format vaf; + va_list args; + + va_start(args, fmt); + vaf.fmt = fmt; + vaf.va = &args; + exfat_msg(sb, KERN_ERR, "error: %pV", &vaf); + va_end(args); + + if (sbi->options.error_action == EXFAT_ERROR_ACTION_REMOUNT_RO && + !(sb->s_flags & SB_RDONLY)) { + sb->s_flags |= SB_RDONLY; + exfat_msg(sb, KERN_ERR, "remounted read-only due to fs error."); + } else if (sbi->options.error_action == EXFAT_ERROR_ACTION_PANIC) + panic("exFAT-fs (%s): panic due fs error.\n", sb->s_id); +} + +/* + * process checksum on buffer head. first indicates if the special + * treatment of the first sector needs to be done or not. + * + * first sector can be changed (volume flags, and heap use percent), + * those fields are excluded from the checksum to allow updating + * without recalculating the checksum. + */ +static u32 exfat_sb_checksum_process(struct buffer_head *bh, u32 checksum, + unsigned int size, + bool first) +{ + unsigned int i; + + for (i = 0; i < size; ++i) { + if (first && (i == 106 || i == 107 || i == 112)) + continue ; + checksum = ((checksum << 31) | (checksum >> 1)) + + (unsigned char)bh->b_data[i]; + } + return checksum; +} + +static int exfat_check_sb_checksum(struct super_block *sb) +{ + struct exfat_sb_info *sbi = EXFAT_SB(sb); + u32 checksum; + int i; + int err; + struct buffer_head *bh[EXFAT_CHECKSUM_SECTORS + 1]; + + /* + * fetch needed sectors, reuse first sector from sbi. + */ + err = -ENOMEM; + memset(bh, 0, sizeof (struct buffer_head*) * + (EXFAT_CHECKSUM_SECTORS + 1)); + bh[0] = sbi->sb_bh; + for (i = 1; i < EXFAT_CHECKSUM_SECTORS + 1; ++i) { + bh[i] = sb_bread(sb, i); + if (!bh[i]) + goto out; + } + + /* + * calculate checksum. + */ + checksum = exfat_sb_checksum_process(bh[0], 0, sbi->sectorsize, true); + for (i = 1; i < EXFAT_CHECKSUM_SECTORS; ++i) { + checksum = exfat_sb_checksum_process(bh[i], checksum, + sbi->sectorsize, false); + } + + /* + * compare with the checksum sector. + */ + err = -EINVAL; + for (i = 0; i < sbi->sectorsize; i += sizeof (u32)) { + __le32 val = *(u32*)(bh[EXFAT_CHECKSUM_SECTORS]->b_data + i); + + if (__le32_to_cpu(val) != checksum) { + exfat_msg(sb, KERN_INFO, "at offset %i, checksum " + "%08x != %08x", i, __le32_to_cpu(val), checksum); + goto out; + } + } + err = 0; + +out: + for (i = 1; i < EXFAT_CHECKSUM_SECTORS; ++i) + if (bh[i]) + brelse(bh[i]); + return err; +} + +static int exfat_check_sb(struct super_block *sb) +{ + struct exfat_sb_info *sbi = EXFAT_SB(sb); + struct exfat_vbr *vbr = sbi->vbr; + u16 fs_rev; + u16 flags; + int active_fat; + u16 num_fats; + + if (memcmp(vbr->jump, "\xeb\x76\x90", sizeof (vbr->jump))) { + exfat_msg(sb, KERN_INFO, "invalid jump field in vbr."); + return -EINVAL; + } + + if (memcmp(vbr->fsname, "EXFAT ", 8)) { + exfat_msg(sb, KERN_INFO, "invalid fsname field in vbr: %s.", + vbr->fsname); + return -EINVAL; + } + + fs_rev = __le16_to_cpu(vbr->fs_rev); + if (fs_rev != 0x0100) { + exfat_msg(sb, KERN_INFO, "filesystem version invalid: " + "have 0x%04x, need 0x0100", fs_rev); + return -EINVAL; + } + + flags = __le16_to_cpu(vbr->volume_flags); + active_fat = exfat_active_fat(flags); + if (active_fat != 0) { + exfat_msg(sb, KERN_INFO, "filesystems with active fat > 0 are " + "not supported."); + return -EINVAL; + } + + if (flags & EXFAT_FLAG_MEDIA_FAILURE) + exfat_msg(sb, KERN_WARNING, "filesystem had media failure(s)"); + + /* + * bytes per sectors are on the range 2^9 - 2^12 (512 - 4096) + */ + if (vbr->bytes_per_sector < 9 || vbr->bytes_per_sector > 12) { + exfat_msg(sb, KERN_ERR, "invalid byte per sectors: %u", + (1 << vbr->bytes_per_sector)); + return -EINVAL; + } + + /* + * sectors per cluster can be as low as 0, and must not result + * in a cluster size higher than 32MB (byte_per_sector + + * sectors_per_cluster must not be creater than 25) + */ + if (vbr->bytes_per_sector + vbr->sectors_per_cluster > 25) { + exfat_msg(sb, KERN_ERR, "invalid cluster size: %u", + 1 << (vbr->bytes_per_sector + vbr->sectors_per_cluster)); + return -EINVAL; + } + + num_fats = __le16_to_cpu(vbr->fat_num); + if (num_fats == 0) { + exfat_msg(sb, KERN_ERR, "superblock reports no FAT."); + return -EINVAL; + } + if (num_fats > 1) { + exfat_msg(sb, KERN_ERR, "TexFAT is not supported."); + return -EINVAL; + } + + if (memcmp(vbr->boot_sig, "\x55\xaa", 2)) { + exfat_msg(sb, KERN_ERR, "invalid end boot signature: %02x%02x.", + vbr->boot_sig[0], vbr->boot_sig[1]); + return -EINVAL; + } + + return 0; +} + +static int exfat_fill_root(struct super_block *sb, struct inode *root) +{ + struct exfat_sb_info *sbi = EXFAT_SB(sb); + u32 nclust; + u32 dummy; + loff_t links; + + root->i_ino = EXFAT_ROOT_INO; + inode_set_iversion(root, 1); + EXFAT_I(root)->first_cluster = + __le32_to_cpu(sbi->root_dir_cluster); + EXFAT_I(root)->attributes = E_EXFAT_ATTR_DIRECTORY; + + root->i_uid = sbi->options.uid; + root->i_gid = sbi->options.gid; + + root->i_mode = exfat_make_mode(sbi, S_IRWXUGO, E_EXFAT_ATTR_DIRECTORY); + inode_inc_iversion(root); + root->i_generation = 0; + + root->i_op = &exfat_dir_inode_operations; + root->i_fop = &exfat_dir_operations; + + /* + * root inode cannot use bitmap. + */ + EXFAT_I(root)->flags = EXFAT_I_ALLOC_POSSIBLE; + + /* + * set i_size + */ + nclust = 0; + while (__exfat_get_fat_cluster(root, nclust, &dummy, false) == 0) + ++nclust; + root->i_size = nclust << sbi->clusterbits; + root->i_blocks = nclust << (sbi->clusterbits - 9); + EXFAT_I(root)->allocated_clusters = nclust; + + /* + * +2 to account for '.' and '..' + */ + links = exfat_dir_links(root); + if (links < 0) + return links; + set_nlink(root, links + 2); + + root->i_mtime = root->i_atime = root->i_ctime = current_time(root); + + return 0; +} + +static loff_t exfat_file_max_byte(struct exfat_sb_info *sbi) +{ + u32 max_clusters = EXFAT_CLUSTER_LASTVALID - + EXFAT_CLUSTER_FIRSTVALID + 1; + + return (loff_t)max_clusters << sbi->clusterbits; +} + +static int exfat_show_options(struct seq_file *m, struct dentry *root) +{ + struct exfat_sb_info *sbi = EXFAT_SB(root->d_inode->i_sb); + + if (!uid_eq(sbi->options.uid, GLOBAL_ROOT_UID)) + seq_printf(m, ",uid=%u", + from_kuid_munged(&init_user_ns, sbi->options.uid)); + if (!gid_eq(sbi->options.gid, GLOBAL_ROOT_GID)) + seq_printf(m, ",gid=%u", + from_kgid_munged(&init_user_ns, sbi->options.gid)); + + seq_printf(m, ",fmask=%04o", sbi->options.fmask); + seq_printf(m, ",dmask=%04o", sbi->options.dmask); + + if (sbi->options.time_offset_set) + seq_printf(m, ",time_offset=%d", sbi->options.time_offset); + + switch (sbi->options.error_action) { + case EXFAT_ERROR_ACTION_PANIC: + seq_printf(m, ",errors=panic"); + break; + case EXFAT_ERROR_ACTION_REMOUNT_RO: + seq_printf(m, ",errors=remount-ro"); + break; + default: + seq_printf(m, ",errors=continue"); + break; + } + + return 0; +} + +enum { + Opt_exfat_uid, + Opt_exfat_gid, + Opt_exfat_dmask, + Opt_exfat_fmask, + Opt_exfat_time_offset, + Opt_exfat_error_continue, + Opt_exfat_error_remount_ro, + Opt_exfat_error_panic, + Opt_exfat_err, +}; + +static const match_table_t exfat_tokens = { + { Opt_exfat_uid, "uid=%u", }, + { Opt_exfat_gid, "gid=%u", }, + { Opt_exfat_dmask, "dmask=%04o", }, + { Opt_exfat_fmask, "fmask=%04o", }, + { Opt_exfat_time_offset, "time_offset=%d", }, + { Opt_exfat_error_continue, "errors=continue", }, + { Opt_exfat_error_remount_ro, "errors=remount-ro", }, + { Opt_exfat_error_panic, "errors=panic", }, + { Opt_exfat_err, NULL }, +}; + +static int exfat_parse_options(struct super_block *sb, char *opts, int silent) +{ + struct exfat_sb_info *sbi = EXFAT_SB(sb); + char *p; + + sbi->options.uid = current_uid(); + sbi->options.gid = current_gid(); + + sbi->options.dmask = current_umask(); + sbi->options.fmask = current_umask(); + sbi->options.time_offset_set = 0; + sbi->options.error_action = EXFAT_ERROR_ACTION_CONTINUE; + + while (1) { + int token; + substring_t args[MAX_OPT_ARGS]; + unsigned int optval; + + p = strsep(&opts, ","); + if (!p) + break; + token = match_token(p, exfat_tokens, args); + + switch (token) { + case Opt_exfat_uid: + if (match_int(&args[0], &optval)) + return -EINVAL; + sbi->options.uid = make_kuid(current_user_ns(), optval); + break; + + case Opt_exfat_gid: + if (match_int(&args[0], &optval)) + return -EINVAL; + sbi->options.gid = make_kgid(current_user_ns(), optval); + break; + + case Opt_exfat_dmask: + if (match_octal(&args[0], &optval)) + return -EINVAL; + sbi->options.dmask = optval; + break; + + case Opt_exfat_fmask: + if (match_octal(&args[0], &optval)) + return -EINVAL; + sbi->options.fmask = optval; + break; + + case Opt_exfat_time_offset: + if (match_int(&args[0], &optval)) + return -EINVAL; + if (optval < -12 * 60 && optval > 12 * 60) { + if (!silent) + exfat_msg(sb, KERN_INFO, "invalid " + "time_offset value %d: " + "should be between %d and %d", + optval, -12 * 60, 12 * 60); + return -EINVAL; + } + sbi->options.time_offset = optval; + sbi->options.time_offset_set = 1; + break; + + case Opt_exfat_error_continue: + sbi->options.error_action = EXFAT_ERROR_ACTION_CONTINUE; + break; + + case Opt_exfat_error_remount_ro: + sbi->options.error_action = + EXFAT_ERROR_ACTION_REMOUNT_RO; + break; + + case Opt_exfat_error_panic: + sbi->options.error_action = EXFAT_ERROR_ACTION_PANIC; + break; + + default: + if (!silent) + exfat_msg(sb, KERN_INFO, "Unrecognized mount " + "option %s or missing parameter.\n", + p); + return -EINVAL; + } + } + return 0; +} + +static void exfat_set_sb_dirty(struct super_block *sb, bool set, bool force) +{ + struct exfat_sb_info *sbi = EXFAT_SB(sb); + u16 flags; + + /* + * do not change anything if mounted read only and not + * forced. the force case would happen during remount. + */ + if ((sb->s_flags & SB_RDONLY) && !force) + return ; + + if (sbi->dirty) { + if (set) + exfat_msg(sb, KERN_WARNING, "Volume was not cleanly " + "umounted. fsck should probably be needed."); + return ; + } + + flags = __le16_to_cpu(sbi->vbr->volume_flags); + if (set) + flags |= EXFAT_FLAG_DIRTY; + else + flags &= ~EXFAT_FLAG_DIRTY; + sbi->vbr->volume_flags = __cpu_to_le16(flags); + + mark_buffer_dirty(sbi->sb_bh); + sync_dirty_buffer(sbi->sb_bh); +} + +static int exfat_remount(struct super_block *sb, int *flags, char *opts) +{ + int new_rdonly = *flags & SB_RDONLY; + + if (new_rdonly != (sb->s_flags & SB_RDONLY)) { + if (new_rdonly) + exfat_set_sb_dirty(sb, false, false); + else + /* + * sb->s_flag still has SB_RDONLY, so we need + * to force the dirty state + */ + exfat_set_sb_dirty(sb, true, true); + } + return 0; +} + +static int exfat_fill_super(struct super_block *sb, void *data, int silent) +{ + struct exfat_sb_info *sbi = NULL; + int ret = -ENOMEM; + struct inode *root = NULL; + int i; + + sbi = kzalloc(sizeof (*sbi), GFP_KERNEL); + if (!sbi) + return -ENOMEM; + + sb->s_fs_info = sbi; + if (exfat_parse_options(sb, data, silent) < 0) + return -EINVAL; + + mutex_init(&sbi->sb_mutex); + spin_lock_init(&sbi->inode_hash_lock); + + /* + * first block, before we know sector size. + */ + sbi->sb_bh = sb_bread(sb, 0); + if (!sbi->sb_bh) + goto fail; + + sbi->vbr = (struct exfat_vbr*)sbi->sb_bh->b_data; + sb->s_op = &exfat_super_ops; + + + ret = exfat_check_sb(sb); + if (ret) + goto fail; + + /* + * time granularity of FS for use by current_time(inode): in + * nsec so 1000000000 for 1 sec granularity. + */ + sb->s_time_gran = 1000 * 1000 * 1000; + + /* + * vbr seems sane, fill sbi. + */ + sbi->sectorsize = (1 << sbi->vbr->bytes_per_sector); + sbi->clustersize = sbi->sectorsize * + (1 << sbi->vbr->sectors_per_cluster); + + sbi->sectors_per_cluster = sbi->clustersize / sbi->sectorsize; + + sbi->sectorbits = sbi->vbr->bytes_per_sector; + sbi->clusterbits = sbi->vbr->sectors_per_cluster + sbi->sectorbits; + sbi->sectormask = sbi->sectorsize - 1; + sbi->clustermask = sbi->clustersize - 1; + + + sbi->fat_offset = __le32_to_cpu(sbi->vbr->fat_offset); + sbi->fat_length = __le32_to_cpu(sbi->vbr->fat_length); + + sbi->root_dir_cluster = __le32_to_cpu(sbi->vbr->cluster_root_dir); + + sbi->cluster_heap_offset = __le32_to_cpu(sbi->vbr->cluster_heap_offset); + sbi->cluster_count = __le32_to_cpu(sbi->vbr->cluster_count); + + sbi->dirty = !!(__le16_to_cpu(sbi->vbr->volume_flags) & + EXFAT_FLAG_DIRTY); + + /* + * now that we know sector size, reread superblock with + * correct sector size. + */ + ret = -EIO; + if (sb->s_blocksize != sbi->sectorsize) { + if (!sb_set_blocksize(sb, sbi->sectorsize)) { + exfat_msg(sb, KERN_INFO, "bad block size %d.", + sbi->sectorsize); + goto fail; + } + + brelse(sbi->sb_bh); + sbi->vbr = NULL; + + sbi->sb_bh = sb_bread(sb, 0); + if (!sbi->sb_bh) + goto fail; + sbi->vbr = (struct exfat_vbr*)sbi->sb_bh->b_data; + sb->s_fs_info = sbi; + } + + ret = exfat_check_sb_checksum(sb); + if (ret) + goto fail; + + sb->s_maxbytes = exfat_file_max_byte(sbi); + + ret = exfat_init_fat(sb); + if (ret) + goto fail; + + for (i = 0 ; i < EXFAT_HASH_SIZE; ++i) { + INIT_HLIST_HEAD(&sbi->inode_hash[i]); + } + + /* + * create root inode. + */ + root = new_inode(sb); + if (!root) + goto fail; + + exfat_fill_root(sb, root); + + ret = exfat_upcase_init(root); + if (ret) + goto fail_iput; + + ret = exfat_init_bitmap(root); + if (ret) + goto fail_iput; + + + sb->s_root = d_make_root(root); + if (!sb->s_root) + goto fail_iput; + + exfat_set_sb_dirty(sb, true, false); + return 0; + +fail_iput: + iput(root); + +fail: + if (sbi->sb_bh) + brelse(sbi->sb_bh); + if (sbi) + kfree(sbi); + return ret; +} + +static struct dentry *exfat_mount(struct file_system_type *fstype, + int flags, const char *dev_name, void *data) +{ + return mount_bdev(fstype, flags, dev_name, data, exfat_fill_super); +} + +static void exfat_put_super(struct super_block *sb) +{ + struct exfat_sb_info *sbi; + + sbi = EXFAT_SB(sb); + if (sbi) { + exfat_set_sb_dirty(sb, false, false); + exfat_exit_bitmap(sb); + brelse(sbi->sb_bh); + kfree(sbi->upcase_table); + kfree(sbi); + } +} + +static int exfat_statfs(struct dentry *dentry, struct kstatfs *kstat) +{ + struct super_block *sb = dentry->d_inode->i_sb; + struct exfat_sb_info *sbi = EXFAT_SB(sb); + u64 id = huge_encode_dev(sb->s_bdev->bd_dev); + + memset(kstat, 0, sizeof (*kstat)); + + + kstat->f_bsize = sbi->clustersize; + kstat->f_blocks = sbi->cluster_count; + kstat->f_bfree = sbi->free_clusters; + kstat->f_bavail = sbi->free_clusters; + kstat->f_namelen = 255; + kstat->f_fsid.val[0] = (u32)id; + kstat->f_fsid.val[1] = (u32)(id >> 32); + + return 0; +} + +static struct file_system_type exfat_fs_type = { + .owner = THIS_MODULE, + .name = "exfat", + .mount = exfat_mount, + .kill_sb = kill_block_super, + .fs_flags = FS_REQUIRES_DEV, +}; + +static int __init exfat_init(void) +{ + int error; + + /* some sanity check on internal structure sizes */ + BUILD_BUG_ON(sizeof (struct exfat_vbr) != 512); + + BUILD_BUG_ON(sizeof (struct exfat_volume_label_entry) != 0x20); + BUILD_BUG_ON(sizeof (struct exfat_bitmap_entry) != 0x20); + BUILD_BUG_ON(sizeof (struct exfat_upcase_entry) != 0x20); + BUILD_BUG_ON(sizeof (struct exfat_guid_entry) != 0x20); + BUILD_BUG_ON(sizeof (struct exfat_padding_entry) != 0x20); + BUILD_BUG_ON(sizeof (struct exfat_acl_entry) != 0x20); + BUILD_BUG_ON(sizeof (struct exfat_filedir_entry) != 0x20); + BUILD_BUG_ON(sizeof (struct exfat_stream_extension_entry) != 0x20); + BUILD_BUG_ON(sizeof (struct exfat_filename_entry) != 0x20); + + error = exfat_init_inodes(); + if (error) + return error; + + + error = register_filesystem(&exfat_fs_type); + if (error) + exfat_exit_inodes(); + return error; +} + +static void __exit exfat_exit(void) +{ + unregister_filesystem(&exfat_fs_type); + exfat_exit_inodes(); +} + +module_init(exfat_init); +module_exit(exfat_exit); + +MODULE_LICENSE("GPL"); +MODULE_AUTHOR("Nicolas Schichan "); diff -Nruw linux-5.15.42-fbx/fs/exfat-fbx./time.c linux-5.15.42-fbx/fs/exfat-fbx/time.c --- linux-5.15.42-fbx/fs/exfat-fbx./time.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/fs/exfat-fbx/time.c 2023-02-24 19:09:39.461804551 +0100 @@ -0,0 +1,126 @@ + +#include +#include + +#include "exfat.h" +#include "exfat_fs.h" + + + +extern struct timezone sys_tz; + +/* + * The epoch of FAT timestamp is 1980. + * : bits : value + * date: 0 - 4: day (1 - 31) + * date: 5 - 8: month (1 - 12) + * date: 9 - 15: year (0 - 127) from 1980 + * time: 0 - 4: sec (0 - 29) 2sec counts + * time: 5 - 10: min (0 - 59) + * time: 11 - 15: hour (0 - 23) + */ +#define SECS_PER_MIN 60 +#define SECS_PER_HOUR (60 * 60) +#define SECS_PER_DAY (SECS_PER_HOUR * 24) +/* days between 1.1.70 and 1.1.80 (2 leap days) */ +#define DAYS_DELTA (365 * 10 + 2) +/* 120 (2100 - 1980) isn't leap year */ +#define YEAR_2100 120 +#define IS_LEAP_YEAR(y) (!((y) & 3) && (y) != YEAR_2100) + +/* Linear day numbers of the respective 1sts in non-leap years. */ +static u32 days_in_year[] = { + /* Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec */ + 0, 0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334, 0, 0, 0, +}; + +/* Convert a FAT time/date pair to a UNIX date (seconds since 1 1 70). */ +void exfat_time_2unix(struct timespec64 *ts, u32 datetime, u8 time_cs, + s8 tz_offset) +{ + u16 date = (datetime >> 16); + u16 time = (datetime & 0xffff); + time64_t second, day, leap_day, month, year; + + year = date >> 9; + month = max(1, (date >> 5) & 0xf); + day = max(1, date & 0x1f) - 1; + + if (((tz_offset & (1 << 6)) == 0)) + tz_offset &= ~(1 << 7); + + leap_day = (year + 3) / 4; + if (year > YEAR_2100) /* 2100 isn't leap year */ + leap_day--; + if (IS_LEAP_YEAR(year) && month > 2) + leap_day++; + + second = (time & 0x1f) << 1; + second += ((time >> 5) & 0x3f) * SECS_PER_MIN; + second += (time >> 11) * SECS_PER_HOUR; + second += (year * 365 + leap_day + + days_in_year[month] + day + + DAYS_DELTA) * SECS_PER_DAY; + + second -= tz_offset * 15 * SECS_PER_MIN; + + if (time_cs) { + ts->tv_sec = second + (time_cs / 100); + ts->tv_nsec = (time_cs % 100) * 10000000; + } else { + ts->tv_sec = second; + ts->tv_nsec = 0; + } +} + +/* Convert linear UNIX date to a FAT time/date pair. */ +void exfat_time_2exfat(struct exfat_sb_info *sbi, struct timespec64 *ts, + u32 *datetime, u8 *time_cs, s8 *tz_offset) +{ + struct tm tm; + u16 time; + u16 date; + int offset; + + if (sbi->options.time_offset_set) { + offset = -sbi->options.time_offset; + } else + offset = sys_tz.tz_minuteswest; + + time64_to_tm(ts->tv_sec, -offset * SECS_PER_MIN, &tm); + + /* FAT can only support year between 1980 to 2107 */ + if (tm.tm_year < 1980 - 1900) { + time = 0; + date = cpu_to_le16((0 << 9) | (1 << 5) | 1); + if (time_cs) + *time_cs = 0; + *tz_offset = 0; + return; + } + if (tm.tm_year > 2107 - 1900) { + time = cpu_to_le16((23 << 11) | (59 << 5) | 29); + date = cpu_to_le16((127 << 9) | (12 << 5) | 31); + if (time_cs) + *time_cs = 199; + *tz_offset = 0; + return; + } + + /* from 1900 -> from 1980 */ + tm.tm_year -= 80; + /* 0~11 -> 1~12 */ + tm.tm_mon++; + /* 0~59 -> 0~29(2sec counts) */ + tm.tm_sec >>= 1; + + time = cpu_to_le16(tm.tm_hour << 11 | tm.tm_min << 5 | tm.tm_sec); + date = cpu_to_le16(tm.tm_year << 9 | tm.tm_mon << 5 | tm.tm_mday); + + *datetime = (date << 16) | time; + + if (time_cs) + *time_cs = (ts->tv_sec & 1) * 100 + ts->tv_nsec / 10000000; + *tz_offset = -offset / 15; + *tz_offset |= (1 << 7); +} diff -Nruw linux-5.15.42-fbx/fs/exfat-fbx./upcase.c linux-5.15.42-fbx/fs/exfat-fbx/upcase.c --- linux-5.15.42-fbx/fs/exfat-fbx./upcase.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/fs/exfat-fbx/upcase.c 2023-02-24 19:09:26.021439198 +0100 @@ -0,0 +1,137 @@ +/* + * upcase.c for exfat + * Created by on Wed Aug 7 11:51:37 2013 + */ + +#include +#include +#include + +#include "exfat.h" +#include "exfat_fs.h" + +static u32 exfat_calc_upcase_checksum(const u8 *data, u32 checksum, + size_t count) +{ + while (count) { + checksum = ((checksum << 31) | (checksum >> 1)) + *data; + --count; + ++data; + } + return checksum; +} + +static int exfat_load_upcase_table(struct super_block *sb, u32 disk_cluster, + u32 *out_checksum) +{ + struct exfat_sb_info *sbi = EXFAT_SB(sb); + struct buffer_head *bh; + sector_t start, sect, end; + u32 off = 0; + u32 byte_len = sbi->upcase_len * sizeof (__le16); + u32 checksum = 0; + + /* + * up-case table are not fragmented, so sequential cluster + * read will do here. + */ + start = exfat_cluster_sector(sbi, disk_cluster); + end = start + DIV_ROUND_UP(byte_len, + sbi->sectorsize); + for (sect = start; sect < end; ++sect) { + u32 len = sbi->sectorsize; + + if (sect == end - 1) + len = byte_len & sbi->sectormask; + + bh = sb_bread(sb, sect); + if (!bh) { + exfat_msg(sb, KERN_ERR, + "unable to read upcase sector %llu", + (unsigned long long)sect); + return -EIO; + } + memcpy((u8*)sbi->upcase_table + off, bh->b_data, + len); + + checksum = exfat_calc_upcase_checksum(bh->b_data, checksum, + len); + + off += len; + brelse(bh); + } + + BUG_ON(off != byte_len); + *out_checksum = checksum; + return 0; +} + +int exfat_upcase_init(struct inode *root) +{ + struct exfat_sb_info *sbi = EXFAT_SB(root->i_sb); + struct exfat_upcase_entry *upcase; + struct exfat_dir_ctx dctx; + int error; + u64 upcase_length; + u32 checksum; + + /* + * configure directory context and look for an upcase table + * entry. + */ + if (exfat_init_dir_ctx(root, &dctx, 0) < 0) + return -EIO; + + error = -EIO; + upcase = __exfat_dentry_next(&dctx, E_EXFAT_UPCASE_TABLE, 0xff, + true, NULL); + if (!upcase) + goto fail; + + /* + * check upcase table length. we need it to be non-zero, + * ending on a __le16 boundary and provide at most a + * conversion for the whole __le16 space. + */ + upcase_length = __le64_to_cpu(upcase->length); + if (upcase_length == 0 || + upcase_length & (sizeof (__le16) - 1) || + upcase_length > 0xffff * sizeof (__le16)) { + exfat_msg(root->i_sb, KERN_ERR, "invalid upcase length %llu", + (unsigned long long)upcase_length); + goto fail; + } + + /* + * load complete upcase table in memory. + */ + error = -ENOMEM; + sbi->upcase_len = upcase_length / sizeof (__le16); + sbi->upcase_table = kmalloc(upcase_length, GFP_NOFS); + if (!sbi->upcase_table) + goto fail; + + error = exfat_load_upcase_table(root->i_sb, + __le32_to_cpu(upcase->cluster_addr), + &checksum); + if (error) + goto fail; + + if (checksum != __le32_to_cpu(upcase->checksum)) { + exfat_msg(root->i_sb, KERN_INFO, + "upcase table checksum mismatch: have %08x, " + "expect %08x", checksum, + __le32_to_cpu(upcase->checksum)); + error = -EINVAL; + goto fail; + } + + exfat_cleanup_dir_ctx(&dctx); + return 0; + +fail: + if (sbi->upcase_table) + kfree(sbi->upcase_table); + exfat_cleanup_dir_ctx(&dctx); + return error; +} --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/fs/ksmbd/netmisc.c 2024-04-22 14:46:57.124246691 +0200 @@ -0,0 +1,606 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Copyright (c) International Business Machines Corp., 2002,2008 + * Author(s): Steve French (sfrench@us.ibm.com) + * + * Error mapping routines from Samba libsmb/errormap.c + * Copyright (C) Andrew Tridgell 2001 + */ + +#include "glob.h" +#include "smberr.h" +#include "nterr.h" +#include "smb_common.h" + +/***************************************************************************** + * convert a NT status code to a dos class/code + *****************************************************************************/ +/* NT status -> dos error map */ +static const struct { + __u8 dos_class; + __u16 dos_code; + __u32 ntstatus; +} ntstatus_to_dos_map[] = { + { + ERRDOS, ERRgeneral, NT_STATUS_UNSUCCESSFUL}, { + ERRDOS, ERRbadfunc, NT_STATUS_NOT_IMPLEMENTED}, { + ERRDOS, ERRinvlevel, NT_STATUS_INVALID_INFO_CLASS}, { + ERRDOS, 24, NT_STATUS_INFO_LENGTH_MISMATCH}, { + ERRHRD, ERRgeneral, NT_STATUS_ACCESS_VIOLATION}, { + ERRHRD, ERRgeneral, NT_STATUS_IN_PAGE_ERROR}, { + ERRHRD, ERRgeneral, NT_STATUS_PAGEFILE_QUOTA}, { + ERRDOS, ERRbadfid, NT_STATUS_INVALID_HANDLE}, { + ERRHRD, ERRgeneral, NT_STATUS_BAD_INITIAL_STACK}, { + ERRDOS, 193, NT_STATUS_BAD_INITIAL_PC}, { + ERRDOS, 87, NT_STATUS_INVALID_CID}, { + ERRHRD, ERRgeneral, NT_STATUS_TIMER_NOT_CANCELED}, { + ERRDOS, 87, NT_STATUS_INVALID_PARAMETER}, { + ERRDOS, ERRbadfile, NT_STATUS_NO_SUCH_DEVICE}, { + ERRDOS, ERRbadfile, NT_STATUS_NO_SUCH_FILE}, { + ERRDOS, ERRbadfunc, NT_STATUS_INVALID_DEVICE_REQUEST}, { + ERRDOS, 38, NT_STATUS_END_OF_FILE}, { + ERRDOS, 34, NT_STATUS_WRONG_VOLUME}, { + ERRDOS, 21, NT_STATUS_NO_MEDIA_IN_DEVICE}, { + ERRHRD, ERRgeneral, NT_STATUS_UNRECOGNIZED_MEDIA}, { + ERRDOS, 27, NT_STATUS_NONEXISTENT_SECTOR}, +/* { This NT error code was 'sqashed' + * from NT_STATUS_MORE_PROCESSING_REQUIRED to NT_STATUS_OK + * during the session setup } + */ + { + ERRDOS, ERRnomem, NT_STATUS_NO_MEMORY}, { + ERRDOS, 487, NT_STATUS_CONFLICTING_ADDRESSES}, { + ERRDOS, 487, NT_STATUS_NOT_MAPPED_VIEW}, { + ERRDOS, 87, NT_STATUS_UNABLE_TO_FREE_VM}, { + ERRDOS, 87, NT_STATUS_UNABLE_TO_DELETE_SECTION}, { + ERRDOS, 2142, NT_STATUS_INVALID_SYSTEM_SERVICE}, { + ERRHRD, ERRgeneral, NT_STATUS_ILLEGAL_INSTRUCTION}, { + ERRDOS, ERRnoaccess, NT_STATUS_INVALID_LOCK_SEQUENCE}, { + ERRDOS, ERRnoaccess, NT_STATUS_INVALID_VIEW_SIZE}, { + ERRDOS, 193, NT_STATUS_INVALID_FILE_FOR_SECTION}, { + ERRDOS, ERRnoaccess, NT_STATUS_ALREADY_COMMITTED}, +/* { This NT error code was 'sqashed' + * from NT_STATUS_ACCESS_DENIED to NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE + * during the session setup } + */ + { + ERRDOS, ERRnoaccess, NT_STATUS_ACCESS_DENIED}, { + ERRDOS, 111, NT_STATUS_BUFFER_TOO_SMALL}, { + ERRDOS, ERRbadfid, NT_STATUS_OBJECT_TYPE_MISMATCH}, { + ERRHRD, ERRgeneral, NT_STATUS_NONCONTINUABLE_EXCEPTION}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_DISPOSITION}, { + ERRHRD, ERRgeneral, NT_STATUS_UNWIND}, { + ERRHRD, ERRgeneral, NT_STATUS_BAD_STACK}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_UNWIND_TARGET}, { + ERRDOS, 158, NT_STATUS_NOT_LOCKED}, { + ERRHRD, ERRgeneral, NT_STATUS_PARITY_ERROR}, { + ERRDOS, 487, NT_STATUS_UNABLE_TO_DECOMMIT_VM}, { + ERRDOS, 487, NT_STATUS_NOT_COMMITTED}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_PORT_ATTRIBUTES}, { + ERRHRD, ERRgeneral, NT_STATUS_PORT_MESSAGE_TOO_LONG}, { + ERRDOS, 87, NT_STATUS_INVALID_PARAMETER_MIX}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_QUOTA_LOWER}, { + ERRHRD, ERRgeneral, NT_STATUS_DISK_CORRUPT_ERROR}, { + /* mapping changed since shell does lookup on * expects FileNotFound */ + ERRDOS, ERRbadfile, NT_STATUS_OBJECT_NAME_INVALID}, { + ERRDOS, ERRbadfile, NT_STATUS_OBJECT_NAME_NOT_FOUND}, { + ERRDOS, ERRalreadyexists, NT_STATUS_OBJECT_NAME_COLLISION}, { + ERRHRD, ERRgeneral, NT_STATUS_HANDLE_NOT_WAITABLE}, { + ERRDOS, ERRbadfid, NT_STATUS_PORT_DISCONNECTED}, { + ERRHRD, ERRgeneral, NT_STATUS_DEVICE_ALREADY_ATTACHED}, { + ERRDOS, 161, NT_STATUS_OBJECT_PATH_INVALID}, { + ERRDOS, ERRbadpath, NT_STATUS_OBJECT_PATH_NOT_FOUND}, { + ERRDOS, 161, NT_STATUS_OBJECT_PATH_SYNTAX_BAD}, { + ERRHRD, ERRgeneral, NT_STATUS_DATA_OVERRUN}, { + ERRHRD, ERRgeneral, NT_STATUS_DATA_LATE_ERROR}, { + ERRDOS, 23, NT_STATUS_DATA_ERROR}, { + ERRDOS, 23, NT_STATUS_CRC_ERROR}, { + ERRDOS, ERRnomem, NT_STATUS_SECTION_TOO_BIG}, { + ERRDOS, ERRnoaccess, NT_STATUS_PORT_CONNECTION_REFUSED}, { + ERRDOS, ERRbadfid, NT_STATUS_INVALID_PORT_HANDLE}, { + ERRDOS, ERRbadshare, NT_STATUS_SHARING_VIOLATION}, { + ERRHRD, ERRgeneral, NT_STATUS_QUOTA_EXCEEDED}, { + ERRDOS, 87, NT_STATUS_INVALID_PAGE_PROTECTION}, { + ERRDOS, 288, NT_STATUS_MUTANT_NOT_OWNED}, { + ERRDOS, 298, NT_STATUS_SEMAPHORE_LIMIT_EXCEEDED}, { + ERRDOS, 87, NT_STATUS_PORT_ALREADY_SET}, { + ERRDOS, 87, NT_STATUS_SECTION_NOT_IMAGE}, { + ERRDOS, 156, NT_STATUS_SUSPEND_COUNT_EXCEEDED}, { + ERRDOS, ERRnoaccess, NT_STATUS_THREAD_IS_TERMINATING}, { + ERRDOS, 87, NT_STATUS_BAD_WORKING_SET_LIMIT}, { + ERRDOS, 87, NT_STATUS_INCOMPATIBLE_FILE_MAP}, { + ERRDOS, 87, NT_STATUS_SECTION_PROTECTION}, { + ERRDOS, ERReasnotsupported, NT_STATUS_EAS_NOT_SUPPORTED}, { + ERRDOS, 255, NT_STATUS_EA_TOO_LARGE}, { + ERRHRD, ERRgeneral, NT_STATUS_NONEXISTENT_EA_ENTRY}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_EAS_ON_FILE}, { + ERRHRD, ERRgeneral, NT_STATUS_EA_CORRUPT_ERROR}, { + ERRDOS, ERRlock, NT_STATUS_FILE_LOCK_CONFLICT}, { + ERRDOS, ERRlock, NT_STATUS_LOCK_NOT_GRANTED}, { + ERRDOS, ERRbadfile, NT_STATUS_DELETE_PENDING}, { + ERRDOS, ERRunsup, NT_STATUS_CTL_FILE_NOT_SUPPORTED}, { + ERRHRD, ERRgeneral, NT_STATUS_UNKNOWN_REVISION}, { + ERRHRD, ERRgeneral, NT_STATUS_REVISION_MISMATCH}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_OWNER}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_PRIMARY_GROUP}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_IMPERSONATION_TOKEN}, { + ERRHRD, ERRgeneral, NT_STATUS_CANT_DISABLE_MANDATORY}, { + ERRDOS, 2215, NT_STATUS_NO_LOGON_SERVERS}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_SUCH_LOGON_SESSION}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_SUCH_PRIVILEGE}, { + ERRDOS, ERRnoaccess, NT_STATUS_PRIVILEGE_NOT_HELD}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_ACCOUNT_NAME}, { + ERRHRD, ERRgeneral, NT_STATUS_USER_EXISTS}, +/* { This NT error code was 'sqashed' + * from NT_STATUS_NO_SUCH_USER to NT_STATUS_LOGON_FAILURE + * during the session setup } + */ + { + ERRDOS, ERRnoaccess, NT_STATUS_NO_SUCH_USER}, { /* could map to 2238 */ + ERRHRD, ERRgeneral, NT_STATUS_GROUP_EXISTS}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_SUCH_GROUP}, { + ERRHRD, ERRgeneral, NT_STATUS_MEMBER_IN_GROUP}, { + ERRHRD, ERRgeneral, NT_STATUS_MEMBER_NOT_IN_GROUP}, { + ERRHRD, ERRgeneral, NT_STATUS_LAST_ADMIN}, +/* { This NT error code was 'sqashed' + * from NT_STATUS_WRONG_PASSWORD to NT_STATUS_LOGON_FAILURE + * during the session setup } + */ + { + ERRSRV, ERRbadpw, NT_STATUS_WRONG_PASSWORD}, { + ERRHRD, ERRgeneral, NT_STATUS_ILL_FORMED_PASSWORD}, { + ERRHRD, ERRgeneral, NT_STATUS_PASSWORD_RESTRICTION}, { + ERRDOS, ERRnoaccess, NT_STATUS_LOGON_FAILURE}, { + ERRHRD, ERRgeneral, NT_STATUS_ACCOUNT_RESTRICTION}, { + ERRSRV, ERRbadLogonTime, NT_STATUS_INVALID_LOGON_HOURS}, { + ERRSRV, ERRbadclient, NT_STATUS_INVALID_WORKSTATION}, { + ERRSRV, ERRpasswordExpired, NT_STATUS_PASSWORD_EXPIRED}, { + ERRSRV, ERRaccountexpired, NT_STATUS_ACCOUNT_DISABLED}, { + ERRHRD, ERRgeneral, NT_STATUS_NONE_MAPPED}, { + ERRHRD, ERRgeneral, NT_STATUS_TOO_MANY_LUIDS_REQUESTED}, { + ERRHRD, ERRgeneral, NT_STATUS_LUIDS_EXHAUSTED}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_SUB_AUTHORITY}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_ACL}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_SID}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_SECURITY_DESCR}, { + ERRDOS, 127, NT_STATUS_PROCEDURE_NOT_FOUND}, { + ERRDOS, 193, NT_STATUS_INVALID_IMAGE_FORMAT}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_TOKEN}, { + ERRHRD, ERRgeneral, NT_STATUS_BAD_INHERITANCE_ACL}, { + ERRDOS, 158, NT_STATUS_RANGE_NOT_LOCKED}, { + ERRDOS, 112, NT_STATUS_DISK_FULL}, { + ERRHRD, ERRgeneral, NT_STATUS_SERVER_DISABLED}, { + ERRHRD, ERRgeneral, NT_STATUS_SERVER_NOT_DISABLED}, { + ERRDOS, 68, NT_STATUS_TOO_MANY_GUIDS_REQUESTED}, { + ERRDOS, 259, NT_STATUS_GUIDS_EXHAUSTED}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_ID_AUTHORITY}, { + ERRDOS, 259, NT_STATUS_AGENTS_EXHAUSTED}, { + ERRDOS, 154, NT_STATUS_INVALID_VOLUME_LABEL}, { + ERRDOS, 14, NT_STATUS_SECTION_NOT_EXTENDED}, { + ERRDOS, 487, NT_STATUS_NOT_MAPPED_DATA}, { + ERRHRD, ERRgeneral, NT_STATUS_RESOURCE_DATA_NOT_FOUND}, { + ERRHRD, ERRgeneral, NT_STATUS_RESOURCE_TYPE_NOT_FOUND}, { + ERRHRD, ERRgeneral, NT_STATUS_RESOURCE_NAME_NOT_FOUND}, { + ERRHRD, ERRgeneral, NT_STATUS_ARRAY_BOUNDS_EXCEEDED}, { + ERRHRD, ERRgeneral, NT_STATUS_FLOAT_DENORMAL_OPERAND}, { + ERRHRD, ERRgeneral, NT_STATUS_FLOAT_DIVIDE_BY_ZERO}, { + ERRHRD, ERRgeneral, NT_STATUS_FLOAT_INEXACT_RESULT}, { + ERRHRD, ERRgeneral, NT_STATUS_FLOAT_INVALID_OPERATION}, { + ERRHRD, ERRgeneral, NT_STATUS_FLOAT_OVERFLOW}, { + ERRHRD, ERRgeneral, NT_STATUS_FLOAT_STACK_CHECK}, { + ERRHRD, ERRgeneral, NT_STATUS_FLOAT_UNDERFLOW}, { + ERRHRD, ERRgeneral, NT_STATUS_INTEGER_DIVIDE_BY_ZERO}, { + ERRDOS, 534, NT_STATUS_INTEGER_OVERFLOW}, { + ERRHRD, ERRgeneral, NT_STATUS_PRIVILEGED_INSTRUCTION}, { + ERRDOS, ERRnomem, NT_STATUS_TOO_MANY_PAGING_FILES}, { + ERRHRD, ERRgeneral, NT_STATUS_FILE_INVALID}, { + ERRHRD, ERRgeneral, NT_STATUS_ALLOTTED_SPACE_EXCEEDED}, +/* { This NT error code was 'sqashed' + * from NT_STATUS_INSUFFICIENT_RESOURCES to + * NT_STATUS_INSUFF_SERVER_RESOURCES during the session setup } + */ + { + ERRDOS, ERRnoresource, NT_STATUS_INSUFFICIENT_RESOURCES}, { + ERRDOS, ERRbadpath, NT_STATUS_DFS_EXIT_PATH_FOUND}, { + ERRDOS, 23, NT_STATUS_DEVICE_DATA_ERROR}, { + ERRHRD, ERRgeneral, NT_STATUS_DEVICE_NOT_CONNECTED}, { + ERRDOS, 21, NT_STATUS_DEVICE_POWER_FAILURE}, { + ERRDOS, 487, NT_STATUS_FREE_VM_NOT_AT_BASE}, { + ERRDOS, 487, NT_STATUS_MEMORY_NOT_ALLOCATED}, { + ERRHRD, ERRgeneral, NT_STATUS_WORKING_SET_QUOTA}, { + ERRDOS, 19, NT_STATUS_MEDIA_WRITE_PROTECTED}, { + ERRDOS, 21, NT_STATUS_DEVICE_NOT_READY}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_GROUP_ATTRIBUTES}, { + ERRHRD, ERRgeneral, NT_STATUS_BAD_IMPERSONATION_LEVEL}, { + ERRHRD, ERRgeneral, NT_STATUS_CANT_OPEN_ANONYMOUS}, { + ERRHRD, ERRgeneral, NT_STATUS_BAD_VALIDATION_CLASS}, { + ERRHRD, ERRgeneral, NT_STATUS_BAD_TOKEN_TYPE}, { + ERRDOS, 87, NT_STATUS_BAD_MASTER_BOOT_RECORD}, { + ERRHRD, ERRgeneral, NT_STATUS_INSTRUCTION_MISALIGNMENT}, { + ERRDOS, ERRpipebusy, NT_STATUS_INSTANCE_NOT_AVAILABLE}, { + ERRDOS, ERRpipebusy, NT_STATUS_PIPE_NOT_AVAILABLE}, { + ERRDOS, ERRbadpipe, NT_STATUS_INVALID_PIPE_STATE}, { + ERRDOS, ERRpipebusy, NT_STATUS_PIPE_BUSY}, { + ERRDOS, ERRbadfunc, NT_STATUS_ILLEGAL_FUNCTION}, { + ERRDOS, ERRnotconnected, NT_STATUS_PIPE_DISCONNECTED}, { + ERRDOS, ERRpipeclosing, NT_STATUS_PIPE_CLOSING}, { + ERRHRD, ERRgeneral, NT_STATUS_PIPE_CONNECTED}, { + ERRHRD, ERRgeneral, NT_STATUS_PIPE_LISTENING}, { + ERRDOS, ERRbadpipe, NT_STATUS_INVALID_READ_MODE}, { + ERRDOS, 121, NT_STATUS_IO_TIMEOUT}, { + ERRDOS, 38, NT_STATUS_FILE_FORCED_CLOSED}, { + ERRHRD, ERRgeneral, NT_STATUS_PROFILING_NOT_STARTED}, { + ERRHRD, ERRgeneral, NT_STATUS_PROFILING_NOT_STOPPED}, { + ERRHRD, ERRgeneral, NT_STATUS_COULD_NOT_INTERPRET}, { + ERRDOS, ERRnoaccess, NT_STATUS_FILE_IS_A_DIRECTORY}, { + ERRDOS, ERRunsup, NT_STATUS_NOT_SUPPORTED}, { + ERRDOS, 51, NT_STATUS_REMOTE_NOT_LISTENING}, { + ERRDOS, 52, NT_STATUS_DUPLICATE_NAME}, { + ERRDOS, 53, NT_STATUS_BAD_NETWORK_PATH}, { + ERRDOS, 54, NT_STATUS_NETWORK_BUSY}, { + ERRDOS, 55, NT_STATUS_DEVICE_DOES_NOT_EXIST}, { + ERRDOS, 56, NT_STATUS_TOO_MANY_COMMANDS}, { + ERRDOS, 57, NT_STATUS_ADAPTER_HARDWARE_ERROR}, { + ERRDOS, 58, NT_STATUS_INVALID_NETWORK_RESPONSE}, { + ERRDOS, 59, NT_STATUS_UNEXPECTED_NETWORK_ERROR}, { + ERRDOS, 60, NT_STATUS_BAD_REMOTE_ADAPTER}, { + ERRDOS, 61, NT_STATUS_PRINT_QUEUE_FULL}, { + ERRDOS, 62, NT_STATUS_NO_SPOOL_SPACE}, { + ERRDOS, 63, NT_STATUS_PRINT_CANCELLED}, { + ERRDOS, 64, NT_STATUS_NETWORK_NAME_DELETED}, { + ERRDOS, 65, NT_STATUS_NETWORK_ACCESS_DENIED}, { + ERRDOS, 66, NT_STATUS_BAD_DEVICE_TYPE}, { + ERRDOS, ERRnosuchshare, NT_STATUS_BAD_NETWORK_NAME}, { + ERRDOS, 68, NT_STATUS_TOO_MANY_NAMES}, { + ERRDOS, 69, NT_STATUS_TOO_MANY_SESSIONS}, { + ERRDOS, 70, NT_STATUS_SHARING_PAUSED}, { + ERRDOS, 71, NT_STATUS_REQUEST_NOT_ACCEPTED}, { + ERRDOS, 72, NT_STATUS_REDIRECTOR_PAUSED}, { + ERRDOS, 88, NT_STATUS_NET_WRITE_FAULT}, { + ERRHRD, ERRgeneral, NT_STATUS_PROFILING_AT_LIMIT}, { + ERRDOS, ERRdiffdevice, NT_STATUS_NOT_SAME_DEVICE}, { + ERRDOS, ERRnoaccess, NT_STATUS_FILE_RENAMED}, { + ERRDOS, 240, NT_STATUS_VIRTUAL_CIRCUIT_CLOSED}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_SECURITY_ON_OBJECT}, { + ERRHRD, ERRgeneral, NT_STATUS_CANT_WAIT}, { + ERRDOS, ERRpipeclosing, NT_STATUS_PIPE_EMPTY}, { + ERRHRD, ERRgeneral, NT_STATUS_CANT_ACCESS_DOMAIN_INFO}, { + ERRHRD, ERRgeneral, NT_STATUS_CANT_TERMINATE_SELF}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_SERVER_STATE}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_DOMAIN_STATE}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_DOMAIN_ROLE}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_SUCH_DOMAIN}, { + ERRHRD, ERRgeneral, NT_STATUS_DOMAIN_EXISTS}, { + ERRHRD, ERRgeneral, NT_STATUS_DOMAIN_LIMIT_EXCEEDED}, { + ERRDOS, 300, NT_STATUS_OPLOCK_NOT_GRANTED}, { + ERRDOS, 301, NT_STATUS_INVALID_OPLOCK_PROTOCOL}, { + ERRHRD, ERRgeneral, NT_STATUS_INTERNAL_DB_CORRUPTION}, { + ERRHRD, ERRgeneral, NT_STATUS_INTERNAL_ERROR}, { + ERRHRD, ERRgeneral, NT_STATUS_GENERIC_NOT_MAPPED}, { + ERRHRD, ERRgeneral, NT_STATUS_BAD_DESCRIPTOR_FORMAT}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_USER_BUFFER}, { + ERRHRD, ERRgeneral, NT_STATUS_UNEXPECTED_IO_ERROR}, { + ERRHRD, ERRgeneral, NT_STATUS_UNEXPECTED_MM_CREATE_ERR}, { + ERRHRD, ERRgeneral, NT_STATUS_UNEXPECTED_MM_MAP_ERROR}, { + ERRHRD, ERRgeneral, NT_STATUS_UNEXPECTED_MM_EXTEND_ERR}, { + ERRHRD, ERRgeneral, NT_STATUS_NOT_LOGON_PROCESS}, { + ERRHRD, ERRgeneral, NT_STATUS_LOGON_SESSION_EXISTS}, { + ERRDOS, 87, NT_STATUS_INVALID_PARAMETER_1}, { + ERRDOS, 87, NT_STATUS_INVALID_PARAMETER_2}, { + ERRDOS, 87, NT_STATUS_INVALID_PARAMETER_3}, { + ERRDOS, 87, NT_STATUS_INVALID_PARAMETER_4}, { + ERRDOS, 87, NT_STATUS_INVALID_PARAMETER_5}, { + ERRDOS, 87, NT_STATUS_INVALID_PARAMETER_6}, { + ERRDOS, 87, NT_STATUS_INVALID_PARAMETER_7}, { + ERRDOS, 87, NT_STATUS_INVALID_PARAMETER_8}, { + ERRDOS, 87, NT_STATUS_INVALID_PARAMETER_9}, { + ERRDOS, 87, NT_STATUS_INVALID_PARAMETER_10}, { + ERRDOS, 87, NT_STATUS_INVALID_PARAMETER_11}, { + ERRDOS, 87, NT_STATUS_INVALID_PARAMETER_12}, { + ERRDOS, ERRbadpath, NT_STATUS_REDIRECTOR_NOT_STARTED}, { + ERRHRD, ERRgeneral, NT_STATUS_REDIRECTOR_STARTED}, { + ERRHRD, ERRgeneral, NT_STATUS_STACK_OVERFLOW}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_SUCH_PACKAGE}, { + ERRHRD, ERRgeneral, NT_STATUS_BAD_FUNCTION_TABLE}, { + ERRDOS, 203, 0xc0000100}, { + ERRDOS, 145, NT_STATUS_DIRECTORY_NOT_EMPTY}, { + ERRHRD, ERRgeneral, NT_STATUS_FILE_CORRUPT_ERROR}, { + ERRDOS, 267, NT_STATUS_NOT_A_DIRECTORY}, { + ERRHRD, ERRgeneral, NT_STATUS_BAD_LOGON_SESSION_STATE}, { + ERRHRD, ERRgeneral, NT_STATUS_LOGON_SESSION_COLLISION}, { + ERRDOS, 206, NT_STATUS_NAME_TOO_LONG}, { + ERRDOS, 2401, NT_STATUS_FILES_OPEN}, { + ERRDOS, 2404, NT_STATUS_CONNECTION_IN_USE}, { + ERRHRD, ERRgeneral, NT_STATUS_MESSAGE_NOT_FOUND}, { + ERRDOS, ERRnoaccess, NT_STATUS_PROCESS_IS_TERMINATING}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_LOGON_TYPE}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_GUID_TRANSLATION}, { + ERRHRD, ERRgeneral, NT_STATUS_CANNOT_IMPERSONATE}, { + ERRHRD, ERRgeneral, NT_STATUS_IMAGE_ALREADY_LOADED}, { + ERRHRD, ERRgeneral, NT_STATUS_ABIOS_NOT_PRESENT}, { + ERRHRD, ERRgeneral, NT_STATUS_ABIOS_LID_NOT_EXIST}, { + ERRHRD, ERRgeneral, NT_STATUS_ABIOS_LID_ALREADY_OWNED}, { + ERRHRD, ERRgeneral, NT_STATUS_ABIOS_NOT_LID_OWNER}, { + ERRHRD, ERRgeneral, NT_STATUS_ABIOS_INVALID_COMMAND}, { + ERRHRD, ERRgeneral, NT_STATUS_ABIOS_INVALID_LID}, { + ERRHRD, ERRgeneral, NT_STATUS_ABIOS_SELECTOR_NOT_AVAILABLE}, { + ERRHRD, ERRgeneral, NT_STATUS_ABIOS_INVALID_SELECTOR}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_LDT}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_LDT_SIZE}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_LDT_OFFSET}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_LDT_DESCRIPTOR}, { + ERRDOS, 193, NT_STATUS_INVALID_IMAGE_NE_FORMAT}, { + ERRHRD, ERRgeneral, NT_STATUS_RXACT_INVALID_STATE}, { + ERRHRD, ERRgeneral, NT_STATUS_RXACT_COMMIT_FAILURE}, { + ERRHRD, ERRgeneral, NT_STATUS_MAPPED_FILE_SIZE_ZERO}, { + ERRDOS, ERRnofids, NT_STATUS_TOO_MANY_OPENED_FILES}, { + ERRHRD, ERRgeneral, NT_STATUS_CANCELLED}, { + ERRDOS, ERRnoaccess, NT_STATUS_CANNOT_DELETE}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_COMPUTER_NAME}, { + ERRDOS, ERRnoaccess, NT_STATUS_FILE_DELETED}, { + ERRHRD, ERRgeneral, NT_STATUS_SPECIAL_ACCOUNT}, { + ERRHRD, ERRgeneral, NT_STATUS_SPECIAL_GROUP}, { + ERRHRD, ERRgeneral, NT_STATUS_SPECIAL_USER}, { + ERRHRD, ERRgeneral, NT_STATUS_MEMBERS_PRIMARY_GROUP}, { + ERRDOS, ERRbadfid, NT_STATUS_FILE_CLOSED}, { + ERRHRD, ERRgeneral, NT_STATUS_TOO_MANY_THREADS}, { + ERRHRD, ERRgeneral, NT_STATUS_THREAD_NOT_IN_PROCESS}, { + ERRHRD, ERRgeneral, NT_STATUS_TOKEN_ALREADY_IN_USE}, { + ERRHRD, ERRgeneral, NT_STATUS_PAGEFILE_QUOTA_EXCEEDED}, { + ERRHRD, ERRgeneral, NT_STATUS_COMMITMENT_LIMIT}, { + ERRDOS, 193, NT_STATUS_INVALID_IMAGE_LE_FORMAT}, { + ERRDOS, 193, NT_STATUS_INVALID_IMAGE_NOT_MZ}, { + ERRDOS, 193, NT_STATUS_INVALID_IMAGE_PROTECT}, { + ERRDOS, 193, NT_STATUS_INVALID_IMAGE_WIN_16}, { + ERRHRD, ERRgeneral, NT_STATUS_LOGON_SERVER_CONFLICT}, { + ERRHRD, ERRgeneral, NT_STATUS_TIME_DIFFERENCE_AT_DC}, { + ERRHRD, ERRgeneral, NT_STATUS_SYNCHRONIZATION_REQUIRED}, { + ERRDOS, 126, NT_STATUS_DLL_NOT_FOUND}, { + ERRHRD, ERRgeneral, NT_STATUS_OPEN_FAILED}, { + ERRHRD, ERRgeneral, NT_STATUS_IO_PRIVILEGE_FAILED}, { + ERRDOS, 182, NT_STATUS_ORDINAL_NOT_FOUND}, { + ERRDOS, 127, NT_STATUS_ENTRYPOINT_NOT_FOUND}, { + ERRHRD, ERRgeneral, NT_STATUS_CONTROL_C_EXIT}, { + ERRDOS, 64, NT_STATUS_LOCAL_DISCONNECT}, { + ERRDOS, 64, NT_STATUS_REMOTE_DISCONNECT}, { + ERRDOS, 51, NT_STATUS_REMOTE_RESOURCES}, { + ERRDOS, 59, NT_STATUS_LINK_FAILED}, { + ERRDOS, 59, NT_STATUS_LINK_TIMEOUT}, { + ERRDOS, 59, NT_STATUS_INVALID_CONNECTION}, { + ERRDOS, 59, NT_STATUS_INVALID_ADDRESS}, { + ERRHRD, ERRgeneral, NT_STATUS_DLL_INIT_FAILED}, { + ERRHRD, ERRgeneral, NT_STATUS_MISSING_SYSTEMFILE}, { + ERRHRD, ERRgeneral, NT_STATUS_UNHANDLED_EXCEPTION}, { + ERRHRD, ERRgeneral, NT_STATUS_APP_INIT_FAILURE}, { + ERRHRD, ERRgeneral, NT_STATUS_PAGEFILE_CREATE_FAILED}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_PAGEFILE}, { + ERRDOS, 124, NT_STATUS_INVALID_LEVEL}, { + ERRDOS, 86, NT_STATUS_WRONG_PASSWORD_CORE}, { + ERRHRD, ERRgeneral, NT_STATUS_ILLEGAL_FLOAT_CONTEXT}, { + ERRDOS, 109, NT_STATUS_PIPE_BROKEN}, { + ERRHRD, ERRgeneral, NT_STATUS_REGISTRY_CORRUPT}, { + ERRHRD, ERRgeneral, NT_STATUS_REGISTRY_IO_FAILED}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_EVENT_PAIR}, { + ERRHRD, ERRgeneral, NT_STATUS_UNRECOGNIZED_VOLUME}, { + ERRHRD, ERRgeneral, NT_STATUS_SERIAL_NO_DEVICE_INITED}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_SUCH_ALIAS}, { + ERRHRD, ERRgeneral, NT_STATUS_MEMBER_NOT_IN_ALIAS}, { + ERRHRD, ERRgeneral, NT_STATUS_MEMBER_IN_ALIAS}, { + ERRHRD, ERRgeneral, NT_STATUS_ALIAS_EXISTS}, { + ERRHRD, ERRgeneral, NT_STATUS_LOGON_NOT_GRANTED}, { + ERRHRD, ERRgeneral, NT_STATUS_TOO_MANY_SECRETS}, { + ERRHRD, ERRgeneral, NT_STATUS_SECRET_TOO_LONG}, { + ERRHRD, ERRgeneral, NT_STATUS_INTERNAL_DB_ERROR}, { + ERRHRD, ERRgeneral, NT_STATUS_FULLSCREEN_MODE}, { + ERRHRD, ERRgeneral, NT_STATUS_TOO_MANY_CONTEXT_IDS}, { + ERRDOS, ERRnoaccess, NT_STATUS_LOGON_TYPE_NOT_GRANTED}, { + ERRHRD, ERRgeneral, NT_STATUS_NOT_REGISTRY_FILE}, { + ERRHRD, ERRgeneral, NT_STATUS_NT_CROSS_ENCRYPTION_REQUIRED}, { + ERRHRD, ERRgeneral, NT_STATUS_DOMAIN_CTRLR_CONFIG_ERROR}, { + ERRHRD, ERRgeneral, NT_STATUS_FT_MISSING_MEMBER}, { + ERRHRD, ERRgeneral, NT_STATUS_ILL_FORMED_SERVICE_ENTRY}, { + ERRHRD, ERRgeneral, NT_STATUS_ILLEGAL_CHARACTER}, { + ERRHRD, ERRgeneral, NT_STATUS_UNMAPPABLE_CHARACTER}, { + ERRHRD, ERRgeneral, NT_STATUS_UNDEFINED_CHARACTER}, { + ERRHRD, ERRgeneral, NT_STATUS_FLOPPY_VOLUME}, { + ERRHRD, ERRgeneral, NT_STATUS_FLOPPY_ID_MARK_NOT_FOUND}, { + ERRHRD, ERRgeneral, NT_STATUS_FLOPPY_WRONG_CYLINDER}, { + ERRHRD, ERRgeneral, NT_STATUS_FLOPPY_UNKNOWN_ERROR}, { + ERRHRD, ERRgeneral, NT_STATUS_FLOPPY_BAD_REGISTERS}, { + ERRHRD, ERRgeneral, NT_STATUS_DISK_RECALIBRATE_FAILED}, { + ERRHRD, ERRgeneral, NT_STATUS_DISK_OPERATION_FAILED}, { + ERRHRD, ERRgeneral, NT_STATUS_DISK_RESET_FAILED}, { + ERRHRD, ERRgeneral, NT_STATUS_SHARED_IRQ_BUSY}, { + ERRHRD, ERRgeneral, NT_STATUS_FT_ORPHANING}, { + ERRHRD, ERRgeneral, 0xc000016e}, { + ERRHRD, ERRgeneral, 0xc000016f}, { + ERRHRD, ERRgeneral, 0xc0000170}, { + ERRHRD, ERRgeneral, 0xc0000171}, { + ERRHRD, ERRgeneral, NT_STATUS_PARTITION_FAILURE}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_BLOCK_LENGTH}, { + ERRHRD, ERRgeneral, NT_STATUS_DEVICE_NOT_PARTITIONED}, { + ERRHRD, ERRgeneral, NT_STATUS_UNABLE_TO_LOCK_MEDIA}, { + ERRHRD, ERRgeneral, NT_STATUS_UNABLE_TO_UNLOAD_MEDIA}, { + ERRHRD, ERRgeneral, NT_STATUS_EOM_OVERFLOW}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_MEDIA}, { + ERRHRD, ERRgeneral, 0xc0000179}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_SUCH_MEMBER}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_MEMBER}, { + ERRHRD, ERRgeneral, NT_STATUS_KEY_DELETED}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_LOG_SPACE}, { + ERRHRD, ERRgeneral, NT_STATUS_TOO_MANY_SIDS}, { + ERRHRD, ERRgeneral, NT_STATUS_LM_CROSS_ENCRYPTION_REQUIRED}, { + ERRHRD, ERRgeneral, NT_STATUS_KEY_HAS_CHILDREN}, { + ERRHRD, ERRgeneral, NT_STATUS_CHILD_MUST_BE_VOLATILE}, { + ERRDOS, 87, NT_STATUS_DEVICE_CONFIGURATION_ERROR}, { + ERRHRD, ERRgeneral, NT_STATUS_DRIVER_INTERNAL_ERROR}, { + ERRDOS, 22, NT_STATUS_INVALID_DEVICE_STATE}, { + ERRHRD, ERRgeneral, NT_STATUS_IO_DEVICE_ERROR}, { + ERRHRD, ERRgeneral, NT_STATUS_DEVICE_PROTOCOL_ERROR}, { + ERRHRD, ERRgeneral, NT_STATUS_BACKUP_CONTROLLER}, { + ERRHRD, ERRgeneral, NT_STATUS_LOG_FILE_FULL}, { + ERRDOS, 19, NT_STATUS_TOO_LATE}, { + ERRDOS, ERRnoaccess, NT_STATUS_NO_TRUST_LSA_SECRET}, +/* { This NT error code was 'sqashed' + * from NT_STATUS_NO_TRUST_SAM_ACCOUNT to + * NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE during the session setup } + */ + { + ERRDOS, ERRnoaccess, NT_STATUS_NO_TRUST_SAM_ACCOUNT}, { + ERRDOS, ERRnoaccess, NT_STATUS_TRUSTED_DOMAIN_FAILURE}, { + ERRDOS, ERRnoaccess, NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE}, { + ERRHRD, ERRgeneral, NT_STATUS_EVENTLOG_FILE_CORRUPT}, { + ERRHRD, ERRgeneral, NT_STATUS_EVENTLOG_CANT_START}, { + ERRDOS, ERRnoaccess, NT_STATUS_TRUST_FAILURE}, { + ERRHRD, ERRgeneral, NT_STATUS_MUTANT_LIMIT_EXCEEDED}, { + ERRDOS, ERRnetlogonNotStarted, NT_STATUS_NETLOGON_NOT_STARTED}, { + ERRSRV, ERRaccountexpired, NT_STATUS_ACCOUNT_EXPIRED}, { + ERRHRD, ERRgeneral, NT_STATUS_POSSIBLE_DEADLOCK}, { + ERRHRD, ERRgeneral, NT_STATUS_NETWORK_CREDENTIAL_CONFLICT}, { + ERRHRD, ERRgeneral, NT_STATUS_REMOTE_SESSION_LIMIT}, { + ERRHRD, ERRgeneral, NT_STATUS_EVENTLOG_FILE_CHANGED}, { + ERRDOS, ERRnoaccess, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT}, { + ERRDOS, ERRnoaccess, NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT}, { + ERRDOS, ERRnoaccess, NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT}, +/* { This NT error code was 'sqashed' + * from NT_STATUS_DOMAIN_TRUST_INCONSISTENT to NT_STATUS_LOGON_FAILURE + * during the session setup } + */ + { + ERRDOS, ERRnoaccess, NT_STATUS_DOMAIN_TRUST_INCONSISTENT}, { + ERRHRD, ERRgeneral, NT_STATUS_FS_DRIVER_REQUIRED}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_USER_SESSION_KEY}, { + ERRDOS, 59, NT_STATUS_USER_SESSION_DELETED}, { + ERRHRD, ERRgeneral, NT_STATUS_RESOURCE_LANG_NOT_FOUND}, { + ERRDOS, ERRnoresource, NT_STATUS_INSUFF_SERVER_RESOURCES}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_BUFFER_SIZE}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_ADDRESS_COMPONENT}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_ADDRESS_WILDCARD}, { + ERRDOS, 68, NT_STATUS_TOO_MANY_ADDRESSES}, { + ERRDOS, 52, NT_STATUS_ADDRESS_ALREADY_EXISTS}, { + ERRDOS, 64, NT_STATUS_ADDRESS_CLOSED}, { + ERRDOS, 64, NT_STATUS_CONNECTION_DISCONNECTED}, { + ERRDOS, 64, NT_STATUS_CONNECTION_RESET}, { + ERRDOS, 68, NT_STATUS_TOO_MANY_NODES}, { + ERRDOS, 59, NT_STATUS_TRANSACTION_ABORTED}, { + ERRDOS, 59, NT_STATUS_TRANSACTION_TIMED_OUT}, { + ERRDOS, 59, NT_STATUS_TRANSACTION_NO_RELEASE}, { + ERRDOS, 59, NT_STATUS_TRANSACTION_NO_MATCH}, { + ERRDOS, 59, NT_STATUS_TRANSACTION_RESPONDED}, { + ERRDOS, 59, NT_STATUS_TRANSACTION_INVALID_ID}, { + ERRDOS, 59, NT_STATUS_TRANSACTION_INVALID_TYPE}, { + ERRDOS, ERRunsup, NT_STATUS_NOT_SERVER_SESSION}, { + ERRDOS, ERRunsup, NT_STATUS_NOT_CLIENT_SESSION}, { + ERRHRD, ERRgeneral, NT_STATUS_CANNOT_LOAD_REGISTRY_FILE}, { + ERRHRD, ERRgeneral, NT_STATUS_DEBUG_ATTACH_FAILED}, { + ERRHRD, ERRgeneral, NT_STATUS_SYSTEM_PROCESS_TERMINATED}, { + ERRHRD, ERRgeneral, NT_STATUS_DATA_NOT_ACCEPTED}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_BROWSER_SERVERS_FOUND}, { + ERRHRD, ERRgeneral, NT_STATUS_VDM_HARD_ERROR}, { + ERRHRD, ERRgeneral, NT_STATUS_DRIVER_CANCEL_TIMEOUT}, { + ERRHRD, ERRgeneral, NT_STATUS_REPLY_MESSAGE_MISMATCH}, { + ERRHRD, ERRgeneral, NT_STATUS_MAPPED_ALIGNMENT}, { + ERRDOS, 193, NT_STATUS_IMAGE_CHECKSUM_MISMATCH}, { + ERRHRD, ERRgeneral, NT_STATUS_LOST_WRITEBEHIND_DATA}, { + ERRHRD, ERRgeneral, NT_STATUS_CLIENT_SERVER_PARAMETERS_INVALID}, { + ERRSRV, ERRpasswordExpired, NT_STATUS_PASSWORD_MUST_CHANGE}, { + ERRHRD, ERRgeneral, NT_STATUS_NOT_FOUND}, { + ERRHRD, ERRgeneral, NT_STATUS_NOT_TINY_STREAM}, { + ERRHRD, ERRgeneral, NT_STATUS_RECOVERY_FAILURE}, { + ERRHRD, ERRgeneral, NT_STATUS_STACK_OVERFLOW_READ}, { + ERRHRD, ERRgeneral, NT_STATUS_FAIL_CHECK}, { + ERRHRD, ERRgeneral, NT_STATUS_DUPLICATE_OBJECTID}, { + ERRHRD, ERRgeneral, NT_STATUS_OBJECTID_EXISTS}, { + ERRHRD, ERRgeneral, NT_STATUS_CONVERT_TO_LARGE}, { + ERRHRD, ERRgeneral, NT_STATUS_RETRY}, { + ERRHRD, ERRgeneral, NT_STATUS_FOUND_OUT_OF_SCOPE}, { + ERRHRD, ERRgeneral, NT_STATUS_ALLOCATE_BUCKET}, { + ERRHRD, ERRgeneral, NT_STATUS_PROPSET_NOT_FOUND}, { + ERRHRD, ERRgeneral, NT_STATUS_MARSHALL_OVERFLOW}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_VARIANT}, { + ERRHRD, ERRgeneral, NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND}, { + ERRDOS, ERRnoaccess, NT_STATUS_ACCOUNT_LOCKED_OUT}, { + ERRDOS, ERRbadfid, NT_STATUS_HANDLE_NOT_CLOSABLE}, { + ERRHRD, ERRgeneral, NT_STATUS_CONNECTION_REFUSED}, { + ERRHRD, ERRgeneral, NT_STATUS_GRACEFUL_DISCONNECT}, { + ERRHRD, ERRgeneral, NT_STATUS_ADDRESS_ALREADY_ASSOCIATED}, { + ERRHRD, ERRgeneral, NT_STATUS_ADDRESS_NOT_ASSOCIATED}, { + ERRHRD, ERRgeneral, NT_STATUS_CONNECTION_INVALID}, { + ERRHRD, ERRgeneral, NT_STATUS_CONNECTION_ACTIVE}, { + ERRHRD, ERRgeneral, NT_STATUS_NETWORK_UNREACHABLE}, { + ERRHRD, ERRgeneral, NT_STATUS_HOST_UNREACHABLE}, { + ERRHRD, ERRgeneral, NT_STATUS_PROTOCOL_UNREACHABLE}, { + ERRHRD, ERRgeneral, NT_STATUS_PORT_UNREACHABLE}, { + ERRHRD, ERRgeneral, NT_STATUS_REQUEST_ABORTED}, { + ERRHRD, ERRgeneral, NT_STATUS_CONNECTION_ABORTED}, { + ERRHRD, ERRgeneral, NT_STATUS_BAD_COMPRESSION_BUFFER}, { + ERRHRD, ERRgeneral, NT_STATUS_USER_MAPPED_FILE}, { + ERRHRD, ERRgeneral, NT_STATUS_AUDIT_FAILED}, { + ERRHRD, ERRgeneral, NT_STATUS_TIMER_RESOLUTION_NOT_SET}, { + ERRHRD, ERRgeneral, NT_STATUS_CONNECTION_COUNT_LIMIT}, { + ERRHRD, ERRgeneral, NT_STATUS_LOGIN_TIME_RESTRICTION}, { + ERRHRD, ERRgeneral, NT_STATUS_LOGIN_WKSTA_RESTRICTION}, { + ERRDOS, 193, NT_STATUS_IMAGE_MP_UP_MISMATCH}, { + ERRHRD, ERRgeneral, 0xc000024a}, { + ERRHRD, ERRgeneral, 0xc000024b}, { + ERRHRD, ERRgeneral, 0xc000024c}, { + ERRHRD, ERRgeneral, 0xc000024d}, { + ERRHRD, ERRgeneral, 0xc000024e}, { + ERRHRD, ERRgeneral, 0xc000024f}, { + ERRHRD, ERRgeneral, NT_STATUS_INSUFFICIENT_LOGON_INFO}, { + ERRHRD, ERRgeneral, NT_STATUS_BAD_DLL_ENTRYPOINT}, { + ERRHRD, ERRgeneral, NT_STATUS_BAD_SERVICE_ENTRYPOINT}, { + ERRHRD, ERRgeneral, NT_STATUS_LPC_REPLY_LOST}, { + ERRHRD, ERRgeneral, NT_STATUS_IP_ADDRESS_CONFLICT1}, { + ERRHRD, ERRgeneral, NT_STATUS_IP_ADDRESS_CONFLICT2}, { + ERRHRD, ERRgeneral, NT_STATUS_REGISTRY_QUOTA_LIMIT}, { + ERRSRV, 3, NT_STATUS_PATH_NOT_COVERED}, { + ERRHRD, ERRgeneral, NT_STATUS_NO_CALLBACK_ACTIVE}, { + ERRHRD, ERRgeneral, NT_STATUS_LICENSE_QUOTA_EXCEEDED}, { + ERRHRD, ERRgeneral, NT_STATUS_PWD_TOO_SHORT}, { + ERRHRD, ERRgeneral, NT_STATUS_PWD_TOO_RECENT}, { + ERRHRD, ERRgeneral, NT_STATUS_PWD_HISTORY_CONFLICT}, { + ERRHRD, ERRgeneral, 0xc000025d}, { + ERRHRD, ERRgeneral, NT_STATUS_PLUGPLAY_NO_DEVICE}, { + ERRHRD, ERRgeneral, NT_STATUS_UNSUPPORTED_COMPRESSION}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_HW_PROFILE}, { + ERRHRD, ERRgeneral, NT_STATUS_INVALID_PLUGPLAY_DEVICE_PATH}, { + ERRDOS, 182, NT_STATUS_DRIVER_ORDINAL_NOT_FOUND}, { + ERRDOS, 127, NT_STATUS_DRIVER_ENTRYPOINT_NOT_FOUND}, { + ERRDOS, 288, NT_STATUS_RESOURCE_NOT_OWNED}, { + ERRDOS, ErrTooManyLinks, NT_STATUS_TOO_MANY_LINKS}, { + ERRHRD, ERRgeneral, NT_STATUS_QUOTA_LIST_INCONSISTENT}, { + ERRHRD, ERRgeneral, NT_STATUS_FILE_IS_OFFLINE}, { + ERRDOS, 21, 0xc000026e}, { + ERRDOS, 161, 0xc0000281}, { + ERRDOS, ERRnoaccess, 0xc000028a}, { + ERRDOS, ERRnoaccess, 0xc000028b}, { + ERRHRD, ERRgeneral, 0xc000028c}, { + ERRDOS, ERRnoaccess, 0xc000028d}, { + ERRDOS, ERRnoaccess, 0xc000028e}, { + ERRDOS, ERRnoaccess, 0xc000028f}, { + ERRDOS, ERRnoaccess, 0xc0000290}, { + ERRDOS, ERRbadfunc, 0xc000029c}, { + ERRDOS, ERRsymlink, NT_STATUS_STOPPED_ON_SYMLINK}, { + ERRDOS, ERRinvlevel, 0x007c0001}, }; + +void +ntstatus_to_dos(__le32 ntstatus, __u8 *eclass, __le16 *ecode) +{ + int i; + + if (ntstatus == 0) { + *eclass = 0; + *ecode = 0; + return; + } + for (i = 0; ntstatus_to_dos_map[i].ntstatus; i++) { + if (le32_to_cpu(ntstatus) == ntstatus_to_dos_map[i].ntstatus) { + *eclass = ntstatus_to_dos_map[i].dos_class; + *ecode = cpu_to_le16(ntstatus_to_dos_map[i].dos_code); + return; + } + } + *eclass = ERRHRD; + *ecode = cpu_to_le16(ERRgeneral); +} --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/fs/ksmbd/smb1misc.c 2024-04-22 14:46:57.128246800 +0200 @@ -0,0 +1,297 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Copyright (C) 2016 Namjae Jeon + * Copyright (C) 2018 Samsung Electronics Co., Ltd. + */ + +#include "glob.h" +#include "asn1.h" +#include "nterr.h" +#include "ksmbd_work.h" +#include "smb_common.h" +#include "smb1pdu.h" +#include "mgmt/user_session.h" + +/** + * check_smb_hdr() - check for valid smb request header + * @smb: smb header to be checked + * + * check for valid smb signature and packet direction(request/response) + * TODO: properly check client authetication and tree authentication + * + * Return: 0 on success, otherwise 1 + */ +static int check_smb1_hdr(struct smb_hdr *smb) +{ + /* does it have the right SMB "signature" ? */ + if (*(__le32 *) smb->Protocol != SMB1_PROTO_NUMBER) { + ksmbd_debug(SMB, "Bad protocol string signature header 0x%x\n", + *(unsigned int *)smb->Protocol); + return 1; + } + ksmbd_debug(SMB, "got SMB\n"); + + /* if it's not a response then accept */ + /* TODO : check for oplock break */ + if (!(smb->Flags & SMBFLG_RESPONSE)) + return 0; + + ksmbd_debug(SMB, "Server sent request, not response\n"); + return 1; +} + + +static int smb1_req_struct_size(struct smb_hdr *hdr) +{ + int wc = hdr->WordCount; + + switch (hdr->Command) { + case SMB_COM_CREATE_DIRECTORY: + case SMB_COM_DELETE_DIRECTORY: + case SMB_COM_QUERY_INFORMATION: + case SMB_COM_TREE_DISCONNECT: + case SMB_COM_NEGOTIATE: + case SMB_COM_NT_CANCEL: + case SMB_COM_CHECK_DIRECTORY: + case SMB_COM_PROCESS_EXIT: + if (wc != 0x0) + return -EINVAL; + break; + case SMB_COM_FLUSH: + case SMB_COM_DELETE: + case SMB_COM_RENAME: + case SMB_COM_ECHO: + case SMB_COM_FIND_CLOSE2: + if (wc != 0x1) + return -EINVAL; + break; + case SMB_COM_LOGOFF_ANDX: + if (wc != 0x2) + return -EINVAL; + break; + case SMB_COM_CLOSE: + if (wc != 0x3) + return -EINVAL; + break; + case SMB_COM_TREE_CONNECT_ANDX: + case SMB_COM_NT_RENAME: + if (wc != 0x4) + return -EINVAL; + break; + case SMB_COM_WRITE: + if (wc != 0x5) + return -EINVAL; + break; + case SMB_COM_SETATTR: + case SMB_COM_LOCKING_ANDX: + if (wc != 0x8) + return -EINVAL; + break; + case SMB_COM_TRANSACTION: + if (wc < 0xe) + return -EINVAL; + break; + case SMB_COM_SESSION_SETUP_ANDX: + if (wc != 0xc && wc != 0xd) + return -EINVAL; + break; + case SMB_COM_OPEN_ANDX: + case SMB_COM_TRANSACTION2: + if (wc != 0xf) + return -EINVAL; + break; + case SMB_COM_NT_CREATE_ANDX: + if (wc != 0x18) + return -EINVAL; + break; + case SMB_COM_READ_ANDX: + if (wc != 0xa && wc != 0xc) + return -EINVAL; + break; + case SMB_COM_WRITE_ANDX: + if (wc != 0xc && wc != 0xe) + return -EINVAL; + break; + default: + return -EOPNOTSUPP; + } + + return wc; +} + +static int smb1_get_byte_count(struct smb_hdr *hdr) +{ + int bc; + + bc = le16_to_cpu(*(__le16 *)((char *)hdr + + sizeof(struct smb_hdr) + hdr->WordCount * 2)); + + switch (hdr->Command) { + case SMB_COM_CLOSE: + case SMB_COM_FLUSH: + case SMB_COM_READ_ANDX: + case SMB_COM_TREE_DISCONNECT: + case SMB_COM_LOGOFF_ANDX: + case SMB_COM_NT_CANCEL: + case SMB_COM_PROCESS_EXIT: + case SMB_COM_FIND_CLOSE2: + if (bc != 0x0) + return -EINVAL; + break; + case SMB_COM_LOCKING_ANDX: + case SMB_COM_TRANSACTION: + case SMB_COM_TRANSACTION2: + case SMB_COM_ECHO: + case SMB_COM_SESSION_SETUP_ANDX: + if (bc < 0x0) + return -EINVAL; + break; + case SMB_COM_WRITE_ANDX: + if (bc < 0x1) + return -EINVAL; + break; + case SMB_COM_CREATE_DIRECTORY: + case SMB_COM_DELETE_DIRECTORY: + case SMB_COM_DELETE: + case SMB_COM_RENAME: + case SMB_COM_QUERY_INFORMATION: + case SMB_COM_SETATTR: + case SMB_COM_OPEN_ANDX: + case SMB_COM_NEGOTIATE: + case SMB_COM_CHECK_DIRECTORY: + if (bc < 0x2) + return -EINVAL; + break; + case SMB_COM_TREE_CONNECT_ANDX: + case SMB_COM_WRITE: + if (bc < 0x3) + return -EINVAL; + break; + case SMB_COM_NT_RENAME: + if (bc < 0x4) + return -EINVAL; + break; + case SMB_COM_NT_CREATE_ANDX: + if (hdr->Flags2 & SMBFLG2_UNICODE) { + if (bc < 3) + return -EINVAL; + } else if (bc < 2) + return -EINVAL; + break; + } + + return bc; +} + +static unsigned int smb1_calc_size(struct smb_hdr *hdr) +{ + int len = sizeof(struct smb_hdr) - 4 + 2; + int bc, struct_size = hdr->WordCount * 2; + + len += struct_size; + bc = smb1_get_byte_count(hdr); + if (bc < 0) + return bc; + ksmbd_debug(SMB, "SMB2 byte count %d, struct size : %d\n", bc, + struct_size); + len += bc; + + ksmbd_debug(SMB, "SMB1 len %d\n", len); + return len; +} + +static int smb1_get_data_len(struct smb_hdr *hdr) +{ + int data_len = 0; + + /* data offset check */ + switch (hdr->Command) { + case SMB_COM_WRITE_ANDX: + { + struct smb_com_write_req *req = (struct smb_com_write_req *)hdr; + + data_len = le16_to_cpu(req->DataLengthLow); + data_len |= (le16_to_cpu(req->DataLengthHigh) << 16); + data_len += le16_to_cpu(req->DataOffset); + break; + } + case SMB_COM_TRANSACTION: + { + struct smb_com_trans_req *req = (struct smb_com_trans_req *)hdr; + + data_len = le16_to_cpu(req->DataOffset) + + le16_to_cpu(req->DataCount); + break; + } + case SMB_COM_TRANSACTION2: + { + struct smb_com_trans2_req *req = + (struct smb_com_trans2_req *)hdr; + + data_len = le16_to_cpu(req->DataOffset) + + le16_to_cpu(req->DataCount); + break; + } + } + + return data_len; +} + +int ksmbd_smb1_check_message(struct ksmbd_work *work) +{ + struct smb_hdr *hdr = (struct smb_hdr *)work->request_buf; + char *buf = work->request_buf; + int command = hdr->Command; + __u32 clc_len; /* calculated length */ + __u32 len = get_rfc1002_len(buf); + int wc, data_len; + + if (check_smb1_hdr(hdr)) + return 1; + + wc = smb1_req_struct_size(hdr); + if (wc == -EOPNOTSUPP) { + ksmbd_debug(SMB, "Not support cmd %x\n", command); + return 1; + } else if (hdr->WordCount != wc) { + pr_err("Invalid word count, %d not %d. cmd %x\n", + hdr->WordCount, wc, command); + return 1; + } + + data_len = smb1_get_data_len(hdr); + if (len < data_len) { + pr_err("Invalid data area length %u not %u. cmd : %x\n", + len, data_len, command); + return 1; + } + + clc_len = smb1_calc_size(hdr); + if (len != clc_len) { + /* + * smbclient may return wrong byte count in smb header. + * But allow it to avoid write failure with smbclient. + */ + if (command == SMB_COM_WRITE_ANDX) + return 0; + + if (len > clc_len) { + ksmbd_debug(SMB, + "cli req too long, len %d not %d. cmd:%x\n", + len, clc_len, command); + return 0; + } + + pr_err("cli req too short, len %d not %d. cmd:%x\n", + len, clc_len, command); + + return 1; + } + + return 0; +} + +int smb_negotiate_request(struct ksmbd_work *work) +{ + return ksmbd_smb_negotiate_common(work, SMB_COM_NEGOTIATE); +} --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/fs/ksmbd/smb1ops.c 2024-04-22 14:46:57.128246800 +0200 @@ -0,0 +1,93 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Copyright (C) 2016 Namjae Jeon + * Copyright (C) 2018 Samsung Electronics Co., Ltd. + */ + +#include + +#include "glob.h" +#include "connection.h" +#include "smb_common.h" +#include "smb1pdu.h" + +static struct smb_version_values smb1_server_values = { + .version_string = SMB1_VERSION_STRING, + .protocol_id = SMB10_PROT_ID, + .capabilities = SMB1_SERVER_CAPS, + .max_read_size = CIFS_DEFAULT_IOSIZE, + .max_write_size = CIFS_DEFAULT_IOSIZE, + .max_trans_size = CIFS_DEFAULT_IOSIZE, + .large_lock_type = LOCKING_ANDX_LARGE_FILES, + .exclusive_lock_type = 0, + .shared_lock_type = LOCKING_ANDX_SHARED_LOCK, + .unlock_lock_type = 0, + .header_size = sizeof(struct smb_hdr), + .max_header_size = MAX_CIFS_HDR_SIZE, + .read_rsp_size = sizeof(struct smb_com_read_rsp), + .lock_cmd = cpu_to_le16(SMB_COM_LOCKING_ANDX), + .cap_unix = CAP_UNIX, + .cap_nt_find = CAP_NT_SMBS | CAP_NT_FIND, + .cap_large_files = CAP_LARGE_FILES, + .signing_enabled = SECMODE_SIGN_ENABLED, + .signing_required = SECMODE_SIGN_REQUIRED, +}; + +static struct smb_version_ops smb1_server_ops = { + .get_cmd_val = get_smb_cmd_val, + .init_rsp_hdr = init_smb_rsp_hdr, + .set_rsp_status = set_smb_rsp_status, + .allocate_rsp_buf = smb_allocate_rsp_buf, + .check_user_session = smb_check_user_session, + .is_sign_req = smb1_is_sign_req, + .check_sign_req = smb1_check_sign_req, + .set_sign_rsp = smb1_set_sign_rsp, + .get_ksmbd_tcon = smb_get_ksmbd_tcon, +}; + +static struct smb_version_cmds smb1_server_cmds[256] = { + [SMB_COM_CREATE_DIRECTORY] = { .proc = smb_mkdir, }, + [SMB_COM_DELETE_DIRECTORY] = { .proc = smb_rmdir, }, + [SMB_COM_CLOSE] = { .proc = smb_close, }, + [SMB_COM_FLUSH] = { .proc = smb_flush, }, + [SMB_COM_DELETE] = { .proc = smb_unlink, }, + [SMB_COM_RENAME] = { .proc = smb_rename, }, + [SMB_COM_QUERY_INFORMATION] = { .proc = smb_query_info, }, + [SMB_COM_SETATTR] = { .proc = smb_setattr, }, + [SMB_COM_LOCKING_ANDX] = { .proc = smb_locking_andx, }, + [SMB_COM_TRANSACTION] = { .proc = smb_trans, }, + [SMB_COM_ECHO] = { .proc = smb_echo, }, + [SMB_COM_OPEN_ANDX] = { .proc = smb_open_andx, }, + [SMB_COM_READ_ANDX] = { .proc = smb_read_andx, }, + [SMB_COM_WRITE_ANDX] = { .proc = smb_write_andx, }, + [SMB_COM_TRANSACTION2] = { .proc = smb_trans2, }, + [SMB_COM_FIND_CLOSE2] = { .proc = smb_closedir, }, + [SMB_COM_TREE_DISCONNECT] = { .proc = smb_tree_disconnect, }, + [SMB_COM_NEGOTIATE] = { .proc = smb_negotiate_request, }, + [SMB_COM_SESSION_SETUP_ANDX] = { .proc = smb_session_setup_andx, }, + [SMB_COM_LOGOFF_ANDX] = { .proc = smb_session_disconnect, }, + [SMB_COM_TREE_CONNECT_ANDX] = { .proc = smb_tree_connect_andx, }, + [SMB_COM_NT_CREATE_ANDX] = { .proc = smb_nt_create_andx, }, + [SMB_COM_NT_CANCEL] = { .proc = smb_nt_cancel, }, + [SMB_COM_NT_RENAME] = { .proc = smb_nt_rename, }, + [SMB_COM_WRITE] = { .proc = smb_write, }, + [SMB_COM_CHECK_DIRECTORY] = { .proc = smb_checkdir, }, + [SMB_COM_PROCESS_EXIT] = { .proc = smb_process_exit, }, +}; + +/** + * init_smb1_server() - initialize a smb server connection with smb1 + * command dispatcher + * @conn: connection instance + */ +int init_smb1_server(struct ksmbd_conn *conn) +{ + if (!conn) + return -EINVAL; + + conn->vals = &smb1_server_values; + conn->ops = &smb1_server_ops; + conn->cmds = smb1_server_cmds; + conn->max_cmds = ARRAY_SIZE(smb1_server_cmds); + return 0; +} --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/fs/ksmbd/smb1pdu.c 2024-04-22 14:46:57.128246800 +0200 @@ -0,0 +1,8501 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Copyright (C) 2016 Namjae Jeon + * Copyright (C) 2018 Samsung Electronics Co., Ltd. + */ +#include +#include +#include +#include +#include +#include +#include + +#include "glob.h" +#include "oplock.h" +#include "connection.h" +#include "transport_ipc.h" +#include "vfs.h" +#include "misc.h" + +#include "auth.h" +#include "asn1.h" +#include "server.h" +#include "smb_common.h" +#include "smb1pdu.h" +#include "smbstatus.h" +#include "mgmt/user_config.h" +#include "mgmt/share_config.h" +#include "mgmt/tree_connect.h" +#include "mgmt/user_session.h" +#include "ndr.h" +#include "smberr.h" + +static int smb1_oplock_enable = false; + +/* Default: allocation roundup size = 1048576 */ +static unsigned int alloc_roundup_size = 1048576; + +struct ksmbd_dirent { + unsigned long long ino; + unsigned long long offset; + unsigned int namelen; + unsigned int d_type; + char name[]; +}; + +/** + * smb_NTtimeToUnix() - convert NTFS time to unix style time format + * @ntutc: NTFS style time + * + * Convert the NT UTC (based 1601-01-01, in hundred nanosecond units) + * into Unix UTC (based 1970-01-01, in seconds). + * + * Return: timespec containing unix style time + */ +static struct timespec64 smb_NTtimeToUnix(__le64 ntutc) +{ + struct timespec64 ts; + + /* BB what about the timezone? BB */ + + /* Subtract the NTFS time offset, then convert to 1s intervals. */ + /* this has been taken from cifs, ntfs code */ + u64 t; + + t = le64_to_cpu(ntutc) - NTFS_TIME_OFFSET; + ts.tv_nsec = do_div(t, 10000000) * 100; + ts.tv_sec = t; + return ts; +} + +/** + * get_smb_cmd_val() - get smb command value from smb header + * @work: smb work containing smb header + * + * Return: smb command value + */ +u16 get_smb_cmd_val(struct ksmbd_work *work) +{ + struct smb_hdr *rcv_hdr = (struct smb_hdr *)work->request_buf; + + return (u16)rcv_hdr->Command; +} + +/** + * is_smbreq_unicode() - check if the smb command is request is unicode or not + * @hdr: pointer to smb_hdr in the the request part + * + * Return: check flags and return true if request is unicode, else false + */ +static inline int is_smbreq_unicode(struct smb_hdr *hdr) +{ + return hdr->Flags2 & SMBFLG2_UNICODE ? 1 : 0; +} + +/** + * set_smb_rsp_status() - set error type in smb response header + * @work: smb work containing smb response header + * @err: error code to set in response + */ +void set_smb_rsp_status(struct ksmbd_work *work, __le32 err) +{ + struct smb_hdr *rsp_hdr = (struct smb_hdr *) work->response_buf; + + rsp_hdr->Status.CifsError = err; +} + +/** + * init_smb_rsp_hdr() - initialize smb response header + * @work: smb work containing smb request + * + * Return: 0 on success, otherwise -EINVAL + */ +int init_smb_rsp_hdr(struct ksmbd_work *work) +{ + struct ksmbd_conn *conn = work->conn; + struct smb_hdr *rsp_hdr; + struct smb_hdr *rcv_hdr = (struct smb_hdr *)work->request_buf; + + rsp_hdr = (struct smb_hdr *) work->response_buf; + memset(rsp_hdr, 0, sizeof(struct smb_hdr) + 2); + + /* remove 4 byte direct TCP header, add 1 byte wc and 2 byte bcc */ + rsp_hdr->smb_buf_length = + cpu_to_be32(conn->vals->header_size - 4 + 2); + memcpy(rsp_hdr->Protocol, rcv_hdr->Protocol, 4); + rsp_hdr->Command = rcv_hdr->Command; + + /* + * Message is response. Other bits are obsolete. + */ + rsp_hdr->Flags = (SMBFLG_RESPONSE); + + /* + * Lets assume error code are NTLM. True for CIFS and windows 7 + */ + rsp_hdr->Flags2 = rcv_hdr->Flags2; + rsp_hdr->PidHigh = rcv_hdr->PidHigh; + rsp_hdr->Pid = rcv_hdr->Pid; + rsp_hdr->Mid = rcv_hdr->Mid; + rsp_hdr->WordCount = 0; + + /* We can do the above test because we have set maxVCN as 1 */ + rsp_hdr->Uid = rcv_hdr->Uid; + rsp_hdr->Tid = rcv_hdr->Tid; + return 0; +} + +/** + * smb_allocate_rsp_buf() - allocate response buffer for a command + * @work: smb work containing smb request + * + * Return: 0 on success, otherwise -ENOMEM + */ +int smb_allocate_rsp_buf(struct ksmbd_work *work) +{ + struct smb_hdr *hdr = (struct smb_hdr *)work->request_buf; + unsigned char cmd = hdr->Command; + size_t large_sz = work->conn->vals->max_read_size + MAX_CIFS_HDR_SIZE; + size_t sz = MAX_CIFS_SMALL_BUFFER_SIZE; + + if (cmd == SMB_COM_TRANSACTION2) { + struct smb_com_trans2_qpi_req *req = work->request_buf; + u16 sub_cmd = le16_to_cpu(req->SubCommand); + u16 infolevel = le16_to_cpu(req->InformationLevel); + + if ((sub_cmd == TRANS2_FIND_FIRST) || + (sub_cmd == TRANS2_FIND_NEXT) || + (sub_cmd == TRANS2_QUERY_PATH_INFORMATION && + (infolevel == SMB_QUERY_FILE_UNIX_LINK || + infolevel == SMB_QUERY_POSIX_ACL || + infolevel == SMB_INFO_QUERY_ALL_EAS))) + sz = large_sz; + } + + if (cmd == SMB_COM_TRANSACTION) + sz = large_sz; + + if (cmd == SMB_COM_ECHO) { + int resp_size; + struct smb_com_echo_req *req = work->request_buf; + + /* + * size of struct smb_com_echo_rsp + Bytecount - Size of Data + * in struct smb_com_echo_rsp + */ + resp_size = sizeof(struct smb_com_echo_rsp) + + le16_to_cpu(req->ByteCount) - 1; + if (resp_size > MAX_CIFS_SMALL_BUFFER_SIZE) + sz = large_sz; + } + + work->response_buf = kvmalloc(sz, GFP_KERNEL | __GFP_ZERO); + work->response_sz = sz; + + if (!work->response_buf) { + pr_err("Failed to allocate %zu bytes buffer\n", sz); + return -ENOMEM; + } + + return 0; +} + +/** + * andx_request_buffer() - return pointer to matching andx command + * @work: buffer containing smb request + * @command: match next command with this command + * + * Return: pointer to matching command buffer on success, otherwise NULL + */ +static char *andx_request_buffer(char *buf, int command) +{ + struct andx_block *andx_ptr = (struct andx_block *)(buf + + sizeof(struct smb_hdr) - 1); + struct andx_block *next; + + while (andx_ptr->AndXCommand != SMB_NO_MORE_ANDX_COMMAND) { + next = (struct andx_block *) + (buf + 4 + le16_to_cpu(andx_ptr->AndXOffset)); + if (andx_ptr->AndXCommand == command) + return (char *)next; + andx_ptr = next; + } + return NULL; +} + +/** + * andx_response_buffer() - return pointer to andx response buffer + * @buf: buffer containing smb request + * + * Return: pointer to andx command response on success, otherwise NULL + */ +static char *andx_response_buffer(char *buf) +{ + int pdu_length = get_rfc1002_len(buf); + + return buf + 4 + pdu_length; +} + +/** + * smb_check_user_session() - check for valid session for a user + * @work: smb work containing smb request buffer + * + * Return: 0 on success, otherwise error + */ +int smb_check_user_session(struct ksmbd_work *work) +{ + struct smb_hdr *req_hdr = (struct smb_hdr *)work->request_buf; + struct ksmbd_conn *conn = work->conn; + unsigned int cmd = conn->ops->get_cmd_val(work); + + work->sess = NULL; + if (cmd == SMB_COM_NEGOTIATE || cmd == SMB_COM_SESSION_SETUP_ANDX || + cmd == SMB_COM_ECHO) + return 0; + + if (!ksmbd_conn_good(work)) + return -EINVAL; + + if (xa_empty(&conn->sessions)) { + ksmbd_debug(SMB, "NO sessions registered\n"); + return -EINVAL; + } + + work->sess = ksmbd_session_lookup(conn, le16_to_cpu(req_hdr->Uid)); + if (work->sess) + return 1; + ksmbd_debug(SMB, "Invalid user session, Uid %u\n", + le16_to_cpu(req_hdr->Uid)); + return -EINVAL; +} + +/** + * smb_get_ksmbd_tcon() - get tree connection information for a tree id + * @sess: session containing tree list + * @tid: match tree connection with tree id + * + * Return: matching tree connection on success, otherwise error + */ +int smb_get_ksmbd_tcon(struct ksmbd_work *work) +{ + struct smb_hdr *req_hdr = (struct smb_hdr *)work->request_buf; + u8 cmd = req_hdr->Command; + int tree_id; + + work->tcon = NULL; + if (cmd == SMB_COM_TREE_CONNECT_ANDX || + cmd == SMB_COM_NT_CANCEL || + cmd == SMB_COM_LOGOFF_ANDX) { + ksmbd_debug(SMB, "skip to check tree connect request\n"); + return 0; + } + + if (xa_empty(&work->sess->tree_conns)) { + ksmbd_debug(SMB, "NO tree connected\n"); + return -ENOENT; + } + + tree_id = le16_to_cpu(req_hdr->Tid); + work->tcon = ksmbd_tree_conn_lookup(work->sess, tree_id); + if (!work->tcon) { + pr_err("Invalid tid %d\n", tree_id); + return -EINVAL; + } + + return 1; +} + +/** + * smb_session_disconnect() - LOGOFF request handler + * @work: smb work containing log off request buffer + * + * Return: 0 on success, otherwise error + */ +int smb_session_disconnect(struct ksmbd_work *work) +{ + struct ksmbd_conn *conn = work->conn; + struct ksmbd_session *sess = work->sess; + + /* setting CifsExiting here may race with start_tcp_sess */ + ksmbd_conn_set_need_reconnect(work); + + ksmbd_conn_wait_idle(conn); + + ksmbd_tree_conn_session_logoff(sess); + xa_erase(&conn->sessions, sess->id); + ksmbd_session_destroy(sess); + work->sess = NULL; + + /* let start_tcp_sess free conn info now */ + ksmbd_conn_set_exiting(work); + return 0; +} + +/** + * smb_session_disconnect() - tree disconnect request handler + * @work: smb work containing tree disconnect request buffer + * + * Return: 0 on success, otherwise error + */ +int smb_tree_disconnect(struct ksmbd_work *work) +{ + struct smb_hdr *req_hdr = (struct smb_hdr *)work->request_buf; + struct smb_hdr *rsp_hdr = (struct smb_hdr *)work->response_buf; + struct ksmbd_tree_connect *tcon = work->tcon; + struct ksmbd_session *sess = work->sess; + + if (!tcon) { + pr_err("Invalid tid %d\n", req_hdr->Tid); + rsp_hdr->Status.CifsError = STATUS_NO_SUCH_USER; + return -EINVAL; + } + + ksmbd_close_tree_conn_fds(work); + ksmbd_tree_conn_disconnect(sess, tcon); + return 0; +} + +static void set_service_type(struct ksmbd_conn *conn, + struct ksmbd_share_config *share, + struct smb_com_tconx_rsp_ext *rsp) +{ + int length; + char *buf = rsp->Service; + + if (test_share_config_flag(share, KSMBD_SHARE_FLAG_PIPE)) { + length = strlen(SERVICE_IPC_SHARE); + memcpy(buf, SERVICE_IPC_SHARE, length); + rsp->ByteCount = cpu_to_le16(length + 1); + buf += length; + *buf = '\0'; + } else { + int uni_len = 0; + + length = strlen(SERVICE_DISK_SHARE); + memcpy(buf, SERVICE_DISK_SHARE, length); + buf[length] = '\0'; + length += 1; + uni_len = smbConvertToUTF16((__le16 *)(buf + length), + NATIVE_FILE_SYSTEM, + PATH_MAX, conn->local_nls, 0); + uni_len++; + uni_len *= 2; + length += uni_len; + rsp->ByteCount = cpu_to_le16(length); + } +} + +/** + * smb_tree_connect_andx() - tree connect request handler + * @work: smb work containing tree connect request buffer + * + * Return: 0 on success, otherwise error + */ +int smb_tree_connect_andx(struct ksmbd_work *work) +{ + struct smb_hdr *req_hdr = (struct smb_hdr *)work->request_buf; + struct smb_hdr *rsp_hdr = (struct smb_hdr *)work->response_buf; + struct ksmbd_conn *conn = work->conn; + struct smb_com_tconx_req *req; + struct smb_com_tconx_rsp_ext *rsp; + int extra_byte = 0; + char *treename = NULL, *name = NULL, *dev_type = NULL; + struct ksmbd_share_config *share; + struct ksmbd_session *sess = work->sess; + int dev_flags = 0; + struct ksmbd_tree_conn_status status; + + /* Is this an ANDX command ? */ + if (req_hdr->Command != SMB_COM_TREE_CONNECT_ANDX) { + ksmbd_debug(SMB, "SMB_COM_TREE_CONNECT_ANDX is part of ANDX"); + req = (struct smb_com_tconx_req *) + andx_request_buffer(work->request_buf, + SMB_COM_TREE_CONNECT_ANDX); + rsp = (struct smb_com_tconx_rsp_ext *) + andx_response_buffer(work->response_buf); + extra_byte = 3; + if (!req) { + status.ret = -EINVAL; + goto out_err; + } + } else { + req = (struct smb_com_tconx_req *)(&req_hdr->WordCount); + rsp = (struct smb_com_tconx_rsp_ext *)(&rsp_hdr->WordCount); + } + + /* check if valid tree name is present in request or not */ + if (!req->PasswordLength) { + treename = smb_strndup_from_utf16(req->Password + 1, + 256, true, conn->local_nls); + dev_type = smb_strndup_from_utf16(req->Password + 1 + + ((strlen(treename) + 1) * 2), 256, false, + conn->local_nls); + } else { + treename = smb_strndup_from_utf16(req->Password + + le16_to_cpu(req->PasswordLength), 256, true, + conn->local_nls); + dev_type = smb_strndup_from_utf16(req->Password + + le16_to_cpu(req->PasswordLength) + + ((strlen(treename) + 1) * 2), + 256, false, conn->local_nls); + } + + if (IS_ERR(treename) || IS_ERR(dev_type)) { + pr_err("Unable to strdup() treename or devtype uid %d\n", + rsp_hdr->Uid); + status.ret = KSMBD_TREE_CONN_STATUS_ERROR; + goto out_err; + } + name = ksmbd_extract_sharename(conn->um, treename); + if (IS_ERR(name)) { + status.ret = KSMBD_TREE_CONN_STATUS_ERROR; + goto out_err; + } + + ksmbd_debug(SMB, "tree connect request for tree %s, dev_type : %s\n", + name, dev_type); + + if (!strcmp(dev_type, "A:")) + dev_flags = 1; + else if (!strncmp(dev_type, "LPT", 3)) + dev_flags = 2; + else if (!strcmp(dev_type, "IPC")) + dev_flags = 3; + else if (!strcmp(dev_type, "COMM")) + dev_flags = 4; + else if (!strcmp(dev_type, "?????")) + dev_flags = 5; + + if (!strcmp(name, "IPC$")) { + if (dev_flags < 3) { + status.ret = -ENODEV; + goto out_err; + } + } else if (!dev_flags || (dev_flags > 1 && dev_flags < 5)) { + status.ret = -ENODEV; + goto out_err; + } + + status = ksmbd_tree_conn_connect(conn, sess, name); + if (status.ret == KSMBD_TREE_CONN_STATUS_OK) + rsp_hdr->Tid = cpu_to_le16(status.tree_conn->id); + else + goto out_err; + + status.ret = 0; + share = status.tree_conn->share_conf; + rsp->WordCount = 7; + rsp->OptionalSupport = 0; + + rsp->OptionalSupport = cpu_to_le16((SMB_SUPPORT_SEARCH_BITS | + SMB_CSC_NO_CACHING | SMB_UNIQUE_FILE_NAME)); + + rsp->MaximalShareAccessRights = cpu_to_le32(FILE_READ_RIGHTS | + FILE_EXEC_RIGHTS); + if (test_tree_conn_flag(status.tree_conn, + KSMBD_TREE_CONN_FLAG_WRITABLE)) + rsp->MaximalShareAccessRights |= cpu_to_le32(FILE_WRITE_RIGHTS); + rsp->GuestMaximalShareAccessRights = 0; + + set_service_type(conn, share, rsp); + + /* For each extra andx response, we have to add 1 byte, + * for wc and 2 bytes for byte count + */ + inc_rfc1001_len(rsp_hdr, + 7 * 2 + le16_to_cpu(rsp->ByteCount) + extra_byte); + + /* this is an ANDx command ? */ + rsp->AndXReserved = 0; + rsp->AndXOffset = cpu_to_le16(get_rfc1002_len(rsp_hdr)); + if (req->AndXCommand != SMB_NO_MORE_ANDX_COMMAND) { + /* adjust response */ + rsp->AndXCommand = req->AndXCommand; + /* More processing required */ + status.ret = rsp->AndXCommand; + } else { + rsp->AndXCommand = SMB_NO_MORE_ANDX_COMMAND; + } + + kfree(treename); + kfree(dev_type); + kfree(name); + + return status.ret; + +out_err: + if (!IS_ERR(treename)) + kfree(treename); + if (!IS_ERR(dev_type)) + kfree(dev_type); + if (!IS_ERR(name)) + kfree(name); + + rsp->WordCount = 7; + rsp->AndXCommand = SMB_NO_MORE_ANDX_COMMAND; + rsp->AndXReserved = 0; + rsp->AndXOffset = cpu_to_le16(get_rfc1002_len(rsp_hdr)); + rsp->OptionalSupport = 0; + rsp->MaximalShareAccessRights = 0; + rsp->GuestMaximalShareAccessRights = 0; + rsp->ByteCount = 0; + ksmbd_debug(SMB, "error while tree connect\n"); + switch (status.ret) { + case KSMBD_TREE_CONN_STATUS_NO_SHARE: + rsp_hdr->Status.CifsError = STATUS_BAD_NETWORK_PATH; + break; + case -ENOMEM: + case KSMBD_TREE_CONN_STATUS_NOMEM: + rsp_hdr->Status.CifsError = STATUS_NO_MEMORY; + break; + case KSMBD_TREE_CONN_STATUS_TOO_MANY_CONNS: + case KSMBD_TREE_CONN_STATUS_TOO_MANY_SESSIONS: + rsp_hdr->Status.CifsError = STATUS_ACCESS_DENIED; + break; + case -ENODEV: + rsp_hdr->Status.CifsError = STATUS_BAD_DEVICE_TYPE; + break; + case KSMBD_TREE_CONN_STATUS_ERROR: + rsp_hdr->Status.CifsError = STATUS_BAD_NETWORK_NAME; + break; + case -EINVAL: + rsp_hdr->Status.CifsError = STATUS_INVALID_PARAMETER; + break; + default: + rsp_hdr->Status.CifsError = STATUS_ACCESS_DENIED; + } + + inc_rfc1001_len(rsp_hdr, (7 * 2 + le16_to_cpu(rsp->ByteCount) + + extra_byte)); + return -EINVAL; +} + +/** + * smb_get_name() - convert filename on smb packet to char string + * @src: source filename, mostly in unicode format + * @maxlen: maxlen of src string to be used for parsing + * @work: smb work containing smb header flag + * @converted: src string already converted to local characterset + * + * Return: pointer to filename string on success, otherwise error ptr + */ +static char * +smb_get_name(struct ksmbd_share_config *share, const char *src, + const int maxlen, struct ksmbd_work *work, bool converted) +{ + struct smb_hdr *req_hdr = (struct smb_hdr *)work->request_buf; + bool is_unicode = is_smbreq_unicode(req_hdr); + char *name, *wild_card_pos; + + if (converted) + name = (char *)src; + else { + name = smb_strndup_from_utf16(src, maxlen, is_unicode, + work->conn->local_nls); + if (IS_ERR(name)) { + ksmbd_debug(SMB, "failed to get name %ld\n", + PTR_ERR(name)); + return name; + } + } + + ksmbd_conv_path_to_unix(name); + ksmbd_strip_last_slash(name); + + /*Handling of dir path in FIND_FIRST2 having '*' at end of path*/ + wild_card_pos = strrchr(name, '*'); + + if (wild_card_pos != NULL) + *wild_card_pos = '\0'; + + + if (ksmbd_validate_filename(name) < 0) + return ERR_PTR(-ENOENT); + + if (ksmbd_share_veto_filename(share, name)) { + ksmbd_debug(SMB, + "file(%s) open is not allowed by setting as veto file\n", + name); + if (!converted) + kfree(name); + return ERR_PTR(-ENOENT); + } + + ksmbd_debug(SMB, "file name = %s\n", name); + + return name; +} + +/** + * smb_get_dir_name() - convert directory name on smb packet to char string + * @src: source dir name, mostly in unicode format + * @maxlen: maxlen of src string to be used for parsing + * @work: smb work containing smb header flag + * @srch_ptr: update search pointer in dir for searching dir entries + * + * Return: pointer to dir name string on success, otherwise error ptr + */ +static char *smb_get_dir_name(struct ksmbd_share_config *share, const char *src, + const int maxlen, struct ksmbd_work *work, char **srch_ptr) +{ + struct smb_hdr *req_hdr = (struct smb_hdr *)work->request_buf; + struct smb_hdr *rsp_hdr = (struct smb_hdr *)work->response_buf; + bool is_unicode = is_smbreq_unicode(req_hdr); + char *name, *pattern_pos, *pattern = NULL; + int pattern_len, rc; + + name = smb_strndup_from_utf16(src, maxlen, is_unicode, + work->conn->local_nls); + if (IS_ERR(name)) { + pr_err("failed to allocate memory\n"); + rsp_hdr->Status.CifsError = STATUS_NO_MEMORY; + return name; + } + + ksmbd_conv_path_to_unix(name); + ksmbd_strip_last_slash(name); + + pattern_pos = strrchr(name, '/'); + + if (!pattern_pos) + pattern_pos = name; + else + pattern_pos += 1; + + pattern_len = strlen(pattern_pos); + if (pattern_len == 0) { + rc = -EINVAL; + goto err_name; + } + ksmbd_debug(SMB, "pattern searched = %s pattern_len = %d\n", + pattern_pos, pattern_len); + pattern = kmalloc(pattern_len + 1, GFP_KERNEL); + if (!pattern) { + rc = -ENOMEM; + goto err_name; + } + memcpy(pattern, pattern_pos, pattern_len); + *(pattern + pattern_len) = '\0'; + *pattern_pos = '\0'; + *srch_ptr = pattern; + + if (ksmbd_validate_filename(name) < 0) { + rc = -ENOENT; + goto err_pattern; + } + + if (ksmbd_share_veto_filename(share, name)) { + ksmbd_debug(SMB, + "file(%s) open is not allowed by setting as veto file\n", + name); + rc = -ENOENT; + goto err_pattern; + } + + ksmbd_debug(SMB, "dir name = %s\n", name); + return name; + +err_pattern: + kfree(pattern); +err_name: + kfree(name); + + if (rc == -EINVAL) + rsp_hdr->Status.CifsError = STATUS_INVALID_PARAMETER; + else