Re: [PATCH 1/2] media: videobuf2: use dmabuf size for length
From: John Cox
Date: Fri Mar 26 2021 - 11:24:20 EST
Hi Helen
>On 3/26/21 10:03 AM, John Cox wrote:
>> Hi Helen
>>
>>> Hi John,
>>>
>>> On 3/25/21 7:20 AM, John Cox wrote:
>>>> Hi
>>>>
>>>>> Always use dmabuf size when considering the length of the buffer.
>>>>> Discard userspace provided length.
>>>>> Fix length check error in _verify_length(), which was handling single and
>>>>> multiplanar diferently, and also not catching the case where userspace
>>>>> provides a bigger length and bytesused then the underlying buffer.
>>>>>
>>>>> Suggested-by: Hans Verkuil <hverkuil@xxxxxxxxx>
>>>>> Signed-off-by: Helen Koike <helen.koike@xxxxxxxxxxxxx>
>>>>> ---
>>>>>
>>>>> Hello,
>>>>>
>>>>> As discussed on
>>>>> https://patchwork.linuxtv.org/project/linux-media/patch/gh5kef5bkeel3o6b2dkgc2dfagu9klj4c0@xxxxxxx/
>>>>>
>>>>> This patch also helps the conversion layer of the Ext API patchset,
>>>>> where we are not exposing the length field.
>>>>>
>>>>> It was discussed that userspace might use a smaller length field to
>>>>> limit the usage of the underlying buffer, but I'm not sure if this is
>>>>> really usefull and just complicates things.
>>>>>
>>>>> If this is usefull, then we should also expose a length field in the Ext
>>>>> API, and document this feature properly.
>>>>>
>>>>> What do you think?
>>>>> ---
>>>>> .../media/common/videobuf2/videobuf2-core.c | 21 ++++++++++++++++---
>>>>> .../media/common/videobuf2/videobuf2-v4l2.c | 8 +++----
>>>>> include/uapi/linux/videodev2.h | 7 +++++--
>>>>> 3 files changed, 27 insertions(+), 9 deletions(-)
>>>>>
>>>>> diff --git a/drivers/media/common/videobuf2/videobuf2-core.c b/drivers/media/common/videobuf2/videobuf2-core.c
>>>>> index 02281d13505f..2cbde14af051 100644
>>>>> --- a/drivers/media/common/videobuf2/videobuf2-core.c
>>>>> +++ b/drivers/media/common/videobuf2/videobuf2-core.c
>>>>> @@ -1205,6 +1205,7 @@ static int __prepare_dmabuf(struct vb2_buffer *vb)
>>>>>
>>>>> for (plane = 0; plane < vb->num_planes; ++plane) {
>>>>> struct dma_buf *dbuf = dma_buf_get(planes[plane].m.fd);
>>>>> + unsigned int bytesused;
>>>>>
>>>>> if (IS_ERR_OR_NULL(dbuf)) {
>>>>> dprintk(q, 1, "invalid dmabuf fd for plane %d\n",
>>>>> @@ -1213,9 +1214,23 @@ static int __prepare_dmabuf(struct vb2_buffer *vb)
>>>>> goto err;
>>>>> }
>>>>>
>>>>> - /* use DMABUF size if length is not provided */
>>>>> - if (planes[plane].length == 0)
>>>>> - planes[plane].length = dbuf->size;
>>>>> + planes[plane].length = dbuf->size;
>>>>> + bytesused = planes[plane].bytesused ?
>>>>> + planes[plane].bytesused : dbuf->size;
>>>>> +
>>>>> + if (planes[plane].bytesused > planes[plane].length) {
>>>>> + dprintk(q, 1, "bytesused is bigger then dmabuf length for plane %d\n",
>>>>> + plane);
>>>>> + ret = -EINVAL;
>>>>> + goto err;
>>>>> + }
>>>>> +
>>>>> + if (planes[plane].data_offset >= bytesused) {
>>>>> + dprintk(q, 1, "data_offset >= bytesused for plane %d\n",
>>>>> + plane);
>>>>> + ret = -EINVAL;
>>>>> + goto err;
>>>>> + }
>>>>>
>>>>> if (planes[plane].length < vb->planes[plane].min_length) {
>>>>> dprintk(q, 1, "invalid dmabuf length %u for plane %d, minimum length %u\n",
>>>>> diff --git a/drivers/media/common/videobuf2/videobuf2-v4l2.c b/drivers/media/common/videobuf2/videobuf2-v4l2.c
>>>>> index 7e96f67c60ba..ffc7ed46f74a 100644
>>>>> --- a/drivers/media/common/videobuf2/videobuf2-v4l2.c
>>>>> +++ b/drivers/media/common/videobuf2/videobuf2-v4l2.c
>>>>> @@ -98,14 +98,14 @@ static int __verify_length(struct vb2_buffer *vb, const struct v4l2_buffer *b)
>>>>> unsigned int bytesused;
>>>>> unsigned int plane;
>>>>>
>>>>> - if (V4L2_TYPE_IS_CAPTURE(b->type))
>>>>> + /* length check for dmabuf is performed in _prepare_dmabuf() */
>>>>> + if (V4L2_TYPE_IS_CAPTURE(b->type) || b->memory == VB2_MEMORY_DMABUF)
>>>>> return 0;
>>>>>
>>>>> if (V4L2_TYPE_IS_MULTIPLANAR(b->type)) {
>>>>> for (plane = 0; plane < vb->num_planes; ++plane) {
>>>>> - length = (b->memory == VB2_MEMORY_USERPTR ||
>>>>> - b->memory == VB2_MEMORY_DMABUF)
>>>>> - ? b->m.planes[plane].length
>>>>> + length = b->memory == VB2_MEMORY_USERPTR
>>>>> + ? b->m.planes[plane].length
>>>>> : vb->planes[plane].length;
>>>>> bytesused = b->m.planes[plane].bytesused
>>>>> ? b->m.planes[plane].bytesused : length;
>>>>> diff --git a/include/uapi/linux/videodev2.h b/include/uapi/linux/videodev2.h
>>>>> index 8d15f6ccc4b4..79b3b2893513 100644
>>>>> --- a/include/uapi/linux/videodev2.h
>>>>> +++ b/include/uapi/linux/videodev2.h
>>>>> @@ -968,7 +968,9 @@ struct v4l2_requestbuffers {
>>>>> /**
>>>>> * struct v4l2_plane - plane info for multi-planar buffers
>>>>> * @bytesused: number of bytes occupied by data in the plane (payload)
>>>>> - * @length: size of this plane (NOT the payload) in bytes
>>>>> + * @length: size of this plane (NOT the payload) in bytes. Filled
>>>>> + * by userspace for USERPTR and by the driver for DMABUF
>>>>> + * and MMAP.
