Dan Carpenter <dan.carpenter@xxxxxxxxxx> writes:
> This error path leads to a Smatch warning:
>
> drivers/net/wireless/ath/ath11k/mac.c:4269 ath11k_mac_op_start()
> error: double unlocked '&ar->conf_mutex' (orig line 4251)
>
> We're not holding the lock when we do the "goto err;" so it leads to a
> double unlock. The fix is to hold the lock for a little longer.
>
> Fixes: c83c500b55b6 ("ath11k: enable idle power save mode")
> Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> ---
> v2: reviewers were concern that v1 was racy
>
> drivers/net/wireless/ath/ath11k/mac.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/net/wireless/ath/ath11k/mac.c b/drivers/net/wireless/ath/ath11k/mac.c
> index c1608f64ea95..464d3425488b 100644
> --- a/drivers/net/wireless/ath/ath11k/mac.c
> +++ b/drivers/net/wireless/ath/ath11k/mac.c
> @@ -4248,8 +4248,6 @@ static int ath11k_mac_op_start(struct ieee80211_hw *hw)
> /* Configure the hash seed for hash based reo dest ring selection */
> ath11k_wmi_pdev_lro_cfg(ar, ar->pdev->pdev_id);
>
> - mutex_unlock(&ar->conf_mutex);
> -
> rcu_assign_pointer(ab->pdevs_active[ar->pdev_idx],
> &ab->pdevs[ar->pdev_idx]);
>
> @@ -4262,6 +4260,9 @@ static int ath11k_mac_op_start(struct ieee80211_hw *hw)
> goto err;
> }
> }
> +
> + mutex_unlock(&ar->conf_mutex);
> +
> return 0;
>
> err:
> --
> 2.30.0
But now rcu_assign_pointer() is called while conf_mutex is held,
previously it was not. I didn't check if this creates problems, but just
to be on the safe side I modified your patch to keep the original
functionality. Please check my changes in the pending branch:
https://git.kernel.org/pub/scm/linux/kernel/git/kvalo/ath.git/commit/?h=pending&id=8eff3667c211072a2107271139b81cbf8c7fd10a
--
https://patchwork.kernel.org/project/linux-wireless/list/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
