Loading drivers/char/diag/diag_dci.c +18 −3 Original line number Original line Diff line number Diff line Loading @@ -1538,6 +1538,7 @@ void diag_dci_notify_client(int peripheral_mask, int data, int proc) DIAG_LOG(DIAG_DEBUG_PERIPHERALS, DIAG_LOG(DIAG_DEBUG_PERIPHERALS, "diag: dci client with pid = %d Exited..\n", "diag: dci client with pid = %d Exited..\n", entry->tgid); entry->tgid); put_pid(pid_struct); mutex_unlock(&driver->dci_mutex); mutex_unlock(&driver->dci_mutex); return; return; } } Loading @@ -1552,10 +1553,13 @@ void diag_dci_notify_client(int peripheral_mask, int data, int proc) if (stat) if (stat) pr_err("diag: Err sending dci signal to client, signal data: 0x%x, stat: %d\n", pr_err("diag: Err sending dci signal to client, signal data: 0x%x, stat: %d\n", info.si_int, stat); info.si_int, stat); } else } else { pr_err("diag: client data is corrupted, signal data: 0x%x, stat: %d\n", pr_err("diag: client data is corrupted, signal data: 0x%x, stat: %d\n", info.si_int, stat); info.si_int, stat); } } put_task_struct(dci_task); put_pid(pid_struct); } } } } } mutex_unlock(&driver->dci_mutex); mutex_unlock(&driver->dci_mutex); Loading Loading @@ -2310,12 +2314,19 @@ struct diag_dci_client_tbl *dci_lookup_client_entry_pid(int tgid) DIAG_LOG(DIAG_DEBUG_DCI, DIAG_LOG(DIAG_DEBUG_DCI, "diag: valid task doesn't exist for pid = %d\n", "diag: valid task doesn't exist for pid = %d\n", entry->tgid); entry->tgid); put_pid(pid_struct); continue; continue; } } if (task_s == entry->client) if (task_s == entry->client) { if (entry->client->tgid == tgid) if (entry->client->tgid == tgid) { put_task_struct(task_s); put_pid(pid_struct); return entry; return entry; } } } put_task_struct(task_s); put_pid(pid_struct); } return NULL; return NULL; } } Loading Loading @@ -2937,6 +2948,7 @@ int diag_dci_register_client(struct diag_dci_reg_tbl_t *reg_entry) mutex_lock(&driver->dci_mutex); mutex_lock(&driver->dci_mutex); get_task_struct(current); new_entry->client = current; new_entry->client = current; new_entry->tgid = current->tgid; new_entry->tgid = current->tgid; new_entry->client_info.notification_list = new_entry->client_info.notification_list = Loading Loading @@ -3091,6 +3103,9 @@ int diag_dci_deinit_client(struct diag_dci_client_tbl *entry) return DIAG_DCI_NO_REG; return DIAG_DCI_NO_REG; driver->num_dci_client--; driver->num_dci_client--; driver->dci_client_id[entry->client_info.client_id - 1] = 0; driver->dci_client_id[entry->client_info.client_id - 1] = 0; put_task_struct(entry->client); entry->client = NULL; /* /* * Clear the client's log and event masks, update the cumulative * Clear the client's log and event masks, update the cumulative * masks and send the masks to peripherals * masks and send the masks to peripherals Loading drivers/char/diag/diagchar_core.c +20 −3 Original line number Original line Diff line number Diff line Loading @@ -22,6 +22,7 @@ #include <linux/sched.h> #include <linux/sched.h> #include <linux/ratelimit.h> #include <linux/ratelimit.h> #include <linux/timer.h> #include <linux/timer.h> #include <linux/sched/task.h> #ifdef CONFIG_DIAG_OVER_USB #ifdef CONFIG_DIAG_OVER_USB #include <linux/usb/usbdiag.h> #include <linux/usb/usbdiag.h> #endif #endif Loading Loading @@ -3674,20 +3675,32 @@ static ssize_t diagchar_read(struct file *file, char __user *buf, size_t count, DIAG_LOG(DIAG_DEBUG_DCI, DIAG_LOG(DIAG_DEBUG_DCI, "diag: valid task doesn't exist for pid = %d\n", "diag: valid task doesn't exist for pid = %d\n", entry->tgid); entry->tgid); put_pid(pid_struct); continue; continue; } } if (task_s == entry->client) if (task_s == entry->client) { if (entry->client->tgid != current->tgid) if (entry->client->tgid != current->tgid) { put_task_struct(task_s); put_pid(pid_struct); continue; continue; if (!entry->in_service) } } if (!entry->in_service) { put_task_struct(task_s); put_pid(pid_struct); continue; continue; } if (copy_to_user(buf + ret, &data_type, sizeof(int))) { if (copy_to_user(buf + ret, &data_type, sizeof(int))) { put_task_struct(task_s); put_pid(pid_struct); mutex_unlock(&driver->dci_mutex); mutex_unlock(&driver->dci_mutex); goto end; goto end; } } ret += sizeof(int); ret += sizeof(int); if (copy_to_user(buf + ret, &entry->client_info.token, if (copy_to_user(buf + ret, &entry->client_info.token, sizeof(int))) { sizeof(int))) { put_task_struct(task_s); put_pid(pid_struct); mutex_unlock(&driver->dci_mutex); mutex_unlock(&driver->dci_mutex); goto end; goto end; } } Loading @@ -3699,9 +3712,13 @@ static ssize_t diagchar_read(struct file *file, char __user *buf, size_t count, atomic_dec(&driver->data_ready_notif[index]); atomic_dec(&driver->data_ready_notif[index]); mutex_unlock(&driver->diagchar_mutex); mutex_unlock(&driver->diagchar_mutex); if (exit_stat == 1) { if (exit_stat == 1) { put_task_struct(task_s); put_pid(pid_struct); mutex_unlock(&driver->dci_mutex); mutex_unlock(&driver->dci_mutex); goto end; goto end; } } put_task_struct(task_s); put_pid(pid_struct); } } mutex_unlock(&driver->dci_mutex); mutex_unlock(&driver->dci_mutex); goto end; goto end; Loading Loading
drivers/char/diag/diag_dci.c +18 −3 Original line number Original line Diff line number Diff line Loading @@ -1538,6 +1538,7 @@ void diag_dci_notify_client(int peripheral_mask, int data, int proc) DIAG_LOG(DIAG_DEBUG_PERIPHERALS, DIAG_LOG(DIAG_DEBUG_PERIPHERALS, "diag: dci client with pid = %d Exited..\n", "diag: dci client with pid = %d Exited..\n", entry->tgid); entry->tgid); put_pid(pid_struct); mutex_unlock(&driver->dci_mutex); mutex_unlock(&driver->dci_mutex); return; return; } } Loading @@ -1552,10 +1553,13 @@ void diag_dci_notify_client(int peripheral_mask, int data, int proc) if (stat) if (stat) pr_err("diag: Err sending dci signal to client, signal data: 0x%x, stat: %d\n", pr_err("diag: Err sending dci signal to client, signal data: 0x%x, stat: %d\n", info.si_int, stat); info.si_int, stat); } else } else { pr_err("diag: client data is corrupted, signal data: 0x%x, stat: %d\n", pr_err("diag: client data is corrupted, signal data: 0x%x, stat: %d\n", info.si_int, stat); info.si_int, stat); } } put_task_struct(dci_task); put_pid(pid_struct); } } } } } mutex_unlock(&driver->dci_mutex); mutex_unlock(&driver->dci_mutex); Loading Loading @@ -2310,12 +2314,19 @@ struct diag_dci_client_tbl *dci_lookup_client_entry_pid(int tgid) DIAG_LOG(DIAG_DEBUG_DCI, DIAG_LOG(DIAG_DEBUG_DCI, "diag: valid task doesn't exist for pid = %d\n", "diag: valid task doesn't exist for pid = %d\n", entry->tgid); entry->tgid); put_pid(pid_struct); continue; continue; } } if (task_s == entry->client) if (task_s == entry->client) { if (entry->client->tgid == tgid) if (entry->client->tgid == tgid) { put_task_struct(task_s); put_pid(pid_struct); return entry; return