[PATCH] if_xl: Fix a possible sleep-under-mutex bug in xl_list_rx_init
Jia-Ju Bai
baijiaju1990 at 163.com
Mon Jun 19 01:28:25 UTC 2017
The driver may sleep under a mutex, and the code path is:
xl_resume [acquire the mutex]
xl_init_locked
xl_list_rx_init
bus_dmamap_create(BUS_DMA_WAITOK) --> may sleep
The possible fix of this bug is to replace "BUS_DMA_WAITOK" in bus_dmamap_create with "BUS_DMA_NOWAIT".
This bug is found by a static analysis tool written by myself, and it is
checked by my review of the FreeBSD code.
Signed-off-by: Jia-Ju Bai <baijiaju1990 at 163.com>
---
sys/dev/xl/if_xl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sys/dev/xl/if_xl.c b/sys/dev/xl/if_xl.c
index 4c1c238981d..59b29ddc7ca 100644
--- a/sys/dev/xl/if_xl.c
+++ b/sys/dev/xl/if_xl.c
@@ -1726,7 +1726,7 @@ xl_list_rx_init(struct xl_softc *sc)
for (i = 0; i < XL_RX_LIST_CNT; i++) {
cd->xl_rx_chain[i].xl_ptr = &ld->xl_rx_list[i];
- error = bus_dmamap_create(sc->xl_mtag, 0,
+ error = bus_dmamap_create(sc->xl_mtag, BUS_DMA_NOWAIT,
&cd->xl_rx_chain[i].xl_map);
if (error)
return (error);
--
2.13.0
More information about the freebsd-net
mailing list