From: Peter Hurley <peter@hurleysoftware.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Jiri Slaby <jslaby@suse.cz>,
linux-kernel@vger.kernel.org,
Peter Hurley <peter@hurleysoftware.com>
Subject: [PATCH 01/12] tty: Fix ldisc leak in failed tty_init_dev()
Date: Fri, 27 Nov 2015 21:25:46 -0500 [thread overview]
Message-ID: <1448677557-16420-2-git-send-email-peter@hurleysoftware.com> (raw)
In-Reply-To: <1448677557-16420-1-git-send-email-peter@hurleysoftware.com>
release_tty() leaks the ldisc instance when called directly (rather
than when releasing the file descriptor from tty_release()).
Since tty_ldisc_release() clears tty->ldisc, releasing the ldisc
instance at tty teardown if tty->ldisc is non-null is not in danger
of double-releasing the ldisc.
Remove deinitialize_tty_struct() now that free_tty_struct() always
performs the tty_ldisc_deinit().
Signed-off-by: Peter Hurley <peter@hurleysoftware.com>
---
drivers/tty/pty.c | 5 ++---
drivers/tty/tty_io.c | 20 +++-----------------
drivers/tty/tty_ldisc.c | 5 +++--
include/linux/tty.h | 1 -
4 files changed, 8 insertions(+), 23 deletions(-)
diff --git a/drivers/tty/pty.c b/drivers/tty/pty.c
index b311004..8cbe802 100644
--- a/drivers/tty/pty.c
+++ b/drivers/tty/pty.c
@@ -408,7 +408,7 @@ static int pty_common_install(struct tty_driver *driver, struct tty_struct *tty,
the easy way .. */
retval = tty_init_termios(tty);
if (retval)
- goto err_deinit_tty;
+ goto err_free_tty;
retval = tty_init_termios(o_tty);
if (retval)
@@ -447,8 +447,7 @@ static int pty_common_install(struct tty_driver *driver, struct tty_struct *tty,
err_free_termios:
if (legacy)
tty_free_termios(tty);
-err_deinit_tty:
- deinitialize_tty_struct(o_tty);
+err_free_tty:
free_tty_struct(o_tty);
err_put_module:
module_put(driver->other->owner);
diff --git a/drivers/tty/tty_io.c b/drivers/tty/tty_io.c
index eda8715..153b7b8 100644
--- a/drivers/tty/tty_io.c
+++ b/drivers/tty/tty_io.c
@@ -173,6 +173,7 @@ void free_tty_struct(struct tty_struct *tty)
{
if (!tty)
return;
+ tty_ldisc_deinit(tty);
put_device(tty->dev);
kfree(tty->write_buf);
tty->magic = 0xDEADDEAD;
@@ -1535,7 +1536,7 @@ struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx)
tty_lock(tty);
retval = tty_driver_install_tty(driver, tty);
if (retval < 0)
- goto err_deinit_tty;
+ goto err_free_tty;
if (!tty->port)
tty->port = driver->ports[idx];
@@ -1557,9 +1558,8 @@ struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx)
/* Return the tty locked so that it cannot vanish under the caller */
return tty;
-err_deinit_tty:
+err_free_tty:
tty_unlock(tty);
- deinitialize_tty_struct(tty);
free_tty_struct(tty);
err_module_put:
module_put(driver->owner);
@@ -3169,20 +3169,6 @@ struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx)
}
/**
- * deinitialize_tty_struct
- * @tty: tty to deinitialize
- *
- * This subroutine deinitializes a tty structure that has been newly
- * allocated but tty_release cannot be called on that yet.
