kernel-ark/net/mac80211
Mohammed Shafi Shajakhan b57e6b560f mac80211: Fix a rwlock bad magic bug
read_lock(&tpt_trig->trig.leddev_list_lock) is accessed via the path
ieee80211_open (->) ieee80211_do_open (->) ieee80211_mod_tpt_led_trig
(->) ieee80211_start_tpt_led_trig (->) tpt_trig_timer before initializing
it.
the intilization of this read/write lock happens via the path
ieee80211_led_init (->) led_trigger_register, but we are doing
'ieee80211_led_init'  after 'ieeee80211_if_add' where we
register netdev_ops.
so we access leddev_list_lock before initializing it and causes the
following bug in chrome laptops with AR928X cards with the following
script

while true
do
sudo modprobe -v ath9k
sleep 3
sudo modprobe -r ath9k
sleep 3
done

	BUG: rwlock bad magic on CPU#1, wpa_supplicant/358, f5b9eccc
	Pid: 358, comm: wpa_supplicant Not tainted 3.0.13 #1
	Call Trace:

	[<8137b9df>] rwlock_bug+0x3d/0x47
	[<81179830>] do_raw_read_lock+0x19/0x29
	[<8137f063>] _raw_read_lock+0xd/0xf
	[<f9081957>] tpt_trig_timer+0xc3/0x145 [mac80211]
	[<f9081f3a>] ieee80211_mod_tpt_led_trig+0x152/0x174 [mac80211]
	[<f9076a3f>] ieee80211_do_open+0x11e/0x42e [mac80211]
	[<f9075390>] ? ieee80211_check_concurrent_iface+0x26/0x13c [mac80211]
	[<f9076d97>] ieee80211_open+0x48/0x4c [mac80211]
	[<812dbed8>] __dev_open+0x82/0xab
	[<812dc0c9>] __dev_change_flags+0x9c/0x113
	[<812dc1ae>] dev_change_flags+0x18/0x44
	[<8132144f>] devinet_ioctl+0x243/0x51a
	[<81321ba9>] inet_ioctl+0x93/0xac
	[<812cc951>] sock_ioctl+0x1c6/0x1ea
	[<812cc78b>] ? might_fault+0x20/0x20
	[<810b1ebb>] do_vfs_ioctl+0x46e/0x4a2
	[<810a6ebb>] ? fget_light+0x2f/0x70
	[<812ce549>] ? sys_recvmsg+0x3e/0x48
	[<810b1f35>] sys_ioctl+0x46/0x69
	[<8137fa77>] sysenter_do_call+0x12/0x2

