Gitiles
Code Review Sign In
192.168.1.100 / T103 / 1f884588077ad3476b9c91cbb0ee9ee0332bbb68 / . / src / kernel / linux / v4.14 / drivers / dma-buf / sw_sync.c
blob: 8145f4cd05bd6f90e7a471b3bbf4c5262d584dc3 [file] [log] [blame]
rjw1f884582022-01-06 17:20:42 +0800[diff] [blame^]1/*
2 * Sync File validation framework
3 *
4 * Copyright (C) 2012 Google, Inc.
5 *
6 * This software is licensed under the terms of the GNU General Public
7 * License version 2, as published by the Free Software Foundation, and
8 * may be copied, distributed, and modified under those terms.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 */
16
17#include <linux/file.h>
18#include <linux/fs.h>
19#include <linux/uaccess.h>
20#include <linux/slab.h>
21#include <linux/sync_file.h>
22
23#include "sync_debug.h"
24
25#define CREATE_TRACE_POINTS
26#include "sync_trace.h"
27
28/*
29 * SW SYNC validation framework
30 *
31 * A sync object driver that uses a 32bit counter to coordinate
32 * synchronization. Useful when there is no hardware primitive backing
33 * the synchronization.
34 *
35 * To start the framework just open:
36 *
37 * <debugfs>/sync/sw_sync
38 *
39 * That will create a sync timeline, all fences created under this timeline
40 * file descriptor will belong to the this timeline.
41 *
42 * The 'sw_sync' file can be opened many times as to create different
43 * timelines.
44 *
45 * Fences can be created with SW_SYNC_IOC_CREATE_FENCE ioctl with struct
46 * sw_sync_ioctl_create_fence as parameter.
47 *
48 * To increment the timeline counter, SW_SYNC_IOC_INC ioctl should be used
49 * with the increment as u32. This will update the last signaled value
50 * from the timeline and signal any fence that has a seqno smaller or equal
51 * to it.
52 *
53 * struct sw_sync_ioctl_create_fence
54 * @value: the seqno to initialise the fence with
55 * @name: the name of the new sync point
56 * @fence: return the fd of the new sync_file with the created fence
57 */
58struct sw_sync_create_fence_data {
59 __u32 value;
60 char name[32];
61 __s32 fence; /* fd of new fence */
62};
63
64#define SW_SYNC_IOC_MAGIC 'W'
65
66#define SW_SYNC_IOC_CREATE_FENCE _IOWR(SW_SYNC_IOC_MAGIC, 0,\
67 struct sw_sync_create_fence_data)
68
69#define SW_SYNC_IOC_INC _IOW(SW_SYNC_IOC_MAGIC, 1, __u32)
70
71static const struct dma_fence_ops timeline_fence_ops;
72
73static inline struct sync_pt *dma_fence_to_sync_pt(struct dma_fence *fence)
74{
75 if (fence->ops != &timeline_fence_ops)
76 return NULL;
77 return container_of(fence, struct sync_pt, base);
78}
79
80/**
81 * sync_timeline_create() - creates a sync object
82 * @name: sync_timeline name
83 *
84 * Creates a new sync_timeline. Returns the sync_timeline object or NULL in
85 * case of error.
86 */
87static struct sync_timeline *sync_timeline_create(const char *name)
88{
89 struct sync_timeline *obj;
90
91 obj = kzalloc(sizeof(*obj), GFP_KERNEL);
92 if (!obj)
93 return NULL;
94
95 kref_init(&obj->kref);
96 obj->context = dma_fence_context_alloc(1);
97 strlcpy(obj->name, name, sizeof(obj->name));
98
99 obj->pt_tree = RB_ROOT;
100 INIT_LIST_HEAD(&obj->pt_list);
101 spin_lock_init(&obj->lock);
102
103 sync_timeline_debug_add(obj);
104
105 return obj;
106}
107
108static void sync_timeline_free(struct kref *kref)
109{
110 struct sync_timeline *obj =
111 container_of(kref, struct sync_timeline, kref);
112
113 sync_timeline_debug_remove(obj);
114
115 kfree(obj);
116}
117
118static void sync_timeline_get(struct sync_timeline *obj)
119{
120 kref_get(&obj->kref);
121}
122
123static void sync_timeline_put(struct sync_timeline *obj)
124{
125 kref_put(&obj->kref, sync_timeline_free);
126}
127
128static const char *timeline_fence_get_driver_name(struct dma_fence *fence)
129{
130 return "sw_sync";
131}
132
133static const char *timeline_fence_get_timeline_name(struct dma_fence *fence)
134{
135 struct sync_timeline *parent = dma_fence_parent(fence);
136
137 return parent->name;
138}
139
140static void timeline_fence_release(struct dma_fence *fence)
141{
142 struct sync_pt *pt = dma_fence_to_sync_pt(fence);
143 struct sync_timeline *parent = dma_fence_parent(fence);
144 unsigned long flags;
145
146 spin_lock_irqsave(fence->lock, flags);
147 if (!list_empty(&pt->link)) {
148 list_del(&pt->link);
149 rb_erase(&pt->node, &parent->pt_tree);
150 }
151 spin_unlock_irqrestore(fence->lock, flags);
152
153 sync_timeline_put(parent);
154 dma_fence_free(fence);
155}
156
157static bool timeline_fence_signaled(struct dma_fence *fence)
158{
159 struct sync_timeline *parent = dma_fence_parent(fence);
160
161 return !__dma_fence_is_later(fence->seqno, parent->value);
162}
163
164static bool timeline_fence_enable_signaling(struct dma_fence *fence)
165{
166 return true;
167}
168
169static void timeline_fence_disable_signaling(struct dma_fence *fence)
170{
171 struct sync_pt *pt = dma_fence_to_sync_pt(fence);
172
173 list_del_init(&pt->link);
174}
175
176static void timeline_fence_value_str(struct dma_fence *fence,
177 char *str, int size)
178{
179 snprintf(str, size, "%d", fence->seqno);
180}
181
182static void timeline_fence_timeline_value_str(struct dma_fence *fence,
183 char *str, int size)
184{
185 struct sync_timeline *parent = dma_fence_parent(fence);
186
187 snprintf(str, size, "%d", parent->value);
188}
189
190static const struct dma_fence_ops timeline_fence_ops = {
191 .get_driver_name = timeline_fence_get_driver_name,
192 .get_timeline_name = timeline_fence_get_timeline_name,
193 .enable_signaling = timeline_fence_enable_signaling,
194 .disable_signaling = timeline_fence_disable_signaling,
195 .signaled = timeline_fence_signaled,
196 .wait = dma_fence_default_wait,
197 .release = timeline_fence_release,
198 .fence_value_str = timeline_fence_value_str,
199 .timeline_value_str = timeline_fence_timeline_value_str,
200};
201
202/**
203 * sync_timeline_signal() - signal a status change on a sync_timeline
204 * @obj: sync_timeline to signal
205 * @inc: num to increment on timeline->value
206 *
207 * A sync implementation should call this any time one of it's fences
208 * has signaled or has an error condition.
209 */
210static void sync_timeline_signal(struct sync_timeline *obj, unsigned int inc)
211{
212 struct sync_pt *pt, *next;
213
214 trace_sync_timeline(obj);
215
216 spin_lock_irq(&obj->lock);
217
218 obj->value += inc;
219
220 list_for_each_entry_safe(pt, next, &obj->pt_list, link) {
221 if (!timeline_fence_signaled(&pt->base))
222 break;
223
224 list_del_init(&pt->link);
225 rb_erase(&pt->node, &obj->pt_tree);
226
227 /*
228 * A signal callback may release the last reference to this
229 * fence, causing it to be freed. That operation has to be
230 * last to avoid a use after free inside this loop, and must
231 * be after we remove the fence from the timeline in order to
232 * prevent deadlocking on timeline->lock inside
233 * timeline_fence_release().
234 */
235 dma_fence_signal_locked(&pt->base);
236 }
237
238 spin_unlock_irq(&obj->lock);
239}
240
241/**
242 * sync_pt_create() - creates a sync pt
243 * @parent: fence's parent sync_timeline
244 * @inc: value of the fence
245 *
246 * Creates a new sync_pt as a child of @parent. @size bytes will be
247 * allocated allowing for implementation specific data to be kept after
248 * the generic sync_timeline struct. Returns the sync_pt object or
249 * NULL in case of error.
