Searched hist:"3 d02add2d4cb107f5bd5979933cda5906d1ccfc7" (Results 1 – 1 of 1) sorted by relevance
| /optee_os/core/arch/arm/mm/ |
| H A D | mobj_ffa.c | 3d02add2d4cb107f5bd5979933cda5906d1ccfc7 Tue Jan 11 18:38:54 UTC 2022 Jens Wiklander <jens.wiklander@linaro.org> core: fix race in ffa_inc_map()
Fixes a race in ffa_inc_map() when mapcount is 0. The problem goes like:
Thread 1 and 2 calls ffa_inc_map() at the same time and mapcount is 0.
Thread 1 takes the lock first and initializes mapcount to 1 and map the
mobj etc.
When thread 2 has the lock it discovers that mapcount has been
initialize while it was waiting for the lock.
Prior to this patch we where exiting the function doing nothing more
since the mobj was mapped, but by doing so we'll miss to increase
mapcount.
Fix this by restarting the call to refcount_inc() using a loop.
Fixes: 73e1d3f398b0 ("core: add mobj_ffa")
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|