drm/amdgpu: Guard against write accesses after device removal

#include <drm/task_barrier.h>

#include <linux/pm_runtime.h>

#include <drm/drm_drv.h>

MODULE_FIRMWARE("amdgpu/vega10_gpu_info.bin");

MODULE_FIRMWARE("amdgpu/vega12_gpu_info.bin");

MODULE_FIRMWARE("amdgpu/raven_gpu_info.bin");

	unsigned long flags;

	uint32_t hi = ~0;

	uint64_t last;

	int idx;

	if (!drm_dev_enter(&adev->ddev, &idx))

		return;

#ifdef CONFIG_64BIT

	last = min(pos + size, adev->gmc.visible_vram_size);

		}

		if (count == size)

			return;

			goto exit;

		pos += count;

		buf += count / 4;

			*buf++ = RREG32_NO_KIQ(mmMM_DATA);

	}

	spin_unlock_irqrestore(&adev->mmio_idx_lock, flags);

exit:

	drm_dev_exit(idx);

}

/*

#include "amdgpu_ras.h"

#include "amdgpu_xgmi.h"

#include <drm/drm_drv.h>

/**

 * amdgpu_gmc_pdb0_alloc - allocate vram for pdb0

 *

{

	void __iomem *ptr = (void *)cpu_pt_addr;

	uint64_t value;

	int idx;

	if (!drm_dev_enter(&adev->ddev, &idx))

		return 0;

	/*

	 * The following is for PTE only. GART does not have PDEs.

	value = addr & 0x0000FFFFFFFFF000ULL;

	value |= flags;

	writeq(value, ptr + (gpu_page_idx * 8));

	drm_dev_exit(idx);

	return 0;

}

#include <linux/firmware.h>

#include <linux/dma-mapping.h>

#include <drm/drm_drv.h>

#include "amdgpu.h"

#include "amdgpu_psp.h"

#include "amdgpu_ras.h"

#include "amdgpu_securedisplay.h"

#include <drm/drm_drv.h>

static int psp_sysfs_init(struct amdgpu_device *adev);

static void psp_sysfs_fini(struct amdgpu_device *adev);

		   struct psp_gfx_cmd_resp *cmd, uint64_t fence_mc_addr)

{

	int ret;

	int index;

	int index, idx;

	int timeout = 20000;

	bool ras_intr = false;

	bool skip_unsupport = false;

	if (psp->adev->in_pci_err_recovery)

		return 0;

	if (!drm_dev_enter(&psp->adev->ddev, &idx))

		return 0;

	mutex_lock(&psp->mutex);

	memset(psp->cmd_buf_mem, 0, PSP_CMD_BUFFER_SIZE);

	ret = psp_ring_cmd_submit(psp, psp->cmd_buf_mc_addr, fence_mc_addr, index);

	if (ret) {

		atomic_dec(&psp->fence_value);

		mutex_unlock(&psp->mutex);

		return ret;

		goto exit;

	}

	amdgpu_asic_invalidate_hdp(psp->adev, NULL);

			 psp->cmd_buf_mem->cmd_id,

			 psp->cmd_buf_mem->resp.status);

		if (!timeout) {

			mutex_unlock(&psp->mutex);

			return -EINVAL;

			ret = -EINVAL;

			goto exit;

		}

	}

		ucode->tmr_mc_addr_lo = psp->cmd_buf_mem->resp.fw_addr_lo;

		ucode->tmr_mc_addr_hi = psp->cmd_buf_mem->resp.fw_addr_hi;

	}

	mutex_unlock(&psp->mutex);

exit:

	mutex_unlock(&psp->mutex);

	drm_dev_exit(idx);

	return ret;

}

	if (!cmd)

		return -ENOMEM;

	/* Copy toc to psp firmware private buffer */

	memset(psp->fw_pri_buf, 0, PSP_1_MEG);

	memcpy(psp->fw_pri_buf, psp->toc_start_addr, psp->toc_bin_size);

	psp_copy_fw(psp, psp->toc_start_addr, psp->toc_bin_size);

	psp_prep_load_toc_cmd_buf(cmd, psp->fw_pri_mc_addr, psp->toc_bin_size);

	if (!cmd)

		return -ENOMEM;

	memset(psp->fw_pri_buf, 0, PSP_1_MEG);

	memcpy(psp->fw_pri_buf, psp->asd_start_addr, psp->asd_ucode_size);

	psp_copy_fw(psp, psp->asd_start_addr, psp->asd_ucode_size);

	psp_prep_asd_load_cmd_buf(cmd, psp->fw_pri_mc_addr,

				  psp->asd_ucode_size);

	if (!cmd)

		return -ENOMEM;

	memset(psp->fw_pri_buf, 0, PSP_1_MEG);

	memcpy(psp->fw_pri_buf, psp->ta_xgmi_start_addr, psp->ta_xgmi_ucode_size);

	psp_copy_fw(psp, psp->ta_xgmi_start_addr, psp->ta_xgmi_ucode_size);

	psp_prep_ta_load_cmd_buf(cmd,

				 psp->fw_pri_mc_addr,

	if (!cmd)

		return -ENOMEM;

	memset(psp->fw_pri_buf, 0, PSP_1_MEG);

	memcpy(psp->fw_pri_buf, psp->ta_ras_start_addr, psp->ta_ras_ucode_size);

	psp_copy_fw(psp, psp->ta_ras_start_addr, psp->ta_ras_ucode_size);

	psp_prep_ta_load_cmd_buf(cmd,

				 psp->fw_pri_mc_addr,

	if (!cmd)

		return -ENOMEM;

	memset(psp->fw_pri_buf, 0, PSP_1_MEG);

	memcpy(psp->fw_pri_buf, psp->ta_hdcp_start_addr,

	psp_copy_fw(psp, psp->ta_hdcp_start_addr,

		    psp->ta_hdcp_ucode_size);

	psp_prep_ta_load_cmd_buf(cmd,

	if (!cmd)

		return -ENOMEM;

	memset(psp->fw_pri_buf, 0, PSP_1_MEG);

	memcpy(psp->fw_pri_buf, psp->ta_dtm_start_addr, psp->ta_dtm_ucode_size);

	psp_copy_fw(psp, psp->ta_dtm_start_addr, psp->ta_dtm_ucode_size);

	psp_prep_ta_load_cmd_buf(cmd,

				 psp->fw_pri_mc_addr,

	if (!cmd)

		return -ENOMEM;

	memset(psp->fw_pri_buf, 0, PSP_1_MEG);

	memcpy(psp->fw_pri_buf, psp->ta_rap_start_addr, psp->ta_rap_ucode_size);

	psp_copy_fw(psp, psp->ta_rap_start_addr, psp->ta_rap_ucode_size);

	psp_prep_ta_load_cmd_buf(cmd,

				 psp->fw_pri_mc_addr,

	struct amdgpu_device *adev = drm_to_adev(ddev);

	void *cpu_addr;

	dma_addr_t dma_addr;

	int ret;

	int ret, idx;

	char fw_name[100];

	const struct firmware *usbc_pd_fw;

		return -EBUSY;

	}

	if (!drm_dev_enter(ddev, &idx))

		return -ENODEV;

	snprintf(fw_name, sizeof(fw_name), "amdgpu/%s", buf);

	ret = request_firmware(&usbc_pd_fw, fw_name, adev->dev);

	if (ret)

rel_buf:

	dma_free_coherent(adev->dev, usbc_pd_fw->size, cpu_addr, dma_addr);

	release_firmware(usbc_pd_fw);

fail:

	if (ret) {

		DRM_ERROR("Failed to load USBC PD FW, err = %d", ret);

		return ret;

		count = ret;

	}

	drm_dev_exit(idx);

	return count;

}

void psp_copy_fw(struct psp_context *psp, uint8_t *start_addr, uint32_t bin_size)

{

	int idx;

	if (!drm_dev_enter(&psp->adev->ddev, &idx))

		return;

	memset(psp->fw_pri_buf, 0, PSP_1_MEG);

	memcpy(psp->fw_pri_buf, start_addr, bin_size);

	drm_dev_exit(idx);

}

static DEVICE_ATTR(usbc_pd_fw, S_IRUGO | S_IWUSR,

		   psp_usbc_pd_fw_sysfs_read,

		   psp_usbc_pd_fw_sysfs_write);

int psp_load_fw_list(struct psp_context *psp,

		     struct amdgpu_firmware_info **ucode_list, int ucode_count);

void psp_copy_fw(struct psp_context *psp, uint8_t *start_addr, uint32_t bin_size);

#endif

#include <linux/module.h>

#include <drm/drm.h>

#include <drm/drm_drv.h>

#include "amdgpu.h"

#include "amdgpu_pm.h"

{

	unsigned size;

	void *ptr;

	int i, j;

	int i, j, idx;

	bool in_ras_intr = amdgpu_ras_intr_triggered();

	cancel_delayed_work_sync(&adev->uvd.idle_work);

		if (!adev->uvd.inst[j].saved_bo)

			return -ENOMEM;

		if (drm_dev_enter(&adev->ddev, &idx)) {

			/* re-write 0 since err_event_athub will corrupt VCPU buffer */

			if (in_ras_intr)

				memset(adev->uvd.inst[j].saved_bo, 0, size);

			else

				memcpy_fromio(adev->uvd.inst[j].saved_bo, ptr, size);

			drm_dev_exit(idx);

		}

	}

	if (in_ras_intr)

{

	unsigned size;

	void *ptr;

	int i;

	int i, idx;

	for (i = 0; i < adev->uvd.num_uvd_inst; i++) {

		if (adev->uvd.harvest_config & (1 << i))

		ptr = adev->uvd.inst[i].cpu_addr;

		if (adev->uvd.inst[i].saved_bo != NULL) {

			if (drm_dev_enter(&adev->ddev, &idx)) {

				memcpy_toio(ptr, adev->uvd.inst[i].saved_bo, size);

				drm_dev_exit(idx);

			}

			kvfree(adev->uvd.inst[i].saved_bo);

			adev->uvd.inst[i].saved_bo = NULL;

		} else {

			hdr = (const struct common_firmware_header *)adev->uvd.fw->data;

			if (adev->firmware.load_type != AMDGPU_FW_LOAD_PSP) {

				offset = le32_to_cpu(hdr->ucode_array_offset_bytes);

				if (drm_dev_enter(&adev->ddev, &idx)) {

					memcpy_toio(adev->uvd.inst[i].cpu_addr, adev->uvd.fw->data + offset,

						    le32_to_cpu(hdr->ucode_size_bytes));

					drm_dev_exit(idx);

				}

				size -= le32_to_cpu(hdr->ucode_size_bytes);

				ptr += le32_to_cpu(hdr->ucode_size_bytes);

			}