| Message ID | 1436477570-4936-11-git-send-email-daniel.vetter@ffwll.ch (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Thu, Jul 09, 2015 at 11:32:42PM +0200, Daniel Vetter wrote: > Since David Herrmann's mmap vma manager rework we don't need to grab > dev->struct_mutex any more to prevent races when looking up the mmap > offset. Drop it and instead don't forget to use the unref_unlocked > variant (since the drm core still cares). > > Aside: I stumbled over the mmap handler which directly does a > dma_mmap_attrs. But totally fails to grab a reference on the > underlying object and hence looks like it happily just leaks the ptes > since there's no guarantee the mmap isn't still around when > gem_free_object is called. Which the kerneldoc of dma_mmap_attrs > explicitly forbids. Same is true for Exynos, which seems to be the source for copy/paste here. Anyway, for this change: Reviewed-by: Thierry Reding <treding@nvidia.com>
diff --git a/drivers/gpu/drm/rockchip/rockchip_drm_gem.c b/drivers/gpu/drm/rockchip/rockchip_drm_gem.c index eba5f8a52fbd..ca7b6ebe1145 100644 --- a/drivers/gpu/drm/rockchip/rockchip_drm_gem.c +++ b/drivers/gpu/drm/rockchip/rockchip_drm_gem.c @@ -198,15 +198,11 @@ int rockchip_gem_dumb_map_offset(struct drm_file *file_priv, uint64_t *offset) { struct drm_gem_object *obj; - int ret; - - mutex_lock(&dev->struct_mutex); obj = drm_gem_object_lookup(dev, file_priv, handle); if (!obj) { DRM_ERROR("failed to lookup gem object.\n"); - ret = -EINVAL; - goto unlock; + return -EINVAL; } ret = drm_gem_create_mmap_offset(obj); @@ -217,10 +213,9 @@ int rockchip_gem_dumb_map_offset(struct drm_file *file_priv, DRM_DEBUG_KMS("offset = 0x%llx\n", *offset); out: - drm_gem_object_unreference(obj); -unlock: - mutex_unlock(&dev->struct_mutex); - return ret; + drm_gem_object_unreference_unlocked(obj); + + return 0; } /*
Since David Herrmann's mmap vma manager rework we don't need to grab dev->struct_mutex any more to prevent races when looking up the mmap offset. Drop it and instead don't forget to use the unref_unlocked variant (since the drm core still cares). Aside: I stumbled over the mmap handler which directly does a dma_mmap_attrs. But totally fails to grab a reference on the underlying object and hence looks like it happily just leaks the ptes since there's no guarantee the mmap isn't still around when gem_free_object is called. Which the kerneldoc of dma_mmap_attrs explicitly forbids. Cc: Mark Yao <mark.yao@rock-chips.com> Signed-off-by: Daniel Vetter <daniel.vetter@intel.com> --- drivers/gpu/drm/rockchip/rockchip_drm_gem.c | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-)