[BUG] net: broadcom: b44: Possible sleep-in-atomic-context bugs in b44_chip_reset()

From: Jia-Ju Bai
Date: Sat Sep 15 2018 - 04:44:52 EST


The driver may sleep with holding a spinlock.
The function call paths (from bottom to top) in Linux-4.17 are:

[FUNC] msleep
drivers/ssb/driver_pcicore.c, 671:
msleep in ssb_pcie_mdio_write
drivers/ssb/driver_pcicore.c, 446:
ssb_pcie_mdio_write in ssb_pcicore_serdes_workaround
drivers/ssb/driver_pcicore.c, 508:
ssb_pcicore_serdes_workaround in ssb_pcicore_pcie_setup_workarounds
drivers/ssb/driver_pcicore.c, 729:
ssb_pcicore_pcie_setup_workarounds in ssb_pcicore_dev_irqvecs_enable
drivers/net/ethernet/broadcom/b44.c, 1289:
ssb_pcicore_dev_irqvecs_enable in b44_chip_reset
drivers/net/ethernet/broadcom/b44.c, 1363:
b44_chip_reset in b44_halt
drivers/net/ethernet/broadcom/b44.c, 2498:
b44_halt in b44_suspend
drivers/net/ethernet/broadcom/b44.c, 2496:
spin_lock_irq in b44_suspend

[FUNC] msleep
drivers/ssb/driver_pcicore.c, 671:
msleep in ssb_pcie_mdio_write
drivers/ssb/driver_pcicore.c, 446:
ssb_pcie_mdio_write in ssb_pcicore_serdes_workaround
drivers/ssb/driver_pcicore.c, 508:
ssb_pcicore_serdes_workaround in ssb_pcicore_pcie_setup_workarounds
drivers/ssb/driver_pcicore.c, 729:
ssb_pcicore_pcie_setup_workarounds in ssb_pcicore_dev_irqvecs_enable
drivers/net/ethernet/broadcom/b44.c, 1289:
ssb_pcicore_dev_irqvecs_enable in b44_chip_reset
drivers/net/ethernet/broadcom/b44.c, 1412:
b44_chip_reset in b44_init_hw
drivers/net/ethernet/broadcom/b44.c, 2533:
b44_init_hw in b44_resume
drivers/net/ethernet/broadcom/b44.c, 2531:
spin_lock_irq in b44_resume

These bugs are found by my static analysis tool DSAC.


Best wishes,
Jia-Ju Bai