[PATCH] atm/fore200e: Fix possible data race in fore200e_open()

From: Gui-Dong Han
Date: Wed Jan 15 2025 - 08:10:59 EST

Next message: Krzysztof Wilczyński: "Re: [PATCH v5] PCI: dwc: Clean up some unnecessary codes in dw_pcie_suspend_noirq()"
Previous message: Mohan, Subramanian: "RE: [PATCH 1/1] can: m_can: Control tx flow to avoid message stuck"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Protect access to fore200e->available_cell_rate with rate_mtx lock to
prevent potential data race.

The field fore200e.available_cell_rate is generally protected by the lock
fore200e.rate_mtx when accessed. In all other read and write cases, this
field is consistently protected by the lock, except for this case and
during initialization.

This potential bug was detected by our experimental static analysis tool,
which analyzes locking APIs and paired functions to identify data races
and atomicity violations.

Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Cc: stable@xxxxxxxxxxxxxxx
Signed-off-by: Gui-Dong Han <2045gemini@xxxxxxxxx>
---
drivers/atm/fore200e.c | 2 ++
1 file changed, 2 insertions(+)

diff --git a/drivers/atm/fore200e.c b/drivers/atm/fore200e.c
index 4fea1149e003..f62e38571440 100644
--- a/drivers/atm/fore200e.c
+++ b/drivers/atm/fore200e.c
@@ -1374,7 +1374,9 @@ fore200e_open(struct atm_vcc *vcc)

vcc->dev_data = NULL;

+ mutex_lock(&fore200e->rate_mtx);
fore200e->available_cell_rate += vcc->qos.txtp.max_pcr;
+ mutex_unlock(&fore200e->rate_mtx);

kfree(fore200e_vcc);
return -EINVAL;
--
2.25.1

Next message: Krzysztof Wilczyński: "Re: [PATCH v5] PCI: dwc: Clean up some unnecessary codes in dw_pcie_suspend_noirq()"
Previous message: Mohan, Subramanian: "RE: [PATCH 1/1] can: m_can: Control tx flow to avoid message stuck"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]