tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

mei: allow map and unmap of client dma buffer only for disconnected client

Allow map and unmap of the client dma buffer only when the client is not
connected. The functions return -EPROTO if the client is already connected.
This is to fix the race when traffic may start or stop when buffer
is not available.

Cc: <stable@vger.kernel.org> #v5.11+
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Link: https://lore.kernel.org/r/20210318055959.305627-1-tomas.winkler@intel.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

authored by

Tomas Winkler and committed by
Greg Kroah-Hartman ce068bc7 903079a5

+7 -10
+7 -10
drivers/misc/mei/client.c
··· 2286 2286 if (buffer_id == 0) 2287 2287 return -EINVAL; 2288 2288 2289 - if (!mei_cl_is_connected(cl)) 2290 - return -ENODEV; 2289 + if (mei_cl_is_connected(cl)) 2290 + return -EPROTO; 2291 2291 2292 2292 if (cl->dma_mapped) 2293 2293 return -EPROTO; ··· 2327 2327 2328 2328 mutex_unlock(&dev->device_lock); 2329 2329 wait_event_timeout(cl->wait, 2330 - cl->dma_mapped || 2331 - cl->status || 2332 - !mei_cl_is_connected(cl), 2330 + cl->dma_mapped || cl->status, 2333 2331 mei_secs_to_jiffies(MEI_CL_CONNECT_TIMEOUT)); 2334 2332 mutex_lock(&dev->device_lock); 2335 2333 ··· 2374 2376 return -EOPNOTSUPP; 2375 2377 } 2376 2378 2377 - if (!mei_cl_is_connected(cl)) 2378 - return -ENODEV; 2379 + /* do not allow unmap for connected client */ 2380 + if (mei_cl_is_connected(cl)) 2381 + return -EPROTO; 2379 2382 2380 2383 if (!cl->dma_mapped) 2381 2384 return -EPROTO; ··· 2404 2405 2405 2406 mutex_unlock(&dev->device_lock); 2406 2407 wait_event_timeout(cl->wait, 2407 - !cl->dma_mapped || 2408 - cl->status || 2409 - !mei_cl_is_connected(cl), 2408 + !cl->dma_mapped || cl->status, 2410 2409 mei_secs_to_jiffies(MEI_CL_CONNECT_TIMEOUT)); 2411 2410 mutex_lock(&dev->device_lock); 2412 2411