linux/drivers/s390/char
Heiko Carstens ae289dc1f4 s390/3215: fix tty close handling
The 3215 console always has the RAW3215_FIXED flag set, which causes
raw3215_shutdown() not to wait for outstanding I/O requests if an attached
tty gets closed.
The flag however can be simply removed, so we can guarantee that all requests
belonging to the tty have been processed when the tty is closed.

However the tasklet that belongs to the 3215 device may be scheduled even if
there is no tty attached anymore, since we have a race between console and tty
processing.
Thefore unconditional tty_wakekup() in raw3215_wakeup() can cause the following
NULL pointer dereference:

3.465368 Unable to handle kernel pointer dereference at virtual kernel address (null)
3.465448 Oops: 0004 #1 SMP
3.465454 Modules linked in:
3.465459 CPU: 1 Not tainted 3.6.0 #1
3.465462 Process swapper/1 (pid: 0, task: 000000003ffa4428, ksp: 000000003ffb7ce0)
3.465466 Krnl PSW : 0404100180000000 0000000000162f86 (__wake_up+0x46/0xb8)
3.465480            R:0 T:1 IO:0 EX:0 Key:0 M:1 W:0 P:0 AS:0 CC:1 PM:0 EA:3
         Krnl GPRS: fffffffffffffffe 0000000000000000 0000000000000160 0000000000000001
3.465492            0000000000000001 0000000000000004 0000000000000004 000000000096b490
3.465499            0000000000000001 0000000000000100 0000000000000001 0000000000000001
3.465506            070000003fc87d60 0000000000000160 000000003fc87d68 000000003fc87d00
3.465526 Krnl Code: 0000000000162f76: e3c0f0a80004      lg      %r12,168(%r15)
                    0000000000162f7c: 58000370          l       %r0,880
                   #0000000000162f80: c007ffffffff00    xilf    %r0,4294967295
                   >0000000000162f86: ba102000          cs      %r1,%r0,0(%r2)
                    0000000000162f8a: 1211              ltr     %r1,%r1
                    0000000000162f8c: a774002f          brc     7,162fea
                    0000000000162f90: b904002d          lgr     %r2,%r13
                    0000000000162f94: b904003a          lgr     %r3,%r10
3.465597 Call Trace:
3.465599 (<0400000000000000> 0x400000000000000)
3.465602  <000000000048c77e> raw3215_wakeup+0x2e/0x40
3.465607  <0000000000134d66> tasklet_action+0x96/0x168
3.465612  <000000000013423c> __do_softirq+0xd8/0x21c
3.465615  <0000000000134678> irq_exit+0xa8/0xac
3.465617  <000000000046c232> do_IRQ+0x182/0x248
3.465621  <00000000005c8296> io_return+0x0/0x8
3.465625  <00000000005c7cac> vtime_stop_cpu+0x4c/0xb8
3.465629 (<0000000000194e06> tick_nohz_idle_enter+0x4e/0x74)
3.465633  <0000000000104760> cpu_idle+0x170/0x184
3.465636  <00000000005b5182> smp_start_secondary+0xd6/0xe0
3.465641  <00000000005c86be> restart_int_handler+0x56/0x6c
3.465643  <0000000000000000> 0x0
3.465645 Last Breaking-Event-Address:
3.465647  <0000000000403136> tty_wakeup+0x46/0x98
3.465652
3.465654 Kernel panic - not syncing: Fatal exception in interrupt
01: HCPGIR450W CP entered; disabled wait PSW 00020001 80000000 00000000 0010F63C

The easiest solution is simply to check if tty is NULL in the tasklet.
If it is NULL nothing is to do (no tty attached), otherwise tty_wakeup()
can be called, since we hold a reference to the tty.
This is not nice... but it is a small patch and it works.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2012-11-15 16:33:09 +01:00
..
con3215.c s390/3215: fix tty close handling 2012-11-15 16:33:09 +01:00
con3270.c s390/3270: drop unused spinlock from struct con3270 2012-09-26 15:45:11 +02:00
ctrlchar.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
ctrlchar.h s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
defkeymap.c
defkeymap.map
fs3270.c compat: fix compile breakage on s390 2012-02-27 07:54:27 -08:00
Kconfig [S390] kconfig: remove tape interface support comment 2011-07-24 10:48:00 +02:00
keyboard.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
keyboard.h s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
Makefile [S390] get CPC image name 2011-05-23 10:24:32 +02:00
monreader.c drivers/s390/char/monreader.c: fix error return code 2012-09-26 15:45:26 +02:00
monwriter.c [S390] monwriter: fix return code handling 2011-05-23 10:24:29 +02:00
raw3270.c module_param: make bool parameters really bool (drivers & misc) 2012-01-13 09:32:20 +10:30
raw3270.h [S390] pm: con3270 power management callbacks. 2009-06-16 10:31:20 +02:00
sclp_async.c [S390] sclp_async: Use kstrtoul_from_user 2011-08-03 16:44:20 +02:00
sclp_cmd.c KVM: s390: Perform early event mask processing during boot 2012-06-13 20:53:45 -03:00
sclp_con.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
sclp_config.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
sclp_cpi_sys.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
sclp_cpi_sys.h s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
sclp_cpi.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
sclp_ocf.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
sclp_quiesce.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
sclp_rw.c s390/sclp: use -EOPNOTSUPP instead of -ENOSYS 2012-09-26 15:45:13 +02:00
sclp_rw.h [S390] sclp: fix compile error for !SCLP_CONSOLE 2009-07-07 16:37:50 +02:00
sclp_sdias.c s390/sclp_sdias: Add missing break and "fall through" 2012-08-08 07:32:55 -07:00
sclp_tty.c TTY: use tty_port_link_device 2012-08-13 16:50:19 -07:00
sclp_tty.h s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
sclp_vt220.c TTY: use tty_port_link_device 2012-08-13 16:50:19 -07:00
sclp.c s390/sclp: use -EOPNOTSUPP instead of -ENOSYS 2012-09-26 15:45:13 +02:00
sclp.h KVM: s390: Perform early event mask processing during boot 2012-06-13 20:53:45 -03:00
tape_34xx.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
tape_3590.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
tape_3590.h s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
tape_char.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
tape_class.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
tape_class.h s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
tape_core.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
tape_proc.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
tape_std.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
tape_std.h s390/tape: remove even more tape block leftovers 2012-09-26 15:45:20 +02:00
tape.h s390/tape: remove even more tape block leftovers 2012-09-26 15:45:20 +02:00
tty3270.c TTY: tty3270, add tty install 2012-08-13 16:53:14 -07:00
tty3270.h s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
vmcp.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
vmcp.h s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
vmlogrdr.c s390/vmlogrdr: change return value from -ENOSYS to -EOPNOTSUPP 2012-09-26 15:45:16 +02:00
vmur.c [S390] s390/char/vmur.c: fix memory leak 2012-04-11 14:28:24 +02:00
vmur.h [S390] vmur: Use wait queue instead of mutex to serialize open 2008-04-17 07:46:59 +02:00
vmwatchdog.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
zcore.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00