LinuxLists.cc - [PATCH 1/1] USB: inode.c: fix unbalanced spin_lock in ep0

2015-12-11 19:56:57

Subject: [PATCH 1/1] USB: inode.c: fix unbalanced spin_lock in ep0_write

Fix bad unlock balance: ep0_write enter with the locks locked from inode.c:1769,
hence it must exit with spinlock held to avoid double unlock in dev_config.

Signed-off-by: David Eccher <[email protected]>
---
drivers/usb/gadget/legacy/inode.c | 1 +
1 file changed, 1 insertion(+)

diff --git a/drivers/usb/gadget/legacy/inode.c b/drivers/usb/gadget/legacy/inode.c
index f454c7a..b968c25 100644
--- a/drivers/usb/gadget/legacy/inode.c
+++ b/drivers/usb/gadget/legacy/inode.c
@@ -1144,6 +1144,7 @@ ep0_write (struct file *fd, const char __user *buf, size_t len, loff_t *ptr)
} else
retval = len;

+ spin_lock_irq (&dev->lock);
return retval;
}

--
1.8.1.2

2015-12-11 20:11:20

by Al Viro

[permalink] [raw]

Subject: Re: [PATCH 1/1] USB: inode.c: fix unbalanced spin_lock in ep0_write

On Fri, Dec 11, 2015 at 08:56:26PM +0100, David Eccher wrote:
> Fix bad unlock balance: ep0_write enter with the locks locked from inode.c:1769,
> hence it must exit with spinlock held to avoid double unlock in dev_config.

*Ugh*

Just take that spinlock before the if (retval < 0) and don't drop it after
clear_req(), then...

2015-12-11 20:57:29

by Sergei Shtylyov

[permalink] [raw]

Subject: Re: [PATCH 1/1] USB: inode.c: fix unbalanced spin_lock in ep0_write

Hello.

On 12/11/2015 10:56 PM, David Eccher wrote:

> Fix bad unlock balance: ep0_write enter with the locks locked from inode.c:1769,
> hence it must exit with spinlock held to avoid double unlock in dev_config.
>
> Signed-off-by: David Eccher <[email protected]>
> ---
> drivers/usb/gadget/legacy/inode.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/drivers/usb/gadget/legacy/inode.c b/drivers/usb/gadget/legacy/inode.c
> index f454c7a..b968c25 100644
> --- a/drivers/usb/gadget/legacy/inode.c
> +++ b/drivers/usb/gadget/legacy/inode.c
> @@ -1144,6 +1144,7 @@ ep0_write (struct file *fd, const char __user *buf, size_t len, loff_t *ptr)
> } else
> retval = len;
>
> + spin_lock_irq (&dev->lock);

I guess you hadn't run the patch thru scripts/checkpatch.pl?

MBR, Sergei

2015-12-11 21:13:16

by David Eccher

[permalink] [raw]

Subject: Re: [PATCH 1/1] USB: inode.c: fix unbalanced spin_lock in ep0_write

On Fri, Dec 11, 2015 at 9:11 PM, Al Viro <[email protected]> wrote:
>
> On Fri, Dec 11, 2015 at 08:56:26PM +0100, David Eccher wrote:
> > Fix bad unlock balance: ep0_write enter with the locks locked from inode.c:1769,
> > hence it must exit with spinlock held to avoid double unlock in dev_config.
>
> *Ugh*
>
> Just take that spinlock before the if (retval < 0) and don't drop it after
> clear_req(), then...

Oh, yeah good point, I'll send a v2...and test the patch thru
checkpatch.pl, sorry

--
David Eccher