Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / mainline / linux / c5b1247bd1c3ab6722acfa95213be9a16bfb664c^! / .
commitc5b1247bd1c3ab6722acfa95213be9a16bfb664c[log] [tgz]
authorRob Clark <rob@ti.com>Wed Jan 18 18:33:02 2012 -0600
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>Wed Feb 08 14:14:12 2012 -0800
tree3ef9b02ee38d547cf00a7400186deee87e117214
parenta9e8d70c1ac6c9ccf6852c91e082e28249564e6e [diff]
staging: drm/omap: fix locking issue

The create/free mmap offset code must be synchronized.  Yet only some
callers of omap_gem_mmap_offset() held struct_mutex.  Leading to various
crashes around drm_mm_insert_helper_range().  (In the free-object path,
which is currently the only place we drm_gem_free_mmap_offset(),
struct_mutex is already held.)

Signed-off-by: Rob Clark <rob@ti.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

diff --git a/drivers/staging/omapdrm/omap_gem.c b/drivers/staging/omapdrm/omap_gem.c
index ae1ad35..b7d6f88 100644
--- a/drivers/staging/omapdrm/omap_gem.c
+++ b/drivers/staging/omapdrm/omap_gem.c

@@ -116,6 +116,9 @@
 	} *sync;
 };
 
+static int get_pages(struct drm_gem_object *obj, struct page ***pages);
+static uint64_t mmap_offset(struct drm_gem_object *obj);
+
 /* To deal with userspace mmap'ings of 2d tiled buffers, which (a) are
  * not necessarily pinned in TILER all the time, and (b) when they are
  * they are not necessarily page aligned, we reserve one or more small
@@ -149,7 +152,7 @@
 {
 	if (obj->dev->dev_mapping) {
 		size_t size = PAGE_SIZE * usergart[fmt].height;
-		loff_t off = omap_gem_mmap_offset(obj) +
+		loff_t off = mmap_offset(obj) +
 				(entry->obj_pgoff << PAGE_SHIFT);
 		unmap_mapping_range(obj->dev->dev_mapping, off, size, 1);
 	}
@@ -189,8 +192,6 @@
 	return obj->filp != NULL;
 }
 
-static int get_pages(struct drm_gem_object *obj, struct page ***pages);
-
 static DEFINE_SPINLOCK(sync_lock);
 
 /** ensure backing pages are allocated */
@@ -251,7 +252,7 @@
 }
 
 /** get mmap offset */
-uint64_t omap_gem_mmap_offset(struct drm_gem_object *obj)
+static uint64_t mmap_offset(struct drm_gem_object *obj)
 {
 	if (!obj->map_list.map) {
 		/* Make it mmapable */
@@ -267,6 +268,15 @@
 	return (uint64_t)obj->map_list.hash.key << PAGE_SHIFT;
 }
 
+uint64_t omap_gem_mmap_offset(struct drm_gem_object *obj)
+{
+	uint64_t offset;
+	mutex_lock(&obj->dev->struct_mutex);
+	offset = mmap_offset(obj);
+	mutex_unlock(&obj->dev->struct_mutex);
+	return offset;
+}
+
 /** get mmap size */
 size_t omap_gem_mmap_size(struct drm_gem_object *obj)
 {