hollalinux
/
linux-sg2042
mirror of https://github.com/sophgo/linux-riscv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

firewire: cdev: fix race in iso context creation 

Protect the client's iso context pointer against a race that can happen
when more than one creation call is executed at the same time.

Signed-off-by: Clemens Ladisch <clemens@ladisch.de>
Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
This commit is contained in:
Clemens Ladisch 2010-06-14 11:46:25 +02:00 committed by Stefan Richter
parent 33e553fe2b
commit bdfe273ee5
1 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
drivers/firewire/core-cdev.c
View File

@ -864,10 +864,6 @@ static int ioctl_create_iso_context(struct client *client, union ioctl_arg *arg)
struct fw_cdev_create_iso_context *a = &arg->create_iso_context; struct fw_cdev_create_iso_context *a = &arg->create_iso_context;
struct fw_iso_context *context; struct fw_iso_context *context;
/* We only support one context at this time. */
if (client->iso_context != NULL)
return -EBUSY;
if (a->channel > 63) if (a->channel > 63)
return -EINVAL; return -EINVAL;
@ -892,10 +888,17 @@ static int ioctl_create_iso_context(struct client *client, union ioctl_arg *arg)
if (IS_ERR(context)) if (IS_ERR(context))
return PTR_ERR(context); return PTR_ERR(context);
/* We only support one context at this time. */
spin_lock_irq(&client->lock);
if (client->iso_context != NULL) {
spin_unlock_irq(&client->lock);
fw_iso_context_destroy(context);
return -EBUSY;
}
client->iso_closure = a->closure; client->iso_closure = a->closure;
client->iso_context = context; client->iso_context = context;
spin_unlock_irq(&client->lock);
/* We only support one context at this time. */
a->handle = 0; a->handle = 0;
return 0; return 0;