From 5fcc28c7a90fc3f4ebc16a3697f14c9c668dda62 Mon Sep 17 00:00:00 2001 From: Mikael Olsson Date: Tue, 16 May 2023 16:53:09 +0200 Subject: Fix shared state race in mailbox message handling When IOCTL calls are handled and when sending messages to the mailbox, the device mutex is locked. However, when received mailbox messages are handled, the mutex is not locked so there are possible concurrent access races in shared states e.g. an inference's status may be updated while another IOCTL caller is reading it. To avoid these races, the mutex is now locked while messages received from the mailbox are handled. Change-Id: I4d51da542410ab02fb0f890c939269c642176b2c --- kernel/ethosu_device.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/kernel/ethosu_device.c b/kernel/ethosu_device.c index 002e934..e1dde65 100644 --- a/kernel/ethosu_device.c +++ b/kernel/ethosu_device.c @@ -81,6 +81,8 @@ static int ethosu_handle_rpmsg(struct rpmsg_device *rpdev, return -EBADMSG; } + device_lock(dev); + dev_info(dev, "Msg: magic=0x%08x, type=%u, msg_id=%llu", rpmsg->header.magic, rpmsg->header.type, rpmsg->header.msg_id); @@ -218,6 +220,8 @@ static int ethosu_handle_rpmsg(struct rpmsg_device *rpdev, break; } + device_unlock(dev); + return ret; } -- cgit v1.2.1