Cc: <stable@vger.kernel.org>
Cc: Gary Morain <gmorain@google.com>
Cc: Paul Stewart <pstew@google.com>
Cc: Abhijit Pradhan <abhijit@qca.qualcomm.com>
Cc: Vasanthakumar Thiagarajan <vthiagar@qca.qualcomm.com>
Cc: Rajkumar Manoharan <rmanohar@qca.qualcomm.com>
Acked-by: Johannes Berg <johannes.berg@intel.com>
Tested-by: Mohammed Shafi Shajakhan <mohammed@qca.qualcomm.com>
Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-02-09 15:16:04 -05:00
..
aes_ccm.c
aes_ccm.h
aes_cmac.c
aes_cmac.h
agg-rx.c net: reintroduce missing rcu_assign_pointer() calls 2012-01-12 12:26:56 -08:00
agg-tx.c mac80211: split addba retries in time 2011-12-19 14:31:37 -05:00
cfg.c mac80211: fix no-op authorized transitions 2012-01-13 14:40:58 -05:00
cfg.h
chan.c
debugfs_key.c mac80211: fix debugfs key->station symlink 2012-01-18 14:38:05 -05:00
debugfs_key.h
debugfs_netdev.c mac80211: count authorized stations per BSS 2011-12-15 14:46:34 -05:00
debugfs_netdev.h
debugfs_sta.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless 2011-12-02 15:44:03 -05:00
debugfs_sta.h
debugfs.c mac80211: remove debugfs noack test 2011-11-28 14:34:15 -05:00
debugfs.h
driver-ops.h mac80211: do not pass AP VLAN vif pointers to drivers 2011-11-28 14:43:52 -05:00
driver-trace.c
driver-trace.h mac80211: remove tracing config symbol 2011-11-28 14:44:09 -05:00
event.c
ht.c mac80211: Use appropriate TID for sending BAR, ADDBA and DELBA frames 2011-12-15 14:46:35 -05:00
ibss.c mac80211: update oper_channel on ibss join 2012-01-24 14:47:09 -05:00
ieee80211_i.h mac80211: remove dead code 2012-01-04 14:31:47 -05:00
iface.c mac80211: set bss_conf.idle when vif is connected 2012-01-24 14:47:09 -05:00
Kconfig mac80211: remove tracing config symbol 2011-11-28 14:44:09 -05:00
key.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux 2011-11-22 14:05:46 -05:00
key.h
led.c
led.h
main.c mac80211: Fix a rwlock bad magic bug 2012-02-09 15:16:04 -05:00
Makefile mac80211: remove tracing config symbol 2011-11-28 14:44:09 -05:00
mesh_hwmp.c mac80211: Use the right headroom size for mesh mgmt frames 2012-01-18 14:38:06 -05:00
mesh_pathtbl.c mac80211: don't initiate path discovery when forwarding frame with unknown DA 2011-11-28 14:44:07 -05:00
mesh_plink.c mac80211: Use the right headroom size for mesh mgmt frames 2012-01-18 14:38:06 -05:00
mesh.c {nl,cfg,mac}80211: implement dot11MeshHWMPperrMinInterval 2011-11-28 14:44:06 -05:00
mesh.h mac80211: don't initiate path discovery when forwarding frame with unknown DA 2011-11-28 14:44:07 -05:00
michael.c
michael.h
mlme.c mac80211: fix work removal on deauth request 2012-01-18 14:38:06 -05:00
offchannel.c mac80211: remove dead code 2012-01-04 14:31:47 -05:00
pm.c
rate.c
rate.h
rc80211_minstrel_debugfs.c
rc80211_minstrel_ht_debugfs.c
rc80211_minstrel_ht.c minstrel_ht: Remove unused function parameters 2011-11-17 15:43:58 -05:00
rc80211_minstrel_ht.h
rc80211_minstrel.c minstrel: Remove unused function parameter in calc_rate_durations() 2011-11-11 12:32:52 -05:00
rc80211_minstrel.h
rc80211_pid_algo.c net: fix assignment of 0/1 to bool variables. 2011-12-19 22:27:29 -05:00
rc80211_pid_debugfs.c
rc80211_pid.h
rx.c mac80211: timeout a single frame in the rx reorder buffer 2012-02-01 15:26:00 -05:00
scan.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem 2012-01-05 10:13:24 -05:00
spectmgmt.c
sta_info.c mac80211: Fix possible race between sta_unblock and network softirq 2012-01-17 10:12:27 -05:00
sta_info.h cfg80211: Return beacon loss count in station 2011-12-19 14:34:13 -05:00
status.c mac80211: Make use of ieee80211_is_* functions in tx status path 2011-12-13 15:30:46 -05:00
tkip.c
tkip.h
tx.c mac80211: fix tx->skb NULL pointer dereference 2012-01-16 15:01:16 -05:00
util.c mac80211: Call driver commands after drv_start in mac80211 restart code 2012-01-04 14:31:46 -05:00
wep.c mac80211: use skb list for fragments 2011-11-21 16:20:42 -05:00
wep.h
wme.c mac80211: fix forwarded mesh frame queue mapping 2011-11-28 14:44:05 -05:00
wme.h mac80211: fix forwarded mesh frame queue mapping 2011-11-28 14:44:05 -05:00
work.c mac80211: revert on-channel work optimisations 2011-11-30 15:08:31 -05:00
wpa.c mac80211: fix tx->skb NULL pointer dereference 2012-01-16 15:01:16 -05:00
wpa.h mac80211: fix tx->skb NULL pointer dereference 2012-01-16 15:01:16 -05:00