- Linux-stable-mirror - lists.linaro.org

Re: Patch "drm/amd/display: change dc stream color settings only in atomic commit" has been added to the 6.17-stable tree

by Melissa Wen

Hi Sasha, Same here, can you backport the previous related commit (2f9c63883730 "drm/amd/display: update color on atomic commit time" [1]) too? Otherwise, the commit below alone will cause regressions. Thanks, Melissa [1] https://github.com/torvalds/linux/commit/2f9c63883730a0bfecb086e6e59246933f… On 04/11/2025 20:53, Sasha Levin wrote: > This is a note to let you know that I've just added the patch titled > > drm/amd/display: change dc stream color settings only in atomic commit > > to the 6.17-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > drm-amd-display-change-dc-stream-color-settings-only.patch > and it can be found in the queue-6.17 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. > > > > commit 87fe0b67d6d8340123e563e7156fbdf070a2954d > Author: Melissa Wen <mwen(a)igalia.com> > Date: Thu Sep 11 14:21:20 2025 -0300 > > drm/amd/display: change dc stream color settings only in atomic commit > > [ Upstream commit 51cb93aa0c4a9bb126b76f6e9fd640d88de25cee ] > > Don't update DC stream color components during atomic check. The driver > will continue validating the new CRTC color state but will not change DC > stream color components. The DC stream color state will only be > programmed at commit time in the `atomic_setup_commit` stage. > > It fixes gamma LUT loss reported by KDE users when changing brightness > quickly or changing Display settings (such as overscan) with nightlight > on and HDR. As KWin can do a test commit with color settings different > from those that should be applied in a non-test-only commit, if the > driver changes DC stream color state in atomic check, this state can be > eventually HW programmed in commit tail, instead of the respective state > set by the non-blocking commit. > > Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/4444 > Reported-by: Xaver Hugl <xaver.hugl(a)gmail.com> > Signed-off-by: Melissa Wen <mwen(a)igalia.com> > Reviewed-by: Harry Wentland <harry.wentland(a)amd.com> > Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> > Signed-off-by: Sasha Levin <sashal(a)kernel.org> > > diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c > index d66c9609efd8d..60eb2c2c79b77 100644 > --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c > +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c > @@ -11105,7 +11105,7 @@ static int dm_update_crtc_state(struct amdgpu_display_manager *dm, > if (dm_new_crtc_state->base.color_mgmt_changed || > dm_old_crtc_state->regamma_tf != dm_new_crtc_state->regamma_tf || > drm_atomic_crtc_needs_modeset(new_crtc_state)) { > - ret = amdgpu_dm_update_crtc_color_mgmt(dm_new_crtc_state); > + ret = amdgpu_dm_check_crtc_color_mgmt(dm_new_crtc_state, true); > if (ret) > goto fail; > } > diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h > index c18a6b43c76f6..42801caf57b69 100644 > --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h > +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h > @@ -1037,6 +1037,8 @@ void amdgpu_dm_init_color_mod(void); > int amdgpu_dm_create_color_properties(struct amdgpu_device *adev); > int amdgpu_dm_verify_lut_sizes(const struct drm_crtc_state *crtc_state); > int amdgpu_dm_update_crtc_color_mgmt(struct dm_crtc_state *crtc); > +int amdgpu_dm_check_crtc_color_mgmt(struct dm_crtc_state *crtc, > + bool check_only); > int amdgpu_dm_update_plane_color_mgmt(struct dm_crtc_state *crtc, > struct drm_plane_state *plane_state, > struct dc_plane_state *dc_plane_state); > diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_color.c b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_color.c > index c0dfe2d8b3bec..d4739b6334c24 100644 > --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_color.c > +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_color.c > @@ -566,12 +566,11 @@ static int __set_output_tf(struct dc_transfer_func *func, > return res ? 0 : -ENOMEM; > } > > -static int amdgpu_dm_set_atomic_regamma(struct dc_stream_state *stream, > +static int amdgpu_dm_set_atomic_regamma(struct dc_transfer_func *out_tf, > const struct drm_color_lut *regamma_lut, > uint32_t regamma_size, bool has_rom, > enum dc_transfer_func_predefined tf) > { > - struct dc_transfer_func *out_tf = &stream->out_transfer_func; > int ret = 0; > > if (regamma_size || tf != TRANSFER_FUNCTION_LINEAR) { > @@ -885,33 +884,33 @@ int amdgpu_dm_verify_lut_sizes(const struct drm_crtc_state *crtc_state) > } > > /** > - * amdgpu_dm_update_crtc_color_mgmt: Maps DRM color management to DC stream. > + * amdgpu_dm_check_crtc_color_mgmt: Check if DRM color props are programmable by DC. > * @crtc: amdgpu_dm crtc state > + * @check_only: only check color state without update dc stream > * > - * With