mirror of
https://github.com/torvalds/linux.git
synced 2026-05-12 16:18:45 +02:00
4527025d44
nci_close_device() flushes rx_wq and tx_wq while holding req_lock.
This causes a circular locking dependency because nci_rx_work()
running on rx_wq can end up taking req_lock too:
nci_rx_work -> nci_rx_data_packet -> nci_data_exchange_complete
-> __sk_destruct -> rawsock_destruct -> nfc_deactivate_target
-> nci_deactivate_target -> nci_request -> mutex_lock(&ndev->req_lock)
Move the flush of rx_wq after req_lock has been released.
This should safe (I think) because NCI_UP has already been cleared
and the transport is closed, so the work will see it and return
-ENETDOWN.
NIPA has been hitting this running the nci selftest with a debug
kernel on roughly 4% of the runs.
Fixes:
|
||
|---|---|---|
| .. | ||
| hci | ||
| nci | ||
| af_nfc.c | ||
| core.c | ||
| digital_core.c | ||
| digital_dep.c | ||
| digital_technology.c | ||
| digital.h | ||
| Kconfig | ||
| llcp_commands.c | ||
| llcp_core.c | ||
| llcp_sock.c | ||
| llcp.h | ||
| Makefile | ||
| netlink.c | ||
| nfc.h | ||
| rawsock.c | ||