Commit bc1a4130 authored by Gurchetan Singh's avatar Gurchetan Singh Committed by Gerd Hoffmann
Browse files

drm/virtio: add case for shmem objects in virtio_gpu_cleanup_object(..) 



This function can be reused for hostmem objects.

v2: move virtio_gpu_is_shmem() check to virtio_gpu_cleanup_object()
v3: use-after free fix

Signed-off-by: default avatarGurchetan Singh <gurchetansingh@chromium.org>
Link: http://patchwork.freedesktop.org/patch/msgid/20200305013212.130640-2-gurchetansingh@chromium.org


Signed-off-by: default avatarGerd Hoffmann <kraxel@redhat.com>
parent f651c8b0

drivers/gpu/drm/virtio/virtgpu_drv.h

+1 −1
Original line number Original line Diff line number Diff line
@@ -371,7 +371,7 @@ int virtio_gpu_object_create(struct virtio_gpu_device *vgdev, 
			     struct virtio_gpu_object **bo_ptr,

			     struct virtio_gpu_object **bo_ptr,

			     struct virtio_gpu_fence *fence);

			     struct virtio_gpu_fence *fence);





bool virtio_gpu_is_shmem(struct drm_gem_object *obj);

bool virtio_gpu_is_shmem(struct virtio_gpu_object *bo);





/* virtgpu_prime.c */

/* virtgpu_prime.c */

struct drm_gem_object *virtgpu_gem_prime_import_sg_table(

struct drm_gem_object *virtgpu_gem_prime_import_sg_table(

drivers/gpu/drm/virtio/virtgpu_object.c

+19 −14
Original line number Original line Diff line number Diff line
@@ -65,6 +65,9 @@ static void virtio_gpu_resource_id_put(struct virtio_gpu_device *vgdev, uint32_t 
void virtio_gpu_cleanup_object(struct virtio_gpu_object *bo)

void virtio_gpu_cleanup_object(struct virtio_gpu_object *bo)

{

{

	struct virtio_gpu_device *vgdev = bo->base.base.dev->dev_private;

	struct virtio_gpu_device *vgdev = bo->base.base.dev->dev_private;



	virtio_gpu_resource_id_put(vgdev, bo->hw_res_handle);

	if (virtio_gpu_is_shmem(bo)) {

		struct virtio_gpu_object_shmem *shmem = to_virtio_gpu_shmem(bo);

		struct virtio_gpu_object_shmem *shmem = to_virtio_gpu_shmem(bo);





		if (shmem->pages) {

		if (shmem->pages) {
@@ -74,13 +77,15 @@ void virtio_gpu_cleanup_object(struct virtio_gpu_object *bo) 
					     DMA_TO_DEVICE);

					     DMA_TO_DEVICE);

				shmem->mapped = 0;

				shmem->mapped = 0;

			}

			}



			sg_free_table(shmem->pages);

			sg_free_table(shmem->pages);

			shmem->pages = NULL;

			shmem->pages = NULL;

			drm_gem_shmem_unpin(&bo->base.base);

			drm_gem_shmem_unpin(&bo->base.base);

		}

		}

	virtio_gpu_resource_id_put(vgdev, bo->hw_res_handle);



		drm_gem_shmem_free_object(&bo->base.base);

		drm_gem_shmem_free_object(&bo->base.base);

	}

	}

}





static void virtio_gpu_free_object(struct drm_gem_object *obj)

static void virtio_gpu_free_object(struct drm_gem_object *obj)

{

{
@@ -110,9 +115,9 @@ static const struct drm_gem_object_funcs virtio_gpu_shmem_funcs = { 
	.mmap = drm_gem_shmem_mmap,

	.mmap = drm_gem_shmem_mmap,

};

};





bool virtio_gpu_is_shmem(struct drm_gem_object *obj)

bool virtio_gpu_is_shmem(struct virtio_gpu_object *bo)

{

{

	return obj->funcs == &virtio_gpu_shmem_funcs;

	return bo->base.base.funcs == &virtio_gpu_shmem_funcs;

}

}





struct drm_gem_object *virtio_gpu_create_object(struct drm_device *dev,

struct drm_gem_object *virtio_gpu_create_object(struct drm_device *dev,

CRA Git | Maintained and supported by SUSTech CRA and CCSE