drm_bufs.c revision 1.1.1.1.2.3
1 /** 2 * \file drm_bufs.c 3 * Generic buffer template 4 * 5 * \author Rickard E. (Rik) Faith <faith (at) valinux.com> 6 * \author Gareth Hughes <gareth (at) valinux.com> 7 */ 8 9 /* 10 * Created: Thu Nov 23 03:10:50 2000 by gareth (at) valinux.com 11 * 12 * Copyright 1999, 2000 Precision Insight, Inc., Cedar Park, Texas. 13 * Copyright 2000 VA Linux Systems, Inc., Sunnyvale, California. 14 * All Rights Reserved. 15 * 16 * Permission is hereby granted, free of charge, to any person obtaining a 17 * copy of this software and associated documentation files (the "Software"), 18 * to deal in the Software without restriction, including without limitation 19 * the rights to use, copy, modify, merge, publish, distribute, sublicense, 20 * and/or sell copies of the Software, and to permit persons to whom the 21 * Software is furnished to do so, subject to the following conditions: 22 * 23 * The above copyright notice and this permission notice (including the next 24 * paragraph) shall be included in all copies or substantial portions of the 25 * Software. 26 * 27 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 28 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 29 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 30 * VA LINUX SYSTEMS AND/OR ITS SUPPLIERS BE LIABLE FOR ANY CLAIM, DAMAGES OR 31 * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, 32 * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR 33 * OTHER DEALINGS IN THE SOFTWARE. 34 */ 35 36 #include <linux/vmalloc.h> 37 #include <linux/slab.h> 38 #include <linux/log2.h> 39 #include <linux/export.h> 40 #include <asm/shmparam.h> 41 #include <drm/drmP.h> 42 43 static struct drm_map_list *drm_find_matching_map(struct drm_device *dev, 44 struct drm_local_map *map) 45 { 46 struct drm_map_list *entry; 47 list_for_each_entry(entry, &dev->maplist, head) { 48 /* 49 * Because the kernel-userspace ABI is fixed at a 32-bit offset 50 * while PCI resources may live above that, we only compare the 51 * lower 32 bits of the map offset for maps of type 52 * _DRM_FRAMEBUFFER or _DRM_REGISTERS. 53 * It is assumed that if a driver have more than one resource 54 * of each type, the lower 32 bits are different. 55 */ 56 if (!entry->map || 57 map->type != entry->map->type || 58 entry->master != dev->primary->master) 59 continue; 60 switch (map->type) { 61 case _DRM_SHM: 62 if (map->flags != _DRM_CONTAINS_LOCK) 63 break; 64 return entry; 65 case _DRM_REGISTERS: 66 case _DRM_FRAME_BUFFER: 67 if ((entry->map->offset & 0xffffffff) == 68 (map->offset & 0xffffffff)) 69 return entry; 70 default: /* Make gcc happy */ 71 ; 72 } 73 if (entry->map->offset == map->offset) 74 return entry; 75 } 76 77 return NULL; 78 } 79 80 static int drm_map_handle(struct drm_device *dev, struct drm_hash_item *hash, 81 unsigned long user_token, int hashed_handle, int shm) 82 { 83 int use_hashed_handle, shift; 84 unsigned long add; 85 86 use_hashed_handle = (user_token &~ 0xffffffffUL) || hashed_handle; 87 if (!use_hashed_handle) { 88 int ret; 89 hash->key = user_token >> PAGE_SHIFT; 90 ret = drm_ht_insert_item(&dev->map_hash, hash); 91 if (ret != -EINVAL) 92 return ret; 93 } 94 95 shift = 0; 96 add = DRM_MAP_HASH_OFFSET >> PAGE_SHIFT; 97 if (shm && (SHMLBA > PAGE_SIZE)) { 98 int bits = ilog2(SHMLBA >> PAGE_SHIFT) + 1; 99 100 /* For shared memory, we have to preserve the SHMLBA 101 * bits of the eventual vma->vm_pgoff value during 102 * mmap(). Otherwise we run into cache aliasing problems 103 * on some platforms. On these platforms, the pgoff of 104 * a mmap() request is used to pick a suitable virtual 105 * address for the mmap() region such that it will not 106 * cause cache aliasing problems. 107 * 108 * Therefore, make sure the SHMLBA relevant bits of the 109 * hash value we use are equal to those in the original 110 * kernel virtual address. 111 */ 112 shift = bits; 113 add |= ((user_token >> PAGE_SHIFT) & ((1UL << bits) - 1UL)); 114 } 115 116 return drm_ht_just_insert_please(&dev->map_hash, hash, 117 user_token, 32 - PAGE_SHIFT - 3, 118 shift, add); 119 } 120 121 /** 122 * Core function to create a range of memory available for mapping by a 123 * non-root process. 124 * 125 * Adjusts the memory offset to its absolute value according to the mapping 126 * type. Adds the map to the map list drm_device::maplist. Adds MTRR's where 127 * applicable and if supported by the kernel. 128 */ 129 static int drm_addmap_core(struct drm_device * dev, resource_size_t offset, 130 unsigned int size, enum drm_map_type type, 131 enum drm_map_flags flags, 132 struct drm_map_list ** maplist) 133 { 134 struct drm_local_map *map; 135 struct drm_map_list *list; 136 drm_dma_handle_t *dmah; 137 unsigned long user_token; 138 int ret; 139 140 map = kmalloc(sizeof(*map), GFP_KERNEL); 141 if (!map) 142 return -ENOMEM; 143 144 map->offset = offset; 145 map->size = size; 146 map->flags = flags; 147 map->type = type; 148 149 /* Only allow shared memory to be removable since we only keep enough 150 * book keeping information about shared memory to allow for removal 151 * when processes fork. 152 */ 153 if ((map->flags & _DRM_REMOVABLE) && map->type != _DRM_SHM) { 154 kfree(map); 155 return -EINVAL; 156 } 157 DRM_DEBUG("offset = 0x%08llx, size = 0x%08lx, type = %d\n", 158 (unsigned long long)map->offset, map->size, map->type); 159 160 /* page-align _DRM_SHM maps. They are allocated here so there is no security 161 * hole created by that and it works around various broken drivers that use 162 * a non-aligned quantity to map the SAREA. --BenH 163 */ 164 if (map->type == _DRM_SHM) 165 map->size = PAGE_ALIGN(map->size); 166 167 if ((map->offset & (~(resource_size_t)PAGE_MASK)) || (map->size & (~PAGE_MASK))) { 168 kfree(map); 169 return -EINVAL; 170 } 171 map->mtrr = -1; 172 map->handle = NULL; 173 174 switch (map->type) { 175 case _DRM_REGISTERS: 176 case _DRM_FRAME_BUFFER: 177 #if !defined(__sparc__) && !defined(__alpha__) && !defined(__ia64__) && !defined(__powerpc64__) && !defined(__x86_64__) && !defined(__arm__) 178 if (map->offset + (map->size-1) < map->offset || 179 map->offset < virt_to_phys(high_memory)) { 180 kfree(map); 181 return -EINVAL; 182 } 183 #endif 184 /* Some drivers preinitialize some maps, without the X Server 185 * needing to be aware of it. Therefore, we just return success 186 * when the server tries to create a duplicate map. 187 */ 188 list = drm_find_matching_map(dev, map); 189 if (list != NULL) { 190 if (list->map->size != map->size) { 191 DRM_DEBUG("Matching maps of type %d with " 192 "mismatched sizes, (%ld vs %ld)\n", 193 map->type, map->size, 194 list->map->size); 195 list->map->size = map->size; 196 } 197 198 kfree(map); 199 *maplist = list; 200 return 0; 201 } 202 203 if (drm_core_has_MTRR(dev)) { 204 if (map->type == _DRM_FRAME_BUFFER || 205 (map->flags & _DRM_WRITE_COMBINING)) { 206 map->mtrr = mtrr_add(map->offset, map->size, 207 MTRR_TYPE_WRCOMB, 1); 208 } 209 } 210 if (map->type == _DRM_REGISTERS) { 211 map->handle = ioremap(map->offset, map->size); 212 if (!map->handle) { 213 kfree(map); 214 return -ENOMEM; 215 } 216 } 217 218 break; 219 case _DRM_SHM: 220 list = drm_find_matching_map(dev, map); 221 if (list != NULL) { 222 if(list->map->size != map->size) { 223 DRM_DEBUG("Matching maps of type %d with " 224 "mismatched sizes, (%ld vs %ld)\n", 225 map->type, map->size, list->map->size); 226 list->map->size = map->size; 227 } 228 229 kfree(map); 230 *maplist = list; 231 return 0; 232 } 233 map->handle = vmalloc_user(map->size); 234 DRM_DEBUG("%lu %d %p\n", 235 map->size, drm_order(map->size), map->handle); 236 if (!map->handle) { 237 kfree(map); 238 return -ENOMEM; 239 } 240 map->offset = (unsigned long)map->handle; 241 if (map->flags & _DRM_CONTAINS_LOCK) { 242 /* Prevent a 2nd X Server from creating a 2nd lock */ 243 if (dev->primary->master->lock.hw_lock != NULL) { 244 vfree(map->handle); 245 kfree(map); 246 return -EBUSY; 247 } 248 dev->sigdata.lock = dev->primary->master->lock.hw_lock = map->handle; /* Pointer to lock */ 249 } 250 break; 251 case _DRM_AGP: { 252 struct drm_agp_mem *entry; 253 int valid = 0; 254 255 if (!drm_core_has_AGP(dev)) { 256 kfree(map); 257 return -EINVAL; 258 } 259 #ifdef __alpha__ 260 map->offset += dev->hose->mem_space->start; 261 #endif 262 /* In some cases (i810 driver), user space may have already 263 * added the AGP base itself, because dev->agp->base previously 264 * only got set during AGP enable. So, only add the base 265 * address if the map's offset isn't already within the 266 * aperture. 267 */ 268 if (map->offset < dev->agp->base || 269 map->offset > dev->agp->base + 270 dev->agp->agp_info.aper_size * 1024 * 1024 - 1) { 271 map->offset += dev->agp->base; 272 } 273 map->mtrr = dev->agp->agp_mtrr; /* for getmap */ 274 275 /* This assumes the DRM is in total control of AGP space. 276 * It's not always the case as AGP can be in the control 277 * of user space (i.e. i810 driver). So this loop will get 278 * skipped and we double check that dev->agp->memory is 279 * actually set as well as being invalid before EPERM'ing 280 */ 281 list_for_each_entry(entry, &dev->agp->memory, head) { 282 if ((map->offset >= entry->bound) && 283 (map->offset + map->size <= entry->bound + entry->pages * PAGE_SIZE)) { 284 valid = 1; 285 break; 286 } 287 } 288 if (!list_empty(&dev->agp->memory) && !valid) { 289 kfree(map); 290 return -EPERM; 291 } 292 DRM_DEBUG("AGP offset = 0x%08llx, size = 0x%08lx\n", 293 (unsigned long long)map->offset, map->size); 294 295 break; 296 } 297 case _DRM_GEM: 298 DRM_ERROR("tried to addmap GEM object\n"); 299 break; 300 case _DRM_SCATTER_GATHER: 301 if (!dev->sg) { 302 kfree(map); 303 return -EINVAL; 304 } 305 map->offset += (unsigned long)dev->sg->virtual; 306 break; 307 case _DRM_CONSISTENT: 308 /* dma_addr_t is 64bit on i386 with CONFIG_HIGHMEM64G, 309 * As we're limiting the address to 2^32-1 (or less), 310 * casting it down to 32 bits is no problem, but we 311 * need to point to a 64bit variable first. */ 312 dmah = drm_pci_alloc(dev, map->size, map->size); 313 if (!dmah) { 314 kfree(map); 315 return -ENOMEM; 316 } 317 map->handle = dmah->vaddr; 318 map->offset = (unsigned long)dmah->busaddr; 319 kfree(dmah); 320 break; 321 default: 322 kfree(map); 323 return -EINVAL; 324 } 325 326 list = kzalloc(sizeof(*list), GFP_KERNEL); 327 if (!list) { 328 if (map->type == _DRM_REGISTERS) 329 iounmap(map->handle); 330 kfree(map); 331 return -EINVAL; 332 } 333 list->map = map; 334 335 mutex_lock(&dev->struct_mutex); 336 list_add(&list->head, &dev->maplist); 337 338 /* Assign a 32-bit handle */ 339 /* We do it here so that dev->struct_mutex protects the increment */ 340 user_token = (map->type == _DRM_SHM) ? (unsigned long)map->handle : 341 map->offset; 342 ret = drm_map_handle(dev, &list->hash, user_token, 0, 343 (map->type == _DRM_SHM)); 344 if (ret) { 345 if (map->type == _DRM_REGISTERS) 346 iounmap(map->handle); 347 kfree(map); 348 kfree(list); 349 mutex_unlock(&dev->struct_mutex); 350 return ret; 351 } 352 353 list->user_token = list->hash.key << PAGE_SHIFT; 354 mutex_unlock(&dev->struct_mutex); 355 356 if (!(map->flags & _DRM_DRIVER)) 357 list->master = dev->primary->master; 358 *maplist = list; 359 return 0; 360 } 361 362 int drm_addmap(struct drm_device * dev, resource_size_t offset, 363 unsigned int size, enum drm_map_type type, 364 enum drm_map_flags flags, struct drm_local_map ** map_ptr) 365 { 366 struct drm_map_list *list; 367 int rc; 368 369 rc = drm_addmap_core(dev, offset, size, type, flags, &list); 370 if (!rc) 371 *map_ptr = list->map; 372 return rc; 373 } 374 375 EXPORT_SYMBOL(drm_addmap); 376 377 /** 378 * Ioctl to specify a range of memory that is available for mapping by a 379 * non-root process. 