* [PATCH] rtlwifi: Add the missing rcu_read_lock/unlock
@ 2011-02-27 20:59 Alessio Igor Bogani
2011-02-27 22:02 ` Larry Finger
0 siblings, 1 reply; 4+ messages in thread
From: Alessio Igor Bogani @ 2011-02-27 20:59 UTC (permalink / raw)
To: Larry Finger, Chaoming Li
Cc: linux-wireless, LKML, Tim Bird, Alessio Igor Bogani
===================================================
[ INFO: suspicious rcu_dereference_check() usage. ]
---------------------------------------------------
net/mac80211/sta_info.c:125 invoked rcu_dereference_check() without protection!
other info that might help us debug this:
rcu_scheduler_active = 1, debug_locks = 0
5 locks held by wpa_supplicant/468:
#0: (rtnl_mutex){+.+.+.}, at: [<c1465d84>] rtnl_lock+0x14/0x20
#1: (&rdev->mtx){+.+.+.}, at: [<f84b8c2b>] cfg80211_mgd_wext_siwfreq+0x6b/0x170 [cfg80211]
#2: (&rdev->devlist_mtx){+.+.+.}, at: [<f84b8c37>] cfg80211_mgd_wext_siwfreq+0x77/0x170 [cfg80211]
#3: (&wdev->mtx){+.+.+.}, at: [<f84b8c44>] cfg80211_mgd_wext_siwfreq+0x84/0x170 [cfg80211]
#4: (&rtlpriv->locks.conf_mutex){+.+.+.}, at: [<f8506476>] rtl_op_bss_info_changed+0x26/0xc10 [rtlwifi]
stack backtrace:
Pid: 468, comm: wpa_supplicant Not tainted 2.6.38-rc6+ #79
Call Trace:
[<c108806a>] ? lockdep_rcu_dereference+0xaa/0xb0
[<f8523d2c>] ? sta_info_get_bss+0x19c/0x1b0 [mac80211]
[<f8523d62>] ? ieee80211_find_sta+0x22/0x40 [mac80211]
[<f850661c>] ? rtl_op_bss_info_changed+0x1cc/0xc10 [rtlwifi]
[<c153671c>] ? __mutex_unlock_slowpath+0x14c/0x160
[<c153673d>] ? mutex_unlock+0xd/0x10
[<f8507180>] ? rtl_op_config+0x120/0x310 [rtlwifi]
[<c10896db>] ? trace_hardirqs_on+0xb/0x10
[<f8522169>] ? ieee80211_bss_info_change_notify+0xf9/0x1f0 [mac80211]
[<f8506450>] ? rtl_op_bss_info_changed+0x0/0xc10 [rtlwifi]
[<f853646f>] ? ieee80211_set_channel+0xbf/0xd0 [mac80211]
[<f84b5f41>] ? cfg80211_set_freq+0x121/0x180 [cfg80211]
[<f85363b0>] ? ieee80211_set_channel+0x0/0xd0 [mac80211]
[<f84b8ceb>] ? cfg80211_mgd_wext_siwfreq+0x12b/0x170 [cfg80211]
[<f84b87eb>] ? cfg80211_wext_siwfreq+0x9b/0x100 [cfg80211]
[<c153b98b>] ? sub_preempt_count+0x7b/0xb0
[<c150f874>] ? ioctl_standard_call+0x74/0x3b0
[<c1465d84>] ? rtnl_lock+0x14/0x20
[<f84b8750>] ? cfg80211_wext_siwfreq+0x0/0x100 [cfg80211]
[<c14568bd>] ? __dev_get_by_name+0x8d/0xb0
[<c150fddb>] ? wext_handle_ioctl+0x16b/0x180
[<f84b8750>] ? cfg80211_wext_siwfreq+0x0/0x100 [cfg80211]
[<c145bc7a>] ? dev_ioctl+0x5ba/0x720
[<c108a947>] ? __lock_acquire+0x3e7/0x19b0
[<c1443b0b>] ? sock_ioctl+0x1eb/0x290
[<c108bfa5>] ? lock_release_non_nested+0x95/0x2f0
[<c1443920>] ? sock_ioctl+0x0/0x290
[<c114d74d>] ? do_vfs_ioctl+0x7d/0x5c0
[<c1112232>] ? might_fault+0x62/0xb0
[<c113e3c6>] ? fget_light+0x226/0x390
[<c1112278>] ? might_fault+0xa8/0xb0
[<c114dd17>] ? sys_ioctl+0x87/0x90
[<c1002f9f>] ? sysenter_do_call+0x12/0x38
This work was supported by a hardware donation from the CE Linux Forum.
