[PATCH] PCI: pciehp_core, fix lock imbalance

From: Jiri Slaby
Date: Sat Jan 17 2009 - 10:24:23 EST

Next message: Evgeniy Polyakov: "Re: Linux killed Kenny, bastard!"
Previous message: Bodo Eggert: "Re: Linux killed Kenny, bastard!"
Next in thread: Kenji Kaneshige: "Re: [PATCH] PCI: pciehp_core, fix lock imbalance"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

set_lock_status omits mutex_unlock in fail path. Add the omitted
unlock.

As a result a lockup caused by this can be triggered from userspace
by writing 1 to /sys/bus/pci/slots/.../lock often enough.

Signed-off-by: Jiri Slaby <jirislaby@xxxxxxxxx>
Cc: Kristen Carlson Accardi <kristen.c.accardi@xxxxxxxxx>
Cc: Jesse Barnes <jbarnes@xxxxxxxxxxxxxxxx>
---
drivers/pci/hotplug/pciehp_core.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/drivers/pci/hotplug/pciehp_core.c b/drivers/pci/hotplug/pciehp_core.c
index 5482d4e..c248554 100644
--- a/drivers/pci/hotplug/pciehp_core.c
+++ b/drivers/pci/hotplug/pciehp_core.c
@@ -126,8 +126,10 @@ static int set_lock_status(struct hotplug_slot *hotplug_slot, u8 status)
mutex_lock(&slot->ctrl->crit_sect);

/* has it been >1 sec since our last toggle? */
- if ((get_seconds() - slot->last_emi_toggle) < 1)
+ if ((get_seconds() - slot->last_emi_toggle) < 1) {
+ mutex_unlock(&slot->ctrl->crit_sect);
return -EINVAL;
+ }

/* see what our current state is */
retval = get_lock_status(hotplug_slot, &value);
--
1.6.1
caught by stanse
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Evgeniy Polyakov: "Re: Linux killed Kenny, bastard!"
Previous message: Bodo Eggert: "Re: Linux killed Kenny, bastard!"
Next in thread: Kenji Kaneshige: "Re: [PATCH] PCI: pciehp_core, fix lock imbalance"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]