linux-wireless.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
To: johannes@sipsolutions.net
Cc: linux-wireless@vger.kernel.org, Eliad Peller <eliad@wizery.com>,
	Eliad Peller <eliadx.peller@intel.com>,
	Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Subject: [PATCH 04/10] mac80211: call drv_stop only if driver is started
Date: Sun, 25 Oct 2015 10:59:36 +0200	[thread overview]
Message-ID: <1445763582-11421-4-git-send-email-emmanuel.grumbach@intel.com> (raw)
In-Reply-To: <1445763582-11421-1-git-send-email-emmanuel.grumbach@intel.com>

From: Eliad Peller <eliad@wizery.com>

If drv_start() fails during hw_restart, all the running
interfaces are being closed/stopped, which results in
drv_stop() being called, although the driver was never
started successfully.

This might cause drivers to perform operations on uninitialized
memory (as they assume it was initialized on drv_start)

Consider the local->started flag, and call the driver's stop()
op only if drv_start() succeeded before.

Move drv_start() and drv_stop() to driver-ops.c, as they are no
longer simple wrappers.

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
---
 net/mac80211/driver-ops.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
 net/mac80211/driver-ops.h | 32 ++------------------------------
 net/mac80211/util.c       |  3 ++-
 3 files changed, 48 insertions(+), 31 deletions(-)

diff --git a/net/mac80211/driver-ops.c b/net/mac80211/driver-ops.c
index a1d5431..9f97343 100644
--- a/net/mac80211/driver-ops.c
+++ b/net/mac80211/driver-ops.c
@@ -1,4 +1,6 @@
 /*
+ * Copyright 2015 Intel Deutschland GmbH
+ *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 as
  * published by the Free Software Foundation.
@@ -8,6 +10,48 @@
 #include "trace.h"
 #include "driver-ops.h"
 
+int drv_start(struct ieee80211_local *local)
+{
+	int ret;
+
+	might_sleep();
+
+	if (WARN_ON(local->started))
+		return -EALREADY;
+
+	trace_drv_start(local);
+	local->started = true;
+	/* allow rx frames */
+	smp_mb();
+	ret = local->ops->start(&local->hw);
+	trace_drv_return_int(local, ret);
+
+	if (ret)
+		local->started = false;
+
+	return ret;
+}
+
+void drv_stop(struct ieee80211_local *local)
+{
+	might_sleep();
+
+	if (WARN_ON(!local->started))
+		return;
+
+	trace_drv_stop(local);
+	local->ops->stop(&local->hw);
+	trace_drv_return_void(local);
+
+	/* sync away all work on the tasklet before clearing started */
+	tasklet_disable(&local->tasklet);
+	tasklet_enable(&local->tasklet);
+
+	barrier();
+
+	local->started = false;
+}
+
 int drv_add_interface(struct ieee80211_local *local,
 		      struct ieee80211_sub_if_data *sdata)
 {
diff --git a/net/mac80211/driver-ops.h b/net/mac80211/driver-ops.h
index 3098709..f82cfab 100644
--- a/net/mac80211/driver-ops.h
+++ b/net/mac80211/driver-ops.h
@@ -66,36 +66,8 @@ static inline int drv_get_et_sset_count(struct ieee80211_sub_if_data *sdata,
 	return rv;
 }
 
-static inline int drv_start(struct ieee80211_local *local)
-{
-	int ret;
-
-	might_sleep();
-
-	trace_drv_start(local);
-	local->started = true;
-	smp_mb();
-	ret = local->ops->start(&local->hw);
-	trace_drv_return_int(local, ret);
-	return ret;
-}
-
-static inline void drv_stop(struct ieee80211_local *local)
-{
-	might_sleep();
-
-	trace_drv_stop(local);
-	local->ops->stop(&local->hw);
-	trace_drv_return_void(local);
-
-	/* sync away all work on the tasklet before clearing started */
-	tasklet_disable(&local->tasklet);
-	tasklet_enable(&local->tasklet);
-
-	barrier();
-
-	local->started = false;
-}
+int drv_start(struct ieee80211_local *local);
+void drv_stop(struct ieee80211_local *local);
 
 #ifdef CONFIG_PM
 static inline int drv_suspend(struct ieee80211_local *local,
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index e936acd..c51ff91 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -1665,7 +1665,6 @@ static void ieee80211_handle_reconfig_failure(struct ieee80211_local *local)
 
 	local->resuming = false;
 	local->suspended = false;
-	local->started = false;
 	local->in_reconfig = false;
 
 	/* scheduled scan clearly can't be running any more, but tell
@@ -1764,6 +1763,8 @@ int ieee80211_reconfig(struct ieee80211_local *local)
 	if (suspended && local->in_reconfig && !reconfig_due_to_wowlan)
 		cancel_work_sync(&local->restart_work);
 
+	local->started = false;
+
 	/*
 	 * Upon resume hardware can sometimes be goofy due to
 	 * various platform / driver / bus issues, so restarting
-- 
2.1.4


  parent reply	other threads:[~2015-10-25  9:00 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-10-25  8:59 [PATCH 01/10] mac80211: don't reconfigure sched scan in case of wowlan Emmanuel Grumbach
2015-10-25  8:59 ` [PATCH 02/10] mac80211: TDLS: add proper HT-oper IE Emmanuel Grumbach
2015-11-03  9:43   ` Johannes Berg
2015-10-25  8:59 ` [PATCH 03/10] mac80211: use freezable workqueue for restart work Emmanuel Grumbach
2015-11-03  9:37   ` Johannes Berg
2015-10-25  8:59 ` Emmanuel Grumbach [this message]
2015-11-03  9:41   ` [PATCH 04/10] mac80211: call drv_stop only if driver is started Johannes Berg
2015-10-25  8:59 ` [PATCH 05/10] mac80211: make enable_qos parameter to ieee80211_set_wmm_default() Emmanuel Grumbach
2015-10-25  9:14   ` Emmanuel Grumbach
2015-10-25  8:59 ` [PATCH 06/10] mac80211: Fix local deauth while associating Emmanuel Grumbach
2015-11-03  9:36   ` Johannes Berg
2015-10-25  8:59 ` [PATCH 07/10] mac80211: allow driver to prevent two stations w/ same address Emmanuel Grumbach
2015-10-25  9:14   ` Emmanuel Grumbach
2015-10-25  8:59 ` [PATCH 08/10] mac80211: Remove WARN_ON_ONCE in ieee80211_recalc_smps Emmanuel Grumbach
2015-11-03  9:38   ` Johannes Berg
2015-10-25  8:59 ` [PATCH 09/10] mac80211: allow null chandef in tracing Emmanuel Grumbach
2015-11-03  9:30   ` Johannes Berg
2015-10-25  8:59 ` [PATCH 10/10] mac80211: further improve "no supported rates" warning Emmanuel Grumbach
2015-11-03  9:42 ` [PATCH 01/10] mac80211: don't reconfigure sched scan in case of wowlan Johannes Berg

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1445763582-11421-4-git-send-email-emmanuel.grumbach@intel.com \
    --to=emmanuel.grumbach@intel.com \
    --cc=eliad@wizery.com \
    --cc=eliadx.peller@intel.com \
    --cc=johannes@sipsolutions.net \
    --cc=linux-wireless@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).