rpmsg: make sure inflight messages don't invoke just-removed callbacks
authorOhad Ben-Cohen <ohad@wizery.com>
Thu, 7 Jun 2012 12:39:35 +0000 (15:39 +0300)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 16 Jul 2012 16:03:52 +0000 (09:03 -0700)
commit0f9c37b38800c35e83f43949d93bffefff5b43af
treee2f2ffcfe9ea52d693766114268f9925af581a7a
parent735129c4609e98fd149cddda50b823e43bab0677
rpmsg: make sure inflight messages don't invoke just-removed callbacks

commit 15fd943af50dbc5f7f4de33835795c72595f7bf4 upstream.

When inbound messages arrive, rpmsg core looks up their associated
endpoint (by destination address) and then invokes their callback.

We've made sure that endpoints will never be de-allocated after they
were found by rpmsg core, but we also need to protect against the
(rare) scenario where the rpmsg driver was just removed, and its
callback function isn't available anymore.

This is achieved by introducing a callback mutex, which must be taken
before the callback is invoked, and, obviously, before it is removed.

Reported-by: Fernando Guzman Lugo <fernando.lugo@ti.com>
Signed-off-by: Ohad Ben-Cohen <ohad@wizery.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/rpmsg/virtio_rpmsg_bus.c
include/linux/rpmsg.h