On Wed, Jun 15, 2016 at 01:10:35PM +0100, Chris Wilson wrote:
> On Tue, Jun 14, 2016 at 08:51:07PM +0200, Daniel Vetter wrote:
> > There can only be one current master, and it's for the overall device.
> > Render/control minors don't support master-based auth at all.
> >
> > This simplifies the master logic a lot, at least in my eyes: All these
> > additional pointer chases are just confusing.
>
> One master for the device, on the struct drm_device, as opposed to hidden
> behind the first of three minors, makes sense.
>
> > @@ -128,13 +128,13 @@ static int drm_new_set_master(struct drm_device *dev,
> > struct drm_file *fpriv)
> > lockdep_assert_held_once(&dev->master_mutex);
> >
> > /* create a new master */
> > - fpriv->minor->master = drm_master_create(fpriv->minor->dev);
> > - if (!fpriv->minor->master)
> > + dev->master = drm_master_create(dev);
> > + if (!dev->master)
> > return -ENOMEM;
> >
> > /* take another reference for the copy in the local file priv */
> > old_master = fpriv->master;
> > - fpriv->master = drm_master_get(fpriv->minor->master);
> > + fpriv->master = drm_master_get(dev->master);
> >
> > if (dev->driver->master_create) {
> > ret = dev->driver->master_create(dev, fpriv->master);
>
> > @@ -234,10 +234,10 @@ int drm_master_open(struct drm_file *file_priv)
> > /* if there is no current master make this fd it, but do not create
> > * any master object for render clients */
> > mutex_lock(&dev->master_mutex);
> > - if (!file_priv->minor->master)
> > + if (!dev->master)
> > ret = drm_new_set_master(dev, file_priv);
> > else
> > - file_priv->master = drm_master_get(file_priv->minor->master);
> > + file_priv->master = drm_master_get(dev->master);
> > mutex_unlock(&dev->master_mutex);
>
> You could take the opportunity to make this a bit simpler:
>
> if (!READ_ONCE(dev->master)) {
> int ret;
>
> ret = 0;
> mutex_lock(&dev->master_mutex);
> if (!dev->master)
> ret = drm_new_master(dev);
> mutex_unlock(&dev->master_mutex);
> if (ret)
> return ret;
> }
>
> file_priv->master = drm_master_get(dev->master);
drm_master_get(dev->master) must be under the master_mutex, without it we
could race with a drm_master_put(&dev->master) and end up doing a kref_get
when the refcount already reached 0.
> return 0;
>
> Just to straighten out the kref dance.
>
> >
> > return ret;
> > @@ -271,11 +271,11 @@ void drm_master_release(struct drm_file *file_priv)
> > mutex_unlock(&dev->struct_mutex);
> > }
> >
> > - if (file_priv->minor->master == file_priv->master) {
> > + if (dev->master == file_priv->master) {
> > /* drop the reference held my the minor */
> > if (dev->driver->master_drop)
> > dev->driver->master_drop(dev, file_priv, true);
> > - drm_master_put(&file_priv->minor->master);
> > + drm_master_put(&dev->master);
>
> This still makes me uneasy. This is not equivalent to dropmaster_ioctl
> and subsequent setmaster_ioctl will fail as dev->master is still
> assigned (but the owner has gone).
drm_master_put clears the pointer passed to it, so dev->master will be set
to NULL. And it does the same as drop_master (wrt dev->master at least,
master_release also needs to clean up file_priv->master on top). Not sure
it's worth it to extract those 5 lines into a __drm_drop_master() helper
function? I can respin with that if you want. On the master_open/setmaster
side the shared code is already extracted in drm_new_set_master().
-Daniel
--
Daniel Vetter
Software Engineer, Intel Corporation
http://blog.ffwll.ch
