Re: [PATCH] Chardev checking of overlapping ranges is incorrect.

From: Andrew Morton
Date: Tue Aug 08 2006 - 02:46:09 EST

Next message: Andi Kleen: "Re: 2.6.18-rc3-g3b445eea BUG: warning at /usr/src/linux-git/kernel/cpu.c:51"
Previous message: Andi Kleen: "Re: [PATCH] x86_64: Auto size the per cpu area."
Next in thread: Amos Waterland: "Re: [PATCH] Chardev checking of overlapping ranges is incorrect."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 7 Aug 2006 17:55:55 -0500
linas@xxxxxxxxxxxxxx (Linas Vepstas) wrote:

> The current code in register_chrdev_region() attempts to check
> for overlapping regions of minor device numbers, but performs
> that check incorrectly. For example, if a device with minor
> numbers 128, 129, 130 is registered first, and a device with
> minor number 3,4,5 is registered later, then the later range
> is incorrectly identified as "overlapping" (since 130>3),
> when clearly this is the wrong conclusion.
>
> This patch fixes the overlap check to work correctly.

I yesterday merged the below. Do you agree that it will fix the bug?

From: Amos Waterland <apw@xxxxxxxxxx>

The code in __register_chrdev_region checks that if the driver wishing to
register has the same major as an existing driver the new minor range is
strictly less than the existing minor range. However, it does not also
check that the new minor range is strictly greater than the existing minor
range. That is, if driver X has registered with major=x and minor=0-3,
__register_chrdev_region will allow driver Y to register with major=x and
minor=1-4.

I came across this in the context of the Xen virtual console driver, but I
imagine it causes a problem for any driver with the same major number but
different minor numbers as a driver that has registered ahead of it.

Signed-off-by: Amos Waterland <apw@xxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxx>
---

diff -puN fs/char_dev.c~fix-bounds-check-bug-in-__register_chrdev_region fs/char_dev.c
--- a/fs/char_dev.c~fix-bounds-check-bug-in-__register_chrdev_region
+++ a/fs/char_dev.c
@@ -109,10 +109,13 @@ __register_chrdev_region(unsigned int ma

for (cp = &chrdevs[i]; *cp; cp = &(*cp)->next)
if ((*cp)->major > major ||
- ((*cp)->major == major && (*cp)->baseminor >= baseminor))
+ ((*cp)->major == major &&
+ (((*cp)->baseminor >= baseminor) ||
+ ((*cp)->baseminor + (*cp)->minorct > baseminor))))
break;
if (*cp && (*cp)->major == major &&
- (*cp)->baseminor < baseminor + minorct) {
+ (((*cp)->baseminor < baseminor + minorct) ||
+ ((*cp)->baseminor + (*cp)->minorct > baseminor))) {
ret = -EBUSY;
goto out;
}
_

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andi Kleen: "Re: 2.6.18-rc3-g3b445eea BUG: warning at /usr/src/linux-git/kernel/cpu.c:51"
Previous message: Andi Kleen: "Re: [PATCH] x86_64: Auto size the per cpu area."
Next in thread: Amos Waterland: "Re: [PATCH] Chardev checking of overlapping ranges is incorrect."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]