Patch "drm/etnaviv: reap idle mapping if it doesn't match the softpin address" has been added to the 6.0-stable tree

<gregkh@xxxxxxxxxxxxxxxxxxx> · Wed, 04 Jan 2023 15:47:43 +0100

This is a note to let you know that I've just added the patch titled

    drm/etnaviv: reap idle mapping if it doesn't match the softpin address

to the 6.0-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     drm-etnaviv-reap-idle-mapping-if-it-doesn-t-match-the-softpin-address.patch
and it can be found in the queue-6.0 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From 332f847212e43d584019a8264895f25cf92aa647 Mon Sep 17 00:00:00 2001
From: Lucas Stach <l.stach@xxxxxxxxxxxxxx>
Date: Thu, 14 Jul 2022 12:31:43 +0200
Subject: drm/etnaviv: reap idle mapping if it doesn't match the softpin address
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

From: Lucas Stach <l.stach@xxxxxxxxxxxxxx>

commit 332f847212e43d584019a8264895f25cf92aa647 upstream.

When a idle BO, which is held open by another process, gets freed by
userspace and subsequently referenced again by e.g. importing it again,
userspace may assign a different softpin VA than the last time around.
As the kernel GEM object still exists, we likely have a idle mapping
with the old VA still cached, if it hasn't been reaped in the meantime.

As the context matches, we then simply try to resurrect this mapping by
increasing the refcount. As the VA in this mapping does not match the
new softpin address, we consequently fail the otherwise valid submit.
Instead of failing, reap the idle mapping.

Cc: stable@xxxxxxxxxxxxxxx # 5.19
Signed-off-by: Lucas Stach <l.stach@xxxxxxxxxxxxxx>
Reviewed-by: Guido Günther <agx@xxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 drivers/gpu/drm/etnaviv/etnaviv_gem.c |    7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

--- a/drivers/gpu/drm/etnaviv/etnaviv_gem.c
+++ b/drivers/gpu/drm/etnaviv/etnaviv_gem.c
@@ -258,7 +258,12 @@ struct etnaviv_vram_mapping *etnaviv_gem
 		if (mapping->use == 0) {
 			mutex_lock(&mmu_context->lock);
 			if (mapping->context == mmu_context)
-				mapping->use += 1;
+				if (va && mapping->iova != va) {
+					etnaviv_iommu_reap_mapping(mapping);
+					mapping = NULL;
+				} else {
+					mapping->use += 1;
+				}
 			else
 				mapping = NULL;
 			mutex_unlock(&mmu_context->lock);


Patches currently in stable-queue which might be from l.stach@xxxxxxxxxxxxxx are

queue-6.0/drm-etnaviv-reap-idle-mapping-if-it-doesn-t-match-the-softpin-address.patch
queue-6.0/drm-etnaviv-move-idle-mapping-reaping-into-separate-function.patch






