coresight-remote-etm: Adds missing lock to avoid race condition
We take a lock of drvdata->mutex and further wait on a lock 'drvdata->handle->handle_lock' in below path remote_etm_disable => qmi_send_req_wait => qmi_encode_and_send_req So, it is possible that while we wait on a handle lock in above mentioned path The handle itself gets destroyed via below path remote_etm_svc_exit => qmi_handle_destroy and the handle is not valid anymore. This patch adds lock drvdata->mutex at number of possible cases. CRs-Fixed: 2045013 Change-Id: I4a5110630b78e551bab1b4f454d23aacd599c000 Signed-off-by: Mukesh Ojha <mojha@codeaurora.org>
This commit is contained in:
Mukesh Ojha
parent
9b3e8a81dc
commit
9021973bac
1 changed files with 7 additions and 4 deletions
|
|
@ -1,4 +1,4 @@
|
|||
/* Copyright (c) 2013-2016, The Linux Foundation. All rights reserved.
|
||||
/* Copyright (c) 2013-2017, The Linux Foundation. All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License version 2 and
|
||||
|
|
@ -186,10 +186,12 @@ static void remote_etm_rcv_msg(struct work_struct *work)
|
|||
struct remote_etm_drvdata *drvdata = container_of(work,
|
||||
struct remote_etm_drvdata,
|
||||
work_rcv_msg);
|
||||
|
||||
mutex_lock(&drvdata->mutex);
|
||||
if (qmi_recv_msg(drvdata->handle) < 0)
|
||||
dev_err(drvdata->dev, "%s: Error receiving QMI message\n",
|
||||
__func__);
|
||||
|
||||
mutex_unlock(&drvdata->mutex);
|
||||
}
|
||||
|
||||
static void remote_etm_notify(struct qmi_handle *handle,
|
||||
|
|
@ -227,6 +229,7 @@ static void remote_etm_svc_arrive(struct work_struct *work)
|
|||
return;
|
||||
}
|
||||
|
||||
mutex_lock(&drvdata->mutex);
|
||||
if (qmi_connect_to_service(drvdata->handle, CORESIGHT_QMI_SVC_ID,
|
||||
CORESIGHT_QMI_VERSION,
|
||||
drvdata->inst_id) < 0) {
|
||||
|
|
@ -236,7 +239,6 @@ static void remote_etm_svc_arrive(struct work_struct *work)
|
|||
drvdata->handle = NULL;
|
||||
}
|
||||
|
||||
mutex_lock(&drvdata->mutex);
|
||||
if (drvdata->inst_id < sizeof(int)*BITS_PER_BYTE
|
||||
&& (boot_enable & BIT(drvdata->inst_id))) {
|
||||
if (!drvdata->enable)
|
||||
|
|
@ -251,9 +253,10 @@ static void remote_etm_svc_exit(struct work_struct *work)
|
|||
struct remote_etm_drvdata *drvdata = container_of(work,
|
||||
struct remote_etm_drvdata,
|
||||
work_svc_exit);
|
||||
|
||||
mutex_lock(&drvdata->mutex);
|
||||
qmi_handle_destroy(drvdata->handle);
|
||||
drvdata->handle = NULL;
|
||||
mutex_unlock(&drvdata->mutex);
|
||||
}
|
||||
|
||||
static int remote_etm_svc_event_notify(struct notifier_block *this,
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue