bus: mhi: ep: Fix potential deadlock in mhi_ep_reset_worker()

There is a potential deadlock scenario in mhi_ep_reset_worker() where
the state_lock mutex is acquired twice in the same call chain:

mhi_ep_reset_worker()
  mutex_lock(&mhi_cntrl->state_lock)
    mhi_ep_power_up()
      mhi_ep_set_ready_state()
        mutex_lock(&mhi_cntrl->state_lock)  <- Deadlock

Fix this by releasing the state_lock before calling mhi_ep_power_up().
The lock is only needed to protect current MHI state read operation. The
lock can be safely released before proceeding with the power up sequence.

Fixes: 7a97b6b47353 ("bus: mhi: ep: Add support for handling MHI_RESET")
Signed-off-by: Sumit Kumar <sumit.kumar@oss.qualcomm.com>
Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam@oss.qualcomm.com>
Link: https://patch.msgid.link/20260414-reset_worker_deadlock-v2-1-42fd682b45db@oss.qualcomm.com

diff --git a/drivers/bus/mhi/ep/main.c b/drivers/bus/mhi/ep/main.c
index 0277e1ab11988661fee2ecebf1dcddc00720416d..425525e232f919314a84d846cc544b077eb9c356 100644 (file)
--- a/drivers/bus/mhi/ep/main.c
+++ b/drivers/bus/mhi/ep/main.c
@@ -1087,11 +1087,12 @@ static void mhi_ep_reset_worker(struct work_struct *work)
 
        mhi_ep_power_down(mhi_cntrl);
 
-       mutex_lock(&mhi_cntrl->state_lock);
-
        /* Reset MMIO to signal host that the MHI_RESET is completed in endpoint */
        mhi_ep_mmio_reset(mhi_cntrl);
+
+       mutex_lock(&mhi_cntrl->state_lock);
        cur_state = mhi_cntrl->mhi_state;
+       mutex_unlock(&mhi_cntrl->state_lock);
 
        /*
         * Only proceed further if the reset is due to SYS_ERR. The host will
@@ -1100,8 +1101,6 @@ static void mhi_ep_reset_worker(struct work_struct *work)
         */
        if (cur_state == MHI_STATE_SYS_ERR)
                mhi_ep_power_up(mhi_cntrl);
-
-       mutex_unlock(&mhi_cntrl->state_lock);
 }
 
 /*