entry; } } } put_task_struct(task_s); put_pid(pid_struct); } return NULL; return NULL; } } Loading Loading @@ -2937,6 +2948,7 @@ int diag_dci_register_client(struct diag_dci_reg_tbl_t *reg_entry) mutex_lock(&driver->dci_mutex); mutex_lock(&driver->dci_mutex); get_task_struct(current); new_entry->client = current; new_entry->client = current; new_entry->tgid = current->tgid; new_entry->tgid = current->tgid; new_entry->client_info.notification_list = new_entry->client_info.notification_list = Loading Loading @@ -3091,6 +3103,9 @@ int diag_dci_deinit_client(struct diag_dci_client_tbl *entry) return DIAG_DCI_NO_REG; return DIAG_DCI_NO_REG; driver->num_dci_client--; driver->num_dci_client--; driver->dci_client_id[entry->client_info.client_id - 1] = 0; driver->dci_client_id[entry->client_info.client_id - 1] = 0; put_task_struct(entry->client); entry->client = NULL; /* /* * Clear the client's log and event masks, update the cumulative * Clear the client's log and event masks, update the cumulative * masks and send the masks to peripherals * masks and send the masks to peripherals Loading
drivers/char/diag/diagchar_core.c +20 −3 Original line number Original line Diff line number Diff line Loading @@ -22,6 +22,7 @@ #include <linux/sched.h> #include <linux/sched.h> #include <linux/ratelimit.h> #include <linux/ratelimit.h> #include <linux/timer.h> #include <linux/timer.h> #include <linux/sched/task.h> #ifdef CONFIG_DIAG_OVER_USB #ifdef CONFIG_DIAG_OVER_USB #include <linux/usb/usbdiag.h> #include <linux/usb/usbdiag.h> #endif #endif Loading Loading @@ -3674,20 +3675,32 @@ static ssize_t diagchar_read(struct file *file, char __user *buf, size_t count, DIAG_LOG(DIAG_DEBUG_DCI, DIAG_LOG(DIAG_DEBUG_DCI, "diag: valid task doesn't exist for pid = %d\n", "diag: valid task doesn't exist for pid = %d\n", entry->tgid); entry->tgid); put_pid(pid_struct); continue; continue; } } if (task_s == entry->client) if (task_s == entry->client) { if (entry->client->tgid != current->tgid) if (entry->client->tgid != current->tgid) { put_task_struct(task_s); put_pid(pid_struct); continue; continue; if (!entry->in_service) } } if (!entry->in_service) { put_task_struct(task_s); put_pid(pid_struct); continue; continue; } if (copy_to_user(buf + ret, &data_type, sizeof(int))) { if (copy_to_user(buf + ret, &data_type, sizeof(int))) { put_task_struct(task_s); put_pid(pid_struct); mutex_unlock(&driver->dci_mutex); mutex_unlock(&driver->dci_mutex); goto end; goto end; } } ret += sizeof(int); ret += sizeof(int); if (copy_to_user(buf + ret, &entry->client_info.token, if (copy_to_user(buf + ret, &entry->client_info.token, sizeof(int))) { sizeof(int))) { put_task_struct(task_s); put_pid(pid_struct); mutex_unlock(&driver->dci_mutex); mutex_unlock(&driver->dci_mutex); goto end; goto end; } } Loading @@ -3699,9 +3712,13 @@ static ssize_t diagchar_read(struct file *file, char __user *buf, size_t count, atomic_dec(&driver->data_ready_notif[index]); atomic_dec(&driver->data_ready_notif[index]); mutex_unlock(&driver->diagchar_mutex); mutex_unlock(&driver->diagchar_mutex); if (exit_stat == 1) { if (exit_stat == 1) { put_task_struct(task_s); put_pid(pid_struct); mutex_unlock(&driver->dci_mutex); mutex_unlock(&driver->dci_mutex); goto end; goto end; } } put_task_struct(task_s); put_pid(pid_struct); } } mutex_unlock(&driver->dci_mutex); mutex_unlock(&driver->dci_mutex); goto end; goto end; Loading
