From: "Hsia-Jun(Randy) Li" <randy.li@xxxxxxxxxxxxx>
The has_stopped property in struct v4l2_m2m_ctx is operated
without a lock protecction. Then the userspace calls to
v4l2_m2m_encoder_cmd()/v4l2_m2m_decoder_cmd() may lead to
a critical section issue.
Signed-off-by: Hsia-Jun(Randy) Li <randy.li@xxxxxxxxxxxxx>
---
drivers/media/v4l2-core/v4l2-mem2mem.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/media/v4l2-core/v4l2-mem2mem.c b/drivers/media/v4l2-core/v4l2-mem2mem.c
index 75517134a5e9..f1de71031e02 100644
--- a/drivers/media/v4l2-core/v4l2-mem2mem.c
+++ b/drivers/media/v4l2-core/v4l2-mem2mem.c
@@ -635,9 +635,9 @@ void v4l2_m2m_last_buffer_done(struct v4l2_m2m_ctx *m2m_ctx,
struct vb2_v4l2_buffer *vbuf)
{
vbuf->flags |= V4L2_BUF_FLAG_LAST;
- vb2_buffer_done(&vbuf->vb2_buf, VB2_BUF_STATE_DONE);
-
v4l2_m2m_mark_stopped(m2m_ctx);
+
+ vb2_buffer_done(&vbuf->vb2_buf, VB2_BUF_STATE_DONE);
}
EXPORT_SYMBOL_GPL(v4l2_m2m_last_buffer_done);
--
2.17.1
