Re: [PATCH] pinctrl: protect pinctrl_list add
From: Stanislaw Gruszka
Date: Tue Feb 04 2014 - 03:02:21 EST
On Mon, Feb 03, 2014 at 02:12:51PM -0700, Stephen Warren wrote:
> On 02/03/2014 04:39 AM, Stanislaw Gruszka wrote:
> > We have few fedora bug reports about list corruption on pinctrl,
> > for example:
> > https://bugzilla.redhat.com/show_bug.cgi?id=1051918
> >
> > Most likely corruption happen due lack of protection of pinctrl_list
> > when adding new nodes to it. Patch corrects that.
> >
> > Fixes: 57b676f9c1b ("pinctrl: fix and simplify locking")
>
> After that patch ...
>
> > diff --git a/drivers/pinctrl/core.c b/drivers/pinctrl/core.c
>
> > @@ -851,7 +851,9 @@ static struct pinctrl *create_pinctrl(struct device *dev)
> > kref_init(&p->users);
> >
> > /* Add the pinctrl handle to the global list */
> > + mutex_lock(&pinctrl_list_mutex);
>
> That variable doesn't exist; it got replaced with the "global"
> pinctrl_mutex. Also, since that patch, IIRC some other changes have been
> made to the locking structure, so this patch might need adjustments not
> to conflict with those changes?
I missed that, I just quicky looked at git blame. This mutex was added
again by commit 42fed7ba44e4e8c1fb27b28ad14490cb1daff3c7
"pinctrl: move subsystem mutex to pinctrl_dev struct"
and actually this is the commit that introduce the bug. Before it,
list_add_tail() was called inside pinctrl_get_locked() and was
protected by global pinctrl_mutex.
I'll post patch with fixed "Fixes:" shortly.
Thanks
Stanislaw
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/