From: Bjorn Andersson <bjorn.anders...@linaro.org>
As fastrpc_rpmsg_remove() returns the rpdev of the channel context is no
longer a valid object, so ensure to update the channel context to no
longer reference the old object and guard in the invoke code path
against dereferencing it.
Signed-off-by: Bjorn Andersson <bjorn.anders...@linaro.org>
Signed-off-by: Mayank Chopra <mak.cho...@codeaurora.org>
Signed-off-by: Abhinav Asati <asatia...@codeaurora.org>
Signed-off-by: Vamsi Singamsetty <vam...@codeaurora.org>
Signed-off-by: Srinivas Kandagatla <srinivas.kandaga...@linaro.org>
---
drivers/misc/fastrpc.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/drivers/misc/fastrpc.c b/drivers/misc/fastrpc.c
index c019e867e7fa..59ee6de26229 100644
--- a/drivers/misc/fastrpc.c
+++ b/drivers/misc/fastrpc.c
@@ -913,6 +913,9 @@ static int fastrpc_internal_invoke(struct fastrpc_user *fl,
u32 kernel,
if (!fl->sctx)
return -EINVAL;
+ if (!fl->cctx->rpdev)
+ return -EPIPE;
+
ctx = fastrpc_context_alloc(fl, kernel, sc, args);
if (IS_ERR(ctx))
return PTR_ERR(ctx);
@@ -1495,6 +1498,7 @@ static void fastrpc_rpmsg_remove(struct rpmsg_device
*rpdev)
misc_deregister(&cctx->miscdev);
of_platform_depopulate(&rpdev->dev);
+ cctx->rpdev = NULL;
fastrpc_channel_ctx_put(cctx);
}
--
2.21.0
