* [PATCH] mt76: fix uninitialized mutex access setting rts threshold
[not found] <cover.1541847014.git.lorenzo.bianconi@redhat.com>
@ 2018-11-10 11:03 ` Lorenzo Bianconi
2018-11-12 5:50 ` Kalle Valo
2018-11-16 13:16 ` Kalle Valo
0 siblings, 2 replies; 4+ messages in thread
From: Lorenzo Bianconi @ 2018-11-10 11:03 UTC (permalink / raw)
To: kvalo; +Cc: nbd, sgruszka, linux-wireless, netdev
Fix following crash due to a leftover uninitialized mutex access
in mt76x2_set_rts_threshold routine.
[ 31.018059] Call Trace:
[ 31.018341] register_lock_class+0x51f/0x530
[ 31.018828] __lock_acquire+0x6c/0x1580
[ 31.019247] lock_acquire+0x88/0x120
[ 31.021089] __mutex_lock+0x4a/0x4f0
[ 31.023343] mt76x2_set_rts_threshold+0x28/0x50
[ 31.023831] ieee80211_set_wiphy_params+0x16d/0x4e0
[ 31.024344] nl80211_set_wiphy+0x72b/0xbc0
[ 31.024781] genl_family_rcv_msg+0x192/0x3a0
[ 31.025233] genl_rcv_msg+0x42/0x89
[ 31.026079] netlink_rcv_skb+0x38/0x100
[ 31.026475] genl_rcv+0x1f/0x30
[ 31.026804] netlink_unicast+0x19c/0x250
[ 31.027212] netlink_sendmsg+0x1ed/0x390
[ 31.027615] sock_sendmsg+0x31/0x40
[ 31.027973] ___sys_sendmsg+0x23c/0x280
[ 31.030414] __sys_sendmsg+0x42/0x80
[ 31.030783] do_syscall_64+0x4a/0x170
[ 31.031160] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 31.031677] RIP: 0033:0x7f3498b39ba7
[ 31.033953] RSP: 002b:00007fffe19675b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 31.034883] RAX: ffffffffffffffda RBX: 00000000012d5350 RCX: 00007f3498b39ba7
[ 31.035756] RDX: 0000000000000000 RSI: 00007fffe19675f0 RDI: 0000000000000003
[ 31.036587] RBP: 00000000012da740 R08: 0000000000000002 R09: 0000000000000000
[ 31.037422] R10: 0000000000000006 R11: 0000000000000246 R12: 00000000012da880
[ 31.038252] R13: 00007fffe19675f0 R14: 00007fffe19678c0 R15: 00000000012da880
Fixes: 108a4861ef19 ("mt76: create new mt76x02-lib module for common
mt76x{0,2} code")
Reported-by: lorenzo.trisolini@fluidmesh.com
Reported-by: luca.bisti@fluidmesh.com
Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
---
This patch is for 4.20
---
drivers/net/wireless/mediatek/mt76/mt76x02.h | 1 -
drivers/net/wireless/mediatek/mt76/mt76x2/pci_main.c | 4 ++--
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/drivers/net/wireless/mediatek/mt76/mt76x02.h b/drivers/net/wireless/mediatek/mt76/mt76x02.h
index 47c42c607964..7806963b1905 100644
--- a/drivers/net/wireless/mediatek/mt76/mt76x02.h
+++ b/drivers/net/wireless/mediatek/mt76/mt76x02.h
@@ -71,7 +71,6 @@ struct mt76x02_dev {
struct mac_address macaddr_list[8];
struct mutex phy_mutex;
- struct mutex mutex;
u8 txdone_seq;
DECLARE_KFIFO_PTR(txstatus_fifo, struct mt76x02_tx_status);
diff --git a/drivers/net/wireless/mediatek/mt76/mt76x2/pci_main.c b/drivers/net/wireless/mediatek/mt76/mt76x2/pci_main.c
index 034a06295668..3f001bd6806c 100644
--- a/drivers/net/wireless/mediatek/mt76/mt76x2/pci_main.c
+++ b/drivers/net/wireless/mediatek/mt76/mt76x2/pci_main.c
@@ -272,9 +272,9 @@ mt76x2_set_rts_threshold(struct ieee80211_hw *hw, u32 val)
if (val != ~0 && val > 0xffff)
return -EINVAL;
- mutex_lock(&dev->mutex);
+ mutex_lock(&dev->mt76.mutex);
mt76x2_mac_set_tx_protection(dev, val);
- mutex_unlock(&dev->mutex);
+ mutex_unlock(&dev->mt76.mutex);
return 0;
}
--
2.19.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] mt76: fix uninitialized mutex access setting rts threshold
2018-11-10 11:03 ` [PATCH] mt76: fix uninitialized mutex access setting rts threshold Lorenzo Bianconi
@ 2018-11-12 5:50 ` Kalle Valo
2018-11-16 13:16 ` Kalle Valo
1 sibling, 0 replies; 4+ messages in thread
From: Kalle Valo @ 2018-11-12 5:50 UTC (permalink / raw)
To: Lorenzo Bianconi; +Cc: nbd, sgruszka, linux-wireless, netdev
Lorenzo Bianconi <lorenzo.bianconi@redhat.com> writes:
> Fix following crash due to a leftover uninitialized mutex access
> in mt76x2_set_rts_threshold routine.
