drm_bufs.c revision 1.1.1.1.2.11
1 /** 2 * \file drm_bufs.c 3 * Generic buffer template 4 * 5 * \author Rickard E. (Rik) Faith <faith (at) valinux.com> 6 * \author Gareth Hughes <gareth (at) valinux.com> 7 */ 8 9 /* 10 * Created: Thu Nov 23 03:10:50 2000 by gareth (at) valinux.com 11 * 12 * Copyright 1999, 2000 Precision Insight, Inc., Cedar Park, Texas. 13 * Copyright 2000 VA Linux Systems, Inc., Sunnyvale, California. 14 * All Rights Reserved. 15 * 16 * Permission is hereby granted, free of charge, to any person obtaining a 17 * copy of this software and associated documentation files (the "Software"), 18 * to deal in the Software without restriction, including without limitation 19 * the rights to use, copy, modify, merge, publish, distribute, sublicense, 20 * and/or sell copies of the Software, and to permit persons to whom the 21 * Software is furnished to do so, subject to the following conditions: 22 * 23 * The above copyright notice and this permission notice (including the next 24 * paragraph) shall be included in all copies or substantial portions of the 25 * Software. 26 * 27 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 28 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 29 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 30 * VA LINUX SYSTEMS AND/OR ITS SUPPLIERS BE LIABLE FOR ANY CLAIM, DAMAGES OR 31 * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, 32 * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR 33 * OTHER DEALINGS IN THE SOFTWARE. 34 */ 35 36 #include <linux/vmalloc.h> 37 #include <linux/slab.h> 38 #include <linux/sched.h> 39 #include <linux/log2.h> 40 #include <linux/export.h> 41 #include <linux/mm.h> 42 #include <asm/mtrr.h> 43 #include <asm/shmparam.h> 44 #include <drm/drmP.h> 45 46 static struct drm_map_list *drm_find_matching_map(struct drm_device *dev, 47 struct drm_local_map *map) 48 { 49 struct drm_map_list *entry; 50 list_for_each_entry(entry, &dev->maplist, head) { 51 /* 52 * Because the kernel-userspace ABI is fixed at a 32-bit offset 53 * while PCI resources may live above that, we only compare the 54 * lower 32 bits of the map offset for maps of type 55 * _DRM_FRAMEBUFFER or _DRM_REGISTERS. 56 * It is assumed that if a driver have more than one resource 57 * of each type, the lower 32 bits are different. 58 */ 59 if (!entry->map || 60 map->type != entry->map->type || 61 entry->master != dev->primary->master) 62 continue; 63 switch (map->type) { 64 case _DRM_SHM: 65 if (map->flags != _DRM_CONTAINS_LOCK) 66 break; 67 return entry; 68 case _DRM_REGISTERS: 69 case _DRM_FRAME_BUFFER: 70 if ((entry->map->offset & 0xffffffff) == 71 (map->offset & 0xffffffff)) 72 return entry; 73 default: /* Make gcc happy */ 74 ; 75 } 76 if (entry->map->offset == map->offset) 77 return entry; 78 } 79 80 return NULL; 81 } 82 83 static int drm_map_handle(struct drm_device *dev, struct drm_hash_item *hash, 84 unsigned long user_token, int hashed_handle, int shm) 85 { 86 int use_hashed_handle, shift; 87 unsigned long add; 88 89 use_hashed_handle = (user_token &~ 0xffffffffUL) || hashed_handle; 90 if (!use_hashed_handle) { 91 int ret; 92 hash->key = user_token >> PAGE_SHIFT; 93 ret = drm_ht_insert_item(&dev->map_hash, hash); 94 if (ret != -EINVAL) 95 return ret; 96 } 97 98 shift = 0; 99 add = DRM_MAP_HASH_OFFSET >> PAGE_SHIFT; 100 if (shm && (SHMLBA > PAGE_SIZE)) { 101 int bits = ilog2(SHMLBA >> PAGE_SHIFT) + 1; 102 103 /* For shared memory, we have to preserve the SHMLBA 104 * bits of the eventual vma->vm_pgoff value during 105 * mmap(). Otherwise we run into cache aliasing problems 106 * on some platforms. On these platforms, the pgoff of 107 * a mmap() request is used to pick a suitable virtual 108 * address for the mmap() region such that it will not 109 * cause cache aliasing problems. 110 * 111 * Therefore, make sure the SHMLBA relevant bits of the 112 * hash value we use are equal to those in the original 113 * kernel virtual address. 114 */ 115 shift = bits; 116 add |= ((user_token >> PAGE_SHIFT) & ((1UL << bits) - 1UL)); 117 } 118 119 return drm_ht_just_insert_please(&dev->map_hash, hash, 120 user_token, 32 - PAGE_SHIFT - 3, 121 shift, add); 122 } 123 124 /** 125 * Core function to create a range of memory available for mapping by a 126 * non-root process. 127 * 128 * Adjusts the memory offset to its absolute value according to the mapping 129 * type. Adds the map to the map list drm_device::maplist. Adds MTRR's where 130 * applicable and if supported by the kernel. 131 */ 132 static int drm_addmap_core(struct drm_device * dev, resource_size_t offset, 133 unsigned int size, enum drm_map_type type, 134 enum drm_map_flags flags, 135 struct drm_map_list ** maplist) 136 { 137 struct drm_local_map *map; 138 struct drm_map_list *list; 139 drm_dma_handle_t *dmah; 140 unsigned long user_token; 141 int ret; 142 143 map = kmalloc(sizeof(*map), GFP_KERNEL); 144 if (!map) 145 return -ENOMEM; 146 147 map->offset = offset; 148 map->size = size; 149 map->flags = flags; 150 map->type = type; 151 152 /* Only allow shared memory to be removable since we only keep enough 153 * book keeping information about shared memory to allow for removal 154 * when processes fork. 155 */ 156 if ((map->flags & _DRM_REMOVABLE) && map->type != _DRM_SHM) { 157 kfree(map); 158 return -EINVAL; 159 } 160 DRM_DEBUG("offset = 0x%08llx, size = 0x%08lx, type = %d\n", 161 (unsigned long long)map->offset, map->size, map->type); 162 163 /* page-align _DRM_SHM maps. They are allocated here so there is no security 164 * hole created by that and it works around various broken drivers that use 165 * a non-aligned quantity to map the SAREA. --BenH 166 */ 167 if (map->type == _DRM_SHM) 168 map->size = PAGE_ALIGN(map->size); 169 170 if ((map->offset & (~(resource_size_t)PAGE_MASK)) || (map->size & (~PAGE_MASK))) { 171 kfree(map); 172 return -EINVAL; 173 } 174 map->mtrr = -1; 175 map->handle = NULL; 176 177 switch (map->type) { 178 case _DRM_REGISTERS: 179 case _DRM_FRAME_BUFFER: 180 #if !defined(__sparc__) && !defined(__alpha__) && !defined(__ia64__) && !defined(__powerpc64__) && !defined(__x86_64__) && !defined(__arm__) 