1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * Copyright © 2017 Keith Packard <keithp@keithp.com>
5 #include <linux/file.h>
6 #include <linux/uaccess.h>
8 #include <drm/drm_auth.h>
9 #include <drm/drm_crtc_helper.h>
10 #include <drm/drm_drv.h>
11 #include <drm/drm_file.h>
12 #include <drm/drm_lease.h>
13 #include <drm/drm_print.h>
15 #include "drm_crtc_internal.h"
16 #include "drm_internal.h"
17 #include "drm_legacy.h"
19 #define drm_for_each_lessee(lessee, lessor) \
20 list_for_each_entry((lessee), &(lessor)->lessees, lessee_list)
22 static uint64_t drm_lease_idr_object;
25 * drm_lease_owner - return ancestor owner drm_master
26 * @master: drm_master somewhere within tree of lessees and lessors
30 * drm_master at the top of the tree (i.e, with lessor NULL
32 struct drm_master *drm_lease_owner(struct drm_master *master)
34 while (master->lessor != NULL)
35 master = master->lessor;
40 * _drm_find_lessee - find lessee by id (idr_mutex held)
41 * @master: drm_master of lessor
46 * drm_master of the lessee if valid, NULL otherwise
49 static struct drm_master*
50 _drm_find_lessee(struct drm_master *master, int lessee_id)
52 lockdep_assert_held(&master->dev->mode_config.idr_mutex);
53 return idr_find(&drm_lease_owner(master)->lessee_idr, lessee_id);
57 * _drm_lease_held_master - check to see if an object is leased (or owned) by master (idr_mutex held)
58 * @master: the master to check the lease status of
59 * @id: the id to check
61 * Checks if the specified master holds a lease on the object. Return
64 * true 'master' holds a lease on (or owns) the object
65 * false 'master' does not hold a lease.
67 static int _drm_lease_held_master(struct drm_master *master, int id)
69 lockdep_assert_held(&master->dev->mode_config.idr_mutex);
71 return idr_find(&master->leases, id) != NULL;
76 * _drm_has_leased - check to see if an object has been leased (idr_mutex held)
77 * @master: the master to check the lease status of
78 * @id: the id to check
80 * Checks if any lessee of 'master' holds a lease on 'id'. Return
83 * true Some lessee holds a lease on the object.
84 * false No lessee has a lease on the object.
86 static bool _drm_has_leased(struct drm_master *master, int id)
88 struct drm_master *lessee;
90 lockdep_assert_held(&master->dev->mode_config.idr_mutex);
91 drm_for_each_lessee(lessee, master)
92 if (_drm_lease_held_master(lessee, id))
98 * _drm_lease_held - check drm_mode_object lease status (idr_mutex held)
99 * @file_priv: the master drm_file
102 * Checks if the specified master holds a lease on the object. Return
105 * true 'master' holds a lease on (or owns) the object
106 * false 'master' does not hold a lease.
108 bool _drm_lease_held(struct drm_file *file_priv, int id)
111 struct drm_master *master;
116 master = drm_file_get_master(file_priv);
119 ret = _drm_lease_held_master(master, id);
120 drm_master_put(&master);
126 * drm_lease_held - check drm_mode_object lease status (idr_mutex not held)
127 * @file_priv: the master drm_file
130 * Checks if the specified master holds a lease on the object. Return
133 * true 'master' holds a lease on (or owns) the object
134 * false 'master' does not hold a lease.
136 bool drm_lease_held(struct drm_file *file_priv, int id)
138 struct drm_master *master;
144 master = drm_file_get_master(file_priv);
147 if (!master->lessor) {
151 mutex_lock(&master->dev->mode_config.idr_mutex);
152 ret = _drm_lease_held_master(master, id);
153 mutex_unlock(&master->dev->mode_config.idr_mutex);
156 drm_master_put(&master);
161 * drm_lease_filter_crtcs - restricted crtc set to leased values (idr_mutex not held)
162 * @file_priv: requestor file
163 * @crtcs_in: bitmask of crtcs to check
165 * Reconstructs a crtc mask based on the crtcs which are visible
166 * through the specified file.
