Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6969f296 authored by Zhen Kong's avatar Zhen Kong
Browse files

qseecom: Improve listener processing related to QSEE Reentrancy 



In __qseecom_reentrancy_process_incomplete_cmd(), qseecom.send_resp_flag
should be reset to 0 after getting listener resp; otherwise, a new
listener request thread may be awaken up before the new listener
sent response.

Besides, remove global app_access_lock for QSEECOM_IOCTL_SEND_MODFD_RESP
processing; this is because ioctl command QSEECOM_IOCTL_SEND_MODFD_RESP
does not send cmd to TZ or access tz app. Thus, when this mutex is
already hold by the thread requesting Secure-UI listener service, a
deadlock would happen when if QSEECOM_IOCTL_SEND_MODFD_RESP tries to
grab this mutex.

Change-Id: I81de1b853a29c5c8050b8cfdbf9bdca13ab3461d
Signed-off-by: default avatarZhen Kong <zkong@codeaurora.org>
parent 9fffca4f

drivers/misc/qseecom.c

+1 −3
Original line number Diff line number Diff line
@@ -1520,6 +1520,7 @@ static int __qseecom_reentrancy_process_incomplete_cmd( 
		/* lock mutex again after resp sent */

		mutex_lock(&app_access_lock);

		ptr_svc->send_resp_flag = 0;

		qseecom.send_resp_flag = 0;



		/* restore signal mask */

		sigprocmask(SIG_SETMASK, &old_sigset, NULL);
@@ -6363,8 +6364,6 @@ long qseecom_ioctl(struct file *file, unsigned cmd, unsigned long arg) 
			ret = -EINVAL;

			break;

		}

		/* Only one client allowed here at a time */

		mutex_lock(&app_access_lock);

		atomic_inc(&data->ioctl_count);

		if (cmd == QSEECOM_IOCTL_SEND_MODFD_RESP)

			ret = qseecom_send_modfd_resp(data, argp);
@@ -6372,7 +6371,6 @@ long qseecom_ioctl(struct file *file, unsigned cmd, unsigned long arg) 
			ret = qseecom_send_modfd_resp_64(data, argp);

		atomic_dec(&data->ioctl_count);

		wake_up_all(&data->abort_wq);

		mutex_unlock(&app_access_lock);

		if (ret)

			pr_err("failed qseecom_send_mod_resp: %d\n", ret);

		break;