Re: 2.4.27 Potential race in n_tty.c:write_chan()

From: Paul Fulghum
Date: Mon Dec 06 2004 - 09:17:22 EST


Ryan Reading wrote:
Per tty instance this is true, but this is not the case for multiple
userland::write() calls.

If the write calls are accessing different
tty instances there is no interaction
between the write calls.

Ideally the driver should be able to
recover. I'm not sure if we can guarantee that user_land protocol could
recover though, especially if write()s aren't guaranteed to complete
successfully.

I don't see that there is anything for the driver
to recover from. The driver sees a series of
write method calls and blocks, processes, or
rejects them as appropriate.

Should a driver be able to rely on the
schedule() call to complete its write? It seems that since the driver
is responsible for waking up the tty->write_wait, it should be able to
rely on the schedule() call. However in this implementation it cannot
which I'm sure is for performance reasons. Because of this, I don't
think the USB layer should be interacting with the tty layer in this
fashion.

The driver should not require anything from the caller
after the write method has returned. The driver waking
a caller is a service *to* the caller *if*
the caller is interested (on a wait queue).

The only purpose of the schedule() call is for the
caller to temporarily yield execution while waiting
on write_wait. If the caller doesn't care, such as when
the driver indicates all data accepted, then there
is no reason to call schedule(). In this case, the
break is hit and the caller removes itself from the wait queue.

So for this implementation of write_chan(), the tty_driver::write()
interface should note that the driver needs only to wakeup the
tty->write_wait iff it does not write all of the requested data in this
call. Is this a fair assessment and can this be depended on for future
implementations?

The write_wait queue wakes code blocked in the write path
due to a component (ldisc, driver, etc) being busy
so it can try again. It is not an indication that a particular
write call completed successfully.
It is a write throttling mechanism. When a waiting
process is woken, there is no guarantee that *all*
components in the write path are ready for more data.
The process must observe return codes and wait
again if so indicated.

Short of a major rewrite of the tty code,
this behavior will be stable.

--
Paul Fulghum
paulkf@xxxxxxxxxxxxx
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/