1. Patchew
  2. linux
  3. View series

[PATCH] input: psmouse: Add unlock mutex before to exit psmouse_attr_set_protocol

Alessandro Zanni posted 1 patch 1 month, 3 weeks ago 
drivers/input/mouse/psmouse-base.c | 2 ++
1 file changed, 2 insertions(+)
[PATCH] input: psmouse: Add unlock mutex before to exit psmouse_attr_set_protocol
Posted by Alessandro Zanni 1 month, 3 weeks ago 
In error handling code for "no such device" or memory already used,
release the mutex before to return.

Found with Coccinelle static analisys tool,
script: https://coccinelle.gitlabpages.inria.fr/website/rules/mut.cocci

Signed-off-by: Alessandro Zanni <alessandro.zanni87@gmail.com>
---
 drivers/input/mouse/psmouse-base.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/input/mouse/psmouse-base.c b/drivers/input/mouse/psmouse-base.c
index 5a4defe9cf32..cb3a125d8d7c 100644
--- a/drivers/input/mouse/psmouse-base.c
+++ b/drivers/input/mouse/psmouse-base.c
@@ -1930,11 +1930,13 @@ static ssize_t psmouse_attr_set_protocol(struct psmouse *psmouse, void *data, co
 
 		if (serio->drv != &psmouse_drv) {
 			input_free_device(new_dev);
+			mutex_unlock(&psmouse_mutex);
 			return -ENODEV;
 		}
 
 		if (psmouse->protocol == proto) {
 			input_free_device(new_dev);
+			mutex_unlock(&psmouse_mutex);
 			return count; /* switched by other thread */
 		}
 	}
-- 
2.43.0
Re: [PATCH] input: psmouse: Add unlock mutex before to exit psmouse_attr_set_protocol
Posted by Dmitry Torokhov 1 month, 3 weeks ago 
Hi Alessandro,

On Tue, Oct 01, 2024 at 01:08:38PM +0200, Alessandro Zanni wrote:
> In error handling code for "no such device" or memory already used,
> release the mutex before to return.
> 
> Found with Coccinelle static analisys tool,
> script: https://coccinelle.gitlabpages.inria.fr/website/rules/mut.cocci
> 
> Signed-off-by: Alessandro Zanni <alessandro.zanni87@gmail.com>
> ---
>  drivers/input/mouse/psmouse-base.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/drivers/input/mouse/psmouse-base.c b/drivers/input/mouse/psmouse-base.c
> index 5a4defe9cf32..cb3a125d8d7c 100644
> --- a/drivers/input/mouse/psmouse-base.c
> +++ b/drivers/input/mouse/psmouse-base.c
> @@ -1930,11 +1930,13 @@ static ssize_t psmouse_attr_set_protocol(struct psmouse *psmouse, void *data, co
>  
>  		if (serio->drv != &psmouse_drv) {
>  			input_free_device(new_dev);
> +			mutex_unlock(&psmouse_mutex);

I am sorry, bit this makes absolutely no sense. This mutex is taken
(and then released) in psmouse_attr_set_helper() wrapper.
psmouse_attr_set_protocol() momentarily drops and then reacquires it,
but it should not release it either failure or success parts.

Thanks.

-- 
Dmitry

Patchew 2.1-devel-b67e4c2

© 2016 - 2024 Red Hat, Inc.