From 76dbd49be7fc95e4379063a9328b296b47748bf4 Mon Sep 17 00:00:00 2001
From: xuzaibo <xuzaibo@huawei.com>
Date: Thu, 11 Jul 2019 14:41:22 +0800
Subject: [PATCH] ACC: Change queue putting from file flush operation to ioctl
 CMD

driver inclusion
category: bugfix
bugzilla: NA
CVE: NA

Flush file operation is an OS default calling, in some scenarioes, which
will cause dangerous behavior. So, as user space ioctl for putting queue
is brought in, to make sure all the kernel resources are freed immediately
as user space calls API of wd_release_queue.

Signed-off-by: xuzaibo <xuzaibo@huawei.com>
Reviewed-by: lingmingqiang <lingmingqiang@huawei.com>
Reviewed-by: wangzhou <wangzhou1@hisilicon.com>
Signed-off-by: lingmingqiang <lingmingqiang@huawei.com>
Signed-off-by: Mingqiang Ling <lingmingqiang@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
---
 drivers/uacce/uacce.c      | 15 ++++++---------
 include/uapi/linux/uacce.h |  1 +
 2 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/drivers/uacce/uacce.c b/drivers/uacce/uacce.c
index f863aa6f49e0..9e61cfd64656 100644
--- a/drivers/uacce/uacce.c
+++ b/drivers/uacce/uacce.c
@@ -44,6 +44,7 @@ static DEFINE_RWLOCK(uacce_qs_lock);
 
 static const struct file_operations uacce_fops;
 static int uacce_fops_fasync(int fd, struct file *file, int mode);
+static int uacce_put_queue(struct file *filep);
 
 /* match with enum uacce_qfrt */
 static const char *const qfrt_str[] = {
@@ -540,6 +541,9 @@ static long uacce_fops_unl_ioctl(struct file *filep,
 	case UACCE_CMD_GET_SS_DMA:
 		return uacce_get_ss_dma(q, (void __user *)arg);
 
+	case UACCE_CMD_PUT_Q:
+		return uacce_put_queue(filep);
+
 	default:
 		if (uacce->ops->ioctl)
 			return uacce->ops->ioctl(q, cmd, arg);
@@ -630,9 +634,9 @@ static int uacce_queue_drain(struct uacce_queue *q)
 }
 
 /* While user space releases a queue, all the relatives on the queue
- * should be released imediately by this flush.
+ * should be released imediately by this putting.
  */
-static int uacce_fops_flush(struct file *filep, fl_owner_t id)
+static int uacce_put_queue(struct file *filep)
 {
 	struct uacce_queue *q = filep->private_data;
 	struct uacce *uacce;
@@ -645,12 +649,6 @@ static int uacce_fops_flush(struct file *filep, fl_owner_t id)
 	    atomic_cmpxchg(&q->status, UACCE_ST_OPENNED, UACCE_ST_INIT))
 		return 0;
 
-	/*
-	 * It is different between CI and kernel-dev here, so delete list
-	 * entry in flush callback and release callback. After flush is called
-	 * uacce_queue will be NULL, and same code will not be called in
-	 * release, so it is safe.
-	 */
 	uacce_fops_fasync(-1, filep, 0);
 	mutex_lock(&uacce->q_lock);
 	list_del(&q->q_dev);
@@ -915,7 +913,6 @@ static int uacce_fops_fasync(int fd, struct file *file, int mode)
 static const struct file_operations uacce_fops = {
 	.owner		= THIS_MODULE,
 	.open		= uacce_fops_open,
-	.flush		= uacce_fops_flush,
 	.release	= uacce_fops_release,
 	.unlocked_ioctl	= uacce_fops_unl_ioctl,
 #ifdef CONFIG_COMPAT
diff --git a/include/uapi/linux/uacce.h b/include/uapi/linux/uacce.h
index 953f9bf5067d..2085969bade7 100644
--- a/include/uapi/linux/uacce.h
+++ b/include/uapi/linux/uacce.h
@@ -10,6 +10,7 @@
 #define UACCE_CMD_SHARE_SVAS	_IO('W', 0)
 #define UACCE_CMD_START		_IO('W', 1)
 #define UACCE_CMD_GET_SS_DMA	_IOR('W', 2, unsigned long)
+#define UACCE_CMD_PUT_Q		_IO('W', 3)
 
 /**
  * UACCE Device Attributes:
-- 
GitLab