| Message ID | 20240927084848.263718-2-pierre-eric.pelloux-prayer@amd.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | DRM_SET_CLIENT_NAME ioctl | expand |
On 9/27/24 11:48, Pierre-Eric Pelloux-Prayer wrote: > Giving the opportunity to userspace to associate a free-form > name with a drm_file struct is helpful for tracking and debugging. > > This is similar to the existing DMA_BUF_SET_NAME ioctl. > > Access to client_name is protected by a mutex, and the 'clients' debugfs > file has been updated to print it. > > Userspace MR to use this ioctl: > https://gitlab.freedesktop.org/virgl/virglrenderer/-/merge_requests/1428 > > If the string passed by userspace contains chars that would mess up output > when it's going to be printed (in dmesg, fdinfo, etc), -EINVAL is returned. > > A 0-length string is a valid use, and clears the existing name. > > Reviewed-by: Tvrtko Ursulin <tvrtko.ursulin@igalia.com> > Signed-off-by: Pierre-Eric Pelloux-Prayer <pierre-eric.pelloux-prayer@amd.com> > --- > drivers/gpu/drm/drm_debugfs.c | 14 ++++++--- > drivers/gpu/drm/drm_file.c | 5 ++++ > drivers/gpu/drm/drm_ioctl.c | 55 +++++++++++++++++++++++++++++++++++ > include/drm/drm_file.h | 9 ++++++ > include/uapi/drm/drm.h | 17 +++++++++++ > 5 files changed, 96 insertions(+), 4 deletions(-) Reviewed-by: Dmitry Osipenko <dmitry.osipenko@collabora.com>
On 27/09/2024 09:48, Pierre-Eric Pelloux-Prayer wrote: > Giving the opportunity to userspace to associate a free-form > name with a drm_file struct is helpful for tracking and debugging. > > This is similar to the existing DMA_BUF_SET_NAME ioctl. > > Access to client_name is protected by a mutex, and the 'clients' debugfs > file has been updated to print it. > > Userspace MR to use this ioctl: > https://gitlab.freedesktop.org/virgl/virglrenderer/-/merge_requests/1428 > > If the string passed by userspace contains chars that would mess up output > when it's going to be printed (in dmesg, fdinfo, etc), -EINVAL is returned. > > A 0-length string is a valid use, and clears the existing name. > > Reviewed-by: Tvrtko Ursulin <tvrtko.ursulin@igalia.com> > Signed-off-by: Pierre-Eric Pelloux-Prayer <pierre-eric.pelloux-prayer@amd.com> > --- > drivers/gpu/drm/drm_debugfs.c | 14 ++++++--- > drivers/gpu/drm/drm_file.c | 5 ++++ > drivers/gpu/drm/drm_ioctl.c | 55 +++++++++++++++++++++++++++++++++++ > include/drm/drm_file.h | 9 ++++++ > include/uapi/drm/drm.h | 17 +++++++++++ > 5 files changed, 96 insertions(+), 4 deletions(-) > > diff --git a/drivers/gpu/drm/drm_debugfs.c b/drivers/gpu/drm/drm_debugfs.c > index 6b239a24f1df..5c99322a4c6f 100644 > --- a/drivers/gpu/drm/drm_debugfs.c > +++ b/drivers/gpu/drm/drm_debugfs.c > @@ -78,12 +78,14 @@ static int drm_clients_info(struct seq_file *m, void *data) > kuid_t uid; > > seq_printf(m, > - "%20s %5s %3s master a %5s %10s\n", > + "%20s %5s %3s master a %5s %10s %*s\n", > "command", > "tgid", > "dev", > "uid", > - "magic"); > + "magic", > + DRM_CLIENT_NAME_MAX_LEN, > + "name"); > > /* dev->filelist is sorted youngest first, but we want to present > * oldest