| Message ID | 1302726410-14906-1-git-send-email-chris@chris-wilson.co.uk (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Wed, Apr 13, 2011 at 09:26:50PM +0100, Chris Wilson wrote: > The docs have a dire warning not to attempt to access snooped pages > through the GTT. Prevent userspace from doing so by sending them a > SIGBUS if they try. > > [Now it is possible with a bit of extra complexity to map the snooped > CPU page into the vma and return that through i915_gem_fault() instead. > The question is: is it simpler to do that workaround in the kernel than > it is to do it in userspace?] Woohoo! Evasive scary-patch-review-in-sight maneuver successfully accomplished! Reviewed-by: Daniel Vetter <daniel.vetter@ffwll.ch>
diff --git a/drivers/gpu/drm/i915/i915_gem.c b/drivers/gpu/drm/i915/i915_gem.c index 8b3007c..daa64cb 100644 --- a/drivers/gpu/drm/i915/i915_gem.c +++ b/drivers/gpu/drm/i915/i915_gem.c @@ -1211,6 +1211,16 @@ int i915_gem_fault(struct vm_area_struct *vma, struct vm_fault *vmf) trace_i915_gem_object_fault(obj, page_offset, true, write); + /* The docs warn of dire consequences if we try to write to a snooped + * page through the GTT. So kill the driver/app early with a SIGBUS. + */ + if (INTEL_INFO(dev)->gen < 6 && obj->cache_level != I915_CACHE_NONE) { + DRM_DEBUG("Attempting to read a snooped page through the GTT, " + "this is illegal on pre-SandyBridge chipsets.\n"); + ret = -EINVAL; + goto unlock; + } + /* Now bind it into the GTT if needed */ if (!obj->map_and_fenceable) { ret = i915_gem_object_unbind(obj);
The docs have a dire warning not to attempt to access snooped pages through the GTT. Prevent userspace from doing so by sending them a SIGBUS if they try. [Now it is possible with a bit of extra complexity to map the snooped CPU page into the vma and return that through i915_gem_fault() instead. The question is: is it simpler to do that workaround in the kernel than it is to do it in userspace?] Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk> --- drivers/gpu/drm/i915/i915_gem.c | 10 ++++++++++ 1 files changed, 10 insertions(+), 0 deletions(-)