Re: [PATCH v7 2/5] misc: fastrpc: Remove buffer from list prior to unmap operation

Next message: AngeloGioacchino Del Regno: "Re: [PATCH RESEND v8 00/10] SPMI: Implement sub-devices and migrate drivers"
Previous message: Dmitry Baryshkov: "Re: [PATCH v7 1/5] misc: fastrpc: Fix initial memory allocation for Audio PD memory pool"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Dmitry Baryshkov

Date: Mon Jun 08 2026 - 02:07:20 EST

On Tue, Jun 02, 2026 at 03:17:47PM +0800, Jianping Li wrote:
> From: Ekansh Gupta <ekansh.gupta@xxxxxxxxxxxxxxxx>
>
> fastrpc_req_munmap_impl() is called to unmap any buffer. The buffer is
> getting removed from the list after it is unmapped from DSP. This can
> create potential race conditions if multiple threads invoke unmap
> concurrently, where one thread may remove the entry from the list while
> another thread's unmap operation is still ongoing.
>
> Fix this by removing the buffer entry from the list before calling the
> unmap operation. If the unmap fails, the entry is re-added to the list
> so that userspace can retry the unmap, or alternatively, the buffer
> will be cleaned up during device release when the DSP process is torn
> down and all DSP-side mappings are freed along with remaining buffers
> in the list.
>
> Fixes: 2419e55e532de ("misc: fastrpc: add mmap/unmap support")
> Cc: stable@xxxxxxxxxx
> Signed-off-by: Ekansh Gupta <ekansh.gupta@xxxxxxxxxxxxxxxx>
> Signed-off-by: Jianping Li <jianping.li@xxxxxxxxxxxxxxxx>
> ---
> drivers/misc/fastrpc.c | 14 ++++++++++----
> 1 file changed, 10 insertions(+), 4 deletions(-)
>

Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov@xxxxxxxxxxxxxxxx>

--
With best wishes
Dmitry