Re: [PATCH resend ] tty/n_gsm.c: use gsm->num to remove mux itself from gsm_mux[]
From: One Thousand Gnomes
Date: Mon Dec 14 2015 - 10:41:05 EST
On Mon, 14 Dec 2015 15:08:03 +0800
Pan Xinhui <xinhui.pan@xxxxxxxxxxxxxxxxxx> wrote:
> From: Pan Xinhui <xinhui.pan@xxxxxxxxxxxxxxxxxx>
>
> There is one filed gsm->num to store mux's index of gsm_mux[]. So use
> gsm->num to remove itself from gsm_mux[] instead of the for-loop
> traverse in gsm_cleanup_mux().
>
> Signed-off-by: Pan Xinhui <xinhui.pan@xxxxxxxxxxxxxxxxxx>
> ---
> drivers/tty/n_gsm.c | 14 +++++---------
> 1 files changed, 5 insertions(+), 9 deletions(-)
>
> diff --git a/drivers/tty/n_gsm.c b/drivers/tty/n_gsm.c
> index 9aff371..cf28054 100644
> --- a/drivers/tty/n_gsm.c
> +++ b/drivers/tty/n_gsm.c
> @@ -2037,18 +2037,14 @@ static void gsm_cleanup_mux(struct gsm_mux *gsm)
>
> gsm->dead = 1;
>
> - spin_lock(&gsm_mux_lock);
> - for (i = 0; i < MAX_MUX; i++) {
> - if (gsm_mux[i] == gsm) {
> - gsm_mux[i] = NULL;
> - break;
> - }
> - }
> - spin_unlock(&gsm_mux_lock);
> /* open failed before registering => nothing to do */
> - if (i == MAX_MUX)
> + if (gsm_mux[gsm->num] != gsm)
> return;
>
> + spin_lock(&gsm_mux_lock);
> + gsm_mux[gsm->num] = NULL;
> + spin_unlock(&gsm_mux_lock);
Its a highly theoretical and probably impossible corner case but I can't
help thinking the lock should be held for the if () as well as NULLing
this out.
Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/