If drmPrimeFDToHandle fails in etna_bo_from_dmabuf, the function must
not return with the table_lock mutex held. There is no reason to call
drmPrimeFDToHandle under that lock, so just take the lock after trying
to obtain the handle.
Based on ceb70a6b1015 ("freedreno: prevent deadlock in error path").
Signed-off-by: Philipp Zabel <p.zabel@xxxxxxxxxxxxxx>
---
v2: keep lock around drmPrimeFDToHandle call
---
etnaviv/etnaviv_bo.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/etnaviv/etnaviv_bo.c b/etnaviv/etnaviv_bo.c
index 0cc3ab97..86fb894b 100644
--- a/etnaviv/etnaviv_bo.c
+++ b/etnaviv/etnaviv_bo.c
@@ -225,10 +225,15 @@ struct etna_bo *etna_bo_from_dmabuf(struct etna_device *dev, int fd)
int ret, size;
uint32_t handle;
+ /* take the lock before calling drmPrimeFDToHandle to avoid
+ * racing against etna_bo_del, which might invalidate the
+ * returned handle.
+ */
pthread_mutex_lock(&table_lock);
ret = drmPrimeFDToHandle(dev->fd, fd, &handle);
if (ret) {
+ pthread_mutex_unlock(&table_lock);
return NULL;
}
--
2.11.0
_______________________________________________
dri-devel mailing list
dri-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/dri-devel
