drm: move lease init after validation in drm_lease_create

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Patch bd36d3bab2e3d08f80766c86487090dbceed4651 fixed a deadlock in the
failure path of drm_lease_create. This made the partially initialized
lease object visible for a short window of time.

To avoid having the lessee state appear transiently, I've rearranged
the code so that the lessor fields are not filled in until the
parameters are all validated and the function will succeed.

Signed-off-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Link: https://patchwork.freedesktop.org/patch/msgid/20171221065424.1304-1-keithp@keithp.com

authored by

Keith Packard and committed by

Daniel Vetter 8 years ago d2a48e52 ce0769e0

+11 -11

1 changed file

expand all

drivers

gpu

drm

drm_lease.c

+11 -11

drivers/gpu/drm/drm_lease.c

··· 220 220 221 221 mutex_lock(&dev->mode_config.idr_mutex); 222 222 223 - /* Insert the new lessee into the tree */ 224 - id = idr_alloc(&(drm_lease_owner(lessor)->lessee_idr), lessee, 1, 0, GFP_KERNEL); 225 - if (id < 0) { 226 - error = id; 227 - goto out_lessee; 228 - } 229 - 230 - lessee->lessee_id = id; 231 - lessee->lessor = drm_master_get(lessor); 232 - list_add_tail(&lessee->lessee_list, &lessor->lessees); 233 - 234 223 idr_for_each_entry(leases, entry, object) { 235 224 error = 0; 236 225 if (!idr_find(&dev->mode_config.crtc_idr, object)) ··· 234 245 goto out_lessee; 235 246 } 236 247 } 248 + 249 + /* Insert the new lessee into the tree */ 250 + id = idr_alloc(&(drm_lease_owner(lessor)->lessee_idr), lessee, 1, 0, GFP_KERNEL); 251 + if (id < 0) { 252 + error = id; 253 + goto out_lessee; 254 + } 255 + 256 + lessee->lessee_id = id; 257 + lessee->lessor = drm_master_get(lessor); 258 + list_add_tail(&lessee->lessee_list, &lessor->lessees); 237 259 238 260 /* Move the leases over */ 239 261 lessee->leases = *leases;