On 04.04.23 08:09, Marc Kleine-Budde wrote:
On 31.03.2023 15:19:35, Oliver Hartkopp wrote:
As discussed with Dae R. Jeong and Hillf Danton here [1] the sendmsg()
function in isotp.c might get into a race condition when restoring the
former tx.state from the old_state. This patch removes the old_state
concept and implements a proper locking for ISOTP_IDLE transitions in
isotp_sendmsg() inspired by a simplification idea from Hillf Danton.
Additionally a new tx.state ISOTP_SHUTDOWN has been introduced to use
the same locking mechanism from isotp_release() which resolves a
potential race between isotp_sendsmg() and isotp_release().
[1] https://lore.kernel.org/linux-can/ZB%2F93xJxq%2FBUqAgG@dragonet/
Cc: Dae R. Jeong <threeearcat@xxxxxxxxx>
Cc: Hillf Danton <hdanton@xxxxxxxx>
Signed-off-by: Oliver Hartkopp <socketcan@xxxxxxxxxxxx>
Can you add a fixes tag?
Yes.
Fixes: 4f027cba8216 ("can: isotp: split tx timer into transmission and
timeout")
Many thanks,
Oliver
