* [PATCH 1/4] mwifiex: pcie: don't leak DMA buffers when removing
[not found] <20170311013924.73348-1-briannorris@chromium.org>
@ 2017-03-11 1:39 ` Brian Norris
2017-03-16 8:14 ` [1/4] " Kalle Valo
0 siblings, 1 reply; 2+ messages in thread
From: Brian Norris @ 2017-03-11 1:39 UTC (permalink / raw)
To: Amitkumar Karwar, Nishant Sarmukadam
Cc: Kalle Valo, linux-wireless, linux-kernel, Rajat Jain,
Brian Norris, stable
When PCIe FLR support was added, much of the remove/release code for
PCIe was migrated to ->down_dev(), but ->down_dev() is never called for
device removal. Let's refactor the cleanup to be done in both cases.
Also, drop the comments above mwifiex_cleanup_pcie(), because they were
clearly wrong, and it's better to have clear and obvious code than to
detail the code steps in comments anyway.
Fixes: 4c5dae59d2e9 ("mwifiex: add PCIe function level reset support")
Cc: <stable@vger.kernel.org>
Signed-off-by: Brian Norris <briannorris@chromium.org>
---
I don't think there's any code path in which we see ->down_dev() followed by
->cleanup_if(), with no ->up_dev() in between? (Or, what happens if PCIe FLR
fails?) But if so, then this could cause a double free. It could use a close
review.
drivers/net/wireless/marvell/mwifiex/pcie.c | 38 ++++++++++++++---------------
1 file changed, 19 insertions(+), 19 deletions(-)
diff --git a/drivers/net/wireless/marvell/mwifiex/pcie.c b/drivers/net/wireless/marvell/mwifiex/pcie.c
index 5438483fcefe..eae1cc58a310 100644
--- a/drivers/net/wireless/marvell/mwifiex/pcie.c
+++ b/drivers/net/wireless/marvell/mwifiex/pcie.c
@@ -2732,6 +2732,21 @@ static void mwifiex_pcie_device_dump(struct mwifiex_adapter *adapter)
schedule_work(&card->work);
}
+static void mwifiex_pcie_free_buffers(struct mwifiex_adapter *adapter)
+{
+ struct pcie_service_card *card = adapter->card;
+ const struct mwifiex_pcie_card_reg *reg = card->pcie.reg;
+
+ if (reg->sleep_cookie)
+ mwifiex_pcie_delete_sleep_cookie_buf(adapter);
+
+ mwifiex_pcie_delete_cmdrsp_buf(adapter);
+ mwifiex_pcie_delete_evtbd_ring(adapter);
+ mwifiex_pcie_delete_rxbd_ring(adapter);
+ mwifiex_pcie_delete_txbd_ring(adapter);
+ card->cmdrsp_buf = NULL;
+}
+
/*
* This function initializes the PCI-E host memory space, WCB rings, etc.
*
@@ -2843,13 +2858,6 @@ static int mwifiex_init_pcie(struct mwifiex_adapter *adapter)
/*
* This function cleans up the allocated card buffers.
- *
- * The following are freed by this function -
- * - TXBD ring buffers
- * - RXBD ring buffers
- * - Event BD ring buffers
- * - Command response ring buffer
- * - Sleep cookie buffer
*/
static void mwifiex_cleanup_pcie(struct mwifiex_adapter *adapter)
{
@@ -2868,6 +2876,8 @@ static void mwifiex_cleanup_pcie(struct mwifiex_adapter *adapter)
"Failed to write driver not-ready signature\n");
}
+ mwifiex_pcie_free_buffers(adapter);
+
if (pdev) {
pci_iounmap(pdev, card->pci_mmap);
pci_iounmap(pdev, card->pci_mmap1);
@@ -3119,10 +3129,7 @@ static void mwifiex_pcie_up_dev(struct mwifiex_adapter *adapter)
pci_iounmap(pdev, card->pci_mmap1);
}
-/* This function cleans up the PCI-E host memory space.
- * Some code is extracted from mwifiex_unregister_dev()
- *
- */
+/* This function cleans up the PCI-E host memory space. */
static void mwifiex_pcie_down_dev(struct mwifiex_adapter *adapter)
{
struct pcie_service_card *card = adapter->card;
@@ -3133,14 +3140,7 @@ static void mwifiex_pcie_down_dev(struct mwifiex_adapter *adapter)
adapter->seq_num = 0;
- if (reg->sleep_cookie)
- mwifiex_pcie_delete_sleep_cookie_buf(adapter);
-
- mwifiex_pcie_delete_cmdrsp_buf(adapter);
- mwifiex_pcie_delete_evtbd_ring(adapter);
- mwifiex_pcie_delete_rxbd_ring(adapter);
- mwifiex_pcie_delete_txbd_ring(adapter);
- card->cmdrsp_buf = NULL;
+ mwifiex_pcie_free_buffers(adapter);
}
static struct mwifiex_if_ops pcie_ops = {
--
2.12.0.246.ga2ecc84866-goog
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [1/4] mwifiex: pcie: don't leak DMA buffers when removing
2017-03-11 1:39 ` [PATCH 1/4] mwifiex: pcie: don't leak DMA buffers when removing Brian Norris
@ 2017-03-16 8:14 ` Kalle Valo
0 siblings, 0 replies; 2+ messages in thread
From: Kalle Valo @ 2017-03-16 8:14 UTC (permalink / raw)
To: Brian Norris
Cc: Amitkumar Karwar, Nishant Sarmukadam, linux-wireless,
linux-kernel, Rajat Jain, Brian Norris, stable
Brian Norris <briannorris@chromium.org> wrote:
> When PCIe FLR support was added, much of the remove/release code for
> PCIe was migrated to ->down_dev(), but ->down_dev() is never called for
> device removal. Let's refactor the cleanup to be done in both cases.
>
> Also, drop the comments above mwifiex_cleanup_pcie(), because they were
> clearly wrong, and it's better to have clear and obvious code than to
> detail the code steps in comments anyway.
>
> Fixes: 4c5dae59d2e9 ("mwifiex: add PCIe function level reset support")
> Cc: <stable@vger.kernel.org>
> Signed-off-by: Brian Norris <briannorris@chromium.org>
3 patches applied to wireless-drivers.git, thanks.
4e841d3eb929 mwifiex: pcie: don't leak DMA buffers when removing
ba1c7e45ec22 mwifiex: set adapter->dev before starting to use mwifiex_dbg()
36908c4e5b10 mwifiex: uninit wakeup info when removing device
--
https://patchwork.kernel.org/patch/9618297/
Documentation about submitting wireless patches and checking status
from patchwork:
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-03-16 8:14 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20170311013924.73348-1-briannorris@chromium.org>
2017-03-11 1:39 ` [PATCH 1/4] mwifiex: pcie: don't leak DMA buffers when removing Brian Norris
2017-03-16 8:14 ` [1/4] " Kalle Valo
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).