From: Hans de Goede <hdegoede@xxxxxxxxxx> [ Upstream commit d4cb5d3c4cee28aa89b02bc33d930a6cf75e7f79 ] ov5648_state_init() calls ov5648_state_mipi_configure() which uses __v4l2_ctrl_s_ctrl[_int64](). This means that sensor->mutex (which is also sensor->ctrls.handler.lock) must be locked before calling ov5648_state_init(). ov5648_state_mipi_configure() is also used in other places where the lock is already held so it cannot be changed itself. Note this is based on an identical (tested) fix for the ov8865 driver, this has only been compile-tested. Cc: Paul Kocialkowski <paul.kocialkowski@xxxxxxxxxxx> Reviewed-by: Paul Kocialkowski <paul.kocialkowski@xxxxxxxxxxx> Signed-off-by: Hans de Goede <hdegoede@xxxxxxxxxx> Signed-off-by: Sakari Ailus <sakari.ailus@xxxxxxxxxxxxxxx> Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx> --- drivers/media/i2c/ov5648.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/drivers/media/i2c/ov5648.c b/drivers/media/i2c/ov5648.c index 78040f0ac02f..ef8b52dc9401 100644 --- a/drivers/media/i2c/ov5648.c +++ b/drivers/media/i2c/ov5648.c @@ -1778,8 +1778,14 @@ static int ov5648_state_configure(struct ov5648_sensor *sensor, static int ov5648_state_init(struct ov5648_sensor *sensor) { - return ov5648_state_configure(sensor, &ov5648_modes[0], - ov5648_mbus_codes[0]); + int ret; + + mutex_lock(&sensor->mutex); + ret = ov5648_state_configure(sensor, &ov5648_modes[0], + ov5648_mbus_codes[0]); + mutex_unlock(&sensor->mutex); + + return ret; } /* Sensor Base */ -- 2.34.1