 
            As we now knew allowing userspace control over dma_fence synchronization is fundamentally broken and can cause deadlocks inside the kernel memory management.
Because of this harden the wording for CONFIG_SW_SYNC and taint the kernel as soon as it is used.
Signed-off-by: Christian König christian.koenig@amd.com --- drivers/dma-buf/Kconfig | 5 +++-- drivers/dma-buf/sw_sync.c | 5 ++++- 2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/drivers/dma-buf/Kconfig b/drivers/dma-buf/Kconfig index 9561e3d2d428..61e0f3c5ba8b 100644 --- a/drivers/dma-buf/Kconfig +++ b/drivers/dma-buf/Kconfig @@ -27,8 +27,9 @@ config SW_SYNC synchronization. Useful when there is no hardware primitive backing the synchronization.
- WARNING: improper use of this can result in deadlocking kernel - drivers from userspace. Intended for test and debug only. + WARNING: improper use of this can result in deadlocking the kernel + memory management from userspace. Intended for test and debug only. + Use at your own risk.
config UDMABUF bool "userspace dmabuf misc driver" diff --git a/drivers/dma-buf/sw_sync.c b/drivers/dma-buf/sw_sync.c index 348b3a9170fa..c2bcb9062f51 100644 --- a/drivers/dma-buf/sw_sync.c +++ b/drivers/dma-buf/sw_sync.c @@ -286,7 +286,8 @@ static struct sync_pt *sync_pt_create(struct sync_timeline *obj, /* * *WARNING* * - * improper use of this can result in deadlocking kernel drivers from userspace. + * improper use of this can result in deadlocking kernel memory management + * from userspace. */
/* opening sw_sync create a new sync obj */ @@ -295,6 +296,8 @@ static int sw_sync_debugfs_open(struct inode *inode, struct file *file) struct sync_timeline *obj; char task_comm[TASK_COMM_LEN];
+ add_taint(TAINT_SOFTLOCKUP, LOCKDEP_STILL_OK); + get_task_comm(task_comm, current);
obj = sync_timeline_create(task_comm);