From: "Christian König" <ckoenig.leichtzumerken@gmail.com>
To: hridya@google.com, john.stultz@linaro.org,
dri-devel@lists.freedesktop.org, linaro-mm-sig@lists.linaro.org,
gustavo@padovan.org, linux-media@vger.kernel.org,
adelva@google.com, sspatil@google.com, daniel@ffwll.ch
Subject: [PATCH 2/2] dma-buf: taint the kernel on sw_sync use
Date: Wed, 18 Aug 2021 12:54:43 +0200 [thread overview]
Message-ID: <20210818105443.1578-2-christian.koenig@amd.com> (raw)
In-Reply-To: <20210818105443.1578-1-christian.koenig@amd.com>
As we now knew allowing userspace control over dma_fence synchronization
is fundamentally broken and can cause deadlocks inside the kernel memory
management.
Because of this harden the wording for CONFIG_SW_SYNC and taint the kernel
as soon as it is used.
Signed-off-by: Christian König <christian.koenig@amd.com>
---
drivers/dma-buf/Kconfig | 5 +++--
drivers/dma-buf/sw_sync.c | 5 ++++-
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/drivers/dma-buf/Kconfig b/drivers/dma-buf/Kconfig
index 9561e3d2d428..61e0f3c5ba8b 100644
--- a/drivers/dma-buf/Kconfig
+++ b/drivers/dma-buf/Kconfig
@@ -27,8 +27,9 @@ config SW_SYNC
synchronization. Useful when there is no hardware primitive backing
the synchronization.
- WARNING: improper use of this can result in deadlocking kernel
- drivers from userspace. Intended for test and debug only.
+ WARNING: improper use of this can result in deadlocking the kernel
+ memory management from userspace. Intended for test and debug only.
+ Use at your own risk.
config UDMABUF
bool "userspace dmabuf misc driver"
diff --git a/drivers/dma-buf/sw_sync.c b/drivers/dma-buf/sw_sync.c
index 348b3a9170fa..c2bcb9062f51 100644
--- a/drivers/dma-buf/sw_sync.c
+++ b/drivers/dma-buf/sw_sync.c
@@ -286,7 +286,8 @@ static struct sync_pt *sync_pt_create(struct sync_timeline *obj,
/*
* *WARNING*
*
- * improper use of this can result in deadlocking kernel drivers from userspace.
+ * improper use of this can result in deadlocking kernel memory management
+ * from userspace.
*/
/* opening sw_sync create a new sync obj */
@@ -295,6 +296,8 @@ static int sw_sync_debugfs_open(struct inode *inode, struct file *file)
struct sync_timeline *obj;
char task_comm[TASK_COMM_LEN];
+ add_taint(TAINT_SOFTLOCKUP, LOCKDEP_STILL_OK);
+
get_task_comm(task_comm, current);
obj = sync_timeline_create(task_comm);
--
2.25.1
next prev parent reply other threads:[~2021-08-18 10:54 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-18 10:54 [PATCH 1/2] dma-buf: nuke DMA_FENCE_TRACE macros v2 Christian König
2021-08-18 10:54 ` Christian König [this message]
2021-08-24 8:12 ` Christian König
2021-08-26 8:55 ` Daniel Vetter
2021-08-27 9:07 ` Christian König
2021-08-27 20:23 ` Daniel Vetter
2021-08-30 6:28 ` Christian König
2021-08-31 12:30 ` Daniel Vetter
2021-08-31 12:39 ` Christian König
2021-08-31 12:44 ` Daniel Vetter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210818105443.1578-2-christian.koenig@amd.com \
--to=ckoenig.leichtzumerken@gmail.com \
--cc=adelva@google.com \
--cc=daniel@ffwll.ch \
--cc=dri-devel@lists.freedesktop.org \
--cc=gustavo@padovan.org \
--cc=hridya@google.com \
--cc=john.stultz@linaro.org \
--cc=linaro-mm-sig@lists.linaro.org \
--cc=linux-media@vger.kernel.org \
--cc=sspatil@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.