168 uint32_t drm_lease_filter_crtcs(struct drm_file *file_priv, uint32_t crtcs_in)
170 struct drm_master *master;
171 struct drm_device *dev;
172 struct drm_crtc *crtc;
173 int count_in, count_out;
174 uint32_t crtcs_out = 0;
179 master = drm_file_get_master(file_priv);
182 if (!master->lessor) {
183 crtcs_out = crtcs_in;
188 count_in = count_out = 0;
189 mutex_lock(&master->dev->mode_config.idr_mutex);
190 list_for_each_entry(crtc, &dev->mode_config.crtc_list, head) {
191 if (_drm_lease_held_master(master, crtc->base.id)) {
192 uint32_t mask_in = 1ul << count_in;
194 if ((crtcs_in & mask_in) != 0) {
195 uint32_t mask_out = 1ul << count_out;
197 crtcs_out |= mask_out;
203 mutex_unlock(&master->dev->mode_config.idr_mutex);
206 drm_master_put(&master);
211 * drm_lease_create - create a new drm_master with leased objects (idr_mutex not held)
212 * @lessor: lease holder (or owner) of objects
213 * @leases: objects to lease to the new drm_master
215 * Uses drm_master_create to allocate a new drm_master, then checks to
216 * make sure all of the desired objects can be leased, atomically
217 * leasing them to the new drmmaster.
219 * ERR_PTR(-EACCES) some other master holds the title to any object
220 * ERR_PTR(-ENOENT) some object is not a valid DRM object for this device
221 * ERR_PTR(-EBUSY) some other lessee holds title to this object
222 * ERR_PTR(-EEXIST) same object specified more than once in the provided list
223 * ERR_PTR(-ENOMEM) allocation failed
225 static struct drm_master *drm_lease_create(struct drm_master *lessor, struct idr *leases)
227 struct drm_device *dev = lessor->dev;
229 struct drm_master *lessee;
234 DRM_DEBUG_LEASE("lessor %d\n", lessor->lessee_id);
236 lessee = drm_master_create(lessor->dev);
238 DRM_DEBUG_LEASE("drm_master_create failed\n");
239 return ERR_PTR(-ENOMEM);
242 mutex_lock(&dev->mode_config.idr_mutex);
244 idr_for_each_entry(leases, entry, object) {
246 if (!idr_find(&dev->mode_config.object_idr, object))
248 else if (_drm_has_leased(lessor, object))
252 DRM_DEBUG_LEASE("object %d failed %d\n", object, error);
257 /* Insert the new lessee into the tree */
258 id = idr_alloc(&(drm_lease_owner(lessor)->lessee_idr), lessee, 1, 0, GFP_KERNEL);
264 lessee->lessee_id = id;
265 lessee->lessor = drm_master_get(lessor);
266 list_add_tail(&lessee->lessee_list, &lessor->lessees);
268 /* Move the leases over */
269 lessee->leases = *leases;
270 DRM_DEBUG_LEASE("new lessee %d %p, lessor %d %p\n", lessee->lessee_id, lessee, lessor->lessee_id, lessor);
272 mutex_unlock(&dev->mode_config.idr_mutex);
276 mutex_unlock(&dev->mode_config.idr_mutex);
278 drm_master_put(&lessee);
280 return ERR_PTR(error);
284 * drm_lease_destroy - a master is going away (idr_mutex not held)
285 * @master: the drm_master being destroyed
287 * All lessees will have been destroyed as they
288 * hold a reference on their lessor. Notify any
289 * lessor for this master so that it can check
290 * the list of lessees.