no plane level color management properties we're free to use any > - * of the HW blocks as long as the CRTC CTM always comes before the > - * CRTC RGM and after the CRTC DGM. > - * > - * - The CRTC RGM block will be placed in the RGM LUT block if it is non-linear. > - * - The CRTC DGM block will be placed in the DGM LUT block if it is non-linear. > - * - The CRTC CTM will be placed in the gamut remap block if it is non-linear. > + * This function just verifies CRTC LUT sizes, if there is enough space for > + * output transfer function and if its parameters can be calculated by AMD > + * color module. It also adjusts some settings for programming CRTC degamma at > + * plane stage, using plane DGM block. > * > * The RGM block is typically more fully featured and accurate across > * all ASICs - DCE can't support a custom non-linear CRTC DGM. > * > * For supporting both plane level color management and CRTC level color > - * management at once we have to either restrict the usage of CRTC properties > - * or blend adjustments together. > + * management at once we have to either restrict the usage of some CRTC > + * properties or blend adjustments together. > * > * Returns: > - * 0 on success. Error code if setup fails. > + * 0 on success. Error code if validation fails. > */ > -int amdgpu_dm_update_crtc_color_mgmt(struct dm_crtc_state *crtc) > + > +int amdgpu_dm_check_crtc_color_mgmt(struct dm_crtc_state *crtc, > + bool check_only) > { > struct dc_stream_state *stream = crtc->stream; > struct amdgpu_device *adev = drm_to_adev(crtc->base.state->dev); > bool has_rom = adev->asic_type <= CHIP_RAVEN; > - struct drm_color_ctm *ctm = NULL; > + struct dc_transfer_func *out_tf; > const struct drm_color_lut *degamma_lut, *regamma_lut; > uint32_t degamma_size, regamma_size; > bool has_regamma, has_degamma; > @@ -940,6 +939,14 @@ int amdgpu_dm_update_crtc_color_mgmt(struct dm_crtc_state *crtc) > crtc->cm_has_degamma = false; > crtc->cm_is_degamma_srgb = false; > > + if (check_only) { > + out_tf = kvzalloc(sizeof(*out_tf), GFP_KERNEL); > + if (!out_tf) > + return -ENOMEM; > + } else { > + out_tf = &stream->out_transfer_func; > + } > + > /* Setup regamma and degamma. */ > if (is_legacy) { > /* > @@ -954,8 +961,8 @@ int amdgpu_dm_update_crtc_color_mgmt(struct dm_crtc_state *crtc) > * inverse color ramp in legacy userspace. > */ > crtc->cm_is_degamma_srgb = true; > - stream->out_transfer_func.type = TF_TYPE_DISTRIBUTED_POINTS; > - stream->out_transfer_func.tf = TRANSFER_FUNCTION_SRGB; > + out_tf->type = TF_TYPE_DISTRIBUTED_POINTS; > + out_tf->tf = TRANSFER_FUNCTION_SRGB; > /* > * Note: although we pass has_rom as parameter here, we never > * actually use ROM because the color module only takes the ROM > @@ -963,16 +970,12 @@ int amdgpu_dm_update_crtc_color_mgmt(struct dm_crtc_state *crtc) > * > * See more in mod_color_calculate_regamma_params() > */ > - r = __set_legacy_tf(&stream->out_transfer_func, regamma_lut, > + r = __set_legacy_tf(out_tf, regamma_lut, > regamma_size, has_rom); > - if (r) > - return r; > } else { > regamma_size = has_regamma ? regamma_size : 0; > - r = amdgpu_dm_set_atomic_regamma(stream, regamma_lut, > + r = amdgpu_dm_set_atomic_regamma(out_tf, regamma_lut, > regamma_size, has_rom, tf); > - if (r) > - return r; > } > > /* > @@ -981,6 +984,43 @@ int amdgpu_dm_update_crtc_color_mgmt(struct dm_crtc_state *crtc) > * have to place the CTM in the OCSC in that case. > */ > crtc->cm_has_degamma = has_degamma; > + if (check_only) > + kvfree(out_tf); > + > + return r; > +} > + > +/** > + * amdgpu_dm_update_crtc_color_mgmt: Maps DRM color management to DC stream. > + * @crtc: amdgpu_dm crtc state > + * > + * With no plane level color management properties we're free to use any > + * of the HW blocks as long as the CRTC CTM always comes before the > + * CRTC RGM and after the CRTC DGM. > + * > + * - The CRTC RGM block will be placed in the RGM LUT block if it is non-linear. > + * - The CRTC DGM block will be placed in the DGM LUT block if it is non-linear. > + * - The CRTC CTM will be placed in the gamut remap block if it is non-linear. > + * > + * The RGM block is typically more fully featured and accurate across > + * all ASICs - DCE can't support a custom non-linear CRTC DGM. > + * > + * For supporting both plane level color management and CRTC level color > + * management at once we have to either restrict the usage of CRTC properties > + * or blend adjustments together. > + * > + * Returns: > + * 0 on success. Error code if setup fails. > + */ > +int amdgpu_dm_update_crtc_color_mgmt(struct dm_crtc_state *crtc) > +{ > + struct dc_stream_state *stream = crtc->stream; > + struct drm_color_ctm *ctm = NULL; > + int ret; > + > + ret = amdgpu_dm_check_crtc_color_mgmt(crtc, false); > + if (ret) > + return ret; > > /* Setup CRTC CTM. */ > if (crtc->base.ctm) {