380 * 381 * \param inode device inode. 382 * \param file_priv DRM file private. 383 * \param cmd command. 384 * \param arg pointer to a drm_map structure. 385 * \return zero on success or a negative value on error. 386 * 387 */ 388 int drm_addmap_ioctl(struct drm_device *dev, void *data, 389 struct drm_file *file_priv) 390 { 391 struct drm_map *map = data; 392 struct drm_map_list *maplist; 393 int err; 394 395 if (!(capable(CAP_SYS_ADMIN) || map->type == _DRM_AGP || map->type == _DRM_SHM)) 396 return -EPERM; 397 398 err = drm_addmap_core(dev, map->offset, map->size, map->type, 399 map->flags, &maplist); 400 401 if (err) 402 return err; 403 404 /* avoid a warning on 64-bit, this casting isn't very nice, but the API is set so too late */ 405 map->handle = (void *)(unsigned long)maplist->user_token; 406 return 0; 407 } 408 409 /** 410 * Remove a map private from list and deallocate resources if the mapping 411 * isn't in use. 412 * 413 * Searches the map on drm_device::maplist, removes it from the list, see if 414 * its being used, and free any associate resource (such as MTRR's) if it's not 415 * being on use. 416 * 417 * \sa drm_addmap 418 */ 419 int drm_rmmap_locked(struct drm_device *dev, struct drm_local_map *map) 420 { 421 struct drm_map_list *r_list = NULL, *list_t; 422 drm_dma_handle_t dmah; 423 int found = 0; 424 struct drm_master *master; 425 426 /* Find the list entry for the map and remove it */ 427 list_for_each_entry_safe(r_list, list_t, &dev->maplist, head) { 428 if (r_list->map == map) { 429 master = r_list->master; 430 list_del(&r_list->head); 431 drm_ht_remove_key(&dev->map_hash, 432 r_list->user_token >> PAGE_SHIFT); 433 kfree(r_list); 434 found = 1; 435 break; 436 } 437 } 438 439 if (!found) 440 return -EINVAL; 441 442 switch (map->type) { 443 case _DRM_REGISTERS: 444 iounmap(map->handle); 445 /* FALLTHROUGH */ 446 case _DRM_FRAME_BUFFER: 447 if (drm_core_has_MTRR(dev) && map->mtrr >= 0) { 448 int retcode; 449 retcode = mtrr_del(map->mtrr, map->offset, map->size); 450 DRM_DEBUG("mtrr_del=%d\n", retcode); 451 } 452 break; 453 case _DRM_SHM: 454 vfree(map->handle); 455 if (master) { 456 if (dev->sigdata.lock == master->lock.hw_lock) 457 dev->sigdata.lock = NULL; 458 master->lock.hw_lock = NULL; /* SHM removed */ 459 master->lock.file_priv = NULL; 460 wake_up_interruptible_all(&master->lock.lock_queue); 461 } 462 break; 463 case _DRM_AGP: 464 case _DRM_SCATTER_GATHER: 465 break; 466 case _DRM_CONSISTENT: 467 dmah.vaddr = map->handle; 468 dmah.busaddr = map->offset; 469 dmah.size = map->size; 470 __drm_pci_free(dev, &dmah); 471 break; 472 case _DRM_GEM: 473 DRM_ERROR("tried to rmmap GEM object\n"); 474 break; 475 } 476 kfree(map); 477 478 return 0; 479 } 480 EXPORT_SYMBOL(drm_rmmap_locked); 481 482 int drm_rmmap(struct drm_device *dev, struct drm_local_map *map) 483 { 484 int ret; 485 486 mutex_lock(&dev->struct_mutex); 487 ret = drm_rmmap_locked(dev, map); 488 mutex_unlock(&dev->struct_mutex); 489 490 return ret; 491 } 492 EXPORT_SYMBOL(drm_rmmap); 493 494 /* The rmmap ioctl appears to be unnecessary. All mappings are torn down on 495 * the last close of the device, and this is necessary for cleanup when things 496 * exit uncleanly. Therefore, having userland manually remove mappings seems 497 * like a pointless exercise since they're going away anyway. 498 * 499 * One use case might be after addmap is allowed for normal users for SHM and 500 * gets used by drivers that the server doesn't need to care about. This seems 501 * unlikely. 502 * 503 * \param inode device inode. 504 * \param file_priv DRM file private. 505 * \param cmd command. 506 * \param arg pointer to a struct drm_map structure. 507 * \return zero on success or a negative value on error. 508 */ 509 int drm_rmmap_ioctl(struct drm_device *dev, void *data, 510 struct drm_file *file_priv) 511 { 512 struct drm_map *request = data; 513 struct drm_local_map *map = NULL; 514 struct drm_map_list *r_list; 515 int ret; 516 517 mutex_lock(&dev->struct_mutex); 518 list_for_each_entry(r_list, &dev->maplist, head) { 519 if (r_list->map && 520 r_list->user_token == (unsigned long)request->handle && 521 r_list->map->flags & _DRM_REMOVABLE) { 522 map = r_list->map; 523 break; 524 } 525 } 526 527 /* List has wrapped around to the head pointer, or its empty we didn't 528 * find anything. 529 */ 530 if (list_empty(&dev->maplist) || !map) { 531 mutex_unlock(&dev->struct_mutex); 532 return -EINVAL; 533 } 534 535 /* Register and framebuffer maps are permanent */ 536 if ((map->type == _DRM_REGISTERS) || (map->type == _DRM_FRAME_BUFFER)) { 537 mutex_unlock(&dev->struct_mutex); 538 return 0; 539 } 540 541 ret = drm_rmmap_locked(dev, map); 542 543 mutex_unlock(&dev->struct_mutex); 544 545 return ret; 546 } 547 548 /** 549 * Cleanup after an error on one of the addbufs() functions. 550 * 551 * \param dev DRM device. 552 * \param entry buffer entry where the error occurred. 553 * 554 * Frees any pages and buffers associated with the given entry. 555 */ 556 static void drm_cleanup_buf_error(struct drm_device * dev, 557 struct drm_buf_entry * entry) 558 { 559 int i; 560 561 if (entry->seg_count) { 562 for (i = 0; i < entry->seg_count; i++) { 563 if (entry->seglist[i]) { 564 drm_pci_free(dev, entry->seglist[i]); 565 } 566 } 567 kfree(entry->seglist); 568 569 entry->seg_count = 0; 570 } 571 572 if (entry->buf_count) { 573 for (i = 0; i < entry->buf_count; i++) { 574 kfree(entry->buflist[i].dev_private); 575 } 576 kfree(entry->buflist); 577 578 entry->buf_count = 0; 579 } 580 } 581 582 #if __OS_HAS_AGP 583 /** 584 * Add AGP buffers for DMA transfers. 585 * 586 * \param dev struct drm_device to which the buffers are to be added. 587 * \param request pointer to a struct drm_buf_desc describing the request. 588 * \return zero on success or a negative number on failure. 