diff mbox series

drm/udl: Refactor edid retreiving in UDL driver

Message ID 20190313010428.116678-1-tutankhamen@chromium.org (mailing list archive)
State New, archived
Headers show
Series drm/udl: Refactor edid retreiving in UDL driver | expand

Commit Message

Robert Tarasov March 13, 2019, 1:04 a.m. UTC
Now drm/udl driver uses drm_do_get_edid() function to retreive and
validate all blocks of EDID data. Old approach had insufficient
validation routine and had problems with retreiving of extra blocks
---
 drivers/gpu/drm/udl/udl_connector.c | 72 +++++------------------------
 1 file changed, 11 insertions(+), 61 deletions(-)

Comments

Jani Nikula March 13, 2019, 9:27 a.m. UTC | #1
On Tue, 12 Mar 2019, Robert Tarasov <tutankhamen@chromium.org> wrote:
> Now drm/udl driver uses drm_do_get_edid() function to retreive and
> validate all blocks of EDID data. Old approach had insufficient
> validation routine and had problems with retreiving of extra blocks

You'll also get support for debugfs and firmware loader EDID override
mechanisms for free.

Fixes: 75c65ee20ade ("drm/udl: Reading all edid blocks in DRM/UDL driver")

Signed-off-by missing!

> ---
>  drivers/gpu/drm/udl/udl_connector.c | 72 +++++------------------------
>  1 file changed, 11 insertions(+), 61 deletions(-)
>
> diff --git a/drivers/gpu/drm/udl/udl_connector.c b/drivers/gpu/drm/udl/udl_connector.c
> index c3dc1fd20cb4..c7f8ac2cdbe5 100644
> --- a/drivers/gpu/drm/udl/udl_connector.c
> +++ b/drivers/gpu/drm/udl/udl_connector.c
> @@ -17,18 +17,19 @@
>  #include "udl_connector.h"
>  #include "udl_drv.h"
>  
> -static bool udl_get_edid_block(struct udl_device *udl, int block_idx,
> -							   u8 *buff)
> +static int udl_get_edid_block(void *data, u8 *buf, unsigned int block,
> +				size_t len)
>  {
>  	int ret, i;
>  	u8 *read_buff;
> +	struct udl_device *udl = data;
>  
>  	read_buff = kmalloc(2, GFP_KERNEL);

A follow-up cleanup might be to switch to using "u8 read_buff[2];"
instead of kmallocing it.

I don't claim to understand how the usb stuff works, but otherwise the
patch looks good to me. Nice refactoring!

