From: Denis Kirjanov <dkirjanov@suse.de>
To: Lin Ma <linma@zju.edu.cn>, netdev@vger.kernel.org
Cc: krzysztof.kozlowski@canonical.com, davem@davemloft.net,
kuba@kernel.org, jirislaby@kernel.org,
gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v0] NFC: reorganize the functions in nci_request
Date: Mon, 15 Nov 2021 17:32:35 +0300 [thread overview]
Message-ID: <84cf637f-4cda-a7ad-a5d1-484254ef16a5@suse.de> (raw)
In-Reply-To: <20211115142938.8109-1-linma@zju.edu.cn>
11/15/21 5:29 PM, Lin Ma пишет:
> There is a possible data race as shown below:
>
> thread-A in nci_request() | thread-B in nci_close_device()
> | mutex_lock(&ndev->req_lock);
> test_bit(NCI_UP, &ndev->flags); |
> ... | test_and_clear_bit(NCI_UP, &ndev->flags)
> mutex_lock(&ndev->req_lock); |
> |
>
> This race will allow __nci_request() to be awaked while the device is
> getting removed.
>
> Similar to commit e2cb6b891ad2 ("bluetooth: eliminate the potential race
> condition when removing the HCI controller"). this patch alters the
> function sequence in nci_request() to prevent the data races between the
> nci_close_device().
Please add Fixes tag
>
> Signed-off-by: Lin Ma <linma@zju.edu.cn>
> ---
> net/nfc/nci/core.c | 11 +++++++----
> 1 file changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/net/nfc/nci/core.c b/net/nfc/nci/core.c
> index 6fd873aa86be..2ab2d6a1a143 100644
> --- a/net/nfc/nci/core.c
> +++ b/net/nfc/nci/core.c
> @@ -144,12 +144,15 @@ inline int nci_request(struct nci_dev *ndev,
> {
> int rc;
>
> - if (!test_bit(NCI_UP, &ndev->flags))
> - return -ENETDOWN;
> -
> /* Serialize all requests */
> mutex_lock(&ndev->req_lock);
> - rc = __nci_request(ndev, req, opt, timeout);
> + /* check the state after obtaing the lock against any races
> + * from nci_close_device when the device gets removed.
> + */
> + if (test_bit(NCI_UP, &ndev->flags))
> + rc = __nci_request(ndev, req, opt, timeout);
> + else
> + rc = -ENETDOWN;
> mutex_unlock(&ndev->req_lock);
>
> return rc;
>
prev parent reply other threads:[~2021-11-15 14:34 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-15 14:29 [PATCH v0] NFC: reorganize the functions in nci_request Lin Ma
2021-11-15 14:32 ` Denis Kirjanov [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=84cf637f-4cda-a7ad-a5d1-484254ef16a5@suse.de \
--to=dkirjanov@suse.de \
--cc=davem@davemloft.net \
--cc=gregkh@linuxfoundation.org \
--cc=jirislaby@kernel.org \
--cc=krzysztof.kozlowski@canonical.com \
--cc=kuba@kernel.org \
--cc=linma@zju.edu.cn \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.