From ecb4433550f0620f3d1471ae7099037ede30a91e Mon Sep 17 00:00:00 2001 From: Stanislaw Gruszka Date: Fri, 12 Aug 2011 14:00:59 +0200 Subject: [PATCH] mac80211: fix suspend/resume races with unregister hw Do not call ->suspend, ->resume methods after we unregister wiphy. Also delete sta_clanup timer after we finish wiphy unregister to avoid this: WARNING: at lib/debugobjects.c:262 debug_print_object+0x85/0xa0() Hardware name: 6369CTO ODEBUG: free active (active state 0) object type: timer_list hint: sta_info_cleanup+0x0/0x180 [mac80211] Modules linked in: aes_i586 aes_generic fuse bridge stp llc autofs4 sunrpc cpufreq_ondemand acpi_cpufreq mperf ext2 dm_mod uinput thinkpad_acpi hwmon sg arc4 rt2800usb rt2800lib crc_ccitt rt2x00usb rt2x00lib mac80211 cfg80211 i2c_i801 iTCO_wdt iTCO_vendor_support e1000e ext4 mbcache jbd2 sd_mod crc_t10dif sr_mod cdrom yenta_socket ahci libahci pata_acpi ata_generic ata_piix i915 drm_kms_helper drm i2c_algo_bit video [last unloaded: microcode] Pid: 5663, comm: pm-hibernate Not tainted 3.1.0-rc1-wl+ #19 Call Trace: [] warn_slowpath_common+0x6d/0xa0 [] ? debug_print_object+0x85/0xa0 [] ? debug_print_object+0x85/0xa0 [] warn_slowpath_fmt+0x2e/0x30 [] debug_print_object+0x85/0xa0 [] ? sta_info_alloc+0x1a0/0x1a0 [mac80211] [] debug_check_no_obj_freed+0xe2/0x180 [] kfree+0x8b/0x150 [] cfg80211_dev_free+0x7e/0x90 [cfg80211] [] wiphy_dev_release+0xd/0x10 [cfg80211] [] device_release+0x19/0x80 [] kobject_release+0x7a/0x1c0 [] ? rtnl_unlock+0x8/0x10 [] ? wiphy_resume+0x6b/0x80 [cfg80211] [] ? kobject_del+0x30/0x30 [] kref_put+0x2d/0x60 [] kobject_put+0x1d/0x50 [] ? mutex_lock+0x14/0x40 [] put_device+0xf/0x20 [] dpm_resume+0xca/0x160 [] hibernation_snapshot+0xcd/0x260 [] ? freeze_processes+0x3f/0x90 [] hibernate+0xcb/0x1e0 [] ? pm_async_store+0x40/0x40 [] state_store+0xa0/0xb0 [] ? pm_async_store+0x40/0x40 [] kobj_attr_store+0x20/0x30 [] sysfs_write_file+0x94/0xf0 [] vfs_write+0x9a/0x160 [] ? sysfs_open_file+0x200/0x200 [] sys_write+0x3d/0x70 [] sysenter_do_call+0x12/0x28 Cc: stable@kernel.org Signed-off-by: Stanislaw Gruszka Signed-off-by: John W. Linville --- include/net/cfg80211.h | 3 +++ net/mac80211/main.c | 2 +- net/wireless/core.c | 7 +++++++ net/wireless/sysfs.c | 6 ++++-- 4 files changed, 15 insertions(+), 3 deletions(-) diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h index d17f47fc9e3..408ae4882d2 100644 --- a/include/net/cfg80211.h +++ b/include/net/cfg80211.h @@ -1865,6 +1865,9 @@ struct wiphy { * you need use set_wiphy_dev() (see below) */ struct device dev; + /* protects ->resume, ->suspend sysfs callbacks against unregister hw */ + bool registered; + /* dir in debugfs: ieee80211/ */ struct dentry *debugfsdir; diff --git a/net/mac80211/main.c b/net/mac80211/main.c index 866f269183c..acb44230b25 100644 --- a/net/mac80211/main.c +++ b/net/mac80211/main.c @@ -1012,7 +1012,6 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw) cancel_work_sync(&local->reconfig_filter); ieee80211_clear_tx_pending(local); - sta_info_stop(local); rate_control_deinitialize(local); if (skb_queue_len(&local->skb_queue) || @@ -1024,6 +1023,7 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw) destroy_workqueue(local->workqueue); wiphy_unregister(local->hw.wiphy); + sta_info_stop(local); ieee80211_wep_free(local); ieee80211_led_exit(local); kfree(local->int_scan_req); diff --git a/net/wireless/core.c b/net/wireless/core.c index 645437cfc46..c14865172da 100644 --- a/net/wireless/core.c +++ b/net/wireless/core.c @@ -616,6 +616,9 @@ int wiphy_register(struct wiphy *wiphy) if (res) goto out_rm_dev; + rtnl_lock(); + rdev->wiphy.registered = true; + rtnl_unlock(); return 0; out_rm_dev: @@ -647,6 +650,10 @@ void wiphy_unregister(struct wiphy *wiphy) { struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); + rtnl_lock(); + rdev->wiphy.registered = false; + rtnl_unlock(); + rfkill_unregister(rdev->rfkill); /* protect the device list */ diff --git a/net/wireless/sysfs.c b/net/wireless/sysfs.c index c6e4ca6a7d2..ff574597a85 100644 --- a/net/wireless/sysfs.c +++ b/net/wireless/sysfs.c @@ -93,7 +93,8 @@ static int wiphy_suspend(struct device *dev, pm_message_t state) if (rdev->ops->suspend) { rtnl_lock(); - ret = rdev->ops->suspend(&rdev->wiphy, rdev->wowlan); + if (rdev->wiphy.registered) + ret = rdev->ops->suspend(&rdev->wiphy, rdev->wowlan); rtnl_unlock(); } @@ -112,7 +113,8 @@ static int wiphy_resume(struct device *dev) if (rdev->ops->resume) { rtnl_lock(); - ret = rdev->ops->resume(&rdev->wiphy); + if (rdev->wiphy.registered) + ret = rdev->ops->resume(&rdev->wiphy); rtnl_unlock(); } -- 2.20.1