Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp229767imm; Tue, 19 Jun 2018 19:59:09 -0700 (PDT) X-Google-Smtp-Source: ADUXVKLZ3FjWN3VT61PxKRAzPaiH4EdWPRtvBt/mFHZiCDIdxRm7E5xVlTRmRiSDZEMiHZzoHyjh X-Received: by 2002:a65:6612:: with SMTP id w18-v6mr16743588pgv.38.1529463549642; Tue, 19 Jun 2018 19:59:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1529463549; cv=none; d=google.com; s=arc-20160816; b=gMT+tqK8K9bJpBGveVGKh01ThYdo6uBP2S9tFFQH+8QKDpC8pzetHLDmfpt/PzwCtJ kh7P9krvdHS1m8/0icn6XUNdXTkRBO8/h7JmBHiqzR7aFTxfsnODEBTCxCfNUV5w29kM hBkrJcRKllVFto6Ab0l7+TuL+P/7Q2lR8TDFqdoVNaz/q1iLpgNJl8ClEYrc9B7I6B4t pREcCYJsKjUZYXNnUo99FeBmA4lpozMY0n37ZnpEoagxsykQB9O5qUINb8Zl3DLOUunE OHSsQiQe2H9fwG1DcCUFK7eymvgJ1Nn+EKA1jgyUltG5tnzZhnGYaEL2ziVuN18GeTLp mORw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :dkim-signature:arc-authentication-results; bh=9a6e6R658LXV+18WbeRydHx1KHp2v/X+TL3DzccSFoE=; b=u9ACaSf3ekllQOd7WsuY+AqtLkb/ajkTJbIPfai8N9YJAQ0funUVU5sycNBifvDKfk wBOU86C+xSByQrVsBstTkAvKuI9Qi6BlM+/0ZeEPPC7asgn8XKUR4Mfd4BXYm9e9Ls9R cDqYAvFHAR7nWdR8BE59D+k+12yVqEuZRCG9+xu8E2Q/KkXgXFuVXQ1jxhCnyz2Vr//O 5j9rf6Iopljs8xjcNugRa48xYkNabUNwOlvvNBWkfEfG7PdShEXAyTUufKzXBI/MBVsg s3GIOEPXyfIhWHSN2PJVOSjCT/jLhSRmTjzJ+I03hLLY2ZdinSoP6roPxXqgdhDOtEc1 jXRA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=ueEfX4YK; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u76-v6si1294256pfj.58.2018.06.19.19.58.55; Tue, 19 Jun 2018 19:59:09 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=ueEfX4YK; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754243AbeFTC6R (ORCPT + 99 others); Tue, 19 Jun 2018 22:58:17 -0400 Received: from mail-pf0-f196.google.com ([209.85.192.196]:47089 "EHLO mail-pf0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753622AbeFTC6P (ORCPT ); Tue, 19 Jun 2018 22:58:15 -0400 Received: by mail-pf0-f196.google.com with SMTP id q1-v6so823402pff.13 for ; Tue, 19 Jun 2018 19:58:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=9a6e6R658LXV+18WbeRydHx1KHp2v/X+TL3DzccSFoE=; b=ueEfX4YK7MIY+WKFZf+L1rIPgefFaMEJP0LZcuhPcQxyFGowAAKZZS7a7PgxAr+6Rq LSUFZs9SDJfwd1m0II15ISwhkoCtgGFO9N36Xr0eqBYLgPbaPCQORch5D1EKFR5OezrV sBwMbXMp5TjUfK1fY3+bl7YAo5VWhKusslY/fmkmt/UWQQu21ONOmNSJDk7UKBPUf2J2 DZfFrtOpwmAtBVpnhR8Edu8D7lcfZCENV3XaakbTglm92KOWO9Lix41+82bDmcBWdX/F rkl5dPopUpPEW7vONe+pywd/4CiNUL5Nzk8bBZxmtDax7A97ViAlpYj768HVPEH+8IVa 3Y3w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=9a6e6R658LXV+18WbeRydHx1KHp2v/X+TL3DzccSFoE=; b=QgEp3e+AfLDEzG5VUinRRtKRAIKr5J5mVmEPgsz1rQ4kpec7ZXk9BF7CsSb2RXRX8d O8XkuK6agEbf9wCuM8AgAioGYFkoh++iaeOvRBa+7bG07iW67LoKG8iRv5GVrkH+mVbE jaFFGmmvB89IWBHw7EYXVTo3a3PYvXlQfec78MkdiwnGAS5kc8A2w2eYL35WRVbu1k4p aaK52fHMSKol2HUCJyIm0/P6HLMzMJMqvQ/kgzmY3V5L1zwVx7WSNHBaQWqHhltlgHon YH/RBgBLdp+LTW61ySoU4Mvt574Q+4fO7ndB8YFKRUXxHmcseFzuHjuaFzW0OtJcQ152 RlTg== X-Gm-Message-State: APt69E2fHn2pHsaWZg2R98DiaEfU9gQnXauRDV+zJfn3B2qhFbAI2dX0 FlphJBQVKQgVdD2KGDhA6iE= X-Received: by 2002:a63:755d:: with SMTP id f29-v6mr16974131pgn.278.1529463495443; Tue, 19 Jun 2018 19:58:15 -0700 (PDT) Received: from oslab.tsinghua.edu.cn ([2402:f000:1:4413:d85e:ce7f:5f7a:fdfe]) by smtp.gmail.com with ESMTPSA id s134-v6sm987935pgc.30.2018.06.19.19.58.12 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 19 Jun 2018 19:58:14 -0700 (PDT) From: Jia-Ju Bai To: gregkh@linuxfoundation.org, Larry.Finger@lwfinger.net, garsilva@embeddedor.com, pkshih@realtek.com Cc: devel@driverdev.osuosl.org, linux-kernel@vger.kernel.org, Jia-Ju Bai Subject: [PATCH] staging: rtlwifi: Fix a possible sleep-in-atomic-context bug in _is_fw_read_cmd_down() Date: Wed, 20 Jun 2018 10:58:01 +0800 Message-Id: <20180620025801.30956-1-baijiaju1990@gmail.com> X-Mailer: git-send-email 2.17.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The driver may sleep with holding a spinlock. The function call path (from bottom to top) in Linux-4.16.7 is: [FUNC] schedule drivers/staging/rtlwifi/halmac/rtl_halmac.c, 884: schedule in _is_fw_read_cmd_down drivers/staging/rtlwifi/halmac/rtl_halmac.c, 912: _is_fw_read_cmd_down in rtl_halmac_send_h2c drivers/staging/rtlwifi/halmac/rtl_halmac.c, 907: _raw_spin_lock_irqsave in rtl_halmac_send_h2c To fix this bug, schedule() is replaced with mdelay(1). This bug is found by my static analysis tool (DSAC-2) and checked by my code review. Signed-off-by: Jia-Ju Bai --- drivers/staging/rtlwifi/halmac/rtl_halmac.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/staging/rtlwifi/halmac/rtl_halmac.c b/drivers/staging/rtlwifi/halmac/rtl_halmac.c index 66f0a6dfc52c..e921a62e72a3 100644 --- a/drivers/staging/rtlwifi/halmac/rtl_halmac.c +++ b/drivers/staging/rtlwifi/halmac/rtl_halmac.c @@ -881,7 +881,7 @@ static bool _is_fw_read_cmd_down(struct rtl_priv *rtlpriv, u8 msgbox_num) if (valid == 0) read_down = true; else - schedule(); + mdelay(1); } while ((!read_down) && (retry_cnts--)); return read_down; -- 2.17.0