Re: [PATCH 01/18] lirc core device driver infrastructure
From: Stefan Richter
Date: Tue Sep 09 2008 - 09:28:33 EST
Sebastian Siewior wrote:
--- /dev/null
+++ b/drivers/input/lirc/lirc_dev.c
...
+#include <linux/ioctl.h>
+#include <linux/fs.h>
+#include <linux/poll.h>
+#include <linux/smp_lock.h>
if you need this than you use the BKL back. As far as I remember
the ioctl() handler in kernel core no longer takes the BKL and I don't
see any locking in irctl_ioctl().
Really? .open() has been changed to be called without the BKL held, but
.ioctl() is still called with BKL protection. Currently, many .ioctl()
implementations are replaced by .unlocked_ioctl() which take the BKL
themselves if necessary or if it is not yet clear whether they would
work without BKL protection.
...
+static struct file_operations fops = {
+ .read = irctl_read,
+ .write = irctl_write,
+ .poll = irctl_poll,
+ .ioctl = irctl_ioctl,
+ .open = irctl_open,
+ .release = irctl_close
+};
This should be audited for the following aspects:
- Could there be a race condition between irctl_open() and
lirc_dev_init()? If yes, try to rework them to eliminate the race,
or as a last resort take the BKL in irctl_open().
- Does irctl_ioctl() require BKL protection, i.e. does it have to be
serialized against itself and against irctl_open()? If not, replace
it by .unlocked_ioctl. If yes, preferably convert it to
.unlocked_ioctl too and add a local mutex for the necessary
serialization.
(Added Cc: Jonathan Corbet to correct me if I'm wrong.)
--
Stefan Richter
-=====-==--- =--= -=--=
http://arcgraph.de/sr/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/