We should unlock before returning if skb_dequeue() returns a NULL. Fixes: c0cdc19f84a4 ("rpmsg: Driver for user space endpoint interface") Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> diff --git a/drivers/rpmsg/rpmsg_char.c b/drivers/rpmsg/rpmsg_char.c index a78b6b7..0ca2ccc 100644 --- a/drivers/rpmsg/rpmsg_char.c +++ b/drivers/rpmsg/rpmsg_char.c @@ -209,11 +209,10 @@ static ssize_t rpmsg_eptdev_read(struct file *filp, char __user *buf, } skb = skb_dequeue(&eptdev->queue); + spin_unlock_irqrestore(&eptdev->queue_lock, flags); if (!skb) return -EFAULT; - spin_unlock_irqrestore(&eptdev->queue_lock, flags); - use = min_t(size_t, len, skb->len); if (copy_to_user(buf, skb->data, use)) use = -EFAULT; -- To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html