drm/virtio: Add memory barriers for capset cache.

After data is copied to the cache entry, atomic_set is used indicate
that the data is the entry is valid without appropriate memory barriers.
Similarly the read side was missing the corresponding memory barriers.

Signed-off-by: David Riley <davidriley@chromium.org>
Link: http://patchwork.freedesktop.org/patch/msgid/20190610211810.253227-5-davidriley@chromium.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

diff --git a/drivers/gpu/drm/virtio/virtgpu_ioctl.c b/drivers/gpu/drm/virtio/virtgpu_ioctl.c
index 9f43b160e1bb73f40c0924822eee16b31ff0f736..c0ba1ead740f48ebeccffdd4c8179a2534d33835 100644 (file)
--- a/drivers/gpu/drm/virtio/virtgpu_ioctl.c
+++ b/drivers/gpu/drm/virtio/virtgpu_ioctl.c
@@ -540,6 +540,9 @@ copy_exit:
        if (!ret)
                return -EBUSY;
 
+       /* is_valid check must proceed before copy of the cache entry. */
+       smp_rmb();
+
        ptr = cache_ent->caps_cache;
 
        if (copy_to_user(u64_to_user_ptr(args->addr), ptr, size))

diff --git a/drivers/gpu/drm/virtio/virtgpu_vq.c b/drivers/gpu/drm/virtio/virtgpu_vq.c
index 5de38b2ee9acd471eefd1b7c43a47e61f0ab7751..6c1a90717535d859da62f523f49e272e10d6c4a1 100644 (file)
--- a/drivers/gpu/drm/virtio/virtgpu_vq.c
+++ b/drivers/gpu/drm/virtio/virtgpu_vq.c
@@ -593,6 +593,8 @@ static void virtio_gpu_cmd_capset_cb(struct virtio_gpu_device *vgdev,
                    cache_ent->id == le32_to_cpu(cmd->capset_id)) {
                        memcpy(cache_ent->caps_cache, resp->capset_data,
                               cache_ent->size);
+                       /* Copy must occur before is_valid is signalled. */
+                       smp_wmb();
                        atomic_set(&cache_ent->is_valid, 1);
                        break;
                }