Hi, On Aug 19 2016 15:24, Vaishali Thakkar wrote: > I was wondering about the call to copy_to_user in function hwdep_read_locked > and > hwdep_read_resp_buf for driver sound/firewire/fireworks/fireworks_hwdep.c. > The function hwdep_read calls both of these functions while holding a > spinlock[1], > which is not normally allowed due to the possibility of a deadlock. > > This seems to be coming from the commit > 555e8a8f7f149544eb7d4aa3a6420bc4c3055638 > while adding a command/response functionality into hwdep interface. Is there > some > reason that I am overlooking, why it is OK in this case? Is there some code > in the > same file which ensures that page fault will not occur when we are calling > these > functions while holding a spin_lock_irq? > > The same issue is there with the driver sound/firewire/tascam/tascam-hwdep.c > for > obvious reasons. > > Coccinelle script is used to detect this issue. > > Thank you. > > [1] > http://lxr.free-electrons.com/source/sound/firewire/fireworks/fireworks_hwdep.c#L114
Indeed, I was unaware of the situation in which deadlock occurs; i.e. page fault. I'm on short summer vacation, so will post patches for them in next week. Thanks Takashi Sakamoto
