drm/rockchip: Don't grab dev->struct_mutex for in mmap offset ioctl
authorDaniel Vetter <daniel.vetter@ffwll.ch>
Thu, 9 Jul 2015 21:32:42 +0000 (23:32 +0200)
committerDaniel Vetter <daniel.vetter@ffwll.ch>
Tue, 11 Aug 2015 10:04:06 +0000 (12:04 +0200)
Since David Herrmann's mmap vma manager rework we don't need to grab
dev->struct_mutex any more to prevent races when looking up the mmap
offset. Drop it and instead don't forget to use the unref_unlocked
variant (since the drm core still cares).

Aside: I stumbled over the mmap handler which directly does a
dma_mmap_attrs. But totally fails to grab a reference on the
underlying object and hence looks like it happily just leaks the ptes
since there's no guarantee the mmap isn't still around when
gem_free_object is called. Which the kerneldoc of dma_mmap_attrs
explicitly forbids.

v2: Fixup compile fail 0-day spotted.

Cc: Mark Yao <mark.yao@rock-chips.com>
Reviewed-by: Thierry Reding <treding@nvidia.com>
Signed-off-by: Daniel Vetter <daniel.vetter@intel.com>
drivers/gpu/drm/rockchip/rockchip_drm_gem.c

index eba5f8a52fbd9ff2bf7941687f54e11320cb10b3..a6d9104f7f157f55426843690dee62c00e97cb4b 100644 (file)
@@ -200,13 +200,10 @@ int rockchip_gem_dumb_map_offset(struct drm_file *file_priv,
        struct drm_gem_object *obj;
        int ret;
 
-       mutex_lock(&dev->struct_mutex);
-
        obj = drm_gem_object_lookup(dev, file_priv, handle);
        if (!obj) {
                DRM_ERROR("failed to lookup gem object.\n");
-               ret = -EINVAL;
-               goto unlock;
+               return -EINVAL;
        }
 
        ret = drm_gem_create_mmap_offset(obj);
@@ -217,10 +214,9 @@ int rockchip_gem_dumb_map_offset(struct drm_file *file_priv,
        DRM_DEBUG_KMS("offset = 0x%llx\n", *offset);
 
 out:
-       drm_gem_object_unreference(obj);
-unlock:
-       mutex_unlock(&dev->struct_mutex);
-       return ret;
+       drm_gem_object_unreference_unlocked(obj);
+
+       return 0;
 }
 
 /*