From ebd0fd2b1a30aa836c28e758d8a57ecdfa85052f Mon Sep 17 00:00:00 2001
From: Mohammed Shafi Shajakhan <mohammed@qca.qualcomm.com>
Date: Wed, 18 Jul 2012 18:11:29 +0530
Subject: [PATCH 1/2] cfg80211: Fix mutex locking in reg_last_request_cell_base

should fix the following issue

	[ 3229.815012] [ BUG: lock held when returning to user space! ]
	[ 3229.815016] 3.5.0-rc7-wl #28 Tainted: G        W  O
	[ 3229.815017]
	------------------------------------------------
	[ 3229.815019] wpa_supplicant/5783 is leaving the kernel with locks still held!
	[ 3229.815022] 1 lock held by wpa_supplicant/5783:
	[ 3229.815023]  #0: (reg_mutex){+.+.+.}, at: [<fa65834d>]
	reg_last_request_cell_base+0x1d/0x60 [cfg80211]

Cc: Luis Rodriguez <mcgrof@gmail.com>
Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qca.qualcomm.com>
Tested-by: Luciano Coelho <coelho@ti.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
---
 net/wireless/reg.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/net/wireless/reg.c b/net/wireless/reg.c
index dbb01df3aacb..2303ee73b50a 100644
--- a/net/wireless/reg.c
+++ b/net/wireless/reg.c
@@ -929,11 +929,13 @@ static bool reg_request_cell_base(struct regulatory_request *request)
 
 bool reg_last_request_cell_base(void)
 {
+	bool val;
 	assert_cfg80211_lock();
 
 	mutex_lock(&reg_mutex);
-	return reg_request_cell_base(last_request);
+	val = reg_request_cell_base(last_request);
 	mutex_unlock(&reg_mutex);
+	return val;
 }
 
 #ifdef CONFIG_CFG80211_CERTIFICATION_ONUS

From 99102bd380f27b8dd5e058e69e3203bfad0cad94 Mon Sep 17 00:00:00 2001
From: Eliad Peller <eliad@wizery.com>
Date: Wed, 18 Jul 2012 15:36:04 +0300
Subject: [PATCH 2/2] mac80211: flush stations before stop beaconing

When AP interface is going down, the stations
are flushed (in ieee80211_do_stop()) only after
the beaconing was stopped.

However, drivers might rely on stations being
removed before the beaconing was stopped, in
order to clean up properly.

Fix it by flushing the stations on ap stop.

(we already do the same for other interface
types, e.g. in ieee80211_set_disassoc())

Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
---
 net/mac80211/cfg.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index efbbdc8a2be0..d41974aacf51 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -917,6 +917,7 @@ static int ieee80211_stop_ap(struct wiphy *wiphy, struct net_device *dev)
 
 	kfree_rcu(old, rcu_head);
 
+	sta_info_flush(sdata->local, sdata);
 	ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED);
 
 	return 0;