When a forked process reopens a file for stdio logging during the first write(2)
after a fork(2), it holds log->mutex when it calls filp_open() which
in turn calls misc_open(). misc_open() takes misc_mtx.
If at the same time (after acquiring log->mutex and before misc_open()
is called) another process (e.g. dlogutil) opens the same logger
device for reading (open(2) -> misc_open() -> logger_open() ->
mutex_lock(log->mutex)), a race condition and a AB-BA deadlock occurs. To
avoid it log->mutex is released before calling make_new_file() and
reaquired after. It is safe to do so, because the log structure isn't
accessed.
Change-Id: Ibaab2947638997dca82c0e47146f77ce0f1bee57
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
if (writer->owner != current->group_leader) {
struct file *nfile;
+ mutex_unlock(&log->mutex);
nfile = make_new_file(file);
if (IS_ERR(nfile)) {
- mutex_unlock(&log->mutex);
return PTR_ERR(nfile);
}
+ mutex_lock(&log->mutex);
file = nfile;
writer = file->private_data;
if (writer->owner != current->group_leader) {
struct file *nfile;
+ mutex_unlock(&log->mutex);
nfile = make_new_file(file);
if (IS_ERR(nfile)) {
- mutex_unlock(&log->mutex);
return PTR_ERR(nfile);
}
+ mutex_lock(&log->mutex);
file = nfile;
writer = file->private_data;
projects / platform / kernel / linux-tizen-modules-source.git / commitdiff