Linaro-mm-sig

linaro-mm-sig@lists.linaro.org

24 participants
2727 discussions

[PATCH] udmabuf: validate ubuf->pagecount

by Pavel Skripkin

Syzbot has reported GPF in sg_alloc_append_table_from_pages(). The problem was in ubuf->pages == ZERO_PTR. ubuf->pagecount is calculated from arguments passed from user-space. If user creates udmabuf with list.size == 0 then ubuf->pagecount will be also equal to zero; it causes kmalloc_array() to return ZERO_PTR. Fix it by validating ubuf->pagecount before passing it to kmalloc_array(). Fixes: fbb0de795078 ("Add udmabuf misc device") Reported-and-tested-by: syzbot+2c56b725ec547fa9cb29(a)syzkaller.appspotmail.com Signed-off-by: Pavel Skripkin <paskripkin(a)gmail.com> --- Happy New Year and Merry Christmas! :) With regards, Pavel Skripkin --- drivers/dma-buf/udmabuf.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/dma-buf/udmabuf.c b/drivers/dma-buf/udmabuf.c index c57a609db75b..e7330684d3b8 100644 --- a/drivers/dma-buf/udmabuf.c +++ b/drivers/dma-buf/udmabuf.c @@ -190,6 +190,10 @@ static long udmabuf_create(struct miscdevice *device, if (ubuf->pagecount > pglimit) goto err; } + + if (!ubuf->pagecount) + goto err; + ubuf->pages = kmalloc_array(ubuf->pagecount, sizeof(*ubuf->pages), GFP_KERNEL); if (!ubuf->pages) { -- 2.34.1

3 years, 3 months

[PATCH 0/2] MAINTAINERS: update various stm & sti maintainer names

by Philippe Cornu

This short serie contains the maintainer status update sent recently by Benjamin Gaignard (see [1] for details) and add new maintainers for various stm & sti files. [1] https://lore.kernel.org/lkml/20210706163033.795805-1-benjamin.gaignard@coll… Benjamin Gaignard (1): MAINTAINERS: Update Benjamin Gaignard maintainer status Philippe Cornu (1): MAINTAINERS: update drm/stm drm/sti and cec/sti maintainers MAINTAINERS | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) -- 2.17.1

3 years, 3 months

[PATCH] dma-buf: Move sysfs work out of DMA-BUF export/release path

by Hridya Valsaraju

Recently, we noticed an issue where a process went into direct reclaim while holding the kernfs rw semaphore for sysfs in write(exclusive) mode. This caused processes who were doing DMA-BUF exports and releases to go into uninterruptible sleep since they needed to acquire the same semaphore for the DMA-BUF sysfs entry creation/deletion. In order to avoid blocking DMA-BUF export/release for an indeterminate amount of time while another process is holding the sysfs rw semaphore in exclusive mode, this patch moves the per-buffer sysfs file creation/deleteion to a kthread. Fixes: bdb8d06dfefd ("dmabuf: Add the capability to expose DMA-BUF stats in sysfs") Signed-off-by: Hridya Valsaraju <hridya(a)google.com> --- drivers/dma-buf/dma-buf-sysfs-stats.c | 343 ++++++++++++++++++++++++-- include/linux/dma-buf.h | 46 ++++ 2 files changed, 366 insertions(+), 23 deletions(-) diff --git a/drivers/dma-buf/dma-buf-sysfs-stats.c b/drivers/dma-buf/dma-buf-sysfs-stats.c index 053baadcada9..3251fdf2f05f 100644 --- a/drivers/dma-buf/dma-buf-sysfs-stats.c +++ b/drivers/dma-buf/dma-buf-sysfs-stats.c @@ -7,13 +7,39 @@ #include <linux/dma-buf.h> #include <linux/dma-resv.h> +#include <linux/freezer.h> #include <linux/kobject.h> +#include <linux/kthread.h> +#include <linux/list.h> #include <linux/printk.h> +#include <linux/sched/signal.h> #include <linux/slab.h> #include <linux/sysfs.h> #include "dma-buf-sysfs-stats.h" +struct dmabuf_kobj_work { + struct list_head list; + struct dma_buf_sysfs_entry *sysfs_entry; + struct dma_buf_sysfs_entry_metadata *sysfs_metadata; + unsigned long uid; +}; + +/* Both kobject setup and teardown work gets queued on the list. */ +static LIST_HEAD(dmabuf_kobj_work_list); + +/* dmabuf_kobj_list_lock protects dmabuf_kobj_work_list. */ +static DEFINE_SPINLOCK(dmabuf_kobj_list_lock); + +/* + * dmabuf_sysfs_show_lock prevents a race between a DMA-BUF sysfs file being + * read and the DMA-BUF being freed by protecting sysfs_entry->dmabuf. + */ +static DEFINE_SPINLOCK(dmabuf_sysfs_show_lock); + +static struct task_struct *dmabuf_kobject_task; +static wait_queue_head_t dmabuf_kobject_waitqueue; + #define to_dma_buf_entry_from_kobj(x) container_of(x, struct dma_buf_sysfs_entry, kobj) /** @@ -64,15 +90,26 @@ static ssize_t dma_buf_stats_attribute_show(struct kobject *kobj, struct dma_buf_stats_attribute *attribute; struct dma_buf_sysfs_entry *sysfs_entry; struct dma_buf *dmabuf; + int ret; attribute = to_dma_buf_stats_attr(attr); sysfs_entry = to_dma_buf_entry_from_kobj(kobj); + + /* + * acquire dmabuf_sysfs_show_lock to prevent a race with the DMA-BUF + * being freed while sysfs_entry->dmabuf is being accessed. + */ + spin_lock(&dmabuf_sysfs_show_lock); dmabuf = sysfs_entry->dmabuf; - if (!dmabuf || !attribute->show) + if (!dmabuf || !attribute->show) { + spin_unlock(&dmabuf_sysfs_show_lock); return -EIO; + } - return attribute->show(dmabuf, attribute, buf); + ret = attribute->show(dmabuf, attribute, buf); + spin_unlock(&dmabuf_sysfs_show_lock); + return ret; } static const struct sysfs_ops dma_buf_stats_sysfs_ops = { @@ -118,33 +155,275 @@ static struct kobj_type dma_buf_ktype = { .default_groups = dma_buf_stats_default_groups, }; -void dma_buf_stats_teardown(struct dma_buf *dmabuf) +/* Statistics files do not need to send uevents. */ +static int dmabuf_sysfs_uevent_filter(struct kset *kset, struct kobject *kobj) { - struct dma_buf_sysfs_entry *sysfs_entry; + return 0; +} - sysfs_entry = dmabuf->sysfs_entry; - if (!sysfs_entry) - return; +static const struct kset_uevent_ops dmabuf_sysfs_no_uevent_ops = { + .filter = dmabuf_sysfs_uevent_filter, +}; + +/* setup of sysfs entries done asynchronously in the worker thread. */ +static void dma_buf_sysfs_stats_setup_work(struct dmabuf_kobj_work *kobject_work) +{ + struct dma_buf_sysfs_entry *sysfs_entry = kobject_work->sysfs_entry; + struct dma_buf_sysfs_entry_metadata *sysfs_metadata = + kobject_work->sysfs_metadata; + bool free_metadata = false; + + int ret = kobject_init_and_add(&sysfs_entry->kobj, &dma_buf_ktype, NULL, + "%lu", kobject_work->uid); + if (ret) { + kobject_put(&sysfs_entry->kobj); + + spin_lock(&sysfs_metadata->sysfs_entry_lock); + if (sysfs_metadata->status == SYSFS_ENTRY_INIT_ABORTED) { + /* + * SYSFS_ENTRY_INIT_ABORTED means that the DMA-BUF has already + * been freed. At this point, its safe to free the memory for + * the sysfs_metadata; + */ + free_metadata = true; + } else { + /* + * The DMA-BUF has not yet been freed, set the status to + * sysfs_entry_error so that when the DMA-BUF gets + * freed, we know there is no need to teardown the sysfs + * entry. + */ + sysfs_metadata->status = SYSFS_ENTRY_ERROR; + } + goto unlock; + } + + /* + * If the DMA-BUF has not yet been released, status would still be + * SYSFS_ENTRY_INIT_IN_PROGRESS. We set the status as initialized. + */ + spin_lock(&sysfs_metadata->sysfs_entry_lock); + if (sysfs_metadata->status == SYSFS_ENTRY_INIT_IN_PROGRESS) { + sysfs_metadata->status = SYSFS_ENTRY_INITIALIZED; + goto unlock; + } + /* + * At this point the status is SYSFS_ENTRY_INIT_ABORTED which means + * that the DMA-BUF has already been freed. Hence, we cleanup the + * sysfs_entry and its metadata since neither of them are needed + * anymore. + */ + free_metadata = true; kobject_del(&sysfs_entry->kobj); kobject_put(&sysfs_entry->kobj); + +unlock: + spin_unlock(&sysfs_metadata->sysfs_entry_lock); + if (free_metadata) { + kfree(kobject_work->sysfs_metadata); + kobject_work->sysfs_metadata = NULL; + } } +/* teardown of sysfs entries done asynchronously in the worker thread. */ +static void dma_buf_sysfs_stats_teardown_work(struct dmabuf_kobj_work *kobject_work) +{ + struct dma_buf_sysfs_entry *sysfs_entry = kobject_work->sysfs_entry; -/* Statistics files do not need to send uevents. */ -static int dmabuf_sysfs_uevent_filter(struct kset *kset, struct kobject *kobj) + kobject_del(&sysfs_entry->kobj); + kobject_put(&sysfs_entry->kobj); + + kfree(kobject_work->sysfs_metadata); + kobject_work->sysfs_metadata = NULL; +} + +/* do setup or teardown of sysfs entries as required */ +static void do_kobject_work(struct dmabuf_kobj_work *kobject_work) { + struct dma_buf_sysfs_entry_metadata *sysfs_metadata; + bool setup_needed = false; + bool teardown_needed = false; + + sysfs_metadata = kobject_work->sysfs_metadata; + spin_lock(&sysfs_metadata->sysfs_entry_lock); + if (sysfs_metadata->status == SYSFS_ENTRY_UNINITIALIZED) { + setup_needed = true; + sysfs_metadata->status = SYSFS_ENTRY_INIT_IN_PROGRESS; + } else if (sysfs_metadata->status == SYSFS_ENTRY_INITIALIZED) { + teardown_needed = true; + } + + /* + * It is ok to release the sysfs_entry_lock here. + * + * If setup_needed is true, we check the status again after the kobject + * initialization to see if it has been set to SYSFS_ENTRY_INIT_ABORTED + * and if so teardown the kobject. + * + * If teardown_needed is true, there are no more changes expected to the + * status. + * + * If neither setup_needed nor teardown needed are true, it + * means the DMA-BUF was freed before we got around to setting up the + * sysfs entry and hence we just need to release the metadata and + * return. + */ + spin_unlock(&kobject_work->sysfs_metadata->sysfs_entry_lock); + + if (setup_needed) + dma_buf_sysfs_stats_setup_work(kobject_work); + else if (teardown_needed) + dma_buf_sysfs_stats_teardown_work(kobject_work); + else + kfree(kobject_work->sysfs_metadata); + + kfree(kobject_work); +} + +static struct dmabuf_kobj_work *get_next_kobj_work(void) +{ + struct dmabuf_kobj_work *kobject_work; + + spin_lock(&dmabuf_kobj_list_lock); + kobject_work = list_first_entry_or_null(&dmabuf_kobj_work_list, + struct dmabuf_kobj_work, list); + if (kobject_work) + list_del(&kobject_work->list); + spin_unlock(&dmabuf_kobj_list_lock); + return kobject_work; +} + +static int kobject_work_thread(void *data) +{ + struct dmabuf_kobj_work *kobject_work; + + while (1) { + wait_event_freezable(dmabuf_kobject_waitqueue, + (kobject_work = get_next_kobj_work())); + do_kobject_work(kobject_work); + } + return 0; } -static const struct kset_uevent_ops dmabuf_sysfs_no_uevent_ops = { - .filter = dmabuf_sysfs_uevent_filter, -}; +static int kobject_worklist_init(void) +{ + init_waitqueue_head(&dmabuf_kobject_waitqueue); + dmabuf_kobject_task = kthread_run(kobject_work_thread, NULL, + "%s", "dmabuf-kobject-worker"); + if (IS_ERR(dmabuf_kobject_task)) { + pr_err("Creating thread for deferred sysfs entry creation/deletion failed\n"); + return PTR_ERR(dmabuf_kobject_task); + } + sched_set_normal(dmabuf_kobject_task, MAX_NICE); + + return 0; +} + +static void deferred_kobject_create(struct dmabuf_kobj_work *kobject_work) +{ + INIT_LIST_HEAD(&kobject_work->list); + + spin_lock(&dmabuf_kobj_list_lock); + + list_add_tail(&kobject_work->list, &dmabuf_kobj_work_list); + + spin_unlock(&dmabuf_kobj_list_lock); + + wake_up(&dmabuf_kobject_waitqueue); +} + + +void dma_buf_stats_teardown(struct dma_buf *dmabuf) +{ + struct dma_buf_sysfs_entry *sysfs_entry; + struct dma_buf_sysfs_entry_metadata *sysfs_metadata; + struct dmabuf_kobj_work *kobj_work; + + sysfs_entry = dmabuf->sysfs_entry; + if (!sysfs_entry) + return; + + sysfs_metadata = dmabuf->sysfs_entry_metadata; + if (!sysfs_metadata) + return; + + spin_lock(&sysfs_metadata->sysfs_entry_lock); + + if (sysfs_metadata->status == SYSFS_ENTRY_UNINITIALIZED || + sysfs_metadata->status == SYSFS_ENTRY_INIT_IN_PROGRESS) { + /* + * The sysfs entry for this buffer has not yet been initialized, + * we set the status to SYSFS_ENTRY_INIT_ABORTED to abort the + * initialization. + */ + sysfs_metadata->status = SYSFS_ENTRY_INIT_ABORTED; + spin_unlock(&sysfs_metadata->sysfs_entry_lock); + + /* + * In case kobject initialization completes right as we release + * the sysfs_entry_lock, disable show() for the sysfs entry by + * setting sysfs_entry->dmabuf to NULL to prevent a race. + */ + spin_lock(&dmabuf_sysfs_show_lock); + sysfs_entry->dmabuf = NULL; + spin_unlock(&dmabuf_sysfs_show_lock); + + return; + } + + if (sysfs_metadata->status == SYSFS_ENTRY_INITIALIZED) { + /* + * queue teardown work only if sysfs_entry is fully inititalized. + * It is ok to release the sysfs_entry_lock here since the + * status can no longer change. + */ + spin_unlock(&sysfs_metadata->sysfs_entry_lock); + + /* + * Meanwhile disable show() for the sysfs entry to avoid a race + * between teardown and show(). + */ + spin_lock(&dmabuf_sysfs_show_lock); + sysfs_entry->dmabuf = NULL; + spin_unlock(&dmabuf_sysfs_show_lock); + + kobj_work = kzalloc(sizeof(struct dmabuf_kobj_work), GFP_KERNEL); + if (!kobj_work) { + /* do the teardown immediately. */ + kobject_del(&sysfs_entry->kobj); + kobject_put(&sysfs_entry->kobj); + kfree(sysfs_metadata); + } else { + /* queue teardown work. */ + kobj_work->sysfs_entry = dmabuf->sysfs_entry; + kobj_work->sysfs_metadata = dmabuf->sysfs_entry_metadata; + deferred_kobject_create(kobj_work); + } + + return; + } + + /* + * status is SYSFS_ENTRY_INIT_ERROR so we only need to free the + * metadata. + */ + spin_unlock(&sysfs_metadata->sysfs_entry_lock); + kfree(dmabuf->sysfs_entry_metadata); + dmabuf->sysfs_entry_metadata = NULL; +} static struct kset *dma_buf_stats_kset; static struct kset *dma_buf_per_buffer_stats_kset; int dma_buf_init_sysfs_statistics(void) { + int ret; + + ret = kobject_worklist_init(); + if (ret) + return ret; + dma_buf_stats_kset = kset_create_and_add("dmabuf", &dmabuf_sysfs_no_uevent_ops, kernel_kobj); @@ -171,7 +450,8 @@ void dma_buf_uninit_sysfs_statistics(void) int dma_buf_stats_setup(struct dma_buf *dmabuf) { struct dma_buf_sysfs_entry *sysfs_entry; - int ret; + struct dma_buf_sysfs_entry_metadata *sysfs_metadata; + struct dmabuf_kobj_work *kobj_work; if (!dmabuf || !dmabuf->file) return -EINVAL; @@ -188,18 +468,35 @@ int dma_buf_stats_setup(struct dma_buf *dmabuf) sysfs_entry->kobj.kset = dma_buf_per_buffer_stats_kset; sysfs_entry->dmabuf = dmabuf; + sysfs_metadata = kzalloc(sizeof(struct dma_buf_sysfs_entry_metadata), + GFP_KERNEL); + if (!sysfs_metadata) { + kfree(sysfs_entry); + return -ENOMEM; + } + dmabuf->sysfs_entry = sysfs_entry; - /* create the directory for buffer stats */ - ret = kobject_init_and_add(&sysfs_entry->kobj, &dma_buf_ktype, NULL, - "%lu", file_inode(dmabuf->file)->i_ino); - if (ret) - goto err_sysfs_dmabuf; + sysfs_metadata->status = SYSFS_ENTRY_UNINITIALIZED; + spin_lock_init(&sysfs_metadata->sysfs_entry_lock); - return 0; + dmabuf->sysfs_entry_metadata = sysfs_metadata; -err_sysfs_dmabuf: - kobject_put(&sysfs_entry->kobj); - dmabuf->sysfs_entry = NULL; - return ret; + kobj_work = kzalloc(sizeof(struct dmabuf_kobj_work), GFP_KERNEL); + if (!kobj_work) { + kfree(sysfs_entry); + kfree(sysfs_metadata); + return -ENOMEM; + } + + kobj_work->sysfs_entry = dmabuf->sysfs_entry; + kobj_work->sysfs_metadata = dmabuf->sysfs_entry_metadata; + /* + * stash the inode number in struct dmabuf_kobj_work since setup + * might race with DMA-BUF teardown. + */ + kobj_work->uid = file_inode(dmabuf->file)->i_ino; + + deferred_kobject_create(kobj_work); + return 0; } diff --git a/include/linux/dma-buf.h b/include/linux/dma-buf.h index 7ab50076e7a6..0597690023a0 100644 --- a/include/linux/dma-buf.h +++ b/include/linux/dma-buf.h @@ -287,6 +287,50 @@ struct dma_buf_ops { void (*vunmap)(struct dma_buf *dmabuf, struct dma_buf_map *map); }; +#ifdef CONFIG_DMABUF_SYSFS_STATS +enum sysfs_entry_status { + SYSFS_ENTRY_UNINITIALIZED, + SYSFS_ENTRY_INIT_IN_PROGRESS, + SYSFS_ENTRY_ERROR, + SYSFS_ENTRY_INIT_ABORTED, + SYSFS_ENTRY_INITIALIZED, +}; + +/* + * struct dma_buf_sysfs_entry_metadata - Holds the current status for the + * DMA-BUF sysfs entry. + * + * @status: holds the current status for the DMA-BUF sysfs entry. The status of + * the sysfs entry has the following path. + * + * SYSFS_ENTRY_UNINITIALIZED + * __________________|____________________ + * | | + * SYSFS_ENTRY_INIT_IN_PROGRESS SYSFS_ENTRY_INIT_ABORTED (DMA-BUF + * | gets freed + * | before + * | init) + * ________|_____________________________________ + * | | | + * SYSFS_ENTRY_INITIALIZED | SYSFS_ENTRY_INIT_ABORTED + * | (DMA-BUF gets freed during kobject + * | init) + * | + * | + * SYSFS_ENTRY_ERROR + * (error during kobject init) + * + * @sysfs_entry_lock: protects access to @status. + */ +struct dma_buf_sysfs_entry_metadata { + enum sysfs_entry_status status; + /* + * Protects sysfs_entry_metadata->status + */ + spinlock_t sysfs_entry_lock; +}; +#endif + /** * struct dma_buf - shared buffer object * @@ -452,6 +496,8 @@ struct dma_buf { struct kobject kobj; struct dma_buf *dmabuf; } *sysfs_entry; + + struct dma_buf_sysfs_entry_metadata *sysfs_entry_metadata; #endif }; -- 2.34.1.448.ga2b2bfdf31-goog

3 years, 3 months

Re: [PATCH RESEND] dma-buf: heaps: Fix mutex lock area and generalize struct dma_heap_attachment

by John Stultz

On Tue, Dec 28, 2021 at 11:09 PM Weizhao Ouyang <o451686892(a)gmail.com> wrote: > > Fix cma_heap_buffer mutex lock area to protect vmap_cnt and vaddr. And > move struct dma_heap_attachment to dma-heap.h so that vendor dma heaps > can use it, the same behaviour as struct dma_buf_attachment. > Hey! Thanks for submitting this patch! Apologies for the slow reply (was out for the holidays). This patch is combining two changes in one patch, so they need to be split up. The locking change looks sane, but moving the dma_heap_attachment may need some extra justification as changing upstream code just to support out of tree code isn't usually done (if there was some benefit to the in-tree code, that would be fine though). I'd also be eager to try to get the vendor heap to be merged, assuming we can also merge an upstream user for it. thanks -john

3 years, 3 months

Re: [syzbot] general protection fault in sg_alloc_append_table_from_pages

by Pavel Skripkin

On 10/13/21 19:51, syzbot wrote: > Hello, > > syzbot found the following issue on: > > HEAD commit: 717478d89fe2 Merge tag 'riscv-for-linus-5.15-rc5' of git:/.. > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=12489abf300000 > kernel config: https://syzkaller.appspot.com/x/.config?x=32e6048063923b7b > dashboard link: https://syzkaller.appspot.com/bug?extid=2c56b725ec547fa9cb29 > compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2 > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=167b9e4f300000 > > The issue was bisected to: > > commit 284562e1f34874e267d4f499362c3816f8f6bc3f > Author: Gurchetan Singh <gurchetansingh(a)chromium.org> > Date: Tue Dec 3 01:36:27 2019 +0000 > > udmabuf: implement begin_cpu_access/end_cpu_access hooks > > bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=12d68447300000 > final oops: https://syzkaller.appspot.com/x/report.txt?x=11d68447300000 > console output: https://syzkaller.appspot.com/x/log.txt?x=16d68447300000 > zero ubuf->pagecount will cause kmalloc_array() to return ZERO_PTR, that is unsafe to deref #syz test git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master With regards, Pavel Skripkin

3 years, 3 months

Re: [Linaro-mm-sig] [PATCH] udmabuf: put dmabuf in case of get fd failed

by kernel test robot

Hi Xianting, Thank you for the patch! Yet something to improve: [auto build test ERROR on linus/master] [also build test ERROR on v5.16-rc6 next-20211217] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch] url: https://github.com/0day-ci/linux/commits/Xianting-Tian/udmabuf-put-dmabuf-i… base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git a7904a538933c525096ca2ccde1e60d0ee62c08e config: arc-randconfig-r043-20211220 (https://download.01.org/0day-ci/archive/20211220/202112202101.tVpymGaH-lkp@…) compiler: arceb-elf-gcc (GCC) 11.2.0 reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # https://github.com/0day-ci/linux/commit/322781a4da9de4a3057afd933108d23ca7f… git remote add linux-review https://github.com/0day-ci/linux git fetch --no-tags linux-review Xianting-Tian/udmabuf-put-dmabuf-in-case-of-get-fd-failed/20211220-134433 git checkout 322781a4da9de4a3057afd933108d23ca7f5282e # save the config file to linux build tree mkdir build_dir COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-11.2.0 make.cross O=build_dir ARCH=arc SHELL=/bin/bash drivers/dma-buf/ If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <lkp(a)intel.com> All error/warnings (new ones prefixed by >>): drivers/dma-buf/udmabuf.c: In function 'udmabuf_create': >> drivers/dma-buf/udmabuf.c:292:13: error: invalid storage class for function 'udmabuf_ioctl_create' 292 | static long udmabuf_ioctl_create(struct file *filp, unsigned long arg) | ^~~~~~~~~~~~~~~~~~~~ >> drivers/dma-buf/udmabuf.c:292:1: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] 292 | static long udmabuf_ioctl_create(struct file *filp, unsigned long arg) | ^~~~~~ >> drivers/dma-buf/udmabuf.c:311:13: error: invalid storage class for function 'udmabuf_ioctl_create_list' 311 | static long udmabuf_ioctl_create_list(struct file *filp, unsigned long arg) | ^~~~~~~~~~~~~~~~~~~~~~~~~ >> drivers/dma-buf/udmabuf.c:332:13: error: invalid storage class for function 'udmabuf_ioctl' 332 | static long udmabuf_ioctl(struct file *filp, unsigned int ioctl, | ^~~~~~~~~~~~~ >> drivers/dma-buf/udmabuf.c:353:27: error: initializer element is not constant 353 | .unlocked_ioctl = udmabuf_ioctl, | ^~~~~~~~~~~~~ drivers/dma-buf/udmabuf.c:353:27: note: (near initialization for 'udmabuf_fops.unlocked_ioctl') >> drivers/dma-buf/udmabuf.c:365:19: error: invalid storage class for function 'udmabuf_dev_init' 365 | static int __init udmabuf_dev_init(void) | ^~~~~~~~~~~~~~~~ >> drivers/dma-buf/udmabuf.c:370:20: error: invalid storage class for function 'udmabuf_dev_exit' 370 | static void __exit udmabuf_dev_exit(void) | ^~~~~~~~~~~~~~~~ In file included from include/linux/cred.h:12, from drivers/dma-buf/udmabuf.c:2: drivers/dma-buf/udmabuf.c:375:13: error: initializer element is not constant 375 | module_init(udmabuf_dev_init) | ^~~~~~~~~~~~~~~~ include/linux/init.h:250:55: note: in definition of macro '____define_initcall' 250 | __attribute__((__section__(__sec))) = fn; | ^~ include/linux/init.h:260:9: note: in expansion of macro '__unique_initcall' 260 | __unique_initcall(fn, id, __sec, __initcall_id(fn)) | ^~~~~~~~~~~~~~~~~ include/linux/init.h:262:35: note: in expansion of macro '___define_initcall' 262 | #define __define_initcall(fn, id) ___define_initcall(fn, id, .initcall##id) | ^~~~~~~~~~~~~~~~~~ include/linux/init.h:291:41: note: in expansion of macro '__define_initcall' 291 | #define device_initcall(fn) __define_initcall(fn, 6) | ^~~~~~~~~~~~~~~~~ include/linux/init.h:296:24: note: in expansion of macro 'device_initcall' 296 | #define __initcall(fn) device_initcall(fn) | ^~~~~~~~~~~~~~~ include/linux/module.h:88:25: note: in expansion of macro '__initcall' 88 | #define module_init(x) __initcall(x); | ^~~~~~~~~~ drivers/dma-buf/udmabuf.c:375:1: note: in expansion of macro 'module_init' 375 | module_init(udmabuf_dev_init) | ^~~~~~~~~~~ drivers/dma-buf/udmabuf.c:376:13: error: initializer element is not constant 376 | module_exit(udmabuf_dev_exit) | ^~~~~~~~~~~~~~~~ include/linux/init.h:299:57: note: in definition of macro '__exitcall' 299 | static exitcall_t __exitcall_##fn __exit_call = fn | ^~ drivers/dma-buf/udmabuf.c:376:1: note: in expansion of macro 'module_exit' 376 | module_exit(udmabuf_dev_exit) | ^~~~~~~~~~~ >> include/linux/init.h:299:9: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] 299 | static exitcall_t __exitcall_##fn __exit_call = fn | ^~~~~~ include/linux/module.h:100:25: note: in expansion of macro '__exitcall' 100 | #define module_exit(x) __exitcall(x); | ^~~~~~~~~~ drivers/dma-buf/udmabuf.c:376:1: note: in expansion of macro 'module_exit' 376 | module_exit(udmabuf_dev_exit) | ^~~~~~~~~~~ >> drivers/dma-buf/udmabuf.c:379:1: error: expected declaration or statement at end of input 379 | MODULE_LICENSE("GPL v2"); | ^~~~~~~~~~~~~~ vim +/udmabuf_ioctl_create +292 drivers/dma-buf/udmabuf.c fbb0de795078190 Gerd Hoffmann 2018-08-27 291 fbb0de795078190 Gerd Hoffmann 2018-08-27 @292 static long udmabuf_ioctl_create(struct file *filp, unsigned long arg) fbb0de795078190 Gerd Hoffmann 2018-08-27 293 { fbb0de795078190 Gerd Hoffmann 2018-08-27 294 struct udmabuf_create create; fbb0de795078190 Gerd Hoffmann 2018-08-27 295 struct udmabuf_create_list head; fbb0de795078190 Gerd Hoffmann 2018-08-27 296 struct udmabuf_create_item list; fbb0de795078190 Gerd Hoffmann 2018-08-27 297 fbb0de795078190 Gerd Hoffmann 2018-08-27 298 if (copy_from_user(&create, (void __user *)arg, 33f35429fc49c09 Gerd Hoffmann 2018-09-11 299 sizeof(create))) fbb0de795078190 Gerd Hoffmann 2018-08-27 300 return -EFAULT; fbb0de795078190 Gerd Hoffmann 2018-08-27 301 fbb0de795078190 Gerd Hoffmann 2018-08-27 302 head.flags = create.flags; fbb0de795078190 Gerd Hoffmann 2018-08-27 303 head.count = 1; fbb0de795078190 Gerd Hoffmann 2018-08-27 304 list.memfd = create.memfd; fbb0de795078190 Gerd Hoffmann 2018-08-27 305 list.offset = create.offset; fbb0de795078190 Gerd Hoffmann 2018-08-27 306 list.size = create.size; fbb0de795078190 Gerd Hoffmann 2018-08-27 307 c1bbed668997268 Gurchetan Singh 2019-12-02 308 return udmabuf_create(filp->private_data, &head, &list); fbb0de795078190 Gerd Hoffmann 2018-08-27 309 } fbb0de795078190 Gerd Hoffmann 2018-08-27 310 fbb0de795078190 Gerd Hoffmann 2018-08-27 @311 static long udmabuf_ioctl_create_list(struct file *filp, unsigned long arg) fbb0de795078190 Gerd Hoffmann 2018-08-27 312 { fbb0de795078190 Gerd Hoffmann 2018-08-27 313 struct udmabuf_create_list head; fbb0de795078190 Gerd Hoffmann 2018-08-27 314 struct udmabuf_create_item *list; fbb0de795078190 Gerd Hoffmann 2018-08-27 315 int ret = -EINVAL; fbb0de795078190 Gerd Hoffmann 2018-08-27 316 u32 lsize; fbb0de795078190 Gerd Hoffmann 2018-08-27 317 fbb0de795078190 Gerd Hoffmann 2018-08-27 318 if (copy_from_user(&head, (void __user *)arg, sizeof(head))) fbb0de795078190 Gerd Hoffmann 2018-08-27 319 return -EFAULT; dc4716d75154b36 Gerd Hoffmann 2018-09-11 320 if (head.count > list_limit) fbb0de795078190 Gerd Hoffmann 2018-08-27 321 return -EINVAL; fbb0de795078190 Gerd Hoffmann 2018-08-27 322 lsize = sizeof(struct udmabuf_create_item) * head.count; fbb0de795078190 Gerd Hoffmann 2018-08-27 323 list = memdup_user((void __user *)(arg + sizeof(head)), lsize); fbb0de795078190 Gerd Hoffmann 2018-08-27 324 if (IS_ERR(list)) fbb0de795078190 Gerd Hoffmann 2018-08-27 325 return PTR_ERR(list); fbb0de795078190 Gerd Hoffmann 2018-08-27 326 c1bbed668997268 Gurchetan Singh 2019-12-02 327 ret = udmabuf_create(filp->private_data, &head, list); fbb0de795078190 Gerd Hoffmann 2018-08-27 328 kfree(list); fbb0de795078190 Gerd Hoffmann 2018-08-27 329 return ret; fbb0de795078190 Gerd Hoffmann 2018-08-27 330 } fbb0de795078190 Gerd Hoffmann 2018-08-27 331 fbb0de795078190 Gerd Hoffmann 2018-08-27 @332 static long udmabuf_ioctl(struct file *filp, unsigned int ioctl, fbb0de795078190 Gerd Hoffmann 2018-08-27 333 unsigned long arg) fbb0de795078190 Gerd Hoffmann 2018-08-27 334 { fbb0de795078190 Gerd Hoffmann 2018-08-27 335 long ret; fbb0de795078190 Gerd Hoffmann 2018-08-27 336 fbb0de795078190 Gerd Hoffmann 2018-08-27 337 switch (ioctl) { fbb0de795078190 Gerd Hoffmann 2018-08-27 338 case UDMABUF_CREATE: fbb0de795078190 Gerd Hoffmann 2018-08-27 339 ret = udmabuf_ioctl_create(filp, arg); fbb0de795078190 Gerd Hoffmann 2018-08-27 340 break; fbb0de795078190 Gerd Hoffmann 2018-08-27 341 case UDMABUF_CREATE_LIST: fbb0de795078190 Gerd Hoffmann 2018-08-27 342 ret = udmabuf_ioctl_create_list(filp, arg); fbb0de795078190 Gerd Hoffmann 2018-08-27 343 break; fbb0de795078190 Gerd Hoffmann 2018-08-27 344 default: 52499d9cdd88784 Gerd Hoffmann 2018-09-11 345 ret = -ENOTTY; fbb0de795078190 Gerd Hoffmann 2018-08-27 346 break; fbb0de795078190 Gerd Hoffmann 2018-08-27 347 } fbb0de795078190 Gerd Hoffmann 2018-08-27 348 return ret; fbb0de795078190 Gerd Hoffmann 2018-08-27 349 } fbb0de795078190 Gerd Hoffmann 2018-08-27 350 fbb0de795078190 Gerd Hoffmann 2018-08-27 351 static const struct file_operations udmabuf_fops = { fbb0de795078190 Gerd Hoffmann 2018-08-27 352 .owner = THIS_MODULE, fbb0de795078190 Gerd Hoffmann 2018-08-27 @353 .unlocked_ioctl = udmabuf_ioctl, d4a197f4047e01d Kristian H. Kristensen 2020-09-03 354 #ifdef CONFIG_COMPAT d4a197f4047e01d Kristian H. Kristensen 2020-09-03 355 .compat_ioctl = udmabuf_ioctl, d4a197f4047e01d Kristian H. Kristensen 2020-09-03 356 #endif fbb0de795078190 Gerd Hoffmann 2018-08-27 357 }; fbb0de795078190 Gerd Hoffmann 2018-08-27 358 fbb0de795078190 Gerd Hoffmann 2018-08-27 359 static struct miscdevice udmabuf_misc = { fbb0de795078190 Gerd Hoffmann 2018-08-27 360 .minor = MISC_DYNAMIC_MINOR, fbb0de795078190 Gerd Hoffmann 2018-08-27 361 .name = "udmabuf", fbb0de795078190 Gerd Hoffmann 2018-08-27 362 .fops = &udmabuf_fops, fbb0de795078190 Gerd Hoffmann 2018-08-27 363 }; fbb0de795078190 Gerd Hoffmann 2018-08-27 364 fbb0de795078190 Gerd Hoffmann 2018-08-27 @365 static int __init udmabuf_dev_init(void) fbb0de795078190 Gerd Hoffmann 2018-08-27 366 { fbb0de795078190 Gerd Hoffmann 2018-08-27 367 return misc_register(&udmabuf_misc); fbb0de795078190 Gerd Hoffmann 2018-08-27 368 } fbb0de795078190 Gerd Hoffmann 2018-08-27 369 fbb0de795078190 Gerd Hoffmann 2018-08-27 @370 static void __exit udmabuf_dev_exit(void) fbb0de795078190 Gerd Hoffmann 2018-08-27 371 { fbb0de795078190 Gerd Hoffmann 2018-08-27 372 misc_deregister(&udmabuf_misc); fbb0de795078190 Gerd Hoffmann 2018-08-27 373 } fbb0de795078190 Gerd Hoffmann 2018-08-27 374 fbb0de795078190 Gerd Hoffmann 2018-08-27 375 module_init(udmabuf_dev_init) fbb0de795078190 Gerd Hoffmann 2018-08-27 376 module_exit(udmabuf_dev_exit) fbb0de795078190 Gerd Hoffmann 2018-08-27 377 fbb0de795078190 Gerd Hoffmann 2018-08-27 378 MODULE_AUTHOR("Gerd Hoffmann <kraxel(a)redhat.com>"); fbb0de795078190 Gerd Hoffmann 2018-08-27 @379 MODULE_LICENSE("GPL v2"); --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

3 years, 4 months

Re: [Linaro-mm-sig] [PATCH] udmabuf: put dmabuf in case of get fd failed

by kernel test robot

3 years, 4 months

Re: [Linaro-mm-sig] [PATCH] udmabuf: put dmabuf in case of get fd failed

by kernel test robot

Hi Xianting, Thank you for the patch! Perhaps something to improve: [auto build test WARNING on linus/master] [also build test WARNING on v5.16-rc6 next-20211217] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch] url: https://github.com/0day-ci/linux/commits/Xianting-Tian/udmabuf-put-dmabuf-i… base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git a7904a538933c525096ca2ccde1e60d0ee62c08e config: x86_64-randconfig-r032-20211220 (https://download.01.org/0day-ci/archive/20211220/202112202144.R9IV6eP2-lkp@…) compiler: gcc-9 (Debian 9.3.0-22) 9.3.0 reproduce (this is a W=1 build): # https://github.com/0day-ci/linux/commit/322781a4da9de4a3057afd933108d23ca7f… git remote add linux-review https://github.com/0day-ci/linux git fetch --no-tags linux-review Xianting-Tian/udmabuf-put-dmabuf-in-case-of-get-fd-failed/20211220-134433 git checkout 322781a4da9de4a3057afd933108d23ca7f5282e # save the config file to linux build tree mkdir build_dir make W=1 O=build_dir ARCH=x86_64 SHELL=/bin/bash drivers/dma-buf/ If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <lkp(a)intel.com> All warnings (new ones prefixed by >>): drivers/dma-buf/udmabuf.c: In function 'udmabuf_create': drivers/dma-buf/udmabuf.c:292:13: error: invalid storage class for function 'udmabuf_ioctl_create' 292 | static long udmabuf_ioctl_create(struct file *filp, unsigned long arg) | ^~~~~~~~~~~~~~~~~~~~ >> drivers/dma-buf/udmabuf.c:292:1: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] 292 | static long udmabuf_ioctl_create(struct file *filp, unsigned long arg) | ^~~~~~ drivers/dma-buf/udmabuf.c:311:13: error: invalid storage class for function 'udmabuf_ioctl_create_list' 311 | static long udmabuf_ioctl_create_list(struct file *filp, unsigned long arg) | ^~~~~~~~~~~~~~~~~~~~~~~~~ drivers/dma-buf/udmabuf.c:332:13: error: invalid storage class for function 'udmabuf_ioctl' 332 | static long udmabuf_ioctl(struct file *filp, unsigned int ioctl, | ^~~~~~~~~~~~~ drivers/dma-buf/udmabuf.c:353:20: error: initializer element is not constant 353 | .unlocked_ioctl = udmabuf_ioctl, | ^~~~~~~~~~~~~ drivers/dma-buf/udmabuf.c:353:20: note: (near initialization for 'udmabuf_fops.unlocked_ioctl') drivers/dma-buf/udmabuf.c:355:20: error: initializer element is not constant 355 | .compat_ioctl = udmabuf_ioctl, | ^~~~~~~~~~~~~ drivers/dma-buf/udmabuf.c:355:20: note: (near initialization for 'udmabuf_fops.compat_ioctl') drivers/dma-buf/udmabuf.c:365:19: error: invalid storage class for function 'udmabuf_dev_init' 365 | static int __init udmabuf_dev_init(void) | ^~~~~~~~~~~~~~~~ drivers/dma-buf/udmabuf.c:370:20: error: invalid storage class for function 'udmabuf_dev_exit' 370 | static void __exit udmabuf_dev_exit(void) | ^~~~~~~~~~~~~~~~ In file included from include/linux/init.h:5, from include/linux/cred.h:12, from drivers/dma-buf/udmabuf.c:2: include/linux/compiler.h:244:46: error: initializer element is not constant 244 | __UNIQUE_ID(__PASTE(__addressable_,sym)) = (void *)&sym; | ^ include/linux/init.h:236:2: note: in expansion of macro '__ADDRESSABLE' 236 | __ADDRESSABLE(fn) | ^~~~~~~~~~~~~ include/linux/init.h:241:2: note: in expansion of macro '__define_initcall_stub' 241 | __define_initcall_stub(__stub, fn) \ | ^~~~~~~~~~~~~~~~~~~~~~ include/linux/init.h:254:2: note: in expansion of macro '____define_initcall' 254 | ____define_initcall(fn, \ | ^~~~~~~~~~~~~~~~~~~ include/linux/init.h:260:2: note: in expansion of macro '__unique_initcall' 260 | __unique_initcall(fn, id, __sec, __initcall_id(fn)) | ^~~~~~~~~~~~~~~~~ include/linux/init.h:262:35: note: in expansion of macro '___define_initcall' 262 | #define __define_initcall(fn, id) ___define_initcall(fn, id, .initcall##id) | ^~~~~~~~~~~~~~~~~~ include/linux/init.h:291:30: note: in expansion of macro '__define_initcall' 291 | #define device_initcall(fn) __define_initcall(fn, 6) | ^~~~~~~~~~~~~~~~~ include/linux/init.h:296:24: note: in expansion of macro 'device_initcall' 296 | #define __initcall(fn) device_initcall(fn) | ^~~~~~~~~~~~~~~ include/linux/module.h:88:24: note: in expansion of macro '__initcall' 88 | #define module_init(x) __initcall(x); | ^~~~~~~~~~ drivers/dma-buf/udmabuf.c:375:1: note: in expansion of macro 'module_init' 375 | module_init(udmabuf_dev_init) | ^~~~~~~~~~~ In file included from include/linux/container_of.h:5, from include/linux/list.h:5, from include/linux/key.h:14, from include/linux/cred.h:13, from drivers/dma-buf/udmabuf.c:2: >> include/linux/build_bug.h:78:41: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] 78 | #define __static_assert(expr, msg, ...) _Static_assert(expr, msg) | ^~~~~~~~~~~~~~ include/linux/build_bug.h:77:34: note: in expansion of macro '__static_assert' 77 | #define static_assert(expr, ...) __static_assert(expr, ##__VA_ARGS__, #expr) | ^~~~~~~~~~~~~~~ include/linux/init.h:246:2: note: in expansion of macro 'static_assert' 246 | static_assert(__same_type(initcall_t, &fn)); | ^~~~~~~~~~~~~ include/linux/init.h:254:2: note: in expansion of macro '____define_initcall' 254 | ____define_initcall(fn, \ | ^~~~~~~~~~~~~~~~~~~ include/linux/init.h:260:2: note: in expansion of macro '__unique_initcall' 260 | __unique_initcall(fn, id, __sec, __initcall_id(fn)) | ^~~~~~~~~~~~~~~~~ include/linux/init.h:262:35: note: in expansion of macro '___define_initcall' 262 | #define __define_initcall(fn, id) ___define_initcall(fn, id, .initcall##id) | ^~~~~~~~~~~~~~~~~~ include/linux/init.h:291:30: note: in expansion of macro '__define_initcall' 291 | #define device_initcall(fn) __define_initcall(fn, 6) | ^~~~~~~~~~~~~~~~~ include/linux/init.h:296:24: note: in expansion of macro 'device_initcall' 296 | #define __initcall(fn) device_initcall(fn) | ^~~~~~~~~~~~~~~ include/linux/module.h:88:24: note: in expansion of macro '__initcall' 88 | #define module_init(x) __initcall(x); | ^~~~~~~~~~ drivers/dma-buf/udmabuf.c:375:1: note: in expansion of macro 'module_init' 375 | module_init(udmabuf_dev_init) | ^~~~~~~~~~~ In file included from include/linux/cred.h:12, from drivers/dma-buf/udmabuf.c:2: drivers/dma-buf/udmabuf.c:376:13: error: initializer element is not constant 376 | module_exit(udmabuf_dev_exit) | ^~~~~~~~~~~~~~~~ include/linux/init.h:299:50: note: in definition of macro '__exitcall' 299 | static exitcall_t __exitcall_##fn __exit_call = fn | ^~ drivers/dma-buf/udmabuf.c:376:1: note: in expansion of macro 'module_exit' 376 | module_exit(udmabuf_dev_exit) | ^~~~~~~~~~~ include/linux/init.h:299:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] 299 | static exitcall_t __exitcall_##fn __exit_call = fn | ^~~~~~ include/linux/module.h:100:24: note: in expansion of macro '__exitcall' 100 | #define module_exit(x) __exitcall(x); | ^~~~~~~~~~ drivers/dma-buf/udmabuf.c:376:1: note: in expansion of macro 'module_exit' 376 | module_exit(udmabuf_dev_exit) | ^~~~~~~~~~~ drivers/dma-buf/udmabuf.c:379:1: error: expected declaration or statement at end of input 379 | MODULE_LICENSE("GPL v2"); | ^~~~~~~~~~~~~~ vim +292 drivers/dma-buf/udmabuf.c fbb0de79507819 Gerd Hoffmann 2018-08-27 291 fbb0de79507819 Gerd Hoffmann 2018-08-27 @292 static long udmabuf_ioctl_create(struct file *filp, unsigned long arg) fbb0de79507819 Gerd Hoffmann 2018-08-27 293 { fbb0de79507819 Gerd Hoffmann 2018-08-27 294 struct udmabuf_create create; fbb0de79507819 Gerd Hoffmann 2018-08-27 295 struct udmabuf_create_list head; fbb0de79507819 Gerd Hoffmann 2018-08-27 296 struct udmabuf_create_item list; fbb0de79507819 Gerd Hoffmann 2018-08-27 297 fbb0de79507819 Gerd Hoffmann 2018-08-27 298 if (copy_from_user(&create, (void __user *)arg, 33f35429fc49c0 Gerd Hoffmann 2018-09-11 299 sizeof(create))) fbb0de79507819 Gerd Hoffmann 2018-08-27 300 return -EFAULT; fbb0de79507819 Gerd Hoffmann 2018-08-27 301 fbb0de79507819 Gerd Hoffmann 2018-08-27 302 head.flags = create.flags; fbb0de79507819 Gerd Hoffmann 2018-08-27 303 head.count = 1; fbb0de79507819 Gerd Hoffmann 2018-08-27 304 list.memfd = create.memfd; fbb0de79507819 Gerd Hoffmann 2018-08-27 305 list.offset = create.offset; fbb0de79507819 Gerd Hoffmann 2018-08-27 306 list.size = create.size; fbb0de79507819 Gerd Hoffmann 2018-08-27 307 c1bbed66899726 Gurchetan Singh 2019-12-02 308 return udmabuf_create(filp->private_data, &head, &list); fbb0de79507819 Gerd Hoffmann 2018-08-27 309 } fbb0de79507819 Gerd Hoffmann 2018-08-27 310 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

3 years, 4 months

Re: [Linaro-mm-sig] [Intel-gfx] [RFC PATCH 1/2] dma-fence: Avoid establishing a locking order between fence classes

by Daniel Vetter

On Tue, Dec 07, 2021 at 09:46:47PM +0100, Thomas Hellström wrote: > > On 12/7/21 19:08, Daniel Vetter wrote: > > Once more an entire week behind on mails, but this looked interesting > > enough. > > > > On Fri, Dec 03, 2021 at 03:18:01PM +0100, Thomas Hellström wrote: > > > On Fri, 2021-12-03 at 14:08 +0100, Christian König wrote: > > > > Am 01.12.21 um 13:16 schrieb Thomas Hellström (Intel): > > > > > On 12/1/21 12:25, Christian König wrote: > > > > > > And why do you use dma_fence_chain to generate a timeline for > > > > > > TTM? > > > > > > That should come naturally because all the moves must be ordered. > > > > > Oh, in this case because we're looking at adding stuff at the end > > > > > of > > > > > migration (like coalescing object shared fences and / or async > > > > > unbind > > > > > fences), which may not complete in order. > > > > Well that's ok as well. My question is why does this single dma_fence > > > > then shows up in the dma_fence_chain representing the whole > > > > migration? > > > What we'd like to happen during eviction is that we > > > > > > 1) await any exclusive- or moving fences, then schedule the migration > > > blit. The blit manages its own GPU ptes. Results in a single fence. > > > 2) Schedule unbind of any gpu vmas, resulting possibly in multiple > > > fences. > > This sounds like over-optimizing for nothing. We only really care about > > pipeling moves on dgpu, and on dgpu we only care about modern userspace > > (because even gl moves in that direction). > Hmm. It's not totally clear what you mean with over-optimizing for nothing, > is it the fact that we want to start the blit before all shared fences have > signaled or the fact that we're doing async unbinding to avoid a > synchronization point that stops us from fully pipelining evictions? Yup. Least because that breaks vulkan, so you really can't do this optimizations :-) In general I meant that unless you really, really understand everything all the time (which frankly no one does), then trying to be clever just isn't worth it. We have access pending in the dma_resv, we wait for it is dumb, simple, no surprises. > > And modern means that usually even write access is only setting a read > > fence, because in vk/compute we only set write fences for object which > > need implicit sync, and _only_ when actually needed. > > > > So ignoring read fences for movings "because it's only reads" is actually > > busted. > > I'm fine with awaiting also shared fences before we start the blit, as > mentioned also later in the thread, but that is just a matter of when we > coalesce the shared fences. So since difference in complexity is minimal, > what's viewed as optimizing for nothing can also be conversely be viewed as > unneccesarily waiting for nothing, blocking the migration context timeline > from progressing with unrelated blits. (Unless there are correctness issues > of course, see below). > > But not setting a write fence after write seems to conflict with dma-buf > rules as also discussed later in the thread. Perhaps some clarity is needed > here. How would a writer or reader that implicitly *wants* to wait for > previous writers go about doing that? > > Note that what we're doing is not "moving" in the sense that we're giving up > or modifying the old storage but rather start a blit assuming that the > contents of the old storage is stable, or the writer doesn't care. Yeah that's not how dma-buf works, and which is what Christian is trying to rectify with his huge refactoring/doc series to give a bit clearer meaning to what a fence in a dma_resv means. > > I think for buffer moves we should document and enforce (in review) the > > rule that you have to wait for all fences, otherwise boom. Same really > > like before freeing backing storage. Otherwise there's just too many gaps > > and surprises. > > > > And yes with Christian's rework of dma_resv this will change, and we'll > > allow multiple write fences (because that's what amdgpu encoded into their > > uapi). Still means that you cannot move a buffer without waiting for read > > fences (or kernel fences or anything really). > > Sounds like some agreement is needed here what rules we actually should > obey. As mentioned above I'm fine with either. I think it would be good to comment on the doc patch in Christian's series for that. But essentially read/write don't mean actual read/write to memory, but only read/write access in terms of implicit sync. Buffers which do not partake in implicit sync (driver internal stuff) or access which is not implicitly synced (anything vk does) do _not_ need to set a write fence. They will (except amdgpu, until they fix their CS uapi) _only_ set a read fence. Christian and me had a multi-month discussion on this, so it's a bit tricky. > > The other thing is this entire spinlock recursion topic for dma_fence, and > > I'm deeply unhappy about the truckload of tricks i915 plays and hence in > > favour of avoiding recursion in this area as much as possible. > > TBH I think the i915 corresponding container manages to avoid both the deep > recursive calls and lock nesting simply by early enable_signaling() and not > storing the fence pointers of the array fences, which to me appears to be a > simple and clean approach. No tricks there. > > > > > If we really can't avoid it then irq_work to get a new clean context gets > > the job done. Making this messy and work is imo a feature, lock nesting of > > same level locks is just not a good&robust engineering idea. > > For the dma-fence-chain and dma-fence-array there are four possibilities > moving forward: > > 1) Keeping the current same-level locking nesting order of container-first > containee later. This is fully annotated, but fragile and blows up if users > attempt to nest containers in different orders. > > 2) Establishing a reverse-signaling locking order. Not annotatable. blows up > on signal-on-any. > > 3) Early enable-signaling, no lock nesting, low latency but possibly > unnecessary enable_signaling calls. > > 4) irq_work in enable_signaling(). High latency. > > The tread finally agreed the solution would be to keep 1), add early > warnings for the pitfalls and if possible provide helpers to flatten to > avoid container recursion. Hm ok seems ok. It's definitely an area where we don't have great solutions :-/ -Daniel > > /Thomas > > > > > > /me back to being completely burried > > > > I do hope I can find some more time to review a few more of Christian's > > patches this week though :-/ > > > > Cheers, Daniel > > > > > 3) Most but not all of the remaining resv shared fences will have been > > > finished in 2) We can't easily tell which so we have a couple of shared > > > fences left. > > > 4) Add all fences resulting from 1) 2) and 3) into the per-memory-type > > > dma-fence-chain. > > > 5) hand the resulting dma-fence-chain representing the end of migration > > > over to ttm's resource manager. > > > > > > Now this means we have a dma-fence-chain disguised as a dma-fence out > > > in the wild, and it could in theory reappear as a 3) fence for another > > > migration unless a very careful audit is done, or as an input to the > > > dma-fence-array used for that single dependency. > > > > > > > That somehow doesn't seem to make sense because each individual step > > > > of > > > > the migration needs to wait for those dependencies as well even when > > > > it > > > > runs in parallel. > > > > > > > > > But that's not really the point, the point was that an (at least to > > > > > me) seemingly harmless usage pattern, be it real or fictious, ends > > > > > up > > > > > giving you severe internal- or cross-driver headaches. > > > > Yeah, we probably should document that better. But in general I don't > > > > see much reason to allow mixing containers. The dma_fence_array and > > > > dma_fence_chain objects have some distinct use cases and and using > > > > them > > > > to build up larger dependency structures sounds really questionable. > > > Yes, I tend to agree to some extent here. Perhaps add warnings when > > > adding a chain or array as an input to array and when accidently > > > joining chains, and provide helpers for flattening if needed. > > > > > > /Thomas > > > > > > > > > > Christian. > > > > > > > > > /Thomas > > > > > > > > > > > > > > > > Regards, > > > > > > Christian. > > > > > > > > > > > > > > > -- Daniel Vetter Software Engineer, Intel Corporation http://blog.ffwll.ch

3 years, 4 months

Re: [Linaro-mm-sig] [RFC PATCH v4 0/2] RDMA/rxe: Add dma-buf support

by Jason Gunthorpe

On Fri, Dec 10, 2021 at 08:29:24PM +0900, Shunsuke Mie wrote: > Hi Jason, > Thank you for replying. > > 2021年12月8日(水) 2:14 Jason Gunthorpe <jgg(a)ziepe.ca>: > > > > On Fri, Dec 03, 2021 at 12:51:44PM +0900, Shunsuke Mie wrote: > > > Hi maintainers, > > > > > > Could you please review this patch series? > > > > Why is it RFC? > > > > I'm confused why this is useful? > > > > This can't do copy from MMIO memory, so it shouldn't be compatible > > with things like Gaudi - does something prevent this? > I think if an export of the dma-buf supports vmap, CPU is able to access the > mmio memory. > > Is it wrong? If this is wrong, there is no advantages this changes.. I don't know what the dmabuf folks did, but yes, it is wrong. IOMEM must be touched using only special accessors, some platforms crash if you don't do this. Even x86 will crash if you touch it with something like an XMM optimized memcpy. Christian? If the vmap succeeds what rules must the caller use to access the memory? Jason

3 years, 4 months

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Linaro-mm-sig