On Aug 31 2016 23:18, Takashi Iwai wrote:
On Wed, 31 Aug 2016 15:58:42 +0200, Takashi Sakamoto wrote:
In hwdep interface of fireworks driver, accessing to user space is in a critical section with disabled local interrupt. Depending on architecture, accessing to user space can cause page fault exception. Then local processor stores machine status and handles the synchronous event. A handler corresponding to the event can call task scheduler to wait for preparing pages. In a case of usage of single core processor, the state to disable local interrupt is worse because it don't handle usual interrupts from hardware.
This commit fixes this bug, performing the accessing outside spinlock. This commit also gives up counting the number of queued response messages to simplify ring-buffer management.
Reported-by: Vaishali Thakkar vaishali.thakkar@oracle.com Cc: stable@vger.kernel.org Fixes: 555e8a8f7f14('ALSA: fireworks: Add command/response functionality into hwdep interface') Signed-off-by: Takashi Sakamoto o-takashi@sakamocchi.jp
Applied, thanks.
Though, now I think whether it could be more easily fixed just by replacing spinlock with a mutex. But this patch is good and simple enough, so I take it.
Copying to ring-buffer is done in software IRQ context, with referring to pull/push pointers, therefore we should use lock primitives without calling task scheduler.
In the other aim to handle several tasks in process context, I've also investigated usage of mutex, but cannot avoid using copy_to_user() in held mutex. In this case, neither usage of spinlock nor mutex has differences.
Thanks
Takashi Sakamoto