From: Marcus Nutzinger Date: Thu, 5 Jun 2014 15:17:06 +0000 (+0200) Subject: usb: gadget: gadgetfs: correct dev state X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=f0cae93f3f7e9a26c2d6bc182204c37dec3698eb;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git usb: gadget: gadgetfs: correct dev state This reverts commit 1826e9b1 (usb: gadget: gadgetfs: use after free in dev_release()) and places the call to put_dev() after setting the state. If this is not the final call to dev_release() and the state is not reset to STATE_DEV_DISABLED and hence all further open() calls to the gadgetfs ep0 device will fail with EBUSY. Signed-off-by: Marcus Nutzinger Reviewed-by: Christoph Muellner Signed-off-by: Felipe Balbi --- diff --git a/drivers/usb/gadget/inode.c b/drivers/usb/gadget/inode.c index ee6c16416c30..2e4ce7704908 100644 --- a/drivers/usb/gadget/inode.c +++ b/drivers/usb/gadget/inode.c @@ -1264,8 +1264,13 @@ dev_release (struct inode *inode, struct file *fd) kfree (dev->buf); dev->buf = NULL; - put_dev (dev); + /* other endpoints were all decoupled from this device */ + spin_lock_irq(&dev->lock); + dev->state = STATE_DEV_DISABLED; + spin_unlock_irq(&dev->lock); + + put_dev (dev); return 0; }