From: Christian Riesch <christian.riesch@omicron.at>
Date: Thu, 13 Nov 2014 04:53:26 +0000 (+0100)
Subject: n_tty: Fix read_buf race condition, increment read_head after pushing data
X-Git-Tag: omap-for-v3.19/fixes-rc1~86^2~4
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8bfbe2de769afda051c56aba5450391670e769fc;p=pandora-kernel.git

n_tty: Fix read_buf race condition, increment read_head after pushing data

Commit 19e2ad6a09f0c06dbca19c98e5f4584269d913dd ("n_tty: Remove overflow
tests from receive_buf() path") moved the increment of read_head into
the arguments list of read_buf_addr(). Function calls represent a
sequence point in C. Therefore read_head is incremented before the
character c is placed in the buffer. Since the circular read buffer is
a lock-less design since commit 6d76bd2618535c581f1673047b8341fd291abc67
("n_tty: Make N_TTY ldisc receive path lockless"), this creates a race
condition that leads to communication errors.

This patch modifies the code to increment read_head _after_ the data
is placed in the buffer and thus fixes the race for non-SMP machines.
To fix the problem for SMP machines, memory barriers must be added in
a separate patch.

Signed-off-by: Christian Riesch <christian.riesch@omicron.at>
Cc: <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---

Reading git-diff-tree failed