Reviewed-by: Jani Nikula <jani.nikula@intel.com>

>  	if (!read_buff)
> -		return false;
> +		return -1;
>  
> -	for (i = 0; i < EDID_LENGTH; i++) {
> -		int bval = (i + block_idx * EDID_LENGTH) << 8;
> +	for (i = 0; i < len; i++) {
> +		int bval = (i + block * EDID_LENGTH) << 8;
>  		ret = usb_control_msg(udl->udev,
>  				      usb_rcvctrlpipe(udl->udev, 0),
>  					  (0x02), (0x80 | (0x02 << 5)), bval,
> @@ -36,60 +37,13 @@ static bool udl_get_edid_block(struct udl_device *udl, int block_idx,
>  		if (ret < 1) {
>  			DRM_ERROR("Read EDID byte %d failed err %x\n", i, ret);
>  			kfree(read_buff);
> -			return false;
> +			return -1;
>  		}
> -		buff[i] = read_buff[1];
> +		buf[i] = read_buff[1];
>  	}
>  
>  	kfree(read_buff);
> -	return true;
> -}
> -
> -static bool udl_get_edid(struct udl_device *udl, u8 **result_buff,
> -			 int *result_buff_size)
> -{
> -	int i, extensions;
> -	u8 *block_buff = NULL, *buff_ptr;
> -
> -	block_buff = kmalloc(EDID_LENGTH, GFP_KERNEL);
> -	if (block_buff == NULL)
> -		return false;
> -
> -	if (udl_get_edid_block(udl, 0, block_buff) &&
> -	    memchr_inv(block_buff, 0, EDID_LENGTH)) {
> -		extensions = ((struct edid *)block_buff)->extensions;
> -		if (extensions > 0) {
> -			/* we have to read all extensions one by one */
> -			*result_buff_size = EDID_LENGTH * (extensions + 1);
> -			*result_buff = kmalloc(*result_buff_size, GFP_KERNEL);
> -			buff_ptr = *result_buff;
> -			if (buff_ptr == NULL) {
> -				kfree(block_buff);
> -				return false;
> -			}
> -			memcpy(buff_ptr, block_buff, EDID_LENGTH);
> -			kfree(block_buff);
> -			buff_ptr += EDID_LENGTH;
> -			for (i = 1; i < extensions; ++i) {
> -				if (udl_get_edid_block(udl, i, buff_ptr)) {
> -					buff_ptr += EDID_LENGTH;
> -				} else {
> -					kfree(*result_buff);
> -					*result_buff = NULL;
> -					return false;
> -				}
> -			}
> -			return true;
> -		}
> -		/* we have only base edid block */
> -		*result_buff = block_buff;
> -		*result_buff_size = EDID_LENGTH;
> -		return true;
> -	}
> -
> -	kfree(block_buff);
> -
> -	return false;
> +	return 0;
>  }
>  
>  static int udl_get_modes(struct drm_connector *connector)
> @@ -121,8 +75,6 @@ static int udl_mode_valid(struct drm_connector *connector,
>  static enum drm_connector_status
>  udl_detect(struct drm_connector *connector, bool force)
>  {
> -	u8 *edid_buff = NULL;
> -	int edid_buff_size = 0;
>  	struct udl_device *udl = connector->dev->dev_private;
>  	struct udl_drm_connector *udl_connector =
>  					container_of(connector,
> @@ -135,12 +87,10 @@ udl_detect(struct drm_connector *connector, bool force)
>  		udl_connector->edid = NULL;
>  	}
>  
> -
> -	if (!udl_get_edid(udl, &edid_buff, &edid_buff_size))
> +	udl_connector->edid = drm_do_get_edid(connector, udl_get_edid_block, udl);
> +	if (!udl_connector->edid)
>  		return connector_status_disconnected;
>  
> -	udl_connector->edid = (struct edid *)edid_buff;
> -	
>  	return connector_status_connected;
>  }
Robert Tarasov March 13, 2019, 6:36 p.m. UTC | #2
On Wed, Mar 13, 2019 at 2:26 AM Jani Nikula <jani.nikula@linux.intel.com>
wrote:

> You'll also get support for debugfs and firmware loader EDID override
> mechanisms for free.
>

Yep :)


> Signed-off-by missing!
>

Fixed.

 read_buff = kmalloc(2, GFP_KERNEL);
>
> A follow-up cleanup might be to switch to using "u8 read_buff[2];"
> instead of kmallocing it.
>
> I don't claim to understand how the usb stuff works, but otherwise the
> patch looks good to me. Nice refactoring!
>
>
"The buffer passed to usb_control_msg may end up in scatter-gather list,
and may thus not be on the stack. Having it on the stack usually works on
x86,   but not on other archs. "
<div dir="ltr"><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Mar 13, 2019 at 2:26 AM Jani Nikula &lt;<a href="mailto:jani.nikula@linux.intel.com">jani.nikula@linux.intel.com</a>&gt; wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">You&#39;ll also get support for debugfs and firmware loader EDID override<br>
mechanisms for free.<br></blockquote><div><br></div><div>Yep :) </div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Signed-off-by missing!<br></blockquote><div><br></div><div>Fixed.</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> read_buff = kmalloc(2, GFP_KERNEL);<br>
<br>
A follow-up cleanup might be to switch to using &quot;u8 read_buff[2];&quot;<br>
instead of kmallocing it.<br>
<br>
I don&#39;t claim to understand how the usb stuff works, but otherwise the<br>
patch looks good to me. Nice refactoring!<br><br></blockquote><div><br></div><span style="font-size:13px">&quot;The buffer passed to usb_control_msg may end up in scatter-gather list, and </span><span style="font-size:13px">may thus not be on the stack. Having it on the stack usually works on x86,   </span><span style="font-size:13px">but </span><span style="font-size:13px">not on other archs.</span><span style="font-size:13px"> &quot;</span></div></div>
Jani Nikula March 14, 2019, 10 a.m. UTC | #3
On Wed, 13 Mar 2019, Robert Tarasov <tutankhamen@chromium.org> wrote:
> On Wed, Mar 13, 2019 at 2:26 AM Jani Nikula <jani.nikula@linux.intel.com>
> wrote:
>  read_buff = kmalloc(2, GFP_KERNEL);
>>
>> A follow-up cleanup might be to switch to using "u8 read_buff[2];"
>> instead of kmallocing it.
>>
>> I don't claim to understand how the usb stuff works, but otherwise the
>> patch looks good to me. Nice refactoring!
>>
>>
> "The buffer passed to usb_control_msg may end up in scatter-gather list,
> and may thus not be on the stack. Having it on the stack usually works on
> x86,   but not on other archs. "

Apparently you're referring to commit 242187b36255 ("udldrmfb:
udl_get_edid: usb_control_msg buffer must not be on the stack"). Cc:
Hans.

Mind blows. Not a word on this anywhere in usb_control_msg()
documentation. Nothing. I found this patch [1] that never go applied,
which doesn't actually say anything about stack, only alignment and
padding. Cc: Mauro.

I think with this usb_control_msg() goes to negative levels in Rusty's
API design manifesto.


BR,
Jani.



[1] http://mid.mail-archive.com/ee3ea6944e095fa3b2383697a967f4bc9e2d9631.1490813422.git.mchehab@s-opensource.com
Hans de Goede March 14, 2019, 10:46 a.m. UTC | #4
Hi,

On 14-03-19 11:00, Jani Nikula wrote:
> On Wed, 13 Mar 2019, Robert Tarasov <tutankhamen@chromium.org> wrote:
>> On Wed, Mar 13, 2019 at 2:26 AM Jani Nikula <jani.nikula@linux.intel.com>
>> wrote:
>>   read_buff = kmalloc(2, GFP_KERNEL);
>>>
>>> A follow-up cleanup might be to switch to using "u8 read_buff[2];"
>>> instead of kmallocing it.
>>>
>>> I don't claim to understand how the usb stuff works, but otherwise the
>>> patch looks good to me. Nice refactoring!
>>>
>>>
>> "The buffer passed to usb_control_msg may end up in scatter-gather list,
>> and may thus not be on the stack. Having it on the stack usually works on
>> x86,   but not on other archs. "
> 
> Apparently you're referring to commit 242187b36255 ("udldrmfb:
> udl_get_edid: usb_control_msg buffer must not be on the stack"). Cc:
> Hans.

Right, that is correct, note this is enforced by the usb-core, having
the buffer on the stack will trigger a WARN_ONCE in drivers/usb/core/hcd.c:
usb_hcd_map_urb_for_dma() even on x86.

> Mind blows. Not a word on this anywhere in usb_control_msg()
> documentation. Nothing. I found this patch [1] that never go applied,
> which doesn't actually say anything about stack, only alignment and
> padding. Cc: Mauro.

I guess this is something everyone who works regularly on USB drivers
just learned once the hard way by triggering (and then fixing) the
WARN_ONCE. Note I'm not trying to make an excuse for the lacking docs
here, just trying to provide some background. I fully agree that the
docs should be updated to say that the buffer must be dma-able and
thus must not be on the stack. Maybe the docs should simply say
something along the lines of:

"the buffer should be dma-capable and properly aligned for dma,
it is advisable to use a dedictated kmalloc-ed buffer for this"

Regards,

Hans
diff mbox series

Patch

diff --git a/drivers/gpu/drm/udl/udl_connector.c b/drivers/gpu/drm/udl/udl_connector.c
index c3dc1fd20cb4..c7f8ac2cdbe5 100644
--- a/drivers/gpu/drm/udl/udl_connector.c
+++ b/drivers/gpu/drm/udl/udl_connector.c
@@ -17,18 +17,19 @@ 
 #include "udl_connector.h"
 #include "udl_drv.h"
 
-static bool udl_get_edid_block(struct udl_device *udl, int block_idx,
-							   u8 *buff)
+static int udl_get_edid_block(void *data, u8 *buf, unsigned int block,
+				size_t len)
 {
 	int ret, i;
 	u8 *read_buff;
+	struct udl_device *udl = data;
 
 	read_buff = kmalloc(2, GFP_KERNEL);
 	if (!read_buff)
-		return false;
+		return -1;
 
-	for (i = 0; i < EDID_LENGTH; i++) {
-		int bval = (i + block_idx * EDID_LENGTH) << 8;
+	for (i = 0; i < len; i++) {
+		int bval = (i + block * EDID_LENGTH) << 8;
 		ret = usb_control_msg(udl->udev,
 				      usb_rcvctrlpipe(udl->udev, 0),
 					  (0x02), (0x80 | (0x02 << 5)), bval,
@@ -36,60 +37,13 @@  static bool udl_get_edid_block(struct udl_device *udl, int block_idx,
 		if (ret < 1) {
 			DRM_ERROR("Read EDID byte %d failed err %x\n", i, ret);
 			kfree(read_buff);
-			return false;
+			return -1;
 		}
-		buff[i] = read_buff[1];
+		buf[i] = read_buff[1];
 	}
 
 	kfree(read_buff);
-	return true;
-}
-
-static bool udl_get_edid(struct udl_device *udl, u8 **result_buff,
-			 int *result_buff_size)
-{
-	int i, extensions;
-	u8 *block_buff = NULL, *buff_ptr;
-
-	block_buff = kmalloc(EDID_LENGTH, GFP_KERNEL);
-	if (block_buff == NULL)
-		return false;
-
-	if (udl_get_edid_block(udl, 0, block_buff) &&
-	    memchr_inv(block_buff, 0, EDID_LENGTH)) {
-		extensions = ((struct edid *)block_buff)->extensions;
-		if (extensions > 0) {
-			/* we have to read all extensions one by one */
-			*result_buff_size = EDID_LENGTH * (extensions + 1);
-			*result_buff = kmalloc(*result_buff_size, GFP_KERNEL);
-			buff_ptr = *result_buff;
-			if (buff_ptr == NULL) {
-				kfree(block_buff);
-				return false;
-			}
-			memcpy(buff_ptr, block_buff, EDID_LENGTH);
-			kfree(block_buff);
-			buff_ptr += EDID_LENGTH;
-			for (i = 1; i < extensions; ++i) {
-				if (udl_get_edid_block(udl, i, buff_ptr)) {
-					buff_ptr += EDID_LENGTH;
-				} else {
-					kfree(*result_buff);
-					*result_buff = NULL;
-					return false;
-				}
-			}
-			return true;
-		}
-		/* we have only base edid block */
-		*result_buff = block_buff;
-		*result_buff_size = EDID_LENGTH;
-		return true;
-	}
-
-	kfree(block_buff);
-
-	return false;
+	return 0;
 }
 
 static int udl_get_modes(struct drm_connector *connector)
@@ -121,8 +75,6 @@  static int udl_mode_valid(struct drm_connector *connector,
 static enum drm_connector_status
 udl_detect(struct drm_connector *connector, bool force)
 {
-	u8 *edid_buff = NULL;
-	int edid_buff_size = 0;
 	struct udl_device *udl = connector->dev->dev_private;
 	struct udl_drm_connector *udl_connector =
 					container_of(connector,
@@ -135,12 +87,10 @@  udl_detect(struct drm_connector *connector, bool force)
 		udl_connector->edid = NULL;
 	}
 
-
-	if (!udl_get_edid(udl, &edid_buff, &edid_buff_size))
+	udl_connector->edid = drm_do_get_edid(connector, udl_get_edid_block, udl);
+	if (!udl_connector->edid)
 		return connector_status_disconnected;
 
-	udl_connector->edid = (struct edid *)edid_buff;
-	
 	return connector_status_connected;
 }