linux/Documentation/dma-buf-sharing.txt

                    DMA Buffer Sharing API Guide
                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

                            Sumit Semwal
                <sumit dot semwal at linaro dot org>
                 <sumit dot semwal at ti dot com>


Other Interfaces Exposed to Userspace on the dma-buf FD
------------------------------------------------------

- Since kernel 3.12 the dma-buf FD supports the llseek system call, but only
  with offset=0 and whence=SEEK_END|SEEK_SET. SEEK_SET is supported to allow
  the usual size discover pattern size = SEEK_END(0); SEEK_SET(0). Every other
  llseek operation will report -EINVAL.

  If llseek on dma-buf FDs isn't support the kernel will report -ESPIPE for all
  cases. Userspace can use this to detect support for discovering the dma-buf
  size using llseek.

Miscellaneous notes
-------------------

- Any exporters or users of the dma-buf buffer sharing framework must have
  a 'select DMA_SHARED_BUFFER' in their respective Kconfigs.

- In order to avoid fd leaks on exec, the FD_CLOEXEC flag must be set
  on the file descriptor.  This is not just a resource leak, but a
  potential security hole.  It could give the newly exec'd application
  access to buffers, via the leaked fd, to which it should otherwise
  not be permitted access.

  The problem with doing this via a separate fcntl() call, versus doing it
  atomically when the fd is created, is that this is inherently racy in a
  multi-threaded app[3].  The issue is made worse when it is library code
  opening/creating the file descriptor, as the application may not even be
  aware of the fd's.

  To avoid this problem, userspace must have a way to request O_CLOEXEC
  flag be set when the dma-buf fd is created.  So any API provided by
  the exporting driver to create a dmabuf fd must provide a way to let
  userspace control setting of O_CLOEXEC flag passed in to dma_buf_fd().

References:
[1] struct dma_buf_ops in include/linux/dma-buf.h
[2] All interfaces mentioned above defined in include/linux/dma-buf.h
[3] https://lwn.net/Articles/236486/
dma-buf: Documentation for buffer sharing framework Add documentation for dma buffer sharing framework, explaining the various operations, members and API of the dma buffer sharing framework. Signed-off-by: Sumit Semwal <sumit.semwal@linaro.org> Signed-off-by: Sumit Semwal <sumit.semwal@ti.com> Reviewed-by: Daniel Vetter <daniel.vetter@ffwll.ch> Signed-off-by: Dave Airlie <airlied@redhat.com> 2011-12-26 14:53:16 +05:30			`DMA Buffer Sharing API Guide`
			`~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

			`Sumit Semwal`
			`<sumit dot semwal at linaro dot org>`
			`<sumit dot semwal at ti dot com>`


dma-buf: Expose buffer size to userspace (v2) Each dma-buf has an associated size and it's reasonable for userspace to want to know what it is. Since userspace already has an fd, expose the size using the size = lseek(fd, SEEK_END, 0); lseek(fd, SEEK_CUR, 0); idiom. v2: Added Daniel's sugeested documentation, with minor fixups Signed-off-by: Christopher James Halse Rogers <christopher.halse.rogers@canonical.com> Reviewed-by: Daniel Vetter <daniel.vetter@ffwll.ch> Tested-by: Daniel Vetter <daniel.vetter@ffwll.ch> Signed-off-by: Sumit Semwal <sumit.semwal@linaro.org> 2013-09-10 11:36:45 +05:30			`Other Interfaces Exposed to Userspace on the dma-buf FD`
			`------------------------------------------------------`

			`- Since kernel 3.12 the dma-buf FD supports the llseek system call, but only`
			`with offset=0 and whence=SEEK_END\|SEEK_SET. SEEK_SET is supported to allow`
			`the usual size discover pattern size = SEEK_END(0); SEEK_SET(0). Every other`
			`llseek operation will report -EINVAL.`

			`If llseek on dma-buf FDs isn't support the kernel will report -ESPIPE for all`
			`cases. Userspace can use this to detect support for discovering the dma-buf`
			`size using llseek.`

dma_buf: Add documentation for the new cpu access support v2: Fix spelling issues noticed by Rob Clark. Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch> Signed-off-by: Rob Clark <rob@ti.com> Signed-off-by: Sumit Semwal <sumit.semwal@linaro.org> 2012-03-19 00:34:27 +01:00			`Miscellaneous notes`
			`-------------------`

dma-buf: Documentation update for Kconfig select As per Linus' comment, dma-buf Kconfig entry shouldn't have an option text, but should be selected by the subsystems that use it. Add this information in the documentation as well. Signed-off-by: Sumit Semwal <sumit.semwal@ti.com> Signed-off-by: Dave Airlie <airlied@redhat.com> 2012-01-13 15:15:05 +05:30			`- Any exporters or users of the dma-buf buffer sharing framework must have`
			`a 'select DMA_SHARED_BUFFER' in their respective Kconfigs.`

dma-buf: document fd flags and O_CLOEXEC requirement Otherwise subsystems will get this wrong and end up with a second export ioctl with the flag and O_CLOEXEC support added. Signed-off-by: Rob Clark <rob@ti.com> Reviewed-by: Daniel Vetter <daniel.vetter@ffwll.ch> Signed-off-by: Sumit Semwal <sumit.semwal@linaro.org> 2012-03-19 16:42:49 -05:00			`- In order to avoid fd leaks on exec, the FD_CLOEXEC flag must be set`
			`on the file descriptor. This is not just a resource leak, but a`
			`potential security hole. It could give the newly exec'd application`
			`access to buffers, via the leaked fd, to which it should otherwise`
			`not be permitted access.`

			`The problem with doing this via a separate fcntl() call, versus doing it`
			`atomically when the fd is created, is that this is inherently racy in a`
			`multi-threaded app[3]. The issue is made worse when it is library code`
			`opening/creating the file descriptor, as the application may not even be`
			`aware of the fd's.`

			`To avoid this problem, userspace must have a way to request O_CLOEXEC`
			`flag be set when the dma-buf fd is created. So any API provided by`
			`the exporting driver to create a dmabuf fd must provide a way to let`
			`userspace control setting of O_CLOEXEC flag passed in to dma_buf_fd().`

dma-buf: Documentation for buffer sharing framework Add documentation for dma buffer sharing framework, explaining the various operations, members and API of the dma buffer sharing framework. Signed-off-by: Sumit Semwal <sumit.semwal@linaro.org> Signed-off-by: Sumit Semwal <sumit.semwal@ti.com> Reviewed-by: Daniel Vetter <daniel.vetter@ffwll.ch> Signed-off-by: Dave Airlie <airlied@redhat.com> 2011-12-26 14:53:16 +05:30			`References:`
			`[1] struct dma_buf_ops in include/linux/dma-buf.h`
			`[2] All interfaces mentioned above defined in include/linux/dma-buf.h`
dma-buf: document fd flags and O_CLOEXEC requirement Otherwise subsystems will get this wrong and end up with a second export ioctl with the flag and O_CLOEXEC support added. Signed-off-by: Rob Clark <rob@ti.com> Reviewed-by: Daniel Vetter <daniel.vetter@ffwll.ch> Signed-off-by: Sumit Semwal <sumit.semwal@linaro.org> 2012-03-19 16:42:49 -05:00			`[3] https://lwn.net/Articles/236486/`