[PATCH 2/2] drm/ttm: Fix COW check

Felix Kuehling felix.kuehling at amd.com
Fri Jul 9 19:31:21 UTC 2021


On 2021-07-09 2:38 a.m., Christian König wrote:
>
>
> Am 08.07.21 um 21:36 schrieb Alex Deucher:
>> From: Felix Kuehling <Felix.Kuehling at amd.com>
>>
>> KFD Thunk maps invisible VRAM BOs with PROT_NONE, MAP_PRIVATE.
>> is_cow_mapping returns true for these mappings. Add a check for
>> vm_flags & VM_WRITE to avoid mmap failures on private read-only or
>> PROT_NONE mappings.
>
> I'm pretty sure that this is not working as expected.

Not sure what you mean. Debugger access to the memory through the 
PROT_NONE VMAs is definitely working, with both ptrace and /proc/<pid>/mem.


>
>>
>> Fixes: f91142c62161 ("drm/ttm: nuke VM_MIXEDMAP on BO mappings v3")
>> Signed-off-by: Felix Kuehling <Felix.Kuehling at amd.com>
>> Signed-off-by: Alex Deucher <alexander.deucher at amd.com>
>> ---
>> drivers/gpu/drm/ttm/ttm_bo_vm.c | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/drivers/gpu/drm/ttm/ttm_bo_vm.c 
>> b/drivers/gpu/drm/ttm/ttm_bo_vm.c
>> index f56be5bc0861..a75e90c7d4aa 100644
>> --- a/drivers/gpu/drm/ttm/ttm_bo_vm.c
>> +++ b/drivers/gpu/drm/ttm/ttm_bo_vm.c
>> @@ -552,7 +552,7 @@ static const struct vm_operations_struct 
>> ttm_bo_vm_ops = {
>>   int ttm_bo_mmap_obj(struct vm_area_struct *vma, struct 
>> ttm_buffer_object *bo)
>>   {
>>       /* Enforce no COW since would have really strange behavior with 
>> it. */
>> -    if (is_cow_mapping(vma->vm_flags))
>> +    if (is_cow_mapping(vma->vm_flags) && (vma->vm_flags & VM_WRITE))
>
> is_cow_mapping() already checks for VM_MAYWRITE, so this here 
> shouldn't be necessary.

AFAICT, VM_MAYWRITE is not based on the PROT_... bits used to create the 
VMA, but based on the permissions of the file. So as long as the render 
node is writable, VM_MAYWRITE is set for all VMAs that map it.

I would agree that it's probably a bad idea for the Thunk to map these 
VMAs with MAP_PRIVATE. We can try changing the Thunk to use MAP_SHARED 
for these PROT_NONE mappings. But that doesn't change the fact that this 
kernel patch broke existing usermode.

Regards,
   Felix


>
> Christian.
>
>>           return -EINVAL;
>>         ttm_bo_get(bo);
>


More information about the dri-devel mailing list