[Intel-gfx] [PATCH libdrm] intel: Serialize drmPrimeFDToHandle with struct_mutex

[Damien Lespiau]

On Fri, Jul 24, 2015 at 11:51:01AM +0100, Chris Wilson wrote:
> On Fri, Jul 24, 2015 at 11:22:34AM +0200, Michał Winiarski wrote:
> > From: Rafał Sapała <rafal.a.sapala at intel.com>
> > 
> > It is possible to hit a race condition in create_from_prime, when trying
> > to import a BO that's currently being freed. In case of prime sharing
> > we'll succesfully get a handle, but fail on get_tiling call, potentially
> > confusing the caller (and requiring different locking scheme than with
> > sharing using flink). Wrap fd_to_handle with struct_mutex to force
> > a more consistent behaviour between prime/flink, convert fprintf to DBG
> > when handling errors.
> 
> The race is that the kernel returns us the same file-private handle as
> the first thread, but that first thread is about to call gem_close
> (thereby removing the handle from the file completely) and does so
> between us acquiring the handle and taking the mutex. If we take
> the mutex, then we acquire the refcnt on the bo prior to the first
> thread completing its unref (and so preventing the early close). Or we
> acquire the handle after the earlier close, in which case we are the new
> owner.
> 
> Reviewed-by: Chris Wilson <chris at chris-wilson.co.uk>

Thanks for the patch & review, pushed.

-- 
Damien