>
> [ 31.018059] Call Trace:
> [ 31.018341] register_lock_class+0x51f/0x530
> [ 31.018828] __lock_acquire+0x6c/0x1580
> [ 31.019247] lock_acquire+0x88/0x120
> [ 31.021089] __mutex_lock+0x4a/0x4f0
> [ 31.023343] mt76x2_set_rts_threshold+0x28/0x50
> [ 31.023831] ieee80211_set_wiphy_params+0x16d/0x4e0
> [ 31.024344] nl80211_set_wiphy+0x72b/0xbc0
> [ 31.024781] genl_family_rcv_msg+0x192/0x3a0
> [ 31.025233] genl_rcv_msg+0x42/0x89
> [ 31.026079] netlink_rcv_skb+0x38/0x100
> [ 31.026475] genl_rcv+0x1f/0x30
> [ 31.026804] netlink_unicast+0x19c/0x250
> [ 31.027212] netlink_sendmsg+0x1ed/0x390
> [ 31.027615] sock_sendmsg+0x31/0x40
> [ 31.027973] ___sys_sendmsg+0x23c/0x280
> [ 31.030414] __sys_sendmsg+0x42/0x80
> [ 31.030783] do_syscall_64+0x4a/0x170
> [ 31.031160] entry_SYSCALL_64_after_hwframe+0x49/0xbe
> [ 31.031677] RIP: 0033:0x7f3498b39ba7
> [ 31.033953] RSP: 002b:00007fffe19675b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
> [ 31.034883] RAX: ffffffffffffffda RBX: 00000000012d5350 RCX: 00007f3498b39ba7
> [ 31.035756] RDX: 0000000000000000 RSI: 00007fffe19675f0 RDI: 0000000000000003
> [ 31.036587] RBP: 00000000012da740 R08: 0000000000000002 R09: 0000000000000000
> [ 31.037422] R10: 0000000000000006 R11: 0000000000000246 R12: 00000000012da880
> [ 31.038252] R13: 00007fffe19675f0 R14: 00007fffe19678c0 R15: 00000000012da880
>
> Fixes: 108a4861ef19 ("mt76: create new mt76x02-lib module for common
> mt76x{0,2} code")
> Reported-by: lorenzo.trisolini@fluidmesh.com
> Reported-by: luca.bisti@fluidmesh.com
> Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
This should be v2, but no need to resend.
> This patch is for 4.20
Ok, I'll queue this for that release.
--
Kalle Valo
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] mt76: fix uninitialized mutex access setting rts threshold
2018-11-10 11:03 ` [PATCH] mt76: fix uninitialized mutex access setting rts threshold Lorenzo Bianconi
2018-11-12 5:50 ` Kalle Valo
@ 2018-11-16 13:16 ` Kalle Valo
1 sibling, 0 replies; 4+ messages in thread
From: Kalle Valo @ 2018-11-16 13:16 UTC (permalink / raw)
To: Lorenzo Bianconi; +Cc: nbd, sgruszka, linux-wireless, netdev
Lorenzo Bianconi <lorenzo.bianconi@redhat.com> wrote:
> Fix following crash due to a leftover uninitialized mutex access
> in mt76x2_set_rts_threshold routine.
