From de6878c8354d1524940055fe1b802c799f4fc318 Mon Sep 17 00:00:00 2001 From: Hante Meuleman Date: Fri, 6 Mar 2015 18:40:38 +0100 Subject: [PATCH] brcmfmac: Fix oops when SDIO device is removed. On removal of SDIO card both functions of card will be getting a remove call. When the first is hanging in ctrl frame xmit then the second will cause oops. This patch fixes the xmit ctrl handling in case of serious errors and also limits the handling for remove to function 1 only. Reviewed-by: Arend Van Spriel Reviewed-by: Franky (Zhenhui) Lin Reviewed-by: Pieter-Paul Giesberts Reviewed-by: Daniel (Deognyoun) Kim Signed-off-by: Hante Meuleman Signed-off-by: Arend van Spriel Signed-off-by: Kalle Valo --- drivers/net/wireless/brcm80211/brcmfmac/bcmsdh.c | 2 +- drivers/net/wireless/brcm80211/brcmfmac/sdio.c | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/drivers/net/wireless/brcm80211/brcmfmac/bcmsdh.c b/drivers/net/wireless/brcm80211/brcmfmac/bcmsdh.c index c438ccdb6ed8..ffb0e2d382ea 100644 --- a/drivers/net/wireless/brcm80211/brcmfmac/bcmsdh.c +++ b/drivers/net/wireless/brcm80211/brcmfmac/bcmsdh.c @@ -1194,7 +1194,7 @@ static void brcmf_ops_sdio_remove(struct sdio_func *func) brcmf_dbg(SDIO, "sdio device ID: 0x%04x\n", func->device); brcmf_dbg(SDIO, "Function: %d\n", func->num); - if (func->num != 1 && func->num != 2) + if (func->num != 1) return; bus_if = dev_get_drvdata(&func->dev); diff --git a/drivers/net/wireless/brcm80211/brcmfmac/sdio.c b/drivers/net/wireless/brcm80211/brcmfmac/sdio.c index 257ee70feb5b..c54ba4f8b489 100644 --- a/drivers/net/wireless/brcm80211/brcmfmac/sdio.c +++ b/drivers/net/wireless/brcm80211/brcmfmac/sdio.c @@ -2740,6 +2740,11 @@ static void brcmf_sdio_dpc(struct brcmf_sdio *bus) if ((bus->sdiodev->state != BRCMF_SDIOD_DATA) || (err != 0)) { brcmf_err("failed backplane access over SDIO, halting operation\n"); atomic_set(&bus->intstatus, 0); + if (bus->ctrl_frame_stat) { + bus->ctrl_frame_err = -ENODEV; + bus->ctrl_frame_stat = false; + brcmf_sdio_wait_event_wakeup(bus); + } } else if (atomic_read(&bus->intstatus) || atomic_read(&bus->ipend) > 0 || (!atomic_read(&bus->fcstate) && -- 2.20.1