1 From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= <zajec5@gmail.com>
2 Date: Fri, 17 Jun 2016 12:29:21 +0200
3 Subject: [PATCH] brcmfmac: fix lockup when removing P2P interface after event
6 Content-Type: text/plain; charset=UTF-8
7 Content-Transfer-Encoding: 8bit
9 Removing P2P interface is handled by sending a proper request to the
10 firmware. On success firmware triggers an event and driver's handler
11 removes a matching interface.
13 However on event timeout we remove interface directly from the cfg80211
14 callback. Current code doesn't handle this case correctly as it always
15 assumes rtnl to be unlocked.
17 Fix it by adding an extra rtnl_locked parameter to functions and calling
18 unregister_netdevice when needed.
20 Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
21 Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
24 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
25 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
26 @@ -548,12 +548,16 @@ fail:
30 -static void brcmf_net_detach(struct net_device *ndev)
31 +static void brcmf_net_detach(struct net_device *ndev, bool rtnl_locked)
33 - if (ndev->reg_state == NETREG_REGISTERED)
34 - unregister_netdev(ndev);
36 + if (ndev->reg_state == NETREG_REGISTERED) {
38 + unregister_netdevice(ndev);
40 + unregister_netdev(ndev);
42 brcmf_cfg80211_free_netdev(ndev);
46 void brcmf_net_setcarrier(struct brcmf_if *ifp, bool on)
47 @@ -651,7 +655,7 @@ struct brcmf_if *brcmf_add_if(struct brc
48 brcmf_err("ERROR: netdev:%s already exists\n",
50 netif_stop_queue(ifp->ndev);
51 - brcmf_net_detach(ifp->ndev);
52 + brcmf_net_detach(ifp->ndev, false);
53 drvr->iflist[bsscfgidx] = NULL;
55 brcmf_dbg(INFO, "netdev:%s ignore IF event\n",
56 @@ -699,7 +703,8 @@ struct brcmf_if *brcmf_add_if(struct brc
60 -static void brcmf_del_if(struct brcmf_pub *drvr, s32 bsscfgidx)
61 +static void brcmf_del_if(struct brcmf_pub *drvr, s32 bsscfgidx,
66 @@ -729,7 +734,7 @@ static void brcmf_del_if(struct brcmf_pu
67 cancel_work_sync(&ifp->multicast_work);
68 cancel_work_sync(&ifp->ndoffload_work);
70 - brcmf_net_detach(ifp->ndev);
71 + brcmf_net_detach(ifp->ndev, rtnl_locked);
73 /* Only p2p device interfaces which get dynamically created
74 * end up here. In this case the p2p module should be informed
75 @@ -743,14 +748,14 @@ static void brcmf_del_if(struct brcmf_pu
79 -void brcmf_remove_interface(struct brcmf_if *ifp)
80 +void brcmf_remove_interface(struct brcmf_if *ifp, bool rtnl_locked)
82 if (!ifp || WARN_ON(ifp->drvr->iflist[ifp->bsscfgidx] != ifp))
84 brcmf_dbg(TRACE, "Enter, bsscfgidx=%d, ifidx=%d\n", ifp->bsscfgidx,
86 brcmf_fws_del_interface(ifp);
87 - brcmf_del_if(ifp->drvr, ifp->bsscfgidx);
88 + brcmf_del_if(ifp->drvr, ifp->bsscfgidx, rtnl_locked);
92 @@ -1057,9 +1062,9 @@ fail:
93 brcmf_fws_deinit(drvr);
96 - brcmf_net_detach(ifp->ndev);
97 + brcmf_net_detach(ifp->ndev, false);
99 - brcmf_net_detach(p2p_ifp->ndev);
100 + brcmf_net_detach(p2p_ifp->ndev, false);
101 drvr->iflist[0] = NULL;
102 drvr->iflist[1] = NULL;
103 if (drvr->settings->ignore_probe_fail)
104 @@ -1128,7 +1133,7 @@ void brcmf_detach(struct device *dev)
106 /* make sure primary interface removed last */
107 for (i = BRCMF_MAX_IFS-1; i > -1; i--)
108 - brcmf_remove_interface(drvr->iflist[i]);
109 + brcmf_remove_interface(drvr->iflist[i], false);
111 brcmf_cfg80211_detach(drvr->config);
113 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.h
114 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.h
115 @@ -216,7 +216,7 @@ struct brcmf_if *brcmf_get_ifp(struct br
116 int brcmf_net_attach(struct brcmf_if *ifp, bool rtnl_locked);
117 struct brcmf_if *brcmf_add_if(struct brcmf_pub *drvr, s32 bsscfgidx, s32 ifidx,
118 bool is_p2pdev, char *name, u8 *mac_addr);
119 -void brcmf_remove_interface(struct brcmf_if *ifp);
120 +void brcmf_remove_interface(struct brcmf_if *ifp, bool rtnl_locked);
121 void brcmf_txflowblock_if(struct brcmf_if *ifp,
122 enum brcmf_netif_stop_reason reason, bool state);
123 void brcmf_txfinalize(struct brcmf_if *ifp, struct sk_buff *txp, bool success);
124 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c
125 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c
126 @@ -183,7 +183,7 @@ static void brcmf_fweh_handle_if_event(s
127 err = brcmf_fweh_call_event_handler(ifp, emsg->event_code, emsg, data);
129 if (ifp && ifevent->action == BRCMF_E_IF_DEL)
130 - brcmf_remove_interface(ifp);
131 + brcmf_remove_interface(ifp, false);
135 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c
136 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c
137 @@ -2289,7 +2289,7 @@ int brcmf_p2p_del_vif(struct wiphy *wiph
141 - brcmf_remove_interface(vif->ifp);
142 + brcmf_remove_interface(vif->ifp, true);
144 brcmf_cfg80211_arm_vif_event(cfg, NULL);
145 if (vif->wdev.iftype != NL80211_IFTYPE_P2P_DEVICE)
146 @@ -2395,7 +2395,7 @@ void brcmf_p2p_detach(struct brcmf_p2p_i
148 brcmf_p2p_cancel_remain_on_channel(vif->ifp);
149 brcmf_p2p_deinit_discovery(p2p);
150 - brcmf_remove_interface(vif->ifp);
151 + brcmf_remove_interface(vif->ifp, false);
153 /* just set it all to zero */
154 memset(p2p, 0, sizeof(*p2p));
projects / openwrt.git / blob