This is a note to let you know that I've just added the patch titled
mac80211: fix suspend/resume races with unregister hw
to the 3.0-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
mac80211-fix-suspend-resume-races-with-unregister-hw.patch
and it can be found in the queue-3.0 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <sta...@kernel.org> know about it.
>From ecb4433550f0620f3d1471ae7099037ede30a91e Mon Sep 17 00:00:00 2001
From: Stanislaw Gruszka <sgrus...@redhat.com>
Date: Fri, 12 Aug 2011 14:00:59 +0200
Subject: mac80211: fix suspend/resume races with unregister hw
From: Stanislaw Gruszka <sgrus...@redhat.com>
commit ecb4433550f0620f3d1471ae7099037ede30a91e upstream.
Do not call ->suspend, ->resume methods after we unregister wiphy. Also
delete sta_clanup timer after we finish wiphy unregister to avoid this:
WARNING: at lib/debugobjects.c:262 debug_print_object+0x85/0xa0()
Hardware name: 6369CTO
ODEBUG: free active (active state 0) object type: timer_list hint:
sta_info_cleanup+0x0/0x180 [mac80211]
Modules linked in: aes_i586 aes_generic fuse bridge stp llc autofs4 sunrpc
cpufreq_ondemand acpi_cpufreq mperf ext2 dm_mod uinput thinkpad_acpi hwmon sg
arc4 rt2800usb rt2800lib crc_ccitt rt2x00usb rt2x00lib mac80211 cfg80211
i2c_i801 iTCO_wdt iTCO_vendor_support e1000e ext4 mbcache jbd2 sd_mod
crc_t10dif sr_mod cdrom yenta_socket ahci libahci pata_acpi ata_generic
ata_piix i915 drm_kms_helper drm i2c_algo_bit video [last unloaded: microcode]
Pid: 5663, comm: pm-hibernate Not tainted 3.1.0-rc1-wl+ #19
Call Trace:
[<c0454cfd>] warn_slowpath_common+0x6d/0xa0
[<c05e05e5>] ? debug_print_object+0x85/0xa0
[<c05e05e5>] ? debug_print_object+0x85/0xa0
[<c0454dae>] warn_slowpath_fmt+0x2e/0x30
[<c05e05e5>] debug_print_object+0x85/0xa0
[<f8a808e0>] ? sta_info_alloc+0x1a0/0x1a0 [mac80211]
[<c05e0bd2>] debug_check_no_obj_freed+0xe2/0x180
[<c051175b>] kfree+0x8b/0x150
[<f8a126ae>] cfg80211_dev_free+0x7e/0x90 [cfg80211]
[<f8a13afd>] wiphy_dev_release+0xd/0x10 [cfg80211]
[<c068d959>] device_release+0x19/0x80
[<c05d06ba>] kobject_release+0x7a/0x1c0
[<c07646a8>] ? rtnl_unlock+0x8/0x10
[<f8a13adb>] ? wiphy_resume+0x6b/0x80 [cfg80211]
[<c05d0640>] ? kobject_del+0x30/0x30
[<c05d1a6d>] kref_put+0x2d/0x60
[<c05d056d>] kobject_put+0x1d/0x50
[<c08015f4>] ? mutex_lock+0x14/0x40
[<c068d60f>] put_device+0xf/0x20
[<c069716a>] dpm_resume+0xca/0x160
[<c04912bd>] hibernation_snapshot+0xcd/0x260
[<c04903df>] ? freeze_processes+0x3f/0x90
[<c049151b>] hibernate+0xcb/0x1e0
[<c048fdc0>] ? pm_async_store+0x40/0x40
[<c048fe60>] state_store+0xa0/0xb0
[<c048fdc0>] ? pm_async_store+0x40/0x40
[<c05d0200>] kobj_attr_store+0x20/0x30
[<c0575ea4>] sysfs_write_file+0x94/0xf0
[<c051e26a>] vfs_write+0x9a/0x160
[<c0575e10>] ? sysfs_open_file+0x200/0x200
[<c051e3fd>] sys_write+0x3d/0x70
[<c080959f>] sysenter_do_call+0x12/0x28
Signed-off-by: Stanislaw Gruszka <sgrus...@redhat.com>
Signed-off-by: John W. Linville <linvi...@tuxdriver.com>
Signed-off-by: Greg Kroah-Hartman <gre...@suse.de>
---
include/net/cfg80211.h | 3 +++
net/mac80211/main.c | 2 +-
net/wireless/core.c | 7 +++++++
net/wireless/sysfs.c | 6 ++++--
4 files changed, 15 insertions(+), 3 deletions(-)
--- a/include/net/cfg80211.h
+++ b/include/net/cfg80211.h
@@ -1814,6 +1814,9 @@ struct wiphy {
* you need use set_wiphy_dev() (see below) */
struct device dev;
+ /* protects ->resume, ->suspend sysfs callbacks against unregister hw */
+ bool registered;
+
/* dir in debugfs: ieee80211/<wiphyname> */
struct dentry *debugfsdir;
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -1012,7 +1012,6 @@ void ieee80211_unregister_hw(struct ieee
cancel_work_sync(&local->reconfig_filter);
ieee80211_clear_tx_pending(local);
- sta_info_stop(local);
rate_control_deinitialize(local);
if (skb_queue_len(&local->skb_queue) ||
@@ -1024,6 +1023,7 @@ void ieee80211_unregister_hw(struct ieee
destroy_workqueue(local->workqueue);
wiphy_unregister(local->hw.wiphy);
+ sta_info_stop(local);
ieee80211_wep_free(local);
ieee80211_led_exit(local);
kfree(local->int_scan_req);
--- a/net/wireless/core.c
+++ b/net/wireless/core.c
@@ -612,6 +612,9 @@ int wiphy_register(struct wiphy *wiphy)
if (res)
goto out_rm_dev;
+ rtnl_lock();
+ rdev->wiphy.registered = true;
+ rtnl_unlock();
return 0;
out_rm_dev:
@@ -643,6 +646,10 @@ void wiphy_unregister(struct wiphy *wiph
{
struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
+ rtnl_lock();
+ rdev->wiphy.registered = false;
+ rtnl_unlock();
+
rfkill_unregister(rdev->rfkill);
/* protect the device list */
--- a/net/wireless/sysfs.c
+++ b/net/wireless/sysfs.c
@@ -93,7 +93,8 @@ static int wiphy_suspend(struct device *
if (rdev->ops->suspend) {
rtnl_lock();
- ret = rdev->ops->suspend(&rdev->wiphy, rdev->wowlan);
+ if (rdev->wiphy.registered)
+ ret = rdev->ops->suspend(&rdev->wiphy, rdev->wowlan);
rtnl_unlock();
}
@@ -112,7 +113,8 @@ static int wiphy_resume(struct device *d
if (rdev->ops->resume) {
rtnl_lock();
- ret = rdev->ops->resume(&rdev->wiphy);
+ if (rdev->wiphy.registered)
+ ret = rdev->ops->resume(&rdev->wiphy);
rtnl_unlock();
}
Patches currently in stable-queue which might be from sgrus...@redhat.com are
queue-3.0/rt2x00-do-not-drop-usb-dev-reference-counter-on-suspend.patch
queue-3.0/mac80211-fix-suspend-resume-races-with-unregister-hw.patch
_______________________________________________
stable mailing list
stable@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/stable
