commit c2d097d9ec43926803d2a8c88fa144ceed5f7d29
author Peter Hurley <peter@hurleysoftware.com> Sat Jun 15 07:28:30 2013 -0400
committer Syed Rameez Mustafa <rameezmustafa@codeaurora.org> Fri Sep 20 18:43:21 2013 -0700
tree 31378071fe62094ca01a3b66a308176341e34878
parent 3b8c55fee304a0b043ec655b4d3e373594865621

n_tty: Fix unsafe update of available buffer space

receive_room is used to control the amount of data the flip
buffer work can push to the read buffer. This update is unsafe:

  CPU 0                        |  CPU 1
                               |
                               | n_tty_read()
                               |   n_tty_set_room()
                               |     left = <calc of space>
n_tty_receive_buf()            |
  <push data to buffer>        |
  n_tty_set_room()             |
    left = <calc of space>     |
    tty->receive_room = left   |
                               |     tty->receive_room = left

receive_room is now updated with a stale calculation of the
available buffer space, and the subsequent work loop will likely
overwrite unread data in the input buffer.

Update receive_room atomically with the calculation of the
available buffer space.

Change-Id: Ib1882184c2e7561ddfc3b14eb560f28f4c857285
Signed-off-by: Peter Hurley <peter@hurleysoftware.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Git-commit: b84830527645dfe7b7a5cc03518e3c791b4ee9e0
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
[rameezmustafa@codeaurora.org: use tty->read_lock instead of ldata->read_lock]
Signed-off-by: Syed Rameez Mustafa <rameezmustafa@codeaurora.org>