From: Kalle Valo <kvalo@codeaurora.org>
To: Brian Norris <briannorris@chromium.org>
Cc: Ganapathi Bhat <gbhat@marvell.com>,
Nishant Sarmukadam <nishants@marvell.com>,
<linux-kernel@vger.kernel.org>,
Dmitry Torokhov <dmitry.torokhov@gmail.com>,
Amitkumar Karwar <amitkarwar@gmail.com>,
linux-wireless@vger.kernel.org,
Doug Anderson <dianders@chromium.org>,
Brian Norris <briannorris@chromium.org>
Subject: Re: [01/11] mwifiex: fixup error cases in mwifiex_add_virtual_intf()
Date: Fri, 19 May 2017 06:02:50 +0000 (UTC) [thread overview]
Message-ID: <20170519060250.3457960585@smtp.codeaurora.org> (raw)
In-Reply-To: <20170512164208.38725-1-briannorris@chromium.org>
Brian Norris <briannorris@chromium.org> wrote:
> If we fail to add an interface in mwifiex_add_virtual_intf(), we might
> hit a BUG_ON() in the networking code, because we didn't tear things
> down properly. Among the problems:
>
> (a) when failing to allocate workqueues, we fail to unregister the
> netdev before calling free_netdev()
> (b) even if we do try to unregister the netdev, we're still holding the
> rtnl lock, so the device never properly unregistered; we'll be at
> state NETREG_UNREGISTERING, and then hit free_netdev()'s:
> BUG_ON(dev->reg_state != NETREG_UNREGISTERED);
> (c) we're allocating some dependent resources (e.g., DFS workqueues)
> after we've registered the interface; this may or may not cause
> problems, but it's good practice to allocate these before registering
> (d) we're not even trying to unwind anything when mwifiex_send_cmd() or
> mwifiex_sta_init_cmd() fail
>
> To fix these issues, let's:
>
> * add a stacked set of error handling labels, to keep error handling
> consistent and properly ordered (resolving (a) and (d))
> * move the workqueue allocations before the registration (to resolve
> (c); also resolves (b) by avoiding error cases where we have to
> unregister)
>
> [Incidentally, it's pretty easy to interrupt the alloc_workqueue() in,
> e.g., the following:
>
> iw phy phy0 interface add mlan0 type station
>
> by sending it SIGTERM.]
>
> This bugfix covers commits like commit 7d652034d1a0 ("mwifiex: channel
> switch support for mwifiex"), but parts of this bug exist all the way
> back to the introduction of dynamic interface handling in commit
> 93a1df48d224 ("mwifiex: add cfg80211 handlers add/del_virtual_intf").
>
> Cc: <stable@vger.kernel.org>
> Signed-off-by: Brian Norris <briannorris@chromium.org>
11 patches applied to wireless-drivers-next.git, thanks.
8535107aa4ef mwifiex: fixup error cases in mwifiex_add_virtual_intf()
e0b636e5ee15 mwifiex: Don't release tx_ba_stream_tbl_lock while iterating
90ad0be83676 mwifiex: Don't release cmd_pending_q_lock while iterating
09bdb6500551 mwifiex: Add locking to mwifiex_11n_delba
0f13acf0c612 mwifiex: don't drop lock between list-retrieval / list-deletion
6eb2d002d4ea mwifiex: don't leak stashed beacon buffer on reset
bc69ca391eff mwifiex: remove useless 'mwifiex_lock'
7170862738dc mwifiex: remove redundant 'adapter' check in mwifiex_adapter_cleanup
7ade530e7384 mwifiex: 11h: drop unnecessary check for '!priv'
fa4651e12ae8 mwifiex: pcie: remove useless pdev check
68efd0386988 mwifiex: pcie: stop setting/clearing 'surprise_removed'
--
https://patchwork.kernel.org/patch/9724599/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
prev parent reply other threads:[~2017-05-19 6:02 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-12 16:41 [PATCH 01/11] mwifiex: fixup error cases in mwifiex_add_virtual_intf() Brian Norris
2017-05-12 16:41 ` [PATCH 02/11] mwifiex: Don't release tx_ba_stream_tbl_lock while iterating Brian Norris
2017-05-12 16:42 ` [PATCH 03/11] mwifiex: Don't release cmd_pending_q_lock " Brian Norris
2017-05-12 16:42 ` [PATCH 04/11] mwifiex: Add locking to mwifiex_11n_delba Brian Norris
2017-05-12 16:42 ` [PATCH 05/11] mwifiex: don't drop lock between list-retrieval / list-deletion Brian Norris
2017-05-12 16:42 ` [PATCH 06/11] mwifiex: don't leak stashed beacon buffer on reset Brian Norris
2017-05-12 16:42 ` [PATCH 07/11] mwifiex: remove useless 'mwifiex_lock' Brian Norris
2017-05-12 16:42 ` [PATCH 08/11] mwifiex: remove redundant 'adapter' check in mwifiex_adapter_cleanup Brian Norris
2017-05-12 16:42 ` [PATCH 09/11] mwifiex: 11h: drop unnecessary check for '!priv' Brian Norris
2017-05-12 16:42 ` [PATCH 10/11] mwifiex: pcie: remove useless pdev check Brian Norris
2017-05-12 16:42 ` [PATCH 11/11] mwifiex: pcie: stop setting/clearing 'surprise_removed' Brian Norris
2017-05-17 4:02 ` [PATCH 01/11] mwifiex: fixup error cases in mwifiex_add_virtual_intf() Xinming Hu
2017-05-19 6:02 ` Kalle Valo [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170519060250.3457960585@smtp.codeaurora.org \
--to=kvalo@codeaurora.org \
--cc=amitkarwar@gmail.com \
--cc=briannorris@chromium.org \
--cc=dianders@chromium.org \
--cc=dmitry.torokhov@gmail.com \
--cc=gbhat@marvell.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
--cc=nishants@marvell.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).