Skip to content

Commit ad2b502

Browse files
gregkhgregkh
committed
Merge tag 'misc-habanalabs-fixes-2021-09-29' of https://git.kernel.org/pub/scm/linux/kernel/git/ogabbay/linux into char-misc-linus
Oded writes: This tag contains the following fix for 5.15-rc4: - Prevent memset of ioctl arguments in case driver returns -EINTR * tag 'misc-habanalabs-fixes-2021-09-29' of https://git.kernel.org/pub/scm/linux/kernel/git/ogabbay/linux: habanalabs: fix resetting args in wait for CS IOCTL
2 parents 9e1ff30 + 4ca57d5 commit ad2b502

File tree

2 files changed

+21
-18
lines changed

2 files changed

+21
-18
lines changed

drivers/misc/habanalabs/common/command_submission.c

Lines changed: 19 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -2649,11 +2649,18 @@ static int hl_multi_cs_wait_ioctl(struct hl_fpriv *hpriv, void *data)
26492649
free_seq_arr:
26502650
kfree(cs_seq_arr);
26512651

2652-
/* update output args */
2653-
memset(args, 0, sizeof(*args));
26542652
if (rc)
26552653
return rc;
26562654

2655+
if (mcs_data.wait_status == -ERESTARTSYS) {
2656+
dev_err_ratelimited(hdev->dev,
2657+
"user process got signal while waiting for Multi-CS\n");
2658+
return -EINTR;
2659+
}
2660+
2661+
/* update output args */
2662+
memset(args, 0, sizeof(*args));
2663+
26572664
if (mcs_data.completion_bitmap) {
26582665
args->out.status = HL_WAIT_CS_STATUS_COMPLETED;
26592666
args->out.cs_completion_map = mcs_data.completion_bitmap;
@@ -2667,8 +2674,6 @@ static int hl_multi_cs_wait_ioctl(struct hl_fpriv *hpriv, void *data)
26672674
/* update if some CS was gone */
26682675
if (mcs_data.timestamp)
26692676
args->out.flags |= HL_WAIT_CS_STATUS_FLAG_GONE;
2670-
} else if (mcs_data.wait_status == -ERESTARTSYS) {
2671-
args->out.status = HL_WAIT_CS_STATUS_INTERRUPTED;
26722677
} else {
26732678
args->out.status = HL_WAIT_CS_STATUS_BUSY;
26742679
}
@@ -2688,16 +2693,17 @@ static int hl_cs_wait_ioctl(struct hl_fpriv *hpriv, void *data)
26882693
rc = _hl_cs_wait_ioctl(hdev, hpriv->ctx, args->in.timeout_us, seq,
26892694
&status, &timestamp);
26902695

2696+
if (rc == -ERESTARTSYS) {
2697+
dev_err_ratelimited(hdev->dev,
2698+
"user process got signal while waiting for CS handle %llu\n",
2699+
seq);
2700+
return -EINTR;
2701+
}
2702+
26912703
memset(args, 0, sizeof(*args));
26922704

26932705
if (rc) {
2694-
if (rc == -ERESTARTSYS) {
2695-
dev_err_ratelimited(hdev->dev,
2696-
"user process got signal while waiting for CS handle %llu\n",
2697-
seq);
2698-
args->out.status = HL_WAIT_CS_STATUS_INTERRUPTED;
2699-
rc = -EINTR;
2700-
} else if (rc == -ETIMEDOUT) {
2706+
if (rc == -ETIMEDOUT) {
27012707
dev_err_ratelimited(hdev->dev,
27022708
"CS %llu has timed-out while user process is waiting for it\n",
27032709
seq);
@@ -2823,7 +2829,6 @@ static int _hl_interrupt_wait_ioctl(struct hl_device *hdev, struct hl_ctx *ctx,
28232829
dev_err_ratelimited(hdev->dev,
28242830
"user process got signal while waiting for interrupt ID %d\n",
28252831
interrupt->interrupt_id);
2826-
*status = HL_WAIT_CS_STATUS_INTERRUPTED;
28272832
rc = -EINTR;
28282833
} else {
28292834
*status = CS_WAIT_STATUS_BUSY;
@@ -2878,8 +2883,6 @@ static int hl_interrupt_wait_ioctl(struct hl_fpriv *hpriv, void *data)
28782883
args->in.interrupt_timeout_us, args->in.addr,
28792884
args->in.target, interrupt_offset, &status);
28802885

2881-
memset(args, 0, sizeof(*args));
2882-
28832886
if (rc) {
28842887
if (rc != -EINTR)
28852888
dev_err_ratelimited(hdev->dev,
@@ -2888,6 +2891,8 @@ static int hl_interrupt_wait_ioctl(struct hl_fpriv *hpriv, void *data)
28882891
return rc;
28892892
}
28902893

2894+
memset(args, 0, sizeof(*args));
2895+
28912896
switch (status) {
28922897
case CS_WAIT_STATUS_COMPLETED:
28932898
args->out.status = HL_WAIT_CS_STATUS_COMPLETED;

include/uapi/misc/habanalabs.h

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -917,7 +917,6 @@ struct hl_wait_cs_in {
917917
#define HL_WAIT_CS_STATUS_BUSY 1
918918
#define HL_WAIT_CS_STATUS_TIMEDOUT 2
919919
#define HL_WAIT_CS_STATUS_ABORTED 3
920-
#define HL_WAIT_CS_STATUS_INTERRUPTED 4
921920

922921
#define HL_WAIT_CS_STATUS_FLAG_GONE 0x1
923922
#define HL_WAIT_CS_STATUS_FLAG_TIMESTAMP_VLD 0x2
@@ -1286,16 +1285,15 @@ struct hl_debug_args {
12861285
* EIO - The CS was aborted (usually because the device was reset)
12871286
* ENODEV - The device wants to do hard-reset (so user need to close FD)
12881287
*
1289-
* The driver also returns a custom define inside the IOCTL which can be:
1288+
* The driver also returns a custom define in case the IOCTL call returned 0.
1289+
* The define can be one of the following:
12901290
*
12911291
* HL_WAIT_CS_STATUS_COMPLETED - The CS has been completed successfully (0)
12921292
* HL_WAIT_CS_STATUS_BUSY - The CS is still executing (0)
12931293
* HL_WAIT_CS_STATUS_TIMEDOUT - The CS has caused a timeout on the device
12941294
* (ETIMEDOUT)
12951295
* HL_WAIT_CS_STATUS_ABORTED - The CS was aborted, usually because the
12961296
* device was reset (EIO)
1297-
* HL_WAIT_CS_STATUS_INTERRUPTED - Waiting for the CS was interrupted (EINTR)
1298-
*
12991297
*/
13001298

13011299
#define HL_IOCTL_WAIT_CS \

0 commit comments

Comments
 (0)