181 if (map->offset + (map->size-1) < map->offset || 182 map->offset < virt_to_phys(high_memory)) { 183 kfree(map); 184 return -EINVAL; 185 } 186 #endif 187 /* Some drivers preinitialize some maps, without the X Server 188 * needing to be aware of it. Therefore, we just return success 189 * when the server tries to create a duplicate map. 190 */ 191 list = drm_find_matching_map(dev, map); 192 if (list != NULL) { 193 if (list->map->size != map->size) { 194 DRM_DEBUG("Matching maps of type %d with " 195 "mismatched sizes, (%ld vs %ld)\n", 196 map->type, map->size, 197 list->map->size); 198 list->map->size = map->size; 199 } 200 201 kfree(map); 202 *maplist = list; 203 return 0; 204 } 205 206 if (drm_core_has_MTRR(dev)) { 207 if (map->type == _DRM_FRAME_BUFFER || 208 (map->flags & _DRM_WRITE_COMBINING)) { 209 map->mtrr = mtrr_add(map->offset, map->size, 210 MTRR_TYPE_WRCOMB, 1); 211 } 212 } 213 if (map->type == _DRM_REGISTERS) { 214 #ifdef __NetBSD__ 215 map->handle = drm_ioremap(dev, map); 216 #else 217 map->handle = ioremap(map->offset, map->size); 218 #endif 219 if (!map->handle) { 220 kfree(map); 221 return -ENOMEM; 222 } 223 } 224 225 break; 226 case _DRM_SHM: 227 list = drm_find_matching_map(dev, map); 228 if (list != NULL) { 229 if(list->map->size != map->size) { 230 DRM_DEBUG("Matching maps of type %d with " 231 "mismatched sizes, (%ld vs %ld)\n", 232 map->type, map->size, list->map->size); 233 list->map->size = map->size; 234 } 235 236 kfree(map); 237 *maplist = list; 238 return 0; 239 } 240 map->handle = vmalloc_user(map->size); 241 DRM_DEBUG("%lu %d %p\n", 242 map->size, drm_order(map->size), map->handle); 243 if (!map->handle) { 244 kfree(map); 245 return -ENOMEM; 246 } 247 map->offset = (unsigned long)map->handle; 248 if (map->flags & _DRM_CONTAINS_LOCK) { 249 /* Prevent a 2nd X Server from creating a 2nd lock */ 250 if (dev->primary->master->lock.hw_lock != NULL) { 251 vfree(map->handle); 252 kfree(map); 253 return -EBUSY; 254 } 255 dev->sigdata.lock = dev->primary->master->lock.hw_lock = map->handle; /* Pointer to lock */ 256 } 257 break; 258 case _DRM_AGP: { 259 struct drm_agp_mem *entry; 260 int valid = 0; 261 262 if (!drm_core_has_AGP(dev)) { 263 kfree(map); 264 return -EINVAL; 265 } 266 #ifdef __alpha__ 267 map->offset += dev->hose->mem_space->start; 268 #endif 269 /* In some cases (i810 driver), user space may have already 270 * added the AGP base itself, because dev->agp->base previously 271 * only got set during AGP enable. So, only add the base 272 * address if the map's offset isn't already within the 273 * aperture. 274 */ 275 #ifdef __NetBSD__ 276 if (map->offset < dev->agp->base || 277 map->offset > dev->agp->base + 278 dev->agp->agp_info.ai_aperture_size - 1) { 279 map->offset += dev->agp->base; 280 } 281 #else 282 if (map->offset < dev->agp->base || 283 map->offset > dev->agp->base + 284 dev->agp->agp_info.aper_size * 1024 * 1024 - 1) { 285 map->offset += dev->agp->base; 286 } 287 #endif 288 map->mtrr = dev->agp->agp_mtrr; /* for getmap */ 289 290 /* This assumes the DRM is in total control of AGP space. 291 * It's not always the case as AGP can be in the control 292 * of user space (i.e. i810 driver). So this loop will get 293 * skipped and we double check that dev->agp->memory is 294 * actually set as well as being invalid before EPERM'ing 295 */ 296 list_for_each_entry(entry, &dev->agp->memory, head) { 297 if ((map->offset >= entry->bound) && 298 (map->offset + map->size <= entry->bound + entry->pages * PAGE_SIZE)) { 299 valid = 1; 300 break; 301 } 302 } 303 if (!list_empty(&dev->agp->memory) && !valid) { 304 kfree(map); 305 return -EPERM; 306 } 307 DRM_DEBUG("AGP offset = 0x%08llx, size = 0x%08lx\n", 308 (unsigned long long)map->offset, map->size); 309 310 break; 311 } 312 case _DRM_GEM: 313 DRM_ERROR("tried to addmap GEM object\n"); 314 break; 315 case _DRM_SCATTER_GATHER: 316 if (!dev->sg) { 317 kfree(map); 318 return -EINVAL; 319 } 320 map->offset += (unsigned long)dev->sg->virtual; 321 break; 322 case _DRM_CONSISTENT: 323 /* dma_addr_t is 64bit on i386 with CONFIG_HIGHMEM64G, 324 * As we're limiting the address to 2^32-1 (or less), 325 * casting it down to 32 bits is no problem, but we 326 * need to point to a 64bit variable first. */ 327 dmah = drm_pci_alloc(dev, map->size, map->size); 328 if (!dmah) { 329 kfree(map); 330 return -ENOMEM; 331 } 332 map->handle = dmah->vaddr; 333 map->offset = (unsigned long)dmah->busaddr; 334 #ifdef __NetBSD__ 335 map->lm_data.dmah = dmah; 336 #else 337 kfree(dmah); 338 #endif 339 break; 340 default: 341 kfree(map); 342 return -EINVAL; 343 } 344 345 list = kzalloc(sizeof(*list), GFP_KERNEL); 346 if (!list) { 347 if (map->type == _DRM_REGISTERS) 348 #ifdef __NetBSD__ 349 drm_iounmap(dev, map); 350 #else 351 iounmap(map->handle); 352 #endif 353 kfree(map); 354 return -EINVAL; 355 } 356 list->map = map; 357 358 mutex_lock(&dev->struct_mutex); 359 list_add(&list->head, &dev->maplist); 360 361 /* Assign a 32-bit handle */ 362 /* We do it here so that dev->struct_mutex protects the increment */ 363 user_token = (map->type == _DRM_SHM) ? (unsigned long)map->handle : 364 map->offset; 365 ret = drm_map_handle(dev, &list->hash, user_token, 0, 366 (map->type == _DRM_SHM)); 367 if (ret) { 368 if (map->type == _DRM_REGISTERS) 369 #ifdef __NetBSD__ /* XXX What about other map types...? */ 370 drm_iounmap(dev, map); 371 #else 372 iounmap(map->handle); 373 #endif 374 kfree(map); 375 kfree(list); 376 mutex_unlock(&dev->struct_mutex); 377 return ret; 378 } 379 380 list->user_token = list->hash.key << PAGE_SHIFT; 381 mutex_unlock(&dev->struct_mutex); 382 383 if (!(map->flags & _DRM_DRIVER)) 384 list->master = dev->primary->master; 385 *maplist = list; 386 return 0; 387 } 388 389 int drm_addmap(struct drm_device * dev, resource_size_t offset, 390 unsigned int size, enum drm_map_type type, 391 enum drm_map_flags flags, struct drm_local_map ** map_ptr) 392 { 393 struct drm_map_list *list; 394 int rc; 395 396 rc = drm_addmap_core(dev, offset, size, type, flags, &list); 397 if (!rc) 398 *map_ptr = list->map; 399 return rc; 400 } 401 402 EXPORT_SYMBOL(drm_addmap); 403 404 /** 405 * Ioctl to specify a range of memory that is available for mapping by a 406 * non-root process. 407 * 408 * \param inode device inode. 409 * \param file_priv DRM file private. 410 * \param cmd command. 411 * \param arg pointer to a drm_map structure. 412 * \return zero on success or a negative value on error. 413 * 414 */ 415 int drm_addmap_ioctl(struct drm_device *dev, void *data, 416 struct drm_file *file_priv) 417 { 418 struct drm_map *map = data; 419 struct drm_map_list *maplist; 420 int err; 421 422 #ifdef __NetBSD__ 423 # if 0 /* XXX Old drm did this. */ 424 if (!(dev->flags & (FREAD | FWRITE))) 425 return -EACCES; 426 # endif 427 if (!(DRM_SUSER() || map->type == _DRM_AGP || map->type == _DRM_SHM)) 428 return -EACCES; /* XXX */ 429 #else 430 if (!(capable(CAP_SYS_ADMIN) || map->type == _DRM_AGP || map->type == _DRM_SHM)) 431 return -EPERM; 432 #endif 433 434 err = drm_addmap_core(dev, map->offset, map->size, map->type, 435 map->flags, &maplist); 436 437 if (err) 438 return err; 439 440 /* avoid a warning on 64-bit, this casting isn't very nice, but the API is set so too late */ 441 map->handle = (void *)(unsigned long)maplist->user_token; 442 return 0; 443 } 444 445 /** 446 * Remove a map private from list and deallocate resources if the mapping 447 * isn't in use. 448 * 449 * Searches the map on drm_device::maplist, removes it from the list, see if 450 * its being used, and free any associate resource (such as MTRR's) if it's not 451 * being on use. 452 * 453 * \sa drm_addmap 454 */ 455 int drm_rmmap_locked(struct drm_device *dev, struct drm_local_map *map) 456 { 457 struct drm_map_list *r_list = NULL, *list_t; 458 #ifndef __NetBSD__ 459 drm_dma_handle_t dmah; 460 #endif 461 int found = 0; 462 struct drm_master *master; 463 464 /* Find the list entry for the map and remove it */ 465 list_for_each_entry_safe(r_list, list_t, &dev->maplist, head) { 466 if (r_list->map == map) { 467 master = r_list->master; 468 list_del(&r_list->head); 469 drm_ht_remove_key(&dev->map_hash, 470 r_list->user_token >> PAGE_SHIFT); 471 kfree(r_list); 472 found = 1; 473 break; 474 } 475 } 476 477 if (!found) 478 return -EINVAL; 479 480 switch (map->type) { 481 case _DRM_REGISTERS: 482 #ifdef __NetBSD__ 483 drm_iounmap(dev, map); 484 #else 485 iounmap(map->handle); 486 #endif 487 /* FALLTHROUGH */ 488 case _DRM_FRAME_BUFFER: 489 if (drm_core_has_MTRR(dev) && map->mtrr >= 0) { 490 int retcode; 491 retcode = mtrr_del(map->mtrr, map->offset, map->size); 492 DRM_DEBUG("mtrr_del=%d\n", retcode); 493 } 494 break; 495 case _DRM_SHM: 496 vfree(map->handle); 497 if (master) { 498 if (dev->sigdata.lock == master->lock.hw_lock) 499 dev->sigdata.lock = NULL; 500 master->lock.hw_lock = NULL; /* SHM removed */ 501 master->lock.file_priv = NULL; 502 #ifdef __NetBSD__ 503 DRM_WAKEUP_ALL(&master->lock.lock_queue, 504 &drm_global_mutex); 505 #else 506 wake_up_interruptible_all(&master->lock.lock_queue); 507 #endif 508 } 509 break; 510 case _DRM_AGP: 511 case _DRM_SCATTER_GATHER: 512 break; 513 case _DRM_CONSISTENT: 514 #ifdef __NetBSD__ 515 drm_pci_free(dev, map->lm_data.dmah); 516 #else 517 dmah.vaddr = map->handle; 518 dmah.busaddr = map->offset; 519 dmah.size = map->size; 520 __drm_pci_free(dev, &dmah); 521 #endif 522 break; 523 case _DRM_GEM: 524 DRM_ERROR("tried to rmmap GEM object\n"); 525 break; 526 } 527 kfree(map); 528 529 return 0; 530 } 531 EXPORT_SYMBOL(drm_rmmap_locked); 532 533 int drm_rmmap(struct drm_device *dev, struct drm_local_map *map) 534 { 535 int ret; 536 537 mutex_lock(&dev->struct_mutex); 538 ret = drm_rmmap_locked(dev, map); 539 mutex_unlock(&dev->struct_mutex); 540 541 return ret; 542 } 543 EXPORT_SYMBOL(drm_rmmap); 544 545 /* The rmmap ioctl appears to be unnecessary. All mappings are torn down on 546 * the last close of the device, and this is necessary for cleanup when things 547 * exit uncleanly. Therefore, having userland manually remove mappings seems 548 * like a pointless exercise since they're going away anyway. 549 * 550 * One use case might be after addmap is allowed for normal users for SHM and 551 * gets used by drivers that the server doesn't need to care about. This seems 552 * unlikely. 553 * 554 * \param inode device inode. 555 * \param file_priv DRM file private. 556 * \param cmd command. 557 * \param arg pointer to a struct drm_map structure. 558 * \return zero on success or a negative value on error. 559 */ 560 int drm_rmmap_ioctl(struct drm_device *dev, void *data, 561 struct drm_file *file_priv) 562 { 563 struct drm_map *request = data; 564 struct drm_local_map *map = NULL; 565 struct drm_map_list *r_list; 566 int ret; 567 568 mutex_lock(&dev->struct_mutex); 569 list_for_each_entry(r_list, &dev->maplist, head) { 570 if (r_list->map && 571 r_list->user_token == (unsigned long)request->handle && 572 r_list->map->flags & _DRM_REMOVABLE) { 573 map = r_list->map; 574 break; 575 } 576 } 577 578 /* List has wrapped around to the head pointer, or its empty we didn't 579 * find anything. 580 */ 581 if (list_empty(&dev->maplist) || !map) { 582 mutex_unlock(&dev->struct_mutex); 583 return -EINVAL; 584 } 585 586 /* Register and framebuffer maps are permanent */ 587 if ((map->type == _DRM_REGISTERS) || (map->type == _DRM_FRAME_BUFFER)) { 588 mutex_unlock(&dev->struct_mutex); 589 return 0; 590 } 591 592 ret = drm_rmmap_locked(dev, map); 593 594 mutex_unlock(&dev->struct_mutex); 595 596 return ret; 597 } 598 599 /** 600 * Cleanup after an error on one of the addbufs() functions. 601 * 602 * \param dev DRM device. 603 * \param entry buffer entry where the error occurred. 604 * 605 * Frees any pages and buffers associated with the given entry. 606 */ 607 static void drm_cleanup_buf_error(struct drm_device * dev, 608 struct drm_buf_entry * entry) 609 { 610 int i; 611 612 if (entry->seg_count) { 613 for (i = 0; i < entry->seg_count; i++) { 614 if (entry->seglist[i]) { 615 drm_pci_free(dev, entry->seglist[i]); 616 } 617 } 618 kfree(entry->seglist); 619 620 entry->seg_count = 0; 621 } 622 623 if (entry->buf_count) { 624 for (i = 0; i < entry->buf_count; i++) { 625 kfree(entry->buflist[i].dev_private); 626 } 627 kfree(entry->buflist); 628 629 entry->buf_count = 0; 630 } 631 } 632 633 #if __OS_HAS_AGP 634 /** 635 * Add AGP buffers for DMA transfers. 636 * 637 * \param dev struct drm_device to which the buffers are to be added. 638 * \param request pointer to a struct drm_buf_desc describing the request. 639 * \return zero on success or a negative number on failure. 640 * 641 * After some sanity checks creates a drm_buf structure for each buffer and 642 * reallocates the buffer list of the same size order to accommodate the new 643 * buffers. 644 */ 645 int drm_addbufs_agp(struct drm_device * dev, struct drm_buf_desc * request) 646 { 647 struct drm_device_dma *dma = dev->dma; 648 struct drm_buf_entry *entry; 649 struct drm_agp_mem *agp_entry; 650 struct drm_buf *buf; 651 unsigned long offset; 652 unsigned long agp_offset; 653 int count; 654 int order; 655 int size; 656 int alignment; 657 int page_order; 658 int total; 659 int byte_count; 660 int i, valid; 661 struct drm_buf **temp_buflist; 662 663 if (!dma) 664 return -EINVAL; 665 666 count = request->count; 667 order = drm_order(request->size); 668 size = 1 << order; 669 670 alignment = (request->flags & _DRM_PAGE_ALIGN) 671 ? PAGE_ALIGN(size) : size; 672 page_order = order - PAGE_SHIFT > 0 ? order - PAGE_SHIFT : 0; 673 total = PAGE_SIZE << page_order; 674 675 byte_count = 0; 676 agp_offset = dev->agp->base + request->agp_start; 677 678 DRM_DEBUG("count: %d\n", count); 679 DRM_DEBUG("order: %d\n", order); 680 DRM_DEBUG("size: %d\n", size); 681 DRM_DEBUG("agp_offset: %lx\n", agp_offset); 682 DRM_DEBUG("alignment: %d\n", alignment); 683 DRM_DEBUG("page_order: %d\n", page_order); 684 DRM_DEBUG("total: %d\n", total); 685 686 if (order < DRM_MIN_ORDER || order > DRM_MAX_ORDER) 687 return -EINVAL; 688 689 /* Make sure buffers are located in AGP memory that we own */ 690 valid = 0; 691 list_for_each_entry(agp_entry, &dev->agp->memory, head) { 692 if ((agp_offset >= agp_entry->bound) && 693 (agp_offset + total * count <= agp_entry->bound + agp_entry->pages * PAGE_SIZE)) { 694 valid = 1; 695 break; 696 } 697 } 698 if (!list_empty(&dev->agp->memory) && !valid) { 699 DRM_DEBUG("zone invalid\n"); 700 return -EINVAL; 701 } 702 spin_lock(&dev->count_lock); 703 if (dev->buf_use) { 704 spin_unlock(&dev->count_lock); 705 return -EBUSY; 706 } 707 atomic_inc(&dev->buf_alloc); 708 spin_unlock(&dev->count_lock); 709 710 mutex_lock(&dev->struct_mutex); 711 entry = &dma->bufs[order]; 712 if (entry->buf_count) { 713 mutex_unlock(&dev->struct_mutex); 714 atomic_dec(&dev->buf_alloc); 715 return -ENOMEM; /* May only call once for each order */ 716 } 717 718 if (count < 0 || count > 4096) { 719 mutex_unlock(&dev->struct_mutex); 720 atomic_dec(&dev->buf_alloc); 721 return -EINVAL; 722 } 723 724 entry->buflist = kzalloc(count * sizeof(*entry->buflist), GFP_KERNEL); 725 if (!entry->buflist) { 726 mutex_unlock(&dev->struct_mutex); 727 atomic_dec(&dev->buf_alloc); 728 return -ENOMEM; 729 } 730 731 entry->buf_size = size; 732 entry->page_order = page_order; 733 734 offset = 0; 735 736 while (entry->buf_count < count) { 737 buf = &entry->buflist[entry->buf_count]; 738 buf->idx = dma->buf_count + entry->buf_count; 739 buf->total = alignment; 740 buf->order = order; 741 buf->used = 0; 742 743 buf->offset = (dma->byte_count + offset); 744 buf->bus_address = agp_offset + offset; 745 buf->address = (void *)(agp_offset + offset); 746 buf->next = NULL; 747 buf->waiting = 0; 748 buf->pending = 0; 749 buf->file_priv = NULL; 750 751 buf->dev_priv_size = dev->driver->dev_priv_size; 752 buf->dev_private = kzalloc(buf->dev_priv_size, GFP_KERNEL); 753 if (!buf->dev_private) { 754 /* Set count correctly so we free the proper amount. */ 755 entry->buf_count = count; 756 drm_cleanup_buf_error(dev, entry); 757 mutex_unlock(&dev->struct_mutex); 758 atomic_dec(&dev->buf_alloc); 759 return -ENOMEM; 760 } 761 762 DRM_DEBUG("buffer %d @ %p\n", entry->buf_count, buf->address); 763 764 offset += alignment; 765 entry->buf_count++; 766 byte_count += PAGE_SIZE << page_order; 767 } 768 769 DRM_DEBUG("byte_count: %d\n", byte_count); 770 771 temp_buflist = krealloc(dma->buflist, 772 (dma->buf_count + entry->buf_count) * 773 sizeof(*dma->buflist), GFP_KERNEL); 774 if (!temp_buflist) { 775 /* Free the entry because it isn't valid */ 776 drm_cleanup_buf_error(dev, entry); 777 mutex_unlock(&dev->struct_mutex); 778 atomic_dec(&dev->buf_alloc); 779 return -ENOMEM; 780 } 781 dma->buflist = temp_buflist; 782 783 for (i = 0; i < entry->buf_count; i++) { 784 dma->buflist[i + dma->buf_count] = &entry->buflist[i]; 785 } 786 787 dma->buf_count += entry->buf_count; 788 dma->seg_count += entry->seg_count; 789 dma->page_count += byte_count >> PAGE_SHIFT; 790 dma->byte_count += byte_count; 791 792 DRM_DEBUG("dma->buf_count : %d\n", dma->buf_count); 793 DRM_DEBUG("entry->buf_count : %d\n", entry->buf_count); 794 795 mutex_unlock(&dev->struct_mutex); 796 797 request->count = entry->buf_count; 798 request->size = size; 799 800 dma->flags = _DRM_DMA_USE_AGP; 801 802 atomic_dec(&dev->buf_alloc); 803 return 0; 804 } 805 EXPORT_SYMBOL(drm_addbufs_agp); 806 #endif /* __OS_HAS_AGP */ 807 808 int drm_addbufs_pci(struct drm_device * dev, struct drm_buf_desc * request) 809 { 810 struct drm_device_dma *dma = dev->dma; 811 int count; 812 int order; 813 int size; 814 int total; 815 int page_order; 816 struct drm_buf_entry *entry; 817 drm_dma_handle_t *dmah; 818 struct drm_buf *buf; 819 int alignment; 820 unsigned long offset; 821 int i; 822 int byte_count; 823 int page_count; 824 unsigned long *temp_pagelist; 825 struct drm_buf **temp_buflist; 826 827 if (!drm_core_check_feature(dev, DRIVER_PCI_DMA)) 828 return -EINVAL; 829 830 if (!dma) 831 return -EINVAL; 832 833 #ifdef __NetBSD__ 834 if (!DRM_SUSER()) 835 return -EACCES; /* XXX */ 836 #else 837 if (!capable(CAP_SYS_ADMIN)) 838 return -EPERM; 839 #endif 