On Thu, 6 Feb 2025 20:13:24 -0400
Jason Gunthorpe <jgg@xxxxxxxxxx> wrote:
> Each file descriptor gets a chunk of per-FD driver specific context that
> allows the driver to attach a device specific struct to. The core code
> takes care of the memory lifetime for this structure.
>
> The ioctl dispatch and design is based on what was built for iommufd. The
> ioctls have a struct which has a combined in/out behavior with a typical
> 'zero pad' scheme for future extension and backwards compatibility.
>
> Like iommufd some shared logic does most of the ioctl marshalling and
> compatibility work and tables diatches to some function pointers for
> each unique iotcl.
>
> This approach has proven to work quite well in the iommufd and rdma
> subsystems.
>
> Allocate an ioctl number space for the subsystem.
>
> Reviewed-by: Jonathan Cameron <Jonathan.Cameron@xxxxxxxxxx>
> Signed-off-by: Jason Gunthorpe <jgg@xxxxxxxxxx>
Hi Jason,
Fresh read through given it's been a while.
A few really trivial things inline + one passing comment on a future
entertaining corner.
Jonathan
> M: Sebastian Reichel <sre@xxxxxxxxxx>
> diff --git a/drivers/fwctl/main.c b/drivers/fwctl/main.c
> index 34946bdc3bf3d7..d561deaf2b86d8 100644
> --- a/drivers/fwctl/main.c
> +++ b/drivers/fwctl/main.c
> static int fwctl_fops_release(struct inode *inode, struct file *filp)
> {
> - struct fwctl_device *fwctl = filp->private_data;
> + struct fwctl_uctx *uctx = filp->private_data;
> + struct fwctl_device *fwctl = uctx->fwctl;
>
> + scoped_guard(rwsem_read, &fwctl->registration_lock) {
> + /*
> + * fwctl_unregister() has already removed the driver and
> + * destroyed the uctx.
Comment is a little odd given it is I think referring to why
the code that follows wouldn't run. Perhaps just add a 'may'
fwctl_unregister() may have already removed the driver and destroyed
the uctx.
> + */
> + if (fwctl->ops) {
> + guard(mutex)(&fwctl->uctx_list_lock);
> + fwctl_destroy_uctx(uctx);
> + }
> + }
> +
> + kfree(uctx);
> fwctl_put(fwctl);
> return 0;
> }
>
> @@ -71,14 +183,17 @@ _alloc_device(struct device *parent, const struct fwctl_ops *ops, size_t size)
> if (!fwctl)
> return NULL;
>
> - fwctl->dev.class = &fwctl_class;
> - fwctl->dev.parent = parent;
> -
> devnum = ida_alloc_max(&fwctl_ida, FWCTL_MAX_DEVICES - 1, GFP_KERNEL);
> if (devnum < 0)
> return NULL;
> fwctl->dev.devt = fwctl_dev + devnum;
>
> + fwctl->dev.class = &fwctl_class;
> + fwctl->dev.parent = parent;
Shunt this move back to previous patch?
> + init_rwsem(&fwctl->registration_lock);
> + mutex_init(&fwctl->uctx_list_lock);
> + INIT_LIST_HEAD(&fwctl->uctx_list);
> +
> device_initialize(&fwctl->dev);
> return_ptr(fwctl);
> }
> diff --git a/include/linux/fwctl.h b/include/linux/fwctl.h
> index 68ac2d5ab87481..93b470efb9dbc3 100644
> --- a/include/linux/fwctl.h
> +++ b/include/linux/fwctl.h
> @@ -11,7 +11,30 @@
> struct fwctl_device;
> struct fwctl_uctx;
>
> +/**
> + * struct fwctl_ops - Driver provided operations
> + *
> + * fwctl_unregister() will wait until all excuting ops are completed before it
> + * returns. Drivers should be mindful to not let their ops run for too long as
> + * it will block device hot unplug and module unloading.
A passing comment on this. Seems likely that at somepoint we'll want an
abort op to enable cancelling if the particular driver supports it
(abort background command in CXL). Anyhow, problem for another day.
> + */
> struct fwctl_ops {
> + /**
> + * @uctx_size: The size of the fwctl_uctx struct to allocate. The first
> + * bytes of this memory will be a fwctl_uctx. The driver can use the
> + * remaining bytes as its private memory.
> + */
> + size_t uctx_size;
> + /**
> + * @open_uctx: Called when a file descriptor is opened before the uctx
> + * is ever used.
> + */
> + int (*open_uctx)(struct fwctl_uctx *uctx);
> + /**
> + * @close_uctx: Called when the uctx is destroyed, usually when the FD
> + * is closed.
> + */
> + void (*close_uctx)(struct fwctl_uctx *uctx);
> };
