[Intel-gfx] [PATCH 12/14] drm: Move master pointer from drm_minor to drm_device

Chris Wilson chris at chris-wilson.co.uk
Wed Jun 15 16:33:14 UTC 2016 

On Wed, Jun 15, 2016 at 06:01:41PM +0200, Daniel Vetter wrote:
> On Wed, Jun 15, 2016 at 01:10:35PM +0100, Chris Wilson wrote:
> > On Tue, Jun 14, 2016 at 08:51:07PM +0200, Daniel Vetter wrote:
> > > There can only be one current master, and it's for the overall device.
> > > Render/control minors don't support master-based auth at all.
> > > 
> > > This simplifies the master logic a lot, at least in my eyes: All these
> > > additional pointer chases are just confusing.
> > 
> > One master for the device, on the struct drm_device, as opposed to hidden
> > behind the first of three minors, makes sense.
> > 
> > > @@ -128,13 +128,13 @@ static int drm_new_set_master(struct drm_device *dev, struct drm_file *fpriv)
> > >  	lockdep_assert_held_once(&dev->master_mutex);
> > >  
> > >  	/* create a new master */
> > > -	fpriv->minor->master = drm_master_create(fpriv->minor->dev);
> > > -	if (!fpriv->minor->master)
> > > +	dev->master = drm_master_create(dev);
> > > +	if (!dev->master)
> > >  		return -ENOMEM;
> > >  
> > >  	/* take another reference for the copy in the local file priv */
> > >  	old_master = fpriv->master;
> > > -	fpriv->master = drm_master_get(fpriv->minor->master);
> > > +	fpriv->master = drm_master_get(dev->master);
> > >  
> > >  	if (dev->driver->master_create) {
> > >  		ret = dev->driver->master_create(dev, fpriv->master);
> > 
> > > @@ -234,10 +234,10 @@ int drm_master_open(struct drm_file *file_priv)
> > >  	/* if there is no current master make this fd it, but do not create
> > >  	 * any master object for render clients */
> > >  	mutex_lock(&dev->master_mutex);
> > > -	if (!file_priv->minor->master)
> > > +	if (!dev->master)
> > >  		ret = drm_new_set_master(dev, file_priv);
> > >  	else
> > > -		file_priv->master = drm_master_get(file_priv->minor->master);
> > > +		file_priv->master = drm_master_get(dev->master);
> > >  	mutex_unlock(&dev->master_mutex);
> > 
> > You could take the opportunity to make this a bit simpler:
> > 
> > 	if (!READ_ONCE(dev->master)) {
> > 		int ret;
> > 
> > 		ret = 0;
> > 		mutex_lock(&dev->master_mutex);
> > 		if (!dev->master)
> > 			ret = drm_new_master(dev);
> > 		mutex_unlock(&dev->master_mutex);
> > 		if (ret)
> > 			return ret;
> > 	}
> > 
> > 	file_priv->master = drm_master_get(dev->master);
> 
> drm_master_get(dev->master) must be under the master_mutex, without it we
> could race with a drm_master_put(&dev->master) and end up doing a kref_get
> when the refcount already reached 0.

Something is very fishy then. The behaviour of drm_new_master() would
appear to be to create a drm_master owned by the device, but really it is
owned by file_priv?

* checks back on drm_master

So drm_master is the authentication structure that needs to be unique to
a hierachy. So drm_new_set_master() and here really do appear backwards.

The old drm_new_set_master() makes more sense, it assigns to the
file_priv, and then performs a setmaster operation. In that ordering,
you could even do the file_priv local operation of creating the new
master structure before taking the lock to perform setmaster.


> > Just to straighten out the kref dance.
> > 
> > >  
> > >  	return ret;
> > > @@ -271,11 +271,11 @@ void drm_master_release(struct drm_file *file_priv)
> > >  		mutex_unlock(&dev->struct_mutex);
> > >  	}
> > >  
> > > -	if (file_priv->minor->master == file_priv->master) {
> > > +	if (dev->master == file_priv->master) {
> > >  		/* drop the reference held my the minor */
> > >  		if (dev->driver->master_drop)
> > >  			dev->driver->master_drop(dev, file_priv, true);
> > > -		drm_master_put(&file_priv->minor->master);
> > > +		drm_master_put(&dev->master);
> > 
> > This still makes me uneasy. This is not equivalent to dropmaster_ioctl
> > and subsequent setmaster_ioctl will fail as dev->master is still
> > assigned (but the owner has gone).
> 
> drm_master_put clears the pointer passed to it, so dev->master will be set
> to NULL. And it does the same as drop_master (wrt dev->master at least,
> master_release also needs to clean up file_priv->master on top). Not sure
> it's worth it to extract those 5 lines into a __drm_drop_master() helper
> function? I can respin with that if you want. On the master_open/setmaster
> side the shared code is already extracted in drm_new_set_master().

drm_master_put() nullifies, didn't expect that.
-Chris

-- 
Chris Wilson, Intel Open Source Technology Centre

More information about the dri-devel mailing list