diff options
Diffstat (limited to 'recipes-kernel/linux/linux-ti33x-psp-3.2/3.2.22/0022-cfg80211-fix-potential-deadlock-in-regulatory.patch')
-rw-r--r-- | recipes-kernel/linux/linux-ti33x-psp-3.2/3.2.22/0022-cfg80211-fix-potential-deadlock-in-regulatory.patch | 144 |
1 files changed, 144 insertions, 0 deletions
diff --git a/recipes-kernel/linux/linux-ti33x-psp-3.2/3.2.22/0022-cfg80211-fix-potential-deadlock-in-regulatory.patch b/recipes-kernel/linux/linux-ti33x-psp-3.2/3.2.22/0022-cfg80211-fix-potential-deadlock-in-regulatory.patch new file mode 100644 index 00000000..fe1bc4b2 --- /dev/null +++ b/recipes-kernel/linux/linux-ti33x-psp-3.2/3.2.22/0022-cfg80211-fix-potential-deadlock-in-regulatory.patch | |||
@@ -0,0 +1,144 @@ | |||
1 | From 76f7c2172698cade04f33c7f8841b641c95ddeda Mon Sep 17 00:00:00 2001 | ||
2 | From: Eliad Peller <eliad@wizery.com> | ||
3 | Date: Tue, 12 Jun 2012 12:53:13 +0300 | ||
4 | Subject: [PATCH 22/46] cfg80211: fix potential deadlock in regulatory | ||
5 | |||
6 | commit fe20b39ec32e975f1054c0b7866c873a954adf05 upstream. | ||
7 | |||
8 | reg_timeout_work() calls restore_regulatory_settings() which | ||
9 | takes cfg80211_mutex. | ||
10 | |||
11 | reg_set_request_processed() already holds cfg80211_mutex | ||
12 | before calling cancel_delayed_work_sync(reg_timeout), | ||
13 | so it might deadlock. | ||
14 | |||
15 | Call the async cancel_delayed_work instead, in order | ||
16 | to avoid the potential deadlock. | ||
17 | |||
18 | This is the relevant lockdep warning: | ||
19 | |||
20 | cfg80211: Calling CRDA for country: XX | ||
21 | |||
22 | ====================================================== | ||
23 | [ INFO: possible circular locking dependency detected ] | ||
24 | 3.4.0-rc5-wl+ #26 Not tainted | ||
25 | ------------------------------------------------------- | ||
26 | kworker/0:2/1391 is trying to acquire lock: | ||
27 | (cfg80211_mutex){+.+.+.}, at: [<bf28ae00>] restore_regulatory_settings+0x34/0x418 [cfg80211] | ||
28 | |||
29 | but task is already holding lock: | ||
30 | ((reg_timeout).work){+.+...}, at: [<c0059e94>] process_one_work+0x1f0/0x480 | ||
31 | |||
32 | which lock already depends on the new lock. | ||
33 | |||
34 | the existing dependency chain (in reverse order) is: | ||
35 | |||
36 | -> #2 ((reg_timeout).work){+.+...}: | ||
37 | [<c008fd44>] validate_chain+0xb94/0x10f0 | ||
38 | [<c0090b68>] __lock_acquire+0x8c8/0x9b0 | ||
39 | [<c0090d40>] lock_acquire+0xf0/0x114 | ||
40 | [<c005b600>] wait_on_work+0x4c/0x154 | ||
41 | [<c005c000>] __cancel_work_timer+0xd4/0x11c | ||
42 | [<c005c064>] cancel_delayed_work_sync+0x1c/0x20 | ||
43 | [<bf28b274>] reg_set_request_processed+0x50/0x78 [cfg80211] | ||
44 | [<bf28bd84>] set_regdom+0x550/0x600 [cfg80211] | ||
45 | [<bf294cd8>] nl80211_set_reg+0x218/0x258 [cfg80211] | ||
46 | [<c03c7738>] genl_rcv_msg+0x1a8/0x1e8 | ||
47 | [<c03c6a00>] netlink_rcv_skb+0x5c/0xc0 | ||
48 | [<c03c7584>] genl_rcv+0x28/0x34 | ||
49 | [<c03c6720>] netlink_unicast+0x15c/0x228 | ||
50 | [<c03c6c7c>] netlink_sendmsg+0x218/0x298 | ||
51 | [<c03933c8>] sock_sendmsg+0xa4/0xc0 | ||
52 | [<c039406c>] __sys_sendmsg+0x1e4/0x268 | ||
53 | [<c0394228>] sys_sendmsg+0x4c/0x70 | ||
54 | [<c0013840>] ret_fast_syscall+0x0/0x3c | ||
55 | |||
56 | -> #1 (reg_mutex){+.+.+.}: | ||
57 | [<c008fd44>] validate_chain+0xb94/0x10f0 | ||
58 | [<c0090b68>] __lock_acquire+0x8c8/0x9b0 | ||
59 | [<c0090d40>] lock_acquire+0xf0/0x114 | ||
60 | [<c04734dc>] mutex_lock_nested+0x48/0x320 | ||
61 | [<bf28b2cc>] reg_todo+0x30/0x538 [cfg80211] | ||
62 | [<c0059f44>] process_one_work+0x2a0/0x480 | ||
63 | [<c005a4b4>] worker_thread+0x1bc/0x2bc | ||
64 | [<c0061148>] kthread+0x98/0xa4 | ||
65 | [<c0014af4>] kernel_thread_exit+0x0/0x8 | ||
66 | |||
67 | -> #0 (cfg80211_mutex){+.+.+.}: | ||
68 | [<c008ed58>] print_circular_bug+0x68/0x2cc | ||
69 | [<c008fb28>] validate_chain+0x978/0x10f0 | ||
