From: Johan Hovold <jhovold@xxxxxxxxx>
On errors the fifo was reset without any locking. This could race with
write which do kfifo_put and perhaps also chars_in_buffer and write_room.
Every other access to the fifo is protected using the port lock so
better add it to the error path as well.
Signed-off-by: Johan Hovold <jhovold@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>
---
drivers/usb/serial/generic.c | 7 +++++--
1 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/drivers/usb/serial/generic.c b/drivers/usb/serial/generic.c
index 8f78d7b..2a3196a 100644
--- a/drivers/usb/serial/generic.c
+++ b/drivers/usb/serial/generic.c
@@ -519,10 +519,13 @@ void usb_serial_generic_write_bulk_callback(struct urb *urb)
port->write_urb_busy = 0;
spin_unlock_irqrestore(&port->lock, flags);
- if (status)
+ if (status) {
+ spin_lock_irqsave(&port->lock, flags);
kfifo_reset_out(&port->write_fifo);
- else
+ spin_unlock_irqrestore(&port->lock, flags);
+ } else {
usb_serial_generic_write_start(port);
+ }
}
if (status)
--
1.7.1
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