292 void drm_lease_destroy(struct drm_master *master)
294 struct drm_device *dev = master->dev;
296 mutex_lock(&dev->mode_config.idr_mutex);
298 DRM_DEBUG_LEASE("drm_lease_destroy %d\n", master->lessee_id);
300 /* This master is referenced by all lessees, hence it cannot be destroyed
301 * until all of them have been
303 WARN_ON(!list_empty(&master->lessees));
305 /* Remove this master from the lessee idr in the owner */
306 if (master->lessee_id != 0) {
307 DRM_DEBUG_LEASE("remove master %d from device list of lessees\n", master->lessee_id);
308 idr_remove(&(drm_lease_owner(master)->lessee_idr), master->lessee_id);
311 /* Remove this master from any lessee list it may be on */
312 list_del(&master->lessee_list);
314 mutex_unlock(&dev->mode_config.idr_mutex);
316 if (master->lessor) {
317 /* Tell the master to check the lessee list */
318 drm_sysfs_lease_event(dev);
319 drm_master_put(&master->lessor);
322 DRM_DEBUG_LEASE("drm_lease_destroy done %d\n", master->lessee_id);
326 * _drm_lease_revoke - revoke access to all leased objects (idr_mutex held)
327 * @top: the master losing its lease
329 static void _drm_lease_revoke(struct drm_master *top)
333 struct drm_master *master = top;
335 lockdep_assert_held(&top->dev->mode_config.idr_mutex);
338 * Walk the tree starting at 'top' emptying all leases. Because
339 * the tree is fully connected, we can do this without recursing
342 DRM_DEBUG_LEASE("revoke leases for %p %d\n", master, master->lessee_id);
344 /* Evacuate the lease */
345 idr_for_each_entry(&master->leases, entry, object)
346 idr_remove(&master->leases, object);
348 /* Depth-first list walk */
351 if (!list_empty(&master->lessees)) {
352 master = list_first_entry(&master->lessees, struct drm_master, lessee_list);
355 while (master != top && master == list_last_entry(&master->lessor->lessees, struct drm_master, lessee_list))
356 master = master->lessor;
362 master = list_next_entry(master, lessee_list);
368 * drm_lease_revoke - revoke access to all leased objects (idr_mutex not held)
369 * @top: the master losing its lease
371 void drm_lease_revoke(struct drm_master *top)
373 mutex_lock(&top->dev->mode_config.idr_mutex);
374 _drm_lease_revoke(top);
375 mutex_unlock(&top->dev->mode_config.idr_mutex);
378 static int validate_lease(struct drm_device *dev,
380 struct drm_mode_object **objects,
381 bool universal_planes)
385 int has_connector = -1;
388 /* we want to confirm that there is at least one crtc, plane
391 for (o = 0; o < object_count; o++) {
392 if (objects[o]->type == DRM_MODE_OBJECT_CRTC && has_crtc == -1) {
395 if (objects[o]->type == DRM_MODE_OBJECT_CONNECTOR && has_connector == -1)
398 if (universal_planes) {
399 if (objects[o]->type == DRM_MODE_OBJECT_PLANE && has_plane == -1)
403 if (has_crtc == -1 || has_connector == -1)
405 if (universal_planes && has_plane == -1)
410 static int fill_object_idr(struct drm_device *dev,
411 struct drm_file *lessor_priv,
416 struct drm_mode_object **objects;
419 bool universal_planes = READ_ONCE(lessor_priv->universal_planes);
421 objects = kcalloc(object_count, sizeof(struct drm_mode_object *),
426 /* step one - get references to all the mode objects
427 and check for validity. */
428 for (o = 0; o < object_count; o++) {
429 objects[o] = drm_mode_object_find(dev, lessor_priv,
431 DRM_MODE_OBJECT_ANY);
434 goto out_free_objects;
437 if (!drm_mode_object_lease_required(objects[o]->type)) {
438 DRM_DEBUG_KMS("invalid object for lease\n");
440 goto out_free_objects;
444 ret = validate_lease(dev, object_count, objects, universal_planes);
446 DRM_DEBUG_LEASE("lease validation failed\n");
447 goto out_free_objects;
450 /* add their IDs to the lease request - taking into account
452 for (o = 0; o < object_count; o++) {
453 struct drm_mode_object *obj = objects[o];
454 u32 object_id = objects[o]->id;
456 DRM_DEBUG_LEASE("Adding object %d to lease\n", object_id);
459 * We're using an IDR to hold the set of leased
460 * objects, but we don't need to point at the object's
461 * data structure from the lease as the main object_idr
462 * will be used to actually find that. Instead, all we
463 * really want is a 'leased/not-leased' result, for
464 * which any non-NULL pointer will work fine.
