Re: [PATCH 01/18] lirc core device driver infrastructure

From: Stefan Richter
Date: Tue Sep 09 2008 - 09:28:33 EST

Sebastian Siewior wrote:
--- /dev/null
+++ b/drivers/input/lirc/lirc_dev.c
+#include <linux/ioctl.h>
+#include <linux/fs.h>
+#include <linux/poll.h>
+#include <linux/smp_lock.h>
if you need this than you use the BKL back. As far as I remember
the ioctl() handler in kernel core no longer takes the BKL and I don't
see any locking in irctl_ioctl().

Really? .open() has been changed to be called without the BKL held, but .ioctl() is still called with BKL protection. Currently, many .ioctl() implementations are replaced by .unlocked_ioctl() which take the BKL themselves if necessary or if it is not yet clear whether they would work without BKL protection.

+static struct file_operations fops = {
+ .read = irctl_read,
+ .write = irctl_write,
+ .poll = irctl_poll,
+ .ioctl = irctl_ioctl,
+ .open = irctl_open,
+ .release = irctl_close

This should be audited for the following aspects:

- Could there be a race condition between irctl_open() and
lirc_dev_init()? If yes, try to rework them to eliminate the race,
or as a last resort take the BKL in irctl_open().

- Does irctl_ioctl() require BKL protection, i.e. does it have to be
serialized against itself and against irctl_open()? If not, replace
it by .unlocked_ioctl. If yes, preferably convert it to
.unlocked_ioctl too and add a local mutex for the necessary

(Added Cc: Jonathan Corbet to correct me if I'm wrong.)
Stefan Richter
-=====-==--- =--= -=--=
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at