[PATCH v2 8/9] tty: n_gsm: fix resource allocation order in gsm_activate_mux()
From: D. Starke
Date: Thu May 19 2022 - 03:10:19 EST
From: Daniel Starke <daniel.starke@xxxxxxxxxxx>
Within gsm_activate_mux() all timers and locks are initiated before the
actual resource for the control channel is allocated. This can lead to race
conditions.
Allocate the control channel DLCI object first to avoid race conditions.
Fixes: e1eaea46bb40 ("tty: n_gsm line discipline")
Cc: stable@xxxxxxxxxxxxxxx
Signed-off-by: Daniel Starke <daniel.starke@xxxxxxxxxxx>
---
drivers/tty/n_gsm.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
See patch 6 regarding changes since to v1.
diff --git a/drivers/tty/n_gsm.c b/drivers/tty/n_gsm.c
index dfc537eb2b49..cc349f5a37fb 100644
--- a/drivers/tty/n_gsm.c
+++ b/drivers/tty/n_gsm.c
@@ -2483,6 +2483,10 @@ static int gsm_activate_mux(struct gsm_mux *gsm)
struct gsm_dlci *dlci;
int ret;
+ dlci = gsm_dlci_alloc(gsm, 0);
+ if (dlci == NULL)
+ return -ENOMEM;
+
timer_setup(&gsm->kick_timer, gsm_kick_timer, 0);
timer_setup(&gsm->t2_timer, gsm_control_retransmit, 0);
INIT_WORK(&gsm->tx_work, gsmld_write_task);
@@ -2499,9 +2503,6 @@ static int gsm_activate_mux(struct gsm_mux *gsm)
if (ret)
return ret;
- dlci = gsm_dlci_alloc(gsm, 0);
- if (dlci == NULL)
- return -ENOMEM;
gsm->has_devices = true;
gsm->dead = false; /* Tty opens are now permissible */
return 0;
--
2.34.1