Re: [Bug 11824][PATCH] ieee1394: raw1394: fix possible deadlock inmultithreaded clients

[Stefan Richter]

I wrote:
> .write() and .mmap() were not serialized against each other and against
> .ioctl() at all in raw1394 before 2.6.28-rc1.

PS:  There is a need for serialization to some degree because the client
registers itself with a controller via .write() (among many other things
that are implemented through .write()), manages isochronous I/O contexts
on this controller via .ioctl() and maps DMA buffers for isochronous I/O
via .mmap().

The raw1394 driver tracks respective state by means of two state
variables and some other variables, and accesses of the state variables
is not reentrant within one opener of /dev/raw1394.  AFAICS the issue
exists between .write() and .write(), and independently of that between
.ioctl() and .ioctl() and between .ioctl() and .mmap().

Local mutex protection is the simplest way to fix that --- except that
there is this obscure issue of locking order between the driver's mutex
and the mmap semaphore outside the driver.
-- 
Stefan Richter
-=====-==--- =-=- ==-=-
http://arcgraph.de/sr/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/