From: Chris Wilson <chris@chris-wilson.co.uk>
To: intel-gfx@lists.freedesktop.org
Cc: tvrtko.ursulin@intel.com, thomas.hellstrom@intel.com,
Chris Wilson <chris@chris-wilson.co.uk>,
CQ Tang <cq.tang@intel.com>,
stable@vger.kernel.org,
Mika Kuoppala <mika.kuoppala@linux.intel.com>
Subject: [PATCH 21/21] drm/i915/gem: Delay tracking the GEM context until it is registered
Date: Thu, 30 Jul 2020 10:37:56 +0100 [thread overview]
Message-ID: <20200730093756.16737-22-chris@chris-wilson.co.uk> (raw)
In-Reply-To: <20200730093756.16737-1-chris@chris-wilson.co.uk>
Avoid exposing a partially constructed context by deferring the
list_add() from the initial construction to the end of registration.
Otherwise, if we peek into the list of contexts from inside debugfs, we
may see the partially constructed context and chase down some dangling
incomplete pointers.
Reported-by: CQ Tang <cq.tang@intel.com>
Fixes: 3aa9945a528e ("drm/i915: Separate GEM context construction and registration to userspace")
References: f6e8aa387171 ("drm/i915: Report the number of closed vma held by each context in debugfs")
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Cc: Tvrtko Ursulin <tvrtko.ursulin@intel.com>
Cc: CQ Tang <cq.tang@intel.com>
Cc: <stable@vger.kernel.org> # v5.2+
Reviewed-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
---
drivers/gpu/drm/i915/gem/i915_gem_context.c | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
diff --git a/drivers/gpu/drm/i915/gem/i915_gem_context.c b/drivers/gpu/drm/i915/gem/i915_gem_context.c
index f43f0ca4eec9..d308cefb2b34 100644
--- a/drivers/gpu/drm/i915/gem/i915_gem_context.c
+++ b/drivers/gpu/drm/i915/gem/i915_gem_context.c
@@ -713,6 +713,7 @@ __create_context(struct drm_i915_private *i915)
ctx->i915 = i915;
ctx->sched.priority = I915_USER_PRIORITY(I915_PRIORITY_NORMAL);
mutex_init(&ctx->mutex);
+ INIT_LIST_HEAD(&ctx->link);
spin_lock_init(&ctx->stale.lock);
INIT_LIST_HEAD(&ctx->stale.engines);
@@ -740,10 +741,6 @@ __create_context(struct drm_i915_private *i915)
for (i = 0; i < ARRAY_SIZE(ctx->hang_timestamp); i++)
ctx->hang_timestamp[i] = jiffies - CONTEXT_FAST_HANG_JIFFIES;
- spin_lock(&i915->gem.contexts.lock);
- list_add_tail(&ctx->link, &i915->gem.contexts.list);
- spin_unlock(&i915->gem.contexts.lock);
-
return ctx;
err_free:
@@ -936,6 +933,7 @@ static int gem_context_register(struct i915_gem_context *ctx,
struct drm_i915_file_private *fpriv,
u32 *id)
{
+ struct drm_i915_private *i915 = ctx->i915;
struct i915_address_space *vm;
int ret;
@@ -954,8 +952,16 @@ static int gem_context_register(struct i915_gem_context *ctx,
/* And finally expose ourselves to userspace via the idr */
ret = xa_alloc(&fpriv->context_xa, id, ctx, xa_limit_32b, GFP_KERNEL);
if (ret)
- put_pid(fetch_and_zero(&ctx->pid));
+ goto err_pid;
+
+ spin_lock(&i915->gem.contexts.lock);
+ list_add_tail(&ctx->link, &i915->gem.contexts.list);
+ spin_unlock(&i915->gem.contexts.lock);
+
+ return 0;
+err_pid:
+ put_pid(fetch_and_zero(&ctx->pid));
return ret;
}
--
2.20.1
WARNING: multiple messages have this Message-ID (diff)
From: Chris Wilson <chris@chris-wilson.co.uk>
To: intel-gfx@lists.freedesktop.org
Cc: stable@vger.kernel.org, Chris Wilson <chris@chris-wilson.co.uk>,
thomas.hellstrom@intel.com
Subject: [Intel-gfx] [PATCH 21/21] drm/i915/gem: Delay tracking the GEM context until it is registered
Date: Thu, 30 Jul 2020 10:37:56 +0100 [thread overview]
Message-ID: <20200730093756.16737-22-chris@chris-wilson.co.uk> (raw)
In-Reply-To: <20200730093756.16737-1-chris@chris-wilson.co.uk>
Avoid exposing a partially constructed context by deferring the
list_add() from the initial construction to the end of registration.
