Hi
On 2023-06-13, Stefan Lippers-Hollmann wrote:
On 2023-06-07, Greg Kroah-Hartman wrote:
From: Hyunwoo Kim imv4bel@gmail.com
[ Upstream commit 6769a0b7ee0c3b31e1b22c3fadff2bfb642de23f ]
If the device node of dvb_frontend is open() and the device is disconnected, many kinds of UAFs may occur when calling close() on the device node.
The root cause of this is that wake_up() for dvbdev->wait_queue is implemented in the dvb_frontend_release() function, but wait_event() is not implemented in the dvb_frontend_stop() function.
So, implement wait_event() function in dvb_frontend_stop() and add 'remove_mutex' which prevents race condition for 'fe->exit'.
[mchehab: fix a couple of checkpatch warnings and some mistakes at the error handling logic]
Link: https://lore.kernel.org/linux-media/20221117045925.14297-2-imv4bel@gmail.com
[...]
I'm noticing a regression relative to kernel v6.3.6 with this change as part of kernel v6.3.7 on my ivy-bridge system running Debian/unstable (amd64) with vdr 2.6.0-1.1[0] and two DVB cards TeVii S480 V2.1 (DVB-S2, dw2102) and an Xbox One Digital TV Tuner (DVB-T2, dvb_usb_dib0700). The systemd unit starting vdr just times out and hangs forever, with vdr never coming up and also preventing a clean system shutdown (hard reset required). Apart from the systemd unit timing out, there don't really appear to be any further issues logged.
[...]
I've now also tested v6.4-rc6-26-gfb054096aea0 and can reproduce this regression there as well, with the same fix of reverting this corresponding patch.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...
Regards Stefan Lippers-Hollmann