1 month, 1 week

2
1
0 0

[PATCH] drm/nouveau: set DMA mask before creating the flush page

by Timur Tabi

Set the DMA mask before calling nvkm_device_ctor(), so that when the flush page is created in nvkm_fb_ctor(), the allocation will not fail if the page is outside of DMA address space, which can easily happen if IOMMU is disable. In such situations, you will get an error like this: nouveau 0000:65:00.0: DMA addr 0x0000000107c56000+4096 overflow (mask ffffffff, bus limit 0). Commit 38f5359354d4 ("rm/nouveau/pci: set streaming DMA mask early") set the mask after calling nvkm_device_ctor(), but back then there was no flush page being created, which might explain why the mask wasn't set earlier. Flush page allocation was added in commit 5728d064190e ("drm/nouveau/fb: handle sysmem flush page from common code"). nvkm_fb_ctor() calls alloc_page(), which can allocate a page anywhere in system memory, but then calls dma_map_page() on that page. But since the DMA mask is still set to 32, the map can fail if the page is allocated above 4GB. This is easy to reproduce on systems with a lot of memory and IOMMU disabled. An alternative approach would be to force the allocation of the flush page to low memory, by specifying __GFP_DMA32. However, this would always allocate the page in low memory, even though the hardware can access high memory. Fixes: 5728d064190e ("drm/nouveau/fb: handle sysmem flush page from common code") Signed-off-by: Timur Tabi <ttabi(a)nvidia.com> --- .../gpu/drm/nouveau/nvkm/engine/device/pci.c | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nvkm/engine/device/pci.c b/drivers/gpu/drm/nouveau/nvkm/engine/device/pci.c index 8f0261a0d618..7cc5a7499583 100644 --- a/drivers/gpu/drm/nouveau/nvkm/engine/device/pci.c +++ b/drivers/gpu/drm/nouveau/nvkm/engine/device/pci.c @@ -1695,6 +1695,18 @@ nvkm_device_pci_new(struct pci_dev *pci_dev, const char *cfg, const char *dbg, *pdevice = &pdev->device; pdev->pdev = pci_dev; + /* Set DMA mask based on capabilities reported by the MMU subdev. */ + if (pdev->device.mmu && !pdev->device.pci->agp.bridge) + bits = pdev->device.mmu->dma_bits; + else + bits = 32; + + ret = dma_set_mask_and_coherent(&pci_dev->dev, DMA_BIT_MASK(bits)); + if (ret && bits != 32) { + dma_set_mask_and_coherent(&pci_dev->dev, DMA_BIT_MASK(32)); + pdev->device.mmu->dma_bits = 32; + } + ret = nvkm_device_ctor(&nvkm_device_pci_func, quirk, &pci_dev->dev, pci_is_pcie(pci_dev) ? NVKM_DEVICE_PCIE : pci_find_capability(pci_dev, PCI_CAP_ID_AGP) ? @@ -1708,17 +1720,5 @@ nvkm_device_pci_new(struct pci_dev *pci_dev, const char *cfg, const char *dbg, if (ret) return ret; - /* Set DMA mask based on capabilities reported by the MMU subdev. */ - if (pdev->device.mmu && !pdev->device.pci->agp.bridge) - bits = pdev->device.mmu->dma_bits; - else - bits = 32; - - ret = dma_set_mask_and_coherent(&pci_dev->dev, DMA_BIT_MASK(bits)); - if (ret && bits != 32) { - dma_set_mask_and_coherent(&pci_dev->dev, DMA_BIT_MASK(32)); - pdev->device.mmu->dma_bits = 32; - } - return 0; } base-commit: 18a7e218cfcdca6666e1f7356533e4c988780b57 -- 2.51.0

1 month, 1 week

3
5
0 0

[PATCH v2 02/13] KVM: SVM: Add missing save/restore handling of LBR MSRs

by Yosry Ahmed

MSR_IA32_DEBUGCTLMSR and LBR MSRs are currently not enumerated by KVM_GET_MSR_INDEX_LIST, and LBR MSRs cannot be set with KVM_SET_MSRS. So save/restore is completely broken. Fix it by adding the MSRs to msrs_to_save_base, and allowing writes to LBR MSRs from userspace only (as they are read-only MSRs). Additionally, to correctly restore L1's LBRs while L2 is running, make sure the LBRs are copied from the captured VMCB01 save area in svm_copy_vmrun_state(). Fixes: 24e09cbf480a ("KVM: SVM: enable LBR virtualization") Cc: stable(a)vger.kernel.org Reported-by: Jim Mattson <jmattson(a)google.com> Signed-off-by: Yosry Ahmed <yosry.ahmed(a)linux.dev> --- arch/x86/kvm/svm/nested.c | 3 +++ arch/x86/kvm/svm/svm.c | 20 ++++++++++++++++++++ arch/x86/kvm/x86.c | 3 +++ 3 files changed, 26 insertions(+) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index a37bd5c1f36fa..74211c5c68026 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -1055,6 +1055,9 @@ void svm_copy_vmrun_state(struct vmcb_save_area *to_save, to_save->isst_addr = from_save->isst_addr; to_save->ssp = from_save->ssp; } + + if (lbrv) + svm_copy_lbrs(to_save, from_save); } void svm_copy_vmloadsave_state(struct vmcb *to_vmcb, struct vmcb *from_vmcb) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 711276e8ee84f..af0e9c26527e3 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2983,6 +2983,26 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) vmcb_mark_dirty(svm->vmcb, VMCB_LBR); svm_update_lbrv(vcpu); break; + case MSR_IA32_LASTBRANCHFROMIP: + if (!msr->host_initiated) + return 1; + svm->vmcb->save.br_from = data; + break; + case MSR_IA32_LASTBRANCHTOIP: + if (!msr->host_initiated) + return 1; + svm->vmcb->save.br_to = data; + break; + case MSR_IA32_LASTINTFROMIP: + if (!msr->host_initiated) + return 1; + svm->vmcb->save.last_excp_from = data; + break; + case MSR_IA32_LASTINTTOIP: + if (!msr->host_initiated) + return 1; + svm->vmcb->save.last_excp_to = data; + break; case MSR_VM_HSAVE_PA: /* * Old kernels did not validate the value written to diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index c9c2aa6f4705e..9cb824f9cf644 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -348,6 +348,9 @@ static const u32 msrs_to_save_base[] = { MSR_IA32_U_CET, MSR_IA32_S_CET, MSR_IA32_PL0_SSP, MSR_IA32_PL1_SSP, MSR_IA32_PL2_SSP, MSR_IA32_PL3_SSP, MSR_IA32_INT_SSP_TAB, + MSR_IA32_DEBUGCTLMSR, + MSR_IA32_LASTBRANCHFROMIP, MSR_IA32_LASTBRANCHTOIP, + MSR_IA32_LASTINTFROMIP, MSR_IA32_LASTINTTOIP, }; static const u32 msrs_to_save_pmu[] = { -- 2.51.2.1041.gc1ab5b90ca-goog

1 month, 1 week

1
0
0 0

[PATCH v2 01/13] KVM: SVM: Switch svm_copy_lbrs() to a macro

by Yosry Ahmed

In preparation for using svm_copy_lbrs() with 'struct vmcb_save_area' without a containing 'struct vmcb', and later even 'struct vmcb_save_area_cached', make it a macro. Pull the call to vmcb_mark_dirty() out to the callers. Macros are generally not preferred compared to functions, mainly due to type-safety. However, in this case it seems like having a simple macro copying a few fields is better than copy-pasting the same 5 lines of code in different places. On the bright side, pulling vmcb_mark_dirty() calls