first (i.e. kernel, servers, clients), so walk backwardss. > @@ -94,19 +96,23 @@ static int drm_clients_info(struct seq_file *m, void *data) > struct task_struct *task; > struct pid *pid; > > + mutex_lock(&priv->client_name_lock); > rcu_read_lock(); /* Locks priv->pid and pid_task()->comm! */ > pid = rcu_dereference(priv->pid); > task = pid_task(pid, PIDTYPE_TGID); > uid = task ? __task_cred(task)->euid : GLOBAL_ROOT_UID; > - seq_printf(m, "%20s %5d %3d %c %c %5d %10u\n", > + seq_printf(m, "%20s %5d %3d %c %c %5d %10u %*s\n", > task ? task->comm : "<unknown>", > pid_vnr(pid), > priv->minor->index, > is_current_master ? 'y' : 'n', > priv->authenticated ? 'y' : 'n', > from_kuid_munged(seq_user_ns(m), uid), > - priv->magic); > + priv->magic, > + DRM_CLIENT_NAME_MAX_LEN, > + priv->client_name ? priv->client_name : "<unset>"); > rcu_read_unlock(); > + mutex_unlock(&priv->client_name_lock); > } > mutex_unlock(&dev->filelist_mutex); > return 0; > diff --git a/drivers/gpu/drm/drm_file.c b/drivers/gpu/drm/drm_file.c > index 01fde94fe2a9..64f5e15304e7 100644 > --- a/drivers/gpu/drm/drm_file.c > +++ b/drivers/gpu/drm/drm_file.c > @@ -158,6 +158,7 @@ struct drm_file *drm_file_alloc(struct drm_minor *minor) > > spin_lock_init(&file->master_lookup_lock); > mutex_init(&file->event_read_lock); > + mutex_init(&file->client_name_lock); > > if (drm_core_check_feature(dev, DRIVER_GEM)) > drm_gem_open(dev, file); > @@ -259,6 +260,10 @@ void drm_file_free(struct drm_file *file) > WARN_ON(!list_empty(&file->event_list)); > > put_pid(rcu_access_pointer(file->pid)); > + > + mutex_destroy(&file->client_name_lock); > + kfree(file->client_name); > + > kfree(file); > } > > diff --git a/drivers/gpu/drm/drm_ioctl.c b/drivers/gpu/drm/drm_ioctl.c > index 51f39912866f..df8d59bd5241 100644 > --- a/drivers/gpu/drm/drm_ioctl.c > +++ b/drivers/gpu/drm/drm_ioctl.c > @@ -540,6 +540,59 @@ int drm_version(struct drm_device *dev, void *data, > return err; > } > > +/* > + * Check if the passed string contains control char or spaces or > + * anything that would mess up a formatted output. > + */ > +static int drm_validate_value_string(const char *value, size_t len) > +{ > + int i; > + > + for (i = 0; i < len; i++) { > + if (value[i] <= 32 || value[i] >= 127) Would !isascii() || isgraph() work for what you have in mind here, considering the comment from the cover letter about the extended ASCII? > + return -EINVAL; > + } > + return 0; > +} > + > +static int drm_set_client_name(struct drm_device *dev, void *data, > + struct drm_file *file_priv) > +{ > + struct drm_set_client_name *name = data; > + void __user *user_ptr; > + char *new_name; > + size_t len; > + > + if (name->name_len > DRM_CLIENT_NAME_MAX_LEN) > + return -EINVAL; > + > + user_ptr = u64_to_user_ptr(name->name); > + > + new_name = memdup_user_nul(user_ptr, name->name_len); > + if (IS_ERR(new_name)) > + return PTR_ERR(new_name); > + > + len = strlen(new_name); > + > + if (len != name->name_len || > + drm_validate_value_string(new_name, len) < 0) { > + kfree(new_name); > + return -EINVAL; > + } > + > + mutex_lock(&file_priv->client_name_lock); > + kfree(file_priv->client_name); > + if (len > 0) { > + file_priv->client_name = new_name; > + } else { > + kfree(new_name); > + file_priv->client_name = NULL; > + } > + mutex_unlock(&file_priv->client_name_lock); FWIW I still find it hard to look at needlessly allocating a string when userspace has passed name->name_len == 0. I would have done it something like this: { struct drm_set_client_name *name = data; size_t len = name->len; char *new_name; if (len > DRM_CLIENT_NAME_MAX_LEN) { return -EINVAL; } else if (len) { new_name = memdup_user_nul(u64_to_user_ptr(name->name), len); if (IS_ERR(new_name)) return PTR_ERR(new_name); if (strlen(new_name) != len || drm_validate_value_string(new_name, len) < 0) { kfree(new_name); return -EINVAL; } } else { new_name = NULL; } mutex_lock(&file_priv->client_name_lock); kfree(file_priv->client_name); file_priv->client_name = new_name; mutex_unlock(&file_priv->client_name_lock); But whatever, you can keep the r-b regardless. Regards, Tvrtko > + > + return 0; > +} > + > static int drm_ioctl_permit(u32 flags, struct drm_file *file_priv) > { > /* ROOT_ONLY is only for CAP_SYS_ADMIN */ > @@ -610,6 +663,8 @@ static const struct drm_ioctl_desc drm_ioctls[] = { > DRM_IOCTL_DEF(DRM_IOCTL_PRIME_HANDLE_TO_FD, drm_prime_handle_to_fd_ioctl, DRM_RENDER_ALLOW), > DRM_IOCTL_DEF(DRM_IOCTL_PRIME_FD_TO_HANDLE, drm_prime_fd_to_handle_ioctl, DRM_RENDER_ALLOW), > > + DRM_IOCTL_DEF(DRM_IOCTL_SET_CLIENT_NAME, drm_set_client_name, DRM_RENDER_ALLOW), > + > DRM_IOCTL_DEF(DRM_IOCTL_MODE_GETPLANERESOURCES, drm_mode_getplane_res, 0), > DRM_IOCTL_DEF(DRM_IOCTL_MODE_GETCRTC, drm_mode_getcrtc, 0), > DRM_IOCTL_DEF(DRM_IOCTL_MODE_SETCRTC, drm_mode_setcrtc, DRM_MASTER), > diff --git a/include/drm/drm_file.h b/include/drm/drm_file.h > index 8c0030c77308..d4f1c115ea0f 100644 > --- a/include/drm/drm_file.h > +++ b/include/drm/drm_file.h > @@ -388,6 +388,15 @@ struct drm_file { > * Per-file buffer caches used by the PRIME buffer sharing code. > */ > struct drm_prime_file_private prime; > + > + /** > + * @client_name: > + * > + * Userspace-provided name; useful for accounting and debugging. > + */ > + const char *client_name; > + /** @name_lock: Protects @client_name. */ > + struct mutex client_name_lock; > }; > > /** > diff --git a/include/uapi/drm/drm.h b/include/uapi/drm/drm.h > index 16122819edfe..7fba37b94401 100644 > --- a/include/uapi/drm/drm.h > +++ b/include/uapi/drm/drm.h > @@ -1024,6 +1024,13 @@ struct drm_crtc_queue_sequence { > __u64 user_data; /* user data passed to event */ > }; > > +#define DRM_CLIENT_NAME_MAX_LEN 64 > +struct drm_set_client_name { > + __u64 name_len; > + __u64 name; > +}; > + > + > #if defined(__cplusplus) > } > #endif > @@ -1288,6 +1295,16 @@ extern "C" { > */ > #define DRM_IOCTL_MODE_CLOSEFB DRM_IOWR(0xD0, struct drm_mode_closefb) > > +/** > + * DRM_IOCTL_SET_CLIENT_NAME - Attach a name to a drm_file > + * > + * Having a name allows for easier tracking and debugging. > + * The length of the name (without null ending char) must be > + * <= DRM_CLIENT_NAME_MAX_LEN. > + * The call will fail if the name contains whitespaces or non-printable chars. > + */ > +#define DRM_IOCTL_SET_CLIENT_NAME DRM_IOWR(0xD1, struct drm_set_client_name) > + > /* > * Device specific ioctls should only be in their respective headers > * The device specific ioctl range is from 0x40 to 0x9f.