589 * 590 * After some sanity checks creates a drm_buf structure for each buffer and 591 * reallocates the buffer list of the same size order to accommodate the new 592 * buffers. 593 */ 594 int drm_addbufs_agp(struct drm_device * dev, struct drm_buf_desc * request) 595 { 596 struct drm_device_dma *dma = dev->dma; 597 struct drm_buf_entry *entry; 598 struct drm_agp_mem *agp_entry; 599 struct drm_buf *buf; 600 unsigned long offset; 601 unsigned long agp_offset; 602 int count; 603 int order; 604 int size; 605 int alignment; 606 int page_order; 607 int total; 608 int byte_count; 609 int i, valid; 610 struct drm_buf **temp_buflist; 611 612 if (!dma) 613 return -EINVAL; 614 615 count = request->count; 616 order = drm_order(request->size); 617 size = 1 << order; 618 619 alignment = (request->flags & _DRM_PAGE_ALIGN) 620 ? PAGE_ALIGN(size) : size; 621 page_order = order - PAGE_SHIFT > 0 ? order - PAGE_SHIFT : 0; 622 total = PAGE_SIZE << page_order; 623 624 byte_count = 0; 625 agp_offset = dev->agp->base + request->agp_start; 626 627 DRM_DEBUG("count: %d\n", count); 628 DRM_DEBUG("order: %d\n", order); 629 DRM_DEBUG("size: %d\n", size); 630 DRM_DEBUG("agp_offset: %lx\n", agp_offset); 631 DRM_DEBUG("alignment: %d\n", alignment); 632 DRM_DEBUG("page_order: %d\n", page_order); 633 DRM_DEBUG("total: %d\n", total); 634 635 if (order < DRM_MIN_ORDER || order > DRM_MAX_ORDER) 636 return -EINVAL; 637 638 /* Make sure buffers are located in AGP memory that we own */ 639 valid = 0; 640 list_for_each_entry(agp_entry, &dev->agp->memory, head) { 641 if ((agp_offset >= agp_entry->bound) && 642 (agp_offset + total * count <= agp_entry->bound + agp_entry->pages * PAGE_SIZE)) { 643 valid = 1; 644 break; 645 } 646 } 647 if (!list_empty(&dev->agp->memory) && !valid) { 648 DRM_DEBUG("zone invalid\n"); 649 return -EINVAL; 650 } 651 spin_lock(&dev->count_lock); 652 if (dev->buf_use) { 653 spin_unlock(&dev->count_lock); 654 return -EBUSY; 655 } 656 atomic_inc(&dev->buf_alloc); 657 spin_unlock(&dev->count_lock); 658 659 mutex_lock(&dev->struct_mutex); 660 entry = &dma->bufs[order]; 661 if (entry->buf_count) { 662 mutex_unlock(&dev->struct_mutex); 663 atomic_dec(&dev->buf_alloc); 664 return -ENOMEM; /* May only call once for each order */ 665 } 666 667 if (count < 0 || count > 4096) { 668 mutex_unlock(&dev->struct_mutex); 669 atomic_dec(&dev->buf_alloc); 670 return -EINVAL; 671 } 672 673 entry->buflist = kzalloc(count * sizeof(*entry->buflist), GFP_KERNEL); 674 if (!entry->buflist) { 675 mutex_unlock(&dev->struct_mutex); 676 atomic_dec(&dev->buf_alloc); 677 return -ENOMEM; 678 } 679 680 entry->buf_size = size; 681 entry->page_order = page_order; 682 683 offset = 0; 684 685 while (entry->buf_count < count) { 686 buf = &entry->buflist[entry->buf_count]; 687 buf->idx = dma->buf_count + entry->buf_count; 688 buf->total = alignment; 689 buf->order = order; 690 buf->used = 0; 691 692 buf->offset = (dma->byte_count + offset); 693 buf->bus_address = agp_offset + offset; 694 buf->address = (void *)(agp_offset + offset); 695 buf->next = NULL; 696 buf->waiting = 0; 697 buf->pending = 0; 698 buf->file_priv = NULL; 699 700 buf->dev_priv_size = dev->driver->dev_priv_size; 701 buf->dev_private = kzalloc(buf->dev_priv_size, GFP_KERNEL); 702 if (!buf->dev_private) { 703 /* Set count correctly so we free the proper amount. */ 704 entry->buf_count = count; 705 drm_cleanup_buf_error(dev, entry); 706 mutex_unlock(&dev->struct_mutex); 707 atomic_dec(&dev->buf_alloc); 708 return -ENOMEM; 709 } 710 711 DRM_DEBUG("buffer %d @ %p\n", entry->buf_count, buf->address); 712 713 offset += alignment; 714 entry->buf_count++; 715 byte_count += PAGE_SIZE << page_order; 716 } 717 718 DRM_DEBUG("byte_count: %d\n", byte_count); 719 720 temp_buflist = krealloc(dma->buflist, 721 (dma->buf_count + entry->buf_count) * 722 sizeof(*dma->buflist), GFP_KERNEL); 723 if (!temp_buflist) { 724 /* Free the entry because it isn't valid */ 725 drm_cleanup_buf_error(dev, entry); 726 mutex_unlock(&dev->struct_mutex); 727 atomic_dec(&dev->buf_alloc); 728 return -ENOMEM; 729 } 730 dma->buflist = temp_buflist; 731 732 for (i = 0; i < entry->buf_count; i++) { 733 dma->buflist[i + dma->buf_count] = &entry->buflist[i]; 734 } 735 736 dma->buf_count += entry->buf_count; 737 dma->seg_count += entry->seg_count; 738 dma->page_count += byte_count >> PAGE_SHIFT; 739 dma->byte_count += byte_count; 740 741 DRM_DEBUG("dma->buf_count : %d\n", dma->buf_count); 742 DRM_DEBUG("entry->buf_count : %d\n", entry->buf_count); 743 744 mutex_unlock(&dev->struct_mutex); 745 746 request->count = entry->buf_count; 747 request->size = size; 748 749 dma->flags = _DRM_DMA_USE_AGP; 750 751 atomic_dec(&dev->buf_alloc); 752 return 0; 753 } 754 EXPORT_SYMBOL(drm_addbufs_agp); 755 #endif /* __OS_HAS_AGP */ 756 757 int drm_addbufs_pci(struct drm_device * dev, struct drm_buf_desc * request) 758 { 759 struct drm_device_dma *dma = dev->dma; 760 int count; 761 int order; 762 int size; 763 int total; 764 int page_order; 765 struct drm_buf_entry *entry; 766 drm_dma_handle_t *dmah; 767 struct drm_buf *buf; 768 int alignment; 769 unsigned long offset; 770 int i; 771 int byte_count; 772 int page_count; 773 unsigned long *temp_pagelist; 774 struct drm_buf **temp_buflist; 775 776 if (!drm_core_check_feature(dev, DRIVER_PCI_DMA)) 777 return -EINVAL; 778 779 if (!dma) 780 return -EINVAL; 781 782 if (!capable(CAP_SYS_ADMIN)) 783 return -EPERM; 784 785 count = request->count; 786 order = drm_order(request->size); 787 size = 1 << order; 788 789 DRM_DEBUG("count=%d, size=%d (%d), order=%d\n", 790 request->count, request->size, size, order); 791 792 if (order < DRM_MIN_ORDER || order > DRM_MAX_ORDER) 793 return -EINVAL; 794 795 alignment = (request->flags & _DRM_PAGE_ALIGN) 796 ? PAGE_ALIGN(size) : size; 797 page_order = order - PAGE_SHIFT > 0 ? order - PAGE_SHIFT : 0; 798 total = PAGE_SIZE << page_order; 799 800 spin_lock(&dev->count_lock); 801 if (dev->buf_use) { 802 spin_unlock(&dev->count_lock); 803 return -EBUSY; 804 } 805 atomic_inc(&dev->buf_alloc); 806 spin_unlock(&dev->count_lock); 807 808 mutex_lock(&dev->struct_mutex); 809 entry = &dma->bufs[order]; 810 if (entry->buf_count) { 811 mutex_unlock(&dev->struct_mutex); 812 atomic_dec(&dev->buf_alloc); 813 return -ENOMEM; /* May only call once for each order */ 814 } 815 816 if (count < 0 || count > 4096) { 817 mutex_unlock(&dev->struct_mutex); 818 atomic_dec(&dev->buf_alloc); 819 return -EINVAL; 820 } 821 822 entry->buflist = kzalloc(count * sizeof(*entry->buflist), GFP_KERNEL); 823 if (!entry->buflist) { 824 mutex_unlock(&dev->struct_mutex); 825 atomic_dec(&dev->buf_alloc); 826 return -ENOMEM; 827 } 828 829 entry->seglist = kzalloc(count * sizeof(*entry->seglist), GFP_KERNEL); 830 if (!entry->seglist) { 831 kfree(entry->buflist); 832 mutex_unlock(&dev->struct_mutex); 833 atomic_dec(&dev->buf_alloc); 834 return -ENOMEM; 835 } 836 837 /* Keep the original pagelist until we know all the allocations 838 * have succeeded 839 */ 840 temp_pagelist = kmalloc((dma->page_count + (count << page_order)) * 841 sizeof(*dma->pagelist), GFP_KERNEL); 842 if (!temp_pagelist) { 843 kfree(entry->buflist); 844 kfree(entry->seglist); 845 mutex_unlock(&dev->struct_mutex); 846 atomic_dec(&dev->buf_alloc); 847 return -ENOMEM; 848 } 849 memcpy(temp_pagelist, 850 dma->pagelist, dma->page_count * sizeof(*dma->pagelist)); 851 DRM_DEBUG("pagelist: %d entries\n", 852 dma->page_count + (count << page_order)); 853 854 entry->buf_size = size; 855 entry->page_order = page_order; 856 byte_count = 0; 857 page_count = 0; 858 859 while (entry->buf_count < count) { 860 861 dmah = drm_pci_alloc(dev, PAGE_SIZE << page_order, 0x1000); 862 863 if (!dmah) { 864 /* Set count correctly so we free the proper amount. */ 865 entry->buf_count = count; 866 entry->seg_count = count; 867 drm_cleanup_buf_error(dev, entry); 868 kfree(temp_pagelist); 869 mutex_unlock(&dev->struct_mutex); 870 atomic_dec(&dev->buf_alloc); 871 return -ENOMEM; 872 } 873 entry->seglist[entry->seg_count++] = dmah; 874 for (i = 0; i < (1 << page_order); i++) { 875 DRM_DEBUG("page %d @ 0x%08lx\n", 876 dma->page_count + page_count, 877 (unsigned long)dmah->vaddr + PAGE_SIZE * i); 878 temp_pagelist[dma->page_count + page_count++] 879 = (unsigned long)dmah->vaddr + PAGE_SIZE * i; 880 } 881 for (offset = 0; 882 offset + size <= total && entry->buf_count < count; 883 offset += alignment, ++entry->buf_count) { 884 buf = &entry->buflist[entry->buf_count]; 885 buf->idx = dma->buf_count + entry->buf_count; 886 buf->total = alignment; 887 buf->order = order; 888 buf->used = 0; 889 buf->offset = (dma->byte_count + byte_count + offset); 890 buf->address = (void *)(dmah->vaddr + offset); 891 buf->bus_address = dmah->busaddr + offset; 892 buf->next = NULL; 893 buf->waiting = 0; 894 buf->pending = 0; 895 buf->file_priv = NULL; 896 897 buf->dev_priv_size = dev->driver->dev_priv_size; 898 buf->dev_private = kzalloc(buf->dev_priv_size, 899 GFP_KERNEL); 900 if (!buf->dev_private) { 901 /* Set count correctly so we free the proper amount. */ 902 entry->buf_count = count; 903 entry->seg_count = count; 904 drm_cleanup_buf_error(dev, entry); 905 kfree(temp_pagelist); 906 mutex_unlock(&dev->struct_mutex); 907 atomic_dec(&dev->buf_alloc); 908 return -ENOMEM; 909 } 910 911 DRM_DEBUG("buffer %d @ %p\n", 912 entry->buf_count, buf->address); 913 } 914 byte_count += PAGE_SIZE << page_order; 915 } 916 917 temp_buflist = krealloc(dma->buflist, 918 (dma->buf_count + entry->buf_count) * 919 sizeof(*dma->buflist), GFP_KERNEL); 920 if (!temp_buflist) { 921 /* Free the entry because it isn't valid */ 922 drm_cleanup_buf_error(dev, entry); 923 kfree(temp_pagelist); 924 mutex_unlock(&dev->struct_mutex); 925 atomic_dec(&dev->buf_alloc); 926 return -ENOMEM; 927 } 928 dma->buflist = temp_buflist; 929 930 for (i = 0; i < entry->buf_count; i++) { 931 dma->buflist[i + dma->buf_count] = &entry->buflist[i]; 932 } 933 934 /* No allocations failed, so now we can replace the original pagelist 935 * with the new one. 936 */ 937 if (dma->page_count) { 938 kfree(dma->pagelist); 939 } 940 dma->pagelist = temp_pagelist; 941 942 dma->buf_count += entry->buf_count; 943 dma->seg_count += entry->seg_count; 944 dma->page_count += entry->seg_count << page_order; 945 dma->byte_count += PAGE_SIZE * (entry->seg_count << page_order); 946 947 mutex_unlock(&dev->struct_mutex); 948 949 request->count = entry->buf_count; 950 request->size = size; 951 952 if (request->flags & _DRM_PCI_BUFFER_RO) 953 dma->flags = _DRM_DMA_USE_PCI_RO; 954 955 atomic_dec(&dev->buf_alloc); 956 return 0; 957 958 } 959 EXPORT_SYMBOL(drm_addbufs_pci); 960 961 static int drm_addbufs_sg(struct drm_device * dev, struct drm_buf_desc * request) 962 { 963 struct drm_device_dma *dma = dev->dma; 964 struct drm_buf_entry *entry; 965 struct drm_buf *buf; 966 unsigned long offset; 967 unsigned long agp_offset; 968 int count; 969 int order; 970 int size; 971 int alignment; 972 int page_order; 973 int total; 974 int byte_count; 975 int i; 976 struct drm_buf **temp_buflist; 977 978 if (!drm_core_check_feature(dev, DRIVER_SG)) 979 return -EINVAL; 980 981 if (!dma) 982 return -EINVAL; 983 984 if (!capable(CAP_SYS_ADMIN)) 985 return -EPERM; 986 987 count = request->count; 988 order = drm_order(request->size); 989 size = 1 << order; 990 991 alignment = (request->flags & _DRM_PAGE_ALIGN) 992 ? PAGE_ALIGN(size) : size; 993 page_order = order - PAGE_SHIFT > 0 ? order - PAGE_SHIFT : 0; 994 total = PAGE_SIZE << page_order; 995 996 byte_count = 0; 997 agp_offset = request->agp_start; 998 999 DRM_DEBUG("count: %d\n", count); 1000 DRM_DEBUG("order: %d\n", order); 1001 DRM_DEBUG("size: %d\n", size); 1002 DRM_DEBUG("agp_offset: %lu\n", agp_offset); 1003 DRM_DEBUG("alignment: %d\n", alignment); 1004 DRM_DEBUG("page_order: %d\n", page_order); 1005 DRM_DEBUG("total: %d\n", total); 1006 1007 if (order < DRM_MIN_ORDER || order > DRM_MAX_ORDER) 1008 return -EINVAL; 1009 1010 spin_lock(&dev->count_lock); 1011 if (dev->buf_use) { 1012 spin_unlock(&dev->count_lock); 1013 return -EBUSY; 1014 } 1015 atomic_inc(&dev->buf_alloc); 1016 spin_unlock(&dev->count_lock); 1017 1018 mutex_lock(&dev->struct_mutex); 1019 entry = &dma->bufs[order]; 1020 if (entry->buf_count) { 1021 mutex_unlock(&dev->struct_mutex); 1022 atomic_dec(&dev->buf_alloc); 1023 return -ENOMEM; /* May only call once for each order */ 1024 } 1025 1026 if (count < 0 || count > 4096) { 1027 mutex_unlock(&dev->struct_mutex); 1028 atomic_dec(&dev->buf_alloc); 1029 return -EINVAL; 1030 } 1031 1032 entry->buflist = kzalloc(count * sizeof(*entry->buflist), 1033 GFP_KERNEL); 1034 if (!entry->buflist) { 1035 mutex_unlock(&dev->struct_mutex); 1036 atomic_dec(&dev->buf_alloc); 1037 return -ENOMEM; 1038 } 1039 1040 entry->buf_size = size; 1041 entry->page_order = page_order; 1042 1043 offset = 0; 1044 1045 while (entry->buf_count < count) { 1046 buf = &entry->buflist[entry->buf_count]; 1047 buf->idx = dma->buf_count + entry->buf_count; 1048 buf->total = alignment; 1049 buf->order = order; 1050 buf->used = 0; 1051 1052 buf->offset = (dma->byte_count + offset); 1053 buf->bus_address = agp_offset + offset; 1054 buf->address = (void *)(agp_offset + offset 1055 + (unsigned long)dev->sg->virtual); 1056 buf->next = NULL; 1057 buf->waiting = 0; 1058 buf->pending = 0; 1059 buf->file_priv = NULL; 1060 1061 buf->dev_priv_size = dev->driver->dev_priv_size; 1062 buf->dev_private = kzalloc(buf->dev_priv_size, GFP_KERNEL); 1063 if (!buf->dev_private) { 1064 /* Set count correctly so we free the proper amount. */ 1065 entry->buf_count = count; 1066 drm_cleanup_buf_error(dev, entry); 1067 mutex_unlock(&dev->struct_mutex); 1068 atomic_dec(&dev->buf_alloc); 1069 return -ENOMEM; 1070 } 1071 1072 DRM_DEBUG("buffer %d @ %p\n", entry->buf_count, buf->address); 1073 1074 offset += alignment; 1075 entry->buf_count++; 1076 byte_count += PAGE_SIZE << page_order; 1077 } 1078 1079 DRM_DEBUG("byte_count: %d\n", byte_count); 1080 1081 temp_buflist = krealloc(dma->buflist, 1082 (dma->buf_count + entry->buf_count) * 1083 sizeof(*dma->buflist), GFP_KERNEL); 1084 if (!temp_buflist) { 1085 /* Free the entry because it isn't valid */ 1086 drm_cleanup_buf_error(dev, entry); 1087 mutex_unlock(&dev->struct_mutex); 1088 atomic_dec(&dev->buf_alloc); 1089 return -ENOMEM; 1090 } 1091 dma->buflist = temp_buflist; 1092 1093 for (i = 0; i < entry->buf_count; i++) { 1094 dma->buflist[i + dma->buf_count] = &entry->buflist[i]; 1095 } 1096 1097 dma->buf_count += entry->buf_count; 1098 dma->seg_count += entry->seg_count; 1099 dma->page_count += byte_count >> PAGE_SHIFT; 1100 dma->byte_count += byte_count; 1101 1102 DRM_DEBUG("dma->buf_count : %d\n", dma->buf_count); 1103 DRM_DEBUG("entry->buf_count : %d\n", entry->buf_count); 1104 1105 mutex_unlock(&dev->struct_mutex); 1106 1107 request->count = entry->buf_count; 1108 request->size = size; 1109 1110 dma->flags = _DRM_DMA_USE_SG; 1111 1112 atomic_dec(&dev->buf_alloc); 1113 return 0; 1114 } 1115 1116 static int drm_addbufs_fb(struct drm_device * dev, struct drm_buf_desc * request) 1117 { 1118 struct drm_device_dma *dma = dev->dma; 1119 struct drm_buf_entry *entry; 1120 struct drm_buf *buf; 1121 unsigned long offset; 1122 unsigned long agp_offset; 1123 int count; 1124 int order; 1125 int size; 1126 int alignment; 1127 int page_order; 1128 int total; 1129 int byte_count; 1130 int i; 1131 struct drm_buf **temp_buflist; 1132 1133 if (!drm_core_check_feature(dev, DRIVER_FB_DMA)) 1134 return -EINVAL; 1135 1136 if (!dma) 1137 return -EINVAL; 1138 1139 if (!capable(CAP_SYS_ADMIN)) 1140 return -EPERM; 1141 1142 count = request->count; 1143 order = drm_order(request->size); 1144 size = 1 << order; 1145 1146 alignment = (request->flags & _DRM_PAGE_ALIGN) 1147 ? PAGE_ALIGN(size) : size; 1148 page_order = order - PAGE_SHIFT > 0 ? order - PAGE_SHIFT : 0; 1149 total = PAGE_SIZE << page_order; 1150 1151 byte_count = 0; 1152 agp_offset = request->agp_start; 1153 1154 DRM_DEBUG("count: %d\n", count); 1155 DRM_DEBUG("order: %d\n", order); 1156 DRM_DEBUG("size: %d\n", size); 1157 DRM_DEBUG("agp_offset: %lu\n", agp_offset); 1158 DRM_DEBUG("alignment: %d\n", alignment); 1159 DRM_DEBUG("page_order: %d\n", page_order); 1160 DRM_DEBUG("total: %d\n", total); 1161 1162 if (order < DRM_MIN_ORDER || order > DRM_MAX_ORDER) 1163 return -EINVAL; 1164 1165 spin_lock(&dev->count_lock); 1166 if (dev->buf_use) { 1167 spin_unlock(&dev->count_lock); 1168 return -EBUSY; 1169 } 1170 atomic_inc(&dev->buf_alloc); 1171 spin_unlock(&dev->count_lock); 1172 1173 mutex_lock(&dev->struct_mutex); 1174 entry = &dma->bufs[order]; 1175 if (entry->buf_count) { 1176 mutex_unlock(&dev->struct_mutex); 1177 atomic_dec(&dev->buf_alloc); 1178 return -ENOMEM; /* May only call once for each order */ 1179 } 1180 1181 if (count < 0 || count > 4096) { 1182 mutex_unlock(&dev->struct_mutex); 1183 atomic_dec(&dev->buf_alloc); 1184 return -EINVAL; 1185 } 1186 1187 entry->buflist = kzalloc(count * sizeof(*entry->buflist), 1188 GFP_KERNEL); 1189 if (!entry->buflist) { 1190 mutex_unlock(&dev->struct_mutex); 1191 atomic_dec(&dev->buf_alloc); 1192 return -ENOMEM; 1193 } 1194 1195 entry->buf_size = size; 1196 entry->page_order = page_order; 1197 1198 offset = 0; 1199 1200 while (entry->buf_count < count) { 1201 buf = &entry->buflist[entry->buf_count]; 1202 buf->idx = dma->buf_count + entry->buf_count; 1203 buf->total = alignment; 1204 buf->order = order; 1205 buf->used = 0; 1206 1207 buf->offset = (dma->byte_count + offset); 1208 buf->bus_address = agp_offset + offset; 1209 buf->address = (void *)(agp_offset + offset); 1210 buf->next = NULL; 1211 buf->waiting = 0; 1212 buf->pending = 0; 1213 buf->file_priv = NULL; 1214 1215 buf->dev_priv_size = dev->driver->dev_priv_size; 1216 buf->dev_private = kzalloc(buf->dev_priv_size, GFP_KERNEL); 1217 if (!buf->dev_private) { 1218 /* Set count correctly so we free the proper amount. */ 1219 entry->buf_count = count; 1220 drm_cleanup_buf_error(dev, entry); 1221 mutex_unlock(&dev->struct_mutex); 1222 atomic_dec(&dev->buf_alloc); 1223 return -ENOMEM; 1224 } 1225 1226 DRM_DEBUG("buffer %d @ %p\n", entry->buf_count, buf->address); 1227 1228 offset += alignment; 1229 entry->buf_count++; 1230 byte_count += PAGE_SIZE << page_order; 1231 } 1232 1233 DRM_DEBUG("byte_count: %d\n", byte_count); 1234 1235 temp_buflist = krealloc(dma->buflist, 1236 (dma->buf_count + entry->buf_count) * 1237 sizeof(*dma->buflist), GFP_KERNEL); 1238 if (!temp_buflist) { 1239 /* Free the entry because it isn't valid */ 1240 drm_cleanup_buf_error(dev, entry); 1241 mutex_unlock(&dev->struct_mutex); 1242 atomic_dec(&dev->buf_alloc); 1243 return -ENOMEM; 1244 } 1245 dma->buflist = temp_buflist; 1246 1247 for (i = 0; i < entry->buf_count; i++) { 1248 dma->buflist[i + dma->buf_count] = &entry->buflist[i]; 1249 } 1250 1251 dma->buf_count += entry->buf_count; 1252 dma->seg_count += entry->seg_count; 1253 dma->page_count += byte_count >> PAGE_SHIFT; 1254 dma->byte_count += byte_count; 1255 1256 DRM_DEBUG("dma->buf_count : %d\n", dma->buf_count); 1257 DRM_DEBUG("entry->buf_count : %d\n", entry->buf_count); 1258 1259 mutex_unlock(&dev->struct_mutex); 1260 1261 request->count = entry->buf_count; 1262 request->size = size; 1263 1264 dma->flags = _DRM_DMA_USE_FB; 1265 1266 atomic_dec(&dev->buf_alloc); 1267 return 0; 1268 } 1269 1270 1271 /** 1272 * Add buffers for DMA transfers (ioctl). 1273 * 1274 * \param inode device inode. 1275 * \param file_priv DRM file private. 1276 * \param cmd command. 1277 * \param arg pointer to a struct drm_buf_desc request. 1278 * \return zero on success or a negative number on failure. 1279 * 1280 * According with the memory type specified in drm_buf_desc::flags and the 1281 * build options, it dispatches the call either to addbufs_agp(), 1282 * addbufs_sg() or addbufs_pci() for AGP, scatter-gather or consistent 1283 * PCI memory respectively. 1284 */ 1285 int drm_addbufs(struct drm_device *dev, void *data, 1286 struct drm_file *file_priv) 1287 { 1288 struct drm_buf_desc *request = data; 1289 int ret; 1290 1291 if (!drm_core_check_feature(dev, DRIVER_HAVE_DMA)) 1292 return -EINVAL; 1293 1294 #if __OS_HAS_AGP 1295 if (request->flags & _DRM_AGP_BUFFER) 1296 ret = drm_addbufs_agp(dev, request); 1297 else 1298 #endif 1299 if (request->flags & _DRM_SG_BUFFER) 1300 ret = drm_addbufs_sg(dev, request); 1301 else if (request->flags & _DRM_FB_BUFFER) 1302 ret = drm_addbufs_fb(dev, request); 1303 else 1304 ret = drm_addbufs_pci(dev, request); 1305 1306 return ret; 1307 } 1308 1309 /** 1310 * Get information about the buffer mappings. 1311 * 1312 * This was originally mean for debugging purposes, or by a sophisticated 1313 * client library to determine how best to use the available buffers (e.g., 1314 * large buffers can be used for image transfer). 1315 * 1316 * \param inode device inode. 1317 * \param file_priv DRM file private. 1318 * \param cmd command. 1319 * \param arg pointer to a drm_buf_info structure. 1320 * \return zero on success or a negative number on failure. 1321 * 1322 * Increments drm_device::buf_use while holding the drm_device::count_lock 1323 * lock, preventing of allocating more buffers after this call. Information 1324 * about each requested buffer is then copied into user space. 1325 */ 1326 int drm_infobufs(struct drm_device *dev, void *data, 1327 struct drm_file *file_priv) 1328 { 1329 struct drm_device_dma *dma = dev->dma; 1330 struct drm_buf_info *request = data; 1331 int i; 1332 int count; 1333 1334 if (!drm_core_check_feature(dev, DRIVER_HAVE_DMA)) 1335 return -EINVAL; 1336 1337 if (!dma) 1338 return -EINVAL; 1339 1340 spin_lock(&dev->count_lock); 1341 if (atomic_read(&dev->buf_alloc)) { 1342 spin_unlock(&dev->count_lock); 1343 return -EBUSY; 1344 } 1345 ++dev->buf_use; /* Can't allocate more after this call */ 1346 spin_unlock(&dev->count_lock); 1347 1348 for (i = 0, count = 0; i < DRM_MAX_ORDER + 1; i++) { 1349 if (dma->bufs[i].buf_count) 1350 ++count; 1351 } 1352 1353 DRM_DEBUG("count = %d\n", count); 1354 1355 if (request->count >= count) { 1356 for (i = 0, count = 0; i < DRM_MAX_ORDER + 1; i++) { 1357 if (dma->bufs[i].buf_count) { 1358 struct drm_buf_desc __user *to = 1359 &request->list[count]; 1360 struct drm_buf_entry *from = &dma->bufs[i]; 1361 struct drm_freelist *list = &dma->bufs[i].freelist; 1362 if (copy_to_user(&to->count, 1363 &from->buf_count, 1364 sizeof(from->buf_count)) || 1365 copy_to_user(&to->size, 1366 &from->buf_size, 1367 sizeof(from->buf_size)) || 1368 copy_to_user(&to->low_mark, 1369 &list->low_mark, 1370 sizeof(list->low_mark)) || 1371 copy_to_user(&to->high_mark, 1372 &list->high_mark, 1373 sizeof(list->high_mark))) 1374 return -EFAULT; 1375 1376 DRM_DEBUG("%d %d %d %d %d\n", 1377 i, 1378 dma->bufs[i].buf_count, 1379 dma->bufs[i].buf_size, 1380 dma->bufs[i].freelist.low_mark, 1381 dma->bufs[i].freelist.high_mark); 1382 ++count; 1383 } 1384 } 1385 } 1386 request->count = count; 1387 1388 return 0; 1389 } 1390 1391 /** 1392 * Specifies a low and high water mark for buffer allocation 1393 * 1394 * \param inode device inode. 1395 * \param file_priv DRM file private. 1396 * \param cmd command. 1397 * \param arg a pointer to a drm_buf_desc structure. 1398 * \return zero on success or a negative number on failure. 