Re: [PATCH v3] drm/gem: Internally test import_attach for imported objects

Wed, 16 Apr 2025 01:00:28 -0700 

On Wed, 16 Apr 2025 08:57:45 +0200
Thomas Zimmermann <[email protected]> wrote:

> Test struct drm_gem_object.import_attach to detect imported objects.
> 
> During object clenanup, the dma_buf field might be NULL. Testing it in
> an object's free callback then incorrectly does a cleanup as for native

Just pointing it for completeness: this happens even outside the free
callback, because the GEM handle lifetime (time userspace holds this
GEM object) might differ from the GEM lifetime itself (KMD might have
refs to the GEM after the handle is released).

> objects. Happens for calls to drm_mode_destroy_dumb_ioctl() that
> clears the dma_buf field in drm_gem_object_exported_dma_buf_free().

Also happens when the GEM handle is released, which is the case we were
hitting in Panthor.

> 
> v3:
> - only test for import_attach (Boris)

Reviewed-by: Boris Brezillon <[email protected]>

> v2:
> - use import_attach.dmabuf instead of dma_buf (Christian)
> 
> Signed-off-by: Thomas Zimmermann <[email protected]>
> Fixes: b57aa47d39e9 ("drm/gem: Test for imported GEM buffers with helper")
> Reported-by: Andy Yan <[email protected]>
> Closes: 
> https://lore.kernel.org/dri-devel/[email protected]/
> Tested-by: Andy Yan <[email protected]>
> Cc: Thomas Zimmermann <[email protected]>
> Cc: Anusha Srivatsa <[email protected]>
> Cc: Christian König <[email protected]>
> Cc: Maarten Lankhorst <[email protected]>
> Cc: Maxime Ripard <[email protected]>
> Cc: David Airlie <[email protected]>
> Cc: Simona Vetter <[email protected]>
> Cc: Sumit Semwal <[email protected]>
> Cc: "Christian König" <[email protected]>
> Cc: [email protected]
> Cc: [email protected]
> Cc: [email protected]
> ---
>  include/drm/drm_gem.h | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/include/drm/drm_gem.h b/include/drm/drm_gem.h
> index 9b71f7a9f3f8..a3133a08267c 100644
> --- a/include/drm/drm_gem.h
> +++ b/include/drm/drm_gem.h
> @@ -588,8 +588,7 @@ static inline bool 
> drm_gem_object_is_shared_for_memory_stats(struct drm_gem_obje
>   */
>  static inline bool drm_gem_is_imported(const struct drm_gem_object *obj)
>  {
> -     /* The dma-buf's priv field points to the original GEM object. */
> -     return obj->dma_buf && (obj->dma_buf->priv != obj);
> +     return !!obj->import_attach;
>  }
>  
>  #ifdef CONFIG_LOCKDEP

Reply via email to