Bug with USB proc_bulk in 2.4 kernel and possibly bug in proc_ioctl in 2.6

From: Benjamin Cherian
Date: Fri Jul 07 2006 - 20:23:33 EST


I believe that there is a bug in the proc_bulk function in drivers/usb/devio.c
in the current 2.4 kernel. In the 2.4.28 proc_ioctl was changed so that the
device would be locked before proc_bulk was called (See line 1275 of
devio.c). In 2.4.27, no locking occurred. However, this leads to problems if
one thread is continuously attempting to read and another one needs to write
because the write thread can never access the device. The code has changed a
little since 2.4.28, but the device is still locked before proc_bulk is
called.

In the 2.6 kernel,the device is locked before proc_bulk, or any other USB
operation for that matter, is called (see line 1419 in
drivers/usb/core/devio.c); however, the device is unlocked in proc_bulk
before usb_bulk_msg is called, and is locked after usb_bulk_msg is completed.
(See lines 716-718 & 746-748 of v2.6 devio.c)

Additionally, in 2.4.32 one of the comments says that for some ioctls, the
device does not need to be locked because they don't touch the device (e.g.
USBDEVFS_REAPURB or USBDEVFS_GETDRIVER, see 2.4.32 for more). However, in 2.6
the device is locked for all ioctls. Shouldn't this be changed?

I would have submitted a patch, but it seems like the locking/unlocking
mechanism is different in 2.4 and 2.6 and I wasn't sure if I would break
other stuff.



Thanks,

Ben
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/