From: Ming Lei <ming.lei-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>
To: Alan Stern <stern-nwvwT67g6+6dFdvTe/nMLpVzexx5G7lz@public.gmane.org>
Cc: Oliver Neukum <oliver-GvhC2dPhHPQdnm+yROfE0A@public.gmane.org>,
Greg Kroah-Hartman
<gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>,
Jiri Kosina <jkosina-AlSwsSmVLrQ@public.gmane.org>,
linux-usb-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-input-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
stable-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: Re: [PATCH] hid: usbhid: fix possible deadlock in __usbhid_submit_report
Date: Wed, 25 Apr 2012 08:27:55 +0800 [thread overview]
Message-ID: <CACVXFVNH7kGpHEBD6TcrOu8WjCd1dfvDFUHp4B2QGiccw7vuMg@mail.gmail.com> (raw)
In-Reply-To: <Pine.LNX.4.44L0.1204241110160.1511-100000-IYeN2dnnYyZXsRXLowluHWD2FQJk+8+b@public.gmane.org>
On Tue, Apr 24, 2012 at 11:20 PM, Alan Stern <stern-nwvwT67g6+6dFdvTe/nMLpVzexx5G7lz@public.gmane.org> wrote:
> On Tue, 24 Apr 2012, Ming Lei wrote:
>
>> > Instead of changing return codes or adding locks, how about
>> > implementing a small state machine for each URB?
>> >
>> > Initially the state is ACTIVE.
>> >
>> > When the URB times out, acquire the lock. If the state is not
>> > equal to ACTIVE, drop the lock and return immediately (the URB
>> > is being unlinked concurrently). Otherwise set the state to
>> > UNLINK_STARTED, drop the lock, call usb_unlink_urb, and
>> > reacquire the lock. If the state hasn't changed, set it back
>> > to ACTIVE. But if the state has changed to UNLINK_FINISHED,
>> > set it to ACTIVE and resubmit.
>> >
>> > In the completion handler, grab the lock. If the state
>> > is ACTIVE, resubmit. But if the state is UNLINK_STARTED,
>> > change it to UNLINK_FINISHED and don't resubmit.
>>
>> Sounds a smart solution, but extra care should be put on submit urb
>> in other context, maybe the lock is to be held to check URB state before
>> submitting it because the lock is released during usb_unlink_urb.
>
> Don't you face a similar problem right now? What happens if the
> timeout expires while the URB completion handler is running? Then the
> timer routine could end up unlinking the resubmitted URB instead of the
> original transfer.
>
> You need a sort of "generation number", or something like that, to
> prevent this kind of mistake. The same mechanism should work with the
> state machine.
>
> Are you saying that every place where the URB is submitted, the state
> has to be set to ACTIVE first, and this has to done with the lock held?
Maybe it is not enough. If the URB state is set as UNLINK_STARTED
and the lock is released, will you continue the submitting?
> Yes, that's right.
>
>> Also basically the URB state is maintained by device driver, so looks
>> better to add the state into specific device driver instead of struct URB to
>> save each URB storage, but if so, the solution will become more
>> complicated than the way of adding lock.
>
> Why? In one case you add a state variable, in the other case you add a
> spinlock. One isn't much harder than the other.
I mean the whole URB state machine is to be maintained by device driver,
not simply adding a state variable. But for the way of adding lock, just
several lines of spin_lock/spin_unlock with check on urb->status are
enough.
Looks both ways are generic enough to avoid the problem, and adding
lock is simpler.
