• Ilya Zykov's avatar
    tty: Correct tty buffer flush. · 64325a3b
    Ilya Zykov authored
      The root of problem is carelessly zeroing pointer(in function __tty_buffer_flush()),
    when another thread can use it. It can be cause of "NULL pointer dereference".
      Main idea of the patch, this is never free last (struct tty_buffer) in the active buffer.
    Only flush the data for ldisc(buf->head->read = buf->head->commit).
    At that moment driver can collect(write) data in buffer without conflict.
    It is repeat behavior of flush_to_ldisc(), only without feeding data to ldisc.
    
    Also revert:
      commit c56a00a1
      tty: hold lock across tty buffer finding and buffer filling
    In order to delete the unneeded locks any more.
    Signed-off-by: default avatarIlya Zykov <ilya@ilyx.ru>
    CC: Alan Cox <alan@lxorguk.ukuu.org.uk>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    64325a3b
tty_buffer.c 14.3 KB