ipwireless_network_create() is never called in atomic context.
The call chain ending up at ipwireless_network_create() is:
[1] ipwireless_network_create() <- config_ipwireless() <-
ipwireless_attach()
ipwireless_attach() is only set as ".probe" in struct pcmcia_driver.
Despite never getting called from atomic context,
ipwireless_network_create() calls kzalloc() with GFP_ATOMIC,
which does not sleep for allocation.
GFP_ATOMIC is not necessary and can be replaced with GFP_KERNEL,
which can sleep and improve the possibility of sucessful allocation.
This is found by a static analysis tool named DCNS written by myself.
And I also manually check it.
Signed-off-by: Jia-Ju Bai <[email protected]>
---
drivers/tty/ipwireless/network.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/tty/ipwireless/network.c b/drivers/tty/ipwireless/network.c
index c2f9a32..17b04b5 100644
--- a/drivers/tty/ipwireless/network.c
+++ b/drivers/tty/ipwireless/network.c
@@ -415,7 +415,7 @@ void ipwireless_network_packet_received(struct ipw_network *network,
struct ipw_network *ipwireless_network_create(struct ipw_hardware *hw)
{
struct ipw_network *network =
- kzalloc(sizeof(struct ipw_network), GFP_ATOMIC);
+ kzalloc(sizeof(struct ipw_network), GFP_KERNEL);
if (!network)
return NULL;
--
1.9.1
On Tue, Apr 10, 2018 at 04:31:46PM +0800, Jia-Ju Bai wrote:
> ipwireless_network_create() is never called in atomic context.
>
> The call chain ending up at ipwireless_network_create() is:
> [1] ipwireless_network_create() <- config_ipwireless() <-
> ipwireless_attach()
> ipwireless_attach() is only set as ".probe" in struct pcmcia_driver.
>
> Despite never getting called from atomic context,
> ipwireless_network_create() calls kzalloc() with GFP_ATOMIC,
> which does not sleep for allocation.
> GFP_ATOMIC is not necessary and can be replaced with GFP_KERNEL,
> which can sleep and improve the possibility of sucessful allocation.
>
> This is found by a static analysis tool named DCNS written by myself.
> And I also manually check it.
>
> Signed-off-by: Jia-Ju Bai <[email protected]>
Reviewed-by: David Sterba <[email protected]>
We don't have any other patches queued for this driver so it would be
best if this patch goes via net or Greg's tree.
On Wed, Apr 11, 2018 at 01:09:45PM +0200, David Sterba wrote:
> On Tue, Apr 10, 2018 at 04:31:46PM +0800, Jia-Ju Bai wrote:
> > ipwireless_network_create() is never called in atomic context.
> >
> > The call chain ending up at ipwireless_network_create() is:
> > [1] ipwireless_network_create() <- config_ipwireless() <-
> > ipwireless_attach()
> > ipwireless_attach() is only set as ".probe" in struct pcmcia_driver.
> >
> > Despite never getting called from atomic context,
> > ipwireless_network_create() calls kzalloc() with GFP_ATOMIC,
> > which does not sleep for allocation.
> > GFP_ATOMIC is not necessary and can be replaced with GFP_KERNEL,
> > which can sleep and improve the possibility of sucessful allocation.
> >
> > This is found by a static analysis tool named DCNS written by myself.
> > And I also manually check it.
> >
> > Signed-off-by: Jia-Ju Bai <[email protected]>
>
> Reviewed-by: David Sterba <[email protected]>
>
> We don't have any other patches queued for this driver so it would be
> best if this patch goes via net or Greg's tree.
I can take it, after 4.17-rc1 is out, thanks!
greg k-h