if (rc == -ENOMEM) + rsp_hdr->Status.CifsError = STATUS_NO_MEMORY; + else if (rc == -ENOENT) + rsp_hdr->Status.CifsError = STATUS_OBJECT_NAME_INVALID; + + return ERR_PTR(rc); +} + +/** + * smb_rename() - rename request handler + * @work: smb work containing rename request buffer + * + * Return: 0 on success, otherwise error + */ +int smb_rename(struct ksmbd_work *work) +{ + struct smb_com_rename_req *req = work->request_buf; + struct smb_com_rename_rsp *rsp = work->response_buf; + struct ksmbd_share_config *share = work->tcon->share_conf; + bool is_unicode = is_smbreq_unicode(&req->hdr); + char *oldname, *newname; + struct ksmbd_file *fp = NULL; + int oldname_len; + struct path path; + bool file_present = true; + int rc = 0; + + if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) { + ksmbd_debug(SMB, + "returning as user does not have permission to write\n"); + rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + return -EACCES; + } + + oldname = smb_get_name(share, req->OldFileName, PATH_MAX, work, false); + if (IS_ERR(oldname)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(oldname); + } + + if (is_unicode) + oldname_len = smb1_utf16_name_length((__le16 *)req->OldFileName, + PATH_MAX); + else { + oldname_len = strlen(oldname); + oldname_len++; + } + + newname = smb_get_name(share, &req->OldFileName[oldname_len + 2], + PATH_MAX, work, false); + if (IS_ERR(newname)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + rc = PTR_ERR(newname); + newname = NULL; + goto out; + } + + rc = ksmbd_vfs_kern_path(work, newname, LOOKUP_NO_SYMLINKS, &path, 1); + if (rc) + file_present = false; + else + path_put(&path); + + if (file_present && strncmp(oldname, newname, strlen(oldname))) { + rc = -EEXIST; + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_COLLISION; + ksmbd_debug(SMB, "cannot rename already existing file\n"); + goto out; + } + + ksmbd_debug(SMB, "rename %s -> %s\n", oldname, newname); + rc = ksmbd_vfs_kern_path(work, oldname, LOOKUP_NO_SYMLINKS, &path, 1); + if (rc) + goto out; + + fp = ksmbd_vfs_dentry_open(work, &path, O_RDONLY, 0, false); + if (IS_ERR(fp)) { + fp = NULL; + path_put(&path); + goto out; + } + + rc = ksmbd_vfs_fp_rename(work, fp, newname); + if (rc) { + rsp->hdr.Status.CifsError = STATUS_NO_MEMORY; + path_put(&path); + goto out; + } + path_put(&path); + rsp->hdr.WordCount = 0; + rsp->ByteCount = 0; +out: + if (fp) + ksmbd_close_fd(work, fp->volatile_id); + kfree(oldname); + kfree(newname); + return rc; +} + +/** + * smb_handle_negotiate() - negotiate request handler + * @work: smb work containing negotiate request buffer + * + * Return: 0 on success, otherwise error + */ +int smb_handle_negotiate(struct ksmbd_work *work) +{ + struct ksmbd_conn *conn = work->conn; + struct smb_negotiate_rsp *neg_rsp = work->response_buf; + __u64 time; + int rc = 0; + + WARN_ON(ksmbd_conn_good(work)); + + if (conn->dialect == BAD_PROT_ID) { + neg_rsp->hdr.Status.CifsError = STATUS_INVALID_LOGON_TYPE; + rc = -EINVAL; + goto err_out; + } + + conn->connection_type = 0; + + /* wct 17 for NTLM */ + neg_rsp->hdr.WordCount = 17; + neg_rsp->DialectIndex = cpu_to_le16(conn->dialect); + + neg_rsp->SecurityMode = SMB1_SERVER_SECU; + if (server_conf.signing == KSMBD_CONFIG_OPT_AUTO || + server_conf.signing == KSMBD_CONFIG_OPT_MANDATORY) { + conn->sign = true; + neg_rsp->SecurityMode |= SECMODE_SIGN_ENABLED; + if (server_conf.signing == KSMBD_CONFIG_OPT_MANDATORY) + neg_rsp->SecurityMode |= SECMODE_SIGN_REQUIRED; + } + neg_rsp->MaxMpxCount = cpu_to_le16(SMB1_MAX_MPX_COUNT); + neg_rsp->MaxNumberVcs = cpu_to_le16(SMB1_MAX_VCS); + neg_rsp->MaxBufferSize = cpu_to_le32(conn->vals->max_read_size); + neg_rsp->MaxRawSize = cpu_to_le32(SMB1_MAX_RAW_SIZE); + neg_rsp->SessionKey = 0; + neg_rsp->Capabilities = cpu_to_le32(SMB1_SERVER_CAPS); + + time = ksmbd_systime(); + neg_rsp->SystemTimeLow = cpu_to_le32(time & 0x00000000FFFFFFFF); + neg_rsp->SystemTimeHigh = + cpu_to_le32((time & 0xFFFFFFFF00000000) >> 32); + neg_rsp->ServerTimeZone = 0; + + if (((struct smb_hdr *)work->request_buf)->Flags2 & SMBFLG2_EXT_SEC) + conn->use_spnego = true; + + ksmbd_debug(SMB, "spnego is %s\n", conn->use_spnego ? "on" : "off"); + + if (conn->use_spnego == false) { + neg_rsp->EncryptionKeyLength = CIFS_CRYPTO_KEY_SIZE; + neg_rsp->Capabilities &= ~cpu_to_le32(CAP_EXTENDED_SECURITY); + neg_rsp->ByteCount = cpu_to_le16(CIFS_CRYPTO_KEY_SIZE); + /* initialize random server challenge */ + get_random_bytes(conn->ntlmssp.cryptkey, sizeof(__u64)); + memcpy((neg_rsp->u.EncryptionKey), conn->ntlmssp.cryptkey, + CIFS_CRYPTO_KEY_SIZE); + /* Adjust pdu length, 17 words and 8 bytes added */ + inc_rfc1001_len(neg_rsp, (17 * 2 + 8)); + } else { + neg_rsp->EncryptionKeyLength = 0; + neg_rsp->ByteCount = cpu_to_le16(SMB1_CLIENT_GUID_SIZE + + AUTH_GSS_LENGTH); + get_random_bytes(neg_rsp->u.extended_response.GUID, + SMB1_CLIENT_GUID_SIZE); + ksmbd_copy_gss_neg_header( + neg_rsp->u.extended_response.SecurityBlob); + inc_rfc1001_len(neg_rsp, (17 * 2 + 16 + AUTH_GSS_LENGTH)); + } + + /* Null terminated domain name in unicode */ + + ksmbd_conn_set_need_negotiate(work); + /* Domain name and PC name are ignored by clients, so no need to send. + * We can try sending them later + */ +err_out: + return rc; +} + +static int build_sess_rsp_noextsec(struct ksmbd_conn *conn, + struct ksmbd_session *sess, + struct smb_com_session_setup_req_no_secext *req, + struct smb_com_session_setup_old_resp *rsp) +{ + int offset, err = 0, len; + char *name; + __le16 str[32]; + + /* Build response. We don't use extended security (yet), so wct is 3 */ + rsp->hdr.WordCount = 3; + rsp->Action = 0; + /* The names should be unicode */ + rsp->ByteCount = 0; + /* adjust pdu length. data added 6 bytes */ + inc_rfc1001_len(&rsp->hdr, 6); + + /* check if valid user name is present in request or not */ + offset = le16_to_cpu(req->CaseInsensitivePasswordLength) + + le16_to_cpu(req->CaseSensitivePasswordLength); + + /* 1 byte for padding */ + name = smb_strndup_from_utf16((req->CaseInsensitivePassword + offset + + 1), 256, true, conn->local_nls); + if (IS_ERR(name)) { + pr_err("cannot allocate memory\n"); + err = PTR_ERR(name); + goto out_err; + } + + WARN_ON(sess->user); + + ksmbd_debug(SMB, "session setup request for user %s\n", name); + sess->user = ksmbd_login_user(name); + kfree(name); + if (!sess->user) { + pr_err("user not present in database\n"); + err = -EINVAL; + goto out_err; + } + + if (user_guest(sess->user)) { + rsp->Action = cpu_to_le16(GUEST_LOGIN); + goto no_password_check; + } + + if (le16_to_cpu(req->CaseSensitivePasswordLength) == + CIFS_AUTH_RESP_SIZE) { + err = ksmbd_auth_ntlm(sess, req->CaseInsensitivePassword + + le16_to_cpu(req->CaseInsensitivePasswordLength), + conn->ntlmssp.cryptkey); + if (err) { + pr_err("ntlm authentication failed for user %s\n", + user_name(sess->user)); + goto out_err; + } + } else { + char *ntdomain; + + offset = le16_to_cpu(req->CaseInsensitivePasswordLength) + + le16_to_cpu(req->CaseSensitivePasswordLength) + + ((strlen(user_name(sess->user)) + 1) * 2); + + ntdomain = smb_strndup_from_utf16( + req->CaseInsensitivePassword + + offset + 1, 256, true, conn->local_nls); + if (IS_ERR(ntdomain)) { + pr_err("cannot allocate memory\n"); + err = PTR_ERR(ntdomain); + goto out_err; + } + + err = ksmbd_auth_ntlmv2(conn, sess, + (struct ntlmv2_resp *) ((char *) + req->CaseInsensitivePassword + + le16_to_cpu(req->CaseInsensitivePasswordLength)), + le16_to_cpu(req->CaseSensitivePasswordLength) - + CIFS_ENCPWD_SIZE, ntdomain, + conn->ntlmssp.cryptkey); + kfree(ntdomain); + if (err) { + pr_err("authentication failed for user %s\n", + user_name(sess->user)); + goto out_err; + } + } + +no_password_check: + /* this is an ANDx command ? */ + rsp->AndXReserved = 0; + rsp->AndXOffset = cpu_to_le16(get_rfc1002_len(&rsp->hdr)); + + /* 1 byte padding for word alignment */ + offset = 1; + + memset(str, 0 , sizeof(str)); + + len = smb_strtoUTF16(str, "Unix", 4, conn->local_nls); + len = UNICODE_LEN(len + 1); + memcpy(rsp->NativeOS + offset, str, len); + offset += len; + + len = smb_strtoUTF16(str, "ksmbd", 5, conn->local_nls); + len = UNICODE_LEN(len + 1); + memcpy(rsp->NativeOS + offset, str, len); + offset += len; + + len = smb_strtoUTF16(str, "WORKGROUP", 9, conn->local_nls); + len = UNICODE_LEN(len + 1); + memcpy(rsp->NativeOS + offset, str, len); + offset += len; + + rsp->ByteCount = cpu_to_le16(offset); + inc_rfc1001_len(&rsp->hdr, offset); + + if (req->AndXCommand != SMB_NO_MORE_ANDX_COMMAND) { + /* adjust response */ + rsp->AndXCommand = req->AndXCommand; + return rsp->AndXCommand; /* More processing required */ + } + rsp->AndXCommand = SMB_NO_MORE_ANDX_COMMAND; + +out_err: + return err; +} + +static int build_sess_rsp_extsec(struct ksmbd_conn *conn, + struct ksmbd_session *sess, + struct smb_com_session_setup_req *req, + struct smb_com_session_setup_resp *rsp) +{ + struct negotiate_message *negblob; + char *neg_blob; + int err = 0, neg_blob_len; + unsigned char *spnego_blob; + u16 spnego_blob_len; + int sz; + + rsp->hdr.WordCount = 4; + rsp->Action = 0; + + /* The names should be unicode */ + rsp->ByteCount = 0; + /* adjust pdu length. data added 6 bytes */ + inc_rfc1001_len(&rsp->hdr, 8); + + negblob = (struct negotiate_message *)req->SecurityBlob; + sz = le16_to_cpu(req->SecurityBlobLength); + + if (ksmbd_decode_negTokenInit((char *)negblob, sz, conn)) { + if (ksmbd_decode_negTokenTarg((char *)negblob, sz, conn)) { + conn->use_spnego = false; + } + } + + if (conn->mechToken) + negblob = (struct negotiate_message *)conn->mechToken; + + if (negblob->MessageType == NtLmNegotiate) { + struct challenge_message *chgblob; + + ksmbd_debug(SMB, "negotiate phase\n"); + err = ksmbd_decode_ntlmssp_neg_blob(negblob, + le16_to_cpu(req->SecurityBlobLength), + conn); + if (err) + goto out_err; + + chgblob = (struct challenge_message *)rsp->SecurityBlob; + memset(chgblob, 0, sizeof(struct challenge_message)); + + if (conn->use_spnego) { + int sz; + + sz = sizeof(struct negotiate_message) + + (strlen(ksmbd_netbios_name()) * 2 + 1 + 4) * 6; + neg_blob = kmalloc(sz, GFP_KERNEL); + if (!neg_blob) { + err = -ENOMEM; + goto out_err; + } + chgblob = (struct challenge_message *)neg_blob; + neg_blob_len = ksmbd_build_ntlmssp_challenge_blob( + chgblob, + conn); + if (neg_blob_len < 0) { + kfree(neg_blob); + err = -ENOMEM; + goto out_err; + } + + if (build_spnego_ntlmssp_neg_blob(&spnego_blob, + &spnego_blob_len, + neg_blob, neg_blob_len)) { + kfree(neg_blob); + err = -ENOMEM; + goto out_err; + } + + memcpy((char *)rsp->SecurityBlob, spnego_blob, + spnego_blob_len); + rsp->SecurityBlobLength = + cpu_to_le16(spnego_blob_len); + kfree(spnego_blob); + kfree(neg_blob); + } else { + neg_blob_len = ksmbd_build_ntlmssp_challenge_blob( + chgblob, + conn); + if (neg_blob_len < 0) { + err = -ENOMEM; + goto out_err; + } + + rsp->SecurityBlobLength = cpu_to_le16(neg_blob_len); + } + + rsp->hdr.Status.CifsError = STATUS_MORE_PROCESSING_REQUIRED; + /* + * Note: here total size -1 is done as an adjustment + * for 0 size blob. + */ + inc_rfc1001_len(rsp, le16_to_cpu(rsp->SecurityBlobLength)); + rsp->ByteCount = rsp->SecurityBlobLength; + } else if (negblob->MessageType == NtLmAuthenticate) { + struct authenticate_message *authblob; + char *username; + + ksmbd_debug(SMB, "authenticate phase\n"); + if (conn->use_spnego && conn->mechToken) + authblob = + (struct authenticate_message *)conn->mechToken; + else + authblob = (struct authenticate_message *) + req->SecurityBlob; + + username = smb_strndup_from_utf16((const char *)authblob + + le32_to_cpu(authblob->UserName.BufferOffset), + le16_to_cpu(authblob->UserName.Length), true, + conn->local_nls); + + if (IS_ERR(username)) { + pr_err("cannot allocate memory\n"); + err = PTR_ERR(username); + goto out_err; + } + + ksmbd_debug(SMB, "session setup request for user %s\n", + username); + sess->user = ksmbd_login_user(username); + kfree(username); + + if (!sess->user) { + ksmbd_debug(SMB, "Unknown user name or an error\n"); + err = -EINVAL; + goto out_err; + } + + if (user_guest(sess->user)) { + rsp->Action = cpu_to_le16(GUEST_LOGIN); + goto no_password_check; + } + + err = ksmbd_decode_ntlmssp_auth_blob(authblob, + le16_to_cpu(req->SecurityBlobLength), + conn, sess); + if (err) { + ksmbd_debug(SMB, "authentication failed\n"); + err = -EINVAL; + goto out_err; + } + +no_password_check: + if (conn->use_spnego) { + if (build_spnego_ntlmssp_auth_blob(&spnego_blob, + &spnego_blob_len, 0)) { + err = -ENOMEM; + goto out_err; + } + + memcpy((char *)rsp->SecurityBlob, spnego_blob, + spnego_blob_len); + rsp->SecurityBlobLength = + cpu_to_le16(spnego_blob_len); + kfree(spnego_blob); + inc_rfc1001_len(rsp, spnego_blob_len); + rsp->ByteCount = rsp->SecurityBlobLength; + } + } else { + pr_err("Invalid phase\n"); + err = -EINVAL; + } + + /* this is an ANDx command ? */ + rsp->AndXReserved = 0; + rsp->AndXOffset = cpu_to_le16(get_rfc1002_len(&rsp->hdr)); + + if (req->AndXCommand != SMB_NO_MORE_ANDX_COMMAND) { + /* adjust response */ + rsp->AndXCommand = req->AndXCommand; + return rsp->AndXCommand; /* More processing required */ + } + rsp->AndXCommand = SMB_NO_MORE_ANDX_COMMAND; + +out_err: + if (conn->use_spnego && conn->mechToken) { + kfree(conn->mechToken); + conn->mechToken = NULL; + } + + return err; +} + +/** + * smb_session_setup_andx() - session setup request handler + * @work: smb work containing session setup request buffer + * + * Return: 0 on success, otherwise error + */ +int smb_session_setup_andx(struct ksmbd_work *work) +{ + struct ksmbd_conn *conn = work->conn; + struct ksmbd_session *sess = NULL; + int rc = 0, cap; + unsigned short uid; + + union smb_com_session_setup_andx *pSMB = work->request_buf; + union smb_com_session_setup_andx *rsp = work->response_buf; + + if (pSMB->req.hdr.WordCount == 12) + cap = le32_to_cpu(pSMB->req.Capabilities); + else if (pSMB->req.hdr.WordCount == 13) + cap = le32_to_cpu(pSMB->req_no_secext.Capabilities); + else { + pr_err("malformed packet\n"); + work->send_no_response = 1; + return 0; + } + + uid = le16_to_cpu(pSMB->req.hdr.Uid); + if (uid != 0) { + sess = ksmbd_session_lookup(conn, uid); + if (!sess) { + rc = -ENOENT; + goto out_err; + } + ksmbd_debug(SMB, "Reuse session ID: %llu, Uid: %u\n", + sess->id, uid); + } else { + sess = ksmbd_smb1_session_create(); + if (!sess) { + rc = -ENOMEM; + goto out_err; + } + + rc = ksmbd_session_register(conn, sess); + if (rc) + goto out_err; + rsp->resp.hdr.Uid = cpu_to_le16(sess->id); + ksmbd_debug(SMB, "New session ID: %llu, Uid: %u\n", sess->id, + uid); + } + + if (cap & CAP_EXTENDED_SECURITY) { + ksmbd_debug(SMB, "build response with extend_security\n"); + rc = build_sess_rsp_extsec(conn, sess, &pSMB->req, &rsp->resp); + + } else { + ksmbd_debug(SMB, "build response without extend_security\n"); + rc = build_sess_rsp_noextsec(conn, sess, &pSMB->req_no_secext, + &rsp->old_resp); + } + if (rc < 0) + goto out_err; + + work->sess = sess; + ksmbd_conn_set_good(work); + return 0; + +out_err: + rsp->resp.hdr.Status.CifsError = STATUS_LOGON_FAILURE; + rsp->resp.hdr.WordCount = 0; + rsp->resp.ByteCount = 0; + if (rc < 0 && sess) { + xa_erase(&conn->sessions, sess->id); + ksmbd_session_destroy(sess); + work->sess = NULL; + } + return rc; +} + +/** + * file_create_dispostion_flags() - convert disposition flags to + * file open flags + * @dispostion: file disposition contained in open request + * @file_present: file already present or not + * + * Return: file open flags after conversion from disposition + */ +static int file_create_dispostion_flags(int dispostion, bool file_present) +{ + int disp_flags = 0; + + switch (dispostion) { + /* + * If the file already exists, it SHOULD be superseded (overwritten). + * If it does not already exist, then it SHOULD be created. + */ + case FILE_SUPERSEDE: + if (file_present) + disp_flags |= O_TRUNC; + else + disp_flags |= O_CREAT; + break; + /* + * If the file already exists, it SHOULD be opened rather than created. + * If the file does not already exist, the operation MUST fail. + */ + case FILE_OPEN: + if (!file_present) + return -ENOENT; + break; + /* + * If the file already exists, the operation MUST fail. + * If the file does not already exist, it SHOULD be created. + */ + case FILE_CREATE: + if (file_present) + return -EEXIST; + disp_flags |= O_CREAT; + break; + /* + * If the file already exists, it SHOULD be opened. If the file + * does not already exist, then it SHOULD be created. + */ + case FILE_OPEN_IF: + if (!file_present) + disp_flags |= O_CREAT; + break; + /* + * If the file already exists, it SHOULD be opened and truncated. + * If the file does not already exist, the operation MUST fail. + */ + case FILE_OVERWRITE: + if (!file_present) + return -ENOENT; + disp_flags |= O_TRUNC; + break; + /* + * If the file already exists, it SHOULD be opened and truncated. + * If the file does not already exist, it SHOULD be created. + */ + case FILE_OVERWRITE_IF: + if (file_present) + disp_flags |= O_TRUNC; + else + disp_flags |= O_CREAT; + break; + default: + return -EINVAL; + } + + return disp_flags; +} + +static inline int ksmbd_openflags_to_mayflags(int open_flags) +{ + int mask = open_flags & O_ACCMODE; + + if (mask == O_WRONLY) + return MAY_OPEN | MAY_WRITE; + else if (mask == O_RDWR) + return MAY_OPEN | MAY_READ | MAY_WRITE; + else + return MAY_OPEN | MAY_READ; +} + +/** + * convert_generic_access_flags() - convert access flags to + * file open flags + * @access_flag: file access flags contained in open request + * @open_flag: file open flags are updated as per access flags + * @may_flags: file may flags are updated with @open_flags + * @attrib: attribute flag indicating posix symantics or not + * + * Return: access flags + */ +static int +convert_generic_access_flags(int access_flag, int *open_flags, + int *may_flags, int attrib) +{ + int aflags = access_flag; + int oflags = *open_flags; + + if (aflags & GENERIC_READ) { + aflags &= ~GENERIC_READ; + aflags |= GENERIC_READ_FLAGS; + } + + if (aflags & GENERIC_WRITE) { + aflags &= ~GENERIC_WRITE; + aflags |= GENERIC_WRITE_FLAGS; + } + + if (aflags & GENERIC_EXECUTE) { + aflags &= ~GENERIC_EXECUTE; + aflags |= GENERIC_EXECUTE_FLAGS; + } + + if (aflags & GENERIC_ALL) { + aflags &= ~GENERIC_ALL; + aflags |= GENERIC_ALL_FLAGS; + } + + if (oflags & O_TRUNC) + aflags |= FILE_WRITE_DATA; + + if (aflags & (FILE_WRITE_DATA | FILE_APPEND_DATA)) { + if (aflags & (FILE_READ_ATTRIBUTES | FILE_READ_DATA | + FILE_READ_EA | FILE_EXECUTE)) { + *open_flags |= O_RDWR; + + } else { + *open_flags |= O_WRONLY; + } + } else { + *open_flags |= O_RDONLY; + } + + if ((attrib & ATTR_POSIX_SEMANTICS) && (aflags & FILE_APPEND_DATA)) + *open_flags |= O_APPEND; + + *may_flags = ksmbd_openflags_to_mayflags(*open_flags); + + return aflags; +} + +/** + * smb_get_dos_attr() - convert unix style stat info to dos attr + * @stat: stat to be converted to dos attr + * + * Return: dos style attribute + */ +static __u32 smb_get_dos_attr(struct kstat *stat) +{ + __u32 attr = 0; + + /* check whether file has attributes ATTR_READONLY, ATTR_HIDDEN, + * ATTR_SYSTEM, ATTR_VOLUME, ATTR_DIRECTORY, ATTR_ARCHIVE, + * ATTR_DEVICE, ATTR_NORMAL, ATTR_TEMPORARY, ATTR_SPARSE, + * ATTR_REPARSE, ATTR_COMPRESSED, ATTR_OFFLINE + */ + + if (stat->mode & S_ISVTX) /* hidden */ + attr |= (ATTR_HIDDEN | ATTR_SYSTEM); + + if (!(stat->mode & 0222)) /* read-only */ + attr |= ATTR_READONLY; + + if (S_ISDIR(stat->mode)) + attr |= ATTR_DIRECTORY; + + if (stat->size > (stat->blksize * stat->blocks)) + attr |= ATTR_SPARSE; + + if (!attr) + attr |= ATTR_NORMAL; + + return attr; +} + +static int +lock_oplock_release(struct ksmbd_file *fp, int type, int oplock_level) +{ + struct oplock_info *opinfo; + int ret; + + ksmbd_debug(SMB, "got oplock brk for level OplockLevel = %d\n", + oplock_level); + + opinfo = fp->f_opinfo; + if (opinfo->op_state == OPLOCK_STATE_NONE) { + pr_err("unexpected oplock state 0x%x\n", opinfo->op_state); + return -EINVAL; + } + + if (oplock_level == OPLOCK_EXCLUSIVE || oplock_level == OPLOCK_BATCH) { + if (opinfo_write_to_none(opinfo) < 0) { + opinfo->op_state = OPLOCK_STATE_NONE; + return -EINVAL; + } + } else if (((opinfo->level == OPLOCK_EXCLUSIVE) || + (opinfo->level == OPLOCK_BATCH)) && + (oplock_level == OPLOCK_READ)) { + ret = opinfo_write_to_read(opinfo); + if (ret) { + opinfo->op_state = OPLOCK_STATE_NONE; + return -EINVAL; + } + } else if ((opinfo->level == OPLOCK_READ) && + (oplock_level == OPLOCK_NONE)) { + ret = opinfo_read_to_none(opinfo); + if (ret) { + opinfo->op_state = OPLOCK_STATE_NONE; + return -EINVAL; + } + } + + opinfo->op_state = OPLOCK_STATE_NONE; + wake_up_interruptible(&opinfo->oplock_q); + + return 0; +} + +static struct ksmbd_lock *smb_lock_init(struct file_lock *flock, + unsigned int cmd, int mode, unsigned long long offset, + unsigned long long length, struct list_head *lock_list) +{ + struct ksmbd_lock *lock; + + lock = kzalloc(sizeof(struct ksmbd_lock), GFP_KERNEL); + if (!lock) + return NULL; + + lock->cmd = cmd; + lock->fl = flock; + lock->start = offset; + lock->end = offset + length; + lock->flags = mode; + if (lock->start == lock->end) + lock->zero_len = 1; + INIT_LIST_HEAD(&lock->llist); + INIT_LIST_HEAD(&lock->clist); + INIT_LIST_HEAD(&lock->flist); + list_add_tail(&lock->llist, lock_list); + + return lock; +} + +/** + * smb_locking_andx() - received oplock break response from client + * @work: smb work containing oplock break command + * + * Return: 0 on success, otherwise error + */ +int smb_locking_andx(struct ksmbd_work *work) +{ + struct smb_com_lock_req *req = work->request_buf; + struct smb_com_lock_rsp *rsp = work->response_buf; + struct ksmbd_file *fp; + int err = 0; + struct locking_andx_range32 *lock_ele32 = NULL, *unlock_ele32 = NULL; + struct locking_andx_range64 *lock_ele64 = NULL, *unlock_ele64 = NULL; + struct file *filp = NULL; + struct ksmbd_lock *smb_lock = NULL, *cmp_lock, *tmp, *tmp2; + int i, lock_count, unlock_count; + unsigned long long offset, length; + struct file_lock *flock = NULL; + unsigned int cmd = 0; + LIST_HEAD(lock_list); + LIST_HEAD(rollback_list); + int locked, timeout; + const unsigned long long loff_max = ~0; + struct ksmbd_conn *conn; + + timeout = le32_to_cpu(req->Timeout); + ksmbd_debug(SMB, "got oplock brk for fid %d lock type = 0x%x, timeout : %d\n", + req->Fid, req->LockType, timeout); + + /* find fid */ + fp = ksmbd_lookup_fd_fast(work, req->Fid); + if (!fp) { + pr_err("cannot obtain fid for %d\n", req->Fid); + return -EINVAL; + } + + if (req->LockType & LOCKING_ANDX_OPLOCK_RELEASE) { + pr_err("lock type is oplock release\n"); + err = lock_oplock_release(fp, req->LockType, req->OplockLevel); + } + + filp = fp->filp; + lock_count = le16_to_cpu(req->NumberOfLocks); + unlock_count = le16_to_cpu(req->NumberOfUnlocks); + + ksmbd_debug(SMB, "lock count is %d, unlock_count : %d\n", + lock_count, unlock_count); + + if (req->LockType & LOCKING_ANDX_LARGE_FILES) + lock_ele64 = (struct locking_andx_range64 *)req->Locks; + else + lock_ele32 = (struct locking_andx_range32 *)req->Locks; + + if (req->LockType & LOCKING_ANDX_CHANGE_LOCKTYPE) { + pr_err("lock type: LOCKING_ANDX_CHANGE_LOCKTYPE\n"); + rsp->hdr.Status.DosError.ErrorClass = ERRDOS; + rsp->hdr.Status.DosError.Error = cpu_to_le16(ERRnoatomiclocks); + rsp->hdr.Flags2 &= ~SMBFLG2_ERR_STATUS; + goto out; + } + + if (req->LockType & LOCKING_ANDX_CANCEL_LOCK) + pr_err("lock type: LOCKING_ANDX_CANCEL_LOCK\n"); + + for (i = 0; i < lock_count; i++) { + flock = smb_flock_init(filp); + if (!flock) + goto out; + + if (req->LockType & LOCKING_ANDX_SHARED_LOCK) { + pr_err("received shared request\n"); + if (!(filp->f_mode & FMODE_READ)) { + rsp->hdr.Status.CifsError = + STATUS_ACCESS_DENIED; + goto out; + } + cmd = F_SETLKW; + flock->fl_type = F_RDLCK; + } else { + pr_err("received exclusive request\n"); + if (!(filp->f_mode & FMODE_WRITE)) { + rsp->hdr.Status.CifsError = + STATUS_ACCESS_DENIED; + goto out; + } + cmd = F_SETLKW; + flock->fl_type = F_WRLCK; + flock->fl_flags |= FL_SLEEP; + } + + if (req->LockType & LOCKING_ANDX_LARGE_FILES) { + offset = (unsigned long long)le32_to_cpu( + lock_ele64[i].OffsetLow); + length = (unsigned long long)le32_to_cpu( + lock_ele64[i].LengthLow); + offset |= (unsigned long long)le32_to_cpu( + lock_ele64[i].OffsetHigh) << 32; + length |= (unsigned long long)le32_to_cpu( + lock_ele64[i].LengthHigh) << 32; + } else { + offset = (unsigned long long)le32_to_cpu( + lock_ele32[i].Offset); + length = (unsigned long long)le32_to_cpu( + lock_ele32[i].Length); + } + + if (offset > loff_max) { + pr_err("Invalid lock range requested\n"); + rsp->hdr.Status.CifsError = + STATUS_INVALID_LOCK_RANGE; + goto out; + } + + if (offset > 0 && length > (loff_max - offset) + 1) { + pr_err("Invalid lock range requested\n"); + rsp->hdr.Status.CifsError = + STATUS_INVALID_LOCK_RANGE; + goto out; + } + + ksmbd_debug(SMB, "locking offset : %llx, length : %llu\n", + offset, length); + + if (offset > OFFSET_MAX) + flock->fl_start = OFFSET_MAX; + else + flock->fl_start = offset; + if (offset + length > OFFSET_MAX) + flock->fl_end = OFFSET_MAX; + else + flock->fl_end = offset + length; + + smb_lock = smb_lock_init(flock, cmd, req->LockType, offset, + length, &lock_list); + if (!smb_lock) + goto out; + } + + list_for_each_entry_safe(smb_lock, tmp, &lock_list, llist) { + int same_zero_lock = 0; + + list_del(&smb_lock->llist); + /* check locks in connections */ + read_lock(&conn_list_lock); + list_for_each_entry(conn, &conn_list, conns_list) { + spin_lock(&conn->llist_lock); + list_for_each_entry_safe(cmp_lock, tmp2, &conn->lock_list, clist) { + if (file_inode(cmp_lock->fl->fl_file) != + file_inode(smb_lock->fl->fl_file)) + continue; + + if (smb_lock->zero_len && + cmp_lock->start == smb_lock->start && + cmp_lock->end == smb_lock->end) { + same_zero_lock = 1; + spin_unlock(&conn->llist_lock); + read_unlock(&conn_list_lock); + goto out_check_cl; + } + + /* check zero byte lock range */ + if (cmp_lock->zero_len && !smb_lock->zero_len && + cmp_lock->start > smb_lock->start && + cmp_lock->start < smb_lock->end) { + pr_err("previous lock conflict with zero byte lock range\n"); + err = -EPERM; + } else if (smb_lock->zero_len && !cmp_lock->zero_len && + smb_lock->start > cmp_lock->start && + smb_lock->start < cmp_lock->end) { + pr_err("current lock conflict with zero byte lock range\n"); + err = -EPERM; + } else if (((cmp_lock->start <= smb_lock->start && + cmp_lock->end > smb_lock->start) || + (cmp_lock->start < smb_lock->end && + cmp_lock->end >= smb_lock->end)) && + !cmp_lock->zero_len && !smb_lock->zero_len) { + pr_err("Not allow lock operation on exclusive lock range\n"); + err = -EPERM; + } + + if (err) { + /* Clean error cache */ + if ((smb_lock->zero_len && + fp->cflock_cnt > 1) || + (timeout && (fp->llock_fstart == + smb_lock->start))) { + ksmbd_debug(SMB, "clean error cache\n"); + fp->cflock_cnt = 0; + } + + if (timeout > 0 || + (fp->cflock_cnt > 0 && + fp->llock_fstart == smb_lock->start) || + ((smb_lock->start >> 63) == 0 && + smb_lock->start >= 0xEF000000)) { + if (timeout) { + spin_unlock(&conn->llist_lock); + read_unlock(&conn_list_lock); + ksmbd_debug(SMB, "waiting error response for timeout : %d\n", + timeout); + msleep(timeout); + } + rsp->hdr.Status.CifsError = + STATUS_FILE_LOCK_CONFLICT; + } else + rsp->hdr.Status.CifsError = + STATUS_LOCK_NOT_GRANTED; + fp->cflock_cnt++; + fp->llock_fstart = smb_lock->start; + + if (timeout <= 0) { + spin_unlock(&conn->llist_lock); + read_unlock(&conn_list_lock); + } + goto out; + } + } + spin_unlock(&conn->llist_lock); + } + read_unlock(&conn_list_lock); + +out_check_cl: + if (same_zero_lock) + continue; + if (smb_lock->zero_len) { + err = 0; + goto skip; + } + + flock = smb_lock->fl; +retry: + err = vfs_lock_file(filp, smb_lock->cmd, flock, NULL); + if (err == FILE_LOCK_DEFERRED) { + pr_err("would have to wait for getting lock\n"); + spin_lock(&work->conn->llist_lock); + list_add_tail(&smb_lock->clist, + &work->conn->lock_list); + spin_unlock(&work->conn->llist_lock); + list_add(&smb_lock->llist, &rollback_list); +wait: + err = ksmbd_vfs_posix_lock_wait_timeout(flock, + msecs_to_jiffies(10)); + if (err) { + list_del(&smb_lock->llist); + spin_lock(&work->conn->llist_lock); + list_del(&smb_lock->clist); + spin_unlock(&work->conn->llist_lock); + goto retry; + } else + goto wait; + } else if (!err) { +skip: + spin_lock(&work->conn->llist_lock); + list_add_tail(&smb_lock->clist, + &work->conn->lock_list); + list_add_tail(&smb_lock->flist, + &fp->lock_list); + spin_unlock(&work->conn->llist_lock); + list_add(&smb_lock->llist, &rollback_list); + pr_err("successful in taking lock\n"); + } else if (err < 0) { + rsp->hdr.Status.CifsError = STATUS_LOCK_NOT_GRANTED; + goto out; + } + } + + if (req->LockType & LOCKING_ANDX_LARGE_FILES) + unlock_ele64 = (struct locking_andx_range64 *)(req->Locks + + (sizeof(struct locking_andx_range64) * + lock_count)); + else + unlock_ele32 = (struct locking_andx_range32 *)(req->Locks + + (sizeof(struct locking_andx_range32) * + lock_count)); + + for (i = 0; i < unlock_count; i++) { + flock = smb_flock_init(filp); + if (!flock) + goto out; + + flock->fl_type = F_UNLCK; + cmd = 0; + + if (req->LockType & LOCKING_ANDX_LARGE_FILES) { + offset = (unsigned long long)le32_to_cpu( + unlock_ele64[i].OffsetLow); + length = (unsigned long long)le32_to_cpu( + unlock_ele64[i].LengthLow); + offset |= (unsigned long long)le32_to_cpu( + unlock_ele64[i].OffsetHigh) << 32; + length |= (unsigned long long)le32_to_cpu( + unlock_ele64[i].LengthHigh) << 32; + } else { + offset = (unsigned long long)le32_to_cpu( + unlock_ele32[i].Offset); + length = (unsigned long long)le32_to_cpu( + unlock_ele32[i].Length); + } + + ksmbd_debug(SMB, "unlock offset : %llx, length : %llu\n", + offset, length); + + if (offset > OFFSET_MAX) + flock->fl_start = OFFSET_MAX; + else + flock->fl_start = offset; + if (offset + length > OFFSET_MAX) + flock->fl_end = OFFSET_MAX; + else + flock->fl_end = offset + length; + + locked = 0; + read_lock(&conn_list_lock); + list_for_each_entry(conn, &conn_list, conns_list) { + spin_lock(&conn->llist_lock); + list_for_each_entry(cmp_lock, &conn->lock_list, clist) { + if (file_inode(cmp_lock->fl->fl_file) != + file_inode(flock->fl_file)) + continue; + + if ((cmp_lock->start == offset && + cmp_lock->end == offset + length)) { + locked = 1; + spin_unlock(&conn->llist_lock); + read_unlock(&conn_list_lock); + goto out_check_cl_unlck; + } + } + spin_unlock(&conn->llist_lock); + } + read_unlock(&conn_list_lock); + +out_check_cl_unlck: + if (!locked) { + locks_free_lock(flock); + rsp->hdr.Status.CifsError = STATUS_RANGE_NOT_LOCKED; + goto out; + } + + err = vfs_lock_file(filp, cmd, flock, NULL); + if (!err) { + ksmbd_debug(SMB, "File unlocked\n"); + spin_lock(&conn->llist_lock); + if (!list_empty(&cmp_lock->flist)) + list_del(&cmp_lock->flist); + list_del(&cmp_lock->clist); + spin_unlock(&conn->llist_lock); + + locks_free_lock(cmp_lock->fl); + kfree(cmp_lock); + fp->cflock_cnt = 0; + } else if (err == -ENOENT) { + rsp->hdr.Status.CifsError = STATUS_RANGE_NOT_LOCKED; + goto out; + } + locks_free_lock(flock); + } + + rsp->hdr.WordCount = 2; + rsp->ByteCount = 0; + inc_rfc1001_len(&rsp->hdr, (rsp->hdr.WordCount * 2)); + + /* this is an ANDx command ? */ + rsp->AndXReserved = 0; + rsp->AndXOffset = cpu_to_le16(get_rfc1002_len(&rsp->hdr)); + if (req->AndXCommand != SMB_NO_MORE_ANDX_COMMAND) { + /* adjust response */ + rsp->AndXCommand = req->AndXCommand; + return rsp->AndXCommand; /* More processing required */ + } + rsp->AndXCommand = SMB_NO_MORE_ANDX_COMMAND; + ksmbd_fd_put(work, fp); + return err; + +out: + list_for_each_entry_safe(smb_lock, tmp, &lock_list, llist) { + locks_free_lock(smb_lock->fl); + list_del(&smb_lock->llist); + kfree(smb_lock); + } + + list_for_each_entry_safe(smb_lock, tmp, &rollback_list, llist) { + struct file_lock *rlock = NULL; + + rlock = smb_flock_init(filp); + rlock->fl_type = F_UNLCK; + rlock->fl_start = smb_lock->start; + rlock->fl_end = smb_lock->end; + + err = vfs_lock_file(filp, 0, rlock, NULL); + if (err) + pr_err("rollback unlock fail : %d\n", err); + + list_del(&smb_lock->llist); + spin_lock(&work->conn->llist_lock); + if (!list_empty(&smb_lock->flist)) + list_del(&smb_lock->flist); + list_del(&smb_lock->clist); + spin_unlock(&work->conn->llist_lock); + + locks_free_lock(smb_lock->fl); + locks_free_lock(rlock); + kfree(smb_lock); + } + + ksmbd_fd_put(work, fp); + pr_err("failed in taking lock\n"); + return err; +} + +/** + * smb_trans() - trans2 command dispatcher + * @work: smb work containing trans2 command + * + * Return: 0 on success, otherwise error + */ +int smb_trans(struct ksmbd_work *work) +{ + struct ksmbd_conn *conn = work->conn; + struct smb_com_trans_req *req = work->request_buf; + struct smb_com_trans_rsp *rsp = work->response_buf; + struct smb_com_trans_pipe_req *pipe_req = work->request_buf; + struct ksmbd_rpc_command *rpc_resp; + __u16 subcommand; + char *name, *pipe; + char *pipedata; + int setup_bytes_count = 0; + int pipe_name_offset = 0; + int str_len_uni; + int ret = 0, nbytes = 0; + int param_len = 0; + int id; + int padding; + + if (req->SetupCount) + setup_bytes_count = 2 * req->SetupCount; + + subcommand = le16_to_cpu(req->SubCommand); + name = smb_strndup_from_utf16(req->Data + setup_bytes_count, 256, 1, + conn->local_nls); + + if (IS_ERR(name)) { + pr_err("failed to allocate memory\n"); + rsp->hdr.Status.CifsError = STATUS_NO_MEMORY; + return PTR_ERR(name); + } + + ksmbd_debug(SMB, "Obtained string name = %s setupcount = %d\n", + name, setup_bytes_count); + + pipe_name_offset = strlen("\\PIPE"); + if (strncmp("\\PIPE", name, pipe_name_offset) != 0) { + ksmbd_debug(SMB, "Not Pipe request\n"); + rsp->hdr.Status.CifsError = STATUS_NOT_SUPPORTED; + kfree(name); + return 0; + } + + if (name[pipe_name_offset] == '\\') + pipe_name_offset++; + + pipe = name + pipe_name_offset; + + if (*pipe != '\0' && strncmp(pipe, "LANMAN", sizeof("LANMAN")) != 0) { + ksmbd_debug(SMB, "Pipe %s not supported request\n", pipe); + rsp->hdr.Status.CifsError = STATUS_NOT_SUPPORTED; + kfree(name); + return 0; + } + + /* Incoming pipe name unicode len */ + str_len_uni = 2 * (strlen(name) + 1); + + ksmbd_debug(SMB, "Pipe name unicode len = %d\n", str_len_uni); + + /* Some clients like Windows may have additional padding. */ + padding = le16_to_cpu(req->ParameterOffset) - + offsetof(struct smb_com_trans_req, Data) + - str_len_uni; + pipedata = req->Data + str_len_uni + setup_bytes_count + padding; + + if (!strncmp(pipe, "LANMAN", sizeof("LANMAN"))) { + rpc_resp = ksmbd_rpc_rap(work->sess, pipedata, + le16_to_cpu(req->TotalParameterCount)); + + if (rpc_resp) { + if (rpc_resp->flags == KSMBD_RPC_ENOTIMPLEMENTED) { + rsp->hdr.Status.CifsError = + STATUS_NOT_SUPPORTED; + kvfree(rpc_resp); + goto out; + } else if (rpc_resp->flags != KSMBD_RPC_OK) { + rsp->hdr.Status.CifsError = + STATUS_INVALID_PARAMETER; + kvfree(rpc_resp); + goto out; + } + + nbytes = rpc_resp->payload_sz; + memcpy((char *)rsp + sizeof(struct smb_com_trans_rsp), + rpc_resp->payload, nbytes); + + kvfree(rpc_resp); + ret = 0; + goto resp_out; + } else { + ret = -EINVAL; + goto out; + } + } + + id = pipe_req->fid; + switch (subcommand) { + case TRANSACT_DCERPCCMD: + + ksmbd_debug(SMB, "GOT TRANSACT_DCERPCCMD\n"); + ret = -EINVAL; + rpc_resp = ksmbd_rpc_ioctl(work->sess, id, pipedata, + le16_to_cpu(req->DataCount)); + if (rpc_resp) { + if (rpc_resp->flags == KSMBD_RPC_ENOTIMPLEMENTED) { + rsp->hdr.Status.CifsError = + STATUS_NOT_SUPPORTED; + kvfree(rpc_resp); + goto out; + } else if (rpc_resp->flags != KSMBD_RPC_OK) { + rsp->hdr.Status.CifsError = + STATUS_INVALID_PARAMETER; + kvfree(rpc_resp); + goto out; + } + + nbytes = rpc_resp->payload_sz; + memcpy((char *)rsp + sizeof(struct smb_com_trans_rsp), + rpc_resp->payload, nbytes); + kvfree(rpc_resp); + ret = 0; + } + break; + + default: + ksmbd_debug(SMB, "SMB TRANS subcommand not supported %u\n", + subcommand); + ret = -EOPNOTSUPP; + rsp->hdr.Status.CifsError = STATUS_NOT_SUPPORTED; + goto out; + } + +resp_out: + + rsp->hdr.WordCount = 10; + rsp->TotalParameterCount = cpu_to_le16(param_len); + rsp->TotalDataCount = cpu_to_le16(nbytes); + rsp->Reserved = 0; + rsp->ParameterCount = cpu_to_le16(param_len); + rsp->ParameterOffset = cpu_to_le16(56); + rsp->ParameterDisplacement = 0; + rsp->DataCount = cpu_to_le16(nbytes); + rsp->DataOffset = cpu_to_le16(56 + param_len); + rsp->DataDisplacement = 0; + rsp->SetupCount = 0; + rsp->Reserved1 = 0; + /* Adding 1 for Pad */ + rsp->ByteCount = cpu_to_le16(nbytes + 1 + param_len); + rsp->Pad = 0; + inc_rfc1001_len(&rsp->hdr, 10 * 2 + le16_to_cpu(rsp->ByteCount)); + +out: + kfree(name); + return ret; +} + +/** + * create_andx_pipe() - create ipc pipe request handler + * @work: smb work containing create command + * + * Return: 0 on success, otherwise error + */ +static int create_andx_pipe(struct ksmbd_work *work) +{ + struct smb_com_open_req *req = work->request_buf; + struct smb_com_open_ext_rsp *rsp = work->response_buf; + char *name; + int rc = 0; + __u16 fid; + + /* one byte pad before unicode file name start */ + if (is_smbreq_unicode(&req->hdr)) + name = smb_strndup_from_utf16(req->fileName + 1, 256, 1, + work->conn->local_nls); + else + name = smb_strndup_from_utf16(req->fileName, 256, 1, + work->conn->local_nls); + + if (IS_ERR(name)) { + rc = -ENOMEM; + goto out; + } + + rc = ksmbd_session_rpc_open(work->sess, name); + if (rc < 0) + goto out; + fid = rc; + + rsp->hdr.WordCount = 42; + rsp->AndXCommand = SMB_NO_MORE_ANDX_COMMAND; + rsp->AndXReserved = 0; + rsp->OplockLevel = 0; + rsp->Fid = fid; + rsp->CreateAction = cpu_to_le32(1); + rsp->CreationTime = 0; + rsp->LastAccessTime = 0; + rsp->LastWriteTime = 0; + rsp->ChangeTime = 0; + rsp->FileAttributes = cpu_to_le32(ATTR_NORMAL); + rsp->AllocationSize = cpu_to_le64(0); + rsp->EndOfFile = 0; + rsp->FileType = cpu_to_le16(2); + rsp->DeviceState = cpu_to_le16(0x05ff); + rsp->DirectoryFlag = 0; + rsp->fid = 0; + rsp->MaxAccess = cpu_to_le32(FILE_GENERIC_ALL); + rsp->GuestAccess = cpu_to_le32(FILE_GENERIC_READ); + rsp->ByteCount = 0; + inc_rfc1001_len(&rsp->hdr, 100); + +out: + switch (rc) { + case 0: + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + break; + case -EINVAL: + rsp->hdr.Status.CifsError = STATUS_INVALID_PARAMETER; + break; + case -ENOSPC: + case -ENOMEM: + default: + rsp->hdr.Status.CifsError = STATUS_NO_MEMORY; + break; + } + + kfree(name); + return rc; +} + +/** + * smb_nt_create_andx() - file open request handler + * @work: smb work containing nt open command + * + * Return: 0 on success, otherwise error + */ +int smb_nt_create_andx(struct ksmbd_work *work) +{ + struct smb_com_open_req *req = work->request_buf; + struct smb_com_open_rsp *rsp = work->response_buf; + struct smb_com_open_ext_rsp *ext_rsp = work->response_buf; + struct ksmbd_conn *conn = work->conn; + struct ksmbd_tree_connect *tcon = work->tcon; + struct ksmbd_share_config *share = work->tcon->share_conf; + struct path path; + struct kstat stat; + int oplock_flags, file_info, open_flags, may_flags, access_flags; + char *name; + char *conv_name; + bool file_present = true, extended_reply; + __u64 alloc_size = 0, time; + umode_t mode = 0; + int err; + int create_directory = 0; + char *src; + char *root = NULL; + bool is_unicode; + bool is_relative_root = false; + struct ksmbd_file *fp = NULL; + int oplock_rsp = OPLOCK_NONE; + int share_ret; + + rsp->hdr.Status.CifsError = STATUS_UNSUCCESSFUL; + if (test_share_config_flag(work->tcon->share_conf, + KSMBD_SHARE_FLAG_PIPE)) { + ksmbd_debug(SMB, "create pipe on IPC\n"); + return create_andx_pipe(work); + } + + if (req->CreateOptions & FILE_OPEN_BY_FILE_ID_LE) { + ksmbd_debug(SMB, "file open with FID is not supported\n"); + rsp->hdr.Status.CifsError = STATUS_NOT_SUPPORTED; + return -EINVAL; + } + + if (req->CreateOptions & FILE_DELETE_ON_CLOSE_LE) { + if (req->DesiredAccess && + !(le32_to_cpu(req->DesiredAccess) & DELETE)) { + rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + return -EPERM; + } + + if (le32_to_cpu(req->FileAttributes) & ATTR_READONLY) { + rsp->hdr.Status.CifsError = STATUS_CANNOT_DELETE; + return -EPERM; + } + } + + if (req->CreateOptions & FILE_DIRECTORY_FILE_LE) { + ksmbd_debug(SMB, "GOT Create Directory via CREATE ANDX\n"); + create_directory = 1; + } + + /* + * Filename is relative to this root directory FID, instead of + * tree connect point. Find root dir name from this FID and + * prepend root dir name in filename. + */ + if (req->RootDirectoryFid) { + ksmbd_debug(SMB, "path lookup relative to RootDirectoryFid\n"); + + is_relative_root = true; + fp = ksmbd_lookup_fd_fast(work, req->RootDirectoryFid); + if (fp) + root = (char *)fp->filp->f_path.dentry->d_name.name; + else { + rsp->hdr.Status.CifsError = STATUS_INVALID_HANDLE; + memset(&rsp->hdr.WordCount, 0, 3); + return -EINVAL; + } + ksmbd_fd_put(work, fp); + } + + /* here allocated +2 (UNI '\0') length for both ASCII & UNI + * to avoid unnecessary if/else check + */ + src = kzalloc(le16_to_cpu(req->NameLength) + 2, GFP_KERNEL); + if (!src) { + rsp->hdr.Status.CifsError = + STATUS_NO_MEMORY; + + return -ENOMEM; + } + + if (is_smbreq_unicode(&req->hdr)) { + memcpy(src, req->fileName + 1, le16_to_cpu(req->NameLength)); + is_unicode = true; + } else { + memcpy(src, req->fileName, le16_to_cpu(req->NameLength)); + is_unicode = false; + } + + name = smb_strndup_from_utf16(src, PATH_MAX, is_unicode, + conn->local_nls); + kfree(src); + + if (IS_ERR(name)) { + if (PTR_ERR(name) == -ENOMEM) { + pr_err("failed to allocate memory\n"); + rsp->hdr.Status.CifsError = + STATUS_NO_MEMORY; + } else + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + + return PTR_ERR(name); + } + + if (is_relative_root) { + char *full_name; + + full_name = kasprintf(GFP_KERNEL, "\\%s\\%s", root, name); + if (!full_name) { + kfree(name); + rsp->hdr.Status.CifsError = STATUS_NO_MEMORY; + return -ENOMEM; + } + + kfree(name); + name = full_name; + } + + root = strrchr(name, '\\'); + if (root) { + root++; + if ((root[0] == '*' || root[0] == '/') && (root[1] == '\0')) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + kfree(name); + return -EINVAL; + } + } + + conv_name = smb_get_name(share, name, PATH_MAX, work, true); + if (IS_ERR(conv_name)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + kfree(name); + return PTR_ERR(conv_name); + } + + if (ksmbd_override_fsids(work)) { + err = -ENOMEM; + goto out1; + } + + err = ksmbd_vfs_kern_path(work, conv_name, LOOKUP_NO_SYMLINKS, &path, + (req->hdr.Flags & SMBFLG_CASELESS) && + !create_directory); + if (err) { + if (err == -EACCES || err == -EXDEV) + goto out; + file_present = false; + ksmbd_debug(SMB, "can not get linux path for %s, err = %d\n", + conv_name, err); + } else { + if (d_is_symlink(path.dentry)) { + err = -EACCES; + goto free_path; + } + + err = vfs_getattr(&path, &stat, STATX_BASIC_STATS, + AT_STATX_SYNC_AS_STAT); + if (err) { + pr_err("can not stat %s, err = %d\n", + conv_name, err); + goto free_path; + } + } + + if (file_present && (req->CreateOptions & FILE_NON_DIRECTORY_FILE_LE) && + S_ISDIR(stat.mode)) { + ksmbd_debug(SMB, "Can't open dir %s, request is to open file\n", + conv_name); + if (!(((struct smb_hdr *)work->request_buf)->Flags2 & + SMBFLG2_ERR_STATUS)) { + rsp->hdr.Status.DosError.ErrorClass = ERRDOS; + rsp->hdr.Status.DosError.Error = + cpu_to_le16(ERRfilexists); + } else + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_COLLISION; + + memset(&rsp->hdr.WordCount, 0, 3); + + goto free_path; + } + + if (file_present && create_directory && !S_ISDIR(stat.mode)) { + ksmbd_debug(SMB, "Can't open file %s, request is to open dir\n", + conv_name); + if (!(((struct smb_hdr *)work->request_buf)->Flags2 & + SMBFLG2_ERR_STATUS)) { + ntstatus_to_dos(STATUS_NOT_A_DIRECTORY, + &rsp->hdr.Status.DosError.ErrorClass, + &rsp->hdr.Status.DosError.Error); + } else + rsp->hdr.Status.CifsError = + STATUS_NOT_A_DIRECTORY; + + memset(&rsp->hdr.WordCount, 0, 3); + + goto free_path; + } + + oplock_flags = le32_to_cpu(req->OpenFlags) & + (REQ_OPLOCK | REQ_BATCHOPLOCK); + extended_reply = le32_to_cpu(req->OpenFlags) & REQ_EXTENDED_INFO; + open_flags = file_create_dispostion_flags( + le32_to_cpu(req->CreateDisposition), file_present); + + if (open_flags < 0) { + ksmbd_debug(SMB, "create_dispostion returned %d\n", open_flags); + if (file_present) { + if (!(((struct smb_hdr *)work->request_buf)->Flags2 & + SMBFLG2_ERR_STATUS)) { + rsp->hdr.Status.DosError.ErrorClass = ERRDOS; + rsp->hdr.Status.DosError.Error = + cpu_to_le16(ERRfilexists); + } else if (open_flags == -EINVAL) + rsp->hdr.Status.CifsError = + STATUS_INVALID_PARAMETER; + else + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_COLLISION; + memset(&rsp->hdr.WordCount, 0, 3); + goto free_path; + } else { + err = -ENOENT; + goto out; + } + } else { + if (file_present) { + if (S_ISFIFO(stat.mode)) + open_flags |= O_NONBLOCK; + } + + if (req->CreateOptions & FILE_WRITE_THROUGH_LE) + open_flags |= O_SYNC; + } + + access_flags = convert_generic_access_flags( + le32_to_cpu(req->DesiredAccess), + &open_flags, &may_flags, + le32_to_cpu(req->FileAttributes)); + + mode |= 0777; + if (le32_to_cpu(req->FileAttributes) & ATTR_READONLY) + mode &= ~0222; + + /* TODO: + * - check req->ShareAccess for sharing file among different process + * - check req->FileAttributes for special/readonly file attrib + * - check req->SecurityFlags for client security context tracking + * - check req->ImpersonationLevel + */ + + if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) { + if (open_flags & O_CREAT) { + ksmbd_debug(SMB, + "returning as user does not have permission to write\n"); + err = -EACCES; + goto out; + } + } + + ksmbd_debug(SMB, "filename : %s, open_flags = 0x%x\n", conv_name, + open_flags); + if (!file_present && (open_flags & O_CREAT)) { + + if (!create_directory) { + mode |= S_IFREG; + err = ksmbd_vfs_create(work, conv_name, mode); + if (err) + goto out; + } else { + err = ksmbd_vfs_mkdir(work, conv_name, mode); + if (err) { + pr_err("Can't create directory %s", + conv_name); + goto out; + } + } + + err = ksmbd_vfs_kern_path(work, conv_name, 0, &path, 0); + if (err) { + pr_err("cannot get linux path, err = %d\n", err); + goto out; + } + } else { +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) + err = inode_permission(mnt_user_ns(path.mnt), + d_inode(path.dentry), + may_flags); +#else + err = inode_permission(d_inode(path.dentry), + may_flags); +#endif + if (err) + goto free_path; + } + + err = ksmbd_query_inode_status(d_inode(path.dentry->d_parent)); + if (err == KSMBD_INODE_STATUS_PENDING_DELETE) { + err = -EBUSY; + goto free_path; + } + + err = 0; + /* open file and get FID */ + fp = ksmbd_vfs_dentry_open(work, + &path, + open_flags, + req->CreateOptions, + file_present); + if (IS_ERR(fp)) { + err = PTR_ERR(fp); + fp = NULL; + goto free_path; + } + fp->daccess = req->DesiredAccess; + fp->saccess = req->ShareAccess; + fp->pid = le16_to_cpu(req->hdr.Pid); + + write_lock(&fp->f_ci->m_lock); + list_add(&fp->node, &fp->f_ci->m_fp_list); + write_unlock(&fp->f_ci->m_lock); + + share_ret = ksmbd_smb_check_shared_mode(fp->filp, fp); + if (smb1_oplock_enable && + test_share_config_flag(work->tcon->share_conf, + KSMBD_SHARE_FLAG_OPLOCKS) && + !S_ISDIR(file_inode(fp->filp)->i_mode) && oplock_flags) { + /* Client cannot request levelII oplock directly */ + err = smb_grant_oplock(work, oplock_flags, fp->volatile_id, + fp, le16_to_cpu(req->hdr.Tid), NULL, share_ret); + if (err) + goto free_path; + } else { + if (ksmbd_inode_pending_delete(fp)) { + err = -EBUSY; + goto free_path; + } + + if (share_ret < 0) { + err = -EPERM; + goto free_path; + } + } + + oplock_rsp = fp->f_opinfo != NULL ? fp->f_opinfo->level : 0; + + if (file_present) { + if (!(open_flags & O_TRUNC)) + file_info = F_OPENED; + else + file_info = F_OVERWRITTEN; + } else + file_info = F_CREATED; + + if (le32_to_cpu(req->DesiredAccess) & (DELETE | GENERIC_ALL)) + fp->is_nt_open = 1; + if ((le32_to_cpu(req->DesiredAccess) & DELETE) && + (req->CreateOptions & FILE_DELETE_ON_CLOSE_LE)) + ksmbd_fd_set_delete_on_close(fp, file_info); + + /* open success, send back response */ + err = vfs_getattr(&path, &stat, STATX_BASIC_STATS, + AT_STATX_SYNC_AS_STAT); + if (err) { + pr_err("cannot get stat information\n"); + goto free_path; + } + + alloc_size = le64_to_cpu(req->AllocationSize); + if (alloc_size && (file_info == F_CREATED || + file_info == F_OVERWRITTEN)) { + if (alloc_size > stat.size) { + err = ksmbd_vfs_truncate(work, fp, alloc_size); + if (err) { + pr_err("failed to expand file, err = %d\n", + err); + goto free_path; + } + } + } + + /* prepare response buffer */ + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + + rsp->OplockLevel = oplock_rsp; + rsp->Fid = fp->volatile_id; + + if ((le32_to_cpu(req->CreateDisposition) == FILE_SUPERSEDE) && + (file_info == F_OVERWRITTEN)) + rsp->CreateAction = cpu_to_le32(F_SUPERSEDED); + else + rsp->CreateAction = cpu_to_le32(file_info); + + if (stat.result_mask & STATX_BTIME) + fp->create_time = ksmbd_UnixTimeToNT(stat.btime); + else + fp->create_time = ksmbd_UnixTimeToNT(stat.ctime); + if (file_present) { + if (test_share_config_flag(tcon->share_conf, + KSMBD_SHARE_FLAG_STORE_DOS_ATTRS)) { + struct xattr_dos_attrib da; + + err = ksmbd_vfs_get_dos_attrib_xattr(mnt_user_ns(path.mnt), + path.dentry, &da); + if (err > 0) + fp->create_time = da.create_time; + err = 0; + } + } else { + if (test_share_config_flag(tcon->share_conf, + KSMBD_SHARE_FLAG_STORE_DOS_ATTRS)) { + struct xattr_dos_attrib da = {0}; + + da.version = 4; + da.attr = smb_get_dos_attr(&stat); + da.create_time = fp->create_time; + + err = ksmbd_vfs_set_dos_attrib_xattr(mnt_user_ns(path.mnt), + path.dentry, &da); + if (err) + ksmbd_debug(SMB, "failed to store creation time in xattr\n"); + err = 0; + } + } + + rsp->CreationTime = cpu_to_le64(fp->create_time); + time = ksmbd_UnixTimeToNT(stat.atime); + rsp->LastAccessTime = cpu_to_le64(time); + time = ksmbd_UnixTimeToNT(stat.mtime); + rsp->LastWriteTime = cpu_to_le64(time); + time = ksmbd_UnixTimeToNT(stat.ctime); + rsp->ChangeTime = cpu_to_le64(time); + + rsp->FileAttributes = cpu_to_le32(smb_get_dos_attr(&stat)); + rsp->AllocationSize = cpu_to_le64(stat.blocks << 9); + rsp->EndOfFile = cpu_to_le64(stat.size); + /* TODO: is it normal file, named pipe, printer, modem etc*/ + rsp->FileType = 0; + /* status of named pipe*/ + rsp->DeviceState = 0; + rsp->DirectoryFlag = S_ISDIR(stat.mode) ? 1 : 0; + if (extended_reply) { + struct inode *inode; + + rsp->hdr.WordCount = 50; + memset(&ext_rsp->VolId, 0, 16); + if (fp) { + inode = file_inode(fp->filp); + ext_rsp->fid = inode->i_ino; + if (S_ISDIR(inode->i_mode) || + (fp->filp->f_mode & FMODE_WRITE)) + ext_rsp->MaxAccess = FILE_GENERIC_ALL_LE; + else + ext_rsp->MaxAccess = FILE_GENERIC_READ_LE | + FILE_EXECUTE_LE; + } else { + ext_rsp->MaxAccess = FILE_GENERIC_ALL_LE; + ext_rsp->fid = 0; + } + + ext_rsp->ByteCount = 0; + + } else { + rsp->hdr.WordCount = 34; + rsp->ByteCount = 0; + } + inc_rfc1001_len(&rsp->hdr, (rsp->hdr.WordCount * 2 + 0)); + +free_path: + path_put(&path); +out: + ksmbd_revert_fsids(work); +out1: + switch (err) { + case 0: + break; + case -ENOSPC: + rsp->hdr.Status.CifsError = STATUS_DISK_FULL; + break; + case -EMFILE: + rsp->hdr.Status.CifsError = + STATUS_TOO_MANY_OPENED_FILES; + break; + case -EINVAL: + rsp->hdr.Status.CifsError = STATUS_NO_SUCH_USER; + break; + case -EACCES: + rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + break; + case -EPERM: + rsp->hdr.Status.CifsError = STATUS_SHARING_VIOLATION; + break; + case -ENOENT: + rsp->hdr.Status.CifsError = STATUS_OBJECT_NAME_NOT_FOUND; + break; + case -EBUSY: + rsp->hdr.Status.CifsError = STATUS_DELETE_PENDING; + break; + default: + rsp->hdr.Status.CifsError = + STATUS_UNEXPECTED_IO_ERROR; + } + + if (err && fp) + ksmbd_close_fd(work, fp->volatile_id); + + kfree(conv_name); + + if (!rsp->hdr.WordCount) + return err; + + /* this is an ANDx command ? */ + rsp->AndXReserved = 0; + rsp->AndXOffset = cpu_to_le16(get_rfc1002_len(&rsp->hdr)); + if (req->AndXCommand != SMB_NO_MORE_ANDX_COMMAND) { + /* adjust response */ + rsp->AndXCommand = req->AndXCommand; + return rsp->AndXCommand; /* More processing required */ + } + rsp->AndXCommand = SMB_NO_MORE_ANDX_COMMAND; + + return err; +} + +/** + * smb_close_pipe() - ipc pipe close request handler + * @work: smb work containing close command + * + * Return: 0 on success, otherwise error + */ +static int smb_close_pipe(struct ksmbd_work *work) +{ + struct smb_com_close_req *req = work->request_buf; + + ksmbd_session_rpc_close(work->sess, req->FileID); + return 0; +} + +/** + * smb_close() - ipc pipe close request handler + * @work: smb work containing close command + * + * Return: 0 on success, otherwise error + */ +int smb_close(struct ksmbd_work *work) +{ + struct smb_com_close_req *req = work->request_buf; + struct smb_com_close_rsp *rsp = work->response_buf; + int err = 0; + + ksmbd_debug(SMB, "SMB_COM_CLOSE called for fid %u\n", req->FileID); + + if (test_share_config_flag(work->tcon->share_conf, + KSMBD_SHARE_FLAG_PIPE)) { + err = smb_close_pipe(work); + if (err < 0) + goto out; + goto IPC_out; + } + + /* + * TODO: linux cifs client does not send LastWriteTime, + * need to check if windows client use this field + */ + if (le32_to_cpu(req->LastWriteTime) > 0 && + le32_to_cpu(req->LastWriteTime) < 0xFFFFFFFF) + pr_info("need to set last modified time before close\n"); + + err = ksmbd_close_fd(work, req->FileID); + +IPC_out: + /* file close success, return response to server */ + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 0; + rsp->ByteCount = 0; + +out: + if (err) + rsp->hdr.Status.CifsError = STATUS_INVALID_HANDLE; + return err; +} + +/** + * smb_read_andx_pipe() - read from ipc pipe request handler + * @work: smb work containing read command + * + * Return: 0 on success, otherwise error + */ +static int smb_read_andx_pipe(struct ksmbd_work *work) +{ + struct smb_com_read_req *req = work->request_buf; + struct smb_com_read_rsp *rsp = work->response_buf; + struct ksmbd_rpc_command *rpc_resp; + char *data_buf; + int ret = 0, nbytes = 0; + unsigned int count; + unsigned int rsp_buflen = MAX_CIFS_SMALL_BUFFER_SIZE - + sizeof(struct smb_com_read_rsp); + + rsp_buflen = min((unsigned int)(MAX_CIFS_SMALL_BUFFER_SIZE - + sizeof(struct smb_com_read_rsp)), rsp_buflen); + + count = min_t(unsigned int, le16_to_cpu(req->MaxCount), rsp_buflen); + data_buf = (char *) (&rsp->ByteCount) + sizeof(rsp->ByteCount); + + rpc_resp = ksmbd_rpc_read(work->sess, req->Fid); + if (rpc_resp) { + if (rpc_resp->flags != KSMBD_RPC_OK || + !rpc_resp->payload_sz) { + rsp->hdr.Status.CifsError = + STATUS_UNEXPECTED_IO_ERROR; + kvfree(rpc_resp); + return -EINVAL; + } + + nbytes = rpc_resp->payload_sz; + memcpy(data_buf, rpc_resp->payload, rpc_resp->payload_sz); + kvfree(rpc_resp); + } else { + ret = -EINVAL; + } + + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 12; + rsp->Remaining = 0; + rsp->DataCompactionMode = 0; + rsp->DataCompactionMode = 0; + rsp->Reserved = 0; + rsp->DataLength = cpu_to_le16(nbytes & 0xFFFF); + rsp->DataOffset = cpu_to_le16(sizeof(struct smb_com_read_rsp) - + sizeof(rsp->hdr.smb_buf_length)); + rsp->DataLengthHigh = cpu_to_le16(nbytes >> 16); + rsp->Reserved2 = 0; + + rsp->ByteCount = cpu_to_le16(nbytes); + inc_rfc1001_len(&rsp->hdr, (rsp->hdr.WordCount * 2 + nbytes)); + + /* this is an ANDx command ? */ + rsp->AndXReserved = 0; + rsp->AndXOffset = cpu_to_le16(get_rfc1002_len(&rsp->hdr)); + if (req->AndXCommand != SMB_NO_MORE_ANDX_COMMAND) { + /* adjust response */ + rsp->AndXCommand = req->AndXCommand; + return rsp->AndXCommand; /* More processing required */ + } + rsp->AndXCommand = SMB_NO_MORE_ANDX_COMMAND; + + return ret; +} + +/** + * smb_read_andx() - read request handler + * @work: smb work containing read command + * + * Return: 0 on success, otherwise error + */ +int smb_read_andx(struct ksmbd_work *work) +{ + struct ksmbd_conn *conn = work->conn; + struct smb_com_read_req *req = work->request_buf; + struct smb_com_read_rsp *rsp = work->response_buf; + struct ksmbd_file *fp; + loff_t pos; + size_t count; + ssize_t nbytes; + int err = 0; + + if (test_share_config_flag(work->tcon->share_conf, + KSMBD_SHARE_FLAG_PIPE)) + return smb_read_andx_pipe(work); + + fp = ksmbd_lookup_fd_fast(work, req->Fid); + if (!fp) { + pr_err("failed to get filp for fid %d\n", + req->Fid); + rsp->hdr.Status.CifsError = STATUS_FILE_CLOSED; + return -ENOENT; + } + + pos = le32_to_cpu(req->OffsetLow); + if (req->hdr.WordCount == 12) + pos |= ((loff_t)le32_to_cpu(req->OffsetHigh) << 32); + + count = le16_to_cpu(req->MaxCount); + /* + * It probably seems to be set to 0 or 0xFFFF if MaxCountHigh is + * not supported. If it is 0xFFFF, it is set to a too large value + * and a read fail occurs. If it is 0xFFFF, limit it to not set + * the value. + * + * [MS-SMB] 3.2.4.4.1: + * If the CAP_LARGE_READX bit is set in + * Client.Connection.ServerCapabilities, then the client is allowed to + * issue a read of a size larger than Client.Connection.MaxBufferSize + * using an SMB_COM_READ_ANDX request. + */ + if (conn->vals->capabilities & CAP_LARGE_READ_X && + le32_to_cpu(req->MaxCountHigh) < 0xFFFF) + count |= le32_to_cpu(req->MaxCountHigh) << 16; + else if (count > CIFS_DEFAULT_IOSIZE) { + ksmbd_debug(SMB, "read size(%zu) exceeds max size(%u)\n", + count, CIFS_DEFAULT_IOSIZE); + ksmbd_debug(SMB, "limiting read size to max size(%u)\n", + CIFS_DEFAULT_IOSIZE); + count = CIFS_DEFAULT_IOSIZE; + } + + ksmbd_debug(SMB, "filename %pd, offset %lld, count %zu\n", + fp->filp->f_path.dentry, pos, count); + + work->aux_payload_buf = kvmalloc(count, GFP_KERNEL | __GFP_ZERO); + if (!work->aux_payload_buf) { + err = -ENOMEM; + goto out; + } + + nbytes = ksmbd_vfs_read(work, fp, count, &pos); + if (nbytes < 0) { + err = nbytes; + goto out; + } + + /* read success, prepare response */ + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 12; + rsp->Remaining = 0; + rsp->DataCompactionMode = 0; + rsp->DataCompactionMode = 0; + rsp->Reserved = 0; + rsp->DataLength = cpu_to_le16(nbytes & 0xFFFF); + rsp->DataOffset = cpu_to_le16(sizeof(struct smb_com_read_rsp) - + sizeof(rsp->hdr.smb_buf_length)); + rsp->DataLengthHigh = cpu_to_le16(nbytes >> 16); + rsp->Reserved2 = 0; + + rsp->ByteCount = cpu_to_le16(nbytes); + inc_rfc1001_len(&rsp->hdr, (rsp->hdr.WordCount * 2)); + work->resp_hdr_sz = get_rfc1002_len(rsp) + 4; + work->aux_payload_sz = nbytes; + inc_rfc1001_len(&rsp->hdr, nbytes); + + /* this is an ANDx command ? */ + rsp->AndXReserved = 0; + rsp->AndXOffset = cpu_to_le16(get_rfc1002_len(&rsp->hdr)); + if (req->AndXCommand != SMB_NO_MORE_ANDX_COMMAND) { + /* adjust response */ + rsp->AndXCommand = req->AndXCommand; + ksmbd_fd_put(work, fp); + return rsp->AndXCommand; /* More processing required */ + } + rsp->AndXCommand = SMB_NO_MORE_ANDX_COMMAND; + +out: + ksmbd_fd_put(work, fp); + if (err) + rsp->hdr.Status.CifsError = STATUS_INVALID_HANDLE; + return err; +} + +/** + * smb_write() - write request handler + * @work: smb work containing write command + * + * Return: 0 on success, otherwise error + */ +int smb_write(struct ksmbd_work *work) +{ + struct smb_com_write_req_32bit *req = work->request_buf; + struct smb_com_write_rsp_32bit *rsp = work->response_buf; + struct ksmbd_file *fp = NULL; + loff_t pos; + size_t count; + char *data_buf; + ssize_t nbytes = 0; + int err = 0; + + if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) { + ksmbd_debug(SMB, + "returning as user does not have permission to write\n"); + rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + return -EACCES; + } + + fp = ksmbd_lookup_fd_fast(work, req->Fid); + if (!fp) { + pr_err("failed to get filp for fid %u\n", req->Fid); + rsp->hdr.Status.CifsError = STATUS_FILE_CLOSED; + return -ENOENT; + } + + pos = le32_to_cpu(req->Offset); + count = le16_to_cpu(req->Length); + data_buf = req->Data; + + ksmbd_debug(SMB, "filename %pd, offset %lld, count %zu\n", + fp->filp->f_path.dentry, pos, count); + if (!count) { + err = ksmbd_vfs_truncate(work, fp, pos); + nbytes = 0; + } else + err = ksmbd_vfs_write(work, fp, data_buf, + count, &pos, 0, &nbytes); + + rsp->hdr.WordCount = 1; + rsp->Written = cpu_to_le16(nbytes & 0xFFFF); + rsp->ByteCount = 0; + inc_rfc1001_len(&rsp->hdr, (rsp->hdr.WordCount * 2)); + + ksmbd_fd_put(work, fp); + if (!err) { + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + return 0; + } + + if (err == -ENOSPC || err == -EFBIG) + rsp->hdr.Status.CifsError = STATUS_DISK_FULL; + else + rsp->hdr.Status.CifsError = STATUS_INVALID_HANDLE; + return err; +} + +/** + * smb_write_andx_pipe() - write on pipe request handler + * @work: smb work containing write command + * + * Return: 0 on success, otherwise error + */ +static int smb_write_andx_pipe(struct ksmbd_work *work) +{ + struct smb_com_write_req *req = work->request_buf; + struct smb_com_write_rsp *rsp = work->response_buf; + struct ksmbd_rpc_command *rpc_resp; + int ret = 0; + size_t count = 0; + + count = le16_to_cpu(req->DataLengthLow); + if (work->conn->vals->capabilities & CAP_LARGE_WRITE_X) + count |= (le16_to_cpu(req->DataLengthHigh) << 16); + + rpc_resp = ksmbd_rpc_write(work->sess, req->Fid, req->Data, count); + if (rpc_resp) { + if (rpc_resp->flags == KSMBD_RPC_ENOTIMPLEMENTED) { + rsp->hdr.Status.CifsError = STATUS_NOT_SUPPORTED; + kvfree(rpc_resp); + return -EOPNOTSUPP; + } + if (rpc_resp->flags != KSMBD_RPC_OK) { + rsp->hdr.Status.CifsError = STATUS_INVALID_HANDLE; + kvfree(rpc_resp); + return -EINVAL; + } + count = rpc_resp->payload_sz; + kvfree(rpc_resp); + } else { + ret = -EINVAL; + } + + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 6; + rsp->Count = cpu_to_le16(count & 0xFFFF); + rsp->Remaining = 0; + rsp->CountHigh = cpu_to_le16(count >> 16); + rsp->Reserved = 0; + rsp->ByteCount = 0; + inc_rfc1001_len(&rsp->hdr, (rsp->hdr.WordCount * 2)); + + /* this is an ANDx command ? */ + rsp->AndXReserved = 0; + rsp->AndXOffset = cpu_to_le16(get_rfc1002_len(&rsp->hdr)); + if (req->AndXCommand != SMB_NO_MORE_ANDX_COMMAND) { + /* adjust response */ + rsp->AndXCommand = req->AndXCommand; + return rsp->AndXCommand; /* More processing required */ + } + rsp->AndXCommand = SMB_NO_MORE_ANDX_COMMAND; + + return ret; +} + +/** + * smb_write_andx() - andx write request handler + * @work: smb work containing write command + * + * Return: 0 on success, otherwise error + */ +int smb_write_andx(struct ksmbd_work *work) +{ + struct ksmbd_conn *conn = work->conn; + struct smb_com_write_req *req = work->request_buf; + struct smb_com_write_rsp *rsp = work->response_buf; + struct ksmbd_file *fp; + bool writethrough = false; + loff_t pos; + size_t count; + ssize_t nbytes = 0; + char *data_buf; + int err = 0; + + if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) { + ksmbd_debug(SMB, + "returning as user does not have permission to write\n"); + rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + return -EACCES; + } + + if (test_share_config_flag(work->tcon->share_conf, + KSMBD_SHARE_FLAG_PIPE)) { + ksmbd_debug(SMB, "Write ANDX called for IPC$"); + return smb_write_andx_pipe(work); + } + + fp = ksmbd_lookup_fd_fast(work, req->Fid); + if (!fp) { + pr_err("failed to get filp for fid %u\n", req->Fid); + rsp->hdr.Status.CifsError = STATUS_FILE_CLOSED; + return -ENOENT; + } + + pos = le32_to_cpu(req->OffsetLow); + if (req->hdr.WordCount == 14) + pos |= ((loff_t)le32_to_cpu(req->OffsetHigh) << 32); + + writethrough = (le16_to_cpu(req->WriteMode) == 1); + + /* + * [MS-SMB] 3.3.5.8: + * If CAP_LARGE_WRITEX is set in Server.Connection.ClientCapabilities, + * then it is possible that the count of bytes to be written is larger + * than the server's MaxBufferSize + */ + count = le16_to_cpu(req->DataLengthLow); + if (conn->vals->capabilities & CAP_LARGE_WRITE_X) + count |= (le16_to_cpu(req->DataLengthHigh) << 16); + else if (count > CIFS_DEFAULT_IOSIZE) { + ksmbd_debug(SMB, "write size(%zu) exceeds max size(%u)\n", + count, CIFS_DEFAULT_IOSIZE); + ksmbd_debug(SMB, "limiting write size to max size(%u)\n", + CIFS_DEFAULT_IOSIZE); + count = CIFS_DEFAULT_IOSIZE; + } + + if (le16_to_cpu(req->DataOffset) == + (offsetof(struct smb_com_write_req, Data) - 4)) { + data_buf = (char *)&req->Data[0]; + } else { + if ((le16_to_cpu(req->DataOffset) > get_rfc1002_len(req)) || + (le16_to_cpu(req->DataOffset) + + count > get_rfc1002_len(req))) { + pr_err("invalid write data offset %u, smb_len %u\n", + le16_to_cpu(req->DataOffset), + get_rfc1002_len(req)); + err = -EINVAL; + goto out; + } + + data_buf = (char *)(((char *)&req->hdr.Protocol) + + le16_to_cpu(req->DataOffset)); + } + + ksmbd_debug(SMB, "filname %pd, offset %lld, count %zu\n", + fp->filp->f_path.dentry, pos, count); + err = ksmbd_vfs_write(work, fp, data_buf, count, &pos, + writethrough, &nbytes); + if (err < 0) + goto out; + + /* write success, prepare response */ + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 6; + rsp->Count = cpu_to_le16(nbytes & 0xFFFF); + rsp->Remaining = 0; + rsp->CountHigh = cpu_to_le16(nbytes >> 16); + rsp->Reserved = 0; + rsp->ByteCount = 0; + inc_rfc1001_len(&rsp->hdr, (rsp->hdr.WordCount * 2)); + + ksmbd_fd_put(work, fp); + /* this is an ANDx command ? */ + rsp->AndXReserved = 0; + rsp->AndXOffset = cpu_to_le16(get_rfc1002_len(&rsp->hdr)); + if (req->AndXCommand != SMB_NO_MORE_ANDX_COMMAND) { + /* adjust response */ + rsp->AndXCommand = req->AndXCommand; + return rsp->AndXCommand; /* More processing required */ + } + rsp->AndXCommand = SMB_NO_MORE_ANDX_COMMAND; + + return 0; + +out: + ksmbd_fd_put(work, fp); + if (err == -ENOSPC || err == -EFBIG) + rsp->hdr.Status.CifsError = STATUS_DISK_FULL; + else + rsp->hdr.Status.CifsError = STATUS_INVALID_HANDLE; + return err; +} + +/** + * smb_echo() - echo(ping) request handler + * @work: smb work containing echo command + * + * Return: 0 on success, otherwise error + */ +int smb_echo(struct ksmbd_work *work) +{ + struct smb_com_echo_req *req = work->request_buf; + struct smb_com_echo_rsp *rsp = work->response_buf; + __u16 data_count; + int i; + + ksmbd_debug(SMB, "SMB_COM_ECHO called with echo count %u\n", + le16_to_cpu(req->EchoCount)); + + if (le16_to_cpu(req->EchoCount) > 1) + work->multiRsp = 1; + + data_count = le16_to_cpu(req->ByteCount); + /* send echo response to server */ + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 1; + rsp->ByteCount = cpu_to_le16(data_count); + + memcpy(rsp->Data, req->Data, data_count); + inc_rfc1001_len(&rsp->hdr, (rsp->hdr.WordCount * 2) + data_count); + + /* Send req->EchoCount - 1 number of ECHO response now & + * if SMB CANCEL for Echo comes don't send response + */ + for (i = 1; i < le16_to_cpu(req->EchoCount) && + !work->send_no_response; i++) { + rsp->SequenceNumber = cpu_to_le16(i); + ksmbd_conn_write(work); + } + + /* Last echo response */ + rsp->SequenceNumber = cpu_to_le16(i); + work->multiRsp = 0; + + return 0; +} + +/** + * smb_flush() - file sync - flush request handler + * @work: smb work containing flush command + * + * Return: 0 on success, otherwise error + */ +int smb_flush(struct ksmbd_work *work) +{ + struct smb_com_flush_req *req = work->request_buf; + struct smb_com_flush_rsp *rsp = work->response_buf; + int err = 0; + + ksmbd_debug(SMB, "SMB_COM_FLUSH called for fid %u\n", req->FileID); + + if (req->FileID == 0xFFFF) { + err = ksmbd_file_table_flush(work); + if (err) + goto out; + } else { + err = ksmbd_vfs_fsync(work, req->FileID, KSMBD_NO_FID); + if (err) + goto out; + } + + /* file fsync success, return response to server */ + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 0; + rsp->ByteCount = 0; + return err; + +out: + if (err) + rsp->hdr.Status.CifsError = STATUS_INVALID_HANDLE; + + return err; +} + +/***************************************************************************** + * TRANS2 command implementation functions + *****************************************************************************/ + +/** + * get_filetype() - convert file mode to smb file type + * @mode: file mode to be convertd + * + * Return: converted file type + */ +static __u32 get_filetype(mode_t mode) +{ + if (S_ISREG(mode)) + return UNIX_FILE; + else if (S_ISDIR(mode)) + return UNIX_DIR; + else if (S_ISLNK(mode)) + return UNIX_SYMLINK; + else if (S_ISCHR(mode)) + return UNIX_CHARDEV; + else if (S_ISBLK(mode)) + return UNIX_BLOCKDEV; + else if (S_ISFIFO(mode)) + return UNIX_FIFO; + else if (S_ISSOCK(mode)) + return UNIX_SOCKET; + + return UNIX_UNKNOWN; +} + +/** + * init_unix_info() - convert file stat information to smb file info format + * @unix_info: smb file information format + * @stat: unix file/dir stat information + */ +static void init_unix_info(struct file_unix_basic_info *unix_info, + struct user_namespace *user_ns, struct kstat *stat) +{ + u64 time; + + unix_info->EndOfFile = cpu_to_le64(stat->size); + unix_info->NumOfBytes = cpu_to_le64(512 * stat->blocks); + time = ksmbd_UnixTimeToNT(stat->ctime); + unix_info->LastStatusChange = cpu_to_le64(time); + time = ksmbd_UnixTimeToNT(stat->atime); + unix_info->LastAccessTime = cpu_to_le64(time); + time = ksmbd_UnixTimeToNT(stat->mtime); + unix_info->LastModificationTime = cpu_to_le64(time); + unix_info->Uid = cpu_to_le64(from_kuid(user_ns, stat->uid)); + unix_info->Gid = cpu_to_le64(from_kgid(user_ns, stat->gid)); + unix_info->Type = cpu_to_le32(get_filetype(stat->mode)); + unix_info->DevMajor = cpu_to_le64(MAJOR(stat->rdev)); + unix_info->DevMinor = cpu_to_le64(MINOR(stat->rdev)); + unix_info->UniqueId = cpu_to_le64(stat->ino); + unix_info->Permissions = cpu_to_le64(stat->mode); + unix_info->Nlinks = cpu_to_le64(stat->nlink); +} + +/** + * unix_info_to_attr() - convert smb file info format to unix attr format + * @unix_info: smb file information format + * @attrs: unix file/dir stat information + * + * Return: 0 + */ +static int unix_info_to_attr(struct file_unix_basic_info *unix_info, + struct user_namespace *user_ns, + struct iattr *attrs) +{ + struct timespec64 ts; + + if (le64_to_cpu(unix_info->EndOfFile) != NO_CHANGE_64) { + attrs->ia_size = le64_to_cpu(unix_info->EndOfFile); + attrs->ia_valid |= ATTR_SIZE; + } + + if (le64_to_cpu(unix_info->LastStatusChange) != NO_CHANGE_64) { + ts = smb_NTtimeToUnix(unix_info->LastStatusChange); + attrs->ia_ctime = ts; + attrs->ia_valid |= ATTR_CTIME; + } + + if (le64_to_cpu(unix_info->LastAccessTime) != NO_CHANGE_64) { + ts = smb_NTtimeToUnix(unix_info->LastAccessTime); + attrs->ia_atime = ts; + attrs->ia_valid |= ATTR_ATIME; + } + + if (le64_to_cpu(unix_info->LastModificationTime) != NO_CHANGE_64) { + ts = smb_NTtimeToUnix(unix_info->LastModificationTime); + attrs->ia_mtime = ts; + attrs->ia_valid |= ATTR_MTIME; + } + + if (le64_to_cpu(unix_info->Uid) != NO_CHANGE_64) { + attrs->ia_uid = make_kuid(user_ns, + le64_to_cpu(unix_info->Uid)); + attrs->ia_valid |= ATTR_UID; + } + + if (le64_to_cpu(unix_info->Gid) != NO_CHANGE_64) { + attrs->ia_gid = make_kgid(user_ns, + le64_to_cpu(unix_info->Gid)); + attrs->ia_valid |= ATTR_GID; + } + + if (le64_to_cpu(unix_info->Permissions) != NO_CHANGE_64) { + attrs->ia_mode = le64_to_cpu(unix_info->Permissions); + attrs->ia_valid |= ATTR_MODE; + } + + switch (le32_to_cpu(unix_info->Type)) { + case UNIX_FILE: + attrs->ia_mode |= S_IFREG; + break; + case UNIX_DIR: + attrs->ia_mode |= S_IFDIR; + break; + case UNIX_SYMLINK: + attrs->ia_mode |= S_IFLNK; + break; + case UNIX_CHARDEV: + attrs->ia_mode |= S_IFCHR; + break; + case UNIX_BLOCKDEV: + attrs->ia_mode |= S_IFBLK; + break; + case UNIX_FIFO: + attrs->ia_mode |= S_IFIFO; + break; + case UNIX_SOCKET: + attrs->ia_mode |= S_IFSOCK; + break; + default: + pr_err("unknown file type 0x%x\n", + le32_to_cpu(unix_info->Type)); + } + + return 0; +} + +/** + * unix_to_dos_time() - convert unix time to dos format + * @ts: unix style time + * @time: store dos style time + * @date: store dos style date + */ +static void unix_to_dos_time(struct timespec64 ts, __le16 *time, __le16 *date) +{ + struct tm t; + __u16 val; + + time64_to_tm(ts.tv_sec, (-sys_tz.tz_minuteswest) * 60, &t); + val = (((unsigned int)(t.tm_mon + 1)) >> 3) | ((t.tm_year - 80) << 1); + val = ((val & 0xFF) << 8) | (t.tm_mday | + (((t.tm_mon + 1) & 0x7) << 5)); + *date = cpu_to_le16(val); + + val = ((((unsigned int)t.tm_min >> 3) & 0x7) | + (((unsigned int)t.tm_hour) << 3)); + val = ((val & 0xFF) << 8) | ((t.tm_sec/2) | ((t.tm_min & 0x7) << 5)); + *time = cpu_to_le16(val); +} + +/** + * cifs_convert_ace() - helper function for convert an Access Control Entry + * from cifs wire format to local POSIX xattr format + * @ace: local - unix style Access Control Entry format + * @cifs_ace: cifs wire Access Control Entry format + */ +static void cifs_convert_ace(struct posix_acl_xattr_entry *ace, + struct cifs_posix_ace *cifs_ace) +{ + /* u8 cifs fields do not need le conversion */ + ace->e_perm = cpu_to_le16(cifs_ace->cifs_e_perm); + ace->e_tag = cpu_to_le16(cifs_ace->cifs_e_tag); + ace->e_id = cpu_to_le32(le64_to_cpu(cifs_ace->cifs_uid)); +} + +/** + * cifs_copy_posix_acl() - Convert ACL from CIFS POSIX wire format to local + * Linux POSIX ACL xattr + * @trgt: target buffer for storing in local ace format + * @src: source buffer in cifs ace format + * @buflen: target buffer length + * @acl_type: ace type + * @size_of_data_area: max buffer size to store ace xattr + * + * Return: size of convert ace xattr on success, otherwise error + */ +static int cifs_copy_posix_acl(char *trgt, char *src, const int buflen, + const int acl_type, const int size_of_data_area) +{ + int size = 0; + int i; + __u16 count; + struct cifs_posix_ace *pACE; + struct cifs_posix_acl *cifs_acl = (struct cifs_posix_acl *)src; + struct posix_acl_xattr_entry *ace; + struct posix_acl_xattr_header *local_acl = (void *)trgt; + + if (le16_to_cpu(cifs_acl->version) != CIFS_ACL_VERSION) + return -EOPNOTSUPP; + + if (acl_type & ACL_TYPE_ACCESS) { + count = le16_to_cpu(cifs_acl->access_entry_count); + pACE = &cifs_acl->ace_array[0]; + size = sizeof(struct cifs_posix_acl); + size += sizeof(struct cifs_posix_ace) * count; + /* check if we would go beyond end of SMB */ + if (size_of_data_area < size) { + ksmbd_debug(SMB, "bad CIFS POSIX ACL size %d vs. %d\n", + size_of_data_area, size); + return -EINVAL; + } + } else if (acl_type & ACL_TYPE_DEFAULT) { + count = le16_to_cpu(cifs_acl->default_entry_count); + pACE = &cifs_acl->ace_array[0]; + size = sizeof(struct cifs_posix_acl); + size += sizeof(struct cifs_posix_ace) * count; + /* check if we would go beyond end of SMB */ + if (size_of_data_area < size) + return -EINVAL; + } else { + /* illegal type */ + return -EINVAL; + } + + size = posix_acl_xattr_size(count); + if ((buflen != 0) && local_acl && size > buflen) + return -ERANGE; + + /* buffer big enough */ + ace = (void *)(local_acl + 1); + local_acl->a_version = cpu_to_le32(POSIX_ACL_XATTR_VERSION); + for (i = 0; i < count; i++) { + cifs_convert_ace(&ace[i], pACE); + pACE++; + } + + return size; +} + +/** + * convert_ace_to_cifs_ace() - helper function to convert ACL from local + * Linux POSIX ACL xattr to CIFS POSIX wire format to local + * @cifs_ace: target buffer for storing in cifs ace format + * @local_ace: source buffer in Linux POSIX ACL xattr format + * + * Return: 0 + */ +static __u16 convert_ace_to_cifs_ace(struct cifs_posix_ace *cifs_ace, + const struct posix_acl_xattr_entry *local_ace) +{ + __u16 rc = 0; /* 0 = ACL converted ok */ + + cifs_ace->cifs_e_perm = le16_to_cpu(local_ace->e_perm); + cifs_ace->cifs_e_tag = le16_to_cpu(local_ace->e_tag); + /* BB is there a better way to handle the large uid? */ + if (local_ace->e_id == cpu_to_le32(-1)) { + /* Probably no need to le convert -1 on any + * arch but can not hurt + */ + cifs_ace->cifs_uid = cpu_to_le64(-1); + } else + cifs_ace->cifs_uid = cpu_to_le64(le32_to_cpu(local_ace->e_id)); + return rc; +} + +/** + * ACL_to_cifs_posix() - ACL from local Linux POSIX xattr to CIFS POSIX ACL + * wire format + * @parm_data: target buffer for storing in cifs ace format + * @pACL: source buffer in cifs ace format + * @buflen: target buffer length + * @acl_type: ace type + * + * Return: 0 on success, otherwise error + */ +static __u16 ACL_to_cifs_posix(char *parm_data, const char *pACL, + const int buflen, const int acl_type) +{ + __u16 rc = 0; + struct cifs_posix_acl *cifs_acl = (struct cifs_posix_acl *)parm_data; + struct posix_acl_xattr_header *local_acl = (void *)pACL; + struct posix_acl_xattr_entry *ace = (void *)(local_acl + 1); + int count; + int i, j = 0; + + if ((buflen == 0) || !pACL || !cifs_acl) + return 0; + + count = posix_acl_xattr_count((size_t)buflen); + ksmbd_debug(SMB, "setting acl with %d entries from buf of length %d and version of %d\n", + count, buflen, le32_to_cpu(local_acl->a_version)); + if (le32_to_cpu(local_acl->a_version) != 2) { + ksmbd_debug(SMB, "unknown POSIX ACL version %d\n", + le32_to_cpu(local_acl->a_version)); + return 0; + } + if (acl_type == ACL_TYPE_ACCESS) { + cifs_acl->access_entry_count = cpu_to_le16(count); + j = 0; + } else if (acl_type == ACL_TYPE_DEFAULT) { + cifs_acl->default_entry_count = cpu_to_le16(count); + if (cifs_acl->access_entry_count) + j = le16_to_cpu(cifs_acl->access_entry_count); + } else { + ksmbd_debug(SMB, "unknown ACL type %d\n", acl_type); + return 0; + } + for (i = 0; i < count; i++, j++) { + rc = convert_ace_to_cifs_ace(&cifs_acl->ace_array[i], &ace[i]); + if (rc != 0) { + /* ACE not converted */ + break; + } + } + if (rc == 0) { + rc = (__u16)(count * sizeof(struct cifs_posix_ace)); + /* BB add check to make sure ACL does not overflow SMB */ + } + return rc; +} + +/** + * smb_get_acl() - handler for query posix acl information + * @work: smb work containing posix acl query command + * @path: path of file/dir to query acl + * + * Return: 0 on success, otherwise error + */ +static int smb_get_acl(struct ksmbd_work *work, struct path *path) +{ + struct smb_com_trans2_rsp *rsp = work->response_buf; + char *buf = NULL; + int rc = 0, value_len; + struct cifs_posix_acl *aclbuf; + __u16 rsp_data_cnt = 0; + + aclbuf = (struct cifs_posix_acl *)(work->response_buf + + sizeof(struct smb_com_trans2_rsp) + 4); + + aclbuf->version = cpu_to_le16(CIFS_ACL_VERSION); + aclbuf->default_entry_count = 0; + aclbuf->access_entry_count = 0; + + /* check if POSIX_ACL_XATTR_ACCESS exists */ + value_len = ksmbd_vfs_getxattr(mnt_user_ns(path->mnt), path->dentry, + XATTR_NAME_POSIX_ACL_ACCESS, + &buf); + if (value_len > 0) { + rsp_data_cnt += ACL_to_cifs_posix((char *)aclbuf, buf, + value_len, ACL_TYPE_ACCESS); + kfree(buf); + buf = NULL; + } + + /* check if POSIX_ACL_XATTR_DEFAULT exists */ + value_len = ksmbd_vfs_getxattr(mnt_user_ns(path->mnt), path->dentry, + XATTR_NAME_POSIX_ACL_DEFAULT, + &buf); + if (value_len > 0) { + rsp_data_cnt += ACL_to_cifs_posix((char *)aclbuf, buf, + value_len, ACL_TYPE_DEFAULT); + kfree(buf); + buf = NULL; + } + + if (rsp_data_cnt) + rsp_data_cnt += sizeof(struct cifs_posix_acl); + + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = cpu_to_le16(rsp_data_cnt); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = rsp->t2.TotalDataCount; + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + rsp->ByteCount = cpu_to_le16(rsp_data_cnt + 5); + inc_rfc1001_len(&rsp->hdr, 10 * 2 + le16_to_cpu(rsp->ByteCount)); + + if (buf) + kfree(buf); + return rc; +} + +/** + * smb_set_acl() - handler for setting posix acl information + * @work: smb work containing posix acl set command + * + * Return: 0 on success, otherwise error + */ +static int smb_set_acl(struct ksmbd_work *work) +{ + struct smb_com_trans2_spi_req *req = work->request_buf; + struct smb_com_trans2_rsp *rsp = work->response_buf; + struct ksmbd_share_config *share = work->tcon->share_conf; + struct cifs_posix_acl *wire_acl_data; + char *fname, *buf = NULL; + int rc = 0, acl_type = 0, value_len; + + fname = smb_get_name(share, req->FileName, PATH_MAX, work, false); + if (IS_ERR(fname)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(fname); + } + + buf = vmalloc(XATTR_SIZE_MAX); + if (!buf) { + rsp->hdr.Status.CifsError = STATUS_NO_MEMORY; + rc = -ENOMEM; + goto out; + } + + wire_acl_data = (struct cifs_posix_acl *)(((char *) &req->hdr.Protocol) + + le16_to_cpu(req->DataOffset)); + if (le16_to_cpu(wire_acl_data->access_entry_count) > 0 && + le16_to_cpu(wire_acl_data->access_entry_count) < 0xFFFF) { + acl_type = ACL_TYPE_ACCESS; + + } else if (le16_to_cpu(wire_acl_data->default_entry_count) > 0 && + le16_to_cpu(wire_acl_data->default_entry_count) < 0xFFFF) { + acl_type = ACL_TYPE_DEFAULT; + } else { + rc = -EINVAL; + goto out; + } + + rc = cifs_copy_posix_acl(buf, + (char *)wire_acl_data, + XATTR_SIZE_MAX, acl_type, XATTR_SIZE_MAX); + if (rc < 0) { + rsp->hdr.Status.CifsError = STATUS_INVALID_PARAMETER; + goto out; + } + + value_len = rc; + if (acl_type == ACL_TYPE_ACCESS) { + rc = ksmbd_vfs_fsetxattr(work, + fname, + XATTR_NAME_POSIX_ACL_ACCESS, + buf, value_len, 0); + } else if (acl_type == ACL_TYPE_DEFAULT) { + rc = ksmbd_vfs_fsetxattr(work, + fname, + XATTR_NAME_POSIX_ACL_DEFAULT, + buf, value_len, 0); + } + + if (rc < 0) { + rsp->hdr.Status.CifsError = STATUS_UNEXPECTED_IO_ERROR; + goto out; + } + + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = cpu_to_le16(0); + rsp->t2.ParameterCount = rsp->t2.TotalParameterCount; + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = rsp->t2.TotalDataCount; + rsp->t2.DataOffset = cpu_to_le16(0); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + + /* 2 for parameter count + 1 pad1*/ + rsp->ByteCount = cpu_to_le16(3); + rsp->Pad = 0; + inc_rfc1001_len(&rsp->hdr, rsp->hdr.WordCount * 2 + 3); + +out: + if (buf) + vfree(buf); + kfree(fname); + return rc; +} + +static void *ksmbd_realloc_response(void *ptr, size_t old_sz, size_t new_sz) +{ + size_t sz = min(old_sz, new_sz); + void *nptr; + + nptr = kvmalloc(new_sz, GFP_KERNEL | __GFP_ZERO); + if (!nptr) + return ptr; + memcpy(nptr, ptr, sz); + kvfree(ptr); + return nptr; +} + +/** + * smb_readlink() - handler for reading symlink source path + * @work: smb work containing query link information + * + * Return: 0 on success, otherwise error + */ +static int smb_readlink(struct ksmbd_work *work, struct path *path) +{ + struct smb_com_trans2_qpi_req *req = work->request_buf; + struct smb_com_trans2_rsp *rsp = work->response_buf; + int err, name_len; + char *buf, *ptr; + + buf = kzalloc((CIFS_MF_SYMLINK_LINK_MAXLEN), GFP_KERNEL); + if (!buf) { + rsp->hdr.Status.CifsError = STATUS_NO_MEMORY; + return -ENOMEM; + } + + err = ksmbd_vfs_readlink(path, buf, CIFS_MF_SYMLINK_LINK_MAXLEN); + if (err < 0) { + rsp->hdr.Status.CifsError = STATUS_INVALID_HANDLE; + goto out; + } + + /* + * check if this namelen(unicode) and smb header can fit in small rsp + * buf. If not, switch to large rsp buffer. + */ + err++; + err *= 2; + if (err + MAX_HEADER_SIZE(work->conn) > work->response_sz) { + void *nptr; + size_t nsz = err + MAX_HEADER_SIZE(work->conn); + + nptr = ksmbd_realloc_response(work->response_buf, + work->response_sz, + nsz); + if (nptr == work->response_buf) { + rsp->hdr.Status.CifsError = STATUS_NO_MEMORY; + err = -ENOMEM; + goto out; + } + + work->response_buf = nptr; + rsp = (struct smb_com_trans2_rsp *)work->response_buf; + } + err = 0; + + ptr = (char *)&rsp->Buffer[0]; + memset(ptr, 0, 4); + ptr += 4; + + if (is_smbreq_unicode(&req->hdr)) { + name_len = smb_strtoUTF16((__le16 *)ptr, + buf, + CIFS_MF_SYMLINK_LINK_MAXLEN, + work->conn->local_nls); + name_len++; /* trailing null */ + name_len *= 2; + } else { /* BB add path length overrun check */ + name_len = strscpy(ptr, buf, CIFS_MF_SYMLINK_LINK_MAXLEN - 1); + name_len++; /* trailing null */ + } + + rsp->hdr.WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = cpu_to_le16(name_len); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = rsp->t2.TotalDataCount; + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + rsp->ByteCount = cpu_to_le16(name_len + 5); + inc_rfc1001_len(&rsp->hdr, 10 * 2 + le16_to_cpu(rsp->ByteCount)); + +out: + kfree(buf); + return err; +} + +/** + * smb_get_ea() - handler for extended attribute query + * @work: smb work containing query xattr command + * @path: path of file/dir to query xattr command + * + * Return: 0 on success, otherwise error + */ +static int smb_get_ea(struct ksmbd_work *work, struct path *path) +{ + struct smb_com_trans2_rsp *rsp = work->response_buf; + char *name, *ptr, *xattr_list = NULL, *buf; + int rc, name_len, value_len, xattr_list_len; + struct fealist *eabuf = (struct fealist *)(work->response_buf + + sizeof(struct smb_com_trans2_rsp) + 4); + struct fea *temp_fea; + ssize_t buf_free_len; + __u16 rsp_data_cnt = 4; + + eabuf->list_len = cpu_to_le32(rsp_data_cnt); + buf_free_len = work->response_sz - (get_rfc1002_len(rsp) + 4) - + sizeof(struct smb_com_trans2_rsp); + rc = ksmbd_vfs_listxattr(path->dentry, &xattr_list); + if (rc < 0) { + rsp->hdr.Status.CifsError = STATUS_INVALID_HANDLE; + goto out; + } else if (!rc) { /* there is no EA in the file */ + eabuf->list_len = cpu_to_le32(rsp_data_cnt); + goto done; + } + + xattr_list_len = rc; + rc = 0; + + ptr = (char *)eabuf->list; + temp_fea = (struct fea *)ptr; + for (name = xattr_list; name - xattr_list < xattr_list_len; + name += strlen(name) + 1) { + ksmbd_debug(SMB, "%s, len %zd\n", name, strlen(name)); + /* + * CIFS does not support EA other name user.* namespace, + * still keep the framework generic, to list other attrs + * in future. + */ + if (strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) + continue; + + name_len = strlen(name); + if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) + name_len -= XATTR_USER_PREFIX_LEN; + + ptr = (char *)(&temp_fea->name + name_len + 1); + buf_free_len -= (offsetof(struct fea, name) + name_len + 1); + + value_len = ksmbd_vfs_getxattr(mnt_user_ns(path->mnt), + path->dentry, name, &buf); + if (value_len <= 0) { + rc = -ENOENT; + rsp->hdr.Status.CifsError = STATUS_INVALID_HANDLE; + goto out; + } + + memcpy(ptr, buf, value_len); + kfree(buf); + + temp_fea->EA_flags = 0; + temp_fea->name_len = name_len; + if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) + memcpy(temp_fea->name, &name[XATTR_USER_PREFIX_LEN], + name_len); + else + memcpy(temp_fea->name, name, name_len); + + temp_fea->value_len = cpu_to_le16(value_len); + buf_free_len -= value_len; + rsp_data_cnt += offsetof(struct fea, name) + name_len + 1 + + value_len; + eabuf->list_len += cpu_to_le32(offsetof(struct fea, name) + + name_len + 1 + value_len); + ptr += value_len; + temp_fea = (struct fea *)ptr; + } + +done: + rsp->hdr.WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = cpu_to_le16(rsp_data_cnt); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = rsp->t2.TotalDataCount; + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + rsp->ByteCount = cpu_to_le16(rsp_data_cnt + 5); + inc_rfc1001_len(&rsp->hdr, 10 * 2 + le16_to_cpu(rsp->ByteCount)); +out: + kvfree(xattr_list); + return rc; +} + +/** + * query_path_info() - handler for query path info + * @work: smb work containing query path info command + * + * Return: 0 on success, otherwise error + */ +static int query_path_info(struct ksmbd_work *work) +{ + struct smb_hdr *rsp_hdr = work->response_buf; + struct smb_com_trans2_req *req = work->request_buf; + struct ksmbd_conn *conn = work->conn; + struct ksmbd_share_config *share = work->tcon->share_conf; + struct smb_com_trans2_rsp *rsp = work->response_buf; + struct trans2_qpi_req_params *req_params; + char *name = NULL; + struct path path; + struct kstat st; + int rc; + char *ptr; + __u64 create_time = 0, time; + + if (test_share_config_flag(work->tcon->share_conf, + KSMBD_SHARE_FLAG_PIPE)) { + rsp_hdr->Status.CifsError = STATUS_UNEXPECTED_IO_ERROR; + return 0; + } + + req_params = (struct trans2_qpi_req_params *)(work->request_buf + + le16_to_cpu(req->ParameterOffset) + 4); + name = smb_get_name(share, req_params->FileName, PATH_MAX, work, + false); + if (IS_ERR(name)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(name); + } + + if (ksmbd_override_fsids(work)) { + kfree(name); + rsp->hdr.Status.CifsError = STATUS_NO_MEMORY; + return -ENOMEM; + } + + rc = ksmbd_vfs_kern_path(work, name, LOOKUP_NO_SYMLINKS, &path, 0); + if (rc) { + if (rc == -EACCES || rc == -EXDEV) + rsp_hdr->Status.CifsError = STATUS_ACCESS_DENIED; + else + rsp_hdr->Status.CifsError = + STATUS_OBJECT_NAME_NOT_FOUND; + ksmbd_debug(SMB, "cannot get linux path for %s, err %d\n", + name, rc); + goto out; + } + + if (d_is_symlink(path.dentry)) { + rsp_hdr->Status.CifsError = STATUS_ACCESS_DENIED; + goto err_out; + } + + rc = vfs_getattr(&path, &st, STATX_BASIC_STATS, AT_STATX_SYNC_AS_STAT); + if (rc) { + pr_err("cannot get stat information\n"); + goto err_out; + } + + if (test_share_config_flag(work->tcon->share_conf, + KSMBD_SHARE_FLAG_STORE_DOS_ATTRS)) { + struct xattr_dos_attrib da; + + rc = ksmbd_vfs_get_dos_attrib_xattr(mnt_user_ns(path.mnt), + path.dentry, &da); + if (rc > 0) + create_time = da.create_time; + rc = 0; + } + + switch (le16_to_cpu(req_params->InformationLevel)) { + case SMB_INFO_STANDARD: + { + struct file_info_standard *infos; + + ksmbd_debug(SMB, "SMB_INFO_STANDARD\n"); + rc = ksmbd_query_inode_status(d_inode(path.dentry)); + if (rc == KSMBD_INODE_STATUS_PENDING_DELETE) { + rc = -EBUSY; + goto err_out; + } + + rc = 0; + ptr = (char *)&rsp->Pad + 1; + memset(ptr, 0, 4); + infos = (struct file_info_standard *)(ptr + 4); + unix_to_dos_time(ksmbd_NTtimeToUnix(cpu_to_le64(create_time)), + &infos->CreationDate, &infos->CreationTime); + unix_to_dos_time(st.atime, + &infos->LastAccessDate, + &infos->LastAccessTime); + unix_to_dos_time(st.mtime, + &infos->LastWriteDate, + &infos->LastWriteTime); + infos->DataSize = cpu_to_le32(st.size); + infos->AllocationSize = cpu_to_le32(st.blocks << 9); + infos->Attributes = cpu_to_le16(S_ISDIR(st.mode) ? + ATTR_DIRECTORY : ATTR_ARCHIVE); + infos->EASize = 0; + + rsp_hdr->WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = cpu_to_le16(22); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = cpu_to_le16(22); + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + rsp->ByteCount = cpu_to_le16(27); + rsp->Pad = 0; + inc_rfc1001_len(rsp_hdr, 10 * 2 + le16_to_cpu(rsp->ByteCount)); + break; + } + case SMB_QUERY_FILE_STANDARD_INFO: + { + struct file_standard_info *standard_info; + unsigned int del_pending; + + ksmbd_debug(SMB, "SMB_QUERY_FILE_STANDARD_INFO\n"); + del_pending = ksmbd_query_inode_status(d_inode(path.dentry)); + if (del_pending == KSMBD_INODE_STATUS_PENDING_DELETE) + del_pending = 1; + else + del_pending = 0; + + rsp_hdr->WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = + cpu_to_le16(sizeof(struct file_standard_info)); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = + cpu_to_le16(sizeof(struct file_standard_info)); + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + /*2 for parameter count & 3 pad (1pad1 + 2 pad2)*/ + rsp->ByteCount = + cpu_to_le16(2 + sizeof(struct file_standard_info) + 3); + rsp->Pad = 0; + /* lets set EA info */ + ptr = (char *)&rsp->Pad + 1; + memset(ptr, 0, 4); + standard_info = (struct file_standard_info *)(ptr + 4); + standard_info->AllocationSize = cpu_to_le64(st.blocks << 9); + standard_info->EndOfFile = cpu_to_le64(st.size); + standard_info->NumberOfLinks = cpu_to_le32(get_nlink(&st) - + del_pending); + standard_info->DeletePending = del_pending; + standard_info->Directory = S_ISDIR(st.mode) ? 1 : 0; + inc_rfc1001_len(rsp_hdr, 10 * 2 + le16_to_cpu(rsp->ByteCount)); + break; + } + case SMB_QUERY_FILE_BASIC_INFO: + { + struct file_basic_info *basic_info; + + ksmbd_debug(SMB, "SMB_QUERY_FILE_BASIC_INFO\n"); + rsp_hdr->WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = + cpu_to_le16(sizeof(struct file_basic_info)); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = cpu_to_le16(sizeof(struct file_basic_info)); + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + /*2 for parameter count & 3 pad (1pad1 + 2 pad2)*/ + rsp->ByteCount = + cpu_to_le16(2 + sizeof(struct file_basic_info) + 3); + rsp->Pad = 0; + /* lets set EA info */ + ptr = (char *)&rsp->Pad + 1; + memset(ptr, 0, 4); + basic_info = (struct file_basic_info *)(ptr + 4); + basic_info->CreationTime = cpu_to_le64(create_time); + time = ksmbd_UnixTimeToNT(st.atime); + basic_info->LastAccessTime = cpu_to_le64(time); + time = ksmbd_UnixTimeToNT(st.mtime); + basic_info->LastWriteTime = cpu_to_le64(time); + time = ksmbd_UnixTimeToNT(st.ctime); + basic_info->ChangeTime = cpu_to_le64(time); + basic_info->Attributes = S_ISDIR(st.mode) ? + ATTR_DIRECTORY_LE : ATTR_ARCHIVE_LE; + basic_info->Pad = 0; + inc_rfc1001_len(rsp_hdr, 10 * 2 + le16_to_cpu(rsp->ByteCount)); + break; + } + case SMB_QUERY_FILE_EA_INFO: + { + struct file_ea_info *ea_info; + + ksmbd_debug(SMB, "SMB_QUERY_FILE_EA_INFO\n"); + rsp_hdr->WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = + cpu_to_le16(sizeof(struct file_ea_info)); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = cpu_to_le16(sizeof(struct file_ea_info)); + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + /*2 for parameter count & 3 pad (1pad1 + 2 pad2)*/ + rsp->ByteCount = + cpu_to_le16(2 + sizeof(struct file_ea_info) + 3); + rsp->Pad = 0; + /* lets set EA info */ + ptr = (char *)&rsp->Pad + 1; + memset(ptr, 0, 4); + ea_info = (struct file_ea_info *)(ptr + 4); + ea_info->EaSize = 0; + inc_rfc1001_len(rsp_hdr, 10 * 2 + le16_to_cpu(rsp->ByteCount)); + break; + } + case SMB_QUERY_FILE_NAME_INFO: + { + struct file_name_info *name_info; + int uni_filename_len; + char *filename; + + ksmbd_debug(SMB, "SMB_QUERY_FILE_NAME_INFO\n"); + ptr = (char *)&rsp->Pad + 1; + memset(ptr, 0, 4); + name_info = (struct file_name_info *)(ptr + 4); + + filename = convert_to_nt_pathname(work->tcon->share_conf, &path); + if (!filename) { + rc = -ENOMEM; + goto err_out; + } + uni_filename_len = smbConvertToUTF16( + (__le16 *)name_info->FileName, + filename, PATH_MAX, + conn->local_nls, 0); + kfree(filename); + uni_filename_len *= 2; + name_info->FileNameLength = cpu_to_le32(uni_filename_len); + + rsp_hdr->WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = cpu_to_le16(uni_filename_len + 4); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = cpu_to_le16(uni_filename_len + 4); + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + /*2 for parameter count & 3 pad (1pad1 + 2 pad2)*/ + rsp->ByteCount = cpu_to_le16(2 + uni_filename_len + 4 + 3); + rsp->Pad = 0; + inc_rfc1001_len(rsp_hdr, 10 * 2 + le16_to_cpu(rsp->ByteCount)); + break; + } + case SMB_QUERY_FILE_ALL_INFO: + { + struct file_all_info *ainfo; + unsigned int del_pending; + char *filename; + int uni_filename_len, total_count = 72; + + ksmbd_debug(SMB, "SMB_QUERY_FILE_ALL_INFO\n"); + + del_pending = ksmbd_query_inode_status(d_inode(path.dentry)); + if (del_pending == KSMBD_INODE_STATUS_PENDING_DELETE) + del_pending = 1; + else + del_pending = 0; + + filename = convert_to_nt_pathname(work->tcon->share_conf, &path); + if (!filename) { + rc = -ENOMEM; + goto err_out; + } + + /* + * Observation: sizeof smb_hdr is 33 bytes(including word count) + * After that: trans2 response 22 bytes when stepcount 0 and + * including ByteCount storage. + */ + /* lets set EA info */ + ptr = (char *)&rsp->Pad + 1; + memset(ptr, 0, 4); + ainfo = (struct file_all_info *) (ptr + 4); + + ainfo->CreationTime = cpu_to_le64(create_time); + time = ksmbd_UnixTimeToNT(st.atime); + ainfo->LastAccessTime = cpu_to_le64(time); + time = ksmbd_UnixTimeToNT(st.mtime); + ainfo->LastWriteTime = cpu_to_le64(time); + time = ksmbd_UnixTimeToNT(st.ctime); + ainfo->ChangeTime = cpu_to_le64(time); + ainfo->Attributes = S_ISDIR(st.mode) ? + ATTR_DIRECTORY_LE : ATTR_ARCHIVE_LE; + ainfo->Pad1 = 0; + ainfo->AllocationSize = cpu_to_le64(st.blocks << 9); + ainfo->EndOfFile = cpu_to_le64(st.size); + ainfo->NumberOfLinks = cpu_to_le32(get_nlink(&st) - + del_pending); + ainfo->DeletePending = del_pending; + ainfo->Directory = S_ISDIR(st.mode) ? 1 : 0; + ainfo->Pad2 = 0; + ainfo->EASize = 0; + uni_filename_len = smbConvertToUTF16( + (__le16 *)ainfo->FileName, + filename, PATH_MAX, + conn->local_nls, 0); + kfree(filename); + uni_filename_len *= 2; + ainfo->FileNameLength = cpu_to_le32(uni_filename_len); + total_count += uni_filename_len; + + rsp_hdr->WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + /* add unicode name length of name */ + rsp->t2.TotalDataCount = cpu_to_le16(total_count); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = cpu_to_le16(total_count); + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + /* 2 for parameter count + 72 data count + + * filename length + 3 pad (1pad1 + 2 pad2) + */ + rsp->ByteCount = cpu_to_le16(5 + total_count); + rsp->Pad = 0; + inc_rfc1001_len(rsp_hdr, 10 * 2 + le16_to_cpu(rsp->ByteCount)); + break; + } + case SMB_QUERY_ALT_NAME_INFO: + { + struct alt_name_info *alt_name_info; + char *base; + int filename_len; + + ksmbd_debug(SMB, "SMB_QUERY_ALT_NAME_INFO\n"); + rsp_hdr->WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + /*2 for parameter count & 3 pad (1pad1 + 2 pad2)*/ + rsp->ByteCount = cpu_to_le16(25); + rsp->Pad = 0; + /* lets set EA info */ + ptr = (char *)&rsp->Pad + 1; + memset(ptr, 0, 4); + alt_name_info = (struct alt_name_info *)(ptr + 4); + + base = strrchr(name, '/'); + if (!base) + base = name; + else + base += 1; + + filename_len = ksmbd_extract_shortname(conn, base, + alt_name_info->FileName); + alt_name_info->FileNameLength = cpu_to_le32(filename_len); + rsp->t2.TotalDataCount = cpu_to_le16(4 + filename_len); + rsp->t2.DataCount = cpu_to_le16(4 + filename_len); + + inc_rfc1001_len(rsp_hdr, (4 + filename_len + 25)); + break; + } + case SMB_QUERY_FILE_UNIX_BASIC: + { + struct file_unix_basic_info *unix_info; + + ksmbd_debug(SMB, "SMB_QUERY_FILE_UNIX_BASIC\n"); + rsp_hdr->WordCount = 10; + rsp->t2.TotalParameterCount = 0; + rsp->t2.TotalDataCount = cpu_to_le16(100); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = 0; + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = cpu_to_le16(100); + rsp->t2.DataOffset = cpu_to_le16(56); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + rsp->ByteCount = cpu_to_le16(101); /* 100 data count + 1pad */ + rsp->Pad = 0; + unix_info = (struct file_unix_basic_info *)(&rsp->Pad + 1); + init_unix_info(unix_info, mnt_user_ns(path.mnt), &st); + inc_rfc1001_len(rsp_hdr, (10 * 2 + 101)); + break; + } + case SMB_QUERY_FILE_INTERNAL_INFO: + { + struct file_internal_info *iinfo; + + ksmbd_debug(SMB, "SMB_QUERY_FILE_INTERNAL_INFO\n"); + rsp_hdr->WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = cpu_to_le16(8); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = cpu_to_le16(8); + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + rsp->ByteCount = cpu_to_le16(13); + rsp->Pad = 0; + ptr = (char *)&rsp->Pad + 1; + memset(ptr, 0, 4); + iinfo = (struct file_internal_info *) (ptr + 4); + iinfo->UniqueId = cpu_to_le64(st.ino); + inc_rfc1001_len(rsp_hdr, (10 * 2 + 13)); + break; + } + case SMB_QUERY_FILE_UNIX_LINK: + ksmbd_debug(SMB, "SMB_QUERY_FILE_UNIX_LINK\n"); + rc = smb_readlink(work, &path); + if (rc < 0) + goto err_out; + break; + case SMB_INFO_QUERY_ALL_EAS: + ksmbd_debug(SMB, "SMB_INFO_QUERY_ALL_EAS\n"); + rc = smb_get_ea(work, &path); + if (rc < 0) + goto err_out; + break; + case SMB_QUERY_POSIX_ACL: + ksmbd_debug(SMB, "SMB_QUERY_POSIX_ACL\n"); + rc = smb_get_acl(work, &path); + if (rc < 0) + goto err_out; + break; + default: + pr_err("query path info not implemnted for %x\n", + le16_to_cpu(req_params->InformationLevel)); + rc = -EINVAL; + goto err_out; + } + +err_out: + path_put(&path); +out: + ksmbd_revert_fsids(work); + kfree(name); + return rc; +} + +/** + * create_trans2_reply() - create response for trans2 request + * @work: smb work containing smb response buffer + * @count: trans2 response buffer size + */ +static void create_trans2_reply(struct ksmbd_work *work, __u16 count) +{ + struct smb_hdr *rsp_hdr = work->response_buf; + struct smb_com_trans2_rsp *rsp = work->response_buf; + + rsp_hdr->WordCount = 0x0A; + rsp->t2.TotalParameterCount = 0; + rsp->t2.TotalDataCount = cpu_to_le16(count); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = 0; + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = cpu_to_le16(count); + rsp->t2.DataOffset = cpu_to_le16(56); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + + rsp->ByteCount = cpu_to_le16(count + 1); + rsp->Pad = 0; + inc_rfc1001_len(rsp_hdr, 10 * 2 + (count + 1)); +} + +/** + * set_fs_info() - handler for set fs info commands + * @work: smb work containing set fs info command buffer + * + * Return: 0 on success, otherwise error + */ +static int set_fs_info(struct ksmbd_work *work) +{ + struct smb_com_trans2_setfsi_req *req = work->request_buf; + struct smb_com_trans2_setfsi_rsp *rsp = work->response_buf; + int info_level = le16_to_cpu(req->InformationLevel); + + switch (info_level) { + u64 client_cap; + + case SMB_SET_CIFS_UNIX_INFO: + ksmbd_debug(SMB, "SMB_SET_CIFS_UNIX_INFO\n"); + if (le16_to_cpu(req->ClientUnixMajor) != + CIFS_UNIX_MAJOR_VERSION) { + pr_err("Non compatible unix major info\n"); + return -EINVAL; + } + + if (le16_to_cpu(req->ClientUnixMinor) != + CIFS_UNIX_MINOR_VERSION) { + pr_err("Non compatible unix minor info\n"); + return -EINVAL; + } + + client_cap = le64_to_cpu(req->ClientUnixCap); + ksmbd_debug(SMB, "clients unix cap = %llx\n", client_cap); + /* TODO: process caps */ + rsp->t2.TotalDataCount = 0; + break; + default: + ksmbd_debug(SMB, "info level %x not supported\n", info_level); + return -EINVAL; + } + + create_trans2_reply(work, le16_to_cpu(rsp->t2.TotalDataCount)); + return 0; +} + +/** + * query_fs_info() - handler for query fs info commands + * @work: smb work containing query fs info command buffer + * + * Return: 0 on success, otherwise error + */ +static int query_fs_info(struct ksmbd_work *work) +{ + struct smb_hdr *req_hdr = work->request_buf; + struct smb_com_trans2_req *req = work->request_buf; + struct smb_com_trans2_rsp *rsp = work->response_buf; + struct smb_com_trans2_qfsi_req_params *req_params; + struct ksmbd_conn *conn = work->conn; + struct kstatfs stfs; + struct ksmbd_share_config *share; + int rc; + struct path path; + bool incomplete = false; + int info_level, len = 0; + struct ksmbd_tree_connect *tree_conn; + + req_params = (struct smb_com_trans2_qfsi_req_params *) + (work->request_buf + le16_to_cpu(req->ParameterOffset) + 4); + /* check if more data is coming */ + if (le16_to_cpu(req->TotalParameterCount) != + le16_to_cpu(req->ParameterCount)) { + ksmbd_debug(SMB, "total param = %d, received = %d\n", + le16_to_cpu(req->TotalParameterCount), + le16_to_cpu(req->ParameterCount)); + incomplete = true; + } + + if (le16_to_cpu(req->TotalDataCount) != le16_to_cpu(req->DataCount)) { + ksmbd_debug(SMB, "total data = %d, received = %d\n", + le16_to_cpu(req->TotalDataCount), + le16_to_cpu(req->DataCount)); + incomplete = true; + } + + if (incomplete) { + /* create 1 trans_state structure + * and add to connection list + */ + } + + info_level = le16_to_cpu(req_params->InformationLevel); + + tree_conn = ksmbd_tree_conn_lookup(work->sess, + le16_to_cpu(req_hdr->Tid)); + if (!tree_conn) + return -ENOENT; + share = tree_conn->share_conf; + + if (test_share_config_flag(share, KSMBD_SHARE_FLAG_PIPE)) + return -ENOENT; + + if (ksmbd_override_fsids(work)) + return -ENOMEM; + + rc = kern_path(share->path, LOOKUP_NO_SYMLINKS, &path); + if (rc) { + ksmbd_revert_fsids(work); + pr_err("cannot create vfs path\n"); + return rc; + } + + rc = vfs_statfs(&path, &stfs); + if (rc) { + pr_err("cannot do stat of path %s\n", share->path); + goto err_out; + } + + switch (info_level) { + case SMB_INFO_ALLOCATION: + { + struct filesystem_alloc_info *ainfo; + + ksmbd_debug(SMB, "GOT SMB_INFO_ALLOCATION\n"); + rsp->t2.TotalDataCount = cpu_to_le16(18); + ainfo = (struct filesystem_alloc_info *)(&rsp->Pad + 1); + ainfo->fsid = 0; + ainfo->BytesPerSector = cpu_to_le16(512); + ainfo->SectorsPerAllocationUnit = + cpu_to_le32(stfs.f_bsize/le16_to_cpu(ainfo->BytesPerSector)); + ainfo->TotalAllocationUnits = cpu_to_le32(stfs.f_blocks); + ainfo->FreeAllocationUnits = cpu_to_le32(stfs.f_bfree); + break; + } + case SMB_QUERY_FS_VOLUME_INFO: + { + struct filesystem_vol_info *vinfo; + + ksmbd_debug(SMB, "GOT SMB_QUERY_FS_VOLUME_INFO\n"); + vinfo = (struct filesystem_vol_info *)(&rsp->Pad + 1); + vinfo->VolumeCreationTime = 0; + /* Taking dummy value of serial number*/ + vinfo->SerialNumber = cpu_to_le32(0xbc3ac512); + len = smbConvertToUTF16((__le16 *)vinfo->VolumeLabel, + share->name, PATH_MAX, conn->local_nls, 0); + vinfo->VolumeLabelSize = cpu_to_le32(len); + vinfo->Reserved = 0; + rsp->t2.TotalDataCount = + cpu_to_le16(sizeof(struct filesystem_vol_info) + + len - 2); + break; + } + case SMB_QUERY_FS_SIZE_INFO: + { + struct filesystem_info *sinfo; + + ksmbd_debug(SMB, "GOT SMB_QUERY_FS_SIZE_INFO\n"); + rsp->t2.TotalDataCount = cpu_to_le16(24); + sinfo = (struct filesystem_info *)(&rsp->Pad + 1); + sinfo->BytesPerSector = cpu_to_le32(512); + sinfo->SectorsPerAllocationUnit = + cpu_to_le32(stfs.f_bsize/sinfo->BytesPerSector); + sinfo->TotalAllocationUnits = cpu_to_le64(stfs.f_blocks); + sinfo->FreeAllocationUnits = cpu_to_le64(stfs.f_bfree); + break; + } + case SMB_QUERY_FS_DEVICE_INFO: + { + struct filesystem_device_info *fdi; + + /* query fs info device info response is 0 word and 8 bytes */ + ksmbd_debug(SMB, "GOT SMB_QUERY_FS_DEVICE_INFO\n"); + if (le16_to_cpu(req->MaxDataCount) < 8) { + pr_err("Insufficient bytes, cannot response()\n"); + rc = -EINVAL; + goto err_out; + } + + rsp->t2.TotalDataCount = cpu_to_le16(18); + fdi = (struct filesystem_device_info *)(&rsp->Pad + 1); + fdi->DeviceType = cpu_to_le32(FILE_DEVICE_DISK); + fdi->DeviceCharacteristics = cpu_to_le32(0x20); + break; + } + case SMB_QUERY_FS_ATTRIBUTE_INFO: + { + struct filesystem_attribute_info *info; + + ksmbd_debug(SMB, "GOT SMB_QUERY_FS_ATTRIBUTE_INFO\n"); + /* constant 12 bytes + variable filesystem name */ + info = (struct filesystem_attribute_info *)(&rsp->Pad + 1); + + if (le16_to_cpu(req->MaxDataCount) < 12) { + pr_err("Insufficient bytes, cannot response()\n"); + rc = -EINVAL; + goto err_out; + } + + info->Attributes = cpu_to_le32(FILE_CASE_PRESERVED_NAMES | + FILE_CASE_SENSITIVE_SEARCH | + FILE_VOLUME_QUOTAS); + info->MaxPathNameComponentLength = cpu_to_le32(stfs.f_namelen); + info->FileSystemNameLen = 0; + rsp->t2.TotalDataCount = cpu_to_le16(12); + break; + } + case SMB_QUERY_CIFS_UNIX_INFO: + { + struct filesystem_unix_info *uinfo; + + ksmbd_debug(SMB, "GOT SMB_QUERY_CIFS_UNIX_INFO\n"); + /* constant 12 bytes + variable filesystem name */ + uinfo = (struct filesystem_unix_info *)(&rsp->Pad + 1); + + if (le16_to_cpu(req->MaxDataCount) < 12) { + pr_err("Insufficient bytes, cannot response()\n"); + rc = -EINVAL; + goto err_out; + } + uinfo->MajorVersionNumber = + cpu_to_le16(CIFS_UNIX_MAJOR_VERSION); + uinfo->MinorVersionNumber = + cpu_to_le16(CIFS_UNIX_MINOR_VERSION); + uinfo->Capability = cpu_to_le64(SMB_UNIX_CAPS); + rsp->t2.TotalDataCount = cpu_to_le16(12); + break; + } + case SMB_QUERY_POSIX_FS_INFO: + { + struct filesystem_posix_info *pinfo; + + ksmbd_debug(SMB, "GOT SMB_QUERY_POSIX_FS_INFO\n"); + rsp->t2.TotalDataCount = cpu_to_le16(56); + pinfo = (struct filesystem_posix_info *)(&rsp->Pad + 1); + pinfo->BlockSize = cpu_to_le32(stfs.f_bsize); + pinfo->OptimalTransferSize = cpu_to_le32(stfs.f_blocks); + pinfo->TotalBlocks = cpu_to_le64(stfs.f_blocks); + pinfo->BlocksAvail = cpu_to_le64(stfs.f_bfree); + pinfo->UserBlocksAvail = cpu_to_le64(stfs.f_bavail); + pinfo->TotalFileNodes = cpu_to_le64(stfs.f_files); + pinfo->FreeFileNodes = cpu_to_le64(stfs.f_ffree); + pinfo->FileSysIdentifier = 0; + break; + } + default: + ksmbd_debug(SMB, "info level %x not implemented\n", info_level); + rc = -EINVAL; + goto err_out; + } + + create_trans2_reply(work, le16_to_cpu(rsp->t2.TotalDataCount)); + +err_out: + path_put(&path); + ksmbd_revert_fsids(work); + return rc; +} + +/** + * smb_posix_convert_flags() - convert smb posix access flags to open flags + * @flags: smb posix access flags + * + * Return: file open flags + */ +static __u32 smb_posix_convert_flags(__u32 flags, int *may_flags) +{ + __u32 posix_flags = 0; + + if ((flags & SMB_ACCMODE) == SMB_O_RDONLY) + posix_flags = O_RDONLY; + else if ((flags & SMB_ACCMODE) == SMB_O_WRONLY) + posix_flags = O_WRONLY; + else if ((flags & SMB_ACCMODE) == SMB_O_RDWR) + posix_flags = O_RDWR; + + if (flags & SMB_O_SYNC) + posix_flags |= O_DSYNC; + if (flags & SMB_O_DIRECTORY) + posix_flags |= O_DIRECTORY; + if (flags & SMB_O_NOFOLLOW) + posix_flags |= O_NOFOLLOW; + if (flags & SMB_O_APPEND) + posix_flags |= O_APPEND; + + *may_flags = ksmbd_openflags_to_mayflags(posix_flags); + + return posix_flags; +} + +/** + * smb_get_disposition() - convert smb disposition flags to open flags + * @flags: smb file disposition flags + * @file_present: file already present or not + * @stat: file stat information + * @open_flags: open flags should be stored here + * + * Return: file disposition flags + */ +static int smb_get_disposition(unsigned int flags, bool file_present, + struct kstat *stat, unsigned int *open_flags) +{ + int dispostion, disp_flags; + + if ((flags & (SMB_O_CREAT | SMB_O_EXCL)) == (SMB_O_CREAT | SMB_O_EXCL)) + dispostion = FILE_CREATE; + else if ((flags & (SMB_O_CREAT | SMB_O_TRUNC)) == + (SMB_O_CREAT | SMB_O_TRUNC)) + dispostion = FILE_OVERWRITE_IF; + else if ((flags & SMB_O_CREAT) == SMB_O_CREAT) + dispostion = FILE_OPEN_IF; + else if ((flags & SMB_O_TRUNC) == SMB_O_TRUNC) + dispostion = FILE_OVERWRITE; + else if ((flags & (SMB_O_CREAT | SMB_O_EXCL | SMB_O_TRUNC)) == 0) + dispostion = FILE_OPEN; + else + dispostion = FILE_SUPERSEDE; + + disp_flags = file_create_dispostion_flags(dispostion, file_present); + if (disp_flags < 0) + return disp_flags; + + *open_flags |= disp_flags; + return disp_flags; +} + +/** + * smb_posix_open() - handler for smb posix open + * @work: smb work containing posix open command + * + * Return: 0 on success, otherwise error + */ +static int smb_posix_open(struct ksmbd_work *work) +{ + struct smb_com_trans2_spi_req *pSMB_req = work->request_buf; + struct smb_com_trans2_spi_rsp *pSMB_rsp = work->response_buf; + struct ksmbd_share_config *share = work->tcon->share_conf; + struct open_psx_req *psx_req; + struct open_psx_rsp *psx_rsp; + struct file_unix_basic_info *unix_info; + struct path path; + struct kstat stat; + __u16 data_offset, rsp_info_level, file_info = 0; + __u32 oplock_flags, posix_open_flags, may_flags; + umode_t mode; + char *name; + bool file_present = true; + int err; + struct ksmbd_file *fp = NULL; + int oplock_rsp = OPLOCK_NONE; + + name = smb_get_name(share, pSMB_req->FileName, PATH_MAX, work, false); + if (IS_ERR(name)) { + pSMB_rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(name); + } + + if (ksmbd_override_fsids(work)) { + pSMB_rsp->hdr.Status.CifsError = STATUS_NO_MEMORY; + kfree(name); + return -ENOMEM; + } + + err = ksmbd_vfs_kern_path(work, name, LOOKUP_NO_SYMLINKS, &path, 0); + if (err) { + file_present = false; + ksmbd_debug(SMB, "cannot get linux path for %s, err = %d\n", + name, err); + if (err == -EACCES || err == -EXDEV) + goto out; + } else { + if (d_is_symlink(path.dentry)) { + err = -EACCES; + goto free_path; + } + err = vfs_getattr(&path, &stat, STATX_BASIC_STATS, + AT_STATX_SYNC_AS_STAT); + if (err) { + pr_err("can not stat %s, err = %d\n", name, err); + goto free_path; + } + } + + data_offset = le16_to_cpu(pSMB_req->DataOffset); + psx_req = (struct open_psx_req *)(((char *)&pSMB_req->hdr.Protocol) + + data_offset); + oplock_flags = le32_to_cpu(psx_req->OpenFlags); + + posix_open_flags = smb_posix_convert_flags( + le32_to_cpu(psx_req->PosixOpenFlags), + &may_flags); + err = smb_get_disposition(le32_to_cpu(psx_req->PosixOpenFlags), + file_present, &stat, + &posix_open_flags); + if (err < 0) { + ksmbd_debug(SMB, "create_dispostion returned %d\n", err); + if (file_present) + goto free_path; + else + goto out; + } + + ksmbd_debug(SMB, "filename : %s, posix_open_flags : %x\n", name, + posix_open_flags); + mode = (umode_t) le64_to_cpu(psx_req->Permissions); + rsp_info_level = le16_to_cpu(psx_req->Level); + + if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) { + if (posix_open_flags & O_CREAT) { + err = -EACCES; + ksmbd_debug(SMB, + "returning as user does not have permission to write\n"); + if (file_present) + goto free_path; + else + goto out; + } + } + + /* posix mkdir command */ + if (posix_open_flags == (O_DIRECTORY | O_CREAT)) { + if (file_present) { + err = -EEXIST; + goto free_path; + } + + err = ksmbd_vfs_mkdir(work, name, mode); + if (err) + goto out; + + err = ksmbd_vfs_kern_path(work, name, 0, &path, 0); + if (err) { + pr_err("cannot get linux path, err = %d\n", err); + goto out; + } + ksmbd_debug(SMB, "mkdir done for %s, inode %lu\n", + name, d_inode(path.dentry)->i_ino); + goto prepare_rsp; + } + + if (!file_present && (posix_open_flags & O_CREAT)) { + err = ksmbd_vfs_create(work, name, mode); + if (err) + goto out; + + err = ksmbd_vfs_kern_path(work, name, 0, &path, 0); + if (err) { + pr_err("cannot get linux path, err = %d\n", err); + goto out; + } + } else if (file_present) { +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) + err = inode_permission(mnt_user_ns(path.mnt), + d_inode(path.dentry), + may_flags); +#else + err = inode_permission(d_inode(path.dentry), + may_flags); +#endif + if (err) + goto free_path; + } + + fp = ksmbd_vfs_dentry_open(work, &path, posix_open_flags, + 0, file_present); + if (IS_ERR(fp)) { + err = PTR_ERR(fp); + fp = NULL; + goto free_path; + } + fp->pid = le16_to_cpu(pSMB_req->hdr.Pid); + + write_lock(&fp->f_ci->m_lock); + list_add(&fp->node, &fp->f_ci->m_fp_list); + write_unlock(&fp->f_ci->m_lock); + + if (smb1_oplock_enable && + test_share_config_flag(work->tcon->share_conf, + KSMBD_SHARE_FLAG_OPLOCKS) && + !S_ISDIR(file_inode(fp->filp)->i_mode)) { + /* Client cannot request levelII oplock directly */ + err = smb_grant_oplock(work, oplock_flags & + (REQ_OPLOCK | REQ_BATCHOPLOCK), fp->volatile_id, fp, + le16_to_cpu(pSMB_req->hdr.Tid), NULL, 0); + if (err) + goto free_path; + } + + oplock_rsp = fp->f_opinfo != NULL ? fp->f_opinfo->level : 0; + +prepare_rsp: + /* open/mkdir success, send back response */ + data_offset = sizeof(struct smb_com_trans2_spi_rsp) - + sizeof(pSMB_rsp->hdr.smb_buf_length) + + 3 /*alignment*/; + psx_rsp = (struct open_psx_rsp *)(((char *)&pSMB_rsp->hdr.Protocol) + + data_offset); + if (data_offset + sizeof(struct open_psx_rsp) > work->response_sz) { + err = -EIO; + goto free_path; + } + + psx_rsp->OplockFlags = cpu_to_le16(oplock_rsp); + psx_rsp->Fid = fp != NULL ? fp->volatile_id : 0; + + if (file_present) { + if (!(posix_open_flags & O_TRUNC)) + file_info = F_OPENED; + else + file_info = F_OVERWRITTEN; + } else + file_info = F_CREATED; + psx_rsp->CreateAction = cpu_to_le32(file_info); + + if (rsp_info_level != SMB_QUERY_FILE_UNIX_BASIC) { + ksmbd_debug(SMB, "returning null information level response"); + rsp_info_level = SMB_NO_INFO_LEVEL_RESPONSE; + } + psx_rsp->ReturnedLevel = cpu_to_le16(rsp_info_level); + + err = vfs_getattr(&path, &stat, STATX_BASIC_STATS, + AT_STATX_SYNC_AS_STAT); + if (err) { + pr_err("cannot get stat information\n"); + goto free_path; + } + + pSMB_rsp->hdr.Status.CifsError = STATUS_SUCCESS; + unix_info = (struct file_unix_basic_info *)((char *)psx_rsp + + sizeof(struct open_psx_rsp)); + init_unix_info(unix_info, mnt_user_ns(path.mnt), &stat); + + pSMB_rsp->hdr.WordCount = 10; + pSMB_rsp->t2.TotalParameterCount = cpu_to_le16(2); + pSMB_rsp->t2.TotalDataCount = cpu_to_le16(sizeof(struct open_psx_rsp) + + sizeof(struct file_unix_basic_info)); + pSMB_rsp->t2.ParameterCount = pSMB_rsp->t2.TotalParameterCount; + pSMB_rsp->t2.Reserved = 0; + pSMB_rsp->t2.ParameterCount = cpu_to_le16(2); + pSMB_rsp->t2.ParameterOffset = cpu_to_le16(56); + pSMB_rsp->t2.ParameterDisplacement = 0; + pSMB_rsp->t2.DataCount = pSMB_rsp->t2.TotalDataCount; + pSMB_rsp->t2.DataOffset = cpu_to_le16(data_offset); + pSMB_rsp->t2.DataDisplacement = 0; + pSMB_rsp->t2.SetupCount = 0; + pSMB_rsp->t2.Reserved1 = 0; + + /* 2 for parameter count + 112 data count + 3 pad (1 pad1 + 2 pad2)*/ + pSMB_rsp->ByteCount = cpu_to_le16(117); + pSMB_rsp->Reserved2 = 0; + inc_rfc1001_len(&pSMB_rsp->hdr, + (pSMB_rsp->hdr.WordCount * 2 + 117)); + +free_path: + path_put(&path); +out: + switch (err) { + case 0: + break; + case -ENOSPC: + pSMB_rsp->hdr.Status.CifsError = STATUS_DISK_FULL; + break; + case -EINVAL: + pSMB_rsp->hdr.Status.CifsError = STATUS_NO_SUCH_USER; + break; + case -EACCES: + pSMB_rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + break; + case -ENOENT: + pSMB_rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_NOT_FOUND; + break; + case -EBUSY: + pSMB_rsp->hdr.Status.CifsError = STATUS_DELETE_PENDING; + break; + default: + pSMB_rsp->hdr.Status.CifsError = + STATUS_UNEXPECTED_IO_ERROR; + } + + if (err && fp) + ksmbd_close_fd(work, fp->volatile_id); + kfree(name); + ksmbd_revert_fsids(work); + return err; +} + +/** + * smb_posix_unlink() - handler for posix file delete + * @work: smb work containing trans2 posix delete command + * + * Return: 0 on success, otherwise error + */ +static int smb_posix_unlink(struct ksmbd_work *work) +{ + struct smb_com_trans2_spi_req *req = work->request_buf; + struct smb_com_trans2_rsp *rsp = work->response_buf; + struct unlink_psx_rsp *psx_rsp = NULL; + struct ksmbd_share_config *share = work->tcon->share_conf; + char *name; + int rc = 0; + + if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) { + ksmbd_debug(SMB, + "returning as user does not have permission to write\n"); + rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + return -EACCES; + } + + name = smb_get_name(share, req->FileName, PATH_MAX, work, false); + if (IS_ERR(name)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(name); + } + + rc = ksmbd_vfs_remove_file(work, name); + if (rc < 0) + goto out; + + psx_rsp = (struct unlink_psx_rsp *)((char *)rsp + + sizeof(struct smb_com_trans2_rsp)); + psx_rsp->EAErrorOffset = cpu_to_le16(0); + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + + rsp->hdr.WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = cpu_to_le16(0); + rsp->t2.ParameterCount = rsp->t2.TotalParameterCount; + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = rsp->t2.TotalDataCount; + rsp->t2.DataOffset = cpu_to_le16(0); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + + /* 2 for parameter count + 1 pad1*/ + rsp->ByteCount = cpu_to_le16(3); + rsp->Pad = 0; + inc_rfc1001_len(&rsp->hdr, rsp->hdr.WordCount * 2 + 3); + +out: + if (rc) + rsp->hdr.Status.CifsError = STATUS_UNEXPECTED_IO_ERROR; + + kfree(name); + return rc; +} + +/** + * smb_set_time_pathinfo() - handler for setting time using set path info + * @work: smb work containing set path info command + * + * Return: 0 on success, otherwise error + */ +static int smb_set_time_pathinfo(struct ksmbd_work *work) +{ + struct smb_com_trans2_spi_req *req = work->request_buf; + struct smb_com_trans2_rsp *rsp = work->response_buf; + struct file_basic_info *info; + struct ksmbd_share_config *share = work->tcon->share_conf; + struct iattr attrs; + char *name; + int err = 0; + + name = smb_get_name(share, req->FileName, PATH_MAX, work, false); + if (IS_ERR(name)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(name); + } + + info = (struct file_basic_info *)(((char *) &req->hdr.Protocol) + + le16_to_cpu(req->DataOffset)); + + attrs.ia_valid = 0; + if (le64_to_cpu(info->LastAccessTime)) { + attrs.ia_atime = smb_NTtimeToUnix(info->LastAccessTime); + attrs.ia_valid |= (ATTR_ATIME | ATTR_ATIME_SET); + } + + if (le64_to_cpu(info->ChangeTime)) { + attrs.ia_ctime = smb_NTtimeToUnix(info->ChangeTime); + attrs.ia_valid |= ATTR_CTIME; + } + + if (le64_to_cpu(info->LastWriteTime)) { + attrs.ia_mtime = smb_NTtimeToUnix(info->LastWriteTime); + attrs.ia_valid |= (ATTR_MTIME | ATTR_MTIME_SET); + } + /* TODO: check dos mode and acl bits if req->Attributes nonzero */ + + if (!attrs.ia_valid) + goto done; + + err = ksmbd_vfs_setattr(work, name, 0, &attrs); + if (err) { + rsp->hdr.Status.CifsError = STATUS_INVALID_PARAMETER; + return err; + } + +done: + ksmbd_debug(SMB, "%s setattr done\n", name); + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = 0; + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = rsp->t2.TotalParameterCount; + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = rsp->t2.TotalDataCount; + rsp->t2.DataOffset = 0; + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + + /* 3 pad (1 pad1 + 2 pad2)*/ + rsp->ByteCount = cpu_to_le16(3); + inc_rfc1001_len(&rsp->hdr, rsp->hdr.WordCount * 2 + 3); + + kfree(name); + return 0; +} + +/** + * smb_set_unix_pathinfo() - handler for setting unix path info(setattr) + * @work: smb work containing set path info command + * + * Return: 0 on success, otherwise error + */ +static int smb_set_unix_pathinfo(struct ksmbd_work *work) +{ + struct smb_com_trans2_spi_req *req = work->request_buf; + struct smb_com_trans2_rsp *rsp = work->response_buf; + struct file_unix_basic_info *unix_info; + struct ksmbd_share_config *share = work->tcon->share_conf; + struct path path; + struct iattr attrs; + char *name; + int err = 0; + + name = smb_get_name(share, req->FileName, PATH_MAX, work, false); + if (IS_ERR(name)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(name); + } + + if (ksmbd_override_fsids(work)) + return -ENOMEM; + err = kern_path(name, 0, &path); + if (err) { + ksmbd_revert_fsids(work); + kfree(name); + return -ENOENT; + } + + unix_info = (struct file_unix_basic_info *) + (((char *) &req->hdr.Protocol) + le16_to_cpu(req->DataOffset)); + attrs.ia_valid = 0; + attrs.ia_mode = 0; + err = unix_info_to_attr(unix_info, mnt_user_ns(path.mnt), &attrs); + path_put(&path); + ksmbd_revert_fsids(work); + if (err) + goto out; + + err = ksmbd_vfs_setattr(work, name, 0, &attrs); + if (err) + goto out; + /* setattr success, prepare response */ + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = 0; + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = rsp->t2.TotalParameterCount; + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = rsp->t2.TotalDataCount; + rsp->t2.DataOffset = 0; + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + + /* 3 pad (1 pad1 + 2 pad2)*/ + rsp->ByteCount = cpu_to_le16(3); + inc_rfc1001_len(&rsp->hdr, rsp->hdr.WordCount * 2 + 3); + +out: + kfree(name); + if (err) { + rsp->hdr.Status.CifsError = STATUS_INVALID_PARAMETER; + return err; + } + return 0; +} + +/** + * smb_set_ea() - handler for setting extended attributes using set path + * info command + * @work: smb work containing set path info command + * + * Return: 0 on success, otherwise error + */ +static int smb_set_ea(struct ksmbd_work *work) +{ + struct smb_com_trans2_spi_req *req = work->request_buf; + struct smb_com_trans2_rsp *rsp = work->response_buf; + struct ksmbd_share_config *share = work->tcon->share_conf; + struct fealist *eabuf; + struct fea *ea; + char *fname, *attr_name = NULL, *value; + int rc = 0, list_len, i, next = 0; + + fname = smb_get_name(share, req->FileName, PATH_MAX, work, false); + if (IS_ERR(fname)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(fname); + } + + eabuf = (struct fealist *)(((char *) &req->hdr.Protocol) + + le16_to_cpu(req->DataOffset)); + + list_len = le32_to_cpu(eabuf->list_len) - 4; + ea = (struct fea *)eabuf->list; + + for (i = 0; list_len >= 0 && ea->name_len != 0; i++, list_len -= next) { + if (ea->name_len > (XATTR_NAME_MAX - XATTR_USER_PREFIX_LEN)) { + rc = -EINVAL; + goto out; + } + + next = ea->name_len + le16_to_cpu(ea->value_len) + 4; + + attr_name = kmalloc(XATTR_NAME_MAX + 1, GFP_KERNEL); + if (!attr_name) { + rc = -ENOMEM; + goto out; + } + + memcpy(attr_name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN); + memcpy(&attr_name[XATTR_USER_PREFIX_LEN], ea->name, + ea->name_len); + attr_name[XATTR_USER_PREFIX_LEN + ea->name_len] = '\0'; + value = (char *)&ea->name + ea->name_len + 1; + ksmbd_debug(SMB, "name: <%s>, name_len %u, value_len %u\n", + ea->name, ea->name_len, le16_to_cpu(ea->value_len)); + + rc = ksmbd_vfs_fsetxattr(work, fname, attr_name, value, + le16_to_cpu(ea->value_len), + 0); + if (rc < 0) { + kfree(attr_name); + rsp->hdr.Status.CifsError = + STATUS_UNEXPECTED_IO_ERROR; + goto out; + } + kfree(attr_name); + ea += next; + } + + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = cpu_to_le16(0); + rsp->t2.ParameterCount = rsp->t2.TotalParameterCount; + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = rsp->t2.TotalDataCount; + rsp->t2.DataOffset = cpu_to_le16(0); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + + /* 2 for parameter count + 1 pad1*/ + rsp->ByteCount = cpu_to_le16(3); + rsp->Pad = 0; + inc_rfc1001_len(&rsp->hdr, rsp->hdr.WordCount * 2 + 3); + +out: + kfree(fname); + return rc; +} + +/** + * smb_set_file_size_pinfo() - handler for setting eof or truncate using + * trans2 set path info command + * @work: smb work containing set path info command + * + * Return: 0 on success, otherwise error + */ +static int smb_set_file_size_pinfo(struct ksmbd_work *work) +{ + struct smb_com_trans2_spi_req *req = work->request_buf; + struct smb_com_trans2_rsp *rsp = work->response_buf; + struct ksmbd_share_config *share = work->tcon->share_conf; + struct file_end_of_file_info *eofinfo; + struct iattr attr; + char *name = NULL; + loff_t newsize; + int rc = 0; + + name = smb_get_name(share, req->FileName, PATH_MAX, work, false); + if (IS_ERR(name)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(name); + } + + eofinfo = (struct file_end_of_file_info *) + (((char *) &req->hdr.Protocol) + le16_to_cpu(req->DataOffset)); + newsize = le64_to_cpu(eofinfo->FileSize); + attr.ia_valid = ATTR_SIZE; + attr.ia_size = newsize; + rc = ksmbd_vfs_setattr(work, name, 0, &attr); + if (rc) { + rsp->hdr.Status.CifsError = STATUS_INVALID_PARAMETER; + goto out; + } + ksmbd_debug(SMB, "%s truncated to newsize %lld\n", + name, newsize); + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = 0; + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = rsp->t2.TotalParameterCount; + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = rsp->t2.TotalDataCount; + rsp->t2.DataOffset = 0; + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + + /* 2 for parameter count + 1 pad1*/ + rsp->ByteCount = cpu_to_le16(3); + inc_rfc1001_len(&rsp->hdr, rsp->hdr.WordCount * 2 + 3); + +out: + kfree(name); + return rc; +} + +/** + * smb_creat_hardlink() - handler for creating hardlink + * @work: smb work containing set path info command buffer + * + * Return: 0 on success, otherwise error + */ +static int smb_creat_hardlink(struct ksmbd_work *work) +{ + struct smb_com_trans2_spi_req *req = work->request_buf; + struct smb_com_trans2_rsp *rsp = work->response_buf; + struct ksmbd_share_config *share = work->tcon->share_conf; + char *oldname, *newname, *oldname_offset; + int err; + + newname = smb_get_name(share, req->FileName, PATH_MAX, work, false); + if (IS_ERR(newname)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(newname); + } + + oldname_offset = ((char *)&req->hdr.Protocol) + + le16_to_cpu(req->DataOffset); + oldname = smb_get_name(share, oldname_offset, PATH_MAX, work, false); + if (IS_ERR(oldname)) { + err = PTR_ERR(oldname); + oldname = NULL; + goto out; + } + ksmbd_debug(SMB, "oldname %s, newname %s\n", oldname, newname); + + err = ksmbd_vfs_link(work, oldname, newname); + if (err < 0) { + if (err == -EACCES) + rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + else + rsp->hdr.Status.CifsError = STATUS_NOT_SAME_DEVICE; + goto out; + } + + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = 0; + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = rsp->t2.TotalParameterCount; + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = 0; + rsp->t2.DataOffset = 0; + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + rsp->ByteCount = cpu_to_le16(3); + inc_rfc1001_len(&rsp->hdr, rsp->hdr.WordCount * 2 + 3); +out: + kfree(newname); + kfree(oldname); + return err; +} + +/** + * smb_creat_symlink() - handler for creating symlink + * @work: smb work containing set path info command buffer + * + * Return: 0 on success, otherwise error + */ +static int smb_creat_symlink(struct ksmbd_work *work) +{ + struct smb_com_trans2_spi_req *req = work->request_buf; + struct smb_com_trans2_spi_rsp *rsp = work->response_buf; + struct ksmbd_share_config *share = work->tcon->share_conf; + char *name, *symname, *name_offset; + bool is_unicode = is_smbreq_unicode(&req->hdr); + int err; + + symname = smb_get_name(share, req->FileName, PATH_MAX, work, false); + if (IS_ERR(symname)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(symname); + } + + name_offset = ((char *)&req->hdr.Protocol) + + le16_to_cpu(req->DataOffset); + name = smb_strndup_from_utf16(name_offset, PATH_MAX, is_unicode, + work->conn->local_nls); + if (IS_ERR(name)) { + kfree(symname); + rsp->hdr.Status.CifsError = STATUS_NO_MEMORY; + return PTR_ERR(name); + } + ksmbd_debug(SMB, "name %s, symname %s\n", name, symname); + + err = ksmbd_vfs_symlink(work, name, symname); + if (err < 0) { + if (err == -ENOSPC) + rsp->hdr.Status.CifsError = STATUS_DISK_FULL; + else if (err == -EEXIST) + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_COLLISION; + else + rsp->hdr.Status.CifsError = STATUS_NOT_SAME_DEVICE; + } else + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + + rsp->hdr.WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = 0; + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = rsp->t2.TotalParameterCount; + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = 0; + rsp->t2.DataOffset = 0; + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + rsp->ByteCount = cpu_to_le16(3); + inc_rfc1001_len(&rsp->hdr, rsp->hdr.WordCount * 2 + 3); + kfree(name); + kfree(symname); + return err; +} + +/** + * set_path_info() - handler for trans2 set path info sub commands + * @work: smb work containing set path info command + * + * Return: 0 on success, otherwise error + */ +static int set_path_info(struct ksmbd_work *work) +{ + struct smb_com_trans2_spi_req *pSMB_req = work->request_buf; + struct smb_com_trans2_spi_rsp *pSMB_rsp = work->response_buf; + __u16 info_level, total_param; + int err = 0; + + info_level = le16_to_cpu(pSMB_req->InformationLevel); + total_param = le16_to_cpu(pSMB_req->TotalParameterCount); + if (total_param < 7) { + pSMB_rsp->hdr.Status.CifsError = STATUS_INVALID_PARAMETER; + pr_err("invalid total parameter for info_level 0x%x\n", + total_param); + return -EINVAL; + } + + switch (info_level) { + case SMB_POSIX_OPEN: + err = smb_posix_open(work); + break; + case SMB_POSIX_UNLINK: + err = smb_posix_unlink(work); + break; + case SMB_SET_FILE_UNIX_HLINK: + err = smb_creat_hardlink(work); + break; + case SMB_SET_FILE_UNIX_LINK: + err = smb_creat_symlink(work); + break; + case SMB_SET_FILE_BASIC_INFO: + /* fall through */ + case SMB_SET_FILE_BASIC_INFO2: + err = smb_set_time_pathinfo(work); + break; + case SMB_SET_FILE_UNIX_BASIC: + err = smb_set_unix_pathinfo(work); + break; + case SMB_SET_FILE_EA: + err = smb_set_ea(work); + break; + case SMB_SET_POSIX_ACL: + err = smb_set_acl(work); + break; + case SMB_SET_FILE_END_OF_FILE_INFO2: + /* fall through */ + case SMB_SET_FILE_END_OF_FILE_INFO: + err = smb_set_file_size_pinfo(work); + break; + default: + ksmbd_debug(SMB, "info level = %x not implemented yet\n", + info_level); + pSMB_rsp->hdr.Status.CifsError = STATUS_NOT_IMPLEMENTED; + return -EOPNOTSUPP; + } + + if (err < 0) + ksmbd_debug(SMB, "info_level 0x%x failed, err %d\n", + info_level, err); + return err; +} +static int readdir_info_level_struct_sz(int info_level) +{ + switch (info_level) { + case SMB_FIND_FILE_INFO_STANDARD: + return sizeof(struct find_info_standard); + case SMB_FIND_FILE_QUERY_EA_SIZE: + return sizeof(struct find_info_query_ea_size); + case SMB_FIND_FILE_DIRECTORY_INFO: + return sizeof(struct file_directory_info); + case SMB_FIND_FILE_FULL_DIRECTORY_INFO: + return sizeof(struct file_full_directory_info); + case SMB_FIND_FILE_NAMES_INFO: + return sizeof(struct file_names_info); + case SMB_FIND_FILE_BOTH_DIRECTORY_INFO: + return sizeof(struct file_both_directory_info); + case SMB_FIND_FILE_ID_FULL_DIR_INFO: + return sizeof(struct file_id_full_dir_info); + case SMB_FIND_FILE_ID_BOTH_DIR_INFO: + return sizeof(struct file_id_both_directory_info); + case SMB_FIND_FILE_UNIX: + return sizeof(struct file_unix_info); + default: + return -EOPNOTSUPP; + } +} + +/** + * smb_populate_readdir_entry() - encode directory entry in smb response buffer + * @conn: connection instance + * @info_level: smb information level + * @d_info: structure included variables for query dir + * @ksmbd_kstat: ksmbd wrapper of dirent stat information + * + * if directory has many entries, find first can't read it fully. + * find next might be called multiple times to read remaining dir entries + * + * Return: 0 on success, otherwise error + */ +static int smb_populate_readdir_entry(struct ksmbd_conn *conn, int info_level, + struct ksmbd_dir_info *d_info, struct ksmbd_kstat *ksmbd_kstat) +{ + int next_entry_offset; + char *conv_name; + int conv_len; + int struct_sz; + + struct_sz = readdir_info_level_struct_sz(info_level); + if (struct_sz == -EOPNOTSUPP) + return -EOPNOTSUPP; + + conv_name = ksmbd_convert_dir_info_name(d_info, + conn->local_nls, + &conv_len); + if (!conv_name) + return -ENOMEM; + + next_entry_offset = ALIGN(struct_sz - 1 + conv_len, + KSMBD_DIR_INFO_ALIGNMENT); + + if (next_entry_offset > d_info->out_buf_len) { + kfree(conv_name); + d_info->out_buf_len = -1; + return -ENOSPC; + } + + switch (info_level) { + case SMB_FIND_FILE_INFO_STANDARD: + { + struct find_info_standard *fsinfo; + + fsinfo = (struct find_info_standard *)(d_info->wptr); + unix_to_dos_time( + ksmbd_NTtimeToUnix( + cpu_to_le64(ksmbd_kstat->create_time)), + &fsinfo->CreationTime, + &fsinfo->CreationDate); + unix_to_dos_time(ksmbd_kstat->kstat->atime, + &fsinfo->LastAccessTime, + &fsinfo->LastAccessDate); + unix_to_dos_time(ksmbd_kstat->kstat->mtime, + &fsinfo->LastWriteTime, + &fsinfo->LastWriteDate); + fsinfo->DataSize = cpu_to_le32(ksmbd_kstat->kstat->size); + fsinfo->AllocationSize = + cpu_to_le32(ksmbd_kstat->kstat->blocks << 9); + fsinfo->Attributes = + cpu_to_le16(S_ISDIR(ksmbd_kstat->kstat->mode) ? + ATTR_DIRECTORY : ATTR_ARCHIVE); + fsinfo->FileNameLength = cpu_to_le16(conv_len); + memcpy(fsinfo->FileName, conv_name, conv_len); + + break; + } + case SMB_FIND_FILE_QUERY_EA_SIZE: + { + struct find_info_query_ea_size *fesize; + + fesize = (struct find_info_query_ea_size *)(d_info->wptr); + unix_to_dos_time( + ksmbd_NTtimeToUnix( + cpu_to_le64(ksmbd_kstat->create_time)), + &fesize->CreationTime, + &fesize->CreationDate); + unix_to_dos_time(ksmbd_kstat->kstat->atime, + &fesize->LastAccessTime, + &fesize->LastAccessDate); + unix_to_dos_time(ksmbd_kstat->kstat->mtime, + &fesize->LastWriteTime, + &fesize->LastWriteDate); + + fesize->DataSize = + cpu_to_le32(ksmbd_kstat->kstat->size); + fesize->AllocationSize = + cpu_to_le32(ksmbd_kstat->kstat->blocks << 9); + fesize->Attributes = + cpu_to_le16(S_ISDIR(ksmbd_kstat->kstat->mode) ? + ATTR_DIRECTORY : ATTR_ARCHIVE); + fesize->EASize = 0; + fesize->FileNameLength = (__u8)(conv_len); + memcpy(fesize->FileName, conv_name, conv_len); + + break; + } + case SMB_FIND_FILE_DIRECTORY_INFO: + { + struct file_directory_info *fdinfo = NULL; + + fdinfo = (struct file_directory_info *) + ksmbd_vfs_init_kstat(&d_info->wptr, ksmbd_kstat); + fdinfo->FileNameLength = cpu_to_le32(conv_len); + memcpy(fdinfo->FileName, conv_name, conv_len); + fdinfo->NextEntryOffset = cpu_to_le32(next_entry_offset); + memset((char *)fdinfo + struct_sz - 1 + conv_len, + '\0', + next_entry_offset - struct_sz - 1 + conv_len); + break; + } + case SMB_FIND_FILE_FULL_DIRECTORY_INFO: + { + struct file_full_directory_info *ffdinfo = NULL; + + ffdinfo = (struct file_full_directory_info *) + ksmbd_vfs_init_kstat(&d_info->wptr, ksmbd_kstat); + ffdinfo->FileNameLength = cpu_to_le32(conv_len); + ffdinfo->EaSize = 0; + memcpy(ffdinfo->FileName, conv_name, conv_len); + ffdinfo->NextEntryOffset = cpu_to_le32(next_entry_offset); + memset((char *)ffdinfo + struct_sz - 1 + conv_len, + '\0', + next_entry_offset - struct_sz - 1 + conv_len); + break; + } + case SMB_FIND_FILE_NAMES_INFO: + { + struct file_names_info *fninfo = NULL; + + fninfo = (struct file_names_info *)(d_info->wptr); + fninfo->FileNameLength = cpu_to_le32(conv_len); + memcpy(fninfo->FileName, conv_name, conv_len); + fninfo->NextEntryOffset = cpu_to_le32(next_entry_offset); + memset((char *)fninfo + struct_sz - 1 + conv_len, + '\0', + next_entry_offset - struct_sz - 1 + conv_len); + + break; + } + case SMB_FIND_FILE_BOTH_DIRECTORY_INFO: + { + struct file_both_directory_info *fbdinfo = NULL; + + fbdinfo = (struct file_both_directory_info *) + ksmbd_vfs_init_kstat(&d_info->wptr, ksmbd_kstat); + fbdinfo->FileNameLength = cpu_to_le32(conv_len); + fbdinfo->EaSize = 0; + fbdinfo->ShortNameLength = 0; + fbdinfo->Reserved = 0; + memcpy(fbdinfo->FileName, conv_name, conv_len); + fbdinfo->NextEntryOffset = cpu_to_le32(next_entry_offset); + memset((char *)fbdinfo + struct_sz - 1 + conv_len, + '\0', + next_entry_offset - struct_sz - 1 + conv_len); + break; + } + case SMB_FIND_FILE_ID_FULL_DIR_INFO: + { + struct file_id_full_dir_info *dinfo = NULL; + + dinfo = (struct file_id_full_dir_info *) + ksmbd_vfs_init_kstat(&d_info->wptr, ksmbd_kstat); + dinfo->FileNameLength = cpu_to_le32(conv_len); + dinfo->EaSize = 0; + dinfo->Reserved = 0; + dinfo->UniqueId = cpu_to_le64(ksmbd_kstat->kstat->ino); + memcpy(dinfo->FileName, conv_name, conv_len); + dinfo->NextEntryOffset = cpu_to_le32(next_entry_offset); + memset((char *)dinfo + struct_sz - 1 + conv_len, + '\0', + next_entry_offset - struct_sz - 1 + conv_len); + break; + } + case SMB_FIND_FILE_ID_BOTH_DIR_INFO: + { + struct file_id_both_directory_info *fibdinfo = NULL; + + fibdinfo = (struct file_id_both_directory_info *) + ksmbd_vfs_init_kstat(&d_info->wptr, ksmbd_kstat); + fibdinfo->FileNameLength = cpu_to_le32(conv_len); + fibdinfo->EaSize = 0; + fibdinfo->ShortNameLength = 0; + fibdinfo->Reserved = 0; + fibdinfo->Reserved2 = 0; + fibdinfo->UniqueId = cpu_to_le64(ksmbd_kstat->kstat->ino); + memcpy(fibdinfo->FileName, conv_name, conv_len); + fibdinfo->NextEntryOffset = cpu_to_le32(next_entry_offset); + memset((char *)fibdinfo + struct_sz - 1 + conv_len, + '\0', + next_entry_offset - struct_sz - 1 + conv_len); + + break; + } + case SMB_FIND_FILE_UNIX: + { + struct file_unix_info *finfo = NULL; + struct file_unix_basic_info *unix_info; + + finfo = (struct file_unix_info *)(d_info->wptr); + finfo->ResumeKey = 0; + unix_info = (struct file_unix_basic_info *)((char *)finfo + 8); + init_unix_info(unix_info, &init_user_ns, ksmbd_kstat->kstat); + /* include null terminator */ + memcpy(finfo->FileName, conv_name, conv_len + 2); + next_entry_offset += 2; + finfo->NextEntryOffset = cpu_to_le32(next_entry_offset); + memset((char *)finfo + struct_sz - 1 + conv_len, + '\0', + next_entry_offset - struct_sz - 1 + conv_len); + break; + } + } + + d_info->num_entry++; + d_info->last_entry_offset = d_info->data_count; + d_info->data_count += next_entry_offset; + d_info->out_buf_len -= next_entry_offset; + d_info->wptr = (char *)(d_info->wptr) + next_entry_offset; + kfree(conv_name); + + ksmbd_debug(SMB, "info_level : %d, buf_len :%d, next_offset : %d, data_count : %d\n", + info_level, d_info->out_buf_len, + next_entry_offset, d_info->data_count); + return 0; +} + +/** + * ksmbd_fill_dirent() - populates a dirent details in readdir + * @ctx: dir_context information + * @name: dirent name + * @namelen: dirent name length + * @offset: dirent offset in directory + * @ino: dirent inode number + * @d_type: dirent type + * + * Return: 0 on success, otherwise -EINVAL + */ +static int ksmbd_fill_dirent(struct dir_context *ctx, const char *name, int namlen, + loff_t offset, u64 ino, unsigned int d_type) +{ + struct ksmbd_readdir_data *buf = + container_of(ctx, struct ksmbd_readdir_data, ctx); + struct ksmbd_dirent *de = (void *)(buf->dirent + buf->used); + unsigned int reclen; + + reclen = ALIGN(sizeof(struct ksmbd_dirent) + namlen, sizeof(u64)); + if (buf->used + reclen > PAGE_SIZE) + return -EINVAL; + + de->namelen = namlen; + de->offset = offset; + de->ino = ino; + de->d_type = d_type; + memcpy(de->name, name, namlen); + buf->used += reclen; + + return 0; +} + +/** + * find_first() - smb readdir command + * @work: smb work containing find first request params + * + * Return: 0 on success, otherwise error + */ +static int find_first(struct ksmbd_work *work) +{ + struct smb_hdr *rsp_hdr = work->response_buf; + struct ksmbd_conn *conn = work->conn; + struct ksmbd_share_config *share = work->tcon->share_conf; + struct smb_com_trans2_req *req = work->request_buf; + struct smb_com_trans2_rsp *rsp = work->response_buf; + struct smb_com_trans2_ffirst_req_params *req_params; + struct smb_com_trans2_ffirst_rsp_parms *params = NULL; + struct path path; + struct ksmbd_dirent *de; + struct ksmbd_file *dir_fp = NULL; + struct kstat kstat; + struct ksmbd_kstat ksmbd_kstat; + struct ksmbd_dir_info d_info; + int params_count = sizeof(struct smb_com_trans2_ffirst_rsp_parms); + int data_alignment_offset = 0; + int rc = 0, reclen = 0; + int srch_cnt = 0; + char *dirpath = NULL; + char *srch_ptr = NULL; + int header_size; + int struct_sz; + + memset(&d_info, 0, sizeof(struct ksmbd_dir_info)); + + if (ksmbd_override_fsids(work)) { + rsp->hdr.Status.CifsError = STATUS_NO_MEMORY; + return -ENOMEM; + } + + req_params = (struct smb_com_trans2_ffirst_req_params *) + (work->request_buf + le16_to_cpu(req->ParameterOffset) + 4); + dirpath = smb_get_dir_name(share, req_params->FileName, PATH_MAX, + work, &srch_ptr); + if (IS_ERR(dirpath)) { + rsp->hdr.Status.CifsError = STATUS_NO_MEMORY; + rc = PTR_ERR(dirpath); + goto err_out; + } + + ksmbd_debug(SMB, "complete dir path = %s\n", dirpath); + rc = ksmbd_vfs_kern_path(work, dirpath, LOOKUP_NO_SYMLINKS | LOOKUP_DIRECTORY, + &path, 0); + if (rc < 0) { + ksmbd_debug(SMB, "cannot create vfs root path <%s> %d\n", + dirpath, rc); + goto err_free_dirpath; + } else { +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) + if (inode_permission(mnt_user_ns(path.mnt), + d_inode(path.dentry), + MAY_READ | MAY_EXEC)) { +#else + if (inode_permission(d_inode(path.dentry), + MAY_READ | MAY_EXEC)) { +#endif + rc = -EACCES; + path_put(&path); + goto err_free_dirpath; + } + } + + if (d_is_symlink(path.dentry)) { + rc = -EACCES; + path_put(&path); + goto err_free_dirpath; + } + + dir_fp = ksmbd_vfs_dentry_open(work, &path, O_RDONLY, 0, 1); + if (IS_ERR(dir_fp)) { + ksmbd_debug(SMB, "dir dentry open failed with rc=%d\n", rc); + path_put(&path); + rc = -EINVAL; + dir_fp = NULL; + goto err_free_dirpath; + } + + write_lock(&dir_fp->f_ci->m_lock); + list_add(&dir_fp->node, &dir_fp->f_ci->m_fp_list); + write_unlock(&dir_fp->f_ci->m_lock); + + set_ctx_actor(&dir_fp->readdir_data.ctx, ksmbd_fill_dirent); + dir_fp->readdir_data.dirent = (void *)__get_free_page(GFP_KERNEL); + if (!dir_fp->readdir_data.dirent) { + rc = -ENOMEM; + goto err_free_dirpath; + } + + dir_fp->filename = dirpath; + dir_fp->readdir_data.used = 0; + dir_fp->dirent_offset = 0; + dir_fp->readdir_data.file_attr = + le16_to_cpu(req_params->SearchAttributes); + + if (params_count % 4) + data_alignment_offset = 4 - params_count % 4; + + d_info.smb1_name = kmalloc(NAME_MAX + 1, GFP_KERNEL); + if (!d_info.smb1_name) { + rc = -ENOMEM; + goto err_out; + } + d_info.wptr = (char *)((char *)rsp + sizeof(struct smb_com_trans2_rsp) + + params_count + data_alignment_offset); + + header_size = sizeof(struct smb_com_trans2_rsp) + params_count + + data_alignment_offset; + + + struct_sz = readdir_info_level_struct_sz(le16_to_cpu(req_params->InformationLevel)); + + if (struct_sz < 0) { + rc = -EFAULT; + goto err_out; + } + + /* When search count is zero, respond only 1 entry. */ + srch_cnt = le16_to_cpu(req_params->SearchCount); + if (!srch_cnt) + d_info.out_buf_len = struct_sz + header_size; + else + d_info.out_buf_len = min_t(int, srch_cnt * struct_sz + header_size, + MAX_CIFS_LOOKUP_BUFFER_SIZE - header_size); + + + /* reserve dot and dotdot entries in head of buffer in first response */ + if (!*srch_ptr || is_asterisk(srch_ptr)) { + rc = ksmbd_populate_dot_dotdot_entries(work, + le16_to_cpu(req_params->InformationLevel), + dir_fp, + &d_info, + srch_ptr, + smb_populate_readdir_entry); + if (rc) + goto err_out; + } + + do { + if (dir_fp->dirent_offset >= dir_fp->readdir_data.used) { + dir_fp->dirent_offset = 0; + dir_fp->readdir_data.used = 0; + rc = iterate_dir(dir_fp->filp, &dir_fp->readdir_data.ctx); + if (rc < 0) { + ksmbd_debug(SMB, "err : %d\n", rc); + goto err_out; + } + + if (!dir_fp->readdir_data.used) { + free_page((unsigned long) + (dir_fp->readdir_data.dirent)); + dir_fp->readdir_data.dirent = NULL; + break; + } + + de = (struct ksmbd_dirent *) + ((char *)dir_fp->readdir_data.dirent); + } else { + de = (struct ksmbd_dirent *) + ((char *)dir_fp->readdir_data.dirent + + dir_fp->dirent_offset); + } + + reclen = ALIGN(sizeof(struct ksmbd_dirent) + de->namelen, + sizeof(__le64)); + dir_fp->dirent_offset += reclen; + + if (dir_fp->readdir_data.file_attr & + SMB_SEARCH_ATTRIBUTE_DIRECTORY && de->d_type != DT_DIR) + continue; + + ksmbd_kstat.kstat = &kstat; + + if (de->namelen > NAME_MAX) { + pr_err("filename length exceeds 255 bytes.\n"); + continue; + } + + if (!strncmp(de->name, ".", de->namelen) || + !strncmp(de->name, "..", de->namelen)) + continue; + + memcpy(d_info.smb1_name, de->name, de->namelen); + d_info.smb1_name[de->namelen] = '\0'; + d_info.name = (const char *)d_info.smb1_name; + d_info.name_len = de->namelen; + rc = ksmbd_vfs_readdir_name(work, + file_mnt_user_ns(dir_fp->filp), + &ksmbd_kstat, + de->name, + de->namelen, + dirpath); + if (rc) { + ksmbd_debug(SMB, "Cannot read dirent: %d\n", rc); + continue; + } + + if (ksmbd_share_veto_filename(share, d_info.name)) { + ksmbd_debug(SMB, "Veto filename %s\n", d_info.name); + continue; + } + + if (match_pattern(d_info.name, d_info.name_len, srch_ptr)) { + rc = smb_populate_readdir_entry(conn, + le16_to_cpu(req_params->InformationLevel), + &d_info, + &ksmbd_kstat); + if (rc == -ENOSPC) + break; + else if (rc) + goto err_out; + } + } while (d_info.out_buf_len >= 0); + + if (!d_info.data_count && *srch_ptr) { + ksmbd_debug(SMB, "There is no entry matched with the search pattern\n"); + rc = -ENOENT; + goto err_out; + } + + if (d_info.out_buf_len < 0) + dir_fp->dirent_offset -= reclen; + + params = (struct smb_com_trans2_ffirst_rsp_parms *)((char *)rsp + + sizeof(struct smb_com_trans2_rsp)); + params->SearchHandle = dir_fp->volatile_id; + params->SearchCount = cpu_to_le16(d_info.num_entry); + params->LastNameOffset = cpu_to_le16(d_info.last_entry_offset); + + if (d_info.out_buf_len < 0) { + ksmbd_debug(SMB, "continue search\n"); + params->EndofSearch = cpu_to_le16(0); + } else { + ksmbd_debug(SMB, "end of search\n"); + params->EndofSearch = cpu_to_le16(1); + path_put(&(dir_fp->filp->f_path)); + if (le16_to_cpu(req_params->SearchFlags) & + CIFS_SEARCH_CLOSE_AT_END) + ksmbd_close_fd(work, dir_fp->volatile_id); + } + params->EAErrorOffset = cpu_to_le16(0); + + rsp_hdr->WordCount = 0x0A; + rsp->t2.TotalParameterCount = cpu_to_le16(params_count); + rsp->t2.TotalDataCount = cpu_to_le16(d_info.data_count); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(params_count); + rsp->t2.ParameterOffset = + cpu_to_le16(sizeof(struct smb_com_trans2_rsp) - 4); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = cpu_to_le16(d_info.data_count); + rsp->t2.DataOffset = cpu_to_le16(sizeof(struct smb_com_trans2_rsp) + + params_count + data_alignment_offset - 4); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + rsp->Pad = 0; + rsp->ByteCount = cpu_to_le16(d_info.data_count + + params_count + 1 /*pad*/ + data_alignment_offset); + memset((char *)rsp + sizeof(struct smb_com_trans2_rsp) + params_count, + '\0', 2); + inc_rfc1001_len(rsp_hdr, (10 * 2 + d_info.data_count + + params_count + 1 + data_alignment_offset)); + kfree(srch_ptr); + kfree(d_info.smb1_name); + ksmbd_revert_fsids(work); + return 0; + +err_free_dirpath: + kfree(dirpath); +err_out: + if (rc == -EINVAL) + rsp_hdr->Status.CifsError = STATUS_INVALID_PARAMETER; + else if (rc == -EACCES || rc == -EXDEV) + rsp_hdr->Status.CifsError = STATUS_ACCESS_DENIED; + else if (rc == -ENOENT) + rsp_hdr->Status.CifsError = STATUS_NO_SUCH_FILE; + else if (rc == -EBADF) + rsp_hdr->Status.CifsError = STATUS_FILE_CLOSED; + else if (rc == -ENOMEM) + rsp_hdr->Status.CifsError = STATUS_NO_MEMORY; + else if (rc == -EFAULT) + rsp_hdr->Status.CifsError = STATUS_INVALID_LEVEL; + if (!rsp->hdr.Status.CifsError) + rsp->hdr.Status.CifsError = STATUS_UNEXPECTED_IO_ERROR; + + if (dir_fp) { + if (dir_fp->readdir_data.dirent) { + free_page((unsigned long)(dir_fp->readdir_data.dirent)); + dir_fp->readdir_data.dirent = NULL; + } + path_put(&(dir_fp->filp->f_path)); + ksmbd_close_fd(work, dir_fp->volatile_id); + } + + kfree(srch_ptr); + kfree(d_info.smb1_name); + ksmbd_revert_fsids(work); + return 0; +} + +/** + * find_next() - smb next readdir command + * @work: smb work containing find next request params + * + * if directory has many entries, find first can't read it fully. + * find next might be called multiple times to read remaining dir entries + * + * Return: 0 on success, otherwise error + */ +static int find_next(struct ksmbd_work *work) +{ + struct smb_hdr *rsp_hdr = work->response_buf; + struct ksmbd_conn *conn = work->conn; + struct ksmbd_share_config *share = work->tcon->share_conf; + struct smb_com_trans2_req *req = work->request_buf; + struct smb_com_trans2_rsp *rsp = work->response_buf; + struct smb_com_trans2_fnext_req_params *req_params; + struct smb_com_trans2_fnext_rsp_params *params = NULL; + struct ksmbd_dirent *de; + struct ksmbd_file *dir_fp; + struct kstat kstat; + struct ksmbd_kstat ksmbd_kstat; + struct ksmbd_dir_info d_info; + int params_count = sizeof(struct smb_com_trans2_fnext_rsp_params); + int data_alignment_offset = 0; + int rc = 0, reclen = 0; + __u16 sid; + int header_size, srch_cnt, struct_sz; + + memset(&d_info, 0, sizeof(struct ksmbd_dir_info)); + + req_params = (struct smb_com_trans2_fnext_req_params *) + (work->request_buf + le16_to_cpu(req->ParameterOffset) + 4); + sid = req_params->SearchHandle; + + dir_fp = ksmbd_lookup_fd_fast(work, sid); + if (!dir_fp) { + ksmbd_debug(SMB, "error invalid sid\n"); + rc = -EINVAL; + goto err_out; + } + + set_ctx_actor(&dir_fp->readdir_data.ctx, ksmbd_fill_dirent); + + if (params_count % 4) + data_alignment_offset = 4 - params_count % 4; + + d_info.smb1_name = kmalloc(NAME_MAX + 1, GFP_KERNEL); + if (!d_info.smb1_name) { + rc = -ENOMEM; + goto err_out; + } + d_info.wptr = (char *)((char *)rsp + sizeof(struct smb_com_trans2_rsp) + + params_count + data_alignment_offset); + + header_size = sizeof(struct smb_com_trans2_rsp) + params_count + + data_alignment_offset; + + srch_cnt = le16_to_cpu(req_params->SearchCount); + struct_sz = readdir_info_level_struct_sz(le16_to_cpu(req_params->InformationLevel)); + + if (struct_sz < 0) { + rc = -EFAULT; + goto err_out; + } + + d_info.out_buf_len = min_t(int, srch_cnt * struct_sz + header_size, + MAX_CIFS_LOOKUP_BUFFER_SIZE - header_size); + do { + if (dir_fp->dirent_offset >= dir_fp->readdir_data.used) { + dir_fp->dirent_offset = 0; + dir_fp->readdir_data.used = 0; + rc = iterate_dir(dir_fp->filp, &dir_fp->readdir_data.ctx); + if (rc < 0) { + ksmbd_debug(SMB, "err : %d\n", rc); + goto err_out; + } + + if (!dir_fp->readdir_data.used) { + free_page((unsigned long) + (dir_fp->readdir_data.dirent)); + dir_fp->readdir_data.dirent = NULL; + break; + } + + de = (struct ksmbd_dirent *) + ((char *)dir_fp->readdir_data.dirent); + } else { + de = (struct ksmbd_dirent *) + ((char *)dir_fp->readdir_data.dirent + + dir_fp->dirent_offset); + } + + reclen = ALIGN(sizeof(struct ksmbd_dirent) + de->namelen, + sizeof(__le64)); + dir_fp->dirent_offset += reclen; + + if (dir_fp->readdir_data.file_attr & + SMB_SEARCH_ATTRIBUTE_DIRECTORY && de->d_type != DT_DIR) + continue; + + if (dir_fp->readdir_data.file_attr & + SMB_SEARCH_ATTRIBUTE_ARCHIVE && (de->d_type == DT_DIR || + (!strcmp(de->name, ".") || !strcmp(de->name, "..")))) + continue; + + ksmbd_kstat.kstat = &kstat; + + if (de->namelen > NAME_MAX) { + pr_err("filename length exceeds 255 bytes.\n"); + continue; + } + memcpy(d_info.smb1_name, de->name, de->namelen); + d_info.smb1_name[de->namelen] = '\0'; + d_info.name = (const char *)d_info.smb1_name; + d_info.name_len = de->namelen; + + rc = ksmbd_vfs_readdir_name(work, + file_mnt_user_ns(dir_fp->filp), + &ksmbd_kstat, + de->name, + de->namelen, + dir_fp->filename); + if (rc) { + ksmbd_debug(SMB, "Err while dirent read rc = %d\n", rc); + rc = 0; + continue; + } + + if (ksmbd_share_veto_filename(share, d_info.name)) { + ksmbd_debug(SMB, "file(%s) is invisible by setting as veto file\n", + d_info.name); + continue; + } + + ksmbd_debug(SMB, "filename string = %.*s\n", + d_info.name_len, d_info.name); + rc = smb_populate_readdir_entry(conn, + le16_to_cpu(req_params->InformationLevel), &d_info, + &ksmbd_kstat); + if (rc == -ENOSPC) + break; + else if (rc) + goto err_out; + + } while (d_info.out_buf_len >= 0); + + if (d_info.out_buf_len < 0) + dir_fp->dirent_offset -= reclen; + + params = (struct smb_com_trans2_fnext_rsp_params *) + ((char *)rsp + sizeof(struct smb_com_trans_rsp)); + params->SearchCount = cpu_to_le16(d_info.num_entry); + + if (d_info.out_buf_len < 0) { + ksmbd_debug(SMB, "continue search\n"); + params->EndofSearch = cpu_to_le16(0); + params->LastNameOffset = cpu_to_le16(d_info.last_entry_offset); + } else { + ksmbd_debug(SMB, "end of search\n"); + params->EndofSearch = cpu_to_le16(1); + params->LastNameOffset = cpu_to_le16(0); + path_put(&(dir_fp->filp->f_path)); + if (le16_to_cpu(req_params->SearchFlags) & + CIFS_SEARCH_CLOSE_AT_END) + ksmbd_close_fd(work, sid); + } + params->EAErrorOffset = cpu_to_le16(0); + + rsp_hdr->WordCount = 0x0A; + rsp->t2.TotalParameterCount = cpu_to_le16(params_count); + rsp->t2.TotalDataCount = cpu_to_le16(d_info.data_count); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(params_count); + rsp->t2.ParameterOffset = + cpu_to_le16(sizeof(struct smb_com_trans_rsp) - 4); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = cpu_to_le16(d_info.data_count); + rsp->t2.DataOffset = cpu_to_le16(sizeof(struct smb_com_trans_rsp) + + params_count + data_alignment_offset - 4); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + rsp->Pad = 0; + rsp->ByteCount = cpu_to_le16(d_info.data_count + params_count + 1 + + data_alignment_offset); + memset((char *)rsp + sizeof(struct smb_com_trans_rsp) + + params_count, '\0', data_alignment_offset); + inc_rfc1001_len(rsp_hdr, (10 * 2 + d_info.data_count + + params_count + 1 + data_alignment_offset)); + kfree(d_info.smb1_name); + ksmbd_fd_put(work, dir_fp); + return 0; + +err_out: + if (rc == -EINVAL) + rsp_hdr->Status.CifsError = STATUS_INVALID_PARAMETER; + else if (rc == -EACCES || rc == -EXDEV) + rsp_hdr->Status.CifsError = STATUS_ACCESS_DENIED; + else if (rc == -ENOENT) + rsp_hdr->Status.CifsError = STATUS_NO_SUCH_FILE; + else if (rc == -EBADF) + rsp_hdr->Status.CifsError = STATUS_FILE_CLOSED; + else if (rc == -ENOMEM) + rsp_hdr->Status.CifsError = STATUS_NO_MEMORY; + else if (rc == -EFAULT) + rsp_hdr->Status.CifsError = STATUS_INVALID_LEVEL; + if (!rsp->hdr.Status.CifsError) + rsp->hdr.Status.CifsError = STATUS_UNEXPECTED_IO_ERROR; + + if (dir_fp) { + if (dir_fp->readdir_data.dirent) { + free_page((unsigned long)(dir_fp->readdir_data.dirent)); + dir_fp->readdir_data.dirent = NULL; + } + path_put(&(dir_fp->filp->f_path)); + ksmbd_close_fd(work, sid); + } + + kfree(d_info.smb1_name); + return 0; +} + +/** + * smb_set_alloc_size() - set file truncate method using trans2 + * set file info command - file allocation info level + * @work: smb work containing set file info command buffer + * + * Return: 0 on success, otherwise error + */ +static int smb_set_alloc_size(struct ksmbd_work *work) +{ + struct smb_com_trans2_sfi_req *req; + struct smb_com_trans2_sfi_rsp *rsp; + struct file_allocation_info *allocinfo; + struct kstat stat; + struct ksmbd_file *fp = NULL; + loff_t newsize; + int err = 0; + + req = (struct smb_com_trans2_sfi_req *)work->request_buf; + rsp = (struct smb_com_trans2_sfi_rsp *)work->response_buf; + + allocinfo = (struct file_allocation_info *) + (((char *) &req->hdr.Protocol) + le16_to_cpu(req->DataOffset)); + newsize = le64_to_cpu(allocinfo->AllocationSize); + + fp = ksmbd_lookup_fd_fast(work, req->Fid); + if (!fp) { + pr_err("failed to get filp for fid %u\n", req->Fid); + rsp->hdr.Status.CifsError = STATUS_FILE_CLOSED; + return -ENOENT; + } + + err = ksmbd_vfs_getattr(&fp->filp->f_path, &stat); + if (err) { + rsp->hdr.Status.CifsError = STATUS_INVALID_PARAMETER; + ksmbd_fd_put(work, fp); + return err; + } + + if (newsize == stat.size) /* nothing to do */ + goto out; + + /* Round up size */ + if (alloc_roundup_size) { + newsize = div64_u64(newsize + alloc_roundup_size - 1, + alloc_roundup_size); + newsize *= alloc_roundup_size; + } + + err = ksmbd_vfs_truncate(work, fp, newsize); + if (err) { + rsp->hdr.Status.CifsError = STATUS_INVALID_PARAMETER; + ksmbd_fd_put(work, fp); + return err; + } + +out: + ksmbd_debug(SMB, "fid %u, truncated to newsize %llu\n", + req->Fid, newsize); + + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = 0; + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = rsp->t2.TotalParameterCount; + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = rsp->t2.TotalDataCount; + rsp->t2.DataOffset = 0; + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + + /* 3 pad (1 pad1 + 2 pad2)*/ + rsp->ByteCount = cpu_to_le16(3); + rsp->Reserved2 = 0; + inc_rfc1001_len(&rsp->hdr, rsp->hdr.WordCount * 2 + 3); + ksmbd_fd_put(work, fp); + + return 0; +} + +/** + * smb_set_file_size_finfo() - set file truncate method using trans2 + * set file info command + * @work: smb work containing set file info command buffer + * + * Return: 0 on success, otherwise error + */ +static int smb_set_file_size_finfo(struct ksmbd_work *work) +{ + struct smb_com_trans2_sfi_req *req; + struct smb_com_trans2_sfi_rsp *rsp; + struct file_end_of_file_info *eofinfo; + struct ksmbd_file *fp; + loff_t newsize; + int err = 0; + + req = (struct smb_com_trans2_sfi_req *)work->request_buf; + rsp = (struct smb_com_trans2_sfi_rsp *)work->response_buf; + + eofinfo = (struct file_end_of_file_info *) + (((char *) &req->hdr.Protocol) + le16_to_cpu(req->DataOffset)); + + fp = ksmbd_lookup_fd_fast(work, req->Fid); + if (!fp) { + pr_err("failed to get filp for fid %u\n", req->Fid); + rsp->hdr.Status.CifsError = STATUS_FILE_CLOSED; + return -ENOENT; + } + + newsize = le64_to_cpu(eofinfo->FileSize); + err = ksmbd_vfs_truncate(work, fp, newsize); + if (err) { + rsp->hdr.Status.CifsError = STATUS_INVALID_PARAMETER; + ksmbd_fd_put(work, fp); + return err; + } + + ksmbd_debug(SMB, "fid %u, truncated to newsize %lld\n", req->Fid, + newsize); + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = 0; + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = rsp->t2.TotalParameterCount; + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = rsp->t2.TotalDataCount; + rsp->t2.DataOffset = 0; + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + + /* 3 pad (1 pad1 + 2 pad2)*/ + rsp->ByteCount = cpu_to_le16(3); + rsp->Reserved2 = 0; + inc_rfc1001_len(&rsp->hdr, rsp->hdr.WordCount * 2 + 3); + ksmbd_fd_put(work, fp); + + return 0; +} + +/** + * query_file_info_pipe() - query file info of IPC pipe + * using query file info command + * @work: smb work containing query file info command buffer + * + * Return: 0 on success, otherwise error + */ +static int query_file_info_pipe(struct ksmbd_work *work) +{ + struct smb_hdr *rsp_hdr = work->response_buf; + struct smb_com_trans2_rsp *rsp = work->response_buf; + struct smb_com_trans2_req *req = work->request_buf; + struct smb_trans2_qfi_req_params *req_params; + struct file_standard_info *standard_info; + char *ptr; + + req_params = (struct smb_trans2_qfi_req_params *)(work->request_buf + + le16_to_cpu(req->ParameterOffset) + 4); + + if (le16_to_cpu(req_params->InformationLevel) != + SMB_QUERY_FILE_STANDARD_INFO) { + ksmbd_debug(SMB, "query file info for info %u not supported\n", + le16_to_cpu(req_params->InformationLevel)); + rsp_hdr->Status.CifsError = STATUS_NOT_SUPPORTED; + return -EOPNOTSUPP; + } + + ksmbd_debug(SMB, "SMB_QUERY_FILE_STANDARD_INFO\n"); + rsp_hdr->WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = cpu_to_le16(sizeof(struct file_standard_info)); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = cpu_to_le16(sizeof(struct file_standard_info)); + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + /*2 for parameter count & 3 pad (1pad1 + 2 pad2)*/ + rsp->ByteCount = cpu_to_le16(2 + sizeof(struct file_standard_info) + 3); + rsp->Pad = 0; + /* lets set EA info */ + ptr = (char *)&rsp->Pad + 1; + memset(ptr, 0, 4); + standard_info = (struct file_standard_info *)(ptr + 4); + standard_info->AllocationSize = cpu_to_le64(4096); + standard_info->EndOfFile = 0; + standard_info->NumberOfLinks = cpu_to_le32(1); + standard_info->DeletePending = 0; + standard_info->Directory = 0; + standard_info->DeletePending = 1; + inc_rfc1001_len(rsp_hdr, 10 * 2 + le16_to_cpu(rsp->ByteCount)); + + return 0; +} + +/** + * query_file_info() - query file info of file/dir + * using query file info command + * @work: smb work containing query file info command buffer + * + * Return: 0 on success, otherwise error + */ +static int query_file_info(struct ksmbd_work *work) +{ + struct ksmbd_conn *conn = work->conn; + struct smb_hdr *rsp_hdr = work->response_buf; + struct smb_com_trans2_req *req = work->request_buf; + struct smb_com_trans2_rsp *rsp = work->response_buf; + struct smb_trans2_qfi_req_params *req_params; + struct ksmbd_file *fp; + struct kstat st; + char *ptr; + int rc = 0; + u64 time; + + req_params = (struct smb_trans2_qfi_req_params *)(work->request_buf + + le16_to_cpu(req->ParameterOffset) + 4); + + if (test_share_config_flag(work->tcon->share_conf, + KSMBD_SHARE_FLAG_PIPE)) { + ksmbd_debug(SMB, "query file info for IPC srvsvc\n"); + return query_file_info_pipe(work); + } + + fp = ksmbd_lookup_fd_fast(work, req_params->Fid); + if (!fp) { + pr_err("failed to get filp for fid %u\n", req_params->Fid); + rsp_hdr->Status.CifsError = STATUS_UNEXPECTED_IO_ERROR; + rc = -EIO; + goto err_out; + } + +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) + generic_fillattr(file_mnt_user_ns(fp->filp), file_inode(fp->filp), &st); +#else + generic_fillattr(file_inode(fp->filp), &st); +#endif + + switch (le16_to_cpu(req_params->InformationLevel)) { + + case SMB_QUERY_FILE_STANDARD_INFO: + { + struct file_standard_info *standard_info; + unsigned int delete_pending; + + ksmbd_debug(SMB, "SMB_QUERY_FILE_STANDARD_INFO\n"); + delete_pending = ksmbd_inode_pending_delete(fp); + rsp_hdr->WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = + cpu_to_le16(sizeof(struct file_standard_info)); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = + cpu_to_le16(sizeof(struct file_standard_info)); + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + /*2 for parameter count & 3 pad (1pad1 + 2 pad2)*/ + rsp->ByteCount = + cpu_to_le16(2 + sizeof(struct file_standard_info) + 3); + rsp->Pad = 0; + /* lets set EA info */ + ptr = (char *)&rsp->Pad + 1; + memset(ptr, 0, 4); + standard_info = (struct file_standard_info *)(ptr + 4); + standard_info->AllocationSize = cpu_to_le64(st.blocks << 9); + standard_info->EndOfFile = cpu_to_le64(st.size); + standard_info->NumberOfLinks = cpu_to_le32(get_nlink(&st) - + delete_pending); + standard_info->DeletePending = delete_pending; + standard_info->Directory = S_ISDIR(st.mode) ? 