AZL-71347

In the Linux kernel, the following vulnerability has been resolved:

drm/amdkfd: Fix double release compute pasid

If kfdprocessdeviceinitvm returns failure after vm is converted to compute vm and vm->pasid set to compute pasid, KFD will not take pdd->drm_file reference. As a result, drm close file handler maybe called to release the compute pasid before KFD process destroy worker to release the same pasid and set vm->pasid to zero, this generates below WARNING backtrace and NULL pointer access.

Add helper amdgpuamdkfdgpuvmsetvmpasid and call it at the last step of kfdprocessdeviceinitvm, to ensure vm pasid is the original pasid if acquiring vm failed or is the compute pasid with pdd->drmfile reference taken to avoid double release same pasid.

amdgpu: Failed to create process VM object idafree called for id=32770 which is not allocated. WARNING: CPU: 57 PID: 72542 at ../lib/idr.c:522 idafree+0x96/0x140 RIP: 0010:idafree+0x96/0x140 Call Trace: amdgpupasidfreedelayed+0xe1/0x2a0 [amdgpu] amdgpudriverpostclosekms+0x2d8/0x340 [amdgpu] drmfilefree.part.13+0x216/0x270 [drm] drmclosehelper.isra.14+0x60/0x70 [drm] drmrelease+0x6e/0xf0 [drm] __fput+0xcc/0x280 ___fput+0xe/0x20 taskworkrun+0x96/0xc0 doexit+0x3d0/0xc10

BUG: kernel NULL pointer dereference, address: 0000000000000000 RIP: 0010:idafree+0x76/0x140 Call Trace: amdgpupasidfreedelayed+0xe1/0x2a0 [amdgpu] amdgpudriverpostclosekms+0x2d8/0x340 [amdgpu] drmfilefree.part.13+0x216/0x270 [drm] drmclosehelper.isra.14+0x60/0x70 [drm] drmrelease+0x6e/0xf0 [drm] __fput+0xcc/0x280 ___fput+0xe/0x20 taskworkrun+0x96/0xc0 doexit+0x3d0/0xc10