Signed-off-by: Alessio Igor Bogani <abogani@kernel.org>
---
drivers/net/wireless/rtlwifi/core.c | 4 ++++
drivers/net/wireless/rtlwifi/rtl8192ce/trx.c | 5 ++++-
2 files changed, 8 insertions(+), 1 deletions(-)
diff --git a/drivers/net/wireless/rtlwifi/core.c b/drivers/net/wireless/rtlwifi/core.c
index d6a924a..b93f12d 100644
--- a/drivers/net/wireless/rtlwifi/core.c
+++ b/drivers/net/wireless/rtlwifi/core.c
@@ -552,6 +552,7 @@ static void rtl_op_bss_info_changed(struct ieee80211_hw *hw,
RT_TRACE(rtlpriv, COMP_MAC80211, DBG_TRACE,
("BSS_CHANGED_HT\n"));
+ rcu_read_lock();
sta = ieee80211_find_sta(mac->vif, mac->bssid);
if (sta) {
@@ -564,6 +565,7 @@ static void rtl_op_bss_info_changed(struct ieee80211_hw *hw,
mac->current_ampdu_factor =
sta->ht_cap.ampdu_factor;
}
+ rcu_read_unlock();
rtlpriv->cfg->ops->set_hw_reg(hw, HW_VAR_SHORTGI_DENSITY,
(u8 *) (&mac->max_mss_density));
@@ -615,6 +617,7 @@ static void rtl_op_bss_info_changed(struct ieee80211_hw *hw,
else
mac->mode = WIRELESS_MODE_G;
+ rcu_read_lock();
sta = ieee80211_find_sta(mac->vif, mac->bssid);
if (sta) {
@@ -649,6 +652,7 @@ static void rtl_op_bss_info_changed(struct ieee80211_hw *hw,
*/
}
}
+ rcu_read_unlock();
/*mac80211 just give us CCK rates any time
*So we add G rate in basic rates when
diff --git a/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c b/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c
index bf5852f..8a8b0e2 100644
--- a/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c
+++ b/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c
@@ -729,7 +729,7 @@ void rtl92ce_tx_fill_desc(struct ieee80211_hw *hw,
struct rtl_ps_ctl *ppsc = rtl_psc(rtl_priv(hw));
bool b_defaultadapter = true;
- struct ieee80211_sta *sta = ieee80211_find_sta(mac->vif, mac->bssid);
+ struct ieee80211_sta *sta;
u8 *pdesc = (u8 *) pdesc_tx;
struct rtl_tcb_desc tcb_desc;
@@ -811,10 +811,13 @@ void rtl92ce_tx_fill_desc(struct ieee80211_hw *hw,
SET_TX_DESC_LINIP(pdesc, 0);
SET_TX_DESC_PKT_SIZE(pdesc, (u16) skb->len);
+ rcu_read_lock();
+ sta = ieee80211_find_sta(mac->vif, mac->bssid);
if (sta) {
u8 ampdu_density = sta->ht_cap.ampdu_density;
SET_TX_DESC_AMPDU_DENSITY(pdesc, ampdu_density);
}
+ rcu_read_unlock();
if (info->control.hw_key) {
struct ieee80211_key_conf *keyconf =
--
1.7.4.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] rtlwifi: Add the missing rcu_read_lock/unlock
2011-02-27 20:59 [PATCH] rtlwifi: Add the missing rcu_read_lock/unlock Alessio Igor Bogani
@ 2011-02-27 22:02 ` Larry Finger
2011-02-28 17:46 ` Alessio Igor Bogani
0 siblings, 1 reply; 4+ messages in thread
From: Larry Finger @ 2011-02-27 22:02 UTC (permalink / raw)
To: Alessio Igor Bogani; +Cc: Chaoming Li, linux-wireless, LKML, Tim Bird
On 02/27/2011 02:59 PM, Alessio Igor Bogani wrote:
> ===================================================
> [ INFO: suspicious rcu_dereference_check() usage. ]
> ---------------------------------------------------
> net/mac80211/sta_info.c:125 invoked rcu_dereference_check() without protection!
>
> other info that might help us debug this:
>
> rcu_scheduler_active = 1, debug_locks = 0
> 5 locks held by wpa_supplicant/468:
> #0: (rtnl_mutex){+.+.+.}, at: [<c1465d84>] rtnl_lock+0x14/0x20
> #1: (&rdev->mtx){+.+.+.}, at: [<f84b8c2b>] cfg80211_mgd_wext_siwfreq+0x6b/0x170 [cfg80211]
> #2: (&rdev->devlist_mtx){+.+.+.}, at: [<f84b8c37>] cfg80211_mgd_wext_siwfreq+0x77/0x170 [cfg80211]
> #3: (&wdev->mtx){+.+.+.}, at: [<f84b8c44>] cfg80211_mgd_wext_siwfreq+0x84/0x170 [cfg80211]
> #4: (&rtlpriv->locks.conf_mutex){+.+.+.}, at: [<f8506476>] rtl_op_bss_info_changed+0x26/0xc10 [rtlwifi]
>
> stack backtrace:
> Pid: 468, comm: wpa_supplicant Not tainted 2.6.38-rc6+ #79
> Call Trace:
> [<c108806a>] ? lockdep_rcu_dereference+0xaa/0xb0
> [<f8523d2c>] ? sta_info_get_bss+0x19c/0x1b0 [mac80211]
> [<f8523d62>] ? ieee80211_find_sta+0x22/0x40 [mac80211]
> [<f850661c>] ? rtl_op_bss_info_changed+0x1cc/0xc10 [rtlwifi]
> [<c153671c>] ? __mutex_unlock_slowpath+0x14c/0x160
> [<c153673d>] ? mutex_unlock+0xd/0x10
> [<f8507180>] ? rtl_op_config+0x120/0x310 [rtlwifi]
> [<c10896db>] ? trace_hardirqs_on+0xb/0x10
> [<f8522169>] ? ieee80211_bss_info_change_notify+0xf9/0x1f0 [mac80211]
> [<f8506450>] ? rtl_op_bss_info_changed+0x0/0xc10 [rtlwifi]
> [<f853646f>] ? ieee80211_set_channel+0xbf/0xd0 [mac80211]
> [<f84b5f41>] ? cfg80211_set_freq+0x121/0x180 [cfg80211]
> [<f85363b0>] ? ieee80211_set_channel+0x0/0xd0 [mac80211]
> [<f84b8ceb>] ? cfg80211_mgd_wext_siwfreq+0x12b/0x170 [cfg80211]
> [<f84b87eb>] ? cfg80211_wext_siwfreq+0x9b/0x100 [cfg80211]
> [<c153b98b>] ? sub_preempt_count+0x7b/0xb0
> [<c150f874>] ? ioctl_standard_call+0x74/0x3b0
> [<c1465d84>] ? rtnl_lock+0x14/0x20
> [<f84b8750>] ? cfg80211_wext_siwfreq+0x0/0x100 [cfg80211]
> [<c14568bd>] ? __dev_get_by_name+0x8d/0xb0
> [<c150fddb>] ? wext_handle_ioctl+0x16b/0x180
> [<f84b8750>] ? cfg80211_wext_siwfreq+0x0/0x100 [cfg80211]
> [<c145bc7a>] ? dev_ioctl+0x5ba/0x720
> [<c108a947>] ? __lock_acquire+0x3e7/0x19b0
> [<c1443b0b>] ? sock_ioctl+0x1eb/0x290
> [<c108bfa5>] ? lock_release_non_nested+0x95/0x2f0
> [<c1443920>] ? sock_ioctl+0x0/0x290
> [<c114d74d>] ? do_vfs_ioctl+0x7d/0x5c0
> [<c1112232>] ? might_fault+0x62/0xb0
> [<c113e3c6>] ? fget_light+0x226/0x390
> [<c1112278>] ? might_fault+0xa8/0xb0
> [<c114dd17>] ? sys_ioctl+0x87/0x90
> [<c1002f9f>] ? sysenter_do_call+0x12/0x38
>
> This work was supported by a hardware donation from the CE Linux Forum.
>
> Signed-off-by: Alessio Igor Bogani<abogani@kernel.org>
> ---
> drivers/net/wireless/rtlwifi/core.c | 4 ++++
> drivers/net/wireless/rtlwifi/rtl8192ce/trx.c | 5 ++++-
> 2 files changed, 8 insertions(+), 1 deletions(-)
>
> diff --git a/drivers/net/wireless/rtlwifi/core.c b/drivers/net/wireless/rtlwifi/core.c
> index d6a924a..b93f12d 100644
> --- a/drivers/net/wireless/rtlwifi/core.c
> +++ b/drivers/net/wireless/rtlwifi/core.c
> @@ -552,6 +552,7 @@ static void rtl_op_bss_info_changed(struct ieee80211_hw *hw,
> RT_TRACE(rtlpriv, COMP_MAC80211, DBG_TRACE,
> ("BSS_CHANGED_HT\n"));
>
> + rcu_read_lock();
> sta = ieee80211_find_sta(mac->vif, mac->bssid);
>
> if (sta) {
> @@ -564,6 +565,7 @@ static void rtl_op_bss_info_changed(struct ieee80211_hw *hw,
> mac->current_ampdu_factor =
> sta->ht_cap.ampdu_factor;
> }
> + rcu_read_unlock();
>
> rtlpriv->cfg->ops->set_hw_reg(hw, HW_VAR_SHORTGI_DENSITY,
> (u8 *) (&mac->max_mss_density));
> @@ -615,6 +617,7 @@ static void rtl_op_bss_info_changed(struct ieee80211_hw *hw,
> else
> mac->mode = WIRELESS_MODE_G;
>
> + rcu_read_lock();
> sta = ieee80211_find_sta(mac->vif, mac->bssid);
>
> if (sta) {
> @@ -649,6 +652,7 @@ static void rtl_op_bss_info_changed(struct ieee80211_hw *hw,
> */
> }
> }
> + rcu_read_unlock();
>
> /*mac80211 just give us CCK rates any time
> *So we add G rate in basic rates when
> diff --git a/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c b/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c
> index bf5852f..8a8b0e2 100644
> --- a/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c
> +++ b/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c
> @@ -729,7 +729,7 @@ void rtl92ce_tx_fill_desc(struct ieee80211_hw *hw,
> struct rtl_ps_ctl *ppsc = rtl_psc(rtl_priv(hw));
> bool b_defaultadapter = true;
>
> - struct ieee80211_sta *sta = ieee80211_find_sta(mac->vif, mac->bssid);
> + struct ieee80211_sta *sta;
>
> u8 *pdesc = (u8 *) pdesc_tx;
> struct rtl_tcb_desc tcb_desc;
> @@ -811,10 +811,13 @@ void rtl92ce_tx_fill_desc(struct ieee80211_hw *hw,
> SET_TX_DESC_LINIP(pdesc, 0);
> SET_TX_DESC_PKT_SIZE(pdesc, (u16) skb->len);
>
> + rcu_read_lock();
> + sta = ieee80211_find_sta(mac->vif, mac->bssid);
> if (sta) {
> u8 ampdu_density = sta->ht_cap.ampdu_density;
> SET_TX_DESC_AMPDU_DENSITY(pdesc, ampdu_density);
> }
> + rcu_read_unlock();
>
> if (info->control.hw_key) {
> struct ieee80211_key_conf *keyconf =
When I turned RCU lock debugging on, I got the same diagnostic.
BTW, drivers/net/wireless/rtlwifi/rtl8192cu/trx.c has the same problem in
rtl92cu_tx_fill_desc() as you found in the rtl8192ce version of the routine. Do
you want to include that in a V2 of the patch, or should I prepare a second one?
For the content of this one, ACK.
Larry
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH] rtlwifi: Add the missing rcu_read_lock/unlock
2011-02-27 22:02 ` Larry Finger
@ 2011-02-28 17:46 ` Alessio Igor Bogani
2011-02-28 17:59 ` Larry Finger
0 siblings, 1 reply; 4+ messages in thread
From: Alessio Igor Bogani @ 2011-02-28 17:46 UTC (permalink / raw)
To: Larry Finger, Chaoming Li
Cc: linux-wireless, LKML, Tim Bird, Alessio Igor Bogani
===================================================
[ INFO: suspicious rcu_dereference_check() usage. ]
---------------------------------------------------
net/mac80211/sta_info.c:125 invoked rcu_dereference_check() without protection!
other info that might help us debug this:
rcu_scheduler_active = 1, debug_locks = 0
5 locks held by wpa_supplicant/468:
#0: (rtnl_mutex){+.+.+.}, at: [<c1465d84>] rtnl_lock+0x14/0x20
#1: (&rdev->mtx){+.+.+.}, at: [<f84b8c2b>] cfg80211_mgd_wext_siwfreq+0x6b/0x170 [cfg80211]
#2: (&rdev->devlist_mtx){+.+.+.}, at: [<f84b8c37>] cfg80211_mgd_wext_siwfreq+0x77/0x170 [cfg80211]
#3: (&wdev->mtx){+.+.+.}, at: [<f84b8c44>] cfg80211_mgd_wext_siwfreq+0x84/0x170 [cfg80211]
#4: (&rtlpriv->locks.conf_mutex){+.+.+.}, at: [<f8506476>] rtl_op_bss_info_changed+0x26/0xc10 [rtlwifi]
stack backtrace:
Pid: 468, comm: wpa_supplicant Not tainted 2.6.38-rc6+ #79
Call Trace:
[<c108806a>] ? lockdep_rcu_dereference+0xaa/0xb0
[<f8523d2c>] ? sta_info_get_bss+0x19c/0x1b0 [mac80211]
[<f8523d62>] ? ieee80211_find_sta+0x22/0x40 [mac80211]
[<f850661c>] ? rtl_op_bss_info_changed+0x1cc/0xc10 [rtlwifi]
[<c153671c>] ? __mutex_unlock_slowpath+0x14c/0x160
[<c153673d>] ? mutex_unlock+0xd/0x10
[<f8507180>] ? rtl_op_config+0x120/0x310 [rtlwifi]
[<c10896db>] ? trace_hardirqs_on+0xb/0x10
[<f8522169>] ? ieee80211_bss_info_change_notify+0xf9/0x1f0 [mac80211]
[<f8506450>] ? rtl_op_bss_info_changed+0x0/0xc10 [rtlwifi]
[<f853646f>] ? ieee80211_set_channel+0xbf/0xd0 [mac80211]
[<f84b5f41>] ? cfg80211_set_freq+0x121/0x180 [cfg80211]
[<f85363b0>] ? ieee80211_set_channel+0x0/0xd0 [mac80211]
[<f84b8ceb>] ? cfg80211_mgd_wext_siwfreq+0x12b/0x170 [cfg80211]
[<f84b87eb>] ? cfg80211_wext_siwfreq+0x9b/0x100 [cfg80211]
[<c153b98b>] ? sub_preempt_count+0x7b/0xb0
[<c150f874>] ? ioctl_standard_call+0x74/0x3b0
[<c1465d84>] ? rtnl_lock+0x14/0x20
[<f84b8750>] ? cfg80211_wext_siwfreq+0x0/0x100 [cfg80211]
[<c14568bd>] ? __dev_get_by_name+0x8d/0xb0
[<c150fddb>] ? wext_handle_ioctl+0x16b/0x180
[<f84b8750>] ? cfg80211_wext_siwfreq+0x0/0x100 [cfg80211]
[<c145bc7a>] ? dev_ioctl+0x5ba/0x720
[<c108a947>] ? __lock_acquire+0x3e7/0x19b0
[<c1443b0b>] ? sock_ioctl+0x1eb/0x290
[<c108bfa5>] ? lock_release_non_nested+0x95/0x2f0
[<c1443920>] ? sock_ioctl+0x0/0x290
[<c114d74d>] ? do_vfs_ioctl+0x7d/0x5c0
[<c1112232>] ? might_fault+0x62/0xb0
[<c113e3c6>] ? fget_light+0x226/0x390
[<c1112278>] ? might_fault+0xa8/0xb0
[<c114dd17>] ? sys_ioctl+0x87/0x90
[<c1002f9f>] ? sysenter_do_call+0x12/0x38
This work was supported by a hardware donation from the CE Linux Forum.
Signed-off-by: Alessio Igor Bogani <abogani@kernel.org>
---
drivers/net/wireless/rtlwifi/core.c | 4 ++++
drivers/net/wireless/rtlwifi/rtl8192ce/trx.c | 5 ++++-
drivers/net/wireless/rtlwifi/rtl8192cu/trx.c | 5 ++++-
3 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/drivers/net/wireless/rtlwifi/core.c b/drivers/net/wireless/rtlwifi/core.c
index 059ab03..e4f4aee 100644
--- a/drivers/net/wireless/rtlwifi/core.c
+++ b/drivers/net/wireless/rtlwifi/core.c
@@ -551,6 +551,7 @@ static void rtl_op_bss_info_changed(struct ieee80211_hw *hw,
RT_TRACE(rtlpriv, COMP_MAC80211, DBG_TRACE,
("BSS_CHANGED_HT\n"));
+ rcu_read_lock();
sta = ieee80211_find_sta(mac->vif, mac->bssid);
if (sta) {
@@ -563,6 +564,7 @@ static void rtl_op_bss_info_changed(struct ieee80211_hw *hw,
mac->current_ampdu_factor =
sta->ht_cap.ampdu_factor;
}
+ rcu_read_unlock();
rtlpriv->cfg->ops->set_hw_reg(hw, HW_VAR_SHORTGI_DENSITY,
(u8 *) (&mac->max_mss_density));
@@ -614,6 +616,7 @@ static void rtl_op_bss_info_changed(struct ieee80211_hw *hw,
else
mac->mode = WIRELESS_MODE_G;
+ rcu_read_lock();
sta = ieee80211_find_sta(mac->vif, mac->bssid);
if (sta) {
@@ -648,6 +651,7 @@ static void rtl_op_bss_info_changed(struct ieee80211_hw *hw,
*/
}
}
+ rcu_read_unlock();
/*mac80211 just give us CCK rates any time
*So we add G rate in basic rates when
diff --git a/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c b/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c
index 8a67372..e14f743 100644
--- a/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c
+++ b/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c
@@ -730,7 +730,7 @@ void rtl92ce_tx_fill_desc(struct ieee80211_hw *hw,
struct rtl_pci *rtlpci = rtl_pcidev(rtl_pcipriv(hw));
struct rtl_ps_ctl *ppsc = rtl_psc(rtl_priv(hw));
bool defaultadapter = true;
- struct ieee80211_sta *sta = ieee80211_find_sta(mac->vif, mac->bssid);
+ struct ieee80211_sta *sta;
u8 *pdesc = (u8 *) pdesc_tx;
struct rtl_tcb_desc tcb_desc;
u8 *qc = ieee80211_get_qos_ctl(hdr);
@@ -810,10 +810,13 @@ void rtl92ce_tx_fill_desc(struct ieee80211_hw *hw,
SET_TX_DESC_LINIP(pdesc, 0);
SET_TX_DESC_PKT_SIZE(pdesc, (u16) skb->len);
+ rcu_read_lock();
+ sta = ieee80211_find_sta(mac->vif, mac->bssid);
if (sta) {
u8 ampdu_density = sta->ht_cap.ampdu_density;
SET_TX_DESC_AMPDU_DENSITY(pdesc, ampdu_density);
}
+ rcu_read_unlock();
if (info->control.hw_key) {
struct ieee80211_key_conf *keyconf =
diff --git a/drivers/net/wireless/rtlwifi/rtl8192cu/trx.c b/drivers/net/wireless/rtlwifi/rtl8192cu/trx.c
index 659e0ca..d0b0d43 100644
--- a/drivers/net/wireless/rtlwifi/rtl8192cu/trx.c
+++ b/drivers/net/wireless/rtlwifi/rtl8192cu/trx.c
@@ -504,7 +504,7 @@ void rtl92cu_tx_fill_desc(struct ieee80211_hw *hw,
struct rtl_mac *mac = rtl_mac(rtl_priv(hw));
struct rtl_ps_ctl *ppsc = rtl_psc(rtl_priv(hw));
bool defaultadapter = true;
- struct ieee80211_sta *sta = ieee80211_find_sta(mac->vif, mac->bssid);
+ struct ieee80211_sta *sta;
struct rtl_tcb_desc tcb_desc;
u8 *qc = ieee80211_get_qos_ctl(hdr);
u8 tid = qc[0] & IEEE80211_QOS_CTL_TID_MASK;
@@ -562,10 +562,13 @@ void rtl92cu_tx_fill_desc(struct ieee80211_hw *hw,
SET_TX_DESC_DATA_BW(txdesc, 0);
SET_TX_DESC_DATA_SC(txdesc, 0);
}
+ rcu_read_lock();
+ sta = ieee80211_find_sta(mac->vif, mac->bssid);
if (sta) {
u8 ampdu_density = sta->ht_cap.ampdu_density;
SET_TX_DESC_AMPDU_DENSITY(txdesc, ampdu_density);
}
+ rcu_read_unlock();
if (info->control.hw_key) {
struct ieee80211_key_conf *keyconf = info->control.hw_key;
switch (keyconf->cipher) {
--
1.7.4.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] rtlwifi: Add the missing rcu_read_lock/unlock
2011-02-28 17:46 ` Alessio Igor Bogani
@ 2011-02-28 17:59 ` Larry Finger
0 siblings, 0 replies; 4+ messages in thread
From: Larry Finger @ 2011-02-28 17:59 UTC (permalink / raw)
To: Alessio Igor Bogani, John Linville
Cc: Chaoming Li, linux-wireless, LKML, Tim Bird
On 02/28/2011 11:46 AM, Alessio Igor Bogani wrote:
> ===================================================
> [ INFO: suspicious rcu_dereference_check() usage. ]
> ---------------------------------------------------
> net/mac80211/sta_info.c:125 invoked rcu_dereference_check() without protection!
