From bb438c8dc711d09525cbac678073ab08fa1fd3c4 Mon Sep 17 00:00:00 2001 From: Rob Clark Date: Fri, 27 Jan 2023 09:43:48 -0800 Subject: [PATCH] freedreno/drm/virtio: Flush before CREATE_BLOB The RESOURCE_CREATE_BLOB ioctl can carry a ccmd payload, similarly to EXECBUF. But we need to preserve the order of buffered execbuf cmds which haven't been flushed to the guest kernel yet, rather than let the CREATE_BLOB payload jump to the head of the queue. Otherwise, for ex, the host could see the guest requesting an iova that has not yet been (from it's perspective) released. Signed-off-by: Rob Clark Part-of: --- src/freedreno/drm/virtio/virtio_bo.c | 4 +++- src/freedreno/drm/virtio/virtio_device.c | 8 ++++++++ src/freedreno/drm/virtio/virtio_priv.h | 1 + 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/src/freedreno/drm/virtio/virtio_bo.c b/src/freedreno/drm/virtio/virtio_bo.c index 9c071a482ea..545dfa649af 100644 --- a/src/freedreno/drm/virtio/virtio_bo.c +++ b/src/freedreno/drm/virtio/virtio_bo.c @@ -415,8 +415,10 @@ virtio_bo_new(struct fd_device *dev, uint32_t size, uint32_t flags) } simple_mtx_lock(&virtio_dev->eb_lock); - if (args.cmd) + if (args.cmd) { + virtio_execbuf_flush_locked(dev); req.hdr.seqno = ++virtio_dev->next_seqno; + } ret = virtio_ioctl(dev->fd, VIRTGPU_RESOURCE_CREATE_BLOB, &args); simple_mtx_unlock(&virtio_dev->eb_lock); if (ret) diff --git a/src/freedreno/drm/virtio/virtio_device.c b/src/freedreno/drm/virtio/virtio_device.c index 8578328225b..f2daf0aa09f 100644 --- a/src/freedreno/drm/virtio/virtio_device.c +++ b/src/freedreno/drm/virtio/virtio_device.c @@ -329,6 +329,14 @@ virtio_execbuf_flush(struct fd_device *dev) return ret; } +int +virtio_execbuf_flush_locked(struct fd_device *dev) +{ + struct virtio_device *virtio_dev = to_virtio_device(dev); + simple_mtx_assert_locked(&virtio_dev->eb_lock); + return execbuf_flush_locked(dev, NULL); +} + int virtio_execbuf(struct fd_device *dev, struct msm_ccmd_req *req, bool sync) { diff --git a/src/freedreno/drm/virtio/virtio_priv.h b/src/freedreno/drm/virtio/virtio_priv.h index a1e021f25d7..fa0fefcac45 100644 --- a/src/freedreno/drm/virtio/virtio_priv.h +++ b/src/freedreno/drm/virtio/virtio_priv.h @@ -185,6 +185,7 @@ int virtio_execbuf_fenced(struct fd_device *dev, struct msm_ccmd_req *req, uint32_t *handles, uint32_t num_handles, int in_fence_fd, int *out_fence_fd, int ring_idx); int virtio_execbuf_flush(struct fd_device *dev); +int virtio_execbuf_flush_locked(struct fd_device *dev); int virtio_execbuf(struct fd_device *dev, struct msm_ccmd_req *req, bool sync); void virtio_host_sync(struct fd_device *dev, const struct msm_ccmd_req *req); int virtio_simple_ioctl(struct fd_device *dev, unsigned cmd, void *req);