From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Takashi Iwai <tiwai@suse.de>
Subject: [PATCH 4.0 31/72] ALSA: emux: Fix mutex deadlock in OSS emulation
Date: Mon, 11 May 2015 10:54:37 -0700 [thread overview]
Message-ID: <20150511175438.036216330@linuxfoundation.org> (raw)
In-Reply-To: <20150511175437.112151861@linuxfoundation.org>
4.0-stable review patch. If anyone has any objections, please let me know.
------------------
From: Takashi Iwai <tiwai@suse.de>
commit 1c94e65c668f44d2c69ae7e7fc268ab3268fba3e upstream.
The OSS emulation in synth-emux helper has a potential AB/BA deadlock
at the simultaneous closing and opening:
close ->
snd_seq_release() ->
sne_seq_free_client() ->
snd_seq_delete_all_ports(): takes client->ports_mutex ->
port_delete() ->
snd_emux_unuse(): takes emux->register_mutex
open ->
snd_seq_oss_open() ->
snd_emux_open_seq_oss(): takes emux->register_mutex ->
snd_seq_event_port_attach() ->
snd_seq_create_port(): takes client->ports_mutex
This patch addresses the deadlock by reducing the rance taking
emux->register_mutex in snd_emux_open_seq_oss(). The lock is needed
for the refcount handling, so move it locally. The calls in
emux_seq.c are already with the mutex, thus they are replaced with the
version without mutex lock/unlock.
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
sound/synth/emux/emux_oss.c | 11 +----------
sound/synth/emux/emux_seq.c | 27 +++++++++++++++++++++------
2 files changed, 22 insertions(+), 16 deletions(-)
--- a/sound/synth/emux/emux_oss.c
+++ b/sound/synth/emux/emux_oss.c
@@ -118,12 +118,8 @@ snd_emux_open_seq_oss(struct snd_seq_oss
if (snd_BUG_ON(!arg || !emu))
return -ENXIO;
- mutex_lock(&emu->register_mutex);
-
- if (!snd_emux_inc_count(emu)) {
- mutex_unlock(&emu->register_mutex);
+ if (!snd_emux_inc_count(emu))
return -EFAULT;
- }
memset(&callback, 0, sizeof(callback));
callback.owner = THIS_MODULE;
@@ -135,7 +131,6 @@ snd_emux_open_seq_oss(struct snd_seq_oss
if (p == NULL) {
snd_printk(KERN_ERR "can't create port\n");
snd_emux_dec_count(emu);
- mutex_unlock(&emu->register_mutex);
return -ENOMEM;
}
@@ -148,8 +143,6 @@ snd_emux_open_seq_oss(struct snd_seq_oss
reset_port_mode(p, arg->seq_mode);
snd_emux_reset_port(p);
-
- mutex_unlock(&emu->register_mutex);
return 0;
}
@@ -195,13 +188,11 @@ snd_emux_close_seq_oss(struct snd_seq_os
if (snd_BUG_ON(!emu))
return -ENXIO;
- mutex_lock(&emu->register_mutex);
snd_emux_sounds_off_all(p);
snd_soundfont_close_check(emu->sflist, SF_CLIENT_NO(p->chset.port));
snd_seq_event_port_detach(p->chset.client, p->chset.port);
snd_emux_dec_count(emu);
- mutex_unlock(&emu->register_mutex);
return 0;
}
--- a/sound/synth/emux/emux_seq.c
+++ b/sound/synth/emux/emux_seq.c
@@ -267,8 +267,8 @@ snd_emux_event_input(struct snd_seq_even
/*
* increment usage count
*/
-int
-snd_emux_inc_count(struct snd_emux *emu)
+static int
+__snd_emux_inc_count(struct snd_emux *emu)
{
emu->used++;
if (!try_module_get(emu->ops.owner))
@@ -282,12 +282,21 @@ snd_emux_inc_count(struct snd_emux *emu)
return 1;
}
+int snd_emux_inc_count(struct snd_emux *emu)
+{
+ int ret;
+
+ mutex_lock(&emu->register_mutex);
+ ret = __snd_emux_inc_count(emu);
+ mutex_unlock(&emu->register_mutex);
+ return ret;
+}
/*
* decrease usage count
*/
-void
-snd_emux_dec_count(struct snd_emux *emu)
+static void
+__snd_emux_dec_count(struct snd_emux *emu)
{
module_put(emu->card->module);
emu->used--;
@@ -296,6 +305,12 @@ snd_emux_dec_count(struct snd_emux *emu)
module_put(emu->ops.owner);
}
+void snd_emux_dec_count(struct snd_emux *emu)
+{
+ mutex_lock(&emu->register_mutex);
+ __snd_emux_dec_count(emu);
+ mutex_unlock(&emu->register_mutex);
+}
/*
* Routine that is called upon a first use of a particular port
@@ -315,7 +330,7 @@ snd_emux_use(void *private_data, struct
mutex_lock(&emu->register_mutex);
snd_emux_init_port(p);
- snd_emux_inc_count(emu);
+ __snd_emux_inc_count(emu);
mutex_unlock(&emu->register_mutex);
return 0;