Thanks,
--
Ming Lei
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2012-04-25 0:27 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-04-19 13:51 [PATCH] hid: usbhid: fix possible deadlock in __usbhid_submit_report Ming Lei
[not found] ` <1334843464-1585-1-git-send-email-ming.lei-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>
2012-04-19 16:11 ` Oliver Neukum
2012-04-20 2:10 ` Ming Lei
2012-04-20 7:57 ` Oliver Neukum
[not found] ` <201204200957.34154.oneukum-l3A5Bk7waGM@public.gmane.org>
2012-04-20 10:17 ` Ming Lei
2012-04-20 10:45 ` Oliver Neukum
2012-04-20 12:53 ` Ming Lei
2012-04-20 14:07 ` Oliver Neukum
[not found] ` <201204201245.44981.oneukum-l3A5Bk7waGM@public.gmane.org>
2012-04-20 13:30 ` Ming Lei
2012-04-21 0:37 ` Alan Stern
[not found] ` <Pine.LNX.4.44L0.1204202032530.19313-100000-pYrvlCTfrz9XsRXLowluHWD2FQJk+8+b@public.gmane.org>
2012-04-21 10:25 ` Oliver Neukum
2012-04-21 13:40 ` Ming Lei
2012-04-21 17:31 ` Alan Stern
[not found] ` <Pine.LNX.4.44L0.1204211327090.475-100000-pYrvlCTfrz9XsRXLowluHWD2FQJk+8+b@public.gmane.org>
2012-04-21 19:28 ` Oliver Neukum
2012-04-21 21:49 ` Alan Stern
[not found] ` <Pine.LNX.4.44L0.1204211717310.3981-100000-pYrvlCTfrz9XsRXLowluHWD2FQJk+8+b@public.gmane.org>
2012-04-22 10:51 ` Ming Lei
2012-04-22 12:50 ` Alan Stern
2012-04-22 13:52 ` Ming Lei
2012-04-23 15:42 ` Alan Stern
2012-04-24 4:19 ` Ming Lei
2012-04-24 14:22 ` Oliver Neukum
2012-04-24 15:46 ` Ming Lei
2012-04-24 18:57 ` Oliver Neukum
2012-04-25 1:27 ` Ming Lei
2012-04-25 6:19 ` Oliver Neukum
2012-04-25 6:32 ` Oliver Neukum
2012-04-25 7:02 ` Ming Lei
[not found] ` <CACVXFVMEttnWo34ZxBsm4vdW1y5f5mBjY1s6BVbbsjck-4cSbA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2012-04-25 8:08 ` Oliver Neukum
[not found] ` <CACVXFVNhPKbFZN5AjT3BNdNP+3bZP7miJZrBEER97scMR5nNAQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2012-04-24 15:20 ` Alan Stern
[not found] ` <Pine.LNX.4.44L0.1204241110160.1511-100000-IYeN2dnnYyZXsRXLowluHWD2FQJk+8+b@public.gmane.org>
2012-04-25 0:27 ` Ming Lei [this message]
[not found] ` <Pine.LNX.4.44L0.1204231121200.1612-100000-IYeN2dnnYyZXsRXLowluHWD2FQJk+8+b@public.gmane.org>
2012-04-24 14:35 ` Oliver Neukum
2012-04-24 15:10 ` Alan Stern
2012-04-25 8:06 ` Oliver Neukum
2012-04-25 9:14 ` Ming Lei
[not found] ` <CACVXFVM6KMeMcXy549x9XqhqvCzq73pXvhLki363=KjQu2Nfsg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2012-04-25 10:52 ` Oliver Neukum
2012-04-25 11:24 ` Huajun Li
[not found] ` <CA+v9cxYi-LC-gXMbP7J81ArCjwQJZQ=9ceu66W0QQe+6UD_LvQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2012-04-25 11:33 ` Oliver Neukum
2012-04-25 13:18 ` Ming Lei
[not found] ` <201204251252.55901.oneukum-l3A5Bk7waGM@public.gmane.org>
2012-04-25 15:19 ` Alan Stern
2012-04-26 22:44 ` Jiri Kosina
2012-04-26 23:40 ` Greg Kroah-Hartman
2012-04-23 8:21 ` Oliver Neukum
2012-04-22 11:53 ` Ming Lei
2012-04-22 12:54 ` Alan Stern
[not found] ` <CACVXFVOQpYcHUj3XApyCVWDuvUEKi+RSWC8Ly4Dnj7vrun68cg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2012-04-23 8:24 ` Oliver Neukum
[not found] ` <CACVXFVP42WL2aVDGSn0BF0NJbg824VsU=Fs30XKEif6siOrQvw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2012-04-20 21:59 ` Dmitry Torokhov
2012-04-21 1:06 ` Ming Lei
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CACVXFVNH7kGpHEBD6TcrOu8WjCd1dfvDFUHp4B2QGiccw7vuMg@mail.gmail.com \
--to=ming.lei-z7wlfzj8ewms+fvcfc7uqw@public.gmane.org \
--cc=gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org \
--cc=jkosina-AlSwsSmVLrQ@public.gmane.org \
--cc=linux-input-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-usb-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=oliver-GvhC2dPhHPQdnm+yROfE0A@public.gmane.org \
--cc=stable-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=stern-nwvwT67g6+6dFdvTe/nMLpVzexx5G7lz@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.