- *
- * Locking: none - tty in question must not be exposed at this point
- */
-void deinitialize_tty_struct(struct tty_struct *tty)
-{
- tty_ldisc_deinit(tty);
-}
-
-/**
* tty_put_char - write one character to a tty
* @tty: tty
* @ch: character
diff --git a/drivers/tty/tty_ldisc.c b/drivers/tty/tty_ldisc.c
index 3455908..9b3c11a 100644
--- a/drivers/tty/tty_ldisc.c
+++ b/drivers/tty/tty_ldisc.c
@@ -830,7 +830,7 @@ void tty_ldisc_init(struct tty_struct *tty)
}
/**
- * tty_ldisc_init - ldisc cleanup for new tty
+ * tty_ldisc_deinit - ldisc cleanup for new tty
* @tty: tty that was allocated recently
*
* The tty structure must not becompletely set up (tty_ldisc_setup) when
@@ -838,7 +838,8 @@ void tty_ldisc_init(struct tty_struct *tty)
*/
void tty_ldisc_deinit(struct tty_struct *tty)
{
- tty_ldisc_put(tty->ldisc);
+ if (tty->ldisc)
+ tty_ldisc_put(tty->ldisc);
tty->ldisc = NULL;
}
diff --git a/include/linux/tty.h b/include/linux/tty.h
index 8c8050d..9656c5d 100644
--- a/include/linux/tty.h
+++ b/include/linux/tty.h
@@ -510,7 +510,6 @@ extern int tty_alloc_file(struct file *file);
extern void tty_add_file(struct tty_struct *tty, struct file *file);
extern void tty_free_file(struct file *file);
extern void free_tty_struct(struct tty_struct *tty);
-extern void deinitialize_tty_struct(struct tty_struct *tty);
extern struct tty_struct *tty_init_dev(struct tty_driver *driver, int idx);
extern int tty_release(struct inode *inode, struct file *filp);
extern int tty_init_termios(struct tty_struct *tty);
--
2.6.3
next prev parent reply other threads:[~2015-11-28 2:26 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-28 2:25 [PATCH 00/12] Rework tty_reopen() Peter Hurley
2015-11-28 2:25 ` Peter Hurley [this message]
2015-11-28 2:25 ` [PATCH 02/12] tty: Remove !tty check from free_tty_struct() Peter Hurley
2015-11-28 2:25 ` [PATCH 03/12] tty: Fix tty_init_termios() declaration Peter Hurley
2015-11-28 2:25 ` [PATCH 04/12] tty: Re-declare tty_driver_remove_tty() file scope Peter Hurley
2015-11-28 2:25 ` [PATCH 05/12] pty: Remove pty_unix98_shutdown() Peter Hurley
2015-11-28 2:25 ` [PATCH 06/12] tty: Remove __lockfunc annotation from tty lock functions Peter Hurley
2015-11-28 2:25 ` [PATCH 07/12] tty: Wait interruptibly for tty lock on reopen Peter Hurley
2015-11-28 2:25 ` [PATCH 08/12] pty: Prepare to redefine tty driver remove() interface Peter Hurley
2015-11-28 2:25 ` [PATCH 09/12] tty: Re-define " Peter Hurley
2015-11-28 2:25 ` [PATCH 10/12] tty: Consolidate noctty checks in tty_open() Peter Hurley
2015-11-28 2:25 ` [PATCH 11/12] tty: Refactor tty_open() Peter Hurley
2015-11-28 2:25 ` [PATCH 12/12] tty: Retry failed reopen if tty teardown in-progress Peter Hurley
2015-12-16 15:43 ` [PATCH 00/12] Rework tty_reopen() Peter Hurley
2015-12-17 5:53 ` Pratyush Anand
2015-12-17 7:15 ` Greg Kroah-Hartman
2016-01-10 5:13 ` [PATCH v2 00/10] " Peter Hurley
2016-01-10 5:13 ` [PATCH v2 01/10] tty: Wait interruptibly for tty lock on reopen Peter Hurley
2016-01-10 5:13 ` [PATCH v2 02/10] tty: Retry failed reopen if tty teardown in-progress Peter Hurley
2016-01-10 5:13 ` [PATCH v2 03/10] tty: Fix ldisc leak in failed tty_init_dev() Peter Hurley
2016-01-10 5:13 ` [PATCH v2 04/10] tty: Remove !tty check from free_tty_struct() Peter Hurley
2016-01-10 5:13 ` [PATCH v2 05/10] tty: Fix tty_init_termios() declaration Peter Hurley
2016-01-19 9:17 ` Johan Hovold
2016-01-10 5:13 ` [PATCH v2 06/10] tty: Re-declare tty_driver_remove_tty() file scope Peter Hurley
2016-01-10 5:13 ` [PATCH v2 07/10] pty: Remove pty_unix98_shutdown() Peter Hurley
2016-01-10 5:13 ` [PATCH v2 08/10] tty: Remove __lockfunc annotation from tty lock functions Peter Hurley
2016-01-10 5:13 ` [PATCH v2 09/10] tty: Consolidate noctty checks in tty_open() Peter Hurley
2016-03-26 17:58 ` Richard Weinberger
2016-03-26 19:06 ` Peter Hurley
2016-03-26 19:14 ` Richard Weinberger
2016-01-10 5:13 ` [PATCH v2 10/10] tty: Refactor tty_open() Peter Hurley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1448677557-16420-2-git-send-email-peter@hurleysoftware.com \
--to=peter@hurleysoftware.com \
--cc=gregkh@linuxfoundation.org \
--cc=jslaby@suse.cz \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox