* [PATCH v2 0/2] bus: mhi: ep: Fix state_lock protection issues
@ 2026-04-14 6:29 Sumit Kumar
2026-04-14 6:29 ` [PATCH v2 1/2] bus: mhi: ep: Fix potential deadlock in mhi_ep_reset_worker() Sumit Kumar
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Sumit Kumar @ 2026-04-14 6:29 UTC (permalink / raw)
To: Manivannan Sadhasivam, Alex Elder, Greg Kroah-Hartman
Cc: mhi, linux-arm-msm, linux-kernel, Veerabhadrarao Badiganti,
Subramanian Ananthanarayanan, Akhil Vinod, Sumit Kumar
This series fixes a deadlock in mhi_ep_reset_worker() where state_lock is
acquired twice, and adds missing lock protection for mhi_state access in
mhi_ep_power_up() to prevent race conditions and state machine corruption.
Signed-off-by: Sumit Kumar <sumit.kumar@oss.qualcomm.com>
---
Changes in v2:
- Move `mhi_ep_mmio_reset()` out of state mutex lock.(Mani).
- Removed the mutex lock from `mhi_ep_handle_syserr()`, since the caller of
mhi_ep_handle_syserr() holds the lock.(Mani)
- Link to v1: https://lore.kernel.org/r/20260203-reset_worker_deadlock-v1-0-7ed889b5bf19@oss.qualcomm.com
---
Sumit Kumar (2):
bus: mhi: ep: Fix potential deadlock in mhi_ep_reset_worker()
bus: mhi: ep: Add missing state_lock protection for mhi_state access
drivers/bus/mhi/ep/main.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
---
base-commit: 6fa9041b7177f6771817b95e83f6df17b147c8c6
change-id: 20251113-reset_worker_deadlock-0223907f7c9d
Best regards,
--
Sumit Kumar <sumit.kumar@oss.qualcomm.com>
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH v2 1/2] bus: mhi: ep: Fix potential deadlock in mhi_ep_reset_worker()
2026-04-14 6:29 [PATCH v2 0/2] bus: mhi: ep: Fix state_lock protection issues Sumit Kumar
@ 2026-04-14 6:29 ` Sumit Kumar
2026-04-14 6:29 ` [PATCH v2 2/2] bus: mhi: ep: Add missing state_lock protection for mhi_state access Sumit Kumar
2026-05-12 14:31 ` [PATCH v2 0/2] bus: mhi: ep: Fix state_lock protection issues Manivannan Sadhasivam
2 siblings, 0 replies; 4+ messages in thread
From: Sumit Kumar @ 2026-04-14 6:29 UTC (permalink / raw)
To: Manivannan Sadhasivam, Alex Elder, Greg Kroah-Hartman
Cc: mhi, linux-arm-msm, linux-kernel, Veerabhadrarao Badiganti,
Subramanian Ananthanarayanan, Akhil Vinod, Sumit Kumar
There is a potential deadlock scenario in mhi_ep_reset_worker() where
the state_lock mutex is acquired twice in the same call chain:
mhi_ep_reset_worker()
mutex_lock(&mhi_cntrl->state_lock)
mhi_ep_power_up()
mhi_ep_set_ready_state()
mutex_lock(&mhi_cntrl->state_lock) <- Deadlock
Fix this by releasing the state_lock before calling mhi_ep_power_up().
The lock is only needed to protect current MHI state read operation. The
lock can be safely released before proceeding with the power up sequence.
Fixes: 7a97b6b47353 ("bus: mhi: ep: Add support for handling MHI_RESET")
Signed-off-by: Sumit Kumar <sumit.kumar@oss.qualcomm.com>
---
drivers/bus/mhi/ep/main.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/drivers/bus/mhi/ep/main.c b/drivers/bus/mhi/ep/main.c
index cdea24e9291959ae0a92487c1b9698dc8164d2f1..4bb007d1933315e5b0b40d235248d5373548d3f4 100644
--- a/drivers/bus/mhi/ep/main.c
+++ b/drivers/bus/mhi/ep/main.c
@@ -1087,11 +1087,12 @@ static void mhi_ep_reset_worker(struct work_struct *work)
mhi_ep_power_down(mhi_cntrl);
- mutex_lock(&mhi_cntrl->state_lock);
-
/* Reset MMIO to signal host that the MHI_RESET is completed in endpoint */
mhi_ep_mmio_reset(mhi_cntrl);
+
+ mutex_lock(&mhi_cntrl->state_lock);
cur_state = mhi_cntrl->mhi_state;
+ mutex_unlock(&mhi_cntrl->state_lock);
/*
* Only proceed further if the reset is due to SYS_ERR. The host will
@@ -1100,8 +1101,6 @@ static void mhi_ep_reset_worker(struct work_struct *work)
*/
if (cur_state == MHI_STATE_SYS_ERR)
mhi_ep_power_up(mhi_cntrl);
-
- mutex_unlock(&mhi_cntrl->state_lock);
}
/*
--
2.34.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH v2 2/2] bus: mhi: ep: Add missing state_lock protection for mhi_state access
2026-04-14 6:29 [PATCH v2 0/2] bus: mhi: ep: Fix state_lock protection issues Sumit Kumar
2026-04-14 6:29 ` [PATCH v2 1/2] bus: mhi: ep: Fix potential deadlock in mhi_ep_reset_worker() Sumit Kumar
@ 2026-04-14 6:29 ` Sumit Kumar
2026-05-12 14:31 ` [PATCH v2 0/2] bus: mhi: ep: Fix state_lock protection issues Manivannan Sadhasivam
2 siblings, 0 replies; 4+ messages in thread
From: Sumit Kumar @ 2026-04-14 6:29 UTC (permalink / raw)
To: Manivannan Sadhasivam, Alex Elder, Greg Kroah-Hartman
Cc: mhi, linux-arm-msm, linux-kernel, Veerabhadrarao Badiganti,
Subramanian Ananthanarayanan, Akhil Vinod, Sumit Kumar
The mhi_cntrl->mhi_state field should be protected by state_lock to
ensure atomic state transitions. However, mhi_ep_power_up() access
mhi_state without holding this lock, which can race with concurrent state
transitions and lead to state corruption.
