iwlwifi: fix possible recursive locking deadlock
authorJohannes Berg <johannes.berg@intel.com>
Fri, 30 Jul 2010 11:30:46 +0000 (13:30 +0200)
committerJohn W. Linville <linville@tuxdriver.com>
Wed, 4 Aug 2010 19:27:36 +0000 (15:27 -0400)
commit f84b29ec0a1ab767679d3f2428877b65f94bc3ff
Author: Johannes Berg <johannes.berg@intel.com>
Date:   Tue May 18 02:29:13 2010 -0700

    iwlwifi: queue user-initiated scan when doing internal scan

introduced a potential deadlock because it calls
ieee80211_scan_completed() with the priv->mutex
held, but mac80211 may call back into iwlwifi
which would lead to recursive locking. Move this
out from under the mutex.

Cc: stable@kernel.org
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
drivers/net/wireless/iwlwifi/iwl-core.c

index 8024d44ce4bb592551e72aaca266614b97d595ab..8ccb6d205b6d6219c5e23c38806113f8514ef3ac 100644 (file)
@@ -2000,6 +2000,7 @@ void iwl_mac_remove_interface(struct ieee80211_hw *hw,
                              struct ieee80211_vif *vif)
 {
        struct iwl_priv *priv = hw->priv;
+       bool scan_completed = false;
 
        IWL_DEBUG_MAC80211(priv, "enter\n");
 
@@ -2013,7 +2014,7 @@ void iwl_mac_remove_interface(struct ieee80211_hw *hw,
        if (priv->vif == vif) {
                priv->vif = NULL;
                if (priv->scan_vif == vif) {
-                       ieee80211_scan_completed(priv->hw, true);
+                       scan_completed = true;
                        priv->scan_vif = NULL;
                        priv->scan_request = NULL;
                }
@@ -2021,6 +2022,9 @@ void iwl_mac_remove_interface(struct ieee80211_hw *hw,
        }
        mutex_unlock(&priv->mutex);
 
+       if (scan_completed)
+               ieee80211_scan_completed(priv->hw, true);
+
        IWL_DEBUG_MAC80211(priv, "leave\n");
 
 }