Граф коммитов

15 Коммитов

Автор SHA1 Сообщение Дата
Thierry Reding 961e3beae3 drm/tegra: Make job submission 64-bit safe
Job submission currently relies on the fact that struct drm_tegra_reloc
and struct host1x_reloc are the same size and uses a simple call to the
copy_from_user() function to copy them to kernel space. This causes the
handle to be stored in the buffer object field, which then needs a cast
to a 32 bit integer to resolve it to a proper buffer object pointer and
store it back in the buffer object field.

On 64-bit architectures that will no longer work, since pointers are 64
bits wide whereas handles will remain 32 bits. This causes the sizes of
both structures to because different and copying will no longer work.

Fix this by adding a new function, host1x_reloc_get_user(), that copies
the structures field by field.

While at it, use substructures for the command and target buffers in
struct host1x_reloc for better readability. Also use unsized types to
make it more obvious that this isn't part of userspace ABI.

Signed-off-by: Thierry Reding <treding@nvidia.com>
2014-08-04 10:07:36 +02:00
Erik Faye-Lund 89e6e8c85f gpu: host1x: do not check previously handled gathers
When patching gathers, we don't need to check against
gathers with lower indices than the current one, as
they are guaranteed to already have been handled.

Signed-off-by: Erik Faye-Lund <kusmabite@gmail.com>
Acked-By: Terje Bergstrom <tbergstrom@nvidia.com>
Signed-off-by: Thierry Reding <treding@nvidia.com>
2014-02-12 07:50:37 +01:00
Thierry Reding fae798a156 gpu: host1x: Export public API
Make the public API symbols visible so that depending drivers can be
built as a module.

Signed-off-by: Thierry Reding <treding@nvidia.com>
2013-12-19 09:29:50 +01:00
Thierry Reding 35d747a81d gpu: host1x: Expose syncpt and channel functionality
Expose the buffer objects, syncpoint and channel functionality in the
public public header so that drivers can use them.

Signed-off-by: Thierry Reding <treding@nvidia.com>
2013-10-31 09:20:11 +01:00
Thierry Reding d77563ff56 gpu: host1x: firewall: Refactor register check
The same code sequence is used in various places to validate a register
access in the command stream. This can be refactored into a separate
function.

Signed-off-by: Thierry Reding <treding@nvidia.com>
2013-10-31 09:20:08 +01:00
Thierry Reding d7fbcf477a gpu: host1x: firewall: Rename cmdbuf_id -> cmdbuf
The value stored in this field is a pointer to a command buffer, not an
ID. Avoid some confusion by reflecting that in the field's name.

Signed-off-by: Thierry Reding <treding@nvidia.com>
2013-10-31 09:20:08 +01:00
Thierry Reding 37857cd2c5 gpu: host1x: Fix alignment of function arguments
Arguments on subsequent lines should be aligned with the first argument.
This one occurrence went unnoticed during code review.

Signed-off-by: Thierry Reding <treding@nvidia.com>
2013-10-31 09:20:08 +01:00
Erik Faye-Lund a9ff999538 gpu: host1x: check relocs after all gathers are consumed
The num_relocs count are passed to the kernel per job, not per gather.

For multi-gather jobs, we would previously fail if there were relocs in
other gathers aside from the first one.

Fix this by simply moving the check until all gathers have been
consumed.

Signed-off-by: Erik Faye-Lund <kusmabite@gmail.com>
Reviewed-by: Arto Merilainen <amerilainen@nvidia.com>
Acked-By: Terje Bergstrom <tbergstrom@nvidia.com>
Signed-off-by: Thierry Reding <treding@nvidia.com>
2013-10-31 09:20:04 +01:00
Dan Carpenter 745cecc07c gpu: host1x: returning success instead of -ENOMEM
There is a mistake here so it returns PTR_ERR(NULL) which is success
instead of -ENOMEM.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Thierry Reding <treding@nvidia.com>
2013-08-27 10:20:12 +02:00
Dan Carpenter f5fda676e9 gpu: host1x: fix an integer overflow check
Tegra is a 32 bit arch.  On 32 bit systems then size_t is 32 bits so
"total" will never be higher than UINT_MAX because of integer overflows.
We need cast to u64 first before doing the math.

Also the addition earlier:

        unsigned int num_unpins = num_cmdbufs + num_relocs;

That can overflow as well, but I think it's still safe because we check
both "num_cmdbufs" and "num_relocs" again in this test.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Thierry Reding <treding@nvidia.com>
2013-08-27 10:20:11 +02:00
Arto Merilainen 3364cd2890 gpu: host1x: Copy gathers before verification
The firewall verified gather buffers before copying them. This
allowed a malicious application to rewrite the buffer content by
timing the rewrite carefully.

This patch makes the buffer validation occur after copying the
buffers.

Signed-off-by: Arto Merilainen <amerilainen@nvidia.com>
Signed-off-by: Terje Bergstrom <tbergstrom@nvidia.com>
Signed-off-by: Thierry Reding <thierry.reding@gmail.com>
2013-06-22 12:43:53 +02:00
Terje Bergstrom afac0e43c6 gpu: host1x: Don't reset firewall between gathers
The firewall was reinitialised for each gather. Because the filter
was reinitialised, it did not track the class over gather boundaries.
This allowed the user application to set host1x class to one class
in one gather and use that class in another gather without firewall
having knowledge about that.

Signed-off-by: Terje Bergstrom <tbergstrom@nvidia.com>
Signed-off-by: Arto Merilainen <amerilainen@nvidia.com>
Signed-off-by: Thierry Reding <thierry.reding@gmail.com>
2013-06-22 12:43:53 +02:00
Arto Merilainen 5060d8ec7c gpu: host1x: Check reloc table before usage
The firewall assumed that the user space always delivers a relocation
table when it is accessing address registers. If userspace did not
deliver a relocation table and tried to access the address registers,
the code performed bad memory accesses.

This patch modifies the firewall to check correctly that the firewall
table is available before accessing it. In addition, check_reloc() is
converted to use boolean return value (true when the reloc is valid,
false when invalid).

Signed-off-by: Arto Merilainen <amerilainen@nvidia.com>
Acked-By: Terje Bergstrom <tbergstrom@nvidia.com>
Signed-off-by: Thierry Reding <thierry.reding@gmail.com>
2013-06-22 12:43:52 +02:00
Terje Bergstrom 64c173d3a2 gpu: host1x: Check INCR opcode correctly
The firewall code used a wrong loop condition (pointer to a
structure) while checking INCR opcode. This patch fixes the code to
use correct loop condition (number of words remaining).

Signed-off-by: Terje Bergstrom <tbergstrom@nvidia.com>
Signed-off-by: Arto Merilainen <amerilainen@nvidia.com>
Signed-off-by: Thierry Reding <thierry.reding@gmail.com>
2013-06-22 12:43:52 +02:00
Terje Bergstrom 6579324a41 gpu: host1x: Add channel support
Add support for host1x client modules, and host1x channels to submit
work to the clients.

Signed-off-by: Arto Merilainen <amerilainen@nvidia.com>
Signed-off-by: Terje Bergstrom <tbergstrom@nvidia.com>
Reviewed-by: Thierry Reding <thierry.reding@avionic-design.de>
Tested-by: Thierry Reding <thierry.reding@avionic-design.de>
Tested-by: Erik Faye-Lund <kusmabite@gmail.com>
Signed-off-by: Thierry Reding <thierry.reding@avionic-design.de>
2013-04-22 12:32:43 +02:00