[PATCH 28/47] drm/i915/gem: Move context decoupling from postclose to preclose

[Chris Wilson]

Since the GEM contexts refer to other GEM state, we need to nerf those
pointers before that state is freed during drm_gem_release(). We need to
move i915_gem_context_close() from the postclose callback to the
preclose.

In particular, debugfs likes to peek into the GEM contexts, and from
there peek at the drm core objects. If the context is closed during the
peeking, we may attempt to dereference a stale core object.

Signed-off-by: Chris Wilson <chris at chris-wilson.co.uk>
Cc: CQ Tang <cq.tang at intel.com>
Cc: Daniel Vetter <daniel.vetter at intel.com>
Cc: stable at vger.kernel.org
---
 drivers/gpu/drm/i915/i915_drv.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/drivers/gpu/drm/i915/i915_drv.c b/drivers/gpu/drm/i915/i915_drv.c
index 8b9bd929ba45..ce545dab7aaa 100644
--- a/drivers/gpu/drm/i915/i915_drv.c
+++ b/drivers/gpu/drm/i915/i915_drv.c
@@ -1115,12 +1115,15 @@ static void i915_driver_lastclose(struct drm_device *dev)
 	vga_switcheroo_process_delayed_switch();
 }
 
+static void i915_driver_preclose(struct drm_device *dev, struct drm_file *file)
+{
+	i915_gem_context_close(file);
+}
+
 static void i915_driver_postclose(struct drm_device *dev, struct drm_file *file)
 {
 	struct drm_i915_file_private *file_priv = file->driver_priv;
 
-	i915_gem_context_close(file);
-
 	kfree_rcu(file_priv, rcu);
 
 	/* Catch up with all the deferred frees from "this" client */
@@ -1850,6 +1853,7 @@ static struct drm_driver driver = {
 	.release = i915_driver_release,
 	.open = i915_driver_open,
 	.lastclose = i915_driver_lastclose,
+	.preclose  = i915_driver_preclose,
 	.postclose = i915_driver_postclose,
 
 	.gem_close_object = i915_gem_close_object,
-- 
2.20.1