On Wed, Oct 30, 2019 at 11:01:46AM +0100, Johan Hovold wrote:
On Thu, Oct 10, 2019 at 03:13:30PM +0200, Johan Hovold wrote:
If a process is interrupted while accessing the "gpu" debugfs file and the drm device struct_mutex is contended, release() could return early and fail to free related resources.
Note that the return value from release() is ignored.
Fixes: 4f776f4511c7 ("drm/msm/gpu: Convert the GPU show function to use the GPU state") Cc: stable stable@vger.kernel.org # 4.18 Cc: Jordan Crouse jcrouse@codeaurora.org Cc: Rob Clark robdclark@gmail.com Signed-off-by: Johan Hovold johan@kernel.org
Rob, Sean,
Sending a reminder about this one, which is not yet in linux-next.
Perhaps Daniel can pick it up otherwise?
Another two weeks, another reminder. This one is still not in -next.
Johan
drivers/gpu/drm/msm/msm_debugfs.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/drivers/gpu/drm/msm/msm_debugfs.c b/drivers/gpu/drm/msm/msm_debugfs.c index 6be879578140..1c74381a4fc9 100644 --- a/drivers/gpu/drm/msm/msm_debugfs.c +++ b/drivers/gpu/drm/msm/msm_debugfs.c @@ -47,12 +47,8 @@ static int msm_gpu_release(struct inode *inode, struct file *file) struct msm_gpu_show_priv *show_priv = m->private; struct msm_drm_private *priv = show_priv->dev->dev_private; struct msm_gpu *gpu = priv->gpu;
- int ret;
- ret = mutex_lock_interruptible(&show_priv->dev->struct_mutex);
- if (ret)
return ret;
- mutex_lock(&show_priv->dev->struct_mutex); gpu->funcs->gpu_state_put(show_priv->state); mutex_unlock(&show_priv->dev->struct_mutex);