Re: [PATCH v2] staging: media: atomisp: add missing mutex lock in atomisp_s_fmt_cap

From: Andy Shevchenko
Date: Thu Jul 17 2025 - 01:58:34 EST

Next message: Shuai Xue: "Re: [PATCH v8] PCI: hotplug: Add a generic RAS tracepoint for hotplug event"
Previous message: Gao Xiang: "Re: [PATCH v3] erofs: fix build error with CONFIG_EROFS_FS_ZIP_ACCEL=y"
In reply to: Dan Carpenter: "Re: [PATCH v2] staging: media: atomisp: add missing mutex lock in atomisp_s_fmt_cap"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jul 17, 2025 at 4:30 AM Abdelrahman Fekry
<abdelrahmanfekry375@xxxxxxxxx> wrote:
>
> The function atomisp_set_fmt() modifies shared device state and expects
> callers to hold the isp->mutex for synchronization. While most internal
> callers correctly lock the mutex before invoking atomisp_set_fmt(), the
> V4L2 ioctl handler atomisp_s_fmt_cap() does not.
>
> This results in an unsafe execution path for VIDIOC_S_FMT ioctls
> (e.g. via v4l2-ctl), where shared structures such as pipe->pix and
> pipe->frame_info may be modified concurrently without proper protection.
>
> - Fix this by explicitly locking isp->mutex in atomisp_s_fmt_cap().

...

> #include <linux/delay.h>
> #include <linux/pci.h>
> +#include <linux/cleanup.h>

Keep it ordered.

...

> + int ret;
>
> - return atomisp_set_fmt(vdev, f);
> + scoped_guard(mutex, &isp->mutex)
> + {
> + ret = atomisp_set_fmt(vdev, f);
> + }
> + return ret;

As Dan said, this should just add a (one line) guard()() and no other
lines being touched.

> }

--
With Best Regards,
Andy Shevchenko

Next message: Shuai Xue: "Re: [PATCH v8] PCI: hotplug: Add a generic RAS tracepoint for hotplug event"
Previous message: Gao Xiang: "Re: [PATCH v3] erofs: fix build error with CONFIG_EROFS_FS_ZIP_ACCEL=y"
In reply to: Dan Carpenter: "Re: [PATCH v2] staging: media: atomisp: add missing mutex lock in atomisp_s_fmt_cap"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]