projects / firefly-linux-kernel-4.4.55.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8377c94) | patch
USB: Remove races in devio.c
authorHuajun Li <huajun.li.lee@gmail.com>
Fri, 18 May 2012 12:12:51 +0000 (20:12 +0800)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 18 May 2012 23:37:55 +0000 (16:37 -0700)
commit4e09dcf20f7b5358615514c2ec8584b248ab8874
tree52847eb294c7a08a10d27d8bf35844fb8cd0cf8ftree | snapshot
parent8377c94f627f7943da9a7eefdb21fd2e9e7ec629commit | diff
USB: Remove races in devio.c

There exist races in devio.c, below is one case,
and there are similar races in destroy_async()
and proc_unlinkurb().  Remove these races.

 cancel_bulk_urbs()        async_completed()
-------------------                -----------------------
 spin_unlock(&ps->lock);

                           list_move_tail(&as->asynclist,
                    &ps->async_completed);

                           wake_up(&ps->wait);

                           Lead to free_async() be triggered,
                           then urb and 'as' will be freed.

 usb_unlink_urb(as->urb);
 ===> refer to the freed 'as'

Signed-off-by: Huajun Li <huajun.li.lee@gmail.com>
Cc: Alan Stern <stern@rowland.harvard.edu>
Cc: Oncaphillis <oncaphillis@snafu.de>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/usb/core/devio.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.