Re: [EXT] INFO: trying to register non-static key in del_timer_sync (2)
From: Andrey Konovalov
Date: Wed Jun 12 2019 - 12:18:05 EST
On Wed, Jun 12, 2019 at 6:03 PM Ganapathi Bhat <gbhat@xxxxxxxxxxx> wrote:
>
> Hi Dmitry,
>
> We have a patch to fix this: https://patchwork.kernel.org/patch/10990275/
Hi Ganapathi,
Great, thanks for working on this!
We can ask syzbot to test the fix:
#syz test: https://github.com/google/kasan.git usb-fuzzer
Thanks!
>
> Regards,
> Ganapathi
diff --git a/drivers/net/wireless/marvell/mwifiex/usb.c b/drivers/net/wireless/marvell/mwifiex/usb.c
index c2365ee..939f1e9 100644
--- a/drivers/net/wireless/marvell/mwifiex/usb.c
+++ b/drivers/net/wireless/marvell/mwifiex/usb.c
@@ -1348,6 +1348,8 @@ static void mwifiex_usb_cleanup_tx_aggr(struct mwifiex_adapter *adapter)
for (idx = 0; idx < MWIFIEX_TX_DATA_PORT; idx++) {
port = &card->port[idx];
+ if (!port->tx_data_ep)
+ continue;
if (adapter->bus_aggr.enable)
while ((skb_tmp =
skb_dequeue(&port->tx_aggr.aggr_list)))
@@ -1365,8 +1367,6 @@ static void mwifiex_unregister_dev(struct mwifiex_adapter *adapter)
mwifiex_usb_free(card);
- mwifiex_usb_cleanup_tx_aggr(adapter);
-
card->adapter = NULL;
}
@@ -1510,7 +1510,7 @@ static int mwifiex_prog_fw_w_helper(struct mwifiex_adapter *adapter,
static int mwifiex_usb_dnld_fw(struct mwifiex_adapter *adapter,
struct mwifiex_fw_image *fw)
{
- int ret;
+ int ret = 0;
struct usb_card_rec *card = (struct usb_card_rec *)adapter->card;
if (card->usb_boot_state == USB8XXX_FW_DNLD) {
@@ -1523,10 +1523,6 @@ static int mwifiex_usb_dnld_fw(struct mwifiex_adapter *adapter,
return -1;
}
- ret = mwifiex_usb_rx_init(adapter);
- if (!ret)
- ret = mwifiex_usb_tx_init(adapter);
-
return ret;
}
@@ -1584,7 +1580,29 @@ static void mwifiex_usb_submit_rem_rx_urbs(struct mwifiex_adapter *adapter)
return 0;
}
+static int mwifiex_init_usb(struct mwifiex_adapter *adapter)
+{
+ struct usb_card_rec *card = (struct usb_card_rec *)adapter->card;
+ int ret = 0;
+
+ if (card->usb_boot_state == USB8XXX_FW_DNLD)
+ return 0;
+
+ ret = mwifiex_usb_rx_init(adapter);
+ if (!ret)
+ ret = mwifiex_usb_tx_init(adapter);
+
+ return ret;
+}
+
+static void mwifiex_cleanup_usb(struct mwifiex_adapter *adapter)
+{
+ mwifiex_usb_cleanup_tx_aggr(adapter);
+}
+
static struct mwifiex_if_ops usb_ops = {
+ .init_if = mwifiex_init_usb,
+ .cleanup_if = mwifiex_cleanup_usb,
.register_dev = mwifiex_register_dev,
.unregister_dev = mwifiex_unregister_dev,
.wakeup = mwifiex_pm_wakeup_card,