This is a note to let you know that I've just added the patch titled
n_gsm: added interlocking for gsm_data_lock for certain code paths
to the 3.0-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
n_gsm-added-interlocking-for-gsm_data_lock-for-certain-code-paths.patch
and it can be found in the queue-3.0 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <[email protected]> know about it.
>From 5e44708f75b0f8712da715d6babb0c21089b2317 Mon Sep 17 00:00:00 2001
From: Russ Gorby <[email protected]>
Date: Mon, 13 Aug 2012 13:44:40 +0100
Subject: n_gsm: added interlocking for gsm_data_lock for certain code paths
From: Russ Gorby <[email protected]>
commit 5e44708f75b0f8712da715d6babb0c21089b2317 upstream.
There were some locking holes in the management of the MUX's
message queue for 2 code paths:
1) gsmld_write_wakeup
2) receipt of CMD_FCON flow-control message
In both cases gsm_data_kick is called w/o locking so it can collide
with other other instances of gsm_data_kick (pulling messages tx_tail)
or potentially other instances of __gsm_data_queu (adding messages to tx_head)
Changed to take the tx_lock in these 2 cases
Signed-off-by: Russ Gorby <[email protected]>
Tested-by: Yin, Fengwei <[email protected]>
Signed-off-by: Alan Cox <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
drivers/tty/n_gsm.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
--- a/drivers/tty/n_gsm.c
+++ b/drivers/tty/n_gsm.c
@@ -1152,6 +1152,8 @@ static void gsm_control_message(struct g
u8 *data, int clen)
{
u8 buf[1];
+ unsigned long flags;
+
switch (command) {
case CMD_CLD: {
struct gsm_dlci *dlci = gsm->dlci[0];
@@ -1177,7 +1179,9 @@ static void gsm_control_message(struct g
gsm->constipated = 0;
gsm_control_reply(gsm, CMD_FCOFF, NULL, 0);
/* Kick the link in case it is idling */
+ spin_lock_irqsave(&gsm->tx_lock, flags);
gsm_data_kick(gsm);
+ spin_unlock_irqrestore(&gsm->tx_lock, flags);
break;
case CMD_MSC:
/* Out of band modem line change indicator for a DLCI */
@@ -2269,12 +2273,12 @@ static void gsmld_write_wakeup(struct tt
/* Queue poll */
clear_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
+ spin_lock_irqsave(&gsm->tx_lock, flags);
gsm_data_kick(gsm);
if (gsm->tx_bytes < TX_THRESH_LO) {
- spin_lock_irqsave(&gsm->tx_lock, flags);
gsm_dlci_data_sweep(gsm);
- spin_unlock_irqrestore(&gsm->tx_lock, flags);
}
+ spin_unlock_irqrestore(&gsm->tx_lock, flags);
}
/**
Patches currently in stable-queue which might be from [email protected] are
queue-3.0/n_gsm-memory-leak-in-uplink-error-path.patch
queue-3.0/n_gsm-added-interlocking-for-gsm_data_lock-for-certain-code-paths.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
