Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit bc856c7c authored by Yong Ding's avatar Yong Ding
Browse files

soc: qcom: hab: add rx queue empty check after getting the lock 



Need to do empty check again when we have the lock of the rx queue of
a given virtual channel. Without this check, it is possible that the
list head of the queue will be wrongly taken as a valid message node
if the valid message has already been fetched by some other thread.

Change-Id: I65f73acd86fe2fb709e2af2ffeaa42581b4168ca
Signed-off-by: default avatarYong Ding <yongding@codeaurora.org>
parent 85edf1b9

drivers/soc/qcom/hab/hab_msg.c

+10 −4
Original line number Diff line number Diff line
@@ -64,9 +64,14 @@ hab_msg_dequeue(struct virtual_channel *vchan, struct hab_message **msg, 
		}

	}



	/* return all the received messages before the remote close */

	if ((!ret || (ret == -ERESTARTSYS)) && !hab_rx_queue_empty(vchan)) {

	/*

	 * return all the received messages before the remote close,

	 * and need empty check again in case the list is empty now due to

	 * dequeue by other threads

	 */

	spin_lock_bh(&vchan->rx_lock);



	if ((!ret || (ret == -ERESTARTSYS)) && !list_empty(&vchan->rx_list)) {

		message = list_first_entry(&vchan->rx_list,

				struct hab_message, node);

		if (message) {
@@ -84,11 +89,12 @@ hab_msg_dequeue(struct virtual_channel *vchan, struct hab_message **msg, 
				ret = -EOVERFLOW; /* come back again */

			}

		}

		spin_unlock_bh(&vchan->rx_lock);

	} else

		/* no message received, retain the original status */

		*rsize = 0;



	spin_unlock_bh(&vchan->rx_lock);



	*msg = message;

	return ret;

}