Commit bcf28a2f authored by Xinming Hu's avatar Xinming Hu Committed by Kalle Valo

mwifiex: reset card->adapter during device unregister

card->adapter gets initialized in mwifiex_register_dev(). As it's not
cleared in mwifiex_unregister_dev(), we may end up accessing the memory
which is already free in below scenario.

Scenario: Driver initialization is failed due to incorrect firmware or
some other reason. Meanwhile device reboot/unload occurs.

This is safe, now that we've properly synchronized suspend() and
remove() with the FW initialization thread; now that code can simply
check for 'card->adapter == NULL' and exit safely.
Signed-off-by: default avatarXinming Hu <huxm@marvell.com>
Tested-by: default avatarXinming Hu <huxm@marvell.com>
Signed-off-by: default avatarAmitkumar Karwar <akarwar@marvell.com>
Signed-off-by: default avatarBrian Norris <briannorris@chromium.org>
Signed-off-by: default avatarKalle Valo <kvalo@codeaurora.org>
parent b42dbb27
...@@ -3042,6 +3042,7 @@ static void mwifiex_unregister_dev(struct mwifiex_adapter *adapter) ...@@ -3042,6 +3042,7 @@ static void mwifiex_unregister_dev(struct mwifiex_adapter *adapter)
if (card->msi_enable) if (card->msi_enable)
pci_disable_msi(pdev); pci_disable_msi(pdev);
} }
card->adapter = NULL;
} }
} }
......
...@@ -2017,6 +2017,7 @@ mwifiex_unregister_dev(struct mwifiex_adapter *adapter) ...@@ -2017,6 +2017,7 @@ mwifiex_unregister_dev(struct mwifiex_adapter *adapter)
struct sdio_mmc_card *card = adapter->card; struct sdio_mmc_card *card = adapter->card;
if (adapter->card) { if (adapter->card) {
card->adapter = NULL;
sdio_claim_host(card->func); sdio_claim_host(card->func);
sdio_disable_func(card->func); sdio_disable_func(card->func);
sdio_release_host(card->func); sdio_release_host(card->func);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment