Re: [PATCH] tty: hold lock across tty buffer finding and buffer filling
From: Jiri Slaby
Date: Fri Mar 16 2012 - 06:22:06 EST
On 03/16/2012 11:08 AM, Du, Alek wrote:
> If you really look at the original patch from Xiaobing, the tty_prepare_flip_string is also patched :-)
> Actually it fills up all the possible spin_lock gaps in tty_buffer.c
>
>
> @@ -344,13 +375,20 @@ EXPORT_SYMBOL(tty_schedule_flip); int tty_prepare_flip_string(struct tty_struct *tty, unsigned char **chars,
> size_t size)
> {
> - int space = tty_buffer_request_room(tty, size);
> + int space;
> + unsigned long flags;
> + struct tty_buffer *tb;
> +
> + spin_lock_irqsave(&tty->buf.lock, flags);
> + space = __tty_buffer_request_room(tty, size);
> +
> + tb = tty->buf.tail;
> if (likely(space)) {
> - struct tty_buffer *tb = tty->buf.tail;
> *chars = tb->char_buf_ptr + tb->used;
^^^^^^
This is returned to the caller. And it writes to that. And it may be
gone as soon as the lock is unlocked below.
> memset(tb->flag_buf_ptr + tb->used, TTY_NORMAL, space);
> tb->used += space;
> }
> + spin_unlock_irqrestore(&tty->buf.lock, flags);
> return space;
> }
thanks,
--
js
suse labs
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/