diff --git a/drivers/gpu/drm/drm_debugfs.c b/drivers/gpu/drm/drm_debugfs.c index 6b239a24f1df..5c99322a4c6f 100644 --- a/drivers/gpu/drm/drm_debugfs.c +++ b/drivers/gpu/drm/drm_debugfs.c @@ -78,12 +78,14 @@ static int drm_clients_info(struct seq_file *m, void *data) kuid_t uid; seq_printf(m, - "%20s %5s %3s master a %5s %10s\n", + "%20s %5s %3s master a %5s %10s %*s\n", "command", "tgid", "dev", "uid", - "magic"); + "magic", + DRM_CLIENT_NAME_MAX_LEN, + "name"); /* dev->filelist is sorted youngest first, but we want to present * oldest first (i.e. kernel, servers, clients), so walk backwardss. @@ -94,19 +96,23 @@ static int drm_clients_info(struct seq_file *m, void *data) struct task_struct *task; struct pid *pid; + mutex_lock(&priv->client_name_lock); rcu_read_lock(); /* Locks priv->pid and pid_task()->comm! */ pid = rcu_dereference(priv->pid); task = pid_task(pid, PIDTYPE_TGID); uid = task ? __task_cred(task)->euid : GLOBAL_ROOT_UID; - seq_printf(m, "%20s %5d %3d %c %c %5d %10u\n", + seq_printf(m, "%20s %5d %3d %c %c %5d %10u %*s\n", task ? task->comm : "<unknown>", pid_vnr(pid), priv->minor->index, is_current_master ? 'y' : 'n', priv->authenticated ? 'y' : 'n', from_kuid_munged(seq_user_ns(m), uid), - priv->magic); + priv->magic, + DRM_CLIENT_NAME_MAX_LEN, + priv->client_name ? priv->client_name : "<unset>"); rcu_read_unlock(); + mutex_unlock(&priv->client_name_lock); } mutex_unlock(&dev->filelist_mutex); return 0; diff --git a/drivers/gpu/drm/drm_file.c b/drivers/gpu/drm/drm_file.c index 01fde94fe2a9..64f5e15304e7 100644 --- a/drivers/gpu/drm/drm_file.c +++ b/drivers/gpu/drm/drm_file.c @@ -158,6 +158,7 @@ struct drm_file *drm_file_alloc(struct drm_minor *minor) spin_lock_init(&file->master_lookup_lock); mutex_init(&file->event_read_lock); + mutex_init(&file->client_name_lock); if (drm_core_check_feature(dev, DRIVER_GEM)) drm_gem_open(dev, file); @@ -259,6 +260,10 @@ void drm_file_free(struct drm_file *file) WARN_ON(!list_empty(&file->event_list)); put_pid(rcu_access_pointer(file->pid)); + + mutex_destroy(&file->client_name_lock); + kfree(file->client_name); + kfree(file); } diff --git a/drivers/gpu/drm/drm_ioctl.c b/drivers/gpu/drm/drm_ioctl.c index 51f39912866f..df8d59bd5241 100644 --- a/drivers/gpu/drm/drm_ioctl.c +++ b/drivers/gpu/drm/drm_ioctl.c @@ -540,6 +540,59 @@ int drm_version(struct drm_device *dev, void *data, return err; } +/* + * Check if the passed string contains control char or spaces or + * anything that would mess up a formatted output. + */ +static int drm_validate_value_string(const char *value, size_t len) +{ + int i; + + for (i = 0; i < len; i++) { + if (value[i] <= 32 || value[i] >= 127) + return -EINVAL; + } + return 0; +} + +static