Linaro-mm-sig

linaro-mm-sig@lists.linaro.org

3 participants
2908 discussions

Re: [Linaro-mm-sig] DMA-buf and uncached system memory

by Christian König

Am 15.02.21 um 13:00 schrieb Thomas Zimmermann: > Hi > > Am 15.02.21 um 10:49 schrieb Thomas Zimmermann: >> Hi >> >> Am 15.02.21 um 09:58 schrieb Christian König: >>> Hi guys, >>> >>> we are currently working an Freesync and direct scan out from system >>> memory on AMD APUs in A+A laptops. >>> >>> On problem we stumbled over is that our display hardware needs to >>> scan out from uncached system memory and we currently don't have a >>> way to communicate that through DMA-buf. > > Re-reading this paragrah, it sounds more as if you want to let the > exporter know where to move the buffer. Is this another case of the > missing-pin-flag problem? No, your original interpretation was correct. Maybe my writing is a bit unspecific. The real underlying issue is that our display hardware has a problem with latency when accessing system memory. So the question is if that also applies to for example Intel hardware or other devices as well or if it is just something AMD specific? Regards, Christian. > > Best regards > Thomas > >>> >>> For our specific use case at hand we are going to implement >>> something driver specific, but the question is should we have >>> something more generic for this? >> >> For vmap operations, we return the address as struct dma_buf_map, >> which contains additional information about the memory buffer. In >> vram helpers, we have the interface drm_gem_vram_offset() that >> returns the offset of the GPU device memory. >> >> Would it be feasible to combine both concepts into a dma-buf >> interface that returns the device-memory offset plus the additional >> caching flag? >> >> There'd be a structure and a getter function returning the structure. >> >> struct dma_buf_offset { >> bool cached; >> u64 address; >> }; >> >> // return offset in *off >> int dma_buf_offset(struct dma_buf *buf, struct dma_buf_off *off); >> >> Whatever settings are returned by dma_buf_offset() are valid while >> the dma_buf is pinned. >> >> Best regards >> Thomas >> >>> >>> After all the system memory access pattern is a PCIe extension and >>> as such something generic. >>> >>> Regards, >>> Christian. >>> _______________________________________________ >>> dri-devel mailing list >>> dri-devel(a)lists.freedesktop.org >>> https://lists.freedesktop.org/mailman/listinfo/dri-devel >> >> >> _______________________________________________ >> dri-devel mailing list >> dri-devel(a)lists.freedesktop.org >> https://lists.freedesktop.org/mailman/listinfo/dri-devel >> >

4 years, 4 months

Re: [Linaro-mm-sig] [PATCH] RFC: dma-fence: Document recoverable page fault implications

by Daniel Vetter

On Tue, Feb 9, 2021 at 4:13 AM Bas Nieuwenhuizen <bas(a)basnieuwenhuizen.nl> wrote: > > On Thu, Jan 28, 2021 at 4:40 PM Felix Kuehling <felix.kuehling(a)amd.com> wrote: > > > > Am 2021-01-28 um 2:39 a.m. schrieb Christian König: > > > Am 27.01.21 um 23:00 schrieb Felix Kuehling: > > >> Am 2021-01-27 um 7:16 a.m. schrieb Christian König: > > >>> Am 27.01.21 um 13:11 schrieb Maarten Lankhorst: > > >>>> Op 27-01-2021 om 01:22 schreef Felix Kuehling: > > >>>>> Am 2021-01-21 um 2:40 p.m. schrieb Daniel Vetter: > > >>>>>> Recently there was a fairly long thread about recoreable hardware > > >>>>>> page > > >>>>>> faults, how they can deadlock, and what to do about that. > > >>>>>> > > >>>>>> While the discussion is still fresh I figured good time to try and > > >>>>>> document the conclusions a bit. > > >>>>>> > > >>>>>> References: > > >>>>>> https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flore.kern… > > >>>>>> > > >>>>>> Cc: Maarten Lankhorst <maarten.lankhorst(a)linux.intel.com> > > >>>>>> Cc: Thomas Hellström <thomas.hellstrom(a)intel.com> > > >>>>>> Cc: "Christian König" <christian.koenig(a)amd.com> > > >>>>>> Cc: Jerome Glisse <jglisse(a)redhat.com> > > >>>>>> Cc: Felix Kuehling <felix.kuehling(a)amd.com> > > >>>>>> Signed-off-by: Daniel Vetter <daniel.vetter(a)intel.com> > > >>>>>> Cc: Sumit Semwal <sumit.semwal(a)linaro.org> > > >>>>>> Cc: linux-media(a)vger.kernel.org > > >>>>>> Cc: linaro-mm-sig(a)lists.linaro.org > > >>>>>> -- > > >>>>>> I'll be away next week, but figured I'll type this up quickly for > > >>>>>> some > > >>>>>> comments and to check whether I got this all roughly right. > > >>>>>> > > >>>>>> Critique very much wanted on this, so that we can make sure hw which > > >>>>>> can't preempt (with pagefaults pending) like gfx10 has a clear > > >>>>>> path to > > >>>>>> support page faults in upstream. So anything I missed, got wrong or > > >>>>>> like that would be good. > > >>>>>> -Daniel > > >>>>>> --- > > >>>>>> Documentation/driver-api/dma-buf.rst | 66 > > >>>>>> ++++++++++++++++++++++++++++ > > >>>>>> 1 file changed, 66 insertions(+) > > >>>>>> > > >>>>>> diff --git a/Documentation/driver-api/dma-buf.rst > > >>>>>> b/Documentation/driver-api/dma-buf.rst > > >>>>>> index a2133d69872c..e924c1e4f7a3 100644 > > >>>>>> --- a/Documentation/driver-api/dma-buf.rst > > >>>>>> +++ b/Documentation/driver-api/dma-buf.rst > > >>>>>> @@ -257,3 +257,69 @@ fences in the kernel. This means: > > >>>>>> userspace is allowed to use userspace fencing or long running > > >>>>>> compute > > >>>>>> workloads. This also means no implicit fencing for shared > > >>>>>> buffers in these > > >>>>>> cases. > > >>>>>> + > > >>>>>> +Recoverable Hardware Page Faults Implications > > >>>>>> +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > >>>>>> + > > >>>>>> +Modern hardware supports recoverable page faults, which has a > > >>>>>> lot of > > >>>>>> +implications for DMA fences. > > >>>>>> + > > >>>>>> +First, a pending page fault obviously holds up the work that's > > >>>>>> running on the > > >>>>>> +accelerator and a memory allocation is usually required to resolve > > >>>>>> the fault. > > >>>>>> +But memory allocations are not allowed to gate completion of DMA > > >>>>>> fences, which > > >>>>>> +means any workload using recoverable page faults cannot use DMA > > >>>>>> fences for > > >>>>>> +synchronization. Synchronization fences controlled by userspace > > >>>>>> must be used > > >>>>>> +instead. > > >>>>>> + > > >>>>>> +On GPUs this poses a problem, because current desktop compositor > > >>>>>> protocols on > > >>>>>> +Linus rely on DMA fences, which means without an entirely new > > >>>>>> userspace stack > > >>>>>> +built on top of userspace fences, they cannot benefit from > > >>>>>> recoverable page > > >>>>>> +faults. The exception is when page faults are only used as > > >>>>>> migration hints and > > >>>>>> +never to on-demand fill a memory request. For now this means > > >>>>>> recoverable page > > >>>>>> +faults on GPUs are limited to pure compute workloads. > > >>>>>> + > > >>>>>> +Furthermore GPUs usually have shared resources between the 3D > > >>>>>> rendering and > > >>>>>> +compute side, like compute units or command submission engines. If > > >>>>>> both a 3D > > >>>>>> +job with a DMA fence and a compute workload using recoverable page > > >>>>>> faults are > > >>>>>> +pending they could deadlock: > > >>>>>> + > > >>>>>> +- The 3D workload might need to wait for the compute job to finish > > >>>>>> and release > > >>>>>> + hardware resources first. > > >>>>>> + > > >>>>>> +- The compute workload might be stuck in a page fault, because the > > >>>>>> memory > > >>>>>> + allocation is waiting for the DMA fence of the 3D workload to > > >>>>>> complete. > > >>>>>> + > > >>>>>> +There are a few ways to prevent this problem: > > >>>>>> + > > >>>>>> +- Compute workloads can always be preempted, even when a page > > >>>>>> fault is pending > > >>>>>> + and not yet repaired. Not all hardware supports this. > > >>>>>> + > > >>>>>> +- DMA fence workloads and workloads which need page fault handling > > >>>>>> have > > >>>>>> + independent hardware resources to guarantee forward progress. > > >>>>>> This could be > > >>>>>> + achieved through e.g. through dedicated engines and minimal > > >>>>>> compute unit > > >>>>>> + reservations for DMA fence workloads. > > >>>>>> + > > >>>>>> +- The reservation approach could be further refined by only > > >>>>>> reserving the > > >>>>>> + hardware resources for DMA fence workloads when they are > > >>>>>> in-flight. This must > > >>>>>> + cover the time from when the DMA fence is visible to other > > >>>>>> threads up to > > >>>>>> + moment when fence is completed through dma_fence_signal(). > > >>>>>> + > > >>>>>> +- As a last resort, if the hardware provides no useful reservation > > >>>>>> mechanics, > > >>>>>> + all workloads must be flushed from the GPU when switching > > >>>>>> between jobs > > >>>>>> + requiring DMA fences or jobs requiring page fault handling: This > > >>>>>> means all DMA > > >>>>>> + fences must complete before a compute job with page fault > > >>>>>> handling can be > > >>>>>> + inserted into the scheduler queue. And vice versa, before a DMA > > >>>>>> fence can be > > >>>>>> + made visible anywhere in the system, all compute workloads must > > >>>>>> be preempted > > >>>>>> + to guarantee all pending GPU page faults are flushed. > > >>>>> I thought of another possible workaround: > > >>>>> > > >>>>> * Partition the memory. Servicing of page faults will use a > > >>>>> separate > > >>>>> memory pool that can always be allocated from without > > >>>>> waiting for > > >>>>> fences. This includes memory for page tables and memory for > > >>>>> migrating data to. You may steal memory from other processes > > >>>>> that > > >>>>> can page fault, so no fence waiting is necessary. Being able to > > >>>>> steal memory at any time also means there are basically no > > >>>>> out-of-memory situations you need to worry about. Even page > > >>>>> tables > > >>>>> (except the root page directory of each process) can be > > >>>>> stolen in > > >>>>> the worst case. > > >>>> I think 'overcommit' would be a nice way to describe this. But I'm not > > >>>> sure how easy this is to implement in practice. You would basically > > >>>> need > > >>>> to create your own memory manager for this. > > >>> Well you would need a completely separate pool for both device as well > > >>> as system memory. > > >>> > > >>> E.g. on boot we say we steal X GB system memory only for HMM. > > >> Why? The GPU driver doesn't need to allocate system memory for HMM. > > >> Migrations to system memory are handled by the kernel's handle_mm_fault > > >> and page allocator and swap logic. > > > > > > And that one depends on dma_fence completion because you can easily > > > need to wait for an MMU notifier callback. > > > > I see, the GFX MMU notifier for userpointers in amdgpu currently waits > > for fences. For the KFD MMU notifier I am planning to fix this by > > causing GPU page faults instead of preempting the queues. Can we limit > > userptrs in amdgpu to engines that can page fault. Basically make it > > illegal to attach userptr BOs to graphics CS BO lists, so they can only > > be used in user mode command submissions, which can page fault. Then the > > GFX MMU notifier could invalidate PTEs and would not have to wait for > > fences. > > sadly graphics + userptr is already exposed via Mesa. This is not about userptr, we fake userptr entirely in software. It's about exposing recoverable gpu page faults (which would make userptr maybe more efficient since we could do on-demand paging). userptr itself isn't a problem, but it is part of the reasons why this is tricky. Christian/Felix, I think for kernel folks this is clear enough that I don't need to clarify this in the text? -Daniel > > > > > > > > > > > As Maarten wrote when you want to go down this route you need a > > > complete separate memory management parallel to the one of the kernel. > > > > Not really. I'm trying to make the GPU memory management more similar to > > what the kernel does for system memory. > > > > I understood Maarten's comment as "I'm creating a new memory manager and > > not using TTM any more". This is true. The idea is that this portion of > > VRAM would be managed more like system memory. > > > > Regards, > > Felix > > > > > > > > > > Regards, > > > Christian. > > > > > >> It doesn't depend on any fences, so > > >> it cannot deadlock with any GPU driver-managed memory. The GPU driver > > >> gets involved in the MMU notifier to invalidate device page tables. But > > >> that also doesn't need to wait for any fences. > > >> > > >> And if the kernel runs out of pageable memory, you're in trouble anyway. > > >> The OOM killer will step in, nothing new there. > > >> > > >> Regards, > > >> Felix > > >> > > >> > > >>>> But from a design point of view, definitely a valid solution. > > >>> I think the restriction above makes it pretty much unusable. > > >>> > > >>>> But this looks good, those solutions are definitely the valid > > >>>> options we > > >>>> can choose from. > > >>> It's certainly worth noting, yes. And just to make sure that nobody > > >>> has the idea to reserve only device memory. > > >>> > > >>> Christian. > > >>> > > >>>> ~Maarten > > >>>> > > >> _______________________________________________ > > >> Linaro-mm-sig mailing list > > >> Linaro-mm-sig(a)lists.linaro.org > > >> https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.lin… > > >> > > > > > _______________________________________________ > > dri-devel mailing list > > dri-devel(a)lists.freedesktop.org > > https://lists.freedesktop.org/mailman/listinfo/dri-devel -- Daniel Vetter Software Engineer, Intel Corporation http://blog.ffwll.ch

4 years, 4 months

[PATCH v4 0/4] Chunk Heap Support on DMA-HEAP

by Minchan Kim

This patchset introduces a new dma heap, "chunk-heap" that makes it easy to perform the bulk allocation of high order pages. It has been created to help optimize the 4K/8K HDR video playback with secure DRM HW to protect contents on memory. The HW needs physically contiguous memory chunks(e.g, 64K) up to several hundred MB memory. To make such high-order big bulk allocations work, chunk-heap uses CMA area. To avoid CMA allocation long stall on blocking pages(e.g., page writeback and/or page locking), it uses failfast mode of the CMA API(i.e., __GFP_NORETRY) so it will continue to find easy migratable pages in different pageblocks without stalling. At last resort, it will allow the blocking only if it couldn't find the available memory in the end. First two patches introduces the failfast mode as __GFP_NORETRY in alloc_contig_range and the allow to use it from the CMA API. Third patch introduces device tree syntax for chunk-heap to bind the specific CMA area with chunk-heap. Finally, last patch implements chunk-heap as dma-buf heap. * since v3 - https://lore.kernel.org/linux-mm/20210113012143.1201105-1-minchan@kernel.or… * use prefix for chunk-name - John * fix yamllint error - Rob * add reviewed-by - Suren * since v2 - https://lore.kernel.org/linux-mm/20201201175144.3996569-1-minchan@kernel.or… * introduce gfp_mask with __GFP_NORETRY on cma_alloc - Michal * do not expoert CMA APIs - Christoph * use compatible string for DT instead of dma-heap specific property - Hridya * Since v1 - https://lore.kernel.org/linux-mm/20201117181935.3613581-1-minchan@kernel.or… * introduce alloc_contig_mode - David * use default CMA instead of device tree - John Hyesoo Yu (2): dt-bindings: reserved-memory: Make DMA-BUF CMA heap DT-configurable dma-buf: heaps: add chunk heap to dmabuf heaps Minchan Kim (2): mm: cma: introduce gfp flag in cma_alloc instead of no_warn mm: failfast mode with __GFP_NORETRY in alloc_contig_range .../reserved-memory/dma_heap_chunk.yaml | 56 ++ drivers/dma-buf/heaps/Kconfig | 8 + drivers/dma-buf/heaps/Makefile | 1 + drivers/dma-buf/heaps/chunk_heap.c | 492 ++++++++++++++++++ drivers/dma-buf/heaps/cma_heap.c | 2 +- drivers/s390/char/vmcp.c | 2 +- include/linux/cma.h | 2 +- kernel/dma/contiguous.c | 3 +- mm/cma.c | 12 +- mm/cma_debug.c | 2 +- mm/hugetlb.c | 6 +- mm/page_alloc.c | 8 +- mm/secretmem.c | 3 +- 13 files changed, 581 insertions(+), 16 deletions(-) create mode 100644 Documentation/devicetree/bindings/reserved-memory/dma_heap_chunk.yaml create mode 100644 drivers/dma-buf/heaps/chunk_heap.c -- 2.30.0.296.g2bfb1c46d8-goog

4 years, 4 months

Re: [Linaro-mm-sig] [PATCH v3 2/2] dmabuf: Add dmabuf inode number to /proc/*/fdinfo

by Christian König

Am 05.02.21 um 03:23 schrieb Kalesh Singh: > If a FD refers to a DMA buffer add the DMA buffer inode number to > /proc/<pid>/fdinfo/<FD> and /proc/<pid>/task/<tid>/fdindo/<FD>. > > The dmabuf inode number allows userspace to uniquely identify the buffer > and avoids a dependency on /proc/<pid>/fd/* when accounting per-process > DMA buffer sizes. BTW: Why do we make this DMA-buf specific? Couldn't we always print the inode number for all fds? Regards, Christian. > > Signed-off-by: Kalesh Singh <kaleshsingh(a)google.com> > --- > Changes in v3: > - Add documentation in proc.rst > Changes in v2: > - Update patch description > > Documentation/filesystems/proc.rst | 17 +++++++++++++++++ > drivers/dma-buf/dma-buf.c | 1 + > 2 files changed, 18 insertions(+) > > diff --git a/Documentation/filesystems/proc.rst b/Documentation/filesystems/proc.rst > index 2fa69f710e2a..fdd38676f57f 100644 > --- a/Documentation/filesystems/proc.rst > +++ b/Documentation/filesystems/proc.rst > @@ -2031,6 +2031,23 @@ details]. 'it_value' is remaining time until the timer expiration. > with TIMER_ABSTIME option which will be shown in 'settime flags', but 'it_value' > still exhibits timer's remaining time. > > +DMA Buffer files > +~~~~~~~~~~~~~~~~ > + > +:: > + > + pos: 0 > + flags: 04002 > + mnt_id: 9 > + dmabuf_inode_no: 63107 > + size: 32768 > + count: 2 > + exp_name: system-heap > + > +where 'dmabuf_inode_no' is the unique inode number of the DMA buffer file. > +'size' is the size of the DMA buffer in bytes. 'count' is the file count of > +the DMA buffer file. 'exp_name' is the name of the DMA buffer exporter. > + > 3.9 /proc/<pid>/map_files - Information about memory mapped files > --------------------------------------------------------------------- > This directory contains symbolic links which represent memory mapped files > diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c > index 9ad6397aaa97..d869099ede83 100644 > --- a/drivers/dma-buf/dma-buf.c > +++ b/drivers/dma-buf/dma-buf.c > @@ -414,6 +414,7 @@ static void dma_buf_show_fdinfo(struct seq_file *m, struct file *file) > { > struct dma_buf *dmabuf = file->private_data; > > + seq_printf(m, "dmabuf_inode_no:\t%lu\n", file_inode(file)->i_ino); > seq_printf(m, "size:\t%zu\n", dmabuf->size); > /* Don't count the temporary reference taken inside procfs seq_show */ > seq_printf(m, "count:\t%ld\n", file_count(dmabuf->file) - 1);

4 years, 4 months

[PATCH] RFC: dma-buf: Require VM_SPECIAL vma for mmap

by Daniel Vetter

tldr; DMA buffers aren't normal memory, expecting that you can use them like that (like calling get_user_pages works, or that they're accounting like any other normal memory) cannot be guaranteed. Since some userspace only runs on integrated devices, where all buffers are actually all resident system memory, there's a huge temptation to assume that a struct page is always present and useable like for any more pagecache backed mmap. This has the potential to result in a uapi nightmare. To stop this gap require that DMA buffer mmaps are VM_SPECIAL, which blocks get_user_pages and all the other struct page based infrastructure for everyone. In spirit this is the uapi counterpart to the kernel-internal CONFIG_DMABUF_DEBUG. Motivated by a recent patch which wanted to swich the system dma-buf heap to vm_insert_page instead of vm_insert_pfn. References: https://lore.kernel.org/lkml/CAKMK7uHi+mG0z0HUmNt13QCCvutuRVjpcR0NjRL12k-Wb… Cc: Jason Gunthorpe <jgg(a)ziepe.ca> Cc: Suren Baghdasaryan <surenb(a)google.com> Cc: Matthew Wilcox <willy(a)infradead.org> Cc: John Stultz <john.stultz(a)linaro.org> Signed-off-by: Daniel Vetter <daniel.vetter(a)intel.com> Cc: Sumit Semwal <sumit.semwal(a)linaro.org> Cc: "Christian König" <christian.koenig(a)amd.com> Cc: linux-media(a)vger.kernel.org Cc: linaro-mm-sig(a)lists.linaro.org --- drivers/dma-buf/dma-buf.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c index f264b70c383e..d3081fc07056 100644 --- a/drivers/dma-buf/dma-buf.c +++ b/drivers/dma-buf/dma-buf.c @@ -127,6 +127,7 @@ static struct file_system_type dma_buf_fs_type = { static int dma_buf_mmap_internal(struct file *file, struct vm_area_struct *vma) { struct dma_buf *dmabuf; + int ret; if (!is_dma_buf_file(file)) return -EINVAL; @@ -142,7 +143,11 @@ static int dma_buf_mmap_internal(struct file *file, struct vm_area_struct *vma) dmabuf->size >> PAGE_SHIFT) return -EINVAL; - return dmabuf->ops->mmap(dmabuf, vma); + ret = dmabuf->ops->mmap(dmabuf, vma); + + WARN_ON(!(vma->vm_flags & VM_SPECIAL)); + + return ret; } static loff_t dma_buf_llseek(struct file *file, loff_t offset, int whence) @@ -1244,6 +1249,8 @@ EXPORT_SYMBOL_GPL(dma_buf_end_cpu_access); int dma_buf_mmap(struct dma_buf *dmabuf, struct vm_area_struct *vma, unsigned long pgoff) { + int ret; + if (WARN_ON(!dmabuf || !vma)) return -EINVAL; @@ -1264,7 +1271,11 @@ int dma_buf_mmap(struct dma_buf *dmabuf, struct vm_area_struct *vma, vma_set_file(vma, dmabuf->file); vma->vm_pgoff = pgoff; - return dmabuf->ops->mmap(dmabuf, vma); + ret = dmabuf->ops->mmap(dmabuf, vma); + + WARN_ON(!(vma->vm_flags & VM_SPECIAL)); + + return ret; } EXPORT_SYMBOL_GPL(dma_buf_mmap); -- 2.30.0

4 years, 4 months

[PATCH 1/2] mm: replace BUG_ON in vm_insert_page with a return of an error

by Suren Baghdasaryan

Replace BUG_ON(vma->vm_flags & VM_PFNMAP) in vm_insert_page with WARN_ON_ONCE and returning an error. This is to ensure users of the vm_insert_page that set VM_PFNMAP are notified of the wrong flag usage and get an indication of an error without panicing the kernel. This will help identifying drivers that need to clear VM_PFNMAP before using dmabuf system heap which is moving to use vm_insert_page. Suggested-by: Christoph Hellwig <hch(a)infradead.org> Signed-off-by: Suren Baghdasaryan <surenb(a)google.com> --- mm/memory.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mm/memory.c b/mm/memory.c index feff48e1465a..e503c9801cd9 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -1827,7 +1827,8 @@ int vm_insert_page(struct vm_area_struct *vma, unsigned long addr, return -EINVAL; if (!(vma->vm_flags & VM_MIXEDMAP)) { BUG_ON(mmap_read_trylock(vma->vm_mm)); - BUG_ON(vma->vm_flags & VM_PFNMAP); + if (WARN_ON_ONCE(vma->vm_flags & VM_PFNMAP)) + return -EINVAL; vma->vm_flags |= VM_MIXEDMAP; } return insert_page(vma, addr, page, vma->vm_page_prot); -- 2.30.0.365.g02bc693789-goog

4 years, 4 months

[PATCH v2 1/2] procfs: Allow reading fdinfo with PTRACE_MODE_READ

by Kalesh Singh

Android captures per-process system memory state when certain low memory events (e.g a foreground app kill) occur, to identify potential memory hoggers. In order to measure how much memory a process actually consumes, it is necessary to include the DMA buffer sizes for that process in the memory accounting. Since the handle to DMA buffers are raw FDs, it is important to be able to identify which processes have FD references to a DMA buffer. Currently, DMA buffer FDs can be accounted using /proc/<pid>/fd/* and /proc/<pid>/fdinfo -- both are only readable by the process owner, as follows: 1. Do a readlink on each FD. 2. If the target path begins with "/dmabuf", then the FD is a dmabuf FD. 3. stat the file to get the dmabuf inode number. 4. Read/ proc/<pid>/fdinfo/<fd>, to get the DMA buffer size. Accessing other processes’ fdinfo requires root privileges. This limits the use of the interface to debugging environments and is not suitable for production builds. Granting root privileges even to a system process increases the attack surface and is highly undesirable. Since fdinfo doesn't permit reading process memory and manipulating process state, allow accessing fdinfo under PTRACE_MODE_READ_FSCRED. Suggested-by: Jann Horn <jannh(a)google.com> Signed-off-by: Kalesh Singh <kaleshsingh(a)google.com> --- Changes in v2: - Update patch desciption fs/proc/base.c | 4 ++-- fs/proc/fd.c | 15 ++++++++++++++- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index b3422cda2a91..a37f9de7103f 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -3160,7 +3160,7 @@ static const struct pid_entry tgid_base_stuff[] = { DIR("task", S_IRUGO|S_IXUGO, proc_task_inode_operations, proc_task_operations), DIR("fd", S_IRUSR|S_IXUSR, proc_fd_inode_operations, proc_fd_operations), DIR("map_files", S_IRUSR|S_IXUSR, proc_map_files_inode_operations, proc_map_files_operations), - DIR("fdinfo", S_IRUSR|S_IXUSR, proc_fdinfo_inode_operations, proc_fdinfo_operations), + DIR("fdinfo", S_IRUGO|S_IXUGO, proc_fdinfo_inode_operations, proc_fdinfo_operations), DIR("ns", S_IRUSR|S_IXUGO, proc_ns_dir_inode_operations, proc_ns_dir_operations), #ifdef CONFIG_NET DIR("net", S_IRUGO|S_IXUGO, proc_net_inode_operations, proc_net_operations), @@ -3504,7 +3504,7 @@ static const struct inode_operations proc_tid_comm_inode_operations = { */ static const struct pid_entry tid_base_stuff[] = { DIR("fd", S_IRUSR|S_IXUSR, proc_fd_inode_operations, proc_fd_operations), - DIR("fdinfo", S_IRUSR|S_IXUSR, proc_fdinfo_inode_operations, proc_fdinfo_operations), + DIR("fdinfo", S_IRUGO|S_IXUGO, proc_fdinfo_inode_operations, proc_fdinfo_operations), DIR("ns", S_IRUSR|S_IXUGO, proc_ns_dir_inode_operations, proc_ns_dir_operations), #ifdef CONFIG_NET DIR("net", S_IRUGO|S_IXUGO, proc_net_inode_operations, proc_net_operations), diff --git a/fs/proc/fd.c b/fs/proc/fd.c index cb51763ed554..585e213301f9 100644 --- a/fs/proc/fd.c +++ b/fs/proc/fd.c @@ -6,6 +6,7 @@ #include <linux/fdtable.h> #include <linux/namei.h> #include <linux/pid.h> +#include <linux/ptrace.h> #include <linux/security.h> #include <linux/file.h> #include <linux/seq_file.h> @@ -72,6 +73,18 @@ static int seq_show(struct seq_file *m, void *v) static int seq_fdinfo_open(struct inode *inode, struct file *file) { + bool allowed = false; + struct task_struct *task = get_proc_task(inode); + + if (!task) + return -ESRCH; + + allowed = ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS); + put_task_struct(task); + + if (!allowed) + return -EACCES; + return single_open(file, seq_show, inode); } @@ -307,7 +320,7 @@ static struct dentry *proc_fdinfo_instantiate(struct dentry *dentry, struct proc_inode *ei; struct inode *inode; - inode = proc_pid_make_inode(dentry->d_sb, task, S_IFREG | S_IRUSR); + inode = proc_pid_make_inode(dentry->d_sb, task, S_IFREG | S_IRUGO); if (!inode) return ERR_PTR(-ENOENT); -- 2.30.0.365.g02bc693789-goog

4 years, 4 months

[PATCH v3] dmabuf: Add the capability to expose DMA-BUF stats in sysfs

by Hridya Valsaraju

This patch allows statistics to be enabled for each DMA-BUF in sysfs by enabling the config CONFIG_DMABUF_SYSFS_STATS. The following stats will be exposed by the interface: /sys/kernel/dmabuf/buffers/<inode_number>/exporter_name /sys/kernel/dmabuf/buffers/<inode_number>/size /sys/kernel/dmabuf/buffers/<inode_number>/attachments/<attach_uid>/device /sys/kernel/dmabuf/buffers/<inode_number>/attachments/<attach_uid>/map_counter The inode_number is unique for each DMA-BUF and was added earlier [1] in order to allow userspace to track DMA-BUF usage across different processes. Currently, this information is exposed in /sys/kernel/debug/dma_buf/bufinfo. However, since debugfs is considered unsafe to be mounted in production, it is being duplicated in sysfs. This information will be used to derive DMA-BUF per-exporter stats and per-device usage stats for Android Bug reports. The corresponding userspace changes can be found at [2]. Telemetry tools will also capture this information(along with other memory metrics) periodically as well as on important events like a foreground app kill (which might have been triggered by Low Memory Killer). It will also contribute to provide a snapshot of the system memory usage on other events such as OOM kills and Application Not Responding events. A shell script that can be run on a classic Linux environment to read out the DMA-BUF statistics can be found at [3](suggested by John Stultz). The patch contains the following improvements over the previous version: 1) Each attachment is represented by its own directory to allow creating a symlink to the importing device and to also provide room for future expansion. 2) The number of distinct mappings of each attachment is exposed in a separate file. 3) The per-buffer statistics are now in /sys/kernel/dmabuf/buffers inorder to make the interface expandable in future. All of the improvements above are based on suggestions/feedback from Daniel Vetter and Christian König. [1]: https://lore.kernel.org/patchwork/patch/1088791/ [2]: https://android-review.googlesource.com/q/topic:%22dmabuf-sysfs%22+(status:… [3]: https://android-review.googlesource.com/c/platform/system/memory/libmeminfo… Signed-off-by: Hridya Valsaraju <hridya(a)google.com> Reported-by: kernel test robot <lkp(a)intel.com> --- Changes in v3: Fix a warning reported by the kernel test robot. Changes in v2: -Move statistics to /sys/kernel/dmabuf/buffers in oder to allow addition of other DMA-BUF-related sysfs stats in future. Based on feedback from Daniel Vetter. -Each attachment has its own directory to represent attaching devices as symlinks and to introduce map_count as a separate file. Based on feedback from Daniel Vetter and Christian König. Thank you both! -Commit messages updated to point to userspace code in AOSP that will read the DMA-BUF sysfs stats. .../ABI/testing/sysfs-kernel-dmabuf-buffers | 52 ++++ drivers/dma-buf/Kconfig | 11 + drivers/dma-buf/Makefile | 1 + drivers/dma-buf/dma-buf-sysfs-stats.c | 285 ++++++++++++++++++ drivers/dma-buf/dma-buf-sysfs-stats.h | 62 ++++ drivers/dma-buf/dma-buf.c | 37 +++ include/linux/dma-buf.h | 20 ++ 7 files changed, 468 insertions(+) create mode 100644 Documentation/ABI/testing/sysfs-kernel-dmabuf-buffers create mode 100644 drivers/dma-buf/dma-buf-sysfs-stats.c create mode 100644 drivers/dma-buf/dma-buf-sysfs-stats.h diff --git a/Documentation/ABI/testing/sysfs-kernel-dmabuf-buffers b/Documentation/ABI/testing/sysfs-kernel-dmabuf-buffers new file mode 100644 index 000000000000..6f7c65209f07 --- /dev/null +++ b/Documentation/ABI/testing/sysfs-kernel-dmabuf-buffers @@ -0,0 +1,52 @@ +What: /sys/kernel/dmabuf/buffers +Date: January 2021 +KernelVersion: v5.12 +Contact: Hridya Valsaraju <hridya(a)google.com> +Description: The /sys/kernel/dmabuf/buffers directory contains a + snapshot of the internal state of every DMA-BUF. + /sys/kernel/dmabuf/buffers/<inode_number> will contain the + statistics for the DMA-BUF with the unique inode number + <inode_number> +Users: kernel memory tuning/debugging tools + +What: /sys/kernel/dmabuf/buffers/<inode_number>/exporter_name +Date: January 2021 +KernelVersion: v5.12 +Contact: Hridya Valsaraju <hridya(a)google.com> +Description: This file is read-only and contains the name of the exporter of + the DMA-BUF. + +What: /sys/kernel/dmabuf/buffers/<inode_number>/size +Date: January 2021 +KernelVersion: v5.12 +Contact: Hridya Valsaraju <hridya(a)google.com> +Description: This file is read-only and specifies the size of the DMA-BUF in + bytes. + +What: /sys/kernel/dmabuf/buffers/<inode_number>/attachments +Date: January 2021 +KernelVersion: v5.12 +Contact: Hridya Valsaraju <hridya(a)google.com> +Description: This directory will contain subdirectories representing every + attachment of the DMA-BUF. + +What: /sys/kernel/dmabuf/buffers/<inode_number>/attachments/<attachment_uid> +Date: January 2021 +KernelVersion: v5.12 +Contact: Hridya Valsaraju <hridya(a)google.com> +Description: This directory will contain information on the attaching device + and the number of current distinct device mappings. + +What: /sys/kernel/dmabuf/buffers/<inode_number>/attachments/<attachment_uid>/device +Date: January 2021 +KernelVersion: v5.12 +Contact: Hridya Valsaraju <hridya(a)google.com> +Description: This file is read-only and is a symlink to the attaching devices's + sysfs entry. + +What: /sys/kernel/dmabuf/buffers/<inode_number>/attachments/<attachment_uid>/map_counter +Date: January 2021 +KernelVersion: v5.12 +Contact: Hridya Valsaraju <hridya(a)google.com> +Description: This file is read-only and contains a map_counter indicating the + number of distinct device mappings of the attachment. diff --git a/drivers/dma-buf/Kconfig b/drivers/dma-buf/Kconfig index 4f8224a6ac95..27e6a2dafeaa 100644 --- a/drivers/dma-buf/Kconfig +++ b/drivers/dma-buf/Kconfig @@ -64,6 +64,17 @@ menuconfig DMABUF_HEAPS allows userspace to allocate dma-bufs that can be shared between drivers. +menuconfig DMABUF_SYSFS_STATS + bool "DMA-BUF sysfs statistics" + select DMA_SHARED_BUFFER + help + Choose this option to enable DMA-BUF sysfs statistics + in location /sys/kernel/dmabuf/buffers. + + /sys/kernel/dmabuf/buffers/<inode_number> will contain + statistics for the DMA-BUF with the unique inode number + <inode_number>. + source "drivers/dma-buf/heaps/Kconfig" endmenu diff --git a/drivers/dma-buf/Makefile b/drivers/dma-buf/Makefile index 995e05f609ff..40d81f23cacf 100644 --- a/drivers/dma-buf/Makefile +++ b/drivers/dma-buf/Makefile @@ -6,6 +6,7 @@ obj-$(CONFIG_DMABUF_HEAPS) += heaps/ obj-$(CONFIG_SYNC_FILE) += sync_file.o obj-$(CONFIG_SW_SYNC) += sw_sync.o sync_debug.o obj-$(CONFIG_UDMABUF) += udmabuf.o +obj-$(CONFIG_DMABUF_SYSFS_STATS) += dma-buf-sysfs-stats.o dmabuf_selftests-y := \ selftest.o \ diff --git a/drivers/dma-buf/dma-buf-sysfs-stats.c b/drivers/dma-buf/dma-buf-sysfs-stats.c new file mode 100644 index 000000000000..5dc2e17f3054 --- /dev/null +++ b/drivers/dma-buf/dma-buf-sysfs-stats.c @@ -0,0 +1,285 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * DMA-BUF sysfs statistics. + * + * Copyright (C) 2021 Google LLC. + */ + +#include <linux/dma-buf.h> +#include <linux/dma-resv.h> +#include <linux/kobject.h> +#include <linux/printk.h> +#include <linux/slab.h> +#include <linux/sysfs.h> + +#include "dma-buf-sysfs-stats.h" + +#define to_dma_buf_entry_from_kobj(x) container_of(x, struct dma_buf_sysfs_entry, kobj) + +struct dma_buf_stats_attribute { + struct attribute attr; + ssize_t (*show)(struct dma_buf *dmabuf, + struct dma_buf_stats_attribute *attr, char *buf); +}; +#define to_dma_buf_stats_attr(x) container_of(x, struct dma_buf_stats_attribute, attr) + +static ssize_t dma_buf_stats_attribute_show(struct kobject *kobj, + struct attribute *attr, + char *buf) +{ + struct dma_buf_stats_attribute *attribute; + struct dma_buf_sysfs_entry *sysfs_entry; + struct dma_buf *dmabuf; + + attribute = to_dma_buf_stats_attr(attr); + sysfs_entry = to_dma_buf_entry_from_kobj(kobj); + dmabuf = sysfs_entry->dmabuf; + + if (!dmabuf || !attribute->show) + return -EIO; + + return attribute->show(dmabuf, attribute, buf); +} + +static const struct sysfs_ops dma_buf_stats_sysfs_ops = { + .show = dma_buf_stats_attribute_show, +}; + +static ssize_t exporter_name_show(struct dma_buf *dmabuf, + struct dma_buf_stats_attribute *attr, + char *buf) +{ + return sysfs_emit(buf, "%s\n", dmabuf->exp_name); +} + +static ssize_t size_show(struct dma_buf *dmabuf, + struct dma_buf_stats_attribute *attr, + char *buf) +{ + return sysfs_emit(buf, "%zu\n", dmabuf->size); +} + +static struct dma_buf_stats_attribute exporter_name_attribute = + __ATTR_RO(exporter_name); +static struct dma_buf_stats_attribute size_attribute = __ATTR_RO(size); + +static struct attribute *dma_buf_stats_default_attrs[] = { + &exporter_name_attribute.attr, + &size_attribute.attr, + NULL, +}; +ATTRIBUTE_GROUPS(dma_buf_stats_default); + +static void dma_buf_sysfs_release(struct kobject *kobj) +{ + struct dma_buf_sysfs_entry *sysfs_entry; + + sysfs_entry = to_dma_buf_entry_from_kobj(kobj); + kfree(sysfs_entry); +} + +static struct kobj_type dma_buf_ktype = { + .sysfs_ops = &dma_buf_stats_sysfs_ops, + .release = dma_buf_sysfs_release, + .default_groups = dma_buf_stats_default_groups, +}; + +#define to_dma_buf_attach_entry_from_kobj(x) container_of(x, struct dma_buf_attach_sysfs_entry, kobj) + +struct dma_buf_attach_stats_attribute { + struct attribute attr; + ssize_t (*show)(struct dma_buf_attach_sysfs_entry *sysfs_entry, + struct dma_buf_attach_stats_attribute *attr, char *buf); +}; +#define to_dma_buf_attach_stats_attr(x) container_of(x, struct dma_buf_attach_stats_attribute, attr) + +static ssize_t dma_buf_attach_stats_attribute_show(struct kobject *kobj, + struct attribute *attr, + char *buf) +{ + struct dma_buf_attach_stats_attribute *attribute; + struct dma_buf_attach_sysfs_entry *sysfs_entry; + + attribute = to_dma_buf_attach_stats_attr(attr); + sysfs_entry = to_dma_buf_attach_entry_from_kobj(kobj); + + if (!attribute->show) + return -EIO; + + return attribute->show(sysfs_entry, attribute, buf); +} + +static const struct sysfs_ops dma_buf_attach_stats_sysfs_ops = { + .show = dma_buf_attach_stats_attribute_show, +}; + +static ssize_t map_counter_show(struct dma_buf_attach_sysfs_entry *sysfs_entry, + struct dma_buf_attach_stats_attribute *attr, + char *buf) +{ + return sysfs_emit(buf, "%u\n", sysfs_entry->map_counter); +} + +static struct dma_buf_attach_stats_attribute map_counter_attribute = + __ATTR_RO(map_counter); + +static struct attribute *dma_buf_attach_stats_default_attrs[] = { + &map_counter_attribute.attr, + NULL, +}; +ATTRIBUTE_GROUPS(dma_buf_attach_stats_default); + +static void dma_buf_attach_sysfs_release(struct kobject *kobj) +{ + struct dma_buf_attach_sysfs_entry *sysfs_entry; + + sysfs_entry = to_dma_buf_attach_entry_from_kobj(kobj); + kfree(sysfs_entry); +} + +static struct kobj_type dma_buf_attach_ktype = { + .sysfs_ops = &dma_buf_attach_stats_sysfs_ops, + .release = dma_buf_attach_sysfs_release, + .default_groups = dma_buf_attach_stats_default_groups, +}; + +void dma_buf_attach_stats_teardown(struct dma_buf_attachment *attach) +{ + struct dma_buf_attach_sysfs_entry *sysfs_entry; + + sysfs_entry = attach->sysfs_entry; + if (!sysfs_entry) + return; + + sysfs_delete_link(&sysfs_entry->kobj, &attach->dev->kobj, "device"); + + kobject_del(&sysfs_entry->kobj); + kobject_put(&sysfs_entry->kobj); +} + +int dma_buf_attach_stats_setup(struct dma_buf_attachment *attach, + unsigned int uid) +{ + struct dma_buf_attach_sysfs_entry *sysfs_entry; + int ret; + struct dma_buf *dmabuf; + + if (!attach) + return -EINVAL; + + dmabuf = attach->dmabuf; + + sysfs_entry = kzalloc(sizeof(struct dma_buf_attach_sysfs_entry), + GFP_KERNEL); + if (!sysfs_entry) + return -ENOMEM; + + sysfs_entry->kobj.kset = dmabuf->sysfs_entry->attach_stats_kset; + + attach->sysfs_entry = sysfs_entry; + + ret = kobject_init_and_add(&sysfs_entry->kobj, &dma_buf_attach_ktype, + NULL, "%u", uid); + if (ret) + goto kobj_err; + + ret = sysfs_create_link(&sysfs_entry->kobj, &attach->dev->kobj, + "device"); + if (ret) + goto link_err; + + return 0; + +link_err: + kobject_del(&sysfs_entry->kobj); +kobj_err: + kobject_put(&sysfs_entry->kobj); + attach->sysfs_entry = NULL; + + return ret; +} +void dma_buf_stats_teardown(struct dma_buf *dmabuf) +{ + struct dma_buf_sysfs_entry *sysfs_entry; + + sysfs_entry = dmabuf->sysfs_entry; + if (!sysfs_entry) + return; + + kset_unregister(sysfs_entry->attach_stats_kset); + kobject_del(&sysfs_entry->kobj); + kobject_put(&sysfs_entry->kobj); +} + +static struct kset *dma_buf_stats_kset; +static struct kset *dma_buf_per_buffer_stats_kset; +int dma_buf_init_sysfs_statistics(void) +{ + dma_buf_stats_kset = kset_create_and_add("dmabuf", NULL, kernel_kobj); + if (!dma_buf_stats_kset) + return -ENOMEM; + + dma_buf_per_buffer_stats_kset = kset_create_and_add("buffers", NULL, + &dma_buf_stats_kset->kobj); + if (!dma_buf_per_buffer_stats_kset) { + kset_unregister(dma_buf_stats_kset); + return -ENOMEM; + } + + return 0; +} + +void dma_buf_uninit_sysfs_statistics(void) +{ + kset_unregister(dma_buf_per_buffer_stats_kset); + kset_unregister(dma_buf_stats_kset); +} + +int dma_buf_stats_setup(struct dma_buf *dmabuf) +{ + struct dma_buf_sysfs_entry *sysfs_entry; + int ret; + struct kset *attach_stats_kset; + + if (!dmabuf || !dmabuf->file) + return -EINVAL; + + if (!dmabuf->exp_name) { + pr_err("exporter name must not be empty if stats needed\n"); + return -EINVAL; + } + + sysfs_entry = kzalloc(sizeof(struct dma_buf_sysfs_entry), GFP_KERNEL); + if (!sysfs_entry) + return -ENOMEM; + + sysfs_entry->kobj.kset = dma_buf_per_buffer_stats_kset; + sysfs_entry->dmabuf = dmabuf; + + dmabuf->sysfs_entry = sysfs_entry; + + /* create the directory for buffer stats */ + ret = kobject_init_and_add(&sysfs_entry->kobj, &dma_buf_ktype, NULL, + "%lu", file_inode(dmabuf->file)->i_ino); + if (ret) + goto err_sysfs_dmabuf; + + /* create the directory for attachment stats */ + attach_stats_kset = kset_create_and_add("attachments", NULL, + &sysfs_entry->kobj); + if (!attach_stats_kset) { + ret = -ENOMEM; + goto err_sysfs_attach; + } + + sysfs_entry->attach_stats_kset = attach_stats_kset; + + return 0; + +err_sysfs_attach: + kobject_del(&sysfs_entry->kobj); +err_sysfs_dmabuf: + kobject_put(&sysfs_entry->kobj); + dmabuf->sysfs_entry = NULL; + return ret; +} diff --git a/drivers/dma-buf/dma-buf-sysfs-stats.h b/drivers/dma-buf/dma-buf-sysfs-stats.h new file mode 100644 index 000000000000..5f4703249117 --- /dev/null +++ b/drivers/dma-buf/dma-buf-sysfs-stats.h @@ -0,0 +1,62 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * DMA-BUF sysfs statistics. + * + * Copyright (C) 2021 Google LLC. + */ + +#ifndef _DMA_BUF_SYSFS_STATS_H +#define _DMA_BUF_SYSFS_STATS_H + +#ifdef CONFIG_DMABUF_SYSFS_STATS + +int dma_buf_init_sysfs_statistics(void); +void dma_buf_uninit_sysfs_statistics(void); + +int dma_buf_stats_setup(struct dma_buf *dmabuf); +int dma_buf_attach_stats_setup(struct dma_buf_attachment *attach, + unsigned int uid); +static inline void dma_buf_update_attachment_map_count(struct dma_buf_attachment *attach, + int delta) +{ + struct dma_buf_attach_sysfs_entry *entry = attach->sysfs_entry; + + entry->map_counter += delta; +} +void dma_buf_stats_teardown(struct dma_buf *dmabuf); +void dma_buf_attach_stats_teardown(struct dma_buf_attachment *attach); +static inline unsigned int dma_buf_update_attach_uid(struct dma_buf *dmabuf) +{ + struct dma_buf_sysfs_entry *entry = dmabuf->sysfs_entry; + + return entry->attachment_uid++; +} +#else + +static inline int dma_buf_init_sysfs_statistics(void) +{ + return 0; +} + +static inline void dma_buf_uninit_sysfs_statistics(void) {} + +static inline int dma_buf_stats_setup(struct dma_buf *dmabuf) +{ + return 0; +} +static inline int dma_buf_attach_stats_setup(struct dma_buf_attachment *attach, + unsigned int uid) +{ + return 0; +} + +static inline void dma_buf_stats_teardown(struct dma_buf *dmabuf) {} +static inline void dma_buf_attach_stats_teardown(struct dma_buf_attachment *attach) {} +static inline void dma_buf_update_attachment_map_count(struct dma_buf_attachment *attach, + int delta) {} +static inline unsigned int dma_buf_update_attach_uid(struct dma_buf *dmabuf) +{ + return 0; +} +#endif +#endif // _DMA_BUF_SYSFS_STATS_H diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c index 9ad6397aaa97..29f9ea18eb47 100644 --- a/drivers/dma-buf/dma-buf.c +++ b/drivers/dma-buf/dma-buf.c @@ -29,6 +29,8 @@ #include <uapi/linux/dma-buf.h> #include <uapi/linux/magic.h> +#include "dma-buf-sysfs-stats.h" + static inline int is_dma_buf_file(struct file *); struct dma_buf_list { @@ -79,6 +81,7 @@ static void dma_buf_release(struct dentry *dentry) if (dmabuf->resv == (struct dma_resv *)&dmabuf[1]) dma_resv_fini(dmabuf->resv); + dma_buf_stats_teardown(dmabuf); module_put(dmabuf->owner); kfree(dmabuf->name); kfree(dmabuf); @@ -579,6 +582,10 @@ struct dma_buf *dma_buf_export(const struct dma_buf_export_info *exp_info) file->f_mode |= FMODE_LSEEK; dmabuf->file = file; + ret = dma_buf_stats_setup(dmabuf); + if (ret) + goto err_sysfs; + mutex_init(&dmabuf->lock); INIT_LIST_HEAD(&dmabuf->attachments); @@ -588,6 +595,14 @@ struct dma_buf *dma_buf_export(const struct dma_buf_export_info *exp_info) return dmabuf; +err_sysfs: + /* + * Set file->f_path.dentry->d_fsdata to NULL so that when + * dma_buf_release() gets invoked by dentry_ops, it exits + * early before calling the release() dma_buf op. + */ + file->f_path.dentry->d_fsdata = NULL; + fput(file); err_dmabuf: kfree(dmabuf); err_module: @@ -692,6 +707,7 @@ dma_buf_dynamic_attach(struct dma_buf *dmabuf, struct device *dev, { struct dma_buf_attachment *attach; int ret; + unsigned int attach_uid; if (WARN_ON(!dmabuf || !dev)) return ERR_PTR(-EINVAL); @@ -717,8 +733,13 @@ dma_buf_dynamic_attach(struct dma_buf *dmabuf, struct device *dev, } dma_resv_lock(dmabuf->resv, NULL); list_add(&attach->node, &dmabuf->attachments); + attach_uid = dma_buf_update_attach_uid(dmabuf); dma_resv_unlock(dmabuf->resv); + ret = dma_buf_attach_stats_setup(attach, attach_uid); + if (ret) + goto err_sysfs; + /* When either the importer or the exporter can't handle dynamic * mappings we cache the mapping here to avoid issues with the * reservation object lock. @@ -745,6 +766,7 @@ dma_buf_dynamic_attach(struct dma_buf *dmabuf, struct device *dev, dma_resv_unlock(attach->dmabuf->resv); attach->sgt = sgt; attach->dir = DMA_BIDIRECTIONAL; + dma_buf_update_attachment_map_count(attach, 1 /* delta */); } return attach; @@ -761,6 +783,7 @@ dma_buf_dynamic_attach(struct dma_buf *dmabuf, struct device *dev, if (dma_buf_is_dynamic(attach->dmabuf)) dma_resv_unlock(attach->dmabuf->resv); +err_sysfs: dma_buf_detach(dmabuf, attach); return ERR_PTR(ret); } @@ -799,6 +822,7 @@ void dma_buf_detach(struct dma_buf *dmabuf, struct dma_buf_attachment *attach) dma_resv_lock(attach->dmabuf->resv, NULL); dmabuf->ops->unmap_dma_buf(attach, attach->sgt, attach->dir); + dma_buf_update_attachment_map_count(attach, -1 /* delta */); if (dma_buf_is_dynamic(attach->dmabuf)) { dma_buf_unpin(attach); @@ -812,6 +836,7 @@ void dma_buf_detach(struct dma_buf *dmabuf, struct dma_buf_attachment *attach) if (dmabuf->ops->detach) dmabuf->ops->detach(dmabuf, attach); + dma_buf_attach_stats_teardown(attach); kfree(attach); } EXPORT_SYMBOL_GPL(dma_buf_detach); @@ -938,6 +963,9 @@ struct sg_table *dma_buf_map_attachment(struct dma_buf_attachment *attach, } #endif /* CONFIG_DMA_API_DEBUG */ + if (!IS_ERR(sg_table)) + dma_buf_update_attachment_map_count(attach, 1 /* delta */); + return sg_table; } EXPORT_SYMBOL_GPL(dma_buf_map_attachment); @@ -975,6 +1003,8 @@ void dma_buf_unmap_attachment(struct dma_buf_attachment *attach, if (dma_buf_is_dynamic(attach->dmabuf) && !IS_ENABLED(CONFIG_DMABUF_MOVE_NOTIFY)) dma_buf_unpin(attach); + + dma_buf_update_attachment_map_count(attach, -1 /* delta */); } EXPORT_SYMBOL_GPL(dma_buf_unmap_attachment); @@ -1412,6 +1442,12 @@ static inline void dma_buf_uninit_debugfs(void) static int __init dma_buf_init(void) { + int ret; + + ret = dma_buf_init_sysfs_statistics(); + if (ret) + return ret; + dma_buf_mnt = kern_mount(&dma_buf_fs_type); if (IS_ERR(dma_buf_mnt)) return PTR_ERR(dma_buf_mnt); @@ -1427,5 +1463,6 @@ static void __exit dma_buf_deinit(void) { dma_buf_uninit_debugfs(); kern_unmount(dma_buf_mnt); + dma_buf_uninit_sysfs_statistics(); } __exitcall(dma_buf_deinit); diff --git a/include/linux/dma-buf.h b/include/linux/dma-buf.h index cf72699cb2bc..4ae5cc38a4a7 100644 --- a/include/linux/dma-buf.h +++ b/include/linux/dma-buf.h @@ -294,6 +294,9 @@ struct dma_buf_ops { * @poll: for userspace poll support * @cb_excl: for userspace poll support * @cb_shared: for userspace poll support + * @sysfs_entry: for exposing information about this buffer in sysfs. + * The attachment_uid member of @sysfs_entry is protected by dma_resv lock + * and is incremented on each attach. * * This represents a shared buffer, created by calling dma_buf_export(). The * userspace representation is a normal file descriptor, which can be created by @@ -329,6 +332,15 @@ struct dma_buf { __poll_t active; } cb_excl, cb_shared; +#ifdef CONFIG_DMABUF_SYSFS_STATS + /* for sysfs stats */ + struct dma_buf_sysfs_entry { + struct kobject kobj; + struct dma_buf *dmabuf; + unsigned int attachment_uid; + struct kset *attach_stats_kset; + } *sysfs_entry; +#endif }; /** @@ -378,6 +390,7 @@ struct dma_buf_attach_ops { * @importer_ops: importer operations for this attachment, if provided * dma_buf_map/unmap_attachment() must be called with the dma_resv lock held. * @importer_priv: importer specific attachment data. + * @sysfs_entry: For exposing information about this attachment in sysfs. * * This structure holds the attachment information between the dma_buf buffer * and its user device(s). The list contains one attachment struct per device @@ -398,6 +411,13 @@ struct dma_buf_attachment { const struct dma_buf_attach_ops *importer_ops; void *importer_priv; void *priv; +#ifdef CONFIG_DMABUF_SYSFS_STATS + /* for sysfs stats */ + struct dma_buf_attach_sysfs_entry { + struct kobject kobj; + unsigned int map_counter; + } *sysfs_entry; +#endif }; /** -- 2.30.0.280.ga3ce27912f-goog

