Searched hist:"0593 ad215359d51514c1e6c81ce28ea598efed6b" (Results 1 – 1 of 1) sorted by relevance
| /openbmc/linux/drivers/gpu/drm/amd/amdkfd/ |
| H A D | kfd_process.c | diff 0593ad215359d51514c1e6c81ce28ea598efed6b Wed Jul 20 17:00:45 CDT 2022 Philip Yang <Philip.Yang@amd.com> drm/amdkfd: Correct mmu_notifier_get failure handling
If process has signal pending, mmu_notifier_get_locked fails and calls
ops->free_notifier, kfd_process_free_notifier will schedule
kfd_process_wq_release as process refcount is 1, but process structure
is already freed. This use after free bug causes system crash with
different backtrace.
The fix is to increase process refcount and then decrease the refcount
after mmu_notifier_get success.
Signed-off-by: Philip Yang <Philip.Yang@amd.com>
Reviewed-by: Felix Kuehling <Felix.Kuehling@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
|