From 652c891263b4334cf7278d08b122f788c3b2047c Mon Sep 17 00:00:00 2001
From: Krupal Divvela <kdivvela@codeaurora.org>
Date: Thu, 18 May 2017 18:08:14 +0530
Subject: [PATCH] msm: camera: Use mutex lock to avoid race condition

Use mutex lock before using queuing ioctls like
queuing, dequeing buffers to avoid race condition.

CRs-Fixed: 2038086
Change-Id: Ia9fdfd5a766add2f8d99003b0c2bfe7d34d57a09
Signed-off-by: Krupal Divvela <kdivvela@codeaurora.org>
Signed-off-by: annamraj <annamraj@codeaurora.org>
Signed-off-by: VijayaKumar T M <vtmuni@codeaurora.org>
---
 .../platform/msm/camera_v2/fd/msm_fd_dev.c    | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/drivers/media/platform/msm/camera_v2/fd/msm_fd_dev.c b/drivers/media/platform/msm/camera_v2/fd/msm_fd_dev.c
index c5f5a12d08eb..a04d7ca73fe1 100644
--- a/drivers/media/platform/msm/camera_v2/fd/msm_fd_dev.c
+++ b/drivers/media/platform/msm/camera_v2/fd/msm_fd_dev.c
@@ -749,9 +749,13 @@ static int msm_fd_s_fmt_vid_out(struct file *file,
 static int msm_fd_reqbufs(struct file *file,
 	void *fh, struct v4l2_requestbuffers *req)
 {
+	int ret;
 	struct fd_ctx *ctx = msm_fd_ctx_from_fh(fh);
 
-	return vb2_reqbufs(&ctx->vb2_q, req);
+	mutex_lock(&ctx->fd_device->recovery_lock);
+	ret = vb2_reqbufs(&ctx->vb2_q, req);
+	mutex_unlock(&ctx->fd_device->recovery_lock);
+	return ret;
 }
 
 /*
@@ -763,9 +767,14 @@ static int msm_fd_reqbufs(struct file *file,
 static int msm_fd_qbuf(struct file *file, void *fh,
 	struct v4l2_buffer *pb)
 {
+	int ret;
 	struct fd_ctx *ctx = msm_fd_ctx_from_fh(fh);
 
-	return vb2_qbuf(&ctx->vb2_q, pb);
+	mutex_lock(&ctx->fd_device->recovery_lock);
+	ret = vb2_qbuf(&ctx->vb2_q, pb);
+	mutex_unlock(&ctx->fd_device->recovery_lock);
+	return ret;
+
 }
 
 /*
@@ -777,9 +786,13 @@ static int msm_fd_qbuf(struct file *file, void *fh,
 static int msm_fd_dqbuf(struct file *file,
 	void *fh, struct v4l2_buffer *pb)
 {
+	int ret;
 	struct fd_ctx *ctx = msm_fd_ctx_from_fh(fh);
 
-	return vb2_dqbuf(&ctx->vb2_q, pb, file->f_flags & O_NONBLOCK);
+	mutex_lock(&ctx->fd_device->recovery_lock);
+	ret = vb2_dqbuf(&ctx->vb2_q, pb, file->f_flags & O_NONBLOCK);
+	mutex_unlock(&ctx->fd_device->recovery_lock);
+	return ret;
 }
 
 /*