[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHk-=wgh5S-7sCCqXBxGcXHZDhe4U8cuaXpVTjtXLej2si2f3g@mail.gmail.com>
Date: Tue, 7 May 2024 09:46:31 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Christian König <ckoenig.leichtzumerken@...il.com>,
Linus Torvalds <torvalds@...ux-foundation.org>, Christian Brauner <brauner@...nel.org>,
Al Viro <viro@...iv.linux.org.uk>, keescook@...omium.org, axboe@...nel.dk,
christian.koenig@....com, dri-devel@...ts.freedesktop.org,
io-uring@...r.kernel.org, jack@...e.cz, laura@...bott.name,
linaro-mm-sig@...ts.linaro.org, linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-media@...r.kernel.org,
minhquangbui99@...il.com, sumit.semwal@...aro.org,
syzbot+045b454ab35fd82a35fb@...kaller.appspotmail.com,
syzkaller-bugs@...glegroups.com
Subject: Re: [Linaro-mm-sig] Re: [PATCH] epoll: try to be a _bit_ better about
file lifetimes
On Tue, 7 May 2024 at 04:03, Daniel Vetter <daniel@...ll.ch> wrote:
>
> It's really annoying that on some distros/builds we don't have that, and
> for gpu driver stack reasons we _really_ need to know whether a fd is the
> same as another, due to some messy uniqueness requirements on buffer
> objects various drivers have.
It's sad that such a simple thing would require two other horrid
models (EPOLL or KCMP).
There'[s a reason that KCMP is a config option - *some* of that is
horrible code - but the "compare file descriptors for equality" is not
that reason.
Note that KCMP really is a broken mess. It's also a potential security
hole, even for the simple things, because of how it ends up comparing
kernel pointers (ie it doesn't just say "same file descriptor", it
gives an ordering of them, so you can use KCMP to sort things in
kernel space).
And yes, it orders them after obfuscating the pointer, but it's still
not something I would consider sane as a baseline interface. It was
designed for checkpoint-restore, it's the wrong thing to use for some
"are these file descriptors the same".
The same argument goes for using EPOLL for that. Disgusting hack.
Just what are the requirements for the GPU stack? Is one of the file
descriptors "trusted", IOW, you know what kind it is?
Because dammit, it's *so* easy to do. You could just add a core DRM
ioctl for it. Literally just
struct fd f1 = fdget(fd1);
struct fd f2 = fdget(fd2);
int same;
same = f1.file && f1.file == f2.file;
fdput(fd1);
fdput(fd2);
return same;
where the only question is if you also woudl want to deal with O_PATH
fd's, in which case the "fdget()" would be "fdget_raw()".
Honestly, adding some DRM ioctl for this sounds hacky, but it sounds
less hacky than relying on EPOLL or KCMP.
I'd be perfectly ok with adding a generic "FISAME" VFS level ioctl
too, if this is possibly a more common thing. and not just DRM wants
it.
Would something like that work for you?
Linus
Powered by blists - more mailing lists