>
> [ 31.018059] Call Trace:
> [ 31.018341] register_lock_class+0x51f/0x530
> [ 31.018828] __lock_acquire+0x6c/0x1580
> [ 31.019247] lock_acquire+0x88/0x120
> [ 31.021089] __mutex_lock+0x4a/0x4f0
> [ 31.023343] mt76x2_set_rts_threshold+0x28/0x50
> [ 31.023831] ieee80211_set_wiphy_params+0x16d/0x4e0
> [ 31.024344] nl80211_set_wiphy+0x72b/0xbc0
> [ 31.024781] genl_family_rcv_msg+0x192/0x3a0
> [ 31.025233] genl_rcv_msg+0x42/0x89
> [ 31.026079] netlink_rcv_skb+0x38/0x100
> [ 31.026475] genl_rcv+0x1f/0x30
> [ 31.026804] netlink_unicast+0x19c/0x250
> [ 31.027212] netlink_sendmsg+0x1ed/0x390
> [ 31.027615] sock_sendmsg+0x31/0x40
> [ 31.027973] ___sys_sendmsg+0x23c/0x280
> [ 31.030414] __sys_sendmsg+0x42/0x80
> [ 31.030783] do_syscall_64+0x4a/0x170
> [ 31.031160] entry_SYSCALL_64_after_hwframe+0x49/0xbe
> [ 31.031677] RIP: 0033:0x7f3498b39ba7
> [ 31.033953] RSP: 002b:00007fffe19675b8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
> [ 31.034883] RAX: ffffffffffffffda RBX: 00000000012d5350 RCX: 00007f3498b39ba7
> [ 31.035756] RDX: 0000000000000000 RSI: 00007fffe19675f0 RDI: 0000000000000003
> [ 31.036587] RBP: 00000000012da740 R08: 0000000000000002 R09: 0000000000000000
> [ 31.037422] R10: 0000000000000006 R11: 0000000000000246 R12: 00000000012da880
> [ 31.038252] R13: 00007fffe19675f0 R14: 00007fffe19678c0 R15: 00000000012da880
>
> Fixes: 108a4861ef19 ("mt76: create new mt76x02-lib module for common mt76x{0,2} code")
> Reported-by: lorenzo.trisolini@fluidmesh.com
> Reported-by: luca.bisti@fluidmesh.com
> Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
Patch applied to wireless-drivers.git, thanks.
1770f0fa978e mt76: fix uninitialized mutex access setting rts threshold
--
https://patchwork.kernel.org/patch/10677055/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH] mt76: fix uninitialized mutex access setting rts threshold
[not found] <cover.1541802405.git.lorenzo.bianconi@redhat.com>
@ 2018-11-09 22:32 ` Lorenzo Bianconi
0 siblings, 0 replies; 4+ messages in thread
From: Lorenzo Bianconi @ 2018-11-09 22:32 UTC (permalink / raw)
To: nbd; +Cc: sgruszka, luca.bisti, lorenzo.trisolini, linux-wireless
Fix following crash due to a leftover uninitialized mutex access
in mt76x02_set_rts_threshold routine.
[ 55.655884] CPU: 0 PID: 412 Comm: iw Not tainted 4.19.0-rc7+ #2493
[ 55.661739] Call Trace:
[ 55.662523] register_lock_class+0x528/0x530
[ 55.663806] __lock_acquire+0x89/0x15d0
[ 55.664841] lock_acquire+0x9f/0x140
[ 55.665794] ? mt76x02_set_rts_threshold+0x28/0x50
[ 55.667056] ? noop_count+0x10/0x10
[ 55.667981] ? mt76x02_set_rts_threshold+0x28/0x50
[ 55.669251] __mutex_lock+0x4a/0x4f0
[ 55.670199] ? mt76x02_set_rts_threshold+0x28/0x50
[ 55.671454] ? find_held_lock+0x2d/0x90
[ 55.672450] ? nl80211_pre_doit+0xf9/0x1a0
[ 55.673467] ? mt76x02_set_rts_threshold+0x28/0x50
[ 55.674637] mt76x02_set_rts_threshold+0x28/0x50
[ 55.675773] ieee80211_set_wiphy_params+0x16d/0x4e0
[ 55.676910] nl80211_set_wiphy+0x72b/0xbc0
[ 55.677927] genl_family_rcv_msg+0x192/0x3a0
[ 55.678919] genl_rcv_msg+0x42/0x89
[ 55.679742] ? genl_family_rcv_msg+0x3a0/0x3a0
[ 55.680600] netlink_rcv_skb+0x38/0x100
[ 55.681313] genl_rcv+0x1f/0x30
[ 55.681899] netlink_unicast+0x16b/0x210
[ 55.682628] netlink_sendmsg+0x1ed/0x390
[ 55.683373] sock_sendmsg+0x31/0x40
[ 55.684020] ___sys_sendmsg+0x23c/0x280
[ 55.684736] ? __handle_mm_fault+0xce8/0x1000
[ 55.685445] ? _raw_spin_unlock+0x1f/0x30
[ 55.686059] ? find_held_lock+0x2d/0x90
[ 55.686648] ? __do_page_fault+0x207/0x440
[ 55.687274] __sys_sendmsg+0x42/0x80
[ 55.687825] do_syscall_64+0x50/0x190
[ 55.688410] entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 55.689174] RIP: 0033:0x7fdeea227ba7
[ 55.692157] RSP: 002b:00007ffec2395b58 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 55.693138] RAX: ffffffffffffffda RBX: 000000000066c350 RCX: 00007fdeea227ba7
[ 55.694059] RDX: 0000000000000000 RSI: 00007ffec2395b90 RDI: 0000000000000003
[ 55.694966] RBP: 0000000000671740 R08: 0000000000000002 R09: 0000000000000000
[ 55.695773] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000671880
[ 55.696572] R13: 00007ffec2395b90 R14: 00007ffec2395e60 R15: 0000000000671880
Fixes: 108a4861ef19 (" mt76: create new mt76x02-lib module for common
mt76x{0,2} code")
Reported-by: lorenzo.trisolini@fluidmesh.com
Reported-by: luca.bisti@fluidmesh.com
Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
---
I will post a fix based on wireless-drivers repo
---
drivers/net/wireless/mediatek/mt76/mt76x02.h | 1 -
drivers/net/wireless/mediatek/mt76/mt76x02_util.c | 4 ++--
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/drivers/net/wireless/mediatek/mt76/mt76x02.h b/drivers/net/wireless/mediatek/mt76/mt76x02.h
index 65daa3d3c289..1d8bb426e772 100644
--- a/drivers/net/wireless/mediatek/mt76/mt76x02.h
+++ b/drivers/net/wireless/mediatek/mt76/mt76x02.h
@@ -69,7 +69,6 @@ struct mt76x02_dev {
struct mac_address macaddr_list[8];
struct mutex phy_mutex;
- struct mutex mutex;
u8 txdone_seq;
DECLARE_KFIFO_PTR(txstatus_fifo, struct mt76x02_tx_status);
diff --git a/drivers/net/wireless/mediatek/mt76/mt76x02_util.c b/drivers/net/wireless/mediatek/mt76/mt76x02_util.c
index 48f2f5382b57..bd0a879f7e7a 100644
--- a/drivers/net/wireless/mediatek/mt76/mt76x02_util.c
+++ b/drivers/net/wireless/mediatek/mt76/mt76x02_util.c
@@ -481,9 +481,9 @@ int mt76x02_set_rts_threshold(struct ieee80211_hw *hw, u32 val)
if (val != ~0 && val > 0xffff)
return -EINVAL;
- mutex_lock(&dev->mutex);
+ mutex_lock(&dev->mt76.mutex);
mt76x02_mac_set_tx_protection(dev, val);
- mutex_unlock(&dev->mutex);
+ mutex_unlock(&dev->mt76.mutex);
return 0;
}
--
2.19.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
end of thread, other threads:[~2018-11-16 13:16 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <cover.1541847014.git.lorenzo.bianconi@redhat.com>
2018-11-10 11:03 ` [PATCH] mt76: fix uninitialized mutex access setting rts threshold Lorenzo Bianconi
2018-11-12 5:50 ` Kalle Valo
2018-11-16 13:16 ` Kalle Valo
[not found] <cover.1541802405.git.lorenzo.bianconi@redhat.com>
2018-11-09 22:32 ` Lorenzo Bianconi
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).