1399 * 1400 * Verifies that the size order is bounded between the admissible orders and 1401 * updates the respective drm_device_dma::bufs entry low and high water mark. 1402 * 1403 * \note This ioctl is deprecated and mostly never used. 1404 */ 1405 int drm_markbufs(struct drm_device *dev, void *data, 1406 struct drm_file *file_priv) 1407 { 1408 struct drm_device_dma *dma = dev->dma; 1409 struct drm_buf_desc *request = data; 1410 int order; 1411 struct drm_buf_entry *entry; 1412 1413 if (!drm_core_check_feature(dev, DRIVER_HAVE_DMA)) 1414 return -EINVAL; 1415 1416 if (!dma) 1417 return -EINVAL; 1418 1419 DRM_DEBUG("%d, %d, %d\n", 1420 request->size, request->low_mark, request->high_mark); 1421 order = drm_order(request->size); 1422 if (order < DRM_MIN_ORDER || order > DRM_MAX_ORDER) 1423 return -EINVAL; 1424 entry = &dma->bufs[order]; 1425 1426 if (request->low_mark < 0 || request->low_mark > entry->buf_count) 1427 return -EINVAL; 1428 if (request->high_mark < 0 || request->high_mark > entry->buf_count) 1429 return -EINVAL; 1430 1431 entry->freelist.low_mark = request->low_mark; 1432 entry->freelist.high_mark = request->high_mark; 1433 1434 return 0; 1435 } 1436 1437 /** 1438 * Unreserve the buffers in list, previously reserved using drmDMA. 1439 * 1440 * \param inode device inode. 1441 * \param file_priv DRM file private. 1442 * \param cmd command. 1443 * \param arg pointer to a drm_buf_free structure. 1444 * \return zero on success or a negative number on failure. 1445 * 1446 * Calls free_buffer() for each used buffer. 1447 * This function is primarily used for debugging. 1448 */ 1449 int drm_freebufs(struct drm_device *dev, void *data, 1450 struct drm_file *file_priv) 1451 { 1452 struct drm_device_dma *dma = dev->dma; 1453 struct drm_buf_free *request = data; 1454 int i; 1455 int idx; 1456 struct drm_buf *buf; 1457 1458 if (!drm_core_check_feature(dev, DRIVER_HAVE_DMA)) 1459 return -EINVAL; 1460 1461 if (!dma) 1462 return -EINVAL; 1463 1464 DRM_DEBUG("%d\n", request->count); 1465 for (i = 0; i < request->count; i++) { 1466 if (copy_from_user(&idx, &request->list[i], sizeof(idx))) 1467 return -EFAULT; 1468 if (idx < 0 || idx >= dma->buf_count) { 1469 DRM_ERROR("Index %d (of %d max)\n", 1470 idx, dma->buf_count - 1); 1471 return -EINVAL; 1472 } 1473 buf = dma->buflist[idx]; 1474 if (buf->file_priv != file_priv) { 1475 DRM_ERROR("Process %d freeing buffer not owned\n", 1476 task_pid_nr(current)); 1477 return -EINVAL; 1478 } 1479 drm_free_buffer(dev, buf); 1480 } 1481 1482 return 0; 1483 } 1484 1485 /** 1486 * Maps all of the DMA buffers into client-virtual space (ioctl). 1487 * 1488 * \param inode device inode. 1489 * \param file_priv DRM file private. 1490 * \param cmd command. 1491 * \param arg pointer to a drm_buf_map structure. 1492 * \return zero on success or a negative number on failure. 1493 * 1494 * Maps the AGP, SG or PCI buffer region with vm_mmap(), and copies information 1495 * about each buffer into user space. For PCI buffers, it calls vm_mmap() with 1496 * offset equal to 0, which drm_mmap() interpretes as PCI buffers and calls 1497 * drm_mmap_dma(). 1498 */ 1499 int drm_mapbufs(struct drm_device *dev, void *data, 1500 struct drm_file *file_priv) 1501 { 1502 struct drm_device_dma *dma = dev->dma; 1503 int retcode = 0; 1504 const int zero = 0; 1505 unsigned long virtual; 1506 unsigned long address; 1507 struct drm_buf_map *request = data; 1508 int i; 1509 1510 if (!drm_core_check_feature(dev, DRIVER_HAVE_DMA)) 1511 return -EINVAL; 1512 1513 if (!dma) 1514 return -EINVAL; 1515 1516 spin_lock(&dev->count_lock); 1517 if (atomic_read(&dev->buf_alloc)) { 1518 spin_unlock(&dev->count_lock); 1519 return -EBUSY; 1520 } 1521 dev->buf_use++; /* Can't allocate more after this call */ 1522 spin_unlock(&dev->count_lock); 1523 1524 if (request->count >= dma->buf_count) { 1525 if ((drm_core_has_AGP(dev) && (dma->flags & _DRM_DMA_USE_AGP)) 1526 || (drm_core_check_feature(dev, DRIVER_SG) 1527 && (dma->flags & _DRM_DMA_USE_SG)) 1528 || (drm_core_check_feature(dev, DRIVER_FB_DMA) 1529 && (dma->flags & _DRM_DMA_USE_FB))) { 1530 struct drm_local_map *map = dev->agp_buffer_map; 1531 unsigned long token = dev->agp_buffer_token; 1532 1533 if (!map) { 1534 retcode = -EINVAL; 1535 goto done; 1536 } 1537 virtual = vm_mmap(file_priv->filp, 0, map->size, 1538 PROT_READ | PROT_WRITE, 1539 MAP_SHARED, 1540 token); 1541 } else { 1542 virtual = vm_mmap(file_priv->filp, 0, dma->byte_count, 1543 PROT_READ | PROT_WRITE, 1544 MAP_SHARED, 0); 1545 } 1546 if (virtual > -1024UL) { 1547 /* Real error */ 1548 retcode = (signed long)virtual; 1549 goto done; 1550 } 1551 request->virtual = (void __user *)virtual; 1552 1553 for (i = 0; i < dma->buf_count; i++) { 1554 if (copy_to_user(&request->list[i].idx, 1555 &dma->buflist[i]->idx, 1556 sizeof(request->list[0].idx))) { 1557 retcode = -EFAULT; 1558 goto done; 1559 } 1560 if (copy_to_user(&request->list[i].total, 1561 &dma->buflist[i]->total, 1562 sizeof(request->list[0].total))) { 1563 retcode = -EFAULT; 1564 goto done; 1565 } 1566 if (copy_to_user(&request->list[i].used, 1567 &zero, sizeof(zero))) { 1568 retcode = -EFAULT; 1569 goto done; 1570 } 1571 address = virtual + dma->buflist[i]->offset; /* *** */ 1572 if (copy_to_user(&request->list[i].address, 1573 &address, sizeof(address))) { 1574 retcode = -EFAULT; 1575 goto done; 1576 } 1577 } 1578 } 1579 done: 1580 request->count = dma->buf_count; 1581 DRM_DEBUG("%d buffers, retcode = %d\n", request->count, retcode); 1582 1583 return retcode; 1584 } 1585 1586 /** 1587 * Compute size order. Returns the exponent of the smaller power of two which 1588 * is greater or equal to given number. 1589 * 1590 * \param size size. 1591 * \return order. 1592 * 1593 * \todo Can be made faster. 1594 */ 1595 int drm_order(unsigned long size) 1596 { 1597 int order; 1598 unsigned long tmp; 1599 1600 for (order = 0, tmp = size >> 1; tmp; tmp >>= 1, order++) ; 1601 1602 if (size & (size - 1)) 1603 ++order; 1604 1605 return order; 1606 } 1607 EXPORT_SYMBOL(drm_order); 1608
Indexes created Thu Oct 23 22:10:10 GMT 2025