RE: FW: [PATCH] drm/ttm: fix ttm client driver (e.g. amdgpu) reload issue

Wed, 05 Jun 2019 07:44:57 -0700 

Strange, I get the latest "drm-next" branch and didn't see the change landed 
....

/Monk

-----Original Message-----
From: Koenig, Christian 
Sent: Wednesday, June 5, 2019 7:11 PM
To: Liu, Monk <monk....@amd.com>; amd-gfx@lists.freedesktop.org
Subject: Re: FW: [PATCH] drm/ttm: fix ttm client driver (e.g. amdgpu) reload 
issue

This should already be fixed by patch "drm/ttm: fix re-init of global 
structures".

Christian.

Am 05.06.19 um 09:29 schrieb Liu, Monk:
>
> -----Original Message-----
> From: Monk Liu <monk....@amd.com>
> Sent: Wednesday, June 5, 2019 2:45 PM
> To: amd-gfx@lists.freedesktop.org
> Cc: Liu, Monk <monk....@amd.com>
> Subject: [PATCH] drm/ttm: fix ttm client driver (e.g. amdgpu) reload 
> issue
>
> need to clear bo glob and mem glob during their release otherwise their 
> member value would be wrongly used in the next glob init stage and lead to 
> wild pointer access problems:
>
> 1) kobj.state_initialized is 1
> 2) ttm_bo_glob.bo_count isn't cleared and referenced via it
>     on member "swap_lru" would hit out of bound array accessing
>     bug
>
> Signed-off-by: Monk Liu <monk....@amd.com>
> ---
>   drivers/gpu/drm/ttm/ttm_bo.c     | 2 ++
>   drivers/gpu/drm/ttm/ttm_memory.c | 8 ++++++++
>   2 files changed, 10 insertions(+)
>
> diff --git a/drivers/gpu/drm/ttm/ttm_bo.c 
> b/drivers/gpu/drm/ttm/ttm_bo.c index c7de667..6434eac 100644
> --- a/drivers/gpu/drm/ttm/ttm_bo.c
> +++ b/drivers/gpu/drm/ttm/ttm_bo.c
> @@ -1604,6 +1604,8 @@ static void ttm_bo_global_kobj_release(struct kobject 
> *kobj)
>               container_of(kobj, struct ttm_bo_global, kobj);
>   
>       __free_page(glob->dummy_read_page);
> +
> +     memset(glob, 0, sizeof(*glob));
>   }
>   
>   static void ttm_bo_global_release(void) diff --git 
> a/drivers/gpu/drm/ttm/ttm_memory.c b/drivers/gpu/drm/ttm/ttm_memory.c
> index 8617958..7128bbf 100644
> --- a/drivers/gpu/drm/ttm/ttm_memory.c
> +++ b/drivers/gpu/drm/ttm/ttm_memory.c
> @@ -229,9 +229,17 @@ static const struct sysfs_ops ttm_mem_global_ops = {
>       .store = &ttm_mem_global_store,
>   };
>   
> +void ttm_mem_glob_kobj_release(struct kobject *kobj) {
> +     struct ttm_mem_global *glob = container_of(kobj, struct 
> +ttm_mem_global, kobj);
> +
> +     memset(glob, 0, sizeof(*glob));
> +}
> +
>   static struct kobj_type ttm_mem_glob_kobj_type = {
>       .sysfs_ops = &ttm_mem_global_ops,
>       .default_attrs = ttm_mem_global_attrs,
> +     .release = ttm_mem_glob_kobj_release,
>   };
>   
>   static bool ttm_zones_above_swap_target(struct ttm_mem_global *glob,
> --
> 2.7.4
>

_______________________________________________
amd-gfx mailing list
amd-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/amd-gfx

Reply via email to