On Tuesday 17 October 2017 13:21:54 Mario Limonciello wrote:
> +static LIST_HEAD(wmi_list);
> +
> +static inline struct wmi_smbios_priv *get_first_smbios_priv(void)
> +{
> + return list_first_entry_or_null(&wmi_list,
> + struct wmi_smbios_priv,
> + list);
> +}
...
> +int dell_smbios_wmi_call(struct calling_interface_buffer *buffer)
> +{
> + struct wmi_smbios_priv *priv;
> + size_t difference;
> + size_t size;
> + int ret;
> +
> + priv = get_first_smbios_priv();
Mutex needs to be acquired before calling this function. Otherwise there
is a race condition between removing element from the list returned by
this call and later usage of structure priv.
> + if (!priv)
> + return -ENODEV;
> +
> + size = sizeof(struct calling_interface_buffer);
> + difference = priv->req_buf_size - sizeof(u64) - size;
> +
> + mutex_lock(&call_mutex);
> + memset(&priv->buf->ext, 0, difference);
> + memcpy(&priv->buf->std, buffer, size);
> + ret = run_smbios_call(priv->wdev);
> + memcpy(buffer, &priv->buf->std, size);
> + mutex_unlock(&call_mutex);
> +
> + return ret;
> +}
--
Pali Rohár
pali.rohar@xxxxxxxxx
