From 7d911a149bf39a4e5e957fdfffa0148df72558d9 Mon Sep 17 00:00:00 2001 From: Elliot Berman Date: Mon, 11 Mar 2024 16:42:31 -0700 Subject: [PATCH] ANDROID: virt: gunyah: Move send_lock around req and reply Gunyah resource manager has limited internal buffering to send messages to VMs and it is possible to fill the buffer and cause RM to drop replies. Prevent the "drop" scenario by serializing the entire send/receive RPC flow. Bug: 330201551 Change-Id: I65f2f6daf495eb24e1bc120a6a4d0b84c966e3cc Signed-off-by: Elliot Berman --- drivers/virt/gunyah/rsc_mgr.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/virt/gunyah/rsc_mgr.c b/drivers/virt/gunyah/rsc_mgr.c index 170a2d37da68..92c3dd0f0bcc 100644 --- a/drivers/virt/gunyah/rsc_mgr.c +++ b/drivers/virt/gunyah/rsc_mgr.c @@ -567,7 +567,6 @@ static int gh_rm_send_request(struct gh_rm *rm, u32 message_id, hdr_template.seq = cpu_to_le16(connection->reply.seq); hdr_template.msg_id = cpu_to_le32(message_id); - mutex_lock(&rm->send_lock); do { msg = kmem_cache_zalloc(rm->cache, GFP_KERNEL); if (!msg) { @@ -606,7 +605,6 @@ static int gh_rm_send_request(struct gh_rm *rm, u32 message_id, } while (buf_size_remaining); out: - mutex_unlock(&rm->send_lock); return ret < 0 ? ret : 0; } @@ -660,6 +658,7 @@ int gh_rm_call(void *_rm, u32 message_id, const void *req_buf, size_t req_buf_si connection->reply.seq = lower_16_bits(seq_id); /* Send the request to the Resource Manager */ + mutex_lock(&rm->send_lock); ret = gh_rm_send_request(rm, message_id, req_buf, req_buf_size, connection); if (ret < 0) goto out; @@ -699,6 +698,7 @@ int gh_rm_call(void *_rm, u32 message_id, const void *req_buf, size_t req_buf_si } out: + mutex_unlock(&rm->send_lock); xa_erase(&rm->call_xarray, connection->reply.seq); free: kfree(connection);