>
> other info that might help us debug this:
>
> rcu_scheduler_active = 1, debug_locks = 0
> 5 locks held by wpa_supplicant/468:
> #0: (rtnl_mutex){+.+.+.}, at: [<c1465d84>] rtnl_lock+0x14/0x20
> #1: (&rdev->mtx){+.+.+.}, at: [<f84b8c2b>] cfg80211_mgd_wext_siwfreq+0x6b/0x170 [cfg80211]
> #2: (&rdev->devlist_mtx){+.+.+.}, at: [<f84b8c37>] cfg80211_mgd_wext_siwfreq+0x77/0x170 [cfg80211]
> #3: (&wdev->mtx){+.+.+.}, at: [<f84b8c44>] cfg80211_mgd_wext_siwfreq+0x84/0x170 [cfg80211]
> #4: (&rtlpriv->locks.conf_mutex){+.+.+.}, at: [<f8506476>] rtl_op_bss_info_changed+0x26/0xc10 [rtlwifi]
>
> stack backtrace:
> Pid: 468, comm: wpa_supplicant Not tainted 2.6.38-rc6+ #79
> Call Trace:
> [<c108806a>] ? lockdep_rcu_dereference+0xaa/0xb0
> [<f8523d2c>] ? sta_info_get_bss+0x19c/0x1b0 [mac80211]
> [<f8523d62>] ? ieee80211_find_sta+0x22/0x40 [mac80211]
> [<f850661c>] ? rtl_op_bss_info_changed+0x1cc/0xc10 [rtlwifi]
> [<c153671c>] ? __mutex_unlock_slowpath+0x14c/0x160
> [<c153673d>] ? mutex_unlock+0xd/0x10
> [<f8507180>] ? rtl_op_config+0x120/0x310 [rtlwifi]
> [<c10896db>] ? trace_hardirqs_on+0xb/0x10
> [<f8522169>] ? ieee80211_bss_info_change_notify+0xf9/0x1f0 [mac80211]
> [<f8506450>] ? rtl_op_bss_info_changed+0x0/0xc10 [rtlwifi]
> [<f853646f>] ? ieee80211_set_channel+0xbf/0xd0 [mac80211]
> [<f84b5f41>] ? cfg80211_set_freq+0x121/0x180 [cfg80211]
> [<f85363b0>] ? ieee80211_set_channel+0x0/0xd0 [mac80211]
> [<f84b8ceb>] ? cfg80211_mgd_wext_siwfreq+0x12b/0x170 [cfg80211]
> [<f84b87eb>] ? cfg80211_wext_siwfreq+0x9b/0x100 [cfg80211]
> [<c153b98b>] ? sub_preempt_count+0x7b/0xb0
> [<c150f874>] ? ioctl_standard_call+0x74/0x3b0
> [<c1465d84>] ? rtnl_lock+0x14/0x20
> [<f84b8750>] ? cfg80211_wext_siwfreq+0x0/0x100 [cfg80211]
> [<c14568bd>] ? __dev_get_by_name+0x8d/0xb0
> [<c150fddb>] ? wext_handle_ioctl+0x16b/0x180
> [<f84b8750>] ? cfg80211_wext_siwfreq+0x0/0x100 [cfg80211]
> [<c145bc7a>] ? dev_ioctl+0x5ba/0x720
> [<c108a947>] ? __lock_acquire+0x3e7/0x19b0
> [<c1443b0b>] ? sock_ioctl+0x1eb/0x290
> [<c108bfa5>] ? lock_release_non_nested+0x95/0x2f0
> [<c1443920>] ? sock_ioctl+0x0/0x290
> [<c114d74d>] ? do_vfs_ioctl+0x7d/0x5c0
> [<c1112232>] ? might_fault+0x62/0xb0
> [<c113e3c6>] ? fget_light+0x226/0x390
> [<c1112278>] ? might_fault+0xa8/0xb0
> [<c114dd17>] ? sys_ioctl+0x87/0x90
> [<c1002f9f>] ? sysenter_do_call+0x12/0x38
>
> This work was supported by a hardware donation from the CE Linux Forum.
>
> Signed-off-by: Alessio Igor Bogani<abogani@kernel.org>
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
> ---
> drivers/net/wireless/rtlwifi/core.c | 4 ++++
> drivers/net/wireless/rtlwifi/rtl8192ce/trx.c | 5 ++++-
> drivers/net/wireless/rtlwifi/rtl8192cu/trx.c | 5 ++++-
> 3 files changed, 12 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/net/wireless/rtlwifi/core.c b/drivers/net/wireless/rtlwifi/core.c
> index 059ab03..e4f4aee 100644
> --- a/drivers/net/wireless/rtlwifi/core.c
> +++ b/drivers/net/wireless/rtlwifi/core.c
> @@ -551,6 +551,7 @@ static void rtl_op_bss_info_changed(struct ieee80211_hw *hw,
> RT_TRACE(rtlpriv, COMP_MAC80211, DBG_TRACE,
> ("BSS_CHANGED_HT\n"));
>
> + rcu_read_lock();
> sta = ieee80211_find_sta(mac->vif, mac->bssid);
>
> if (sta) {
> @@ -563,6 +564,7 @@ static void rtl_op_bss_info_changed(struct ieee80211_hw *hw,
> mac->current_ampdu_factor =
> sta->ht_cap.ampdu_factor;
> }
> + rcu_read_unlock();
>
> rtlpriv->cfg->ops->set_hw_reg(hw, HW_VAR_SHORTGI_DENSITY,
> (u8 *) (&mac->max_mss_density));
> @@ -614,6 +616,7 @@ static void rtl_op_bss_info_changed(struct ieee80211_hw *hw,
> else
> mac->mode = WIRELESS_MODE_G;
>
> + rcu_read_lock();
> sta = ieee80211_find_sta(mac->vif, mac->bssid);
>
> if (sta) {
> @@ -648,6 +651,7 @@ static void rtl_op_bss_info_changed(struct ieee80211_hw *hw,
> */
> }
> }
> + rcu_read_unlock();
>
> /*mac80211 just give us CCK rates any time
> *So we add G rate in basic rates when
> diff --git a/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c b/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c
> index 8a67372..e14f743 100644
> --- a/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c
> +++ b/drivers/net/wireless/rtlwifi/rtl8192ce/trx.c
> @@ -730,7 +730,7 @@ void rtl92ce_tx_fill_desc(struct ieee80211_hw *hw,
> struct rtl_pci *rtlpci = rtl_pcidev(rtl_pcipriv(hw));
> struct rtl_ps_ctl *ppsc = rtl_psc(rtl_priv(hw));
> bool defaultadapter = true;
> - struct ieee80211_sta *sta = ieee80211_find_sta(mac->vif, mac->bssid);
> + struct ieee80211_sta *sta;
> u8 *pdesc = (u8 *) pdesc_tx;
> struct rtl_tcb_desc tcb_desc;
> u8 *qc = ieee80211_get_qos_ctl(hdr);
> @@ -810,10 +810,13 @@ void rtl92ce_tx_fill_desc(struct ieee80211_hw *hw,
> SET_TX_DESC_LINIP(pdesc, 0);
> SET_TX_DESC_PKT_SIZE(pdesc, (u16) skb->len);
>
> + rcu_read_lock();
> + sta = ieee80211_find_sta(mac->vif, mac->bssid);
> if (sta) {
> u8 ampdu_density = sta->ht_cap.ampdu_density;
> SET_TX_DESC_AMPDU_DENSITY(pdesc, ampdu_density);
> }
> + rcu_read_unlock();
>
> if (info->control.hw_key) {
> struct ieee80211_key_conf *keyconf =
> diff --git a/drivers/net/wireless/rtlwifi/rtl8192cu/trx.c b/drivers/net/wireless/rtlwifi/rtl8192cu/trx.c
> index 659e0ca..d0b0d43 100644
> --- a/drivers/net/wireless/rtlwifi/rtl8192cu/trx.c
> +++ b/drivers/net/wireless/rtlwifi/rtl8192cu/trx.c
> @@ -504,7 +504,7 @@ void rtl92cu_tx_fill_desc(struct ieee80211_hw *hw,
> struct rtl_mac *mac = rtl_mac(rtl_priv(hw));
> struct rtl_ps_ctl *ppsc = rtl_psc(rtl_priv(hw));
> bool defaultadapter = true;
> - struct ieee80211_sta *sta = ieee80211_find_sta(mac->vif, mac->bssid);
> + struct ieee80211_sta *sta;
> struct rtl_tcb_desc tcb_desc;
> u8 *qc = ieee80211_get_qos_ctl(hdr);
> u8 tid = qc[0]& IEEE80211_QOS_CTL_TID_MASK;
> @@ -562,10 +562,13 @@ void rtl92cu_tx_fill_desc(struct ieee80211_hw *hw,
> SET_TX_DESC_DATA_BW(txdesc, 0);
> SET_TX_DESC_DATA_SC(txdesc, 0);
> }
> + rcu_read_lock();
> + sta = ieee80211_find_sta(mac->vif, mac->bssid);
> if (sta) {
> u8 ampdu_density = sta->ht_cap.ampdu_density;
> SET_TX_DESC_AMPDU_DENSITY(txdesc, ampdu_density);
> }
> + rcu_read_unlock();
> if (info->control.hw_key) {
> struct ieee80211_key_conf *keyconf = info->control.hw_key;
> switch (keyconf->cipher) {
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2011-02-28 17:59 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-02-27 20:59 [PATCH] rtlwifi: Add the missing rcu_read_lock/unlock Alessio Igor Bogani
2011-02-27 22:02 ` Larry Finger
2011-02-28 17:46 ` Alessio Igor Bogani
2011-02-28 17:59 ` Larry Finger
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).