Re: [PATCH] soc: ti: wkup_m3_ipc: Fix race condition with rproc_boot
From: Tony Lindgren
Date: Tue Dec 17 2019 - 13:25:38 EST
Hi,
* Dave Gerlach <d-gerlach@xxxxxx> [191211 20:02]:
> Any user of wkup_m3_ipc calls wkup_m3_ipc_get to get a handle and this
> checks the value of the static variable m3_ipc_state to see if the
> wkup_m3 is ready. Currently this is populated during probe before
> rproc_boot has been called, meaning there is a window of time that
> wkup_m3_ipc_get can return a valid handle but the wkup_m3 itself is not
> ready, leading to invalid IPC calls to the wkup_m3 and system
> instability.
>
> To avoid this, move the population of the m3_ipc_state variable until
> after rproc_boot has succeeded to guarantee a valid and usable handle
> is always returned.
Santosh, do you want me to pick this one into my fixes branch?
Regards,
Tony
> Reported-by: Suman Anna <s-anna@xxxxxx>
> Signed-off-by: Dave Gerlach <d-gerlach@xxxxxx>
> ---
> drivers/soc/ti/wkup_m3_ipc.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/soc/ti/wkup_m3_ipc.c b/drivers/soc/ti/wkup_m3_ipc.c
> index 378369d9364a..e9ece45d7a33 100644
> --- a/drivers/soc/ti/wkup_m3_ipc.c
> +++ b/drivers/soc/ti/wkup_m3_ipc.c
> @@ -419,6 +419,8 @@ static void wkup_m3_rproc_boot_thread(struct wkup_m3_ipc *m3_ipc)
> ret = rproc_boot(m3_ipc->rproc);
> if (ret)
> dev_err(dev, "rproc_boot failed\n");
> + else
> + m3_ipc_state = m3_ipc;
>
> do_exit(0);
> }
> @@ -505,8 +507,6 @@ static int wkup_m3_ipc_probe(struct platform_device *pdev)
> goto err_put_rproc;
> }
>
> - m3_ipc_state = m3_ipc;
> -
> return 0;
>
> err_put_rproc:
> --
> 2.20.1
>