Hi Greg,
Please consider to apply this patch in the staging tree, as the
description says it fixes a crash in tidspbridge driver, this bug
was already present but it seems to have surfaced by recent tests
made by Felipe and Tuomas.
It is an urgent fix for 2.6.38.
More on this discussion:
http://www.gossamer-threads.com/lists/linux/kernel/1351446
Thanks,
- omar
From: Felipe Contreras <[email protected]>
We need to protect not only the dmm_map list, but the individual
map_obj's, otherwise, we might be building the scatter-gather list with
garbage. So, use the existing proc_lock for that.
I observed race conditions which caused kernel panics while running
stress tests, also, Tuomas Kulve found it happening quite often in
Gumstix Over. This patch fixes those.
Cc: Tuomas Kulve <[email protected]>
Signed-off-by: Felipe Contreras <[email protected]>
Signed-off-by: Omar Ramirez Luna <[email protected]>
---
drivers/staging/tidspbridge/rmgr/proc.c | 19 ++++++++++++++-----
1 files changed, 14 insertions(+), 5 deletions(-)
diff --git a/drivers/staging/tidspbridge/rmgr/proc.c b/drivers/staging/tidspbridge/rmgr/proc.c
index b47d7aa..e2fe165 100644
--- a/drivers/staging/tidspbridge/rmgr/proc.c
+++ b/drivers/staging/tidspbridge/rmgr/proc.c
@@ -781,12 +781,14 @@ int proc_begin_dma(void *hprocessor, void *pmpu_addr, u32 ul_size,
(u32)pmpu_addr,
ul_size, dir);
+ mutex_lock(&proc_lock);
+
/* find requested memory are in cached mapping information */
map_obj = find_containing_mapping(pr_ctxt, (u32) pmpu_addr, ul_size);
if (!map_obj) {
pr_err("%s: find_containing_mapping failed\n", __func__);
status = -EFAULT;
- goto err_out;
+ goto no_map;
}
if (memory_give_ownership(map_obj, (u32) pmpu_addr, ul_size, dir)) {
@@ -795,6 +797,8 @@ int proc_begin_dma(void *hprocessor, void *pmpu_addr, u32 ul_size,
status = -EFAULT;
}
+no_map:
+ mutex_unlock(&proc_lock);
err_out:
return status;
@@ -819,21 +823,24 @@ int proc_end_dma(void *hprocessor, void *pmpu_addr, u32 ul_size,
(u32)pmpu_addr,
ul_size, dir);
+ mutex_lock(&proc_lock);
+
/* find requested memory are in cached mapping information */
map_obj = find_containing_mapping(pr_ctxt, (u32) pmpu_addr, ul_size);
if (!map_obj) {
pr_err("%s: find_containing_mapping failed\n", __func__);
status = -EFAULT;
- goto err_out;
+ goto no_map;
}
if (memory_regain_ownership(map_obj, (u32) pmpu_addr, ul_size, dir)) {
pr_err("%s: InValid address parameters %p %x\n",
__func__, pmpu_addr, ul_size);
status = -EFAULT;
- goto err_out;
}
+no_map:
+ mutex_unlock(&proc_lock);
err_out:
return status;
}
@@ -1726,9 +1733,8 @@ int proc_un_map(void *hprocessor, void *map_addr,
(p_proc_object->hbridge_context, va_align, size_align);
}
- mutex_unlock(&proc_lock);
if (status)
- goto func_end;
+ goto unmap_failed;
/*
* A successful unmap should be followed by removal of map_obj
@@ -1737,6 +1743,9 @@ int proc_un_map(void *hprocessor, void *map_addr,
*/
remove_mapping_information(pr_ctxt, (u32) map_addr, size_align);
+unmap_failed:
+ mutex_unlock(&proc_lock);
+
func_end:
dev_dbg(bridge, "%s: hprocessor: 0x%p map_addr: 0x%p status: 0x%x\n",
__func__, hprocessor, map_addr, status);
--
1.7.1
On Fri, Mar 11, 2011 at 06:29:06PM -0600, Omar Ramirez Luna wrote:
> Hi Greg,
>
> Please consider to apply this patch in the staging tree, as the
> description says it fixes a crash in tidspbridge driver, this bug
> was already present but it seems to have surfaced by recent tests
> made by Felipe and Tuomas.
>
> It is an urgent fix for 2.6.38.
Heh, it's funny to see such a "urgent" fix take so long to get to me :)
Is it also applicable for .37?
> More on this discussion:
> http://www.gossamer-threads.com/lists/linux/kernel/1351446
>
> Thanks,
> - omar
>
> From: Felipe Contreras <[email protected]>
>
> We need to protect not only the dmm_map list, but the individual
> map_obj's, otherwise, we might be building the scatter-gather list with
> garbage. So, use the existing proc_lock for that.
>
> I observed race conditions which caused kernel panics while running
> stress tests, also, Tuomas Kulve found it happening quite often in
> Gumstix Over. This patch fixes those.
>
> Cc: Tuomas Kulve <[email protected]>
> Signed-off-by: Felipe Contreras <[email protected]>
> Signed-off-by: Omar Ramirez Luna <[email protected]>
How about I send it to Linus for .39 and then add it to the .38-stable
tree when it comes out?
thanks,
greg k-h
On Sat, Mar 12, 2011 at 7:36 PM, Greg KH <[email protected]> wrote:
> On Fri, Mar 11, 2011 at 06:29:06PM -0600, Omar Ramirez Luna wrote:
>> Please consider to apply this patch in the staging tree, as the
>> description says it fixes a crash in tidspbridge driver, this bug
>> was already present but it seems to have surfaced by recent tests
>> made by Felipe and Tuomas.
>>
>> It is an urgent fix for 2.6.38.
>
> Heh, it's funny to see such a "urgent" fix take so long to get to me :)
Well, depending on your hardware and use-case this might or might not
be urgent. At least for some people the driver is unusable without
this.
> Is it also applicable for .37?
Yes.
> How about I send it to Linus for .39 and then add it to the .38-stable
> tree when it comes out?
That was the plan for .38/.37-stable. I'd say that's fine, but it
would be even better to avoid people getting bit by this on plain .38.
Cheers.
--
Felipe Contreras
On Sun, Mar 13, 2011 at 01:42:35AM +0200, Felipe Contreras wrote:
> On Sat, Mar 12, 2011 at 7:36 PM, Greg KH <[email protected]> wrote:
> > On Fri, Mar 11, 2011 at 06:29:06PM -0600, Omar Ramirez Luna wrote:
> >> Please consider to apply this patch in the staging tree, as the
> >> description says it fixes a crash in tidspbridge driver, this bug
> >> was already present but it seems to have surfaced by recent tests
> >> made by Felipe and Tuomas.
> >>
> >> It is an urgent fix for 2.6.38.
> >
> > Heh, it's funny to see such a "urgent" fix take so long to get to me :)
>
> Well, depending on your hardware and use-case this might or might not
> be urgent. At least for some people the driver is unusable without
> this.
Urgency is all relative :)
> > Is it also applicable for .37?
>
> Yes.
In the future, always say this so I don't have to ask please.
> > How about I send it to Linus for .39 and then add it to the .38-stable
> > tree when it comes out?
>
> That was the plan for .38/.37-stable. I'd say that's fine, but it
> would be even better to avoid people getting bit by this on plain .38.
What is one more week, when you all waited months to get this to me? In
other words, why should I suddenly now rush when no one else did?
I'll queue this up for .39 and mark it for stable inclusion.
thanks,
greg k-h
[email protected] wrote:
> On Sun, Mar 13, 2011 at 01:42:35AM +0200, Felipe Contreras wrote:
> > On Sat, Mar 12, 2011 at 7:36 PM, Greg KH <[email protected]> wrote:
> > > How about I send it to Linus for .39 and then add it to the .38-stable
> > > tree when it comes out?
> >
> > That was the plan for .38/.37-stable. I'd say that's fine, but it
> > would be even better to avoid people getting bit by this on plain .38.
>
> What is one more week, when you all waited months to get this to me? In
> other words, why should I suddenly now rush when no one else did?
The reason is because it didn't seem like it was happening often, but
in Tuomas' case, it does so much it's basically unusable. So _now_ we
know this could have possibly been affecting many people we didn't know
about.
You have to remember that this driver only started to work on .37, so
people might have tried it, seen it crashing and said "oh well, it's on
'staging' for a reason", having no point of reference that would be a
valid conclusion, while in fact this is a regression from pre-staging
(the issue wasn't there).
Anyway, I don't think .38.1 is going to be released in one week, but I
guess if people are having issues and not reporting them, they can wait
more.
Cheers.
--
Felipe Contreras
On Mon, Mar 14, 2011 at 05:33:09PM +0200, Felipe Contreras wrote:
> [email protected] wrote:
> > On Sun, Mar 13, 2011 at 01:42:35AM +0200, Felipe Contreras wrote:
> > > On Sat, Mar 12, 2011 at 7:36 PM, Greg KH <[email protected]> wrote:
> > > > How about I send it to Linus for .39 and then add it to the .38-stable
> > > > tree when it comes out?
> > >
> > > That was the plan for .38/.37-stable. I'd say that's fine, but it
> > > would be even better to avoid people getting bit by this on plain .38.
> >
> > What is one more week, when you all waited months to get this to me? In
> > other words, why should I suddenly now rush when no one else did?
>
> The reason is because it didn't seem like it was happening often, but
> in Tuomas' case, it does so much it's basically unusable. So _now_ we
> know this could have possibly been affecting many people we didn't know
> about.
>
> You have to remember that this driver only started to work on .37, so
> people might have tried it, seen it crashing and said "oh well, it's on
> 'staging' for a reason", having no point of reference that would be a
> valid conclusion, while in fact this is a regression from pre-staging
> (the issue wasn't there).
I understand you feeling like there is a rush here, but again, please
recognize that we all have different priorities. The number of users
out there using this driver is very small and again, this patch can
safely wait until the first .38-stable release comes out.
> Anyway, I don't think .38.1 is going to be released in one week,
Is that a challenge? :)
> but I guess if people are having issues and not reporting them, they
> can wait more.
Thanks, I think they can.
greg k-h