diff options
| author | Sumit Garg <[email protected]> | 2020-04-07 15:40:55 +0530 |
|---|---|---|
| committer | Johannes Berg <[email protected]> | 2020-04-15 09:31:58 +0200 |
| commit | 52e04b4ce5d03775b6a78f3ed1097480faacc9fd (patch) | |
| tree | 52ed2229408e9a93884f3b6ade206abba0ef1428 /scripts/bpf_helpers_doc.py | |
| parent | a710d21451ff2917b9004b65ba2f0db6380671d5 (diff) | |
mac80211: fix race in ieee80211_register_hw()
A race condition leading to a kernel crash is observed during invocation
of ieee80211_register_hw() on a dragonboard410c device having wcn36xx
driver built as a loadable module along with a wifi manager in user-space
waiting for a wifi device (wlanX) to be active.
Sequence diagram for a particular kernel crash scenario:
user-space ieee80211_register_hw() ieee80211_tasklet_handler()
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
| | |
|<---phy0----wiphy_register() |
|-----iwd if_add---->| |
| |<---IRQ----(RX packet)
| Kernel crash |
| due to unallocated |
| workqueue. |
| | |
| alloc_ordered_workqueue() |
| | |
| Misc wiphy init. |
| | |
| ieee80211_if_add() |
| | |
As evident from above sequence diagram, this race condition isn't specific
to a particular wifi driver but rather the initialization sequence in
ieee80211_register_hw() needs to be fixed. So re-order the initialization
sequence and the updated sequence diagram would look like:
user-space ieee80211_register_hw() ieee80211_tasklet_handler()
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
| | |
| alloc_ordered_workqueue() |
| | |
| Misc wiphy init. |
| | |
|<---phy0----wiphy_register() |
|-----iwd if_add---->| |
| |<---IRQ----(RX packet)
| | |
| ieee80211_if_add() |
| | |
Cc: [email protected]
Signed-off-by: Sumit Garg <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
[Johannes: fix rtnl imbalances]
Signed-off-by: Johannes Berg <[email protected]>
Diffstat (limited to 'scripts/bpf_helpers_doc.py')
0 files changed, 0 insertions, 0 deletions