From a39e761aa4fefa2a8aaf549217329933b91da7c9 Mon Sep 17 00:00:00 2001 From: Jérôme Pouiller Date: Wed, 1 Apr 2020 13:04:03 +0200 Subject: staging: wfx: fix potential deadlock in wfx_tx_flush() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit wfx_tx_flush() wait there are no more frame in device buffer. However, this event may never happens since wfx_tx_flush() don't forbid to enqueue new frames. Note that wfx_tx_flush() should only ensure that all frames currently in hardware queues are sent. So the current code is more restrictive that it should. Note that wfx_tx_flush() release the lock before to return while wfx_tx_lock_flush() keep the lock. Reviewed-by: Dan Carpenter Signed-off-by: Jérôme Pouiller Link: https://lore.kernel.org/r/20200401110405.80282-31-Jerome.Pouiller@silabs.com Signed-off-by: Greg Kroah-Hartman --- drivers/staging/wfx/queue.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'drivers') diff --git a/drivers/staging/wfx/queue.c b/drivers/staging/wfx/queue.c index d4302a30dc41..e6d7d0e45156 100644 --- a/drivers/staging/wfx/queue.c +++ b/drivers/staging/wfx/queue.c @@ -36,6 +36,7 @@ void wfx_tx_flush(struct wfx_dev *wdev) if (wdev->chip_frozen) return; + wfx_tx_lock(wdev); mutex_lock(&wdev->hif_cmd.lock); ret = wait_event_timeout(wdev->hif.tx_buffers_empty, !wdev->hif.tx_buffers_used, @@ -54,6 +55,7 @@ void wfx_tx_flush(struct wfx_dev *wdev) wdev->chip_frozen = 1; } mutex_unlock(&wdev->hif_cmd.lock); + wfx_tx_unlock(wdev); } void wfx_tx_lock_flush(struct wfx_dev *wdev) -- cgit v1.2.3