| Message ID | 20220321225515.32113-1-dossche.niels@gmail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | 3e12968f6d12a34b540c39cbd696a760cc4616f0 |
| Delegated to: | Kalle Valo |
| Headers | show |
| Series | [v2] mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue | expand |
Niels Dossche <dossche.niels@gmail.com> wrote: > cfg80211_ch_switch_notify uses ASSERT_WDEV_LOCK to assert that > net_device->ieee80211_ptr->mtx (which is the same as priv->wdev.mtx) > is held during the function's execution. > mwifiex_dfs_chan_sw_work_queue is one of its callers, which does not > hold that lock, therefore violating the assertion. > Add a lock around the call. > > Disclaimer: > I am currently working on a static analyser to detect missing locks. > This was a reported case. I manually verified the report by looking > at the code, so that I do not send wrong information or patches. > After concluding that this seems to be a true positive, I created > this patch. > However, as I do not in fact have this particular hardware, > I was unable to test it. > > Reviewed-by: Brian Norris <briannorris@chromium.org> > Signed-off-by: Niels Dossche <dossche.niels@gmail.com> Patch applied to wireless-next.git, thanks. 3e12968f6d12 mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue
diff --git a/drivers/net/wireless/marvell/mwifiex/11h.c b/drivers/net/wireless/marvell/mwifiex/11h.c index d2ee6469e67b..3fa25cd64cda 100644 --- a/drivers/net/wireless/marvell/mwifiex/11h.c +++ b/drivers/net/wireless/marvell/mwifiex/11h.c @@ -303,5 +303,7 @@ void mwifiex_dfs_chan_sw_work_queue(struct work_struct *work) mwifiex_dbg(priv->adapter, MSG, "indicating channel switch completion to kernel\n"); + mutex_lock(&priv->wdev.mtx); cfg80211_ch_switch_notify(priv->netdev, &priv->dfs_chandef); + mutex_unlock(&priv->wdev.mtx); }