korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-12-28 13:34:38 +08:00
Code Issues Packages Projects Releases Wiki Activity
ebaa4b1620
linux/drivers/net/wireless/ath
History
Vasanthakumar Thiagarajan ebaa4b1620 ath10k: fix kernel panic due to race in accessing arvif list 
arvifs list is traversed within data_lock spin_lock in tasklet
context to fill channel information from the corresponding vif.
This means any access to arvifs list for add/del operations
should also be protected with the same spin_lock to avoid the
race. Fix this by performing list add/del on arvfis within the
data_lock. This could fix kernel panic something like the below.

 LR is at ath10k_htt_rx_pktlog_completion_handler+0x100/0xb6c [ath10k_core]
 PC is at ath10k_htt_rx_pktlog_completion_handler+0x1c0/0xb6c [ath10k_core]
 Internal error: Oops: 17 [#1] PREEMPT SMP ARM
 [<bf4857f4>] (ath10k_htt_rx_pktlog_completion_handler+0x2f4/0xb6c [ath10k_core])
 [<bf487540>] (ath10k_htt_txrx_compl_task+0x8b4/0x1188 [ath10k_core])
 [<c00312d4>] (tasklet_action+0x8c/0xec)
 [<c00309a8>] (__do_softirq+0xdc/0x208)
 [<c0030d6c>] (irq_exit+0x84/0xe0)
 [<c005db04>] (__handle_domain_irq+0x80/0xa0)
 [<c00085c4>] (gic_handle_irq+0x38/0x5c)
 [<c0009640>] (__irq_svc+0x40/0x74)

(gdb) list *(ath10k_htt_rx_pktlog_completion_handler+0x1c0)
0x136c0 is in ath10k_htt_rx_h_channel (drivers/net/wireless/ath/ath10k/htt_rx.c:769)
764		struct cfg80211_chan_def def;
765
766		lockdep_assert_held(&ar->data_lock);
767
768		list_for_each_entry(arvif, &ar->arvifs, list) {
769			if (arvif->vdev_id == vdev_id &&
770			    ath10k_mac_vif_chan(arvif->vif, &def) == 0)
771				return def.chan;
772		}
773

Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
2016-10-13 17:21:20 +03:00
..
ar5523 net: wireless: ath: ar5523: ar5523: don't print error when allocating urb fails 2016-08-13 14:53:40 -07:00
ath5k ath5k: fix EEPROM dumping via debugfs 2016-09-03 13:02:24 +03:00
ath6kl ath6kl: configure SDIO when power is reapplied 2016-10-06 10:14:45 +03:00
ath9k ath9k: disable RNG by default 2016-09-28 12:59:49 +03:00
ath10k ath10k: fix kernel panic due to race in accessing arvif list 2016-10-13 17:21:20 +03:00
carl9170 carl9170: Fix wrong completion usage 2016-09-09 15:15:28 +03:00
wcn36xx wcn36xx: Silence error about unsupported smd event 188 2016-07-08 17:04:40 +03:00
wil6210 wil6210: extract firmware version from file header 2016-08-31 10:31:16 +03:00
ath.h cfg80211: remove enum ieee80211_band 2016-04-12 15:56:15 +02:00
debug.c ath: Make ath_opmode_to_string understand OCB mode 2015-08-10 22:21:15 +03:00
dfs_pattern_detector.c ath: constify local structures 2016-09-14 20:01:39 +03:00
dfs_pattern_detector.h ath: use PRI value given by spec for fixed PRI 2015-09-27 15:50:30 +03:00
dfs_pri_detector.c ath: use PRI value given by spec for fixed PRI 2015-09-27 15:50:30 +03:00
dfs_pri_detector.h
hw.c
Kconfig ath: unify Kconfig with other vendors 2015-11-18 14:28:31 +02:00
key.c
main.c
Makefile
reg.h
regd_common.h
regd.c ath: export alpha2 helper 2016-10-04 18:01:48 +03:00
regd.h ath: export alpha2 helper 2016-10-04 18:01:48 +03:00
spectral_common.h
trace.c
trace.h