From: Pete Zaitcev <zaitcev@redhat.com>
To: "Vitaliy Ivanov" <vitalivanov@gmail.com>
Cc: "Willy Tarreau" <w@1wt.eu>,
gregkh@suse.de, linux-usb-devel@lists.sourceforge.net,
linux-kernel@vger.kernel.org, zaitcev@redhat.com
Subject: Re: [2.4 patch] Port of adutux driver from 2.6 kernel to 2.4.
Date: Mon, 15 Oct 2007 10:30:33 -0700 [thread overview]
Message-ID: <20071015103033.65b47dea.zaitcev@redhat.com> (raw)
In-Reply-To: <35fbaa3e0710141345w484b941em831282cf0d49b5c@mail.gmail.com>
On Sun, 14 Oct 2007 23:45:36 +0300, "Vitaliy Ivanov" <vitalivanov@gmail.com> wrote:
> Also IMHO the more drivers are in the tree the more users will use it.
> Once it will be merged in the mainline then it will be backported to
> enterprise kernels and would gain wide usage.
At least in case of RHEL, such backports never were automatic. In any
case, RHEL 2.1 and 3 do not receive new drivers anymore. We only do
bugfixes if something comes up. Realistically speaking, 2.4 kernels
are just too old for anyone to use. So, I think it would be best for
you to think in terms of Willy's tree only.
> + in_end_size = le16_to_cpu(dev->interrupt_in_endpoint->wMaxPacketSize);
> + out_end_size = le16_to_cpu(dev->interrupt_out_endpoint->wMaxPacketSize);
Did you verify if this works? We use pre-swapped descriptors in 2.4.
I suspect you allocate 256 times more memory than necessary.
> +static void adu_delete(struct adu_device *dev)
> + kfree(dev);
> +static int adu_release_internal(struct adu_device *dev)
> + if (dev->udev == NULL) {
> + adu_delete(dev);
> +static int adu_open(struct inode *inode, struct file *file)
> + retval = adu_release_internal(dev);
> + up(&dev->sem);
The above very clearly is a use-after-free, in case the device was
open across a disconnect. Solution: Use minor_table_mutex to lock
dev->open_count instead of dev->sem. There's no rule that the lock
has to live inside the same structure with members it locks.
-- Pete
next prev parent reply other threads:[~2007-10-15 17:30 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-10-14 17:37 [2.4 patch] Port of adutux driver from 2.6 kernel to 2.4 Vitaliy Ivanov
2007-10-14 18:25 ` Willy Tarreau
2007-10-14 20:45 ` Vitaliy Ivanov
2007-10-14 22:39 ` Willy Tarreau
2007-10-16 13:54 ` Vitaliy Ivanov
2007-10-16 15:41 ` Willy Tarreau
2007-10-16 17:56 ` Pete Zaitcev
2007-10-16 18:22 ` Vitaliy Ivanov
2007-10-16 18:24 ` Willy Tarreau
2007-10-16 18:24 ` Vitaliy Ivanov
2007-10-17 18:12 ` Vitaliy Ivanov
2007-10-19 15:26 ` Vitaliy Ivanov
2007-10-19 16:53 ` Pete Zaitcev
2007-10-19 17:40 ` Vitaliy Ivanov
2007-10-23 3:45 ` Pete Zaitcev
2007-11-04 14:05 ` Willy Tarreau
2007-11-05 9:32 ` Vitaliy Ivanov
2007-11-05 9:36 ` Willy Tarreau
2007-10-16 17:52 ` Pete Zaitcev
2007-10-15 17:30 ` Pete Zaitcev [this message]
2007-10-15 20:04 ` Vitaliy Ivanov
2007-10-16 13:48 ` Vitaliy Ivanov
2007-10-16 14:59 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20071015103033.65b47dea.zaitcev@redhat.com \
--to=zaitcev@redhat.com \
--cc=gregkh@suse.de \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-usb-devel@lists.sourceforge.net \
--cc=vitalivanov@gmail.com \
--cc=w@1wt.eu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox