fdo-mirrors/mesa-drm
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/mesa/drm.git synced 2025-12-20 07:00:11 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
mesa-drm/amdgpu
History
José Expósito 4df9173595 amdgpu: Make amdgpu_cs_signal_semaphore() thread-safe 
The issue was found by a static analysis tool:

    Error: LOCK_EVASION (CWE-543):
    libdrm-2.4.115/amdgpu/amdgpu_cs.c:596: thread1_checks_field:
        Thread1 uses the value read from field "context" in the
        condition "sem->signal_fence.context". It sees that the
        condition is false. Control is switched to Thread2.
    libdrm-2.4.115/amdgpu/amdgpu_cs.c:596: thread2_checks_field:
        Thread2 uses the value read from field "context" in the
        condition "sem->signal_fence.context". It sees that the
        condition is false.
    libdrm-2.4.115/amdgpu/amdgpu_cs.c:598: thread2_acquires_lock:
        Thread2 acquires lock "amdgpu_context.sequence_mutex".
    libdrm-2.4.115/amdgpu/amdgpu_cs.c:599: thread2_modifies_field:
        Thread2 sets "context" to a new value. Note that this write can
        be reordered at runtime to occur before instructions that do
        not access this field within this locked region. After Thread2
        leaves the critical section, control is switched back to
        Thread1.
    libdrm-2.4.115/amdgpu/amdgpu_cs.c:598: thread1_acquires_lock:
        Thread1 acquires lock "amdgpu_context.sequence_mutex".
    libdrm-2.4.115/amdgpu/amdgpu_cs.c:599: thread1_overwrites_value_in_field:
        Thread1 sets "context" to a new value. Now the two threads have
        an inconsistent view of "context" and updates to fields of
        "context" or fields correlated with "context" may be lost.
    libdrm-2.4.115/amdgpu/amdgpu_cs.c:596: use_same_locks_for_read_and_modify:
        Guard the modification of "context" and the read used to decide
        whether to modify "context" with the same set of locks.
    #  597|                   return -EINVAL;
    #  598|           pthread_mutex_lock(&ctx->sequence_mutex);
    #  599|->         sem->signal_fence.context = ctx;
    #  600|           sem->signal_fence.ip_type = ip_type;
    #  601|           sem->signal_fence.ip_instance = ip_instance;

Check `sem->signal_fence.context` in the locked region to avoid a race
condition.

Reviewed-by: Pierre-Eric Pelloux-Prayer <pierre-eric.pelloux-prayer@amd.com>
Signed-off-by: José Expósito <jexposit@redhat.com>
2024-05-23 18:57:18 +00:00
..
.editorconfig Add meson build system 2018-01-12 09:40:48 -08:00
amdgpu-symbols.txt amdgpu: add amdgpu_device_initialize2 2024-03-21 11:03:38 +01:00
amdgpu.h amdgpu: add amdgpu_device_initialize2 2024-03-21 11:03:38 +01:00
amdgpu_asic_id.c meson,configure: include config.h automatically 2018-03-20 18:19:26 +00:00
amdgpu_bo.c amdgpu: Fix pointer/integer mismatch warning 2023-09-04 09:31:36 +02:00
amdgpu_cs.c amdgpu: Make amdgpu_cs_signal_semaphore() thread-safe 2024-05-23 18:57:18 +00:00
amdgpu_device.c amdgpu: fix deinit logic 2024-03-27 08:55:26 +01:00
amdgpu_gpu_info.c amdgpu: add support for querying VM faults information 2023-10-10 10:25:07 +02:00
amdgpu_internal.h amdgpu: add amdgpu_va_manager 2024-03-21 10:56:29 +01:00
amdgpu_vamgr.c amdgpu: add amdgpu_va_range_alloc2 2024-03-21 10:57:04 +01:00
amdgpu_vm.c amdgpu: annotate public functions 2018-09-19 22:46:45 -07:00
Android.mk amdgpu: Only remember the device's marketing name 2017-12-05 12:50:20 +01:00
handle_table.c amdgpu: fix off by one in handle_table_insert 2018-08-16 08:50:04 +02:00
handle_table.h amdgpu: add handle table implementation v2 2018-08-07 13:27:16 +02:00
libdrm_amdgpu.pc.in amdgpu: add libdrm as private requirement/dependency 2016-02-04 13:22:50 +00:00
Makefile.sources amdgpu: remove the hash table implementation 2018-08-07 13:27:33 +02:00
meson.build meson: replace deprecated program.path -> program.full_path 2023-10-20 05:21:01 +00:00