Re: [2.4 patch] Port of adutux driver from 2.6 kernel to 2.4.

From: Pete Zaitcev
Date: Mon Oct 15 2007 - 13:30:59 EST


On Sun, 14 Oct 2007 23:45:36 +0300, "Vitaliy Ivanov" <vitalivanov@xxxxxxxxx> wrote:

> Also IMHO the more drivers are in the tree the more users will use it.
> Once it will be merged in the mainline then it will be backported to
> enterprise kernels and would gain wide usage.

At least in case of RHEL, such backports never were automatic. In any
case, RHEL 2.1 and 3 do not receive new drivers anymore. We only do
bugfixes if something comes up. Realistically speaking, 2.4 kernels
are just too old for anyone to use. So, I think it would be best for
you to think in terms of Willy's tree only.

> + in_end_size = le16_to_cpu(dev->interrupt_in_endpoint->wMaxPacketSize);
> + out_end_size = le16_to_cpu(dev->interrupt_out_endpoint->wMaxPacketSize);

Did you verify if this works? We use pre-swapped descriptors in 2.4.
I suspect you allocate 256 times more memory than necessary.

> +static void adu_delete(struct adu_device *dev)
> + kfree(dev);

> +static int adu_release_internal(struct adu_device *dev)
> + if (dev->udev == NULL) {
> + adu_delete(dev);

> +static int adu_open(struct inode *inode, struct file *file)
> + retval = adu_release_internal(dev);
> + up(&dev->sem);

The above very clearly is a use-after-free, in case the device was
open across a disconnect. Solution: Use minor_table_mutex to lock
dev->open_count instead of dev->sem. There's no rule that the lock
has to live inside the same structure with members it locks.

-- Pete
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/