On Thu, Oct 08, 2020 at 01:23:39PM +0200, Christian König wrote:
> Add the new vma_set_file() function to allow changing
> vma->vm_file with the necessary refcount dance.
>
> v2: add more users of this.
>
> Signed-off-by: Christian König <christian.koe...@amd.com>
> ---
> drivers/dma-buf/dma-buf.c | 16 +++++-----------
> drivers/gpu/drm/etnaviv/etnaviv_gem.c | 4 +---
> drivers/gpu/drm/i915/gem/i915_gem_dmabuf.c | 3 +--
> drivers/gpu/drm/i915/gem/i915_gem_mman.c | 4 ++--
> drivers/gpu/drm/msm/msm_gem.c | 4 +---
> drivers/gpu/drm/omapdrm/omap_gem.c | 3 +--
> drivers/gpu/drm/vgem/vgem_drv.c | 3 +--
> drivers/staging/android/ashmem.c | 5 ++---
> include/linux/mm.h | 2 ++
> mm/mmap.c | 16 ++++++++++++++++
> 10 files changed, 32 insertions(+), 28 deletions(-)
>
> diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c
> index a6ba4d598f0e..e4316aa7e0f4 100644
> --- a/drivers/dma-buf/dma-buf.c
> +++ b/drivers/dma-buf/dma-buf.c
> @@ -1163,20 +1163,14 @@ int dma_buf_mmap(struct dma_buf *dmabuf, struct
> vm_area_struct *vma,
> return -EINVAL;
>
> /* readjust the vma */
> - get_file(dmabuf->file);
> - oldfile = vma->vm_file;
> - vma->vm_file = dmabuf->file;
> + oldfile = vma_set_file(vma, dmabuf->file);
> vma->vm_pgoff = pgoff;
>
> ret = dmabuf->ops->mmap(dmabuf, vma);
> - if (ret) {
> - /* restore old parameters on failure */
> - vma->vm_file = oldfile;
> - fput(dmabuf->file);
> - } else {
> - if (oldfile)
> - fput(oldfile);
> - }
> + /* restore old parameters on failure */
> + if (ret)
> + vma_set_file(vma, oldfile);
I think these two lines here are cargo-cult: If this fails, the mmap fails
and therefore the vma structure is kfreed. No point at all in restoring
anything.
With that: Reviewed-by: Daniel Vetter <daniel.vet...@ffwll.ch>
> +
> return ret;
>
> }
> diff --git a/drivers/gpu/drm/etnaviv/etnaviv_gem.c
> b/drivers/gpu/drm/etnaviv/etnaviv_gem.c
> index 312e9d58d5a7..10ce267c0947 100644
> --- a/drivers/gpu/drm/etnaviv/etnaviv_gem.c
> +++ b/drivers/gpu/drm/etnaviv/etnaviv_gem.c
> @@ -145,10 +145,8 @@ static int etnaviv_gem_mmap_obj(struct
> etnaviv_gem_object *etnaviv_obj,
> * address_space (so unmap_mapping_range does what we want,
> * in particular in the case of mmap'd dmabufs)
> */
> - fput(vma->vm_file);
> - get_file(etnaviv_obj->base.filp);
> vma->vm_pgoff = 0;
> - vma->vm_file = etnaviv_obj->base.filp;
> + vma_set_file(vma, etnaviv_obj->base.filp);
>
> vma->vm_page_prot = vm_page_prot;
> }
> diff --git a/drivers/gpu/drm/i915/gem/i915_gem_dmabuf.c
> b/drivers/gpu/drm/i915/gem/i915_gem_dmabuf.c
> index fec0e1e3dc3e..8ce4c9e28b87 100644
> --- a/drivers/gpu/drm/i915/gem/i915_gem_dmabuf.c
> +++ b/drivers/gpu/drm/i915/gem/i915_gem_dmabuf.c
> @@ -119,8 +119,7 @@ static int i915_gem_dmabuf_mmap(struct dma_buf *dma_buf,
> struct vm_area_struct *
> if (ret)
> return ret;
>
> - fput(vma->vm_file);
> - vma->vm_file = get_file(obj->base.filp);
> + vma_set_file(vma, obj->base.filp);
>
> return 0;
> }
> diff --git a/drivers/gpu/drm/i915/gem/i915_gem_mman.c
> b/drivers/gpu/drm/i915/gem/i915_gem_mman.c
> index 3d69e51f3e4d..c9d5f1a38af3 100644
> --- a/drivers/gpu/drm/i915/gem/i915_gem_mman.c
> +++ b/drivers/gpu/drm/i915/gem/i915_gem_mman.c
> @@ -893,8 +893,8 @@ int i915_gem_mmap(struct file *filp, struct
> vm_area_struct *vma)
> * requires avoiding extraneous references to their filp, hence why
> * we prefer to use an anonymous file for their mmaps.
> */
> - fput(vma->vm_file);
> - vma->vm_file = anon;
> + vma_set_file(vma, anon);
> + fput(anon);
>
> switch (mmo->mmap_type) {
> case I915_MMAP_TYPE_WC:
> diff --git a/drivers/gpu/drm/msm/msm_gem.c b/drivers/gpu/drm/msm/msm_gem.c
> index de915ff6f4b4..a71f42870d5e 100644
> --- a/drivers/gpu/drm/msm/msm_gem.c
> +++ b/drivers/gpu/drm/msm/msm_gem.c
> @@ -223,10 +223,8 @@ int msm_gem_mmap_obj(struct drm_gem_object *obj,
> * address_space (so unmap_mapping_range does what we want,
> * in particular in the case of mmap'd dmabufs)
> */
> - fput(vma->vm_file);
> - get_file(obj->filp);
> vma->vm_pgoff = 0;
> - vma->vm_file = obj->filp;
> + vma_set_file(vma, obj->filp);
>
> vma->vm_page_prot = vm_get_page_prot(vma->vm_flags);
> }
> diff --git a/drivers/gpu/drm/omapdrm/omap_gem.c
> b/drivers/gpu/drm/omapdrm/omap_gem.c
> index 979d53a93c2b..0d4542ff1d7d 100644
> --- a/drivers/gpu/drm/omapdrm/omap_gem.c
> +++ b/drivers/gpu/drm/omapdrm/omap_gem.c
> @@ -564,9 +564,8 @@ int omap_gem_mmap_obj(struct drm_gem_object *obj,
> * address_space (so unmap_mapping_range does what we want,
> * in particular in the case of mmap'd dmabufs)
> */
> - fput(vma->vm_file);
> vma->vm_pgoff = 0;
> - vma->vm_file = get_file(obj->filp);
> + vma_set_file(vma, obj->filp);
>
> vma->vm_page_prot = vm_get_page_prot(vma->vm_flags);
> }
> diff --git a/drivers/gpu/drm/vgem/vgem_drv.c b/drivers/gpu/drm/vgem/vgem_drv.c
> index fa54a6d1403d..ea0eecae5153 100644
> --- a/drivers/gpu/drm/vgem/vgem_drv.c
> +++ b/drivers/gpu/drm/vgem/vgem_drv.c
> @@ -397,8 +397,7 @@ static int vgem_prime_mmap(struct drm_gem_object *obj,
> if (ret)
> return ret;
>
> - fput(vma->vm_file);
> - vma->vm_file = get_file(obj->filp);
> + vma_set_file(vma, obj->filp);
> vma->vm_flags |= VM_DONTEXPAND | VM_DONTDUMP;
> vma->vm_page_prot =
> pgprot_writecombine(vm_get_page_prot(vma->vm_flags));
>
> diff --git a/drivers/staging/android/ashmem.c
> b/drivers/staging/android/ashmem.c
> index 10b4be1f3e78..a51dc089896e 100644
> --- a/drivers/staging/android/ashmem.c
> +++ b/drivers/staging/android/ashmem.c
> @@ -450,9 +450,8 @@ static int ashmem_mmap(struct file *file, struct
> vm_area_struct *vma)
> vma_set_anonymous(vma);
> }
>
> - if (vma->vm_file)
> - fput(vma->vm_file);
> - vma->vm_file = asma->file;
> + vma_set_file(vma, asma->file);
> + fput(asma->file);
>
> out:
> mutex_unlock(&ashmem_mutex);
> diff --git a/include/linux/mm.h b/include/linux/mm.h
> index ca6e6a81576b..a558602afe1b 100644
> --- a/include/linux/mm.h
> +++ b/include/linux/mm.h
> @@ -2693,6 +2693,8 @@ static inline void vma_set_page_prot(struct
> vm_area_struct *vma)
> }
> #endif
>
> +struct file *vma_set_file(struct vm_area_struct *vma, struct file *file);
> +
> #ifdef CONFIG_NUMA_BALANCING
> unsigned long change_prot_numa(struct vm_area_struct *vma,
> unsigned long start, unsigned long end);
> diff --git a/mm/mmap.c b/mm/mmap.c
> index 40248d84ad5f..d3c3c510f643 100644
> --- a/mm/mmap.c
> +++ b/mm/mmap.c
> @@ -136,6 +136,22 @@ void vma_set_page_prot(struct vm_area_struct *vma)
> WRITE_ONCE(vma->vm_page_prot, vm_page_prot);
> }
>
> +/*
> + * Change backing file, only valid to use during initial VMA setup.
> + */
> +struct file *vma_set_file(struct vm_area_struct *vma, struct file *file)
> +{
> + if (file)
> + get_file(file);
> +
> + swap(vma->vm_file, file);
> +
> + if (file)
> + fput(file);
> +
> + return file;
> +}
> +
> /*
> * Requires inode->i_mapping->i_mmap_rwsem
> */
> --
> 2.17.1
>
--
Daniel Vetter
Software Engineer, Intel Corporation
http://blog.ffwll.ch
