1. Patchew
  2. linux
  3. View series

[PATCH] rust: drm: gpuvm: implement Send and Sync for GpuVaAlloc and GpuVmBo

Sami Tolvanen posted 1 patch 2 days, 7 hours ago 
rust/kernel/drm/gpuvm/va.rs    |  8 ++++++++
rust/kernel/drm/gpuvm/vm_bo.rs | 15 +++++++++++++++
2 files changed, 23 insertions(+)
[PATCH] rust: drm: gpuvm: implement Send and Sync for GpuVaAlloc and GpuVmBo
Posted by Sami Tolvanen 2 days, 7 hours ago 
A GpuVaAlloc holds only uninitialised memory with no live VaData and
hands out no reference to its contents, so it is Send and Sync
unconditionally. A GpuVmBo is refcounted atomically and its deferred put
is sound from any thread.

Implement the markers in the abstraction so drivers can move these
objects between threads without an unsafe impl of their own. Send for
GpuVmBo requires VmBoData: Send because the data is dropped during
deferred cleanup, on whichever thread drains the queue. Sync requires
both VmBoData: Sync and Object: Sync because the &self data() and obj()
accessors hand out &VmBoData and &Object.

Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
---
 rust/kernel/drm/gpuvm/va.rs    |  8 ++++++++
 rust/kernel/drm/gpuvm/vm_bo.rs | 15 +++++++++++++++
 2 files changed, 23 insertions(+)

diff --git a/rust/kernel/drm/gpuvm/va.rs b/rust/kernel/drm/gpuvm/va.rs
index 0b09fe44ab39..dcb2dec4fbdf 100644
--- a/rust/kernel/drm/gpuvm/va.rs
+++ b/rust/kernel/drm/gpuvm/va.rs
@@ -104,6 +104,14 @@ pub fn vm_bo(&self) -> &GpuVmBo<T> {
 /// The memory is zeroed.
 pub struct GpuVaAlloc<T: DriverGpuVm>(KBox<MaybeUninit<GpuVa<T>>>);
 
+// SAFETY: A [`GpuVaAlloc`] is an owned, uninitialised allocation with no live `T::VaData` and no
+// thread-bound state.
+unsafe impl<T: DriverGpuVm> Send for GpuVaAlloc<T> {}
+
+// SAFETY: A [`GpuVaAlloc`] has no `&self` method that reaches its contents, so a shared
+// `&GpuVaAlloc` cannot access the allocation.
+unsafe impl<T: DriverGpuVm> Sync for GpuVaAlloc<T> {}
+
 impl<T: DriverGpuVm> GpuVaAlloc<T> {
     /// Pre-allocate a [`GpuVa`] object.
     pub fn new(flags: AllocFlags) -> Result<GpuVaAlloc<T>, AllocError> {
diff --git a/rust/kernel/drm/gpuvm/vm_bo.rs b/rust/kernel/drm/gpuvm/vm_bo.rs
index c064ac63897b..016b10e3305b 100644
--- a/rust/kernel/drm/gpuvm/vm_bo.rs
+++ b/rust/kernel/drm/gpuvm/vm_bo.rs
@@ -19,6 +19,21 @@ pub struct GpuVmBo<T: DriverGpuVm> {
     data: T::VmBoData,
 }
 
+// SAFETY: The refcount in `self.inner` is atomic, so `dec_ref`'s deferred put is sound from any
+// thread. `data` is dropped later by `drm_gpuvm_bo_deferred_cleanup`, on whichever thread drains
+// the queue, hence the `T::VmBoData: Send` bound.
+unsafe impl<T: DriverGpuVm> Send for GpuVmBo<T> where T::VmBoData: Send {}
+
+// SAFETY: The fields of `inner` read by shared-reference methods are immutable after construction.
+// [`Self::data`] hands out `&T::VmBoData` and [`Self::obj`] hands out `&T::Object`, so sharing
+// `&Self` across threads requires both to be `Sync`.
+unsafe impl<T: DriverGpuVm> Sync for GpuVmBo<T>
+where
+    T::VmBoData: Sync,
+    T::Object: Sync,
+{
+}
+
 // SAFETY: By type invariants, the allocation is managed by the refcount in `self.inner`.
 unsafe impl<T: DriverGpuVm> AlwaysRefCounted for GpuVmBo<T> {
     fn inc_ref(&self) {

base-commit: fea3a2dd7d3fc1936211ced5f84420e610435730
-- 
2.54.0.1032.g2f8565e1d1-goog

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.