subject:"Re\: \[Freedreno\] \[PATCH 2\/2\] drm\/msm\: protect against faults from copy_from_user\(\) in submit ioctl"

Re: [Freedreno] [PATCH 2/2] drm/msm: protect against faults from copy_from_user() in submit ioctl

2016-08-28 Thread Daniel Vetter

On Sun, Aug 28, 2016 at 12:43:46PM -0400, Rob Clark wrote: > On Tue, Aug 23, 2016 at 2:03 AM, Daniel Vetter wrote: > > On Mon, Aug 22, 2016 at 03:38:05PM -0400, Rob Clark wrote: > >> An evil userspace could try to cause deadlock by passing an unfaulted-in > >> GEM bo as

Re: [Freedreno] [PATCH 2/2] drm/msm: protect against faults from copy_from_user() in submit ioctl

2016-08-23 Thread Daniel Vetter

On Mon, Aug 22, 2016 at 03:38:05PM -0400, Rob Clark wrote: > An evil userspace could try to cause deadlock by passing an unfaulted-in > GEM bo as submit->bos (or submit->cmds) table. Which will trigger > msm_gem_fault() while we already hold struct_mutex. See: > >