Commit Graph

377 Commits

Author SHA1 Message Date
Thomas Hellstrom
cbd75e97a5 drm/vmwgfx: Make sure user-space can't DMA across buffer object boundaries v2
We already check that the buffer object we're accessing is registered with
the file. Now also make sure that we can't DMA across buffer object boundaries.

v2: Code commenting update.

Cc: stable@vger.kernel.org
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2014-04-24 08:45:25 +02:00
Christopher Friedt
aa6de142c9 drm/vmwgfx: correct fb_fix_screeninfo.line_length
Previously, the vmwgfx_fb driver would allow users to call FBIOSET_VINFO, but it would not adjust
the FINFO properly, resulting in distorted screen rendering. The patch corrects that behaviour.

See https://bugs.gentoo.org/show_bug.cgi?id=494794 for examples.

Cc: stable@vger.kernel.org
Signed-off-by: Christopher Friedt <chrisfriedt@gmail.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
2014-04-03 09:34:06 +02:00
Thomas Hellstrom
89dcbda65c drm/vmwgfx: Remove authorization requirements around some more ioctls
These ioctls require a valid handle referenced by the caller to succeed,
which implies that the caller has or has had sufficient privileges.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
2014-04-03 09:31:38 +02:00
Thomas Hellstrom
c8e5e010ef drm/vmwgfx: Fix query buffer locking order violation
The query buffers were reserved while holding the binding mutex, which
caused a circular locking dependency.

Cc: stable@vger.kernel.org
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
2014-04-03 09:31:37 +02:00
Matt Roper
f4510a2752 drm: Replace crtc fb with primary plane fb (v3)
Now that CRTC's have a primary plane, there's no need to track the
framebuffer in the CRTC.  Replace all references to the CRTC fb with the
primary plane's fb.

This patch was generated by the Coccinelle semantic patching tool using
the following rules:

        @@ struct drm_crtc C; @@
        -   (C).fb
        +   C.primary->fb

        @@ struct drm_crtc *C; @@
        -   (C)->fb
        +   C->primary->fb

v3: Generate patch via coccinelle.  Actual removal of crtc->fb has been
    moved to a subsequent patch.

v2: Fixup several lingering crtc->fb instances that were missed in the
    first patch iteration.  [Rob Clark]

Signed-off-by: Matt Roper <matthew.d.roper@intel.com>
Reviewed-by: Rob Clark <robdclark@gmail.com>
2014-04-01 20:18:28 -04:00
Thomas Hellstrom
03c5b8f077 drm/vmwgfx: Bump driver minor and date
Signal availability of prime fd reference ioctls and render nodes.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
2014-03-28 14:19:05 +01:00
Thomas Hellstrom
03f802636b drm/vmwgfx: Enable render nodes
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
2014-03-28 14:19:04 +01:00
Thomas Hellstrom
f6dfe73abf drm/vmwgfx: Tighten the security around buffer maps
Make sure only buffer objects that are referenced by the client can be mapped.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
2014-03-28 14:19:04 +01:00
Thomas Hellstrom
6d10aab8f0 drm/vmwgfx: Tighten security around surface sharing v2
If using legacy (non-prime) surface sharing, only allow surfaces
to be shared between clients with the same master. This will block
malicious clients from peeking at contents at surfaces from other
(possibly vt-switched) masters.

v2:
s/legacy_client/primary_client/

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
2014-03-28 14:19:03 +01:00
Thomas Hellstrom
adebcb20e4 drm/vmwgfx: Allow prime fds in the surface reference ioctls
Allow prime fds and at the same time block legacy handles for render-nodes
in the surface reference ioctls. This means these ioctls can be used
directly from prime-aware clients, and that they can be called from
render-nodes.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
2014-03-28 14:19:03 +01:00
Thomas Hellstrom
4649926d04 drm/vmwgfx: Drop authentication requirement on UNREF ioctls
These ioctls will anyway only succeed if the client previously opened
referenced the object. Furthermore, closing the client would implicitly
execute the same action. This prevents clients from blocking on UNREF if
their master dropped, and will allow masters to UNREF after dropping
master privileges.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
2014-03-28 14:19:03 +01:00
Thomas Hellstrom
64190bded3 drm/vmwgfx: Reinstate and tighten security around legacy master model
The following restrictions affect clients connecting using legacy nodes:

*) Masters that have dropped master privilieges are not considered
   authenticated until they regain master privileges.
*) Clients whose master have dropped master privileges block interruptibly on
   ioctls  requiring authentication until their master regains master
   privileges. If their master exits, they are killed.

This is primarily designed to prevent clients authenticated with one master to
access data from clients authenticated with another master.
(Think fast user-switching or data sniffers enabled while X is vt-switched).

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
2014-03-28 14:19:03 +01:00
Thomas Hellstrom
294adf7d86 drm/vmwgfx: Use a per-device semaphore for reservation protection
Don't use a per-master semaphore (ttm lock) for reservation protection, but
rather a per-device semaphore. This is needed since clients connecting using
render nodes aren't master aware.

The ttm lock used should probably be replaced with a reader-write semaphore
once the function down_xx_interruptible() is available.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
2014-03-28 14:19:02 +01:00
Dave Airlie
d1583c9997 Merge branch 'drm-next' of git://people.freedesktop.org/~dvdhrm/linux into drm-next
This is the 3rd respin of the drm-anon patches. They allow module unloading, use
the pin_fs_* helpers recommended by Al and are rebased on top of drm-next. Note
that there are minor conflicts with the "drm-minor" branch.

* 'drm-next' of git://people.freedesktop.org/~dvdhrm/linux:
  drm: init TTM dev_mapping in ttm_bo_device_init()
  drm: use anon-inode instead of relying on cdevs
  drm: add pseudo filesystem for shared inodes
2014-03-18 19:17:02 +10:00
David Herrmann
44d847b743 drm: init TTM dev_mapping in ttm_bo_device_init()
With dev->anon_inode we have a global address_space ready for operation
right from the beginning. Therefore, there is no need to do a delayed
setup with TTM. Instead, set dev_mapping during initialization in
ttm_bo_device_init() and remove any "if (dev_mapping)" conditions.

Cc: Dave Airlie <airlied@redhat.com>
Cc: Ben Skeggs <bskeggs@redhat.com>
Cc: Maarten Lankhorst <maarten.lankhorst@canonical.com>
Cc: Alex Deucher <alexdeucher@gmail.com>
Cc: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
2014-03-16 12:23:42 +01:00
David Herrmann
6796cb16c0 drm: use anon-inode instead of relying on cdevs
DRM drivers share a common address_space across all character-devices of a
single DRM device. This allows simple buffer eviction and mapping-control.
However, DRM core currently waits for the first ->open() on any char-dev
to mark the underlying inode as backing inode of the device. This delayed
initialization causes ugly conditions all over the place:
  if (dev->dev_mapping)
    do_sth();

To avoid delayed initialization and to stop reusing the inode of the
char-dev, we allocate an anonymous inode for each DRM device and reset
filp->f_mapping to it on ->open().

Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
2014-03-16 12:23:33 +01:00
Thomas Hellstrom
4b0c82529b drm/vmwgfx: Fix a surface reference corner-case in legacy emulation mode
If running on a gb-object capable device with a non-gb capable surface
exporter (X server) and a gb capable surface referencing client (GL driver),
the referencing client expects to find a shareable backing buffer attached to
the surface at reference time. This may not be the case if the surface has
not yet been validated. This would cause the surface reference IOCTL to
return an error.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2014-03-13 07:51:32 +01:00
Alexey Khoroshilov
6950e23e54 drm/vmwgfx: avoid null pointer dereference at failure paths
vmw_takedown_otable_base() and vmw_mob_unbind() check for
potential vmw_fifo_reserve() failure and print error message,
but then immediately dereference NULL pointer.

Found by Linux Driver Verification project (linuxtesting.org).

Signed-off-by: Alexey Khoroshilov <khoroshilov@ispras.ru>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
2014-03-02 09:49:59 +01:00
Thomas Hellstrom
a34417f6be drm/vmwgfx: Make sure backing mobs are cleared when allocated. Update driver date.
Backing mob contents is propagated to user-space, so make sure backing
mobs are cleared when allocated. This also accidently fix rendering errors
with celestia when emulating legacy mode.

Also update driver date.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
2014-03-02 09:43:40 +01:00
Thomas Hellstrom
ae2045694b drm/vmwgfx: Remove some unused surface formats
These formats are deprecated.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
2014-03-02 09:42:53 +01:00
Thomas Hellstrom
36e952c1ed drm/vmwgfx: Fix command defines and checks
Make sure all guest-backed object commands are properly packed.
Have the command verifier treat uninitialized command entries as invalid
rather than dereferencing NULL pointers.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2014-02-12 19:31:45 +01:00
Thomas Hellstrom
b055211d94 drm/vmwgfx: Fix possible integer overflow
Cc: stable@vger.kernel.org
Reported-by: Brian Paul <brianp@vmware.com>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2014-02-12 19:30:45 +01:00
Thomas Hellstrom
4fbd9d2ec2 drm/vmwgfx: Remove stray const
Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2014-02-12 14:16:44 +01:00
Dan Carpenter
b2ad9881d6 drm/vmwgfx: unlock on error path in vmw_execbuf_process()
There is a missing unlock on error here.

Fixes: 30f82d816d ('drm/vmwgfx: Reemit context bindings when necessary v2')
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
2014-02-12 12:22:25 +01:00
Charmaine Lee
857aea1c57 drm/vmwgfx: Get maximum mob size from register SVGA_REG_MOB_MAX_SIZE
This patch queries the register SVGA_REG_MOB_MAX_SIZE for the
maximum size of a single mob.

Signed-off-by: Charmaine Lee <charmainel@vmware.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
2014-02-12 12:17:00 +01:00
Thomas Hellstrom
8e67bbbc51 drm/vmwgfx: Fix a couple of sparse warnings and errors
Introduced with 3.14-rc1

Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2014-02-12 12:01:11 +01:00
Dave Jones
cd9a21a831 vmwgfx: Fix unitialized stack read in vmw_setup_otable_base
One of the error paths in vmw_setup_otable_base causes us to return with
'ret' having never been set to anything causing us to return whatever was
on the stack.

Found with Coverity

Signed-off-by: Dave Jones <davej@fedoraproject.org>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
2014-02-05 08:52:34 +01:00
Thomas Hellstrom
30f82d816d drm/vmwgfx: Reemit context bindings when necessary v2
When a context is first referenced in the command stream, make sure that all
scrubbed (as a result of eviction) bindings are re-emitted. Also make sure that
all bound resources are put on the resource validate list.

This is needed for legacy emulation, since legacy user-space drivers will
typically not re-emit shader bindings. It also removes the requirement for
user-space drivers to re-emit render-target- and texture bindings.

Makes suspend and hibernate now also work with legacy user-space drivers on
guest-backed devices.

v2: Don't rebind on legacy devices.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2014-02-05 08:41:58 +01:00
Thomas Hellstrom
a6fc955ff9 drm/vmwgfx: Detect old user-space drivers and set up legacy emulation v2
GB aware mesa userspace drivers are detected by the fact that they are
calling the vmw getparam ioctl querying DRM_VMW_PARAM_HW_CAPS to detect
whether the device is Guest-backed object capable. For other drivers,
lie about hardware version and send the 3D capabilities in a format they
expect.

v2:
Use DRM_VMW_PARAM_MAX_MOB_MEMORY to detect gb awareness,
Make sure we don't ovwerwrite bounce buffer or write past user-space buffer
indicated size.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2014-02-05 08:41:44 +01:00
Thomas Hellstrom
d5bde95663 drm/vmwgfx: Emulate legacy shaders on guest-backed devices v2
Command stream legacy shader creation and destruction is replaced by
NOPs in the command stream, and instead guest-backed shaders are created
and destroyed as part of the command validation process.

v2: Removed some stray debug messages.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2014-02-05 08:39:19 +01:00
Thomas Hellstrom
c1a21373d2 drm/vmwgfx: Fix legacy surface reference size copyback
Surfaces created using the guest-backed surface interface only keeps the
base mip size, so only copy that if the legacy surface reference
ioctl requests the size information.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2014-02-05 08:38:03 +01:00
Thomas Hellstrom
0ccbbae43c drm/vmwgfx: Fix SET_SHADER_CONST emulation on guest-backed devices
Emulate the SET_SHADER_CONST legacy command on guest-backed devices by
issuing a SET_GB_SHADERCONSTS_INLINE command.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2014-02-05 08:37:05 +01:00
Thomas Hellstrom
cf5e341333 drm/vmwgfx: Fix regression caused by "drm/ttm: make ttm reservation calls behave like reservation calls"
The call to ttm_eu_backoff_reservation() as part of an error path would cause
a lock imbalance if the reservation ticket was not initialized. This error is
easily triggered from user-space by submitting a bogus command stream.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
Cc: stable@vger.kernel.org
Cc: Maarten Lankhorst <maarten.lankhorst@canonical.com>
Cc: Jerome Glisse <jglisse@redhat.com>
Cc: Dave Airlie <airlied@redhat.com>
2014-02-05 08:36:11 +01:00
Thomas Hellstrom
76c7d18bcd drm/vmwgfx: Don't commit staged bindings if execbuf fails
If execbuf fails and binding commands are never sent to the device,
don't commit the staged context bindings to the tracker.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2014-02-05 08:35:09 +01:00
Thomas Hellstrom
3e894a6259 drm/vmwgfx: Fix recently introduced sparse / smatch warnings and errors
Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrant <jakob@vmware.com>
2014-01-21 13:22:18 +01:00
Jakob Bornecrantz
1985f99987 drm/vmwgfx: Invalidate surface on non-readback unbind
Fixes error messages in vmware.log

Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Reviewed-by: Michael Banack <banackm@vmware.com>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
2014-01-17 09:12:26 +01:00
Thomas Hellstrom
96b43626a5 drm/vmwgfx: Silence the device command verifier
The device and kernel module disagrees about the command length of
some commands. More pack attributes might be needed.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
2014-01-17 07:52:41 +01:00
Thomas Hellstrom
f2a0dcb1aa drm/vmwgfx: Implement 64-bit Otable- and MOB binding v2
Adds the relevant commands to the device interface header and
implements 64-bit binding for 64 bit VMs.

v2: Uppercase command IDs, Correctly use also 64 bit page tables.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2014-01-17 07:52:40 +01:00
Thomas Hellstrom
b360a3cecd drm/vmwgfx: Fix surface framebuffer check for guest-backed surfaces
With guest-backed surfaces, surface->sizes == NULL, causing a kernel oops.
Use the base_size member instead.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
2014-01-17 07:52:39 +01:00
Thomas Hellstrom
7cba9062e6 drm/vmwgfx: Update otable definitions
Update otable definitions and modify the otable setup code
accordingly.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
2014-01-17 07:52:38 +01:00
Thomas Hellstrom
0fd53cfb09 drm/vmwgfx: Use the linux DMA api also for MOBs
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
2014-01-17 07:52:38 +01:00
Thomas Hellstrom
4b9e45e68f drm/vmwgfx: Ditch the vmw_dummy_query_bo_prepare function
Combine it with vmw_dummy_query_bo_create, and also make sure
we use tryreserve when reserving the bo to avoid any lockdep warnings
We are sure the tryreserve will always succeed since we are
the only users at that point.
In addition, allow the vmw_bo_pin function to pin/unpin system memory.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2014-01-17 07:52:37 +01:00
Thomas Hellstrom
173fb7d4e2 drm/vmwgfx: Persistent tracking of context bindings
Only scrub context bindings when a bound resource is destroyed, or when
the MOB backing the context is unbound.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Zack Rusin <zackr@vmware.com>
2014-01-17 07:52:36 +01:00
Thomas Hellstrom
b5c3b1a6bf drm/vmwgfx: Track context bindings and scrub them upon exiting execbuf
The device is no longer capable of scrubbing context bindings of resources
that are bound when destroyed.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2014-01-17 07:52:35 +01:00
Thomas Hellstrom
8ba07315d3 drm/vmwgfx: Block the BIND_SHADERCONSTS command
It's been deprecated.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2014-01-17 07:52:34 +01:00
Thomas Hellstrom
311474dbdc drm/vmwgfx: Add a parameter to get max MOB memory size
Also bump minor to signal a GB-aware kernel module

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Zack Rusin <zackr@vmware.com>
2014-01-17 07:52:34 +01:00
Thomas Hellstrom
1d7a5cbf8f drm/vmwgfx: Implement a buffer object synccpu ioctl.
This ioctl enables inter-process synchronization of buffer objects,
which is needed for mesa Guest-Backed objects.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
2014-01-17 07:52:33 +01:00
Zack Rusin
15c6f65623 drm/vmwgfx: Make sure that the multisampling is off
By default SVGA device creates nonmaskable multisampling surfaces, in
which case multisampleCount of 1 means: the first quality setting
of nonmaskable multisampling surface. Lets change it to make sure
that the backends know that multisampling is really off.

Signed-off-by: Zack Rusin <zackr@vmware.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
2014-01-17 07:52:32 +01:00
Thomas Hellstrom
c373d4eac4 drm/vmwgfx: Extend the command verifier to handle guest-backed on / off
Make sure we disallow commands if the device doesn't support them.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
Reviewed-by: Zack Rusin <zackr@vmware.com>
2014-01-17 07:52:31 +01:00
Thomas Hellstrom
7086d0995c drm/vmwgfx: Fix up the vmwgfx_drv.h header for new files
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
Reviewed-by: Zack Rusin <zackr@vmware.com>
2014-01-17 07:52:30 +01:00