qseecom: check if app is blocked when unloading app
When TA client crashes, qseecom_release() will be called to
unload this TA and release its allocated buffer. But if at the same
time, there is another client still waiting to check if this TA is
blocked, the TA should not be unloaded, otherwise the checking client
may access freed buffer. Thus, add a TA "check_block" flag to indicate
if a client is still checking TA's block state, and not to unload TA
if this flag is true.
Change-Id: I8bd4baae44d5e333cedb54048501efd4cff29a72
Signed-off-by: Zhen Kong <zkong@codeaurora.org>
diff --git a/drivers/misc/qseecom.c b/drivers/misc/qseecom.c
index 0ee8208..eab3b59 100644
--- a/drivers/misc/qseecom.c
+++ b/drivers/misc/qseecom.c
@@ -199,6 +199,7 @@
char app_name[MAX_APP_NAME_SIZE];
u32 app_arch;
bool app_blocked;
+ bool check_block;
u32 blocked_on_listener_id;
};
@@ -2185,6 +2186,7 @@
sigset_t new_sigset, old_sigset;
if (qseecom.qsee_reentrancy_support) {
+ ptr_app->check_block = true;
while (ptr_app->app_blocked || qseecom.app_block_ref_cnt > 1) {
/* thread sleep until this app unblocked */
sigfillset(&new_sigset);
@@ -2199,6 +2201,7 @@
mutex_lock(&app_access_lock);
sigprocmask(SIG_SETMASK, &old_sigset, NULL);
}
+ ptr_app->check_block = false;
}
}
@@ -2577,7 +2580,8 @@
if (!strcmp((void *)ptr_app->app_name,
(void *)data->client.app_name)) {
found_app = true;
- if (ptr_app->app_blocked)
+ if (ptr_app->app_blocked ||
+ ptr_app->check_block)
app_crash = false;
if (app_crash || ptr_app->ref_cnt == 1)
unload = true;