[PATCH 02/14] drm/amdkfd: Add crash protection in debugger register path

Thu Nov 30 16:14:26 UTC 2017

On Tue, Nov 28, 2017 at 1:29 AM, Felix Kuehling <Felix.Kuehling at amd.com> wrote:
> From: Philip Yang <Philip.Yang at amd.com>
>
> After debugger is registered, the pqm_destroy_queue fails because is_debug
> is true, the queue should not be removed from process_queue_list since
> the count is not reduced.
>
> Test application calls debugger unregister without register debugger, add
> null pointer check protection to avoid crash for this case
>
> Signed-off-by: Philip Yang <Philip.Yang at amd.com>
> Signed-off-by: Felix Kuehling <Felix.Kuehling at amd.com>
> ---
>  drivers/gpu/drm/amd/amdkfd/kfd_chardev.c               | 2 +-
>  drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c | 5 +++++
>  2 files changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_chardev.c b/drivers/gpu/drm/amd/amdkfd/kfd_chardev.c
> index cc61ec2..62c3d9c 100644
> --- a/drivers/gpu/drm/amd/amdkfd/kfd_chardev.c
> +++ b/drivers/gpu/drm/amd/amdkfd/kfd_chardev.c
> @@ -526,7 +526,7 @@ static int kfd_ioctl_dbg_unregister(struct file *filep,
>         long status;
>
>         dev = kfd_device_by_id(args->gpu_id);
> -       if (!dev)
> +       if (!dev || !dev->dbgmgr)
>                 return -EINVAL;
>
>         if (dev->device_info->asic_family == CHIP_CARRIZO) {
> diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c b/drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c
> index eeb7726..2c98858 100644
> --- a/drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c
> +++ b/drivers/gpu/drm/amd/amdkfd/kfd_process_queue_manager.c
> @@ -313,6 +313,10 @@ int pqm_destroy_queue(struct process_queue_manager *pqm, unsigned int qid)
>         if (pqn->q) {
>                 dqm = pqn->q->device->dqm;
>                 retval = dqm->ops.destroy_queue(dqm, &pdd->qpd, pqn->q);
> +               if (retval) {
> +                       pr_debug("Destroy queue failed, returned %d\n", retval);
> +                       goto err_destroy_queue;
> +               }
>                 uninit_queue(pqn->q);
>         }
>
> @@ -324,6 +328,7 @@ int pqm_destroy_queue(struct process_queue_manager *pqm, unsigned int qid)
>             list_empty(&pdd->qpd.priv_queue_list))
>                 dqm->ops.unregister_process(dqm, &pdd->qpd);
>
> +err_destroy_queue:
>         return retval;
>  }
>
> --
> 2.7.4
>
This patch is:
Reviewed-by: Oded Gabbay <oded.gabbay at gmail.com>