466 ret = idr_alloc(leases, &drm_lease_idr_object , object_id, object_id + 1, GFP_KERNEL);
468 DRM_DEBUG_LEASE("Object %d cannot be inserted into leases (%d)\n",
470 goto out_free_objects;
472 if (obj->type == DRM_MODE_OBJECT_CRTC && !universal_planes) {
473 struct drm_crtc *crtc = obj_to_crtc(obj);
475 ret = idr_alloc(leases, &drm_lease_idr_object, crtc->primary->base.id, crtc->primary->base.id + 1, GFP_KERNEL);
477 DRM_DEBUG_LEASE("Object primary plane %d cannot be inserted into leases (%d)\n",
479 goto out_free_objects;
482 ret = idr_alloc(leases, &drm_lease_idr_object, crtc->cursor->base.id, crtc->cursor->base.id + 1, GFP_KERNEL);
484 DRM_DEBUG_LEASE("Object cursor plane %d cannot be inserted into leases (%d)\n",
486 goto out_free_objects;
494 for (o = 0; o < object_count; o++) {
496 drm_mode_object_put(objects[o]);
503 * drm_mode_create_lease_ioctl - create a new lease
504 * @dev: the drm device
505 * @data: pointer to struct drm_mode_create_lease
506 * @lessor_priv: the file being manipulated
508 * The master associated with the specified file will have a lease
509 * created containing the objects specified in the ioctl structure.
510 * A file descriptor will be allocated for that and returned to the
513 int drm_mode_create_lease_ioctl(struct drm_device *dev,
514 void *data, struct drm_file *lessor_priv)
516 struct drm_mode_create_lease *cl = data;
520 struct drm_master *lessor;
521 struct drm_master *lessee = NULL;
522 struct file *lessee_file = NULL;
523 struct file *lessor_file = lessor_priv->filp;
524 struct drm_file *lessee_priv;
526 uint32_t *object_ids;
528 /* Can't lease without MODESET */
529 if (!drm_core_check_feature(dev, DRIVER_MODESET))
532 /* need some objects */
533 if (cl->object_count == 0) {
534 DRM_DEBUG_LEASE("no objects in lease\n");
538 if (cl->flags && (cl->flags & ~(O_CLOEXEC | O_NONBLOCK))) {
539 DRM_DEBUG_LEASE("invalid flags\n");
543 lessor = drm_file_get_master(lessor_priv);
544 /* Do not allow sub-leases */
545 if (lessor->lessor) {
546 DRM_DEBUG_LEASE("recursive leasing not allowed\n");
551 object_count = cl->object_count;
553 object_ids = memdup_user(u64_to_user_ptr(cl->object_ids),
554 array_size(object_count, sizeof(__u32)));
555 if (IS_ERR(object_ids)) {
556 ret = PTR_ERR(object_ids);
562 /* fill and validate the object idr */
563 ret = fill_object_idr(dev, lessor_priv, &leases,
564 object_count, object_ids);
567 DRM_DEBUG_LEASE("lease object lookup failed: %i\n", ret);
568 idr_destroy(&leases);
572 /* Allocate a file descriptor for the lease */
573 fd = get_unused_fd_flags(cl->flags & (O_CLOEXEC | O_NONBLOCK));
575 idr_destroy(&leases);
580 DRM_DEBUG_LEASE("Creating lease\n");
581 /* lessee will take the ownership of leases */
582 lessee = drm_lease_create(lessor, &leases);
584 if (IS_ERR(lessee)) {
585 ret = PTR_ERR(lessee);
586 idr_destroy(&leases);
590 /* Clone the lessor file to create a new file for us */
591 DRM_DEBUG_LEASE("Allocating lease file\n");
592 lessee_file = file_clone_open(lessor_file);
593 if (IS_ERR(lessee_file)) {
594 ret = PTR_ERR(lessee_file);
598 lessee_priv = lessee_file->private_data;
599 /* Change the file to a master one */
600 drm_master_put(&lessee_priv->master);
601 lessee_priv->master = lessee;
602 lessee_priv->is_master = 1;
603 lessee_priv->authenticated = 1;
605 /* Pass fd back to userspace */
606 DRM_DEBUG_LEASE("Returning fd %d id %d\n", fd, lessee->lessee_id);
608 cl->lessee_id = lessee->lessee_id;
611 fd_install(fd, lessee_file);
613 drm_master_put(&lessor);
614 DRM_DEBUG_LEASE("drm_mode_create_lease_ioctl succeeded\n");
618 drm_master_put(&lessee);
624 drm_master_put(&lessor);
625 DRM_DEBUG_LEASE("drm_mode_create_lease_ioctl failed: %d\n", ret);
630 * drm_mode_list_lessees_ioctl - list lessee ids
