V4L/DVB (5020): Fix: disable interrupts while at KM_BOUNCE_READ

vivi.c uses the KM_BOUNCE_READ with local interrupts enabled.
This means that if a disk interrupt occurs while vivi.c is using this
fixmap slot, the vivi.c driver will, upon return from that interrupt, find
that the fixmap slot now points at a different physical page.
The net result will probably be rare corruption of disk file contents,
because viv.c will now be altering the page which the disk code was
recently using.

Thanks to Andrew Morton for pointing this.
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>

diff --git a/drivers/media/video/vivi.c b/drivers/media/video/vivi.c
index bacb311b4f24b6d6f645ac716d3ffc1be37902a3..d4cf5566673149b0708aff82bf42599fa55cc6cb 100644 (file)
--- a/drivers/media/video/vivi.c
+++ b/drivers/media/video/vivi.c
@@ -270,10 +270,15 @@ static void gen_line(struct sg_to_addr to_addr[],int inipos,int pages,int wmax,
        char *p,*s,*basep;
        struct page *pg;
        u8   chr,r,g,b,color;
+       unsigned long flags;
+       spinlock_t spinlock;
+
+       spin_lock_init(&spinlock);
 
        /* Get first addr pointed to pixel position */
        oldpg=get_addr_pos(pos,pages,to_addr);
        pg=pfn_to_page(sg_dma_address(to_addr[oldpg].sg) >> PAGE_SHIFT);
+       spin_lock_irqsave(&spinlock,flags);
        basep = kmap_atomic(pg, KM_BOUNCE_READ)+to_addr[oldpg].sg->offset;
 
        /* We will just duplicate the second pixel at the packet */
@@ -376,6 +381,8 @@ static void gen_line(struct sg_to_addr to_addr[],int inipos,int pages,int wmax,
 
 end:
        kunmap_atomic(basep, KM_BOUNCE_READ);
+       spin_unlock_irqrestore(&spinlock,flags);
+
 }
 static void vivi_fillbuff(struct vivi_dev *dev,struct vivi_buffer *buf)
 {