to the callers makes it clear that in one case, vmcb_mark_dirty() was being called on VMCB12. It is not architecturally defined for the CPU to clear arbitrary clean bits, and it is not needed, so drop that one call. Technically fixes the non-architectural behavior of setting the dirty bit on VMCB12. Fixes: d20c796ca370 ("KVM: x86: nSVM: implement nested LBR virtualization") Cc: stable(a)vger.kernel.org Signed-off-by: Yosry Ahmed <yosry.ahmed(a)linux.dev> --- arch/x86/kvm/svm/nested.c | 16 ++++++++++------ arch/x86/kvm/svm/svm.c | 11 ----------- arch/x86/kvm/svm/svm.h | 10 +++++++++- 3 files changed, 19 insertions(+), 18 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index da6e80b3ac353..a37bd5c1f36fa 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -675,10 +675,12 @@ static void nested_vmcb02_prepare_save(struct vcpu_svm *svm, struct vmcb *vmcb12 * Reserved bits of DEBUGCTL are ignored. Be consistent with * svm_set_msr's definition of reserved bits. */ - svm_copy_lbrs(vmcb02, vmcb12); + svm_copy_lbrs(&vmcb02->save, &vmcb12->save); + vmcb_mark_dirty(vmcb02, VMCB_LBR); vmcb02->save.dbgctl &= ~DEBUGCTL_RESERVED_BITS; } else { - svm_copy_lbrs(vmcb02, vmcb01); + svm_copy_lbrs(&vmcb02->save, &vmcb01->save); + vmcb_mark_dirty(vmcb02, VMCB_LBR); } svm_update_lbrv(&svm->vcpu); } @@ -1184,10 +1186,12 @@ int nested_svm_vmexit(struct vcpu_svm *svm) kvm_make_request(KVM_REQ_EVENT, &svm->vcpu); if (unlikely(guest_cpu_cap_has(vcpu, X86_FEATURE_LBRV) && - (svm->nested.ctl.virt_ext & LBR_CTL_ENABLE_MASK))) - svm_copy_lbrs(vmcb12, vmcb02); - else - svm_copy_lbrs(vmcb01, vmcb02); + (svm->nested.ctl.virt_ext & LBR_CTL_ENABLE_MASK))) { + svm_copy_lbrs(&vmcb12->save, &vmcb02->save); + } else { + svm_copy_lbrs(&vmcb01->save, &vmcb02->save); + vmcb_mark_dirty(vmcb01, VMCB_LBR); + } svm_update_lbrv(vcpu); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 10c21e4c5406f..711276e8ee84f 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -795,17 +795,6 @@ static void svm_recalc_msr_intercepts(struct kvm_vcpu *vcpu) */ } -void svm_copy_lbrs(struct vmcb *to_vmcb, struct vmcb *from_vmcb) -{ - to_vmcb->save.dbgctl = from_vmcb->save.dbgctl; - to_vmcb->save.br_from = from_vmcb->save.br_from; - to_vmcb->save.br_to = from_vmcb->save.br_to; - to_vmcb->save.last_excp_from = from_vmcb->save.last_excp_from; - to_vmcb->save.last_excp_to = from_vmcb->save.last_excp_to; - - vmcb_mark_dirty(to_vmcb, VMCB_LBR); -} - static void __svm_enable_lbrv(struct kvm_vcpu *vcpu) { to_svm(vcpu)->vmcb->control.virt_ext |= LBR_CTL_ENABLE_MASK; diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index c856d8e0f95e7..f6fb70ddf7272 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -687,8 +687,16 @@ static inline void *svm_vcpu_alloc_msrpm(void) return svm_alloc_permissions_map(MSRPM_SIZE, GFP_KERNEL_ACCOUNT); } +#define svm_copy_lbrs(to, from) \ +({ \ + (to)->dbgctl = (from)->dbgctl; \ + (to)->br_from = (from)->br_from; \ + (to)->br_to = (from)->br_to; \ + (to)->last_excp_from = (from)->last_excp_from; \ + (to)->last_excp_to = (from)->last_excp_to; \ +}) + void svm_vcpu_free_msrpm(void *msrpm); -void svm_copy_lbrs(struct vmcb *to_vmcb, struct vmcb *from_vmcb); void svm_enable_lbrv(struct kvm_vcpu *vcpu); void svm_update_lbrv(struct kvm_vcpu *vcpu); -- 2.51.2.1041.gc1ab5b90ca-goog

