iwlegacy: do not nulify il->vif on reset
authorStanislaw Gruszka <sgruszka@redhat.com>
Tue, 13 Mar 2012 15:11:27 +0000 (16:11 +0100)
committerJohn W. Linville <linville@tuxdriver.com>
Mon, 26 Mar 2012 19:07:22 +0000 (15:07 -0400)
This il->vif is dereferenced in different part of iwlegacy code, so do
not nullify it. This should fix random crashes observed in companion
with microcode errors i.e. crash in il3945_config_ap().

Additionally this should address also
WARNING: at drivers/net/wireless/iwlegacy/common.c:4656 il_mac_remove_interface
at least one of the possible reasons of that warning.

Cc: stable@vger.kernel.org
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
drivers/net/wireless/iwlegacy/3945-mac.c
drivers/net/wireless/iwlegacy/4965-mac.c
drivers/net/wireless/iwlegacy/common.c

index 0c1209390169d1f81a0bacdfe452b8008ecbee2a..faec404672081d5f72d03da9f44abac0de3c27d1 100644 (file)
@@ -2673,8 +2673,6 @@ il3945_bg_restart(struct work_struct *data)
 
        if (test_and_clear_bit(S_FW_ERROR, &il->status)) {
                mutex_lock(&il->mutex);
-               /* FIXME: vif can be dereferenced */
-               il->vif = NULL;
                il->is_open = 0;
                mutex_unlock(&il->mutex);
                il3945_down(il);
index 7b54dbb338be6127bec123f8414cd3231eaabb00..b88bb2734197575c72ee2846e58872205ad2e6ee 100644 (file)
@@ -5651,8 +5651,6 @@ il4965_bg_restart(struct work_struct *data)
 
        if (test_and_clear_bit(S_FW_ERROR, &il->status)) {
                mutex_lock(&il->mutex);
-               /* FIXME: do we dereference vif without mutex locked ? */
-               il->vif = NULL;
                il->is_open = 0;
 
                __il4965_down(il);
index e5ac04739bcc5f998487c7e29845ce0a757727fa..6a692a534ffcdc42711e7e9c3c98196a7c4b8d65 100644 (file)
@@ -4508,6 +4508,7 @@ il_mac_add_interface(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
 {
        struct il_priv *il = hw->priv;
        int err;
+       bool reset;
 
        mutex_lock(&il->mutex);
        D_MAC80211("enter: type %d, addr %pM\n", vif->type, vif->addr);
@@ -4518,7 +4519,12 @@ il_mac_add_interface(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
                goto out;
        }
 
-       if (il->vif) {
+       /*
+        * We do not support multiple virtual interfaces, but on hardware reset
+        * we have to add the same interface again.
+        */
+       reset = (il->vif == vif);
+       if (il->vif && !reset) {
                err = -EOPNOTSUPP;
                goto out;
        }
@@ -4528,8 +4534,11 @@ il_mac_add_interface(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
 
        err = il_set_mode(il);
        if (err) {
-               il->vif = NULL;
-               il->iw_mode = NL80211_IFTYPE_STATION;
+               IL_WARN("Fail to set mode %d\n", vif->type);
+               if (!reset) {
+                       il->vif = NULL;
+                       il->iw_mode = NL80211_IFTYPE_STATION;
+               }
        }
 
 out: