drm: eliminate bit-copy restoration of crtc
authorIlija Hadzic <ihadzic@research.bell-labs.com>
Tue, 29 Oct 2013 15:09:46 +0000 (11:09 -0400)
committerDave Airlie <airlied@redhat.com>
Wed, 6 Nov 2013 04:27:51 +0000 (14:27 +1000)
commit02ee4e9455456a9bc9ee94d30eef78fc610922c1
tree5a80003498bc7753902e985efc2ac46fc2a7dc10
parent48b1f5ddaafa341bebbaac2a5fbaaa89b5b16281
drm: eliminate bit-copy restoration of crtc

Bit-copying restoration of CRTC structure in failure-recovery
path of drm_crtc_helper_set_config function evokes a
subtle and rare, but very dangerous, corruption of
CRTC mutex structure.

Namely, if drm_crtc_helper_set_config takes the path under
'fail:' label *and* some other process has attempted to
grab the crtc mutex (and got blocked), restoring the CRTC
structure by bit-copying it will overwrite the CRTC mutex
state and the waiters list pointer within the mutex structure.
Consequently the blocked process will never be scheduled.

This patch fixes the issue by eliminating the bit-copy
restoration. The elimination is possible because previous
patches have cleaned up the resoration path so that only
the fields touched by the drm_crtc_helper_set_config function
are saved and restored if necessary.

Signed-off-by: Ilija Hadzic <ihadzic@research.bell-labs.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
drivers/gpu/drm/drm_crtc_helper.c