| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 16 Oct 2021 11:10:40 +0200
From: "Fabio M. De Francesco" <fmdefrancesco@...il.com>
To: Larry Finger <Larry.Finger@...inger.net>,
Phillip Potter <phil@...lpotter.co.uk>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Dan Carpenter <dan.carpenter@...cle.com>,
linux-staging@...ts.linux.dev, linux-kernel@...r.kernel.org
Cc: "Fabio M. De Francesco" <fmdefrancesco@...il.com>
Subject: [PATCH 1/3] staging: r8188eu: Use completions for signaling start and end kthread
rtw_cmd_thread() "up(s)" a semaphore twice, first to notify callers when
its execution has started and then to notify when it is about to end.
It makes the same semaphore go "up" twice in the same kthread. This
construct makes Smatch to warn of duplicate "up(s)".
This kthread uses interruptible semaphores where instead completions are
more suitable. For this purpose it calls an helper (_rtw_down_sema())
that returns values that are never checked. It may lead to bugs.
To address the above-mentioned issues, use two completions variables
instead of semaphores. Use the uninterruptible versions of
wait_for_completion*() because the interruptible / killable versions are
not necessary.
Tested with "ASUSTek Computer, Inc. Realtek 8188EUS [USB-N10 Nano]".
Signed-off-by: Fabio M. De Francesco <fmdefrancesco@...il.com>
---
drivers/staging/r8188eu/core/rtw_cmd.c | 7 ++++---
drivers/staging/r8188eu/include/rtw_cmd.h | 3 ++-
drivers/staging/r8188eu/os_dep/os_intfs.c | 6 ++++--
3 files changed, 10 insertions(+), 6 deletions(-)
diff --git a/drivers/staging/r8188eu/core/rtw_cmd.c b/drivers/staging/r8188eu/core/rtw_cmd.c
index e17332677daa..195390449502 100644
--- a/drivers/staging/r8188eu/core/rtw_cmd.c
+++ b/drivers/staging/r8188eu/core/rtw_cmd.c
@@ -23,7 +23,8 @@ static int _rtw_init_cmd_priv(struct cmd_priv *pcmdpriv)
sema_init(&pcmdpriv->cmd_queue_sema, 0);
/* sema_init(&(pcmdpriv->cmd_done_sema), 0); */
- sema_init(&pcmdpriv->terminate_cmdthread_sema, 0);
+ init_completion(&pcmdpriv->start_cmd_thread);
+ init_completion(&pcmdpriv->stop_cmd_thread);
rtw_init_queue(&pcmdpriv->cmd_queue);
@@ -248,7 +249,7 @@ int rtw_cmd_thread(void *context)
pcmdbuf = pcmdpriv->cmd_buf;
pcmdpriv->cmdthd_running = true;
- up(&pcmdpriv->terminate_cmdthread_sema);
+ complete(&pcmdpriv->start_cmd_thread);
while (1) {
if (_rtw_down_sema(&pcmdpriv->cmd_queue_sema) == _FAIL)
@@ -329,7 +330,7 @@ int rtw_cmd_thread(void *context)
rtw_free_cmd_obj(pcmd);
} while (1);
- up(&pcmdpriv->terminate_cmdthread_sema);
+ complete(&pcmdpriv->stop_cmd_thread);
thread_exit();
}
diff --git a/drivers/staging/r8188eu/include/rtw_cmd.h b/drivers/staging/r8188eu/include/rtw_cmd.h
index 83fbb922db2c..b6266e3e2c40 100644
--- a/drivers/staging/r8188eu/include/rtw_cmd.h
+++ b/drivers/staging/r8188eu/include/rtw_cmd.h
@@ -34,7 +34,8 @@ struct cmd_obj {
struct cmd_priv {
struct semaphore cmd_queue_sema;
- struct semaphore terminate_cmdthread_sema;
+ struct completion start_cmd_thread;
+ struct completion stop_cmd_thread;
struct __queue cmd_queue;
u8 cmd_seq;
u8 *cmd_buf; /* shall be non-paged, and 4 bytes aligned */
diff --git a/drivers/staging/r8188eu/os_dep/os_intfs.c b/drivers/staging/r8188eu/os_dep/os_intfs.c
index e7964a048c99..0bcea66f550b 100644
--- a/drivers/staging/r8188eu/os_dep/os_intfs.c
+++ b/drivers/staging/r8188eu/os_dep/os_intfs.c
@@ -385,7 +385,8 @@ u32 rtw_start_drv_threads(struct adapter *padapter)
if (IS_ERR(padapter->cmdThread))
_status = _FAIL;
else
- _rtw_down_sema(&padapter->cmdpriv.terminate_cmdthread_sema); /* wait for cmd_thread to run */
+ /* wait for rtw_cmd_thread() to start running */
+ wait_for_completion(&padapter->cmdpriv.start_cmd_thread);
return _status;
}
@@ -395,7 +396,8 @@ void rtw_stop_drv_threads(struct adapter *padapter)
/* Below is to termindate rtw_cmd_thread & event_thread... */
up(&padapter->cmdpriv.cmd_queue_sema);
if (padapter->cmdThread)
- _rtw_down_sema(&padapter->cmdpriv.terminate_cmdthread_sema);
+ /* wait for rtw_cmd_thread() to stop running */
+ wait_for_completion(&padapter->cmdpriv.stop_cmd_thread);
}
static u8 rtw_init_default_value(struct adapter *padapter)
--
2.33.0
Powered by blists - more mailing lists