From 28ce01fc8cd23ea4112fa6b8432234967621fad7 Mon Sep 17 00:00:00 2001
From: Josh Boyer <jwboyer@redhat.com>
Date: Tue, 12 Mar 2013 12:57:55 -0400
Subject: [PATCH] Add patch to fix ieee80211_do_stop (rhbz 892599)

---
 kernel.spec                                   |   7 +-
 ...ieee80211_do_stop_while_suspend_v3.9.patch | 109 ++++++++++++++++++
 2 files changed, 114 insertions(+), 2 deletions(-)
 create mode 100644 mac80211_fixes_for_ieee80211_do_stop_while_suspend_v3.9.patch

diff --git a/kernel.spec b/kernel.spec
index 6bd9e9768..c4262f9c8 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -748,8 +748,9 @@ Patch21270: signal-always-clear-sa_restorer-on-execve.patch
 #CVE-2013-0913 rhbz 920471 920529
 Patch21271: drm-i915-bounds-check-execbuffer-relocation-count.patch
 
-#rhbz 856863
+#rhbz 856863 892599
 Patch21273: cfg80211-mac80211-disconnect-on-suspend.patch
+Patch21274: mac80211_fixes_for_ieee80211_do_stop_while_suspend_v3.9.patch
 
 Patch22000: weird-root-dentry-name-debug.patch
 
@@ -1457,8 +1458,9 @@ ApplyPatch signal-always-clear-sa_restorer-on-execve.patch
 #CVE-2013-0913 rhbz 920471 920529
 ApplyPatch drm-i915-bounds-check-execbuffer-relocation-count.patch
 
-#rhbz 856863
+#rhbz 856863 892599
 ApplyPatch cfg80211-mac80211-disconnect-on-suspend.patch
+ApplyPatch mac80211_fixes_for_ieee80211_do_stop_while_suspend_v3.9.patch
 
 # END OF PATCH APPLICATIONS
 
@@ -2302,6 +2304,7 @@ fi
 #                 ||     ||
 %changelog
 * Tue Mar 12 2013 Josh Boyer <jwboyer@redhat.com>
+- Add patch to fix ieee80211_do_stop (rhbz 892599)
 - Add patches to fix cfg80211 issues with suspend (rhbz 856863)
 - CVE-2013-0913 drm/i915: head writing overflow (rhbz 920471 920529)
 - CVE-2013-0914 sa_restorer information leak (rhbz 920499 920510)
diff --git a/mac80211_fixes_for_ieee80211_do_stop_while_suspend_v3.9.patch b/mac80211_fixes_for_ieee80211_do_stop_while_suspend_v3.9.patch
new file mode 100644
index 000000000..2f0cb5338
--- /dev/null
+++ b/mac80211_fixes_for_ieee80211_do_stop_while_suspend_v3.9.patch
@@ -0,0 +1,109 @@
+commit 801d929ca7d935ee199fd61d8ef914f51e892270
+Author: Felix Fietkau <nbd@openwrt.org>
+Date:   Sat Mar 2 19:05:47 2013 +0100
+
+    mac80211: another fix for idle handling in monitor mode
+    
+    When setting a monitor interface up or down, the idle state needs to be
+    recalculated, otherwise the hardware will just stay in its previous idle
+    state.
+    
+    Signed-off-by: Felix Fietkau <nbd@openwrt.org>
+    Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+
+diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
+index 640afab..baaa860 100644
+--- a/net/mac80211/iface.c
++++ b/net/mac80211/iface.c
+@@ -541,6 +541,9 @@ int ieee80211_do_open(struct wireless_dev *wdev, bool coming_up)
+ 
+ 		ieee80211_adjust_monitor_flags(sdata, 1);
+ 		ieee80211_configure_filter(local);
++		mutex_lock(&local->mtx);
++		ieee80211_recalc_idle(local);
++		mutex_unlock(&local->mtx);
+ 
+ 		netif_carrier_on(dev);
+ 		break;
+@@ -812,6 +815,9 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata,
+ 
+ 		ieee80211_adjust_monitor_flags(sdata, -1);
+ 		ieee80211_configure_filter(local);
++		mutex_lock(&local->mtx);
++		ieee80211_recalc_idle(local);
++		mutex_unlock(&local->mtx);
+ 		break;
+ 	case NL80211_IFTYPE_P2P_DEVICE:
+ 		/* relies on synchronize_rcu() below */
+diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
+index baaa860..937174b 100644
+--- a/net/mac80211/iface.c
++++ b/net/mac80211/iface.c
+@@ -748,8 +748,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata,
+ 				 sdata->dev->addr_len);
+ 		spin_unlock_bh(&local->filter_lock);
+ 		netif_addr_unlock_bh(sdata->dev);
+-
+-		ieee80211_configure_filter(local);
++		/* configure filter latter (if not suspended) */
+ 	}
+ 
+ 	del_timer_sync(&local->dynamic_ps_timer);
+@@ -814,10 +813,7 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata,
+ 		}
+ 
+ 		ieee80211_adjust_monitor_flags(sdata, -1);
+-		ieee80211_configure_filter(local);
+-		mutex_lock(&local->mtx);
+-		ieee80211_recalc_idle(local);
+-		mutex_unlock(&local->mtx);
++		/* tell driver latter (if not suspended) */
+ 		break;
+ 	case NL80211_IFTYPE_P2P_DEVICE:
+ 		/* relies on synchronize_rcu() below */
+@@ -848,28 +844,30 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata,
+ 
+ 		drv_remove_interface_debugfs(local, sdata);
+ 
+-		if (going_down)
++		if (going_down && !local->suspended)
+ 			drv_remove_interface(local, sdata);
+ 	}
+ 
+ 	sdata->bss = NULL;
+ 
+-	ieee80211_recalc_ps(local, -1);
+-
+-	if (local->open_count == 0) {
+-		if (local->ops->napi_poll)
+-			napi_disable(&local->napi);
+-		ieee80211_clear_tx_pending(local);
+-		ieee80211_stop_device(local);
+-
+-		/* no reconfiguring after stop! */
+-		hw_reconf_flags = 0;
++	if (!local->suspended) {
++		if (local->open_count == 0) {
++			if (local->ops->napi_poll)
++				napi_disable(&local->napi);
++			ieee80211_clear_tx_pending(local);
++			ieee80211_stop_device(local);
++		} else {
++			ieee80211_configure_filter(local);
++			ieee80211_recalc_ps(local, -1);
++ 
++			mutex_lock(&local->mtx);
++			ieee80211_recalc_idle(local);
++			mutex_unlock(&local->mtx);
++
++			if (hw_reconf_flags)
++				ieee80211_hw_config(local, hw_reconf_flags);
+ 	}
+ 
+-	/* do after stop to avoid reconfiguring when we stop anyway */
+-	if (hw_reconf_flags)
+-		ieee80211_hw_config(local, hw_reconf_flags);
+-
+ 	spin_lock_irqsave(&local->queue_stop_reason_lock, flags);
+ 	for (i = 0; i < IEEE80211_MAX_QUEUES; i++) {
+ 		skb_queue_walk_safe(&local->pending[i], skb, tmp) {