int drm_set_client_name(struct drm_device *dev, void *data, + struct drm_file *file_priv) +{ + struct drm_set_client_name *name = data; + void __user *user_ptr; + char *new_name; + size_t len; + + if (name->name_len > DRM_CLIENT_NAME_MAX_LEN) + return -EINVAL; + + user_ptr = u64_to_user_ptr(name->name); + + new_name = memdup_user_nul(user_ptr, name->name_len); + if (IS_ERR(new_name)) + return PTR_ERR(new_name); + + len = strlen(new_name); + + if (len != name->name_len || + drm_validate_value_string(new_name, len) < 0) { + kfree(new_name); + return -EINVAL; + } + + mutex_lock(&file_priv->client_name_lock); + kfree(file_priv->client_name); + if (len > 0) { + file_priv->client_name = new_name; + } else { + kfree(new_name); + file_priv->client_name = NULL; + } + mutex_unlock(&file_priv->client_name_lock); + + return 0; +} + static int drm_ioctl_permit(u32 flags, struct drm_file *file_priv) { /* ROOT_ONLY is only for CAP_SYS_ADMIN */ @@ -610,6 +663,8 @@ static const struct drm_ioctl_desc drm_ioctls[] = { DRM_IOCTL_DEF(DRM_IOCTL_PRIME_HANDLE_TO_FD, drm_prime_handle_to_fd_ioctl, DRM_RENDER_ALLOW), DRM_IOCTL_DEF(DRM_IOCTL_PRIME_FD_TO_HANDLE, drm_prime_fd_to_handle_ioctl, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF(DRM_IOCTL_SET_CLIENT_NAME, drm_set_client_name, DRM_RENDER_ALLOW), + DRM_IOCTL_DEF(DRM_IOCTL_MODE_GETPLANERESOURCES, drm_mode_getplane_res, 0), DRM_IOCTL_DEF(DRM_IOCTL_MODE_GETCRTC, drm_mode_getcrtc, 0), DRM_IOCTL_DEF(DRM_IOCTL_MODE_SETCRTC, drm_mode_setcrtc, DRM_MASTER), diff --git a/include/drm/drm_file.h b/include/drm/drm_file.h index 8c0030c77308..d4f1c115ea0f 100644 --- a/include/drm/drm_file.h +++ b/include/drm/drm_file.h @@ -388,6 +388,15 @@ struct drm_file { * Per-file buffer caches used by the PRIME buffer sharing code. */ struct drm_prime_file_private prime; + + /** + * @client_name: + * + * Userspace-provided name; useful for accounting and debugging. + */ + const char *client_name; + /** @name_lock: Protects @client_name. */ + struct mutex client_name_lock; }; /** diff --git a/include/uapi/drm/drm.h b/include/uapi/drm/drm.h index 16122819edfe..7fba37b94401 100644 --- a/include/uapi/drm/drm.h +++ b/include/uapi/drm/drm.h @@ -1024,6 +1024,13 @@ struct drm_crtc_queue_sequence { __u64 user_data; /* user data passed to event */ }; +#define DRM_CLIENT_NAME_MAX_LEN 64 +struct drm_set_client_name { + __u64 name_len; + __u64 name; +}; + + #if defined(__cplusplus) } #endif @@ -1288,6 +1295,16 @@ extern "C" { */ #define DRM_IOCTL_MODE_CLOSEFB DRM_IOWR(0xD0, struct drm_mode_closefb) +/** + * DRM_IOCTL_SET_CLIENT_NAME - Attach a name to a drm_file + * + * Having a name allows for easier tracking and debugging. + * The length of the name (without null ending char) must be + * <= DRM_CLIENT_NAME_MAX_LEN. + * The call will fail if the name contains whitespaces or non-printable chars. + */ +#define DRM_IOCTL_SET_CLIENT_NAME DRM_IOWR(0xD1, struct drm_set_client_name) + /* * Device specific ioctls should only be in their respective headers * The device specific ioctl range is from 0x40 to 0x9f.