On Wed, Jan 08, 2025 at 10:18:02AM +0530, Ling Xu wrote:
> fastrpc_req_munmap involves two steps to unmap memory, first to locates
> a matching fastrpc buf in the list and second is to send request to DSP
> to unmap. There is a potential race condition between two operations
> which can lead to use
fastrpc_req_munmap involves two steps to unmap memory, first to locates
a matching fastrpc buf in the list and second is to send request to DSP
to unmap. There is a potential race condition between two operations
which can lead to user-after-free scenario.
Lock unmap request to avoid use-after-free