1 month, 1 week

1
0
0 0

Your linux-stable-mirror@lists.linaro.org have 23 messages pending.

by lists.linaro.org Server Support

1 month, 1 week

1
0
0 0

Your linux-stable-mirror@lists.linaro.org have 24 messages pending.

by lists.linaro.org Server Support

1 month, 1 week

1
0
0 0

[PATCH AUTOSEL 6.17-6.12] drm/amdgpu: fix gpu page fault after hibernation on PF passthrough

by Sasha Levin

From: Samuel Zhang <guoqing.zhang(a)amd.com> [ Upstream commit eb6e7f520d6efa4d4ebf1671455abe4a681f7a05 ] On PF passthrough environment, after hibernate and then resume, coralgemm will cause gpu page fault. Mode1 reset happens during hibernate, but partition mode is not restored on resume, register mmCP_HYP_XCP_CTL and mmCP_PSP_XCP_CTL is not right after resume. When CP access the MQD BO, wrong stride size is used, this will cause out of bound access on the MQD BO, resulting page fault. The fix is to ensure gfx_v9_4_3_switch_compute_partition() is called when resume from a hibernation. KFD resume is called separately during a reset recovery or resume from suspend sequence. Hence it's not required to be called as part of partition switch. Signed-off-by: Samuel Zhang <guoqing.zhang(a)amd.com> Reviewed-by: Lijo Lazar <lijo.lazar(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> (cherry picked from commit 5d1b32cfe4a676fe552416cb5ae847b215463a1a) Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- LLM Generated explanations, may be completely bogus: Based on my comprehensive analysis using semantic code analysis tools and repository examination, here's my assessment: ## **BACKPORT DECISION: YES** ### Analysis Process and Findings: #### 1. **Semantic Analysis Tools Used:** - **mcp__semcode__find_function**: Located `aqua_vanjaram_switch_partition_mode`, `gfx_v9_4_3_cp_resume`, and `amdgpu_xcp_restore_partition_mode` - **mcp__semcode__find_callers**: Traced call graph showing `gfx_v9_4_3_cp_resume` is called during resume via `gfx_v9_4_3_hw_init` - **mcp__semcode__find_callchain**: Confirmed the resume path and analyzed impact scope - **mcp__semcode__find_type**: Examined `struct amdgpu_device` to verify `in_suspend` flag management - **WebSearch**: Found mailing list discussions showing multiple patch iterations (v2, v3, v4) - **Repository analysis**: Traced historical context and related commits #### 2. **Impact Analysis:** **Severity: HIGH** - This fixes GPU page faults that crash user workloads - **Hardware affected**: Aqua Vanjaram/MI300 series datacenter GPUs (gfx_v9_4_3, IP versions 9.4.4 and 9.5.0) - **Configuration**: PF passthrough environments (SR-IOV virtualization) - **Trigger**: User-space reachable via hibernation cycle + workload execution - **Root cause**: Out-of-bounds memory access on MQD (Memory Queue Descriptor) buffer object due to wrong CP register values (CP_HYP_XCP_CTL) #### 3. **Code Changes Analysis:** **Two minimal, targeted changes:** **Change 1** (drivers/gpu/drm/amd/amdgpu/aqua_vanjaram.c:410-411): ```c -if (adev->kfd.init_complete && !amdgpu_in_reset(adev)) +if (adev->kfd.init_complete && !amdgpu_in_reset(adev) && !adev->in_suspend) flags |= AMDGPU_XCP_OPS_KFD; ``` - Prevents KFD operations during suspend/hibernation - KFD resume is handled separately in the resume sequence **Change 2** (drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c:2295-2298): ```c +if (adev->in_suspend) + amdgpu_xcp_restore_partition_mode(adev->xcp_mgr); +else if (amdgpu_xcp_query_partition_mode(...) == AMDGPU_UNKNOWN_COMPUTE_PARTITION_MODE) ``` - Adds hibernation resume handling to restore partition mode - Uses existing `amdgpu_xcp_restore_partition_mode()` function (added in c45e38f21754b, Sept 2023) - Ensures CP registers get correct values on resume #### 4. **Scope and Dependencies:** - **Contained fix**: Only 3 lines changed across 2 files - **Existing infrastructure**: Depends on `amdgpu_xcp_restore_partition_mode()` which has been in the kernel since Sept 2023 - **Low coupling**: Changes are isolated to resume path, don't affect normal operation - **Call graph impact**: Minimal - only affects hibernation resume codepath #### 5. **Stable Tree Compliance:** ✅ **Bug fix**: Yes - fixes GPU page faults ✅ **Small and contained**: 3-line change ✅ **No new features**: Uses existing restore function ✅ **No architectural changes**: Follows pattern from c45e38f21754b ❌ **Stable tags**: No "Fixes:" or "Cc: stable@" tags present However, the absence of stable tags appears to be an oversight given the severity. #### 6. **Risk Assessment:** **Low regression risk:** - Only affects specific hardware (Aqua Vanjaram GPUs) - Only impacts PF passthrough configuration - Only touches hibernation resume path - Multiple patch iterations suggest thorough testing - Builds on proven pattern from 2023 reset handling #### 7. **Historical Context:** - Part of ongoing partition mode fixes (multiple related commits in 2024-2025) - Web search revealed extensive mailing list discussion - Multiple patch versions (v2, v3, v4) indicate careful upstream review - Targeted for drm-next-6.19 ### Conclusion: This commit **SHOULD be backported** because it: 1. Fixes a serious user-visible bug (GPU crashes from page faults) 2. Has minimal code changes with low regression risk 3. Affects critical datacenter hardware (MI300 series) 4. Is well-tested with multiple upstream review cycles 5. Follows established architectural patterns 6. Is confined to a specific use case, limiting blast radius The fix is essential for users running AMD MI300 GPUs in virtualized environments with hibernation support. drivers/gpu/drm/amd/amdgpu/aqua_vanjaram.c | 3 ++- drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/amd/amdgpu/aqua_vanjaram.c b/drivers/gpu/drm/amd/amdgpu/aqua_vanjaram.c index 811124ff88a88..f9e2edf5260bc 100644 --- a/drivers/gpu/drm/amd/amdgpu/aqua_vanjaram.c +++ b/drivers/gpu/drm/amd/amdgpu/aqua_vanjaram.c @@ -407,7 +407,8 @@ static int aqua_vanjaram_switch_partition_mode(struct amdgpu_xcp_mgr *xcp_mgr, return -EINVAL; } - if (adev->kfd.init_complete && !amdgpu_in_reset(adev)) + if (adev->kfd.init_complete && !amdgpu_in_reset(adev) && + !adev->in_suspend) flags |= AMDGPU_XCP_OPS_KFD; if (flags & AMDGPU_XCP_OPS_KFD) { diff --git a/drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c b/drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c index 51babf5c78c86..02c69ffd05837 100644 --- a/drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c +++ b/drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c @@ -2292,7 +2292,9 @@ static int gfx_v9_4_3_cp_resume(struct amdgpu_device *adev) r = amdgpu_xcp_init(adev->xcp_mgr, num_xcp, mode); } else { - if (amdgpu_xcp_query_partition_mode(adev->xcp_mgr, + if (adev->in_suspend) + amdgpu_xcp_restore_partition_mode(adev->xcp_mgr); + else if (amdgpu_xcp_query_partition_mode(adev->xcp_mgr, AMDGPU_XCP_FL_NONE) == AMDGPU_UNKNOWN_COMPUTE_PARTITION_MODE) r = amdgpu_xcp_switch_partition_mode( -- 2.51.0

1 month, 1 week

1
5
0 0

[PATCH 4/6] KVM: SVM: Switch svm_copy_lbrs() to a macro

by Yosry Ahmed

In preparation for using svm_copy_lbrs() with 'struct vmcb_save_area' without a containing 'struct vmcb', and later even 'struct vmcb_save_area_cached', make it a macro. Pull the call to vmcb_mark_dirty() out to the callers. Macros are generally not preferred compared to functions, mainly due to type-safety. However, in this case it seems like having a simple macro copying a few fields is better than copy-pasting the same 5 lines of code in different places. On the bright side, pulling vmcb_mark_dirty() calls to the callers makes it clear that in one case, vmcb_mark_dirty() was being called on VMCB12. It is not architecturally defined for the CPU to clear arbitrary clean bits, and it is not needed, so drop that one call. Technically fixes the non-architectural behavior of setting the dirty bit on VMCB12. Fixes: d20c796ca370 ("KVM: x86: nSVM: implement nested LBR virtualization") Cc: stable(a)vger.kernel.org Signed-off-by: Yosry Ahmed <yosry.ahmed(a)linux.dev> --- arch/x86/kvm/svm/nested.c | 16 ++++++++++------ arch/x86/kvm/svm/svm.c | 11 ----------- arch/x86/kvm/svm/svm.h | 10 +++++++++- 3 files changed, 19 insertions(+), 18 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index c81005b245222..e7861392f2fcd 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -676,10 +676,12 @@ static void nested_vmcb02_prepare_save(struct vcpu_svm *svm, struct vmcb *vmcb12 * Reserved bits of DEBUGCTL are ignored. Be consistent with * svm_set_msr's definition of reserved bits. */ - svm_copy_lbrs(vmcb02, vmcb12); + svm_copy_lbrs(&vmcb02->save, &vmcb12->save); + vmcb_mark_dirty(vmcb02, VMCB_LBR); vmcb02->save.dbgctl &= ~DEBUGCTL_RESERVED_BITS; } else { - svm_copy_lbrs(vmcb02, vmcb01); + svm_copy_lbrs(&vmcb02->save, &vmcb01->save); + vmcb_mark_dirty(vmcb02, VMCB_LBR); } svm_update_lbrv(&svm->vcpu); } @@ -1186,10 +1188,12 @@ int nested_svm_vmexit(struct vcpu_svm *svm) kvm_make_request(KVM_REQ_EVENT, &svm->vcpu); if (unlikely(guest_cpu_cap_has(vcpu, X86_FEATURE_LBRV) && - (svm->nested.ctl.virt_ext & LBR_CTL_ENABLE_MASK))) - svm_copy_lbrs(vmcb12, vmcb02); - else - svm_copy_lbrs(vmcb01, vmcb02); + (svm->nested.ctl.virt_ext & LBR_CTL_ENABLE_MASK))) { + svm_copy_lbrs(&vmcb12->save, &vmcb02->save); + } else { + svm_copy_lbrs(&vmcb01->save, &vmcb02->save); + vmcb_mark_dirty(vmcb01, VMCB_LBR); + } svm_update_lbrv(vcpu); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index fc42bcdbb5200..9eb112f0e61f0 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -795,17 +795,6 @@ static void svm_recalc_msr_intercepts(struct kvm_vcpu *vcpu) */ } -void svm_copy_lbrs(struct vmcb *to_vmcb, struct vmcb *from_vmcb) -{ - to_vmcb->save.dbgctl = from_vmcb->save.dbgctl; - to_vmcb->save.br_from = from_vmcb->save.br_from; - to_vmcb->save.br_to = from_vmcb->save.br_to; - to_vmcb->save.last_excp_from = from_vmcb->save.last_excp_from; - to_vmcb->save.last_excp_to = from_vmcb->save.last_excp_to; - - vmcb_mark_dirty(to_vmcb, VMCB_LBR); -} - static void __svm_enable_lbrv(struct kvm_vcpu *vcpu) { to_svm(vcpu)->vmcb->control.virt_ext |= LBR_CTL_ENABLE_MASK; diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index c2acaa49ee1c5..e510c8183bd87 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -687,8 +687,16 @@ static inline void *svm_vcpu_alloc_msrpm(void) return svm_alloc_permissions_map(MSRPM_SIZE, GFP_KERNEL_ACCOUNT); } +#define svm_copy_lbrs(to, from) \ +({ \ + (to)->dbgctl = (from)->dbgctl; \ + (to)->br_from = (from)->br_from; \ + (to)->br_to = (from)->br_to; \ + (to)->last_excp_from = (from)->last_excp_from; \ + (to)->last_excp_to = (from)->last_excp_to; \ +}) + void svm_vcpu_free_msrpm(void *msrpm); -void svm_copy_lbrs(struct vmcb *to_vmcb, struct vmcb *from_vmcb); void svm_enable_lbrv(struct kvm_vcpu *vcpu); void svm_update_lbrv(struct kvm_vcpu *vcpu); -- 2.51.2.1041.gc1ab5b90ca-goog

1 month, 1 week

3
3
0 0

Gestiona el desempeño con objetivos claros y medibles

by Luis Ramírez

Gestiona el desempeño con Vorecol body { margin: 0; padding: 0; font-family: Arial, Helvetica, sans-serif; font-size: 14px; color: #333; background-color: #ffffff; } table { border-spacing: 0; width: 100%; max-width: 600px; margin: auto; } td { padding: 12px 20px; } a { color: #1a73e8; text-decoration: none; } .footer { font-size: 12px; color: #888888; text-align: center; } Mejora la gestión del desempeño y talento con Vorecol Performance Management. Hola , Gestionar el desempeño de tu equipo puede ser más sencillo y efectivo con las herramientas adecuadas. Sin un buen sistema, es difícil identificar, desarrollar y retener a los mejores colaboradores. El módulo de Performance Management de Vorecol te ofrece una solución completa para medir y potenciar el talento en tu organización. Con este módulo puedes: Evaluar el desempeño y potencial de tus colaboradores con la matriz Nine Box para tomar mejores decisiones. Establecer y seguir objetivos claros usando la metodología SMART, alineados con las prioridades de tu empresa. Ajustar el sistema según lo que necesites, desde manejar los periodos hasta recibir notificaciones, todo fácil de usar. Además, contarás con soporte técnico y capacitación especializada para resolver cualquier duda y aprovechar al máximo la herramienta. Aprovecha el Buen Fin del 1 al 22 de noviembre con hasta 15% de descuento y descubre cómo mejorar la gestión del desempeño en tu equipo. Si quieres conocer más, responde este correo o contáctame directamente. Saludos, -------------- Atte.: Luis Ramírez Ciudad de México: (55) 5018 0565 WhatsApp: +52 33 1607 2089 Si no deseas recibir más correos, haz clic aquí para darte de baja. Para remover su dirección de esta lista haga <a href="https://s1.arrobamail.com/unsuscribe.php?id=yiwtsrewiswqwqseup">click aquí</a>

1 month, 1 week

1
0
0 0

Re: Patch "net: ionic: add dma_wmb() before ringing TX doorbell" has been added to the 6.12-stable tree

by Brett Creeley

On 11/8/2025 9:26 AM, Sasha Levin wrote: > Caution: This message originated from an External Source. Use proper caution when opening attachments, clicking links, or responding. > > > This is a note to let you know that I've just added the patch titled > > net: ionic: add dma_wmb() before ringing TX doorbell > > to the 6.12-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > net-ionic-add-dma_wmb-before-ringing-tx-doorbell.patch > and it can be found in the queue-6.12 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. > > > > commit 05587f91cc2e8b071605aeef6442d2acf6e627c9 > Author: Mohammad Heib <mheib(a)redhat.com> > Date: Fri Oct 31 17:52:02 2025 +0200 > > net: ionic: add dma_wmb() before ringing TX doorbell > > [ Upstream commit d261f5b09c28850dc63ca1d3018596f829f402d5 ] > > The TX path currently writes descriptors and then immediately writes to > the MMIO doorbell register to notify the NIC. On weakly ordered > architectures, descriptor writes may still be pending in CPU or DMA > write buffers when the doorbell is issued, leading to the device > fetching stale or incomplete descriptors. > > Add a dma_wmb() in ionic_txq_post() to ensure all descriptor writes are > visible to the device before the doorbell MMIO write. > > Fixes: 0f3154e6bcb3 ("ionic: Add Tx and Rx handling") > Signed-off-by: Mohammad Heib <mheib(a)redhat.com> > Link: https://patch.msgid.link/20251031155203.203031-1-mheib@redhat.com > Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> > Signed-off-by: Sasha Levin <sashal(a)kernel.org> > > diff --git a/drivers/net/ethernet/pensando/ionic/ionic_txrx.c b/drivers/net/ethernet/pensando/ionic/ionic_txrx.c > index 0f5758c273c22..3a094d3ea6f4f 100644 > --- a/drivers/net/ethernet/pensando/ionic/ionic_txrx.c > +++ b/drivers/net/ethernet/pensando/ionic/ionic_txrx.c > @@ -29,6 +29,10 @@ static void ionic_tx_clean(struct ionic_queue *q, > > static inline void ionic_txq_post(struct ionic_queue *q, bool ring_dbell) > { > + /* Ensure TX descriptor writes reach memory before NIC reads them. > + * Prevents device from fetching stale descriptors. > + */ > + dma_wmb(); > ionic_q_post(q, ring_dbell); > } > I posted on the original patch, but I will post here as well. Apologies for the late and duplicate response, but it's not clear to me why this is necessary. In other vendors the "doorbell record" (dbr) is writing another location in system memory, not an mmio write. These cases do use a dma_wmb(). Why isn't the writeq() sufficient in our case? According to Documentation/memory-barriers.txt it seems like writeq() should be sufficient. Thanks, Brett

1 month, 1 week

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror