[kernel/rawhide/user/kyle/kernel-git] more patches for this tty open race
Kyle McMartin
kyle at fedoraproject.org
Sat Nov 27 16:14:33 UTC 2010
commit dadc63b85414eb711425e70b4140a640fa74ef09
Author: Kyle McMartin <kyle at mcmartin.ca>
Date: Sat Nov 27 10:30:59 2010 -0500
more patches for this tty open race
kernel.spec | 6 ++-
tty-ldisc-fix-open-flag-handling.patch | 54 ++++++++++++++++++++++
tty-open-hangup-race-fixup.patch | 76 ++++++++++++++++++++++++++++++++
3 files changed, 135 insertions(+), 1 deletions(-)
---
diff --git a/kernel.spec b/kernel.spec
index 40ca189..aeefb1b 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -51,7 +51,7 @@ Summary: The Linux kernel
# For non-released -rc kernels, this will be prepended with "0.", so
# for example a 3 here will become 0.3
#
-%global baserelease 1
+%global baserelease 2
%global fedora_build %{baserelease}
# base_sublevel is the kernel version we're starting with and patching
@@ -701,6 +701,8 @@ Patch12303: dmar-disable-when-ricoh-multifunction.patch
Patch12400: tty-dont-allow-reopen-when-ldisc-is-changing.patch
Patch12401: debug-tty-print-dev-name.patch
+Patch12402: tty-ldisc-fix-open-flag-handling.patch
+Patch12403: tty-open-hangup-race-fixup.patch
%endif
@@ -1293,6 +1295,8 @@ ApplyPatch dmar-disable-when-ricoh-multifunction.patch
# rhbz#630464
ApplyPatch tty-dont-allow-reopen-when-ldisc-is-changing.patch
ApplyPatch debug-tty-print-dev-name.patch
+ApplyPatch tty-ldisc-fix-open-flag-handling.patch
+ApplyPatch tty-open-hangup-race-fixup.patch
# END OF PATCH APPLICATIONS
diff --git a/tty-ldisc-fix-open-flag-handling.patch b/tty-ldisc-fix-open-flag-handling.patch
new file mode 100644
index 0000000..4213aeb
--- /dev/null
+++ b/tty-ldisc-fix-open-flag-handling.patch
@@ -0,0 +1,54 @@
+From linux-kernel-owner at vger.kernel.org Wed Nov 24 18:28:11 2010
+From: Jiri Slaby <jslaby at suse.cz>
+Subject: [PATCH 1/2] TTY: ldisc, fix open flag handling
+Date: Thu, 25 Nov 2010 00:27:54 +0100
+
+When a concrete ldisc open fails in tty_ldisc_open, we forget to clear
+TTY_LDISC_OPEN. This causes a false warning on the next ldisc open:
+WARNING: at drivers/char/tty_ldisc.c:445 tty_ldisc_open+0x26/0x38()
+Hardware name: System Product Name
+Modules linked in: ...
+Pid: 5251, comm: a.out Tainted: G W 2.6.32-5-686 #1
+Call Trace:
+ [<c1030321>] ? warn_slowpath_common+0x5e/0x8a
+ [<c1030357>] ? warn_slowpath_null+0xa/0xc
+ [<c119311c>] ? tty_ldisc_open+0x26/0x38
+ [<c11936c5>] ? tty_set_ldisc+0x218/0x304
+...
+
+So clear the bit when failing...
+
+Introduced in c65c9bc3efa (tty: rewrite the ldisc locking) back in
+2.6.31-rc1.
+
+Signed-off-by: Jiri Slaby <jslaby at suse.cz>
+Cc: Alan Cox <alan at linux.intel.com>
+Reported-by: Sergey Lapin <slapin at ossfans.org>
+Tested-by: Sergey Lapin <slapin at ossfans.org>
+---
+ drivers/tty/tty_ldisc.c | 2 ++
+ 1 files changed, 2 insertions(+), 0 deletions(-)
+
+diff --git a/drivers/tty/tty_ldisc.c b/drivers/tty/tty_ldisc.c
+index d8e96b0..4214d58 100644
+--- a/drivers/tty/tty_ldisc.c
++++ b/drivers/tty/tty_ldisc.c
+@@ -454,6 +454,8 @@ static int tty_ldisc_open(struct tty_struct *tty, struct tty_ldisc *ld)
+ /* BTM here locks versus a hangup event */
+ WARN_ON(!tty_locked());
+ ret = ld->ops->open(tty);
++ if (ret)
++ clear_bit(TTY_LDISC_OPEN, &tty->flags);
+ return ret;
+ }
+ return 0;
+--
+1.7.3.1
+
+
+--
+To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
+the body of a message to majordomo at vger.kernel.org
+More majordomo info at http://vger.kernel.org/majordomo-info.html
+Please read the FAQ at http://www.tux.org/lkml/
+
diff --git a/tty-open-hangup-race-fixup.patch b/tty-open-hangup-race-fixup.patch
new file mode 100644
index 0000000..cda7f41
--- /dev/null
+++ b/tty-open-hangup-race-fixup.patch
@@ -0,0 +1,76 @@
+From 9e88e8b9915b5e067507a087437d80e6a133d612 Mon Sep 17 00:00:00 2001
+From: Jiri Slaby <jslaby at suse.cz>
+Date: Sat, 27 Nov 2010 16:06:46 +0100
+Subject: [PATCH 1/1] TTY: open/hangup race fixup
+
+
+Signed-off-by: Jiri Slaby <jslaby at suse.cz>
+---
+ drivers/tty/tty_io.c | 10 +++++++++-
+ include/linux/tty.h | 1 +
+ 2 files changed, 10 insertions(+), 1 deletions(-)
+
+diff --git a/drivers/tty/tty_io.c b/drivers/tty/tty_io.c
+index 878f6d6..35480dd 100644
+--- a/drivers/tty/tty_io.c
++++ b/drivers/tty/tty_io.c
+@@ -559,6 +559,9 @@ void __tty_hangup(struct tty_struct *tty)
+
+ tty_lock();
+
++ /* some functions below drop BTM, so we need this bit */
++ set_bit(TTY_HUPPING, &tty->flags);
++
+ /* inuse_filps is protected by the single tty lock,
+ this really needs to change if we want to flush the
+ workqueue with the lock held */
+@@ -578,6 +581,10 @@ void __tty_hangup(struct tty_struct *tty)
+ }
+ spin_unlock(&tty_files_lock);
+
++ /*
++ * it drops BTM and thus races with reopen
++ * we protect the race by TTY_HUPPING
++ */
+ tty_ldisc_hangup(tty);
+
+ read_lock(&tasklist_lock);
+@@ -615,7 +622,6 @@ void __tty_hangup(struct tty_struct *tty)
+ tty->session = NULL;
+ tty->pgrp = NULL;
+ tty->ctrl_status = 0;
+- set_bit(TTY_HUPPED, &tty->flags);
+ spin_unlock_irqrestore(&tty->ctrl_lock, flags);
+
+ /* Account for the p->signal references we killed */
+@@ -641,6 +647,7 @@ void __tty_hangup(struct tty_struct *tty)
+ * can't yet guarantee all that.
+ */
+ set_bit(TTY_HUPPED, &tty->flags);
++ clear_bit(TTY_HUPPING, &tty->flags);
+ tty_ldisc_enable(tty);
+
+ tty_unlock();
+@@ -1311,6 +1318,7 @@ static int tty_reopen(struct tty_struct *tty)
+ struct tty_driver *driver = tty->driver;
+
+ if (test_bit(TTY_CLOSING, &tty->flags) ||
++ test_bit(TTY_HUPPING, &tty->flags) ||
+ test_bit(TTY_LDISC_CHANGING, &tty->flags))
+ return -EIO;
+
+diff --git a/include/linux/tty.h b/include/linux/tty.h
+index 032d79f..54e4eaa 100644
+--- a/include/linux/tty.h
++++ b/include/linux/tty.h
+@@ -366,6 +366,7 @@ struct tty_file_private {
+ #define TTY_HUPPED 18 /* Post driver->hangup() */
+ #define TTY_FLUSHING 19 /* Flushing to ldisc in progress */
+ #define TTY_FLUSHPENDING 20 /* Queued buffer flush pending */
++#define TTY_HUPPING 21 /* ->hangup() in progress */
+
+ #define TTY_WRITE_FLUSH(tty) tty_write_flush((tty))
+
+--
+1.7.3.1
+
More information about the scm-commits
mailing list