From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail177-1.suw61.mandrillapp.com ([198.2.177.1]:1636 "EHLO mail177-1.suw61.mandrillapp.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750843AbcCAWXM (ORCPT ); Tue, 1 Mar 2016 17:23:12 -0500 Received: from pmta06.mandrill.prod.suw01.rsglab.com (127.0.0.1) by mail177-1.suw61.mandrillapp.com id hqob5022rtkf for ; Tue, 1 Mar 2016 22:23:10 +0000 (envelope-from ) From: Subject: Patch "kernel/resource.c: fix muxed resource handling in __request_region()" has been added to the 3.14-stable tree To: , , , , Cc: , Message-Id: <1456870987120245@kroah.com> Date: Tue, 01 Mar 2016 22:23:10 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Sender: stable-owner@vger.kernel.org List-ID: This is a note to let you know that I've just added the patch titled kernel/resource.c: fix muxed resource handling in __request_region() to the 3.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: kernel-resource.c-fix-muxed-resource-handling-in-__request_region.patch and it can be found in the queue-3.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >>From 59ceeaaf355fa0fb16558ef7c24413c804932ada Mon Sep 17 00:00:00 2001 From: Simon Guinot Date: Thu, 10 Sep 2015 00:15:18 +0200 Subject: kernel/resource.c: fix muxed resource handling in __request_region() From: Simon Guinot commit 59ceeaaf355fa0fb16558ef7c24413c804932ada upstream. In __request_region, if a conflict with a BUSY and MUXED resource is detected, then the caller goes to sleep and waits for the resource to be released. A pointer on the conflicting resource is kept. At wake-up this pointer is used as a parent to retry to request the region. A first problem is that this pointer might well be invalid (if for example the conflicting resource have already been freed). Another problem is that the next call to __request_region() fails to detect a remaining conflict. The previously conflicting resource is passed as a parameter and __request_region() will look for a conflict among the children of this resource and not at the resource itself. It is likely to succeed anyway, even if there is still a conflict. Instead, the parent of the conflicting resource should be passed to __request_region(). As a fix, this patch doesn't update the parent resource pointer in the case we have to wait for a muxed region right after. Reported-and-tested-by: Vincent Pelletier Signed-off-by: Simon Guinot Tested-by: Vincent Donnefort Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman --- kernel/resource.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) --- a/kernel/resource.c +++ b/kernel/resource.c @@ -961,9 +961,10 @@ struct resource * __request_region(struc if (!conflict) break; if (conflict != parent) { - parent = conflict; - if (!(conflict->flags & IORESOURCE_BUSY)) + if (!(conflict->flags & IORESOURCE_BUSY)) { + parent = conflict; continue; + } } if (conflict->flags & flags & IORESOURCE_MUXED) { add_wait_queue(&muxed_resource_wait, &wait); Patches currently in stable-queue which might be from simon.guinot@sequanux.org are queue-3.14/kernel-resource.c-fix-muxed-resource-handling-in-__request_region.patch