Unfortunately, the use of gem names to share buffers is not secure. 12 :16 17 18 A malicious third party process accessing the same drm device could try and guess the gem name of a buffer, shared by another two processes, simply by probing 32-bit integers. 19 18 Once a gem name is found, its contents can be accessed and modified, violating the confidentiality and integrity of the information of the buffer. This drawback was overcome later by the introduction of dma-buf support into drm. Another important task for any video memory management system besides managing the video memory space is handling the memory synchronization between the gpu and the cpu. Current memory architectures are very complex and usually involve various levels of caches for the system memory and sometimes for the video memory too. Therefore, video memory managers should also handle the cache coherence to ensure the data shared between cpu and gpu is consistent. 20 This means that often video memory management internals are highly dependent on hardware details of the gpu and memory architecture, and thus driver-specific.

The drm driver keeps track of the used video memory, and is level able to comply with the request if there is free memory available, returning a "handle" to user space to further refer the allocated memory in coming operations. 6 14 gem api also provides operations to populate the buffer and to release it when it is not needed anymore. Memory from unreleased gem handles gets recovered when the user space process name closes the drm device file descriptor —intentionally or because it terminates. 16 gem also allows two or more user space processes using the same drm device (hence the same drm driver) to share a gem object. 16 gem handles are local 32-bit integers unique to a process but repeatable in other processes, therefore not suitable for sharing. What is needed is a global namespace, and gem provides one through the use of global handles called gem names. A gem name refers to one, and only one, gem object created within the same drm device by the same drm driver, by using a unique 32 bit integer. Gem provides an operation, flink, to obtain a gem name from a gem handle. 16 12 :16 The process can then pass this gem name—this 32-bit integer—to another process using any ipc mechanism available. 12 :15 The gem name can be used by the recipient process to obtain a local gem handler pointing to the original gem object.

It is basically a method of authentication against the drm device, in order to prove to it that the process has the drm-master's approval to get such privileges. The procedure consists of: 12 :13 the client gets a unique token—a 32-bit integer—from the drm device using the get_magic ioctl and passes it to the drm-master process by whatever means (normally some sort of ipc ; for example, in dri2 there is a dri2Authenticate. Also, modern Linux first desktops needed an optimal way to share off-screen buffers with the compositing manager. These requirements led to the development of new methods to manage graphics buffers inside the kernel. The Graphics Execution Manager (GEM) emerged as one of these methods. 6 gem provides an api with explicit memory management primitives. 6 Through gem, a user space program can create, handle and destroy memory objects living in the gpu's video memory. These objects, called "gem objects 14 are persistent from the user space program's perspective, and don't need to be reloaded every time the program regains control of the gpu. When a user space program needs a chunk of video memory (to store a framebuffer, texture or any other data required by the gpu 15 it requests the allocation to the drm driver using the gem api.

Drm-master and drm-auth edit thesis There are several operations (ioctls) in the drm api that either for security purposes or for concurrency issues must be restricted to be used business by a single user space process per device. 8 to implement this restriction, drm limits such ioctls to be only invoked by the process considered the "master" of a drm device, usually called drm-master. Only one of all processes that have the device node /dev/dri/card x opened will have its file handle marked as master, specifically the first calling the set_master ioctl. Any attempt to use one of these restricted ioctls without being the drm-master will return an error. A process can also give up its master role—and let another process acquire it—by calling the drop_master ioctl. The x server —or any other display server —is commonly the process that acquires the drm-master status in every drm device it manages, usually when it opens the corresponding device node during its startup, and keeps these privileges for the entire graphical session until. For the remaining user space processes there is another way to gain the privilege to invoke some restricted operations on the drm device called drm-auth.

This library is merely a wrapper that provides a function written in C for every ioctl of the drm api, as well as constants, structures and other helper elements. 10 The use of libdrm not only avoids exposing the kernel interface directly to user space, but presents the usual advantages of reusing and sharing code between programs. Direct Rendering Manager architecture details: drm core and drm driver (including gem and kms) interfaced by libdrm drm consists of two parts: a generic "drm core" and a specific one drm driver for each type of supported hardware. 11 drm core provides the basic framework where different drm drivers can register, and also provides to user space a minimum set of ioctls with common, hardware -independent functionality. 8 a drm driver, on the other hand, implements the hardware -dependent part of the api, specific to the type of gpu it supports; it should provide the implementation of the remaining ioctls not covered by drm core, but it may also extend the api. 8 When a specific drm driver provides an enhanced api, user space libdrm is also extended by an extra library libdrm- driver that can be used by user space to interface with the additional ioctls. Api edit The drm core exports several interfaces to user-space applications, generally intended to be used through corresponding libdrm wrapper functions. In addition, drivers export device-specific interfaces for use by user-space drivers device-aware applications through ioctls and sysfs files. External interfaces include: memory mapping, context management, dma operations, agp management, vblank control, fence management, memory management, and output management.

The scope of drm has been expanded over the years to homework cover more functionality previously handled by user space programs, such as framebuffer managing and mode setting, memory sharing objects and memory synchronization. 5 6 Some of these expansions were given specific names, such as Graphics Execution Manager (GEM) or Kernel Mode-setting (kms and the terminology prevails when the functionality they provide is specifically alluded. But they are really parts of the whole kernel drm subsystem. The trend to popular include two gpus in a computer—a discrete gpu and an integrated one—led to new problems such as gpu switching that also needed to be solved at the drm layer. In order to match the nvidia optimus technology, drm was provided with gpu offloading abilities, called prime.

7 Software architecture edit a process using the direct Rendering Manager of the linux Kernel to access a 3D accelerated graphics card The direct Rendering Manager resides in kernel space, so the user space programs must use kernel system calls to request its services. However, drm doesn't define its own customized system calls. Instead, it follows the Unix principle " everything is a file " to expose the gpus through the filesystem name space using device files under the /dev hierarchy. Each gpu detected by drm is referred as a drm device, and a device file /dev/dri/card X (where x is a sequential number) is created to interface with. 8 9 User space programs that want to talk to the gpu must open the file and use ioctl calls to communicate with drm. Different ioctls correspond to different functions of the drm api. A library called libdrm was created to facilitate the interface of user space programs with the drm subsystem.

Drm exposes an, api that user-space programs can use to send commands and data to the gpu, and to perform operations such as configuring the mode setting of the display. Drm was first developed as the kernel space component of the, x Server 's. Direct Rendering Infrastructure, 1 but since then it has been used by other graphic stack alternatives such. User-space programs can use the drm api to command the gpu to do hardware -accelerated 3D rendering and video decoding as well as, gpgpu computing. Contents, overview edit, the, linux Kernel already had. Api called fbdev, used to manage the framebuffer of a graphics adapter, 2 but it couldn't be used to handle the needs of modern 3D accelerated gpu based video hardware.

These devices usually require setting and managing a command queue in their own memory to dispatch commands to the gpu, and also require management of buffers and free space within that memory. 3 Initially, user-space programs (such as the x server ) directly managed these resources, but they usually acted as if they were the only ones with access to them. When two or more programs tried to control the same hardware at the same time, and set its resources each one in its own way, most times they ended catastrophically. 3 drm allows multiple programs concurrently access to the 3d video card avoiding collisions The direct Rendering Manager was created to allow multiple programs to use video hardware resources cooperatively. 4 The drm gets exclusive access to the gpu, and it's responsible for initializing and maintaining the command queue, memory, and any other hardware resource. Programs wishing to use the gpu send requests to drm, which acts as an arbitrator and takes care to avoid possible conflicts.

