[BUG] media: dvb: dib9000: buggy locking

From: Vasiliy Kulikov
Date: Wed Jan 19 2011 - 08:10:23 EST

Next message: Peter Zijlstra: "Re: percpu related boot crash on x86 (was: Linux 2.6.38-rc1)"
Previous message: Onkalo Samu: "Re: Bug in scheduler when using rt_mutex"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

I've noticed that locking in drivers/media/dvb/frontends/dib9000.c is
not correct:

static int dib9000_fw_get_channel(...)
{
...
DibAcquireLock(&state->platform.risc.mem_mbx_lock);
...

error:
DibReleaseLock(&state->platform.risc.mem_mbx_lock);
return ret;
}

#define DibAcquireLock(lock) do { if (mutex_lock_interruptible(lock) < 0) dprintk("could not get the lock"); } while (0)
#define DibReleaseLock(lock) mutex_unlock(lock)

1) If mutex is not hold, then the critical section is not protected.

2) If mutex was not hold, then the code tries to release not holded
mutex.

This locking "style" is used all over the driver.

Thanks,

--
Vasiliy Kulikov
http://www.openwall.com - bringing security into open computing environments
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Peter Zijlstra: "Re: percpu related boot crash on x86 (was: Linux 2.6.38-rc1)"
Previous message: Onkalo Samu: "Re: Bug in scheduler when using rt_mutex"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]