From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pl1-f193.google.com ([209.85.214.193]:34879 "EHLO mail-pl1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728223AbeK2BmJ (ORCPT ); Wed, 28 Nov 2018 20:42:09 -0500 Received: by mail-pl1-f193.google.com with SMTP id p8so7190616plo.2 for ; Wed, 28 Nov 2018 06:40:16 -0800 (PST) From: Amit Pundir To: Greg KH Cc: Stable , Amitkumar Karwar , Kalle Valo Subject: [PATCH for-4.9.y 03/10] mwifiex: prevent register accesses after host is sleeping Date: Wed, 28 Nov 2018 20:09:57 +0530 Message-Id: <1543416004-1547-4-git-send-email-amit.pundir@linaro.org> In-Reply-To: <1543416004-1547-1-git-send-email-amit.pundir@linaro.org> References: <1543416004-1547-1-git-send-email-amit.pundir@linaro.org> Sender: stable-owner@vger.kernel.org List-ID: From: Amitkumar Karwar commit ec815dd2a5f110f627d7955e0027a3a008f68166 upstream. Following is mwifiex driver-firmware host sleep handshake. It involves three threads. suspend handler, interrupt handler, interrupt processing in main work queue. 1) Enter suspend handler 2) Download HS_CFG command 3) Response from firmware for HS_CFG 4) Suspend thread waits until handshake completes(i.e hs_activate becomes true) 5) SLEEP from firmware 6) SLEEP confirm downloaded to firmware. 7) SLEEP confirm response from firmware 8) Driver processes SLEEP confirm response and set hs_activate to wake up suspend thread 9) Exit suspend handler 10) Read sleep cookie in loop and wait until it indicates firmware is sleep. 11) After processing SLEEP confirm response, we are at the end of interrupt processing routine. Recheck if there are interrupts received while we were processing them. During suspend-resume stress test, it's been observed that we may end up acessing PCIe hardware(in 10 and 11) when PCIe bus is closed which leads to a kernel crash. This patch solves the problem with below changes. a) action 10 above can be done before 8 b) Skip 11 if hs_activated is true. SLEEP confirm response is the last interrupt from firmware. No need to recheck for pending interrupts. c) Add flush_workqueue() in suspend handler. Signed-off-by: Amitkumar Karwar Reviewed-by: Brian Norris Tested-by: Brian Norris Signed-off-by: Kalle Valo Signed-off-by: Amit Pundir --- drivers/net/wireless/marvell/mwifiex/pcie.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/drivers/net/wireless/marvell/mwifiex/pcie.c b/drivers/net/wireless/marvell/mwifiex/pcie.c index 1fdb86cd4734..8b70c909ecbb 100644 --- a/drivers/net/wireless/marvell/mwifiex/pcie.c +++ b/drivers/net/wireless/marvell/mwifiex/pcie.c @@ -118,6 +118,7 @@ static int mwifiex_pcie_suspend(struct device *dev) adapter = card->adapter; hs_actived = mwifiex_enable_hs(adapter); + flush_workqueue(adapter->workqueue); /* Indicate device suspended */ adapter->is_suspended = true; @@ -1676,9 +1677,6 @@ static int mwifiex_pcie_process_cmd_complete(struct mwifiex_adapter *adapter) if (!adapter->curr_cmd) { if (adapter->ps_state == PS_STATE_SLEEP_CFM) { - mwifiex_process_sleep_confirm_resp(adapter, skb->data, - skb->len); - mwifiex_pcie_enable_host_int(adapter); if (mwifiex_write_reg(adapter, PCIE_CPU_INT_EVENT, CPU_INTR_SLEEP_CFM_DONE)) { @@ -1691,6 +1689,9 @@ static int mwifiex_pcie_process_cmd_complete(struct mwifiex_adapter *adapter) while (reg->sleep_cookie && (count++ < 10) && mwifiex_pcie_ok_to_access_hw(adapter)) usleep_range(50, 60); + mwifiex_pcie_enable_host_int(adapter); + mwifiex_process_sleep_confirm_resp(adapter, skb->data, + skb->len); } else { mwifiex_dbg(adapter, ERROR, "There is no command but got cmdrsp\n"); @@ -2329,6 +2330,8 @@ static int mwifiex_process_pcie_int(struct mwifiex_adapter *adapter) ret = mwifiex_pcie_process_cmd_complete(adapter); if (ret) return ret; + if (adapter->hs_activated) + return ret; } if (card->msi_enable) { -- 2.7.4