631 * @dev: the drm device
632 * @data: pointer to struct drm_mode_list_lessees
633 * @lessor_priv: the file being manipulated
635 * Starting from the master associated with the specified file,
636 * the master with the provided lessee_id is found, and then
637 * an array of lessee ids associated with leases from that master
641 int drm_mode_list_lessees_ioctl(struct drm_device *dev,
642 void *data, struct drm_file *lessor_priv)
644 struct drm_mode_list_lessees *arg = data;
645 __u32 __user *lessee_ids = (__u32 __user *) (uintptr_t) (arg->lessees_ptr);
646 __u32 count_lessees = arg->count_lessees;
647 struct drm_master *lessor, *lessee;
654 /* Can't lease without MODESET */
655 if (!drm_core_check_feature(dev, DRIVER_MODESET))
658 lessor = drm_file_get_master(lessor_priv);
659 DRM_DEBUG_LEASE("List lessees for %d\n", lessor->lessee_id);
661 mutex_lock(&dev->mode_config.idr_mutex);
664 drm_for_each_lessee(lessee, lessor) {
665 /* Only list un-revoked leases */
666 if (!idr_is_empty(&lessee->leases)) {
667 if (count_lessees > count) {
668 DRM_DEBUG_LEASE("Add lessee %d\n", lessee->lessee_id);
669 ret = put_user(lessee->lessee_id, lessee_ids + count);
677 DRM_DEBUG_LEASE("Lessor leases to %d\n", count);
679 arg->count_lessees = count;
681 mutex_unlock(&dev->mode_config.idr_mutex);
682 drm_master_put(&lessor);
688 * drm_mode_get_lease_ioctl - list leased objects
689 * @dev: the drm device
690 * @data: pointer to struct drm_mode_get_lease
691 * @lessee_priv: the file being manipulated
693 * Return the list of leased objects for the specified lessee
696 int drm_mode_get_lease_ioctl(struct drm_device *dev,
697 void *data, struct drm_file *lessee_priv)
699 struct drm_mode_get_lease *arg = data;
700 __u32 __user *object_ids = (__u32 __user *) (uintptr_t) (arg->objects_ptr);
701 __u32 count_objects = arg->count_objects;
702 struct drm_master *lessee;
703 struct idr *object_idr;
712 /* Can't lease without MODESET */
713 if (!drm_core_check_feature(dev, DRIVER_MODESET))
716 lessee = drm_file_get_master(lessee_priv);
717 DRM_DEBUG_LEASE("get lease for %d\n", lessee->lessee_id);
719 mutex_lock(&dev->mode_config.idr_mutex);
721 if (lessee->lessor == NULL)
722 /* owner can use all objects */
723 object_idr = &lessee->dev->mode_config.object_idr;
725 /* lessee can only use allowed object */
726 object_idr = &lessee->leases;
729 idr_for_each_entry(object_idr, entry, object) {
730 if (count_objects > count) {
731 DRM_DEBUG_LEASE("adding object %d\n", object);
732 ret = put_user(object, object_ids + count);
739 DRM_DEBUG("lease holds %d objects\n", count);
741 arg->count_objects = count;
743 mutex_unlock(&dev->mode_config.idr_mutex);
744 drm_master_put(&lessee);
750 * drm_mode_revoke_lease_ioctl - revoke lease
751 * @dev: the drm device
752 * @data: pointer to struct drm_mode_revoke_lease
753 * @lessor_priv: the file being manipulated
755 * This removes all of the objects from the lease without
756 * actually getting rid of the lease itself; that way all
757 * references to it still work correctly
759 int drm_mode_revoke_lease_ioctl(struct drm_device *dev,
760 void *data, struct drm_file *lessor_priv)
762 struct drm_mode_revoke_lease *arg = data;
763 struct drm_master *lessor;
764 struct drm_master *lessee;
767 DRM_DEBUG_LEASE("revoke lease for %d\n", arg->lessee_id);
769 /* Can't lease without MODESET */
770 if (!drm_core_check_feature(dev, DRIVER_MODESET))
773 lessor = drm_file_get_master(lessor_priv);
774 mutex_lock(&dev->mode_config.idr_mutex);
776 lessee = _drm_find_lessee(lessor, arg->lessee_id);
784 /* Lease is not held by lessor */
785 if (lessee->lessor != lessor) {
790 _drm_lease_revoke(lessee);
793 mutex_unlock(&dev->mode_config.idr_mutex);
794 drm_master_put(&lessor);