aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorInaky Perez-Gonzalez <inaky@linux.intel.com>2009-05-02 05:30:28 -0400
committerInaky Perez-Gonzalez <inaky@linux.intel.com>2009-05-06 16:48:37 -0400
commit94c7f2d49521b0bb3ab91cbeb3518ac34355d47f (patch)
treea2824d07c85cfc985811ff2237eb093e540b294f
parentd1a2627a29667fe7c4a9d06e1579a2d65bd39bba (diff)
wimax: oops: wimax_dev_add() is the only one that can initialize the state
When a new wimax_dev is created, it's state has to be __WIMAX_ST_NULL until wimax_dev_add() is succesfully called. This allows calls into the stack that happen before said time to be rejected. Until now, the state was being set (by mistake) to UNINITIALIZED, which was allowing calls such as wimax_report_rfkill_hw() to go through even when a call to wimax_dev_add() had failed; that was causing an oops when touching uninitialized data. This situation is normal when the device starts reporting state before the whole initialization has been completed. It just has to be dealt with. Signed-off-by: Inaky Perez-Gonzalez <inaky@linux.intel.com>
-rw-r--r--net/wimax/stack.c17
1 files changed, 15 insertions, 2 deletions
diff --git a/net/wimax/stack.c b/net/wimax/stack.c
index a0ee76b52510..933e1422b09f 100644
--- a/net/wimax/stack.c
+++ b/net/wimax/stack.c
@@ -338,8 +338,21 @@ out:
338 */ 338 */
339void wimax_state_change(struct wimax_dev *wimax_dev, enum wimax_st new_state) 339void wimax_state_change(struct wimax_dev *wimax_dev, enum wimax_st new_state)
340{ 340{
341 /*
342 * A driver cannot take the wimax_dev out of the
343 * __WIMAX_ST_NULL state unless by calling wimax_dev_add(). If
344 * the wimax_dev's state is still NULL, we ignore any request
345 * to change its state because it means it hasn't been yet
346 * registered.
347 *
348 * There is no need to complain about it, as routines that
349 * call this might be shared from different code paths that
350 * are called before or after wimax_dev_add() has done its
351 * job.
352 */
341 mutex_lock(&wimax_dev->mutex); 353 mutex_lock(&wimax_dev->mutex);
342 __wimax_state_change(wimax_dev, new_state); 354 if (wimax_dev->state > __WIMAX_ST_NULL)
355 __wimax_state_change(wimax_dev, new_state);
343 mutex_unlock(&wimax_dev->mutex); 356 mutex_unlock(&wimax_dev->mutex);
344 return; 357 return;
345} 358}
@@ -376,7 +389,7 @@ EXPORT_SYMBOL_GPL(wimax_state_get);
376void wimax_dev_init(struct wimax_dev *wimax_dev) 389void wimax_dev_init(struct wimax_dev *wimax_dev)
377{ 390{
378 INIT_LIST_HEAD(&wimax_dev->id_table_node); 391 INIT_LIST_HEAD(&wimax_dev->id_table_node);
379 __wimax_state_set(wimax_dev, WIMAX_ST_UNINITIALIZED); 392 __wimax_state_set(wimax_dev, __WIMAX_ST_NULL);
380 mutex_init(&wimax_dev->mutex); 393 mutex_init(&wimax_dev->mutex);
381 mutex_init(&wimax_dev->mutex_reset); 394 mutex_init(&wimax_dev->mutex_reset);
382} 395}