840 841 count = request->count; 842 order = drm_order(request->size); 843 size = 1 << order; 844 845 DRM_DEBUG("count=%d, size=%d (%d), order=%d\n", 846 request->count, request->size, size, order); 847 848 if (order < DRM_MIN_ORDER || order > DRM_MAX_ORDER) 849 return -EINVAL; 850 851 alignment = (request->flags & _DRM_PAGE_ALIGN) 852 ? PAGE_ALIGN(size) : size; 853 page_order = order - PAGE_SHIFT > 0 ? order - PAGE_SHIFT : 0; 854 total = PAGE_SIZE << page_order; 855 856 spin_lock(&dev->count_lock); 857 if (dev->buf_use) { 858 spin_unlock(&dev->count_lock); 859 return -EBUSY; 860 } 861 atomic_inc(&dev->buf_alloc); 862 spin_unlock(&dev->count_lock); 863 864 mutex_lock(&dev->struct_mutex); 865 entry = &dma->bufs[order]; 866 if (entry->buf_count) { 867 mutex_unlock(&dev->struct_mutex); 868 atomic_dec(&dev->buf_alloc); 869 return -ENOMEM; /* May only call once for each order */ 870 } 871 872 if (count < 0 || count > 4096) { 873 mutex_unlock(&dev->struct_mutex); 874 atomic_dec(&dev->buf_alloc); 875 return -EINVAL; 876 } 877 878 entry->buflist = kzalloc(count * sizeof(*entry->buflist), GFP_KERNEL); 879 if (!entry->buflist) { 880 mutex_unlock(&dev->struct_mutex); 881 atomic_dec(&dev->buf_alloc); 882 return -ENOMEM; 883 } 884 885 entry->seglist = kzalloc(count * sizeof(*entry->seglist), GFP_KERNEL); 886 if (!entry->seglist) { 887 kfree(entry->buflist); 888 mutex_unlock(&dev->struct_mutex); 889 atomic_dec(&dev->buf_alloc); 890 return -ENOMEM; 891 } 892 893 /* Keep the original pagelist until we know all the allocations 894 * have succeeded 895 */ 896 temp_pagelist = kmalloc((dma->page_count + (count << page_order)) * 897 sizeof(*dma->pagelist), GFP_KERNEL); 898 if (!temp_pagelist) { 899 kfree(entry->buflist); 900 kfree(entry->seglist); 901 mutex_unlock(&dev->struct_mutex); 902 atomic_dec(&dev->buf_alloc); 903 return -ENOMEM; 904 } 905 memcpy(temp_pagelist, 906 dma->pagelist, dma->page_count * sizeof(*dma->pagelist)); 907 DRM_DEBUG("pagelist: %d entries\n", 908 dma->page_count + (count << page_order)); 909 910 entry->buf_size = size; 911 entry->page_order = page_order; 912 byte_count = 0; 913 page_count = 0; 914 915 while (entry->buf_count < count) { 916 917 dmah = drm_pci_alloc(dev, PAGE_SIZE << page_order, 0x1000); 918 919 if (!dmah) { 920 /* Set count correctly so we free the proper amount. */ 921 entry->buf_count = count; 922 entry->seg_count = count; 923 drm_cleanup_buf_error(dev, entry); 924 kfree(temp_pagelist); 925 mutex_unlock(&dev->struct_mutex); 926 atomic_dec(&dev->buf_alloc); 927 return -ENOMEM; 928 } 929 entry->seglist[entry->seg_count++] = dmah; 930 for (i = 0; i < (1 << page_order); i++) { 931 DRM_DEBUG("page %d @ 0x%08lx\n", 932 dma->page_count + page_count, 933 (unsigned long)dmah->vaddr + PAGE_SIZE * i); 934 temp_pagelist[dma->page_count + page_count++] 935 = (unsigned long)dmah->vaddr + PAGE_SIZE * i; 936 } 937 for (offset = 0; 938 offset + size <= total && entry->buf_count < count; 939 offset += alignment, ++entry->buf_count) { 940 buf = &entry->buflist[entry->buf_count]; 941 buf->idx = dma->buf_count + entry->buf_count; 942 buf->total = alignment; 943 buf->order = order; 944 buf->used = 0; 945 buf->offset = (dma->byte_count + byte_count + offset); 946 #ifdef __NetBSD__ 947 buf->address = (void *)((char *)dmah->vaddr + offset); 948 #else 949 buf->address = (void *)(dmah->vaddr + offset); 950 #endif 951 buf->bus_address = dmah->busaddr + offset; 952 buf->next = NULL; 953 buf->waiting = 0; 954 buf->pending = 0; 955 buf->file_priv = NULL; 956 957 buf->dev_priv_size = dev->driver->dev_priv_size; 958 buf->dev_private = kzalloc(buf->dev_priv_size, 959 GFP_KERNEL); 960 if (!buf->dev_private) { 961 /* Set count correctly so we free the proper amount. */ 962 entry->buf_count = count; 963 entry->seg_count = count; 964 drm_cleanup_buf_error(dev, entry); 965 kfree(temp_pagelist); 966 mutex_unlock(&dev->struct_mutex); 967 atomic_dec(&dev->buf_alloc); 968 return -ENOMEM; 969 } 970 971 DRM_DEBUG("buffer %d @ %p\n", 972 entry->buf_count, buf->address); 973 } 974 byte_count += PAGE_SIZE << page_order; 975 } 976 977 temp_buflist = krealloc(dma->buflist, 978 (dma->buf_count + entry->buf_count) * 979 sizeof(*dma->buflist), GFP_KERNEL); 980 if (!temp_buflist) { 981 /* Free the entry because it isn't valid */ 982 drm_cleanup_buf_error(dev, entry); 983 kfree(temp_pagelist); 984 mutex_unlock(&dev->struct_mutex); 985 atomic_dec(&dev->buf_alloc); 986 return -ENOMEM; 987 } 988 dma->buflist = temp_buflist; 989 990 for (i = 0; i < entry->buf_count; i++) { 991 dma->buflist[i + dma->buf_count] = &entry->buflist[i]; 992 } 993 994 /* No allocations failed, so now we can replace the original pagelist 995 * with the new one. 996 */ 997 if (dma->page_count) { 998 kfree(dma->pagelist); 999 } 1000 dma->pagelist = temp_pagelist; 1001 1002 dma->buf_count += entry->buf_count; 1003 dma->seg_count += entry->seg_count; 1004 dma->page_count += entry->seg_count << page_order; 1005 dma->byte_count += PAGE_SIZE * (entry->seg_count << page_order); 1006 1007 mutex_unlock(&dev->struct_mutex); 1008 1009 request->count = entry->buf_count; 1010 request->size = size; 1011 1012 if (request->flags & _DRM_PCI_BUFFER_RO) 1013 dma->flags = _DRM_DMA_USE_PCI_RO; 1014 1015 atomic_dec(&dev->buf_alloc); 1016 return 0; 1017 1018 } 1019 EXPORT_SYMBOL(drm_addbufs_pci); 1020 1021 static int drm_addbufs_sg(struct drm_device * dev, struct drm_buf_desc * request) 1022 { 1023 struct drm_device_dma *dma = dev->dma; 1024 struct drm_buf_entry *entry; 1025 struct drm_buf *buf; 1026 unsigned long offset; 1027 unsigned long agp_offset; 1028 int count; 1029 int order; 1030 int size; 1031 int alignment; 1032 int page_order; 1033 int total; 1034 int byte_count; 1035 int i; 1036 struct drm_buf **temp_buflist; 1037 1038 if (!drm_core_check_feature(dev, DRIVER_SG)) 1039 return -EINVAL; 1040 1041 if (!dma) 1042 return -EINVAL; 1043 1044 #ifdef __NetBSD__ 1045 if (!DRM_SUSER()) 1046 return -EACCES; /* XXX */ 1047 #else 1048 if (!capable(CAP_SYS_ADMIN)) 1049 return -EPERM; 1050 #endif 1051 1052 count = request->count; 1053 order = drm_order(request->size); 1054 size = 1 << order; 1055 1056 alignment = (request->flags & _DRM_PAGE_ALIGN) 1057 ? PAGE_ALIGN(size) : size; 1058 page_order = order - PAGE_SHIFT > 0 ? order - PAGE_SHIFT : 0; 1059 total = PAGE_SIZE << page_order; 1060 1061 byte_count = 0; 1062 agp_offset = request->agp_start; 1063 1064 DRM_DEBUG("count: %d\n", count); 1065 DRM_DEBUG("order: %d\n", order); 1066 DRM_DEBUG("size: %d\n", size); 1067 DRM_DEBUG("agp_offset: %lu\n", agp_offset); 1068 DRM_DEBUG("alignment: %d\n", alignment); 1069 DRM_DEBUG("page_order: %d\n", page_order); 1070 DRM_DEBUG("total: %d\n", total); 1071 1072 if (order < DRM_MIN_ORDER || order > DRM_MAX_ORDER) 1073 return -EINVAL; 1074 1075 spin_lock(&dev->count_lock); 1076 if (dev->buf_use) { 1077 spin_unlock(&dev->count_lock); 1078 return -EBUSY; 1079 } 1080 atomic_inc(&dev->buf_alloc); 1081 spin_unlock(&dev->count_lock); 1082 1083 mutex_lock(&dev->struct_mutex); 1084 entry = &dma->bufs[order]; 1085 if (entry->buf_count) { 1086 mutex_unlock(&dev->struct_mutex); 1087 atomic_dec(&dev->buf_alloc); 1088 return -ENOMEM; /* May only call once for each order */ 1089 } 1090 1091 if (count < 0 || count > 4096) { 1092 mutex_unlock(&dev->struct_mutex); 1093 atomic_dec(&dev->buf_alloc); 1094 return -EINVAL; 1095 } 1096 1097 entry->buflist = kzalloc(count * sizeof(*entry->buflist), 1098 GFP_KERNEL); 1099 if (!entry->buflist) { 1100 mutex_unlock(&dev->struct_mutex); 1101 atomic_dec(&dev->buf_alloc); 1102 return -ENOMEM; 1103 } 1104 1105 entry->buf_size = size; 1106 entry->page_order = page_order; 1107 1108 offset = 0; 1109 1110 while (entry->buf_count < count) { 1111 buf = &entry->buflist[entry->buf_count]; 1112 buf->idx = dma->buf_count + entry->buf_count; 1113 buf->total = alignment; 1114 buf->order = order; 1115 buf->used = 0; 1116 1117 buf->offset = (dma->byte_count + offset); 1118 buf->bus_address = agp_offset + offset; 1119 buf->address = (void *)(agp_offset + offset 1120 + (unsigned long)dev->sg->virtual); 1121 buf->next = NULL; 1122 buf->waiting = 0; 1123 buf->pending = 0; 1124 buf->file_priv = NULL; 1125 1126 buf->dev_priv_size = dev->driver->dev_priv_size; 1127 buf->dev_private = kzalloc(buf->dev_priv_size, GFP_KERNEL); 1128 if (!buf->dev_private) { 1129 /* Set count correctly so we free the proper amount. */ 1130 entry->buf_count = count; 1131 drm_cleanup_buf_error(dev, entry); 1132 mutex_unlock(&dev->struct_mutex); 1133 atomic_dec(&dev->buf_alloc); 1134 return -ENOMEM; 1135 } 1136 1137 DRM_DEBUG("buffer %d @ %p\n", entry->buf_count, buf->address); 1138 1139 offset += alignment; 1140 entry->buf_count++; 1141 byte_count += PAGE_SIZE << page_order; 1142 } 1143 1144 DRM_DEBUG("byte_count: %d\n", byte_count); 1145 1146 temp_buflist = krealloc(dma->buflist, 1147 (dma->buf_count + entry->buf_count) * 1148 sizeof(*dma->buflist), GFP_KERNEL); 1149 if (!temp_buflist) { 1150 /* Free the entry because it isn't valid */ 1151 drm_cleanup_buf_error(dev, entry); 1152 mutex_unlock(&dev->struct_mutex); 1153 atomic_dec(&dev->buf_alloc); 1154 return -ENOMEM; 1155 } 1156 dma->buflist = temp_buflist; 1157 1158 for (i = 0; i < entry->buf_count; i++) { 1159 dma->buflist[i + dma->buf_count] = &entry->buflist[i]; 1160 } 1161 1162 dma->buf_count += entry->buf_count; 1163 dma->seg_count += entry->seg_count; 1164 dma->page_count += byte_count >> PAGE_SHIFT; 1165 dma->byte_count += byte_count; 1166 1167 DRM_DEBUG("dma->buf_count : %d\n", dma->buf_count); 1168 DRM_DEBUG("entry->buf_count : %d\n", entry->buf_count); 1169 1170 mutex_unlock(&dev->struct_mutex); 1171 1172 request->count = entry->buf_count; 1173 request->size = size; 1174 1175 dma->flags = _DRM_DMA_USE_SG; 1176 1177 atomic_dec(&dev->buf_alloc); 1178 return 0; 1179 } 1180 1181 static int drm_addbufs_fb(struct drm_device * dev, struct drm_buf_desc * request) 1182 { 1183 struct drm_device_dma *dma = dev->dma; 1184 struct drm_buf_entry *entry; 1185 struct drm_buf *buf; 1186 unsigned long offset; 1187 unsigned long agp_offset; 1188 int count; 1189 int order; 1190 int size; 1191 int alignment; 1192 int page_order; 1193 int total; 1194 int byte_count; 1195 int i; 1196 struct drm_buf **temp_buflist; 1197 1198 if (!drm_core_check_feature(dev, DRIVER_FB_DMA)) 1199 return -EINVAL; 1200 1201 if (!dma) 1202 return -EINVAL; 1203 1204 #ifdef __NetBSD__ 1205 if (!DRM_SUSER()) 1206 return -EACCES; /* XXX */ 1207 #else 1208 if (!capable(CAP_SYS_ADMIN)) 1209 return -EPERM; 1210 #endif 1211 1212 count = request->count; 1213 order = drm_order(request->size); 1214 size = 1 << order; 1215 1216 alignment = (request->flags & _DRM_PAGE_ALIGN) 1217 ? PAGE_ALIGN(size) : size; 1218 page_order = order - PAGE_SHIFT > 0 ? order - PAGE_SHIFT : 0; 1219 total = PAGE_SIZE << page_order; 1220 1221 byte_count = 0; 1222 agp_offset = request->agp_start; 1223 1224 DRM_DEBUG("count: %d\n", count); 1225 DRM_DEBUG("order: %d\n", order); 1226 DRM_DEBUG("size: %d\n", size); 1227 DRM_DEBUG("agp_offset: %lu\n", agp_offset); 1228 DRM_DEBUG("alignment: %d\n", alignment); 1229 DRM_DEBUG("page_order: %d\n", page_order); 1230 DRM_DEBUG("total: %d\n", total); 1231 1232 if (order < DRM_MIN_ORDER || order > DRM_MAX_ORDER) 1233 return -EINVAL; 1234 1235 spin_lock(&dev->count_lock); 1236 if (dev->buf_use) { 1237 spin_unlock(&dev->count_lock); 1238 return -EBUSY; 1239 } 1240 atomic_inc(&dev->buf_alloc); 1241 spin_unlock(&dev->count_lock); 1242 1243 mutex_lock(&dev->struct_mutex); 1244 entry = &dma->bufs[order]; 1245 if (entry->buf_count) { 1246 mutex_unlock(&dev->struct_mutex); 1247 atomic_dec(&dev->buf_alloc); 1248 return -ENOMEM; /* May only call once for each order */ 1249 } 1250 1251 if (count < 0 || count > 4096) { 1252 mutex_unlock(&dev->struct_mutex); 1253 atomic_dec(&dev->buf_alloc); 1254 return -EINVAL; 1255 } 1256 1257 entry->buflist = kzalloc(count * sizeof(*entry->buflist), 1258 GFP_KERNEL); 1259 if (!entry->buflist) { 1260 mutex_unlock(&dev->struct_mutex); 1261 atomic_dec(&dev->buf_alloc); 1262 return -ENOMEM; 1263 } 1264 1265 entry->buf_size = size; 1266 entry->page_order = page_order; 1267 1268 offset = 0; 1269 1270 while (entry->buf_count < count) { 1271 buf = &entry->buflist[entry->buf_count]; 1272 buf->idx = dma->buf_count + entry->buf_count; 1273 buf->total = alignment; 1274 buf->order = order; 1275 buf->used = 0; 1276 1277 buf->offset = (dma->byte_count + offset); 1278 buf->bus_address = agp_offset + offset; 1279 buf->address = (void *)(agp_offset + offset); 1280 buf->next = NULL; 1281 buf->waiting = 0; 1282 buf->pending = 0; 1283 buf->file_priv = NULL; 1284 1285 buf->dev_priv_size = dev->driver->dev_priv_size; 1286 buf->dev_private = kzalloc(buf->dev_priv_size, GFP_KERNEL); 1287 if (!buf->dev_private) { 1288 /* Set count correctly so we free the proper amount. */ 1289 entry->buf_count = count; 1290 drm_cleanup_buf_error(dev, entry); 1291 mutex_unlock(&dev->struct_mutex); 1292 atomic_dec(&dev->buf_alloc); 1293 return -ENOMEM; 1294 } 1295 1296 DRM_DEBUG("buffer %d @ %p\n", entry->buf_count, buf->address); 1297 1298 offset += alignment; 1299 entry->buf_count++; 1300 byte_count += PAGE_SIZE << page_order; 1301 } 1302 1303 DRM_DEBUG("byte_count: %d\n", byte_count); 1304 1305 temp_buflist = krealloc(dma->buflist, 1306 (dma->buf_count + entry->buf_count) * 1307 sizeof(*dma->buflist), GFP_KERNEL); 1308 if (!temp_buflist) { 1309 /* Free the entry because it isn't valid */ 1310 drm_cleanup_buf_error(dev, entry); 1311 mutex_unlock(&dev->struct_mutex); 1312 atomic_dec(&dev->buf_alloc); 1313 return -ENOMEM; 1314 } 1315 dma->buflist = temp_buflist; 1316 1317 for (i = 0; i < entry->buf_count; i++) { 1318 dma->buflist[i + dma->buf_count] = &entry->buflist[i]; 1319 } 1320 1321 dma->buf_count += entry->buf_count; 1322 dma->seg_count += entry->seg_count; 1323 dma->page_count += byte_count >> PAGE_SHIFT; 1324 dma->byte_count += byte_count; 1325 1326 DRM_DEBUG("dma->buf_count : %d\n", dma->buf_count); 1327 DRM_DEBUG("entry->buf_count : %d\n", entry->buf_count); 1328 1329 mutex_unlock(&dev->struct_mutex); 1330 1331 request->count = entry->buf_count; 1332 request->size = size; 1333 1334 dma->flags = _DRM_DMA_USE_FB; 1335 1336 atomic_dec(&dev->buf_alloc); 1337 return 0; 1338 } 1339 1340 1341 /** 1342 * Add buffers for DMA transfers (ioctl). 1343 * 1344 * \param inode device inode. 1345 * \param file_priv DRM file private. 1346 * \param cmd command. 1347 * \param arg pointer to a struct drm_buf_desc request. 1348 * \return zero on success or a negative number on failure. 1349 * 1350 * According with the memory type specified in drm_buf_desc::flags and the 1351 * build options, it dispatches the call either to addbufs_agp(), 1352 * addbufs_sg() or addbufs_pci() for AGP, scatter-gather or consistent 1353 * PCI memory respectively. 1354 */ 1355 int drm_addbufs(struct drm_device *dev, void *data, 1356 struct drm_file *file_priv) 1357 { 1358 struct drm_buf_desc *request = data; 1359 int ret; 1360 1361 if (!drm_core_check_feature(dev, DRIVER_HAVE_DMA)) 1362 return -EINVAL; 1363 1364 #if __OS_HAS_AGP 1365 if (request->flags & _DRM_AGP_BUFFER) 1366 ret = drm_addbufs_agp(dev, request); 1367 else 1368 #endif 1369 if (request->flags & _DRM_SG_BUFFER) 1370 ret = drm_addbufs_sg(dev, request); 1371 else if (request->flags & _DRM_FB_BUFFER) 1372 ret = drm_addbufs_fb(dev, request); 1373 else 1374 ret = drm_addbufs_pci(dev, request); 1375 1376 return ret; 1377 } 1378 1379 /** 1380 * Get information about the buffer mappings. 1381 * 1382 * This was originally mean for debugging purposes, or by a sophisticated 1383 * client library to determine how best to use the available buffers (e.g., 1384 * large buffers can be used for image transfer). 1385 * 1386 * \param inode device inode. 1387 * \param file_priv DRM file private. 1388 * \param cmd command. 1389 * \param arg pointer to a drm_buf_info structure. 1390 * \return zero on success or a negative number on failure. 1391 * 1392 * Increments drm_device::buf_use while holding the drm_device::count_lock 1393 * lock, preventing of allocating more buffers after this call. Information 1394 * about each requested buffer is then copied into user space. 1395 */ 1396 int drm_infobufs(struct drm_device *dev, void *data, 1397 struct drm_file *file_priv) 1398 { 1399 struct drm_device_dma *dma = dev->dma; 1400 struct drm_buf_info *request = data; 1401 int i; 1402 int count; 1403 1404 if (!drm_core_check_feature(dev, DRIVER_HAVE_DMA)) 1405 return -EINVAL; 1406 1407 if (!dma) 1408 return -EINVAL; 1409 1410 spin_lock(&dev->count_lock); 1411 if (atomic_read(&dev->buf_alloc)) { 1412 spin_unlock(&dev->count_lock); 1413 return -EBUSY; 1414 } 1415 ++dev->buf_use; /* Can't allocate more after this call */ 1416 spin_unlock(&dev->count_lock); 1417 1418 for (i = 0, count = 0; i < DRM_MAX_ORDER + 1; i++) { 1419 if (dma->bufs[i].buf_count) 1420 ++count; 1421 } 1422 1423 DRM_DEBUG("count = %d\n", count); 1424 1425 if (request->count >= count) { 1426 for (i = 0, count = 0; i < DRM_MAX_ORDER + 1; i++) { 1427 if (dma->bufs[i].buf_count) { 1428 struct drm_buf_desc __user *to = 1429 &request->list[count]; 1430 struct drm_buf_entry *from = &dma->bufs[i]; 1431 struct drm_freelist *list = &dma->bufs[i].freelist; 1432 if (copy_to_user(&to->count, 1433 &from->buf_count, 1434 sizeof(from->buf_count)) || 1435 copy_to_user(&to->size, 1436 &from->buf_size, 1437 sizeof(from->buf_size)) || 1438 copy_to_user(&to->low_mark, 1439 &list->low_mark, 1440 sizeof(list->low_mark)) || 1441 copy_to_user(&to->high_mark, 1442 &list->high_mark, 1443 sizeof(list->high_mark))) 1444 return -EFAULT; 1445 1446 DRM_DEBUG("%d %d %d %d %d\n", 1447 i, 1448 dma->bufs[i].buf_count, 1449 dma->bufs[i].buf_size, 1450 dma->bufs[i].freelist.low_mark, 1451 dma->bufs[i].freelist.high_mark); 1452 ++count; 1453 } 1454 } 1455 } 1456 request->count = count; 1457 1458 return 0; 1459 } 1460 1461 /** 1462 * Specifies a low and high water mark for buffer allocation 1463 * 1464 * \param inode device inode. 1465 * \param file_priv DRM file private. 1466 * \param cmd command. 1467 * \param arg a pointer to a drm_buf_desc structure. 1468 * \return zero on success or a negative number on failure. 1469 * 1470 * Verifies that the size order is bounded between the admissible orders and 1471 * updates the respective drm_device_dma::bufs entry low and high water mark. 1472 * 1473 * \note This ioctl is deprecated and mostly never used. 1474 */ 1475 int drm_markbufs(struct drm_device *dev, void *data, 1476 struct drm_file *file_priv) 1477 { 1478 struct drm_device_dma *dma = dev->dma; 1479 struct drm_buf_desc *request = data; 1480 int order; 1481 struct drm_buf_entry *entry; 1482 1483 if (!drm_core_check_feature(dev, DRIVER_HAVE_DMA)) 1484 return -EINVAL; 1485 1486 if (!dma) 1487 return -EINVAL; 1488 1489 DRM_DEBUG("%d, %d, %d\n", 1490 request->size, request->low_mark, request->high_mark); 1491 order = drm_order(request->size); 1492 if (order < DRM_MIN_ORDER || order > DRM_MAX_ORDER) 1493 return -EINVAL; 1494 entry = &dma->bufs[order]; 1495 1496 if (request->low_mark < 0 || request->low_mark > entry->buf_count) 1497 return -EINVAL; 1498 if (request->high_mark < 0 || request->high_mark > entry->buf_count) 1499 return -EINVAL; 1500 1501 entry->freelist.low_mark = request->low_mark; 1502 entry->freelist.high_mark = request->high_mark; 1503 1504 return 0; 1505 } 1506 1507 /** 1508 * Unreserve the buffers in list, previously reserved using drmDMA. 1509 * 1510 * \param inode device inode. 1511 * \param file_priv DRM file private. 1512 * \param cmd command. 1513 * \param arg pointer to a drm_buf_free structure. 1514 * \return zero on success or a negative number on failure. 1515 * 1516 * Calls free_buffer() for each used buffer. 1517 * This function is primarily used for debugging. 1518 */ 1519 int drm_freebufs(struct drm_device *dev, void *data, 1520 struct drm_file *file_priv) 1521 { 1522 struct drm_device_dma *dma = dev->dma; 1523 struct drm_buf_free *request = data; 1524 int i; 1525 int idx; 1526 struct drm_buf *buf; 1527 1528 if (!drm_core_check_feature(dev, DRIVER_HAVE_DMA)) 1529 return -EINVAL; 1530 1531 if (!dma) 1532 return -EINVAL; 1533 1534 DRM_DEBUG("%d\n", request->count); 1535 for (i = 0; i < request->count; i++) { 1536 if (copy_from_user(&idx, &request->list[i], sizeof(idx))) 1537 return -EFAULT; 1538 if (idx < 0 || idx >= dma->buf_count) { 1539 DRM_ERROR("Index %d (of %d max)\n", 1540 idx, dma->buf_count - 1); 1541 return -EINVAL; 1542 } 1543 buf = dma->buflist[idx]; 1544 if (buf->file_priv != file_priv) { 1545 DRM_ERROR("Process %d freeing buffer not owned\n", 1546 task_pid_nr(current)); 1547 return -EINVAL; 1548 } 1549 drm_free_buffer(dev, buf); 1550 } 1551 1552 return 0; 1553 } 1554 1555 /** 1556 * Maps all of the DMA buffers into client-virtual space (ioctl). 1557 * 1558 * \param inode device inode. 1559 * \param file_priv DRM file private. 1560 * \param cmd command. 1561 * \param arg pointer to a drm_buf_map structure. 1562 * \return zero on success or a negative number on failure. 1563 * 1564 * Maps the AGP, SG or PCI buffer region with vm_mmap(), and copies information 1565 * about each buffer into user space. For PCI buffers, it calls vm_mmap() with 1566 * offset equal to 0, which drm_mmap() interpretes as PCI buffers and calls 1567 * drm_mmap_dma(). 1568 */ 1569 int drm_mapbufs(struct drm_device *dev, void *data, 1570 struct drm_file *file_priv) 1571 { 1572 struct drm_device_dma *dma = dev->dma; 1573 int retcode = 0; 1574 const int zero = 0; 1575 unsigned long virtual; 1576 unsigned long address; 1577 struct drm_buf_map *request = data; 1578 int i; 1579 1580 if (!drm_core_check_feature(dev, DRIVER_HAVE_DMA)) 1581 return -EINVAL; 1582 1583 if (!dma) 1584 return -EINVAL; 1585 1586 spin_lock(&dev->count_lock); 1587 if (atomic_read(&dev->buf_alloc)) { 1588 spin_unlock(&dev->count_lock); 1589 return -EBUSY; 1590 } 1591 dev->buf_use++; /* Can't allocate more after this call */ 1592 spin_unlock(&dev->count_lock); 1593 1594 if (request->count >= dma->buf_count) { 1595 if ((drm_core_has_AGP(dev) && (dma->flags & _DRM_DMA_USE_AGP)) 1596 || (drm_core_check_feature(dev, DRIVER_SG) 1597 && (dma->flags & _DRM_DMA_USE_SG)) 1598 || (drm_core_check_feature(dev, DRIVER_FB_DMA) 1599 && (dma->flags & _DRM_DMA_USE_FB))) { 1600 struct drm_local_map *map = dev->agp_buffer_map; 1601 unsigned long token = dev->agp_buffer_token; 1602 1603 if (!map) { 1604 retcode = -EINVAL; 1605 goto done; 1606 } 1607 virtual = vm_mmap(file_priv->filp, 0, map->size, 1608 PROT_READ | PROT_WRITE, 1609 MAP_SHARED, 1610 token); 1611 } else { 1612 virtual = vm_mmap(file_priv->filp, 0, dma->byte_count, 1613 PROT_READ | PROT_WRITE, 1614 MAP_SHARED, 0); 1615 } 1616 if (virtual > -1024UL) { 1617 /* Real error */ 1618 retcode = (signed long)virtual; 1619 goto done; 1620 } 1621 request->virtual = (void __user *)virtual; 1622 1623 for (i = 0; i < dma->buf_count; i++) { 1624 if (copy_to_user(&request->list[i].idx, 1625 &dma->buflist[i]->idx, 1626 sizeof(request->list[0].idx))) { 1627 retcode = -EFAULT; 1628 goto done; 1629 } 1630 if (copy_to_user(&request->list[i].total, 1631 &dma->buflist[i]->total, 1632 sizeof(request->list[0].total))) { 1633 retcode = -EFAULT; 1634 goto done; 1635 } 1636 if (copy_to_user(&request->list[i].used, 1637 &zero, sizeof(zero))) { 1638 retcode = -EFAULT; 1639 goto done; 1640 } 1641 address = virtual + dma->buflist[i]->offset; /* *** */ 1642 if (copy_to_user(&request->list[i].address, 1643 &address, sizeof(address))) { 1644 retcode = -EFAULT; 1645 goto done; 1646 } 1647 } 1648 } 1649 done: 1650 request->count = dma->buf_count; 1651 DRM_DEBUG("%d buffers, retcode = %d\n", request->count, retcode); 1652 1653 return retcode; 1654 } 1655 1656 /** 1657 * Compute size order. Returns the exponent of the smaller power of two which 1658 * is greater or equal to given number. 1659 * 1660 * \param size size. 1661 * \return order. 1662 * 1663 * \todo Can be made faster. 1664 */ 1665 int drm_order(unsigned long size) 1666 { 1667 int order; 1668 unsigned long tmp; 1669 1670 for (order = 0, tmp = size >> 1; tmp; tmp >>= 1, order++) ; 1671 1672 if (size & (size - 1)) 1673 ++order; 1674 1675 return order; 1676 } 1677 EXPORT_SYMBOL(drm_order); 1678
Indexes created Sat Oct 18 21:09:54 GMT 2025