diff options
| author | Alan Stern <stern@rowland.harvard.edu> | 2012-09-26 13:09:53 -0400 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2012-10-02 09:47:55 -0700 |
| commit | b15ab4ac6ae748d3552b0cb112dff5c9c567d4ca (patch) | |
| tree | 701da5fd61dabc507e69cf2bed6334f09c61d6f3 /fs/cifs/cifs_spnego.h | |
| parent | 8ef8fa7479fff9313387b873413f5ae233a2bd04 (diff) | |
USB: Fix race condition when removing host controllers
commit 0d00dc2611abbe6ad244d50569c2ee82ce42846c upstream.
This patch (as1607) fixes a race that can occur if a USB host
controller is removed while a process is reading the
/sys/kernel/debug/usb/devices file.
The usb_device_read() routine uses the bus->root_hub pointer to
determine whether or not the root hub is registered. The is not a
valid test, because the pointer is set before the root hub gets
registered and remains set even after the root hub is unregistered and
deallocated. As a result, usb_device_read() or usb_device_dump() can
access freed memory, causing an oops.
The patch changes the test to use the hcd->rh_registered flag, which
does get set and cleared at the appropriate times. It also makes sure
to hold the usb_bus_list_lock mutex while setting the flag, so that
usb_device_read() will become aware of new root hubs as soon as they
are registered.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Reported-by: Don Zickus <dzickus@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'fs/cifs/cifs_spnego.h')
0 files changed, 0 insertions, 0 deletions