4 years, 4 months

[PATCH 0/2] Allow reading process DMA buf stats from fdinfo

by Kalesh Singh

4 years, 4 months

Re: [Linaro-mm-sig] [PATCH] drm/todo: Add entry for moving to dma_resv_lock

by Daniel Vetter

On Fri, Jan 22, 2021 at 03:06:44PM +0100, Thomas Zimmermann wrote: > Hi > > Am 22.01.21 um 14:36 schrieb Daniel Vetter: > > Requested by Thomas. I think it justifies a new level, since I tried > > to make some forward progress on this last summer, and gave up (for > > now). This is very tricky. > > Adding it to the TODO list is a first step. :) > > Acked-by: Thomas Zimmermann <tzimmermann(a)suse.de> Applied. -Daniel > > > > > Signed-off-by: Daniel Vetter <daniel.vetter(a)intel.com> > > Cc: Maarten Lankhorst <maarten.lankhorst(a)linux.intel.com> > > Cc: Maxime Ripard <mripard(a)kernel.org> > > Cc: Thomas Zimmermann <tzimmermann(a)suse.de> > > Cc: David Airlie <airlied(a)linux.ie> > > Cc: Daniel Vetter <daniel(a)ffwll.ch> > > Cc: Sumit Semwal <sumit.semwal(a)linaro.org> > > Cc: "Christian König" <christian.koenig(a)amd.com> > > Cc: linux-media(a)vger.kernel.org > > Cc: linaro-mm-sig(a)lists.linaro.org > > --- > > Documentation/gpu/todo.rst | 19 +++++++++++++++++++ > > 1 file changed, 19 insertions(+) > > > > diff --git a/Documentation/gpu/todo.rst b/Documentation/gpu/todo.rst > > index dea9082c0e5f..f872d3d33218 100644 > > --- a/Documentation/gpu/todo.rst > > +++ b/Documentation/gpu/todo.rst > > @@ -23,6 +23,9 @@ Advanced: Tricky tasks that need fairly good understanding of the DRM subsystem > > and graphics topics. Generally need the relevant hardware for development and > > testing. > > +Expert: Only attempt these if you've successfully completed some tricky > > +refactorings already and are an expert in the specific area > > + > > Subsystem-wide refactorings > > =========================== > > @@ -168,6 +171,22 @@ Contact: Daniel Vetter, respective driver maintainers > > Level: Advanced > > +Move Buffer Object Locking to dma_resv_lock() > > +--------------------------------------------- > > + > > +Many drivers have their own per-object locking scheme, usually using > > +mutex_lock(). This causes all kinds of trouble for buffer sharing, since > > +depending which driver is the exporter and importer, the locking hierarchy is > > +reversed. > > + > > +To solve this we need one standard per-object locking mechanism, which is > > +dma_resv_lock(). This lock needs to be called as the outermost lock, with all > > +other driver specific per-object locks removed. The problem is tha rolling out > > +the actual change to the locking contract is a flag day, due to struct dma_buf > > +buffer sharing. > > + > > +Level: Expert > > + > > Convert logging to drm_* functions with drm_device paramater > > ------------------------------------------------------------ > > > > -- > Thomas Zimmermann > Graphics Driver Developer > SUSE Software Solutions Germany GmbH > Maxfeldstr. 5, 90409 Nürnberg, Germany > (HRB 36809, AG Nürnberg) > Geschäftsführer: Felix Imendörffer > -- Daniel Vetter Software Engineer, Intel Corporation http://blog.ffwll.ch

4 years, 4 months

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Linaro-mm-sig