This is a note to let you know that I've just added the patch titled
udmabuf: udmabuf_create pin folio codestyle cleanup
to the 6.12-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
udmabuf-udmabuf_create-pin-folio-codestyle-cleanup.patch
and it can be found in the queue-6.12 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
commit 9bbd94e239ad8d4bee72eacef473282aa234e58a
Author: Huan Yang <link@xxxxxxxx>
Date: Wed Sep 18 10:52:27 2024 +0800
udmabuf: udmabuf_create pin folio codestyle cleanup
[ Upstream commit 164fd9efd46531fddfaa933d394569259896642b ]
This patch aim to simplify the memfd folio pin during the udmabuf
create. No functional changes.
This patch create a udmabuf_pin_folios function, in this, do the memfd
pin folio and then record each pinned folio, offset.
This patch simplify the pinned folio record, iter by each pinned folio,
and then record each offset in it.
Compare to iter by pgcnt, more readable.
Suggested-by: Vivek Kasireddy <vivek.kasireddy@xxxxxxxxx>
Signed-off-by: Huan Yang <link@xxxxxxxx>
Acked-by: Vivek Kasireddy <vivek.kasireddy@xxxxxxxxx>
Signed-off-by: Vivek Kasireddy <vivek.kasireddy@xxxxxxxxx>
Link: https://patchwork.freedesktop.org/patch/msgid/20240918025238.2957823-5-link@xxxxxxxx
Stable-dep-of: f49856f525ac ("udmabuf: fix memory leak on last export_udmabuf() error path")
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
diff --git a/drivers/dma-buf/udmabuf.c b/drivers/dma-buf/udmabuf.c
index a3638ccc15f5..970e08a95dc0 100644
--- a/drivers/dma-buf/udmabuf.c
+++ b/drivers/dma-buf/udmabuf.c
@@ -262,9 +262,6 @@ static int check_memfd_seals(struct file *memfd)
{
int seals;
- if (!memfd)
- return -EBADFD;
-
if (!shmem_file(memfd) && !is_file_hugepages(memfd))
return -EBADFD;
@@ -299,17 +296,68 @@ static int export_udmabuf(struct udmabuf *ubuf,
return dma_buf_fd(buf, flags);
}
+static long udmabuf_pin_folios(struct udmabuf *ubuf, struct file *memfd,
+ loff_t start, loff_t size)
+{
+ pgoff_t pgoff, pgcnt, upgcnt = ubuf->pagecount;
+ struct folio **folios = NULL;
+ u32 cur_folio, cur_pgcnt;
+ long nr_folios;
+ long ret = 0;
+ loff_t end;
+
+ pgcnt = size >> PAGE_SHIFT;
+ folios = kvmalloc_array(pgcnt, sizeof(*folios), GFP_KERNEL);
+ if (!folios)
+ return -ENOMEM;
+
+ end = start + (pgcnt << PAGE_SHIFT) - 1;
+ nr_folios = memfd_pin_folios(memfd, start, end, folios, pgcnt, &pgoff);
+ if (nr_folios <= 0) {
+ ret = nr_folios ? nr_folios : -EINVAL;
+ goto end;
+ }
+
+ cur_pgcnt = 0;
+ for (cur_folio = 0; cur_folio < nr_folios; ++cur_folio) {
+ pgoff_t subpgoff = pgoff;
+ size_t fsize = folio_size(folios[cur_folio]);
+
+ ret = add_to_unpin_list(&ubuf->unpin_list, folios[cur_folio]);
+ if (ret < 0)
+ goto end;
+
+ for (; subpgoff < fsize; subpgoff += PAGE_SIZE) {
+ ubuf->folios[upgcnt] = folios[cur_folio];
+ ubuf->offsets[upgcnt] = subpgoff;
+ ++upgcnt;
+
+ if (++cur_pgcnt >= pgcnt)
+ goto end;
+ }
+
+ /**
+ * In a given range, only the first subpage of the first folio
+ * has an offset, that is returned by memfd_pin_folios().
+ * The first subpages of other folios (in the range) have an
+ * offset of 0.
