Startsida Utforska Hjälp
Logga in
samsung-sm8650
/
android_kernel_samsung_sm8650-modules
2
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Bläddra i källkod

qcacld-3.0: Fix race condition in adapter iterator

In some race-condition, the adapter entry in the
adapter list gets deleted midway between an iteration
over the same list via another thread. Accessing this
stale entry leads to watchdog timeout due to infinite
loop.

Fix this by breaking out the iterator if the next iterator
entry is same as the current adapter entry being held.

Change-Id: Id91cbc43474927faec72a9e0dcaa56e935ccf63d
CRs-Fixed: 3390966
Surya Prakash Sivaraj 2 år sedan
förälder
084d4d76cb
incheckning
d70d29eb5f
2 ändrade filer med 27 tillägg och 0 borttagningar
Delad Vy Visa Diff Statistik
  1. 14 0
      core/hdd/inc/wlan_hdd_main.h
  2. 13 0
      core/hdd/src/wlan_hdd_main.c

+ 14 - 0
core/hdd/inc/wlan_hdd_main.h
Visa fil 

@@ -2452,6 +2452,19 @@ void hdd_adapter_dev_hold_debug(struct hdd_adapter *adapter,
 
 void hdd_adapter_dev_put_debug(struct hdd_adapter *adapter,
 
 			       wlan_net_dev_ref_dbgid dbgid);
 
 
+/**
 
+ * hdd_validate_next_adapter - API to check for infinite loop
 
+ *                             in the adapter list traversal
 
+ * @curr: current adapter pointer
 
+ * @next: next adapter pointer
 
+ * @dbg_id: Debug ID corresponding to API that is requesting the dev_put
 
+ *
 
+ * Return: None
 
+ */
 
+void hdd_validate_next_adapter(struct hdd_adapter **curr,
 
+			       struct hdd_adapter **next,
 
+			       wlan_net_dev_ref_dbgid dbg_id);
 
+
 
 /**
 
  * __hdd_take_ref_and_fetch_front_adapter_safe - Helper macro to lock, fetch
 
  * front and next adapters, take ref and unlock.
 
@@ -2483,6 +2496,7 @@ void hdd_adapter_dev_put_debug(struct hdd_adapter *adapter,
 
 	qdf_spin_lock_bh(&hdd_ctx->hdd_adapter_lock), \
 
 	adapter = next_adapter, \
 
 	hdd_get_next_adapter_no_lock(hdd_ctx, adapter, &next_adapter), \
 
+	hdd_validate_next_adapter(&adapter, &next_adapter, dbgid), \
 
 	(next_adapter) ? hdd_adapter_dev_hold_debug(next_adapter, dbgid) : \
 
 			 (false), \
 
 	qdf_spin_unlock_bh(&hdd_ctx->hdd_adapter_lock)

+ 13 - 0
core/hdd/src/wlan_hdd_main.c
Visa fil 

@@ -9228,6 +9228,19 @@ QDF_STATUS hdd_add_adapter_front(struct hdd_context *hdd_ctx,
 
 	return status;
 
 }
 
 
+void hdd_validate_next_adapter(struct hdd_adapter **curr,
 
+			       struct hdd_adapter **next,
 
+			       wlan_net_dev_ref_dbgid dbg_id)
 
+{
 
+	if (!*curr || !*next || *curr != *next)
 
+		return;
 
+
 
+	hdd_err("Validation failed");
 
+	hdd_adapter_dev_put_debug(*curr, dbg_id);
 
+	*curr = NULL;
 
+	*next = NULL;
 
+}
 
+
 
 QDF_STATUS hdd_adapter_iterate(hdd_adapter_iterate_cb cb, void *context)
 
 {
 
 	struct hdd_context *hdd_ctx;