1 : 0; + inc_rfc1001_len(rsp_hdr, 10 * 2 + le16_to_cpu(rsp->ByteCount)); + break; + } + case SMB_QUERY_FILE_BASIC_INFO: + { + struct file_basic_info *basic_info; + + ksmbd_debug(SMB, "SMB_QUERY_FILE_BASIC_INFO\n"); + rsp_hdr->WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = + cpu_to_le16(sizeof(struct file_basic_info)); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = cpu_to_le16(sizeof(struct file_basic_info)); + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + /*2 for parameter count & 3 pad (1pad1 + 2 pad2)*/ + rsp->ByteCount = + cpu_to_le16(2 + sizeof(struct file_basic_info) + 3); + rsp->Pad = 0; + /* lets set EA info */ + ptr = (char *)&rsp->Pad + 1; + memset(ptr, 0, 4); + basic_info = (struct file_basic_info *)(ptr + 4); + basic_info->CreationTime = + cpu_to_le64(fp->create_time); + time = ksmbd_UnixTimeToNT(st.atime); + basic_info->LastAccessTime = cpu_to_le64(time); + time = ksmbd_UnixTimeToNT(st.mtime); + basic_info->LastWriteTime = cpu_to_le64(time); + time = ksmbd_UnixTimeToNT(st.ctime); + basic_info->ChangeTime = cpu_to_le64(time); + basic_info->Attributes = S_ISDIR(st.mode) ? + ATTR_DIRECTORY_LE : ATTR_ARCHIVE_LE; + basic_info->Pad = 0; + inc_rfc1001_len(rsp_hdr, 10 * 2 + le16_to_cpu(rsp->ByteCount)); + break; + } + case SMB_QUERY_FILE_EA_INFO: + { + struct file_ea_info *ea_info; + + ksmbd_debug(SMB, "SMB_QUERY_FILE_EA_INFO\n"); + rsp_hdr->WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = + cpu_to_le16(sizeof(struct file_ea_info)); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = cpu_to_le16(sizeof(struct file_ea_info)); + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + /*2 for parameter count & 3 pad (1pad1 + 2 pad2)*/ + rsp->ByteCount = + cpu_to_le16(2 + sizeof(struct file_ea_info) + 3); + rsp->Pad = 0; + /* lets set EA info */ + ptr = (char *)&rsp->Pad + 1; + memset(ptr, 0, 4); + ea_info = (struct file_ea_info *)(ptr + 4); + ea_info->EaSize = 0; + inc_rfc1001_len(rsp_hdr, 10 * 2 + le16_to_cpu(rsp->ByteCount)); + break; + } + case SMB_QUERY_FILE_UNIX_BASIC: + { + struct file_unix_basic_info *uinfo; + + ksmbd_debug(SMB, "SMB_QUERY_FILE_UNIX_BASIC\n"); + rsp_hdr->WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = + cpu_to_le16(sizeof(struct file_unix_basic_info)); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = + cpu_to_le16(sizeof(struct file_unix_basic_info)); + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + /*2 for parameter count & 3 pad (1pad1 + 2 pad2)*/ + rsp->ByteCount = + cpu_to_le16(2 + sizeof(struct file_unix_basic_info) + + 3); + rsp->Pad = 0; + /* lets set unix info info */ + ptr = (char *)&rsp->Pad + 1; + memset(ptr, 0, 4); + uinfo = (struct file_unix_basic_info *)(ptr + 4); + init_unix_info(uinfo, file_mnt_user_ns(fp->filp), &st); + inc_rfc1001_len(rsp_hdr, 10 * 2 + le16_to_cpu(rsp->ByteCount)); + break; + } + case SMB_QUERY_FILE_NAME_INFO: + { + struct file_name_info *name_info; + int uni_filename_len; + char *filename; + + ksmbd_debug(SMB, "SMB_QUERY_FILE_NAME_INFO\n"); + ptr = (char *)&rsp->Pad + 1; + memset(ptr, 0, 4); + name_info = (struct file_name_info *)(ptr + 4); + + filename = convert_to_nt_pathname(work->tcon->share_conf, + &fp->filp->f_path); + if (!filename) { + rc = -ENOMEM; + goto err_out; + } + uni_filename_len = smbConvertToUTF16( + (__le16 *)name_info->FileName, + filename, PATH_MAX, + conn->local_nls, 0); + kfree(filename); + uni_filename_len *= 2; + name_info->FileNameLength = cpu_to_le32(uni_filename_len); + + rsp_hdr->WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = cpu_to_le16(uni_filename_len + 4); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = cpu_to_le16(uni_filename_len + 4); + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + /*2 for parameter count & 3 pad (1pad1 + 2 pad2)*/ + rsp->ByteCount = cpu_to_le16(2 + uni_filename_len + 4 + 3); + rsp->Pad = 0; + inc_rfc1001_len(rsp_hdr, 10 * 2 + le16_to_cpu(rsp->ByteCount)); + break; + } + case SMB_QUERY_FILE_ALL_INFO: + { + struct file_all_info *ainfo; + unsigned int delete_pending; + + ksmbd_debug(SMB, "SMB_QUERY_FILE_UNIX_BASIC\n"); + delete_pending = ksmbd_inode_pending_delete(fp); + rsp_hdr->WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = + cpu_to_le16(sizeof(struct file_all_info)); + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = cpu_to_le16(2); + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = cpu_to_le16(sizeof(struct file_all_info)); + rsp->t2.DataOffset = cpu_to_le16(60); + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + /*2 for parameter count & 3 pad (1pad1 + 2 pad2)*/ + rsp->ByteCount = + cpu_to_le16(2 + sizeof(struct file_all_info) + 3); + rsp->Pad = 0; + /* lets set all info info */ + ptr = (char *)&rsp->Pad + 1; + memset(ptr, 0, 4); + ainfo = (struct file_all_info *)(ptr + 4); + ainfo->CreationTime = cpu_to_le64(fp->create_time); + time = ksmbd_UnixTimeToNT(st.atime); + ainfo->LastAccessTime = cpu_to_le64(time); + time = ksmbd_UnixTimeToNT(st.mtime); + ainfo->LastWriteTime = cpu_to_le64(time); + time = ksmbd_UnixTimeToNT(st.ctime); + ainfo->ChangeTime = cpu_to_le64(time); + ainfo->Attributes = cpu_to_le32(S_ISDIR(st.mode) ? + ATTR_DIRECTORY : ATTR_ARCHIVE); + ainfo->Pad1 = 0; + ainfo->AllocationSize = cpu_to_le64(st.blocks << 9); + ainfo->EndOfFile = cpu_to_le64(st.size); + ainfo->NumberOfLinks = cpu_to_le32(get_nlink(&st) - + delete_pending); + ainfo->DeletePending = delete_pending; + ainfo->Directory = S_ISDIR(st.mode) ? 1 : 0; + ainfo->Pad2 = 0; + ainfo->EASize = 0; + ainfo->FileNameLength = 0; + inc_rfc1001_len(rsp_hdr, 10 * 2 + le16_to_cpu(rsp->ByteCount)); + break; + } + default: + pr_err("query path info not implemnted for %x\n", + le16_to_cpu(req_params->InformationLevel)); + rsp_hdr->Status.CifsError = STATUS_NOT_SUPPORTED; + rc = -EINVAL; + goto err_out; + + } + +err_out: + ksmbd_fd_put(work, fp); + return rc; +} + +/** + * smb_set_unix_fileinfo() - set smb unix file info(setattr) + * @work: smb work containing unix basic info buffer + * + * Return: 0 on success, otherwise error + */ +static int smb_set_unix_fileinfo(struct ksmbd_work *work) +{ + struct smb_com_trans2_sfi_req *req = work->request_buf; + struct smb_com_trans2_sfi_rsp *rsp = work->response_buf; + struct file_unix_basic_info *unix_info; + struct ksmbd_file *fp; + struct iattr attrs; + int err = 0; + + if (ksmbd_override_fsids(work)) + return -ENOMEM; + fp = ksmbd_lookup_fd_fast(work, req->Fid); + if (!fp) { + ksmbd_revert_fsids(work); + return -ENOENT; + } + + unix_info = (struct file_unix_basic_info *) + (((char *) &req->hdr.Protocol) + le16_to_cpu(req->DataOffset)); + + attrs.ia_valid = 0; + attrs.ia_mode = 0; + err = unix_info_to_attr(unix_info, + file_mnt_user_ns(fp->filp), &attrs); + ksmbd_fd_put(work, fp); + ksmbd_revert_fsids(work); + if (err) + goto out; + + err = ksmbd_vfs_setattr(work, NULL, (u64)req->Fid, &attrs); + if (err) + goto out; + + /* setattr success, prepare response */ + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = 0; + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = rsp->t2.TotalParameterCount; + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = rsp->t2.TotalDataCount; + rsp->t2.DataOffset = 0; + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + + /* 3 pad (1 pad1 + 2 pad2)*/ + rsp->ByteCount = cpu_to_le16(3); + rsp->Reserved2 = 0; + inc_rfc1001_len(&rsp->hdr, + rsp->hdr.WordCount * 2 + le16_to_cpu(rsp->ByteCount)); + +out: + if (err) { + rsp->hdr.Status.CifsError = STATUS_INVALID_PARAMETER; + return err; + } + return 0; +} + +/** + * smb_set_dispostion() - set file dispostion method using trans2 + * using set file info command + * @work: smb work containing set file info command buffer + * + * Return: 0 on success, otherwise error + */ +static int smb_set_dispostion(struct ksmbd_work *work) +{ + struct smb_com_trans2_sfi_req *req = work->request_buf; + struct smb_com_trans2_sfi_rsp *rsp = work->response_buf; + char *disp_info; + struct ksmbd_file *fp; + int ret = 0; + + disp_info = (char *) (((char *) &req->hdr.Protocol) + + le16_to_cpu(req->DataOffset)); + + fp = ksmbd_lookup_fd_fast(work, req->Fid); + if (!fp) { + ksmbd_debug(SMB, "Invalid id for close: %d\n", req->Fid); + rsp->hdr.Status.CifsError = STATUS_INVALID_PARAMETER; + return -EINVAL; + } + + if (*disp_info) { + if (!fp->is_nt_open) { + rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + ret = -EPERM; + goto err_out; + } + + if (!(file_inode(fp->filp)->i_mode & 0222)) { + rsp->hdr.Status.CifsError = STATUS_CANNOT_DELETE; + ret = -EPERM; + goto err_out; + } + + if (S_ISDIR(file_inode(fp->filp)->i_mode) && + ksmbd_vfs_empty_dir(fp) == -ENOTEMPTY) { + rsp->hdr.Status.CifsError = STATUS_DIRECTORY_NOT_EMPTY; + ret = -ENOTEMPTY; + goto err_out; + } + + ksmbd_set_inode_pending_delete(fp); + } else { + ksmbd_clear_inode_pending_delete(fp); + } + + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = 0; + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = rsp->t2.TotalParameterCount; + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = rsp->t2.TotalDataCount; + rsp->t2.DataOffset = 0; + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + + /* 3 pad (1 pad1 + 2 pad2)*/ + rsp->ByteCount = cpu_to_le16(3); + rsp->Reserved2 = 0; + inc_rfc1001_len(&rsp->hdr, + rsp->hdr.WordCount * 2 + 3); + +err_out: + ksmbd_fd_put(work, fp); + return ret; +} + +/** + * smb_set_time_fileinfo() - set file time method using trans2 + * using set file info command + * @work: smb work containing set file info command buffer + * + * Return: 0 on success, otherwise error + */ +static int smb_set_time_fileinfo(struct ksmbd_work *work) +{ + struct smb_com_trans2_sfi_req *req; + struct smb_com_trans2_sfi_rsp *rsp; + struct file_basic_info *info; + struct iattr attrs; + int err = 0; + + req = (struct smb_com_trans2_sfi_req *)work->request_buf; + rsp = (struct smb_com_trans2_sfi_rsp *)work->response_buf; + + info = (struct file_basic_info *)(((char *) &req->hdr.Protocol) + + le16_to_cpu(req->DataOffset)); + + attrs.ia_valid = 0; + if (le64_to_cpu(info->LastAccessTime)) { + attrs.ia_atime = smb_NTtimeToUnix(info->LastAccessTime); + attrs.ia_valid |= (ATTR_ATIME | ATTR_ATIME_SET); + } + + if (le64_to_cpu(info->ChangeTime)) { + attrs.ia_ctime = smb_NTtimeToUnix(info->ChangeTime); + attrs.ia_valid |= ATTR_CTIME; + } + + if (le64_to_cpu(info->LastWriteTime)) { + attrs.ia_mtime = smb_NTtimeToUnix(info->LastWriteTime); + attrs.ia_valid |= (ATTR_MTIME | ATTR_MTIME_SET); + } + /* TODO: check dos mode and acl bits if req->Attributes nonzero */ + + if (!attrs.ia_valid) + goto done; + + err = ksmbd_vfs_setattr(work, NULL, (u64)req->Fid, &attrs); + if (err) { + rsp->hdr.Status.CifsError = STATUS_INVALID_PARAMETER; + return err; + } + +done: + ksmbd_debug(SMB, "fid %u, setattr done\n", req->Fid); + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = 0; + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = rsp->t2.TotalParameterCount; + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = rsp->t2.TotalDataCount; + rsp->t2.DataOffset = 0; + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + + /* 3 pad (1 pad1 + 2 pad2)*/ + rsp->ByteCount = cpu_to_le16(3); + rsp->Reserved2 = 0; + inc_rfc1001_len(&rsp->hdr, + rsp->hdr.WordCount * 2 + 3); + + return 0; +} + +/** + * smb_fileinfo_rename() - rename method using trans2 set file info command + * @work: smb work containing set file info command buffer + * + * Return: 0 on success, otherwise error + */ +static int smb_fileinfo_rename(struct ksmbd_work *work) +{ + struct smb_com_trans2_sfi_req *req; + struct smb_com_trans2_sfi_rsp *rsp; + struct ksmbd_share_config *share = work->tcon->share_conf; + struct set_file_rename *info; + struct ksmbd_file *fp; + char *newname; + int rc = 0; + + req = (struct smb_com_trans2_sfi_req *)work->request_buf; + rsp = (struct smb_com_trans2_sfi_rsp *)work->response_buf; + info = (struct set_file_rename *) + (((char *) &req->hdr.Protocol) + le16_to_cpu(req->DataOffset)); + + if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) { + ksmbd_debug(SMB, + "returning as user does not have permission to write\n"); + rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + return -EACCES; + } + + fp = ksmbd_lookup_fd_fast(work, req->Fid); + if (!fp) { + pr_err("failed to get filp for fid %u\n", req->Fid); + rsp->hdr.Status.CifsError = STATUS_FILE_CLOSED; + return -ENOENT; + } + + if (info->overwrite) { + rc = ksmbd_vfs_truncate(work, fp, 0); + if (rc) { + rsp->hdr.Status.CifsError = STATUS_INVALID_PARAMETER; + ksmbd_fd_put(work, fp); + return rc; + } + } + + newname = smb_get_name(share, info->target_name, PATH_MAX, work, 0); + if (IS_ERR(newname)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + ksmbd_fd_put(work, fp); + return PTR_ERR(newname); + } + + ksmbd_debug(SMB, "new name(%s)\n", newname); + rc = ksmbd_vfs_fp_rename(work, fp, newname); + if (rc) { + rsp->hdr.Status.CifsError = STATUS_UNEXPECTED_IO_ERROR; + goto out; + } + + rsp->hdr.WordCount = 10; + rsp->t2.TotalParameterCount = cpu_to_le16(2); + rsp->t2.TotalDataCount = 0; + rsp->t2.Reserved = 0; + rsp->t2.ParameterCount = rsp->t2.TotalParameterCount; + rsp->t2.ParameterOffset = cpu_to_le16(56); + rsp->t2.ParameterDisplacement = 0; + rsp->t2.DataCount = rsp->t2.TotalDataCount; + rsp->t2.DataOffset = 0; + rsp->t2.DataDisplacement = 0; + rsp->t2.SetupCount = 0; + rsp->t2.Reserved1 = 0; + + /* 3 pad (1 pad1 + 2 pad2)*/ + rsp->ByteCount = cpu_to_le16(3); + rsp->Reserved2 = 0; + inc_rfc1001_len(&rsp->hdr, rsp->hdr.WordCount * 2 + 3); + +out: + ksmbd_fd_put(work, fp); + kfree(newname); + return rc; +} + +/** + * set_file_info() - trans2 set file info command dispatcher + * @work: smb work containing set file info command buffer + * + * Return: 0 on success, otherwise error + */ +static int set_file_info(struct ksmbd_work *work) +{ + struct smb_com_trans2_sfi_req *req; + struct smb_com_trans2_sfi_rsp *rsp; + __u16 info_level, total_param; + int err = 0; + + req = (struct smb_com_trans2_sfi_req *)work->request_buf; + rsp = (struct smb_com_trans2_sfi_rsp *)work->response_buf; + info_level = le16_to_cpu(req->InformationLevel); + total_param = le16_to_cpu(req->TotalParameterCount); + if (total_param < 4) { + rsp->hdr.Status.CifsError = STATUS_INVALID_PARAMETER; + pr_err("invalid total parameter for info_level 0x%x\n", + total_param); + return -EINVAL; + } + + switch (info_level) { + case SMB_SET_FILE_EA: + err = smb_set_ea(work); + break; + case SMB_SET_FILE_ALLOCATION_INFO2: + /* fall through */ + case SMB_SET_FILE_ALLOCATION_INFO: + err = smb_set_alloc_size(work); + break; + case SMB_SET_FILE_END_OF_FILE_INFO2: + /* fall through */ + case SMB_SET_FILE_END_OF_FILE_INFO: + err = smb_set_file_size_finfo(work); + break; + case SMB_SET_FILE_UNIX_BASIC: + err = smb_set_unix_fileinfo(work); + break; + case SMB_SET_FILE_DISPOSITION_INFO: + case SMB_SET_FILE_DISPOSITION_INFORMATION: + err = smb_set_dispostion(work); + break; + case SMB_SET_FILE_BASIC_INFO2: + /* fall through */ + case SMB_SET_FILE_BASIC_INFO: + err = smb_set_time_fileinfo(work); + break; + case SMB_SET_FILE_RENAME_INFORMATION: + err = smb_fileinfo_rename(work); + break; + default: + ksmbd_debug(SMB, "info level = %x not implemented yet\n", + info_level); + rsp->hdr.Status.CifsError = STATUS_NOT_IMPLEMENTED; + return -EOPNOTSUPP; + } + + if (err < 0) + ksmbd_debug(SMB, "info_level 0x%x failed, err %d\n", + info_level, err); + return err; +} + +/** + * create_dir() - trans2 create directory dispatcher + * @work: smb work containing set file info command buffer + * + * Return: 0 on success, otherwise error + */ +static int create_dir(struct ksmbd_work *work) +{ + struct smb_com_trans2_req *req = work->request_buf; + struct smb_com_trans2_rsp *rsp = work->response_buf; + struct ksmbd_share_config *share = work->tcon->share_conf; + mode_t mode = S_IALLUGO; + char *name; + int err; + + name = smb_get_name(share, work->request_buf + + le16_to_cpu(req->ParameterOffset) + 4, + PATH_MAX, work, false); + if (IS_ERR(name)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(name); + } + + if (ksmbd_override_fsids(work)) { + kfree(name); + rsp->hdr.Status.CifsError = STATUS_NO_MEMORY; + return -ENOMEM; + } + + err = ksmbd_vfs_mkdir(work, name, mode); + if (err) { + if (err == -EEXIST) { + if (!(((struct smb_hdr *)work->request_buf)->Flags2 & + SMBFLG2_ERR_STATUS)) { + ntstatus_to_dos(STATUS_OBJECT_NAME_COLLISION, + &rsp->hdr.Status.DosError.ErrorClass, + &rsp->hdr.Status.DosError.Error); + } else + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_COLLISION; + } else + rsp->hdr.Status.CifsError = STATUS_DATA_ERROR; + goto out; + } else + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + + if (test_share_config_flag(work->tcon->share_conf, + KSMBD_SHARE_FLAG_STORE_DOS_ATTRS)) { + __u64 ctime; + struct path path; + struct xattr_dos_attrib da = {0}; + + err = ksmbd_vfs_kern_path(work, name, 0, &path, 1); + if (!err) { + ctime = ksmbd_UnixTimeToNT(current_time(d_inode(path.dentry))); + + da.version = 4; + da.attr = ATTR_DIRECTORY; + da.itime = da.create_time = ctime; + da.flags = XATTR_DOSINFO_ATTRIB | XATTR_DOSINFO_CREATE_TIME | + XATTR_DOSINFO_ITIME; + + err = ksmbd_vfs_set_dos_attrib_xattr(mnt_user_ns(path.mnt), + path.dentry, &da); + if (err) + ksmbd_debug(SMB, "failed to store creation time in EA\n"); + path_put(&path); + } + err = 0; + } + +out: + memset(&rsp->hdr.WordCount, 0, 3); + ksmbd_revert_fsids(work); + kfree(name); + return err; +} + +/** + * get_dfs_referral() - handler for smb dfs referral command + * @work: smb work containing get dfs referral command buffer + * + * Return: 0 on success, otherwise error + */ +static int get_dfs_referral(struct ksmbd_work *work) +{ + struct smb_hdr *rsp_hdr = (struct smb_hdr *)work->response_buf; + + rsp_hdr->Status.CifsError = STATUS_NOT_SUPPORTED; + return 0; +} + +/** + * smb_trans2() - handler for trans2 commands + * @work: smb work containing trans2 command buffer + * + * Return: 0 on success, otherwise error + */ +int smb_trans2(struct ksmbd_work *work) +{ + struct smb_com_trans2_req *req = work->request_buf; + struct smb_hdr *rsp_hdr = work->response_buf; + int err = 0; + u16 sub_command = le16_to_cpu(req->SubCommand); + + /* at least one setup word for TRANS2 command + * MS-CIFS, SMB COM TRANSACTION + */ + if (req->SetupCount < 1) { + pr_err("Wrong setup count in SMB_TRANS2 - indicates wrong request\n"); + rsp_hdr->Status.CifsError = STATUS_UNSUCCESSFUL; + return -EINVAL; + } + + switch (sub_command) { + case TRANS2_FIND_FIRST: + err = find_first(work); + break; + case TRANS2_FIND_NEXT: + err = find_next(work); + break; + case TRANS2_QUERY_FS_INFORMATION: + err = query_fs_info(work); + break; + case TRANS2_QUERY_PATH_INFORMATION: + err = query_path_info(work); + break; + case TRANS2_SET_PATH_INFORMATION: + err = set_path_info(work); + break; + case TRANS2_SET_FS_INFORMATION: + err = set_fs_info(work); + break; + case TRANS2_QUERY_FILE_INFORMATION: + err = query_file_info(work); + break; + case TRANS2_SET_FILE_INFORMATION: + err = set_file_info(work); + break; + case TRANS2_CREATE_DIRECTORY: + err = create_dir(work); + break; + case TRANS2_GET_DFS_REFERRAL: + err = get_dfs_referral(work); + break; + default: + ksmbd_debug(SMB, "sub command 0x%x not implemented yet\n", + sub_command); + rsp_hdr->Status.CifsError = STATUS_NOT_SUPPORTED; + return -EINVAL; + } + + if (err) { + ksmbd_debug(SMB, "%s failed with error %d\n", __func__, err); + if (err == -EBUSY) + rsp_hdr->Status.CifsError = STATUS_DELETE_PENDING; + return err; + } + + return 0; +} + +/** + * smb_mkdir() - handler for smb mkdir + * @work: smb work containing creat directory command buffer + * + * Return: 0 on success, otherwise error + */ +int smb_mkdir(struct ksmbd_work *work) +{ + struct smb_com_create_directory_req *req = work->request_buf; + struct smb_com_create_directory_rsp *rsp = work->response_buf; + struct ksmbd_share_config *share = work->tcon->share_conf; + mode_t mode = S_IALLUGO; + char *name; + int err; + + if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) { + ksmbd_debug(SMB, + "returning as user does not have permission to write\n"); + rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + return -EACCES; + } + + name = smb_get_name(share, req->DirName, PATH_MAX, work, false); + if (IS_ERR(name)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(name); + } + + if (ksmbd_override_fsids(work)) { + kfree(name); + rsp->hdr.Status.CifsError = STATUS_NO_MEMORY; + return -ENOMEM; + } + + err = ksmbd_vfs_mkdir(work, name, mode); + if (err) { + if (err == -EEXIST) { + if (!(((struct smb_hdr *)work->request_buf)->Flags2 & + SMBFLG2_ERR_STATUS)) { + rsp->hdr.Status.DosError.ErrorClass = ERRDOS; + rsp->hdr.Status.DosError.Error = + cpu_to_le16(ERRnoaccess); + } else + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_COLLISION; + } else + rsp->hdr.Status.CifsError = STATUS_DATA_ERROR; + goto out; + } else { + /* mkdir success, return response to server */ + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 0; + rsp->ByteCount = 0; + } + + if (test_share_config_flag(work->tcon->share_conf, + KSMBD_SHARE_FLAG_STORE_DOS_ATTRS)) { + __u64 ctime; + struct path path; + struct xattr_dos_attrib da = {0}; + + err = ksmbd_vfs_kern_path(work, name, 0, &path, 1); + if (!err) { + ctime = ksmbd_UnixTimeToNT(current_time(d_inode(path.dentry))); + + da.version = 4; + da.attr = ATTR_DIRECTORY; + da.itime = da.create_time = ctime; + da.flags = XATTR_DOSINFO_ATTRIB | XATTR_DOSINFO_CREATE_TIME | + XATTR_DOSINFO_ITIME; + + err = ksmbd_vfs_set_dos_attrib_xattr(mnt_user_ns(path.mnt), + path.dentry, &da); + if (err) + ksmbd_debug(SMB, "failed to store creation time in xattr\n"); + path_put(&path); + } + err = 0; + } + +out: + ksmbd_revert_fsids(work); + kfree(name); + return err; +} + +/** + * smb_checkdir() - handler to verify whether a specified + * path resolves to a valid directory or not + * + * @work: smb work containing creat directory command buffer + * + * Return: 0 on success, otherwise error + */ +int smb_checkdir(struct ksmbd_work *work) +{ + struct smb_com_check_directory_req *req = work->request_buf; + struct smb_com_check_directory_rsp *rsp = work->response_buf; + struct ksmbd_share_config *share = work->tcon->share_conf; + struct path path; + struct kstat stat; + char *name, *last; + int err; + bool caseless_lookup = req->hdr.Flags & SMBFLG_CASELESS; + + name = smb_get_name(share, req->DirName, PATH_MAX, work, false); + if (IS_ERR(name)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(name); + } + + err = ksmbd_vfs_kern_path(work, name, LOOKUP_NO_SYMLINKS, &path, + caseless_lookup); + if (err) { + if (err == -ENOENT) { + /* + * If the parent directory is valid but not the + * last component - then returns + * STATUS_OBJECT_NAME_NOT_FOUND + * for that case and STATUS_OBJECT_PATH_NOT_FOUND + * if the path is invalid. + */ + last = strrchr(name, '/'); + if (last && last[1] != '\0') { + *last = '\0'; + last++; + + err = ksmbd_vfs_kern_path(work, name, LOOKUP_FOLLOW | + LOOKUP_DIRECTORY, &path, + caseless_lookup); + } else { + ksmbd_debug(SMB, "can't lookup parent %s\n", + name); + err = -ENOENT; + } + } + if (err) { + ksmbd_debug(SMB, "look up failed err %d\n", err); + switch (err) { + case -ENOENT: + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_NOT_FOUND; + break; + case -ENOMEM: + rsp->hdr.Status.CifsError = + STATUS_INSUFFICIENT_RESOURCES; + break; + case -EACCES: + rsp->hdr.Status.CifsError = + STATUS_ACCESS_DENIED; + break; + case -EIO: + rsp->hdr.Status.CifsError = + STATUS_DATA_ERROR; + break; + default: + rsp->hdr.Status.CifsError = + STATUS_OBJECT_PATH_SYNTAX_BAD; + break; + } + kfree(name); + return err; + } + } + +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) + generic_fillattr(mnt_user_ns(path.mnt), d_inode(path.dentry), &stat); +#else + generic_fillattr(d_inode(path.dentry), &stat); +#endif + + if (!S_ISDIR(stat.mode)) { + rsp->hdr.Status.CifsError = STATUS_NOT_A_DIRECTORY; + } else { + /* checkdir success, return response to server */ + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 0; + rsp->ByteCount = 0; + } + + path_put(&path); + kfree(name); + return err; +} + +/** + * smb_process_exit() - handler for smb process exit + * @work: smb work containing process exit command buffer + * + * Return: 0 on success always + * This command is obsolete now. Starting with the LAN Manager 1.0 dialect, + * FIDs are no longer associated with PIDs.CIFS clients SHOULD NOT send + * SMB_COM_PROCESS_EXIT requests. Instead, CIFS clients SHOULD perform all + * process cleanup operations, sending individual file close operations + * as needed.Here it is implemented very minimally for sake + * of passing smbtorture testcases. + */ +int smb_process_exit(struct ksmbd_work *work) +{ + struct smb_com_process_exit_rsp *rsp = work->response_buf; + + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 0; + rsp->ByteCount = 0; + return 0; +} + +/** + * smb_rmdir() - handler for smb rmdir + * @work: smb work containing delete directory command buffer + * + * Return: 0 on success, otherwise error + */ +int smb_rmdir(struct ksmbd_work *work) +{ + struct smb_com_delete_directory_req *req = work->request_buf; + struct smb_com_delete_directory_rsp *rsp = work->response_buf; + struct ksmbd_share_config *share = work->tcon->share_conf; + char *name; + int err; + + if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) { + ksmbd_debug(SMB, + "returning as user does not have permission to write\n"); + rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + return -EACCES; + } + + name = smb_get_name(share, req->DirName, PATH_MAX, work, false); + if (IS_ERR(name)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(name); + } + + err = ksmbd_vfs_remove_file(work, name); + if (err) { + if (err == -ENOTEMPTY) + rsp->hdr.Status.CifsError = + STATUS_DIRECTORY_NOT_EMPTY; + else if (err == -ENOENT) + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_NOT_FOUND; + else + rsp->hdr.Status.CifsError = STATUS_DATA_ERROR; + } else { + /* rmdir success, return response to server */ + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 0; + rsp->ByteCount = 0; + } + + kfree(name); + return err; +} + +/** + * smb_unlink() - handler for smb delete file + * @work: smb work containing delete file command buffer + * + * Return: 0 on success, otherwise error + */ +int smb_unlink(struct ksmbd_work *work) +{ + struct smb_com_delete_file_req *req = work->request_buf; + struct smb_com_delete_file_rsp *rsp = work->response_buf; + struct ksmbd_share_config *share = work->tcon->share_conf; + char *name; + int err; + struct ksmbd_file *fp; + + if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) { + ksmbd_debug(SMB, + "returning as user does not have permission to write\n"); + rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + return -EACCES; + } + + name = smb_get_name(share, req->fileName, PATH_MAX, work, false); + if (IS_ERR(name)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(name); + } + + fp = ksmbd_lookup_fd_filename(work, name); + if (fp) + err = -ESHARE; + else + err = ksmbd_vfs_remove_file(work, name); + + if (err) { + if (err == -EISDIR) + rsp->hdr.Status.CifsError = + STATUS_FILE_IS_A_DIRECTORY; + else if (err == -ESHARE) + rsp->hdr.Status.CifsError = STATUS_SHARING_VIOLATION; + else if (err == -EACCES || err == -EXDEV) + rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + else + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_NOT_FOUND; + } else { + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 0; + rsp->ByteCount = 0; + } + + ksmbd_fd_put(work, fp); + kfree(name); + return err; +} + +/** + * smb_nt_cancel() - handler for smb cancel command + * @work: smb work containing cancel command buffer + * + * Return: 0 + */ +int smb_nt_cancel(struct ksmbd_work *work) +{ + struct ksmbd_conn *conn = work->conn; + struct smb_hdr *hdr = (struct smb_hdr *)work->request_buf; + struct smb_hdr *work_hdr; + struct ksmbd_work *new_work; + + ksmbd_debug(SMB, "smb cancel called on mid %u\n", hdr->Mid); + + spin_lock(&conn->request_lock); + list_for_each_entry(new_work, &conn->requests, request_entry) { + work_hdr = (struct smb_hdr *)new_work->request_buf; + if (work_hdr->Mid == hdr->Mid) { + ksmbd_debug(SMB, "smb with mid %u cancelled command = 0x%x\n", + hdr->Mid, work_hdr->Command); + new_work->send_no_response = 1; + list_del_init(&new_work->request_entry); + new_work->sess->sequence_number--; + break; + } + } + spin_unlock(&conn->request_lock); + + /* For SMB_COM_NT_CANCEL command itself send no response */ + work->send_no_response = 1; + return 0; +} + +/** + * smb_nt_rename() - handler for smb rename command + * @work: smb work containing nt rename command buffer + * + * Return: 0 on success, otherwise error + */ +int smb_nt_rename(struct ksmbd_work *work) +{ + struct smb_com_nt_rename_req *req = work->request_buf; + struct smb_com_rename_rsp *rsp = work->response_buf; + struct ksmbd_share_config *share = work->tcon->share_conf; + char *oldname, *newname; + int oldname_len, err; + + if (!test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE)) { + ksmbd_debug(SMB, + "returning as user does not have permission to write\n"); + rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + return -EACCES; + } + + if (le16_to_cpu(req->Flags) != CREATE_HARD_LINK) { + rsp->hdr.Status.CifsError = STATUS_INVALID_PARAMETER; + return -EINVAL; + } + + oldname = smb_get_name(share, req->OldFileName, PATH_MAX, work, false); + if (IS_ERR(oldname)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(oldname); + } + + if (is_smbreq_unicode(&req->hdr)) + oldname_len = smb1_utf16_name_length((__le16 *)req->OldFileName, + PATH_MAX); + else { + oldname_len = strlen(oldname); + oldname_len++; + } + + newname = smb_get_name(share, &req->OldFileName[oldname_len + 2], + PATH_MAX, work, false); + if (IS_ERR(newname)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + kfree(oldname); + return PTR_ERR(newname); + } + ksmbd_debug(SMB, "oldname %s, newname %s, oldname_len %d, unicode %d\n", + oldname, newname, oldname_len, + is_smbreq_unicode(&req->hdr)); + + err = ksmbd_vfs_link(work, oldname, newname); + if (err == -EACCES) + rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + else if (err < 0) + rsp->hdr.Status.CifsError = STATUS_NOT_SAME_DEVICE; + + kfree(newname); + kfree(oldname); + return err; +} + +static __le32 smb_query_info_pipe(struct ksmbd_share_config *share, + struct kstat *st) +{ + st->mode = S_IFDIR; + return 0; +} + +static __le32 smb_query_info_path(struct ksmbd_work *work, struct kstat *st) +{ + struct smb_com_query_information_req *req = work->request_buf; + struct ksmbd_share_config *share = work->tcon->share_conf; + struct path path; + char *name; + __le32 err = 0; + int ret; + + name = smb_get_name(share, req->FileName, PATH_MAX, work, false); + if (IS_ERR(name)) + return STATUS_OBJECT_NAME_INVALID; + + if (ksmbd_override_fsids(work)) { + kfree(name); + return STATUS_NO_MEMORY; + } + + ret = ksmbd_vfs_kern_path(work, name, LOOKUP_NO_SYMLINKS, &path, 0); + if (ret) { + pr_err("look up failed err %d\n", ret); + + if (d_is_symlink(path.dentry)) { + err = STATUS_ACCESS_DENIED; + goto out; + } + err = STATUS_OBJECT_NAME_NOT_FOUND; + goto out; + } + +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) + generic_fillattr(mnt_user_ns(path.mnt), d_inode(path.dentry), st); +#else + generic_fillattr(d_inode(path.dentry), st); +#endif + path_put(&path); +out: + ksmbd_revert_fsids(work); + kfree(name); + return err; +} + +/** + * smb_query_info() - handler for query information command + * @work: smb work containing query info command buffer + * + * Return: 0 on success, otherwise error + */ +int smb_query_info(struct ksmbd_work *work) +{ + struct smb_com_query_information_rsp *rsp = work->response_buf; + struct ksmbd_share_config *share = work->tcon->share_conf; + struct kstat st = {0,}; + __u16 attr = 0; + int i; + __le32 err; + + if (!test_share_config_flag(work->tcon->share_conf, + KSMBD_SHARE_FLAG_PIPE)) + err = smb_query_info_path(work, &st); + else + err = smb_query_info_pipe(share, &st); + + if (le32_to_cpu(err) != 0) { + rsp->hdr.Status.CifsError = err; + return -EINVAL; + } + + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 10; + + if (st.mode & S_ISVTX) + attr |= (ATTR_HIDDEN | ATTR_SYSTEM); + if (!(st.mode & 0222)) + attr |= ATTR_READONLY; + if (S_ISDIR(st.mode)) + attr |= ATTR_DIRECTORY; + + rsp->attr = cpu_to_le16(attr); + rsp->last_write_time = cpu_to_le32(st.mtime.tv_sec); + rsp->size = cpu_to_le32((u32)st.size); + for (i = 0; i < 5; i++) + rsp->reserved[i] = 0; + + rsp->ByteCount = 0; + inc_rfc1001_len(&rsp->hdr, rsp->hdr.WordCount * 2); + return 0; +} + +/** + * smb_closedir() - handler closing dir handle, opened for readdir + * @work: smb work containing find close command buffer + * + * Return: 0 on success, otherwise error + */ +int smb_closedir(struct ksmbd_work *work) +{ + struct smb_com_findclose_req *req = work->request_buf; + struct smb_com_close_rsp *rsp = work->response_buf; + int err; + + ksmbd_debug(SMB, "SMB_COM_FIND_CLOSE2 called for fid %u\n", + req->FileID); + + rsp->hdr.WordCount = 0; + rsp->ByteCount = 0; + + err = ksmbd_close_fd(work, req->FileID); + if (!err) + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + else + rsp->hdr.Status.CifsError = STATUS_INVALID_HANDLE; + return err; +} + +/** + * convert_open_flags() - convert smb open flags to file open flags + * @file_present: is file already present + * @mode: smp file open mode + * @disposition: smp file disposition information + * + * Return: converted file open flags + */ +static int convert_open_flags(bool file_present, + __u16 mode, __u16 dispostion, + int *may_flags) +{ + int oflags = 0; + + switch (mode & 0x0007) { + case SMBOPEN_READ: + oflags |= O_RDONLY; + break; + case SMBOPEN_WRITE: + oflags |= O_WRONLY; + break; + case SMBOPEN_READWRITE: + oflags |= O_RDWR; + break; + default: + oflags |= O_RDONLY; + break; + } + + if (mode & SMBOPEN_WRITE_THROUGH) + oflags |= O_SYNC; + + if (file_present) { + switch (dispostion & 0x0003) { + case SMBOPEN_DISPOSITION_NONE: + return -EEXIST; + case SMBOPEN_OAPPEND: + oflags |= O_APPEND; + break; + case SMBOPEN_OTRUNC: + oflags |= O_TRUNC; + break; + default: + break; + } + } else { + switch (dispostion & 0x0010) { + case SMBOPEN_DISPOSITION_NONE: + return -EINVAL; + case SMBOPEN_OCREATE: + oflags |= O_CREAT; + break; + default: + break; + } + } + + *may_flags = ksmbd_openflags_to_mayflags(oflags); + + return oflags; +} + +/** + * smb_open_andx() - smb andx open method handler + * @work: smb work containing buffer for andx open command buffer + * + * Return: error if there is error while processing current command, + * otherwise pointer to next andx command in the chain + */ +int smb_open_andx(struct ksmbd_work *work) +{ + struct smb_com_openx_req *req = work->request_buf; + struct smb_com_openx_rsp *rsp = work->response_buf; + struct ksmbd_share_config *share = work->tcon->share_conf; + struct path path; + struct kstat stat; + int oplock_flags, file_info, open_flags, may_flags; + char *name; + bool file_present = true; + umode_t mode = 0; + int err; + struct ksmbd_file *fp = NULL; + int oplock_rsp = OPLOCK_NONE, share_ret; + + rsp->hdr.Status.CifsError = STATUS_UNSUCCESSFUL; + + /* check for sharing mode flag */ + if ((le16_to_cpu(req->Mode) & SMBOPEN_SHARING_MODE) > + SMBOPEN_DENY_NONE) { + rsp->hdr.Status.DosError.ErrorClass = ERRDOS; + rsp->hdr.Status.DosError.Error = cpu_to_le16(ERRbadaccess); + rsp->hdr.Flags2 &= ~SMBFLG2_ERR_STATUS; + + memset(&rsp->hdr.WordCount, 0, 3); + return -EINVAL; + } + + if (is_smbreq_unicode(&req->hdr)) + name = smb_get_name(share, req->fileName + 1, PATH_MAX, + work, false); + else + name = smb_get_name(share, req->fileName, PATH_MAX, + work, false); + + if (IS_ERR(name)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(name); + } + + if (ksmbd_override_fsids(work)) { + kfree(name); + rsp->hdr.Status.CifsError = STATUS_NO_MEMORY; + return -ENOMEM; + } + + err = ksmbd_vfs_kern_path(work, name, LOOKUP_NO_SYMLINKS, &path, + req->hdr.Flags & SMBFLG_CASELESS); + if (err) { + if (err == -EACCES || err == -EXDEV) + goto out; + file_present = false; + } else +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) + generic_fillattr(mnt_user_ns(path.mnt), d_inode(path.dentry), &stat); +#else + generic_fillattr(d_inode(path.dentry), &stat); +#endif + + oplock_flags = le16_to_cpu(req->OpenFlags) & + (REQ_OPLOCK | REQ_BATCHOPLOCK); + + open_flags = convert_open_flags(file_present, + le16_to_cpu(req->Mode), + le16_to_cpu(req->OpenFunction), + &may_flags); + if (open_flags < 0) { + ksmbd_debug(SMB, "create_dispostion returned %d\n", open_flags); + if (file_present) + goto free_path; + else { + err = -ENOENT; + goto out; + } + } + + if (file_present && !(stat.mode & 0222)) { + if ((open_flags & O_ACCMODE) == O_WRONLY || + (open_flags & O_ACCMODE) == O_RDWR) { + ksmbd_debug(SMB, "readonly file(%s)\n", name); + rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + memset(&rsp->hdr.WordCount, 0, 3); + goto free_path; + } + } + + if (!file_present && (open_flags & O_CREAT)) { + mode |= 0777; + if (le16_to_cpu(req->FileAttributes) & ATTR_READONLY) + mode &= ~0222; + + mode |= S_IFREG; + err = ksmbd_vfs_create(work, name, mode); + if (err) + goto out; + + err = ksmbd_vfs_kern_path(work, name, 0, &path, 0); + if (err) { + pr_err("cannot get linux path, err = %d\n", err); + goto out; + } +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) + generic_fillattr(mnt_user_ns(path.mnt), d_inode(path.dentry), &stat); +#else + generic_fillattr(d_inode(path.dentry), &stat); +#endif + } else if (file_present) { +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) + err = inode_permission(mnt_user_ns(path.mnt), + d_inode(path.dentry), + may_flags); +#else + err = inode_permission(d_inode(path.dentry), + may_flags); +#endif + if (err) + goto free_path; + } + + err = ksmbd_query_inode_status(d_inode(path.dentry->d_parent)); + if (err == KSMBD_INODE_STATUS_PENDING_DELETE) { + err = -EBUSY; + goto free_path; + } + + err = 0; + ksmbd_debug(SMB, "(%s) open_flags = 0x%x, oplock_flags 0x%x\n", + name, open_flags, oplock_flags); + /* open file and get FID */ + fp = ksmbd_vfs_dentry_open(work, &path, open_flags, + 0, file_present); + if (IS_ERR(fp)) { + err = PTR_ERR(fp); + fp = NULL; + goto free_path; + } + fp->pid = le16_to_cpu(req->hdr.Pid); + + write_lock(&fp->f_ci->m_lock); + list_add(&fp->node, &fp->f_ci->m_fp_list); + write_unlock(&fp->f_ci->m_lock); + + share_ret = ksmbd_smb_check_shared_mode(fp->filp, fp); + if (smb1_oplock_enable && + test_share_config_flag(work->tcon->share_conf, + KSMBD_SHARE_FLAG_OPLOCKS) && + !S_ISDIR(file_inode(fp->filp)->i_mode) && + oplock_flags) { + /* Client cannot request levelII oplock directly */ + err = smb_grant_oplock(work, oplock_flags, fp->volatile_id, + fp, le16_to_cpu(req->hdr.Tid), NULL, 0); + if (err) + goto free_path; + } else { + if (ksmbd_inode_pending_delete(fp)) { + err = -EBUSY; + goto free_path; + } + + if (share_ret < 0) { + err = -EPERM; + goto free_path; + } + } + + oplock_rsp = fp->f_opinfo != NULL ? fp->f_opinfo->level : 0; + + /* open success, send back response */ + if (file_present) { + if (!(open_flags & O_TRUNC)) + file_info = F_OPENED; + else + file_info = F_OVERWRITTEN; + } else + file_info = F_CREATED; + + if (oplock_rsp) + file_info |= SMBOPEN_LOCK_GRANTED; + + if (stat.result_mask & STATX_BTIME) + fp->create_time = ksmbd_UnixTimeToNT(stat.btime); + else + fp->create_time = ksmbd_UnixTimeToNT(stat.ctime); + if (file_present) { + if (test_share_config_flag(work->tcon->share_conf, + KSMBD_SHARE_FLAG_STORE_DOS_ATTRS)) { + struct xattr_dos_attrib da; + + err = ksmbd_vfs_get_dos_attrib_xattr(mnt_user_ns(path.mnt), + path.dentry, &da); + if (err > 0) { + fp->create_time = da.create_time; + fp->itime = da.itime; + } + err = 0; + } + } else { + if (test_share_config_flag(work->tcon->share_conf, + KSMBD_SHARE_FLAG_STORE_DOS_ATTRS)) { + struct xattr_dos_attrib da = {0}; + + da.version = 4; + da.attr = ATTR_NORMAL; + da.itime = da.create_time = fp->create_time; + da.flags = XATTR_DOSINFO_ATTRIB | XATTR_DOSINFO_CREATE_TIME | + XATTR_DOSINFO_ITIME; + + err = ksmbd_vfs_set_dos_attrib_xattr(mnt_user_ns(path.mnt), + path.dentry, &da); + if (err) + ksmbd_debug(SMB, "failed to store creation time in xattr\n"); + err = 0; + } + } + + /* prepare response buffer */ + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 0x0F; + rsp->Fid = fp->volatile_id; + rsp->FileAttributes = cpu_to_le16(ATTR_NORMAL); + rsp->LastWriteTime = cpu_to_le32(stat.mtime.tv_sec); + rsp->EndOfFile = cpu_to_le32(stat.size); + switch (open_flags & O_ACCMODE) { + case O_RDONLY: + rsp->Access = cpu_to_le16(SMB_DA_ACCESS_READ); + break; + case O_WRONLY: + rsp->Access = cpu_to_le16(SMB_DA_ACCESS_WRITE); + break; + case O_RDWR: + rsp->Access = cpu_to_le16(SMB_DA_ACCESS_READ_WRITE); + break; + default: + rsp->Access = cpu_to_le16(SMB_DA_ACCESS_READ); + break; + } + + rsp->FileType = 0; + rsp->IPCState = 0; + rsp->Action = cpu_to_le16(file_info); + rsp->Reserved = 0; + rsp->ByteCount = 0; + inc_rfc1001_len(&rsp->hdr, rsp->hdr.WordCount * 2); + +free_path: + path_put(&path); +out: + ksmbd_revert_fsids(work); + if (err) { + if (err == -ENOSPC) + rsp->hdr.Status.CifsError = STATUS_DISK_FULL; + else if (err == -EMFILE) + rsp->hdr.Status.CifsError = + STATUS_TOO_MANY_OPENED_FILES; + else if (err == -EBUSY) + rsp->hdr.Status.CifsError = STATUS_DELETE_PENDING; + else if (err == -ENOENT) + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_NOT_FOUND; + else if (err == -EACCES || err == -EXDEV) + rsp->hdr.Status.CifsError = STATUS_ACCESS_DENIED; + else + rsp->hdr.Status.CifsError = + STATUS_UNEXPECTED_IO_ERROR; + if (fp) + ksmbd_close_fd(work, fp->volatile_id); + } + + kfree(name); + if (!rsp->hdr.WordCount) + return err; + + /* this is an ANDx command ? */ + rsp->AndXReserved = 0; + rsp->AndXOffset = cpu_to_le16(get_rfc1002_len(&rsp->hdr)); + if (req->AndXCommand != SMB_NO_MORE_ANDX_COMMAND) { + /* adjust response */ + rsp->AndXCommand = req->AndXCommand; + return rsp->AndXCommand; /* More processing required */ + } + rsp->AndXCommand = SMB_NO_MORE_ANDX_COMMAND; + + return err; +} + +/** + * smb_setattr() - set file attributes + * @work: smb work containing setattr command + * + * Return: 0 on success, otherwise error + */ +int smb_setattr(struct ksmbd_work *work) +{ + struct smb_com_setattr_req *req = work->request_buf; + struct smb_com_setattr_rsp *rsp = work->response_buf; + struct ksmbd_share_config *share = work->tcon->share_conf; + struct path path; + struct kstat stat; + struct iattr attrs; + int err = 0; + char *name; + __u16 dos_attr; + + name = smb_get_name(share, req->fileName, PATH_MAX, work, false); + if (IS_ERR(name)) { + rsp->hdr.Status.CifsError = + STATUS_OBJECT_NAME_INVALID; + return PTR_ERR(name); + } + + err = ksmbd_vfs_kern_path(work, name, LOOKUP_NO_SYMLINKS, &path, + req->hdr.Flags & SMBFLG_CASELESS); + if (err) { + ksmbd_debug(SMB, "look up failed err %d\n", err); + rsp->hdr.Status.CifsError = STATUS_OBJECT_NAME_NOT_FOUND; + err = 0; + goto out; + } +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) + generic_fillattr(mnt_user_ns(path.mnt), d_inode(path.dentry), &stat); +#else + generic_fillattr(d_inode(path.dentry), &stat); +#endif + path_put(&path); + attrs.ia_valid = 0; + attrs.ia_mode = 0; + + dos_attr = le16_to_cpu(req->attr); + if (!dos_attr) + attrs.ia_mode = stat.mode | 0200; + + if (dos_attr & ATTR_READONLY) + attrs.ia_mode = stat.mode & ~0222; + + if (attrs.ia_mode) + attrs.ia_valid |= ATTR_MODE; + + attrs.ia_mtime.tv_sec = le32_to_cpu(req->LastWriteTime); + attrs.ia_valid |= (ATTR_MTIME | ATTR_MTIME_SET); + + err = ksmbd_vfs_setattr(work, name, 0, &attrs); + if (err) + goto out; + + rsp->hdr.Status.CifsError = STATUS_SUCCESS; + rsp->hdr.WordCount = 0; + rsp->ByteCount = 0; + +out: + kfree(name); + if (err) { + rsp->hdr.Status.CifsError = STATUS_INVALID_PARAMETER; + return err; + } + + return 0; +} + +/** + * smb1_is_sign_req() - handler for checking packet signing status + * @work: smb work containing notify command buffer + * + * Return: true if packed is signed, false otherwise + */ +bool smb1_is_sign_req(struct ksmbd_work *work, unsigned int command) +{ +#if 0 + struct smb_hdr *rcv_hdr1 = (struct smb_hdr *)work->request_buf; + + /* + * FIXME: signed tree connect failed by signing error + * with windows XP client. For now, Force to turn off + * signing feature in SMB1. + */ + if ((rcv_hdr1->Flags2 & SMBFLG2_SECURITY_SIGNATURE) && + command != SMB_COM_SESSION_SETUP_ANDX) + return true; + return false; +#else + return false; +#endif +} + +/** + * smb1_check_sign_req() - handler for req packet sign processing + * @work: smb work containing notify command buffer + * + * Return: 1 on success, 0 otherwise + */ +int smb1_check_sign_req(struct ksmbd_work *work) +{ + struct smb_hdr *rcv_hdr1 = (struct smb_hdr *)work->request_buf; + char signature_req[CIFS_SMB1_SIGNATURE_SIZE]; + char signature[20]; + struct kvec iov[1]; + + memcpy(signature_req, rcv_hdr1->Signature.SecuritySignature, + CIFS_SMB1_SIGNATURE_SIZE); + rcv_hdr1->Signature.Sequence.SequenceNumber = + cpu_to_le32(++work->sess->sequence_number); + rcv_hdr1->Signature.Sequence.Reserved = 0; + + iov[0].iov_base = rcv_hdr1->Protocol; + iov[0].iov_len = be32_to_cpu(rcv_hdr1->smb_buf_length); + + if (ksmbd_sign_smb1_pdu(work->sess, iov, 1, signature)) + return 0; + + if (memcmp(signature, signature_req, CIFS_SMB1_SIGNATURE_SIZE)) { + ksmbd_debug(SMB, "bad smb1 sign\n"); + return 0; + } + + return 1; +} + +/** + * smb1_set_sign_rsp() - handler for rsp packet sign processing + * @work: smb work containing notify command buffer + * + */ +void smb1_set_sign_rsp(struct ksmbd_work *work) +{ + struct smb_hdr *rsp_hdr = (struct smb_hdr *)work->response_buf; + char signature[20]; + struct kvec iov[2]; + int n_vec = 1; + + rsp_hdr->Flags2 |= SMBFLG2_SECURITY_SIGNATURE; + rsp_hdr->Signature.Sequence.SequenceNumber = + cpu_to_le32(++work->sess->sequence_number); + rsp_hdr->Signature.Sequence.Reserved = 0; + + iov[0].iov_base = rsp_hdr->Protocol; + iov[0].iov_len = be32_to_cpu(rsp_hdr->smb_buf_length); + + if (work->aux_payload_sz) { + iov[0].iov_len -= work->aux_payload_sz; + + iov[1].iov_base = work->aux_payload_buf; + iov[1].iov_len = work->aux_payload_sz; + n_vec++; + } + + if (ksmbd_sign_smb1_pdu(work->sess, iov, n_vec, signature)) + memset(rsp_hdr->Signature.SecuritySignature, + 0, CIFS_SMB1_SIGNATURE_SIZE); + else + memcpy(rsp_hdr->Signature.SecuritySignature, + signature, CIFS_SMB1_SIGNATURE_SIZE); +} --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/fs/ksmbd/smb1pdu.h 2024-04-22 14:46:57.128246800 +0200 @@ -0,0 +1,1600 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* + * Copyright (C) 2016 Namjae Jeon + * Copyright (C) 2018 Samsung Electronics Co., Ltd. + */ + +#ifndef __SMB1PDU_H +#define __SMB1PDU_H + +#define MAX_CIFS_HDR_SIZE 0x58 + +#define SMB1_CLIENT_GUID_SIZE (16) +#define SMB1_MAX_MPX_COUNT 10 +#define SMB1_MAX_VCS 1 +#define SMB1_MAX_RAW_SIZE 65536 +#define MAX_CIFS_LOOKUP_BUFFER_SIZE (16*1024) + +/* + * Size of the ntlm client response + */ +#define CIFS_AUTH_RESP_SIZE 24 +#define CIFS_SMB1_SIGNATURE_SIZE 8 +#define CIFS_SMB1_SESSKEY_SIZE 16 + +#define SMB1_SERVER_CAPS \ + (CAP_UNICODE | CAP_LARGE_FILES | CAP_EXTENDED_SECURITY |\ + CAP_NT_SMBS | CAP_STATUS32 | CAP_LOCK_AND_READ | \ + CAP_NT_FIND | CAP_UNIX | CAP_LARGE_READ_X | \ + CAP_LARGE_WRITE_X | CAP_LEVEL_II_OPLOCKS) + +#define SMB1_SERVER_SECU (SECMODE_USER | SECMODE_PW_ENCRYPT) + +/* Service Type of TreeConnect*/ +#define SERVICE_DISK_SHARE "A:" +#define SERVICE_IPC_SHARE "IPC" +#define SERVICE_PRINTER_SHARE "LPT1:" +#define SERVICE_COMM "COMM" + +#define NATIVE_FILE_SYSTEM "NTFS" + +#define SMB_NO_MORE_ANDX_COMMAND 0xFF +#define SMB1_PROTO_NUMBER cpu_to_le32(0x424d53ff) + +/* Transact2 subcommand codes */ +#define TRANS2_OPEN 0x00 +#define TRANS2_FIND_FIRST 0x01 +#define TRANS2_FIND_NEXT 0x02 +#define TRANS2_QUERY_FS_INFORMATION 0x03 +#define TRANS2_SET_FS_INFORMATION 0x04 +#define TRANS2_QUERY_PATH_INFORMATION 0x05 +#define TRANS2_SET_PATH_INFORMATION 0x06 +#define TRANS2_QUERY_FILE_INFORMATION 0x07 +#define TRANS2_SET_FILE_INFORMATION 0x08 +#define TRANS2_CREATE_DIRECTORY 0x0d +#define TRANS2_GET_DFS_REFERRAL 0x10 +#define TRANS2_REPORT_DFS_INCOSISTENCY 0x11 + +/* SMB Transact (Named Pipe) subcommand codes */ +#define TRANS_SET_NMPIPE_STATE 0x0001 +#define TRANS_RAW_READ_NMPIPE 0x0011 +#define TRANS_QUERY_NMPIPE_STATE 0x0021 +#define TRANS_QUERY_NMPIPE_INFO 0x0022 +#define TRANS_PEEK_NMPIPE 0x0023 +#define TRANS_TRANSACT_NMPIPE 0x0026 +#define TRANS_RAW_WRITE_NMPIPE 0x0031 +#define TRANS_READ_NMPIPE 0x0036 +#define TRANS_WRITE_NMPIPE 0x0037 +#define TRANS_WAIT_NMPIPE 0x0053 +#define TRANS_CALL_NMPIPE 0x0054 + +/* NT Transact subcommand codes */ +#define NT_TRANSACT_CREATE 0x01 +#define NT_TRANSACT_IOCTL 0x02 +#define NT_TRANSACT_SET_SECURITY_DESC 0x03 +#define NT_TRANSACT_NOTIFY_CHANGE 0x04 +#define NT_TRANSACT_RENAME 0x05 +#define NT_TRANSACT_QUERY_SECURITY_DESC 0x06 +#define NT_TRANSACT_GET_USER_QUOTA 0x07 +#define NT_TRANSACT_SET_USER_QUOTA 0x08 + +/* + * SMB flag definitions + */ +#define SMBFLG_EXTD_LOCK 0x01 /* server supports lock-read write-unlock smb */ +#define SMBFLG_RCV_POSTED 0x02 /* obsolete */ +#define SMBFLG_RSVD 0x04 +#define SMBFLG_CASELESS 0x08 /* + * all pathnames treated as caseless (off + * implies case sensitive file handling + * request) + */ +#define SMBFLG_CANONICAL_PATH_FORMAT 0x10 /* obsolete */ +#define SMBFLG_OLD_OPLOCK 0x20 /* obsolete */ +#define SMBFLG_OLD_OPLOCK_NOTIFY 0x40 /* obsolete */ +#define SMBFLG_RESPONSE 0x80 /* this PDU is a response from server */ + +/* + * SMB flag2 definitions + */ +#define SMBFLG2_KNOWS_LONG_NAMES cpu_to_le16(1) /* + * can send long (non-8.3) + * path names in response + */ +#define SMBFLG2_KNOWS_EAS cpu_to_le16(2) +#define SMBFLG2_SECURITY_SIGNATURE cpu_to_le16(4) +#define SMBFLG2_COMPRESSED (8) +#define SMBFLG2_SECURITY_SIGNATURE_REQUIRED (0x10) +#define SMBFLG2_IS_LONG_NAME cpu_to_le16(0x40) +#define SMBFLG2_REPARSE_PATH (0x400) +#define SMBFLG2_EXT_SEC cpu_to_le16(0x800) +#define SMBFLG2_DFS cpu_to_le16(0x1000) +#define SMBFLG2_PAGING_IO cpu_to_le16(0x2000) +#define SMBFLG2_ERR_STATUS cpu_to_le16(0x4000) +#define SMBFLG2_UNICODE cpu_to_le16(0x8000) + +#define SMB_COM_CREATE_DIRECTORY 0x00 /* trivial response */ +#define SMB_COM_DELETE_DIRECTORY 0x01 /* trivial response */ +#define SMB_COM_CLOSE 0x04 /* triv req/rsp, timestamp ignored */ +#define SMB_COM_FLUSH 0x05 /* triv req/rsp */ +#define SMB_COM_DELETE 0x06 /* trivial response */ +#define SMB_COM_RENAME 0x07 /* trivial response */ +#define SMB_COM_QUERY_INFORMATION 0x08 /* aka getattr */ +#define SMB_COM_SETATTR 0x09 /* trivial response */ +#define SMB_COM_WRITE 0x0b +#define SMB_COM_CHECK_DIRECTORY 0x10 /* trivial response */ +#define SMB_COM_PROCESS_EXIT 0x11 /* trivial response */ +#define SMB_COM_LOCKING_ANDX 0x24 /* trivial response */ +#define SMB_COM_TRANSACTION 0x25 +#define SMB_COM_COPY 0x29 /* trivial rsp, fail filename ignrd*/ +#define SMB_COM_ECHO 0x2B /* echo request */ +#define SMB_COM_OPEN_ANDX 0x2D /* Legacy open for old servers */ +#define SMB_COM_READ_ANDX 0x2E +#define SMB_COM_WRITE_ANDX 0x2F +#define SMB_COM_TRANSACTION2 0x32 +#define SMB_COM_TRANSACTION2_SECONDARY 0x33 +#define SMB_COM_FIND_CLOSE2 0x34 /* trivial response */ +#define SMB_COM_TREE_DISCONNECT 0x71 /* trivial response */ +#define SMB_COM_NEGOTIATE 0x72 +#define SMB_COM_SESSION_SETUP_ANDX 0x73 +#define SMB_COM_LOGOFF_ANDX 0x74 /* trivial response */ +#define SMB_COM_TREE_CONNECT_ANDX 0x75 +#define SMB_COM_NT_TRANSACT 0xA0 +#define SMB_COM_NT_TRANSACT_SECONDARY 0xA1 +#define SMB_COM_NT_CREATE_ANDX 0xA2 +#define SMB_COM_NT_CANCEL 0xA4 /* no response */ +#define SMB_COM_NT_RENAME 0xA5 /* trivial response */ + +/* Negotiate response Capabilities */ +#define CAP_RAW_MODE 0x00000001 +#define CAP_MPX_MODE 0x00000002 +#define CAP_UNICODE 0x00000004 +#define CAP_LARGE_FILES 0x00000008 +#define CAP_NT_SMBS 0x00000010 /* implies CAP_NT_FIND */ +#define CAP_RPC_REMOTE_APIS 0x00000020 +#define CAP_STATUS32 0x00000040 +#define CAP_LEVEL_II_OPLOCKS 0x00000080 +#define CAP_LOCK_AND_READ 0x00000100 +#define CAP_NT_FIND 0x00000200 +#define CAP_DFS 0x00001000 +#define CAP_INFOLEVEL_PASSTHRU 0x00002000 +#define CAP_LARGE_READ_X 0x00004000 +#define CAP_LARGE_WRITE_X 0x00008000 +#define CAP_LWIO 0x00010000 /* support fctl_srv_req_resume_key */ +#define CAP_UNIX 0x00800000 +#define CAP_COMPRESSED_DATA 0x02000000 +#define CAP_DYNAMIC_REAUTH 0x20000000 +#define CAP_PERSISTENT_HANDLES 0x40000000 +#define CAP_EXTENDED_SECURITY 0x80000000 + +/* RFC 1002 session packet types */ +#define RFC1002_SESSION_MESSAGE 0x00 +#define RFC1002_SESSION_REQUEST 0x81 +#define RFC1002_POSITIVE_SESSION_RESPONSE 0x82 +#define RFC1002_NEGATIVE_SESSION_RESPONSE 0x83 +#define RFC1002_RETARGET_SESSION_RESPONSE 0x84 +#define RFC1002_SESSION_KEEP_ALIVE 0x85 + +/* Action bits */ +#define GUEST_LOGIN 1 + +struct smb_com_read_req { + struct smb_hdr hdr; /* wct = 12 */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __u16 Fid; + __le32 OffsetLow; + __le16 MaxCount; + __le16 MinCount; /* obsolete */ + __le32 MaxCountHigh; + __le16 Remaining; + __le32 OffsetHigh; + __le16 ByteCount; +} __packed; + +struct smb_com_read_rsp { + struct smb_hdr hdr; /* wct = 12 */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __le16 Remaining; + __le16 DataCompactionMode; + __le16 Reserved; + __le16 DataLength; + __le16 DataOffset; + __le16 DataLengthHigh; + __u64 Reserved2; + __le16 ByteCount; + /* read response data immediately follows */ +} __packed; + +struct smb_com_write_req { + struct smb_hdr hdr; /* wct = 14 */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __u16 Fid; + __le32 OffsetLow; + __u32 Reserved; + __le16 WriteMode; + __le16 Remaining; + __le16 DataLengthHigh; + __le16 DataLengthLow; + __le16 DataOffset; + __le32 OffsetHigh; + __le16 ByteCount; + __u8 Pad; /* + * BB check for whether padded to DWORD + * boundary and optimum performance here + */ + char Data[0]; +} __packed; + +struct smb_com_write_req_32bit { + struct smb_hdr hdr; /* wct = 5 */ + __u16 Fid; + __le16 Length; + __le32 Offset; + __u16 Estimate; + __le16 ByteCount; /* must be greater than 2 */ + __u8 BufferFormat; + __u16 DataLength; + char Data[0]; +} __packed; + +struct smb_com_write_rsp_32bit { + struct smb_hdr hdr; /* wct = 1 */ + __le16 Written; + __le16 ByteCount; /* must be 0 */ +} __packed; + +struct smb_com_write_rsp { + struct smb_hdr hdr; /* wct = 6 */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __le16 Count; + __le16 Remaining; + __le16 CountHigh; + __u16 Reserved; + __le16 ByteCount; +} __packed; + +struct smb_com_rename_req { + struct smb_hdr hdr; /* wct = 1 */ + __le16 SearchAttributes; /* target file attributes */ + __le16 ByteCount; + __u8 BufferFormat; /* 4 = ASCII or Unicode */ + unsigned char OldFileName[1]; + /* followed by __u8 BufferFormat2 */ + /* followed by NewFileName */ +} __packed; + +struct smb_com_rename_rsp { + struct smb_hdr hdr; /* wct = 0 */ + __le16 ByteCount; /* bct = 0 */ +} __packed; + +/* SecurityMode bits */ +#define SECMODE_USER 0x01 /* off indicates share level security */ +#define SECMODE_PW_ENCRYPT 0x02 +#define SECMODE_SIGN_ENABLED 0x04 /* SMB security signatures enabled */ +#define SECMODE_SIGN_REQUIRED 0x08 /* SMB security signatures required */ + +struct smb_com_session_setup_req { /* request format */ + struct smb_hdr hdr; /* wct = 12 */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __le16 MaxBufferSize; + __le16 MaxMpxCount; + __le16 VcNumber; + __u32 SessionKey; + __le16 SecurityBlobLength; + __u32 Reserved; + __le32 Capabilities; /* see below */ + __le16 ByteCount; + unsigned char SecurityBlob[1]; /* followed by */ + /* STRING NativeOS */ + /* STRING NativeLanMan */ +} __packed; /* NTLM request format (with extended security) */ + +struct smb_com_session_setup_req_no_secext { /* request format */ + struct smb_hdr hdr; /* we will handle this :: wct = 13 */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __le16 MaxBufferSize; + __le16 MaxMpxCount; + __le16 VcNumber; + __u32 SessionKey; + __le16 CaseInsensitivePasswordLength; /* ASCII password len */ + __le16 CaseSensitivePasswordLength; /* Unicode password length*/ + __u32 Reserved; /* see below */ + __le32 Capabilities; + __le16 ByteCount; + unsigned char CaseInsensitivePassword[0]; /* followed by: */ + /* unsigned char * CaseSensitivePassword; */ + /* STRING AccountName */ + /* STRING PrimaryDomain */ + /* STRING NativeOS */ + /* STRING NativeLanMan */ +} __packed; /* NTLM request format (without extended security */ + +struct smb_com_session_setup_resp { /* default (NTLM) response format */ + struct smb_hdr hdr; /* wct = 4 */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __le16 Action; /* see below */ + __le16 SecurityBlobLength; + __le16 ByteCount; + unsigned char SecurityBlob[1]; /* followed by */ + /* unsigned char * NativeOS; */ + /* unsigned char * NativeLanMan; */ + /* unsigned char * PrimaryDomain; */ +} __packed; /* NTLM response (with or without extended sec) */ + +struct smb_com_session_setup_old_resp { /* default (NTLM) response format */ + struct smb_hdr hdr; /* wct = 3 */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __le16 Action; /* see below */ + __le16 ByteCount; + unsigned char NativeOS[1]; /* followed by */ + /* unsigned char * NativeLanMan; */ + /* unsigned char * PrimaryDomain; */ +} __packed; /* pre-NTLM (LANMAN2.1) response */ + +union smb_com_session_setup_andx { + struct smb_com_session_setup_req req; + struct smb_com_session_setup_req_no_secext req_no_secext; + struct smb_com_session_setup_resp resp; + struct smb_com_session_setup_old_resp old_resp; +} __packed; + +struct smb_com_tconx_req { + __u8 WordCount; /* wct = 4, it could be ANDX */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __le16 Flags; /* see below */ + __le16 PasswordLength; + __le16 ByteCount; + unsigned char Password[1]; /* followed by */ + /* STRING Path *//* \\server\share name */ + /* STRING Service */ +} __packed; + +struct smb_com_tconx_rsp { + __u8 WordCount; /* wct = 3 , not extended response */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __le16 OptionalSupport; /* see below */ + __le16 ByteCount; + unsigned char Service[1]; /* always ASCII, not Unicode */ + /* STRING NativeFileSystem */ +} __packed; + +struct smb_com_tconx_rsp_ext { + __u8 WordCount; /* wct = 7, extended response */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __le16 OptionalSupport; /* see below */ + __le32 MaximalShareAccessRights; + __le32 GuestMaximalShareAccessRights; + __le16 ByteCount; + unsigned char Service[1]; /* always ASCII, not Unicode */ + /* STRING NativeFileSystem */ +} __packed; + +struct andx_block { + __u8 WordCount; + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; +} __packed; + +struct locking_andx_range64 { + __le16 Pid; + __le16 Pad; + __le32 OffsetHigh; + __le32 OffsetLow; + __le32 LengthHigh; + __le32 LengthLow; +} __packed; + +struct locking_andx_range32 { + __le16 Pid; + __le32 Offset; + __le32 Length; +} __packed; + +#define LOCKING_ANDX_SHARED_LOCK 0x01 +#define LOCKING_ANDX_OPLOCK_RELEASE 0x02 +#define LOCKING_ANDX_CHANGE_LOCKTYPE 0x04 +#define LOCKING_ANDX_CANCEL_LOCK 0x08 +#define LOCKING_ANDX_LARGE_FILES 0x10 /* always on for us */ + +struct smb_com_lock_req { + struct smb_hdr hdr; /* wct = 8 */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __u16 Fid; + __u8 LockType; + __u8 OplockLevel; + __le32 Timeout; + __le16 NumberOfUnlocks; + __le16 NumberOfLocks; + __le16 ByteCount; + char *Locks[1]; +} __packed; + +struct smb_com_lock_rsp { + struct smb_hdr hdr; /* wct = 2 */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __le16 ByteCount; +} __packed; + +/* tree connect Flags */ +#define DISCONNECT_TID 0x0001 +#define TCON_EXTENDED_SIGNATURES 0x0004 +#define TCON_EXTENDED_SECINFO 0x0008 + +/* OptionalSupport bits */ +#define SMB_SUPPORT_SEARCH_BITS 0x0001 /* + * "must have" directory search bits + * (exclusive searches supported) + */ +#define SMB_SHARE_IS_IN_DFS 0x0002 +#define SMB_CSC_MASK 0x000C +/* CSC flags defined as follows */ +#define SMB_CSC_CACHE_MANUAL_REINT 0x0000 +#define SMB_CSC_CACHE_AUTO_REINT 0x0004 +#define SMB_CSC_CACHE_VDO 0x0008 +#define SMB_CSC_NO_CACHING 0x000C +#define SMB_UNIQUE_FILE_NAME 0x0010 +#define SMB_EXTENDED_SIGNATURES 0x0020 + +/* OpenFlags */ +#define REQ_MORE_INFO 0x00000001 /* legacy (OPEN_AND_X) only */ +#define REQ_OPLOCK 0x00000002 +#define REQ_BATCHOPLOCK 0x00000004 +#define REQ_OPENDIRONLY 0x00000008 +#define REQ_EXTENDED_INFO 0x00000010 + +/* File type */ +#define DISK_TYPE 0x0000 +#define BYTE_PIPE_TYPE 0x0001 +#define MESSAGE_PIPE_TYPE 0x0002 +#define PRINTER_TYPE 0x0003 +#define COMM_DEV_TYPE 0x0004 +#define UNKNOWN_TYPE 0xFFFF + +/* Device Type or File Status Flags */ +#define NO_EAS 0x0001 +#define NO_SUBSTREAMS 0x0002 +#define NO_REPARSETAG 0x0004 +/* following flags can apply if pipe */ +#define ICOUNT_MASK 0x00FF +#define PIPE_READ_MODE 0x0100 +#define NAMED_PIPE_TYPE 0x0400 +#define PIPE_END_POINT 0x4000 +#define BLOCKING_NAMED_PIPE 0x8000 + +/* ShareAccess flags */ +#define FILE_NO_SHARE 0x00000000 +#define FILE_SHARE_READ 0x00000001 +#define FILE_SHARE_WRITE 0x00000002 +#define FILE_SHARE_DELETE 0x00000004 +#define FILE_SHARE_ALL 0x00000007 + +/* CreateDisposition flags, similar to CreateAction as well */ +#define FILE_SUPERSEDE 0x00000000 +#define FILE_OPEN 0x00000001 +#define FILE_CREATE 0x00000002 +#define FILE_OPEN_IF 0x00000003 +#define FILE_OVERWRITE 0x00000004 +#define FILE_OVERWRITE_IF 0x00000005 + +/* ImpersonationLevel flags */ +#define SECURITY_ANONYMOUS 0 +#define SECURITY_IDENTIFICATION 1 +#define SECURITY_IMPERSONATION 2 +#define SECURITY_DELEGATION 3 + +/* SecurityFlags */ +#define SECURITY_CONTEXT_TRACKING 0x01 +#define SECURITY_EFFECTIVE_ONLY 0x02 + +struct smb_com_open_req { /* also handles create */ + struct smb_hdr hdr; /* wct = 24 */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __u8 Reserved; /* Must Be Zero */ + __le16 NameLength; + __le32 OpenFlags; + __u32 RootDirectoryFid; + __le32 DesiredAccess; + __le64 AllocationSize; + __le32 FileAttributes; + __le32 ShareAccess; + __le32 CreateDisposition; + __le32 CreateOptions; + __le32 ImpersonationLevel; + __u8 SecurityFlags; + __le16 ByteCount; + char fileName[1]; +} __packed; + +/* open response for CreateAction shifted left */ +#define CIFS_CREATE_ACTION 0x20000 /* file created */ + +/* Basic file attributes */ +#define SMB_FILE_ATTRIBUTE_NORMAL 0x0000 +#define SMB_FILE_ATTRIBUTE_READONLY 0x0001 +#define SMB_FILE_ATTRIBUTE_HIDDEN 0x0002 +#define SMB_FILE_ATTRIBUTE_SYSTEM 0x0004 +#define SMB_FILE_ATTRIBUTE_VOLUME 0x0008 +#define SMB_FILE_ATTRIBUTE_DIRECTORY 0x0010 +#define SMB_FILE_ATTRIBUTE_ARCHIVE 0x0020 +#define SMB_SEARCH_ATTRIBUTE_READONLY 0x0100 +#define SMB_SEARCH_ATTRIBUTE_HIDDEN 0x0200 +#define SMB_SEARCH_ATTRIBUTE_SYSTEM 0x0400 +#define SMB_SEARCH_ATTRIBUTE_DIRECTORY 0x1000 +#define SMB_SEARCH_ATTRIBUTE_ARCHIVE 0x2000 + +struct smb_com_open_rsp { + struct smb_hdr hdr; /* wct = 34 BB */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __u8 OplockLevel; + __u16 Fid; + __le32 CreateAction; + __le64 CreationTime; + __le64 LastAccessTime; + __le64 LastWriteTime; + __le64 ChangeTime; + __le32 FileAttributes; + __le64 AllocationSize; + __le64 EndOfFile; + __le16 FileType; + __le16 DeviceState; + __u8 DirectoryFlag; + __le16 ByteCount; /* bct = 0 */ +} __packed; + +struct smb_com_open_ext_rsp { + struct smb_hdr hdr; /* wct = 42 */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __u8 OplockLevel; + __u16 Fid; + __le32 CreateAction; + __le64 CreationTime; + __le64 LastAccessTime; + __le64 LastWriteTime; + __le64 ChangeTime; + __le32 FileAttributes; + __le64 AllocationSize; + __le64 EndOfFile; + __le16 FileType; + __le16 DeviceState; + __u8 DirectoryFlag; + __u8 VolId[16]; + __u64 fid; + __le32 MaxAccess; + __le32 GuestAccess; + __le16 ByteCount; /* bct = 0 */ +} __packed; + +struct smb_com_close_req { + struct smb_hdr hdr; /* wct = 3 */ + __u16 FileID; + __le32 LastWriteTime; /* should be zero or -1 */ + __le16 ByteCount; /* 0 */ +} __packed; + +struct smb_com_close_rsp { + struct smb_hdr hdr; /* wct = 0 */ + __le16 ByteCount; /* bct = 0 */ +} __packed; + +struct smb_com_echo_req { + struct smb_hdr hdr; + __le16 EchoCount; + __le16 ByteCount; + char Data[1]; +} __packed; + +struct smb_com_echo_rsp { + struct smb_hdr hdr; + __le16 SequenceNumber; + __le16 ByteCount; + char Data[1]; +} __packed; + +struct smb_com_flush_req { + struct smb_hdr hdr; /* wct = 1 */ + __u16 FileID; + __le16 ByteCount; /* 0 */ +} __packed; + +struct smb_com_flush_rsp { + struct smb_hdr hdr; /* wct = 0 */ + __le16 ByteCount; /* bct = 0 */ +} __packed; + +/* SMB_COM_TRANSACTION */ +struct smb_com_trans_req { + struct smb_hdr hdr; + __le16 TotalParameterCount; + __le16 TotalDataCount; + __le16 MaxParameterCount; + __le16 MaxDataCount; + __u8 MaxSetupCount; + __u8 Reserved; + __le16 Flags; + __le32 Timeout; + __u16 Reserved2; + __le16 ParameterCount; + __le16 ParameterOffset; + __le16 DataCount; + __le16 DataOffset; + __u8 SetupCount; + __u8 Reserved3; + __le16 SubCommand; + __u8 Pad; + __u8 Data[1]; +} __packed; + +struct smb_com_trans_pipe_req { + struct smb_hdr hdr; + __le16 TotalParameterCount; + __le16 TotalDataCount; + __le16 MaxParameterCount; + __le16 MaxDataCount; + __u8 MaxSetupCount; + __u8 Reserved; + __le16 Flags; + __le32 Timeout; + __u16 Reserved2; + __le16 ParameterCount; + __le16 ParameterOffset; + __le16 DataCount; + __le16 DataOffset; + __u8 SetupCount; + __u8 Reserved3; + __u16 SubCommand; + __u16 fid; + __le16 ByteCount; + __u8 Pad; + __u8 Data[1]; +} __packed; + +struct smb_com_trans_rsp { + struct smb_hdr hdr; /* wct = 10+ */ + __le16 TotalParameterCount; + __le16 TotalDataCount; + __u16 Reserved; + __le16 ParameterCount; + __le16 ParameterOffset; + __le16 ParameterDisplacement; + __le16 DataCount; + __le16 DataOffset; + __le16 DataDisplacement; + __u8 SetupCount; + __u8 Reserved1; + __le16 ByteCount; + __u8 Pad; +} __packed; + +/* SMB_COM_TRANSACTION subcommands */ + +#define TRANSACT_DCERPCCMD 0x26 + +/***************************************************************************** + * TRANS2 command implementation functions + *****************************************************************************/ +#define NO_CHANGE_64 0xFFFFFFFFFFFFFFFFULL + +/* QFSInfo Levels */ +#define SMB_INFO_ALLOCATION 1 +#define SMB_INFO_VOLUME 2 +#define SMB_QUERY_FS_VOLUME_INFO 0x102 +#define SMB_QUERY_FS_SIZE_INFO 0x103 +#define SMB_QUERY_FS_DEVICE_INFO 0x104 +#define SMB_QUERY_FS_ATTRIBUTE_INFO 0x105 +#define SMB_QUERY_CIFS_UNIX_INFO 0x200 +#define SMB_QUERY_POSIX_FS_INFO 0x201 +#define SMB_QUERY_POSIX_WHO_AM_I 0x202 +#define SMB_REQUEST_TRANSPORT_ENCRYPTION 0x203 +#define SMB_QUERY_FS_PROXY 0x204 /* + * WAFS enabled. Returns structure + * FILE_SYSTEM__UNIX_INFO to tell + * whether new NTIOCTL available + * (0xACE) for WAN friendly SMB + * operations to be carried + */ +#define SMB_QUERY_LABEL_INFO 0x3ea +#define SMB_QUERY_FS_QUOTA_INFO 0x3ee +#define SMB_QUERY_FS_FULL_SIZE_INFO 0x3ef +#define SMB_QUERY_OBJECTID_INFO 0x3f0 + +struct trans2_resp { + /* struct smb_hdr hdr precedes. Note wct = 10 + setup count */ + __le16 TotalParameterCount; + __le16 TotalDataCount; + __u16 Reserved; + __le16 ParameterCount; + __le16 ParameterOffset; + __le16 ParameterDisplacement; + __le16 DataCount; + __le16 DataOffset; + __le16 DataDisplacement; + __u8 SetupCount; + __u8 Reserved1; + /* + * SetupWords[SetupCount]; + * __u16 ByteCount; + * __u16 Reserved2; + */ + /* data area follows */ +} __packed; + +struct smb_com_trans2_req { + struct smb_hdr hdr; + __le16 TotalParameterCount; + __le16 TotalDataCount; + __le16 MaxParameterCount; + __le16 MaxDataCount; + __u8 MaxSetupCount; + __u8 Reserved; + __le16 Flags; + __le32 Timeout; + __u16 Reserved2; + __le16 ParameterCount; + __le16 ParameterOffset; + __le16 DataCount; + __le16 DataOffset; + __u8 SetupCount; + __u8 Reserved3; + __le16 SubCommand; /* one setup word */ +} __packed; + +struct smb_com_trans2_qfsi_req { + struct smb_hdr hdr; /* wct = 14+ */ + __le16 TotalParameterCount; + __le16 TotalDataCount; + __le16 MaxParameterCount; + __le16 MaxDataCount; + __u8 MaxSetupCount; + __u8 Reserved; + __le16 Flags; + __le32 Timeout; + __u16 Reserved2; + __le16 ParameterCount; + __le16 ParameterOffset; + __le16 DataCount; + __le16 DataOffset; + __u8 SetupCount; + __u8 Reserved3; + __le16 SubCommand; /* one setup word */ + __le16 ByteCount; + __u8 Pad; + __le16 InformationLevel; +} __packed; + +struct smb_com_trans2_qfsi_req_params { + __le16 InformationLevel; +} __packed; + +#define CIFS_SEARCH_CLOSE_ALWAYS 0x0001 +#define CIFS_SEARCH_CLOSE_AT_END 0x0002 +#define CIFS_SEARCH_RETURN_RESUME 0x0004 +#define CIFS_SEARCH_CONTINUE_FROM_LAST 0x0008 +#define CIFS_SEARCH_BACKUP_SEARCH 0x0010 + +struct smb_com_trans2_ffirst_req_params { + __le16 SearchAttributes; + __le16 SearchCount; + __le16 SearchFlags; + __le16 InformationLevel; + __le32 SearchStorageType; + char FileName[1]; +} __packed; + +struct smb_com_trans2_ffirst_rsp_parms { + __u16 SearchHandle; + __le16 SearchCount; + __le16 EndofSearch; + __le16 EAErrorOffset; + __le16 LastNameOffset; +} __packed; + +struct smb_com_trans2_fnext_req_params { + __u16 SearchHandle; + __le16 SearchCount; + __le16 InformationLevel; + __u32 ResumeKey; + __le16 SearchFlags; + char ResumeFileName[1]; +} __packed; + +struct smb_com_trans2_fnext_rsp_params { + __le16 SearchCount; + __le16 EndofSearch; + __le16 EAErrorOffset; + __le16 LastNameOffset; +} __packed; + +struct smb_com_trans2_rsp { + struct smb_hdr hdr; /* wct = 10 + SetupCount */ + struct trans2_resp t2; + __le16 ByteCount; + __u8 Pad; /* may be three bytes? *//* followed by data area */ + __u8 Buffer[0]; +} __packed; + +struct file_internal_info { + __le64 UniqueId; /* inode number */ +} __packed; /* level 0x3ee */ + +/* DeviceType Flags */ +#define FILE_DEVICE_CD_ROM 0x00000002 +#define FILE_DEVICE_CD_ROM_FILE_SYSTEM 0x00000003 +#define FILE_DEVICE_DFS 0x00000006 +#define FILE_DEVICE_DISK 0x00000007 +#define FILE_DEVICE_DISK_FILE_SYSTEM 0x00000008 +#define FILE_DEVICE_FILE_SYSTEM 0x00000009 +#define FILE_DEVICE_NAMED_PIPE 0x00000011 +#define FILE_DEVICE_NETWORK 0x00000012 +#define FILE_DEVICE_NETWORK_FILE_SYSTEM 0x00000014 +#define FILE_DEVICE_NULL 0x00000015 +#define FILE_DEVICE_PARALLEL_PORT 0x00000016 +#define FILE_DEVICE_PRINTER 0x00000018 +#define FILE_DEVICE_SERIAL_PORT 0x0000001b +#define FILE_DEVICE_STREAMS 0x0000001e +#define FILE_DEVICE_TAPE 0x0000001f +#define FILE_DEVICE_TAPE_FILE_SYSTEM 0x00000020 +#define FILE_DEVICE_VIRTUAL_DISK 0x00000024 +#define FILE_DEVICE_NETWORK_REDIRECTOR 0x00000028 + +/* Filesystem Attributes. */ +#define FILE_CASE_SENSITIVE_SEARCH 0x00000001 +#define FILE_CASE_PRESERVED_NAMES 0x00000002 +#define FILE_UNICODE_ON_DISK 0x00000004 +/* According to cifs9f, this is 4, not 8 */ +/* Acconding to testing, this actually sets the security attribute! */ +#define FILE_PERSISTENT_ACLS 0x00000008 +#define FILE_FILE_COMPRESSION 0x00000010 +#define FILE_VOLUME_QUOTAS 0x00000020 +#define FILE_SUPPORTS_SPARSE_FILES 0x00000040 +#define FILE_SUPPORTS_REPARSE_POINTS 0x00000080 +#define FILE_SUPPORTS_REMOTE_STORAGE 0x00000100 +#define FS_LFN_APIS 0x00004000 +#define FILE_VOLUME_IS_COMPRESSED 0x00008000 +#define FILE_SUPPORTS_OBJECT_IDS 0x00010000 +#define FILE_SUPPORTS_ENCRYPTION 0x00020000 +#define FILE_NAMED_STREAMS 0x00040000 +#define FILE_READ_ONLY_VOLUME 0x00080000 + +/* PathInfo/FileInfo infolevels */ +#define SMB_INFO_STANDARD 1 +#define SMB_SET_FILE_EA 2 +#define SMB_QUERY_FILE_EA_SIZE 2 +#define SMB_INFO_QUERY_EAS_FROM_LIST 3 +#define SMB_INFO_QUERY_ALL_EAS 4 +#define SMB_INFO_IS_NAME_VALID 6 +#define SMB_QUERY_FILE_BASIC_INFO 0x101 +#define SMB_QUERY_FILE_STANDARD_INFO 0x102 +#define SMB_QUERY_FILE_EA_INFO 0x103 +#define SMB_QUERY_FILE_NAME_INFO 0x104 +#define SMB_QUERY_FILE_ALLOCATION_INFO 0x105 +#define SMB_QUERY_FILE_END_OF_FILEINFO 0x106 +#define SMB_QUERY_FILE_ALL_INFO 0x107 +#define SMB_QUERY_ALT_NAME_INFO 0x108 +#define SMB_QUERY_FILE_STREAM_INFO 0x109 +#define SMB_QUERY_FILE_COMPRESSION_INFO 0x10B +#define SMB_QUERY_FILE_UNIX_BASIC 0x200 +#define SMB_QUERY_FILE_UNIX_LINK 0x201 +#define SMB_QUERY_POSIX_ACL 0x204 +#define SMB_QUERY_XATTR 0x205 /* e.g. system EA name space */ +#define SMB_QUERY_ATTR_FLAGS 0x206 /* append,immutable etc. */ +#define SMB_QUERY_POSIX_PERMISSION 0x207 +#define SMB_QUERY_POSIX_LOCK 0x208 +/* #define SMB_POSIX_OPEN 0x209 */ +/* #define SMB_POSIX_UNLINK 0x20a */ +#define SMB_QUERY_FILE__UNIX_INFO2 0x20b +#define SMB_QUERY_FILE_INTERNAL_INFO 0x3ee +#define SMB_QUERY_FILE_ACCESS_INFO 0x3f0 +#define SMB_QUERY_FILE_NAME_INFO2 0x3f1 /* 0x30 bytes */ +#define SMB_QUERY_FILE_POSITION_INFO 0x3f6 +#define SMB_QUERY_FILE_MODE_INFO 0x3f8 +#define SMB_QUERY_FILE_ALGN_INFO 0x3f9 + + +#define SMB_SET_FILE_BASIC_INFO 0x101 +#define SMB_SET_FILE_DISPOSITION_INFO 0x102 +#define SMB_SET_FILE_ALLOCATION_INFO 0x103 +#define SMB_SET_FILE_END_OF_FILE_INFO 0x104 +#define SMB_SET_FILE_UNIX_BASIC 0x200 +#define SMB_SET_FILE_UNIX_LINK 0x201 +#define SMB_SET_FILE_UNIX_HLINK 0x203 +#define SMB_SET_POSIX_ACL 0x204 +#define SMB_SET_XATTR 0x205 +#define SMB_SET_ATTR_FLAGS 0x206 /* append, immutable etc. */ +#define SMB_SET_POSIX_LOCK 0x208 +#define SMB_POSIX_OPEN 0x209 +#define SMB_POSIX_UNLINK 0x20a +#define SMB_SET_FILE_UNIX_INFO2 0x20b +#define SMB_SET_FILE_BASIC_INFO2 0x3ec +#define SMB_SET_FILE_RENAME_INFORMATION 0x3f2 /* BB check if qpathinfo too */ +#define SMB_SET_FILE_DISPOSITION_INFORMATION 0x3f5 /* alias for 0x102 */ +#define SMB_FILE_ALL_INFO2 0x3fa +#define SMB_SET_FILE_ALLOCATION_INFO2 0x3fb +#define SMB_SET_FILE_END_OF_FILE_INFO2 0x3fc +#define SMB_FILE_MOVE_CLUSTER_INFO 0x407 +#define SMB_FILE_QUOTA_INFO 0x408 +#define SMB_FILE_REPARSEPOINT_INFO 0x409 +#define SMB_FILE_MAXIMUM_INFO 0x40d + +/* Find File infolevels */ +#define SMB_FIND_FILE_INFO_STANDARD 0x001 +#define SMB_FIND_FILE_QUERY_EA_SIZE 0x002 +#define SMB_FIND_FILE_QUERY_EAS_FROM_LIST 0x003 +#define SMB_FIND_FILE_DIRECTORY_INFO 0x101 +#define SMB_FIND_FILE_FULL_DIRECTORY_INFO 0x102 +#define SMB_FIND_FILE_NAMES_INFO 0x103 +#define SMB_FIND_FILE_BOTH_DIRECTORY_INFO 0x104 +#define SMB_FIND_FILE_ID_FULL_DIR_INFO 0x105 +#define SMB_FIND_FILE_ID_BOTH_DIR_INFO 0x106 +#define SMB_FIND_FILE_UNIX 0x202 + +struct smb_com_trans2_qpi_req { + struct smb_hdr hdr; /* wct = 14+ */ + __le16 TotalParameterCount; + __le16 TotalDataCount; + __le16 MaxParameterCount; + __le16 MaxDataCount; + __u8 MaxSetupCount; + __u8 Reserved; + __le16 Flags; + __le32 Timeout; + __u16 Reserved2; + __le16 ParameterCount; + __le16 ParameterOffset; + __le16 DataCount; + __le16 DataOffset; + __u8 SetupCount; + __u8 Reserved3; + __le16 SubCommand; /* one setup word */ + __le16 ByteCount; + __u8 Pad; + __le16 InformationLevel; + __u32 Reserved4; + char FileName[1]; +} __packed; + +struct trans2_qpi_req_params { + __le16 InformationLevel; + __u32 Reserved4; + char FileName[1]; +} __packed; + +/******************************************************************************/ +/* QueryFileInfo/QueryPathinfo (also for SetPath/SetFile) data buffer formats */ +/******************************************************************************/ +struct file_basic_info { + __le64 CreationTime; + __le64 LastAccessTime; + __le64 LastWriteTime; + __le64 ChangeTime; + __le32 Attributes; + __u32 Pad; +} __packed; /* size info, level 0x101 */ + +struct file_standard_info { + __le64 AllocationSize; + __le64 EndOfFile; + __le32 NumberOfLinks; + __u8 DeletePending; + __u8 Directory; + __le16 Reserved; +} __packed; + +struct file_ea_info { + __le32 EaSize; +} __packed; + +struct alt_name_info { + __le32 FileNameLength; + char FileName[1]; +} __packed; + +struct file_name_info { + __le32 FileNameLength; + char FileName[1]; +} __packed; + +/* data block encoding of response to level 263 QPathInfo */ +struct file_all_info { + __le64 CreationTime; + __le64 LastAccessTime; + __le64 LastWriteTime; + __le64 ChangeTime; + __le32 Attributes; + __u32 Pad1; + __le64 AllocationSize; + __le64 EndOfFile; /* size ie offset to first free byte in file */ + __le32 NumberOfLinks; /* hard links */ + __u8 DeletePending; + __u8 Directory; + __u16 Pad2; + __le32 EASize; + __le32 FileNameLength; + char FileName[1]; +} __packed; /* level 0x107 QPathInfo */ + +/* set path info/open file */ +/* defines for enumerating possible values of the Unix type field below */ +#define UNIX_FILE 0 +#define UNIX_DIR 1 +#define UNIX_SYMLINK 2 +#define UNIX_CHARDEV 3 +#define UNIX_BLOCKDEV 4 +#define UNIX_FIFO 5 +#define UNIX_SOCKET 6 +#define UNIX_UNKNOWN 0xFFFFFFFF + +struct file_unix_basic_info { + __le64 EndOfFile; + __le64 NumOfBytes; + __le64 LastStatusChange; /*SNIA specs DCE time for the 3 time fields */ + __le64 LastAccessTime; + __le64 LastModificationTime; + __le64 Uid; + __le64 Gid; + __le32 Type; + __le64 DevMajor; + __le64 DevMinor; + __le64 UniqueId; + __le64 Permissions; + __le64 Nlinks; +} __packed; /* level 0x200 QPathInfo */ + +struct smb_com_trans2_spi_req { + struct smb_hdr hdr; /* wct = 15 */ + __le16 TotalParameterCount; + __le16 TotalDataCount; + __le16 MaxParameterCount; + __le16 MaxDataCount; + __u8 MaxSetupCount; + __u8 Reserved; + __le16 Flags; + __le32 Timeout; + __u16 Reserved2; + __le16 ParameterCount; + __le16 ParameterOffset; + __le16 DataCount; + __le16 DataOffset; + __u8 SetupCount; + __u8 Reserved3; + __le16 SubCommand; /* one setup word */ + __le16 ByteCount; + __u8 Pad; + __u16 Pad1; + __le16 InformationLevel; + __u32 Reserved4; + char FileName[1]; +} __packed; + +struct smb_com_trans2_spi_rsp { + struct smb_hdr hdr; /* wct = 10 + SetupCount */ + struct trans2_resp t2; + __le16 ByteCount; + __u16 Reserved2; /* parameter word is present for infolevels > 100 */ +} __packed; + +/* POSIX Open Flags */ +#define SMB_O_RDONLY 0x1 +#define SMB_O_WRONLY 0x2 +#define SMB_O_RDWR 0x4 +#define SMB_O_CREAT 0x10 +#define SMB_O_EXCL 0x20 +#define SMB_O_TRUNC 0x40 +#define SMB_O_APPEND 0x80 +#define SMB_O_SYNC 0x100 +#define SMB_O_DIRECTORY 0x200 +#define SMB_O_NOFOLLOW 0x400 +#define SMB_O_DIRECT 0x800 +#define SMB_ACCMODE 0x7 + +/* info level response for SMB_POSIX_PATH_OPEN */ +#define SMB_NO_INFO_LEVEL_RESPONSE 0xFFFF + +struct open_psx_req { + __le32 OpenFlags; /* same as NT CreateX */ + __le32 PosixOpenFlags; + __le64 Permissions; + __le16 Level; /* reply level requested (see QPathInfo levels) */ +} __packed; /* level 0x209 SetPathInfo data */ + +struct open_psx_rsp { + __le16 OplockFlags; + __u16 Fid; + __le32 CreateAction; + __le16 ReturnedLevel; + __le16 Pad; + /* struct following varies based on requested level */ +} __packed; /* level 0x209 SetPathInfo data */ + +struct unlink_psx_rsp { + __le16 EAErrorOffset; +} __packed; /* level 0x209 SetPathInfo data*/ + +/* Version numbers for CIFS UNIX major and minor. */ +#define CIFS_UNIX_MAJOR_VERSION 1 +#define CIFS_UNIX_MINOR_VERSION 0 + +struct filesystem_unix_info { + __le16 MajorVersionNumber; + __le16 MinorVersionNumber; + __le64 Capability; +} __packed; /* Unix extension level 0x200*/ + +/* Linux/Unix extensions capability flags */ +#define CIFS_UNIX_FCNTL_CAP 0x00000001 /* support for fcntl locks */ +#define CIFS_UNIX_POSIX_ACL_CAP 0x00000002 /* support getfacl/setfacl */ +#define CIFS_UNIX_XATTR_CAP 0x00000004 /* support new namespace */ +#define CIFS_UNIX_EXTATTR_CAP 0x00000008 /* support chattr/chflag */ +#define CIFS_UNIX_POSIX_PATHNAMES_CAP 0x00000010 /* Allow POSIX path chars */ +#define CIFS_UNIX_POSIX_PATH_OPS_CAP 0x00000020 /* + * Allow new POSIX path based + * calls including posix open + * and posix unlink + */ +#define CIFS_UNIX_LARGE_READ_CAP 0x00000040 /* + * support reads >128K (up + * to 0xFFFF00 + */ +#define CIFS_UNIX_LARGE_WRITE_CAP 0x00000080 +#define CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP 0x00000100 /* can do SPNEGO crypt */ +#define CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP 0x00000200 /* must do */ +#define CIFS_UNIX_PROXY_CAP 0x00000400 /* + * Proxy cap: 0xACE ioctl and + * QFS PROXY call + */ +#ifdef CONFIG_CIFS_POSIX +/* presumably don't need the 0x20 POSIX_PATH_OPS_CAP since we never send + * LockingX instead of posix locking call on unix sess (and we do not expect + * LockingX to use different (ie Windows) semantics than posix locking on + * the same session (if WINE needs to do this later, we can add this cap + * back in later + */ + +/* #define CIFS_UNIX_CAP_MASK 0x000000fb */ +#define CIFS_UNIX_CAP_MASK 0x000003db +#else +#define CIFS_UNIX_CAP_MASK 0x00000013 +#endif /* CONFIG_CIFS_POSIX */ + + +#define CIFS_POSIX_EXTENSIONS 0x00000010 /* support for new QFSInfo */ + +/* Our server caps */ + +#define SMB_UNIX_CAPS (CIFS_UNIX_FCNTL_CAP | CIFS_UNIX_POSIX_ACL_CAP | \ + CIFS_UNIX_XATTR_CAP | CIFS_UNIX_POSIX_PATHNAMES_CAP| \ + CIFS_UNIX_POSIX_PATH_OPS_CAP | CIFS_UNIX_LARGE_READ_CAP | \ + CIFS_UNIX_LARGE_WRITE_CAP) + +#define SMB_SET_CIFS_UNIX_INFO 0x200 +/* Level 0x200 request structure follows */ +struct smb_com_trans2_setfsi_req { + struct smb_hdr hdr; /* wct = 15 */ + __le16 TotalParameterCount; + __le16 TotalDataCount; + __le16 MaxParameterCount; + __le16 MaxDataCount; + __u8 MaxSetupCount; + __u8 Reserved; + __le16 Flags; + __le32 Timeout; + __u16 Reserved2; + __le16 ParameterCount; /* 4 */ + __le16 ParameterOffset; + __le16 DataCount; /* 12 */ + __le16 DataOffset; + __u8 SetupCount; /* one */ + __u8 Reserved3; + __le16 SubCommand; /* TRANS2_SET_FS_INFORMATION */ + __le16 ByteCount; + __u8 Pad; + __u16 FileNum; /* Parameters start. */ + __le16 InformationLevel;/* Parameters end. */ + __le16 ClientUnixMajor; /* Data start. */ + __le16 ClientUnixMinor; + __le64 ClientUnixCap; /* Data end */ +} __packed; + +/* response for setfsinfo levels 0x200 and 0x203 */ +struct smb_com_trans2_setfsi_rsp { + struct smb_hdr hdr; /* wct = 10 */ + struct trans2_resp t2; + __le16 ByteCount; +} __packed; + +struct smb_trans2_qfi_req_params { + __u16 Fid; + __le16 InformationLevel; +} __packed; + +/* FIND FIRST2 and FIND NEXT2 INFORMATION Level Codes*/ + +struct find_info_standard { + __le16 CreationDate; /* SMB Date see above */ + __le16 CreationTime; /* SMB Time */ + __le16 LastAccessDate; + __le16 LastAccessTime; + __le16 LastWriteDate; + __le16 LastWriteTime; + __le32 DataSize; /* File Size (EOF) */ + __le32 AllocationSize; + __le16 Attributes; /* verify not u32 */ + __le16 FileNameLength; + char FileName[1]; +} __packed; + +struct find_info_query_ea_size { + __le16 CreationDate; /* SMB Date see above */ + __le16 CreationTime; /* SMB Time */ + __le16 LastAccessDate; + __le16 LastAccessTime; + __le16 LastWriteDate; + __le16 LastWriteTime; + __le32 DataSize; /* File Size (EOF) */ + __le32 AllocationSize; + __le16 Attributes; /* verify not u32 */ + __le32 EASize; + __u8 FileNameLength; + char FileName[1]; +} __packed; + +struct file_unix_info { + __le32 NextEntryOffset; + __u32 ResumeKey; /* as with FileIndex - no need to convert */ + struct file_unix_basic_info basic; + char FileName[1]; +} __packed; /* level 0x202 */ + +struct smb_com_trans2_sfi_req { + struct smb_hdr hdr; /* wct = 15 */ + __le16 TotalParameterCount; + __le16 TotalDataCount; + __le16 MaxParameterCount; + __le16 MaxDataCount; + __u8 MaxSetupCount; + __u8 Reserved; + __le16 Flags; + __le32 Timeout; + __u16 Reserved2; + __le16 ParameterCount; + __le16 ParameterOffset; + __le16 DataCount; + __le16 DataOffset; + __u8 SetupCount; + __u8 Reserved3; + __le16 SubCommand; /* one setup word */ + __le16 ByteCount; + __u8 Pad; + __u16 Pad1; + __u16 Fid; + __le16 InformationLevel; + __u16 Reserved4; +} __packed; + +struct smb_com_trans2_sfi_rsp { + struct smb_hdr hdr; /* wct = 10 + SetupCount */ + struct trans2_resp t2; + __le16 ByteCount; + __u16 Reserved2; /* + * parameter word reserved - + * present for infolevels > 100 + */ +} __packed; + +struct file_end_of_file_info { + __le64 FileSize; /* offset to end of file */ +} __packed; /* size info, level 0x104 for set, 0x106 for query */ + +struct smb_com_create_directory_req { + struct smb_hdr hdr; /* wct = 0 */ + __le16 ByteCount; + __u8 BufferFormat; /* 4 = ASCII */ + unsigned char DirName[1]; +} __packed; + +struct smb_com_create_directory_rsp { + struct smb_hdr hdr; /* wct = 0 */ + __le16 ByteCount; /* bct = 0 */ +} __packed; + +struct smb_com_check_directory_req { + struct smb_hdr hdr; /* wct = 0 */ + __le16 ByteCount; + __u8 BufferFormat; /* 4 = ASCII */ + unsigned char DirName[1]; +} __packed; + +struct smb_com_check_directory_rsp { + struct smb_hdr hdr; /* wct = 0 */ + __le16 ByteCount; /* bct = 0 */ +} __packed; + +struct smb_com_process_exit_rsp { + struct smb_hdr hdr; /* wct = 0 */ + __le16 ByteCount; /* bct = 0 */ +} __packed; + +struct smb_com_delete_directory_req { + struct smb_hdr hdr; /* wct = 0 */ + __le16 ByteCount; + __u8 BufferFormat; /* 4 = ASCII */ + unsigned char DirName[1]; +} __packed; + +struct smb_com_delete_directory_rsp { + struct smb_hdr hdr; /* wct = 0 */ + __le16 ByteCount; /* bct = 0 */ +} __packed; + +struct smb_com_delete_file_req { + struct smb_hdr hdr; /* wct = 1 */ + __le16 SearchAttributes; + __le16 ByteCount; + __u8 BufferFormat; /* 4 = ASCII */ + unsigned char fileName[1]; +} __packed; + +struct smb_com_delete_file_rsp { + struct smb_hdr hdr; /* wct = 0 */ + __le16 ByteCount; /* bct = 0 */ +} __packed; + +#define CREATE_HARD_LINK 0x103 + +struct smb_com_nt_rename_req { /* A5 - also used for create hardlink */ + struct smb_hdr hdr; /* wct = 4 */ + __le16 SearchAttributes; /* target file attributes */ + __le16 Flags; /* spec says Information Level */ + __le32 ClusterCount; + __le16 ByteCount; + __u8 BufferFormat; /* 4 = ASCII or Unicode */ + unsigned char OldFileName[1]; + /* followed by __u8 BufferFormat2 */ + /* followed by NewFileName */ +} __packed; + +struct smb_com_query_information_req { + struct smb_hdr hdr; /* wct = 0 */ + __le16 ByteCount; /* 1 + namelen + 1 */ + __u8 BufferFormat; /* 4 = ASCII */ + unsigned char FileName[1]; +} __packed; + +struct smb_com_query_information_rsp { + struct smb_hdr hdr; /* wct = 10 */ + __le16 attr; + __le32 last_write_time; + __le32 size; + __u16 reserved[5]; + __le16 ByteCount; /* bcc = 0 */ +} __packed; + +struct smb_com_findclose_req { + struct smb_hdr hdr; /* wct = 1 */ + __u16 FileID; + __le16 ByteCount; /* 0 */ +} __packed; + +#define SMBOPEN_DISPOSITION_NONE 0 +#define SMBOPEN_LOCK_GRANTED 0x8000 + +#define SMB_DA_ACCESS_READ 0 +#define SMB_DA_ACCESS_WRITE 0x0001 +#define SMB_DA_ACCESS_READ_WRITE 0x0002 + +/* + * Flags on SMB open + */ +#define SMBOPEN_WRITE_THROUGH 0x4000 +#define SMBOPEN_DENY_ALL 0x0010 +#define SMBOPEN_DENY_WRITE 0x0020 +#define SMBOPEN_DENY_READ 0x0030 +#define SMBOPEN_DENY_NONE 0x0040 +#define SMBOPEN_SHARING_MODE (SMBOPEN_DENY_ALL | \ + SMBOPEN_DENY_WRITE | \ + SMBOPEN_DENY_READ | \ + SMBOPEN_DENY_NONE) +#define SMBOPEN_READ 0x0000 +#define SMBOPEN_WRITE 0x0001 +#define SMBOPEN_READWRITE 0x0002 +#define SMBOPEN_EXECUTE 0x0003 + +#define SMBOPEN_OCREATE 0x0010 +#define SMBOPEN_OTRUNC 0x0002 +#define SMBOPEN_OAPPEND 0x0001 + +/* format of legacy open request */ +struct smb_com_openx_req { + struct smb_hdr hdr; /* wct = 15 */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __le16 OpenFlags; + __le16 Mode; + __le16 Sattr; /* search attributes */ + __le16 FileAttributes; /* dos attrs */ + __le32 CreateTime; /* os2 format */ + __le16 OpenFunction; + __le32 EndOfFile; + __le32 Timeout; + __le32 Reserved; + __le16 ByteCount; /* file name follows */ + char fileName[1]; +} __packed; + +struct smb_com_openx_rsp { + struct smb_hdr hdr; /* wct = 15 */ + __u8 AndXCommand; + __u8 AndXReserved; + __le16 AndXOffset; + __u16 Fid; + __le16 FileAttributes; + __le32 LastWriteTime; /* os2 format */ + __le32 EndOfFile; + __le16 Access; + __le16 FileType; + __le16 IPCState; + __le16 Action; + __u32 FileId; + __u16 Reserved; + __le16 ByteCount; +} __packed; + +struct filesystem_alloc_info { + __le32 fsid; + __le32 SectorsPerAllocationUnit; + __le32 TotalAllocationUnits; + __le32 FreeAllocationUnits; + __le16 BytesPerSector; +} __packed; + +struct file_allocation_info { + __le64 AllocationSize; /* Note old Samba srvr rounds this up too much */ +} __packed; /* size used on disk: 0x103 for set, 0x105 for query */ + +struct file_info_standard { + __le16 CreationDate; /* SMB Date see above */ + __le16 CreationTime; /* SMB Time */ + __le16 LastAccessDate; + __le16 LastAccessTime; + __le16 LastWriteDate; + __le16 LastWriteTime; + __le32 DataSize; /* File Size (EOF) */ + __le32 AllocationSize; + __le16 Attributes; /* verify not u32 */ + __le32 EASize; +} __packed; /* level 1 SetPath/FileInfo */ + +#define CIFS_MF_SYMLINK_LINK_MAXLEN (1024) + +struct set_file_rename { + __le32 overwrite; /* 1 = overwrite dest */ + __u32 root_fid; /* zero */ + __le32 target_name_len; + char target_name[0]; /* Must be unicode */ +} __packed; + +struct fea { + unsigned char EA_flags; + __u8 name_len; + __le16 value_len; + char name[1]; + /* optionally followed by value */ +} __packed; + +struct fealist { + __le32 list_len; + __u8 list[1]; +} __packed; + +/* POSIX ACL set/query path info structures */ +#define CIFS_ACL_VERSION 1 +struct cifs_posix_ace { /* access control entry (ACE) */ + __u8 cifs_e_tag; + __u8 cifs_e_perm; + __le64 cifs_uid; /* or gid */ +} __packed; + +struct cifs_posix_acl { /* access conrol list (ACL) */ + __le16 version; + __le16 access_entry_count; /* access ACL - count of entries */ + __le16 default_entry_count; /* default ACL - count of entries */ + struct cifs_posix_ace ace_array[0]; + /* + * followed by + * struct cifs_posix_ace default_ace_arraay[] + */ +} __packed; /* level 0x204 */ + +struct smb_com_setattr_req { + struct smb_hdr hdr; /* wct = 8 */ + __le16 attr; + __le32 LastWriteTime; + __le16 reserved[5]; /* must be zero */ + __le16 ByteCount; + __u8 BufferFormat; /* 4 = ASCII */ + unsigned char fileName[1]; +} __packed; + +struct smb_com_setattr_rsp { + struct smb_hdr hdr; /* wct = 0 */ + __le16 ByteCount; /* bct = 0 */ +} __packed; + +extern int init_smb1_server(struct ksmbd_conn *conn); + +/* function prototypes */ +extern int init_smb_rsp_hdr(struct ksmbd_work *work); +extern u16 get_smb_cmd_val(struct ksmbd_work *work); +extern void set_smb_rsp_status(struct ksmbd_work *work, __le32 err); +extern int smb_allocate_rsp_buf(struct ksmbd_work *work); +extern bool smb1_is_sign_req(struct ksmbd_work *work, unsigned int command); +extern int smb1_check_sign_req(struct ksmbd_work *work); +extern void smb1_set_sign_rsp(struct ksmbd_work *work); +extern int smb_check_user_session(struct ksmbd_work *work); +extern int smb_get_ksmbd_tcon(struct ksmbd_work *work); +extern int ksmbd_smb1_check_message(struct ksmbd_work *work); + +/* smb1 command handlers */ +extern int smb_rename(struct ksmbd_work *work); +extern int smb_negotiate_request(struct ksmbd_work *work); +extern int smb_handle_negotiate(struct ksmbd_work *work); +extern int smb_session_setup_andx(struct ksmbd_work *work); +extern int smb_tree_connect_andx(struct ksmbd_work *work); +extern int smb_trans2(struct ksmbd_work *work); +extern int smb_nt_create_andx(struct ksmbd_work *work); +extern int smb_trans(struct ksmbd_work *work); +extern int smb_locking_andx(struct ksmbd_work *work); +extern int smb_close(struct ksmbd_work *work); +extern int smb_read_andx(struct ksmbd_work *work); +extern int smb_tree_disconnect(struct ksmbd_work *work); +extern int smb_session_disconnect(struct ksmbd_work *work); +extern int smb_write_andx(struct ksmbd_work *work); +extern int smb_echo(struct ksmbd_work *work); +extern int smb_flush(struct ksmbd_work *work); +extern int smb_mkdir(struct ksmbd_work *work); +extern int smb_rmdir(struct ksmbd_work *work); +extern int smb_unlink(struct ksmbd_work *work); +extern int smb_nt_cancel(struct ksmbd_work *work); +extern int smb_nt_rename(struct ksmbd_work *work); +extern int smb_query_info(struct ksmbd_work *work); +extern int smb_closedir(struct ksmbd_work *work); +extern int smb_open_andx(struct ksmbd_work *work); +extern int smb_write(struct ksmbd_work *work); +extern int smb_setattr(struct ksmbd_work *work); +extern int smb_checkdir(struct ksmbd_work *work); +extern int smb_process_exit(struct ksmbd_work *work); +#endif /* __SMB1PDU_H */ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/fs/ksmbd/smberr.h 2024-04-22 14:46:57.132246909 +0200 @@ -0,0 +1,235 @@ +/* SPDX-License-Identifier: LGPL-2.1+ */ +/* + * Copyright (c) International Business Machines Corp., 2002,2004 + * Author(s): Steve French (sfrench@us.ibm.com) + * + * See Error Codes section of the SNIA CIFS Specification + * for more information + */ +#ifndef __KSMBD_SMBERR_H +#define __KSMBD_SMBERR_H + +#define SUCCESS 0x00 /* The request was successful. */ +#define ERRDOS 0x01 /* Error is from the core DOS operating system set */ +#define ERRSRV 0x02 /* Error is generated by the file server daemon */ +#define ERRHRD 0x03 /* Error is a hardware error. */ +#define ERRCMD 0xFF /* Command was not in the "SMB" format. */ + +/* The following error codes may be generated with the SUCCESS error class.