Add proper state_lock protection around mhi_state access.
Fixes: fb3a26b7e8af ("bus: mhi: ep: Add support for powering up the MHI endpoint stack")
Fixes: f7d0806bdb1b3 ("bus: mhi: ep: Add support for handling SYS_ERR condition")
Signed-off-by: Sumit Kumar <sumit.kumar@oss.qualcomm.com>
---
drivers/bus/mhi/ep/main.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/bus/mhi/ep/main.c b/drivers/bus/mhi/ep/main.c
index 4bb007d1933315e5b0b40d235248d5373548d3f4..eefb0a6c82f68bf95f5c7418afa595c47519dee5 100644
--- a/drivers/bus/mhi/ep/main.c
+++ b/drivers/bus/mhi/ep/main.c
@@ -1148,7 +1148,9 @@ int mhi_ep_power_up(struct mhi_ep_cntrl *mhi_cntrl)
for (i = 0; i < mhi_cntrl->event_rings; i++)
mhi_ep_ring_init(&mhi_cntrl->mhi_event[i].ring, RING_TYPE_ER, i);
+ mutex_lock(&mhi_cntrl->state_lock);
mhi_cntrl->mhi_state = MHI_STATE_RESET;
+ mutex_unlock(&mhi_cntrl->state_lock);
/* Set AMSS EE before signaling ready state */
mhi_ep_mmio_set_env(mhi_cntrl, MHI_EE_AMSS);
--
2.34.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH v2 0/2] bus: mhi: ep: Fix state_lock protection issues
2026-04-14 6:29 [PATCH v2 0/2] bus: mhi: ep: Fix state_lock protection issues Sumit Kumar
2026-04-14 6:29 ` [PATCH v2 1/2] bus: mhi: ep: Fix potential deadlock in mhi_ep_reset_worker() Sumit Kumar
2026-04-14 6:29 ` [PATCH v2 2/2] bus: mhi: ep: Add missing state_lock protection for mhi_state access Sumit Kumar
@ 2026-05-12 14:31 ` Manivannan Sadhasivam
2 siblings, 0 replies; 4+ messages in thread
From: Manivannan Sadhasivam @ 2026-05-12 14:31 UTC (permalink / raw)
To: Manivannan Sadhasivam, Alex Elder, Greg Kroah-Hartman,
Sumit Kumar
Cc: mhi, linux-arm-msm, linux-kernel, Veerabhadrarao Badiganti,
Subramanian Ananthanarayanan, Akhil Vinod
On Tue, 14 Apr 2026 11:59:39 +0530, Sumit Kumar wrote:
> This series fixes a deadlock in mhi_ep_reset_worker() where state_lock is
> acquired twice, and adds missing lock protection for mhi_state access in
> mhi_ep_power_up() to prevent race conditions and state machine corruption.
Applied, thanks!
[1/2] bus: mhi: ep: Fix potential deadlock in mhi_ep_reset_worker()
commit: 9dece4435d396e9877e27483552b910ba8654169
[2/2] bus: mhi: ep: Add missing state_lock protection for mhi_state access
commit: ce3e534ee9c8d13a68c8a611c3b7bd0c2152d2ab
Best regards,
--
Manivannan Sadhasivam <manivannan.sadhasivam@oss.qualcomm.com>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2026-05-12 14:31 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-04-14 6:29 [PATCH v2 0/2] bus: mhi: ep: Fix state_lock protection issues Sumit Kumar
2026-04-14 6:29 ` [PATCH v2 1/2] bus: mhi: ep: Fix potential deadlock in mhi_ep_reset_worker() Sumit Kumar
2026-04-14 6:29 ` [PATCH v2 2/2] bus: mhi: ep: Add missing state_lock protection for mhi_state access Sumit Kumar
2026-05-12 14:31 ` [PATCH v2 0/2] bus: mhi: ep: Fix state_lock protection issues Manivannan Sadhasivam
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox