The following commit has been merged in the linux branch: commit b0e14951ee0f6c29abc64b92ec7075a159ede37c Author: Jiri Kosina jkosina@suse.cz Date: Mon Oct 12 11:25:56 2009 +0200
HID: fix possible deadlock in hidraw_read
If the loop in hidraw_read() loops more than once, then we might end up trying to acquire already locked mutex, casuing a deadlock.
Reported-by: iceberg iceberg@ispras.ru Signed-off-by: Jiri Kosina jkosina@suse.cz
diff --git a/drivers/hid/hidraw.c b/drivers/hid/hidraw.c index 0c6639e..b079a9c 100644 --- a/drivers/hid/hidraw.c +++ b/drivers/hid/hidraw.c @@ -47,10 +47,9 @@ static ssize_t hidraw_read(struct file *file, char __user *buffer, size_t count, char *report; DECLARE_WAITQUEUE(wait, current);
- while (ret == 0) { - - mutex_lock(&list->read_mutex); + mutex_lock(&list->read_mutex);
+ while (ret == 0) { if (list->head == list->tail) { add_wait_queue(&list->hidraw->wait, &wait); set_current_state(TASK_INTERRUPTIBLE);