Commit d5dba32b authored by Chengfeng Ye's avatar Chengfeng Ye Committed by David S. Miller

atm: solos-pci: Fix potential deadlock on &cli_queue_lock

As &card->cli_queue_lock is acquired under softirq context along the
following call chain from solos_bh(), other acquisition of the same
lock inside process context should disable at least bh to avoid double
lock.

<deadlock #1>
console_show()
--> spin_lock(&card->cli_queue_lock)
<interrupt>
   --> solos_bh()
   --> spin_lock(&card->cli_queue_lock)

This flaw was found by an experimental static analysis tool I am
developing for irq-related deadlock.

To prevent the potential deadlock, the patch uses spin_lock_bh()
on the card->cli_queue_lock under process context code consistently
to prevent the possible deadlock scenario.

Fixes: 9c54004e ("atm: Driver for Solos PCI ADSL2+ card.")
Signed-off-by: default avatarChengfeng Ye <dg573847474@gmail.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 1ae4cd3c
...@@ -449,9 +449,9 @@ static ssize_t console_show(struct device *dev, struct device_attribute *attr, ...@@ -449,9 +449,9 @@ static ssize_t console_show(struct device *dev, struct device_attribute *attr,
struct sk_buff *skb; struct sk_buff *skb;
unsigned int len; unsigned int len;
spin_lock(&card->cli_queue_lock); spin_lock_bh(&card->cli_queue_lock);
skb = skb_dequeue(&card->cli_queue[SOLOS_CHAN(atmdev)]); skb = skb_dequeue(&card->cli_queue[SOLOS_CHAN(atmdev)]);
spin_unlock(&card->cli_queue_lock); spin_unlock_bh(&card->cli_queue_lock);
if(skb == NULL) if(skb == NULL)
return sprintf(buf, "No data.\n"); return sprintf(buf, "No data.\n");
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment