* Steven Rostedt <[EMAIL PROTECTED]> wrote: > I googled a little and found where this may have already happened in > the main line kernel: > > http://seclists.org/lists/linux-kernel/2005/Aug/1603.html > > So here's my proposal: > > Instead of checking for tty->count == 1 in con_open, which we see is > not reliable. Just check for tty->driver_data == NULL. > > This should work since it should always be NULL when we need to assign > it. If we switch the events of the race, so that the init_dev went > first, the driver_data would not be NULL and would not need to be > allocated, because after init_dev tty->count would be greater than 1 > (this is assuming the case that it is already allocated) and the > con_close would not deallocate it. The tty_sem and console_sem and > order of events protect the tty->driver_data but not the tty->count. > > Without the patch, I was able to get the system to BUG on bootup every > other time. With the patch applied, I was able to bootup 6 out of 6 > times without a single crash.
cool fix. I'm wondering, there's a whole lot of other 'tty->count == 1' checks in drivers/char/*.c, could some of those be racy too? Ingo - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/