Commit 2149ded6 authored 9 months ago by unerlige Committed by Lucas De Marchi 9 months ago

drm/xe: Fix use after free when client stats are captured

xe_file_close triggers an asynchronous queue cleanup and then frees up
the xef object. Since queue cleanup flushes all pending jobs and the KMD
stores client usage stats into the xef object after jobs are flushed, we
see a use-after-free for the xef object. Resolve this by taking a
reference to xef from xe_exec_queue.

While at it, revert an earlier change that contained a partial work
around for this issue.

v2:
- Take a ref to xef even for the VM bind queue (Matt)
- Squash patches relevant to that fix and work around (Lucas)

v3: Fix typo (Lucas)

Fixes: ce62827b ("drm/xe: Do not access xe file when updating exec queue run_ticks")
Fixes: 6109f24f ("drm/xe: Add helper to accumulate exec queue runtime")
Closes: drm/xe/kernel#1908


Signed-off-by: Umesh Nerlige Ramappa <umesh.nerlige.ramappa@intel.com>
Reviewed-by: Matthew Brost <matthew.brost@intel.com>
Reviewed-by: Lucas De Marchi <lucas.demarchi@intel.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20240718210548.3580382-5-umesh.nerlige.ramappa@intel.com


Signed-off-by: Lucas De Marchi <lucas.demarchi@intel.com>

parent a2387e69

No related branches found

No related tags found

Hide whitespace changes

Inline Side-by-side

Showing with 13 additions and 9 deletions

Matthew Auld @mwa
mentioned in commit nouveau@67801fa6
· 6 months ago

mentioned in commit nouveau@67801fa6

mentioned in commit nouveau@67801fa67b94ebd0e4da7a77ac2d9f321b75fbe0

Toggle commit list
Matthew Auld @mwa
mentioned in commit 16536582
· 6 months ago

mentioned in commit 16536582

mentioned in commit 16536582ddbebdbdf9e1d7af321bbba2bf955a87

Toggle commit list

Please register or to comment

Admin message

Admin message

drm/xe: Fix use after free when client stats are captured