samsung-sm8650/android_kernel_samsung_sm8650-modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

qcacld-3.0: Flush scan_block_work when receive NETDEV_GOING_DOWN notifier

Browse Source 
qcacld-2.0 to qcacld-3.0 propagation

In some case, scan_block_work will be scheduled, but NETDEV_DOWN will
come before scan_block_work executed, it will lead to crash. Because
in this case it will call ___cfg80211_scan_done to free scan request in
cfg80211_netdev_notifier_call firstly, but it will access scan request
in wlan_hdd_cfg80211_scan_block_cb afterwards, so it will crash.
Add flush scan_block_work process when receive NETDEV_GOING_DOWN notifier.

Change-Id: Iada4b907f5fb03871406904340e21b6cdf89306f
CRs-Fixed: 2034794
This commit is contained in:
hqu
2017-05-04 17:56:35 +08:00
committed by snandini
parent 4ea846d166
commit eaa33eee78
3 changed files with 14 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
core/hdd/src/wlan_hdd_main.c
View File

@@ -441,6 +441,7 @@ static int __hdd_netdev_notifier_call(struct notifier_block *nb,
wlan_abort_scan(hdd_ctx->hdd_pdev, INVAL_PDEV_ID, wlan_abort_scan(hdd_ctx->hdd_pdev, INVAL_PDEV_ID,
adapter->sessionId, INVALID_SCAN_ID, true); adapter->sessionId, INVALID_SCAN_ID, true);
} else { } else {
cds_flush_work(&adapter->scan_block_work);
hdd_debug("Scan is not Pending from user"); hdd_debug("Scan is not Pending from user");
} }
break; break;
@@ -3751,6 +3752,8 @@ hdd_adapter_t *hdd_open_adapter(hdd_context_t *hdd_ctx, uint8_t session_type,
return NULL; return NULL;
} }
INIT_WORK(&adapter->scan_block_work, wlan_hdd_cfg80211_scan_block_cb);
cfgState = WLAN_HDD_GET_CFG_STATE_PTR(adapter); cfgState = WLAN_HDD_GET_CFG_STATE_PTR(adapter);
mutex_init(&cfgState->remain_on_chan_ctx_lock); mutex_init(&cfgState->remain_on_chan_ctx_lock);

12
core/hdd/src/wlan_hdd_scan.c
View File

@@ -1378,13 +1378,7 @@ static bool wlan_hdd_sap_skip_scan_check(hdd_context_t *hdd_ctx,
} }
#endif #endif
/** void wlan_hdd_cfg80211_scan_block_cb(struct work_struct *work)
* wlan_hdd_cfg80211_scan_block_cb() - scan block work handler
* @work: Pointer to work
*
* Return: none
*/
static void wlan_hdd_cfg80211_scan_block_cb(struct work_struct *work)
{ {
hdd_adapter_t *adapter = container_of(work, hdd_adapter_t *adapter = container_of(work,
hdd_adapter_t, scan_block_work); hdd_adapter_t, scan_block_work);
@@ -1600,8 +1594,6 @@ static int __wlan_hdd_cfg80211_scan(struct wiphy *wiphy,
pAdapter->request = request; pAdapter->request = request;
pAdapter->scan_source = source; pAdapter->scan_source = source;
INIT_WORK(&pAdapter->scan_block_work,
wlan_hdd_cfg80211_scan_block_cb);
schedule_work(&pAdapter->scan_block_work); schedule_work(&pAdapter->scan_block_work);
return 0; return 0;
} }
@@ -1675,8 +1667,6 @@ static int __wlan_hdd_cfg80211_scan(struct wiphy *wiphy,
hdd_debug("sap scan skipped"); hdd_debug("sap scan skipped");
pAdapter->request = request; pAdapter->request = request;
pAdapter->scan_source = source; pAdapter->scan_source = source;
INIT_WORK(&pAdapter->scan_block_work,
wlan_hdd_cfg80211_scan_block_cb);
schedule_work(&pAdapter->scan_block_work); schedule_work(&pAdapter->scan_block_work);
return 0; return 0;
} }

10
core/hdd/src/wlan_hdd_scan.h
View File

@@ -109,5 +109,15 @@ int wlan_hdd_vendor_abort_scan(
void wlan_hdd_cfg80211_abort_scan(struct wiphy *wiphy, void wlan_hdd_cfg80211_abort_scan(struct wiphy *wiphy,
struct wireless_dev *wdev); struct wireless_dev *wdev);
#endif #endif
/**
* wlan_hdd_cfg80211_scan_block_cb() - scan block work handler
* @work: Pointer to work
*
* This function is used to do scan block work handler
*
* Return: none
*/
void wlan_hdd_cfg80211_scan_block_cb(struct work_struct *work);
#endif /* end #if !defined(WLAN_HDD_SCAN_H) */ #endif /* end #if !defined(WLAN_HDD_SCAN_H) */