Commit Graph

97 Commits

Author SHA1 Message Date
Thomas Hellstrom
5151adb37a drm/vmwgfx: Fix a couple of lock dependency violations
Experimental lockdep annotation added to the TTM lock has unveiled a
couple of lock dependency violations in the vmwgfx driver. In both
cases it turns out that the device_private::reservation_sem is not
needed so the offending code is moved out of that lock.

Cc: <stable@vger.kernel.org>
Acked-by: Sinclair Yeh <syeh@vmware.com>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
2015-03-11 11:47:40 -07:00
Thomas Hellstrom
496eb6fd2c drm/vmwgfx: Replace the hw mutex with a hw spinlock
Fixes a case where we call vmw_fifo_idle() from within a wait function with
task state !TASK_RUNNING, which is illegal.

In addition, make the locking fine-grained, so that it is performed once
for every read- and write operation. This is of course more costly, but we
don't perform much register access in the timing critical paths anyway. Instead
we have the extra benefit of being sure that we don't forget the hw lock around
register accesses. I think currently the kms code was quite buggy w r t this.

This fixes Red Hat Bugzilla Bug 1180796

Cc: stable@vger.kernel.org
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2015-01-19 03:02:13 -08:00
Daniel Vetter
4d02e2de0e drm: Per-plane locking
Turned out to be much simpler on top of my latest atomic stuff than
what I've feared. Some details:

- Drop the modeset_lock_all snakeoil in drm_plane_init. Same
  justification as for the equivalent change in drm_crtc_init done in

	commit d0fa1af40e
	Author: Daniel Vetter <daniel.vetter@ffwll.ch>
	Date:   Mon Sep 8 09:02:49 2014 +0200

	    drm: Drop modeset locking from crtc init function

  Without these the drm_modeset_lock_init would fall over the exact
  same way.

- Since the atomic core code wraps the locking switching it to
  per-plane locks was a one-line change.

- For the legacy ioctls add a plane argument to the locking helper so
  that we can grab the right plane lock (cursor or primary). Since the
  universal cursor plane might not be there, or someone really crazy
  might forgoe the primary plane even accept NULL.

- Add some locking WARN_ON to the atomic helpers for good paranoid
  measure and to check that it all works out.

Tested on my exynos atomic hackfest with full lockdep checks and ww
backoff injection.

v2: I've forgotten about the load-detect code in i915.

v3: Thierry reported that in latest 3.18-rc vmwgfx doesn't compile any
more due to

commit 21e88620aa
Author: Rob Clark <robdclark@gmail.com>
Date:   Thu Oct 30 13:39:04 2014 -0400

    drm/vmwgfx: fix lock breakage

Rebased and fix this up.

Cc: Thierry Reding <thierry.reding@gmail.com>
Signed-off-by: Daniel Vetter <daniel.vetter@intel.com>
Reviewed-by: Sean Paul <seanpaul@chromium.org>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2014-11-12 17:56:12 +10:00
Sinclair Yeh
9a72384d86 drm/vmwgfx: Filter out modes those cannot be supported by the current VRAM size.
When screen objects are enabled, the bpp is assumed to be 32, otherwise
it is set to 16.

v2:
* Use u32 instead of u64 for assumed_bpp.
* Fixed mechanism to check for screen objects
* Limit the back buffer size to VRAM.

Signed-off-by: Sinclair Yeh <syeh@vmware.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
Cc: <stable@vger.kernel.org>
2014-10-31 09:58:06 +01:00
Rob Clark
21e88620aa drm/vmwgfx: fix lock breakage
After:

commit d059f652e7
Author:     Daniel Vetter <daniel.vetter@ffwll.ch>
AuthorDate: Fri Jul 25 18:07:40 2014 +0200

    drm: Handle legacy per-crtc locking with full acquire ctx

drm_mode_cursor_common() was switched to use drm_modeset_(un)lock_crtc()
which uses full aquire ctx.  So dropping/reaquiring the lock via
drm_modeset_(un)lock() directly isn't the right thing to do, as lockdep
kindly points out.

The 'FIXME's about sorting out whether vmwgfx *really* needs to lock-all
for cursor updates still apply.

Signed-off-by: Rob Clark <robdclark@gmail.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
Tested-by: Thomas Hellstrom <thellstrom@vmware.com>
2014-10-31 09:44:35 +01:00
Thierry Reding
ee3939e079 drm/ttm: Fix a few sparse warnings
The final parameter to ttm_bo_reserve() is a pointer, therefore callers
should use NULL instead of 0.

Fixes a bunch of sparse warnings of this type:

	warning: Using plain integer as NULL pointer

Signed-off-by: Thierry Reding <treding@nvidia.com>
Reviewed-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2014-07-22 10:58:21 +10:00
Rob Clark
a4cd5d6857 drm/vmwgfx: use helpers
Signed-off-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2014-07-18 14:24:53 +10:00
Thomas Wood
34ea3d3863 drm: add register and unregister functions for connectors
Introduce generic functions to register and unregister connectors. This
provides a common place to add and remove associated user space
interfaces.

Signed-off-by: Thomas Wood <thomas.wood@intel.com>
Reviewed-by: David Herrmann <dh.herrmann@gmail.com>
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
2014-06-19 08:55:28 +02:00
Rob Clark
51fd371bba drm: convert crtc and connection_mutex to ww_mutex (v5)
For atomic, it will be quite necessary to not need to care so much
about locking order.  And 'state' gives us a convenient place to stash a
ww_ctx for any sort of update that needs to grab multiple crtc locks.

Because we will want to eventually make locking even more fine grained
(giving locks to planes, connectors, etc), split out drm_modeset_lock
and drm_modeset_acquire_ctx to track acquired locks.

Atomic will use this to keep track of which locks have been acquired
in a transaction.

v1: original
v2: remove a few things not needed until atomic, for now
v3: update for v3 of connection_mutex patch..
v4: squash in docbook
v5: doc tweaks/fixes

Signed-off-by: Rob Clark <robdclark@gmail.com>
Reviewed-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2014-06-05 09:54:33 +10:00
Dave Airlie
b87577b7c7 drm: try harder to avoid regression when merging mode bits
For QXL hw we really want the bits to be replaced as we change
the preferred mode on the fly, and the same goes for virgl when
I get to it, however the original fix for this seems to have caused
a wierd regression on Intel G33 that in a stunning display of failure
at opposition to his normal self, Daniel failed to diagnose.

So we are left doing this, ugly ugly ugly ugly, Daniel you fixed
that G33 yet?, ugly, ugly.

Tested-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2014-05-01 09:26:53 +10:00
Matt Roper
f4510a2752 drm: Replace crtc fb with primary plane fb (v3)
Now that CRTC's have a primary plane, there's no need to track the
framebuffer in the CRTC.  Replace all references to the CRTC fb with the
primary plane's fb.

This patch was generated by the Coccinelle semantic patching tool using
the following rules:

        @@ struct drm_crtc C; @@
        -   (C).fb
        +   C.primary->fb

        @@ struct drm_crtc *C; @@
        -   (C)->fb
        +   C->primary->fb

v3: Generate patch via coccinelle.  Actual removal of crtc->fb has been
    moved to a subsequent patch.

v2: Fixup several lingering crtc->fb instances that were missed in the
    first patch iteration.  [Rob Clark]

Signed-off-by: Matt Roper <matthew.d.roper@intel.com>
Reviewed-by: Rob Clark <robdclark@gmail.com>
2014-04-01 20:18:28 -04:00
Thomas Hellstrom
294adf7d86 drm/vmwgfx: Use a per-device semaphore for reservation protection
Don't use a per-master semaphore (ttm lock) for reservation protection, but
rather a per-device semaphore. This is needed since clients connecting using
render nodes aren't master aware.

The ttm lock used should probably be replaced with a reader-write semaphore
once the function down_xx_interruptible() is available.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
2014-03-28 14:19:02 +01:00
Thomas Hellstrom
b360a3cecd drm/vmwgfx: Fix surface framebuffer check for guest-backed surfaces
With guest-backed surfaces, surface->sizes == NULL, causing a kernel oops.
Use the base_size member instead.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
2014-01-17 07:52:39 +01:00
Thomas Hellstrom
bc2d6508ab drm/vmwgfx: Replace vram_size with prim_bb_mem for calculation of max resolution
In the future, Scanout buffers need not be backed by VRAM and
the two definitions will differ.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
Reviewed-by: Zack Rusin <zackr@vmware.com>
2014-01-17 07:52:16 +01:00
Rashika Kheria
847c59648c drivers: gpu: Mark functions as static in vmwgfx_kms.c
Mark functions as static because they are not used outside the file
drm/vmwgfx/vmwgfx_kms.c.

This eliminates the following warnings in drm/vmwgfx/vmwgfx_kms.c:
drivers/gpu/drm/vmwgfx/vmwgfx_kms.c:43:6: warning: no previous prototype for ‘vmw_clip_cliprects’ [-Wmissing-prototypes]
drivers/gpu/drm/vmwgfx/vmwgfx_kms.c:426:6: warning: no previous prototype for ‘vmw_framebuffer_surface_destroy’ [-Wmissing-prototypes]
drivers/gpu/drm/vmwgfx/vmwgfx_kms.c:592:5: warning: no previous prototype for ‘vmw_framebuffer_surface_dirty’ [-Wmissing-prototypes]
drivers/gpu/drm/vmwgfx/vmwgfx_kms.c:757:6: warning: no previous prototype for ‘vmw_framebuffer_dmabuf_destroy’ [-Wmissing-prototypes]
drivers/gpu/drm/vmwgfx/vmwgfx_kms.c:943:5: warning: no previous prototype for ‘vmw_framebuffer_dmabuf_dirty’ [-Wmissing-prototypes]
drivers/gpu/drm/vmwgfx/vmwgfx_kms.c:1666:5: warning: no previous prototype for ‘vmw_du_update_layout’ [-Wmissing-prototypes]

Signed-off-by: Rashika Kheria <rashika.kheria@gmail.com>
Reviewed-by: Josh Triplett <josh@joshtriplett.org>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2014-01-08 13:37:42 +01:00
Ville Syrjälä
73e9efd4bd drm: Push dirtyfb ioctl kms locking down to drivers
Not all drivers will need take all the modeset locks for dirtyfb, so
push the locking down to the drivers.

Signed-off-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
Reviewed-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2013-12-18 10:49:08 +10:00
Thomas Hellstrom
6a0a7a9ead drm/vmwgfx: Add our connectors to sysfs
Some user-space apps expects to find them there.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
2013-12-04 12:04:02 -08:00
Ville Syrjälä
4ae87ff030 drm/vmwgfx: Return -ENOENT when a mode object can't be found
Let's be a bit more consistent with our error values.

Signed-off-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2013-11-06 13:25:21 +10:00
Keith Packard
ed8d19756e drm: Pass page flip ioctl flags to driver
This lets drivers see the flags requested by the application

[airlied: fixup for rcar/imx/msm]

Signed-off-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Dave Airlie <airlied@gmail.com>
2013-08-30 09:24:54 +10:00
Ville Syrjälä
a5d0f5766f drm/vmwgfx: Don't access file_priv in cursor_set when handle==0
We want to disable the cursor by calling ->cursor_set() with handle=0
from places where we don't have a file_priv, so don't try to access it
unless necessary.

Signed-off-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2013-06-11 08:47:32 +10:00
Daniel Vetter
dac35663ce drm: only take the crtc lock for ->cursor_move
->cursor_move uses mostly the same facilities in drivers as
->cursor_set, so pretty much nothing to fix up:

- ast/gma500/i915: They all use per-crtc registers to update the
  cursor position. ast again touches the global cursor cache, but
  that's ok since there's only one crtc.

- nouveau: nv50+ is again special, updates happen through the per-crtc
  channel (without pushbufs), so it's not protected by the new evo
  lock introduced earlier. But since this channel is per-crtc, we
  should be fine anyway.

- radeon: A bit a mess: avivo asics need a workaround when both output
  pipes are enabled, which means it'll access the crtc list. Just
  reading that flag is ok though as long as radeon _always_ grabs all
  locks when changing the crtc configuration. Which means with the
  current scheme it cannot do an optimized modeset which only locks
  the relevant crtcs. This can be fixed though by introducing a bit of
  global state with separate locks and ensure in the modeset code that
  the cursor will be updated appropriately when enabling the 2nd pipe
  (on affected asics).

- vmwgfx: I still don't understand what it's doing exactly, so apply
  the same trick for now.

v2: Fixup unlocking for the error cases, spotted by Richard Wilbur.

v3: Another error-case fixup.

Reviewed-by: Rob Clark <rob@ti.com>
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
2013-01-20 22:16:57 +01:00
Daniel Vetter
bfb899282f drm: only take the crtc lock for ->cursor_set
First convert ->cursor_set to only take the crtc lock, since that
seems to be the function with the least amount of state - the core
ioctl function doesn't check anything which can change at runtime, so
we don't have any object lifetime issues to contend.

The only thing which is important is that the driver's implementation
doesn't touch any state outside of that single crtc which is not yet
properly protected by other locking:

- ast: access the global ast->cache_kmap. Luckily we only have on crtc
  on this driver, so this is fine. Add a comment.

- gma500: calls gma_power_begin|and and psb_gtt_pin|unpin, both which
  have their own locking to protect their state. Everything else is
  crtc-local.

- i915: touches a bit of global gem state, all protected by the One
  Lock to Rule Them All (dev->struct_mutex).

- nouveau: Pre-nv50 is all nice, nv50+ uses the evo channels to queue
  up all display changes. And some of these channels are device
  global. But this is fine now since the previous patch introduced an
  evo channel mutex.

- radeon: Uses some indirect register access for cursor updates, but
  with the previous patches to protect these indirect 2-register
  access patterns with a spinlock, this should be fine now, too.

- vmwgfx: I have no idea how that works - update_cursor_position
  doesn't take any per-crtc argument and I haven't figured out any
  other place where this could be set in some form of a side-channel.
  But vmwgfx definitely has more than one crtc (or at least can
  register more than one), so I have no idea how this is supposed to
  not fail with the current code already. Hence take the easy way out
  and simply acquire all locks (which requires dropping the crtc lock
  the core acquired for us). That way it's not worse off for
  consistency than the old code.

Reviewed-by: Rob Clark <rob@ti.com>
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
2013-01-20 22:16:55 +01:00
Daniel Vetter
af26ef3b39 drm/<drivers>: Unified handling of unimplemented fb->create_handle
Some drivers don't have real ->create_handle callbacks.

- cirrus/ast/mga200: Returns either 0 or -EINVAL.

- udl: Didn't even bother with a callback, leading to a nice
  userspace-triggerable OOPS.

- vmwgfx: This driver bothered with an implementation to return 0 as
  the handle (which is the canonical no-obj gem handle).

All have in common that ->create_handle doesn't really make too much
sense for them - that ioctl is used only for seamless fb takeover in
the radeon/nouveau/i915 ddx drivers. So allow drivers to not implement
this and return a consistent -ENODEV.

Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
2013-01-20 15:57:57 +01:00
Daniel Vetter
80f0b5aff8 drm/vmwgfx: reorder framebuffer init sequence
vmwgfx has an oddity, when failing to reference the surface it'll
return 0, since that's what the successfull drm_framebuffer_init will
leave behind in ret. Fix this up by returning -EINVAL.

Split out from all the other driver updates due to the above tiny
semantic change. Shouldn't matter though since the reference grabbing
seemingly can't fail.

Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
2013-01-20 15:29:35 +01:00
Wei Yongjun
3a9950781c vmwgfx: remove useless set memory to zero use memset()
The memory return by kzalloc() or kmem_cache_zalloc() has already
be set to zero, so remove useless memset(0).

Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-09-13 11:34:34 +10:00
Alan Cox
f5869a8308 drm: stop vmgfx driver explosion
If you do a page flip with no flags set then event is NULL. If event is
NULL then the vmw_gfx driver likes to go digging into NULL and extracts
NULL->base.file_priv.

On a modern kernel with NULL mapping protection it's just another oops,
without it there are some "intriguing" possibilities.

What it should do is an open question but that for the driver owners to
sort out.

Signed-off-by: Alan Cox <alan@linux.intel.com>
Reviewed-by: Jakob Bornecrantz <jakob@vmware.com>
Cc: stable@vger.kernel.org
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-08-22 09:26:50 +10:00
Laurent Pinchart
e6ecefaadf drm: Constify drm_mode_config_funcs pointer
The DRM mode config functions structure declared by drivers and pointed
to by the drm_mode_config funcs field is never modified. Make it a const
pointer.

Signed-off-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Cc: Inki Dae <inki.dae@samsung.com>
Cc: Alan Cox <alan@linux.intel.com>
Cc: Daniel Vetter <daniel.vetter@ffwll.ch>
Cc: Ben Skeggs <bskeggs@redhat.com>
Cc: Thomas Hellstrom <thellstrom@vmware.com>
Cc: Rob Clark <rob.clark@linaro.org>
Reviwed-by: Alex Deucher <alexdeucher@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-05-22 10:35:07 +01:00
Jakob Bornecrantz
b5ec427e8d vmwgfx: Add page flip support
Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-02-13 12:01:35 +00:00
Jakob Bornecrantz
bd49ae46f8 vmwgfx: Pipe fence out of screen object dirty functions
Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-02-13 12:01:34 +00:00
Jakob Bornecrantz
bb1bd2f43e vmwgfx: Make it possible to get fence from execbuf
Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-02-13 12:01:33 +00:00
Ryan Mallon
bf9c05d5b6 vmwgfx: Fix assignment in vmw_framebuffer_create_handle
The assignment of handle in vmw_framebuffer_create_handle doesn't actually do anything useful and is incorrectly assigning an integer value to a pointer argument. It appears that this is a typo and should be dereferencing handle rather than assigning to it directly. This fixes a bug where an undefined handle value is potentially returned to user-space.

Signed-off-by: Ryan Mallon <rmallon@gmail.com>
Reviewed-by: Jakob Bornecrantz<jakob@vmware.com>
Cc: stable@vger.kernel.org
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-01-30 09:32:39 +00:00
Linus Torvalds
1a464cbb3d Merge branch 'drm-core-next' of git://people.freedesktop.org/~airlied/linux
* 'drm-core-next' of git://people.freedesktop.org/~airlied/linux: (307 commits)
  drm/nouveau/pm: fix build with HWMON off
  gma500: silence gcc warnings in mid_get_vbt_data()
  drm/ttm: fix condition (and vs or)
  drm/radeon: double lock typo in radeon_vm_bo_rmv()
  drm/radeon: use after free in radeon_vm_bo_add()
  drm/sis|via: don't return stack garbage from free_mem ioctl
  drm/radeon/kms: remove pointless CS flags priority struct
  drm/radeon/kms: check if vm is supported in VA ioctl
  drm: introduce drm_can_sleep and use in intel/radeon drivers. (v2)
  radeon: Fix disabling PCI bus mastering on big endian hosts.
  ttm: fix agp since ttm tt rework
  agp: Fix multi-line warning message whitespace
  drm/ttm/dma: Fix accounting error when calling ttm_mem_global_free_page and don't try to free freed pages.
  drm/ttm/dma: Only call set_pages_array_wb when the page is not in WB pool.
  drm/radeon/kms: sync across multiple rings when doing bo moves v3
  drm/radeon/kms: Add support for multi-ring sync in CS ioctl (v2)
  drm/radeon: GPU virtual memory support v22
  drm: make DRM_UNLOCKED ioctls with their own mutex
  drm: no need to hold global mutex for static data
  drm/radeon/benchmark: common modes sweep ignores 640x480@32
  ...

Fix up trivial conflicts in radeon/evergreen.c and vmwgfx/vmwgfx_kms.c
2012-01-10 11:04:36 -08:00
Xi Wang
8a78389651 vmwgfx: fix incorrect VRAM size check in vmw_kms_fb_create()
Commit e133e737 didn't correctly fix the integer overflow issue.

-	unsigned int required_size;
+	u64 required_size;
	...
	required_size = mode_cmd->pitch * mode_cmd->height;
-	if (unlikely(required_size > dev_priv->vram_size)) {
+	if (unlikely(required_size > (u64) dev_priv->vram_size)) {

Note that both pitch and height are u32.  Their product is still u32 and
would overflow before being assigned to required_size.  A correct way is
to convert pitch and height to u64 before the multiplication.

	required_size = (u64)mode_cmd->pitch * (u64)mode_cmd->height;

This patch calls the existing vmw_kms_validate_mode_vram() for
validation.

Signed-off-by: Xi Wang <xi.wang@gmail.com>
Reviewed-and-tested-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-12-22 12:31:02 +00:00
Dave Airlie
4cf73129cb Merge remote-tracking branch 'pfdo/drm-fixes' into drm-core-next
-next reported a messy merge, so I've merged my upstream pull into
my -next tree.

Conflicts:
	drivers/gpu/drm/vmwgfx/vmwgfx_kms.c
2011-12-21 09:50:56 +00:00
Dave Airlie
1fbe6f625f Merge tag 'v3.2-rc6' of /home/airlied/devel/kernel/linux-2.6 into drm-core-next
Merge in the upstream tree to bring in the mainline fixes.

Conflicts:
	drivers/gpu/drm/exynos/exynos_drm_fbdev.c
	drivers/gpu/drm/nouveau/nouveau_sgdma.c
2011-12-20 14:43:53 +00:00
Ville Syrjälä
01f2c7730e drm: Replace pitch with pitches[] in drm_framebuffer
Otherwise each driver would need to keep the information inside
their own framebuffer object structure. Also add offsets[]. BOs
on the other hand are driver specific, so those can be kept in
driver specific structures.

Signed-off-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-12-20 10:06:27 +00:00
Jakob Bornecrantz
6abff3c780 vmwgfx: Clip cliprects against screen boundaries in present and dirty
Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-12-19 14:06:05 +00:00
Jakob Bornecrantz
203dc22013 vmwgfx: Do better culling of presents
Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-12-19 14:06:03 +00:00
Jakob Bornecrantz
e7ac9211f2 vmwgfx: Refactor kms code to use vmw_user_lookup_handle helper
Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-12-19 14:06:03 +00:00
Jakob Bornecrantz
6a91d97e02 vmwgfx: Refactor cursor update
Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-12-19 14:06:02 +00:00
Xi Wang
bab9efc206 vmwgfx: integer overflow in vmw_kms_update_layout_ioctl()
There are two issues in vmw_kms_update_layout_ioctl().  First, the
for loop forgets to index rects and only checks the first element.
Second, there is a potential integer overflow if userspace passes
in a large arg->num_outputs.  The call to kzalloc() would allocate
a small buffer, leading to out-of-bounds read.

Reported-by: Haogang Chen <haogangchen@gmail.com>
Signed-off-by: Xi Wang <xi.wang@gmail.com>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-12-02 10:49:41 +00:00
Dave Airlie
248dbc2350 drm: move the fb bpp/depth helper into the core.
This is used by nearly everyone including vmwgfx which doesn't generally
use the fb helper.

Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-11-29 20:02:54 +00:00
Jesse Barnes
308e5bcbdb drm: add an fb creation ioctl that takes a pixel format v5
To properly support the various plane formats supported by different
hardware, the kernel must know the pixel format of a framebuffer object.
So add a new ioctl taking a format argument corresponding to a fourcc
name from the new drm_fourcc.h header file.  Implement the fb creation
hooks in terms of the new mode_fb_cmd2 using helpers where the old
bpp/depth values are needed.

v2: create DRM specific fourcc header file for sharing with libdrm etc
v3: fix rebase failure and use DRM fourcc codes in intel_display.c and
    update commit message
v4: make fb_cmd2 handle field into an array for multi-object formats
    pull in Ville's fix for the memcpy in drm_plane_init
    apply Ville's cleanup to zero out fb_cmd2 arg in drm_mode_addfb
v5: add 'flags' field for interlaced support (from Ville)

Signed-off-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
Acked-by: Alan Cox <alan@lxorguk.ukuu.org.uk>
Reviewed-by: Rob Clark <rob.clark@linaro.org>
Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-11-15 19:53:23 +00:00
Jakob Bornecrantz
baa91d6400 vmwgfx: Only allow 64x64 cursors
Snooping code expects this to be the case.

Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-11-11 10:58:26 +00:00
Jakob Bornecrantz
f0c8a6524d vmwgfx: Initialize clip rect loop correctly in surface dirty
Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-11-11 10:57:59 +00:00
Jakob Bornecrantz
c0d18316ae vmwgfx: Close screen object system
Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-11-11 10:57:29 +00:00
Jakob Bornecrantz
2ac863719e vmwgfx: Snoop DMA transfers with non-covering sizes
Enough to get cursors working under Wayland.

Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-11-07 13:16:55 +00:00
Jakob Bornecrantz
d41025c0d6 vmwgfx: Move the prefered mode first in the list
Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-11-07 13:16:34 +00:00
Jakob Bornecrantz
e5c8dbb814 vmwgfx: Unreference surface on cursor error path
Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-11-07 13:16:14 +00:00
Jakob Bornecrantz
55bde5b215 vmwgfx: Free prefered mode on error path
Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-11-07 13:15:56 +00:00