On Aug 31 2016 23:18, Takashi Iwai wrote:
> On Wed, 31 Aug 2016 15:58:42 +0200,
> Takashi Sakamoto wrote:
>>
>> In hwdep interface of fireworks driver, accessing to user space is in a
>> critical section with disabled local interrupt. Depending on architecture,
>> accessing to user space can cause page fault exception. Then local
>> processor stores machine status and handles the synchronous event. A
>> handler corresponding to the event can call task scheduler to wait for
>> preparing pages. In a case of usage of single core processor, the state to
>> disable local interrupt is worse because it don't handle usual interrupts
>> from hardware.
>>
>> This commit fixes this bug, performing the accessing outside spinlock. This
>> commit also gives up counting the number of queued response messages to
>> simplify ring-buffer management.
>>
>> Reported-by: Vaishali Thakkar <vaishali.thakkar@xxxxxxxxxx>
>> Cc: stable@xxxxxxxxxxxxxxx
>> Fixes: 555e8a8f7f14('ALSA: fireworks: Add command/response functionality into hwdep interface')
>> Signed-off-by: Takashi Sakamoto <o-takashi@xxxxxxxxxxxxx>
>
> Applied, thanks.
>
> Though, now I think whether it could be more easily fixed just by
> replacing spinlock with a mutex. But this patch is good and simple
> enough, so I take it.
Copying to ring-buffer is done in software IRQ context, with referring
to pull/push pointers, therefore we should use lock primitives without
calling task scheduler.
In the other aim to handle several tasks in process context, I've also
investigated usage of mutex, but cannot avoid using copy_to_user() in
held mutex. In this case, neither usage of spinlock nor mutex has
differences.
Thanks
Takashi Sakamoto
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html