On 11/02/2026 15:43, Christian König wrote:
8><
+ */
+ RCU_INIT_POINTER(fence->ops, ops);
INIT_LIST_HEAD(&fence->cb_list);
fence->lock = lock;
fence->context = context;
@@ -1129,11 +1152,12 @@ EXPORT_SYMBOL(dma_fence_init64);
*/
const char __rcu *dma_fence_driver_name(struct dma_fence *fence)
{
- RCU_LOCKDEP_WARN(!rcu_read_lock_held(),
- "RCU protection is required for safe access to returned
string");
+ const struct dma_fence_ops *ops;
+ /* RCU protection is required for safe access to returned string */
+ ops = rcu_dereference(fence->ops);
if (!dma_fence_test_signaled_flag(fence))
- return (const char __rcu *)fence->ops->get_driver_name(fence);
+ return (const char __rcu *)ops->get_driver_name(fence);
else
return (const char __rcu *)"detached-driver";
}
@@ -1161,11 +1185,12 @@ EXPORT_SYMBOL(dma_fence_driver_name);
*/
const char __rcu *dma_fence_timeline_name(struct dma_fence *fence)
{
- RCU_LOCKDEP_WARN(!rcu_read_lock_held(),
- "RCU protection is required for safe access to returned
string");
+ const struct dma_fence_ops *ops;
+ /* RCU protection is required for safe access to returned string */
+ ops = rcu_dereference(fence->ops);
if (!dma_fence_test_signaled_flag(fence))
- return (const char __rcu *)fence->ops->get_driver_name(fence);
+ return (const char __rcu *)ops->get_driver_name(fence);
else
return (const char __rcu *)"signaled-timeline";
}
Did we make any progress in our conversation about removing those two
functions and callbacks? They're only used by i915.
Actually they are mostly used by the trace points and debugfs, so we certainly
can't remove them.
But I'm really wondering why the heck i915 is using them?
Mostly directed to Philipp - by using you mean calling the helpers? I
thought I mentioned before the synce fence uapi (SYNC_IOC_FILE_INFO)
actually relies on the names. Sync fence was in fact the easiest way to
trigger the use after free as a posted the IGT to show it last year. So
to remove we would need to prove no existing userspace uses that.
Regards,
Tvrtko
