media: v4l: async: Correctly serialise async sub-device unregistration
The check whether an async sub-device is bound to a notifier was performed without list_lock held, making it possible for another process to unbind the async sub-device before the sub-device unregistration function proceeds to take the lock. Fix this by first acquiring the lock and then proceeding with the check. Signed-off-by: Sakari Ailus <sakari.ailus@linux.intel.com> Reviewed-by: Sebastian Reichel <sebastian.reichel@collabora.co.uk> Acked-by: Hans Verkuil <hans.verkuil@cisco.com> Acked-by: Niklas Söderlund <niklas.soderlund+renesas@ragnatech.se> Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
This commit is contained in:
Sakari Ailus
Mauro Carvalho Chehab
parent
fb45f436b8
commit
7fc4fdb9e1
@ -298,20 +298,16 @@ EXPORT_SYMBOL(v4l2_async_register_subdev);
|
||||
|
||||
void v4l2_async_unregister_subdev(struct v4l2_subdev *sd)
|
||||
{
|
||||
struct v4l2_async_notifier *notifier = sd->notifier;
|
||||
|
||||
if (!sd->asd) {
|
||||
if (!list_empty(&sd->async_list))
|
||||
v4l2_async_cleanup(sd);
|
||||
return;
|
||||
}
|
||||
|
||||
mutex_lock(&list_lock);
|
||||
|
||||
list_add(&sd->asd->list, ¬ifier->waiting);
|
||||
if (sd->asd) {
|
||||
struct v4l2_async_notifier *notifier = sd->notifier;
|
||||
|
||||
if (notifier->unbind)
|
||||
notifier->unbind(notifier, sd, sd->asd);
|
||||
list_add(&sd->asd->list, ¬ifier->waiting);
|
||||
|
||||
if (notifier->unbind)
|
||||
notifier->unbind(notifier, sd, sd->asd);
|
||||
}
|
||||
|
||||
v4l2_async_cleanup(sd);
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user