USB: UHCI: fix IRQ race during initialization

This patch (as1644) fixes a race that occurs during startup in
uhci-hcd.  If the IRQ line is shared with other devices, it's possible
for the handler routine to be called before the data structures are
fully initialized.

The problem is fixed by adding a check to the IRQ handler routine.  If
the initialization hasn't finished yet, the routine will return
immediately.

Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Reported-by: Don Zickus <dzickus@redhat.com>
Tested-by: "Huang, Adrian (ISS Linux TW)" <adrian.huang@hp.com>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Alan Stern 2013-01-22 11:37:35 -05:00 committed by Greg Kroah-Hartman
parent ad2e632966
commit 0f815a0a70
1 changed files with 9 additions and 6 deletions

View File

@ -447,6 +447,10 @@ static irqreturn_t uhci_irq(struct usb_hcd *hcd)
return IRQ_NONE;
uhci_writew(uhci, status, USBSTS); /* Clear it */
spin_lock(&uhci->lock);
if (unlikely(!uhci->is_initialized)) /* not yet configured */
goto done;
if (status & ~(USBSTS_USBINT | USBSTS_ERROR | USBSTS_RD)) {
if (status & USBSTS_HSE)
dev_err(uhci_dev(uhci), "host system error, "
@ -455,7 +459,6 @@ static irqreturn_t uhci_irq(struct usb_hcd *hcd)
dev_err(uhci_dev(uhci), "host controller process "
"error, something bad happened!\n");
if (status & USBSTS_HCH) {
spin_lock(&uhci->lock);
if (uhci->rh_state >= UHCI_RH_RUNNING) {
dev_err(uhci_dev(uhci),
"host controller halted, "
@ -473,15 +476,15 @@ static irqreturn_t uhci_irq(struct usb_hcd *hcd)
* pending unlinks */
mod_timer(&hcd->rh_timer, jiffies);
}
spin_unlock(&uhci->lock);
}
}
if (status & USBSTS_RD)
if (status & USBSTS_RD) {
spin_unlock(&uhci->lock);
usb_hcd_poll_rh_status(hcd);
else {
spin_lock(&uhci->lock);
} else {
uhci_scan_schedule(uhci);
done:
spin_unlock(&uhci->lock);
}
@ -662,9 +665,9 @@ static int uhci_start(struct usb_hcd *hcd)
*/
mb();
spin_lock_irq(&uhci->lock);
configure_hc(uhci);
uhci->is_initialized = 1;
spin_lock_irq(&uhci->lock);
start_rh(uhci);
spin_unlock_irq(&uhci->lock);
return 0;