+ */
+ pgoff = 0;
+ }
+end:
+ ubuf->pagecount = upgcnt;
+ kvfree(folios);
+ return ret;
+}
+
static long udmabuf_create(struct miscdevice *device,
struct udmabuf_create_list *head,
struct udmabuf_create_item *list)
{
- pgoff_t pgoff, pgcnt, pglimit, pgbuf = 0;
- long nr_folios, ret = -EINVAL;
- struct file *memfd = NULL;
- struct folio **folios;
+ pgoff_t pgcnt = 0, pglimit;
struct udmabuf *ubuf;
- u32 i, j, k, flags;
- loff_t end;
+ long ret = -EINVAL;
+ u32 i, flags;
ubuf = kzalloc(sizeof(*ubuf), GFP_KERNEL);
if (!ubuf)
@@ -318,81 +366,50 @@ static long udmabuf_create(struct miscdevice *device,
INIT_LIST_HEAD(&ubuf->unpin_list);
pglimit = (size_limit_mb * 1024 * 1024) >> PAGE_SHIFT;
for (i = 0; i < head->count; i++) {
- if (!IS_ALIGNED(list[i].offset, PAGE_SIZE))
+ if (!PAGE_ALIGNED(list[i].offset))
goto err;
- if (!IS_ALIGNED(list[i].size, PAGE_SIZE))
+ if (!PAGE_ALIGNED(list[i].size))
goto err;
- ubuf->pagecount += list[i].size >> PAGE_SHIFT;
- if (ubuf->pagecount > pglimit)
+
+ pgcnt += list[i].size >> PAGE_SHIFT;
+ if (pgcnt > pglimit)
goto err;
}
- if (!ubuf->pagecount)
+ if (!pgcnt)
goto err;
- ubuf->folios = kvmalloc_array(ubuf->pagecount, sizeof(*ubuf->folios),
- GFP_KERNEL);
+ ubuf->folios = kvmalloc_array(pgcnt, sizeof(*ubuf->folios), GFP_KERNEL);
if (!ubuf->folios) {
ret = -ENOMEM;
goto err;
}
- ubuf->offsets = kvcalloc(ubuf->pagecount, sizeof(*ubuf->offsets),
- GFP_KERNEL);
+
+ ubuf->offsets = kvcalloc(pgcnt, sizeof(*ubuf->offsets), GFP_KERNEL);
if (!ubuf->offsets) {
ret = -ENOMEM;
goto err;
}
- pgbuf = 0;
for (i = 0; i < head->count; i++) {
- memfd = fget(list[i].memfd);
- ret = check_memfd_seals(memfd);
- if (ret < 0)
- goto err;
+ struct file *memfd = fget(list[i].memfd);
- pgcnt = list[i].size >> PAGE_SHIFT;
- folios = kvmalloc_array(pgcnt, sizeof(*folios), GFP_KERNEL);
- if (!folios) {
- ret = -ENOMEM;
+ if (!memfd) {
+ ret = -EBADFD;
goto err;
}
- end = list[i].offset + (pgcnt << PAGE_SHIFT) - 1;
- ret = memfd_pin_folios(memfd, list[i].offset, end,
- folios, pgcnt, &pgoff);
- if (ret <= 0) {
- kvfree(folios);
- if (!ret)
- ret = -EINVAL;
+ ret = check_memfd_seals(memfd);
+ if (ret < 0) {
+ fput(memfd);
goto err;
}
- nr_folios = ret;
- pgoff >>= PAGE_SHIFT;
- for (j = 0, k = 0; j < pgcnt; j++) {
- ubuf->folios[pgbuf] = folios[k];
- ubuf->offsets[pgbuf] = pgoff << PAGE_SHIFT;
-
- if (j == 0 || ubuf->folios[pgbuf-1] != folios[k]) {
- ret = add_to_unpin_list(&ubuf->unpin_list,
- folios[k]);
- if (ret < 0) {
- kfree(folios);
- goto err;
- }
- }
-
- pgbuf++;
- if (++pgoff == folio_nr_pages(folios[k])) {
- pgoff = 0;
- if (++k == nr_folios)
- break;
- }
- }
-
- kvfree(folios);
+ ret = udmabuf_pin_folios(ubuf, memfd, list[i].offset,
+ list[i].size);
fput(memfd);
- memfd = NULL;
+ if (ret)
+ goto err;
}
flags = head->flags & UDMABUF_FLAGS_CLOEXEC ? O_CLOEXEC : 0;
@@ -403,8 +420,6 @@ static long udmabuf_create(struct miscdevice *device,
return ret;
err:
- if (memfd)
- fput(memfd);
unpin_all_folios(&ubuf->unpin_list);
kvfree(ubuf->offsets);
kvfree(ubuf->folios);
