mac80211: brcmfmac: fix PCIe reset crash and WARNING

Signed-off-by: Rafał Miłecki <[email protected]>
(cherry picked from commit cde8c2f2fba019c4cd3b9f6ad463ff86cc783061)

package/kernel/mac80211/patches/360-brcmfmac-disable-PCIe-interrupts-before-bus-reset.patch

@@ -0,0 +1,54 @@
+From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= <[email protected]>
+Date: Mon, 18 Nov 2019 11:52:41 +0100
+Subject: [PATCH FIX] brcmfmac: disable PCIe interrupts before bus reset
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Keeping interrupts on could result in brcmfmac freeing some resources
+and then IRQ handlers trying to use them. That was obviously a straight
+path for crashing a kernel.
+
+Example:
+CPU0                           CPU1
+----                           ----
+brcmf_pcie_reset
+  brcmf_pcie_bus_console_read
+  brcmf_detach
+    ...
+    brcmf_fweh_detach
+    brcmf_proto_detach
+                               brcmf_pcie_isr_thread
+                                 ...
+                                 brcmf_proto_msgbuf_rx_trigger
+                                   ...
+                                   drvr->proto->pd
+    brcmf_pcie_release_irq
+
+[  363.789218] Unable to handle kernel NULL pointer dereference at virtual address 00000038
+[  363.797339] pgd = c0004000
+[  363.800050] [00000038] *pgd=00000000
+[  363.803635] Internal error: Oops: 17 [#1] SMP ARM
+(...)
+[  364.029209] Backtrace:
+[  364.031725] [<bf243838>] (brcmf_proto_msgbuf_rx_trigger [brcmfmac]) from [<bf2471dc>] (brcmf_pcie_isr_thread+0x228/0x274 [brcmfmac])
+[  364.043662]  r7:00000001 r6:c8ca0000 r5:00010000 r4:c7b4f800
+
+Fixes: 4684997d9eea ("brcmfmac: reset PCIe bus on a firmware crash")
+Cc: [email protected] # v5.2+
+Signed-off-by: Rafał Miłecki <[email protected]>
+---
+ drivers/net/wireless/broadcom/brcm80211/brcmfmac/pcie.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/pcie.c
++++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/pcie.c
+@@ -1409,6 +1409,8 @@ static int brcmf_pcie_reset(struct devic
+ 	u16 bus_nr;
+ 	int err;
+ 
++	brcmf_pcie_intr_disable(devinfo);
++
+ 	brcmf_pcie_bus_console_read(devinfo, true);
+ 
+ 	brcmf_detach(dev);

package/kernel/mac80211/patches/361-brcmfmac-remove-monitor-interface-when-detaching.patch

@@ -0,0 +1,30 @@
+From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= <[email protected]>
+Date: Mon, 18 Nov 2019 13:35:20 +0100
+Subject: [PATCH 5.5] brcmfmac: remove monitor interface when detaching
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This fixes a minor WARNING in the cfg80211:
+[  130.658034] ------------[ cut here ]------------
+[  130.662805] WARNING: CPU: 1 PID: 610 at net/wireless/core.c:954 wiphy_unregister+0xb4/0x198 [cfg80211]
+
+Signed-off-by: Rafał Miłecki <[email protected]>
+---
+ drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
++++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
+@@ -1320,6 +1320,11 @@ void brcmf_detach(struct device *dev)
+ 	brcmf_proto_detach(drvr);
+ 	brcmf_debug_detach(drvr);
+ 
++	if (drvr->mon_if) {
++		brcmf_net_detach(drvr->mon_if->ndev, false);
++		drvr->mon_if = NULL;
++	}
++
+ 	/* make sure primary interface removed last */
+ 	for (i = BRCMF_MAX_IFS - 1; i > -1; i--) {
+ 		if (drvr->iflist[i])

package/kernel/mac80211/patches/860-brcmfmac-register-wiphy-s-during-module_init.patch

@@ -13,7 +13,7 @@ Signed-off-by: Rafał Miłecki <[email protected]>
 
 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
 +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
-@@ -1404,6 +1404,7 @@ int __init brcmf_core_init(void)
+@@ -1409,6 +1409,7 @@ int __init brcmf_core_init(void)
  {
  	if (!schedule_work(&brcmf_driver_work))
  		return -EBUSY;