Received: by 2002:a05:6358:11c7:b0:104:8066:f915 with SMTP id i7csp3606535rwl; Sun, 2 Apr 2023 11:03:28 -0700 (PDT) X-Google-Smtp-Source: AKy350bkmgFIURxoVSM2kPSCCmQ/LgTik8B2TcSi2EGiePnxACVmEiwT8hk3qOR2++wck12uploN X-Received: by 2002:a17:903:3093:b0:19d:1bc1:ce22 with SMTP id u19-20020a170903309300b0019d1bc1ce22mr29147269plc.5.1680458608658; Sun, 02 Apr 2023 11:03:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1680458608; cv=none; d=google.com; s=arc-20160816; b=yRzKiIqm2Y9UXZkTN/NUiDAP+PDdyOhWwIgU6AEc928mw4f/R3AVshPVWP/TTGJkYB E2/b7i0FIaKuDzQ/KtwcpQPlPJ47Cs2mHtk+YXItGcF788oWe9AtnrTOoqfj38xWZTBU W1AMEziqfx5lydTVmJ6IXfzspsiWlcsqgQGD+rli+bv9idgucU7q0z36E0QyUokvuQmY 7vkidxFKuEx1oC1wmSfhd2ooH58G7US6rjzsbE4nQf73CSgVSRjbSHvjGoOvx7XA6GiX Qcf101xAYqAFAg1+/RBtDtF32sa3Fp+kne9o9fupC9Xyj09SVUZjCIbxz0d1USbCC7N9 1bNw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=5FU7znkHgRy7RwaJykplDRWJkHHglyuoS+m5M0o3rU4=; b=Ae0pn1EkFr0CNxQLPvF7OBF4vdVSFjXNI66tRGKoPCkxiSa+SAS4mR+X6i1wX17lhU 4ZkC3JC5ORdoftT/Z7zNZZ7iVPbO6BeC6hByQHg7u1S0aW/LDTjdGqP0fH3H5R4xQVJ5 PG9rno9+O17NScncpCMvOz1OcVYD272Otf3+s8G9uNvLw0zXpPV5+3fk+hx3m+7fSVLx JEEvZmMNWyyAlZsnIDcxaEOhS+UjNcokGZEMMJBsZSLEZyX2pEWVnpFdTjpk/hUIOPJ2 ux21R7LRC8FCQHoNxALjfob37fMccfg2Mf9aMvteiwz61jFG8MW2l8md6t+hypHSZnfE 0XkA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@collabora.com header.s=mail header.b=IdhoDVHb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=collabora.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w5-20020a170902e88500b001a1af4f6089si6661962plg.155.2023.04.02.11.03.17; Sun, 02 Apr 2023 11:03:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@collabora.com header.s=mail header.b=IdhoDVHb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=collabora.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230418AbjDBRp1 (ORCPT + 99 others); Sun, 2 Apr 2023 13:45:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54372 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229448AbjDBRp0 (ORCPT ); Sun, 2 Apr 2023 13:45:26 -0400 Received: from madras.collabora.co.uk (madras.collabora.co.uk [IPv6:2a00:1098:0:82:1000:25:2eeb:e5ab]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 918DDCDC4 for ; Sun, 2 Apr 2023 10:45:25 -0700 (PDT) Received: from [192.168.2.163] (109-252-124-32.nat.spd-mgts.ru [109.252.124.32]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: dmitry.osipenko) by madras.collabora.co.uk (Postfix) with ESMTPSA id 1CC166602EDC; Sun, 2 Apr 2023 18:45:23 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=collabora.com; s=mail; t=1680457524; bh=LQR9mavIiKKD1Q2f+8uq43FK4M4C09ETxpwD/UcvWp0=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=IdhoDVHb2ZwbrR5Bt8RZj7mnma0Wf1SMHw9eb6adCbETUE8xjL07xb9bvdDHQV7Tr ywWSc46Jn9vKXR+zsyamTXeVG1Oezt7oVRfrdkCuv5TZExjn3MzxW/ZlXrrQVVuzOQ z8VxYvafqCqj97+2JFjJn1LKv3mfmRG7m00WXZEfdLz/P9M11NVgWXwwemlCoeRrxh GJuHF4qba5PftW3e4p9WLvXY8GG3pUAgS3hcxv3KhUC9l1QHOtusNxl989O3HTIg8a U2Dtj+SWl/z2joh7OHomI931kz1NlBZSyjRTvGJsCwrAOUomT3iVtsEcps87aJumpv yh2EBlykfj+Wg== Message-ID: <3618a293-4f61-b076-0a9c-c70812436431@collabora.com> Date: Sun, 2 Apr 2023 20:45:19 +0300 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.9.0 Subject: Re: [PATCH v4 2/2] drm/virtio: Support sync objects Content-Language: en-US To: Emil Velikov Cc: David Airlie , Gerd Hoffmann , Gurchetan Singh , Chia-I Wu , Daniel Vetter , Rob Clark , =?UTF-8?B?TWFyZWsgT2zFocOhaw==?= , Pierre-Eric Pelloux-Prayer , dri-devel@lists.freedesktop.org, linux-kernel@vger.kernel.org, kernel@collabora.com, virtualization@lists.linux-foundation.org References: <20230323230755.1094832-1-dmitry.osipenko@collabora.com> <20230323230755.1094832-3-dmitry.osipenko@collabora.com> From: Dmitry Osipenko In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-2.6 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 3/30/23 20:24, Emil Velikov wrote: > Hi Dmitry, > > Have you considered creating a few DRM helpers for this functionality? > > AFAICT this is the third driver which supports syncobj timelines and > looking at one of the implementations ... it is not great. Note that > this suggestion is _not_ a blocker. Would like to see a third driver starting to use the exactly same drm_execbuffer_syncobj struct because UABI part isn't generic, though it's a replica of the MSM driver for now. The virtio-gpu is only at the beginning of starting to use sync objects, compared to MSM driver. Will be better to defer the generalization until virtio-gpu will become more mature, like maybe after a year since the time virtio userspace will start using sync objects, IMO. ... >> +static void virtio_gpu_reset_syncobjs(struct drm_syncobj **syncobjs, >> + uint32_t nr_syncobjs) >> +{ >> + uint32_t i; >> + >> + for (i = 0; i < nr_syncobjs; i++) { >> + if (syncobjs[i]) >> + drm_syncobj_replace_fence(syncobjs[i], NULL); > > Side note: the drm_syncobj_put() called immediately after also calls > replace/reset fence internally. Although reading from the docs, I'm not > sure if relying on that is a wise move. > > Just thought I'd point it out. The drm_syncobj_put() doesn't call replace/reset fence until syncobj is freed. We drop the old fence for active/alive in-syncobj here after handling the fence-wait, this makes syncobj reusable, otherwise userpsace would have to re-create syncobjs after each submission. >> >> + ret = virtio_gpu_parse_deps(&submit); >> + if (ret) >> + goto cleanup; >> + >> + ret = virtio_gpu_parse_post_deps(&submit); >> + if (ret) >> + goto cleanup; >> + > > I think we should zero num_(in|out)_syncobjs when the respective parse > fails. Otherwise we get one "cleanup" within the parse function itself > and a second during the cleanup_submit. Haven't looked at it too closely > but I suspect that will trigger an UAF or two. There are checks for NULL pointers in the code that will prevent the UAF. I'll add zeroing of the nums for more consistency. >> ret = virtio_gpu_install_out_fence_fd(&submit); >> if (ret) >> goto cleanup; >> @@ -294,6 +512,7 @@ int virtio_gpu_execbuffer_ioctl(struct drm_device *dev, void *data, >> goto cleanup; >> >> virtio_gpu_submit(&submit); >> + virtio_gpu_process_post_deps(&submit); > > Any particular reason why the virtio_gpu_reset_syncobjs is deferred to > virtio_gpu_cleanup_submit(). Having it just above the process_post_deps > (similar to msm) allows the reader to get closure about the in syncobjs. > > This is just personal preference, so don't read too much into it. The job submission path should be short as possible in general. Technically, virtio_gpu_process_post_deps() should be fast, but since I'm not 100% sure about all the corner cases, it's better to hold until job is sent out. Thank you very much for the review! I'll address the rest of comments in v5. -- Best regards, Dmitry