70 | [<c0090b68>] __lock_acquire+0x8c8/0x9b0 | ||
71 | [<c0090d40>] lock_acquire+0xf0/0x114 | ||
72 | [<c04734dc>] mutex_lock_nested+0x48/0x320 | ||
73 | [<bf28ae00>] restore_regulatory_settings+0x34/0x418 [cfg80211] | ||
74 | [<bf28b200>] reg_timeout_work+0x1c/0x20 [cfg80211] | ||
75 | [<c0059f44>] process_one_work+0x2a0/0x480 | ||
76 | [<c005a4b4>] worker_thread+0x1bc/0x2bc | ||
77 | [<c0061148>] kthread+0x98/0xa4 | ||
78 | [<c0014af4>] kernel_thread_exit+0x0/0x8 | ||
79 | |||
80 | other info that might help us debug this: | ||
81 | |||
82 | Chain exists of: | ||
83 | cfg80211_mutex --> reg_mutex --> (reg_timeout).work | ||
84 | |||
85 | Possible unsafe locking scenario: | ||
86 | |||
87 | CPU0 CPU1 | ||
88 | ---- ---- | ||
89 | lock((reg_timeout).work); | ||
90 | lock(reg_mutex); | ||
91 | lock((reg_timeout).work); | ||
92 | lock(cfg80211_mutex); | ||
93 | |||
94 | *** DEADLOCK *** | ||
95 | |||
96 | 2 locks held by kworker/0:2/1391: | ||
97 | #0: (events){.+.+.+}, at: [<c0059e94>] process_one_work+0x1f0/0x480 | ||
98 | #1: ((reg_timeout).work){+.+...}, at: [<c0059e94>] process_one_work+0x1f0/0x480 | ||
99 | |||
100 | stack backtrace: | ||
101 | [<c001b928>] (unwind_backtrace+0x0/0x12c) from [<c0471d3c>] (dump_stack+0x20/0x24) | ||
102 | [<c0471d3c>] (dump_stack+0x20/0x24) from [<c008ef70>] (print_circular_bug+0x280/0x2cc) | ||
103 | [<c008ef70>] (print_circular_bug+0x280/0x2cc) from [<c008fb28>] (validate_chain+0x978/0x10f0) | ||
104 | [<c008fb28>] (validate_chain+0x978/0x10f0) from [<c0090b68>] (__lock_acquire+0x8c8/0x9b0) | ||
105 | [<c0090b68>] (__lock_acquire+0x8c8/0x9b0) from [<c0090d40>] (lock_acquire+0xf0/0x114) | ||
106 | [<c0090d40>] (lock_acquire+0xf0/0x114) from [<c04734dc>] (mutex_lock_nested+0x48/0x320) | ||
107 | [<c04734dc>] (mutex_lock_nested+0x48/0x320) from [<bf28ae00>] (restore_regulatory_settings+0x34/0x418 [cfg80211]) | ||
108 | [<bf28ae00>] (restore_regulatory_settings+0x34/0x418 [cfg80211]) from [<bf28b200>] (reg_timeout_work+0x1c/0x20 [cfg80211]) | ||
109 | [<bf28b200>] (reg_timeout_work+0x1c/0x20 [cfg80211]) from [<c0059f44>] (process_one_work+0x2a0/0x480) | ||
110 | [<c0059f44>] (process_one_work+0x2a0/0x480) from [<c005a4b4>] (worker_thread+0x1bc/0x2bc) | ||
111 | [<c005a4b4>] (worker_thread+0x1bc/0x2bc) from [<c0061148>] (kthread+0x98/0xa4) | ||
112 | [<c0061148>] (kthread+0x98/0xa4) from [<c0014af4>] (kernel_thread_exit+0x0/0x8) | ||
113 | cfg80211: Calling CRDA to update world regulatory domain | ||
114 | cfg80211: World regulatory domain updated: | ||
115 | cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp) | ||
116 | cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (300 mBi, 2000 mBm) | ||
117 | cfg80211: (2457000 KHz - 2482000 KHz @ 20000 KHz), (300 mBi, 2000 mBm) | ||
118 | cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (300 mBi, 2000 mBm) | ||
119 | cfg80211: (5170000 KHz - 5250000 KHz @ 40000 KHz), (300 mBi, 2000 mBm) | ||
120 | cfg80211: (5735000 KHz - 5835000 KHz @ 40000 KHz), (300 mBi, 2000 mBm) | ||
121 | |||
122 | Signed-off-by: Eliad Peller <eliad@wizery.com> | ||
123 | Signed-off-by: Johannes Berg <johannes.berg@intel.com> | ||
124 | Signed-off-by: Ben Hutchings <ben@decadent.org.uk> | ||
125 | --- | ||
126 | net/wireless/reg.c | 2 +- | ||
127 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
128 | |||
129 | diff --git a/net/wireless/reg.c b/net/wireless/reg.c | ||
130 | index c1c99dd..d57d05b 100644 | ||
131 | --- a/net/wireless/reg.c | ||
132 | +++ b/net/wireless/reg.c | ||
133 | @@ -1369,7 +1369,7 @@ static void reg_set_request_processed(void) | ||
134 | spin_unlock(®_requests_lock); | ||
135 | |||
136 | if (last_request->initiator == NL80211_REGDOM_SET_BY_USER) | ||
137 | - cancel_delayed_work_sync(®_timeout); | ||
138 | + cancel_delayed_work(®_timeout); | ||
139 | |||
140 | if (need_more_processing) | ||
141 | schedule_work(®_work); | ||
142 | -- | ||
143 | 1.7.10 | ||
144 | |||