From 859d283fd8e24e171a837ae43bd39c818658ea3a Mon Sep 17 00:00:00 2001 From: Raghavendar rao l Date: Mon, 14 Mar 2022 20:19:10 +0530 Subject: [PATCH] msm: ipa3: Handle race condition to avoid NULL access Updated change to avoid race condition and NULL pointer access, In case of SSR and ioctl call while performing QMI transaction. Change-Id: I09dbf33d76a3a0d9e4917e62aaf1257a1abe2db9 Signed-off-by: Raghavendar rao l --- .../platform/msm/ipa/ipa_v3/ipa_qmi_service.c | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/drivers/platform/msm/ipa/ipa_v3/ipa_qmi_service.c b/drivers/platform/msm/ipa/ipa_v3/ipa_qmi_service.c index df82a93565..79bd5de0a7 100644 --- a/drivers/platform/msm/ipa/ipa_v3/ipa_qmi_service.c +++ b/drivers/platform/msm/ipa/ipa_v3/ipa_qmi_service.c @@ -547,16 +547,22 @@ static int ipa3_qmi_send_req_wait(struct qmi_handle *client_handle, struct qmi_txn txn; int ret; - if (!client_handle) + mutex_lock(&ipa3_qmi_lock); + + if (!client_handle) { + + mutex_unlock(&ipa3_qmi_lock); return -EINVAL; + } + ret = qmi_txn_init(client_handle, &txn, resp_desc->ei_array, resp); if (ret < 0) { IPAWANERR("QMI txn init failed, ret= %d\n", ret); + mutex_unlock(&ipa3_qmi_lock); return ret; } - mutex_lock(&ipa3_qmi_lock); ret = qmi_send_request(client_handle, &ipa3_qmi_ctx->server_sq, &txn, @@ -565,19 +571,16 @@ static int ipa3_qmi_send_req_wait(struct qmi_handle *client_handle, req_desc->ei_array, req); - if (unlikely(!ipa_q6_clnt)) { - mutex_unlock(&ipa3_qmi_lock); - return -EINVAL; - } - mutex_unlock(&ipa3_qmi_lock); if (ret < 0) { qmi_txn_cancel(&txn); + mutex_unlock(&ipa3_qmi_lock); return ret; } - ret = qmi_txn_wait(&txn, msecs_to_jiffies(timeout_ms)); + ret = qmi_txn_wait(&txn, msecs_to_jiffies(timeout_ms)); + mutex_unlock(&ipa3_qmi_lock); return ret; }