Sun Jan 29 05:25:03 2017 UTC ()
Pull up following revision(s) (requested by maya in ticket #1350):
	sys/external/bsd/drm2/dist/drm/ttm/ttm_tt.c: revision 1.8
Guarantee no zero-size uao/kmem allocations via ttm.
It may be that all callers guarantee no zero-size ttm objects, but I
can't prove that in five minutes of browsing callers.  Rather than
add a KASSERT, lacking proof, we'll add a warning message so that if
it does happen then it happens noisily, but we'll also prevent the
bad consequences of passing zero into uao_create by rounding up to a
harmless nonzero allocation.
XXX pullup-7


(snj)
diff -r1.6 -r1.6.8.1 src/sys/external/bsd/drm2/dist/drm/ttm/ttm_tt.c
cvs diff -r1.6 -r1.6.8.1 src/sys/external/bsd/drm2/dist/drm/ttm/ttm_tt.c (expand / switch to unified diff)

--- src/sys/external/bsd/drm2/dist/drm/ttm/ttm_tt.c 2014/07/27 00:40:39 1.6
+++ src/sys/external/bsd/drm2/dist/drm/ttm/ttm_tt.c 2017/01/29 05:25:03 1.6.8.1
@@ -193,26 +193,29 @@ void ttm_tt_destroy(struct ttm_tt *ttm) @@ -193,26 +193,29 @@ void ttm_tt_destroy(struct ttm_tt *ttm)
193 193
194int ttm_tt_init(struct ttm_tt *ttm, struct ttm_bo_device *bdev, 194int ttm_tt_init(struct ttm_tt *ttm, struct ttm_bo_device *bdev,
195 unsigned long size, uint32_t page_flags, 195 unsigned long size, uint32_t page_flags,
196 struct page *dummy_read_page) 196 struct page *dummy_read_page)
197{ 197{
198 ttm->bdev = bdev; 198 ttm->bdev = bdev;
199 ttm->glob = bdev->glob; 199 ttm->glob = bdev->glob;
200 ttm->num_pages = (size + PAGE_SIZE - 1) >> PAGE_SHIFT; 200 ttm->num_pages = (size + PAGE_SIZE - 1) >> PAGE_SHIFT;
201 ttm->caching_state = tt_cached; 201 ttm->caching_state = tt_cached;
202 ttm->page_flags = page_flags; 202 ttm->page_flags = page_flags;
203 ttm->dummy_read_page = dummy_read_page; 203 ttm->dummy_read_page = dummy_read_page;
204 ttm->state = tt_unpopulated; 204 ttm->state = tt_unpopulated;
205#ifdef __NetBSD__ 205#ifdef __NetBSD__
 206 WARN(size == 0, "zero-size allocation in %s, please file a NetBSD PR",
 207 __func__); /* paranoia -- can't prove in five minutes */
 208 size = MAX(size, 1);
206 ttm->swap_storage = uao_create(roundup2(size, PAGE_SIZE), 0); 209 ttm->swap_storage = uao_create(roundup2(size, PAGE_SIZE), 0);
207 uao_set_pgfl(ttm->swap_storage, bus_dmamem_pgfl(bdev->dmat)); 210 uao_set_pgfl(ttm->swap_storage, bus_dmamem_pgfl(bdev->dmat));
208#else 211#else
209 ttm->swap_storage = NULL; 212 ttm->swap_storage = NULL;
210#endif 213#endif
211 TAILQ_INIT(&ttm->pglist); 214 TAILQ_INIT(&ttm->pglist);
212 215
213 ttm_tt_alloc_page_directory(ttm); 216 ttm_tt_alloc_page_directory(ttm);
214 if (!ttm->pages) { 217 if (!ttm->pages) {
215 ttm_tt_destroy(ttm); 218 ttm_tt_destroy(ttm);
216 pr_err("Failed allocating page table\n"); 219 pr_err("Failed allocating page table\n");
217 return -ENOMEM; 220 return -ENOMEM;
218 } 221 }
@@ -235,26 +238,29 @@ int ttm_dma_tt_init(struct ttm_dma_tt *t @@ -235,26 +238,29 @@ int ttm_dma_tt_init(struct ttm_dma_tt *t
235 unsigned long size, uint32_t page_flags, 238 unsigned long size, uint32_t page_flags,
236 struct page *dummy_read_page) 239 struct page *dummy_read_page)
237{ 240{
238 struct ttm_tt *ttm = &ttm_dma->ttm; 241 struct ttm_tt *ttm = &ttm_dma->ttm;
239 242
240 ttm->bdev = bdev; 243 ttm->bdev = bdev;
241 ttm->glob = bdev->glob; 244 ttm->glob = bdev->glob;
242 ttm->num_pages = (size + PAGE_SIZE - 1) >> PAGE_SHIFT; 245 ttm->num_pages = (size + PAGE_SIZE - 1) >> PAGE_SHIFT;
243 ttm->caching_state = tt_cached; 246 ttm->caching_state = tt_cached;
244 ttm->page_flags = page_flags; 247 ttm->page_flags = page_flags;
245 ttm->dummy_read_page = dummy_read_page; 248 ttm->dummy_read_page = dummy_read_page;
246 ttm->state = tt_unpopulated; 249 ttm->state = tt_unpopulated;
247#ifdef __NetBSD__ 250#ifdef __NetBSD__
 251 WARN(size == 0, "zero-size allocation in %s, please file a NetBSD PR",
 252 __func__); /* paranoia -- can't prove in five minutes */
 253 size = MAX(size, 1);
248 ttm->swap_storage = uao_create(roundup2(size, PAGE_SIZE), 0); 254 ttm->swap_storage = uao_create(roundup2(size, PAGE_SIZE), 0);
249 uao_set_pgfl(ttm->swap_storage, bus_dmamem_pgfl(bdev->dmat)); 255 uao_set_pgfl(ttm->swap_storage, bus_dmamem_pgfl(bdev->dmat));
250#else 256#else
251 ttm->swap_storage = NULL; 257 ttm->swap_storage = NULL;
252#endif 258#endif
253 TAILQ_INIT(&ttm->pglist); 259 TAILQ_INIT(&ttm->pglist);
254 260
255 INIT_LIST_HEAD(&ttm_dma->pages_list); 261 INIT_LIST_HEAD(&ttm_dma->pages_list);
256 ttm_dma_tt_alloc_page_directory(ttm_dma); 262 ttm_dma_tt_alloc_page_directory(ttm_dma);
257#ifdef __NetBSD__ 263#ifdef __NetBSD__
258 { 264 {
259 int error; 265 int error;
260 266