Re: [PATCH 24/34] drm/i915/gvt: remove the extra vfio_device refcounting for dmabufs

[Jason Gunthorpe]

On Mon, Apr 11, 2022 at 04:13:53PM +0200, Christoph Hellwig wrote:
> All the dmabufs are torn down when th VGPU is released, so there is
> no need for extra refcounting here.

'th' -> 'the'

I think the specific argument is that intel_vgpu_query_plane() is only
called from intel_vgpu_ioctl() which has to happen while the device is
open so intel_vgpu_query_plane() has no issue.

dmabuf_gem_object_free() is OK because:
 intel_vgpu_close_device
  __intel_vgpu_release
   intel_gvt_release_vgpu
    intel_vgpu_dmabuf_cleanup

Menaing dmabuf->vgpu was already NULL once close_device is passed, and
the vfio_device reference is held automatically from open_device->close_device

And similarly intel_vgpu_dmabuf_cleanup() is OK because it is called
by the above.

The other places that call intel_vgpu_dmabuf_cleanup() are redundant
with the close_device path.

Though the 'release_work' callpath is buggy, for many reasons, but not
for this series.

Reviewed-by: Jason Gunthorpe <jgg@xxxxxxxxxx>

> diff --git a/drivers/gpu/drm/i915/gvt/dmabuf.c b/drivers/gpu/drm/i915/gvt/dmabuf.c
> index 90443306a9ad4..01e54b45c5c1b 100644
> +++ b/drivers/gpu/drm/i915/gvt/dmabuf.c
> @@ -139,7 +139,6 @@ static void dmabuf_gem_object_free(struct kref *kref)
>  			dmabuf_obj = list_entry(pos, struct intel_vgpu_dmabuf_obj, list);
>  			if (dmabuf_obj == obj) {

Not for this series but it seems like there is something off about
the locking here:

	if (vgpu && vgpu->active && !list_empty(&vgpu->dmabuf_obj_list_head)) {

This is called under the dmabuf lock but active is protected by the
vgpu_lock.. It seems strange that vgpu->active could be false but the
device is still open, so maybe it is not possible.

Jason