Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-09-23 00:13:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
a9e6107616
linux/include
History
Hans Verkuil a9e6107616 media: cec: fix a deadlock situation 
The cec_devnode struct has a lock meant to serialize access
to the fields of this struct. This lock is taken during
device node (un)registration and when opening or releasing a
filehandle to the device node. When the last open filehandle
is closed the cec adapter might be disabled by calling the
adap_enable driver callback with the devnode.lock held.

However, if during that callback a message or event arrives
then the driver will call one of the cec_queue_event()
variants in cec-adap.c, and those will take the same devnode.lock
to walk the open filehandle list.

This obviously causes a deadlock.

This is quite easy to reproduce with the cec-gpio driver since that
uses the cec-pin framework which generated lots of events and uses
a kernel thread for the processing, so when adap_enable is called
the thread is still running and can generate events.

But I suspect that it might also happen with other drivers if an
interrupt arrives signaling e.g. a received message before adap_enable
had a chance to disable the interrupts.

This patch adds a new mutex to serialize access to the fhs list.
When adap_enable() is called the devnode.lock mutex is held, but
not devnode.lock_fhs. The event functions in cec-adap.c will now
use devnode.lock_fhs instead of devnode.lock, ensuring that it is
safe to call those functions from the adap_enable callback.

This specific issue only happens if the last open filehandle is closed
and the physical address is invalid. This is not something that
happens during normal operation, but it does happen when monitoring
CEC traffic (e.g. cec-ctl --monitor) with an unconfigured CEC adapter.

Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl>
Cc: <stable@vger.kernel.org>  # for v5.13 and up
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
2021-12-07 11:29:56 +01:00
..
acpi Merge branches 'acpica', 'acpi-ec', 'acpi-pmic' and 'acpi-video' 2021-11-10 14:03:14 +01:00
asm-generic Add linux/cacheflush.h 2021-11-17 10:36:15 -05:00
clocksource ARM: 2021-11-02 11:24:14 -07:00
crypto
drm Removed the TTM Huge Page functionnality to address a crash, a timeout 2021-11-11 08:14:19 +10:00
dt-bindings dt-bindings: Rename Ingenic CGU headers to ingenic,*.h 2021-11-11 22:27:14 -06:00
keys
kunit include/kunit/test.h: replace kernel.h with the necessary inclusions 2021-11-09 10:02:49 -08:00
kvm
linux - Properly init uclamp_flags of a runqueue, on first enqueuing 2021-12-05 08:53:31 -08:00
math-emu
media media: cec: fix a deadlock situation 2021-12-07 11:29:56 +01:00
memory
misc
net ipv4: convert fib_num_tclassid_users to atomic_t 2021-12-02 11:56:04 +00:00
pcmcia
ras
rdma RDMA/netlink: Add __maybe_unused to static inline in C file 2021-11-16 13:13:08 -04:00
scsi SCSI misc on 20211112 2021-11-12 12:25:50 -08:00
soc net: mscc: ocelot: create a function that replaces an existing VCAP filter 2021-11-26 11:38:20 -08:00
sound ASoC: Fixes for v5.16 2021-11-25 14:35:24 +01:00
target
trace NFS client bugfixes for Linux 5.16 2021-11-27 10:33:55 -08:00
uapi Linux 5.16-rc4 2021-12-07 11:29:41 +01:00
vdso
video
xen xen: add "not_essential" flag to struct xenbus_driver 2021-11-23 13:41:29 -06:00