>>>>> * @mem_offset: when memory in the associated struct v4l2_buffer is
>>>>> * V4L2_MEMORY_MMAP, equals the offset from the start of
>>>>> * the device memory for this plane (or is a "cookie" that
>>>>> @@ -1025,7 +1027,8 @@ struct v4l2_plane {
>>>>> * @m: union of @offset, @userptr, @planes and @fd
>>>>> * @length: size in bytes of the buffer (NOT its payload) for single-plane
>>>>> * buffers (when type != *_MPLANE); number of elements in the
>>>>> - * planes array for multi-plane buffers
>>>>> + * planes array for multi-plane buffers. Filled by userspace for
>>>>> + * USERPTR and by the driver for DMABUF and MMAP.
>>>>> * @reserved2: drivers and applications must zero this field
>>>>> * @request_fd: fd of the request that this buffer should use
>>>>> * @reserved: for backwards compatibility with applications that do not know
>>>>
>>>> I think this does what I want. But I'm going to restate my usage desires
>>>> and check that you agree that it covers them.
>>>>
>>>> I'm interested in passing compressed bitstreams to a decoder. The size
>>>> of these buffers can be very variable and the worst case will nearly
>>>> always be much larger than the typical case and that size cannot be
>>>> known in advance of usage. It can be very wasteful to have to allocate
>>>> buffers that are over an order of magnitude bigger than are likely to
>>>> ever be used. If you have a fixed pool of fixed size buffers allocated
>>>> at the start of time this wastefulness is unavoidable, but dmabufs can
>>>> be dynamically sized to be as big as required and so there should be no
>>>> limitation on passing in buffers that are smaller than the maximum. It
>>>
>>> Do you mean that the kernel should re-allocate the buffer dynamically
>>> without userspace intervention?
>>> I'm not entirely sure if this would be possible.
>>
>> No - I didn't mean that at all. Any reallocation would be done by the
>> user. I was just setting out why damabufs are different from (and more
>> useful than) MMAP buffers for bitstream-like purposes.
>
>Right, thanks for the clarification.
>
>>
>> Regards
>>
>> John Cox
>>
>>> Regards,
>>> Helen
>>>
>>>
>>>> also seems plausible that dmabufs that are larger than the maximum
>>>> should be allowed as long as their bytesused is smaller or equal.
>
>If I understand correctly, the requirements would be:
>
>(consider maximum being the length/boundary provided by userspace).
>
>(1) bytesused <= maximum && bytesused <= dmabuf_length, this must always be true.
>(2) maximum <= dmabuf_length is always ok.
>(3) dmabuf_length <= maximum is ok as long (1) is still true.
>if dmabuf_length <= maximum, but bytesused > maximum, then it is not ok.
>
>Make sense?
>
>We could save in vb2:
>bytesused_max = maximum ? min(maximum, dmabuf_length) : dmabuf_length;
>
>Then drivers could check if if bytesused <= bytesused_max,
>and we don't need to check dma_length against the maximum value.
>
>Or maybe there is little value in letting userspace define a maximum.
>
>What do you think we should do? Remove the maximum (as implemented in this patch)?
>Or just comparing against bytesused_max is enough (which would keeping the boundary
>feature) ?
>
>I would prefer to remove the maximum if there is no value for userspace, since
>this would make things easier for the Ext API implementation.
From my personal PoV, for an OUTPUT buffer, as long as the data fits in
the buffer i.e. bytesused <= dmabuf_length then that is all I really
care about. Other peoples mileage may vary!
Thanks
JC
>>>>
>>>> As an aside, even when using dynamically sized dmabufs they are often
>>>> way larger than the data they contain and forcing cache flushes or maps
>>>> of their entire length rather than just the used portion is also
>>>> wasteful. This might be a use for the incoming size field.
>
>I guess this can be achieved using the bytesused field.
>
>Regards,
>Helen
>
>>>>
>>>> Regards
>>>>
>>>> John Cox
>>>>