}
@@ -338,7 +353,7 @@ snd_emux_unuse(void *private_data, struc
mutex_lock(&emu->register_mutex);
snd_emux_sounds_off_all(p);
- snd_emux_dec_count(emu);
+ __snd_emux_dec_count(emu);
mutex_unlock(&emu->register_mutex);
return 0;
}
next prev parent reply other threads:[~2015-05-11 17:55 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-11 17:54 [PATCH 4.0 00/72] 4.0.3-stable review Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 01/72] bpf: fix 64-bit divide Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 02/72] route: Use ipv4_mtu instead of raw rt_pmtu Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 03/72] mlx4: Fix tx ring affinity_mask creation Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 04/72] cxgb4: Fix MC1 memory offset calculation Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 05/72] net/mlx4_en: Schedule napi when RX buffers allocation fails Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 06/72] ipv4: Missing sk_nulls_node_init() in ping_unhash() Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 07/72] MIPS: BCM63xx: Move bcm63xx_gpio_init() to bcm63xx_register_devices() Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 08/72] MIPS: OCTEON: dma-octeon: fix OHCI USB config check Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 09/72] MIPS: OCTEON: Use correct CSR to soft reset Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 10/72] Revert "MIPS: Remove race window in page fault handling" Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 11/72] MIPS: Fix race condition in lazy cache flushing Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 12/72] MIPS: Octeon: Remove udelay() causing huge IRQ latency Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 13/72] MIPS: OCTEON: fix PCI interrupt mapping for D-Link DSR-1000N Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 14/72] MIPS: Netlogic: Fix for SATA PHY init Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 15/72] MIPS: Kconfig: Fix typo for the r2-to-r6 emulator kernel parameter Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 16/72] MIPS: r4kcache: Use correct base register for MIPS R6 cache flushes Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 17/72] MIPS: asm: spinlock: Fix addiu instruction for R10000_LLSC_WAR case Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 18/72] MIPS: kernel: entry.S: Set correct ISA level for mips_ihb Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 19/72] MIPS: Fix cpu_has_mips_r2_exec_hazard Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 20/72] MIPS: Octeon: Delete override of cpu_has_mips_r2_exec_hazard Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 21/72] Revert "MIPS: Avoid pipeline stalls on some MIPS32R2 cores." Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 22/72] SSB: fix Kconfig dependencies Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 23/72] MIPS: ralink: Fix bad config symbol in PCI makefile Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 24/72] MIPS: ralink: add missing symbol for RALINK_ILL_ACC Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 25/72] MIPS: smp-cps: cpu_set FPU mask if FPU present Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 26/72] MIPS: Kconfig: Disable SMP/CPS for 64-bit Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 28/72] MIPS: asm: elf: Set O32 default FPU flags Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 29/72] MIPS: Makefile: Fix MIPS ASE detection code Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 30/72] ALSA: emux: Fix mutex deadlock at unloading Greg Kroah-Hartman
2015-05-11 17:54 ` Greg Kroah-Hartman [this message]
