mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/drivers/uio
History
Jia-Ju Bai ea6b7b1d58 uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol() 
[ Upstream commit b74351287d ]

The driver may sleep while holding a spinlock.
The function call path (from bottom to top) in Linux 4.19 is:

kernel/irq/manage.c, 523:
	synchronize_irq in disable_irq
drivers/uio/uio_dmem_genirq.c, 140:
	disable_irq in uio_dmem_genirq_irqcontrol
drivers/uio/uio_dmem_genirq.c, 134:
	_raw_spin_lock_irqsave in uio_dmem_genirq_irqcontrol

synchronize_irq() can sleep at runtime.

To fix this bug, disable_irq() is called without holding the spinlock.

This bug is found by a static analysis tool STCheck written by myself.

Signed-off-by: Jia-Ju Bai <baijiaju1990@gmail.com>
Link: https://lore.kernel.org/r/20191218094405.6009-1-baijiaju1990@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2020-02-24 08:34:37 +01:00
..
Kconfig
Makefile
uio.c driver: uio: fix possible use-after-free in __uio_register_device 2020-01-27 14:50:17 +01:00
uio_aec.c
uio_cif.c
uio_dmem_genirq.c uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol() 2020-02-24 08:34:37 +01:00
uio_fsl_elbc_gpcm.c
uio_hv_generic.c
uio_mf624.c
uio_netx.c
uio_pci_generic.c
uio_pdrv_genirq.c
uio_pruss.c
uio_sercos3.c