From: Kalle Valo <kvalo@codeaurora.org>
To: Brian Norris <briannorris@chromium.org>
Cc: Ganapathi Bhat <gbhat@marvell.com>,
Nishant Sarmukadam <nishants@marvell.com>,
<linux-kernel@vger.kernel.org>,
Dmitry Torokhov <dmitry.torokhov@gmail.com>,
Amitkumar Karwar <amitkarwar@gmail.com>,
linux-wireless@vger.kernel.org,
Doug Anderson <dianders@chromium.org>,
Brian Norris <briannorris@chromium.org>
Subject: Re: [01/11] mwifiex: fixup error cases in mwifiex_add_virtual_intf()
Date: Fri, 19 May 2017 06:02:50 +0000 (UTC) [thread overview]
Message-ID: <20170519060250.3457960585@smtp.codeaurora.org> (raw)
In-Reply-To: <20170512164208.38725-1-briannorris@chromium.org>
Brian Norris <briannorris@chromium.org> wrote:
> If we fail to add an interface in mwifiex_add_virtual_intf(), we might
> hit a BUG_ON() in the networking code, because we didn't tear things
> down properly. Among the problems:
>
> (a) when failing to allocate workqueues, we fail to unregister the
> netdev before calling free_netdev()
> (b) even if we do try to unregister the netdev, we're still holding the
> rtnl lock, so the device never properly unregistered; we'll be at
> state NETREG_UNREGISTERING, and then hit free_netdev()'s:
> BUG_ON(dev->reg_state != NETREG_UNREGISTERED);
> (c) we're allocating some dependent resources (e.g., DFS workqueues)
> after we've registered the interface; this may or may not cause
> problems, but it's good practice to allocate these before registering
> (d) we're not even trying to unwind anything when mwifiex_send_cmd() or
> mwifiex_sta_init_cmd() fail
>
> To fix these issues, let's:
>
> * add a stacked set of error handling labels, to keep error handling
> consistent and properly ordered (resolving (a) and (d))
> * move the workqueue allocations before the registration (to resolve
> (c); also resolves (b) by avoiding error cases where we have to
> unregister)
>
> [Incidentally, it's pretty easy to interrupt the alloc_workqueue() in,
> e.g., the following:
>
> iw phy phy0 interface add mlan0 type station
>
> by sending it SIGTERM.]
>
> This bugfix covers commits like commit 7d652034d1a0 ("mwifiex: channel
> switch support for mwifiex"), but parts of this bug exist all the way
> back to the introduction of dynamic interface handling in commit
> 93a1df48d224 ("mwifiex: add cfg80211 handlers add/del_virtual_intf").
>
> Cc: <stable@vger.kernel.org>
> Signed-off-by: Brian Norris <briannorris@chromium.org>
11 patches applied to wireless-drivers-next.git, thanks.
8535107aa4ef mwifiex: fixup error cases in mwifiex_add_virtual_intf()
e0b636e5ee15 mwifiex: Don't release tx_ba_stream_tbl_lock while iterating
90ad0be83676 mwifiex: Don't release cmd_pending_q_lock while iterating
09bdb6500551 mwifiex: Add locking to mwifiex_11n_delba
0f13acf0c612 mwifiex: don't drop lock between list-retrieval / list-deletion
6eb2d002d4ea mwifiex: don't leak stashed beacon buffer on reset
bc69ca391eff mwifiex: remove useless 'mwifiex_lock'
7170862738dc mwifiex: remove redundant 'adapter' check in mwifiex_adapter_cleanup
7ade530e7384 mwifiex: 11h: drop unnecessary check for '!priv'
fa4651e12ae8 mwifiex: pcie: remove useless pdev check
68efd0386988 mwifiex: pcie: stop setting/clearing 'surprise_removed'
--
https://patchwork.kernel.org/patch/9724599/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
prev parent reply other threads:[~2017-05-19 6:02 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-12 16:41 [PATCH 01/11] mwifiex: fixup error cases in mwifiex_add_virtual_intf() Brian Norris
2017-05-12 16:41 ` [PATCH 02/11] mwifiex: Don't release tx_ba_stream_tbl_lock while iterating Brian Norris
2017-05-12 16:42 ` [PATCH 03/11] mwifiex: Don't release cmd_pending_q_lock " Brian Norris
2017-05-12 16:42 ` [PATCH 04/11] mwifiex: Add locking to mwifiex_11n_delba Brian Norris
2017-05-12 16:42 ` [PATCH 05/11] mwifiex: don't drop lock between list-retrieval / list-deletion Brian Norris
2017-05-12 16:42 ` [PATCH 06/11] mwifiex: don't leak stashed beacon buffer on reset Brian Norris
2017-05-12 16:42 ` [PATCH 07/11] mwifiex: remove useless 'mwifiex_lock' Brian Norris
2017-05-12 16:42 ` [PATCH 08/11] mwifiex: remove redundant 'adapter' check in mwifiex_adapter_cleanup Brian Norris
2017-05-12 16:42 ` [PATCH 09/11] mwifiex: 11h: drop unnecessary check for '!priv' Brian Norris
2017-05-12 16:42 ` [PATCH 10/11] mwifiex: pcie: remove useless pdev check Brian Norris
2017-05-12 16:42 ` [PATCH 11/11] mwifiex: pcie: stop setting/clearing 'surprise_removed' Brian Norris
2017-05-17 4:02 ` [PATCH 01/11] mwifiex: fixup error cases in mwifiex_add_virtual_intf() Xinming Hu
2017-05-17 4:02 ` Xinming Hu
2017-05-19 6:02 ` Kalle Valo [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170519060250.3457960585@smtp.codeaurora.org \
--to=kvalo@codeaurora.org \
--cc=amitkarwar@gmail.com \
--cc=briannorris@chromium.org \
--cc=dianders@chromium.org \
--cc=dmitry.torokhov@gmail.com \
--cc=gbhat@marvell.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
--cc=nishants@marvell.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.