lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 20 Mar 2014 12:16:22 -0500
From:	Felipe Balbi <balbi@...com>
To:	Alan Cox <alan@...ux.intel.com>
CC:	<balbi@...com>, Marcel Holtmann <marcel@...tmann.org>,
	Greg KH <gregkh@...uxfoundation.org>,
	Muralidharan Karicheri <m-karicheri2@...com>,
	<linux-bluetooth@...r.kernel.org>, <linux-serial@...r.kernel.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: hci_ldsic nested locking problem

On Thu, Mar 20, 2014 at 04:42:16PM +0000, Alan Cox wrote:
> On Thu, 2014-03-20 at 11:34 -0500, Felipe Balbi wrote:
> > Hi,
> > 
> > when 8250 driver calls uart_write_wakeup(), the tty port lock is already
> > taken. hci_ldisc.c's implementation of ->write_wakeup() calls
> > tty->ops->write() to actually send the characters, but that call will
> > try to acquire the same port lock again.
> > 
> > Looking at other line disciplines that looks like a bug in hci_ldisc.c.
> > Am I correct to assume that ->write_wakeup() is supposed to *just*
> > wakeup the bottom half so we handle ->write() in another context ?
> > 
> > Is it legal to call tty->ops->write() from within ->write_wakeup() ?
> 
> It isn't because you might send all the bytes and go
> 
> 	write
> 		write_wakeup
> 			write
> 				write wakeup
> 					...
> 
> and recurse

cool, so there really is a bug in hci_ldisc. Marcel, any tips on how do
you want this to be sorted out ?

-- 
balbi

Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists