首页 发现 帮助
登录
samsung-sm8650
/
android_kernel_samsung_sm8650-modules
2
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
浏览代码

smcinvoke: Fix mutex lock and unlock

Acquire lock before delete_cb_txn_locked.
This API expects the lock is aquired before calling it
release the lock afterwards.

Also rename the api with_locked to state that api
needs to be called on locked mutex.

Change-Id: I6384ff60004da90b46904823e399c62c55ea4273
Bruce Levy 2 年之前
父节点
c1203ba9a0
当前提交
995c3731b7
共有 1 个文件被更改,包括 9 次插入5 次删除
分列视图 显示文件统计
  1. 9 5
      smcinvoke/smcinvoke.c

+ 9 - 5
smcinvoke/smcinvoke.c
查看文件 

@@ -548,7 +548,7 @@ static void release_tzhandles(const int32_t *tzhandles, size_t len)
 
 	mutex_unlock(&g_smcinvoke_lock);
 
 }
 
 
-static void delete_cb_txn(struct kref *kref)
 
+static void delete_cb_txn_locked(struct kref *kref)
 
 {
 
 	struct smcinvoke_cb_txn *cb_txn = container_of(kref,
 
 			struct smcinvoke_cb_txn, ref_cnt);
 
@@ -1226,7 +1226,7 @@ out:
 
 			cb_req->hdr.counts, cb_reqs_inflight);
 
 
 	memcpy(buf, cb_req, buf_len);
 
-	kref_put(&cb_txn->ref_cnt, delete_cb_txn);
 
+	kref_put(&cb_txn->ref_cnt, delete_cb_txn_locked);
 
 	if (srvr_info)
 
 		kref_put(&srvr_info->ref_cnt, destroy_cb_server);
 
 	mutex_unlock(&g_smcinvoke_lock);
 
@@ -1846,7 +1846,9 @@ static long process_accept_req(struct file *filp, unsigned int cmd,
 
 			cb_txn->cb_req->result = OBJECT_ERROR_UNAVAIL;
 
 
 		cb_txn->state = SMCINVOKE_REQ_PROCESSED;
 
-		kref_put(&cb_txn->ref_cnt, delete_cb_txn);
 
+		mutex_lock(&g_smcinvoke_lock);
 
+		kref_put(&cb_txn->ref_cnt, delete_cb_txn_locked);
 
+		mutex_unlock(&g_smcinvoke_lock);
 
 		wake_up(&server_info->rsp_wait_q);
 
 		/*
 
 		 * if marshal_out fails, we should let userspace release
 
@@ -1890,14 +1892,16 @@ static long process_accept_req(struct file *filp, unsigned int cmd,
 
 				pr_err("failed to marshal in the callback request\n");
 
 				cb_txn->cb_req->result = OBJECT_ERROR_UNAVAIL;
 
 				cb_txn->state = SMCINVOKE_REQ_PROCESSED;
 
-				kref_put(&cb_txn->ref_cnt, delete_cb_txn);
 
+				mutex_lock(&g_smcinvoke_lock);
 
+				kref_put(&cb_txn->ref_cnt, delete_cb_txn_locked);
 
+				mutex_unlock(&g_smcinvoke_lock);
 
 				wake_up_interruptible(&server_info->rsp_wait_q);
 
 				continue;
 
 			}
 
 			mutex_lock(&g_smcinvoke_lock);
 
 			hash_add(server_info->responses_table, &cb_txn->hash,
 
 					cb_txn->txn_id);
 
-			kref_put(&cb_txn->ref_cnt, delete_cb_txn);
 
+			kref_put(&cb_txn->ref_cnt, delete_cb_txn_locked);
 
 			mutex_unlock(&g_smcinvoke_lock);
 
 
 			trace_process_accept_req_placed(current->pid, current->tgid);