[PATCH 3/4] mwifiex: pcie: clear outstanding work when resetting

From: Brian Norris
Date: Fri Apr 14 2017 - 17:52:11 EST

Next message: Brian Norris: "[PATCH 2/4] mwifiex: reset timeout flag when resetting device"
Previous message: Brian Norris: "[PATCH 1/4] mwifiex: pcie: fix cmd_buf use-after-free in remove/reset"
In reply to: Brian Norris: "[PATCH 1/4] mwifiex: pcie: fix cmd_buf use-after-free in remove/reset"
Next in thread: Brian Norris: "[PATCH 2/4] mwifiex: reset timeout flag when resetting device"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

When we shut down the device (i.e., during 'reset'), we cancel any
outstanding work, but we don't clear any work-related flags. This can
cause problems if, e.g., we begin to queue a new firmware dump or card
reset while the other one is in progress. That might leave work_flags
with a stale value, and we might begin one of these *after* we've
completely reset the device. That doesn't make sense, because all
firmware context will have been lost by then.

This fixes some forms of cascading failures, where I:

(a) force a firmware dump (cat /sys/kernel/debug/mwifiex/mlan0/device_dump)
(b) run a Wifi scan in parallel (iw mlan0 scan)
(c) the scan times out due to (a) hogging the interface
(d) the command timeout triggers another firmware dump and a reset [*]
(e) the 2nd firmware dump flag persists across the reset
(f) as soon as the interface comes back up, we trigger the pending
firmware dump
(g) subsequent commands time out again, while we are processing the
firmware dump; return to (d)

[*] Note that automatic card_reset() support is not yet implemented for
the mwifiex PCIe driver, so we won't hit *exactly* this behavior yet.
But we can see similarly-confusing behaviors today.

Signed-off-by: Brian Norris <briannorris@xxxxxxxxxxxx>
---
This might qualify as 4.11 material (bugfix), though it's probably not too
widely triggered yet.

drivers/net/wireless/marvell/mwifiex/pcie.c | 2 ++
1 file changed, 2 insertions(+)

diff --git a/drivers/net/wireless/marvell/mwifiex/pcie.c b/drivers/net/wireless/marvell/mwifiex/pcie.c
index 99e8a5cfda1b..bacac2949f10 100644
--- a/drivers/net/wireless/marvell/mwifiex/pcie.c
+++ b/drivers/net/wireless/marvell/mwifiex/pcie.c
@@ -371,6 +371,8 @@ static void mwifiex_pcie_reset_notify(struct pci_dev *pdev, bool prepare)
*/
mwifiex_shutdown_sw(adapter);
adapter->surprise_removed = true;
+ clear_bit(MWIFIEX_IFACE_WORK_DEVICE_DUMP, &card->work_flags);
+ clear_bit(MWIFIEX_IFACE_WORK_CARD_RESET, &card->work_flags);
} else {
/* Kernel stores and restores PCIe function context before and
* after performing FLR respectively. Reconfigure the software
--
2.12.2.762.g0e3151a226-goog

Next message: Brian Norris: "[PATCH 2/4] mwifiex: reset timeout flag when resetting device"
Previous message: Brian Norris: "[PATCH 1/4] mwifiex: pcie: fix cmd_buf use-after-free in remove/reset"
In reply to: Brian Norris: "[PATCH 1/4] mwifiex: pcie: fix cmd_buf use-after-free in remove/reset"
Next in thread: Brian Norris: "[PATCH 2/4] mwifiex: reset timeout flag when resetting device"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]