drm/i915/gvt: Dereference msi eventfd_ctx when it isn't used anymore

Submitted by Xiong Zhang on March 26, 2018, 9:29 p.m.

Details

Message ID 1522099748-20491-1-git-send-email-xiong.y.zhang@intel.com
State New
Headers show
Series "drm/i915/gvt: Dereference msi eventfd_ctx when it isn't used anymore" ( rev: 1 ) in Intel GVT devel

Not browsing as part of any series.

Commit Message

Xiong Zhang March 26, 2018, 9:29 p.m.
kvmgt get msi eventfd_ctx at qemu vfio set irq eventfd, then
msi eventfd_ctx should be put at some point.
The first point is kvmgt handle qemu vfio_disable_irqindex()
call which has DATA_NONE and ACTION_TRIGGER in flags.
If qemu doesn't call vfio_disable_irqindex(), the second point
is vgpu release function.

Signed-off-by: Xiong Zhang <xiong.y.zhang@intel.com>
---
 drivers/gpu/drm/i915/gvt/kvmgt.c | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/drivers/gpu/drm/i915/gvt/kvmgt.c b/drivers/gpu/drm/i915/gvt/kvmgt.c
index c16a492..3162820 100644
--- a/drivers/gpu/drm/i915/gvt/kvmgt.c
+++ b/drivers/gpu/drm/i915/gvt/kvmgt.c
@@ -583,6 +583,17 @@  static int intel_vgpu_open(struct mdev_device *mdev)
 	return ret;
 }
 
+static void intel_vgpu_release_msi_eventfd_ctx(struct intel_vgpu *vgpu)
+{
+	struct eventfd_ctx *trigger;
+
+	trigger = vgpu->vdev.msi_trigger;
+	if (trigger) {
+		eventfd_ctx_put(trigger);
+		vgpu->vdev.msi_trigger = NULL;
+	}
+}
+
 static void __intel_vgpu_release(struct intel_vgpu *vgpu)
 {
 	struct kvmgt_guest_info *info;
@@ -607,6 +618,8 @@  static void __intel_vgpu_release(struct intel_vgpu *vgpu)
 	info = (struct kvmgt_guest_info *)vgpu->handle;
 	kvmgt_guest_exit(info);
 
+	intel_vgpu_release_msi_eventfd_ctx(vgpu);
+
 	vgpu->vdev.kvm = NULL;
 	vgpu->handle = 0;
 }
@@ -987,7 +1000,8 @@  static int intel_vgpu_set_msi_trigger(struct intel_vgpu *vgpu,
 			return PTR_ERR(trigger);
 		}
 		vgpu->vdev.msi_trigger = trigger;
-	}
+	} else if ((flags & VFIO_IRQ_SET_DATA_NONE) && !count)
+		intel_vgpu_release_msi_eventfd_ctx(vgpu);
 
 	return 0;
 }

Comments

On 2018.03.27 05:29:08 +0800, Xiong Zhang wrote:
> kvmgt get msi eventfd_ctx at qemu vfio set irq eventfd, then
> msi eventfd_ctx should be put at some point.
> The first point is kvmgt handle qemu vfio_disable_irqindex()
> call which has DATA_NONE and ACTION_TRIGGER in flags.
> If qemu doesn't call vfio_disable_irqindex(), the second point
> is vgpu release function.
> 
> Signed-off-by: Xiong Zhang <xiong.y.zhang@intel.com>
> ---
>  drivers/gpu/drm/i915/gvt/kvmgt.c | 16 +++++++++++++++-
>  1 file changed, 15 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/gpu/drm/i915/gvt/kvmgt.c b/drivers/gpu/drm/i915/gvt/kvmgt.c
> index c16a492..3162820 100644
> --- a/drivers/gpu/drm/i915/gvt/kvmgt.c
> +++ b/drivers/gpu/drm/i915/gvt/kvmgt.c
> @@ -583,6 +583,17 @@ static int intel_vgpu_open(struct mdev_device *mdev)
>  	return ret;
>  }
>  
> +static void intel_vgpu_release_msi_eventfd_ctx(struct intel_vgpu *vgpu)
> +{
> +	struct eventfd_ctx *trigger;
> +
> +	trigger = vgpu->vdev.msi_trigger;
> +	if (trigger) {
> +		eventfd_ctx_put(trigger);
> +		vgpu->vdev.msi_trigger = NULL;
> +	}
> +}
> +
>  static void __intel_vgpu_release(struct intel_vgpu *vgpu)
>  {
>  	struct kvmgt_guest_info *info;
> @@ -607,6 +618,8 @@ static void __intel_vgpu_release(struct intel_vgpu *vgpu)
>  	info = (struct kvmgt_guest_info *)vgpu->handle;
>  	kvmgt_guest_exit(info);
>  
> +	intel_vgpu_release_msi_eventfd_ctx(vgpu);
> +
>  	vgpu->vdev.kvm = NULL;
>  	vgpu->handle = 0;
>  }
> @@ -987,7 +1000,8 @@ static int intel_vgpu_set_msi_trigger(struct intel_vgpu *vgpu,
>  			return PTR_ERR(trigger);
>  		}
>  		vgpu->vdev.msi_trigger = trigger;
> -	}
> +	} else if ((flags & VFIO_IRQ_SET_DATA_NONE) && !count)
> +		intel_vgpu_release_msi_eventfd_ctx(vgpu);
>  
>  	return 0;
>  }
> -- 

Looks good to me, applied, thanks!