Otherwise, if we peek into the list of contexts from inside debugfs, we
may see the partially constructed context and chase down some dangling
incomplete pointers.
Reported-by: CQ Tang <cq.tang@intel.com>
Fixes: 3aa9945a528e ("drm/i915: Separate GEM context construction and registration to userspace")
References: f6e8aa387171 ("drm/i915: Report the number of closed vma held by each context in debugfs")
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Cc: Tvrtko Ursulin <tvrtko.ursulin@intel.com>
Cc: CQ Tang <cq.tang@intel.com>
Cc: <stable@vger.kernel.org> # v5.2+
Reviewed-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
---
drivers/gpu/drm/i915/gem/i915_gem_context.c | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
diff --git a/drivers/gpu/drm/i915/gem/i915_gem_context.c b/drivers/gpu/drm/i915/gem/i915_gem_context.c
index f43f0ca4eec9..d308cefb2b34 100644
--- a/drivers/gpu/drm/i915/gem/i915_gem_context.c
+++ b/drivers/gpu/drm/i915/gem/i915_gem_context.c
@@ -713,6 +713,7 @@ __create_context(struct drm_i915_private *i915)
ctx->i915 = i915;
ctx->sched.priority = I915_USER_PRIORITY(I915_PRIORITY_NORMAL);
mutex_init(&ctx->mutex);
+ INIT_LIST_HEAD(&ctx->link);
spin_lock_init(&ctx->stale.lock);
INIT_LIST_HEAD(&ctx->stale.engines);
@@ -740,10 +741,6 @@ __create_context(struct drm_i915_private *i915)
for (i = 0; i < ARRAY_SIZE(ctx->hang_timestamp); i++)
ctx->hang_timestamp[i] = jiffies - CONTEXT_FAST_HANG_JIFFIES;
- spin_lock(&i915->gem.contexts.lock);
- list_add_tail(&ctx->link, &i915->gem.contexts.list);
- spin_unlock(&i915->gem.contexts.lock);
-
return ctx;
err_free:
@@ -936,6 +933,7 @@ static int gem_context_register(struct i915_gem_context *ctx,
struct drm_i915_file_private *fpriv,
u32 *id)
{
+ struct drm_i915_private *i915 = ctx->i915;
struct i915_address_space *vm;
int ret;
@@ -954,8 +952,16 @@ static int gem_context_register(struct i915_gem_context *ctx,
/* And finally expose ourselves to userspace via the idr */
ret = xa_alloc(&fpriv->context_xa, id, ctx, xa_limit_32b, GFP_KERNEL);
if (ret)
- put_pid(fetch_and_zero(&ctx->pid));
+ goto err_pid;
+
+ spin_lock(&i915->gem.contexts.lock);
+ list_add_tail(&ctx->link, &i915->gem.contexts.list);
+ spin_unlock(&i915->gem.contexts.lock);
+
+ return 0;
+err_pid:
+ put_pid(fetch_and_zero(&ctx->pid));
return ret;
}
--
2.20.1
_______________________________________________
Intel-gfx mailing list
Intel-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/intel-gfx
next prev parent reply other threads:[~2020-07-30 9:38 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-30 9:37 [Intel-gfx] Breadcrumbs fixes and stall avoidance Chris Wilson
2020-07-30 9:37 ` [Intel-gfx] [PATCH 01/21] drm/i915: Add a couple of missing i915_active_fini() Chris Wilson
2020-07-30 9:37 ` [Intel-gfx] [PATCH 02/21] drm/i915: Skip taking acquire mutex for no ref->active callback Chris Wilson
2020-07-30 9:37 ` [Intel-gfx] [PATCH 03/21] drm/i915: Export a preallocate variant of i915_active_acquire() Chris Wilson
2020-07-31 7:33 ` Thomas Hellström (Intel)
2020-07-30 9:37 ` [Intel-gfx] [PATCH 04/21] drm/i915: Keep the most recently used active-fence upon discard Chris Wilson
2020-07-30 9:37 ` [Intel-gfx] [PATCH 05/21] drm/i915: Make the stale cached active node available for any timeline Chris Wilson
2020-07-30 9:37 ` [Intel-gfx] [PATCH 06/21] drm/i915: Reduce locking around i915_active_acquire_preallocate_barrier() Chris Wilson
2020-07-31 7:39 ` Thomas Hellström (Intel)
2020-07-30 9:37 ` [Intel-gfx] [PATCH 07/21] drm/i915: Provide a fastpath for waiting on vma bindings Chris Wilson
2020-07-30 9:37 ` [Intel-gfx] [PATCH 08/21] drm/i915/gem: Reduce ctx->engine_mutex for reading the clone source Chris Wilson
2020-07-30 9:37 ` [Intel-gfx] [PATCH 09/21] drm/i915/gem: Reduce ctx->engines_mutex for get_engines() Chris Wilson
2020-07-30 9:37 ` [Intel-gfx] [PATCH 10/21] drm/i915: Remove requirement for holding i915_request.lock for breadcrumbs Chris Wilson
2020-07-30 9:37 ` [Intel-gfx] [PATCH 11/21] drm/i915/gt: Replace intel_engine_transfer_stale_breadcrumbs Chris Wilson
2020-07-30 9:37 ` [Intel-gfx] [PATCH 12/21] drm/i915/gt: Only transfer the virtual context to the new engine if active Chris Wilson
2020-07-30 9:37 ` [Intel-gfx] [PATCH 13/21] drm/i915/gt: Distinguish the virtual breadcrumbs from the irq breadcrumbs Chris Wilson
2020-07-31 14:53 ` Tvrtko Ursulin
2020-07-30 9:37 ` [Intel-gfx] [PATCH 14/21] drm/i915/gt: Move intel_breadcrumbs_arm_irq earlier Chris Wilson
2020-07-30 9:37 ` [Intel-gfx] [PATCH 15/21] drm/i915/gt: Hold context/request reference while breadcrumbs are active Chris Wilson
2020-07-30 9:37 ` [Intel-gfx] [PATCH 16/21] drm/i915/gt: Track signaled breadcrumbs outside of the breadcrumb spinlock Chris Wilson
2020-07-31 15:06 ` Tvrtko Ursulin
2020-07-31 15:12 ` Chris Wilson
2020-07-31 15:21 ` Chris Wilson
2020-07-31 16:06 ` Tvrtko Ursulin
2020-07-31 17:59 ` Chris Wilson
2020-07-31 15:32 ` Tvrtko Ursulin
2020-07-30 9:37 ` [Intel-gfx] [PATCH 17/21] drm/i915/gt: Protect context lifetime with RCU Chris Wilson
2020-07-31 15:15 ` Tvrtko Ursulin
2020-07-31 15:24 ` Chris Wilson
2020-07-31 15:45 ` Tvrtko Ursulin
2020-07-30 9:37 ` [Intel-gfx] [PATCH 18/21] drm/i915/gt: Split the breadcrumb spinlock between global and contexts Chris Wilson
2020-07-30 9:37 ` [Intel-gfx] [PATCH 19/21] drm/i915: Drop i915_request.lock serialisation around await_start Chris Wilson
2020-07-30 9:37 ` [Intel-gfx] [PATCH 20/21] drm/i915: Drop i915_request.lock requirement for intel_rps_boost() Chris Wilson
2020-07-30 9:37 ` Chris Wilson [this message]
2020-07-30 9:37 ` [Intel-gfx] [PATCH 21/21] drm/i915/gem: Delay tracking the GEM context until it is registered Chris Wilson
2020-07-30 13:45 ` [Intel-gfx] ✗ Fi.CI.CHECKPATCH: warning for series starting with [01/21] drm/i915: Add a couple of missing i915_active_fini() Patchwork
2020-07-30 13:46 ` [Intel-gfx] ✗ Fi.CI.SPARSE: " Patchwork
2020-07-30 14:04 ` [Intel-gfx] ✓ Fi.CI.BAT: success " Patchwork
2020-07-30 19:20 ` [Intel-gfx] ✓ Fi.CI.IGT: " Patchwork
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200730093756.16737-22-chris@chris-wilson.co.uk \
--to=chris@chris-wilson.co.uk \
--cc=cq.tang@intel.com \
--cc=intel-gfx@lists.freedesktop.org \
--cc=mika.kuoppala@linux.intel.com \
--cc=stable@vger.kernel.org \
--cc=thomas.hellstrom@intel.com \
--cc=tvrtko.ursulin@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.