From: Srinivas Pandruvada Date: Mon, 24 Mar 2014 23:25:04 +0000 (-0700) Subject: HID: hid-sensor-hub: fix sleeping function called from invalid context X-Git-Tag: firefly_0821_release~176^2~4168^2~7 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=f74346a04b79c9a5e50a2ee5e923b94195975d17;p=firefly-linux-kernel-4.4.55.git HID: hid-sensor-hub: fix sleeping function called from invalid context Fix issue with the sleeping calling hid_hw_request under spinlock. When i2c is used as HID transport, this is calling kmalloc, which can sleep. So remove call to this function while under spinlock. [ 1067.021961] Call Trace: [ 1067.021970] [] dump_stack+0x4d/0x6f [ 1067.021976] [] __might_sleep+0xd2/0xf0 [ 1067.021981] [] __kmalloc+0xeb/0x200 [ 1067.021989] [] ? hid_alloc_report_buf+0x23/0x30 [ 1067.021993] [] hid_alloc_report_buf+0x23/0x30 [ 1067.021997] [] i2c_hid_request+0x57/0x110 [ 1067.022006] [] sensor_hub_input_attr_get_raw_value+0xbc/0x100 [hid_sensor_hub] Signed-off-by: Srinivas Pandruvada Signed-off-by: Jiri Kosina --- diff --git a/drivers/hid/hid-sensor-hub.c b/drivers/hid/hid-sensor-hub.c index 9c22e14c57f0..9021c9ce8851 100644 --- a/drivers/hid/hid-sensor-hub.c +++ b/drivers/hid/hid-sensor-hub.c @@ -260,13 +260,12 @@ int sensor_hub_input_attr_get_raw_value(struct hid_sensor_hub_device *hsdev, spin_lock_irqsave(&data->lock, flags); data->pending.status = true; + spin_unlock_irqrestore(&data->lock, flags); report = sensor_hub_report(report_id, hsdev->hdev, HID_INPUT_REPORT); - if (!report) { - spin_unlock_irqrestore(&data->lock, flags); + if (!report) goto err_free; - } + hid_hw_request(hsdev->hdev, report, HID_REQ_GET_REPORT); - spin_unlock_irqrestore(&data->lock, flags); wait_for_completion_interruptible_timeout(&data->pending.ready, HZ*5); switch (data->pending.raw_size) { case 1: