From: Daniel Vetter <daniel@ffwll.ch>
To: Peter Antoine <peter.antoine@intel.com>
Cc: intel-gfx@lists.freedesktop.org
Subject: Re: [PATCH] drm: Kernel Crash in drm_unlock
Date: Tue, 31 Mar 2015 15:25:32 +0200 [thread overview]
Message-ID: <20150331132532.GK6354@phenom.ffwll.local> (raw)
In-Reply-To: <1427789375-2213-1-git-send-email-peter.antoine@intel.com>
On Tue, Mar 31, 2015 at 09:09:33AM +0100, Peter Antoine wrote:
> This patch fixes a possible kernel crash when drm_unlock (DRM_IOCTL_UNLOCK)
> is called by a application that has not had a lock created by it. This
> crash can be caused by any application from all users.
>
> Issue: GMINL-7446
> Change-Id: I901ff713be53c5ec1c9eaf7ee0ff4314a659af05
> Signed-off-by: Peter Antoine <peter.antoine@intel.com>
Can you really blow this up at runtime with modern modeset drivers like
i915? Counts for all three patches ...
> ---
> drivers/gpu/drm/drm_lock.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/drivers/gpu/drm/drm_lock.c b/drivers/gpu/drm/drm_lock.c
> index f645268..80253a7 100644
> --- a/drivers/gpu/drm/drm_lock.c
> +++ b/drivers/gpu/drm/drm_lock.c
> @@ -156,6 +156,14 @@ int drm_unlock(struct drm_device *dev, void *data, struct drm_file *file_priv)
Also please rebase to latest upstream when submitting patches to the
public (the function is now called drm_legacy_unlock).
> return -EINVAL;
> }
>
> + if (!master->lock.hw_lock) {
> + DRM_ERROR(
> + "Device has been unregistered. Hard exit. Process %d\n",
> + task_pid_nr(current));
> + send_sig(SIGTERM, current, 0);
> + return -EINTR;
> + }
> +
> if (drm_lock_free(&master->lock, lock->context)) {
> /* FIXME: Should really bail out here. */
> }
> --
> 1.9.1
>
> ---------------------------------------------------------------------
> Intel Corporation (UK) Limited
> Registered No. 1134945 (England)
> Registered Office: Pipers Way, Swindon SN3 1RJ
> VAT No: 860 2173 47
>
> This e-mail and any attachments may contain confidential material for
> the sole use of the intended recipient(s). Any review or distribution
> by others is strictly prohibited. If you are not the intended
> recipient, please contact the sender and delete all copies.
And please remove this disclaimer.
Thanks, Daniel
>
> _______________________________________________
> Intel-gfx mailing list
> Intel-gfx@lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/intel-gfx
--
Daniel Vetter
Software Engineer, Intel Corporation
http://blog.ffwll.ch
_______________________________________________
Intel-gfx mailing list
Intel-gfx@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/intel-gfx
next prev parent reply other threads:[~2015-03-31 13:23 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-31 8:09 [PATCH] drm: Kernel Crash in drm_unlock Peter Antoine
2015-03-31 8:09 ` [PATCH] drm: Possible lock priority escalation Peter Antoine
2015-03-31 15:53 ` shuang.he
2015-03-31 8:09 ` [PATCH] drm: Fixes unsafe deference in locks Peter Antoine
2015-03-31 18:20 ` shuang.he
2015-03-31 13:24 ` [PATCH] drm: Kernel Crash in drm_unlock shuang.he
2015-03-31 13:25 ` Daniel Vetter [this message]
2015-03-31 13:28 ` Damien Lespiau
2015-03-31 13:34 ` Antoine, Peter
2015-03-31 14:00 ` Daniel Vetter
2015-03-31 14:21 ` Antoine, Peter
2015-04-15 14:22 ` Antoine, Peter
2015-04-16 7:30 ` Daniel Vetter
2015-03-31 13:35 ` Damien Lespiau
2015-03-31 13:38 ` Antoine, Peter
2015-03-31 13:44 ` Damien Lespiau
2015-03-31 13:47 ` Antoine, Peter
2015-03-31 13:53 ` He, Shuang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150331132532.GK6354@phenom.ffwll.local \
--to=daniel@ffwll.ch \
--cc=intel-gfx@lists.freedesktop.org \
--cc=peter.antoine@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox