drm/tegra: Protect IOMMU operations by mutex

IOMMU support is currently not thread-safe, which can cause crashes,
amongst other things, under certain workloads.

Signed-off-by: Thierry Reding <treding@nvidia.com>
This commit is contained in:
Thierry Reding 2017-03-09 20:04:56 +01:00
parent 398cbaadec
commit 347ad49d35
3 changed files with 16 additions and 2 deletions

View File

@ -142,6 +142,7 @@ static int tegra_drm_load(struct drm_device *drm, unsigned long flags)
DRM_DEBUG_DRIVER("IOMMU aperture initialized (%#llx-%#llx)\n",
start, end);
drm_mm_init(&tegra->mm, start, end - start + 1);
mutex_init(&tegra->mm_lock);
}
mutex_init(&tegra->clients_lock);
@ -208,6 +209,7 @@ static int tegra_drm_load(struct drm_device *drm, unsigned long flags)
if (tegra->domain) {
iommu_domain_free(tegra->domain);
drm_mm_takedown(&tegra->mm);
mutex_destroy(&tegra->mm_lock);
}
free:
kfree(tegra);
@ -232,6 +234,7 @@ static void tegra_drm_unload(struct drm_device *drm)
if (tegra->domain) {
iommu_domain_free(tegra->domain);
drm_mm_takedown(&tegra->mm);
mutex_destroy(&tegra->mm_lock);
}
kfree(tegra);
@ -878,7 +881,9 @@ static int tegra_debugfs_iova(struct seq_file *s, void *data)
struct tegra_drm *tegra = drm->dev_private;
struct drm_printer p = drm_seq_file_printer(s);
mutex_lock(&tegra->mm_lock);
drm_mm_print(&tegra->mm, &p);
mutex_unlock(&tegra->mm_lock);
return 0;
}

View File

@ -42,6 +42,7 @@ struct tegra_drm {
struct drm_device *drm;
struct iommu_domain *domain;
struct mutex mm_lock;
struct drm_mm mm;
struct mutex clients_lock;

View File

@ -128,12 +128,14 @@ static int tegra_bo_iommu_map(struct tegra_drm *tegra, struct tegra_bo *bo)
if (!bo->mm)
return -ENOMEM;
mutex_lock(&tegra->mm_lock);
err = drm_mm_insert_node_generic(&tegra->mm,
bo->mm, bo->gem.size, PAGE_SIZE, 0, 0);
if (err < 0) {
dev_err(tegra->drm->dev, "out of I/O virtual memory: %zd\n",
err);
goto free;
goto unlock;
}
bo->paddr = bo->mm->start;
@ -147,11 +149,14 @@ static int tegra_bo_iommu_map(struct tegra_drm *tegra, struct tegra_bo *bo)
bo->size = err;
mutex_unlock(&tegra->mm_lock);
return 0;
remove:
drm_mm_remove_node(bo->mm);
free:
unlock:
mutex_unlock(&tegra->mm_lock);
kfree(bo->mm);
return err;
}
@ -161,8 +166,11 @@ static int tegra_bo_iommu_unmap(struct tegra_drm *tegra, struct tegra_bo *bo)
if (!bo->mm)
return 0;
mutex_lock(&tegra->mm_lock);
iommu_unmap(tegra->domain, bo->paddr, bo->size);
drm_mm_remove_node(bo->mm);
mutex_unlock(&tegra->mm_lock);
kfree(bo->mm);
return 0;