Commit fcd05986 authored by Christian Riesch's avatar Christian Riesch Committed by Jiri Slaby

n_tty: Fix read_buf race condition, increment read_head after pushing data

commit 8bfbe2de upstream.

Commit 19e2ad6a ("n_tty: Remove overflow
tests from receive_buf() path") moved the increment of read_head into
the arguments list of read_buf_addr(). Function calls represent a
sequence point in C. Therefore read_head is incremented before the
character c is placed in the buffer. Since the circular read buffer is
a lock-less design since commit 6d76bd26
("n_tty: Make N_TTY ldisc receive path lockless"), this creates a race
condition that leads to communication errors.

This patch modifies the code to increment read_head _after_ the data
is placed in the buffer and thus fixes the race for non-SMP machines.
To fix the problem for SMP machines, memory barriers must be added in
a separate patch.
Signed-off-by: default avatarChristian Riesch <christian.riesch@omicron.at>
Signed-off-by: default avatarJiri Slaby <jslaby@suse.cz>
parent d053001d
...@@ -319,7 +319,8 @@ static void n_tty_check_unthrottle(struct tty_struct *tty) ...@@ -319,7 +319,8 @@ static void n_tty_check_unthrottle(struct tty_struct *tty)
static inline void put_tty_queue(unsigned char c, struct n_tty_data *ldata) static inline void put_tty_queue(unsigned char c, struct n_tty_data *ldata)
{ {
*read_buf_addr(ldata, ldata->read_head++) = c; *read_buf_addr(ldata, ldata->read_head) = c;
ldata->read_head++;
} }
/** /**
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment