Hi,
Seems that Intel-gfx CI still doesn't like what's going on, so I updated
the series to remove more recursive locking again.
Note: patch 5 touches a number of files, including the Intel and VMware
drivers, but most changes are simply switching a function call to the
appropriate locked/unlocked version.
Overall, this series fixes races with modesetting rights, converts
drm_device.master_mutex into master_rwsem, and removes
drm_file.master_lookup_lock.
- Patch 1: Fix a potential null ptr dereference in drm_master_release
- Patch 2: Convert master_mutex into rwsem (avoids creating a new lock)
- Patch 3: Update global mutex locking in the ioctl handler (avoids
deadlock when grabbing read lock on master_rwsem in drm_ioctl_kernel)
- Patch 4: Plug races with drm modesetting rights
- Patch 5: Modify drm_mode_object_find to fix potential recursive
locking of master_rwsem and lock inversions between modeset_mutex and
master_rwsem
- Patch 6: Remove remaining potential recursive locking of master_rwsem
and lock inversions between modeset_mutex and master_rwsem from calling
drm_lease_held
- Patch 7: Replace master_lookup_lock with master_rwsem
v7 -> v8:
- Avoid calling drm_lease_held in drm_mode_setcrtc and
drm_wait_vblank_ioctl, caught by Intel-gfx CI (patch 6)
v6 -> v7:
- Export __drm_mode_object_find for loadable modules, caught by the
Intel-gfx CI (patch 5)
v5 -> v6:
- Fix recursive locking on master_rwsem, caught by the Intel-gfx CI
(patch 5 & 6)
v4 -> v5:
- Avoid calling drm_file_get_master while holding on to the modeset
mutex, caught by the Intel-gfx CI (patch 5 & 6)
v3 -> v4 (suggested by Daniel Vetter):
- Drop a patch that added an unnecessary master_lookup_lock in
drm_master_release
- Drop a patch that addressed a non-existent race in
drm_is_current_master_locked
- Remove fixes for non-existent null ptr dereferences
- Protect drm_master.magic_map,unique{_len} with master_rwsem instead of
master_lookup_lock
- Drop the patch that moved master_lookup_lock into struct drm_device
- Drop a patch to export task_work_add
- Revert the check for the global mutex in the ioctl handler to use
drm_core_check_feature instead of drm_dev_needs_global_mutex
- Push down master_rwsem locking for selected ioctls to avoid lock
hierarchy inversions, and to allow us to hold write locks on
master_rwsem instead of flushing readers
- Remove master_lookup_lock by replacing it with master_rwsem
v2 -> v3:
- Unexport drm_master_flush, as suggested by Daniel Vetter.
- Merge master_mutex and master_rwsem, as suggested by Daniel Vetter.
- Export task_work_add, reported by kernel test robot.
- Make master_flush static, reported by kernel test robot.
- Move master_lookup_lock into struct drm_device.
- Add a missing lock on master_lookup_lock in drm_master_release.
- Fix a potential race in drm_is_current_master_locked.
- Fix potential null ptr dereferences in drm_{auth, ioctl}.
- Protect magic_map,unique{_len} with master_lookup_lock.
- Convert master_mutex into a rwsem.
- Update global mutex locking in the ioctl handler.
v1 -> v2 (suggested by Daniel Vetter):
- Address an additional race when drm_open runs.
- Switch from SRCU to rwsem to synchronise readers and writers.
- Implement drm_master_flush with task_work so that flushes can be
queued to run before returning to userspace without creating a new
DRM_MASTER_FLUSH ioctl flag.
Best wishes,
Desmond
Desmond Cheong Zhi Xi (7):
drm: fix null ptr dereference in drm_master_release
drm: convert drm_device.master_mutex into a rwsem
drm: lock drm_global_mutex earlier in the ioctl handler
drm: avoid races with modesetting rights
drm: avoid circular locks in drm_mode_object_find
drm: avoid circular locks in drm_lease_held
drm: remove drm_file.master_lookup_lock
drivers/gpu/drm/drm_atomic_uapi.c | 7 +-
drivers/gpu/drm/drm_auth.c | 57 ++++++------
drivers/gpu/drm/drm_color_mgmt.c | 2 +-
drivers/gpu/drm/drm_crtc.c | 9 +-
drivers/gpu/drm/drm_debugfs.c | 4 +-
drivers/gpu/drm/drm_drv.c | 3 +-
drivers/gpu/drm/drm_encoder.c | 7 +-
drivers/gpu/drm/drm_file.c | 7 +-
drivers/gpu/drm/drm_framebuffer.c | 2 +-
drivers/gpu/drm/drm_internal.h | 1 +
drivers/gpu/drm/drm_ioctl.c | 48 ++++++----
drivers/gpu/drm/drm_lease.c | 94 ++++++++++----------
drivers/gpu/drm/drm_mode_object.c | 28 +++++-
drivers/gpu/drm/drm_plane.c | 26 ++++--
drivers/gpu/drm/drm_property.c | 6 +-
drivers/gpu/drm/i915/display/intel_overlay.c | 2 +-
drivers/gpu/drm/i915/display/intel_sprite.c | 2 +-
drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 2 +-
include/drm/drm_auth.h | 6 +-
include/drm/drm_connector.h | 23 +++++
include/drm/drm_crtc.h | 22 +++++
include/drm/drm_device.h | 15 +++-
include/drm/drm_file.h | 17 ++--
include/drm/drm_lease.h | 2 +
include/drm/drm_mode_object.h | 3 +
include/drm/drm_plane.h | 20 +++++
26 files changed, 270 insertions(+), 145 deletions(-)
--
2.25.1
