ChangeSet 1.865.28.7, 2002/12/19 12:09:56-08:00, oliver@neukum.name [PATCH] USB: speedtouch reentrancy race through usbfs speedtouch povides an ioctl handler through usbfs. It must not be reentered. A semaphore ensures that. diff -Nru a/drivers/usb/misc/speedtouch.c b/drivers/usb/misc/speedtouch.c --- a/drivers/usb/misc/speedtouch.c Sun Dec 22 00:40:52 2002 +++ b/drivers/usb/misc/speedtouch.c Sun Dec 22 00:40:52 2002 @@ -146,6 +146,7 @@ /* data thread */ DECLARE_WAIT_QUEUE_HEAD (udsl_wqh); static DECLARE_COMPLETION(thread_grave); +static DECLARE_MUTEX(udsl_usb_ioctl_lock); static unsigned int datapid; #ifdef DEBUG_PACKET @@ -890,7 +891,7 @@ { struct usb_device *dev = interface_to_usbdev (intf); struct udsl_instance_data *instance; - int i; + int i,retval; for (i = 0; i < MAX_UDSL; i++) if (minor_data[i] && (minor_data[i]->usb_dev == dev)) @@ -901,17 +902,20 @@ instance = minor_data[i]; + down(&udsl_usb_ioctl_lock); switch (code) { case UDSL_IOCTL_START: - return udsl_usb_data_init (instance); + retval = udsl_usb_data_init (instance); break; case UDSL_IOCTL_STOP: - return udsl_usb_data_exit (instance); + retval = udsl_usb_data_exit (instance); break; default: + retval = -ENOTTY; break; } - return -EINVAL; + up(&udsl_usb_ioctl_lock); + return retval; } static int udsl_usb_probe (struct usb_interface *intf, const struct usb_device_id *id)