staging: r8188eu: Fix scheduling while atomic error introduced in commit fadbe0cd

In commit fadbe0cd5292851608e2e01b91d9295fa287b9fe entitled "staging:
rtl8188eu:Remove rtw_zmalloc(), wrapper for kzalloc()", the author failed
to note that the original code in the wrapper tested whether the caller
could sleep, and set the flags argument to kzalloc() appropriately.
After the patch, GFP_KERNEL is used unconditionally. Unfortunately, several
of the routines may be entered from an interrupt routine and generate
a BUG splat for every such call. Routine rtw_sitesurvey_cmd() is used in the
example below:

BUG: sleeping function called from invalid context at mm/slub.c:1240
in_atomic(): 1, irqs_disabled(): 0, pid: 756, name: wpa_supplicant
INFO: lockdep is turned off.
CPU: 2 PID: 756 Comm: wpa_supplicant Tainted: G        WC O   3.18.0-rc4+ #34
Hardware name: TOSHIBA TECRA A50-A/TECRA A50-A, BIOS Version 4.20   04/17/2014
ffffc90005557000 ffff880216fafaa8 ffffffff816b0bbf 0000000000000000
ffff8800c3b58000 ffff880216fafac8 ffffffff8107af77 0000000000000001
0000000000000010 ffff880216fafb18 ffffffff811b06ce 0000000000000000
Call Trace:
 [<ffffffff816b0bbf>] dump_stack+0x4e/0x71
 [<ffffffff8107af77>] __might_sleep+0xf7/0x120
 [<ffffffff811b06ce>] kmem_cache_alloc_trace+0x4e/0x1f0
 [<ffffffffa0888226>] ? rtw_sitesurvey_cmd+0x56/0x2a0 [r8188eu]
 [<ffffffffa0888226>] rtw_sitesurvey_cmd+0x56/0x2a0 [r8188eu]
 [<ffffffffa088f00d>] rtw_do_join+0x22d/0x370 [r8188eu]
 [<ffffffffa088f6e8>] rtw_set_802_11_ssid+0x218/0x3d0 [r8188eu]
 [<ffffffffa08c3ca5>] rtw_wx_set_essid+0x1e5/0x410 [r8188eu]
 [<ffffffffa08c3ac0>] ? rtw_wx_get_rate+0x50/0x50 [r8188eu]
 [<ffffffff816938f1>] ioctl_standard_iw_point+0x151/0x3f0
 [<ffffffff81693d52>] ioctl_standard_call+0xb2/0xe0
 [<ffffffff81597df7>] ? rtnl_lock+0x17/0x20
 [<ffffffff816945a0>] ? iw_handler_get_private+0x70/0x70
 [<ffffffff81693ca0>] ? call_commit_handler+0x40/0x40
 [<ffffffff81693256>] wireless_process_ioctl+0x176/0x1c0
 [<ffffffff81693e79>] wext_handle_ioctl+0x69/0xc0
 [<ffffffff8159fe79>] dev_ioctl+0x309/0x5e0
 [<ffffffff810be9c7>] ? call_rcu+0x17/0x20
 [<ffffffff8156a472>] sock_ioctl+0x142/0x2e0
 [<ffffffff811e0c70>] do_vfs_ioctl+0x300/0x520
 [<ffffffff81101514>] ? __audit_syscall_entry+0xb4/0x110
 [<ffffffff81101514>] ? __audit_syscall_entry+0xb4/0x110
 [<ffffffff810102bc>] ? do_audit_syscall_entry+0x6c/0x70
 [<ffffffff811e0f11>] SyS_ioctl+0x81/0xa0
 [<ffffffff816ba1d2>] system_call_fastpath+0x12/0x17

Additional routines that generate this BUG are rtw_joinbss_cmd(),
rtw_dynamic_chk_wk_cmd(), rtw_lps_ctrl_wk_cmd(), rtw_rpt_timer_cfg_cmd(),
rtw_ps_cmd(), report_survey_event(), report_join_res(), survey_timer_hdl(),
and rtw_check_bcn_info().

Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Cc: navin patidar <navin.patidar@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

1 files changed, 1 insertions, 1 deletions

diff --git a/drivers/staging/rtl8188eu/core/rtw_wlan_util.c b/drivers/staging/rtl8188eu/core/rtw_wlan_util.c
index 33ccbbbd8ed6..d300369977fa 100644
--- a/drivers/staging/rtl8188eu/core/rtw_wlan_util.c
+++ b/drivers/staging/rtl8188eu/core/rtw_wlan_util.c
@@ -935,7 +935,7 @@ int rtw_check_bcn_info(struct adapter  *Adapter, u8 *pframe, u32 packet_len)
 		return true;
 	}
 
-	bssid = kzalloc(sizeof(struct wlan_bssid_ex), GFP_KERNEL);
+	bssid = kzalloc(sizeof(struct wlan_bssid_ex), GFP_ATOMIC);
 
 	subtype = GetFrameSubType(pframe) >> 4;