From 45b73af7f6020b1c3e3d7170d3b1ba86edabfc60 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= Date: Tue, 27 Sep 2016 06:58:01 +0200 Subject: mac80211: backport brcmfmac changes from 2016-09-26 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit All these patches are in wireless-drirvers-next. There is support for hidden SSID, few new devices and many fixes. Signed-off-by: Rafał Miłecki --- ...eck-rtnl_lock-is-locked-when-removing-int.patch | 111 +++++++++++++++++++++ 1 file changed, 111 insertions(+) create mode 100644 package/kernel/mac80211/patches/319-0012-brcmfmac-Check-rtnl_lock-is-locked-when-removing-int.patch (limited to 'package/kernel/mac80211/patches/319-0012-brcmfmac-Check-rtnl_lock-is-locked-when-removing-int.patch') diff --git a/package/kernel/mac80211/patches/319-0012-brcmfmac-Check-rtnl_lock-is-locked-when-removing-int.patch b/package/kernel/mac80211/patches/319-0012-brcmfmac-Check-rtnl_lock-is-locked-when-removing-int.patch new file mode 100644 index 0000000000..6105e6e57f --- /dev/null +++ b/package/kernel/mac80211/patches/319-0012-brcmfmac-Check-rtnl_lock-is-locked-when-removing-int.patch @@ -0,0 +1,111 @@ +From 15dacf880e49ce3ecee05eb1a0c6b8e363dbacdc Mon Sep 17 00:00:00 2001 +From: "mhiramat@kernel.org" +Date: Mon, 15 Aug 2016 18:40:57 +0900 +Subject: [PATCH] brcmfmac: Check rtnl_lock is locked when removing interface +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Check rtnl_lock is locked in brcmf_p2p_ifp_removed() by passing +rtnl_locked flag. Actually the caller brcmf_del_if() checks whether +the rtnl_lock is locked, but doesn't pass it to brcmf_p2p_ifp_removed(). + +Without this fix, wpa_supplicant goes softlockup with rtnl_lock +holding (this means all other process using netlink are locked up too) + +e.g. +[ 4495.876627] INFO: task wpa_supplicant:7307 blocked for more than 10 seconds. +[ 4495.876632] Tainted: G W 4.8.0-rc1+ #8 +[ 4495.876635] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. +[ 4495.876638] wpa_supplicant D ffff974c647b39a0 0 7307 1 0x00000000 +[ 4495.876644] ffff974c647b39a0 0000000000000000 ffff974c00000000 ffff974c7dc59c58 +[ 4495.876651] ffff974c6b7417c0 ffff974c645017c0 ffff974c647b4000 ffffffff86f16c08 +[ 4495.876657] ffff974c645017c0 0000000000000246 00000000ffffffff ffff974c647b39b8 +[ 4495.876664] Call Trace: +[ 4495.876671] [] schedule+0x3c/0x90 +[ 4495.876676] [] schedule_preempt_disabled+0x15/0x20 +[ 4495.876682] [] mutex_lock_nested+0x176/0x3b0 +[ 4495.876686] [] ? rtnl_lock+0x17/0x20 +[ 4495.876690] [] rtnl_lock+0x17/0x20 +[ 4495.876720] [] brcmf_p2p_ifp_removed+0x4d/0x70 [brcmfmac] +[ 4495.876741] [] brcmf_remove_interface+0x196/0x1b0 [brcmfmac] +[ 4495.876760] [] brcmf_p2p_del_vif+0x111/0x220 [brcmfmac] +[ 4495.876777] [] brcmf_cfg80211_del_iface+0x21b/0x270 [brcmfmac] +[ 4495.876820] [] nl80211_del_interface+0xfe/0x3a0 [cfg80211] +[ 4495.876825] [] genl_family_rcv_msg+0x1b5/0x370 +[ 4495.876832] [] ? trace_hardirqs_on+0xd/0x10 +[ 