*/ + +/*#define SUCCESS 0 The request was successful. */ + +/* The following error codes may be generated with the ERRDOS error class.*/ + +#define ERRbadfunc 1 /* + * Invalid function. The server did not + * recognize or could not perform a + * system call generated by the server, + * e.g., set the DIRECTORY attribute on + * a data file, invalid seek mode. + */ +#define ERRbadfile 2 /* + * File not found. The last component + * of a file's pathname could not be + * found. + */ +#define ERRbadpath 3 /* + * Directory invalid. A directory + * component in a pathname could not be + * found. + */ +#define ERRnofids 4 /* + * Too many open files. The server has + * no file handles available. + */ +#define ERRnoaccess 5 /* + * Access denied, the client's context + * does not permit the requested + * function. This includes the + * following conditions: invalid rename + * command, write to Fid open for read + * only, read on Fid open for write + * only, attempt to delete a non-empty + * directory + */ +#define ERRbadfid 6 /* + * Invalid file handle. The file handle + * specified was not recognized by the + * server. + */ +#define ERRbadmcb 7 /* Memory control blocks destroyed. */ +#define ERRnomem 8 /* + * Insufficient server memory to + * perform the requested function. + */ +#define ERRbadmem 9 /* Invalid memory block address. */ +#define ERRbadenv 10 /* Invalid environment. */ +#define ERRbadformat 11 /* Invalid format. */ +#define ERRbadaccess 12 /* Invalid open mode. */ +#define ERRbaddata 13 /* + * Invalid data (generated only by + * IOCTL calls within the server). + */ +#define ERRbaddrive 15 /* Invalid drive specified. */ +#define ERRremcd 16 /* + * A Delete Directory request attempted + * to remove the server's current + * directory. + */ +#define ERRdiffdevice 17 /* + * Not same device (e.g., a cross + * volume rename was attempted + */ +#define ERRnofiles 18 /* + * A File Search command can find no + * more files matching the specified + * criteria. + */ +#define ERRwriteprot 19 /* media is write protected */ +#define ERRgeneral 31 +#define ERRbadshare 32 /* + * The sharing mode specified for an + * Open conflicts with existing FIDs on + * the file. + */ +#define ERRlock 33 /* + * A Lock request conflicted with an + * existing lock or specified an + * invalid mode, or an Unlock requested + * attempted to remove a lock held by + * another process. + */ +#define ERRunsup 50 +#define ERRnosuchshare 67 +#define ERRfilexists 80 /* + * The file named in the request + * already exists. + */ +#define ERRinvparm 87 +#define ERRdiskfull 112 +#define ERRinvname 123 +#define ERRinvlevel 124 +#define ERRdirnotempty 145 +#define ERRnotlocked 158 +#define ERRcancelviolation 173 +#define ERRnoatomiclocks 174 +#define ERRalreadyexists 183 +#define ERRbadpipe 230 +#define ERRpipebusy 231 +#define ERRpipeclosing 232 +#define ERRnotconnected 233 +#define ERRmoredata 234 +#define ERReasnotsupported 282 +#define ErrQuota 0x200 /* + * The operation would cause a quota + * limit to be exceeded. + */ +#define ErrNotALink 0x201 /* + * A link operation was performed on a + * pathname that was not a link. + */ + +/* + * Below errors are used internally (do not come over the wire) for passthrough + * from STATUS codes to POSIX only + */ +#define ERRsymlink 0xFFFD +#define ErrTooManyLinks 0xFFFE + +/* Following error codes may be generated with the ERRSRV error class.*/ + +#define ERRerror 1 /* + * Non-specific error code. It is + * returned under the following + * conditions: resource other than disk + * space exhausted (e.g. TIDs), first + * SMB command was not negotiate, + * multiple negotiates attempted, and + * internal server error. + */ +#define ERRbadpw 2 /* + * Bad password - name/password pair in + * a TreeConnect or Session Setup are + * invalid. + */ +#define ERRbadtype 3 /* + * used for indicating DFS referral + * needed + */ +#define ERRaccess 4 /* + * The client does not have the + * necessary access rights within the + * specified context for requested + * function. + */ +#define ERRinvtid 5 /* + * The Tid specified in a command was + * invalid. + */ +#define ERRinvnetname 6 /* + * Invalid network name in tree + * connect. + */ +#define ERRinvdevice 7 /* + * Invalid device - printer request + * made to non-printer connection or + * non-printer request made to printer + * connection. + */ +#define ERRqfull 49 /* + * Print queue full (files) -- returned + * by open print file. + */ +#define ERRqtoobig 50 /* Print queue full -- no space. */ +#define ERRqeof 51 /* EOF on print queue dump */ +#define ERRinvpfid 52 /* Invalid print file FID. */ +#define ERRsmbcmd 64 /* + * The server did not recognize the + * command received. + */ +#define ERRsrverror 65 /* + * The server encountered an internal + * error, e.g., system file + * unavailable. + */ +#define ERRbadBID 66 /* (obsolete) */ +#define ERRfilespecs 67 /* + * The Fid and pathname parameters + * contained an invalid combination of + * values. + */ +#define ERRbadLink 68 /* (obsolete) */ +#define ERRbadpermits 69 /* + * The access permissions specified for + * a file or directory are not a valid + * combination. + */ +#define ERRbadPID 70 +#define ERRsetattrmode 71 /* attribute (mode) is invalid */ +#define ERRpaused 81 /* Server is paused */ +#define ERRmsgoff 82 /* reserved - messaging off */ +#define ERRnoroom 83 /* reserved - no room for message */ +#define ERRrmuns 87 /* reserved - too many remote names */ +#define ERRtimeout 88 /* operation timed out */ +#define ERRnoresource 89 /* No resources available for request */ +#define ERRtoomanyuids 90 /* + * Too many UIDs active on this session + */ +#define ERRbaduid 91 /* + * The UID is not known as a valid user + */ +#define ERRusempx 250 /* temporarily unable to use raw */ +#define ERRusestd 251 /* + * temporarily unable to use either raw + * or mpx + */ +#define ERR_NOTIFY_ENUM_DIR 1024 +#define ERRnoSuchUser 2238 /* user account does not exist */ +#define ERRaccountexpired 2239 +#define ERRbadclient 2240 /* can not logon from this client */ +#define ERRbadLogonTime 2241 /* logon hours do not allow this */ +#define ERRpasswordExpired 2242 +#define ERRnetlogonNotStarted 2455 +#define ERRnosupport 0xFFFF + +#endif /* __KSMBD_SMBERR_H */ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/include/linux/fbxatm_dev.h 2023-02-27 17:17:36.496529019 +0100 @@ -0,0 +1,436 @@ +#ifndef LINUX_FBXATM_DEV_H_ +#define LINUX_FBXATM_DEV_H_ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/* + * atm cell helper + */ +#define ATM_CELL_HDR_SIZE 5 + +#define ATM_GET_GFC(h) (((h)[0] & 0xf0) >> 4) +#define ATM_SET_GFC(h,v) do { \ + (h)[0] &= ~0xf0; \ + (h)[0] |= (v) << 4; \ + } while (0) + +#define ATM_GET_VPI(h) ((((h)[0] & 0x0f) << 4) | \ + (((h)[1] & 0xf0) >> 4)) +#define ATM_SET_VPI(h,v) do { \ + (h)[0] &= ~0xf; \ + (h)[1] &= ~0xf0; \ + (h)[0] |= (v) >> 4; \ + (h)[1] |= ((v) & 0xf) << 4; \ + } while (0) + +#define ATM_GET_VCI(h) ((((h)[1] & 0x0f) << 12) | \ + ((h)[2] << 4) | \ + ((((h)[3] & 0xf0) >> 4))) +#define ATM_SET_VCI(h,v) do { \ + (h)[1] &= ~0xf; \ + (h)[3] &= ~0xf0; \ + (h)[1] |= (v) >> 12; \ + (h)[2] = ((v) & 0xff0) >> 4; \ + (h)[3] |= ((v) & 0xf) << 4; \ + } while (0) + + +#define ATM_GET_PT(h) (((h)[3] & 0x0e) >> 1) +#define ATM_SET_PT(h,v) do { \ + (h)[3] &= ~0xe; \ + (h)[3] |= (v) << 1; \ + } while (0) + +#define ATM_GET_CLP(h) (((h)[3] & 0x01)) +#define ATM_SET_CLP(h,v) do { \ + (h)[3] &= ~1; \ + (h)[3] |= (v); \ + } while (0) + +#define ATM_GET_HEC(h) ((h)[4]) +#define ATM_SET_HEC(h,v) do { \ + (h)[4] = (v); \ + } while (0) + + +/* + * OAM definition + */ +#define OAM_VCI_SEG_F4 3 +#define OAM_VCI_END2END_F4 4 + +#define OAM_PTI_SEG_F5 0x4 +#define OAM_PTI_END2END_F5 0x5 + +#define OAM_TYPE_SHIFT 4 +#define OAM_TYPE_MASK (0xf << OAM_TYPE_SHIFT) +#define OAM_TYPE_FAULT_MANAGEMENT 0x1 +#define OAM_TYPE_PERF_MANAGEMENT 0x2 +#define OAM_TYPE_ACTIVATION 0x8 + +#define FUNC_TYPE_SHIFT 0 +#define FUNC_TYPE_MASK (0xf << FUNC_TYPE_SHIFT) +#define FUNC_TYPE_AIS 0x0 +#define FUNC_TYPE_FERF 0x1 +#define FUNC_TYPE_CONT_CHECK 0x4 +#define FUNC_TYPE_OAM_LOOPBACK 0x8 + +struct fbxatm_oam_cell_payload { + u8 cell_hdr[5]; + u8 cell_type; + u8 loopback_indication; + u8 correlation_tag[4]; + u8 loopback_id[16]; + u8 source_id[16]; + u8 reserved[8]; + u8 crc10[2]; +}; + +struct fbxatm_oam_cell { + struct fbxatm_oam_cell_payload payload; + struct list_head next; +}; + +struct fbxatm_oam_ping { + struct fbxatm_oam_ping_req req; + u32 correlation_id; + int replied; + wait_queue_head_t wq; + struct list_head next; +}; + +/* + * vcc/device stats + */ +struct fbxatm_vcc_stats { + u64 rx_bytes; + u64 tx_bytes; + u32 rx_aal5; + u32 tx_aal5; +}; + +struct fbxatm_dev_stats { + u64 rx_bytes; + u64 tx_bytes; + u32 rx_aal5; + u32 tx_aal5; + u32 rx_f4_oam; + u32 tx_f4_oam; + u32 rx_f5_oam; + u32 tx_f5_oam; + u32 rx_bad_oam; + u32 rx_bad_llid_oam; + u32 rx_other_oam; + u32 rx_dropped; + u32 tx_drop_nolink; +}; + +/* + * vcc user ops + */ +struct fbxatm_vcc_uops { + void (*link_change)(void *cb_data, int link, + unsigned int rx_cell_rate, + unsigned int tx_cell_rate); + void (*rx_pkt)(struct sk_buff *skb, void *cb_data); + void (*tx_done)(void *cb_data); +}; + +/* + * vcc status flags + */ +enum { + FBXATM_VCC_F_FULL = (1 << 0), + + FBXATM_VCC_F_LINK_UP = (1 << 1), +}; + + +/* + * vcc definition + */ +struct fbxatm_dev; + +struct fbxatm_vcc { + unsigned int vpi; + unsigned int vci; + + struct fbxatm_vcc_qos qos; + + struct fbxatm_vcc_stats stats; + + enum fbxatm_vcc_user user; + void *user_priv; + + struct fbxatm_dev *adev; + void *dev_priv; + + spinlock_t user_ops_lock; + const struct fbxatm_vcc_uops *user_ops; + void *user_cb_data; + + unsigned int to_drop_pkt; + + spinlock_t tx_lock; + unsigned long vcc_flags; + + struct list_head next; +}; + +/* + * fbxatm device operation + */ +struct fbxatm_dev_ops { + int (*open)(struct fbxatm_vcc *vcc); + + void (*close)(struct fbxatm_vcc *vcc); + + int (*ioctl)(struct fbxatm_dev *adev, + unsigned int cmd, void __user *arg); + + int (*send)(struct fbxatm_vcc *vcc, struct sk_buff *skb); + + int (*send_oam)(struct fbxatm_dev *adev, + struct fbxatm_oam_cell *cell); + + int (*init_procfs)(struct fbxatm_dev *adev); + void (*release_procfs)(struct fbxatm_dev *adev); + + struct module *owner; +}; + +/* + * device flags + */ +enum { + FBXATM_DEV_F_LINK_UP = (1 << 0), +}; + +/* + * fbxatm device definition + */ +struct fbxatm_dev { + int ifindex; + unsigned long dev_flags; + spinlock_t dev_link_lock; + + unsigned int max_vcc; + unsigned int vci_mask; + unsigned int vpi_mask; + unsigned int max_priority; + unsigned int max_rx_priority; + unsigned int tx_headroom; + + char *name; + + /* unit: b/s */ + unsigned int link_rate_ds; + unsigned int link_rate_us; + + unsigned int link_cell_rate_ds; + unsigned int link_cell_rate_us; + + const struct fbxatm_dev_ops *ops; + + spinlock_t stats_lock; + struct fbxatm_dev_stats stats; + + spinlock_t vcc_list_lock; + struct list_head vcc_list; + + struct device dev; + + spinlock_t oam_list_lock; + struct list_head rx_oam_cells; + unsigned int rx_oam_cells_count; + struct work_struct oam_work; + + struct list_head oam_pending_ping; + u32 oam_correlation_id; + + struct proc_dir_entry *dev_proc_entry; + void *priv; + struct list_head next; +}; + +/* + * API for device drivers + */ +struct fbxatm_dev *fbxatm_alloc_device(int sizeof_priv); + +int fbxatm_register_device(struct fbxatm_dev *adev, + const char *base_name, + const struct fbxatm_dev_ops *ops); + +void fbxatm_free_device(struct fbxatm_dev *adev); + +void fbxatm_dev_set_link_up(struct fbxatm_dev *adev); + +void fbxatm_dev_set_link_down(struct fbxatm_dev *adev); + +int fbxatm_unregister_device(struct fbxatm_dev *adev); + +void fbxatm_netifrx_oam(struct fbxatm_dev *adev, + struct fbxatm_oam_cell *cell); + + +static inline int fbxatm_vcc_link_is_up(struct fbxatm_vcc *vcc) +{ + return test_bit(FBXATM_VCC_F_LINK_UP, &vcc->vcc_flags); +} + +#define FBXATMDEV_ALIGN 4 + +static inline void *fbxatm_dev_priv(struct fbxatm_dev *adev) +{ + return (u8 *)adev + ((sizeof(struct fbxatm_dev) + + (FBXATMDEV_ALIGN - 1)) + & ~(FBXATMDEV_ALIGN - 1)); +} + +/* + * API for FBXATM stack user + */ +struct fbxatm_ioctl { + int (*handler)(struct socket *sock, + unsigned int cmd, void __user *useraddr); + + void (*release)(struct socket *sock); + + struct module *owner; + struct list_head next; +}; + +void fbxatm_set_uops(struct fbxatm_vcc *vcc, + const struct fbxatm_vcc_uops *user_ops, + void *user_cb_data); + +struct fbxatm_vcc * +fbxatm_bind_to_vcc(const struct fbxatm_vcc_id *id, + enum fbxatm_vcc_user user); + +void fbxatm_unbind_vcc(struct fbxatm_vcc *vcc); + + +static inline int fbxatm_vcc_queue_full(struct fbxatm_vcc *vcc) +{ + return test_bit(FBXATM_VCC_F_FULL, &vcc->vcc_flags); +} + +#ifdef CONFIG_FBXATM_STACK +/* + * stack user callback to send data on given vcc + */ +static inline int fbxatm_send(struct fbxatm_vcc *vcc, struct sk_buff *skb) +{ + int ret; + unsigned int len; + + len = skb->len; + + spin_lock_bh(&vcc->tx_lock); + if (!test_bit(FBXATM_VCC_F_LINK_UP, &vcc->vcc_flags)) { + spin_unlock_bh(&vcc->tx_lock); + dev_kfree_skb(skb); + spin_lock(&vcc->adev->stats_lock); + vcc->adev->stats.tx_drop_nolink++; + spin_unlock(&vcc->adev->stats_lock); + return 0; + } + + ret = vcc->adev->ops->send(vcc, skb); + if (!ret) { + vcc->stats.tx_bytes += len; + vcc->stats.tx_aal5++; + } + spin_unlock_bh(&vcc->tx_lock); + + if (!ret) { + spin_lock_bh(&vcc->adev->stats_lock); + vcc->adev->stats.tx_bytes += len; + vcc->adev->stats.tx_aal5++; + spin_unlock_bh(&vcc->adev->stats_lock); + } + return ret; +} + +/* + * device callback when packet comes in + */ +static inline void fbxatm_netifrx(struct fbxatm_vcc *vcc, struct sk_buff *skb) +{ + unsigned int len; + + len = skb->len; + + spin_lock_bh(&vcc->user_ops_lock); + if (!vcc->user_ops) { + spin_unlock_bh(&vcc->user_ops_lock); + dev_kfree_skb(skb); + return; + } + + if (vcc->to_drop_pkt) { + vcc->to_drop_pkt--; + spin_unlock_bh(&vcc->user_ops_lock); + dev_kfree_skb(skb); + return; + } + + vcc->stats.rx_bytes += len; + vcc->stats.rx_aal5++; + + vcc->user_ops->rx_pkt(skb, vcc->user_cb_data); + spin_unlock_bh(&vcc->user_ops_lock); + + spin_lock_bh(&vcc->adev->stats_lock); + vcc->adev->stats.rx_bytes += len; + vcc->adev->stats.rx_aal5++; + spin_unlock_bh(&vcc->adev->stats_lock); +} + +/* + * device callback when tx is done on vcc + */ +static inline void fbxatm_tx_done(struct fbxatm_vcc *vcc) +{ + spin_lock_bh(&vcc->user_ops_lock); + if (vcc->user_ops) + vcc->user_ops->tx_done(vcc->user_cb_data); + spin_unlock_bh(&vcc->user_ops_lock); +} +#else +int fbxatm_send(struct fbxatm_vcc *vcc, struct sk_buff *skb); +void fbxatm_netifrx(struct fbxatm_vcc *vcc, struct sk_buff *skb); +void fbxatm_tx_done(struct fbxatm_vcc *vcc); +#endif + +static inline unsigned int fbxatm_rx_reserve(void) +{ +#ifdef CONFIG_FBXATM_STACK + /* normal stack, no headroom needed */ + return 0; +#else + /* remote stub, we need to send rx skb to another location, + * adding the fbxatm_remote header, an ethernet header (with + * possible vlan) */ + return ALIGN(sizeof (struct fbxatm_remote_hdr) + VLAN_ETH_HLEN, 4); +#endif +} + +void fbxatm_register_ioctl(struct fbxatm_ioctl *ioctl); + +void fbxatm_unregister_ioctl(struct fbxatm_ioctl *ioctl); + +#endif /* !LINUX_FBXATM_DEV_H_ */ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/include/linux/fbxatm_remote.h 2023-02-27 17:10:06.964489879 +0100 @@ -0,0 +1,216 @@ +#ifndef FBXATM_REMOTE_H_ +#define FBXATM_REMOTE_H_ + +#include +#include +#include + +/* + * fbxatm remote protocol messages + */ +#define ETH_P_FBXATM_REMOTE 0x8844 +#define FBXATM_REMOTE_MAGIC 0xd76f8d2f + +enum fbxatm_remote_flags { + FBXATM_RFLAGS_ACK = (1 << 0), +}; + +enum fbxatm_remote_mtype { + /* driver => stub */ + FBXATM_RMT_CONNECT = 0, + + /* stub => driver */ + FBXATM_RMT_DEV_LINK, + FBXATM_RMT_DEV_RX_OAM, + + /* driver => stub */ + FBXATM_RMT_KEEPALIVE, + FBXATM_RMT_DEV_SEND_OAM, + FBXATM_RMT_VCC_ACTION, + + /* driver => stub */ + FBXATM_RMT_VCC_SEND, + + /* stub => driver */ + FBXATM_RMT_VCC_QEMPTY, + FBXATM_RMT_VCC_RX, +}; + +struct fbxatm_remote_hdr { + u32 magic; + u8 flags; + u8 seq; + u16 len; + u16 sport; + u16 dport; + + u32 session_id; + u32 mtype; +}; + +/* + * sent to destination port 0 + */ +struct fbxatm_remote_connect { + u8 name[32]; + + u16 dev_link_port; + u16 dev_rx_oam_port; +}; + +struct fbxatm_remote_connect_ack { + u16 vcc_action_port; + u16 dev_send_oam_port; + u16 keepalive_port; + u16 pad; + + u32 max_vcc; + u32 vci_mask; + u32 vpi_mask; + u32 max_priority; + u32 max_rx_priority; + + u32 link; + u32 link_rate_ds; + u32 link_rate_us; + u32 link_cell_rate_ds; + u32 link_cell_rate_us; +}; + +/* + * sent on dev_link port + */ +struct fbxatm_remote_dev_link { + u32 link; + u32 link_rate_ds; + u32 link_rate_us; + u32 link_cell_rate_ds; + u32 link_cell_rate_us; +}; + +/* + * sent on vcc_action port + */ +struct fbxatm_remote_vcc_action { + /* 1: open - 0: close */ + u32 action; + + /* + * open args + */ + u16 vcc_rx_port; + u16 vcc_qempty_port; + + /* from vcc id struct */ + u32 vpi; + u32 vci; + + /* from qos struct */ + u32 traffic_class; + u32 max_sdu; + u32 max_buffered_pkt; + u32 priority; + u32 rx_priority; + + /* + * close args + */ + u32 vcc_remote_id; +}; + +struct fbxatm_remote_vcc_action_ack { + u32 ret; + + /* open args ack */ + u32 vcc_remote_id; + u16 vcc_send_port; + u16 pad; +}; + +/* + * sent on vcc_send port + */ +struct fbxatm_remote_vcc_send_ack { + u32 full; +}; + +/* + * pseudo socket layer + */ +struct fbxatm_remote_sock; +struct fbxatm_remote_ctx; + +struct fbxatm_remote_sockaddr { + u16 lport; + u16 dport; + u32 mtype; + int infinite_retry; + int (*deliver)(void *priv, struct sk_buff *skb, + struct sk_buff **ack); + void (*response)(void *priv, struct sk_buff *skb); + void *priv; +}; + +struct sk_buff *fbxatm_remote_alloc_skb(struct fbxatm_remote_ctx *ctx, + unsigned int size); + +unsigned int fbxatm_remote_headroom(struct fbxatm_remote_ctx *ctx); + +void fbxatm_remote_sock_getaddr(struct fbxatm_remote_sock *sock, + struct fbxatm_remote_sockaddr *addr); + +void fbxatm_remote_sock_purge(struct fbxatm_remote_sock *sock); + +int fbxatm_remote_sock_pending(struct fbxatm_remote_sock *sock); + +struct fbxatm_remote_ctx *fbxatm_remote_alloc_ctx(struct net_device *netdev, + u8 *remote_mac, + u32 session_id, + void (*timeout)(void *priv), + void *priv); + +struct fbxatm_remote_sock * +fbxatm_remote_sock_bind(struct fbxatm_remote_ctx *ctx, + struct fbxatm_remote_sockaddr *addr, + int send_ack); + +struct fbxatm_remote_sock * +fbxatm_remote_sock_connect(struct fbxatm_remote_ctx *ctx, + struct fbxatm_remote_sockaddr *addr, + int need_ack); + +int fbxatm_remote_sock_send(struct fbxatm_remote_sock *sock, + struct sk_buff *skb); + +int fbxatm_remote_sock_send_ack(struct fbxatm_remote_sock *sock, + struct sk_buff *skb); + +int fbxatm_remote_sock_send_raw_ack(struct fbxatm_remote_ctx *ctx, + struct net_device *dev, + u8 *remote_mac, + struct fbxatm_remote_hdr *hdr, + struct sk_buff *ack); + +void fbxatm_remote_sock_close(struct fbxatm_remote_sock *sock); + +void fbxatm_remote_set_unknown_cb(void (*cb)(struct net_device *, + struct sk_buff *)); + +void fbxatm_remote_free_ctx(struct fbxatm_remote_ctx *ctx); + +void fbxatm_remote_ctx_set_dead(struct fbxatm_remote_ctx *ctx); + +int fbxatm_remote_init(void); + +void fbxatm_remote_exit(void); + +/* + * platform data for fbxatm_remote driver + */ +struct fbxatm_remote_pdata { + u8 remote_mac[ETH_ALEN]; + char netdev_name[IFNAMSIZ]; + char remote_name[32]; +}; + +#endif /* !FBXATM_REMOTE_H_ */ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/include/linux/fbxgpio_core.h 2024-04-22 14:46:57.448255543 +0200 @@ -0,0 +1,45 @@ +/* + * fbxgpio.h for linux-freebox + * Created by on Wed Feb 21 22:09:46 2007 + * Freebox SA + */ + +#ifndef FBXGPIO_H +# define FBXGPIO_H + +# include + +/* can change pin direction */ +#define FBXGPIO_PIN_DIR_RW (1 << 0) +#define FBXGPIO_PIN_REVERSE_POL (1 << 1) + +struct fbxgpio_operations { + int (*get_datain)(int gpio); + void (*set_dataout)(int gpio, int val); + int (*get_dataout)(int gpio); + int (*set_direction)(int gpio, int dir); + int (*get_direction)(int gpio); +}; + + +struct fbxgpio_pin { + const struct fbxgpio_operations *ops; + const char *pin_name; + uint32_t flags; + int direction; + int pin_num; + bool claimed; + unsigned int cur_dataout; + struct device *dev; + struct device_node *of_node; +}; + + +#define GPIO_DIR_IN 0x1 +#define GPIO_DIR_OUT 0x0 + +struct fbxgpio_pin *fbxgpio_of_get(struct device_node *np, + const char *propname, + int index); + +#endif /* !FBXGPIO_H */ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/include/linux/fbxprocfs.h 2023-02-27 19:50:21.524231407 +0100 @@ -0,0 +1,40 @@ +#ifndef FBXPROCFS_H_ +#define FBXPROCFS_H_ + +#include +#include +#include + +struct fbxprocfs_client +{ + const char *dirname; + struct module *owner; + struct proc_dir_entry *dir; + atomic_t refcount; + struct list_head list; +}; + +struct fbxprocfs_desc { + char *name; + unsigned long id; + int (*rfunc)(struct seq_file *, void *); + int (*wfunc)(struct file *, const char *, unsigned long, void *); +}; + +struct fbxprocfs_client *fbxprocfs_add_client(const char *dirname, + struct module *owner); + +int fbxprocfs_remove_client(struct fbxprocfs_client *client); + + +int +fbxprocfs_create_entries(struct fbxprocfs_client *client, + const struct fbxprocfs_desc *ro_desc, + const struct fbxprocfs_desc *rw_desc); + +int +fbxprocfs_remove_entries(struct fbxprocfs_client *client, + const struct fbxprocfs_desc *ro_desc, + const struct fbxprocfs_desc *rw_desc); + +#endif /* FBXPROCFS_H_ */ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/include/linux/fbxserial.h 2023-02-27 19:50:19.628180800 +0100 @@ -0,0 +1,129 @@ +#ifndef FBXSERIAL_H_ +#define FBXSERIAL_H_ + +#include +#include + +/* + * some part of serial may vary, we use abstract struct to store this, + * data content depends on type. + */ +#define EXTINFO_SIZE 128 +#define EXTINFO_MAX_COUNT 16 + +/* + * extdev desc + */ +#define EXTINFO_TYPE_EXTDEV 1 + +#define EXTDEV_TYPE_BUNDLE 1 +#define EXTDEV_TYPE_MAX 2 + +struct fbx_serial_extinfo { + u32 type; + + union { + /* extdev */ + struct { + u32 type; + u32 model; + char serial[64]; + } extdev; + + /* raw access */ + unsigned char data[EXTINFO_SIZE]; + } u; +} __attribute__ ((packed));; + + +/* + * master serial structure + */ + +#define FBXSERIAL_VERSION 1 + +#define FBXSERIAL_MAGIC 0x2d9521ab + +#define MAC_ADDR_SIZE 6 +#define RANDOM_DATA_SIZE 32 + +/* + * this is the maximum size we accept to check crc32 against, so + * structure may no grow larger than this + */ +#define FBXSERIAL_MAX_SIZE 8192 + +struct fbx_serial { + u32 crc32; + u32 magic; + u32 struct_version; + u32 len; + + /* board serial */ + u16 type; + u8 version; + u8 manufacturer; + u16 year; + u8 week; + u32 number; + u32 flags; + + /* mac address base */ + u8 mac_addr_base[MAC_ADDR_SIZE]; + + /* mac address count */ + u8 mac_count; + + /* random data */ + u8 random_data[RANDOM_DATA_SIZE]; + + /* last update of data (seconds since epoch) */ + u32 last_modified; + + /* count of following extinfo tag */ + u32 extinfo_count; + + /* beginning of extended info */ + struct fbx_serial_extinfo extinfos[EXTINFO_MAX_COUNT]; + +} __attribute__ ((packed)); + + +/* + * default value to use in case magic is wrong (no cksum in that case) + */ +static inline void fbxserial_set_default(struct fbx_serial *s) +{ + memset(s, 0, sizeof (*s)); + s->magic = FBXSERIAL_MAGIC; + s->struct_version = FBXSERIAL_VERSION; + s->len = sizeof (*s); + s->manufacturer = '_'; + memcpy(s->mac_addr_base, "\x00\x07\xCB\x00\x00\xFD", 6); + s->mac_count = 1; +} + +void +fbxserialinfo_get_random(unsigned char *data, unsigned int len); + +const void * +fbxserialinfo_get_mac_addr(unsigned int index); + +int +fbxserialinfo_read(const void *data, struct fbx_serial *out); + +struct fbx_serial *fbxserialinfo_get(void); + +/* + * implemented in board specific code + */ +#ifdef CONFIG_ARCH_HAS_FBXSERIAL +extern const struct fbx_serial *arch_get_fbxserial(void); +#else +static inline const struct fbx_serial *arch_get_fbxserial(void) +{ + return NULL; +} +#endif + +#endif /* FBXSERIAL_H_ */ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/include/linux/smsc_cap1066.h 2023-02-27 15:52:55.860461991 +0100 @@ -0,0 +1,12 @@ +#ifndef SMSC_CAP1066_H_ +#define SMSC_CAP1066_H_ + +#define CAP1066_MAX_BTNS 6 + +struct smsc_cap1066_pdata { + u32 key_map[CAP1066_MAX_BTNS]; + unsigned int irq_gpio; + bool has_irq_gpio; +}; + +#endif /* ! SMSC_CAP1066_H_ */ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/include/net/ip6_ffn.h 2024-04-22 14:46:57.680261882 +0200 @@ -0,0 +1,54 @@ +#ifndef IP6_FFN_H_ +#define IP6_FFN_H_ + +#include +#include +#include +#include +#include + +struct ffn6_data { + u32 new_sip[4]; + u32 new_dip[4]; + + u16 new_sport; + u16 new_dport; + __sum16 adjustment; + u8 new_tos; + u32 new_skb_prio; + u32 new_mark; + + u32 force_skb_prio : 1; + u32 alter : 1; + u32 tos_change : 1; + struct dst_entry *dst; + struct nf_conn *ct; + enum ip_conntrack_info ctinfo; + + void (*priv_destructor)(void *); + u32 ffn_priv_area[8]; +}; + +struct ffn6_lookup_entry { + u32 sip[4]; + u32 dip[4]; + u16 sport; + u16 dport; + u8 protocol; + u8 added_when; +#ifdef CONFIG_IPV6_FFN_PROCFS + uint64_t forwarded_bytes; + uint32_t forwarded_packets; +#endif + struct list_head next; + struct ffn6_data manip; + struct list_head all_next; +}; + +extern rwlock_t ffn6_lock; +struct ffn6_lookup_entry *__ffn6_get(const u32 *sip, + const u32 *dip, + u16 sport, u16 dport, + int is_tcp); + +#endif /* ! IP6_FFN_H_*/ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/include/net/ip_ffn.h 2024-04-22 14:46:57.680261882 +0200 @@ -0,0 +1,52 @@ +#ifndef IP_FFN_H_ +#define IP_FFN_H_ + +#include +#include +#include +#include +#include + +struct ffn_data { + u32 new_sip; + u32 new_dip; + u16 new_sport; + u16 new_dport; + u8 new_tos; + u8 force_skb_prio : 1; + u8 alter : 1; + u8 tos_change : 1; + __sum16 ip_adjustment; + __sum16 l4_adjustment; + unsigned int new_skb_prio; + u32 new_mark; + struct dst_entry *dst; + struct nf_conn *ct; + enum ip_conntrack_info ctinfo; + + void (*priv_destructor)(void *); + u32 ffn_priv_area[8]; +}; + +struct ffn_lookup_entry { + int added_when; + u32 sip; + u32 dip; + u16 sport; + u16 dport; + u8 protocol; +#ifdef CONFIG_IP_FFN_PROCFS + uint64_t forwarded_bytes; + uint32_t forwarded_packets; +#endif + struct list_head next; + struct ffn_data manip; + struct list_head all_next; +}; + +extern rwlock_t ffn_lock; +struct ffn_lookup_entry *__ffn_get(u32 sip, u32 dip, + u16 sport, u16 dport, + int is_tcp); + +#endif /* ! IP_FFN_H_*/ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/include/uapi/linux/bcm63xx_rdp_ioctl.h 2023-03-09 15:06:12.428262660 +0100 @@ -0,0 +1,71 @@ +#ifndef LINUX_BCM63XX_RDP_IOCTL_H_ +#define LINUX_BCM63XX_RDP_IOCTL_H_ + +#include + +enum { + RDP_IOC_OP_GET_INFO, + + RDP_IOC_OP_READ8, + RDP_IOC_OP_READ16, + RDP_IOC_OP_READ32, + RDP_IOC_OP_WRITE8, + RDP_IOC_OP_WRITE16, + RDP_IOC_OP_WRITE32, + + RDP_IOC_OP_READ_TM_32, + RDP_IOC_OP_WRITE_TM_32, + RDP_IOC_OP_READ_MC_32, + RDP_IOC_OP_WRITE_MC_32, + + RDP_IOC_OP_RESET, + + RDP_IOC_DMA_MAP, + RDP_IOC_DMA_GET_INFO, + RDP_IOC_DMA_FLUSH_ALL, + RDP_IOC_DMA_READ_BUFFER, + RDP_IOC_DMA_WRITE_BUFFER, + + RDP_IOC_OP_MAP_INTERRUPTS, +}; + +struct bcm_rdp_pioctl_dma_result { + __u32 id; + __u32 size; + __u64 virt_addr; + __u64 dma_addr; +}; + +struct bcm_rdp_pioctl_get_info_result { + __u64 tm_dma_addr; + __u64 mc_dma_addr; + __u32 tm_size; + __u32 mc_size; +}; + +struct bcm_rdp_pioctl { + union { + /* for get_info op */ + struct { + void __user *buf_addr; + } get_info; + + /* for read/write op */ + struct { + __u32 reg_area; + __u32 offset; + __u32 size; + void __user *buf_addr; + } io; + + /* for dma op */ + struct { + __u32 id; + __u32 size; + void __user *buf_addr; + } dma; + } u; +}; + +#endif /* LINUX_BCM63XX_RDP_IOCTL_H_ */ + --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/include/uapi/linux/exfat_user.h 2023-02-24 19:09:23.405368085 +0100 @@ -0,0 +1,47 @@ +/* + * exfat_user.h for exfat + * Created by on Fri Aug 23 15:31:08 2013 + */ + +#ifndef __EXFAT_USER_H +# define __EXFAT_USER_H + +struct exfat_fragment { + uint32_t fcluster_start; + uint32_t dcluster_start; + uint32_t nr_clusters; + uint64_t sector_start; +}; + +struct exfat_fragment_head { + uint32_t fcluster_start; + uint32_t nr_fragments; + uint32_t sector_size; + uint32_t cluster_size; + struct exfat_fragment fragments[0]; +}; + +struct exfat_bitmap_data { + uint32_t start_cluster; + uint32_t nr_clusters; + uint64_t sector_start; + uint64_t nr_sectors; +}; + +struct exfat_bitmap_head { + uint32_t start_cluster; + uint32_t nr_entries; + struct exfat_bitmap_data entries[0]; +}; + +struct exfat_dirent_head { + uint32_t offset; + uint32_t nr_entries; + uint8_t entries[0]; +}; + +#define EXFAT_IOCGETFRAGMENTS _IOR('X', 0x01, struct exfat_fragment_head) +#define EXFAT_IOCGETBITMAP _IOR('X', 0x02, struct exfat_bitmap_head) +#define EXFAT_IOCGETDIRENTS _IOR('X', 0x03, struct exfat_dirent_head) + +#endif /* !__EXFAT_USER_H */ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/include/uapi/linux/fbxatm.h 2023-02-27 17:10:06.964489879 +0100 @@ -0,0 +1,159 @@ +/* + * Generic fbxatm definition, exported to userspace + */ +#ifndef LINUX_FBXATM_H_ +#define LINUX_FBXATM_H_ + +#include +#include + +#define FBXATM_IOCTL_MAGIC 0xd3 + +/* allow userspace usage without up to date kernel headers */ +#ifndef PF_FBXATM +#define PF_FBXATM 32 +#define AF_FBXATM PF_FBXATM +#endif + +struct fbxatm_vcc_id { + int dev_idx; + __u32 vpi; + __u32 vci; +}; + +enum fbxatm_vcc_user { + FBXATM_VCC_USER_NONE = 0, + FBXATM_VCC_USER_2684, + FBXATM_VCC_USER_PPPOA, +}; + +enum fbxatm_vcc_traffic_class { + FBXATM_VCC_TC_UBR_NO_PCR = 0, + FBXATM_VCC_TC_UBR, +}; + +struct fbxatm_vcc_qos { + __u32 traffic_class; + __u32 max_sdu; + __u32 max_buffered_pkt; + __u32 priority; + __u32 rx_priority; +}; + + +/* + * VCC related + */ +struct fbxatm_vcc_params { + /* ADD/DEL/GET */ + struct fbxatm_vcc_id id; + + /* ADD/GET */ + struct fbxatm_vcc_qos qos; + + /* GET */ + enum fbxatm_vcc_user user; +}; + +#define FBXATM_IOCADD _IOW(FBXATM_IOCTL_MAGIC, 1, \ + struct fbxatm_vcc_params) + +#define FBXATM_IOCDEL _IOR(FBXATM_IOCTL_MAGIC, 2, \ + struct fbxatm_vcc_params) + +#define FBXATM_IOCGET _IOWR(FBXATM_IOCTL_MAGIC, 3, \ + struct fbxatm_vcc_params) + + +struct fbxatm_vcc_drop_params { + struct fbxatm_vcc_id id; + unsigned int drop_count; +}; + +#define FBXATM_IOCDROP _IOWR(FBXATM_IOCTL_MAGIC, 5, \ + struct fbxatm_vcc_drop_params) + +/* + * OAM related + */ +enum fbxatm_oam_ping_type { + FBXATM_OAM_PING_SEG_F4 = 0, + FBXATM_OAM_PING_SEG_F5, + FBXATM_OAM_PING_E2E_F4, + FBXATM_OAM_PING_E2E_F5, +}; + +struct fbxatm_oam_ping_req { + /* only dev_idx for F4 */ + struct fbxatm_vcc_id id; + + __u8 llid[16]; + enum fbxatm_oam_ping_type type; +}; + +#define FBXATM_IOCOAMPING _IOWR(FBXATM_IOCTL_MAGIC, 10, \ + struct fbxatm_oam_ping_req) + + +/* + * PPPOA related + */ +enum fbxatm_pppoa_encap { + FBXATM_EPPPOA_AUTODETECT = 0, + FBXATM_EPPPOA_VCMUX, + FBXATM_EPPPOA_LLC, +}; + +struct fbxatm_pppoa_vcc_params { + struct fbxatm_vcc_id id; + __u32 encap; + __u32 cur_encap; +}; + +#define FBXATM_PPPOA_IOCADD _IOW(FBXATM_IOCTL_MAGIC, 20, \ + struct fbxatm_pppoa_vcc_params) + +#define FBXATM_PPPOA_IOCDEL _IOW(FBXATM_IOCTL_MAGIC, 21, \ + struct fbxatm_pppoa_vcc_params) + +#define FBXATM_PPPOA_IOCGET _IOWR(FBXATM_IOCTL_MAGIC, 22, \ + struct fbxatm_pppoa_vcc_params) + + + +/* + * 2684 related + */ +enum fbxatm_2684_encap { + FBXATM_E2684_VCMUX = 0, + FBXATM_E2684_LLC, +}; + +enum fbxatm_2684_payload { + FBXATM_P2684_BRIDGE = 0, + FBXATM_P2684_ROUTED, +}; + +#define FBXATM_2684_MAX_VCC 8 + +struct fbxatm_2684_vcc_params { + struct fbxatm_vcc_id id_list[FBXATM_2684_MAX_VCC]; + size_t id_count; + + __u32 encap; + __u32 payload; + char dev_name[IFNAMSIZ]; + __u8 perm_addr[6]; +}; + + +#define FBXATM_2684_IOCADD _IOW(FBXATM_IOCTL_MAGIC, 30, \ + struct fbxatm_2684_vcc_params) + +#define FBXATM_2684_IOCDEL _IOW(FBXATM_IOCTL_MAGIC, 31, \ + struct fbxatm_2684_vcc_params) + +#define FBXATM_2684_IOCGET _IOWR(FBXATM_IOCTL_MAGIC, 32, \ + struct fbxatm_2684_vcc_params) + +#endif /* LINUX_FBXATM_H_ */ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/include/uapi/linux/fbxbridge.h 2023-02-27 19:50:22.648261408 +0100 @@ -0,0 +1,72 @@ +#ifndef _UAPI_FBXBRIDGE_H +# define _UAPI_FBXBRIDGE_H + +#include +#include + +#define MAX_ALIASES 3 + +#define FBXBRIDGE_FLAGS_FILTER (1 << 0) +#define FBXBRIDGE_FLAGS_DHCPD (1 << 1) +#define FBXBRIDGE_FLAGS_NETFILTER (1 << 2) + +/* + * ioctl command + */ + +enum fbxbridge_ioctl_cmd +{ + E_CMD_BR_CHG = 0, + E_CMD_BR_DEV_CHG, + E_CMD_BR_PARAMS, +}; + +struct fbxbridge_ioctl_chg +{ + char brname[IFNAMSIZ]; + __u32 action; +}; + +struct fbxbridge_ioctl_dev_chg +{ + char brname[IFNAMSIZ]; + char devname[IFNAMSIZ]; + __u32 wan; + __u32 action; +}; + +struct fbxbridge_port_info +{ + char name[IFNAMSIZ]; + __u32 present; +}; + +struct fbxbridge_ioctl_params +{ + int action; + char brname[IFNAMSIZ]; + + /* config */ + __u32 flags; + __be32 dns1_addr; + __be32 dns2_addr; + __be32 ip_aliases[MAX_ALIASES]; + __u32 dhcpd_renew_time; + __u32 dhcpd_rebind_time; + __u32 dhcpd_lease_time; + __u32 inputmark; + + /* status */ + struct fbxbridge_port_info wan_dev; + struct fbxbridge_port_info lan_dev; + __u8 lan_hwaddr[ETH_ALEN]; + __u32 have_hw_addr; +}; + +struct fbxbridge_ioctl_req +{ + enum fbxbridge_ioctl_cmd cmd; + unsigned long arg; +}; + +#endif /* _UAPI_FBXBRIDGE_H */ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/include/uapi/linux/fbxjtag.h 2023-03-09 15:06:12.428262660 +0100 @@ -0,0 +1,89 @@ +#ifndef FBXJTAG_H_ +# define FBXJTAG_H_ + +#ifdef __KERNEL__ +# include +#endif + +# define JTAG_RESET_STEPS 16 +# define JTAG_DATA_READ_SIZE 128 +# define JTAG_INST_READ_SIZE 128 +# define JTAG_DEF_CLOCK_DELAY 500 +# define JTAG_DEF_WAIT_TMS 0 + +enum jtag_main_state { + JTAG_STATE_TEST_MASK = 0x10, + JTAG_STATE_RUN_MASK = 0x20, + JTAG_STATE_DR_MASK = 0x40, + JTAG_STATE_IR_MASK = 0x80, +}; +#define JTAG_STATE_MASK 0xF0 + +enum jtag_sub_state { + JTAG_SUB_STATE_SELECT = 0x0, + JTAG_SUB_STATE_CAPTURE = 0x1, + JTAG_SUB_STATE_SHIFT = 0x2, + JTAG_SUB_STATE_EXIT1 = 0x3, + JTAG_SUB_STATE_PAUSE = 0x4, + JTAG_SUB_STATE_EXIT2 = 0x5, + JTAG_SUB_STATE_UPDATE = 0x6, +}; +#define JTAG_SUB_STATE_MASK 0xF + +enum jtag_state { + JTAG_STATE_UNDEF = 0, + JTAG_STATE_TEST_LOGIC_RESET = JTAG_STATE_TEST_MASK, + JTAG_STATE_RUN_TEST_IDLE = JTAG_STATE_RUN_MASK, + + JTAG_STATE_SELECT_DR = JTAG_STATE_DR_MASK | JTAG_SUB_STATE_SELECT, + JTAG_STATE_CAPTURE_DR = JTAG_STATE_DR_MASK | JTAG_SUB_STATE_CAPTURE, + JTAG_STATE_SHIFT_DR = JTAG_STATE_DR_MASK | JTAG_SUB_STATE_SHIFT, + JTAG_STATE_EXIT1_DR = JTAG_STATE_DR_MASK | JTAG_SUB_STATE_EXIT1, + JTAG_STATE_PAUSE_DR = JTAG_STATE_DR_MASK | JTAG_SUB_STATE_PAUSE, + JTAG_STATE_EXIT2_DR = JTAG_STATE_DR_MASK | JTAG_SUB_STATE_EXIT2, + JTAG_STATE_UPDATE_DR = JTAG_STATE_DR_MASK | JTAG_SUB_STATE_UPDATE, + + JTAG_STATE_SELECT_IR = JTAG_STATE_IR_MASK | JTAG_SUB_STATE_SELECT, + JTAG_STATE_CAPTURE_IR = JTAG_STATE_IR_MASK | JTAG_SUB_STATE_CAPTURE, + JTAG_STATE_SHIFT_IR = JTAG_STATE_IR_MASK | JTAG_SUB_STATE_SHIFT, + JTAG_STATE_EXIT1_IR = JTAG_STATE_IR_MASK | JTAG_SUB_STATE_EXIT1, + JTAG_STATE_PAUSE_IR = JTAG_STATE_IR_MASK | JTAG_SUB_STATE_PAUSE, + JTAG_STATE_EXIT2_IR = JTAG_STATE_IR_MASK | JTAG_SUB_STATE_EXIT2, + JTAG_STATE_UPDATE_IR = JTAG_STATE_IR_MASK | JTAG_SUB_STATE_UPDATE, + + JTAG_STATE_MAX +}; + +#define JTAG_STATE_IN_DR(state) ((state) & JTAG_STATE_DR_MASK) +#define JTAG_STATE_IN_IR(state) ((state) & JTAG_STATE_IR_MASK) + +#ifdef __KERNEL__ + +#define JTAG_BUF_SIZE 2048 + +struct fbxjtag_data { + const char *name; + struct { + struct fbxgpio_pin *tck; + struct fbxgpio_pin *tms; + struct fbxgpio_pin *tdi; + struct fbxgpio_pin *tdo; + } gpios; + u32 clock_delay; + u32 wait_tms; + u32 data_read_size; + u32 instruction_read_size; + bool last_tms_dataout; + struct device *dev; + enum jtag_state state; + char nb_reset; + char dr_buf[JTAG_BUF_SIZE]; + unsigned dr_w; + unsigned dr_r; + char ir_buf[JTAG_BUF_SIZE]; + unsigned ir_r; + unsigned ir_w; +}; +#endif + +#endif /* !FBXJTAG_H_ */ diff -Nruw linux-5.15.42-fbx/include/uapi/linux/hdmi-cec./dev.h linux-5.15.42-fbx/include/uapi/linux/hdmi-cec/dev.h --- linux-5.15.42-fbx/include/uapi/linux/hdmi-cec./dev.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/include/uapi/linux/hdmi-cec/dev.h 2023-03-09 15:06:12.428262660 +0100 @@ -0,0 +1,30 @@ +#ifndef __HDMI_CEC_DEV_H +#define __HDMI_CEC_DEV_H + +#include +#include + +#define CEC_IOCTL_BASE 'C' + +#define CEC_SET_LOGICAL_ADDRESS _IOW(CEC_IOCTL_BASE, 0, int) +#define CEC_RESET_DEVICE _IOW(CEC_IOCTL_BASE, 3, int) +#define CEC_GET_COUNTERS _IOR(CEC_IOCTL_BASE, 4, struct cec_counters) +#define CEC_SET_RX_MODE _IOW(CEC_IOCTL_BASE, 5, enum cec_rx_mode) +#define CEC_GET_TX_STATUS _IOW(CEC_IOCTL_BASE, 6, struct cec_tx_status) +#define CEC_SET_DETACHED_CONFIG _IOW(CEC_IOCTL_BASE, 7, struct cec_detached_config) + +#define CEC_MAX_DEVS (10) + +#ifdef __KERNEL__ + +struct cec_adapter; + +int __init cec_cdev_init(void); +void __exit cec_cdev_exit(void); + +int cec_create_adapter_node(struct cec_adapter *); +void cec_remove_adapter_node(struct cec_adapter *); + +#endif /* __KERNEL__ */ + +#endif /* __HDMI_CEC_DEV_H */ diff -Nruw linux-5.15.42-fbx/include/uapi/linux/hdmi-cec./hdmi-cec.h linux-5.15.42-fbx/include/uapi/linux/hdmi-cec/hdmi-cec.h --- linux-5.15.42-fbx/include/uapi/linux/hdmi-cec./hdmi-cec.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/include/uapi/linux/hdmi-cec/hdmi-cec.h 2023-03-09 15:06:12.428262660 +0100 @@ -0,0 +1,153 @@ +#ifndef __UAPI_HDMI_CEC_H +#define __UAPI_HDMI_CEC_H + +#include +#include + +/* Common defines for HDMI CEC */ +#define CEC_BCAST_ADDR (0x0f) +#define CEC_ADDR_MAX CEC_BCAST_ADDR + +#define CEC_MAX_MSG_LEN (16) /* 16 blocks */ + +enum cec_rx_msg_flags { + /* + * an ACK was received for this message + */ + CEC_RX_F_ACKED = (1 << 0), + + /* + * message was fully received + */ + CEC_RX_F_COMPLETE = (1 << 1), +}; + +/** + * struct cec_rx_msg - user-space exposed cec message cookie + * @data: cec message payload + * @len: cec message length + * @valid: 0 for invalid message + * @flags: flag field (cec_rx_msg_flags) + */ +struct cec_rx_msg { + __u8 data[CEC_MAX_MSG_LEN]; + __u8 len; + __u8 valid; + __u8 flags; + +} __attribute__((packed)); + +enum cec_tx_status_flags { + /* + * message was nacked at some point + */ + CEC_TX_F_NACK = (1 << 0), + + /* + * abort sending because total time to send was elapsed + */ + CEC_TX_F_TIMEOUT = (1 << 1), + + /* + * abort sending because maximum number of retry has passed + */ + CEC_TX_F_MAX_RETRIES = (1 << 2), + + /* + * abort sending because of arbitration loss + */ + CEC_TX_F_ARBITRATION_LOST = (1 << 3), + + /* + * message failed for other reason + */ + CEC_TX_F_UNKNOWN_ERROR = (1 << 7), +}; + +/** + * struct cec_tx_msg - user-space exposed cec message cookie + * @expire_ms: how long we try to send message (milliseconds) + * @data: cec message payload + * @len: cec message length + * @success: 0 => message was sent, else => failed to send message + * @flags: flag field (cec_tx_msg_flags) + * @tries: number of try done to send message + */ +struct cec_tx_msg { + __u16 expire_ms; + __u8 data[CEC_MAX_MSG_LEN]; + __u8 len; + __u8 success; + __u8 flags; + __u8 tries; +} __attribute__((packed)); + +struct cec_tx_status { + __u8 sent; + __u8 success; + __u8 flags; + __u8 tries; +} __attribute__((packed)); + +#define DETACH_CFG_F_WAKEUP (1 << 0) + +struct cec_detached_config { + __u8 phys_addr_valid; + __u8 phys_addr[2]; + __u8 flags; +} __attribute__((packed)); + +/* Counters */ + +/** + * struct cec_rx_counters - cec adpater RX counters + */ +struct cec_rx_counters { + __u8 pkts; + __u8 filtered_pkts; + __u8 valid_pkts; + __u8 rx_queue_full; + __u8 late_ack; + __u8 error; + __u8 rx_timeout_abort; + __u8 rx_throttled; +}; + +/** + * struct cec_tx_counters - cec adapter TX counters + */ +struct cec_tx_counters { + __u8 done; + __u8 fail; + __u8 timeout; + __u8 arb_loss; + __u8 bad_ack_timings; + __u8 tx_miss_early; + __u8 tx_miss_late; +}; + +/** + * struct cec_counters - tx and rx cec counters + * @rx: struct cec_rx_counters + * @tx: struct cec_tx_counters + */ +struct cec_counters { + struct cec_rx_counters rx; + struct cec_tx_counters tx; +}; + +/** + * enum cec_rx_mode - cec adapter rx mode + * @CEC_RX_MODE_DISABLED: RX path is disabled (default) + * @CEC_RX_MODE_DEFAULT: accept only unicast traffic + * @CEC_RX_MODE_ACCEPT_ALL: accept all incoming RX traffic (sniffing mode) + * @CEC_RX_MODE_MAX: sentinel + */ +enum cec_rx_mode { + CEC_RX_MODE_DISABLED = 0, + CEC_RX_MODE_DEFAULT, + CEC_RX_MODE_ACCEPT_ALL, + CEC_RX_MODE_MAX +}; + +#endif /* __UAPI_HDMI_CEC_H */ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/include/uapi/linux/ipx.h 2023-03-09 15:06:12.428262660 +0100 @@ -0,0 +1,87 @@ +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ +#ifndef _IPX_H_ +#define _IPX_H_ +#include /* for compatibility with glibc netipx/ipx.h */ +#include +#include +#include +#define IPX_NODE_LEN 6 +#define IPX_MTU 576 + +#if __UAPI_DEF_SOCKADDR_IPX +struct sockaddr_ipx { + __kernel_sa_family_t sipx_family; + __be16 sipx_port; + __be32 sipx_network; + unsigned char sipx_node[IPX_NODE_LEN]; + __u8 sipx_type; + unsigned char sipx_zero; /* 16 byte fill */ +}; +#endif /* __UAPI_DEF_SOCKADDR_IPX */ + +/* + * So we can fit the extra info for SIOCSIFADDR into the address nicely + */ +#define sipx_special sipx_port +#define sipx_action sipx_zero +#define IPX_DLTITF 0 +#define IPX_CRTITF 1 + +#if __UAPI_DEF_IPX_ROUTE_DEFINITION +struct ipx_route_definition { + __be32 ipx_network; + __be32 ipx_router_network; + unsigned char ipx_router_node[IPX_NODE_LEN]; +}; +#endif /* __UAPI_DEF_IPX_ROUTE_DEFINITION */ + +#if __UAPI_DEF_IPX_INTERFACE_DEFINITION +struct ipx_interface_definition { + __be32 ipx_network; + unsigned char ipx_device[16]; + unsigned char ipx_dlink_type; +#define IPX_FRAME_NONE 0 +#define IPX_FRAME_SNAP 1 +#define IPX_FRAME_8022 2 +#define IPX_FRAME_ETHERII 3 +#define IPX_FRAME_8023 4 +#define IPX_FRAME_TR_8022 5 /* obsolete */ + unsigned char ipx_special; +#define IPX_SPECIAL_NONE 0 +#define IPX_PRIMARY 1 +#define IPX_INTERNAL 2 + unsigned char ipx_node[IPX_NODE_LEN]; +}; +#endif /* __UAPI_DEF_IPX_INTERFACE_DEFINITION */ + +#if __UAPI_DEF_IPX_CONFIG_DATA +struct ipx_config_data { + unsigned char ipxcfg_auto_select_primary; + unsigned char ipxcfg_auto_create_interfaces; +}; +#endif /* __UAPI_DEF_IPX_CONFIG_DATA */ + +/* + * OLD Route Definition for backward compatibility. + */ + +#if __UAPI_DEF_IPX_ROUTE_DEF +struct ipx_route_def { + __be32 ipx_network; + __be32 ipx_router_network; +#define IPX_ROUTE_NO_ROUTER 0 + unsigned char ipx_router_node[IPX_NODE_LEN]; + unsigned char ipx_device[16]; + unsigned short ipx_flags; +#define IPX_RT_SNAP 8 +#define IPX_RT_8022 4 +#define IPX_RT_BLUEBOOK 2 +#define IPX_RT_ROUTED 1 +}; +#endif /* __UAPI_DEF_IPX_ROUTE_DEF */ + +#define SIOCAIPXITFCRT (SIOCPROTOPRIVATE) +#define SIOCAIPXPRISLT (SIOCPROTOPRIVATE + 1) +#define SIOCIPXCFGDATA (SIOCPROTOPRIVATE + 2) +#define SIOCIPXNCPCONN (SIOCPROTOPRIVATE + 3) +#endif /* _IPX_H_ */ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/include/uapi/linux/nmeshd_nl.h 2024-04-22 14:46:57.792264942 +0200 @@ -0,0 +1,50 @@ +#ifndef __LINUX_NMESHD_NL_H +#define __LINUX_NMESHD_NL_H + +#define NMESHD_NL_FAMILY "nmeshd_nl" +#define NNL_MULTICAST_GROUP_MLME "nmeshd_nl_mlme" + +enum nmeshd_nl_commands { + NNL_CMD_MESH_PEER_PATH_METRICS = 1, + NNL_CMD_MESH_NODE_METRICS, + NNL_CMD_SET_MPP, + NNL_CMD_DEL_MPP, + NNL_CMD_MPLINK_BLOCK, + NNL_CMD_MPLINK_UNBLOCK, + NNL_CMD_DUMP_BLOCKED_MPLINK_INFO, + NNL_CMD_MPLINK_FLUSH, + + NNL_CMD_AFTER_LAST, + NNL_CMD_MAX = NNL_CMD_AFTER_LAST - 1, +}; + +enum nmeshd_nl_attributes { + NNL_ATTR_IFINDEX = 1, + NNL_ATTR_IE_NODE_METRICS, + NNL_ATTR_IE_PATH_METRICS, + NNL_ATTR_WIPHY, + NNL_ATTR_IFNAME, + NNL_ATTR_MAC, + NNL_ATTR_FRAME_TYPE, + NNL_ATTR_SIGNAL_STRENGTH, + NNL_ATTR_BEACON_INTERVAL, + NNL_ATTR_MPP_PROXY, + NNL_ATTR_MPLINK_INFO, + + NNL_ATTR_AFTER_LAST, + NNL_NUM_ATTR = NNL_ATTR_AFTER_LAST, + NNL_ATTR_MAX = NNL_ATTR_AFTER_LAST - 1, +}; + +#define QBC_VENDOR_IE NNL_CMD_AFTER_LAST + +enum mplink_info_attr { + __MPLINK_ATTR_INVALID, + NNL_MPLINK_ATTR_MAC, + + /* keep last */ + NNL_MPLINK_ATTR_AFTER_LAST, + NNL_MPLINK_ATTR_MAX = NNL_MPLINK_ATTR_AFTER_LAST - 1 +}; + +#endif /* __LINUX_NMESHD_NL_H */ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/include/uapi/linux/prctl-private.h 2024-04-22 14:46:57.796265051 +0200 @@ -0,0 +1,10 @@ +#ifndef _LINUX_PRCTL_PRIVATE_H +#define _LINUX_PRCTL_PRIVATE_H + +/* + * Freebox addition: set/get exec mode. + */ +#define PR_SET_EXEC_MODE 63 +#define PR_GET_EXEC_MODE 64 + +#endif /* ! _LINUX_PRCTL_PRIVATE_H */ diff -Nruw linux-5.15.42-fbx/include/uapi/linux/remoti./remoti.h linux-5.15.42-fbx/include/uapi/linux/remoti/remoti.h --- linux-5.15.42-fbx/include/uapi/linux/remoti./remoti.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/include/uapi/linux/remoti/remoti.h 2023-03-09 15:06:12.428262660 +0100 @@ -0,0 +1,137 @@ +#ifndef _UAPI_REMOTI_H +#define _UAPI_REMOTI_H + +#include +#include + +/* + * subsystem definitions + */ +#define NPI_SYS_RES0 0 +#define NPI_SYS_SYS 1 +#define NPI_SYS_MAC 2 +#define NPI_SYS_NWK 3 +#define NPI_SYS_AF 4 +#define NPI_SYS_ZDO 5 +#define NPI_SYS_SAPI 6 +#define NPI_SYS_UTIL 7 +#define NPI_SYS_DBG 8 +#define NPI_SYS_APP 9 +#define NPI_SYS_RCAF 10 +#define NPI_SYS_RCN 11 +#define NPI_SYS_RCN_CLI 12 +#define NPI_SYS_BOOT 13 +#define NPI_SYS_MAX 14 +#define NPI_SYS_MASK 0x1F + +/* + * type definitions + */ +#define NPI_POLL 0 +#define NPI_SREQ 1 +#define NPI_AREQ 2 +#define NPI_SRSP 3 +#define NPI_TYPE_MAX 4 +#define NPI_TYPE_MASK 3 +#define NPI_TYPE_SHIFT 5 + + +/* common error codes (see RemoTI API) */ +#define RTI_SUCCESS 0x00 + +/* + * rti user message + */ +#define NPI_MAX_DATA_LEN 123 + +struct rti_msg { + __u8 type; + __u8 subsys; + __u8 cmd; + + __u8 data_len; + __u8 data[NPI_MAX_DATA_LEN]; + + __u8 custom_reply_cmd; + __u8 reply_cmd; + __u8 reply_len; + __u8 reply[NPI_MAX_DATA_LEN]; +}; + +/* + * socket addr family on "user" device + */ +#ifndef PF_REMOTI +#define PF_REMOTI 37 +#define AF_REMOTI PF_REMOTI +#endif + +struct sockaddr_rti { + __u32 device_id; +}; + +#define SOL_REMOTI 280 +#define REMOTI_REGISTER_CB 0 + +struct rti_callback { + __u8 subsys; + __u8 cmd; +}; + +/* + * ioctl on uart device + */ +enum rti_dev_state { + RTI_DEV_S_STOPPED = 0, + RTI_DEV_S_BOOTING, + RTI_DEV_S_BOOT_FAILED, + RTI_DEV_S_OPERATIONAL, + RTI_DEV_S_STOPPING, + RTI_DEV_S_DEAD, +}; + +struct rti_dev_status { + __u32 dev_state; + __u32 fw_version; +}; + +struct rti_dev_stats { + __u64 tx_bytes; + __u64 tx_packets; + + __u64 tx_boot_packets; + __u64 tx_rcaf_packets; + __u64 tx_util_packets; + __u64 tx_other_packets; + + + __u64 rx_bytes; + __u64 rx_packets; + __u64 rx_bad_sof; + __u64 rx_len_errors; + __u64 rx_fcs_errors; + __u64 rx_tty_errors; + __u64 rx_full_errors; + __u64 rx_subsys_errors; + __u64 rx_type_errors; + __u64 rx_no_callback; + + __u64 rx_boot_packets; + __u64 rx_rcaf_packets; + __u64 rx_util_packets; + __u64 rx_other_packets; +}; + +enum { + RTI_BOOT_FLAGS_FORCE_UPDATE = (1 << 0), +}; + +#define RTI_IOCTL_MAGIC 0xd4 +#define RTI_ATTACH_DEVICE _IOR(RTI_IOCTL_MAGIC, 1, __u32) +#define RTI_GET_STATUS _IOW(RTI_IOCTL_MAGIC, 2, struct rti_dev_status) +#define RTI_GET_STATS _IOW(RTI_IOCTL_MAGIC, 3, struct rti_dev_stats) + +#define RTI_START_DEVICE _IOR(RTI_IOCTL_MAGIC, 8, __u32) +#define RTI_STOP_DEVICE _IO(RTI_IOCTL_MAGIC, 9) + +#endif /* _UAPI_REMOTI_H */ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/lib/fbxserial.c 2023-02-27 19:50:20.220196601 +0100 @@ -0,0 +1,178 @@ +#include +#include +#include +#include +#include +#include + +#include + +#include + +#define PFX "builtin-fbxserial: " + +static void __init +fbxserialinfo_use_default(struct fbx_serial *serial) +{ + printk(KERN_WARNING PFX "warning: using default serial infos\n"); + fbxserial_set_default(serial); +} + +/* + * add trailing 0 for bundle string here. + */ +static void __init +bundle_fixup(struct fbx_serial *serial) +{ + struct fbx_serial_extinfo *p; + int i; + + for (i = 0; i < be32_to_cpu(serial->extinfo_count); i++) { + + if (i >= EXTINFO_MAX_COUNT) + break; + + p = &serial->extinfos[i]; + if (be32_to_cpu(p->type) == EXTINFO_TYPE_EXTDEV && + be32_to_cpu(p->u.extdev.type) == EXTDEV_TYPE_BUNDLE) { + int size; + + size = sizeof (p->u.extdev.serial); + p->u.extdev.serial[size - 1] = 0; + } + } +} + +/* + * called from arch code early in the boot sequence. This function + * returns 1 in case serial infos are invalid/unreadable and default + * values have been used. + */ +int __init +fbxserialinfo_read(const void *data, struct fbx_serial *out) +{ + uint32_t sum; + + /* + * get partial serial data from flash/whatever. + */ + memcpy(out, data, sizeof (*out)); + + /* check magic first */ + if (be32_to_cpu(out->magic) != FBXSERIAL_MAGIC) { + printk(KERN_NOTICE PFX "invalid magic (%08x, expected %08x), " + "using defaults !\n", be32_to_cpu(out->magic), + FBXSERIAL_MAGIC); + goto out_default; + } + + /* fetch size for which we have to check CRC */ + if (be32_to_cpu(out->len) > FBXSERIAL_MAX_SIZE) { + printk(KERN_NOTICE PFX "structure size too big (%d), " + "using defaults !\n", be32_to_cpu(out->len)); + goto out_default; + } + + /* compute and check checksum */ + sum = crc32(0, data + 4, be32_to_cpu(out->len) - 4); + + if (be32_to_cpu(out->crc32) != sum) { + printk(KERN_NOTICE PFX "invalid checksum (%08x, " + "expected %08x), using defaults !\n", sum, + be32_to_cpu(out->crc32)); + goto out_default; + } + + printk(KERN_INFO PFX "Found valid serial infos !\n"); + bundle_fixup(out); + return 0; + + out_default: + fbxserialinfo_use_default(out); + bundle_fixup(out); + return 1; +} + +void +fbxserialinfo_get_random(unsigned char *data, unsigned int len) +{ + const struct fbx_serial *s; + + memset(data, 0, 6); + s = arch_get_fbxserial(); + if (WARN(!s, "arch_get_fbxserial returned NULL")) + return; + + if (len > sizeof (s->random_data)) + len = sizeof (s->random_data); + + memcpy(data, s->random_data, len); +} +EXPORT_SYMBOL(fbxserialinfo_get_random); + +static u8 *mac_table; + +static void inc_mac(u8 *mac, int count) +{ + int index = 5; + int overflow; + + do { + unsigned int val = mac[index] + count; + + overflow = val >> 8; + mac[index] = val; + count = (count + 255) >> 8; + --index; + } while (index >= 0 && overflow); +} + +static int gen_mac_table(const struct fbx_serial *s) +{ + int i; + + mac_table = kmalloc(6 * s->mac_count, GFP_KERNEL); + if (!mac_table) + return -ENOMEM; + + for (i = 0; i < s->mac_count; ++i) { + u8 *mac = &mac_table[6 * i]; + + memcpy(mac, s->mac_addr_base, 6); + inc_mac(mac, i); + } + return 0; +} + +const void * +fbxserialinfo_get_mac_addr(unsigned int index) +{ + const struct fbx_serial *s; + + s = arch_get_fbxserial(); + + if (!s) { + pr_warn(PFX "no serial available: using default.\n"); + goto default_mac; + } + + if (index >= s->mac_count) { + pr_warn(PFX "mac index %d too high: using default.\n", + index); + goto default_mac; + } + + if (!mac_table) { + int error = gen_mac_table(s); + if (error) { + pr_err(PFX "gen_mac_table() failed: using default.\n"); + goto default_mac; + } + } + + return &mac_table[6 * index]; + +default_mac: + return "\x00\x07\xcb\x00\x00\xfd"; +} +EXPORT_SYMBOL(fbxserialinfo_get_mac_addr); diff -Nruw linux-5.15.42-fbx/net/fbxatm./Kconfig linux-5.15.42-fbx/net/fbxatm/Kconfig --- linux-5.15.42-fbx/net/fbxatm./Kconfig 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxatm/Kconfig 2023-02-27 17:13:13.141475977 +0100 @@ -0,0 +1,28 @@ +menuconfig FBXATM + tristate "Freebox Asynchronous Transfer Mode (ATM)" + +if FBXATM + +config FBXATM_REMOTE + bool + +choice + prompt "mode" + default FBXATM_STACK + +config FBXATM_STACK + bool "standard" + +config FBXATM_REMOTE_STUB + bool "remote stub" + select FBXATM_REMOTE + +endchoice + +config FBXATM_REMOTE_DRIVER + tristate "remote fbxatm driver" + depends on FBXATM_STACK + select FBXATM_REMOTE + select OF + +endif diff -Nruw linux-5.15.42-fbx/net/fbxatm./Makefile linux-5.15.42-fbx/net/fbxatm/Makefile --- linux-5.15.42-fbx/net/fbxatm./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxatm/Makefile 2023-02-27 17:10:06.964489879 +0100 @@ -0,0 +1,18 @@ +obj-$(CONFIG_FBXATM) += fbxatm.o +obj-$(CONFIG_FBXATM_REMOTE) += fbxatm_remote.o + +fbxatm-y := fbxatm_procfs.o fbxatm_sysfs.o + +ifeq ($(CONFIG_FBXATM_STACK),y) +fbxatm-y += fbxatm_core.o \ + fbxatm_2684.o \ + fbxatm_dev.o \ + crc10.o +fbxatm-$(CONFIG_PPP) += fbxatm_pppoa.o +endif + +ifeq ($(CONFIG_FBXATM_REMOTE_STUB),y) +fbxatm-y += fbxatm_remote_stub.o +endif + +obj-$(CONFIG_FBXATM_REMOTE_DRIVER) += fbxatm_remote_driver.o diff -Nruw linux-5.15.42-fbx/net/fbxatm./crc10.c linux-5.15.42-fbx/net/fbxatm/crc10.c --- linux-5.15.42-fbx/net/fbxatm./crc10.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxatm/crc10.c 2023-02-27 17:10:06.964489879 +0100 @@ -0,0 +1,48 @@ +#include + +static const u16 crc10_table[256] = { + 0x0000, 0x0233, 0x0255, 0x0066, 0x0299, 0x00aa, 0x00cc, 0x02ff, + 0x0301, 0x0132, 0x0154, 0x0367, 0x0198, 0x03ab, 0x03cd, 0x01fe, + 0x0031, 0x0202, 0x0264, 0x0057, 0x02a8, 0x009b, 0x00fd, 0x02ce, + 0x0330, 0x0103, 0x0165, 0x0356, 0x01a9, 0x039a, 0x03fc, 0x01cf, + 0x0062, 0x0251, 0x0237, 0x0004, 0x02fb, 0x00c8, 0x00ae, 0x029d, + 0x0363, 0x0150, 0x0136, 0x0305, 0x01fa, 0x03c9, 0x03af, 0x019c, + 0x0053, 0x0260, 0x0206, 0x0035, 0x02ca, 0x00f9, 0x009f, 0x02ac, + 0x0352, 0x0161, 0x0107, 0x0334, 0x01cb, 0x03f8, 0x039e, 0x01ad, + 0x00c4, 0x02f7, 0x0291, 0x00a2, 0x025d, 0x006e, 0x0008, 0x023b, + 0x03c5, 0x01f6, 0x0190, 0x03a3, 0x015c, 0x036f, 0x0309, 0x013a, + 0x00f5, 0x02c6, 0x02a0, 0x0093, 0x026c, 0x005f, 0x0039, 0x020a, + 0x03f4, 0x01c7, 0x01a1, 0x0392, 0x016d, 0x035e, 0x0338, 0x010b, + 0x00a6, 0x0295, 0x02f3, 0x00c0, 0x023f, 0x000c, 0x006a, 0x0259, + 0x03a7, 0x0194, 0x01f2, 0x03c1, 0x013e, 0x030d, 0x036b, 0x0158, + 0x0097, 0x02a4, 0x02c2, 0x00f1, 0x020e, 0x003d, 0x005b, 0x0268, + 0x0396, 0x01a5, 0x01c3, 0x03f0, 0x010f, 0x033c, 0x035a, 0x0169, + 0x0188, 0x03bb, 0x03dd, 0x01ee, 0x0311, 0x0122, 0x0144, 0x0377, + 0x0289, 0x00ba, 0x00dc, 0x02ef, 0x0010, 0x0223, 0x0245, 0x0076, + 0x01b9, 0x038a, 0x03ec, 0x01df, 0x0320, 0x0113, 0x0175, 0x0346, + 0x02b8, 0x008b, 0x00ed, 0x02de, 0x0021, 0x0212, 0x0274, 0x0047, + 0x01ea, 0x03d9, 0x03bf, 0x018c, 0x0373, 0x0140, 0x0126, 0x0315, + 0x02eb, 0x00d8, 0x00be, 0x028d, 0x0072, 0x0241, 0x0227, 0x0014, + 0x01db, 0x03e8, 0x038e, 0x01bd, 0x0342, 0x0171, 0x0117, 0x0324, + 0x02da, 0x00e9, 0x008f, 0x02bc, 0x0043, 0x0270, 0x0216, 0x0025, + 0x014c, 0x037f, 0x0319, 0x012a, 0x03d5, 0x01e6, 0x0180, 0x03b3, + 0x024d, 0x007e, 0x0018, 0x022b, 0x00d4, 0x02e7, 0x0281, 0x00b2, + 0x017d, 0x034e, 0x0328, 0x011b, 0x03e4, 0x01d7, 0x01b1, 0x0382, + 0x027c, 0x004f, 0x0029, 0x021a, 0x00e5, 0x02d6, 0x02b0, 0x0083, + 0x012e, 0x031d, 0x037b, 0x0148, 0x03b7, 0x0184, 0x01e2, 0x03d1, + 0x022f, 0x001c, 0x007a, 0x0249, 0x00b6, 0x0285, 0x02e3, 0x00d0, + 0x011f, 0x032c, 0x034a, 0x0179, 0x0386, 0x01b5, 0x01d3, 0x03e0, + 0x021e, 0x002d, 0x004b, 0x0278, 0x0087, 0x02b4, 0x02d2, 0x00e1, +}; + +static u16 crc10_byte(u16 crc, const u8 c) +{ + return ((crc << 8) & 0x3ff) ^ crc10_table[(crc >> 2) & 0xff] ^ c; +} + +u16 crc10(u16 crc, const u8 *buffer, size_t len) +{ + while (len--) + crc = crc10_byte(crc, *buffer++); + return crc; +} diff -Nruw linux-5.15.42-fbx/net/fbxatm./fbxatm_2684.c linux-5.15.42-fbx/net/fbxatm/fbxatm_2684.c --- linux-5.15.42-fbx/net/fbxatm./fbxatm_2684.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxatm/fbxatm_2684.c 2024-04-22 14:46:58.152274778 +0200 @@ -0,0 +1,851 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "fbxatm_priv.h" + +#define PFX "fbxatm_2684: " + +static LIST_HEAD(fbxatm_2684_dev_list); +static DEFINE_MUTEX(fbxatm_2684_mutex); + +#define LLC_NEEDED_HEADROOM 10 +#define VCMUX_BRIDGED_NEEDED_HEADROOM 2 + +#define LLC 0xaa, 0xaa, 0x03 +#define SNAP_BRIDGED 0x00, 0x80, 0xc2 +#define SNAP_ROUTED 0x00, 0x00, 0x00 +#define PID_ETHERNET_NOFCS 0x00, 0x07 + +static u8 llc_bridged_802d3_pad[] = { LLC, SNAP_BRIDGED, PID_ETHERNET_NOFCS, + 0, 0 }; +static u8 llc_snap_routed[] = { LLC, SNAP_ROUTED }; + +/* + * private data for 2684 vcc + */ +struct fbxatm_2684_vcc; + +struct fbxatm_2684_queue { + struct fbxatm_vcc *vcc; + unsigned int queue_idx; + struct fbxatm_2684_vcc *priv; +}; + +struct fbxatm_2684_vcc { + struct fbxatm_2684_queue queues[FBXATM_2684_MAX_VCC]; + size_t queue_count; + + struct net_device *dev; + struct fbxatm_2684_vcc_params params; + + spinlock_t tx_lock; + + struct rtnl_link_stats64 stats; + + struct list_head next; +}; + +static uint32_t tel_last_ip; + +static void warn_if_tel(struct fbxatm_2684_vcc *vcc, struct sk_buff *skb) +{ + struct iphdr *iph; + struct udphdr *udph = NULL; + + iph = (struct iphdr *)skb->data; + + if (iph->protocol != IPPROTO_UDP) + return; + + if (skb_headlen(skb) < (iph->ihl * 4) + sizeof (struct udphdr)) + return; + + udph = (struct udphdr *)((unsigned char *)iph + (iph->ihl * 4)); + if (ntohs(udph->dest) >= 5004 && ntohs(udph->dest) <= 5020) { + static u32 last_ip; + static unsigned long last_time; + unsigned long now; + + now = jiffies; + if ((last_ip == iph->saddr && + (!last_time || time_before(now, last_time + 2 * HZ)))) { + static unsigned int consecutive; + consecutive++; + if (consecutive > 5) { + tel_last_ip = iph->saddr; + consecutive = 0; + } + } + + last_time = now; + last_ip = iph->saddr; + } +} + +/* + * procfs read callback + */ +static int tel_proc_show(struct seq_file *m, void *v) +{ + seq_printf(m, "%pI4\n", &tel_last_ip); + return 0; +} + +static ssize_t tel_proc_write(struct file *file, const char __user *ubuf, + size_t len, loff_t *off) +{ + tel_last_ip = 0; + return len; +} + +static int tel_proc_open(struct inode *inode, struct file *file) +{ + return single_open(file, tel_proc_show, PDE_DATA(inode)); +} + +static const struct proc_ops tel_proc_fops = { + .proc_open = tel_proc_open, + .proc_read = seq_read, + .proc_write = tel_proc_write, + .proc_lseek = seq_lseek, + .proc_release = single_release, +}; + +/* + * fbxatm stack receive callback, called from softirq + */ +static void vcc_rx_callback(struct sk_buff *skb, void *data) +{ + struct fbxatm_2684_queue *queue; + struct fbxatm_2684_vcc *priv; + + queue = (struct fbxatm_2684_queue *)data; + priv = queue->priv; + + switch (priv->params.encap) { + case FBXATM_E2684_VCMUX: + switch (priv->params.payload) { + case FBXATM_P2684_BRIDGE: + /* assume 802.3, need to remove 2 bytes zero + * padding */ + if (skb->len < 2 || memcmp(skb->data, "\0\0", 2)) + goto drop; + skb_pull(skb, 2); + skb->protocol = eth_type_trans(skb, priv->dev); + memset(skb->data, 0, 2); + break; + + case FBXATM_P2684_ROUTED: + /* kludge to detect ipv6 or ipv4 */ + if (skb->len && (skb->data[0] & 0xf0) == 0x60) + skb->protocol = htons(ETH_P_IPV6); + else + skb->protocol = htons(ETH_P_IP); + skb_reset_mac_header(skb); + break; + } + break; + + case FBXATM_E2684_LLC: + switch (priv->params.payload) { + case FBXATM_P2684_BRIDGE: + { + /* recognize only 802.3 */ + if (skb->len < sizeof(llc_bridged_802d3_pad)) + goto drop; + + if (memcmp(skb->data, llc_bridged_802d3_pad, 7)) + goto drop; + + /* don't check the last bytes of pid, it can + * be 1 or 7 depending on the presence of + * FCS */ + skb_pull(skb, sizeof(llc_bridged_802d3_pad)); + skb->protocol = eth_type_trans(skb, priv->dev); + break; + } + + case FBXATM_P2684_ROUTED: + { + u16 proto; + unsigned int offset; + + if (skb->len < sizeof(llc_snap_routed) + 2) + goto drop; + + offset = sizeof (llc_snap_routed); + proto = skb->data[offset] << 8; + proto |= skb->data[offset + 1]; + + skb->protocol = proto; + skb_pull(skb, sizeof(llc_snap_routed) + 2); + skb_reset_mac_header(skb); + break; + } + } + break; + } + + skb->dev = priv->dev; + skb->pkt_type = PACKET_HOST; + priv->stats.rx_bytes += skb->len; + priv->stats.rx_packets++; + + if (priv->params.encap == FBXATM_E2684_VCMUX && + priv->params.payload == FBXATM_P2684_ROUTED && + queue->vcc->vpi == 8 && queue->vcc->vci == 35) + warn_if_tel(priv, skb); + + netif_rx(skb); + return; + +drop: + priv->stats.rx_errors++; + dev_kfree_skb(skb); +} + +/* + * fbxatm stack tx done callback, called from softirq + */ +static void vcc_tx_done_callback(void *data) +{ + struct fbxatm_2684_queue *queue; + struct fbxatm_2684_vcc *priv; + + queue = (struct fbxatm_2684_queue *)data; + priv = queue->priv; + + spin_lock(&priv->tx_lock); + if (__netif_subqueue_stopped(priv->dev, queue->queue_idx)) + netif_wake_subqueue(priv->dev, queue->queue_idx); + spin_unlock(&priv->tx_lock); +} + +/* + * fbxatm stack callback when vcc link changes + */ +static void vcc_link_change(void *data, int link, + unsigned int rx_cell_rate, + unsigned int tx_cell_rate) +{ + struct fbxatm_2684_queue *queue; + struct fbxatm_2684_vcc *priv; + + queue = (struct fbxatm_2684_queue *)data; + priv = queue->priv; + + if (link) + netif_carrier_on(priv->dev); + else + netif_carrier_off(priv->dev); +} + +/* + * vcc user ops, callback from fbxatm stack + */ +static const struct fbxatm_vcc_uops fbxatm_2684_uops = { + .link_change = vcc_link_change, + .rx_pkt = vcc_rx_callback, + .tx_done = vcc_tx_done_callback, +}; + +/* + * netdevice ->ndo_select_queue() callback + */ +static u16 fbxatm_2684_netdev_select_queue(struct net_device *dev, + struct sk_buff *skb, + struct net_device *sb_dev) +{ + /* force lower band to avoid kernel doing round robin */ + return 0; +} + +/* + * netdevice xmit callback + */ +static int fbxatm_2684_netdev_xmit(struct sk_buff *skb, struct net_device *dev) +{ + struct fbxatm_2684_vcc *priv; + int ret, queue_idx; + unsigned int needed_headroom; + struct fbxatm_2684_queue *queue; + unsigned int len; + + priv = netdev_priv(dev); + queue_idx = skb_get_queue_mapping(skb); + queue = &priv->queues[queue_idx]; + + /* + * check if we have to expand skb head + */ + needed_headroom = 0; + if (priv->params.encap == FBXATM_E2684_VCMUX) { + if (priv->params.payload == FBXATM_P2684_BRIDGE) + needed_headroom = VCMUX_BRIDGED_NEEDED_HEADROOM; + } else + needed_headroom = LLC_NEEDED_HEADROOM; + + if (skb_headroom(skb) < needed_headroom) { + struct sk_buff *nskb; + unsigned int new_head; + + new_head = skb_headroom(skb) + needed_headroom; + nskb = skb_realloc_headroom(skb, new_head); + dev_kfree_skb(skb); + if (!nskb) + goto dropped; + skb = nskb; + } + + switch (priv->params.encap) { + case FBXATM_E2684_VCMUX: + switch (priv->params.payload) { + case FBXATM_P2684_BRIDGE: + skb_push(skb, 2); + memset(skb->data, 0, 2); + break; + case FBXATM_P2684_ROUTED: + /* nothing to do */ + break; + } + break; + + case FBXATM_E2684_LLC: + switch (priv->params.payload) { + case FBXATM_P2684_BRIDGE: + skb_push(skb, sizeof(llc_bridged_802d3_pad)); + memcpy(skb->data, llc_bridged_802d3_pad, + sizeof(llc_bridged_802d3_pad)); + break; + + case FBXATM_P2684_ROUTED: + { + unsigned int offset; + + skb_push(skb, sizeof(llc_snap_routed)); + memcpy(skb->data, llc_snap_routed, + sizeof(llc_snap_routed)); + + offset = sizeof (llc_snap_routed); + skb->data[offset] = (skb->protocol >> 8) & 0xff; + skb->data[offset + 1] = skb->protocol & 0xff; + break; + } + } + break; + } + + spin_lock(&priv->tx_lock); + + len = skb->len; + ret = fbxatm_send(queue->vcc, skb); + if (ret) { + /* packet was not sent, queue is full */ + netif_stop_subqueue(dev, queue_idx); + spin_unlock(&priv->tx_lock); + WARN_ONCE(1, "fbxatm2684_xmit called with full queue"); + priv->stats.tx_errors++; + dev_kfree_skb(skb); + return NETDEV_TX_OK; + } + + priv->stats.tx_bytes += len; + priv->stats.tx_packets++; + + /* check if queue is full */ + if (fbxatm_vcc_queue_full(queue->vcc)) + netif_stop_subqueue(dev, queue_idx); + spin_unlock(&priv->tx_lock); + + return NETDEV_TX_OK; + +dropped: + priv->stats.tx_errors++; + return NETDEV_TX_OK; +} + +/* + * netdevice get_stats callback + */ +static void +fbxatm_2684_netdev_get_stats64(struct net_device *dev, + struct rtnl_link_stats64 *stats) +{ + struct fbxatm_2684_vcc *priv; + priv = netdev_priv(dev); + memcpy(stats, &priv->stats, sizeof (*stats)); +} + +/* + * netdevice setup callback for bridge encap + */ +static void setup_bridged(struct net_device *dev) +{ + ether_setup(dev); +} + +/* + * netdevice setup callback for routed encap + */ +static void setup_routed(struct net_device *dev) +{ + dev->type = ARPHRD_PPP; + dev->hard_header_len = 0; + dev->mtu = 1500; + dev->addr_len = 0; + dev->tx_queue_len = 128; + dev->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST; +} + +static const struct net_device_ops fbxatm_2684_ops = { + .ndo_start_xmit = fbxatm_2684_netdev_xmit, + .ndo_get_stats64 = fbxatm_2684_netdev_get_stats64, + .ndo_select_queue = fbxatm_2684_netdev_select_queue, +}; + +/* + * sysfs callback, show encapsulation + */ +static ssize_t show_encap(struct device *d, + struct device_attribute *attr, char *buf) +{ + struct fbxatm_2684_vcc *priv = netdev_priv(to_net_dev(d)); + + switch (priv->params.encap) { + case FBXATM_E2684_LLC: + return sprintf(buf, "llc\n"); + case FBXATM_E2684_VCMUX: + default: + return sprintf(buf, "vcmux\n"); + } +} + +static DEVICE_ATTR(encap, S_IRUGO, show_encap, NULL); + +/* + * sysfs callback, show payload + */ +static ssize_t show_payload(struct device *d, + struct device_attribute *attr, char *buf) +{ + struct fbxatm_2684_vcc *priv = netdev_priv(to_net_dev(d)); + + switch (priv->params.payload) { + case FBXATM_P2684_BRIDGE: + return sprintf(buf, "bridge\n"); + case FBXATM_P2684_ROUTED: + default: + return sprintf(buf, "routed\n"); + } +} + +static DEVICE_ATTR(payload, S_IRUGO, show_payload, NULL); + +/* + * sysfs callback, show vcc id + */ +static ssize_t show_vcc(struct device *d, + struct device_attribute *attr, char *buf) +{ + struct fbxatm_2684_vcc *priv = netdev_priv(to_net_dev(d)); + + return sprintf(buf, "%u.%u.%u\n", + priv->queues[0].vcc->adev->ifindex, + priv->queues[0].vcc->vpi, priv->queues[0].vcc->vci); +} + +static DEVICE_ATTR(vcc, S_IRUGO, show_vcc, NULL); + +static struct attribute *fbxatm2684_attrs[] = { + &dev_attr_encap.attr, + &dev_attr_payload.attr, + &dev_attr_vcc.attr, + NULL +}; + +static struct attribute_group fbxatm2684_group = { + .name = "fbxatm2684", + .attrs = fbxatm2684_attrs, +}; + +/* + * create sysfs files for 2684 device + */ +static int vcc2684_sysfs_register(struct fbxatm_2684_vcc *priv, + struct net_device *dev) +{ + int ret; + + ret = sysfs_create_group(&dev->dev.kobj, &fbxatm2684_group); + if (ret) + goto out1; + + ret = sysfs_create_link(&dev->dev.kobj, + &priv->queues[0].vcc->adev->dev.kobj, + "fbxatm_dev"); + if (ret) + goto out2; + + return 0; + +out2: + sysfs_remove_group(&dev->dev.kobj, &fbxatm2684_group); +out1: + return ret; +} + +/* + * remove sysfs files for 2684 device + */ +static void vcc2684_sysfs_unregister(struct fbxatm_2684_vcc *priv, + struct net_device *dev) +{ + sysfs_remove_group(&dev->dev.kobj, &fbxatm2684_group); + sysfs_remove_link(&dev->dev.kobj, "fbxatm_dev"); +} + +/* + * register netdevice & sysfs attribute + */ +static int register_2684_netdev(struct fbxatm_2684_vcc *priv, + struct net_device *dev) +{ + int ret; + + /* hold rtnl while registering netdevice and creating sysfs + * files to avoid race */ + rtnl_lock(); + + if (strchr(dev->name, '%')) { + ret = dev_alloc_name(dev, dev->name); + if (ret < 0) + goto out; + } + + ret = register_netdevice(dev); + if (ret) + goto out; + + ret = vcc2684_sysfs_register(priv, dev); + if (ret) + goto out_unregister; + + rtnl_unlock(); + return 0; + +out_unregister: + unregister_netdevice(dev); + +out: + rtnl_unlock(); + return ret; +} + +/* + * create a RFC2684 encapsulation on given vcc + */ +static int __create_2684_vcc(const struct fbxatm_2684_vcc_params *params) +{ + struct fbxatm_2684_vcc *priv; + struct fbxatm_vcc *vccs[FBXATM_2684_MAX_VCC]; + struct net_device *dev = NULL; + void (*netdev_setup_cb)(struct net_device *dev); + unsigned int headroom; + size_t i; + int ret; + + /* sanity check */ + switch (params->encap) { + case FBXATM_E2684_VCMUX: + case FBXATM_E2684_LLC: + break; + default: + return -EINVAL; + } + + switch (params->payload) { + case FBXATM_P2684_BRIDGE: + netdev_setup_cb = setup_bridged; + break; + case FBXATM_P2684_ROUTED: + netdev_setup_cb = setup_routed; + break; + default: + return -EINVAL; + } + + if (!params->dev_name[0]) + return -EINVAL; + + /* bind to vcc */ + memset(vccs, 0, sizeof (vccs)); + for (i = 0; i < params->id_count; i++) { + struct fbxatm_vcc *vcc; + + vcc = fbxatm_bind_to_vcc(¶ms->id_list[i], + FBXATM_VCC_USER_2684); + if (IS_ERR(vcc)) { + ret = PTR_ERR(vcc); + goto fail; + } + vccs[i] = vcc; + } + + /* create netdevice */ + dev = alloc_netdev_mqs(sizeof(*priv), params->dev_name, + NET_NAME_UNKNOWN, netdev_setup_cb, + params->id_count, 1); + if (!dev) { + ret = -ENOMEM; + goto fail; + } + + netif_set_real_num_tx_queues(dev, params->id_count); + netif_set_real_num_rx_queues(dev, 1); + + priv = netdev_priv(dev); + memset(priv, 0, sizeof (*priv)); + memcpy(&priv->params, params, sizeof (*params)); + memcpy(dev->name, priv->params.dev_name, IFNAMSIZ); + + spin_lock_init(&priv->tx_lock); + priv->dev = dev; + for (i = 0; i < params->id_count; i++) { + priv->queues[i].vcc = vccs[i]; + priv->queues[i].queue_idx = i; + priv->queues[i].priv = priv; + } + priv->queue_count = params->id_count; + + if (!is_zero_ether_addr(params->perm_addr)) + memcpy(dev->perm_addr, params->perm_addr, 6); + + dev->netdev_ops = &fbxatm_2684_ops; + + /* make sure kernel generated packet have correct headroom for + * encapsulation/payload */ + headroom = 0; + for (i = 0; i < params->id_count; i++) + headroom = max_t(int, headroom, vccs[i]->adev->tx_headroom); + dev->hard_header_len += headroom; + + + switch (params->encap) { + case FBXATM_E2684_VCMUX: + default: + if (params->payload == FBXATM_P2684_BRIDGE) + dev->hard_header_len += VCMUX_BRIDGED_NEEDED_HEADROOM; + break; + case FBXATM_E2684_LLC: + dev->hard_header_len += LLC_NEEDED_HEADROOM; + break; + } + + ret = register_2684_netdev(priv, dev); + if (ret) + goto fail; + + if (fbxatm_vcc_link_is_up(vccs[0])) { + netif_carrier_on(dev); + netif_tx_start_all_queues(dev); + } else + netif_carrier_off(dev); + list_add_tail(&priv->next, &fbxatm_2684_dev_list); + + for (i = 0; i < params->id_count; i++) + fbxatm_set_uops(vccs[i], &fbxatm_2684_uops, &priv->queues[i]); + + return 0; + +fail: + for (i = 0; i < ARRAY_SIZE(vccs); i++) { + if (vccs[i]) + fbxatm_unbind_vcc(vccs[i]); + } + if (dev) + free_netdev(dev); + return ret; +} + +/* + * find 2684 vcc from id list + */ +static struct fbxatm_2684_vcc *__find_2684_vcc(const struct fbxatm_vcc_id *id, + size_t count) +{ + struct fbxatm_2684_vcc *priv; + size_t i; + + /* find it */ + list_for_each_entry(priv, &fbxatm_2684_dev_list, next) { + for (i = 0; i < priv->queue_count; i++) { + struct fbxatm_2684_queue *q; + size_t j; + + q = &priv->queues[i]; + + for (j = 0; j < count; j++) { + if (q->vcc->adev->ifindex == id[j].dev_idx && + q->vcc->vpi == id[0].vpi && + q->vcc->vci == id[0].vci) + return priv; + } + } + } + return NULL; +} + +/* + * create a RFC2684 encapsulation on given vcc + */ +static int create_2684_vcc(const struct fbxatm_2684_vcc_params *params) +{ + int ret; + + mutex_lock(&fbxatm_2684_mutex); + ret = __create_2684_vcc(params); + mutex_unlock(&fbxatm_2684_mutex); + return ret; +} + +/* + * remove RFC2684 encapsulation from given vcc + */ +static int __remove_2684_vcc(const struct fbxatm_2684_vcc_params *params) +{ + struct fbxatm_2684_vcc *priv; + size_t i; + + priv = __find_2684_vcc(params->id_list, params->id_count); + if (!priv) + return -ENOENT; + + /* close netdevice, fbxatm_2684_netdev_xmit cannot be called + * again */ + rtnl_lock(); + dev_close(priv->dev); + rtnl_unlock(); + + for (i = 0; i < priv->queue_count; i++) + fbxatm_unbind_vcc(priv->queues[i].vcc); + vcc2684_sysfs_unregister(priv, priv->dev); + unregister_netdev(priv->dev); + list_del(&priv->next); + free_netdev(priv->dev); + return 0; +} + +/* + * remove RFC2684 encapsulation from given vcc + */ +static int remove_2684_vcc(const struct fbxatm_2684_vcc_params *params) +{ + int ret; + + mutex_lock(&fbxatm_2684_mutex); + ret = __remove_2684_vcc(params); + mutex_unlock(&fbxatm_2684_mutex); + return ret; +} + +/* + * 2684 related ioctl handler + */ +static int fbxatm_2684_ioctl(struct socket *sock, + unsigned int cmd, void __user *useraddr) +{ + int ret; + + ret = 0; + + switch (cmd) { + case FBXATM_2684_IOCADD: + case FBXATM_2684_IOCDEL: + { + struct fbxatm_2684_vcc_params params; + + if (copy_from_user(¶ms, useraddr, sizeof(params))) + return -EFAULT; + + if (cmd == FBXATM_2684_IOCADD) + ret = create_2684_vcc(¶ms); + else + ret = remove_2684_vcc(¶ms); + break; + } + + case FBXATM_2684_IOCGET: + { + struct fbxatm_2684_vcc_params params; + struct fbxatm_2684_vcc *priv; + + if (copy_from_user(¶ms, useraddr, sizeof(params))) + return -EFAULT; + + mutex_lock(&fbxatm_2684_mutex); + priv = __find_2684_vcc(params.id_list, params.id_count); + if (!priv) + ret = -ENOENT; + else { + memcpy(¶ms, &priv->params, sizeof (params)); + memcpy(params.dev_name, priv->dev->name, IFNAMSIZ); + } + mutex_unlock(&fbxatm_2684_mutex); + + if (ret) + return ret; + + if (copy_to_user(useraddr, ¶ms, sizeof(params))) + return -EFAULT; + break; + } + + default: + return -ENOIOCTLCMD; + } + + return ret; +} + +static struct fbxatm_ioctl fbxatm_2684_ioctl_ops = { + .handler = fbxatm_2684_ioctl, + .owner = THIS_MODULE, +}; + +int __init fbxatm_2684_init(void) +{ + struct proc_dir_entry *root, *proc; + + root = fbxatm_proc_misc_register("tel"); + if (!root) + return -ENOMEM; + + /* tel debug crap */ + proc = proc_create_data("bad_ip", 0666, root, &tel_proc_fops, NULL); + if (!proc) + return -ENOMEM; + + fbxatm_register_ioctl(&fbxatm_2684_ioctl_ops); + return 0; +} + +void fbxatm_2684_exit(void) +{ + fbxatm_unregister_ioctl(&fbxatm_2684_ioctl_ops); +} diff -Nruw linux-5.15.42-fbx/net/fbxatm./fbxatm_core.c linux-5.15.42-fbx/net/fbxatm/fbxatm_core.c --- linux-5.15.42-fbx/net/fbxatm./fbxatm_core.