[PATCH 4/8] drm: Allow drm_mode_object_find() to look up an object of any type

Daniel Vetter daniel at ffwll.ch
Thu May 29 05:17:27 PDT 2014 

On Thu, May 29, 2014 at 08:01:48AM -0400, Rob Clark wrote:
> On Thu, May 29, 2014 at 7:18 AM, Daniel Vetter <daniel at ffwll.ch> wrote:
> > On Wed, May 28, 2014 at 07:57:21PM -0400, Rob Clark wrote:
> >> From: Ville Syrjälä <ville.syrjala at linux.intel.com>
> >>
> >> To avoid having to pass object types from userspace for atomic mode
> >> setting ioctl, allow drm_mode_object_find() to look up an object of any
> >> type. This will only work as long as the all object types share the ID
> >> space.
> >>
> >> Signed-off-by: Ville Syrjälä <ville.syrjala at linux.intel.com>
> >> Signed-off-by: Rob Clark <robdclark at gmail.com>
> >
> > Still NACK. Iirc you only want a boolean "does this exist" so please add a
> > new function for this. Returning a full pointer for framebuffer is simply
> > unsafe, allowing that a call for trouble. Yes, I know your current code is
> > safe but I don't want to freak out and do an ad-hoc audit every time I
> > stumble over this again.
> 
> this one isn't removing the (type != FB_ID) check.. if you looked more
> carefully at the other patches you'd realized I'd already changed this
> ;-)

Argh, today is an embarrassing day indeed.

> I suppose for completeness we should add an obj->type != FB_ID check
> too, although it should *not* be a WARN_ON().  The one place it is
> used is for atomic ioctl:
> 
> + obj = drm_mode_object_find(dev, obj_id, DRM_MODE_OBJECT_ANY);
> + if (!obj || !obj->properties) {
> + ret = -ENOENT;
> + goto out;
> + }

If you want to use this I think we need a new function
drm_mode_object_has_properties or something, which checks whether the
passed-in object_id is a framebuffer or not under the protection of the
idr_mutex.

Because the moment you drop that look obj can be freed if it's indeed an
fb, and so all your obj->properties check walks into lalala-land. Or at
least can.

fb objects really have completely different lifetime rules so we need to
be extremely careful with handling them ;-)
-Daniel
-- 
Daniel Vetter
Software Engineer, Intel Corporation
+41 (0) 79 365 57 48 - http://blog.ffwll.ch

More information about the dri-devel mailing list