4495.876836] [] genl_rcv_msg+0x7d/0xb0 +[ 4495.876839] [] ? genl_family_rcv_msg+0x370/0x370 +[ 4495.876846] [] netlink_rcv_skb+0x97/0xb0 +[ 4495.876849] [] genl_rcv+0x28/0x40 +[ 4495.876854] [] netlink_unicast+0x1d3/0x2f0 +[ 4495.876860] [] ? netlink_unicast+0x14b/0x2f0 +[ 4495.876866] [] netlink_sendmsg+0x2eb/0x3a0 +[ 4495.876870] [] sock_sendmsg+0x38/0x50 +[ 4495.876874] [] ___sys_sendmsg+0x27f/0x290 +[ 4495.876882] [] ? mntput_no_expire+0x5/0x3f0 +[ 4495.876888] [] ? mntput_no_expire+0x8e/0x3f0 +[ 4495.876894] [] ? mntput_no_expire+0x5/0x3f0 +[ 4495.876899] [] ? mntput+0x24/0x40 +[ 4495.876904] [] ? __fput+0x190/0x200 +[ 4495.876909] [] __sys_sendmsg+0x45/0x80 +[ 4495.876914] [] SyS_sendmsg+0x12/0x20 +[ 4495.876918] [] entry_SYSCALL_64_fastpath+0x23/0xc1 +[ 4495.876924] [] ? trace_hardirqs_off_caller+0x1f/0xc0 + +Signed-off-by: Masami Hiramatsu +Acked-by: Rafał Miłecki +Signed-off-by: Kalle Valo +--- + drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c | 2 +- + drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c | 8 +++++--- + drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.h | 2 +- + 3 files changed, 7 insertions(+), 5 deletions(-) + +--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c ++++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c +@@ -743,7 +743,7 @@ static void brcmf_del_if(struct brcmf_pu + * serious troublesome side effects. The p2p module will clean + * up the ifp if needed. + */ +- brcmf_p2p_ifp_removed(ifp); ++ brcmf_p2p_ifp_removed(ifp, rtnl_locked); + kfree(ifp); + } + } +--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c ++++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c +@@ -2299,7 +2299,7 @@ int brcmf_p2p_del_vif(struct wiphy *wiph + return err; + } + +-void brcmf_p2p_ifp_removed(struct brcmf_if *ifp) ++void brcmf_p2p_ifp_removed(struct brcmf_if *ifp, bool rtnl_locked) + { + struct brcmf_cfg80211_info *cfg; + struct brcmf_cfg80211_vif *vif; +@@ -2308,9 +2308,11 @@ void brcmf_p2p_ifp_removed(struct brcmf_ + vif = ifp->vif; + cfg = wdev_to_cfg(&vif->wdev); + cfg->p2p.bss_idx[P2PAPI_BSSCFG_DEVICE].vif = NULL; +- rtnl_lock(); ++ if (!rtnl_locked) ++ rtnl_lock(); + cfg80211_unregister_wdev(&vif->wdev); +- rtnl_unlock(); ++ if (!rtnl_locked) ++ rtnl_unlock(); + brcmf_free_vif(vif); + } + +--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.h ++++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.h +@@ -155,7 +155,7 @@ struct wireless_dev *brcmf_p2p_add_vif(s + int brcmf_p2p_del_vif(struct wiphy *wiphy, struct wireless_dev *wdev); + int brcmf_p2p_ifchange(struct brcmf_cfg80211_info *cfg, + enum brcmf_fil_p2p_if_types if_type); +-void brcmf_p2p_ifp_removed(struct brcmf_if *ifp); ++void brcmf_p2p_ifp_removed(struct brcmf_if *ifp, bool rtnl_locked); + int brcmf_p2p_start_device(struct wiphy *wiphy, struct wireless_dev *wdev); + void brcmf_p2p_stop_device(struct wiphy *wiphy, struct wireless_dev *wdev); + int brcmf_p2p_scan_prep(struct wiphy *wiphy, -- cgit v1.2.3