diff options
| author | Tvrtko Ursulin <tvrtko.ursulin@igalia.com> | 2026-06-01 15:08:22 +0100 |
|---|---|---|
| committer | Alex Deucher <alexander.deucher@amd.com> | 2026-06-17 18:26:40 -0400 |
| commit | c1dc4ccb82c9e56325d8e7514ca4c90bd1efb351 (patch) | |
| tree | 0a806286dca9f7cfb029e9c00d21c2719c875021 /rust/zerocopy/rustdoc/git@git.tavy.me:linux.git | |
| parent | 2321831d7e95d4e1abaff3ffd682be9dd45db62e (diff) | |
drm/amdgpu: Fix context pstate override handling
There are several problems in the context pstate handling code.
The most serious ones are potential use-after-free and NULL pointer
dereferences at context initialization time. Both are due
amdgpu_ctx_init() not holding the adev->pm.stable_pstate_ctx_lock, which
is otherwise used from both sysfs and the context code itself for
modifying and clearing the stored context pointer.
Second issue is that context fini can trample over the pstate
configuration set via sysfs. This is due the restore state
(ctx->stable_pstate) being saved at context init time, and not if, or when
the context actually changes the pstate. As the context exits it will
therefore incorrectly restore to what was set before the sysfs override
was requested.
The simplest fix is to drastically simplify how the state is tracked, by
clearly defining the points at which pstate ownership is taken and
released, and to handle all transitions under the correct lock.
Instead of at context init time, the previous state is saved only at the
point the context overrides the current state, and is restored on context
exit only if the context is still the owner of the current override state.
Signed-off-by: Tvrtko Ursulin <tvrtko.ursulin@igalia.com>
Fixes: 79610d304133 ("drm/amdgpu: fix pstate setting issue")
Cc: Chengming Gui <Jack.Gui@amd.com>
Cc: Alex Deucher <alexander.deucher@amd.com>
Cc: "Christian König" <christian.koenig@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
(cherry picked from commit 1b5e413713c0a93bc1818394d0ce49aaad21bd27)
Cc: <stable@vger.kernel.org> # v6.1+
Diffstat (limited to 'rust/zerocopy/rustdoc/git@git.tavy.me:linux.git')
0 files changed, 0 insertions, 0 deletions