2015-05-11 17:54 ` [PATCH 4.0 32/72] ALSA: emu10k1: Fix card shortname string buffer overflow Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 33/72] ALSA: emu10k1: Emu10k2 32 bit DMA mode Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 36/72] cdc-acm: prevent infinite loop when parsing CDC headers Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 37/72] serial: of-serial: Remove device_type = "serial" registration Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 38/72] serial: xilinx: Use platform_get_irq to get irq description structure Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 39/72] arm64: dma-mapping: always clear allocated buffers Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 40/72] arm64: add missing PAGE_ALIGN() to __dma_free() Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 41/72] usb: chipidea: otg: remove mutex unlock and lock while stop and start role Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 42/72] ASoC: samsung: s3c24xx-i2s: Fix return value check in s3c24xx_iis_dev_probe() Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 43/72] ASoC: tfa9879: Fix return value check in tfa9879_i2c_probe() Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 44/72] ASoC: rt5677: add register patch for PLL Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 45/72] ASoC: dapm: Enable autodisable on SOC_DAPM_SINGLE_TLV_AUTODISABLE Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 46/72] ASoC: rt5677: fixed wrong DMIC ref clock Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 47/72] btrfs: unlock i_mutex after attempting to delete subvolume during send Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 48/72] ACPI / SBS: Enable battery manager when present Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 49/72] tty/serial: at91: maxburst was missing for dma transfers Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 50/72] rbd: end I/O the entire obj_request on error Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 51/72] uas: Allow uas_use_uas_driver to return usb-storage flags Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 52/72] uas: Add US_FL_MAX_SECTORS_240 flag Greg Kroah-Hartman
2015-05-11 17:54 ` [PATCH 4.0 53/72] uas: Set max_sectors_240 quirk for ASM1053 devices Greg Kroah-Hartman
2015-05-11 17:55 ` [PATCH 4.0 54/72] ext4: fix data corruption caused by unwritten and delayed extents Greg Kroah-Hartman
2015-05-11 17:55 ` [PATCH 4.0 55/72] ext4: move check under lock scope to close a race Greg Kroah-Hartman
2015-05-11 17:55 ` [PATCH 4.0 56/72] SCSI: add 1024 max sectors black list flag Greg Kroah-Hartman
2015-05-11 17:55 ` [PATCH 4.0 57/72] 3w-xxxx: fix command completion race Greg Kroah-Hartman
2015-05-11 17:55 ` [PATCH 4.0 58/72] 3w-9xxx: " Greg Kroah-Hartman
2015-05-11 17:55 ` [PATCH 4.0 59/72] 3w-sas: " Greg Kroah-Hartman
2015-05-11 17:55 ` [PATCH 4.0 60/72] drm/radeon: fix ordering of AVI packet setup Greg Kroah-Hartman
2015-05-11 17:55 ` [PATCH 4.0 61/72] drm/radeon: drop dce6_dp_enable Greg Kroah-Hartman
2015-05-11 17:55 ` [PATCH 4.0 62/72] drm/radeon/audio: dont enable packets until the end Greg Kroah-Hartman
2015-05-11 17:55 ` [PATCH 4.0 63/72] drm/radeon: only mark audio as connected if the monitor supports it (v3) Greg Kroah-Hartman
2015-05-11 17:55 ` [PATCH 4.0 64/72] drm/radeon: only enable audio streams if the monitor supports it Greg Kroah-Hartman
2015-05-11 17:55 ` [PATCH 4.0 66/72] drm/radeon: adjust pll when audio is not enabled Greg Kroah-Hartman
2015-05-11 17:55 ` [PATCH 4.0 67/72] drm/radeon: add SI DPM quirk for Sapphire R9 270 Dual-X 2G GDDR5 Greg Kroah-Hartman
2015-05-11 17:55 ` [PATCH 4.0 71/72] hfsplus: dont store special "osx" xattr prefix on-disk Greg Kroah-Hartman
2015-05-11 17:55 ` [PATCH 4.0 72/72] Drivers: hv: vmbus: Dont wait after requesting offers Greg Kroah-Hartman
2015-05-11 20:14 ` [PATCH 4.0 00/72] 4.0.3-stable review Guenter Roeck
2015-05-11 20:16 ` Greg Kroah-Hartman
2015-05-11 23:40 ` Shuah Khan
2015-05-12 4:08 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150511175438.036216330@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=tiwai@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox