[PATCH] md: fix potential memalloc deadlock in md
[linux-2.6] / drivers / char / drm / drm_fops.c
1 /**
2  * \file drm_fops.c
3  * File operations for DRM
4  *
5  * \author Rickard E. (Rik) Faith <faith@valinux.com>
6  * \author Daryll Strauss <daryll@valinux.com>
7  * \author Gareth Hughes <gareth@valinux.com>
8  */
9
10 /*
11  * Created: Mon Jan  4 08:58:31 1999 by faith@valinux.com
12  *
13  * Copyright 1999 Precision Insight, Inc., Cedar Park, Texas.
14  * Copyright 2000 VA Linux Systems, Inc., Sunnyvale, California.
15  * All Rights Reserved.
16  *
17  * Permission is hereby granted, free of charge, to any person obtaining a
18  * copy of this software and associated documentation files (the "Software"),
19  * to deal in the Software without restriction, including without limitation
20  * the rights to use, copy, modify, merge, publish, distribute, sublicense,
21  * and/or sell copies of the Software, and to permit persons to whom the
22  * Software is furnished to do so, subject to the following conditions:
23  *
24  * The above copyright notice and this permission notice (including the next
25  * paragraph) shall be included in all copies or substantial portions of the
26  * Software.
27  *
28  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
29  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
30  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL
31  * VA LINUX SYSTEMS AND/OR ITS SUPPLIERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
32  * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
33  * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
34  * OTHER DEALINGS IN THE SOFTWARE.
35  */
36
37 #include "drmP.h"
38 #include "drm_sarea.h"
39 #include <linux/poll.h>
40
41 static int drm_open_helper(struct inode *inode, struct file *filp,
42                            drm_device_t * dev);
43
44 static int drm_setup(drm_device_t * dev)
45 {
46         drm_local_map_t *map;
47         int i;
48         int ret;
49
50         if (dev->driver->firstopen) {
51                 ret = dev->driver->firstopen(dev);
52                 if (ret != 0)
53                         return ret;
54         }
55
56         dev->magicfree.next = NULL;
57
58         /* prebuild the SAREA */
59         i = drm_addmap(dev, 0, SAREA_MAX, _DRM_SHM, _DRM_CONTAINS_LOCK, &map);
60         if (i != 0)
61                 return i;
62
63         atomic_set(&dev->ioctl_count, 0);
64         atomic_set(&dev->vma_count, 0);
65         dev->buf_use = 0;
66         atomic_set(&dev->buf_alloc, 0);
67
68         if (drm_core_check_feature(dev, DRIVER_HAVE_DMA)) {
69                 i = drm_dma_setup(dev);
70                 if (i < 0)
71                         return i;
72         }
73
74         for (i = 0; i < ARRAY_SIZE(dev->counts); i++)
75                 atomic_set(&dev->counts[i], 0);
76
77         drm_ht_create(&dev->magiclist, DRM_MAGIC_HASH_ORDER);
78         INIT_LIST_HEAD(&dev->magicfree);
79
80         dev->ctxlist = drm_alloc(sizeof(*dev->ctxlist), DRM_MEM_CTXLIST);
81         if (dev->ctxlist == NULL)
82                 return -ENOMEM;
83         memset(dev->ctxlist, 0, sizeof(*dev->ctxlist));
84         INIT_LIST_HEAD(&dev->ctxlist->head);
85
86         dev->vmalist = NULL;
87         dev->sigdata.lock = dev->lock.hw_lock = NULL;
88         init_waitqueue_head(&dev->lock.lock_queue);
89         dev->queue_count = 0;
90         dev->queue_reserved = 0;
91         dev->queue_slots = 0;
92         dev->queuelist = NULL;
93         dev->irq_enabled = 0;
94         dev->context_flag = 0;
95         dev->interrupt_flag = 0;
96         dev->dma_flag = 0;
97         dev->last_context = 0;
98         dev->last_switch = 0;
99         dev->last_checked = 0;
100         init_waitqueue_head(&dev->context_wait);
101         dev->if_version = 0;
102
103         dev->ctx_start = 0;
104         dev->lck_start = 0;
105
106         dev->buf_async = NULL;
107         init_waitqueue_head(&dev->buf_readers);
108         init_waitqueue_head(&dev->buf_writers);
109
110         DRM_DEBUG("\n");
111
112         /*
113          * The kernel's context could be created here, but is now created
114          * in drm_dma_enqueue.  This is more resource-efficient for
115          * hardware that does not do DMA, but may mean that
116          * drm_select_queue fails between the time the interrupt is
117          * initialized and the time the queues are initialized.
118          */
119
120         return 0;
121 }
122
123 /**
124  * Open file.
125  *
126  * \param inode device inode
127  * \param filp file pointer.
128  * \return zero on success or a negative number on failure.
129  *
130  * Searches the DRM device with the same minor number, calls open_helper(), and
131  * increments the device open count. If the open count was previous at zero,
132  * i.e., it's the first that the device is open, then calls setup().
133  */
134 int drm_open(struct inode *inode, struct file *filp)
135 {
136         drm_device_t *dev = NULL;
137         int minor = iminor(inode);
138         int retcode = 0;
139
140         if (!((minor >= 0) && (minor < drm_cards_limit)))
141                 return -ENODEV;
142
143         if (!drm_heads[minor])
144                 return -ENODEV;
145
146         if (!(dev = drm_heads[minor]->dev))
147                 return -ENODEV;
148
149         retcode = drm_open_helper(inode, filp, dev);
150         if (!retcode) {
151                 atomic_inc(&dev->counts[_DRM_STAT_OPENS]);
152                 spin_lock(&dev->count_lock);
153                 if (!dev->open_count++) {
154                         spin_unlock(&dev->count_lock);
155                         return drm_setup(dev);
156                 }
157                 spin_unlock(&dev->count_lock);
158         }
159
160         return retcode;
161 }
162 EXPORT_SYMBOL(drm_open);
163
164 /**
165  * File \c open operation.
166  *
167  * \param inode device inode.
168  * \param filp file pointer.
169  *
170  * Puts the dev->fops corresponding to the device minor number into
171  * \p filp, call the \c open method, and restore the file operations.
172  */
173 int drm_stub_open(struct inode *inode, struct file *filp)
174 {
175         drm_device_t *dev = NULL;
176         int minor = iminor(inode);
177         int err = -ENODEV;
178         const struct file_operations *old_fops;
179
180         DRM_DEBUG("\n");
181
182         if (!((minor >= 0) && (minor < drm_cards_limit)))
183                 return -ENODEV;
184
185         if (!drm_heads[minor])
186                 return -ENODEV;
187
188         if (!(dev = drm_heads[minor]->dev))
189                 return -ENODEV;
190
191         old_fops = filp->f_op;
192         filp->f_op = fops_get(&dev->driver->fops);
193         if (filp->f_op->open && (err = filp->f_op->open(inode, filp))) {
194                 fops_put(filp->f_op);
195                 filp->f_op = fops_get(old_fops);
196         }
197         fops_put(old_fops);
198
199         return err;
200 }
201
202 /**
203  * Check whether DRI will run on this CPU.
204  *
205  * \return non-zero if the DRI will run on this CPU, or zero otherwise.
206  */
207 static int drm_cpu_valid(void)
208 {
209 #if defined(__i386__)
210         if (boot_cpu_data.x86 == 3)
211                 return 0;       /* No cmpxchg on a 386 */
212 #endif
213 #if defined(__sparc__) && !defined(__sparc_v9__)
214         return 0;               /* No cmpxchg before v9 sparc. */
215 #endif
216         return 1;
217 }
218
219 /**
220  * Called whenever a process opens /dev/drm.
221  *
222  * \param inode device inode.
223  * \param filp file pointer.
224  * \param dev device.
225  * \return zero on success or a negative number on failure.
226  *
227  * Creates and initializes a drm_file structure for the file private data in \p
228  * filp and add it into the double linked list in \p dev.
229  */
230 static int drm_open_helper(struct inode *inode, struct file *filp,
231                            drm_device_t * dev)
232 {
233         int minor = iminor(inode);
234         drm_file_t *priv;
235         int ret;
236
237         if (filp->f_flags & O_EXCL)
238                 return -EBUSY;  /* No exclusive opens */
239         if (!drm_cpu_valid())
240                 return -EINVAL;
241
242         DRM_DEBUG("pid = %d, minor = %d\n", current->pid, minor);
243
244         priv = drm_alloc(sizeof(*priv), DRM_MEM_FILES);
245         if (!priv)
246                 return -ENOMEM;
247
248         memset(priv, 0, sizeof(*priv));
249         filp->private_data = priv;
250         priv->uid = current->euid;
251         priv->pid = current->pid;
252         priv->minor = minor;
253         priv->head = drm_heads[minor];
254         priv->ioctl_count = 0;
255         /* for compatibility root is always authenticated */
256         priv->authenticated = capable(CAP_SYS_ADMIN);
257         priv->lock_count = 0;
258
259         if (dev->driver->open) {
260                 ret = dev->driver->open(dev, priv);
261                 if (ret < 0)
262                         goto out_free;
263         }
264
265         mutex_lock(&dev->struct_mutex);
266         if (!dev->file_last) {
267                 priv->next = NULL;
268                 priv->prev = NULL;
269                 dev->file_first = priv;
270                 dev->file_last = priv;
271                 /* first opener automatically becomes master */
272                 priv->master = 1;
273         } else {
274                 priv->next = NULL;
275                 priv->prev = dev->file_last;
276                 dev->file_last->next = priv;
277                 dev->file_last = priv;
278         }
279         mutex_unlock(&dev->struct_mutex);
280
281 #ifdef __alpha__
282         /*
283          * Default the hose
284          */
285         if (!dev->hose) {
286                 struct pci_dev *pci_dev;
287                 pci_dev = pci_get_class(PCI_CLASS_DISPLAY_VGA << 8, NULL);
288                 if (pci_dev) {
289                         dev->hose = pci_dev->sysdata;
290                         pci_dev_put(pci_dev);
291                 }
292                 if (!dev->hose) {
293                         struct pci_bus *b = pci_bus_b(pci_root_buses.next);
294                         if (b)
295                                 dev->hose = b->sysdata;
296                 }
297         }
298 #endif
299
300         return 0;
301       out_free:
302         drm_free(priv, sizeof(*priv), DRM_MEM_FILES);
303         filp->private_data = NULL;
304         return ret;
305 }
306
307 /** No-op. */
308 int drm_fasync(int fd, struct file *filp, int on)
309 {
310         drm_file_t *priv = filp->private_data;
311         drm_device_t *dev = priv->head->dev;
312         int retcode;
313
314         DRM_DEBUG("fd = %d, device = 0x%lx\n", fd,
315                   (long)old_encode_dev(priv->head->device));
316         retcode = fasync_helper(fd, filp, on, &dev->buf_async);
317         if (retcode < 0)
318                 return retcode;
319         return 0;
320 }
321 EXPORT_SYMBOL(drm_fasync);
322
323 /**
324  * Release file.
325  *
326  * \param inode device inode
327  * \param filp file pointer.
328  * \return zero on success or a negative number on failure.
329  *
330  * If the hardware lock is held then free it, and take it again for the kernel
331  * context since it's necessary to reclaim buffers. Unlink the file private
332  * data from its list and free it. Decreases the open count and if it reaches
333  * zero calls drm_lastclose().
334  */
335 int drm_release(struct inode *inode, struct file *filp)
336 {
337         drm_file_t *priv = filp->private_data;
338         drm_device_t *dev;
339         int retcode = 0;
340
341         lock_kernel();
342         dev = priv->head->dev;
343
344         DRM_DEBUG("open_count = %d\n", dev->open_count);
345
346         if (dev->driver->preclose)
347                 dev->driver->preclose(dev, filp);
348
349         /* ========================================================
350          * Begin inline drm_release
351          */
352
353         DRM_DEBUG("pid = %d, device = 0x%lx, open_count = %d\n",
354                   current->pid, (long)old_encode_dev(priv->head->device),
355                   dev->open_count);
356
357         if (priv->lock_count && dev->lock.hw_lock &&
358             _DRM_LOCK_IS_HELD(dev->lock.hw_lock->lock) &&
359             dev->lock.filp == filp) {
360                 DRM_DEBUG("File %p released, freeing lock for context %d\n",
361                           filp, _DRM_LOCKING_CONTEXT(dev->lock.hw_lock->lock));
362
363                 if (dev->driver->reclaim_buffers_locked)
364                         dev->driver->reclaim_buffers_locked(dev, filp);
365
366                 drm_lock_free(dev, &dev->lock.hw_lock->lock,
367                               _DRM_LOCKING_CONTEXT(dev->lock.hw_lock->lock));
368
369                 /* FIXME: may require heavy-handed reset of
370                    hardware at this point, possibly
371                    processed via a callback to the X
372                    server. */
373         } else if (dev->driver->reclaim_buffers_locked && priv->lock_count
374                    && dev->lock.hw_lock) {
375                 /* The lock is required to reclaim buffers */
376                 DECLARE_WAITQUEUE(entry, current);
377
378                 add_wait_queue(&dev->lock.lock_queue, &entry);
379                 for (;;) {
380                         __set_current_state(TASK_INTERRUPTIBLE);
381                         if (!dev->lock.hw_lock) {
382                                 /* Device has been unregistered */
383                                 retcode = -EINTR;
384                                 break;
385                         }
386                         if (drm_lock_take(&dev->lock.hw_lock->lock,
387                                           DRM_KERNEL_CONTEXT)) {
388                                 dev->lock.filp = filp;
389                                 dev->lock.lock_time = jiffies;
390                                 atomic_inc(&dev->counts[_DRM_STAT_LOCKS]);
391                                 break;  /* Got lock */
392                         }
393                         /* Contention */
394                         schedule();
395                         if (signal_pending(current)) {
396                                 retcode = -ERESTARTSYS;
397                                 break;
398                         }
399                 }
400                 __set_current_state(TASK_RUNNING);
401                 remove_wait_queue(&dev->lock.lock_queue, &entry);
402                 if (!retcode) {
403                         dev->driver->reclaim_buffers_locked(dev, filp);
404                         drm_lock_free(dev, &dev->lock.hw_lock->lock,
405                                       DRM_KERNEL_CONTEXT);
406                 }
407         }
408
409         if (drm_core_check_feature(dev, DRIVER_HAVE_DMA) &&
410             !dev->driver->reclaim_buffers_locked) {
411                 dev->driver->reclaim_buffers(dev, filp);
412         }
413
414         drm_fasync(-1, filp, 0);
415
416         mutex_lock(&dev->ctxlist_mutex);
417         if (dev->ctxlist && (!list_empty(&dev->ctxlist->head))) {
418                 drm_ctx_list_t *pos, *n;
419
420                 list_for_each_entry_safe(pos, n, &dev->ctxlist->head, head) {
421                         if (pos->tag == priv &&
422                             pos->handle != DRM_KERNEL_CONTEXT) {
423                                 if (dev->driver->context_dtor)
424                                         dev->driver->context_dtor(dev,
425                                                                   pos->handle);
426
427                                 drm_ctxbitmap_free(dev, pos->handle);
428
429                                 list_del(&pos->head);
430                                 drm_free(pos, sizeof(*pos), DRM_MEM_CTXLIST);
431                                 --dev->ctx_count;
432                         }
433                 }
434         }
435         mutex_unlock(&dev->ctxlist_mutex);
436
437         mutex_lock(&dev->struct_mutex);
438         if (priv->remove_auth_on_close == 1) {
439                 drm_file_t *temp = dev->file_first;
440                 while (temp) {
441                         temp->authenticated = 0;
442                         temp = temp->next;
443                 }
444         }
445         if (priv->prev) {
446                 priv->prev->next = priv->next;
447         } else {
448                 dev->file_first = priv->next;
449         }
450         if (priv->next) {
451                 priv->next->prev = priv->prev;
452         } else {
453                 dev->file_last = priv->prev;
454         }
455         mutex_unlock(&dev->struct_mutex);
456
457         if (dev->driver->postclose)
458                 dev->driver->postclose(dev, priv);
459         drm_free(priv, sizeof(*priv), DRM_MEM_FILES);
460
461         /* ========================================================
462          * End inline drm_release
463          */
464
465         atomic_inc(&dev->counts[_DRM_STAT_CLOSES]);
466         spin_lock(&dev->count_lock);
467         if (!--dev->open_count) {
468                 if (atomic_read(&dev->ioctl_count) || dev->blocked) {
469                         DRM_ERROR("Device busy: %d %d\n",
470                                   atomic_read(&dev->ioctl_count), dev->blocked);
471                         spin_unlock(&dev->count_lock);
472                         unlock_kernel();
473                         return -EBUSY;
474                 }
475                 spin_unlock(&dev->count_lock);
476                 unlock_kernel();
477                 return drm_lastclose(dev);
478         }
479         spin_unlock(&dev->count_lock);
480
481         unlock_kernel();
482
483         return retcode;
484 }
485 EXPORT_SYMBOL(drm_release);
486
487 /** No-op. */
488 unsigned int drm_poll(struct file *filp, struct poll_table_struct *wait)
489 {
490         return 0;
491 }
492 EXPORT_SYMBOL(drm_poll);