• Mohammed Shafi Shajakhan's avatar
    mac80211: Fix a rwlock bad magic bug · b57e6b56
    Mohammed Shafi Shajakhan authored
    read_lock(&tpt_trig->trig.leddev_list_lock) is accessed via the path
    ieee80211_open (->) ieee80211_do_open (->) ieee80211_mod_tpt_led_trig
    (->) ieee80211_start_tpt_led_trig (->) tpt_trig_timer before initializing
    it.
    the intilization of this read/write lock happens via the path
    ieee80211_led_init (->) led_trigger_register, but we are doing
    'ieee80211_led_init'  after 'ieeee80211_if_add' where we
    register netdev_ops.
    so we access leddev_list_lock before initializing it and causes the
    following bug in chrome laptops with AR928X cards with the following
    script
    
    while true
    do
    sudo modprobe -v ath9k
    sleep 3
    sudo modprobe -r ath9k
    sleep 3
    done
    
    	BUG: rwlock bad magic on CPU#1, wpa_supplicant/358, f5b9eccc
    	Pid: 358, comm: wpa_supplicant Not tainted 3.0.13 #1
    	Call Trace:
    
    	[<8137b9df>] rwlock_bug+0x3d/0x47
    	[<81179830>] do_raw_read_lock+0x19/0x29
    	[<8137f063>] _raw_read_lock+0xd/0xf
    	[<f9081957>] tpt_trig_timer+0xc3/0x145 [mac80211]
    	[<f9081f3a>] ieee80211_mod_tpt_led_trig+0x152/0x174 [mac80211]
    	[<f9076a3f>] ieee80211_do_open+0x11e/0x42e [mac80211]
    	[<f9075390>] ? ieee80211_check_concurrent_iface+0x26/0x13c [mac80211]
    	[<f9076d97>] ieee80211_open+0x48/0x4c [mac80211]
    	[<812dbed8>] __dev_open+0x82/0xab
    	[<812dc0c9>] __dev_change_flags+0x9c/0x113
    	[<812dc1ae>] dev_change_flags+0x18/0x44
    	[<8132144f>] devinet_ioctl+0x243/0x51a
    	[<81321ba9>] inet_ioctl+0x93/0xac
    	[<812cc951>] sock_ioctl+0x1c6/0x1ea
    	[<812cc78b>] ? might_fault+0x20/0x20
    	[<810b1ebb>] do_vfs_ioctl+0x46e/0x4a2
    	[<810a6ebb>] ? fget_light+0x2f/0x70
    	[<812ce549>] ? sys_recvmsg+0x3e/0x48
    	[<810b1f35>] sys_ioctl+0x46/0x69
    	[<8137fa77>] sysenter_do_call+0x12/0x2
    
    Cc: <stable@vger.kernel.org>
    Cc: Gary Morain <gmorain@google.com>
    Cc: Paul Stewart <pstew@google.com>
    Cc: Abhijit Pradhan <abhijit@qca.qualcomm.com>
    Cc: Vasanthakumar Thiagarajan <vthiagar@qca.qualcomm.com>
    Cc: Rajkumar Manoharan <rmanohar@qca.qualcomm.com>
    Acked-by: default avatarJohannes Berg <johannes.berg@intel.com>
    Tested-by: default avatarMohammed Shafi Shajakhan <mohammed@qca.qualcomm.com>
    Signed-off-by: default avatarMohammed Shafi Shajakhan <mohammed@qca.qualcomm.com>
    Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
    b57e6b56
main.c 29.4 KB