From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Jon Medhurst <tixy@linaro.org>
Subject: [PATCH 3.4 11/12] serial: amba-pl011: use port lock to guard control register access
Date: Sat, 25 Jan 2014 19:05:14 -0800 [thread overview]
Message-ID: <20140126030452.801731346@linuxfoundation.org> (raw)
In-Reply-To: <20140126030451.934281002@linuxfoundation.org>
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Jon Medhurst <tixy@linaro.org>
commit fe43390702a1b5741fdf217063b05c7612b38303 upstream.
When the pl011 is being used for a console, pl011_console_write forces
the control register (CR) to enable the UART for transmission and then
restores this to the original value afterwards. It does this while
holding the port lock.
Unfortunately, when the uart is started or shutdown - say in response to
userland using the serial device for a terminal - then this updates the
control register without any locking.
This means we can have
pl011_console_write Save CR
pl011_startup Initialise CR, e.g. enable receive
pl011_console_write Restore old CR with receive not enabled
this result is a serial port which doesn't respond to any input.
A similar race in reverse could happen when the device is shutdown.
We can fix these problems by taking the port lock when updating CR.
Signed-off-by: Jon Medhurst <tixy@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/tty/serial/amba-pl011.c | 6 ++++++
1 file changed, 6 insertions(+)
--- a/drivers/tty/serial/amba-pl011.c
+++ b/drivers/tty/serial/amba-pl011.c
@@ -1413,6 +1413,8 @@ static int pl011_startup(struct uart_por
/*
* Provoke TX FIFO interrupt into asserting.
*/
+ spin_lock_irq(&uap->port.lock);
+
cr = UART01x_CR_UARTEN | UART011_CR_TXE | UART011_CR_LBE;
writew(cr, uap->port.membase + UART011_CR);
writew(0, uap->port.membase + UART011_FBRD);
@@ -1437,6 +1439,8 @@ static int pl011_startup(struct uart_por
cr |= UART01x_CR_UARTEN | UART011_CR_RXE | UART011_CR_TXE;
writew(cr, uap->port.membase + UART011_CR);
+ spin_unlock_irq(&uap->port.lock);
+
/*
* initialise the old status of the modem signals
*/
@@ -1516,11 +1520,13 @@ static void pl011_shutdown(struct uart_p
* it during startup().
*/
uap->autorts = false;
+ spin_lock_irq(&uap->port.lock);
cr = readw(uap->port.membase + UART011_CR);
uap->old_cr = cr;
cr &= UART011_CR_RTS | UART011_CR_DTR;
cr |= UART01x_CR_UARTEN | UART011_CR_TXE;
writew(cr, uap->port.membase + UART011_CR);
+ spin_unlock_irq(&uap->port.lock);
/*
* disable break condition and fifos
next prev parent reply other threads:[~2014-01-26 3:05 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-26 3:05 [PATCH 3.4 00/12] 3.4.78-stable review Greg Kroah-Hartman
2014-01-26 3:05 ` [PATCH 3.4 01/12] KVM: x86: Convert vapic synchronization to _cached functions (CVE-2013-6368) Greg Kroah-Hartman
2014-01-26 3:05 ` [PATCH 3.4 02/12] staging: comedi: 8255_pci: fix for newer PCI-DIO48H Greg Kroah-Hartman
2014-01-26 3:05 ` [PATCH 3.4 03/12] perf/x86/amd/ibs: Fix waking up from S3 for AMD family 10h Greg Kroah-Hartman
2014-01-26 3:05 ` [PATCH 3.4 04/12] mm/memory-failure.c: recheck PageHuge() after hugetlb page migrate successfully Greg Kroah-Hartman
2014-01-26 3:05 ` [PATCH 3.4 05/12] hwmon: (coretemp) Fix truncated name of alarm attributes Greg Kroah-Hartman
2014-01-26 3:05 ` [PATCH 3.4 06/12] SELinux: Fix possible NULL pointer dereference in selinux_inode_permission() Greg Kroah-Hartman
2014-01-26 3:05 ` [PATCH 3.4 07/12] nilfs2: fix segctor bug that causes file system corruption Greg Kroah-Hartman
2014-01-26 3:05 ` [PATCH 3.4 08/12] md/raid10: fix bug when raid10 recovery fails to recover a block Greg Kroah-Hartman
2014-01-26 3:05 ` [PATCH 3.4 09/12] md/raid10: fix two bugs in handling of known-bad-blocks Greg Kroah-Hartman
2014-01-26 3:05 ` [PATCH 3.4 10/12] md/raid5: Fix possible confusion when multiple write errors occur Greg Kroah-Hartman
2014-01-26 3:05 ` Greg Kroah-Hartman [this message]
2014-01-26 3:05 ` [PATCH 3.4 12/12] staging: wlags49_h2: buffer overflow setting station name Greg Kroah-Hartman
2014-01-26 5:17 ` [PATCH 3.4 00/12] 3.4.78-stable review Guenter Roeck
2014-01-26 16:08 ` Greg Kroah-Hartman
2014-01-27 11:17 ` Satoru Takeuchi
2014-01-27 13:34 ` Greg Kroah-Hartman
2014-01-27 17:18 ` Shuah Khan
2014-01-27 17:31 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140126030452.801731346@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=tixy@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).