Commit 671bdea2 authored by Amit Shah's avatar Amit Shah Committed by Rusty Russell

virtio: console: fix race in port_fops_open() and port unplug

Between open() being called and processed, the port can be unplugged.
Check if this happened, and bail out.

A simple test script to reproduce this is:

while true; do for i in $(seq 1 100); do echo $i > /dev/vport0p3; done; done;

This opens and closes the port a lot of times; unplugging the port while
this is happening triggers the bug.

CC: <stable@vger.kernel.org>
Signed-off-by: default avatarAmit Shah <amit.shah@redhat.com>
Signed-off-by: default avatarRusty Russell <rusty@rustcorp.com.au>
parent 057b82be
...@@ -1041,6 +1041,10 @@ static int port_fops_open(struct inode *inode, struct file *filp) ...@@ -1041,6 +1041,10 @@ static int port_fops_open(struct inode *inode, struct file *filp)
/* We get the port with a kref here */ /* We get the port with a kref here */
port = find_port_by_devt(cdev->dev); port = find_port_by_devt(cdev->dev);
if (!port) {
/* Port was unplugged before we could proceed */
return -ENXIO;
}
filp->private_data = port; filp->private_data = port;
/* /*
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment