On Wed, Oct 02, 2024 at 03:21:41PM +0200, Oliver Neukum wrote: > chaoskey_open() takes the lock only to increase the > counter of openings. That means that the mutual exclusion > with chaoskey_disconnect() cannot prevent an increase > of the counter and chaoskey_open() returning a success. > > If that race is hit, chaoskey_disconnect() will happily > free all resources associated with the device after > it has dropped the lock, as it has read the counter > as zero. > > To prevent this race chaoskey_open() has to check > the presence of the device under the lock. > However, the current per device lock cannot be used, > because it is a part of the data structure to be > freed. Hence an additional global mutex is needed. > The issue is as old as the driver. I'll take this, but really, the driver should not care about how many times it is opened. That change can happen later, I'll try to dig up the device I have for this driver so that I can test it out... thanks, greg k-h