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxatm/fbxatm_core.c 2023-02-27 17:13:39.810190205 +0100 @@ -0,0 +1,204 @@ +#include +#include +#include +#include +#include +#include +#include +#include "fbxatm_priv.h" + +static DEFINE_MUTEX(ioctl_mutex); +static LIST_HEAD(ioctl_list); + +void fbxatm_register_ioctl(struct fbxatm_ioctl *ioctl) +{ + mutex_lock(&ioctl_mutex); + list_add_tail(&ioctl->next, &ioctl_list); + mutex_unlock(&ioctl_mutex); +} + +void fbxatm_unregister_ioctl(struct fbxatm_ioctl *ioctl) +{ + mutex_lock(&ioctl_mutex); + list_del(&ioctl->next); + mutex_unlock(&ioctl_mutex); +} + +static int fbxatm_sock_ioctl(struct socket *sock, unsigned int cmd, + unsigned long arg) +{ + struct fbxatm_ioctl *ioctl; + void __user *useraddr; + int ret; + + /* sanity check */ + useraddr = (void __user *)arg; + + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + + ret = -ENOIOCTLCMD; + mutex_lock(&ioctl_mutex); + + list_for_each_entry(ioctl, &ioctl_list, next) { + if (!ioctl->handler) + continue; + + if (!try_module_get(ioctl->owner)) + continue; + + ret = ioctl->handler(sock, cmd, useraddr); + module_put(ioctl->owner); + if (ret != -ENOIOCTLCMD) + break; + } + mutex_unlock(&ioctl_mutex); + + return ret; +} + +static int fbxatm_sock_release(struct socket *sock) +{ + struct fbxatm_ioctl *ioctl; + struct sock *sk = sock->sk; + + mutex_lock(&ioctl_mutex); + + list_for_each_entry(ioctl, &ioctl_list, next) { + if (!ioctl->release) + continue; + + if (!try_module_get(ioctl->owner)) + continue; + + ioctl->release(sock); + module_put(ioctl->owner); + } + mutex_unlock(&ioctl_mutex); + + if (sk) + sock_put(sk); + + return 0; +} + +static const struct proto_ops fbxatm_proto_ops = { + .family = PF_FBXATM, + + .release = fbxatm_sock_release, + .ioctl = fbxatm_sock_ioctl, + + .bind = sock_no_bind, + .connect = sock_no_connect, + .socketpair = sock_no_socketpair, + .accept = sock_no_accept, + .getname = sock_no_getname, + .listen = sock_no_listen, + .shutdown = sock_no_shutdown, + .sendmsg = sock_no_sendmsg, + .recvmsg = sock_no_recvmsg, + .mmap = sock_no_mmap, + .sendpage = sock_no_sendpage, + .owner = THIS_MODULE, +}; + +static struct proto fbxatm_proto = { + .name = "fbxatm", + .owner = THIS_MODULE, + .obj_size = sizeof (struct sock), +}; + +static int fbxatm_sock_create(struct net *net, struct socket *sock, + int protocol, int kern) +{ + struct sock *sk; + + sk = sk_alloc(net, PF_FBXATM, GFP_KERNEL, &fbxatm_proto, kern); + if (!sk) + return -ENOMEM; + + sock_init_data(sock, sk); + sock->state = SS_UNCONNECTED; + sock->ops = &fbxatm_proto_ops; + return 0; +} + +static struct net_proto_family fbxatm_family_ops = { + .family = PF_FBXATM, + .create = fbxatm_sock_create, + .owner = THIS_MODULE, +}; + + +static int __init fbxatm_init(void) +{ + int ret; + + printk(KERN_INFO "Freebox ATM stack\n"); + ret = fbxatm_sysfs_init(); + if (ret) + return ret; + + ret = fbxatm_procfs_init(); + if (ret) + goto fail_sysfs; + + ret = fbxatm_vcc_init(); + if (ret) + goto fail_procfs; + + ret = fbxatm_2684_init(); + if (ret) + goto fail_vcc; + + ret = fbxatm_pppoa_init(); + if (ret) + goto fail_2684; + + ret = proto_register(&fbxatm_proto, 0); + if (ret) + goto fail_pppoa; + + ret = sock_register(&fbxatm_family_ops); + if (ret) + goto fail_proto; + + return 0; + +fail_proto: + proto_unregister(&fbxatm_proto); + +fail_pppoa: + fbxatm_pppoa_exit(); + +fail_2684: + fbxatm_2684_exit(); + +fail_vcc: + fbxatm_vcc_exit(); + +fail_procfs: + fbxatm_procfs_exit(); + +fail_sysfs: + fbxatm_sysfs_exit(); + printk(KERN_ERR "failed to initialize Freebox ATM stack\n"); + return ret; +} + +static void __exit fbxatm_exit(void) +{ + sock_unregister(PF_FBXATM); + proto_unregister(&fbxatm_proto); + fbxatm_pppoa_exit(); + fbxatm_2684_exit(); + fbxatm_vcc_exit(); + fbxatm_procfs_exit(); + fbxatm_sysfs_exit(); +} + +subsys_initcall(fbxatm_init); +module_exit(fbxatm_exit); + +MODULE_LICENSE("GPL"); +MODULE_ALIAS_NETPROTO(PF_FBXATM); diff -Nruw linux-5.15.42-fbx/net/fbxatm./fbxatm_dev.c linux-5.15.42-fbx/net/fbxatm/fbxatm_dev.c --- linux-5.15.42-fbx/net/fbxatm./fbxatm_dev.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxatm/fbxatm_dev.c 2023-02-27 17:17:27.132278230 +0100 @@ -0,0 +1,983 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include "fbxatm_priv.h" + +/* + * list of registered device & lock + */ +LIST_HEAD(fbxatm_dev_list); + +/* + * big "rtnl" lock + */ +DEFINE_MUTEX(fbxatm_mutex); +static int fbxatm_ifindex = -1; + +/* + * find device by index + */ +static struct fbxatm_dev *__fbxatm_dev_get_by_index(int ifindex) +{ + struct fbxatm_dev *pdev; + + list_for_each_entry(pdev, &fbxatm_dev_list, next) { + if (pdev->ifindex == ifindex) + return pdev; + } + return NULL; +} + +/* + * find vcc by id + */ +static struct fbxatm_vcc * +__fbxatm_vcc_get_by_id(const struct fbxatm_vcc_id *id) +{ + struct fbxatm_dev *adev; + struct fbxatm_vcc *vcc; + int found; + + adev = __fbxatm_dev_get_by_index(id->dev_idx); + if (!adev) + return ERR_PTR(-ENODEV); + + found = 0; + spin_lock_bh(&adev->vcc_list_lock); + list_for_each_entry(vcc, &adev->vcc_list, next) { + if (vcc->vpi != id->vpi || vcc->vci != id->vci) + continue; + found = 1; + break; + } + spin_unlock_bh(&adev->vcc_list_lock); + + if (found) + return vcc; + return ERR_PTR(-ENOENT); +} + +/* + * allocate device + */ +struct fbxatm_dev *fbxatm_alloc_device(int sizeof_priv) +{ + unsigned int size; + + size = sizeof(struct fbxatm_dev) + sizeof_priv + FBXATMDEV_ALIGN; + return kzalloc(size, GFP_KERNEL); +} + +EXPORT_SYMBOL(fbxatm_alloc_device); + +/* + * calculate crc10 of oam cell + */ +static void compute_oam_crc10(struct fbxatm_oam_cell_payload *cell) +{ + u8 *pdu; + u16 crc; + + /* crc10 does not cover header */ + pdu = (u8 *)&cell->cell_type; + memset(cell->crc10, 0, 2); + + crc = crc10(0, pdu, sizeof (*cell) - sizeof (cell->cell_hdr)); + cell->crc10[0] = crc >> 8; + cell->crc10[1] = crc & 0xff; +} + +/* + * check crc10 of oam cell + */ +static int check_oam_crc10(struct fbxatm_oam_cell_payload *cell) +{ + u8 *pdu; + u16 crc; + + pdu = (u8 *)&cell->cell_type; + + crc = (cell->crc10[0] << 8) | cell->crc10[1]; + memset(cell->crc10, 0, 2); + + if (crc != crc10(0, pdu, sizeof (*cell) - sizeof (cell->cell_hdr))) + return 1; + + return 0; +} + +/* + * send an oam ping and wait for answer + */ +static int do_oam_ping(struct fbxatm_oam_ping *ping) +{ + struct fbxatm_dev *adev; + struct fbxatm_oam_cell *oam_cell; + struct fbxatm_oam_cell_payload *cell; + u8 *hdr; + int ret; + + switch (ping->req.type) { + case FBXATM_OAM_PING_SEG_F4: + case FBXATM_OAM_PING_E2E_F4: + return -ENOTSUPP; + case FBXATM_OAM_PING_SEG_F5: + case FBXATM_OAM_PING_E2E_F5: + break; + default: + return -EINVAL; + } + + /* find device */ + mutex_lock(&fbxatm_mutex); + adev = __fbxatm_dev_get_by_index(ping->req.id.dev_idx); + if (!adev) { + ret = -ENODEV; + goto out_unlock; + } + + /* if f5, vcc need to be opened */ + switch (ping->req.type) { + case FBXATM_OAM_PING_SEG_F5: + case FBXATM_OAM_PING_E2E_F5: + { + struct fbxatm_vcc *vcc; + + vcc = __fbxatm_vcc_get_by_id(&ping->req.id); + if (IS_ERR(vcc)) { + ret = -ENETDOWN; + goto out_unlock; + } + break; + } + + default: + break; + } + + ping->correlation_id = ++adev->oam_correlation_id; + + /* prepare atm oam cell and send it */ + oam_cell = kmalloc(sizeof (*oam_cell), GFP_KERNEL); + if (!oam_cell) { + ret = -ENOMEM; + goto out_unlock; + } + cell = &oam_cell->payload; + + hdr = cell->cell_hdr; + ATM_SET_GFC(hdr, 0); + + ATM_SET_VPI(hdr, ping->req.id.vpi); + ATM_SET_VCI(hdr, ping->req.id.vci); + if (ping->req.type == FBXATM_OAM_PING_E2E_F5) + ATM_SET_PT(hdr, OAM_PTI_END2END_F5); + else + ATM_SET_PT(hdr, OAM_PTI_SEG_F5); + ATM_SET_CLP(hdr, 0); + ATM_SET_HEC(hdr, 0); + + cell->cell_type = (OAM_TYPE_FAULT_MANAGEMENT << OAM_TYPE_SHIFT) | + (FUNC_TYPE_OAM_LOOPBACK << FUNC_TYPE_SHIFT); + cell->loopback_indication = 1; + + memcpy(cell->correlation_tag, &ping->correlation_id, + sizeof (cell->correlation_tag)); + memcpy(cell->loopback_id, ping->req.llid, sizeof (ping->req.llid)); + memset(cell->source_id, 0x6a, sizeof (cell->source_id)); + memset(cell->reserved, 0x6a, sizeof (cell->reserved)); + + compute_oam_crc10(cell); + + spin_lock_bh(&adev->dev_link_lock); + if (!test_bit(FBXATM_DEV_F_LINK_UP, &adev->dev_flags)) + ret = -ENETDOWN; + else + ret = adev->ops->send_oam(adev, oam_cell); + spin_unlock_bh(&adev->dev_link_lock); + if (ret) + goto out_unlock; + + /* wait for an answer */ + adev->stats.tx_f5_oam++; + list_add(&ping->next, &adev->oam_pending_ping); + ping->replied = 0; + init_waitqueue_head(&ping->wq); + mutex_unlock(&fbxatm_mutex); + + ret = wait_event_interruptible_timeout(ping->wq, ping->replied, + HZ * 5); + list_del(&ping->next); + + if (ret == -ERESTARTSYS) + return ret; + + if (ping->replied < 0) { + /* ping failed */ + return ping->replied; + } + + if (!ping->replied) { + /* timeout */ + return -ETIME; + } + + return 0; + + +out_unlock: + mutex_unlock(&fbxatm_mutex); + return ret; +} + +/* + * special llid values + */ +static const u8 llid_all1[16] = { 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff }; + +static const u8 llid_all0[16] = { 0 }; + +/* + * handle incoming oam cell + */ +static void handle_oam_cell(struct fbxatm_dev *adev, + struct fbxatm_oam_cell *oam_cell) +{ + struct fbxatm_oam_cell_payload *cell; + u16 vci; + u8 *hdr, pt, oam, func; + + /* check CRC10 */ + cell = &oam_cell->payload; + if (check_oam_crc10(cell)) { + adev->stats.rx_bad_oam++; + goto out; + } + + /* drop f4 cells */ + hdr = cell->cell_hdr; + vci = ATM_GET_VCI(hdr); + + if (vci == OAM_VCI_SEG_F4 || vci == OAM_VCI_END2END_F4) { + adev->stats.rx_f4_oam++; + goto out; + } + + /* keep f5 cells only */ + pt = ATM_GET_PT(hdr); + if (pt != OAM_PTI_SEG_F5 && pt != OAM_PTI_END2END_F5) { + adev->stats.rx_other_oam++; + goto out; + } + + adev->stats.rx_f5_oam++; + + /* keep oam loopback type only */ + oam = (cell->cell_type & OAM_TYPE_MASK) >> OAM_TYPE_SHIFT; + func = (cell->cell_type & FUNC_TYPE_MASK) >> FUNC_TYPE_SHIFT; + + if (oam != OAM_TYPE_FAULT_MANAGEMENT || + func != FUNC_TYPE_OAM_LOOPBACK) { + adev->stats.rx_other_oam++; + goto out; + } + + if (cell->loopback_indication & 1) { + int match, ret; + + /* request, check for llid match */ + match = 0; + switch (pt) { + case OAM_PTI_SEG_F5: + /* 0x0 or 0xffffffff */ + if (!memcmp(cell->loopback_id, llid_all0, + sizeof (llid_all0))) + match = 1; + fallthrough; + + case OAM_PTI_END2END_F5: + /* 0xffffffff only */ + if (!memcmp(cell->loopback_id, llid_all1, + sizeof (llid_all1))) + match = 1; + break; + } + + if (!match) { + adev->stats.rx_bad_llid_oam++; + goto out; + } + + /* ok, update llid and answer */ + cell->loopback_indication = 0; + memcpy(cell->loopback_id, llid_all1, sizeof (llid_all1)); + compute_oam_crc10(cell); + + spin_lock_bh(&adev->dev_link_lock); + if (!test_bit(FBXATM_DEV_F_LINK_UP, &adev->dev_flags)) + ret = adev->ops->send_oam(adev, oam_cell); + else + ret = -ENETDOWN; + spin_unlock_bh(&adev->dev_link_lock); + + if (!ret) { + /* send successful, don't free cell */ + adev->stats.tx_f5_oam++; + return; + } + + } else { + struct fbxatm_oam_ping *ping; + + /* reply, find a matching sender */ + spin_lock_bh(&adev->oam_list_lock); + list_for_each_entry(ping, &adev->oam_pending_ping, next) { + + /* compare correlation id */ + if (memcmp(&ping->correlation_id, + cell->correlation_tag, + sizeof (cell->correlation_tag))) + continue; + + /* compare ping type */ + switch (ping->req.type) { + case FBXATM_OAM_PING_SEG_F5: + if (pt != OAM_PTI_SEG_F5) + continue; + break; + case FBXATM_OAM_PING_E2E_F5: + if (pt != OAM_PTI_END2END_F5) + continue; + break; + default: + break; + } + + /* seems we have a match */ + ping->replied = 1; + wake_up(&ping->wq); + } + spin_unlock_bh(&adev->oam_list_lock); + } + +out: + kfree(oam_cell); +} + +/* + * oam rx processing workqueue + */ +static void fbxatm_oam_work(struct work_struct *work) +{ + struct fbxatm_dev *adev; + struct fbxatm_oam_cell *cell; + + adev = container_of(work, struct fbxatm_dev, oam_work); + + do { + cell = NULL; + spin_lock_bh(&adev->oam_list_lock); + if (!list_empty(&adev->rx_oam_cells)) { + cell = list_first_entry(&adev->rx_oam_cells, + struct fbxatm_oam_cell, next); + list_del(&cell->next); + adev->rx_oam_cells_count--; + } + spin_unlock_bh(&adev->oam_list_lock); + + if (cell) + handle_oam_cell(adev, cell); + + } while (cell); +} + +/* + * register given device + */ +static int __fbxatm_register_device(struct fbxatm_dev *adev, + const char *base_name, + const struct fbxatm_dev_ops *ops) +{ + struct fbxatm_dev *pdev; + int name_len, count, ret; + long *inuse; + + adev->ops = ops; + INIT_LIST_HEAD(&adev->vcc_list); + spin_lock_init(&adev->vcc_list_lock); + INIT_LIST_HEAD(&adev->next); + spin_lock_init(&adev->stats_lock); + spin_lock_init(&adev->oam_list_lock); + spin_lock_init(&adev->dev_link_lock); + INIT_LIST_HEAD(&adev->rx_oam_cells); + INIT_WORK(&adev->oam_work, fbxatm_oam_work); + INIT_LIST_HEAD(&adev->oam_pending_ping); + get_random_bytes(&adev->oam_correlation_id, 4); + + name_len = strlen(base_name); + adev->name = kmalloc(name_len + 10, GFP_KERNEL); + if (!adev->name) { + ret = -ENOMEM; + goto fail; + } + + /* allocate ifindex */ + while (1) { + if (++fbxatm_ifindex < 0) + fbxatm_ifindex = 0; + if (__fbxatm_dev_get_by_index(fbxatm_ifindex)) + continue; + adev->ifindex = fbxatm_ifindex; + break; + } + + /* allocate device name */ + inuse = (long *)get_zeroed_page(GFP_ATOMIC); + if (!inuse) { + ret = -ENOMEM; + goto fail; + } + + list_for_each_entry(pdev, &fbxatm_dev_list, next) { + unsigned long val; + char *end; + + /* look for common prefix */ + if (strncmp(base_name, pdev->name, name_len)) + continue; + + /* make sure name is the same, not just a prefix */ + val = simple_strtoul(pdev->name + name_len, &end, 10); + if (!*end) + continue; + + set_bit(val, inuse); + } + + count = find_first_zero_bit(inuse, PAGE_SIZE * 8); + free_page((unsigned long)inuse); + + snprintf(adev->name, name_len + 10, "%s%d", base_name, count); + list_add_tail(&adev->next, &fbxatm_dev_list); + + /* create procfs entries */ + ret = fbxatm_proc_dev_register(adev); + if (ret) + goto fail; + + /* call device procfs init if any */ + if (adev->ops->init_procfs) { + ret = adev->ops->init_procfs(adev); + if (ret) + goto fail_procfs; + } + + /* create sysfs entries */ + ret = fbxatm_register_dev_sysfs(adev); + if (ret) + goto fail_procfs; + + return 0; + +fail_procfs: + fbxatm_proc_dev_deregister(adev); + +fail: + list_del(&adev->next); + kfree(adev->name); + return ret; +} + +/* + * take lock and register device + */ +int fbxatm_register_device(struct fbxatm_dev *adev, + const char *base_name, + const struct fbxatm_dev_ops *ops) +{ + int ret; + + mutex_lock(&fbxatm_mutex); + ret = __fbxatm_register_device(adev, base_name, ops); + mutex_unlock(&fbxatm_mutex); + return ret; +} + +EXPORT_SYMBOL(fbxatm_register_device); + +/* + * change device "link" state + */ +static void fbxatm_dev_set_link(struct fbxatm_dev *adev, int link) +{ + struct fbxatm_vcc *vcc; + + if (link) { + memset(&adev->stats, 0, sizeof (adev->stats)); + set_bit(FBXATM_DEV_F_LINK_UP, &adev->dev_flags); + + spin_lock_bh(&adev->vcc_list_lock); + list_for_each_entry(vcc, &adev->vcc_list, next) { + memset(&vcc->stats, 0, sizeof (vcc->stats)); + set_bit(FBXATM_VCC_F_LINK_UP, &vcc->vcc_flags); + if (!vcc->user_ops || !vcc->user_ops->link_change) + continue; + vcc->user_ops->link_change(vcc->user_cb_data, 1, + adev->link_cell_rate_ds, + adev->link_cell_rate_us); + } + spin_unlock_bh(&adev->vcc_list_lock); + } else { + /* prevent further oam cells input */ + spin_lock_bh(&adev->dev_link_lock); + clear_bit(FBXATM_DEV_F_LINK_UP, &adev->dev_flags); + spin_unlock_bh(&adev->dev_link_lock); + + /* flush rx oam work */ + cancel_work_sync(&adev->oam_work); + + /* now disable tx on all vcc */ + spin_lock_bh(&adev->vcc_list_lock); + list_for_each_entry(vcc, &adev->vcc_list, next) { + spin_lock_bh(&vcc->tx_lock); + clear_bit(FBXATM_VCC_F_LINK_UP, &vcc->vcc_flags); + spin_unlock_bh(&vcc->tx_lock); + if (!vcc->user_ops || !vcc->user_ops->link_change) + continue; + vcc->user_ops->link_change(vcc->user_cb_data, 0, 0, 0); + } + spin_unlock_bh(&adev->vcc_list_lock); + } + + fbxatm_dev_change_sysfs(adev); +} + +/* + * set device "link" to up, allowing vcc/device send ops to be called, + * this function sleeps + */ +void fbxatm_dev_set_link_up(struct fbxatm_dev *adev) +{ + if (!test_bit(FBXATM_DEV_F_LINK_UP, &adev->dev_flags)) + printk(KERN_INFO "%s: link UP - " + "down: %u kbit/s - up: %u kbit/s\n", adev->name, + adev->link_rate_ds / 1000, adev->link_rate_us / 1000); + return fbxatm_dev_set_link(adev, 1); +} + +EXPORT_SYMBOL(fbxatm_dev_set_link_up); + +/* + * set device link to down, disallowing any vcc/device send ops to be + * called, this function sleeps + */ +void fbxatm_dev_set_link_down(struct fbxatm_dev *adev) +{ + if (test_bit(FBXATM_DEV_F_LINK_UP, &adev->dev_flags)) + printk(KERN_INFO "%s: link DOWN\n", adev->name); + return fbxatm_dev_set_link(adev, 0); +} + +EXPORT_SYMBOL(fbxatm_dev_set_link_down); + +/* + * take lock and unregister device + */ +int fbxatm_unregister_device(struct fbxatm_dev *adev) +{ + int ret; + bool empty; + + ret = 0; + mutex_lock(&fbxatm_mutex); + + spin_lock_bh(&adev->vcc_list_lock); + empty = list_empty(&adev->vcc_list); + spin_unlock_bh(&adev->vcc_list_lock); + if (!empty) { + ret = -EBUSY; + goto out; + } + + if (!list_empty(&adev->oam_pending_ping)) { + ret = -EBUSY; + goto out; + } + + list_del(&adev->next); + + if (adev->ops->release_procfs) + adev->ops->release_procfs(adev); + fbxatm_proc_dev_deregister(adev); + + fbxatm_unregister_dev_sysfs(adev); +out: + mutex_unlock(&fbxatm_mutex); + return ret; +} + +EXPORT_SYMBOL(fbxatm_unregister_device); + +/* + * actually free device memory + */ +void __fbxatm_free_device(struct fbxatm_dev *adev) +{ + kfree(adev->name); + kfree(adev); +} + +/* + * free device memory + */ +void fbxatm_free_device(struct fbxatm_dev *adev) +{ + /* actual free is done in sysfs release */ +// class_device_put(&adev->class_dev); +} + +EXPORT_SYMBOL(fbxatm_free_device); + +/* + * device callback when oam cell comes in + */ +void fbxatm_netifrx_oam(struct fbxatm_dev *adev, struct fbxatm_oam_cell *cell) +{ + bool link_up; + + spin_lock_bh(&adev->dev_link_lock); + link_up = test_bit(FBXATM_DEV_F_LINK_UP, &adev->dev_flags); + spin_unlock_bh(&adev->dev_link_lock); + + if (!link_up || adev->rx_oam_cells_count > 8) { + kfree(cell); + return; + } + + adev->rx_oam_cells_count++; + spin_lock_bh(&adev->oam_list_lock); + list_add_tail(&cell->next, &adev->rx_oam_cells); + spin_unlock_bh(&adev->oam_list_lock); + schedule_work(&adev->oam_work); +} + +EXPORT_SYMBOL(fbxatm_netifrx_oam); + +/* + * set user ops on vcc + */ +void fbxatm_set_uops(struct fbxatm_vcc *vcc, + const struct fbxatm_vcc_uops *user_ops, + void *user_cb_data) +{ + spin_lock_bh(&vcc->user_ops_lock); + vcc->user_ops = user_ops; + vcc->user_cb_data = user_cb_data; + spin_unlock_bh(&vcc->user_ops_lock); +} + +/* + * bind to given vcc + */ +static struct fbxatm_vcc * +__fbxatm_bind_to_vcc(const struct fbxatm_vcc_id *id, + enum fbxatm_vcc_user user) +{ + struct fbxatm_vcc *vcc; + + vcc = __fbxatm_vcc_get_by_id(id); + if (IS_ERR(vcc)) + return vcc; + + if (vcc->user != FBXATM_VCC_USER_NONE) + return ERR_PTR(-EBUSY); + + vcc->user = user; + return vcc; +} + +/* + * bind to given vcc + */ +struct fbxatm_vcc * +fbxatm_bind_to_vcc(const struct fbxatm_vcc_id *id, + enum fbxatm_vcc_user user) +{ + struct fbxatm_vcc *vcc; + + mutex_lock(&fbxatm_mutex); + vcc = __fbxatm_bind_to_vcc(id, user); + mutex_unlock(&fbxatm_mutex); + return vcc; +} + +/* + * unbind from given vcc + */ +void fbxatm_unbind_vcc(struct fbxatm_vcc *vcc) +{ + spin_lock_bh(&vcc->user_ops_lock); + vcc->user_ops = NULL; + vcc->user_cb_data = NULL; + vcc->user = FBXATM_VCC_USER_NONE; + spin_unlock_bh(&vcc->user_ops_lock); +} + +/* + * open vcc on given device + */ +static int __fbxatm_dev_open_vcc(const struct fbxatm_vcc_id *id, + const struct fbxatm_vcc_qos *qos) +{ + struct fbxatm_vcc *vcc; + struct fbxatm_dev *adev; + int ret, count; + + /* check vpi/vci unicity */ + vcc = __fbxatm_vcc_get_by_id(id); + if (!IS_ERR(vcc)) + return -EBUSY; + + /* sanity check */ + switch (qos->traffic_class) { + case FBXATM_VCC_TC_UBR_NO_PCR: + case FBXATM_VCC_TC_UBR: + break; + default: + return -EINVAL; + } + + if (qos->max_sdu > 4096) + return -EINVAL; + + if (!qos->max_buffered_pkt || qos->max_buffered_pkt > 128) + return -EINVAL; + + adev = __fbxatm_dev_get_by_index(id->dev_idx); + if (!adev) + return -ENODEV; + + /* make sure device accept requested priorities */ + if (qos->priority > adev->max_priority) + return -EINVAL; + + if (qos->rx_priority > adev->max_rx_priority) + return -EINVAL; + + /* don't open more vcc than device can handle */ + count = 0; + list_for_each_entry(vcc, &adev->vcc_list, next) + count++; + if (count + 1 > adev->max_vcc) + return -ENOSPC; + + /* make sure vpi/vci is valid for this device */ + if ((~adev->vpi_mask & id->vpi) || (~adev->vci_mask & id->vci)) + return -EINVAL; + + if (!try_module_get(adev->ops->owner)) + return -ENODEV; + + /* ok, create vcc */ + vcc = kzalloc(sizeof (*vcc), GFP_KERNEL); + if (!vcc) + return -ENOMEM; + + spin_lock_init(&vcc->user_ops_lock); + spin_lock_init(&vcc->tx_lock); + vcc->vpi = id->vpi; + vcc->vci = id->vci; + vcc->adev = adev; + vcc->to_drop_pkt = 0; + memcpy(&vcc->qos, qos, sizeof (*qos)); + + ret = adev->ops->open(vcc); + if (ret) { + kfree(vcc); + return ret; + } + + /* inherit vcc link state from device */ + spin_lock_bh(&adev->vcc_list_lock); + if (test_bit(FBXATM_DEV_F_LINK_UP, &adev->dev_flags)) + set_bit(FBXATM_VCC_F_LINK_UP, &vcc->vcc_flags); + list_add_tail(&vcc->next, &adev->vcc_list); + spin_unlock_bh(&adev->vcc_list_lock); + + return ret; +} + +/* + * find device & open vcc on it + */ +static int fbxatm_dev_open_vcc(const struct fbxatm_vcc_id *id, + const struct fbxatm_vcc_qos *qos) +{ + int ret; + + mutex_lock(&fbxatm_mutex); + ret = __fbxatm_dev_open_vcc(id, qos); + mutex_unlock(&fbxatm_mutex); + return ret; +} + +/* + * close vcc on device + */ +static int __fbxatm_dev_close_vcc(struct fbxatm_vcc *vcc) +{ + struct fbxatm_dev *adev; + + if (vcc->user != FBXATM_VCC_USER_NONE) + return -EBUSY; + adev = vcc->adev; + module_put(adev->ops->owner); + adev->ops->close(vcc); + spin_lock_bh(&adev->vcc_list_lock); + list_del(&vcc->next); + spin_unlock_bh(&adev->vcc_list_lock); + kfree(vcc); + return 0; +} + +/* + * find device & vcc and close it + */ +static int fbxatm_dev_close_vcc(const struct fbxatm_vcc_id *id) +{ + struct fbxatm_vcc *vcc; + int ret; + + mutex_lock(&fbxatm_mutex); + vcc = __fbxatm_vcc_get_by_id(id); + if (IS_ERR(vcc)) + ret = PTR_ERR(vcc); + else + ret = __fbxatm_dev_close_vcc(vcc); + mutex_unlock(&fbxatm_mutex); + return ret; +} + +/* + * ioctl handler + */ +static int fbxatm_vcc_ioctl(struct socket *sock, + unsigned int cmd, void __user *useraddr) +{ + int ret; + + ret = 0; + + switch (cmd) { + case FBXATM_IOCADD: + case FBXATM_IOCDEL: + { + struct fbxatm_vcc_params params; + + if (copy_from_user(¶ms, useraddr, sizeof(params))) + return -EFAULT; + + if (cmd == FBXATM_IOCADD) + ret = fbxatm_dev_open_vcc(¶ms.id, ¶ms.qos); + else + ret = fbxatm_dev_close_vcc(¶ms.id); + break; + } + + case FBXATM_IOCGET: + { + struct fbxatm_vcc_params params; + struct fbxatm_vcc *vcc; + + if (copy_from_user(¶ms, useraddr, sizeof(params))) + return -EFAULT; + + mutex_lock(&fbxatm_mutex); + vcc = __fbxatm_vcc_get_by_id(¶ms.id); + if (IS_ERR(vcc)) + ret = PTR_ERR(vcc); + else { + memcpy(¶ms.qos, &vcc->qos, sizeof (vcc->qos)); + params.user = vcc->user; + } + mutex_unlock(&fbxatm_mutex); + + if (ret) + return ret; + + if (copy_to_user(useraddr, ¶ms, sizeof(params))) + return -EFAULT; + break; + } + + case FBXATM_IOCOAMPING: + { + struct fbxatm_oam_ping ping; + + if (copy_from_user(&ping.req, useraddr, sizeof(ping.req))) + return -EFAULT; + + ret = do_oam_ping(&ping); + if (ret) + return ret; + + if (copy_to_user(useraddr, &ping.req, sizeof(ping.req))) + return -EFAULT; + break; + } + + case FBXATM_IOCDROP: + { + struct fbxatm_vcc_drop_params params; + struct fbxatm_vcc *vcc; + + if (copy_from_user(¶ms, useraddr, sizeof(params))) + return -EFAULT; + + mutex_lock(&fbxatm_mutex); + vcc = __fbxatm_vcc_get_by_id(¶ms.id); + if (IS_ERR(vcc)) + ret = PTR_ERR(vcc); + else { + spin_lock_bh(&vcc->user_ops_lock); + vcc->to_drop_pkt += params.drop_count; + spin_unlock_bh(&vcc->user_ops_lock); + ret = 0; + } + mutex_unlock(&fbxatm_mutex); + + if (ret) + return ret; + break; + } + + default: + return -ENOIOCTLCMD; + } + + return ret; +} + +static struct fbxatm_ioctl fbxatm_vcc_ioctl_ops = { + .handler = fbxatm_vcc_ioctl, + .owner = THIS_MODULE, +}; + +int __init fbxatm_vcc_init(void) +{ + fbxatm_register_ioctl(&fbxatm_vcc_ioctl_ops); + return 0; +} + +void fbxatm_vcc_exit(void) +{ + fbxatm_unregister_ioctl(&fbxatm_vcc_ioctl_ops); +} diff -Nruw linux-5.15.42-fbx/net/fbxatm./fbxatm_pppoa.c linux-5.15.42-fbx/net/fbxatm/fbxatm_pppoa.c --- linux-5.15.42-fbx/net/fbxatm./fbxatm_pppoa.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxatm/fbxatm_pppoa.c 2023-02-27 17:13:18.537620494 +0100 @@ -0,0 +1,500 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "fbxatm_priv.h" + +#define PFX "fbxatm_pppoa: " + +static LIST_HEAD(fbxatm_pppoa_vcc_list); +static DEFINE_MUTEX(fbxatm_pppoa_mutex); + +/* + * private data for pppoa vcc + */ +struct fbxatm_pppoa_vcc { + struct fbxatm_vcc *vcc; + struct fbxatm_pppoa_vcc_params params; + enum fbxatm_pppoa_encap cur_encap; + + /* used by ppp */ + int flags; + struct ppp_channel chan; + struct tasklet_struct tx_done_tasklet; + + struct socket *sock; + struct list_head next; +}; + + +#define __LLC_HDR 0xfe, 0xfe, 0x03 +#define __NLPID_PPP 0xcf +#define __PPP_LCP 0xc0, 0x21 + +static const u8 llc_ppp[] = { __LLC_HDR, __NLPID_PPP }; +static const u8 llc_ppp_lcp[] = { __LLC_HDR, __NLPID_PPP, __PPP_LCP }; +static const u8 lcp[] = { __PPP_LCP }; + + +/* + * fbxatm stack receive callback, called from softirq + */ +static void vcc_rx_callback(struct sk_buff *skb, void *data) +{ + struct fbxatm_pppoa_vcc *priv; + + priv = (struct fbxatm_pppoa_vcc *)data; + + if (priv->chan.ppp == NULL) { + dev_kfree_skb(skb); + return; + } + + switch (priv->cur_encap) { + case FBXATM_EPPPOA_VCMUX: + /* nothing to do */ + break; + + case FBXATM_EPPPOA_LLC: + /* make sure llc header is present and remove */ + if (skb->len < sizeof(llc_ppp) || + memcmp(skb->data, llc_ppp, sizeof(llc_ppp))) + goto error; + skb_pull(skb, sizeof(llc_ppp)); + break; + + case FBXATM_EPPPOA_AUTODETECT: + /* look for lcp, with an llc header or not */ + if (skb->len >= sizeof(llc_ppp_lcp) && + !memcmp(skb->data, llc_ppp_lcp, sizeof(llc_ppp_lcp))) { + priv->cur_encap = FBXATM_EPPPOA_LLC; + skb_pull(skb, sizeof(llc_ppp)); + break; + } + + if (skb->len >= sizeof(lcp) && + !memcmp(skb->data, lcp, sizeof (lcp))) { + priv->cur_encap = FBXATM_EPPPOA_VCMUX; + break; + } + + /* no match */ + goto error; + } + + ppp_input(&priv->chan, skb); + return; + +error: + dev_kfree_skb(skb); + ppp_input_error(&priv->chan, 0); +} + +/* + * tx done tasklet callback + */ +static void tx_done_tasklet_func(unsigned long data) +{ + struct fbxatm_pppoa_vcc *priv = (struct fbxatm_pppoa_vcc *)data; + ppp_output_wakeup(&priv->chan); +} + +/* + * fbxatm stack tx done callback, called from softirq + */ +static void vcc_tx_done_callback(void *data) +{ + struct fbxatm_pppoa_vcc *priv = data; + + /* schedule taslket to avoid re-entering in ppp_xmit */ + tasklet_schedule(&priv->tx_done_tasklet); +} + +/* + * vcc user ops, callback from fbxatm stack + */ +static const struct fbxatm_vcc_uops fbxatm_pppoa_vcc_uops = { + .rx_pkt = vcc_rx_callback, + .tx_done = vcc_tx_done_callback, +}; + +/* + * ppp xmit callback + */ +static int ppp_xmit(struct ppp_channel *chan, struct sk_buff *skb) +{ + struct fbxatm_pppoa_vcc *priv; + struct sk_buff *to_send_skb, *nskb; + int ret; + + priv = (struct fbxatm_pppoa_vcc *)chan->private; + + /* MAYBE FIXME: handle protocol compression ? */ + + to_send_skb = skb; + nskb = NULL; + + /* send using vcmux encap if not yet known */ + switch (priv->cur_encap) { + case FBXATM_EPPPOA_AUTODETECT: + case FBXATM_EPPPOA_VCMUX: + break; + + case FBXATM_EPPPOA_LLC: + { + unsigned int headroom; + + headroom = skb_headroom(skb); + + if (headroom < sizeof(llc_ppp)) { + headroom += sizeof(llc_ppp); + nskb = skb_realloc_headroom(skb, headroom); + if (!nskb) { + dev_kfree_skb(skb); + return 1; + } + to_send_skb = nskb; + } + + skb_push(to_send_skb, sizeof(llc_ppp)); + memcpy(to_send_skb->data, llc_ppp, sizeof(llc_ppp)); + break; + } + } + + ret = fbxatm_send(priv->vcc, to_send_skb); + if (ret) { + /* packet was not sent, queue is full, free any newly + * created skb */ + if (nskb) + dev_kfree_skb(nskb); + else { + /* restore original skb if we altered it */ + if (priv->cur_encap == FBXATM_EPPPOA_LLC) + skb_pull(skb, sizeof(llc_ppp)); + } + + /* suspend ppp output, will be woken up by + * ppp_output_wakeup, we're called under ppp lock so + * we can't race with tx done */ + return 0; + } + + /* packet was sent, if we sent a copy free the original */ + if (nskb) + dev_kfree_skb(skb); + + if (fbxatm_vcc_queue_full(priv->vcc)) + ppp_output_stop(chan); + + return 1; +} + +static int ppp_ioctl(struct ppp_channel *chan, unsigned int cmd, + unsigned long arg) +{ + struct fbxatm_pppoa_vcc *priv; + int ret; + + priv = (struct fbxatm_pppoa_vcc *)chan->private; + + switch (cmd) { + case PPPIOCGFLAGS: + ret = put_user(priv->flags, (int __user *)arg) ? -EFAULT : 0; + break; + case PPPIOCSFLAGS: + ret = get_user(priv->flags, (int __user *) arg) ? -EFAULT : 0; + break; + default: + ret = -ENOTTY; + break; + } + return ret; +} + +static struct ppp_channel_ops fbxatm_pppoa_ppp_ops = { + .start_xmit = ppp_xmit, + .ioctl = ppp_ioctl, +}; + +/* + * find pppoa vcc from id + */ +static struct fbxatm_pppoa_vcc * +__find_pppoa_vcc(const struct fbxatm_vcc_id *id) +{ + struct fbxatm_pppoa_vcc *priv; + int found; + + /* find it */ + found = 0; + list_for_each_entry(priv, &fbxatm_pppoa_vcc_list, next) { + if (priv->vcc->adev->ifindex != id->dev_idx || + priv->vcc->vpi != id->vpi || + priv->vcc->vci != id->vci) + continue; + + found = 1; + break; + } + + if (found) + return priv; + return NULL; +} + +/* + * find pppoa vcc from socket + */ +static struct fbxatm_pppoa_vcc * +__find_pppoa_vcc_from_socket(const struct socket *sock) +{ + struct fbxatm_pppoa_vcc *priv; + int found; + + /* find it */ + found = 0; + list_for_each_entry(priv, &fbxatm_pppoa_vcc_list, next) { + if (priv->sock != sock) + continue; + + found = 1; + break; + } + + if (found) + return priv; + return NULL; +} + +/* + * bind to given vcc + */ +static int __bind_pppoa_vcc(const struct fbxatm_pppoa_vcc_params *params, + struct socket *sock) +{ + struct fbxatm_pppoa_vcc *priv; + int ret; + + /* sanity check */ + switch (params->encap) { + case FBXATM_EPPPOA_AUTODETECT: + case FBXATM_EPPPOA_VCMUX: + case FBXATM_EPPPOA_LLC: + break; + default: + return -EINVAL; + } + + priv = kzalloc(sizeof(*priv), GFP_KERNEL); + if (!priv) + return -ENOMEM; + memcpy(&priv->params, params, sizeof (*params)); + priv->cur_encap = params->encap; + + /* bind to vcc */ + priv->vcc = fbxatm_bind_to_vcc(¶ms->id, FBXATM_VCC_USER_PPPOA); + if (IS_ERR(priv->vcc)) { + ret = PTR_ERR(priv->vcc); + goto fail; + } + + fbxatm_set_uops(priv->vcc, &fbxatm_pppoa_vcc_uops, priv); + priv->chan.private = priv; + priv->chan.ops = &fbxatm_pppoa_ppp_ops; + priv->chan.mtu = priv->vcc->qos.max_sdu - PPP_HDRLEN; + priv->chan.hdrlen = 0; + priv->sock = sock; + tasklet_init(&priv->tx_done_tasklet, tx_done_tasklet_func, + (unsigned long)priv); + + if (priv->cur_encap != FBXATM_EPPPOA_VCMUX) { + /* assume worst case if vcmux is not forced */ + priv->chan.mtu -= sizeof(llc_ppp); + priv->chan.hdrlen += sizeof(llc_ppp); + } + + priv->chan.mtu -= priv->vcc->adev->tx_headroom; + priv->chan.hdrlen += priv->vcc->adev->tx_headroom; + + ret = ppp_register_channel(&priv->chan); + if (ret) + goto fail_unbind; + list_add_tail(&priv->next, &fbxatm_pppoa_vcc_list); + return 0; + +fail_unbind: + fbxatm_unbind_vcc(priv->vcc); + +fail: + kfree(priv); + return ret; +} + +/* + * bind to given vcc + */ +static int bind_pppoa_vcc(const struct fbxatm_pppoa_vcc_params *params, + struct socket *sock) +{ + int ret; + + mutex_lock(&fbxatm_pppoa_mutex); + ret = __bind_pppoa_vcc(params, sock); + mutex_unlock(&fbxatm_pppoa_mutex); + return ret; +} + +/* + * unbind from given vcc + */ +static void __unbind_pppoa_vcc(struct fbxatm_pppoa_vcc *priv) +{ + ppp_unregister_channel(&priv->chan); + fbxatm_unbind_vcc(priv->vcc); + tasklet_kill(&priv->tx_done_tasklet); + list_del(&priv->next); + kfree(priv); +} + +/* + * unbind from given vcc + */ +static int unbind_pppoa_vcc(const struct fbxatm_pppoa_vcc_params *params) +{ + struct fbxatm_pppoa_vcc *priv; + int ret; + + ret = 0; + mutex_lock(&fbxatm_pppoa_mutex); + priv = __find_pppoa_vcc(¶ms->id); + if (!priv) + ret = -ENOENT; + else + __unbind_pppoa_vcc(priv); + mutex_unlock(&fbxatm_pppoa_mutex); + return ret; +} + +/* + * pppoa related ioctl handler + */ +static int fbxatm_pppoa_ioctl(struct socket *sock, + unsigned int cmd, void __user *useraddr) +{ + int ret; + + ret = 0; + + switch (cmd) { + case FBXATM_PPPOA_IOCADD: + case FBXATM_PPPOA_IOCDEL: + { + struct fbxatm_pppoa_vcc_params params; + + if (copy_from_user(¶ms, useraddr, sizeof(params))) + return -EFAULT; + + if (cmd == FBXATM_PPPOA_IOCADD) + ret = bind_pppoa_vcc(¶ms, sock); + else + ret = unbind_pppoa_vcc(¶ms); + break; + } + + case FBXATM_PPPOA_IOCGET: + { + struct fbxatm_pppoa_vcc_params params; + struct fbxatm_pppoa_vcc *priv; + + if (copy_from_user(¶ms, useraddr, sizeof(params))) + return -EFAULT; + + mutex_lock(&fbxatm_pppoa_mutex); + priv = __find_pppoa_vcc(¶ms.id); + if (!priv) + ret = -ENOENT; + else + memcpy(¶ms, &priv->params, sizeof (params)); + mutex_unlock(&fbxatm_pppoa_mutex); + + if (ret) + return ret; + + if (copy_to_user(useraddr, ¶ms, sizeof(params))) + return -EFAULT; + break; + } + + case PPPIOCGCHAN: + case PPPIOCGUNIT: + { + struct fbxatm_pppoa_vcc *priv; + int value; + + value = 0; + + mutex_lock(&fbxatm_pppoa_mutex); + priv = __find_pppoa_vcc_from_socket(sock); + if (!priv) + ret = -ENOENT; + else { + if (cmd == PPPIOCGCHAN) + value = ppp_channel_index(&priv->chan); + else + value = ppp_unit_number(&priv->chan); + } + mutex_unlock(&fbxatm_pppoa_mutex); + + if (ret) + return ret; + + if (copy_to_user(useraddr, &value, sizeof(value))) + ret = -EFAULT; + break; + } + + default: + return -ENOIOCTLCMD; + } + + return ret; +} + +/* + * pppoa related release handler + */ +static void fbxatm_pppoa_release(struct socket *sock) +{ + struct fbxatm_pppoa_vcc *priv; + + mutex_lock(&fbxatm_pppoa_mutex); + priv = __find_pppoa_vcc_from_socket(sock); + if (priv) + __unbind_pppoa_vcc(priv); + mutex_unlock(&fbxatm_pppoa_mutex); +} + +static struct fbxatm_ioctl fbxatm_pppoa_ioctl_ops = { + .handler = fbxatm_pppoa_ioctl, + .release = fbxatm_pppoa_release, + .owner = THIS_MODULE, +}; + +int __init fbxatm_pppoa_init(void) +{ + fbxatm_register_ioctl(&fbxatm_pppoa_ioctl_ops); + return 0; +} + +void fbxatm_pppoa_exit(void) +{ + fbxatm_unregister_ioctl(&fbxatm_pppoa_ioctl_ops); +} diff -Nruw linux-5.15.42-fbx/net/fbxatm./fbxatm_priv.h linux-5.15.42-fbx/net/fbxatm/fbxatm_priv.h --- linux-5.15.42-fbx/net/fbxatm./fbxatm_priv.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxatm/fbxatm_priv.h 2023-02-27 17:10:06.964489879 +0100 @@ -0,0 +1,67 @@ +#ifndef FBXATM_PRIV_H_ +#define FBXATM_PRIV_H_ + +#include +#include + +extern struct list_head fbxatm_dev_list; +extern struct mutex fbxatm_mutex; + +int __init fbxatm_vcc_init(void); + +void fbxatm_vcc_exit(void); + +void __fbxatm_free_device(struct fbxatm_dev *adev); + +int __init fbxatm_2684_init(void); + +void fbxatm_2684_exit(void); + +/* + * pppoa + */ +#ifdef CONFIG_PPP +int __init fbxatm_pppoa_init(void); + +void fbxatm_pppoa_exit(void); +#else +static inline int fbxatm_pppoa_init(void) { return 0; }; +static inline void fbxatm_pppoa_exit(void) { }; +#endif + +/* + * procfs stuff + */ +int fbxatm_proc_dev_register(struct fbxatm_dev *dev); + +void fbxatm_proc_dev_deregister(struct fbxatm_dev *dev); + +struct proc_dir_entry *fbxatm_proc_misc_register(const char *path); + +void fbxatm_proc_misc_deregister(const char *path); + +int __init fbxatm_procfs_init(void); + +void fbxatm_procfs_exit(void); + + +/* + * sysfs stuff + */ +int __init fbxatm_sysfs_init(void); + +void fbxatm_sysfs_exit(void); + +void fbxatm_dev_change_sysfs(struct fbxatm_dev *adev); + +int fbxatm_register_dev_sysfs(struct fbxatm_dev *adev); + +void fbxatm_unregister_dev_sysfs(struct fbxatm_dev *adev); + + +/* + * crc10 + */ +u16 crc10(u16 crc, const u8 *buffer, size_t len); + +#endif /* !FBXATM_PRIV_H_ */ diff -Nruw linux-5.15.42-fbx/net/fbxatm./fbxatm_procfs.c linux-5.15.42-fbx/net/fbxatm/fbxatm_procfs.c --- linux-5.15.42-fbx/net/fbxatm./fbxatm_procfs.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxatm/fbxatm_procfs.c 2023-02-27 17:17:38.392579798 +0100 @@ -0,0 +1,340 @@ +#include +#include +#include +#include +#include +#include +#include "fbxatm_priv.h" + +static struct proc_dir_entry *fbxatm_proc_root; + +#define FMT_U64 "%llu" + +/* + * /proc/net/atm/vcc + */ +static int vcc_seq_show(struct seq_file *seq, void *v) +{ + struct fbxatm_vcc *vcc; + + if (v == (void *)SEQ_START_TOKEN) { + seq_printf(seq, "%s", + "Itf.VPI.VCI USER TC MaxSDU RX TX RXAAL5 " + "TXAAL5\n"); + return 0; + } + + vcc = (struct fbxatm_vcc *)v; + seq_printf(seq, "%d.%u.%u %d ", vcc->adev->ifindex, + vcc->vpi, vcc->vci, vcc->user); + seq_printf(seq, "%u %u ", vcc->qos.traffic_class, vcc->qos.max_sdu); + seq_printf(seq, FMT_U64 " " FMT_U64 " %u %u\n", + vcc->stats.rx_bytes, + vcc->stats.tx_bytes, + vcc->stats.rx_aal5, + vcc->stats.tx_aal5); + return 0; +} + +static void *vcc_seq_start(struct seq_file *seq, loff_t *pos) +{ + struct fbxatm_dev *adev; + struct fbxatm_vcc *tvcc, *vcc; + int count; + + mutex_lock(&fbxatm_mutex); + + if (!*pos) + return SEQ_START_TOKEN; + + count = 1; + tvcc = NULL; + list_for_each_entry(adev, &fbxatm_dev_list, next) { + list_for_each_entry(vcc, &adev->vcc_list, next) { + if (count == *pos) { + tvcc = vcc; + break; + } + count++; + } + } + + return tvcc; +} + +static void *vcc_seq_next(struct seq_file *seq, void *v, loff_t *pos) +{ + struct fbxatm_dev *adev; + struct fbxatm_vcc *last_vcc, *vcc, *tvcc; + + if (v == (void *)SEQ_START_TOKEN) { + if (list_empty(&fbxatm_dev_list)) + return NULL; + adev = list_entry(fbxatm_dev_list.next, struct fbxatm_dev, + next); + last_vcc = NULL; + } else { + last_vcc = (struct fbxatm_vcc *)v; + adev = last_vcc->adev; + } + + tvcc = NULL; + list_for_each_entry_continue(adev, &fbxatm_dev_list, next) { + + if (last_vcc && last_vcc->adev == adev) { + vcc = last_vcc; + list_for_each_entry_continue(vcc, &adev->vcc_list, + next) { + tvcc = vcc; + break; + } + } else { + list_for_each_entry(vcc, &adev->vcc_list, next) { + tvcc = vcc; + break; + } + } + } + + (*pos)++; + return tvcc; +} + +static void vcc_seq_stop(struct seq_file *seq, void *v) +{ + mutex_unlock(&fbxatm_mutex); +} + +static const struct seq_operations vcc_seq_ops = { + .start = vcc_seq_start, + .next = vcc_seq_next, + .stop = vcc_seq_stop, + .show = vcc_seq_show, +}; + +static int vcc_seq_open(struct inode *inode, struct file *file) +{ + return seq_open(file, &vcc_seq_ops); +} + +static const struct proc_ops vcc_seq_fops = { + .proc_open = vcc_seq_open, + .proc_read = seq_read, + .proc_lseek = seq_lseek, + .proc_release = seq_release, +}; + +/* + * /proc/net/atm/dev + */ +static int adev_seq_show(struct seq_file *seq, void *v) +{ + struct fbxatm_dev *adev; + + if (v == (void *)SEQ_START_TOKEN) { + seq_printf(seq, "%s", + "Itf RX TX RXAAL5 TXAAL5 RXF4OAM TXF4OAM " + "RXF5OAM TXF5OAM RXBADOAM RXBADLLIDOAM " + "RXOTHEROAM RXDROPPED TXDROPNOLINK\n"); + return 0; + } + + adev = (struct fbxatm_dev *)v; + seq_printf(seq, "%d " FMT_U64 " " FMT_U64 " %u %u ", + adev->ifindex, + adev->stats.rx_bytes, + adev->stats.tx_bytes, + adev->stats.rx_aal5, + adev->stats.tx_aal5); + + seq_printf(seq, "%u %u %u %u %u %u %u %u %u\n", + adev->stats.rx_f4_oam, + adev->stats.tx_f4_oam, + + adev->stats.rx_f5_oam, + adev->stats.tx_f5_oam, + + adev->stats.rx_bad_oam, + adev->stats.rx_bad_llid_oam, + adev->stats.rx_other_oam, + adev->stats.rx_dropped, + adev->stats.tx_drop_nolink); + return 0; +} + +static void *adev_seq_start(struct seq_file *seq, loff_t *pos) +{ + struct fbxatm_dev *adev, *tadev; + int count; + + mutex_lock(&fbxatm_mutex); + + if (!*pos) + return SEQ_START_TOKEN; + + count = 1; + tadev = NULL; + list_for_each_entry(adev, &fbxatm_dev_list, next) { + if (count == *pos) { + tadev = adev; + break; + } + count++; + } + + return tadev; +} + +static void *adev_seq_next(struct seq_file *seq, void *v, loff_t *pos) +{ + struct fbxatm_dev *adev, *tadev; + + if (v == (void *)SEQ_START_TOKEN) { + if (list_empty(&fbxatm_dev_list)) + return NULL; + adev = list_entry(fbxatm_dev_list.next, struct fbxatm_dev, + next); + } else + adev = (struct fbxatm_dev *)v; + + tadev = NULL; + list_for_each_entry_continue(adev, &fbxatm_dev_list, next) { + tadev = adev; + break; + } + + (*pos)++; + return tadev; +} + +static void adev_seq_stop(struct seq_file *seq, void *v) +{ + mutex_unlock(&fbxatm_mutex); +} + +static const struct seq_operations adev_seq_ops = { + .start = adev_seq_start, + .next = adev_seq_next, + .stop = adev_seq_stop, + .show = adev_seq_show, +}; + +static int adev_seq_open(struct inode *inode, struct file *file) +{ + return seq_open(file, &adev_seq_ops); +} + +static const struct proc_ops adev_seq_fops = { + .proc_open = adev_seq_open, + .proc_read = seq_read, + .proc_lseek = seq_lseek, + .proc_release = seq_release, +}; + + +/* + * create device private entry in proc + */ +int fbxatm_proc_dev_register(struct fbxatm_dev *adev) +{ + adev->dev_proc_entry = proc_mkdir(adev->name, fbxatm_proc_root); + if (!adev->dev_proc_entry) + return 1; + return 0; +} + + +void fbxatm_proc_dev_deregister(struct fbxatm_dev *adev) +{ + remove_proc_entry(adev->name, fbxatm_proc_root); +} + +/* + * create misc private entry in proc + */ +struct proc_dir_entry *fbxatm_proc_misc_register(const char *path) +{ + return proc_mkdir(path, fbxatm_proc_root); +} + +void fbxatm_proc_misc_deregister(const char *path) +{ + remove_proc_entry(path, fbxatm_proc_root); +} + +/* + * list of proc entries for fbxatm + */ +static struct fbxatm_proc_entry { + char *name; + const struct proc_ops *proc_fops; + struct proc_dir_entry *dirent; + +} fbxatm_proc_entries[] = { + { + .name = "dev", + .proc_fops = &adev_seq_fops, + }, + { + .name = "vcc", + .proc_fops = &vcc_seq_fops, + }, +}; + +static void fbxatm_remove_proc(void) +{ + unsigned int i; + + for (i = 0; i < ARRAY_SIZE(fbxatm_proc_entries); i++) { + struct fbxatm_proc_entry *e; + + e = &fbxatm_proc_entries[i]; + + if (!e->dirent) + continue; + remove_proc_entry(e->name, fbxatm_proc_root); + e->dirent = NULL; + } + + remove_proc_entry("fbxatm", init_net.proc_net); +} + +int __init fbxatm_procfs_init(void) +{ + unsigned int i; + int ret; + + fbxatm_proc_root = proc_net_mkdir(&init_net, "fbxatm", + init_net.proc_net); + if (!fbxatm_proc_root) { + ret = -ENOMEM; + goto err; + } + + for (i = 0; i < ARRAY_SIZE(fbxatm_proc_entries); i++) { + struct proc_dir_entry *dirent; + struct fbxatm_proc_entry *e; + + e = &fbxatm_proc_entries[i]; + + dirent = proc_create_data(e->name, S_IRUGO, fbxatm_proc_root, + e->proc_fops, NULL); + if (!dirent) { + ret = -ENOMEM; + goto err; + } + e->dirent = dirent; + } + + return 0; + +err: + if (fbxatm_proc_root) + fbxatm_remove_proc(); + return ret; +} + +void fbxatm_procfs_exit(void) +{ + fbxatm_remove_proc(); +} diff -Nruw linux-5.15.42-fbx/net/fbxatm./fbxatm_remote.c linux-5.15.42-fbx/net/fbxatm/fbxatm_remote.c --- linux-5.15.42-fbx/net/fbxatm./fbxatm_remote.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxatm/fbxatm_remote.c 2023-02-27 17:10:06.968489986 +0100 @@ -0,0 +1,808 @@ +#include +#include +#include +#include +#include + +#define PFX "fbxatm_remote: " +#define MAX_PORTS 64 +#define MAX_RETRANS 10 +#define RETRANS_TIMER (HZ / 3) + +struct fbxatm_remote_ctx; + +struct fbxatm_remote_sock { + spinlock_t lock; + struct fbxatm_remote_sockaddr addr; + + struct timer_list retrans_timer; + unsigned int retrans_count; + + struct sk_buff *pending; + + /* 1 for output */ + int direction; + + /* wait ack for output, send ack for input */ + int has_ack; + + u8 seq; + + struct fbxatm_remote_ctx *ctx; + struct list_head next; +}; + +struct fbxatm_remote_ctx { + spinlock_t lock; + int dead; + + struct net_device *netdev; + u8 remote_mac[ETH_ALEN]; + u32 session_id; + + struct fbxatm_remote_sock *socks_per_lport[MAX_PORTS]; + struct sk_buff *pending_zero_ack; + + void (*timeout_cb)(void *priv); + void *priv; + + struct list_head next; +}; + +static struct list_head ctx_list; +static DEFINE_SPINLOCK(ctx_list_lock); +static void (*unknown_cb)(struct net_device *, + struct sk_buff *); + +unsigned int fbxatm_remote_headroom(struct fbxatm_remote_ctx *ctx) +{ + return sizeof (struct fbxatm_remote_hdr) + + ctx->netdev->hard_header_len + ctx->netdev->needed_headroom; +} + +EXPORT_SYMBOL(fbxatm_remote_headroom); + +/* + * allocate skb with enough headroom for header + */ +struct sk_buff *fbxatm_remote_alloc_skb(struct fbxatm_remote_ctx *ctx, + unsigned int size) +{ + struct sk_buff *skb; + unsigned int hroom_size; + + hroom_size = fbxatm_remote_headroom(ctx); + skb = dev_alloc_skb(hroom_size + size); + if (!skb) + return NULL; + skb_reserve(skb, hroom_size); + return skb; +} + +EXPORT_SYMBOL(fbxatm_remote_alloc_skb); + +/* + * return sock addr + */ +void fbxatm_remote_sock_getaddr(struct fbxatm_remote_sock *sock, + struct fbxatm_remote_sockaddr *addr) +{ + memcpy(addr, &sock->addr, sizeof (*addr)); +} + +EXPORT_SYMBOL(fbxatm_remote_sock_getaddr); + +/* + * socket retrans timer callback + */ +static void sock_timer(struct timer_list *timer) +{ + struct fbxatm_remote_sock *sock; + struct sk_buff *skb; + + sock = container_of(timer, struct fbxatm_remote_sock, retrans_timer); + + spin_lock_bh(&sock->ctx->lock); + spin_lock(&sock->lock); + + if (!sock->addr.infinite_retry && sock->retrans_count >= MAX_RETRANS) { + printk(KERN_ERR PFX "retrans max reached\n"); + sock->ctx->dead = 1; + dev_kfree_skb(sock->pending); + sock->pending = NULL; + if (sock->ctx->timeout_cb) + sock->ctx->timeout_cb(sock->ctx->priv); + spin_unlock(&sock->lock); + spin_unlock_bh(&sock->ctx->lock); + return; + } + + sock->retrans_count++; + sock->retrans_timer.expires = jiffies + RETRANS_TIMER; + + skb = skb_clone(sock->pending, GFP_ATOMIC); + if (skb) + dev_queue_xmit(skb); + add_timer(&sock->retrans_timer); + + spin_unlock(&sock->lock); + spin_unlock_bh(&sock->ctx->lock); +} + +/* + * append header for given socket + */ +static int append_tx_header(struct fbxatm_remote_sock *sock, + struct sk_buff *skb) +{ + struct fbxatm_remote_hdr *hdr; + unsigned int needed; + + needed = skb->dev->hard_header_len + skb->dev->needed_headroom + + sizeof (*hdr); + + if (unlikely(skb_headroom(skb) < needed)) { + if (net_ratelimit()) + printk(KERN_WARNING PFX "headroom too small %d < %d\n", + skb_headroom(skb), needed); + } + + if (skb_cow_head(skb, needed)) + return 1; + + hdr = (struct fbxatm_remote_hdr *)skb_push(skb, sizeof (*hdr)); + skb_set_network_header(skb, 0); + + put_unaligned(htonl(FBXATM_REMOTE_MAGIC), &hdr->magic); + if (sock->direction == 1) { + /* output */ + hdr->flags = 0; + } else { + /* input */ + hdr->flags = FBXATM_RFLAGS_ACK; + } + hdr->seq = sock->seq; + put_unaligned(htons(skb->len), &hdr->len); + put_unaligned(sock->addr.lport, &hdr->sport); + put_unaligned(sock->addr.dport, &hdr->dport); + + put_unaligned(sock->addr.mtype, &hdr->mtype); + put_unaligned(sock->ctx->session_id, &hdr->session_id); + + skb->protocol = htons(ETH_P_FBXATM_REMOTE); + if (dev_hard_header(skb, skb->dev, ETH_P_FBXATM_REMOTE, + sock->ctx->remote_mac, NULL, skb->len) < 0) + return 1; + + return 0; +} + +/* + * purge socket send queue, advance next sequence + */ +void fbxatm_remote_sock_purge(struct fbxatm_remote_sock *sock) +{ + spin_lock_bh(&sock->lock); + if (sock->pending) { + del_timer_sync(&sock->retrans_timer); + dev_kfree_skb(sock->pending); + sock->pending = NULL; + sock->seq++; + } + spin_unlock_bh(&sock->lock); +} + +EXPORT_SYMBOL(fbxatm_remote_sock_purge); + +/* + * check if tx is pending on socket + */ +int fbxatm_remote_sock_pending(struct fbxatm_remote_sock *sock) +{ + int ret; + + spin_lock_bh(&sock->lock); + ret = sock->pending ? 1 : 0; + spin_unlock_bh(&sock->lock); + return ret; +} + +EXPORT_SYMBOL(fbxatm_remote_sock_pending); + +/* + * send skb on socket + */ +int fbxatm_remote_sock_send(struct fbxatm_remote_sock *sock, + struct sk_buff *skb) +{ + BUG_ON(sock->direction == 0); + + spin_lock_bh(&sock->lock); + skb->dev = sock->ctx->netdev; + + if (append_tx_header(sock, skb)) { + spin_unlock_bh(&sock->lock); + dev_kfree_skb(skb); + return 1; + } + + if (unlikely(sock->ctx->dead)) { + spin_unlock_bh(&sock->lock); + dev_kfree_skb(skb); + return 0; + } + + /* start retrans timer if needed */ + if (sock->has_ack) { + if (sock->pending) { + printk(KERN_ERR PFX "sock already has tx pending\n"); + spin_unlock_bh(&sock->lock); + dev_kfree_skb(skb); + return 1; + } + + sock->pending = skb_clone(skb, GFP_ATOMIC); + if (sock->pending) { + sock->retrans_count = 0; + sock->retrans_timer.expires = jiffies + RETRANS_TIMER; + add_timer(&sock->retrans_timer); + } + } + + spin_unlock_bh(&sock->lock); + dev_queue_xmit(skb); + + return 0; +} + +EXPORT_SYMBOL(fbxatm_remote_sock_send); + +/* + * send ack skb on socket + */ +int fbxatm_remote_sock_send_ack(struct fbxatm_remote_sock *sock, + struct sk_buff *skb) +{ + BUG_ON(sock->direction == 1); + + spin_lock_bh(&sock->lock); + + skb->dev = sock->ctx->netdev; + + if (append_tx_header(sock, skb)) { + spin_unlock_bh(&sock->lock); + dev_kfree_skb(skb); + return 1; + } + + if (unlikely(sock->ctx->dead)) { + spin_unlock_bh(&sock->lock); + dev_kfree_skb(skb); + return 0; + } + + skb->dev = sock->ctx->netdev; + sock->pending = skb_clone(skb, GFP_ATOMIC); + spin_unlock_bh(&sock->lock); + dev_queue_xmit(skb); + + return 0; +} + +EXPORT_SYMBOL(fbxatm_remote_sock_send_ack); + +/* + * send raw ack + */ +int fbxatm_remote_sock_send_raw_ack(struct fbxatm_remote_ctx *ctx, + struct net_device *dev, + u8 *remote_mac, + struct fbxatm_remote_hdr *hdr, + struct sk_buff *ack) +{ + struct fbxatm_remote_hdr *ack_hdr; + + if (skb_cow_head(ack, sizeof (*ack_hdr))) { + dev_kfree_skb(ack); + return 1; + } + + ack_hdr = (struct fbxatm_remote_hdr *)skb_push(ack, sizeof (*hdr)); + skb_set_network_header(ack, 0); + + put_unaligned(htonl(FBXATM_REMOTE_MAGIC), &ack_hdr->magic); + ack_hdr->flags = FBXATM_RFLAGS_ACK; + ack_hdr->seq = hdr->seq; + + put_unaligned(htons(ack->len), &ack_hdr->len); + put_unaligned(hdr->dport, &ack_hdr->sport); + put_unaligned(hdr->sport, &ack_hdr->dport); + put_unaligned(hdr->mtype, &ack_hdr->mtype); + put_unaligned(hdr->session_id, &ack_hdr->session_id); + + ack->dev = dev; + + if (dev_hard_header(ack, dev, ETH_P_FBXATM_REMOTE, + remote_mac, NULL, ack->len) < 0) { + dev_kfree_skb(ack); + return 1; + } + + if (hdr->dport == 0) { + kfree(ctx->pending_zero_ack); + ctx->pending_zero_ack = skb_clone(ack, GFP_ATOMIC); + } + + if (dev_queue_xmit(ack)) + return 1; + + return 0; +} + +EXPORT_SYMBOL(fbxatm_remote_sock_send_raw_ack); + +/* + * handle input data on 'in' direction socket + */ +static void __in_sock_rcv(struct fbxatm_remote_sock *sock, + struct sk_buff *skb, + struct fbxatm_remote_hdr *hdr) +{ + struct sk_buff *ack; + int ret; + + spin_lock(&sock->lock); + + if (sock->has_ack) { + u8 expected_seq; + + /* check for duplicate seq */ + if (hdr->seq == sock->seq) { + + /* got last packet again, ack has been + * lost, send it again if we have it */ + if (sock->pending) { + ack = skb_clone(sock->pending, GFP_ATOMIC); + if (ack) + dev_queue_xmit(ack); + } + + spin_unlock(&sock->lock); + dev_kfree_skb(skb); + return; + } + + expected_seq = sock->seq + 1; + if (hdr->seq != expected_seq) { + /* lost sync */ + spin_unlock(&sock->lock); + dev_kfree_skb(skb); + return; + } + + /* about to accept new packet, free any pending ack */ + dev_kfree_skb(sock->pending); + sock->pending = NULL; + + sock->seq = hdr->seq; + + /* set sock dport to last receive packet to send + * correct ack */ + sock->addr.dport = hdr->sport; + } + + /* deliver packet to socket */ + ret = sock->addr.deliver(sock->addr.priv, skb, &ack); + + if (!sock->has_ack || !ret) { + /* don't send ack now */ + spin_unlock(&sock->lock); + return; + } + + if (!ack) { + /* generate empty ack */ + ack = fbxatm_remote_alloc_skb(sock->ctx, 0); + if (!ack) { + spin_unlock(&sock->lock); + return; + } + } + + ack->dev = sock->ctx->netdev; + + if (append_tx_header(sock, ack)) { + spin_unlock(&sock->lock); + dev_kfree_skb(ack); + return; + } + + sock->pending = ack; + + /* send ack now */ + ack = skb_clone(sock->pending, GFP_ATOMIC); + spin_unlock(&sock->lock); + + if (ack) + dev_queue_xmit(ack); +} + +/* + * handle data on 'out' direction socket + */ +static void __out_sock_rcv(struct fbxatm_remote_sock *sock, + struct sk_buff *skb, + struct fbxatm_remote_hdr *hdr) +{ + if (!sock->has_ack) { + dev_kfree_skb(skb); + printk(KERN_ERR PFX "ack for non ack sock\n"); + return; + } + + spin_lock(&sock->lock); + + /* check if ack if for last sent seq */ + if (hdr->seq != sock->seq) { + spin_unlock(&sock->lock); + dev_kfree_skb(skb); + return; + } + + /* make sure we're expecting it */ + if (!sock->pending) { + spin_unlock(&sock->lock); + dev_kfree_skb(skb); + return; + } + + del_timer_sync(&sock->retrans_timer); + dev_kfree_skb(sock->pending); + sock->pending = NULL; + sock->seq++; + + if (sock->addr.response) + sock->addr.response(sock->addr.priv, skb); + else + dev_kfree_skb(skb); + + spin_unlock(&sock->lock); +} + +/* + * fbxatm ethertype rx callback + */ +static int fbxatm_rcv(struct sk_buff *skb, struct net_device *dev, + struct packet_type *pt, struct net_device *orig_dev) +{ + struct fbxatm_remote_hdr *hdr; + struct fbxatm_remote_ctx *ctx; + int found; + unsigned int len; + u16 port; + + if (!netif_running(dev)) { + dev_kfree_skb(skb); + return 0; + } + + skb = skb_unshare(skb, GFP_ATOMIC); + if (!skb) + return 0; + + /* decode fbxatm ethertype */ + if (!pskb_may_pull(skb, sizeof (*hdr))) { + dev_kfree_skb(skb); + return 0; + } + + hdr = (struct fbxatm_remote_hdr *)skb_network_header(skb); + if (ntohl(hdr->magic) != FBXATM_REMOTE_MAGIC) { + if (net_ratelimit()) + printk(KERN_ERR PFX "bad fbxatm remote magic: %08x\n", + ntohl(hdr->magic)); + dev_kfree_skb(skb); + return 0; + } + + /* check len */ + len = ntohs(hdr->len); + if (skb->len < len) { + if (net_ratelimit()) + printk(KERN_ERR PFX "short packet\n"); + dev_kfree_skb(skb); + return 0; + } + + /* trim skb to correct size */ + if (pskb_trim(skb, len)) { + dev_kfree_skb(skb); + return 0; + } + + port = ntohs(hdr->dport); + if (port >= MAX_PORTS) { + dev_kfree_skb(skb); + printk(KERN_ERR PFX "bad port %u\n", port); + return 0; + } + + /* remove header */ + skb_set_network_header(skb, 0); + __skb_pull(skb, sizeof (*hdr)); + skb_set_transport_header(skb, 0); + + /* find context by mac/session id */ + found = 0; + spin_lock_bh(&ctx_list_lock); + list_for_each_entry(ctx, &ctx_list, next) { + struct ethhdr *eth; + struct fbxatm_remote_sock *sock; + int is_ack; + + eth = eth_hdr(skb); + if (memcmp(eth->h_source, ctx->remote_mac, ETH_ALEN)) + continue; + + if (hdr->session_id != ctx->session_id) + continue; + + spin_lock(&ctx->lock); + + if (unlikely(ctx->dead)) { + spin_unlock(&ctx->lock); + continue; + } + + /* found context, find socket by port */ + found = 1; + + /* special case for port 0, in case ack is lost */ + if (port == 0 && ctx->pending_zero_ack) { + struct sk_buff *ack; + ack = skb_clone(ctx->pending_zero_ack, GFP_ATOMIC); + if (ack) + dev_queue_xmit(ack); + spin_unlock(&ctx->lock); + break; + } + + sock = ctx->socks_per_lport[port]; + if (!sock) { + printk(KERN_ERR PFX "context but no socket for " + "port: %u\n", port); + spin_unlock(&ctx->lock); + break; + } + + if (hdr->mtype != sock->addr.mtype) { + printk(KERN_ERR PFX "incorrect mtype for sock\n"); + spin_unlock(&ctx->lock); + break; + } + + /* check direction, we should only get ack for output + * socket */ + is_ack = (hdr->flags & FBXATM_RFLAGS_ACK) ? 1 : 0; + if (sock->direction ^ is_ack) { + printk(KERN_ERR PFX "incorrect ack value for sock\n"); + spin_unlock(&ctx->lock); + break; + } + + /* ok deliver */ + if (sock->direction) + __out_sock_rcv(sock, skb, hdr); + else + __in_sock_rcv(sock, skb, hdr); + + spin_unlock(&ctx->lock); + spin_unlock_bh(&ctx_list_lock); + return 0; + } + + spin_unlock_bh(&ctx_list_lock); + + if (!found && unknown_cb) + unknown_cb(dev, skb); + else + dev_kfree_skb(skb); + + return 0; +} + +void fbxatm_remote_set_unknown_cb(void (*cb)(struct net_device *, + struct sk_buff *)) +{ + unknown_cb = cb; +} + +EXPORT_SYMBOL(fbxatm_remote_set_unknown_cb); + +/* + * allocate local port for socket + */ +static int __alloc_lport(struct fbxatm_remote_ctx *ctx, + struct fbxatm_remote_sock *sock) +{ + int i; + + for (i = 1; i < ARRAY_SIZE(ctx->socks_per_lport); i++) { + if (ctx->socks_per_lport[i]) + continue; + sock->addr.lport = htons(i); + ctx->socks_per_lport[i] = sock; + return 0; + } + return -EADDRINUSE; +} + +static struct fbxatm_remote_sock *sock_new(struct fbxatm_remote_sockaddr *addr) +{ + struct fbxatm_remote_sock *sock; + + sock = kzalloc(sizeof (*sock), GFP_KERNEL); + if (!sock) + return NULL; + memcpy(&sock->addr, addr, sizeof (*addr)); + timer_setup(&sock->retrans_timer, sock_timer, 0); + spin_lock_init(&sock->lock); + return sock; +} + +struct fbxatm_remote_sock * +fbxatm_remote_sock_connect(struct fbxatm_remote_ctx *ctx, + struct fbxatm_remote_sockaddr *addr, + int need_ack) +{ + struct fbxatm_remote_sock *sock; + + sock = sock_new(addr); + if (!sock) + return NULL; + + spin_lock_bh(&ctx->lock); + sock->ctx = ctx; + if (__alloc_lport(ctx, sock)) { + spin_unlock_bh(&ctx->lock); + kfree(sock); + return NULL; + } + + sock->direction = 1; + sock->seq = 0; + sock->has_ack = need_ack; + spin_unlock_bh(&ctx->lock); + + return sock; +} + +EXPORT_SYMBOL(fbxatm_remote_sock_connect); + +struct fbxatm_remote_sock * +fbxatm_remote_sock_bind(struct fbxatm_remote_ctx *ctx, + struct fbxatm_remote_sockaddr *addr, + int send_ack) +{ + struct fbxatm_remote_sock *sock; + + sock = sock_new(addr); + if (!sock) + return NULL; + + spin_lock_bh(&ctx->lock); + sock->ctx = ctx; + if (__alloc_lport(ctx, sock)) { + spin_unlock_bh(&ctx->lock); + kfree(sock); + return NULL; + } + + sock->direction = 0; + sock->seq = ~0; + sock->has_ack = send_ack; + spin_unlock_bh(&ctx->lock); + + return sock; +} + +EXPORT_SYMBOL(fbxatm_remote_sock_bind); + +void fbxatm_remote_sock_close(struct fbxatm_remote_sock *sock) +{ + spin_lock_bh(&sock->ctx->lock); + if (sock->addr.lport) + sock->ctx->socks_per_lport[ntohs(sock->addr.lport)] = NULL; + + spin_lock(&sock->lock); + del_timer_sync(&sock->retrans_timer); + dev_kfree_skb(sock->pending); + spin_unlock(&sock->lock); + spin_unlock_bh(&sock->ctx->lock); + kfree(sock); +} + +EXPORT_SYMBOL(fbxatm_remote_sock_close); + +struct fbxatm_remote_ctx *fbxatm_remote_alloc_ctx(struct net_device *netdev, + u8 *remote_mac, + u32 session_id, + void (*timeout)(void *priv), + void *priv) +{ + struct fbxatm_remote_ctx *ctx; + + ctx = kzalloc(sizeof (*ctx), GFP_KERNEL); + if (!ctx) + return NULL; + ctx->netdev = netdev; + spin_lock_init(&ctx->lock); + memcpy(ctx->remote_mac, remote_mac, ETH_ALEN); + ctx->session_id = session_id; + ctx->timeout_cb = timeout; + ctx->priv = priv; + + spin_lock_bh(&ctx_list_lock); + list_add_tail(&ctx->next, &ctx_list); + spin_unlock_bh(&ctx_list_lock); + + return ctx; +} + +EXPORT_SYMBOL(fbxatm_remote_alloc_ctx); + +void fbxatm_remote_ctx_set_dead(struct fbxatm_remote_ctx *ctx) +{ + spin_lock_bh(&ctx->lock); + ctx->dead = 1; + spin_unlock_bh(&ctx->lock); +} + +EXPORT_SYMBOL(fbxatm_remote_ctx_set_dead); + +void fbxatm_remote_free_ctx(struct fbxatm_remote_ctx *ctx) +{ + int i; + + spin_lock_bh(&ctx_list_lock); + spin_lock(&ctx->lock); + + for (i = 1; i < ARRAY_SIZE(ctx->socks_per_lport); i++) { + if (!ctx->socks_per_lport[i]) + continue; + printk(KERN_ERR PFX "socket count is not 0\n"); + spin_unlock(&ctx->lock); + spin_unlock_bh(&ctx_list_lock); + return; + } + + kfree(ctx->pending_zero_ack); + list_del(&ctx->next); + spin_unlock(&ctx->lock); + spin_unlock_bh(&ctx_list_lock); + kfree(ctx); +} + +EXPORT_SYMBOL(fbxatm_remote_free_ctx); + +static struct packet_type fbxatm_packet_type = { + .type = __constant_htons(ETH_P_FBXATM_REMOTE), + .func = fbxatm_rcv, +}; + +int fbxatm_remote_init(void) +{ + spin_lock_init(&ctx_list_lock); + INIT_LIST_HEAD(&ctx_list); + dev_add_pack(&fbxatm_packet_type); + return 0; +} + +EXPORT_SYMBOL(fbxatm_remote_init); + +void fbxatm_remote_exit(void) +{ + dev_remove_pack(&fbxatm_packet_type); +} + +EXPORT_SYMBOL(fbxatm_remote_exit); diff -Nruw linux-5.15.42-fbx/net/fbxatm./fbxatm_remote_driver.c linux-5.15.42-fbx/net/fbxatm/fbxatm_remote_driver.c --- linux-5.15.42-fbx/net/fbxatm./fbxatm_remote_driver.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxatm/fbxatm_remote_driver.c 2023-02-27 17:13:39.810190205 +0100 @@ -0,0 +1,1183 @@ +/* + * "remote" driver for fbxatm, "connect" to a remote fbxatm stack in + * net stub mode and control its PHYs + * + * Copyright (C) 2009 Maxime Bizon + */ +#include +#include +#include +#include +#include +#include +#include + +#include "fbxatm_remote_driver.h" + +#define PFX "fbxatm_remote_driver: " + +static struct list_head remote_dev_list; +static DEFINE_SPINLOCK(remote_lock); + +/* + * request moving to dead state and schedule + */ +static void set_dying(struct driver_remote *priv) +{ + priv->want_die = 1; + schedule_delayed_work(&priv->fsm_work, 0); +} + +/* + * socket deliver callback for vcc_rx socket + */ +static int vcc_rx_deliver(void *data, struct sk_buff *skb, + struct sk_buff **ack) +{ + struct driver_remote_vcc *pvcc; + + pvcc = (struct driver_remote_vcc *)data; + fbxatm_netifrx(pvcc->vcc, skb); + return 0; +} + +/* + * socket deliver callback for vcc_qempty socket + */ +static int vcc_qempty_deliver(void *data, struct sk_buff *skb, + struct sk_buff **ack) +{ + struct driver_remote_vcc *pvcc; + struct driver_remote *priv; + + pvcc = (struct driver_remote_vcc *)data; + priv = pvcc->priv; + + spin_lock(&priv->tx_lock); + + if (pvcc->tx_pending) { + /* wait until we get tx ack */ + pvcc->tx_got_qempty = 1; + goto send_ack; + } + + /* report tx done event */ + clear_bit(FBXATM_VCC_F_FULL, &pvcc->vcc->vcc_flags); + +send_ack: + dev_kfree_skb(skb); + *ack = NULL; + spin_unlock(&priv->tx_lock); + /* send ack now */ + fbxatm_tx_done(pvcc->vcc); + return 1; +} + +/* + * socket response callback for vcc_send socket, called with bh + * disabled + */ +static void vcc_send_response(void *data, struct sk_buff *skb) +{ + struct fbxatm_remote_vcc_send_ack *pkt_ack; + struct driver_remote_vcc *pvcc; + struct driver_remote *priv; + + pvcc = (struct driver_remote_vcc *)data; + priv = pvcc->priv; + + spin_lock(&priv->tx_lock); + + if (unlikely(!pvcc->tx_pending)) { + printk(KERN_ERR PFX "send response while no tx pending\n"); + goto out; + } + + if (!pskb_may_pull(skb, sizeof (*pkt_ack))) { + printk(KERN_ERR PFX "bad vcc send ack\n"); + goto out; + } + + pvcc->tx_pending = 0; + + pkt_ack = (struct fbxatm_remote_vcc_send_ack *)skb->data; + if (pkt_ack->full) { + /* qempty will wake us up later, but maybe we got it + * already ? */ + if (!pvcc->tx_got_qempty) + goto out; + } + + /* wake up queue */ + clear_bit(FBXATM_VCC_F_FULL, &pvcc->vcc->vcc_flags); + spin_unlock(&priv->tx_lock); + dev_kfree_skb(skb); + fbxatm_tx_done(pvcc->vcc); + return; + +out: + spin_unlock(&priv->tx_lock); + dev_kfree_skb(skb); +} + +/* + * fbxatm request to send aal5 on given vcc, called with bh disabled + */ +static int remote_send(struct fbxatm_vcc *vcc, struct sk_buff *skb) +{ + struct driver_remote_vcc *pvcc; + struct driver_remote *priv; + + pvcc = vcc->dev_priv; + priv = pvcc->priv; + + spin_lock(&priv->tx_lock); + if (priv->state != RSTATE_S_ACTIVE) + goto drop; + + if (test_bit(FBXATM_VCC_F_FULL, &vcc->vcc_flags)) { + spin_unlock(&priv->tx_lock); + /* return queue full */ + return 1; + } + + if (fbxatm_remote_sock_send(pvcc->vcc_send_sock, skb)) { + /* packet has been dropped */ + spin_unlock(&priv->tx_lock); + return 0; + } + + set_bit(FBXATM_VCC_F_FULL, &vcc->vcc_flags); + pvcc->tx_pending = 1; + pvcc->tx_got_qempty = 0; + + spin_unlock(&priv->tx_lock); + return 0; + +drop: + spin_unlock(&priv->tx_lock); + dev_kfree_skb(skb); + return 0; +} + +/* + * sleep until we get an ack for sockets using wq + */ +static int __wait_ack(struct driver_remote *priv) +{ + wait_event(priv->wq, priv->wq_res != 0 || + priv->state != RSTATE_S_ACTIVE); + + if (priv->wq_res == 2 || priv->state != RSTATE_S_ACTIVE) { + /* timeout or device will die soon */ + return -EIO; + } + + return 0; +} + +/* + * fbxatm callback to send oam cell + */ +static int remote_send_oam(struct fbxatm_dev *adev, + struct fbxatm_oam_cell *cell) +{ + struct driver_remote *priv; + struct sk_buff *skb; + int ret; + + priv = fbxatm_dev_priv(adev); + mutex_lock(&priv->mutex); + + if (priv->state != RSTATE_S_ACTIVE) { + mutex_unlock(&priv->mutex); + return -ENODEV; + } + + /* prepare outgoing packet */ + skb = fbxatm_remote_alloc_skb(priv->remote_ctx, + sizeof (cell->payload)); + if (!skb) { + mutex_unlock(&priv->mutex); + kfree(cell); + return -ENOMEM; + } + + memcpy(skb_put(skb, sizeof (cell->payload)), &cell->payload, + sizeof (cell->payload)); + kfree(cell); + + /* send & wait for ack */ + skb_queue_purge(&priv->wq_acks); + priv->wq_res = 0; + + if (fbxatm_remote_sock_send(priv->dev_send_oam_sock, skb)) + return -ENOMEM; + + ret = __wait_ack(priv); + mutex_unlock(&priv->mutex); + + if (ret) + return ret; + + return 0; +} + +/* + * fbxatm callback to open given vcc + */ +static int remote_vcc_open(struct fbxatm_vcc *vcc) +{ + struct fbxatm_remote_vcc_action *pkt; + struct fbxatm_remote_vcc_action_ack *pkt_ack; + struct sk_buff *skb, *ack; + struct fbxatm_remote_sockaddr addr; + struct driver_remote_vcc *pvcc; + struct driver_remote *priv; + int ret; + + priv = fbxatm_dev_priv(vcc->adev); + mutex_lock(&priv->mutex); + + if (priv->state != RSTATE_S_ACTIVE) { + mutex_unlock(&priv->mutex); + return -EIO; + } + + /* allocate private vcc context */ + pvcc = kzalloc(sizeof (*pvcc), GFP_KERNEL); + if (!pvcc) { + mutex_unlock(&priv->mutex); + return -ENOMEM; + } + + pvcc->priv = priv; + pvcc->vcc = vcc; + vcc->dev_priv = pvcc; + + /* open input sockets */ + memset(&addr, 0, sizeof (addr)); + addr.mtype = htonl(FBXATM_RMT_VCC_RX); + addr.priv = pvcc; + addr.deliver = vcc_rx_deliver; + pvcc->vcc_rx_sock = fbxatm_remote_sock_bind(priv->remote_ctx, + &addr, 0); + if (!pvcc->vcc_rx_sock) { + ret = -ENOMEM; + goto fail; + } + + memset(&addr, 0, sizeof (addr)); + addr.mtype = htonl(FBXATM_RMT_VCC_QEMPTY); + addr.priv = pvcc; + addr.deliver = vcc_qempty_deliver; + pvcc->vcc_qempty_sock = fbxatm_remote_sock_bind(priv->remote_ctx, + &addr, 1); + if (!pvcc->vcc_qempty_sock) { + ret = -ENOMEM; + goto fail; + } + + /* prepare outgoing packet */ + skb = fbxatm_remote_alloc_skb(priv->remote_ctx, + sizeof (*pkt)); + if (!skb) { + ret = -ENOMEM; + goto fail; + } + pkt = (struct fbxatm_remote_vcc_action *)skb_put(skb, sizeof (*pkt)); + pkt->action = htonl(1); + + fbxatm_remote_sock_getaddr(pvcc->vcc_rx_sock, &addr); + pkt->vcc_rx_port = addr.lport; + + fbxatm_remote_sock_getaddr(pvcc->vcc_qempty_sock, &addr); + pkt->vcc_qempty_port = addr.lport; + + pkt->vpi = htonl(vcc->vpi); + pkt->vci = htonl(vcc->vci); + pkt->traffic_class = htonl(vcc->qos.traffic_class); + pkt->max_sdu = htonl(vcc->qos.max_sdu); + pkt->max_buffered_pkt = htonl(vcc->qos.max_buffered_pkt); + pkt->priority = htonl(vcc->qos.priority); + pkt->rx_priority = htonl(vcc->qos.rx_priority); + + /* send & wait for ack */ + skb_queue_purge(&priv->wq_acks); + priv->wq_res = 0; + + if (fbxatm_remote_sock_send(priv->vcc_action_sock, skb)) { + ret = -ENOMEM; + goto fail; + } + + ret = __wait_ack(priv); + + if (ret) { + /* timeout, device will die soon */ + goto fail; + } + + /* check ack */ + ack = skb_dequeue(&priv->wq_acks); + if (!pskb_may_pull(ack, sizeof (*pkt_ack))) { + printk(KERN_ERR PFX "bad vcc action ack\n"); + dev_kfree_skb(ack); + set_dying(priv); + ret = -EIO; + goto fail; + } + + pkt_ack = (struct fbxatm_remote_vcc_action_ack *)ack->data; + if (pkt_ack->ret) { + printk(KERN_ERR PFX "remote vcc open failed\n"); + dev_kfree_skb(ack); + set_dying(priv); + ret = -EIO; + goto fail; + } + + pvcc->remote_id = pkt_ack->vcc_remote_id; + + memset(&addr, 0, sizeof (addr)); + addr.mtype = htonl(FBXATM_RMT_VCC_SEND); + addr.priv = pvcc; + addr.dport = pkt_ack->vcc_send_port; + addr.response = vcc_send_response; + pvcc->vcc_send_sock = fbxatm_remote_sock_connect(priv->remote_ctx, + &addr, 1); + if (!pvcc->vcc_send_sock) { + dev_kfree_skb(ack); + set_dying(priv); + ret = -EIO; + goto fail; + } + + dev_kfree_skb(ack); + list_add(&pvcc->next, &priv->pvcc_list); + mutex_unlock(&priv->mutex); + return 0; + +fail: + if (pvcc->vcc_qempty_sock) + fbxatm_remote_sock_close(pvcc->vcc_qempty_sock); + if (pvcc->vcc_rx_sock) + fbxatm_remote_sock_close(pvcc->vcc_rx_sock); + kfree(pvcc); + mutex_unlock(&priv->mutex); + return ret; +} + +/* + * fbxatm callback to close & flush given vcc + */ +static void remote_vcc_close(struct fbxatm_vcc *vcc) +{ + struct driver_remote *priv; + struct driver_remote_vcc *pvcc; + struct sk_buff *skb, *ack; + struct fbxatm_remote_vcc_action *pkt; + struct fbxatm_remote_vcc_action_ack *pkt_ack; + int ret; + + priv = fbxatm_dev_priv(vcc->adev); + mutex_lock(&priv->mutex); + + pvcc = vcc->dev_priv; + + if (priv->state != RSTATE_S_ACTIVE) { + /* just close vcc, don't tell remote */ + list_del(&pvcc->next); + kfree(pvcc); + + /* warn fsm so it can restart */ + schedule_delayed_work(&priv->fsm_work, 0); + goto out_unlock; + } + + /* prepare outgoing packet */ + skb = fbxatm_remote_alloc_skb(priv->remote_ctx, + sizeof (*pkt)); + if (!skb) { + set_dying(priv); + goto out_unlock; + } + + pkt = (struct fbxatm_remote_vcc_action *)skb_put(skb, sizeof (*pkt)); + pkt->action = htonl(0); + pkt->vcc_remote_id = pvcc->remote_id; + + /* free vcc now, failure will trigger dead state */ + fbxatm_remote_sock_close(pvcc->vcc_send_sock); + fbxatm_remote_sock_close(pvcc->vcc_rx_sock); + fbxatm_remote_sock_close(pvcc->vcc_qempty_sock); + list_del(&pvcc->next); + kfree(pvcc); + + /* send & wait for ack */ + skb_queue_purge(&priv->wq_acks); + priv->wq_res = 0; + + if (fbxatm_remote_sock_send(priv->vcc_action_sock, skb)) { + set_dying(priv); + goto out_unlock; + } + + ret = __wait_ack(priv); + + if (ret) { + /* timeout, device will die soon */ + mutex_unlock(&priv->mutex); + return; + } + + /* check ack */ + ack = skb_dequeue(&priv->wq_acks); + if (!pskb_may_pull(ack, sizeof (*pkt_ack))) { + printk(KERN_ERR PFX "bad vcc action close ack\n"); + dev_kfree_skb(ack); + set_dying(priv); + goto out_unlock; + } + + pkt_ack = (struct fbxatm_remote_vcc_action_ack *)ack->data; + if (pkt_ack->ret) { + printk(KERN_ERR PFX "remote vcc close failed\n"); + dev_kfree_skb(ack); + set_dying(priv); + goto out_unlock; + } + +out_unlock: + mutex_unlock(&priv->mutex); +} + +/* + * common response for vcc action & send oam socket + */ +static void common_response(void *data, struct sk_buff *skb) +{ + struct driver_remote *priv; + + priv = (struct driver_remote *)data; + skb_queue_tail(&priv->wq_acks, skb); + priv->wq_res = 1; + wake_up(&priv->wq); +} + +/* + * create device procfs entries + */ +static int remote_init_procfs(struct fbxatm_dev *adev) +{ + return 0; +} + +/* + * release device procfs entries + */ +static void remote_release_procfs(struct fbxatm_dev *adev) +{ +} + +/* + * local fake fbxatm device callbacks + */ +static const struct fbxatm_dev_ops remote_fbxatm_ops = { + .open = remote_vcc_open, + .close = remote_vcc_close, + .send = remote_send, + .send_oam = remote_send_oam, + .init_procfs = remote_init_procfs, + .release_procfs = remote_release_procfs, + .owner = THIS_MODULE, +}; + +/* + * dev_rx_oam socket rx callback + */ +static int dev_rx_oam_deliver(void *data, struct sk_buff *skb, + struct sk_buff **ack) +{ + struct driver_remote *priv; + + priv = (struct driver_remote *)data; + skb_queue_tail(&priv->dev_oam_reqs, skb); + schedule_delayed_work(&priv->fsm_work, 0); + + return 0; +} + +/* + * dev_link socket rx callback + */ +static int dev_link_deliver(void *data, struct sk_buff *skb, + struct sk_buff **ack) +{ + struct driver_remote *priv; + + priv = (struct driver_remote *)data; + skb_queue_tail(&priv->dev_link_reqs, skb); + schedule_delayed_work(&priv->fsm_work, 0); + + /* send ack later */ + return 0; +} + +/* + * dev_connect socket tx ack callback + */ +static void dev_connect_response(void *data, struct sk_buff *skb) +{ + struct driver_remote *priv; + + priv = (struct driver_remote *)data; + skb_queue_tail(&priv->connect_acks, skb); + schedule_delayed_work(&priv->fsm_work, 0); +} + +/* + * handle link change queue + */ +static void handle_dev_link_queue(struct driver_remote *priv) +{ + struct sk_buff *skb; + + do { + struct fbxatm_remote_dev_link *pkt; + struct fbxatm_dev *adev; + struct sk_buff *ack; + + skb = skb_dequeue(&priv->dev_link_reqs); + if (!skb) + break; + + if (!pskb_may_pull(skb, sizeof (*pkt))) { + printk(KERN_ERR PFX "bad rx dev link\n"); + dev_kfree_skb(skb); + continue; + } + + pkt = (struct fbxatm_remote_dev_link *)skb->data; + + adev = priv->fbxatm_dev; + adev->link_rate_ds = ntohl(pkt->link_rate_ds); + adev->link_rate_us = ntohl(pkt->link_rate_us); + adev->link_cell_rate_ds = ntohl(pkt->link_cell_rate_ds); + adev->link_cell_rate_us = ntohl(pkt->link_cell_rate_us); + + if (pkt->link) + fbxatm_dev_set_link_up(adev); + else + fbxatm_dev_set_link_down(adev); + + /* send ack */ + ack = fbxatm_remote_alloc_skb(priv->remote_ctx, 0); + if (!ack) + continue; + fbxatm_remote_sock_send_ack(priv->dev_link_sock, ack); + + } while (1); +} + +/* + * handle oam rx queue + */ +static void handle_oam_rx_queue(struct driver_remote *priv) +{ + struct fbxatm_oam_cell *cell; + struct sk_buff *skb; + + do { + skb = skb_dequeue(&priv->dev_oam_reqs); + if (!skb) + break; + + cell = kmalloc(sizeof (*cell), GFP_KERNEL); + if (!cell) { + dev_kfree_skb(skb); + continue; + } + + if (!pskb_may_pull(skb, sizeof (cell->payload))) { + printk(KERN_ERR PFX "bad rx oam\n"); + kfree(cell); + dev_kfree_skb(skb); + continue; + } + + memcpy(&cell->payload, skb->data, sizeof (cell->payload)); + dev_kfree_skb(skb); + fbxatm_netifrx_oam(priv->fbxatm_dev, cell); + + } while (1); +} + +/* + * free all and set to dead state + */ +static void remote_free(struct driver_remote *priv) +{ + struct driver_remote_vcc *pvcc; + + if (priv->state == RSTATE_S_DEAD) + return; + + priv->want_die = 0; + + /* make sure remote_send device operation doesn't use sockets + * any more */ + spin_lock_bh(&priv->tx_lock); + priv->state = RSTATE_S_DEAD; + spin_unlock_bh(&priv->tx_lock); + + /* same goes for open_vcc, close_vcc and send_oam ops, + * RSTATE_S_DEAD will prevent function from being entered, and + * any sleeper will be woken up */ + wake_up(&priv->wq); + + mutex_lock(&priv->mutex); + + /* no vcc can be created, close all vcc sockets */ + list_for_each_entry(pvcc, &priv->pvcc_list, next) { + + if (pvcc->vcc_send_sock) { + fbxatm_remote_sock_close(pvcc->vcc_send_sock); + pvcc->vcc_send_sock = NULL; + } + + if (pvcc->vcc_rx_sock) { + fbxatm_remote_sock_close(pvcc->vcc_rx_sock); + pvcc->vcc_rx_sock = NULL; + } + + if (pvcc->vcc_qempty_sock) { + fbxatm_remote_sock_close(pvcc->vcc_qempty_sock); + pvcc->vcc_qempty_sock = NULL; + } + } + mutex_unlock(&priv->mutex); + + /* no external callback from fbxatm can use sockets now */ + + /* close all sockets */ + if (priv->dev_connect_sock) { + fbxatm_remote_sock_close(priv->dev_connect_sock); + priv->dev_connect_sock = NULL; + } + + if (priv->keepalive_sock) { + fbxatm_remote_sock_close(priv->keepalive_sock); + priv->keepalive_sock = NULL; + } + + if (priv->dev_link_sock) { + fbxatm_remote_sock_close(priv->dev_link_sock); + priv->dev_link_sock = NULL; + } + + if (priv->dev_rx_oam_sock) { + fbxatm_remote_sock_close(priv->dev_rx_oam_sock); + priv->dev_rx_oam_sock = NULL; + } + + if (priv->vcc_action_sock) { + fbxatm_remote_sock_close(priv->vcc_action_sock); + priv->vcc_action_sock = NULL; + } + + if (priv->dev_send_oam_sock) { + fbxatm_remote_sock_close(priv->dev_send_oam_sock); + priv->dev_send_oam_sock = NULL; + } + + if (priv->netdev) { + dev_put(priv->netdev); + priv->netdev = NULL; + } + + if (priv->remote_ctx) { + fbxatm_remote_free_ctx(priv->remote_ctx); + priv->remote_ctx = NULL; + } + + skb_queue_purge(&priv->connect_acks); + skb_queue_purge(&priv->dev_link_reqs); + skb_queue_purge(&priv->dev_oam_reqs); + skb_queue_purge(&priv->wq_acks); + + if (priv->fbxatm_dev_registered) { + fbxatm_dev_set_link_down(priv->fbxatm_dev); + printk(KERN_WARNING "%s: marking dead\n", + priv->fbxatm_dev->name); + } +} + +/* + * remote context timeout on any socket + */ +static void remote_sock_timeout(void *data) +{ + set_dying((struct driver_remote *)data); +} + +/* + * main workqueue to handle device fsm + */ +static void remote_fsm(struct work_struct *t) +{ + struct delayed_work *dwork; + struct driver_remote *priv; + struct net_device *netdev; + struct fbxatm_remote_sockaddr addr; + + dwork = container_of(t, struct delayed_work, work); + priv = container_of(dwork, struct driver_remote, fsm_work); + + if (priv->want_die) { + remote_free(priv); + /* let FSM restart if needed */ + } + + switch (priv->state) { + case RSTATE_S_WAIT_NETDEV: + { + struct fbxatm_remote_connect *pkt; + struct fbxatm_remote_ctx *ctx; + struct sk_buff *skb; + u32 session_id; + + netdev = dev_get_by_name(&init_net, priv->pd->netdev_name); + if (!netdev) { + /* netdev notifier will reschedule */ + return; + } + priv->netdev = netdev; + + /* got netdev, open remote context */ + get_random_bytes(&session_id, sizeof (session_id)); + ctx = fbxatm_remote_alloc_ctx(netdev, priv->pd->remote_mac, + session_id, + remote_sock_timeout, + priv); + if (!ctx) { + printk(KERN_ERR PFX "unable to allocate remote ctx\n"); + remote_free(priv); + return; + } + priv->remote_ctx = ctx; + + /* open rx sockets */ + memset(&addr, 0, sizeof (addr)); + addr.mtype = htonl(FBXATM_RMT_DEV_LINK); + addr.deliver = dev_link_deliver; + addr.priv = priv; + priv->dev_link_sock = fbxatm_remote_sock_bind(ctx, &addr, 1); + if (!priv->dev_link_sock) { + remote_free(priv); + return; + } + + memset(&addr, 0, sizeof (addr)); + addr.mtype = htonl(FBXATM_RMT_DEV_RX_OAM); + addr.deliver = dev_rx_oam_deliver; + addr.priv = priv; + priv->dev_rx_oam_sock = fbxatm_remote_sock_bind(ctx, &addr, 0); + if (!priv->dev_rx_oam_sock) { + remote_free(priv); + return; + } + + /* create socket for initial connexion */ + memset(&addr, 0, sizeof (addr)); + addr.mtype = htonl(FBXATM_RMT_CONNECT); + addr.response = dev_connect_response; + addr.priv = priv; + addr.infinite_retry = 1; + priv->dev_connect_sock = fbxatm_remote_sock_connect(ctx, + &addr, 1); + if (!priv->dev_connect_sock) { + remote_free(priv); + return; + } + + /* send the connect packet */ + skb = fbxatm_remote_alloc_skb(priv->remote_ctx, + sizeof (*pkt)); + if (!skb) { + remote_free(priv); + return; + } + + pkt = (struct fbxatm_remote_connect *) + skb_put(skb, sizeof (*pkt)); + + memcpy(pkt->name, priv->pd->remote_name, sizeof (pkt->name)); + + fbxatm_remote_sock_getaddr(priv->dev_link_sock, &addr); + pkt->dev_link_port = addr.lport; + + fbxatm_remote_sock_getaddr(priv->dev_rx_oam_sock, &addr); + pkt->dev_rx_oam_port = addr.lport; + + if (fbxatm_remote_sock_send(priv->dev_connect_sock, skb)) { + dev_kfree_skb(skb); + remote_free(priv); + return; + } + + /* wait for connect ack... */ + priv->state = RSTATE_S_WAIT_REMOTE; + break; + } + + case RSTATE_S_WAIT_REMOTE: + { + struct fbxatm_remote_connect_ack *pkt_ack; + struct fbxatm_remote_ctx *ctx; + struct fbxatm_dev *adev; + struct sk_buff *skb; + int ret; + + skb = skb_dequeue(&priv->connect_acks); + if (!skb) + return; + + if (!pskb_may_pull(skb, sizeof (*pkt_ack))) { + printk(KERN_ERR PFX "bad connect ack\n"); + dev_kfree_skb(skb); + return; + } + + pkt_ack = (struct fbxatm_remote_connect_ack *)skb->data; + ctx = priv->remote_ctx; + + /* open sockets */ + memset(&addr, 0, sizeof (addr)); + addr.mtype = htonl(FBXATM_RMT_VCC_ACTION); + addr.response = common_response; + addr.dport = pkt_ack->vcc_action_port; + addr.priv = priv; + priv->vcc_action_sock = fbxatm_remote_sock_connect(ctx, + &addr, 1); + if (!priv->vcc_action_sock) { + remote_free(priv); + return; + } + + memset(&addr, 0, sizeof (addr)); + addr.mtype = htonl(FBXATM_RMT_DEV_SEND_OAM); + addr.response = common_response; + addr.dport = pkt_ack->dev_send_oam_port; + addr.priv = priv; + priv->dev_send_oam_sock = fbxatm_remote_sock_connect(ctx, + &addr, 1); + if (!priv->dev_send_oam_sock) { + remote_free(priv); + return; + } + + memset(&addr, 0, sizeof (addr)); + addr.mtype = htonl(FBXATM_RMT_KEEPALIVE); + addr.priv = priv; + addr.dport = pkt_ack->keepalive_port; + priv->keepalive_sock = fbxatm_remote_sock_connect(ctx, + &addr, 1); + if (!priv->keepalive_sock) { + remote_free(priv); + return; + } + + /* all set, register fbxatm device */ + adev = priv->fbxatm_dev; + adev->max_vcc = ntohl(pkt_ack->max_vcc); + adev->vci_mask = ntohl(pkt_ack->vci_mask); + adev->vpi_mask = ntohl(pkt_ack->vpi_mask); + adev->max_priority = ntohl(pkt_ack->max_priority); + adev->max_rx_priority = ntohl(pkt_ack->max_rx_priority); + adev->link_rate_ds = ntohl(pkt_ack->link_rate_ds); + adev->link_rate_us = ntohl(pkt_ack->link_rate_us); + adev->link_cell_rate_ds = ntohl(pkt_ack->link_cell_rate_ds); + adev->link_cell_rate_us = ntohl(pkt_ack->link_cell_rate_us); + adev->tx_headroom = fbxatm_remote_headroom(ctx); + + /* register atm device */ + priv->state = RSTATE_S_ACTIVE; + + if (!priv->fbxatm_dev_registered) { + ret = fbxatm_register_device(adev, "remote_fbxatm", + &remote_fbxatm_ops); + if (ret) { + remote_free(priv); + return; + } + } + + priv->fbxatm_dev_registered = 1; + printk(KERN_INFO "%s: connected to %s - %pM6/%s\n", + adev->name, priv->pd->remote_name, + priv->pd->remote_mac, priv->netdev->name); + + if (pkt_ack->link) + fbxatm_dev_set_link_up(adev); + else + fbxatm_dev_set_link_down(adev); + + schedule_delayed_work(&priv->fsm_work, HZ); + break; + } + + case RSTATE_S_ACTIVE: + { + /* process link change event if any */ + handle_dev_link_queue(priv); + + /* process rx oam if any */ + handle_oam_rx_queue(priv); + + /* send keepalive */ + if (!fbxatm_remote_sock_pending(priv->keepalive_sock)) { + struct sk_buff *skb; + + skb = fbxatm_remote_alloc_skb(priv->remote_ctx, 0); + if (skb) + fbxatm_remote_sock_send(priv->keepalive_sock, + skb); + } + + schedule_delayed_work(&priv->fsm_work, HZ); + break; + } + + case RSTATE_S_DEAD: + /* wait until open vcc list is empty */ + if (!list_empty(&priv->pvcc_list)) + break; + + priv->state = RSTATE_S_WAIT_NETDEV; + if (priv->fbxatm_dev_registered) + printk(KERN_INFO "%s: reconnecting\n", + priv->fbxatm_dev->name); + schedule_delayed_work(&priv->fsm_work, HZ); + break; + } +} + +/* + * netdevice notifier callback + */ +static int remote_device_event(struct notifier_block *this, + unsigned long event, void *ptr) +{ + struct net_device *dev = netdev_notifier_info_to_dev(ptr); + struct driver_remote *priv; + + spin_lock_bh(&remote_lock); + + /* go through remote list to check if device matches one */ + list_for_each_entry(priv, &remote_dev_list, next) { + + switch (event) { + case NETDEV_REGISTER: + case NETDEV_CHANGENAME: + if (strcmp(dev->name, priv->pd->netdev_name)) + continue; + break; + + case NETDEV_UNREGISTER: + if (dev != priv->netdev) + continue; + priv->want_die = 1; + break; + + default: + continue; + } + schedule_delayed_work(&priv->fsm_work, 0); + } + + spin_unlock_bh(&remote_lock); + + return 0; +} + +static struct notifier_block remote_notifier = { + .notifier_call = remote_device_event, +}; + +/* + * get remote pdata through of + */ +static struct fbxatm_remote_pdata * +remote_of_probe(struct platform_device *pdev) +{ + struct device_node *np = pdev->dev.of_node; + struct fbxatm_remote_pdata *pd; + const char *netdev_name; + const char *remote_name; + int len, err; + + pd = devm_kzalloc(&pdev->dev, sizeof (*pd), GFP_KERNEL); + if (!pd) + return ERR_PTR(-ENOMEM); + + err = of_get_mac_address(np, pd->remote_mac); + if (err < 0) { + printk(KERN_ERR PFX "missing of mac-address\n"); + return ERR_PTR(err); + } + + netdev_name = of_get_property(np, "netdev-name", &len); + if (!netdev_name || len >= sizeof (pd->netdev_name)) { + printk(KERN_ERR PFX "missing of netdev-name\n"); + return ERR_PTR(-EINVAL); + } + + remote_name = of_get_property(np, "remote-name", &len); + if (!remote_name || len >= sizeof (pd->remote_name)) { + printk(KERN_ERR PFX "missing of remote-name\n"); + return ERR_PTR(-EINVAL); + } + + strlcpy(pd->netdev_name, netdev_name, sizeof (pd->netdev_name)); + strlcpy(pd->remote_name, remote_name, sizeof (pd->remote_name)); + + return pd; +} + +/* + * platform data probe callback + */ +static int remote_probe(struct platform_device *pdev) +{ + struct fbxatm_remote_pdata *pd; + struct driver_remote *priv; + struct fbxatm_dev *adev; + + pd = pdev->dev.platform_data; + if (pd) { + if (!pd->netdev_name[0]) + return -EINVAL; + } else if (pdev->dev.of_node) { + pd = remote_of_probe(pdev); + if (IS_ERR(pd)) + return PTR_ERR(pd); + } else + return -EINVAL; + + /* allocate fbxatm device */ + adev = fbxatm_alloc_device(sizeof (*priv)); + if (!adev) + return -ENOMEM; + + priv = fbxatm_dev_priv(adev); + + priv->fbxatm_dev = adev; + INIT_LIST_HEAD(&priv->pvcc_list); + spin_lock_init(&priv->tx_lock); + mutex_init(&priv->mutex); + + priv->state = RSTATE_S_WAIT_NETDEV; + INIT_DELAYED_WORK(&priv->fsm_work, remote_fsm); + + skb_queue_head_init(&priv->connect_acks); + skb_queue_head_init(&priv->dev_link_reqs); + skb_queue_head_init(&priv->dev_oam_reqs); + init_waitqueue_head(&priv->wq); + skb_queue_head_init(&priv->wq_acks); + priv->pd = pd; + + spin_lock_bh(&remote_lock); + list_add_tail(&priv->next, &remote_dev_list); + spin_unlock_bh(&remote_lock); + + platform_set_drvdata(pdev, priv); + + printk(KERN_INFO PFX "connecting to %s - %pM6/%s\n", + priv->pd->remote_name, + priv->pd->remote_mac, + priv->pd->netdev_name); + + /* kick fsm */ + schedule_delayed_work(&priv->fsm_work, 0); + return 0; +} + +static int remote_remove(struct platform_device *pdev) +{ + struct driver_remote *priv; + struct fbxatm_dev *adev; + + priv = platform_get_drvdata(pdev); + adev = priv->fbxatm_dev; + + /* remove from global list so network notifier can't find us */ + spin_lock_bh(&remote_lock); + list_del(&priv->next); + spin_unlock_bh(&remote_lock); + + /* cancel any pending fsm */ + cancel_delayed_work_sync(&priv->fsm_work); + + /* force dead state */ + remote_free(priv); + + if (priv->fbxatm_dev_registered) + fbxatm_unregister_device(adev); + fbxatm_free_device(adev); + return 0; +} + +static const struct of_device_id fbxatm_remote_of_table[] = { + { .compatible = "freebox,fbxatm-remote" }, + { } +}; +MODULE_DEVICE_TABLE(of, fbxatm_remote_of_table); + +struct platform_driver fbxatm_remote_driver = { + .probe = remote_probe, + .remove = remote_remove, + .driver = { + .name = "fbxatm_remote", + .owner = THIS_MODULE, + .of_match_table = of_match_ptr(fbxatm_remote_of_table), + }, +}; + +static int __init fbxatm_remote_driver_init(void) +{ + int ret; + + INIT_LIST_HEAD(&remote_dev_list); + ret = fbxatm_remote_init(); + if (ret) + goto fail; + ret = register_netdevice_notifier(&remote_notifier); + if (ret) + goto fail_remote; + ret = platform_driver_register(&fbxatm_remote_driver); + if (ret) + goto fail_notifier; + return 0; + +fail_notifier: + unregister_netdevice_notifier(&remote_notifier); +fail_remote: + fbxatm_remote_exit(); +fail: + return ret; +} + +static void __exit fbxatm_remote_driver_exit(void) +{ + fbxatm_remote_exit(); + unregister_netdevice_notifier(&remote_notifier); + platform_driver_unregister(&fbxatm_remote_driver); +} + +module_init(fbxatm_remote_driver_init); +module_exit(fbxatm_remote_driver_exit); + +MODULE_LICENSE("GPL"); +MODULE_VERSION("1.0"); +MODULE_AUTHOR("Maxime Bizon "); diff -Nruw linux-5.15.42-fbx/net/fbxatm./fbxatm_remote_driver.h linux-5.15.42-fbx/net/fbxatm/fbxatm_remote_driver.h --- linux-5.15.42-fbx/net/fbxatm./fbxatm_remote_driver.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxatm/fbxatm_remote_driver.h 2023-02-27 17:10:06.968489986 +0100 @@ -0,0 +1,79 @@ +#ifndef FBXATM_REMOTE_DRIVER_H_ +#define FBXATM_REMOTE_DRIVER_H_ + +#include +#include +#include +#include +#include + +enum remote_state { + RSTATE_S_WAIT_NETDEV = 0, + RSTATE_S_WAIT_REMOTE, + RSTATE_S_ACTIVE, + RSTATE_S_DEAD, +}; + +struct driver_remote; + +struct driver_remote_vcc { + + struct fbxatm_vcc *vcc; + struct driver_remote *priv; + + unsigned int remote_id; + + int tx_pending; + int tx_got_qempty; + + /* output */ + struct fbxatm_remote_sock *vcc_send_sock; + + /* input */ + struct fbxatm_remote_sock *vcc_rx_sock; + struct fbxatm_remote_sock *vcc_qempty_sock; + + struct list_head next; +}; + +struct driver_remote { + struct fbxatm_dev *fbxatm_dev; + int fbxatm_dev_registered; + + struct list_head pvcc_list; + + spinlock_t tx_lock; + struct mutex mutex; + + struct fbxatm_remote_ctx *remote_ctx; + struct net_device *netdev; + + enum remote_state state; + struct delayed_work fsm_work; + int want_die; + + /* output */ + struct fbxatm_remote_sock *dev_connect_sock; + struct sk_buff_head connect_acks; + + struct fbxatm_remote_sock *keepalive_sock; + + /* input */ + struct fbxatm_remote_sock *dev_link_sock; + struct sk_buff_head dev_link_reqs; + + struct fbxatm_remote_sock *dev_rx_oam_sock; + struct sk_buff_head dev_oam_reqs; + + /* used to wait for send_oam & vcc_action */ + struct fbxatm_remote_sock *vcc_action_sock; + struct fbxatm_remote_sock *dev_send_oam_sock; + wait_queue_head_t wq; + int wq_res; + struct sk_buff_head wq_acks; + + struct fbxatm_remote_pdata *pd; + struct list_head next; +}; + +#endif /* ! FBXATM_REMOTE_DRIVER_H_ */ diff -Nruw linux-5.15.42-fbx/net/fbxatm./fbxatm_sysfs.c linux-5.15.42-fbx/net/fbxatm/fbxatm_sysfs.c --- linux-5.15.42-fbx/net/fbxatm./fbxatm_sysfs.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxatm/fbxatm_sysfs.c 2024-04-22 14:46:58.152274778 +0200 @@ -0,0 +1,184 @@ +#include +#include +#include +#include +#include +#include +#include "fbxatm_priv.h" + +#define to_fbxatm_dev(cldev) container_of(cldev, struct fbxatm_dev, dev) + +static const char fmt_u64[] = "%llu\n"; + +static ssize_t show_ifindex(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct fbxatm_dev *adev = to_fbxatm_dev(dev); + return sprintf(buf, "%d\n", adev->ifindex); +} + +static ssize_t show_link_state(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct fbxatm_dev *adev = to_fbxatm_dev(dev); + return sprintf(buf, "%d\n", + test_bit(FBXATM_DEV_F_LINK_UP, &adev->dev_flags) ? + 1 : 0); +} + +static ssize_t show_link_rate_us(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct fbxatm_dev *adev = to_fbxatm_dev(dev); + return sprintf(buf, "%d\n", adev->link_rate_us); +} + +static ssize_t show_link_rate_ds(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct fbxatm_dev *adev = to_fbxatm_dev(dev); + return sprintf(buf, "%d\n", adev->link_rate_ds); +} + +static ssize_t show_max_priority(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct fbxatm_dev *adev = to_fbxatm_dev(dev); + return sprintf(buf, "%d\n", adev->max_priority); +} + +static ssize_t show_max_rx_priority(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct fbxatm_dev *adev = to_fbxatm_dev(dev); + return sprintf(buf, "%d\n", adev->max_rx_priority); +} + +static ssize_t show_rx_bytes(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct fbxatm_dev *adev = to_fbxatm_dev(dev); + u64 val; + + spin_lock_bh(&adev->stats_lock); + val = adev->stats.rx_bytes; + spin_unlock_bh(&adev->stats_lock); + return sprintf(buf, fmt_u64, val); +} + +static ssize_t show_tx_bytes(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct fbxatm_dev *adev = to_fbxatm_dev(dev); + u64 val; + + spin_lock_bh(&adev->stats_lock); + val = adev->stats.tx_bytes; + spin_unlock_bh(&adev->stats_lock); + return sprintf(buf, fmt_u64, val); +} + +static DEVICE_ATTR(ifindex, S_IRUGO, show_ifindex, NULL); +static DEVICE_ATTR(link_state, S_IRUGO, show_link_state, NULL); +static DEVICE_ATTR(link_rate_us, S_IRUGO, show_link_rate_us, NULL); +static DEVICE_ATTR(link_rate_ds, S_IRUGO, show_link_rate_ds, NULL); +static DEVICE_ATTR(max_priority, S_IRUGO, show_max_priority, NULL); +static DEVICE_ATTR(max_rx_priority, S_IRUGO, show_max_rx_priority, NULL); +static DEVICE_ATTR(rx_bytes, S_IRUGO, show_rx_bytes, NULL); +static DEVICE_ATTR(tx_bytes, S_IRUGO, show_tx_bytes, NULL); + +static struct device_attribute *fbxatm_attrs[] = { + &dev_attr_ifindex, + &dev_attr_link_state, + &dev_attr_link_rate_us, + &dev_attr_link_rate_ds, + &dev_attr_max_priority, + &dev_attr_max_rx_priority, + &dev_attr_rx_bytes, + &dev_attr_tx_bytes, +}; + +static int fbxatm_uevent(struct device *dev, struct kobj_uevent_env *env) +{ + struct fbxatm_dev *adev; + + if (!dev) + return -ENODEV; + + adev = to_fbxatm_dev(dev); + if (!adev) + return -ENODEV; + + if (add_uevent_var(env, "NAME=%s", adev->name)) + return -ENOMEM; + + if (add_uevent_var(env, "IFINDEX=%u", adev->ifindex)) + return -ENOMEM; + + if (add_uevent_var(env, "LINK=%u", + test_bit(FBXATM_DEV_F_LINK_UP, &adev->dev_flags) ? + 1 : 0)) + return -ENOMEM; + + return 0; +} + +static void fbxatm_release(struct device *dev) +{ + struct fbxatm_dev *adev = to_fbxatm_dev(dev); + __fbxatm_free_device(adev); +} + +static struct class fbxatm_class = { + .name = "fbxatm", + .dev_release = fbxatm_release, + .dev_uevent = fbxatm_uevent, +}; + +void fbxatm_dev_change_sysfs(struct fbxatm_dev *adev) +{ + struct device *dev = &adev->dev; + + kobject_uevent_env(&dev->kobj, KOBJ_CHANGE, NULL); +} + +int fbxatm_register_dev_sysfs(struct fbxatm_dev *adev) +{ + struct device *dev = &adev->dev; + int i, j, ret; + + dev->class = &fbxatm_class; + dev_set_name(dev, "%s", adev->name); + ret = device_register(dev); + if (ret < 0) + return ret; + + for (i = 0; i < ARRAY_SIZE(fbxatm_attrs); i++) { + ret = device_create_file(dev, fbxatm_attrs[i]); + if (ret) + goto err; + } + return 0; + +err: + for (j = 0; j < i; j++) + device_remove_file(dev, fbxatm_attrs[j]); + device_del(dev); + return ret; +} + +void fbxatm_unregister_dev_sysfs(struct fbxatm_dev *adev) +{ + struct device *dev = &adev->dev; + device_del(dev); +} + +int __init fbxatm_sysfs_init(void) +{ + return class_register(&fbxatm_class); +} + +void fbxatm_sysfs_exit(void) +{ + class_unregister(&fbxatm_class); +} diff -Nruw linux-5.15.42-fbx/net/fbxbridge./Kconfig linux-5.15.42-fbx/net/fbxbridge/Kconfig --- linux-5.15.42-fbx/net/fbxbridge./Kconfig 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxbridge/Kconfig 2023-02-27 19:50:22.652261514 +0100 @@ -0,0 +1,8 @@ + +# +# Freebox bridge +# +config FBXBRIDGE + bool "Freebox Bridge" + select NETFILTER + select NF_CONNTRACK diff -Nruw linux-5.15.42-fbx/net/fbxbridge./Makefile linux-5.15.42-fbx/net/fbxbridge/Makefile --- linux-5.15.42-fbx/net/fbxbridge./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxbridge/Makefile 2023-02-27 19:50:22.652261514 +0100 @@ -0,0 +1,12 @@ + +obj-$(CONFIG_FBXBRIDGE) += fbxbridge.o + +fbxbridge-objs := \ + fbxbr_dev.o \ + fbxbr_dhcp.o \ + fbxbr_filter.o \ + fbxbr_fwcache.o \ + fbxbr_input.o \ + fbxbr_ioctl.o \ + fbxbr_output.o \ + fbxbr_utils.o diff -Nruw linux-5.15.42-fbx/net/fbxbridge./fbxbr_dev.c linux-5.15.42-fbx/net/fbxbridge/fbxbr_dev.c --- linux-5.15.42-fbx/net/fbxbridge./fbxbr_dev.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxbridge/fbxbr_dev.c 2023-02-27 19:50:23.744290661 +0100 @@ -0,0 +1,734 @@ +#define pr_fmt(fmt) "fbxbridge: " fmt + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "fbxbr_private.h" + +static LIST_HEAD(fbxbr_list); +static DEFINE_MUTEX(fbxbr_list_mutex); + +/* + * ioctl "install" func + */ +extern void fbxbridge_set(int (*hook)(struct net *net, + unsigned int, void __user *)); + + +/* + * caller must hold rtnl lock + */ +struct fbxbr *__fbxbr_get_by_name(struct net *net, const char *name) +{ + struct net_device *dev; + + dev = __dev_get_by_name(net, name); + if (dev == NULL) + return ERR_PTR(-ENODEV); + + if (!(dev->priv_flags & IFF_FBXBRIDGE)) + return ERR_PTR(-ENODEV); + + return netdev_priv(dev); +} + +/* + * compute ip address that we will pretend to be on the lan side + */ +static inline __be32 gen_lan_gw(__be32 be_ipaddr, __be32 be_netmask) +{ + u32 ipaddr, netmask; + u32 gw, mask; + + ipaddr = __be32_to_cpu(be_ipaddr); + netmask = __be32_to_cpu(be_netmask); + + /* default to last address of subnet */ + gw = ipaddr & netmask; + mask = ~netmask; + gw |= (mask - 1); + + /* if it happens to be the ip address, then take another one */ + if (gw == ipaddr) { + gw &= netmask; + gw |= mask - 2; + } + return __cpu_to_be32(gw); +} + +/* + * must be called with bridge write lock held + */ +static void __fetch_wan_parameters(struct fbxbr *br, struct in_ifaddr *ifa) +{ + struct net_device *wan_dev; + + if (!ifa) + return; + + if (WARN_ON(!br->wan_port)) + return; + + if (br->wan_ipaddr == ifa->ifa_local && + br->wan_netmask == ifa->ifa_mask) + return; + + br->wan_ipaddr = ifa->ifa_local; + br->wan_netmask = ifa->ifa_mask; + + if (br->wan_netmask != 0xffffffff) { + /* standard netmask */ + br->lan_gw = gen_lan_gw(br->wan_ipaddr, br->wan_netmask); + br->lan_netmask = br->wan_netmask; + } else { + u32 gw; + + /* switch to /24 if wan it pointtopoint */ + gw = ntohl(br->wan_ipaddr) & 0xffffff00; + if ((gw | 0xfe) == ntohl(br->wan_ipaddr)) + gw |= 0xfd; + else + gw |= 0xfe; + + br->lan_gw = htonl(gw); + br->lan_netmask = htonl(0xffffff00); + } + + wan_dev = br->wan_port->dev; + pr_notice("%s: wan inet device %s address changed to [%pI4]\n", + br->dev->name, wan_dev->name, &br->wan_ipaddr); + + pr_info("%s: %s: wan netmask: %pI4\n", + br->dev->name, wan_dev->name, &br->wan_netmask); + + pr_info("%s: %s: lan gw: %pI4\n", + br->dev->name, wan_dev->name, &br->lan_gw); +} + +/* + * caller must hold rtnl lock + */ +int __fbxbr_add_br_port(struct net *net, const char *name, + const char *port_name, bool is_wan) +{ + struct net_device *dev; + struct fbxbr *br; + struct fbxbr_port *p; + int ret; + + /* locate bridge */ + br = __fbxbr_get_by_name(net, name); + if (IS_ERR(br)) + return PTR_ERR(br); + + /* check that we don't have a device already */ + if ((is_wan && br->wan_port) || (!is_wan && br->lan_port)) + return -EBUSY; + + /* locate port */ + dev = __dev_get_by_name(net, port_name); + if (!dev) + return -ENODEV; + + /* make sure it's not used by us */ + if (dev->priv_flags & (IFF_FBXBRIDGE | IFF_FBXBRIDGE_PORT)) + return -EBUSY; + + /* allocate new port */ + p = kzalloc(sizeof (*p), GFP_KERNEL); + if (p == NULL) + return -ENOMEM; + + p->br = br; + p->dev = dev; + p->is_wan = is_wan; + + write_lock_bh(&br->lock); + if (is_wan) + br->wan_port = p; + else + br->lan_port = p; + + if (is_wan) { + struct in_device *in_dev; + + rcu_read_lock(); + + in_dev = __in_dev_get_rcu(dev); + if (in_dev) + __fetch_wan_parameters(br, in_dev->ifa_list); + + rcu_read_unlock(); + } + + write_unlock_bh(&br->lock); + + ret = netdev_rx_handler_register(dev, fbxbr_handle_frame, p); + if (ret) + goto err; + + dev->priv_flags |= IFF_FBXBRIDGE_PORT; + + ret = netdev_master_upper_dev_link(dev, br->dev, NULL, NULL, NULL); + if (ret) + goto err; + + pr_info("%s: %s device %s grabbed\n", + br->dev->name, is_wan ? "wan" : "lan", dev->name); + + return 0; + +err: + write_lock_bh(&br->lock); + netdev_rx_handler_unregister(dev); + if (is_wan) + br->wan_port = NULL; + else + br->lan_port = NULL; + dev->priv_flags &= ~IFF_FBXBRIDGE_PORT; + write_unlock_bh(&br->lock); + kfree(p); + return ret; +} + +/* + * caller must hold rtnl lock + */ +void __fbxbr_del_br_port(struct fbxbr_port *p) +{ + struct fbxbr *br = p->br; + struct net_device *dev = p->dev; + bool is_wan; + + netdev_upper_dev_unlink(dev, br->dev); + netdev_rx_handler_unregister(dev); + dev->priv_flags &= ~IFF_FBXBRIDGE_PORT; + is_wan = p->is_wan; + + write_lock_bh(&br->lock); + if (p->is_wan) + br->wan_port = NULL; + else + br->lan_port = NULL; + + if (p->rt) + ip_rt_put(p->rt); + write_unlock_bh(&br->lock); + kfree(p); + + pr_info("%s: %s device %s released\n", + br->dev->name, is_wan ? "wan" : "lan", dev->name); +} + +/* + * caller must hold rtnl lock + */ +int __fbxbr_del_br_port_by_name(struct net *net, const char *name, + const char *port_name) +{ + struct net_device *dev; + struct fbxbr *br; + struct fbxbr_port *p; + + /* locate bridge */ + br = __fbxbr_get_by_name(net, name); + if (IS_ERR(br)) + return PTR_ERR(br); + + /* locate port */ + dev = __dev_get_by_name(net, port_name); + if (!dev) + return -ENODEV; + + p = fbxbr_port_get_rtnl(dev); + if (!p || p->br != br) + return -EINVAL; + + __fbxbr_del_br_port(p); + return 0; +} + +/* + * bridge device netdevice ops + */ +static int fbxbr_net_open(struct net_device *dev) +{ + return 0; +} + +static int fbxbr_net_stop(struct net_device *dev) +{ + return 0; +} + +static int fbxbr_net_start_xmit(struct sk_buff *skb, struct net_device *dev) +{ + struct fbxbr *br = netdev_priv(dev); + const struct iphdr *iph; + + read_lock(&br->lock); + + if (skb->protocol != htons(ETH_P_IP)) + goto drop; + + if (!br->wan_ipaddr) + goto drop; + + if (!br->lan_port) + goto drop; + + if (!pskb_may_pull(skb, sizeof (*iph))) + goto drop; + + iph = ip_hdr(skb); + + if (ipv4_is_multicast(iph->daddr)) { + dev->stats.tx_packets++; + dev->stats.tx_bytes += skb->len; + fbxbr_output_lan_mcast_frame(br, skb); + goto done; + } + + if (iph->daddr != br->br_remote_ipaddr) + goto drop; + + fbxbr_dnat_packet(skb, br->wan_ipaddr); + dev->stats.tx_packets++; + dev->stats.tx_bytes += skb->len; + fbxbr_output_lan_frame(br, skb); + +done: + read_unlock(&br->lock); + return 0; + +drop: + dev->stats.tx_dropped++; + read_unlock(&br->lock); + kfree_skb(skb); + return 0; +} + +static const struct net_device_ops fbxbr_net_ops = { + .ndo_open = fbxbr_net_open, + .ndo_stop = fbxbr_net_stop, + .ndo_start_xmit = fbxbr_net_start_xmit, +}; + +static struct device_type fbxbr_type = { + .name = "fbxbridge", +}; + +/* + * fbxbridge alloc_netdev setup func + */ +#define COMMON_FEATURES (NETIF_F_SG | NETIF_F_FRAGLIST | NETIF_F_HIGHDMA | \ + NETIF_F_GSO_MASK | NETIF_F_HW_CSUM) + +static void fbxbr_netdev_setup(struct net_device *dev) +{ + struct fbxbr *br = netdev_priv(dev); + size_t i; + + dev->flags = IFF_NOARP; + dev->type = ARPHRD_PPP; + dev->mtu = 1500; + dev->hard_header_len = 16; + + dev->netdev_ops = &fbxbr_net_ops; + dev->needs_free_netdev = true; + SET_NETDEV_DEVTYPE(dev, &fbxbr_type); + dev->priv_flags = IFF_FBXBRIDGE | IFF_NO_QUEUE; + + dev->features = 0; + dev->hw_features = 0; + dev->vlan_features = 0; + + br->dev = dev; + rwlock_init(&br->lock); + rwlock_init(&br->lan_hwaddr_lock); + br->dhcpd_renew_time = DEFAULT_RENEWAL_TIME; + br->dhcpd_rebind_time = DEFAULT_REBIND_TIME; + br->dhcpd_lease_time = DEFAULT_LEASE_TIME; + spin_lock_init(&br->last_arp_lock); + br->last_arp_send = jiffies; + + rwlock_init(&br->fwcache_lock); + INIT_LIST_HEAD(&br->fwcache_rules); + for (i = 0; i < ARRAY_SIZE(br->fwcache_hrules); i++) + INIT_HLIST_HEAD(&br->fwcache_hrules[i]); +} + +/* + * + */ +int fbxbr_add_br(struct net *net, const char *name) +{ + struct net_device *dev; + struct fbxbr *br; + int ret; + + dev = alloc_netdev(sizeof (struct fbxbr), name, NET_NAME_UNKNOWN, + fbxbr_netdev_setup); + if (!dev) + return -ENOMEM; + + dev_net_set(dev, net); + + ret = register_netdev(dev); + if (ret) { + free_netdev(dev); + return ret; + } + + br = netdev_priv(dev); + mutex_lock(&fbxbr_list_mutex); + list_add(&br->next, &fbxbr_list); + mutex_unlock(&fbxbr_list_mutex); + + pr_notice("%s: new fbxbridge\n", dev->name); + return 0; +} + + +/* + * caller must hold rtnl lock + */ +int __fbxbr_del_br(struct net *net, const char *name) +{ + struct fbxbr *br; + + br = __fbxbr_get_by_name(net, name); + if (IS_ERR(br)) + return PTR_ERR(br); + + mutex_lock(&fbxbr_list_mutex); + list_del(&br->next); + mutex_unlock(&fbxbr_list_mutex); + + if (br->wan_port) + __fbxbr_del_br_port(br->wan_port); + if (br->lan_port) + __fbxbr_del_br_port(br->lan_port); + + unregister_netdevice(br->dev); + return 0; +} + +/* + * + */ +int fbxbr_get_params(struct net *net, const char *name, + struct fbxbridge_ioctl_params *params) +{ + struct fbxbr *br; + + rtnl_lock(); + + /* locate bridge */ + br = __fbxbr_get_by_name(net, name); + if (IS_ERR(br)) { + rtnl_unlock(); + return PTR_ERR(br); + } + + /* copy current config */ + params->flags = br->flags; + params->dns1_addr = br->dns1_ipaddr; + params->dns2_addr = br->dns2_ipaddr; + memcpy(params->ip_aliases, br->ip_aliases, sizeof (br->ip_aliases)); + params->dhcpd_renew_time = br->dhcpd_renew_time; + params->dhcpd_rebind_time = br->dhcpd_rebind_time; + params->dhcpd_lease_time = br->dhcpd_lease_time; + params->inputmark = br->inputmark; + + /* current ports */ + if (br->wan_port) { + memcpy(params->wan_dev.name, + br->wan_port->dev->name, + IFNAMSIZ); + params->wan_dev.present = 1; + } else { + params->wan_dev.name[0] = 0; + params->wan_dev.present = 0; + } + + if (br->lan_port) { + memcpy(params->lan_dev.name, + br->lan_port->dev->name, + IFNAMSIZ); + params->lan_dev.present = 1; + } else { + params->lan_dev.name[0] = 0; + params->lan_dev.present = 0; + } + + /* copy state */ + read_lock_bh(&br->lan_hwaddr_lock); + params->have_hw_addr = br->have_hw_addr; + memcpy(params->lan_hwaddr, br->lan_hwaddr, ETH_ALEN); + read_unlock_bh(&br->lan_hwaddr_lock); + + rtnl_unlock(); + + return 0; +} + +/* + * + */ +int fbxbr_set_params(struct net *net, const char *name, + const struct fbxbridge_ioctl_params *params) +{ + struct fbxbr *br; + + rtnl_lock(); + + /* locate bridge */ + br = __fbxbr_get_by_name(net, name); + if (IS_ERR(br)) { + rtnl_unlock(); + return PTR_ERR(br); + } + + write_lock_bh(&br->lock); + + br->flags = params->flags; + br->dns1_ipaddr = params->dns1_addr; + br->dns2_ipaddr = params->dns2_addr; + memcpy(br->ip_aliases, params->ip_aliases, sizeof (br->ip_aliases)); + br->dhcpd_renew_time = params->dhcpd_renew_time; + br->dhcpd_rebind_time = params->dhcpd_rebind_time; + br->dhcpd_lease_time = params->dhcpd_lease_time; + br->inputmark = params->inputmark; + + write_unlock_bh(&br->lock); + + fbxbr_fwcache_flush(br); + + rtnl_unlock(); + + return 0; +} + +/* + * + */ +void fbxbr_flush_cache(void) +{ + struct fbxbr *br; + + mutex_lock(&fbxbr_list_mutex); + list_for_each_entry(br, &fbxbr_list, next) + fbxbr_fwcache_flush(br); + mutex_unlock(&fbxbr_list_mutex); +} + +/* + * must be called with BH disabled + */ +void fbxbr_capture_hw_addr(struct fbxbr *br, const u8 *hwaddr) +{ + bool same; + + read_lock(&br->lan_hwaddr_lock); + same = (br->have_hw_addr && !memcmp(br->lan_hwaddr, hwaddr, ETH_ALEN)); + read_unlock(&br->lan_hwaddr_lock); + + if (same) + return; + + write_lock(&br->lan_hwaddr_lock); + memcpy(br->lan_hwaddr, hwaddr, ETH_ALEN); + br->have_hw_addr = 1; + write_unlock(&br->lan_hwaddr_lock); + + pr_notice("%s: new lan hw address is now %pM\n", + br->dev->name, hwaddr); +} + +/* + * netdevice notifier callback, called with rtnl lock + */ +static int fbxbr_netdev_event_callback(struct notifier_block *this, + unsigned long event, void *ptr) +{ + struct net_device *dev = netdev_notifier_info_to_dev(ptr); + + ASSERT_RTNL(); + + if (!(dev->priv_flags & IFF_FBXBRIDGE_PORT)) + return NOTIFY_DONE; + + /* catch port that goes away */ + switch (event) { + case NETDEV_UNREGISTER: + __fbxbr_del_br_port(fbxbr_port_get_rtnl(dev)); + break; + + default: + break; + }; + + return NOTIFY_DONE; +} + +/* + * handle inet configuration event on port + */ +static void __handle_inet_port_event(struct fbxbr_port *p, + unsigned long event, + struct in_ifaddr *ifa) +{ + struct fbxbr *br; + + if (!p->is_wan) + return; + + br = p->br; + + switch (event) { + case NETDEV_UP: + write_lock_bh(&br->lan_hwaddr_lock); + __fetch_wan_parameters(br, ifa); + write_unlock_bh(&br->lan_hwaddr_lock); + break; + + case NETDEV_DOWN: + /* we never clear wan address, so we can continue to + * use the bridge on lan side even if wan is down */ + break; + + default: + break; + } +} + +/* + * handle inet configuration event on bridge interface (fbxbr%d) + */ +static void __handle_inet_bridge_event(struct fbxbr *br, + unsigned long event, + struct in_ifaddr *ifa) +{ + switch (event) { + case NETDEV_UP: + if (!ifa->ifa_address || ifa->ifa_local == ifa->ifa_address) + return; + + write_lock_bh(&br->lan_hwaddr_lock); + br->br_ipaddr = ifa->ifa_local; + br->br_remote_ipaddr = ifa->ifa_address; + write_unlock_bh(&br->lan_hwaddr_lock); + + if (br->br_ipaddr) + pr_info("%s: bridge local interface configured: " + "[%pI4 -> %pI4]\n", + br->dev->name, + &br->br_ipaddr, + &br->br_remote_ipaddr); + break; + + case NETDEV_DOWN: + write_lock_bh(&br->lan_hwaddr_lock); + if (br->br_ipaddr) { + br->br_ipaddr = br->br_remote_ipaddr = 0; + pr_info("%s: bridge interface unconfigured\n", + br->dev->name); + } + write_unlock_bh(&br->lan_hwaddr_lock); + break; + + default: + return; + } +} + +/* + * kernel inet event notifier callback + */ +static int fbxbr_inet_event_callback(struct notifier_block *this, + unsigned long event, void *ptr) +{ + struct in_ifaddr *ifa = (struct in_ifaddr *)ptr; + struct net_device *dev = ifa->ifa_dev->dev; + + ASSERT_RTNL(); + + /* is it a bridge ? */ + if (dev->priv_flags & IFF_FBXBRIDGE) { + struct fbxbr *br = netdev_priv(dev); + __handle_inet_bridge_event(br, event, ifa); + return NOTIFY_DONE; + } + + /* is it a bridge port */ + if (dev->priv_flags & IFF_FBXBRIDGE_PORT) { + struct fbxbr_port *p = fbxbr_port_get_rtnl(dev); + __handle_inet_port_event(p, event, ifa); + return NOTIFY_DONE; + } + + return NOTIFY_DONE; +} + + +static struct notifier_block fbxbr_netdev_notifier = { + notifier_call: fbxbr_netdev_event_callback, +}; + +static struct notifier_block fbxbr_inet_notifier = { + notifier_call: fbxbr_inet_event_callback, +}; + +/* + * + */ +static int __init fbxbr_init_module(void) +{ + int err; + + err = register_netdevice_notifier(&fbxbr_netdev_notifier); + if (err) { + pr_err("can't register netdevice notifier\n"); + return err; + } + + err = register_inetaddr_notifier(&fbxbr_inet_notifier); + if (err) { + pr_err("can't register inet notifier\n"); + goto err_netdev; + } + + fbxbridge_set(fbxbr_ioctl); + return 0; + +err_netdev: + unregister_netdevice_notifier(&fbxbr_netdev_notifier); + return err; +} + +/* + * + */ +static void __exit fbxbr_exit_module(void) +{ + unregister_netdevice_notifier(&fbxbr_netdev_notifier); + unregister_inetaddr_notifier(&fbxbr_inet_notifier); + fbxbridge_set(NULL); +} + +module_init(fbxbr_init_module); +module_exit(fbxbr_exit_module); + +MODULE_AUTHOR("Maxime Bizon "); +MODULE_DESCRIPTION("Freebox Network Bridge - www.freebox.fr"); +MODULE_LICENSE("GPL"); diff -Nruw linux-5.15.42-fbx/net/fbxbridge./fbxbr_dhcp.c linux-5.15.42-fbx/net/fbxbridge/fbxbr_dhcp.c --- linux-5.15.42-fbx/net/fbxbridge./fbxbr_dhcp.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxbridge/fbxbr_dhcp.c 2023-02-27 19:50:23.744290661 +0100 @@ -0,0 +1,502 @@ +#include "fbxbr_private.h" +#include +#include +#include + +#define BOOTP_REQUEST 1 +#define BOOTP_REPLY 2 + +struct bootp_pkt { /* BOOTP packet format */ + struct iphdr iph; /* IP header */ + struct udphdr udph; /* UDP header */ + u8 op; /* 1=request, 2=reply */ + u8 htype; /* HW address type */ + u8 hlen; /* HW address length */ + u8 hops; /* Used only by gateways */ + u32 xid; /* Transaction ID */ + u16 secs; /* Seconds since we started */ + u16 flags; /* Just what it says */ + u32 client_ip; /* Client's IP address if known */ + u32 your_ip; /* Assigned IP address */ + u32 server_ip; /* (Next, e.g. NFS) Server's IP address */ + u32 relay_ip; /* IP address of BOOTP relay */ + u8 hw_addr[16]; /* Client's HW address */ + u8 serv_name[64]; /* Server host name */ + u8 boot_file[128]; /* Name of boot file */ + u8 exten[312]; /* DHCP options / BOOTP vendor extensions */ +}; + +#define FBX_OPT_VENDOR_F_IGNORE_BRIDGE (1 << 0) + +struct fbx_opt_vendor { + u8 oui[3]; + u32 version; + u32 flags; +} __attribute__((packed)); + +#define DHCPDISCOVER 1 +#define DHCPOFFER 2 +#define DHCPREQUEST 3 +#define DHCPDECLINE 4 +#define DHCPACK 5 +#define DHCPNACK 6 +#define DHCPRELEASE 7 +#define DHCPINFORM 8 + +#define BROADCAST_FLAG 0x8000 /* "I need broadcast replies" */ + +static const char *dhcp_to_name[] = { + "NONE", + "DHCPDISCOVER", + "DHCPOFFER", + "DHCPREQUEST", + "DHCPDECLINE", + "DHCPACK", + "DHCPNACK", + "DHCPRELEASE", + "DHCPINFORM", +}; + + +#define PARAM_SUBMASK (1 << 0) +#define PARAM_ROUTER (1 << 1) +#define PARAM_DNS (1 << 2) +#define PARAM_BROADCAST (1 << 3) + +struct dhcp_options +{ + u8 msg_type; + u32 t1; /* renewal timeout */ + u32 t2; /* rebinding timemout */ + u32 lease_time; /* lease time */ + u32 server_id; /* server identifier */ + u32 request_param; /* requested config params (bitfield) */ + + u32 netmask; /* netmask assigne to client */ + u32 router; + u32 bcast; + u32 dns1; + u32 dns2; + u32 requested_ip; + + struct fbx_opt_vendor fbx; + bool fbx_valid; + + bool need_bcast; +}; + +static const unsigned char dhcp_magic_cookie[] = { 0x63, 0x82, 0x53, 0x63 }; + +/* parse the dhcp options string to a struct */ +static void parse_dhcp_opts(const u8 *opts_str, int maxlen, + struct dhcp_options *opts) +{ + const u8 *p, *end; + + memset(opts, 0, sizeof(*opts)); + + /* check magic cookie */ + if (memcmp(opts_str, dhcp_magic_cookie, sizeof(dhcp_magic_cookie))) + return; + + /* now go for options */ + p = opts_str + 4; + end = opts_str + maxlen; + + while (p < end && *p != 0xff) { + const u8 *option; + size_t len, i; + + option = p++; + + if (*option == 0) + continue; + + /* jump of 'len' + 1 bytes */ + len = *p; + p += len + 1; + if (p >= end) + break; + + /* search for known parameter */ + switch (*option) { + case 53: /* msg_type */ + if (len) + opts->msg_type = option[2]; + break; + + case 55: /* param request */ + for (i = 0; i < len; i++) { + switch (option[2 + i]) { + case 1: /* subnet */ + opts->request_param |= PARAM_SUBMASK; + break; + + case 3: /* router */ + opts->request_param |= PARAM_ROUTER; + break; + + case 6: /* dns */ + opts->request_param |= PARAM_DNS; + break; + + case 28: /* broadcast */ + opts->request_param |= PARAM_BROADCAST; + break; + } + } + break; + + case 50: /* requested_ip */ + if (len >= 4) + memcpy(&opts->requested_ip, option + 2, 4); + break; + + case 54: /* server_id */ + if (len >= 4) + memcpy(&opts->server_id, option + 2, 4); + break; + + case 224: /* IANA reserved for freebox use */ + { + if (len >= sizeof (opts->fbx)) { + memcpy(&opts->fbx, option + 2, + sizeof (opts->fbx)); + if (opts->fbx.oui[0] == 0x00 && + opts->fbx.oui[1] == 0x07 && + opts->fbx.oui[2] == 0xCB) + opts->fbx_valid = true; + } + break; + } + } + } +} + +static void dump_dhcp_message(struct fbxbr *br, struct sk_buff *skb, + struct bootp_pkt *bpkt, const char *action, + const char *dest) +{ + struct dhcp_options opts; + + parse_dhcp_opts(bpkt->exten, skb->len - (sizeof(*bpkt) - 312), + &opts); + + if (opts.msg_type < 9) { + struct iphdr *iph; + + iph = ip_hdr(skb); + printk(KERN_DEBUG "%s: %s dhcp %s %s " + "(%pI4 -> %pI4) " + "(caddr: %pI4 - yaddr: %pI4 - " + "saddr: %pI4 - req_addr: %pI4)\n", + br->dev->name, + action, + dhcp_to_name[opts.msg_type], + dest, + &iph->saddr, + &iph->daddr, + &bpkt->client_ip, + &bpkt->your_ip, + &bpkt->server_ip, + &opts.requested_ip); + } else { + printk(KERN_DEBUG "%s: %s unknown dhcp message %s\n", + br->dev->name, action, dest); + } +} + +/* write a the dhcp options string from a struct */ +static void make_dhcp_opts(u8 *opts_str, const struct dhcp_options *opts, + int type) +{ + int len = 0; + + memcpy(opts_str, dhcp_magic_cookie, sizeof(dhcp_magic_cookie)); + len += sizeof(dhcp_magic_cookie); + + /* msg type (REPLY or OFFER) */ + opts_str[len++] = 53; + opts_str[len++] = 1; + opts_str[len++] = opts->msg_type; + + /* server id */ + opts_str[len++] = 54; + opts_str[len++] = 4; + memcpy(opts_str + len, &opts->server_id, 4); + len += 4; + + /* t1 */ + if (opts->t1) { + opts_str[len++] = 58; + opts_str[len++] = 4; + memcpy(opts_str + len, &opts->t1, 4); + len += 4; + } + + /* t2 */ + if (opts->t2) { + opts_str[len++] = 59; + opts_str[len++] = 4; + memcpy(opts_str + len, &opts->t2, 4); + len += 4; + } + + /* lease time */ + if (opts->lease_time) { + opts_str[len++] = 51; + opts_str[len++] = 4; + memcpy(opts_str + len, &opts->lease_time, 4); + len += 4; + } + + /* add requested_param */ + if (opts->request_param & PARAM_SUBMASK) { + opts_str[len++] = 1; + opts_str[len++] = 4; + memcpy(opts_str + len, &opts->netmask, 4); + len += 4; + } + + if (opts->request_param & PARAM_ROUTER) { + opts_str[len++] = 3; + opts_str[len++] = 4; + memcpy(opts_str + len, &opts->router, 4); + len += 4; + } + + if (opts->request_param & PARAM_BROADCAST) { + opts_str[len++] = 28; + opts_str[len++] = 4; + memcpy(opts_str + len, &opts->bcast, 4); + len += 4; + } + + if (opts->request_param & PARAM_DNS) { + opts_str[len++] = 6; + opts_str[len++] = (opts->dns2 ? 8 : 4); + memcpy(opts_str + len, &opts->dns1, 4); + if (opts->dns2) + memcpy(opts_str + len + 4, &opts->dns2, 4); + len += (opts->dns2 ? 8 : 4); + } + + opts_str[len++] = 255; +} + +/* dhcp server */ +static void send_dhcp_reply(struct fbxbr *br, + struct net_device *dev, + const u8 *dest_hw, + int type, + const struct bootp_pkt *src_packet, + const struct dhcp_options *src_opts) +{ + struct sk_buff *skb; + struct iphdr *h; + struct bootp_pkt *b; + struct dhcp_options dhcp_opts; + int hlen = LL_RESERVED_SPACE(dev); + int tlen = dev->needed_tailroom; + + /* Allocate packet */ + skb = alloc_skb(sizeof (struct bootp_pkt) + hlen + tlen, GFP_ATOMIC); + if (!skb) + return; + + skb->dev = dev; + skb_reserve(skb, hlen); + skb_reset_network_header(skb); + + b = (struct bootp_pkt *)skb_put(skb, sizeof(struct bootp_pkt)); + memset(b, 0, sizeof(struct bootp_pkt)); + + /* Construct IP header */ + h = &b->iph; + h->version = 4; + h->ihl = 5; + h->tot_len = htons(sizeof(struct bootp_pkt)); + h->frag_off = htons(IP_DF); + h->ttl = 64; + h->protocol = IPPROTO_UDP; + h->saddr = br->lan_gw; + + switch (type) { + case DHCPOFFER: + case DHCPACK: + if (src_packet->client_ip) + h->daddr = src_packet->client_ip; + else if (src_opts->need_bcast) + h->daddr = INADDR_BROADCAST; + else + h->daddr = br->wan_ipaddr; + break; + + case DHCPNACK: + /* always broadcast NAK */ + h->daddr = INADDR_BROADCAST; + break; + } + + h->check = ip_fast_csum((unsigned char *) h, h->ihl); + + /* Construct UDP header */ + b->udph.source = __constant_htons(67); + b->udph.dest = __constant_htons(68); + b->udph.len = htons(sizeof(struct bootp_pkt) - sizeof(struct iphdr)); + + /* Construct DHCP header */ + b->op = BOOTP_REPLY; + b->htype = ARPHRD_ETHER; + b->hlen = ETH_ALEN; + b->secs = 0; + b->xid = src_packet->xid; + + switch (type) { + case DHCPOFFER: + b->server_ip = br->lan_gw; + b->your_ip = br->wan_ipaddr; + break; + + case DHCPACK: + b->client_ip = src_packet->client_ip; + b->server_ip = br->lan_gw; + b->your_ip = br->wan_ipaddr; + break; + + case DHCPNACK: + break; + } + + b->relay_ip = src_packet->relay_ip; + memcpy(b->hw_addr, src_packet->hw_addr, sizeof(src_packet->hw_addr)); + + /* Construct DHCP options */ + memset(&dhcp_opts, 0, sizeof (dhcp_opts)); + dhcp_opts.msg_type = type; + dhcp_opts.server_id = br->lan_gw; + + switch (type) { + case DHCPOFFER: + case DHCPACK: + dhcp_opts.t1 = htonl(br->dhcpd_renew_time); + dhcp_opts.t2 = htonl(br->dhcpd_rebind_time); + dhcp_opts.lease_time = htonl(br->dhcpd_lease_time); + dhcp_opts.netmask = br->lan_netmask; + dhcp_opts.bcast = (br->lan_netmask & br->lan_gw) | + ~br->lan_netmask; + dhcp_opts.dns1 = br->dns1_ipaddr; + dhcp_opts.dns2 = br->dns2_ipaddr ? br->dns2_ipaddr : 0; + dhcp_opts.router = br->lan_gw; + dhcp_opts.request_param = src_opts->request_param; + break; + } + + make_dhcp_opts(b->exten, &dhcp_opts, type); + dump_dhcp_message(br, skb, b, "sending", "to lan"); + + if (dev_hard_header(skb, dev, ETH_P_IP, + dest_hw, dev->dev_addr, skb->len) < 0) { + kfree_skb(skb); + return; + } + + dev_queue_xmit(skb); +} + +/* + * called under bridge lock + * + * packet must be a valid IP & UDP packet with dport 67 + * + * answer will be sent to skb->dev + */ +void fbxbr_dhcpd(struct fbxbr *br, struct sk_buff *skb) +{ + struct bootp_pkt *bpkt; + struct dhcp_options opts; + + /* code assumes linear skb */ + if (skb_linearize(skb) < 0) + return; + + /* reject short packet */ + if (skb->len < (sizeof(*bpkt) - 312)) + return; + + bpkt = (struct bootp_pkt *)skb->data; + + /* select only valid BOOTP Request/Discover */ + if (bpkt->op != BOOTP_REQUEST || bpkt->hlen != ETH_ALEN) + return; + + parse_dhcp_opts(bpkt->exten, skb->len - (sizeof(*bpkt) - 312), &opts); + + if (opts.fbx_valid && + (be32_to_cpu(opts.fbx.flags) & FBX_OPT_VENDOR_F_IGNORE_BRIDGE)) { + printk(KERN_DEBUG "%s: ignore DHCP message with " + "freebox ignore-bridge flags set\n", br->dev->name); + return; + } + + if (ntohs(bpkt->flags) & BROADCAST_FLAG) + opts.need_bcast = true; + + dump_dhcp_message(br, skb, bpkt, "received", "from lan"); + + /* select DHCPDISCOVER to send a DHCPOFFER */ + if (opts.msg_type == DHCPDISCOVER) { + send_dhcp_reply(br, skb->dev, bpkt->hw_addr, + DHCPOFFER, bpkt, &opts); + + } else if (opts.msg_type == DHCPREQUEST) { + /* send ACK or NACK */ + if (!opts.requested_ip) { + /* RENEWING/REBINDING */ + if (!bpkt->client_ip) { + /* invalid packet; ignore */ + return; + } + + if (bpkt->client_ip != br->wan_ipaddr) + send_dhcp_reply(br, skb->dev, bpkt->hw_addr, + DHCPNACK, bpkt, &opts); + else { + send_dhcp_reply(br, skb->dev, bpkt->hw_addr, + DHCPACK, bpkt, &opts); + fbxbr_capture_hw_addr(br, bpkt->hw_addr); + } + return; + + } + + /* INIT-REBOOT or SELECTING */ + if (bpkt->client_ip) { + /* invalid packet; ignore */ + return; + } + + if (!opts.server_id) { + /* INIT-REBOOT */ + if (opts.requested_ip != br->wan_ipaddr) + send_dhcp_reply(br, skb->dev, bpkt->hw_addr, + DHCPNACK, bpkt, &opts); + else { + send_dhcp_reply(br, skb->dev, bpkt->hw_addr, + DHCPACK, bpkt, &opts); + fbxbr_capture_hw_addr(br, bpkt->hw_addr); + } + return; + } + + /* SELECTING */ + if (opts.server_id == br->lan_gw) { + /* client selected us */ + send_dhcp_reply(br, skb->dev, bpkt->hw_addr, + DHCPACK, bpkt, &opts); + fbxbr_capture_hw_addr(br, bpkt->hw_addr); + } else { + /* ignore */ + } + } +} diff -Nruw linux-5.15.42-fbx/net/fbxbridge./fbxbr_filter.c linux-5.15.42-fbx/net/fbxbridge/fbxbr_filter.c --- linux-5.15.42-fbx/net/fbxbridge./fbxbr_filter.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxbridge/fbxbr_filter.c 2023-02-27 19:50:23.028271550 +0100 @@ -0,0 +1,258 @@ +#include +#include +#include +#include "fbxbr_private.h" + +static int lolfn(struct net *net, struct sock *sk, struct sk_buff *skb) +{ + return 0; +} + +/* + * invoke netfilter table for finer grained control + */ +static int +netfilter_call_hook(struct sk_buff *skb, + unsigned int hook, + struct net_device *in_dev, + struct net_device *out_dev) +{ + struct iphdr *iph = ip_hdr(skb); + int ret; + + /* don't run frags into netfilter */ + if ((iph->frag_off & htons(IP_OFFSET))) + return NF_ACCEPT; + + nf_ct_set(skb, NULL, IP_CT_UNTRACKED); + + /* NF_HOOK will kfree_skb(), guard against this */ + skb_get(skb); + + ret = NF_HOOK(NFPROTO_IPV4, + hook, + &init_net, + NULL, + skb, + in_dev, + out_dev, + lolfn); + + if (ret < 0) + return NF_DROP; + + skb_unref(skb); + return NF_ACCEPT; +} + +static int +netfilter_forward_hook(struct sk_buff *skb, + struct net_device *in_dev, + struct net_device *out_dev) +{ + return netfilter_call_hook(skb, NF_INET_FORWARD, in_dev, out_dev); +} + +static int +netfilter_input_hook(struct sk_buff *skb, struct net_device *in_dev) +{ + return netfilter_call_hook(skb, NF_INET_LOCAL_IN, in_dev, NULL); +} + +/* + * set input mark bits, return true if changed + */ +static bool skb_set_br_inputmark(struct fbxbr *br, struct sk_buff *skb) +{ + if (unlikely(skb->mark & br->inputmark)) { + if (net_ratelimit()) + pr_err("%s: input mark already set on skb\n", + br->dev->name); + return false; + } + + skb->mark |= br->inputmark; + return true; +} + +static inline void skb_clear_br_inputmark(struct fbxbr *br, + struct sk_buff *skb) +{ + skb->mark &= ~br->inputmark; +} + +/* + * assume linear ip header + */ +static bool wan_to_lan_want_keep(struct fbxbr *br, + struct sk_buff *skb) +{ + struct iphdr *iph = ip_hdr(skb); + bool changed; + int ret; + + /* keep ETHER_IP packets */ + if (iph->protocol == 97) + return true; + + /* give ipv6 in ip private to freebox back to the + * kernel */ + if (iph->protocol == IPPROTO_IPV6) { + struct ipv6hdr *iph6; + unsigned int hlen; + + /* capture at least all traffic from our GW + * (192.88.99.101) */ + if (iph->saddr == htonl(0xc0586365)) + return true; + + /* rest if peer-to-peer shortcut traffic, check if + * this is for our IPv6 subnet, we cannot do it on + * fragmented traffic thought */ + if (iph->frag_off & htons(IP_OFFSET)) + return false; + + /* sanity check on header value */ + hlen = iph->ihl * 4; + if (skb->len < hlen + sizeof(struct ipv6hdr)) + return false; + + iph6 = (struct ipv6hdr *)((unsigned char *)iph + hlen); + if ((iph6->daddr.s6_addr32[0] & htonl(0xfffffff0)) == + htonl(0x2a010e30)) + return true; + } + + if (!(br->flags & FBXBRIDGE_FLAGS_NETFILTER)) + return false; + + /* we cant filter frags with netfilter */ + if (iph->frag_off & htons(IP_OFFSET)) + return false; + + /* check netfilter input hook */ + changed = skb_set_br_inputmark(br, skb); + ret = netfilter_input_hook(skb, skb->dev); + if (changed) + skb_clear_br_inputmark(br, skb); + + if (ret == NF_ACCEPT) + return true; + + return false; +} + +/* + * assume linear ip header + */ +static bool wan_to_lan_can_forward(struct fbxbr *br, struct sk_buff *skb) +{ + if ((br->flags & FBXBRIDGE_FLAGS_NETFILTER)) { + int ret; + + ret = netfilter_forward_hook(skb, br->wan_port->dev, br->dev); + if (ret == NF_DROP) + return false; + } + return true; +} + +/* + * note: caller assured that ip header is valid and holds bridge read + * lock + * + * use netfilter hook return type + */ +int +fbxbr_filter_wan_to_lan_packet(struct fbxbr *br, struct sk_buff *skb) +{ + int ret; + + if (wan_to_lan_want_keep(br, skb)) + return NF_STOP; + + if (!br->lan_port) + return NF_DROP; + + ret = wan_to_lan_can_forward(br, skb); + if (ret != NF_ACCEPT) + return NF_DROP; + + return NF_ACCEPT; +} + +/* + * assume linear ip header + */ +static bool lan_to_wan_want_keep(struct fbxbr *br, struct sk_buff *skb) +{ + return false; +} + +/* + * assume linear ip header + */ +static bool lan_to_wan_can_forward(struct fbxbr *br, struct sk_buff *skb) +{ + struct iphdr *iph = ip_hdr(skb); + + /* disallow source spoofing */ + if (iph->saddr != br->wan_ipaddr) + return false; + + /* disallow all private net destination */ + if (ipv4_is_loopback(iph->daddr) || + ipv4_is_private_10(iph->daddr) || + ipv4_is_private_172(iph->daddr) || + ipv4_is_private_192(iph->daddr) || + ipv4_is_linklocal_169(iph->daddr) || + ipv4_is_anycast_6to4(iph->daddr) || + ipv4_is_test_192(iph->daddr) || + ipv4_is_test_198(iph->daddr)) + return false; + + /* no multicast please */ + if (ipv4_is_multicast(iph->daddr)) + return false; + + /* Don't let IP broadcast go through us */ + if (ipv4_is_zeronet(iph->daddr)) + return false; + + if (ipv4_is_lbcast(iph->daddr)) + return false; + + if ((br->flags & FBXBRIDGE_FLAGS_NETFILTER)) { + int ret; + + ret = netfilter_forward_hook(skb, br->dev, br->wan_port->dev); + if (ret == NF_DROP) + return false; + } + + return true; +} + +/* + * note: caller assured that ip header is valid and holds bridge read + * lock + * + * use netfilter hook return type + */ +int +fbxbr_filter_lan_to_wan_packet(struct fbxbr *br, struct sk_buff *skb) +{ + int ret; + + if (lan_to_wan_want_keep(br, skb)) + return NF_STOP; + + if (!br->wan_port) + return NF_DROP; + + ret = lan_to_wan_can_forward(br, skb); + if (ret != NF_ACCEPT) + return NF_DROP; + + return NF_ACCEPT; +} diff -Nruw linux-5.15.42-fbx/net/fbxbridge./fbxbr_fwcache.c linux-5.15.42-fbx/net/fbxbridge/fbxbr_fwcache.c --- linux-5.15.42-fbx/net/fbxbridge./fbxbr_fwcache.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxbridge/fbxbr_fwcache.c 2024-04-22 14:46:58.152274778 +0200 @@ -0,0 +1,177 @@ +#include +#include +#include "fbxbr_private.h" + +/* + * + */ +u32 fbxbr_fwcache_hash(const struct fbxbr_fwcache_key *k) +{ + return jhash_3words(k->lan_ip, + k->is_tcp ? k->wan_ip : ~k->wan_ip, + k->lan_port | k->wan_port << 16, 0); +} + +/* + * must be called with bh disabled and fwcache held + */ +struct fbxbr_fwcache * +__fbxbr_fwcache_lookup(struct fbxbr *br, u32 hash, + const struct fbxbr_fwcache_key *k) +{ + struct fbxbr_fwcache *fwc; + + hlist_for_each_entry(fwc, + &br->fwcache_hrules[hash % FBXBR_FWCACHE_SIZE], + hnext) { + /* compare entry */ + if (fwc->lan_ip == k->lan_ip && + fwc->wan_ip == k->wan_ip && + fwc->is_tcp == k->is_tcp && + fwc->lan_port == k->lan_port && + fwc->wan_port == k->wan_port) + return fwc; + } + + return NULL; +} + +/* + * return true if the flow has a chance to be in the fwcache + * + * skb must be a valid ipv4 packet + */ +bool fbxbr_fwcache_skb_allowable(struct sk_buff *skb, + bool from_wan, + struct fbxbr_fwcache_key *k, + bool *can_create) +{ + const struct iphdr *iph; + __be16 psrc, pdst; + + iph = ip_hdr(skb); + + if (iph->frag_off & htons(IP_OFFSET)) + return false; + + if (iph->protocol != IPPROTO_UDP && iph->protocol != IPPROTO_TCP) + return false; + + if (from_wan) { + k->wan_ip = iph->saddr; + k->lan_ip = iph->daddr; + } else { + k->lan_ip = iph->saddr; + k->wan_ip = iph->daddr; + } + + if (iph->protocol == IPPROTO_UDP) { + struct udphdr *udph; + + if (!pskb_may_pull(skb, skb_transport_offset(skb) + + sizeof (struct udphdr))) + return false; + + udph = (struct udphdr *)skb_transport_header(skb); + *can_create = true; + + psrc = udph->source; + pdst = udph->dest; + k->is_tcp = false; + } else { + struct tcphdr *tcph; + + if (!pskb_may_pull(skb, skb_transport_offset(skb) + + sizeof (struct tcphdr))) + return false; + + tcph = (struct tcphdr *)skb_transport_header(skb); + if (tcph->syn) + *can_create = true; + else + *can_create = false; + + psrc = tcph->source; + pdst = tcph->dest; + k->is_tcp = true; + } + + if (from_wan) { + k->wan_port = psrc; + k->lan_port = pdst; + } else { + k->lan_port = psrc; + k->wan_port = pdst; + } + return true; +} + +/* + * must be called with bh disabled + */ +int fbxbr_fwcache_add(struct fbxbr *br, + u32 hash, const struct fbxbr_fwcache_key *k) +{ + struct fbxbr_fwcache *fwc; + + write_lock(&br->fwcache_lock); + + if (unlikely(__fbxbr_fwcache_lookup(br, hash, k))) + goto done; + + /* add new entry */ + if (br->fwcache_count < FBXBR_FWCACHE_MAX_ENTRY) { + fwc = kmalloc(sizeof (*fwc), GFP_ATOMIC); + if (!fwc) + goto done; + br->fwcache_count++; + } else { + fwc = list_first_entry(&br->fwcache_rules, + struct fbxbr_fwcache, + next); + hlist_del(&fwc->hnext); + list_del(&fwc->next); + if (fwc->priv_destructor) + fwc->priv_destructor((void *)fwc->priv_area); + } + + fwc->lan_ip = k->lan_ip; + fwc->wan_ip = k->wan_ip; + fwc->lan_port = k->lan_port; + fwc->wan_port = k->wan_port; + fwc->is_tcp = k->is_tcp; + fwc->priv_destructor = NULL; + memset(fwc->priv_area, 0, sizeof (fwc->priv_area)); + + hlist_add_head(&fwc->hnext, + &br->fwcache_hrules[hash % FBXBR_FWCACHE_SIZE]); + list_add_tail(&fwc->next, &br->fwcache_rules); + +done: + write_unlock(&br->fwcache_lock); + return 0; +} + +/* + * + */ +void fbxbr_fwcache_flush(struct fbxbr *br) +{ + struct fbxbr_fwcache *fwc, *tmp; + size_t i; + + write_lock_bh(&br->fwcache_lock); + + list_for_each_entry_safe(fwc, tmp, &br->fwcache_rules, next) { + if (fwc->priv_destructor) + fwc->priv_destructor((void *)fwc->priv_area); + kfree(fwc); + } + + INIT_LIST_HEAD(&br->fwcache_rules); + for (i = 0; i < ARRAY_SIZE(br->fwcache_hrules); i++) + INIT_HLIST_HEAD(&br->fwcache_hrules[i]); + br->fwcache_count = 0; + + write_unlock_bh(&br->fwcache_lock); +} diff -Nruw linux-5.15.42-fbx/net/fbxbridge./fbxbr_input.c linux-5.15.42-fbx/net/fbxbridge/fbxbr_input.c --- linux-5.15.42-fbx/net/fbxbridge./fbxbr_input.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxbridge/fbxbr_input.c 2024-04-22 14:46:58.152274778 +0200 @@ -0,0 +1,347 @@ +#include +#include +#include +#include +#include "fbxbr_private.h" + +/* + * + */ +static rx_handler_result_t __handle_wan_frame(struct fbxbr_port *p, + struct sk_buff *skb) +{ + struct fbxbr *br = p->br; + struct fbxbr_fwcache_key fwk; + bool fwc_present, fwc_can_create; + u32 hash = 0; + int ret; + + /* give back non IPv4 packets */ + if (skb->protocol != htons(ETH_P_IP)) + return RX_HANDLER_PASS; + + /* stop here if we have no idea what the wan ip address is or + * was */ + if (!br->wan_ipaddr) + goto drop; + + if (!fbxbr_is_valid_ip_packet(skb)) + goto drop; + + /* lookup into forward cache */ + fwc_present = false; + fwc_can_create = false; + + if (fbxbr_fwcache_skb_allowable(skb, true, &fwk, &fwc_can_create)) { + hash = fbxbr_fwcache_hash(&fwk); + read_lock(&br->fwcache_lock); + fwc_present = (__fbxbr_fwcache_lookup(br, hash, &fwk) != NULL); + read_unlock(&br->fwcache_lock); + } + + if (fwc_present) + goto output_lan; + + ret = fbxbr_filter_wan_to_lan_packet(br, skb); + switch (ret) { + default: + WARN(1, "unsupported filter action"); + fallthrough; + + case NF_DROP: + kfree_skb(skb); + return RX_HANDLER_CONSUMED; + + case NF_STOP: + nf_reset_ct(skb); + return RX_HANDLER_PASS; + + case NF_ACCEPT: + break; + } + +output_lan: + if (!br->lan_port) + goto drop; + + fbxbr_output_lan_frame(br, skb); + + if (!fwc_present && fwc_can_create) + fbxbr_fwcache_add(br, hash, &fwk); + + return RX_HANDLER_CONSUMED; + +drop: + kfree_skb(skb); + return RX_HANDLER_CONSUMED; +} + +/* + * + */ +static void +__handle_lan_arp_frame(struct fbxbr_port *p, struct sk_buff *skb) +{ + struct net_device *dev = p->dev; + struct fbxbr *br = p->br; + __be32 sender_ipaddr, target_ipaddr; + u8 *sender_hwaddr, *req; + struct arphdr *arp; + + if (!pskb_may_pull(skb, arp_hdr_len(p->dev))) + goto done; + + arp = arp_hdr(skb); + if (arp->ar_hln != dev->addr_len || arp->ar_pln != 4) + goto done; + + if ((arp->ar_hrd != htons(ARPHRD_ETHER) && + arp->ar_hrd != htons(ARPHRD_IEEE802)) || + arp->ar_pro != htons(ETH_P_IP)) + goto done; + + if (arp->ar_op != htons(ARPOP_REQUEST) && + arp->ar_op != htons(ARPOP_REPLY)) + goto done; + + /* fetch subfields */ + req = (unsigned char *)(arp + 1); + + sender_hwaddr = req; + req += ETH_ALEN; + + memcpy(&sender_ipaddr, req, 4); + req += 4; + + /* skip target_hwaddr */ + req += dev->addr_len; + + memcpy(&target_ipaddr, req, 4); + + /* ignore gratuitous ARP */ + if (!sender_ipaddr) + goto done; + + if (arp->ar_op == htons(ARPOP_REQUEST)) { + + /* client is sending an arp request */ + if (!br->wan_ipaddr) { + /* wan has never been up, our wan address is + * not known, answer to every arp requests */ + + /* ignore what looks like gratuitous ARP */ + if (sender_ipaddr == target_ipaddr) + goto done; + + /* don't answer for special ip address */ + if (ipv4_is_private_10(target_ipaddr) || + ipv4_is_private_172(target_ipaddr) || + ipv4_is_private_192(target_ipaddr) || + ipv4_is_linklocal_169(target_ipaddr) || + ipv4_is_anycast_6to4(target_ipaddr) || + ipv4_is_test_192(target_ipaddr) || + ipv4_is_test_198(target_ipaddr)) + goto done; + + /* ok, will reply with a zero source + * address */ + } else { + /* wan is up, filter our arp reply to match + * WAN */ + + /* accept only arp from remote client */ + if (sender_ipaddr != br->wan_ipaddr) + goto done; + + /* accept only arp request for wan network */ + if ((target_ipaddr & br->lan_netmask) != + (br->wan_ipaddr & br->lan_netmask)) + goto done; + + /* request is for the client's address, keep quiet */ + if (target_ipaddr == br->wan_ipaddr) + goto done; + } + + /* ok I can answer */ + fbxbr_send_arp_frame(dev, ARPOP_REPLY, sender_hwaddr, + target_ipaddr, NULL, + br->wan_ipaddr, sender_hwaddr); + + /* keep the client address */ + fbxbr_capture_hw_addr(br, sender_hwaddr); + + } else { + + /* accept only arp from remote client */ + if (sender_ipaddr != br->wan_ipaddr) + goto done; + + /* we received an arp reply, iff it was addressed to + * us, then keep the client mac address */ + if (target_ipaddr != br->lan_gw) + goto done; + + fbxbr_capture_hw_addr(br, sender_hwaddr); + } + +done: + kfree_skb(skb); +} + +/* + * + */ +static inline bool __is_local_ip(struct fbxbr *br, __be32 ipaddr) +{ + int i; + + if (ipaddr == br->br_ipaddr || ipv4_is_multicast(ipaddr)) + return true; + + for (i = 0; i < MAX_ALIASES; i++) { + if (br->ip_aliases[i] && br->ip_aliases[i] == ipaddr) + return true; + } + + return false; +} + +/* + * + */ +static rx_handler_result_t __handle_lan_frame(struct fbxbr_port *p, + struct sk_buff *skb) +{ + struct fbxbr *br = p->br; + struct iphdr *iph; + struct fbxbr_fwcache_key fwk; + bool fwc_present, fwc_can_create, is_fragment; + u32 hash = 0; + int ret; + + if (skb->protocol == htons(ETH_P_ARP)) { + __handle_lan_arp_frame(p, skb); + return RX_HANDLER_CONSUMED; + } + + /* give back non IPv4 packets */ + if (skb->protocol != htons(ETH_P_IP)) + return RX_HANDLER_PASS; + + if (!fbxbr_is_valid_ip_packet(skb)) + goto drop; + + iph = ip_hdr(skb); + + /* look the destination address, if talking to our private + * address or alias, then frame is local */ + if (__is_local_ip(br, iph->daddr)) { + + if (!br->br_remote_ipaddr) + goto drop; + + /* packet comes from lan, snat it and make it local */ + fbxbr_snat_packet(skb, br->br_remote_ipaddr); + skb->dev = br->dev; + skb->pkt_type = PACKET_HOST; + br->dev->stats.rx_packets++; + br->dev->stats.rx_bytes += skb->len; + netif_rx(skb); + return RX_HANDLER_CONSUMED; + } + + /* stop here if we have no idea what the wan ip address is or + * was */ + if (!br->wan_ipaddr) + goto drop; + + /* lookup into forward cache */ + fwc_present = false; + fwc_can_create = false; + + if (fbxbr_fwcache_skb_allowable(skb, false, &fwk, &fwc_can_create)) { + hash = fbxbr_fwcache_hash(&fwk); + read_lock(&br->fwcache_lock); + fwc_present = (__fbxbr_fwcache_lookup(br, hash, &fwk) != NULL); + read_unlock(&br->fwcache_lock); + } + + if (fwc_present) + goto output_wan; + + /* process DHCP if enabled */ + is_fragment = iph->frag_off & htons(IP_OFFSET); + if (iph->protocol == IPPROTO_UDP && + !is_fragment && + (br->flags & FBXBRIDGE_FLAGS_DHCPD)) { + struct udphdr *udp; + + if (!fbxbr_is_valid_udp_tcp_packet(skb)) + goto drop; + + udp = udp_hdr(skb); + if (udp->dest == htons(67)) { + fbxbr_dhcpd(br, skb); + goto drop; + } + } + + ret = fbxbr_filter_lan_to_wan_packet(br, skb); + switch (ret) { + default: + WARN(1, "unsupported filter action"); + fallthrough; + + case NF_DROP: + kfree_skb(skb); + return RX_HANDLER_CONSUMED; + + case NF_STOP: + nf_reset_ct(skb); + return RX_HANDLER_PASS; + + case NF_ACCEPT: + break; + } + +output_wan: + if (!br->wan_port) + goto drop; + + fbxbr_output_wan_frame(br, skb); + + if (!fwc_present && fwc_can_create) + fbxbr_fwcache_add(br, hash, &fwk); + + return RX_HANDLER_CONSUMED; + +drop: + kfree_skb(skb); + return RX_HANDLER_CONSUMED; +} + +/* + * + */ +rx_handler_result_t fbxbr_handle_frame(struct sk_buff **pskb) +{ + struct sk_buff *skb = *pskb; + struct fbxbr_port *p; + rx_handler_result_t ret; + + skb = skb_share_check(skb, GFP_ATOMIC); + if (!skb) + return RX_HANDLER_CONSUMED; + + p = fbxbr_port_get_rcu(skb->dev); + + read_lock(&p->br->lock); + if (p->is_wan) + ret = __handle_wan_frame(p, skb); + else + ret = __handle_lan_frame(p, skb); + read_unlock(&p->br->lock); + + return ret; +} diff -Nruw linux-5.15.42-fbx/net/fbxbridge./fbxbr_ioctl.c linux-5.15.42-fbx/net/fbxbridge/fbxbr_ioctl.c --- linux-5.15.42-fbx/net/fbxbridge./fbxbr_ioctl.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxbridge/fbxbr_ioctl.c 2023-02-27 19:50:22.652261514 +0100 @@ -0,0 +1,85 @@ +#include +#include +#include +#include +#include +#include "fbxbr_private.h" + +/* + * ioctl handling + */ +int fbxbr_ioctl(struct net *net, unsigned int ign, void __user *arg) +{ + struct fbxbridge_ioctl_req req; + struct fbxbridge_ioctl_chg chg; + struct fbxbridge_ioctl_dev_chg dev_chg; + struct fbxbridge_ioctl_params params; + int ret; + + /* fetch ioctl request */ + if (copy_from_user(&req, arg, sizeof (req))) + return -EFAULT; + + switch (req.cmd) { + case E_CMD_BR_CHG: + if (copy_from_user(&chg, (void *)req.arg, sizeof (chg))) + return -EFAULT; + + if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) + return -EPERM; + + if (!chg.action) + return fbxbr_add_br(net, chg.brname); + + rtnl_lock(); + ret = __fbxbr_del_br(net, chg.brname); + rtnl_unlock(); + return ret; + + case E_CMD_BR_DEV_CHG: + if (copy_from_user(&dev_chg, (void *)req.arg, + sizeof (dev_chg))) + return -EFAULT; + + if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) + return -EPERM; + + rtnl_lock(); + if (!dev_chg.action) + ret = __fbxbr_add_br_port(net, + dev_chg.brname, + dev_chg.devname, + dev_chg.wan); + else + ret = __fbxbr_del_br_port_by_name(net, + dev_chg.brname, + dev_chg.devname); + rtnl_unlock(); + return ret; + + case E_CMD_BR_PARAMS: + if (copy_from_user(¶ms, (void *)req.arg, sizeof (params))) + return -EFAULT; + + if (!params.action) { + /* this is a get */ + ret = fbxbr_get_params(net, params.brname, ¶ms); + if (ret) + return ret; + + return copy_to_user((void *)req.arg, ¶ms, + sizeof (params)); + } + + /* this is a set */ + if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) + return -EPERM; + + return fbxbr_set_params(net, params.brname, ¶ms); + + default: + return -EINVAL; + } + + return 0; +} diff -Nruw linux-5.15.42-fbx/net/fbxbridge./fbxbr_output.c linux-5.15.42-fbx/net/fbxbridge/fbxbr_output.c --- linux-5.15.42-fbx/net/fbxbridge./fbxbr_output.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxbridge/fbxbr_output.c 2023-02-27 19:50:22.652261514 +0100 @@ -0,0 +1,164 @@ +#include +#include +#include "fbxbr_private.h" + +/* + * caller must hold bridge lock + * + * lan port must be valid + */ +void fbxbr_output_lan_mcast_frame(struct fbxbr *br, struct sk_buff *skb) +{ + struct fbxbr_port *p = br->lan_port; + struct net_device *dev = p->dev; + struct iphdr *ip; + u8 mcast_hwaddr[6]; + u32 daddr; + + ip = ip_hdr(skb); + + /* compute mcast hwaddr */ + mcast_hwaddr[0] = 0x1; + mcast_hwaddr[1] = 0x0; + mcast_hwaddr[2] = 0x5e; + daddr = ntohl(ip->daddr); + mcast_hwaddr[3] = (daddr & 0x7f0000) >> 16; + mcast_hwaddr[4] = (daddr & 0xff00) >> 8; + mcast_hwaddr[5] = (daddr & 0xff); + + skb->dev = dev; + dev_hard_header(skb, dev, ETH_P_802_3, mcast_hwaddr, dev->dev_addr, + ETH_P_IP); + dev_queue_xmit(skb); +} + +/* + * caller must hold bridge lock and have BH disabled + * + * lan port must be valid + * + * must be a valid ip packet + */ +void fbxbr_output_lan_frame(struct fbxbr *br, struct sk_buff *skb) +{ + struct fbxbr_port *p = br->lan_port; + struct net_device *dev = p->dev; + struct iphdr *iph; + const char *dest_hw; + + iph = ip_hdr(skb); + + if (!br->have_hw_addr && iph->daddr != INADDR_BROADCAST) { + + /* (fixme: try to queue instead of dropping ?) */ + kfree_skb(skb); + + /* rate limit arp sending to ARP_RATE_LIMIT */ + spin_lock(&br->last_arp_lock); + if (time_before(jiffies, br->last_arp_send + ARP_RATE_LIMIT)) { + spin_unlock(&br->last_arp_lock); + return; + } + + br->last_arp_send = jiffies; + spin_unlock(&br->last_arp_lock); + + fbxbr_send_arp_frame(dev, + ARPOP_REQUEST, + NULL, + br->lan_gw, + NULL, + br->wan_ipaddr, + NULL); + return; + } + + /* we have an active device, send to the hw addr if we have + * it, or to the bcast hw addr if we don't or the packet is + * an ip broadcast */ + skb->dev = dev; + + if (br->have_hw_addr && iph->daddr != INADDR_BROADCAST) + dest_hw = br->lan_hwaddr; + else + dest_hw = dev->broadcast; + + dev_hard_header(skb, dev, ETH_P_802_3, dest_hw, dev->dev_addr, + ETH_P_IP); + dev_queue_xmit(skb); +} + +/* + * caller must hold bridge lock and have BH disabled + * + * wan port must be valid + * + * must be a valid ip packet + */ +void fbxbr_output_wan_frame(struct fbxbr *br, struct sk_buff *skb) +{ + struct fbxbr_port *p = br->wan_port; + struct net_device *dev = p->dev; + struct iphdr *iph; + struct neighbour *neigh; + __be32 nh; + + skb->dev = dev; + + if (!dev->hard_header_len) { + dev_queue_xmit(skb); + return; + } + + iph = ip_hdr(skb); + + /* resolve next hop */ + nh = iph->daddr; + if ((nh & br->wan_netmask) != (br->wan_ipaddr & br->wan_netmask)) { + struct rtable *rt; + + rt = p->rt; + if (rt && rt->dst.obsolete > 0) { + ip_rt_put(rt); + p->rt = NULL; + rt = NULL; + } + + /* need to find default gateway */ + if (!rt) { + rt = ip_route_output(&init_net, nh, 0, 0, + dev->ifindex); + if (IS_ERR(rt) || rt->rt_type != RTN_UNICAST) { + kfree_skb(skb); + return; + } + + p->rt = rt; + } + + nh = rt_nexthop(rt, nh); + } + + /* resolve neighbour */ + neigh = __ipv4_neigh_lookup_noref(dev, nh); + if (unlikely(!neigh)) + neigh = __neigh_create(&arp_tbl, &nh, dev, false); + + if (IS_ERR(neigh)) { + kfree_skb(skb); + return; + } + + if (!(neigh->nud_state & NUD_VALID)) { + neigh_event_send(neigh, NULL); + kfree_skb(skb); + return; + } + + neigh_event_send(neigh, NULL); + + /* send */ + dev_hard_header(skb, dev, ETH_P_802_3, neigh->ha, dev->dev_addr, + ETH_P_IP); + dev_queue_xmit(skb); +} diff -Nruw linux-5.15.42-fbx/net/fbxbridge./fbxbr_private.h linux-5.15.42-fbx/net/fbxbridge/fbxbr_private.h --- linux-5.15.42-fbx/net/fbxbridge./fbxbr_private.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxbridge/fbxbr_private.h 2024-04-22 14:46:58.156274887 +0200 @@ -0,0 +1,197 @@ +#ifndef FBXBRIDGE_PRIVATE_H_ +#define FBXBRIDGE_PRIVATE_H_ + +#include +#include +#include +#include +#include + +#define ARP_RATE_LIMIT (HZ) +#define ARP_ETHER_SIZE (8 + ETH_ALEN * 2 + 4 * 2) +#define DEFAULT_RENEWAL_TIME 60 +#define DEFAULT_REBIND_TIME 300 +#define DEFAULT_LEASE_TIME 600 + +#define FBXBR_FWCACHE_SIZE 256 +#define FBXBR_FWCACHE_MAX_ENTRY 2048 + +struct fbxbr; + +struct fbxbr_fwcache_key { + __be32 lan_ip; + __be32 wan_ip; + __be16 lan_port; + __be16 wan_port; + bool is_tcp; +}; + +struct fbxbr_fwcache { + __be32 lan_ip; + __be32 wan_ip; + __be16 lan_port; + __be16 wan_port; + u8 is_tcp; + struct hlist_node hnext; + struct list_head next; + + void (*priv_destructor)(void *); + u32 priv_area[8]; +}; + +struct fbxbr_port { + struct fbxbr *br; + struct net_device *dev; + struct rtable *rt; + bool is_wan; +}; + +struct fbxbr { + struct net_device *dev; + + /* protect all fields but lan_hwaddr */ + rwlock_t lock; + + /* + * currently assigned lan & wan port, updated by userspace + * under rtnl + */ + struct fbxbr_port *wan_port; + struct fbxbr_port *lan_port; + + /* + * config, updated by userspace + */ + unsigned int flags; + unsigned int inputmark; + + unsigned int dns1_ipaddr; + unsigned int dns2_ipaddr; + + unsigned long dhcpd_renew_time; + unsigned long dhcpd_rebind_time; + unsigned long dhcpd_lease_time; + + /* list of ip we consider to be local */ + unsigned long ip_aliases[MAX_ALIASES]; + + /* + * runtime state + */ + + /* local and remote (fbx) ip address, maintained using inet + * notifier */ + __be32 br_ipaddr; + __be32 br_remote_ipaddr; + + /* wan side inet info */ + __be32 wan_ipaddr; + __be32 wan_netmask; + __be32 lan_gw; + __be32 lan_netmask; + + /* currently detected lan device hardware address */ + rwlock_t lan_hwaddr_lock; + bool have_hw_addr; + unsigned char lan_hwaddr[ETH_ALEN]; + + spinlock_t last_arp_lock; + unsigned long last_arp_send; + + rwlock_t fwcache_lock; + struct hlist_head fwcache_hrules[FBXBR_FWCACHE_SIZE]; + struct list_head fwcache_rules; + unsigned int fwcache_count; + + struct list_head next; +}; + +/* + * helpers to get bridge port from netdevice + */ +#define fbxbr_port_exists(dev) (dev->priv_flags & IFF_FBXBRIDGE_PORT) + +static inline struct fbxbr_port * +fbxbr_port_get_rcu(const struct net_device *dev) +{ + return rcu_dereference(dev->rx_handler_data); +} + +static inline struct fbxbr_port * +fbxbr_port_get_rtnl(const struct net_device *dev) +{ + return fbxbr_port_exists(dev) ? + rtnl_dereference(dev->rx_handler_data) : NULL; +} + +/* fbxbr_dev.c */ +int fbxbr_add_br(struct net *net, const char *name); + +int __fbxbr_del_br(struct net *net, const char *name); + +int __fbxbr_add_br_port(struct net *net, const char *name, + const char *port_name, bool is_wan); + +int __fbxbr_del_br_port_by_name(struct net *net, const char *name, + const char *port_name); + +void __fbxbr_del_br_port(struct fbxbr_port *p); + +int fbxbr_get_params(struct net *net, const char *name, + struct fbxbridge_ioctl_params *params); + +int fbxbr_set_params(struct net *net, const char *name, + const struct fbxbridge_ioctl_params *params); + +void fbxbr_capture_hw_addr(struct fbxbr *br, const u8 *hwaddr); + + +/* fbxbr_dhcp.c */ +void fbxbr_dhcpd(struct fbxbr *br, struct sk_buff *skb); + +/* fbxbr_filter.c */ +int +fbxbr_filter_wan_to_lan_packet(struct fbxbr *br, struct sk_buff *skb); +int +fbxbr_filter_lan_to_wan_packet(struct fbxbr *br, struct sk_buff *skb); + +/* fbxbr_fwcache.c */ +u32 fbxbr_fwcache_hash(const struct fbxbr_fwcache_key *k); + +struct fbxbr_fwcache * +__fbxbr_fwcache_lookup(struct fbxbr *br, u32 hash, + const struct fbxbr_fwcache_key *k); + +bool fbxbr_fwcache_skb_allowable(struct sk_buff *skb, + bool from_wan, + struct fbxbr_fwcache_key *k, + bool *can_create); +int fbxbr_fwcache_add(struct fbxbr *br, + u32 hash, const struct fbxbr_fwcache_key *k); + +void fbxbr_fwcache_flush(struct fbxbr *br); + +/* fbxbr_ioctl.c */ +int fbxbr_ioctl(struct net *net, unsigned int ign, void __user *arg); + +/* fbxbr_input.c */ +rx_handler_result_t fbxbr_handle_frame(struct sk_buff **pskb); + +/* fbxbr_output.c */ +void fbxbr_output_lan_mcast_frame(struct fbxbr *br, struct sk_buff *skb); +void fbxbr_output_lan_frame(struct fbxbr *br, struct sk_buff *skb); +void fbxbr_output_wan_frame(struct fbxbr *br, struct sk_buff *skb); + +/* fbxbr_utils.c */ +int fbxbr_send_arp_frame(struct net_device *dev, u16 op, + const u8 *dest_hw, + __be32 src_ip, const u8 *src_hw, + __be32 target_ip, const u8 *target_hw); + +bool fbxbr_is_valid_ip_packet(struct sk_buff *skb); +bool fbxbr_is_valid_udp_tcp_packet(struct sk_buff *skb); +void fbxbr_snat_packet(struct sk_buff *skb, __be32 new_addr); +void fbxbr_dnat_packet(struct sk_buff *skb, __be32 new_addr); + + +#endif /* !FBXBRIDGE_PRIVATE_H_ */ diff -Nruw linux-5.15.42-fbx/net/fbxbridge./fbxbr_utils.c linux-5.15.42-fbx/net/fbxbridge/fbxbr_utils.c --- linux-5.15.42-fbx/net/fbxbridge./fbxbr_utils.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/fbxbridge/fbxbr_utils.c 2023-02-27 19:50:23.744290661 +0100 @@ -0,0 +1,204 @@ +#include +#include +#include "fbxbr_private.h" + +/* + * allocate & send ARP frame to given device + * + * src_hw can be NULL, device address is used instead + * dest_hw can be NULL, device broadcast address is used instead + * target_hw can be NULL, empty address is used instead + */ +int fbxbr_send_arp_frame(struct net_device *dev, u16 op, + const u8 *dest_hw, + __be32 src_ip, const u8 *src_hw, + __be32 target_ip, const u8 *target_hw) +{ + struct arphdr *arp; + struct sk_buff *skb; + unsigned char *arp_ptr; + int hlen = LL_RESERVED_SPACE(dev); + int tlen = dev->needed_tailroom; + int ret; + + /* prepare arp packet */ + skb = alloc_skb(arp_hdr_len(dev) + hlen + tlen, GFP_ATOMIC); + if (!skb) + return -ENOMEM; + + skb_reserve(skb, hlen); + skb_reset_network_header(skb); + arp = skb_put(skb, arp_hdr_len(dev)); + skb->dev = dev; + skb->protocol = htons(ETH_P_ARP); + + if (!src_hw) + src_hw = dev->dev_addr; + if (!dest_hw) + dest_hw = dev->broadcast; + + arp->ar_hrd = htons(dev->type); + arp->ar_pro = htons(ETH_P_IP); + arp->ar_hln = dev->addr_len; + arp->ar_pln = 4; + arp->ar_op = htons(op); + + arp_ptr = (unsigned char *)(arp + 1); + + memcpy(arp_ptr, src_hw, dev->addr_len); + arp_ptr += dev->addr_len; + memcpy(arp_ptr, &src_ip, 4); + arp_ptr += 4; + + if (target_hw) + memcpy(arp_ptr, target_hw, dev->addr_len); + else + memset(arp_ptr, 0, dev->addr_len); + + arp_ptr += dev->addr_len; + memcpy(arp_ptr, &target_ip, 4); + + ret = dev_hard_header(skb, dev, ETH_P_ARP, dest_hw, src_hw, skb->len); + if (ret < 0) { + kfree_skb(skb); + return ret; + } + + return dev_queue_xmit(skb); +} + +/* + * validate header fields & checksum, also linearize IP header and + * setup transport headers + */ +bool fbxbr_is_valid_ip_packet(struct sk_buff *skb) +{ + const struct iphdr *iph; + + if (!pskb_may_pull(skb, sizeof (*iph))) + return false; + + iph = ip_hdr(skb); + + if (iph->ihl < 5 || iph->version != 4) + return false; + + if (!pskb_may_pull(skb, iph->ihl * 4)) + return false; + + iph = ip_hdr(skb); + + if (ntohs(iph->tot_len) > skb->len) + return false; + + skb->transport_header = skb->network_header + iph->ihl * 4; + + return true; +} + +/* + * make sure the udp/tcp header is present in the linear section + */ +bool fbxbr_is_valid_udp_tcp_packet(struct sk_buff *skb) +{ + const struct iphdr *iph; + + iph = ip_hdr(skb); + + switch (iph->protocol) { + case IPPROTO_UDP: + if (!pskb_may_pull(skb, skb_transport_offset(skb) + + sizeof (struct udphdr))) + return false; + break; + case IPPROTO_TCP: + if (!pskb_may_pull(skb, skb_transport_offset(skb) + + sizeof (struct tcphdr))) + return false; + break; + } + return true; +} + + +/* + * do source or destination nat + */ +static void recalculate_l4_checksum(struct sk_buff *skb, + __be32 osaddr, __be32 odaddr) +{ + struct iphdr *iph; + u16 check; + + iph = ip_hdr(skb); + if (iph->frag_off & htons(IP_OFFSET)) + return; + + if (!fbxbr_is_valid_udp_tcp_packet(skb)) + return; + + iph = ip_hdr(skb); + + switch (iph->protocol) { + case IPPROTO_TCP: + { + struct tcphdr *tcph; + + tcph = (struct tcphdr *)skb_transport_header(skb); + check = tcph->check; + if (skb->ip_summed != CHECKSUM_COMPLETE) + check = ~check; + check = csum_tcpudp_magic(iph->saddr, iph->daddr, 0, 0, check); + check = csum_tcpudp_magic(~osaddr, ~odaddr, 0, 0, ~check); + if (skb->ip_summed == CHECKSUM_COMPLETE) + check = ~check; + tcph->check = check; + break; + } + + case IPPROTO_UDP: + { + struct udphdr *udph; + + udph = (struct udphdr *)skb_transport_header(skb); + check = udph->check; + if (check != 0) { + check = csum_tcpudp_magic(iph->saddr, iph->daddr, + 0, 0, ~check); + check = csum_tcpudp_magic(~osaddr, ~odaddr, 0, 0, + ~check); + udph->check = check ? : 0xFFFF; + } + break; + } + } +} + +/* + * packet must be valid IPv4 with header in linear section + */ +void fbxbr_snat_packet(struct sk_buff *skb, __be32 new_addr) +{ + struct iphdr *ip; + __be32 oaddr; + + ip = ip_hdr(skb); + oaddr = ip->saddr; + ip->saddr = new_addr; + ip->check = 0; + ip->check = ip_fast_csum((unsigned char *) ip, ip->ihl); + recalculate_l4_checksum(skb, oaddr, ip->daddr); +} + +void fbxbr_dnat_packet(struct sk_buff *skb, __be32 new_addr) +{ + struct iphdr *ip; + __be32 oaddr; + + ip = ip_hdr(skb); + oaddr = ip->daddr; + ip->daddr = new_addr; + ip->check = 0; + ip->check = ip_fast_csum((unsigned char *) ip, ip->ihl); + recalculate_l4_checksum(skb, ip->saddr, oaddr); +} --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/net/ipv4/ip_ffn.c 2024-04-22 14:46:58.168275215 +0200 @@ -0,0 +1,718 @@ +/* + * IP fast forwarding and NAT + * + * Very restrictive code, that only cope non fragmented UDP and TCP + * packets, that are routed and NATed with no other modification. + * + * Provide a fast path for established conntrack entries so that + * packets go out ASAP. + */ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#define FFN_CACHE_SIZE 256 +#define MAX_FFN_ENTRY 2048 + +DEFINE_RWLOCK(ffn_lock); +static struct list_head ffn_cache[FFN_CACHE_SIZE]; +static struct list_head ffn_all; +static unsigned int ffn_entry_count; + +/* + * hash on five parameter + */ +static inline unsigned int ffn_hash(u32 sip, u32 dip, u16 sport, u16 dport, + int is_tcp) +{ + return jhash_3words(sip, is_tcp ? dip : ~dip, sport | dport << 16, 0); +} + +/* + * attempt to find entry with given value in cache + */ +static struct ffn_lookup_entry *__ffn_find(u32 sip, u32 dip, + u16 sport, u16 dport, + u8 protocol, + unsigned int hash) +{ + struct ffn_lookup_entry *tmp; + + list_for_each_entry(tmp, &ffn_cache[hash % FFN_CACHE_SIZE], next) { + + /* compare entry */ + if (tmp->sip == sip && tmp->dip == dip && + tmp->sport == sport && tmp->dport == dport && + tmp->protocol == protocol) + return tmp; + } + return NULL; +} + +struct ffn_lookup_entry *__ffn_get(u32 sip, u32 dip, + u16 sport, u16 dport, + int is_tcp) +{ + unsigned int hash; + u8 protocol; + + /* lookup entry in cache */ + protocol = (is_tcp) ? IPPROTO_TCP : IPPROTO_UDP; + hash = ffn_hash(sip, dip, sport, dport, is_tcp); + return __ffn_find(sip, dip, sport, dport, protocol, hash); +} + +static void __ffn_remove_entry(struct ffn_lookup_entry *e) +{ + if (e->manip.priv_destructor) + e->manip.priv_destructor((void *)e->manip.ffn_priv_area); + list_del(&e->next); + list_del(&e->all_next); + ffn_entry_count--; + dst_release(e->manip.dst); + kfree(e); +} + +static int __ffn_add_entry(struct ffn_lookup_entry *e, + u8 proto, unsigned int hash) +{ + /* make sure it's not present */ + if (__ffn_find(e->sip, e->dip, e->sport, e->dport, proto, hash)) + return 1; + + if (ffn_entry_count >= MAX_FFN_ENTRY) + return 1; + + /* add new entry */ + list_add_tail(&e->next, &ffn_cache[hash % FFN_CACHE_SIZE]); + list_add_tail(&e->all_next, &ffn_all); + ffn_entry_count++; + return 0; +} + +/* + * + */ +static inline __sum16 checksum_adjust(u32 osip, + u32 nsip, + u32 odip, + u32 ndip, + u16 osport, + u16 nsport, + u16 odport, + u16 ndport) +{ + const u32 old[] = { osip, odip, osport, odport }; + const u32 new[] = { nsip, ndip, nsport, ndport }; + __wsum osum, nsum; + + osum = csum_partial(old, sizeof (old), 0); + nsum = csum_partial(new, sizeof (new), 0); + + return ~csum_fold(csum_sub(nsum, osum)); +} + +/* + * + */ +static inline __sum16 checksum_adjust_ip(u32 osip, + u32 nsip, + u32 odip, + u32 ndip) +{ + const u32 old[] = { osip, odip }; + const u32 new[] = { nsip, ndip }; + __wsum osum, nsum; + + osum = csum_partial(old, sizeof (old), 0); + nsum = csum_partial(new, sizeof (new), 0); + + /* -1 for TTL decrease */ + return ~csum_fold(csum_sub(csum_sub(nsum, osum), 1)); +} + +/* + * two hooks into netfilter code + */ +extern int external_tcpv4_packet(struct nf_conn *ct, + struct sk_buff *skb, + unsigned int dataoff, + enum ip_conntrack_info ctinfo); + +extern int external_udpv4_packet(struct nf_conn *ct, + struct sk_buff *skb, + unsigned int dataoff, + enum ip_conntrack_info ctinfo); + +extern int ip_local_deliver_finish(struct net *net, + struct sock *sk, struct sk_buff *skb); + +/* + * check if packet is in ffn cache, or mark it if it can be added + * later + */ +int ip_ffn_process(struct sk_buff *skb) +{ + struct ffn_lookup_entry *e; + struct nf_conntrack *nfct; + struct iphdr *iph; + struct tcphdr *tcph = NULL; + struct udphdr *udph = NULL; + bool remove_me, drop_ct; + u16 tcheck; + u8 proto; + int res, added_when; + + if (!net_eq(dev_net(skb->dev), &init_net)) + goto not_ffnable; + + iph = ip_hdr(skb); + + /* refuse fragmented IP packet, or packets with IP options */ + if (iph->ihl > 5 || (iph->frag_off & htons(IP_MF | IP_OFFSET))) + goto not_ffnable; + + /* check encapsulated protocol is udp or tcp */ + if (iph->protocol != IPPROTO_TCP && iph->protocol != IPPROTO_UDP) + goto not_ffnable; + + if (iph->ttl <= 1) + goto not_ffnable; + + proto = iph->protocol; + if (proto == IPPROTO_TCP) { + if (skb_headlen(skb) < sizeof (*iph) + sizeof (struct tcphdr)) + goto not_ffnable; + + tcph = (struct tcphdr *)((unsigned char *)iph + sizeof (*iph)); + + if (tcph->doff * 4 < sizeof (struct tcphdr)) + goto not_ffnable; + + if (skb_headlen(skb) < sizeof (*iph) + tcph->doff * 4) + goto not_ffnable; + + write_lock_bh(&ffn_lock); + e = __ffn_get(iph->saddr, iph->daddr, tcph->source, + tcph->dest, 1); + } else { + if (skb_headlen(skb) < sizeof (*iph) + sizeof (struct udphdr)) + goto not_ffnable; + + udph = (struct udphdr *)((unsigned char *)iph + sizeof (*iph)); + write_lock_bh(&ffn_lock); + e = __ffn_get(iph->saddr, iph->daddr, udph->source, + udph->dest, 0); + } + + if (!e) { + write_unlock_bh(&ffn_lock); + goto ffnable; + } + + if (e->manip.dst->obsolete > 0) { + __ffn_remove_entry(e); + write_unlock_bh(&ffn_lock); + goto ffnable; + } + + nfct = &e->manip.ct->ct_general; + nf_conntrack_get(nfct); + + remove_me = false; + if (proto == IPPROTO_TCP) { + /* do sequence number checking and update + * conntrack info */ + res = external_tcpv4_packet(e->manip.ct, skb, sizeof (*iph), + e->manip.ctinfo); + if (e->manip.ct->proto.tcp.state != TCP_CONNTRACK_ESTABLISHED) + remove_me = true; + tcheck = tcph->check; + + } else { + res = external_udpv4_packet(e->manip.ct, skb, sizeof (*iph), + e->manip.ctinfo); + tcheck = udph->check; + } + + if (unlikely(res != NF_ACCEPT)) { + /* packet rejected by conntrack, unless asked to drop, + * send it back into kernel */ + if (remove_me) + __ffn_remove_entry(e); + + write_unlock_bh(&ffn_lock); + nf_conntrack_put(nfct); + + if (res == NF_DROP) { + dev_kfree_skb(skb); + return 0; + } + + goto ffnable; + } + + if (!e->manip.alter) + goto fix_ip_hdr; + + if (skb->ip_summed != CHECKSUM_PARTIAL) { + /* fix ports & transport protocol checksum */ + if (proto == IPPROTO_TCP) { + tcph->source = e->manip.new_sport; + tcph->dest = e->manip.new_dport; + tcph->check = csum16_sub(tcph->check, + e->manip.l4_adjustment); + } else { + udph->source = e->manip.new_sport; + udph->dest = e->manip.new_dport; + if (udph->check) { + u16 tcheck; + + tcheck = csum16_sub(udph->check, + e->manip.l4_adjustment); + udph->check = tcheck ? tcheck : 0xffff; + } + } + } else { + unsigned int len; + + /* + * assume tcph->check only covers ip pseudo header, so + * don't update checksum wrt port change + * + * we might check skb->csum_offset to confirm that + * this is a valid assertion + */ + if (proto == IPPROTO_TCP) { + len = skb->len - ((void *)tcph - (void *)iph); + tcheck = ~csum_tcpudp_magic(e->manip.new_sip, + e->manip.new_dip, + len, IPPROTO_TCP, 0); + tcph->check = tcheck; + tcph->source = e->manip.new_sport; + tcph->dest = e->manip.new_dport; + } else { + len = skb->len - ((void *)udph - (void *)iph); + if (udph->check) { + tcheck = ~csum_tcpudp_magic(e->manip.new_sip, + e->manip.new_dip, + len, + IPPROTO_UDP, 0); + udph->check = tcheck ? tcheck : 0xffff; + } + udph->source = e->manip.new_sport; + udph->dest = e->manip.new_dport; + } + } + + /* update IP header field */ + iph->saddr = e->manip.new_sip; + iph->daddr = e->manip.new_dip; + +fix_ip_hdr: + iph->ttl--; + + if (e->manip.tos_change) { + iph->tos = e->manip.new_tos; + iph->check = 0; + iph->check = ip_fast_csum((u8 *)iph, 5); + } else { + iph->check = csum16_sub(iph->check, + e->manip.ip_adjustment); + } + + /* forward skb */ + if (e->manip.force_skb_prio) + skb->priority = e->manip.new_skb_prio; + else + skb->priority = rt_tos2priority(iph->tos); + + skb->mark = e->manip.new_mark; + +#ifdef CONFIG_IP_FFN_PROCFS + e->forwarded_packets++; + e->forwarded_bytes += skb->len; +#endif + + skb_dst_drop(skb); + skb_dst_set(skb, dst_clone(e->manip.dst)); + + added_when = e->added_when; + + drop_ct = true; + if (nfct != skb_nfct(skb)) { + if (unlikely(skb_nfct(skb) != NULL)) { + /* + * conntrack is not NULL here and it is not + * the same as the one we have in the + * ffn_entry, this shoud not happen, warn once + * and switch to slow path. + */ + WARN_ONCE(1, + "weird skb->nfct %p, NULL was expected\n", + skb_nfct(skb)); + printk_once(KERN_WARNING "ffn entry:\n" + " added_when: %i\n" + " sip: %pI4 -> %pI4\n" + " dip: %pI4 -> %pI4\n" + " sport: %u -> %u\n" + " dport: %u -> %u\n", + e->added_when, + &e->sip, &e->manip.new_sip, + &e->dip, &e->manip.new_dip, + htons(e->sport), htons(e->manip.new_sport), + htons(e->dport), htons(e->manip.new_dport)); + if (remove_me) + __ffn_remove_entry(e); + write_unlock_bh(&ffn_lock); + goto not_ffnable; + } + + nf_ct_set(skb, (struct nf_conn *)nfct, e->manip.ctinfo); + drop_ct = false; + } + + if (remove_me) + __ffn_remove_entry(e); + + write_unlock_bh(&ffn_lock); + + if (drop_ct) { + /* + * skbs to/from localhost will have the conntrack + * already set, don't leak references here. + */ + nf_conntrack_put(nfct); + } + + skb->ffn_state = FFN_STATE_FAST_FORWARDED; + IPCB(skb)->flags |= IPSKB_FORWARDED; + + if (added_when == IP_FFN_FINISH_OUT) + dst_output(&init_net, skb->sk, skb); + else + ip_local_deliver_finish(&init_net, skb->sk, skb); + + return 0; + +ffnable: + skb->ffn_state = FFN_STATE_FORWARDABLE; + skb->ffn_orig_tos = iph->tos; + return 1; + +not_ffnable: + skb->ffn_state = FFN_STATE_INCOMPATIBLE; + return 1; +} + +/* + * check if skb is candidate for ffn, and if so add it to ffn cache + * + * called after post routing + */ +void ip_ffn_add(struct sk_buff *skb, int when) +{ + struct nf_conn *ct; + struct nf_conntrack_tuple *tuple, *rtuple; + enum ip_conntrack_info ctinfo; + struct ffn_lookup_entry *e; + struct iphdr *iph; + unsigned int hash; + struct net *skb_net; + int dir; + u8 proto; + + skb_net = dev_net(skb->dev); + if (!unlikely(net_eq(skb_net, &init_net))) + return; + + /* make sure external_tcp_packet/external_udp_packet won't + * attempt to checksum packet, the ffn code does not update + * skb->csum, which must stay valid if skb_checksum_complete + * has been called */ + if (unlikely(skb_net->ct.sysctl_checksum)) + skb_net->ct.sysctl_checksum = 0; + + if (ffn_entry_count >= MAX_FFN_ENTRY) + return; + + iph = ip_hdr(skb); + + if (skb_dst(skb)->output != ip_output && when == IP_FFN_FINISH_OUT) + return; + + ct = nf_ct_get(skb, &ctinfo); + if (!ct || ctinfo == IP_CT_UNTRACKED) + return; + + if ((ctinfo != IP_CT_ESTABLISHED) && + (ctinfo != IP_CT_ESTABLISHED + IP_CT_IS_REPLY)) { + return; + } + + if (nfct_help(ct)) + return; + + dir = (ctinfo == IP_CT_ESTABLISHED) ? + IP_CT_DIR_ORIGINAL : IP_CT_DIR_REPLY; + tuple = &ct->tuplehash[dir].tuple; + + if (tuple->dst.protonum != IPPROTO_TCP && + tuple->dst.protonum != IPPROTO_UDP) + return; + + if (tuple->dst.protonum == IPPROTO_TCP && + ct->proto.tcp.state != TCP_CONNTRACK_ESTABLISHED) + return; + + rtuple = &ct->tuplehash[1 - dir].tuple; + + e = kmalloc(sizeof (*e), GFP_ATOMIC); + if (!e) + return; + + e->added_when = when; + e->sip = tuple->src.u3.ip; + e->dip = tuple->dst.u3.ip; + e->sport = tuple->src.u.all; + e->dport = tuple->dst.u.all; + e->protocol = tuple->dst.protonum; + +#ifdef CONFIG_IP_FFN_PROCFS + e->forwarded_packets = 0; + e->forwarded_bytes = 0; +#endif + + e->manip.new_sip = rtuple->dst.u3.ip; + e->manip.new_dip = rtuple->src.u3.ip; + e->manip.new_sport = rtuple->dst.u.all; + e->manip.new_dport = rtuple->src.u.all; + + if (e->manip.new_sip == e->sip && + e->manip.new_dip == e->dip && + e->manip.new_sport == e->sport && + e->manip.new_dport == e->dport) + e->manip.alter = 0; + else + e->manip.alter = 1; + + if (e->manip.alter) { + /* compute checksum adjustement */ + e->manip.l4_adjustment = checksum_adjust(e->sip, + e->manip.new_sip, + e->dip, + e->manip.new_dip, + e->sport, + e->manip.new_sport, + e->dport, + e->manip.new_dport); + } + + e->manip.ip_adjustment = checksum_adjust_ip(e->sip, + e->manip.new_sip, + e->dip, + e->manip.new_dip); + + if (skb->ffn_orig_tos != iph->tos) { + e->manip.tos_change = 1; + e->manip.new_tos = iph->tos; + } else + e->manip.tos_change = 0; + + if (skb->priority != rt_tos2priority(iph->tos)) { + e->manip.force_skb_prio = 1; + e->manip.new_skb_prio = skb->priority; + } else + e->manip.force_skb_prio = 0; + + e->manip.new_mark = skb->mark; + e->manip.priv_destructor = NULL; + e->manip.dst = skb_dst(skb); + dst_hold(e->manip.dst); + e->manip.ct = ct; + e->manip.ctinfo = ctinfo; + + hash = ffn_hash(e->sip, e->dip, e->sport, e->dport, + e->protocol == IPPROTO_TCP); + proto = (e->protocol == IPPROTO_TCP) ? IPPROTO_TCP : IPPROTO_UDP; + + write_lock_bh(&ffn_lock); + if (__ffn_add_entry(e, proto, hash)) { + write_unlock_bh(&ffn_lock); + dst_release(e->manip.dst); + kfree(e); + return; + } + write_unlock_bh(&ffn_lock); +} + +/* + * netfilter callback when conntrack is about to be destroyed + */ +void ip_ffn_ct_destroy(struct nf_conn *ct) +{ + struct nf_conntrack_tuple *tuple; + struct ffn_lookup_entry *e; + int dir; + + /* locate all entry that use this conntrack */ + for (dir = 0; dir < 2; dir++) { + tuple = &ct->tuplehash[dir].tuple; + + if (tuple->dst.protonum != IPPROTO_TCP && + tuple->dst.protonum != IPPROTO_UDP) + return; + + write_lock_bh(&ffn_lock); + e = __ffn_get(tuple->src.u3.ip, tuple->dst.u3.ip, + tuple->src.u.all, tuple->dst.u.all, + tuple->dst.protonum == IPPROTO_TCP); + if (e) + __ffn_remove_entry(e); + write_unlock_bh(&ffn_lock); + } +} + +/* + * initialize ffn cache data + */ +static void __ip_ffn_init_cache(void) +{ + int i; + + for (i = 0; i < FFN_CACHE_SIZE; i++) + INIT_LIST_HEAD(&ffn_cache[i]); + INIT_LIST_HEAD(&ffn_all); + ffn_entry_count = 0; +} + +/* + * flush all ffn cache + */ +void ip_ffn_flush_all(void) +{ + struct ffn_lookup_entry *e, *tmp; + + write_lock_bh(&ffn_lock); + list_for_each_entry_safe(e, tmp, &ffn_all, all_next) + __ffn_remove_entry(e); + __ip_ffn_init_cache(); + write_unlock_bh(&ffn_lock); +} + +#ifdef CONFIG_IP_FFN_PROCFS +struct proc_dir_entry *proc_net_ip_ffn; + +static int ip_ffn_entries_show(struct seq_file *m, void *v) +{ + int i; + + read_lock_bh(&ffn_lock); + + for (i = 0; i < FFN_CACHE_SIZE; ++i) { + struct ffn_lookup_entry *e; + + if (list_empty(&ffn_cache[i])) + continue; + + seq_printf(m, "Bucket %i:\n", i); + list_for_each_entry (e, &ffn_cache[i], next) { + seq_printf(m, " Protocol: "); + switch (e->protocol) { + case IPPROTO_TCP: + seq_printf(m, "TCPv4\n"); + break; + case IPPROTO_UDP: + seq_printf(m, "UDPv4\n"); + break; + default: + seq_printf(m, "ipproto_%i\n", e->protocol); + break; + } + seq_printf(m, " Original flow: %pI4:%u -> %pI4:%u\n", + &e->sip, + ntohs(e->sport), + &e->dip, + ntohs(e->dport)); + + if (e->sip != e->manip.new_sip || + e->dip != e->manip.new_dip || + e->sport != e->manip.new_sport || + e->dport != e->manip.new_dport) { + seq_printf(m, + " Modified flow: %pI4:%u -> " + "%pI4:%u\n", + &e->manip.new_sip, + ntohs(e->manip.new_sport), + &e->manip.new_dip, + ntohs(e->manip.new_dport)); + } + + seq_printf(m, " Forwarded packets: %u\n", + e->forwarded_packets); + seq_printf(m, " Forwarded bytes: %llu\n", + e->forwarded_bytes); + seq_printf(m, "\n"); + } + } + + read_unlock_bh(&ffn_lock); + return 0; +} + +static int ip_ffn_entries_open(struct inode *inode, struct file *file) +{ + return single_open(file, ip_ffn_entries_show, NULL); +} + +static const struct proc_ops ip_ffn_entries_fops = { + .proc_open = ip_ffn_entries_open, + .proc_release = single_release, + .proc_read = seq_read, + .proc_lseek = seq_lseek, +}; + +static int __init __ip_ffn_init_procfs(void) +{ + proc_net_ip_ffn = proc_net_mkdir(&init_net, "ip_ffn", + init_net.proc_net); + if (!proc_net_ip_ffn) { + printk(KERN_ERR "proc_mkdir() has failed for 'net/ip_ffn'.\n"); + return -1; + } + + if (proc_create("entries", 0400, proc_net_ip_ffn, + &ip_ffn_entries_fops) == NULL) { + printk(KERN_ERR "proc_create() has failed for " + "'net/ip_ffn/entries'.\n"); + return -1; + } + return 0; +} +#endif + +/* + * initialize ffn + */ +void __init ip_ffn_init(void) +{ + printk("IP Fast Forward and NAT enabled\n"); + __ip_ffn_init_cache(); + +#ifdef CONFIG_IP_FFN_PROCFS + if (__ip_ffn_init_procfs() < 0) + printk(KERN_WARNING "IP FFN: unable to create proc entries.\n"); +#endif +} --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/net/ipv6/ip6_ffn.c 2024-04-22 14:46:58.196275980 +0200 @@ -0,0 +1,652 @@ +/* + * IPv6 fast forwarding and NAT + * + * Very restrictive code, that only cope non fragmented UDP and TCP + * packets, that are routed and NATed with no other modification. + * + * Provide a fast path for established conntrack entries so that + * packets go out ASAP. + */ + +#include +#include +#include +#include +#include +#include + +#include +#include + +#define FFN6_CACHE_SIZE 256 +#define MAX_FFN6_ENTRY 2048 + +DEFINE_RWLOCK(ffn6_lock); +static struct list_head ffn6_cache[FFN6_CACHE_SIZE]; +static struct list_head ffn6_all; +static unsigned int ffn6_entry_count; + +static void __ffn6_remove_entry(struct ffn6_lookup_entry *e) +{ + if (e->manip.priv_destructor) + e->manip.priv_destructor((void *)e->manip.ffn_priv_area); + list_del(&e->next); + list_del(&e->all_next); + ffn6_entry_count--; + dst_release(e->manip.dst); + kfree(e); +} + +/* + * hash on five parameter + */ +static inline unsigned int ffn6_hash(const u32 *sip, const u32 *dip, + u16 sport, u16 dport, + int is_tcp) +{ + return jhash_3words(sip[3], is_tcp ? dip[3] : ~dip[3], + sport | dport << 16, 0); +} + +/* + * attempt to find entry with given value in cache + */ +static struct ffn6_lookup_entry *__ffn6_find(const u32 *sip, const u32 *dip, + u16 sport, u16 dport, + u8 protocol, + unsigned int hash) +{ + struct ffn6_lookup_entry *tmp; + + list_for_each_entry(tmp, &ffn6_cache[hash % FFN6_CACHE_SIZE], next) { + + /* compare entry */ + if (!memcmp(tmp->sip, sip, 16) && + !memcmp(tmp->dip, dip, 16) && + tmp->sport == sport && tmp->dport == dport && + tmp->protocol == protocol) + return tmp; + } + return NULL; +} + +struct ffn6_lookup_entry *__ffn6_get(const u32 *sip, const u32 *dip, + u16 sport, u16 dport, + int is_tcp) +{ + unsigned int hash; + u8 protocol; + + /* lookup entry in cache */ + protocol = (is_tcp) ? IPPROTO_TCP : IPPROTO_UDP; + hash = ffn6_hash(sip, dip, sport, dport, is_tcp); + return __ffn6_find(sip, dip, sport, dport, protocol, hash); +} + +static int __ffn6_add_entry(struct ffn6_lookup_entry *e, + u8 proto, unsigned int hash) +{ + /* make sure it's not present */ + if (__ffn6_find(e->sip, e->dip, e->sport, e->dport, proto, hash)) + return 1; + + if (ffn6_entry_count >= MAX_FFN6_ENTRY) + return 1; + + /* add new entry */ + list_add_tail(&e->next, &ffn6_cache[hash % FFN6_CACHE_SIZE]); + list_add_tail(&e->all_next, &ffn6_all); + ffn6_entry_count++; + return 0; +} + +/* + * two hooks into netfilter code + */ +extern int external_tcpv6_packet(struct nf_conn *ct, + struct sk_buff *skb, + unsigned int dataoff, + enum ip_conntrack_info ctinfo); + +extern int external_udpv6_packet(struct nf_conn *ct, + struct sk_buff *skb, + unsigned int dataoff, + enum ip_conntrack_info ctinfo); + +/* + * check if packet is in ffn cache, or mark it if it can be added + * later + */ +int ipv6_ffn_process(struct sk_buff *skb) +{ + struct ffn6_lookup_entry *e; + struct nf_conntrack *nfct; + struct ipv6hdr *iph; + struct tcphdr *tcph = NULL; + struct udphdr *udph = NULL; + bool remove_me, drop_ct; + int added_when; + u8 proto; + int res; + + if (!net_eq(dev_net(skb->dev), &init_net)) + goto not_ffnable; + + iph = ipv6_hdr(skb); + + /* check encapsulated protocol is udp or tcp */ + proto = iph->nexthdr; + if (proto != IPPROTO_TCP && proto != IPPROTO_UDP) + goto not_ffnable; + + if (iph->hop_limit <= 1 || !iph->payload_len) + goto not_ffnable; + + /* TODO: implement this later, no hardware to test for now */ + if (skb->ip_summed == CHECKSUM_PARTIAL) + goto not_ffnable; + + proto = iph->nexthdr; + if (proto == IPPROTO_TCP) { + if (skb_headlen(skb) < sizeof (*iph) + sizeof (struct tcphdr)) + goto not_ffnable; + + tcph = (struct tcphdr *)((unsigned char *)iph + sizeof (*iph)); + + if (tcph->doff * 4 < sizeof (struct tcphdr)) + goto not_ffnable; + + if (skb_headlen(skb) < sizeof (*iph) + tcph->doff * 4) + goto not_ffnable; + + write_lock_bh(&ffn6_lock); + e = __ffn6_get(iph->saddr.s6_addr32, iph->daddr.s6_addr32, + tcph->source, tcph->dest, 1); + } else { + + if (skb_headlen(skb) < sizeof (*iph) + sizeof (struct udphdr)) + goto not_ffnable; + + udph = (struct udphdr *)((unsigned char *)iph + sizeof (*iph)); + + write_lock_bh(&ffn6_lock); + e = __ffn6_get(iph->saddr.s6_addr32, iph->daddr.s6_addr32, + udph->source, udph->dest, 0); + } + + if (!e) { + write_unlock_bh(&ffn6_lock); + goto ffnable; + } + + if (e->manip.dst->obsolete > 0) { + __ffn6_remove_entry(e); + write_unlock_bh(&ffn6_lock); + goto ffnable; + } + + nfct = &e->manip.ct->ct_general; + nf_conntrack_get(nfct); + + remove_me = false; + if (proto == IPPROTO_TCP) { + /* do sequence number checking and update + * conntrack info */ + res = external_tcpv6_packet(e->manip.ct, skb, sizeof (*iph), + e->manip.ctinfo); + if (e->manip.ct->proto.tcp.state != TCP_CONNTRACK_ESTABLISHED) + remove_me = true; + } else { + res = external_udpv6_packet(e->manip.ct, skb, sizeof (*iph), + e->manip.ctinfo); + } + + if (unlikely(res != NF_ACCEPT)) { + /* packet rejected by conntrack, unless asked to drop, + * send it back into kernel */ + if (remove_me) + __ffn6_remove_entry(e); + + write_unlock_bh(&ffn6_lock); + nf_conntrack_put(nfct); + + if (res == NF_DROP) { + dev_kfree_skb(skb); + return 0; + } + + goto ffnable; + } + + if (!e->manip.alter) + goto fix_ip_hdr; + + /* fix ports & transport protocol checksum */ + if (proto == IPPROTO_TCP) { + tcph->source = e->manip.new_sport; + tcph->dest = e->manip.new_dport; + tcph->check = csum16_sub(tcph->check, e->manip.adjustment); + } else { + udph->source = e->manip.new_sport; + udph->dest = e->manip.new_dport; + if (udph->check) { + u16 tcheck; + + tcheck = csum16_sub(udph->check, e->manip.adjustment); + udph->check = tcheck ? tcheck : 0xffff; + } + } + + memcpy(iph->saddr.s6_addr32, e->manip.new_sip, 16); + memcpy(iph->daddr.s6_addr32, e->manip.new_dip, 16); + +fix_ip_hdr: + /* update IP header field */ + iph->hop_limit--; + if (e->manip.tos_change) + ipv6_change_dsfield(iph, 0, e->manip.new_tos); + + if (e->manip.force_skb_prio) + skb->priority = e->manip.new_skb_prio; + else + skb->priority = rt_tos2priority(ipv6_get_dsfield(iph)); + + skb->mark = e->manip.new_mark; + +#ifdef CONFIG_IPV6_FFN_PROCFS + e->forwarded_packets++; + e->forwarded_bytes += skb->len; +#endif + + skb_dst_drop(skb); + skb_dst_set(skb, dst_clone(e->manip.dst)); + + added_when = e->added_when; + + drop_ct = true; + if (nfct != skb_nfct(skb)) { + if (unlikely(skb_nfct(skb) != NULL)) { + /* + * conntrack is not NULL here and it is not + * the same as the one we have in the + * ffn_entry, this shoud not happen, warn once + * and switch to slow path. + */ + WARN_ONCE(1, + "weird skb->nfct %p, NULL was expected\n", + skb_nfct(skb)); + printk_once(KERN_WARNING "ffn entry:\n" + " added_when: %i\n" + " sip: %pI6 -> %pI6\n" + " dip: %pI6 -> %pI6\n" + " sport: %u -> %u\n" + " dport: %u -> %u\n", + e->added_when, + e->sip, e->manip.new_sip, + e->dip, e->manip.new_dip, + htons(e->sport), htons(e->manip.new_sport), + htons(e->dport), htons(e->manip.new_dport)); + + if (remove_me) + __ffn6_remove_entry(e); + write_unlock_bh(&ffn6_lock); + goto not_ffnable; + } + nf_ct_set(skb, (struct nf_conn *)nfct, e->manip.ctinfo); + drop_ct = false; + } + + write_unlock_bh(&ffn6_lock); + + if (drop_ct) { + /* + * skbs to/from localhost will have the conntrack + * already set, don't leak references here. + */ + nf_conntrack_put(nfct); + } + + skb->ffn_state = FFN_STATE_FAST_FORWARDED; + + if (added_when == IPV6_FFN_FINISH_OUT) + dst_output(&init_net, skb->sk, skb); + else + ip6_input_finish(&init_net, skb->sk, skb); + + return 0; + +ffnable: + skb->ffn_state = FFN_STATE_FORWARDABLE; + skb->ffn_orig_tos = ipv6_get_dsfield(iph); + return 1; + +not_ffnable: + skb->ffn_state = FFN_STATE_INCOMPATIBLE; + return 1; +} + +/* + * + */ +static inline __sum16 checksum_adjust(const u32 *osip, + const u32 *nsip, + const u32 *odip, + const u32 *ndip, + u16 osport, + u16 nsport, + u16 odport, + u16 ndport) +{ + const u32 oports[] = { osport, odport }; + const u32 nports[] = { nsport, ndport }; + __wsum osum, nsum; + + osum = csum_partial(osip, 16, 0); + osum = csum_partial(odip, 16, osum); + osum = csum_partial(oports, 8, osum); + + nsum = csum_partial(nsip, 16, 0); + nsum = csum_partial(ndip, 16, nsum); + nsum = csum_partial(nports, 8, nsum); + + return ~csum_fold(csum_sub(nsum, osum)); +} + +/* + * check if skb is candidate for ffn, and if so add it to ffn cache + * + * called after post routing + */ +void ipv6_ffn_add(struct sk_buff *skb, int when) +{ + struct nf_conn *ct; + struct nf_conntrack_tuple *tuple, *rtuple; + enum ip_conntrack_info ctinfo; + struct ffn6_lookup_entry *e; + struct ipv6hdr *iph; + unsigned int hash; + int dir; + struct net *skb_net; + u8 proto, tos; + + skb_net = dev_net(skb->dev); + if (!unlikely(net_eq(skb_net, &init_net))) + return; + + /* make sure external_tcp_packet/external_udp_packet won't + * attempt to checksum packet, the ffn code does not update + * skb->csum, which must stay valid if skb_checksum_complete + * has been called */ + if (unlikely(skb_net->ct.sysctl_checksum)) + skb_net->ct.sysctl_checksum = 0; + + if (ffn6_entry_count >= MAX_FFN6_ENTRY) + return; + + iph = ipv6_hdr(skb); + + if ((when == IPV6_FFN_FINISH_OUT && + skb_dst(skb)->output != ip6_output)) + return; + + ct = nf_ct_get(skb, &ctinfo); + if (!ct || ctinfo == IP_CT_UNTRACKED) + return; + + if ((ctinfo != IP_CT_ESTABLISHED) && + (ctinfo != IP_CT_ESTABLISHED + IP_CT_IS_REPLY)) { + return; + } + + if (nfct_help(ct)) + return; + + dir = (ctinfo == IP_CT_ESTABLISHED) ? + IP_CT_DIR_ORIGINAL : IP_CT_DIR_REPLY; + tuple = &ct->tuplehash[dir].tuple; + + if (tuple->dst.protonum != IPPROTO_TCP && + tuple->dst.protonum != IPPROTO_UDP) + return; + + if (tuple->dst.protonum == IPPROTO_TCP && + ct->proto.tcp.state != TCP_CONNTRACK_ESTABLISHED) + return; + + rtuple = &ct->tuplehash[1 - dir].tuple; + + e = kmalloc(sizeof (*e), GFP_ATOMIC); + if (!e) + return; + + e->added_when = when; + memcpy(e->sip, tuple->src.u3.ip6, 16); + memcpy(e->dip, tuple->dst.u3.ip6, 16); + e->sport = tuple->src.u.all; + e->dport = tuple->dst.u.all; + e->protocol = tuple->dst.protonum; + +#ifdef CONFIG_IPV6_FFN_PROCFS + e->forwarded_packets = 0; + e->forwarded_bytes = 0; +#endif + + memcpy(e->manip.new_sip, rtuple->dst.u3.ip6, 16); + memcpy(e->manip.new_dip, rtuple->src.u3.ip6, 16); + e->manip.new_sport = rtuple->dst.u.all; + e->manip.new_dport = rtuple->src.u.all; + + if (!memcmp(e->manip.new_sip, e->sip, 16) && + !memcmp(e->manip.new_dip, e->dip, 16) && + e->manip.new_sport == e->sport && + e->manip.new_dport == e->dport) + e->manip.alter = 0; + else + e->manip.alter = 1; + + if (e->manip.alter) { + /* compute checksum adjustement */ + e->manip.adjustment = checksum_adjust(e->sip, + e->manip.new_sip, + e->dip, + e->manip.new_dip, + e->sport, + e->manip.new_sport, + e->dport, + e->manip.new_dport); + } + + tos = ipv6_get_dsfield(iph); + if (skb->ffn_orig_tos != tos) { + e->manip.tos_change = 1; + e->manip.new_tos = tos; + } else + e->manip.tos_change = 0; + + if (skb->priority != rt_tos2priority(tos)) { + e->manip.force_skb_prio = 1; + e->manip.new_skb_prio = skb->priority; + } else + e->manip.force_skb_prio = 0; + + e->manip.new_mark = skb->mark; + e->manip.dst = skb_dst(skb); + e->manip.priv_destructor = NULL; + dst_hold(e->manip.dst); + e->manip.ct = ct; + e->manip.ctinfo = ctinfo; + + hash = ffn6_hash(e->sip, e->dip, e->sport, e->dport, + e->protocol == IPPROTO_TCP); + proto = (e->protocol == IPPROTO_TCP) ? IPPROTO_TCP : IPPROTO_UDP; + + write_lock_bh(&ffn6_lock); + if (__ffn6_add_entry(e, proto, hash)) { + write_unlock_bh(&ffn6_lock); + dst_release(e->manip.dst); + kfree(e); + return; + } + write_unlock_bh(&ffn6_lock); +} + +/* + * netfilter callback when conntrack is about to be destroyed + */ +void ipv6_ffn_ct_destroy(struct nf_conn *ct) +{ + struct nf_conntrack_tuple *tuple; + struct ffn6_lookup_entry *e; + int dir; + + /* locate all entry that use this conntrack */ + for (dir = 0; dir < 2; dir++) { + tuple = &ct->tuplehash[dir].tuple; + + if (tuple->dst.protonum != IPPROTO_TCP && + tuple->dst.protonum != IPPROTO_UDP) + return; + + write_lock_bh(&ffn6_lock); + e = __ffn6_get(tuple->src.u3.ip6, tuple->dst.u3.ip6, + tuple->src.u.all, tuple->dst.u.all, + tuple->dst.protonum == IPPROTO_TCP); + if (e) + __ffn6_remove_entry(e); + write_unlock_bh(&ffn6_lock); + } +} + +/* + * initialize ffn cache data + */ +static void __ipv6_ffn_init_cache(void) +{ + int i; + + for (i = 0; i < FFN6_CACHE_SIZE; i++) + INIT_LIST_HEAD(&ffn6_cache[i]); + INIT_LIST_HEAD(&ffn6_all); + ffn6_entry_count = 0; +} + +/* + * flush all ffn cache + */ +void ipv6_ffn_flush_all(void) +{ + struct ffn6_lookup_entry *e, *tmp; + + write_lock_bh(&ffn6_lock); + list_for_each_entry_safe(e, tmp, &ffn6_all, all_next) + __ffn6_remove_entry(e); + __ipv6_ffn_init_cache(); + write_unlock_bh(&ffn6_lock); +} + +#ifdef CONFIG_IPV6_FFN_PROCFS +struct proc_dir_entry *proc_net_ipv6_ffn; + +static int ipv6_ffn_entries_show(struct seq_file *m, void *v) +{ + int i; + + read_lock_bh(&ffn6_lock); + + for (i = 0; i < FFN6_CACHE_SIZE; ++i) { + struct ffn6_lookup_entry *e; + + if (list_empty(&ffn6_cache[i])) + continue; + + seq_printf(m, "Bucket %i:\n", i); + list_for_each_entry (e, &ffn6_cache[i], next) { + seq_printf(m, " Protocol: "); + switch (e->protocol) { + case IPPROTO_TCP: + seq_printf(m, "TCPv6\n"); + break; + case IPPROTO_UDP: + seq_printf(m, "UDPv6\n"); + break; + default: + seq_printf(m, "ipproto_%i\n", e->protocol); + break; + } + + seq_printf(m, " Original flow: %pI6:%u -> %pI6:%u\n", + e->sip, + ntohs(e->sport), + e->dip, + ntohs(e->dport)); + + if (memcmp(e->sip, e->manip.new_sip, 16) || + memcmp(e->dip, e->manip.new_dip, 16) || + e->sport != e->manip.new_sport || + e->dport != e->manip.new_dport) { + seq_printf(m, + " Modified flow: %pI6:%u -> " + "%pI6:%u\n", + e->manip.new_sip, + ntohs(e->manip.new_sport), + e->manip.new_dip, + ntohs(e->manip.new_dport)); + } + + seq_printf(m, " Forwarded packets: %u\n", + e->forwarded_packets); + seq_printf(m, " Forwarded bytes: %llu\n", + e->forwarded_bytes); + seq_printf(m, "\n"); + } + } + + read_unlock_bh(&ffn6_lock); + return 0; +} + +static int ipv6_ffn_entries_open(struct inode *inode, struct file *file) +{ + return single_open(file, ipv6_ffn_entries_show, NULL); +} + +static const struct proc_ops ipv6_ffn_entries_fops = { + .proc_open = ipv6_ffn_entries_open, + .proc_release = single_release, + .proc_read = seq_read, + .proc_lseek = seq_lseek, +}; + +static int __init __ipv6_ffn_init_procfs(void) +{ + proc_net_ipv6_ffn = proc_net_mkdir(&init_net, "ipv6_ffn", + init_net.proc_net); + if (!proc_net_ipv6_ffn) { + printk(KERN_ERR "proc_mkdir() has failed " + "for 'net/ipv6_ffn'.\n"); + return -1; + } + + if (proc_create("entries", 0400, proc_net_ipv6_ffn, + &ipv6_ffn_entries_fops) == NULL) { + printk(KERN_ERR "proc_create() has failed for " + "'net/ipv6_ffn/entries'.\n"); + return -1; + } + return 0; +} +#endif + +/* + * initialize ffn + */ +void __init ipv6_ffn_init(void) +{ + printk("IPv6 Fast Forward and NAT enabled\n"); + __ipv6_ffn_init_cache(); + +#ifdef CONFIG_IPV6_FFN_PROCFS + if (__ipv6_ffn_init_procfs() < 0) + printk(KERN_WARNING "IPv6 FFN: unable to create proc entries.\n"); +#endif +} --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/net/mac80211/eht.c 2024-04-22 14:46:58.224276745 +0200 @@ -0,0 +1,76 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * EHT handling + * + * Copyright(c) 2021-2022 Intel Corporation + */ + +#include "ieee80211_i.h" + +void +ieee80211_eht_cap_ie_to_sta_eht_cap(struct ieee80211_sub_if_data *sdata, + struct ieee80211_supported_band *sband, + const u8 *he_cap_ie, u8 he_cap_len, + const struct ieee80211_eht_cap_elem *eht_cap_ie_elem, + u8 eht_cap_len, struct sta_info *sta) +{ + struct ieee80211_sta_eht_cap *eht_cap = &sta->sta.eht_cap; + struct ieee80211_he_cap_elem *he_cap_ie_elem = (void *)he_cap_ie; + u8 eht_ppe_size = 0; + u8 mcs_nss_size; + u8 eht_total_size = sizeof(eht_cap->eht_cap_elem); + u8 *pos = (u8 *)eht_cap_ie_elem; + + memset(eht_cap, 0, sizeof(*eht_cap)); + + if (!eht_cap_ie_elem || + !ieee80211_get_eht_iftype_cap(sband, + ieee80211_vif_type_p2p(&sdata->vif))) + return; + + mcs_nss_size = ieee80211_eht_mcs_nss_size(he_cap_ie_elem, + &eht_cap_ie_elem->fixed); + + eht_total_size += mcs_nss_size; + + /* Calculate the PPE thresholds length only if the header is present */ + if (eht_cap_ie_elem->fixed.phy_cap_info[5] & + IEEE80211_EHT_PHY_CAP5_PPE_THRESHOLD_PRESENT) { + u16 eht_ppe_hdr; + + if (eht_cap_len < eht_total_size + sizeof(u16)) + return; + + eht_ppe_hdr = get_unaligned_le16(eht_cap_ie_elem->optional + mcs_nss_size); + eht_ppe_size = + ieee80211_eht_ppe_size(eht_ppe_hdr, + eht_cap_ie_elem->fixed.phy_cap_info); + eht_total_size += eht_ppe_size; + + /* we calculate as if NSS > 8 are valid, but don't handle that */ + if (eht_ppe_size > sizeof(eht_cap->eht_ppe_thres)) + return; + } + + if (eht_cap_len < eht_total_size) + return; + + /* Copy the static portion of the EHT capabilities */ + memcpy(&eht_cap->eht_cap_elem, pos, sizeof(eht_cap->eht_cap_elem)); + pos += sizeof(eht_cap->eht_cap_elem); + + /* Copy MCS/NSS which depends on the peer capabilities */ + memset(&eht_cap->eht_mcs_nss_supp, 0, + sizeof(eht_cap->eht_mcs_nss_supp)); + memcpy(&eht_cap->eht_mcs_nss_supp, pos, mcs_nss_size); + + if (eht_ppe_size) + memcpy(eht_cap->eht_ppe_thres, + &eht_cap_ie_elem->optional[mcs_nss_size], + eht_ppe_size); + + eht_cap->has_eht = true; + + sta->cur_max_bandwidth = ieee80211_sta_cap_rx_bw(sta); + sta->sta.bandwidth = ieee80211_sta_cur_vht_bw(sta); +} --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/net/mac80211/nmeshd_nl.c 2024-04-22 14:46:58.232276963 +0200 @@ -0,0 +1,456 @@ +#include "nmeshd_nl.h" + +static struct genl_family nmeshd_nl_family; + +enum multicast_groups { + NNL_MCGRP_MLME, +}; + +static const struct genl_multicast_group nmeshd_nl_mcgrps[] = { + [NNL_MCGRP_MLME] = { .name = NNL_MULTICAST_GROUP_MLME }, +}; + +static const struct nla_policy nmeshd_nl_policy[NNL_NUM_ATTR] = { + [NNL_ATTR_IFINDEX] = { .type = NLA_U32 }, + [NNL_ATTR_WIPHY] = { .type = NLA_U32 }, + [NNL_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ - 1 }, + [NNL_ATTR_MAC] = { .len = ETH_ALEN }, + [NNL_ATTR_FRAME_TYPE] = { .type = NLA_U16 }, + [NNL_ATTR_SIGNAL_STRENGTH] = {.type = NLA_S8}, + [NNL_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 }, + [NNL_ATTR_MPP_PROXY] = {.len = ETH_ALEN }, +}; + +/* IE validation */ +static bool is_valid_ie_attr(const struct nlattr *attr) +{ + const u8 *pos; + int len; + + if (!attr) + return true; + + pos = nla_data(attr); + len = nla_len(attr); + + while (len) { + u8 elemlen; + + if (len < 2) + return false; + len -= 2; + + elemlen = pos[1]; + if (elemlen > len) + return false; + + len -= elemlen; + pos += 2 + elemlen; + } + + return true; +} + +static int nmeshd_nl_update_mesh_vendor_path_metrics_ie(struct sk_buff *skb, struct genl_info *info) +{ + struct net_device *dev = info->user_ptr[0]; + struct wireless_dev *wdev = info->user_ptr[1]; + struct mesh_vendor_ie mv_ie; + struct nlattr *ieattr; + + if (wdev->iftype == NL80211_IFTYPE_MESH_POINT) { + if (info->attrs[NNL_ATTR_IE_PATH_METRICS]) { + ieattr = info->attrs[NNL_ATTR_IE_PATH_METRICS]; + if (!is_valid_ie_attr(ieattr)) + return -EINVAL; + mv_ie.ie = nla_data(ieattr); + mv_ie.ie_len = nla_len(ieattr); + return ieee80211_update_mesh_vendor_path_metrics_ie(NULL, dev, &mv_ie); + } + } + return -EOPNOTSUPP; +} + +static int nmeshd_nl_update_mesh_vendor_node_metrics_ie(struct sk_buff *skb, struct genl_info *info) +{ + struct net_device *dev = info->user_ptr[0]; + struct wireless_dev *wdev = dev->ieee80211_ptr; + struct mesh_vendor_ie mv_ie; + struct nlattr *ieattr; + + if (wdev->iftype == NL80211_IFTYPE_MESH_POINT) { + if (info->attrs[NNL_ATTR_IE_NODE_METRICS]) { + ieattr = info->attrs[NNL_ATTR_IE_NODE_METRICS]; + if (!is_valid_ie_attr(ieattr)) + return -EINVAL; + mv_ie.ie = nla_data(ieattr); + mv_ie.ie_len = nla_len(ieattr); + return ieee80211_update_mesh_vendor_node_metrics_ie(NULL, dev, &mv_ie); + } + } + return -EOPNOTSUPP; +} + +void nmeshd_nl_send_vendor_ies(struct net_device *dev, const u8 *macaddr, u16 stype, s8 signal, + u32 beacon_int, struct ieee802_11_mesh_vendor_specific_elems *pm, + struct ieee802_11_mesh_vendor_specific_elems *nm, gfp_t gfp) +{ + struct wireless_dev *wdev = dev->ieee80211_ptr; + struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); + struct sk_buff *msg; + void *hdr; + bool fail = false; + + if (WARN_ON(wdev->iftype != NL80211_IFTYPE_MESH_POINT)) + return; + + msg = nlmsg_new(100 + nm->ie_len + pm->ie_len, gfp); + if (!msg) + return; + + hdr = genlmsg_put(msg, 0, 0, &nmeshd_nl_family, 0, QBC_VENDOR_IE); + if (!hdr) { + nlmsg_free(msg); + return; + } + + if (nla_put_u32(msg, NNL_ATTR_WIPHY, rdev->wiphy_idx) || + nla_put_string(msg, NNL_ATTR_IFNAME, dev->name) || + nla_put_u32(msg, NNL_ATTR_IFINDEX, dev->ifindex)) + goto nla_put_failure; + + if (nm->parse_error || + nla_put(msg, NNL_ATTR_MAC, ETH_ALEN, macaddr) || + nla_put_u16(msg, NNL_ATTR_FRAME_TYPE, stype) || + nla_put_s8(msg, NNL_ATTR_SIGNAL_STRENGTH, signal) || + nla_put_u32(msg, NNL_ATTR_BEACON_INTERVAL, beacon_int) || + (nm->ie_len && nm->ie_start && + nla_put(msg, NNL_ATTR_IE_NODE_METRICS, nm->ie_len, nm->ie_start))) + fail = true; + + if (pm->parse_error || + (pm->ie_len && pm->ie_start && + nla_put(msg, NNL_ATTR_IE_PATH_METRICS, pm->ie_len, pm->ie_start))) { + if (fail) + goto nla_put_failure; + } + + genlmsg_end(msg, hdr); + genlmsg_multicast_netns(&nmeshd_nl_family, wiphy_net(wdev->wiphy), msg, 0, + NNL_MCGRP_MLME, gfp); + return; + +nla_put_failure: + genlmsg_cancel(msg, hdr); + nlmsg_free(msg); +} + +static int nmeshd_nl_set_mpp(struct sk_buff *skb, struct genl_info *info) +{ + struct net_device *dev = info->user_ptr[0]; + + u8 *dst = NULL; + u8 *proxy = NULL; + + if (!info->attrs[NNL_ATTR_MAC]) + return -EINVAL; + + if (!info->attrs[NNL_ATTR_MPP_PROXY]) + return -EINVAL; + + dst = nla_data(info->attrs[NNL_ATTR_MAC]); + proxy = nla_data(info->attrs[NNL_ATTR_MPP_PROXY]); + + if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) + return -EOPNOTSUPP; + + return ieee80211_update_mpp(NULL, dev, dst, proxy); +} + +static int nmeshd_nl_del_mpp(struct sk_buff *skb, struct genl_info *info) +{ + struct net_device *dev = info->user_ptr[0]; + u8 *dst; + + if (!info->attrs[NNL_ATTR_MAC]) + return -EINVAL; + + if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) + return -EOPNOTSUPP; + + dst = nla_data(info->attrs[NNL_ATTR_MAC]); + + return ieee80211_delete_mpp(NULL, dev, dst); +} + +static int nmeshd_nl_mplink_block(struct sk_buff *skb, struct genl_info *info) +{ + struct net_device *dev = info->user_ptr[0]; + u8 *dst; + + if (!info->attrs[NNL_ATTR_MAC]) + return -EINVAL; + + if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) + return -EOPNOTSUPP; + + dst = nla_data(info->attrs[NNL_ATTR_MAC]); + return ieee80211_mplink_block(NULL, dev, dst); +} + +static int nmeshd_nl_mplink_unblock(struct sk_buff *skb, struct genl_info *info) +{ + struct net_device *dev = info->user_ptr[0]; + u8 *dst; + + if (!info->attrs[NNL_ATTR_MAC]) + return -EINVAL; + + if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) + return -EOPNOTSUPP; + + dst = nla_data(info->attrs[NNL_ATTR_MAC]); + return ieee80211_mplink_unblock(NULL, dev, dst); +} + +static int nmeshd_nl_get_net_device(struct sk_buff *skb, + struct netlink_callback *cb, + struct net_device **dev) +{ + int err, ifindex; + struct nlattr **attrs; + + attrs = kcalloc(NNL_NUM_ATTR, sizeof(*attrs), GFP_KERNEL); + if (!attrs) + return -ENOMEM; + + err = nlmsg_parse_deprecated(cb->nlh, + GENL_HDRLEN + nmeshd_nl_family.hdrsize, + attrs, nmeshd_nl_family.maxattr, + nmeshd_nl_policy, NULL); + if (err) { + kfree(attrs); + return err; + } + + if (!attrs[NNL_ATTR_IFINDEX]) { + kfree(attrs); + return -EINVAL; + } + + ifindex = nla_get_u32(attrs[NNL_ATTR_IFINDEX]); + kfree(attrs); + *dev = dev_get_by_index(&init_net, ifindex); + if (!(*dev)) + err = -ENODEV; + return err; +} + +static int nmeshd_nl_send_mplink_info(struct sk_buff *msg, u32 cmd, u32 portid, + u32 seq, int flags, + struct net_device *dev, + struct mplink_blocked_info *mplink_info) +{ + void *hdr; + struct nlattr *mplink_infoattr; + struct nlattr *infoattr; + u32 len = 0; + u32 i; + + hdr = genlmsg_put(msg, portid, seq, &nmeshd_nl_family, flags, cmd); + if (!hdr) + return -1; + + if (nla_put_u32(msg, NNL_ATTR_IFINDEX, dev->ifindex)) + goto nla_put_failure; + + mplink_infoattr = nla_nest_start(msg, NNL_ATTR_MPLINK_INFO); + if (!mplink_infoattr) + goto nla_put_failure; + + for (i = 0; i < mplink_info->count; i++) { + infoattr = nla_nest_start(msg, i); + if (!infoattr) + goto nla_put_failure; + + nla_put(msg, NNL_MPLINK_ATTR_MAC, ETH_ALEN, mplink_info->info + len); + len += ETH_ALEN; + nla_nest_end(msg, infoattr); + } + + nla_nest_end(msg, mplink_infoattr); + genlmsg_end(msg, hdr); + + return 0; + +nla_put_failure: + genlmsg_cancel(msg, hdr); + return -EMSGSIZE; +} + +static int nmeshd_nl_dump_blocked_mplink_info(struct sk_buff *skb, struct netlink_callback *cb) +{ + struct mplink_blocked_info mplink_info; + struct net_device *dev = NULL; + int err = 0; + + rtnl_lock(); + err = nmeshd_nl_get_net_device(skb, cb, &dev); + if (err) + goto fail; + + memset(&mplink_info, 0, sizeof(mplink_info)); + err = ieee80211_dump_blocked_mplink_info(NULL, dev, &mplink_info); + if (err) + goto fail; + + if (nmeshd_nl_send_mplink_info(skb, NNL_CMD_DUMP_BLOCKED_MPLINK_INFO, + NETLINK_CB(cb->skb).portid, + cb->nlh->nlmsg_seq, NLM_F_MULTI, + dev, + &mplink_info) < 0) + err = skb->len; + +fail: + if (dev) + dev_put(dev); + rtnl_unlock(); + return err; +} + +static int nmeshd_nl_mplink_flush(struct sk_buff *skb, struct genl_info *info) +{ + struct net_device *dev = info->user_ptr[0]; + + if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) + return -EOPNOTSUPP; + + return ieee80211_mplink_flush(NULL, dev); +} + +static int nmeshd_nl_pre_doit(const struct genl_ops *ops, + struct sk_buff *skb, + struct genl_info *info) +{ + struct net_device *dev; + struct wireless_dev *wdev; + struct nlattr **attrs = info->attrs; + int ifindex; + + if (!attrs[NNL_ATTR_IFINDEX]) + return -EINVAL; + + rtnl_lock(); + ifindex = nla_get_u32(attrs[NNL_ATTR_IFINDEX]); + + dev = dev_get_by_index(&init_net, ifindex); + if (!dev) { + rtnl_unlock(); + return -ENODEV; + } + + wdev = dev->ieee80211_ptr; + if (!wdev) { + dev_put(dev); + rtnl_unlock(); + return -ENODEV; + } + + if (!wdev_running(wdev)) { + dev_put(dev); + rtnl_unlock(); + return -ENETDOWN; + } + + info->user_ptr[0] = dev; + info->user_ptr[1] = wdev; + wdev_lock(wdev); + return 0; +} + +static void nmeshd_nl_post_doit(const struct genl_ops *ops, + struct sk_buff *skb, + struct genl_info *info) +{ + if (info->user_ptr[0]) + dev_put(info->user_ptr[0]); + if (info->user_ptr[1]) + wdev_unlock(info->user_ptr[1]); + rtnl_unlock(); +} + +static const struct genl_ops ops[] = { + { + .cmd = NNL_CMD_MESH_PEER_PATH_METRICS, + .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, + .doit = nmeshd_nl_update_mesh_vendor_path_metrics_ie, + .policy = nmeshd_nl_policy, + }, + { + .cmd = NNL_CMD_MESH_NODE_METRICS, + .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, + .doit = nmeshd_nl_update_mesh_vendor_node_metrics_ie, + .policy = nmeshd_nl_policy, + }, + { + .cmd = NNL_CMD_SET_MPP, + .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, + .doit = nmeshd_nl_set_mpp, + .policy = nmeshd_nl_policy, + }, + { + .cmd = NNL_CMD_DEL_MPP, + .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, + .doit = nmeshd_nl_del_mpp, + .policy = nmeshd_nl_policy, + }, + { + .cmd = NNL_CMD_MPLINK_BLOCK, + .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, + .doit = nmeshd_nl_mplink_block, + .policy = nmeshd_nl_policy, + }, + { + .cmd = NNL_CMD_MPLINK_UNBLOCK, + .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, + .doit = nmeshd_nl_mplink_unblock, + .policy = nmeshd_nl_policy, + }, + { + .cmd = NNL_CMD_DUMP_BLOCKED_MPLINK_INFO, + .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, + .dumpit = nmeshd_nl_dump_blocked_mplink_info, + .policy = nmeshd_nl_policy, + }, + { + .cmd = NNL_CMD_MPLINK_FLUSH, + .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, + .doit = nmeshd_nl_mplink_flush, + .policy = nmeshd_nl_policy, + } +}; + +static struct genl_family nmeshd_nl_family __ro_after_init = { + .name = NMESHD_NL_FAMILY, + .hdrsize = 0, + .version = 1, + .maxattr = NNL_ATTR_MAX, + .module = THIS_MODULE, + .ops = ops, + .n_ops = ARRAY_SIZE(ops), + .mcgrps = nmeshd_nl_mcgrps, + .n_mcgrps = ARRAY_SIZE(nmeshd_nl_mcgrps), + .pre_doit = nmeshd_nl_pre_doit, + .post_doit = nmeshd_nl_post_doit, +}; + +int nmeshd_nl_init(void) +{ + return genl_register_family(&nmeshd_nl_family); +} + +int nmeshd_nl_deinit(void) +{ + return genl_unregister_family(&nmeshd_nl_family); +} + --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/net/mac80211/nmeshd_nl.h 2024-04-22 14:46:58.232276963 +0200 @@ -0,0 +1,33 @@ +#ifndef NMESHD_NL_H +#define NMESHD_NL_H + +#include +#include +#include +#include "../wireless/core.h" +#include +#include "ieee80211_i.h" + +int nmeshd_nl_init(void); +int nmeshd_nl_deinit(void); +int ieee80211_update_mesh_vendor_path_metrics_ie(struct wiphy *wiphy, + struct net_device *dev, + const struct mesh_vendor_ie *vendor_ie); + +int ieee80211_update_mesh_vendor_node_metrics_ie(struct wiphy *wiphy, + struct net_device *dev, + const struct mesh_vendor_ie *vendor_ie); + +int ieee80211_update_mpp(struct wiphy *wiphy, struct net_device *dev, + const u8 *dst, const u8 *next_hop); + +int ieee80211_delete_mpp(struct wiphy *wiphy, struct net_device *dev, + const u8 *dst); +int ieee80211_mplink_block(struct wiphy *wiphy, struct net_device *dev, + const u8 *dst); +int ieee80211_mplink_unblock(struct wiphy *wiphy, struct net_device *dev, + const u8 *dst); +int ieee80211_dump_blocked_mplink_info(struct wiphy *wiphy, struct net_device *dev, + struct mplink_blocked_info *minfo); +int ieee80211_mplink_flush(struct wiphy *wiphy, struct net_device *dev); +#endif /* NMESHD_NL_H */ diff -Nruw linux-5.15.42-fbx/net/nmesh-mbh./Kconfig linux-5.15.42-fbx/net/nmesh-mbh/Kconfig --- linux-5.15.42-fbx/net/nmesh-mbh./Kconfig 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/nmesh-mbh/Kconfig 2024-04-22 14:46:58.296278712 +0200 @@ -0,0 +1,4 @@ +config NET_NMESH_MBH + tristate "nmesh multi backhaul ethernet support" + help + This is part of qubercomm's magic to support ethernet as a backhaul diff -Nruw linux-5.15.42-fbx/net/nmesh-mbh./Makefile linux-5.15.42-fbx/net/nmesh-mbh/Makefile --- linux-5.15.42-fbx/net/nmesh-mbh./Makefile 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/nmesh-mbh/Makefile 2024-04-22 14:46:58.296278712 +0200 @@ -0,0 +1 @@ +obj-$(CONFIG_NET_NMESH_MBH) += nmesh-mbh.o diff -Nruw linux-5.15.42-fbx/net/nmesh-mbh./nmesh-mbh.c linux-5.15.42-fbx/net/nmesh-mbh/nmesh-mbh.c --- linux-5.15.42-fbx/net/nmesh-mbh./nmesh-mbh.c 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/nmesh-mbh/nmesh-mbh.c 2024-04-22 14:46:58.296278712 +0200 @@ -0,0 +1,794 @@ +/* + * Copyright (c) 2019 Qubercomm Technologies, Inc. + */ + +#include +#include +#include +#include "nmesh-mbh.h" + +#define ICMPV6_NMESH_MBH 254 + +static struct nmesh_mbh mbh; +static const u8 _mbh_icmp6_mc_ebeacon_addr[] = { + 0x33, 0x33, 0x00, 0x00, 0x00, 0x01, +}; +static const u8 _mbh_eth_mc_ebeacon_addr[] = { + 0x01, 0x80, 0xC2, 0xFF, 0xFF, 0xFE, +}; + +static struct mbh_iface *mbh_iface_find_by_name(char *name) +{ + struct mbh_iface *iface; + + lockdep_assert_held(&mbh.iface_lock); + + list_for_each_entry(iface, &mbh.ifaces, list) { + if (!strcmp(iface->name, name)) + return iface; + } + return NULL; +} + +static struct mbh_iface *mbh_iface_find_by_mac(unsigned char *mac) +{ + struct mbh_iface *iface; + + lockdep_assert_held(&mbh.iface_lock); + + list_for_each_entry(iface, &mbh.ifaces, list) { + if (ether_addr_equal(iface->mac, mac)) + return iface; + } + return NULL; +} + +static struct mbh_remote_peer *mbh_remote_peer_find_by_mac(struct mbh_iface *iface, + unsigned char *mac) +{ + struct mbh_remote_peer *remote_peer; + + lockdep_assert_held(&mbh.iface_lock); + + list_for_each_entry(remote_peer, &iface->remote_peers_list, list) { + if (ether_addr_equal(remote_peer->mac, mac)) + return remote_peer; + } + return NULL; +} + +static char mbh_is_nmeshd_alive(void) +{ + struct task_struct *task; + struct pid *pid; + + rcu_read_lock(); + + pid = find_pid_ns(mbh.nmeshd_pid, &init_pid_ns); + if (unlikely(!pid)) { + rcu_read_unlock(); + return 0; + } + + task = pid_task(pid, PIDTYPE_PID); + + rcu_read_unlock(); + + if(unlikely(!task)) + return 0; + + return 1; +} + +static inline void mbh_stop_hb_timer(void) +{ + if (!test_bit(MBH_HB_SCHEDULED, &mbh.flags)) + return; + + del_timer(&mbh.hb_timer); + clear_bit(MBH_HB_SCHEDULED, &mbh.flags); +} + +/* It's not possible to cancel a timer (heart beat timer) + * within the same timer context. This tasklet helps in + * such a situation. */ +void mbh_cancel_hb_timer_tasklet(unsigned long data) +{ + mbh_stop_hb_timer(); +} + +static void mbh_iface_cleanup(void) +{ + struct mbh_iface *iface, *tmp; + struct mbh_remote_peer *remote_peer, *rtmp; + + spin_lock_bh(&mbh.iface_lock); + list_for_each_entry_safe(iface, tmp, &mbh.ifaces, list) { + if (iface->hb_payload) + kfree(iface->hb_payload); + + list_for_each_entry_safe(remote_peer, rtmp, + &iface->remote_peers_list, list) { + list_del(&remote_peer->list); + kfree(remote_peer); + } + + list_del(&iface->list); + kfree(iface); + } + spin_unlock_bh(&mbh.iface_lock); +} + +static void mbh_send_uevent(struct mbh_event_hdr *ehdr_to_send, + char *payload, int payload_size) +{ + struct sk_buff *skb; + struct nlmsghdr *nlh; + struct mbh_event_hdr *ehdr; + int len, ret; + + len = NLMSG_HDRLEN + sizeof(struct mbh_event_hdr) + payload_size; + + skb = nlmsg_new(len, gfp_any()); + if (!skb) + return; + + nlh = nlmsg_put(skb, 0, 0, NLMSG_DONE, len - NLMSG_HDRLEN, 0); + if (!nlh) { + kfree_skb(skb); + return; + } + + ehdr = nlmsg_data(nlh); + *ehdr = *ehdr_to_send; + memcpy(ehdr + 1, payload, payload_size); + + /* send composed event to the user space */ + ret = netlink_unicast(mbh.nl_soc, skb, + mbh.nmeshd_pid, MSG_DONTWAIT); + + if (ret == -ECONNREFUSED && !mbh_is_nmeshd_alive()) + mbh_stop_hb_timer(); +} + +static int mbh_record_remote_peer_hb_time(struct net_device *dev, + unsigned char *remote_peer_mac) +{ + struct mbh_iface *iface; + struct mbh_remote_peer *remote_peer; + int found = 0; + + if (unlikely(!dev || !remote_peer_mac)) + return found; + + spin_lock_bh(&mbh.iface_lock); + iface = mbh_iface_find_by_name(dev->name); + if (!iface) + goto unlock; + + found = 1; + remote_peer = mbh_remote_peer_find_by_mac(iface, remote_peer_mac); + if (unlikely(!remote_peer)) { + remote_peer = kzalloc(sizeof(*remote_peer), GFP_ATOMIC); + if (!remote_peer) + goto unlock; + + ether_addr_copy(remote_peer->mac, remote_peer_mac); + list_add(&remote_peer->list, &iface->remote_peers_list); + } + + remote_peer->last_hb_rx_time = jiffies; +unlock: + spin_unlock_bh(&mbh.iface_lock); + return found; +} + +static bool mbh_check_icmpv6(struct sk_buff *skb) +{ + struct ipv6hdr *ip6_hdr; + struct icmp6hdr *icmpv6_hdr; + + if (skb->protocol != cpu_to_be16(ETH_P_IPV6)) + return false; + + /* + * Check that packets has enough data to be icmpv6 eventually in + * separate pages + */ + if (!pskb_may_pull(skb, sizeof(*ip6_hdr) + sizeof(*icmpv6_hdr))) + return false; + + ip6_hdr = ipv6_hdr(skb); + if (ip6_hdr->nexthdr != IPPROTO_ICMPV6) + return false; + + /* Check for DA ? */ + skb_pull(skb, sizeof(*ip6_hdr)); + + /* Check for icmpv6 header */ + skb_reset_transport_header(skb); + icmpv6_hdr = icmp6_hdr(skb); + if (icmpv6_hdr->icmp6_type != ICMPV6_NMESH_MBH) + return false; + + skb_pull(skb, sizeof(*icmpv6_hdr)); + return true; +} + +int mbh_bridge_rx(struct sk_buff *skb) +{ + struct sk_buff *clone = skb_clone(skb, GFP_ATOMIC); + struct mbh_event_hdr event_hdr; + struct mbh_iface *iface; + struct mbh_hdr *mbh_hdr; + int ret = 0, found; + + if (!clone) + return 0; + + if ((skb->protocol != cpu_to_be16(ETH_P_NMESH_MBH)) && + !mbh_check_icmpv6(clone)) { + goto notmbh; + } + + if (!test_bit(MBH_HB_SCHEDULED, &mbh.flags)) { + /* heart beat frame tx is already stopped, + * there is no point processing rx pkt */ + goto drop; + } + + if (!pskb_may_pull(clone, sizeof(*mbh_hdr))) + goto notmbh; + + mbh_hdr = (struct mbh_hdr *)clone->data; + if (mbh_hdr->frame_type == MBH_HEART_BEAT_FRAME) { + /* loop back case: drop the heart beat initiated in + * the same system on the another ethernet interface. */ + spin_lock_bh(&mbh.iface_lock); + iface = mbh_iface_find_by_mac(eth_hdr(clone)->h_source); + spin_unlock_bh(&mbh.iface_lock); + if (iface) + goto drop; + + found = mbh_record_remote_peer_hb_time(clone->dev, + eth_hdr(clone)->h_source); + /* + * Packet was not received in nmeshd managed interface yet, let + * linux stack process it again until it is received on proper + * interface + */ + if (!found) + goto notmbh; + + skb_pull(clone, sizeof(struct mbh_hdr)); + event_hdr.type = MBH_HB_FRAME; + ether_addr_copy(event_hdr.h_source, eth_hdr(clone)->h_source); + ether_addr_copy(event_hdr.h_dest, clone->dev->dev_addr); + + /* send heart beat frame to user space */ + mbh_send_uevent(&event_hdr, clone->data, clone->len); + } +drop: + kfree_skb(skb); + ret = 1; +notmbh: + kfree_skb(clone); + return ret; +} + +static void mbh_cleanup_aged_out_remote_peers(void) +{ + struct mbh_remote_peer *remote_peer, *rtmp; + struct mbh_iface *iface; + + lockdep_assert_held(&mbh.iface_lock); + + list_for_each_entry(iface, &mbh.ifaces, list) { + list_for_each_entry_safe(remote_peer, rtmp, + &iface->remote_peers_list, list) { + if (time_before(jiffies, + remote_peer->last_hb_rx_time + + msecs_to_jiffies(MBH_REMOTE_PEER_AGE_TIMEOUT))) + continue; + + /* remote peer aged out */ + list_del(&remote_peer->list); + kfree(remote_peer); + } + } +} + +static void mbh_send_icmp6_heart_beat_mc(struct mbh_iface *iface, + struct net_device *dev) +{ + struct in6_addr saddr, daddr; + struct icmp6hdr *icmpv6_hdr; + struct mbh_hdr *mbh_hdr; + struct ipv6hdr *ip6_hdr; + struct ethhdr *eth_hdr; + struct sk_buff *skb; + size_t totlen; + + /* Set fake SA and DA to ff02::1 */ + ipv6_addr_set(&saddr, htonl(0xfe800000), 0, 0, htonl(0xfffe)); + ipv6_addr_set(&daddr, htonl(0xff020000), 0, 0, htonl(1)); + + + totlen = ETH_HLEN + sizeof(*ip6_hdr) + sizeof(*icmpv6_hdr) + + sizeof(*mbh_hdr) + iface->hb_payload_len; + skb = dev_alloc_skb(totlen + NET_IP_ALIGN); + if (!skb) + return; + + /* Reserve space up to transport header (included) */ + skb_reserve(skb, NET_IP_ALIGN + ETH_HLEN + sizeof(*ip6_hdr) + + sizeof(*icmpv6_hdr)); + + /* pack mbh hdr */ + mbh_hdr = skb_put(skb, sizeof(*mbh_hdr)); + mbh_hdr->frame_type = MBH_HEART_BEAT_FRAME; + /* copy user configured payload */ + memcpy(skb_put(skb, iface->hb_payload_len), + iface->hb_payload, iface->hb_payload_len); + + + /* prepare ICMPv6 Header */ + icmpv6_hdr = skb_push(skb, sizeof(*icmpv6_hdr)); + skb_reset_transport_header(skb); + *icmpv6_hdr = (struct icmp6hdr) { + .icmp6_type = ICMPV6_NMESH_MBH, + }; + icmpv6_hdr->icmp6_cksum = csum_ipv6_magic(&saddr, &daddr, skb->len, + IPPROTO_ICMPV6, + csum_partial(icmpv6_hdr, + skb->len, 0)); + + /* prepare IPv6 header */ + ip6_hdr = skb_push(skb, sizeof(*ip6_hdr)); + skb_reset_network_header(skb); + ip6_flow_hdr(ip6_hdr, 0, 0); + ip6_hdr->payload_len = htons(skb->len - sizeof(*ip6_hdr)); + ip6_hdr->nexthdr = IPPROTO_ICMPV6; + ip6_hdr->hop_limit = 255; /* Maybe set maxhop to 1 ? */ + ip6_hdr->saddr = saddr; + ip6_hdr->daddr = daddr; + + /* prepare 802.3 header */ + eth_hdr = skb_push(skb, ETH_HLEN); + skb_reset_mac_header(skb); + ether_addr_copy(eth_hdr->h_dest, _mbh_icmp6_mc_ebeacon_addr); + ether_addr_copy(eth_hdr->h_source, dev->dev_addr); + eth_hdr->h_proto = htons(ETH_P_IPV6); + + skb->dev = dev; + skb->protocol = htons(ETH_P_IPV6); + skb->priority = TC_PRIO_CONTROL; + + /* note: ethernet driver may add pad bytes (with zero) before tx */ + dev_queue_xmit(skb); +} + +static void mbh_send_eth_heart_beat_mc(struct mbh_iface *iface, + struct net_device *dev) +{ + struct mbh_hdr *mbh_hdr; + struct ethhdr *eth_hdr; + struct sk_buff *skb; + + skb = dev_alloc_skb(ETH_HLEN + sizeof(struct mbh_hdr) + + iface->hb_payload_len + NET_IP_ALIGN); + if (!skb) + return; + + skb_reserve(skb, NET_IP_ALIGN); + + /* prepare .3 header */ + eth_hdr = (struct ethhdr *) skb_put(skb, ETH_HLEN); + skb_reset_mac_header(skb); + ether_addr_copy(eth_hdr->h_source, dev->dev_addr); + ether_addr_copy(eth_hdr->h_dest, _mbh_eth_mc_ebeacon_addr); + eth_hdr->h_proto = htons(ETH_P_NMESH_MBH); + + /* pack mbh hdr */ + mbh_hdr = (struct mbh_hdr *)skb_put(skb, sizeof(struct mbh_hdr)); + mbh_hdr->frame_type = MBH_HEART_BEAT_FRAME; + + /* copy user configured payload */ + memcpy(skb_put(skb, iface->hb_payload_len), + iface->hb_payload, iface->hb_payload_len); + skb_reset_network_header(skb); + + skb->dev = dev; + skb->protocol = htons(ETH_P_NMESH_MBH); + skb->priority = TC_PRIO_CONTROL; + + dev_queue_xmit(skb); +} + +static void mbh_send_heart_beat_mc(struct mbh_iface *iface, + struct net_device *dev) +{ + mbh_send_eth_heart_beat_mc(iface, dev); + mbh_send_icmp6_heart_beat_mc(iface, dev); + iface->bcast_hb_last_tx_time = jiffies; +} + +static void mbh_send_heart_beat_uc(struct mbh_iface *iface, + struct net_device *dev) +{ + struct mbh_remote_peer *remote_peer; + struct sk_buff *skb, *skb_to_send; + struct mbh_hdr *mbh_hdr; + struct ethhdr *eth_hdr; + + skb = dev_alloc_skb(ETH_HLEN + sizeof(struct mbh_hdr) + + iface->hb_payload_len + NET_IP_ALIGN); + if (!skb) + return; + + skb_reserve(skb, NET_IP_ALIGN); + + /* prepare .3 header */ + eth_hdr = (struct ethhdr *) skb_put(skb, ETH_HLEN); + skb_reset_mac_header(skb); + ether_addr_copy(eth_hdr->h_source, dev->dev_addr); + eth_hdr->h_proto = htons(ETH_P_NMESH_MBH); + + /* pack mbh hdr */ + mbh_hdr = (struct mbh_hdr *)skb_put(skb, sizeof(struct mbh_hdr)); + mbh_hdr->frame_type = MBH_HEART_BEAT_FRAME; + + /* copy user configured payload */ + memcpy(skb_put(skb, iface->hb_payload_len), + iface->hb_payload, iface->hb_payload_len); + skb_reset_network_header(skb); + + skb->dev = dev; + skb->protocol = htons(ETH_P_NMESH_MBH); + skb->priority = TC_PRIO_CONTROL; + + /* send unicast heart beat frame for every remote peer */ + list_for_each_entry(remote_peer, &iface->remote_peers_list, list) { + if (list_is_last(&remote_peer->list, &iface->remote_peers_list)) { + skb_to_send = skb; + } else { + skb_to_send = skb_copy(skb, GFP_ATOMIC); + if (!skb_to_send) + skb_to_send = skb; + } + + /* pack remote peer address in destination field */ + eth_hdr = (struct ethhdr *) skb_mac_header(skb_to_send); + ether_addr_copy(eth_hdr->h_dest, remote_peer->mac); + + dev_queue_xmit(skb_to_send); + + if (skb == skb_to_send) + break; + } +} + +static void mbh_send_heart_beat_frame(struct net_device *dev) +{ + struct mbh_iface *iface; + + /* nmeshd alive check for the every heart beat timer expiry seems to + * be overkill. hence, do this only after the certain hb interval. */ + if (++mbh.nmeshd_alive_check_count >= MBH_HB_EXPIRE_FOR_NMESHD_ALIVE_CHECK) { + if (mbh_is_nmeshd_alive()) { + mbh.nmeshd_alive_check_count = 0; + } else { + /* nmeshd is dead, stop further heart beat tx */ + tasklet_schedule(&mbh.cancel_hb_timer_tasklet); + return; + } + } + + spin_lock_bh(&mbh.iface_lock); + + mbh_cleanup_aged_out_remote_peers(); + + iface = mbh_iface_find_by_name(dev->name); + if (!iface || !iface->hb_payload) + goto unlock; + + if (iface->initial_bcast_hb_tx_count < MBH_INITIAL_BCAST_HB_TX_COUNT_MAX) { + iface->initial_bcast_hb_tx_count++; + mbh_send_heart_beat_mc(iface, dev); + } else if (time_after(jiffies, + iface->bcast_hb_last_tx_time + + msecs_to_jiffies(MBH_PERIODIC_BCAST_HB_INTERVAL))) { + mbh_send_heart_beat_mc(iface, dev); + } else if (!list_empty(&iface->remote_peers_list)) { + mbh_send_heart_beat_uc(iface, dev); + } + +unlock: + spin_unlock_bh(&mbh.iface_lock); +} + +static void mbh_heart_beat_timer(struct timer_list *t) +{ + struct net_device *dev; + struct net_bridge *br; + struct net_bridge_port *p; + + dev = dev_get_by_name(&init_net, mbh.br_name); + if (!dev) + goto reshedule; + + br = netdev_priv(dev); + + /* send heart beat frame on each non wireless interfaces + * linked to the bridge */ + list_for_each_entry(p, &br->port_list, list) { + if (p->state == BR_STATE_DISABLED || + !p->dev || !(p->dev->flags & IFF_UP)) + continue; + + /* skip wireless interface */ + if (p->dev->ieee80211_ptr) + continue; + + mbh_send_heart_beat_frame(p->dev); + } + dev_put(dev); + +reshedule: + mod_timer(&mbh.hb_timer, + jiffies + msecs_to_jiffies(mbh.hb_timer_interval)); +} + +static void mbh_set_hb_payload_cmd(struct mbh_set_hb_payload_cmd *msg) +{ + struct mbh_iface *iface; + struct net_device *dev; + + if (msg->payload_len > MBH_HB_MAX_PAYLOAD) { + printk(KERN_ERR "mbh: hb payload len exceeding max limit (max:%d, received:%d)\n", + MBH_HB_MAX_PAYLOAD, msg->payload_len); + return; + } + + dev = dev_get_by_name(&init_net, msg->iface_name); + if (!dev) { + printk(KERN_ERR "mbh: device %s is not present in the system\n", + msg->iface_name); + return; + } + + spin_lock_bh(&mbh.iface_lock); + + iface = mbh_iface_find_by_name(msg->iface_name); + if (!iface) { + iface = kzalloc(sizeof(*iface), GFP_ATOMIC); + if (!iface) { + spin_unlock_bh(&mbh.iface_lock); + dev_put(dev); + return; + } + + snprintf(iface->name, sizeof(iface->name), msg->iface_name); + ether_addr_copy(iface->mac, dev->dev_addr); + INIT_LIST_HEAD(&iface->remote_peers_list); + list_add(&iface->list, &mbh.ifaces); + } + + dev_put(dev); + + if (iface->hb_payload) + kfree(iface->hb_payload); + + if (msg->payload_len) { + iface->hb_payload = kmalloc(msg->payload_len, GFP_ATOMIC); + if (iface->hb_payload) { + memcpy(iface->hb_payload, &msg->payload, + msg->payload_len); + iface->hb_payload_len = msg->payload_len; + } + } else { + iface->hb_payload = NULL; + } + + spin_unlock_bh(&mbh.iface_lock); +} + +static void mbh_start_cmd(u32 pid, struct mbh_start_cmd *msg) +{ + struct mbh_iface *iface; + + mbh_stop_hb_timer(); + + mbh.nmeshd_pid = pid; + + if (msg->hb_timer_interval) + mbh.hb_timer_interval = msg->hb_timer_interval; + else + mbh.hb_timer_interval = MBH_HB_TIMER_DEFAULT_INTERVAL; + + memcpy(&mbh.br_name, &msg->br_name, IFNAMSIZ); + + /* reset initial bcast hb counter to force each interface + * to start with broadcast heart beat frame. */ + spin_lock_bh(&mbh.iface_lock); + list_for_each_entry(iface, &mbh.ifaces, list) + iface->initial_bcast_hb_tx_count = 0; + spin_unlock_bh(&mbh.iface_lock); + + RCU_INIT_POINTER(nmesh_mbh_bridge_rx, mbh_bridge_rx); + + set_bit(MBH_HB_SCHEDULED, &mbh.flags); + mod_timer(&mbh.hb_timer, + jiffies + msecs_to_jiffies(mbh.hb_timer_interval)); +} + +static void mbh_stop_cmd(void) +{ + mbh_stop_hb_timer(); + RCU_INIT_POINTER(nmesh_mbh_bridge_rx, NULL); + rcu_barrier(); +} + +static void mbh_nl_soc_recv(struct sk_buff *skb) +{ + struct nlmsghdr *nlh; + struct mbh_cmd_hdr *hdr; + void *msg; + + nlh = nlmsg_hdr(skb); + hdr = nlmsg_data(nlh); + msg = hdr + 1; + + if (hdr->magic != MBH_HDR_MAGIC) + return; + + switch (hdr->cmd) { + case MBH_SET_HB_PAYLOAD_CMD: + mbh_set_hb_payload_cmd(msg); + break; + case MBH_START_CMD: + mbh_start_cmd(nlh->nlmsg_pid, msg); + break; + case MBH_STOP_CMD: + mbh_stop_cmd(); + break; + default: + break; + } +} + +static ssize_t mbh_debugfs_read_status(struct file *file, + char __user *user_buf, + size_t count, loff_t *ppos) +{ + unsigned int len = 0, buf_len = 800, ago; + struct mbh_iface *iface; + struct mbh_remote_peer *remote_peer; + char *buf; + int ret_cnt; + + buf = kzalloc(buf_len, GFP_KERNEL); + if (!buf) + return -ENOMEM; + + len += scnprintf(buf + len, buf_len - len, "heart_beat_timer = %s\n", + test_bit(MBH_HB_SCHEDULED, &mbh.flags) ? "running" : "stopped"); + if (mbh.hb_timer_interval) + len += scnprintf(buf + len, buf_len - len, + "heart_beat_timer_interval = %ld msec\n", + mbh.hb_timer_interval); + if (strlen(mbh.br_name)) + len += scnprintf(buf + len, buf_len - len, + "bridge = %s\n", mbh.br_name); + + spin_lock_bh(&mbh.iface_lock); + + mbh_cleanup_aged_out_remote_peers(); + + list_for_each_entry(iface, &mbh.ifaces, list) { + len += scnprintf(buf + len, buf_len - len, "%s:\n", iface->name); + len += scnprintf(buf + len, buf_len - len, + " mac = %pM\n", iface->mac); + len += scnprintf(buf + len, buf_len - len, + " heart_beat = %s\n", + test_bit(MBH_HB_SCHEDULED, &mbh.flags) && + iface->hb_payload ? "active" : "inactive"); + if (iface->hb_payload) { + len += scnprintf(buf + len, buf_len - len, + " heart_beat_payload_len = %d bytes\n", + iface->hb_payload_len); + } + len += scnprintf(buf + len, buf_len - len, + " remote_peers: %s", + list_empty(&iface->remote_peers_list) ? "not found\n" : "\n"); + + list_for_each_entry(remote_peer, &iface->remote_peers_list, list) { + ago = jiffies_to_msecs(jiffies - remote_peer->last_hb_rx_time); + len += scnprintf(buf + len, buf_len - len, + " mac: %pM, last_seen: %u msec ago\n", + remote_peer->mac, ago); + } + } + + spin_unlock_bh(&mbh.iface_lock); + + ret_cnt = simple_read_from_buffer(user_buf, count, ppos, buf, len); + + kfree(buf); + return ret_cnt; +} + +static const struct file_operations fops_debugfs_status = { + .read = mbh_debugfs_read_status, + .open = simple_open, + .owner = THIS_MODULE, + .llseek = default_llseek, +}; + +static int mbh_debugfs_init(void) +{ + struct dentry *entry; + + mbh.debugfs_dir = debugfs_create_dir("nmesh-mbh", NULL); + if (IS_ERR_OR_NULL(mbh.debugfs_dir)) { + printk(KERN_ERR "mbh: nmesh-mbh debugfs directory creation failed!"); + return -ENOMEM; + } + + entry = debugfs_create_file("status", S_IRUSR, mbh.debugfs_dir, NULL, + &fops_debugfs_status); + if (!entry) { + printk(KERN_ERR "mbh: status debugfs entry creation failed!"); + debugfs_remove_recursive(mbh.debugfs_dir); + return -ENOMEM; + } + + return 0; +} + +static int __init mbh_init(void) +{ + struct netlink_kernel_cfg cfg = { + .input = mbh_nl_soc_recv, + }; + int ret; + + spin_lock_init(&mbh.iface_lock); + INIT_LIST_HEAD(&mbh.ifaces); + + mbh.nl_soc = netlink_kernel_create(&init_net, + NETLINK_NMESH_MBH, &cfg); + if (!mbh.nl_soc) { + printk(KERN_ERR "mbh: unable to create netlink socket!"); + return -ENOMEM; + } + + timer_setup(&mbh.hb_timer, mbh_heart_beat_timer, 0); + tasklet_init(&mbh.cancel_hb_timer_tasklet, + mbh_cancel_hb_timer_tasklet, 0); + + ret = mbh_debugfs_init(); + if (ret) { + netlink_kernel_release(mbh.nl_soc); + return ret; + } + + return 0; +} + +static void __exit mbh_exit(void) +{ + mbh_stop_cmd(); + + tasklet_kill(&mbh.cancel_hb_timer_tasklet); + + mbh_stop_hb_timer(); + mbh_iface_cleanup(); + + debugfs_remove_recursive(mbh.debugfs_dir); + netlink_kernel_release(mbh.nl_soc); +} + +module_init(mbh_init); +module_exit(mbh_exit); +MODULE_LICENSE("GPL"); diff -Nruw linux-5.15.42-fbx/net/nmesh-mbh./nmesh-mbh.h linux-5.15.42-fbx/net/nmesh-mbh/nmesh-mbh.h --- linux-5.15.42-fbx/net/nmesh-mbh./nmesh-mbh.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-5.15.42-fbx/net/nmesh-mbh/nmesh-mbh.h 2024-04-22 14:46:58.296278712 +0200 @@ -0,0 +1,114 @@ +/* + * Copyright (c) 2019 Qubercomm Technologies, Inc. + */ + +#ifndef MBH_H +#define MBH_H + +#include +#include +#include +#include +#include +#include +#include +#include "../bridge/br_private.h" +#include +#include +#include + +#define NETLINK_NMESH_MBH 31 + +#define MBH_HB_TIMER_DEFAULT_INTERVAL 1000 /* in msec */ +#define MBH_HDR_MAGIC 0xBAFA +#define MBH_HB_MAX_PAYLOAD 512 + +#define MBH_INITIAL_BCAST_HB_TX_COUNT_MAX 5 +#define MBH_REMOTE_PEER_AGE_TIMEOUT 10000 /* in msec, 10 sec */ +#define MBH_PERIODIC_BCAST_HB_INTERVAL 300000 /* in msec, 5 min */ + +/* check nmeshd alive status after every 3 heart beat timer expiry */ +#define MBH_HB_EXPIRE_FOR_NMESHD_ALIVE_CHECK 3 + +enum mbh_frame_type { + MBH_HEART_BEAT_FRAME, +}; + +struct mbh_hdr { + char frame_type; +} __packed; + +enum mbh_cmd_table { + MBH_SET_HB_PAYLOAD_CMD, + MBH_START_CMD, + MBH_STOP_CMD, +}; + +struct mbh_cmd_hdr { + unsigned short magic; + char cmd; +}; + +struct mbh_set_hb_payload_cmd { + char iface_name[IFNAMSIZ]; + unsigned short payload_len; + char payload[MBH_HB_MAX_PAYLOAD]; +}; + +struct mbh_start_cmd { + char br_name[IFNAMSIZ]; + unsigned long hb_timer_interval; /* in msec */ +}; + +enum mbh_event_type { + MBH_HB_FRAME, +}; + +struct mbh_event_hdr { + unsigned char type; /* Refer enum mbh_event_type */ + unsigned char h_source[ETH_ALEN]; + unsigned char h_dest[ETH_ALEN]; +} __attribute__((packed)); + +enum mbh_flags { + MBH_HB_SCHEDULED, +}; + +struct mbh_remote_peer { + struct list_head list; + unsigned char mac[ETH_ALEN]; + unsigned long last_hb_rx_time; +}; + +struct mbh_iface { + struct list_head list; + struct list_head remote_peers_list; /* struct mbh_remote_peer */ + char name[IFNAMSIZ]; + unsigned char mac[ETH_ALEN]; + char *hb_payload; + unsigned short hb_payload_len; + unsigned char initial_bcast_hb_tx_count; + unsigned long bcast_hb_last_tx_time; +}; + +struct nmesh_mbh { + struct sock *nl_soc; + u32 nmeshd_pid; + char br_name[IFNAMSIZ]; + + struct timer_list hb_timer; + unsigned long hb_timer_interval; + unsigned long flags; /* Refer: enum mbh_flags */ + + spinlock_t iface_lock; + struct list_head ifaces; + + unsigned char nmeshd_alive_check_count; + struct tasklet_struct cancel_hb_timer_tasklet; + + struct dentry *debugfs_dir; +}; + +extern int (*nmesh_mbh_bridge_rx)(struct sk_buff *skb); + +#endif /* MBH_H */ --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/scripts/dtc/include-prefixes/arm/fbxgw.dtsi 2024-04-22 14:46:50.276059592 +0200 @@ -0,0 +1,156 @@ +/ { + ocp@f1000000 { + fbxwdt: fbxwatchdog-timer@20300 { + compatible = "marvell,orion-fbxwdt"; + reg = <0x20300 0x28>, <0x20108 0x4>; + clocks = <&gate_clk 7>; + status = "okay"; + }; + }; +}; + +&i2c0 { + status = "okay"; + clock-frequency = <25000>; + + cap1066@28 { + /* SMSC cap1066 */ + compatible = "smsc,smsc_cap1066"; + reg = <0x28>; + keymap = ; + }; + + eeprom@53 { + /* expansion eeprom */ + compatible = "atmel,24c256"; + read-only; + reg = <0x53>; + }; + + eeprom@57 { + /* midlane eeprom */ + compatible = "atmel,24c32"; + read-only; + reg = <0x57>; + pagesize = <8>; + }; +}; + +&tdm_spi0 { + status = "okay"; + num-cs = <1>; + + ssd1327@0 { + compatible = "solomon,ssd1327"; + reg = <0>; + spi-max-frequency = <(9 * 1000 * 1000)>; + ssd1327,width = <128>; + ssd1327,height = <128>; + ssd1327,rotate = <270>; + ssd1327,watchdog = <300>; + }; + + bcm-flash@1 { + compatible = "m25p80"; + reg = <1>; + spi-max-frequency = <(1 * 1000 * 1000)>; + label = "bcmflash"; + }; +}; + +&nand { + status = "okay"; + chip-delay = <35>; + + partitions { + compatible = "fixed-partitions"; + #address-cells = <1>; + #size-cells = <1>; + + all@0 { + label = "all"; + /* MTDPART_SIZ_FULL=0 */ + reg = <0x0 0>; + read-only; + }; + + u-boot@0 { + label = "u-boot"; + reg = <0x0 (1 * 1024 * 1024)>; + read-only; + }; + + serial@ { + label = "serial"; + reg = <(1 * 1024 * 1024) (1 * 1024 * 1024)>; + read-only; + }; + + calibration@0 { + label = "calibration"; + reg = <(2 * 1024 * 1024) (1 * 1024 * 1024)>; + read-only; + }; + + bank0@0 { + label = "bank0"; + reg = <(3 * 1024 * 1024) (18 * 1024 * 1024)>; + read-only; + }; + + nvram@0 { + label = "nvram"; + reg = <(21 * 1024 * 1024) (3 * 1024 * 1024)>; + }; + + bank1@0 { + label = "bank1"; + reg = <(24 * 1024 * 1024) (62 * 1024 * 1024)>; + }; + + femto@0 { + label = "femto"; + reg = <(86 * 1024 * 1024) (16 * 1024 * 1024)>; + }; + + config@0 { + label = "config"; + reg = <(120 * 1024 * 1024) (8 * 1024 * 1024)>; + }; + + partition@0 { + label = "new_bank0"; + reg = <(102 * 1024 * 1024) (18 * 1024 * 1024)>; + }; + }; +}; + +ð0 { + marvell,unit = <0>; +}; + +ð1 { + marvell,unit = <1>; +}; + +&uart0 { + status = "okay"; +}; + +&uart1 { + status = "okay"; +}; + +&pmx_uart1 { + marvell,pins = "mpp15", "mpp16"; + marvell,function = "uart1"; +}; + +&usb0 { + status = "okay"; +}; --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/scripts/dtc/include-prefixes/arm/fbxgw1r.dts 2023-02-27 20:05:23.232298512 +0100 @@ -0,0 +1,360 @@ +/dts-v1/; + +#include + +#include "kirkwood.dtsi" +#include "kirkwood-6281.dtsi" +#include "fbxgw.dtsi" + +/ { + model = "Freebox Gateway V1"; + compatible = "freebox,fbxgw1r", "arm-machtype,527"; + + chosen { + stdout-path = &uart1; + }; + + memory { + device_type = "memory"; + reg = <0x00000000 0x20000000>; /* 512 MB */ + }; + + reserved-memory { + #address-cells = <1>; + #size-cells = <1>; + ranges; + + ramoops@1fff8000 { + compatible = "ramoops"; + /* RAM top - 32k, just below bootloader page table */ + reg = <0x1fff8000 (16 * 1024)>; + record-size = <(16 * 1024)>; + ecc-size = <16>; + no-dump-oops; + }; + }; + + gpio_sr: gpio-sr@0 { + compatible = "freebox,fbxgw1r-gpio-sr"; + #gpio-cells = <2>; + gpio-controller; + ngpios = <8>; + + gpio-line-names = "sfp-pwren", /* 0 */ + "usb-rst", /* 1 */ + "audio-rst", /* 2 */ + "exp-pwren", /* 3 */ + "bcm-rst", /* 4 */ + "pcie-rst", /* 5 */ + "keypad-oled-rst", /* 6 */ + "oled-vcc"; /* 7 */ + + /* presumed bootloader state */ + sr,init-value = <((1 << 1) | (1 << 6) | (1 << 7))>; + sr,gpio-din = <&gpio0 12 0>; + sr,gpio-load = <&gpio0 17 0>; + sr,gpio-clk = <&gpio0 10 0>; + }; + + fbxgw1r_rst: fbxgw1r-rst@0 { + compatible = "freebox,fbxgw1r-rst"; + #reset-cells = <1>; + + usb-gpio = <&gpio_sr 1 GPIO_ACTIVE_LOW>; + audio-gpio = <&gpio_sr 2 GPIO_ACTIVE_LOW>; + keypad-oled-gpio = <&gpio_sr 6 GPIO_ACTIVE_LOW>; + }; + + fbxgpio@0 { + compatible = "fbx,fbxgpio"; + + /* claimed for userspace */ + pos-sense { + name = "pos-sense"; + gpio = <&gpio1 13 0>; + input; + }; + + board-id-0 { + name = "board-id-0"; + gpio = <&gpio1 11 0>; + input; + }; + + board-id-1 { + name = "board-id-1"; + gpio = <&gpio1 17 0>; + input; + }; + + test-mode { + name = "test-mode"; + gpio = <&gpio0 13 0>; + input; + }; + + sw-reset { + name = "sw-reset"; + gpio = <&gpio0 28 0>; + output-high; + no-claim; + }; + + sw-int { + name = "sw-int"; + gpio = <&gpio0 29 0>; + input; + }; + + sfp-txdis { + name = "sfp-txdis"; + gpio = <&gpio0 14 0>; + output-high; + }; + + sfp-pwrgood { + name = "sfp-pwrgood"; + gpio = <&gpio1 2 0>; + input; + }; + + sfp-txfault { + name = "sfp-txfault"; + gpio = <&gpio1 3 0>; + input; + }; + + sfp-presence { + name = "sfp-presence"; + gpio = <&gpio1 5 0>; + input; + }; + + sfp-rxloss { + name = "sfp-rxloss"; + gpio = <&gpio1 6 0>; + input; + }; + + sfp-pwren { + name = "sfp-pwren"; + gpio = <&gpio_sr 0 0>; + output-low; + }; + + exp-rst { + name = "exp-rst"; + gpio = <&gpio1 12 0>; + output-low; + }; + + exp-pwrgood { + name = "exp-pwrgood"; + gpio = <&gpio1 14 0>; + input; + }; + + exp-presence { + name = "exp-presence"; + gpio = <&gpio1 15 0>; + input; + }; + + exp-pwren { + name = "exp-pwren"; + gpio = <&gpio_sr 3 0>; + output-low; + }; + + bcm-rst { + name = "bcm-rst"; + gpio = <&gpio_sr 4 0>; + output-low; + }; + + + /* unclaimed, exported for debug only */ + oled-data-select { + name = "oled-data-select"; + gpio = <&gpio0 7 0>; + output-low; + no-claim; + }; + + kp-int { + name = "kp-int"; + gpio = <&gpio1 16 0>; + input; + no-claim; + }; + + usb-rst { + name = "usb-rst"; + gpio = <&gpio_sr 1 0>; + output-low; + no-claim; + }; + + audio-rst { + name = "audio-rst"; + gpio = <&gpio_sr 2 0>; + output-low; + no-claim; + }; + + pcie-rst { + name = "pcie-rst"; + gpio = <&gpio_sr 5 0>; + output-low; + no-claim; + }; + + keypad-oled-rst { + name = "keypad-oled-rst"; + gpio = <&gpio_sr 6 0>; + output-low; + no-claim; + }; + + oled-vcc { + name = "oled-vcc"; + gpio = <&gpio_sr 7 0>; + output-low; + no-claim; + }; + }; +}; + +&gpio0 { + gpio-line-names = "", + "", + "", + "", + "", + "", + "", + "oled-data-select", /* 7 */ + "", + "", + "sr-clk", /* 10 */ + "bcm-down", /* 11 */ + "sr-din", /* 12 */ + "test-mode", /* 13 */ + "sfp-txdis", /* 14 */ + "", + "", + "sr-load", /* 17 */ + "", + "", + "", + "", + "", + "", + "", + "", + "", + "", + "sw-reset", /* 28 */ + "sw-int", /* 29 */ + "", + ""; +}; + +&gpio1 { + gpio-line-names = "", + "", + "sfp-pwrgood", /* 2 */ + "sfp-txfault", /* 3 */ + "spi-cs-bcm", /* 4 */ + "sfp-presence", /* 5 */ + "sfp-rxloss", /* 6*/ + "", /* 7 */ + "", /* 8 */ + "", /* 9 */ + "", /* 10 */ + "board-id-0", /* 11 */ + "exp-rst", /* 12 */ + "pos-sense", /* 13 */ + "exp-pwrgood", /* 14 */ + "exp-presence", /* 15 */ + "kp-int", /* 16 */ + "board-id-1"; /* 17 */ +}; + +&usb0 { + resets = <&fbxgw1r_rst 0>, + <&fbxgw1r_rst 1>; +}; + +&mdio { + status = "okay"; + + mv6161: mv6161@0 { + compatible = "freebox,fbxgw-mv6161"; + reg = <0>; + gpio-reset = <&gpio0 28 0>; + }; +}; + +ð0 { + status = "okay"; +}; + +ð0port { + fbxserial-mac-address = <0>; + speed = <1000>; + duplex = <1>; +}; + +&i2c0 { + cap1066@28 { + resets = <&fbxgw1r_rst 2>; + irq-gpio = <&gpio1 16 0>; + }; +}; + +&tdm_spi0 { + pinctrl-0 = <&pmx_alt_tdm_spi>; + cs-gpios = <0>, <&gpio1 4 GPIO_ACTIVE_HIGH>; + + ssd1327@0 { + ssd1327,data-select-gpio = <&gpio0 7 GPIO_ACTIVE_HIGH>; + ssd1327,vcc-gpio = <&gpio_sr 7 GPIO_ACTIVE_HIGH>; + resets = <&fbxgw1r_rst 2>; + }; +}; + +&sata { + status = "okay"; + nr-ports = <2>; +}; + +&pciec { + status = "okay"; + reset-gpios = <&gpio_sr 5 GPIO_ACTIVE_LOW>; +}; + +&pcie0 { + status = "okay"; +}; + +&nand { + nand-ecc-mode = "soft"; + nand-ecc-algo = "hamming"; +}; + +ð1 { + status = "okay"; +}; + +ð1port { + fbxserial-mac-address = <0>; + speed = <1000>; + duplex = <1>; +}; + +&pmx_uart0 { + /* only mpp11 here (uart rx) as mpp10 is used as a gpio */ + marvell,pins = "mpp11"; + marvell,function = "uart0"; +}; --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/scripts/dtc/include-prefixes/arm/fbxgw2r.dts 2023-02-27 20:05:23.232298512 +0100 @@ -0,0 +1,351 @@ +/dts-v1/; + +#include + +#include "kirkwood.dtsi" +#include "kirkwood-6282.dtsi" +#include "fbxgw.dtsi" + +/ { + model = "Freebox Gateway V2"; + compatible = "freebox,fbxgw2r", "arm-machtype,4242"; + + chosen { + stdout-path = &uart1; + }; + + memory { + device_type = "memory"; + reg = <0x00000000 0x40000000>; /* 1024M */ + }; + + reserved-memory { + #address-cells = <1>; + #size-cells = <1>; + ranges; + + ramoops@3fff8000 { + compatible = "ramoops"; + /* RAM top - 32k, just below bootloader page table */ + reg = <0x3fff8000 (16 * 1024)>; + record-size = <(16 * 1024)>; + ecc-size = <16>; + no-dump-oops; + }; + }; + + fbxgw2r_rst: fbxgw2r-rst@0 { + compatible = "freebox,fbxgw2r-rst"; + #reset-cells = <1>; + + usb-gpio = <&gpio0 23 GPIO_ACTIVE_LOW>; + keypad-oled-gpio = <&gpio0 21 GPIO_ACTIVE_LOW>; + }; + + fbxgw2r-audio@0 { + compatible = "freebox,fbxgw2r-audio"; + }; + + ocp@f1000000 { + kirkwood-coretemp@10078 { + compatible = "marvell,kirkwood-coretemp"; + reg = <0x10078 0x4>; + status = "okay"; + }; + + thermal: thermal@10078 { + status = "disabled"; + }; + }; + + fbxgpio@0 { + compatible = "fbx,fbxgpio"; + + /* claimed for userspace */ + pos-sense { + name = "pos-sense"; + gpio = <&gpio1 13 0>; + input; + }; + + test-mode { + name = "test-mode"; + gpio = <&gpio0 13 0>; + input; + }; + + sw-reset { + name = "sw-reset"; + gpio = <&gpio0 28 0>; + output-high; + no-claim; + }; + + sw-int { + name = "sw-int"; + gpio = <&gpio0 29 0>; + input; + }; + + sfp-txdis { + name = "sfp-txdis"; + gpio = <&gpio0 12 0>; + output-high; + }; + + sfp-pwrgood { + name = "sfp-pwrgood"; + gpio = <&gpio1 0 0>; + input; + }; + + sfp-txfault { + name = "sfp-txfault"; + gpio = <&gpio1 3 0>; + input; + }; + + sfp-presence { + name = "sfp-presence"; + gpio = <&gpio0 31 0>; + input; + }; + + sfp-rxloss { + name = "sfp-rxloss"; + gpio = <&gpio1 6 0>; + input; + }; + + sfp-pwren { + name = "sfp-pwren"; + gpio = <&gpio1 17 0>; + output-low; + }; + + exp-rst { + name = "exp-rst"; + gpio = <&gpio1 12 0>; + output-low; + }; + + exp-pwrgood { + name = "exp-pwrgood"; + gpio = <&gpio1 14 0>; + input; + }; + + exp-presence { + name = "exp-presence"; + gpio = <&gpio1 15 0>; + input; + }; + + exp-pwren { + name = "exp-pwren"; + gpio = <&gpio0 22 0>; + output-low; + }; + + bcm-rst { + name = "bcm-rst"; + gpio = <&gpio0 30 0>; + output-low; + }; + + + /* unclaimed, exported for debug only */ + oled-data-select { + name = "oled-data-select"; + gpio = <&gpio0 7 0>; + output-low; + no-claim; + }; + + kp-int { + name = "kp-int"; + gpio = <&gpio1 16 0>; + input; + no-claim; + }; + + usb-rst { + name = "usb-rst"; + gpio = <&gpio0 23 0>; + output-low; + no-claim; + }; + + audio-rst { + name = "audio-rst"; + gpio = <&gpio1 1 0>; + output-low; + no-claim; + }; + + pcie-rst { + name = "pcie-rst"; + gpio = <&gpio0 17 0>; + output-low; + no-claim; + }; + + keypad-oled-rst { + name = "keypad-oled-rst"; + gpio = <&gpio0 21 0>; + output-low; + no-claim; + }; + + oled-vcc { + name = "oled-vcc"; + gpio = <&gpio0 20 0>; + output-low; + no-claim; + }; + }; +}; + +&gpio0 { + gpio-line-names = "", /* 0 */ + "", /* 1 */ + "", /* 2 */ + "", /* 3 */ + "", /* 4 */ + "", /* 5 */ + "", /* 6 */ + "oled-data-select", /* 7 */ + "", /* 8 */ + "", /* 9 */ + "", /* 10 */ + "", /* 11 */ + "sfp-txdis", /* 12 */ + "test-mode", /* 13 */ + "wlan-rst", /* 14 */ + "", /* 15 */ + "", /* 16 */ + "pcie-rst", /* 17 */ + "", /* 18 */ + "", /* 19 */ + "oled-vcc", /* 20 */ + "keypad-oled-rst", /* 21 */ + "exp-pwren", /* 22 */ + "usb-rst", /* 23 */ + "", /* 24 */ + "", /* 25 */ + "", /* 26 */ + "", /* 27 */ + "sw-reset", /* 28 */ + "sw-int", /* 29 */ + "bcm-rst", /* 30 */ + "sfp-presence"; /* 31 */ +}; + +&gpio1 { + gpio-line-names = "sfp-pwrgood", /* 0 */ + "audio-rst", /* 1 */ + "spi-cs-bcm", /* 2 */ + "sfp-txfault", /* 3 */ + "", /* 4 */ + "", /* 5 */ + "sfp-rxloss", /* 6*/ + "", /* 7 */ + "", /* 8 */ + "", /* 9 */ + "", /* 10 */ + "", /* 11 */ + "exp-rst", /* 12 */ + "pos-sense", /* 13 */ + "exp-pwrgood", /* 14 */ + "exp-presence", /* 15 */ + "kp-int", /* 16 */ + "sfp-pwren"; /* 17 */ +}; + +&usb0 { + status = "okay"; + resets = <&fbxgw2r_rst 0>; +}; + +&mdio { + status = "okay"; + + mv6176: mv6176@0 { + compatible = "freebox,fbxgw-mv6176"; + reg = <0>; + gpio-reset = <&gpio0 28 0>; + }; +}; + +ð0 { + status = "okay"; +}; + +ð0port { + fbxserial-mac-address = <0>; + speed = <1000>; + duplex = <1>; +}; + +&i2c0 { + cap1066@28 { + resets = <&fbxgw2r_rst 2>; + irq-gpio = <&gpio1 16 0>; + }; +}; + +&tdm_spi0 { + cs-gpios = <0>, <&gpio1 2 GPIO_ACTIVE_HIGH>; + + ssd1327@0 { + ssd1327,data-select-gpio = <&gpio0 7 GPIO_ACTIVE_HIGH>; + ssd1327,vcc-gpio = <&gpio0 20 GPIO_ACTIVE_HIGH>; + resets = <&fbxgw2r_rst 2>; + }; +}; + +&sata { + status = "okay"; + nr-ports = <2>; +}; + +&pciec { + status = "okay"; + reset-gpios = <&gpio0 17 GPIO_ACTIVE_LOW>, + <&gpio0 14 GPIO_ACTIVE_LOW>; +}; + +&pcie0 { + status = "okay"; +}; + +&nand { + nand-ecc-mode = "soft"; + nand-ecc-algo = "bch"; + /* this will make ecc_bytes == 7 */ + nand-ecc-strength = <4>; + nand-ecc-step-size = <512>; +}; + +&gpio1 { + marvell,broken-mpp33-dir = <1>; +}; + +&audio0 { + status = "okay"; +}; + +&i2c1 { + status = "okay"; + clock-frequency = <25000>; + + codec@4a { + compatible = "cirrus,cs42l52"; + reset-gpio = <&gpio1 1 GPIO_ACTIVE_LOW>; + reg = <0x4a>; + }; +}; + +&pcie1 { + status = "okay"; +}; --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/scripts/dtc/include-prefixes/arm/fbxgwr_exp_stb.dts 2023-02-27 20:56:44.638543009 +0100 @@ -0,0 +1,55 @@ +#include + +/dts-v1/; +/plugin/; + +/ { + compatible = "freebox,fbxgw1r", "freebox,fbxgw2r"; + + fragment@0 { + target = <&i2c0>; + __overlay__ { + #address-cells = <0x1>; + #size-cells = <0x0>; + + // IO expander + exp_gpio_extender: exp@41 { + compatible = "ti,pca9536"; + reg = <0x41>; + gpio-controller; + ngpios = <4>; + #gpio-cells = <2>; + gpio-line-names = "bank0-mode", /* 0 */ + "stb-rear-button-feedback", /* 1 */ + "test-mode", /* 2 */ + "stb-test-mode-feedback"; /* 3 */ + }; + }; + }; + + fragment@1 { + target-path="/"; + __overlay__ { + exp-fbxgpio { + compatible = "fbx,fbxgpio"; + exp-bank0-mode { + gpio = <&exp_gpio_extender 0 GPIO_ACTIVE_LOW>; + output-low; + }; + exp-stb-rear-button-feedback { + gpio = <&exp_gpio_extender 1 GPIO_ACTIVE_LOW>; + input; + }; + exp-test-mode { + gpio = <&exp_gpio_extender 2 GPIO_ACTIVE_HIGH>; + output-low; + }; + exp-stb-test-mode-feedback { + gpio = <&exp_gpio_extender 3 GPIO_ACTIVE_HIGH>; + input; + }; + }; + }; + }; + +}; --- /dev/null 2024-03-28 18:35:30.816070989 +0100 +++ linux-5.15.42-fbx/sound/soc/kirkwood/kirkwood-fbxgw2r.c 2023-02-27 19:53:48.001742410 +0100 @@ -0,0 +1,238 @@ +/* + * kirkwood-fbxgw2r.c + * + * Modified-from: kirkwood-rd88f6282a.c, which was before + * Modified-from: kirkwood-openrd.c + * Which is: + * (c) 2010 Arnaud Patard + * (c) 2010 Arnaud Patard + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + */ + +#include +#include +#include +#include +#include +#include +#include +#include "../codecs/cs42l52.h" + +#if 0 +static void dump_registers(struct snd_soc_component *component) +{ + int i; + + for (i = 0; i < 0x40; ++i) { + int val = snd_soc_component_read(component, i); + if (val < 0) + printk("%02x: \n", i); + else + printk("%02x: %02x\n", i, val); + } +} +#endif + +static int fbxgw2r_dai_init(struct snd_soc_pcm_runtime *rtd) +{ + struct snd_soc_component *component = + asoc_rtd_to_codec(rtd, 0)->component; + u8 reg; + +#if 0 + printk("Default register configuration:\n"); + dump_registers(component); +#endif + + /* + * make sure we correctly transition from speaker to headphone + * and vice&versa. + */ + snd_soc_component_write(component, 0x4, 0x05); + + /* + * select input4a/input4b for capture + */ + reg = snd_soc_component_read(component, 0x8); + reg &= ~(7 << 5); + reg |= (3 << 5); + snd_soc_component_write(component, 0x8, reg); + + reg = snd_soc_component_read(component, 0x9); + reg &= ~(7 << 5); + reg |= (3 << 5); + snd_soc_component_write(component, 0x9, reg); + + /* + * set headphone analog gain to 1.000 + */ + reg = snd_soc_component_read(component, 0x0d); + reg &= ~0xe0; + reg |= 0xc0; + snd_soc_component_write(component, 0x0d, reg); + + return 0; +} + +static int fbxgw2r_hw_params(struct snd_pcm_substream *substream, + struct snd_pcm_hw_params *params) +{ + struct snd_soc_pcm_runtime *rtd = substream->private_data; + struct snd_soc_dai *cpu_dai = asoc_rtd_to_cpu(rtd, 0); + struct snd_soc_dai *codec_dai = asoc_rtd_to_codec(rtd, 0); + int ret; + unsigned int fmt; + int freq = 0; + + fmt = SND_SOC_DAIFMT_I2S | SND_SOC_DAIFMT_CBS_CFS; + ret = snd_soc_dai_set_fmt(cpu_dai, fmt); + if (ret < 0) + return ret; + ret = snd_soc_dai_set_fmt(codec_dai, fmt); + if (ret < 0) + return ret; + + + switch (params_rate(params)) { + default: + case 44100: + freq = 11289600; + break; + case 96000: + case 48000: + freq = 12288000; + break; + } + + return snd_soc_dai_set_sysclk(codec_dai, 0, freq, SND_SOC_CLOCK_IN); +} + +static int fbxgw2r_startup(struct snd_pcm_substream *substream) +{ + struct snd_soc_pcm_runtime *rtd = substream->private_data; + struct snd_soc_component *component = + asoc_rtd_to_codec(rtd, 0)->component; + + if (substream->stream == SNDRV_PCM_STREAM_CAPTURE) { + u8 reg; + + /* + * power up ADC A & B + */ + reg = snd_soc_component_read(component, 0x2); + reg &= ~(3 << 1); + snd_soc_component_write(component, 0x2, reg); + + /* + * unmute ADC A mixer volume + */ + reg = snd_soc_component_read(component, 0x18); + reg &= ~(1 << 7); + snd_soc_component_write(component, 0x18, reg); + + /* + * unmute ADC B mixer volume + */ + reg = snd_soc_component_read(component, 0x19); + reg &= ~(1 << 7); + snd_soc_component_write(component, 0x19, reg); + } + +#if 0 + dump_registers(component); +#endif + return 0; +} + +static void fbxgw2r_shutdown(struct snd_pcm_substream *substream) +{ + struct snd_soc_pcm_runtime *rtd = substream->private_data; + struct snd_soc_component *component = + asoc_rtd_to_codec(rtd, 0)->component; + + if (substream->stream == SNDRV_PCM_STREAM_CAPTURE) { + u8 reg; + + /* + * power down ADC A & B + */ + reg = snd_soc_component_read(component, 0x2); + reg |= (3 << 1); + snd_soc_component_write(component, 0x2, reg); + + /* + * mute ADC A mixer volume + */ + reg = snd_soc_component_read(component, 0x18); + reg |= (1 << 7); + snd_soc_component_write(component, 0x18, reg); + + /* + * mute ADC B mixer volume + */ + reg = snd_soc_component_read(component, 0x19); + reg |= (1 << 7); + snd_soc_component_write(component, 0x19, reg); + } +} + +static struct snd_soc_ops fbxgw2r_ops = { + .hw_params = fbxgw2r_hw_params, + .startup = fbxgw2r_startup, + .shutdown = fbxgw2r_shutdown, +}; + +SND_SOC_DAILINK_DEFS(cpu_dsp, + DAILINK_COMP_ARRAY(COMP_CPU("i2s")), + DAILINK_COMP_ARRAY(COMP_CODEC("cs42l52.1-004a", "cs42l52")), + DAILINK_COMP_ARRAY(COMP_PLATFORM("mvebu-audio"))); + +static struct snd_soc_dai_link fbxgw2r_dai[] = { + { + .name = "CS42L52", + .stream_name = "CS42L52 HiFi", + .ops = &fbxgw2r_ops, + .init = fbxgw2r_dai_init, + SND_SOC_DAILINK_REG(cpu_dsp), + }, +}; + + +static struct snd_soc_card fbxgw2r = { + .name = "FBXGW2R", + .dai_link = fbxgw2r_dai, + .num_links = ARRAY_SIZE(fbxgw2r_dai), +}; + +static int fbxgw2r_probe(struct platform_device *pdev) +{ + struct snd_soc_card *card = &fbxgw2r; + card->dev = &pdev->dev; + return devm_snd_soc_register_card(card->dev, card); +} + +static const struct of_device_id fbxgw2r_audio_dt_ids[] = { + { .compatible = "freebox,fbxgw2r-audio" }, + { }, +}; +MODULE_DEVICE_TABLE(of, fbxgw2r_audio_dt_ids); + +struct platform_driver fbxgw2r_audio_driver = { + .driver = { + .name = "fbxgw2r-audio", + .of_match_table = of_match_ptr(fbxgw2r_audio_dt_ids), + .owner = THIS_MODULE, + }, + .probe = fbxgw2r_probe, +}; + +module_platform_driver(fbxgw2r_audio_driver); + +/* Module information */ +MODULE_DESCRIPTION("ALSA SoC FBXGW2R Client"); +MODULE_LICENSE("GPL"); +MODULE_ALIAS("platform:soc-audio");