250 */
251static struct sync_pt *sync_pt_create(struct sync_timeline *obj,
252 unsigned int value)
253{
254 struct sync_pt *pt;
255
256 pt = kzalloc(sizeof(*pt), GFP_KERNEL);
257 if (!pt)
258 return NULL;
259
260 sync_timeline_get(obj);
261 dma_fence_init(&pt->base, &timeline_fence_ops, &obj->lock,
262 obj->context, value);
263 INIT_LIST_HEAD(&pt->link);
264
265 spin_lock_irq(&obj->lock);
266 if (!dma_fence_is_signaled_locked(&pt->base)) {
267 struct rb_node **p = &obj->pt_tree.rb_node;
268 struct rb_node *parent = NULL;
269
270 while (*p) {
271 struct sync_pt *other;
272 int cmp;
273
274 parent = *p;
275 other = rb_entry(parent, typeof(*pt), node);
276 cmp = value - other->base.seqno;
277 if (cmp > 0) {
278 p = &parent->rb_right;
279 } else if (cmp < 0) {
280 p = &parent->rb_left;
281 } else {
282 if (dma_fence_get_rcu(&other->base)) {
283 sync_timeline_put(obj);
284 kfree(pt);
285 pt = other;
286 goto unlock;
287 }
288 p = &parent->rb_left;
289 }
290 }
291 rb_link_node(&pt->node, parent, p);
292 rb_insert_color(&pt->node, &obj->pt_tree);
293
294 parent = rb_next(&pt->node);
295 list_add_tail(&pt->link,
296 parent ? &rb_entry(parent, typeof(*pt), node)->link : &obj->pt_list);
297 }
298unlock:
299 spin_unlock_irq(&obj->lock);
300
301 return pt;
302}
303
304/*
305 * *WARNING*
306 *
307 * improper use of this can result in deadlocking kernel drivers from userspace.
308 */
309
310/* opening sw_sync create a new sync obj */
311static int sw_sync_debugfs_open(struct inode *inode, struct file *file)
312{
313 struct sync_timeline *obj;
314 char task_comm[TASK_COMM_LEN];
315
316 get_task_comm(task_comm, current);
317
318 obj = sync_timeline_create(task_comm);
319 if (!obj)
320 return -ENOMEM;
321
322 file->private_data = obj;
323
324 return 0;
325}
326
327static int sw_sync_debugfs_release(struct inode *inode, struct file *file)
328{
329 struct sync_timeline *obj = file->private_data;
330 struct sync_pt *pt, *next;
331
332 spin_lock_irq(&obj->lock);
333
334 list_for_each_entry_safe(pt, next, &obj->pt_list, link) {
335 dma_fence_set_error(&pt->base, -ENOENT);
336 dma_fence_signal_locked(&pt->base);
337 }
338
339 spin_unlock_irq(&obj->lock);
340
341 sync_timeline_put(obj);
342 return 0;
343}
344
345static long sw_sync_ioctl_create_fence(struct sync_timeline *obj,
346 unsigned long arg)
347{
348 int fd = get_unused_fd_flags(O_CLOEXEC);
349 int err;
350 struct sync_pt *pt;
351 struct sync_file *sync_file;
352 struct sw_sync_create_fence_data data;
353
354 if (fd < 0)
355 return fd;
356
357 if (copy_from_user(&data, (void __user *)arg, sizeof(data))) {
358 err = -EFAULT;
359 goto err;
360 }
361
362 pt = sync_pt_create(obj, data.value);
363 if (!pt) {
364 err = -ENOMEM;
365 goto err;
366 }
367
368 sync_file = sync_file_create(&pt->base);
369 dma_fence_put(&pt->base);
370 if (!sync_file) {
371 err = -ENOMEM;
372 goto err;
373 }
374
375 data.fence = fd;
376 if (copy_to_user((void __user *)arg, &data, sizeof(data))) {
377 fput(sync_file->file);
378 err = -EFAULT;
379 goto err;
380 }
381
382 fd_install(fd, sync_file->file);
383
384 return 0;
385
386err:
387 put_unused_fd(fd);
388 return err;
389}
390
391static long sw_sync_ioctl_inc(struct sync_timeline *obj, unsigned long arg)
392{
393 u32 value;
394
395 if (copy_from_user(&value, (void __user *)arg, sizeof(value)))
396 return -EFAULT;
397
398 while (value > INT_MAX) {
399 sync_timeline_signal(obj, INT_MAX);
400 value -= INT_MAX;
401 }
402
403 sync_timeline_signal(obj, value);
404
405 return 0;
406}
407
408static long sw_sync_ioctl(struct file *file, unsigned int cmd,
409 unsigned long arg)
410{
411 struct sync_timeline *obj = file->private_data;
412
413 switch (cmd) {
414 case SW_SYNC_IOC_CREATE_FENCE:
415 return sw_sync_ioctl_create_fence(obj, arg);
416
417 case SW_SYNC_IOC_INC:
418 return sw_sync_ioctl_inc(obj, arg);
419
420 default:
421 return -ENOTTY;
422 }
423}
424
425const struct file_operations sw_sync_debugfs_fops = {
426 .open = sw_sync_debugfs_open,
427 .release = sw_sync_debugfs_release,
428 .unlocked_ioctl = sw_sync_ioctl,
429 .compat_ioctl = sw_sync_ioctl,
430};