On 11/20/2015 9:06 AM, Douglas Anderson wrote: > The dwc2_hcd_reset_func() function is only ever called directly by a > delayed work function. As such no locks are already held when the > function is called. > > Doing a read-modify-write of CPU registers and setting fields in the > main hsotg data structure is a bad idea without locks. Let's add > locks. > > The bug was found by code inspection only. It turns out that the > dwc2_hcd_reset_func() is only ever called today if the > "host_support_fs_ls_low_power" parameter is enabled and no code in > mainline enables that parameter. Thus no known issues in mainline are > fixed by this patch, but it's still probably wise to fix the function. > > Signed-off-by: Douglas Anderson <dianders at chromium.org> > --- > Changes in v5: > - New for v5 of the series > > drivers/usb/dwc2/hcd.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/drivers/usb/dwc2/hcd.c b/drivers/usb/dwc2/hcd.c > index 42b6c5127618..e8924cecc83a 100644 > --- a/drivers/usb/dwc2/hcd.c > +++ b/drivers/usb/dwc2/hcd.c > @@ -2357,13 +2357,19 @@ static void dwc2_hcd_reset_func(struct work_struct *work) > { > struct dwc2_hsotg *hsotg = container_of(work, struct dwc2_hsotg, > reset_work.work); > + unsigned long flags; > u32 hprt0; > > dev_dbg(hsotg->dev, "USB RESET function called\n"); > + > + spin_lock_irqsave(&hsotg->lock, flags); > + > hprt0 = dwc2_read_hprt0(hsotg); > hprt0 &= ~HPRT0_RST; > dwc2_writel(hprt0, hsotg->regs + HPRT0); > hsotg->flags.b.port_reset_change = 1; > + > + spin_unlock_irqrestore(&hsotg->lock, flags); > } > > /* > Acked-by: John Youn <johnyoun at synopsys.com> John