On 2018-03-15 10:15 AM, Alex Deucher wrote:
On Thu, Mar 15, 2018 at 10:10 AM, <mikita.lip...@amd.com> wrote:
From: Mikita Lipski <mikita.lip...@amd.com>
Disable irq on devices before destroying them. That prevents
use-after-free memory access when unloading the driver.
Signed-off-by: Mikita Lipski <mikita.lip...@amd.com>
---
drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_device.c
b/drivers/gpu/drm/amd/amdgpu/amdgpu_device.c
index b4911911..593396f 100644
--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_device.c
+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_device.c
@@ -1456,6 +1456,9 @@ static int amdgpu_device_ip_fini(struct amdgpu_device
*adev)
}
}
+ /* disable all interrupts */
+ amdgpu_irq_disable_all(adev);
+
Any reason not to move this to the top of this function before the SMC loop?
Alex
It can be done, but it does not seem to have any functional effect.
The use-after-free corruption is caused by disabling DCE's irq after
destroying it.
Nik
for (i = adev->num_ip_blocks - 1; i >= 0; i--) {
if (!adev->ip_blocks[i].status.hw)
continue;
@@ -1482,8 +1485,6 @@ static int amdgpu_device_ip_fini(struct amdgpu_device
*adev)
adev->ip_blocks[i].status.hw = false;
}
- /* disable all interrupts */
- amdgpu_irq_disable_all(adev);
for (i = adev->num_ip_blocks - 1; i >= 0; i--) {
if (!adev->ip_blocks[i].status.sw)
--
2.7.4
_______________________________________________
amd-gfx mailing list
amd-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/amd-gfx
_______________________________________________
amd-gfx mailing list
amd-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/amd-gfx
