mirror of https://github.com/hak5/openwrt.git
net: ar8216: hold ar8xxx_dev_list_lock during use_count--
Import from c3fd96a7b8
%5E%21/#F0
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
CHROMIUM: drivers: ar8216: hold ar8xxx_dev_list_lock during use_count--
It is possible for the remove() callback to run twice in parallel, which
could result into --use_count returning only 1 in both cases and the
rest of the unregistration path to never be reached.
This case has never been observed in practice, but we will fix
preventively to make the code more robust.
BUG=chrome-os-partner:33096
TEST=none
Change-Id: If09abe27fdb2037f514f8674418bafaab3cbdef6
Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
Reviewed-on: https://chromium-review.googlesource.com/232870
Reviewed-by: Matthias Kaehlcke <mka@chromium.org>
Reviewed-by: Toshi Kikuchi <toshik@chromium.org>
Tested-by: Toshi Kikuchi <toshik@chromium.org>
lede-17.01
parent
65b20d8b64
commit
eb049d3777
|
@ -2241,10 +2241,14 @@ ar8xxx_phy_remove(struct phy_device *phydev)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
phydev->priv = NULL;
|
phydev->priv = NULL;
|
||||||
if (--priv->use_count > 0)
|
|
||||||
return;
|
|
||||||
|
|
||||||
mutex_lock(&ar8xxx_dev_list_lock);
|
mutex_lock(&ar8xxx_dev_list_lock);
|
||||||
|
|
||||||
|
if (--priv->use_count > 0) {
|
||||||
|
mutex_unlock(&ar8xxx_dev_list_lock);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
list_del(&priv->list);
|
list_del(&priv->list);
|
||||||
mutex_unlock(&ar8xxx_dev_list_lock);
|
mutex_unlock(&ar8xxx_dev_list_lock);
|
||||||
|
|
||||||
|
@ -2294,4 +2298,3 @@ ar8xxx_exit(void)
|
||||||
module_init(ar8xxx_init);
|
module_init(ar8xxx_init);
|
||||||
module_exit(ar8xxx_exit);
|
module_exit(ar8xxx_exit);
|
||||||
MODULE_LICENSE("GPL");
|
MODULE_LICENSE("GPL");
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue