[BUG] completely bonkers use of set_need_resched + VM_FAULT_NOPAGE
Thomas Gleixner
tglx at linutronix.de
Thu Sep 12 13:39:27 PDT 2013
On Thu, 12 Sep 2013, Daniel Vetter wrote:
> On Thu, Sep 12, 2013 at 10:20 PM, Thomas Gleixner <tglx at linutronix.de> wrote:
> >> I think for ttm drivers it's just execbuf being exploitable. But on
> >> drm/i915 we've
> >> had the same issue with the pwrite/pread ioctls, so a simple
> >> glBufferData(glMap) kind of recursion from gl clients blew the kernel
> >> to pieces ...
> >
> > And the only answer you folks came up with is set_need_resched() and
> > yield()? Oh well....
>
> The yield was for a different lifelock, and that one is also fixed by
> now. The fault handler deadlock was fixed in the usual "drop locks and
> jump into slowpath" fasion, at least in drm/i915.
So we can remove that whole yield/set_need_resched() mess completely ?
Thanks,
tglx
More information about the dri-devel
mailing list