USB: hub: change the locking in hub_activate
authorAlan Stern <stern@rowland.harvard.edu>
Fri, 5 Aug 2016 15:51:30 +0000 (11:51 -0400)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Tue, 9 Aug 2016 13:45:59 +0000 (15:45 +0200)
The locking in hub_activate() is not adequate to provide full mutual
exclusion with hub_quiesce().  The subroutine locks the hub's
usb_interface, but the callers of hub_quiesce() (such as
hub_pre_reset() and hub_event()) hold the lock to the hub's
usb_device.

This patch changes hub_activate() to make it acquire the same lock as
those other routines.

Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
CC: <stable@vger.kernel.org> #4.4+
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/usb/core/hub.c

index bb69d262b6f953e197ac5ba07417e47c86c63cc9..1d5fc32d06d007a6f64526a531da8ae69e8e6950 100644 (file)
@@ -1052,7 +1052,7 @@ static void hub_activate(struct usb_hub *hub, enum hub_activation_type type)
 
        /* Continue a partial initialization */
        if (type == HUB_INIT2 || type == HUB_INIT3) {
-               device_lock(hub->intfdev);
+               device_lock(&hdev->dev);
 
                /* Was the hub disconnected while we were waiting? */
                if (hub->disconnected)
@@ -1259,7 +1259,7 @@ static void hub_activate(struct usb_hub *hub, enum hub_activation_type type)
                        queue_delayed_work(system_power_efficient_wq,
                                        &hub->init_work,
                                        msecs_to_jiffies(delay));
-                       device_unlock(hub->intfdev);
+                       device_unlock(&hdev->dev);
                        return;         /* Continues at init3: below */
                } else {
                        msleep(delay);
@@ -1282,7 +1282,7 @@ static void hub_activate(struct usb_hub *hub, enum hub_activation_type type)
                /* Allow autosuspend if it was suppressed */
  disconnected:
                usb_autopm_put_interface_async(to_usb_interface(hub->intfdev));
-               device_unlock(hub->intfdev);
+               device_unlock(&hdev->dev);
        }
 
        kref_put(&hub->kref, hub_release);