hamradio: don't call dev_kfree_skb() under spin_lock_irqsave()

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

It is not allowed to call kfree_skb() or consume_skb() from hardware
interrupt context or with hardware interrupts being disabled.

It should use dev_kfree_skb_irq() or dev_consume_skb_irq() instead.
The difference between them is free reason, dev_kfree_skb_irq() means
the SKB is dropped in error and dev_consume_skb_irq() means the SKB
is consumed in normal.

In scc_discard_buffers(), dev_kfree_skb() is called to discard the SKBs,
so replace it with dev_kfree_skb_irq().

In scc_net_tx(), dev_kfree_skb() is called to drop the SKB that exceed
queue length, so replace it with dev_kfree_skb_irq().

Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Yang Yingliang and committed by

David S. Miller 3 years ago 3727f742 f07fadcb

+3 -3

1 changed file

expand all

drivers

net

hamradio

scc.c

+3 -3

drivers/net/hamradio/scc.c

··· 302 302 spin_lock_irqsave(&scc->lock, flags); 303 303 if (scc->tx_buff != NULL) 304 304 { 305 - dev_kfree_skb(scc->tx_buff); 305 + dev_kfree_skb_irq(scc->tx_buff); 306 306 scc->tx_buff = NULL; 307 307 } 308 308 309 309 while (!skb_queue_empty(&scc->tx_queue)) 310 - dev_kfree_skb(skb_dequeue(&scc->tx_queue)); 310 + dev_kfree_skb_irq(skb_dequeue(&scc->tx_queue)); 311 311 312 312 spin_unlock_irqrestore(&scc->lock, flags); 313 313 } ··· 1668 1668 if (skb_queue_len(&scc->tx_queue) > scc->dev->tx_queue_len) { 1669 1669 struct sk_buff *skb_del; 1670 1670 skb_del = skb_dequeue(&scc->tx_queue); 1671 - dev_kfree_skb(skb_del); 1671 + dev_kfree_skb_irq(skb_del); 1672 1672 } 1673 1673 skb_queue_tail(&scc->tx_queue, skb); 1674 1674 netif_trans_update(dev);