Message ID | 20240822164815.230167-1-krzysztof.kozlowski@linaro.org |
---|---|
State | Superseded |
Headers | show |
Series | [v2,1/2] soc: qcom: pmic_glink: fix scope of __pmic_glink_lock in pmic_glink_rpmsg_probe() | expand |
On Thu, 22 Aug 2024 18:48:14 +0200, Krzysztof Kozlowski wrote: > File-scope "__pmic_glink_lock" mutex protects the filke-scope > "__pmic_glink", thus reference to it should be obtained under the lock, > just like pmic_glink_rpmsg_remove() is doing. Otherwise we have a race > during if PMIC GLINK device removal: the pmic_glink_rpmsg_probe() > function could store local reference before mutex in driver removal is > acquired. > > [...] Applied, thanks! [2/2] soc: qcom: pmic_glink: simplify locking with guard() commit: e9f826b0459f1376b9c8beba019b84f9878419c6 Best regards,
diff --git a/drivers/soc/qcom/pmic_glink.c b/drivers/soc/qcom/pmic_glink.c index 9606222993fd..452f30a9354d 100644 --- a/drivers/soc/qcom/pmic_glink.c +++ b/drivers/soc/qcom/pmic_glink.c @@ -217,10 +217,11 @@ static void pmic_glink_pdr_callback(int state, char *svc_path, void *priv) static int pmic_glink_rpmsg_probe(struct rpmsg_device *rpdev) { - struct pmic_glink *pg = __pmic_glink; + struct pmic_glink *pg; int ret = 0; mutex_lock(&__pmic_glink_lock); + pg = __pmic_glink; if (!pg) { ret = dev_err_probe(&rpdev->dev, -ENODEV, "no pmic_glink device to attach to\n"); goto out_unlock;
File-scope "__pmic_glink_lock" mutex protects the filke-scope "__pmic_glink", thus reference to it should be obtained under the lock, just like pmic_glink_rpmsg_remove() is doing. Otherwise we have a race during if PMIC GLINK device removal: the pmic_glink_rpmsg_probe() function could store local reference before mutex in driver removal is acquired. Fixes: 58ef4ece1e41 ("soc: qcom: pmic_glink: Introduce base PMIC GLINK driver") Cc: <stable@vger.kernel.org> Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> --- Changes in v2: 1. None --- drivers/soc/qcom/pmic_glink.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)