> and (c) appears to still have a race... You should extract
> the value from the structure inside the lock, otherwise you
> will still race with con_close (though perhaps a smaller race)
> but since the call to acquire_console_sem() can sleep, the
> vt handle you have may be stale.
Ehh, I don't think so. Here is the whole patched function:
static void con_flush_chars(struct tty_struct *tty)
{
struct vt_struct *vt = (struct vt_struct *)tty->driver_data;
if (in_interrupt()) /* from flush_to_ldisc */
return;
pm_access(pm_con);
acquire_console_sem();
if (vt)
set_cursor(vt->vc_num);
release_console_sem();
}
When we check vt, it isn't stale. vt is a _pointer_ to the data so that
first reference against it is guaranteed to grab the correct value. The
only possible race is between the if and the set_cursor, but that isn't
an issue because we acquired the console semaphore. There is no race
here.
> > Please, for all that is righteous, apply.
>
> please fix it better first...
> (unless I am mistaken).
Thus, unless I am mistaken, it is fine. Please, apply.
Robert Love
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/