| Message ID | 20191212040314.14753-1-d-gerlach@ti.com (mailing list archive) |
|---|---|
| State | Mainlined |
| Commit | 03729cfa0d543bc996bf959e762ec999afc8f3d2 |
| Headers | show |
| Series | soc: ti: wkup_m3_ipc: Fix race condition with rproc_boot | expand |
Hi, * Dave Gerlach <d-gerlach@ti.com> [191211 20:02]: > Any user of wkup_m3_ipc calls wkup_m3_ipc_get to get a handle and this > checks the value of the static variable m3_ipc_state to see if the > wkup_m3 is ready. Currently this is populated during probe before > rproc_boot has been called, meaning there is a window of time that > wkup_m3_ipc_get can return a valid handle but the wkup_m3 itself is not > ready, leading to invalid IPC calls to the wkup_m3 and system > instability. > > To avoid this, move the population of the m3_ipc_state variable until > after rproc_boot has succeeded to guarantee a valid and usable handle > is always returned. Santosh, do you want me to pick this one into my fixes branch? Regards, Tony > Reported-by: Suman Anna <s-anna@ti.com> > Signed-off-by: Dave Gerlach <d-gerlach@ti.com> > --- > drivers/soc/ti/wkup_m3_ipc.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/drivers/soc/ti/wkup_m3_ipc.c b/drivers/soc/ti/wkup_m3_ipc.c > index 378369d9364a..e9ece45d7a33 100644 > --- a/drivers/soc/ti/wkup_m3_ipc.c > +++ b/drivers/soc/ti/wkup_m3_ipc.c > @@ -419,6 +419,8 @@ static void wkup_m3_rproc_boot_thread(struct wkup_m3_ipc *m3_ipc) > ret = rproc_boot(m3_ipc->rproc); > if (ret) > dev_err(dev, "rproc_boot failed\n"); > + else > + m3_ipc_state = m3_ipc; > > do_exit(0); > } > @@ -505,8 +507,6 @@ static int wkup_m3_ipc_probe(struct platform_device *pdev) > goto err_put_rproc; > } > > - m3_ipc_state = m3_ipc; > - > return 0; > > err_put_rproc: > -- > 2.20.1 >
On 12/17/19 10:25 AM, Tony Lindgren wrote: > Hi, > > * Dave Gerlach <d-gerlach@ti.com> [191211 20:02]: >> Any user of wkup_m3_ipc calls wkup_m3_ipc_get to get a handle and this >> checks the value of the static variable m3_ipc_state to see if the >> wkup_m3 is ready. Currently this is populated during probe before >> rproc_boot has been called, meaning there is a window of time that >> wkup_m3_ipc_get can return a valid handle but the wkup_m3 itself is not >> ready, leading to invalid IPC calls to the wkup_m3 and system >> instability. >> >> To avoid this, move the population of the m3_ipc_state variable until >> after rproc_boot has succeeded to guarantee a valid and usable handle >> is always returned. > > Santosh, do you want me to pick this one into my fixes branch? > Sure, go ahead. Acked-by: Santosh Shilimkar <ssantosh@kernel.org>
* santosh.shilimkar@oracle.com <santosh.shilimkar@oracle.com> [191217 18:33]: > On 12/17/19 10:25 AM, Tony Lindgren wrote: > > Hi, > > > > * Dave Gerlach <d-gerlach@ti.com> [191211 20:02]: > > > Any user of wkup_m3_ipc calls wkup_m3_ipc_get to get a handle and this > > > checks the value of the static variable m3_ipc_state to see if the > > > wkup_m3 is ready. Currently this is populated during probe before > > > rproc_boot has been called, meaning there is a window of time that > > > wkup_m3_ipc_get can return a valid handle but the wkup_m3 itself is not > > > ready, leading to invalid IPC calls to the wkup_m3 and system > > > instability. > > > > > > To avoid this, move the population of the m3_ipc_state variable until > > > after rproc_boot has succeeded to guarantee a valid and usable handle > > > is always returned. > > > > Santosh, do you want me to pick this one into my fixes branch? > > > Sure, go ahead. > > Acked-by: Santosh Shilimkar <ssantosh@kernel.org> OK thanks applying into fixes. Tony
diff --git a/drivers/soc/ti/wkup_m3_ipc.c b/drivers/soc/ti/wkup_m3_ipc.c index 378369d9364a..e9ece45d7a33 100644 --- a/drivers/soc/ti/wkup_m3_ipc.c +++ b/drivers/soc/ti/wkup_m3_ipc.c @@ -419,6 +419,8 @@ static void wkup_m3_rproc_boot_thread(struct wkup_m3_ipc *m3_ipc) ret = rproc_boot(m3_ipc->rproc); if (ret) dev_err(dev, "rproc_boot failed\n"); + else + m3_ipc_state = m3_ipc; do_exit(0); } @@ -505,8 +507,6 @@ static int wkup_m3_ipc_probe(struct platform_device *pdev) goto err_put_rproc; } - m3_ipc_state = m3_ipc; - return 0; err_put_rproc:
Any user of wkup_m3_ipc calls wkup_m3_ipc_get to get a handle and this checks the value of the static variable m3_ipc_state to see if the wkup_m3 is ready. Currently this is populated during probe before rproc_boot has been called, meaning there is a window of time that wkup_m3_ipc_get can return a valid handle but the wkup_m3 itself is not ready, leading to invalid IPC calls to the wkup_m3 and system instability. To avoid this, move the population of the m3_ipc_state variable until after rproc_boot has succeeded to guarantee a valid and usable handle is always returned. Reported-by: Suman Anna <s-anna@ti.com> Signed-off-by: Dave Gerlach <d-gerlach@ti.com> --- drivers/soc/ti/wkup_m3_ipc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)