Google Git
Sign in
android / kernel / msm / refs/heads/android-msm-coral-4.14-android10 / . / drivers / char / adsprpc.c
blob: 1884913bb6e1b62155be4e44093f747c17a952e4 [file] [log] [blame]
/*
* Copyright (c) 2012-2019, The Linux Foundation. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 and
* only version 2 as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
*/
#include <linux/dma-buf.h>
#include <linux/dma-mapping.h>
#include <linux/slab.h>
#include <linux/completion.h>
#include <linux/pagemap.h>
#include <linux/mm.h>
#include <linux/fs.h>
#include <linux/sched.h>
#include <linux/module.h>
#include <linux/cdev.h>
#include <linux/list.h>
#include <linux/hash.h>
#include <linux/msm_ion.h>
#include <soc/qcom/secure_buffer.h>
#include <linux/rpmsg.h>
#include <soc/qcom/subsystem_notif.h>
#include <soc/qcom/subsystem_restart.h>
#include <soc/qcom/service-notifier.h>
#include <soc/qcom/service-locator.h>
#include <linux/scatterlist.h>
#include <linux/fs.h>
#include <linux/uaccess.h>
#include <linux/device.h>
#include <linux/of.h>
#include <linux/of_address.h>
#include <linux/of_platform.h>
#include <linux/dma-contiguous.h>
#include <linux/cma.h>
#include <linux/iommu.h>
#include <linux/sort.h>
#include <linux/msm_dma_iommu_mapping.h>
#include <asm/dma-iommu.h>
#include <soc/qcom/scm.h>
#include "adsprpc_compat.h"
#include "adsprpc_shared.h"
#include <soc/qcom/ramdump.h>
#include <linux/debugfs.h>
#include <linux/pm_qos.h>
#define TZ_PIL_PROTECT_MEM_SUBSYS_ID 0x0C
#define TZ_PIL_CLEAR_PROTECT_MEM_SUBSYS_ID 0x0D
#define TZ_PIL_AUTH_QDSP6_PROC 1
#define ADSP_MMAP_HEAP_ADDR 4
#define ADSP_MMAP_REMOTE_HEAP_ADDR 8
#define ADSP_MMAP_ADD_PAGES 0x1000
#define FASTRPC_DMAHANDLE_NOMAP (16)
#define FASTRPC_ENOSUCH 39
#define VMID_SSC_Q6 5
#define VMID_ADSP_Q6 6
#define DEBUGFS_SIZE 3072
#define UL_SIZE 25
#define PID_SIZE 10
#define AUDIO_PDR_SERVICE_LOCATION_CLIENT_NAME "audio_pdr_adsprpc"
#define AUDIO_PDR_ADSP_SERVICE_NAME "avs/audio"
#define SENSORS_PDR_SERVICE_LOCATION_CLIENT_NAME "sensors_pdr_adsprpc"
#define SENSORS_PDR_ADSP_SERVICE_NAME "tms/servreg"
#define RPC_TIMEOUT (5 * HZ)
#define BALIGN 128
#define NUM_CHANNELS 4 /* adsp, mdsp, slpi, cdsp*/
#define NUM_SESSIONS 9 /*8 compute, 1 cpz*/
#define M_FDLIST (16)
#define M_CRCLIST (64)
#define SESSION_ID_INDEX (30)
#define FASTRPC_CTX_MAGIC (0xbeeddeed)
#define FASTRPC_CTX_MAX (256)
#define FASTRPC_CTXID_MASK (0xFF0)
#define NUM_DEVICES 2 /* adsprpc-smd, adsprpc-smd-secure */
#define MINOR_NUM_DEV 0
#define MINOR_NUM_SECURE_DEV 1
#define NON_SECURE_CHANNEL 0
#define SECURE_CHANNEL 1
#define IS_CACHE_ALIGNED(x) (((x) & ((L1_CACHE_BYTES)-1)) == 0)
#ifndef ION_FLAG_CACHED
#define ION_FLAG_CACHED (1)
#endif
#define ADSP_DOMAIN_ID (0)
#define MDSP_DOMAIN_ID (1)
#define SDSP_DOMAIN_ID (2)
#define CDSP_DOMAIN_ID (3)
#define PERF_KEYS \
"count:flush:map:copy:rpmsg:getargs:putargs:invalidate:invoke:tid:ptr"
#define FASTRPC_STATIC_HANDLE_KERNEL (1)
#define FASTRPC_STATIC_HANDLE_LISTENER (3)
#define FASTRPC_STATIC_HANDLE_MAX (20)
#define FASTRPC_LATENCY_CTRL_ENB (1)
#define FASTRPC_TIMEOUT (3000) /* 3s */
#define INIT_FILELEN_MAX (2*1024*1024)
#define INIT_MEMLEN_MAX (8*1024*1024)
#define MAX_CACHE_BUF_SIZE (8*1024*1024)
#define PERF_END (void)0
#define PERF(enb, cnt, ff) \
{\
struct timespec startT = {0};\
int64_t *counter = cnt;\
if (enb && counter) {\
getnstimeofday(&startT);\
} \
ff ;\
if (enb && counter) {\
*counter += getnstimediff(&startT);\
} \
}
#define GET_COUNTER(perf_ptr, offset) \
(perf_ptr != NULL ?\
(((offset >= 0) && (offset < PERF_KEY_MAX)) ?\
(int64_t *)(perf_ptr + offset)\
: (int64_t *)NULL) : (int64_t *)NULL)
static int fastrpc_pdr_notifier_cb(struct notifier_block *nb,
unsigned long code,
void *data);
static struct dentry *debugfs_root;
static struct dentry *debugfs_global_file;
static inline uint64_t buf_page_start(uint64_t buf)
{
uint64_t start = (uint64_t) buf & PAGE_MASK;
return start;
}
static inline uint64_t buf_page_offset(uint64_t buf)
{
uint64_t offset = (uint64_t) buf & (PAGE_SIZE - 1);
return offset;
}
static inline uint64_t buf_num_pages(uint64_t buf, size_t len)
{
uint64_t start = buf_page_start(buf) >> PAGE_SHIFT;
uint64_t end = (((uint64_t) buf + len - 1) & PAGE_MASK) >> PAGE_SHIFT;
uint64_t nPages = end - start + 1;
return nPages;
}
static inline uint64_t buf_page_size(uint32_t size)
{
uint64_t sz = (size + (PAGE_SIZE - 1)) & PAGE_MASK;
return sz > PAGE_SIZE ? sz : PAGE_SIZE;
}
static inline void *uint64_to_ptr(uint64_t addr)
{
void *ptr = (void *)((uintptr_t)addr);
return ptr;
}
static inline uint64_t ptr_to_uint64(void *ptr)
{
uint64_t addr = (uint64_t)((uintptr_t)ptr);
return addr;
}
struct secure_vm {
int *vmid;
int *vmperm;
int vmcount;
};
struct fastrpc_file;
struct fastrpc_buf {
struct hlist_node hn;
struct hlist_node hn_rem;
struct fastrpc_file *fl;
void *virt;
uint64_t phys;
size_t size;
unsigned long dma_attr;
uintptr_t raddr;
uint32_t flags;
int remote;
};
struct fastrpc_ctx_lst;
struct overlap {
uintptr_t start;
uintptr_t end;
int raix;
uintptr_t mstart;
uintptr_t mend;
uintptr_t offset;
};
struct smq_invoke_ctx {
struct hlist_node hn;
struct completion work;
int retval;
int pid;
int tgid;
remote_arg_t *lpra;
remote_arg64_t *rpra;
remote_arg64_t *lrpra; /* Local copy of rpra for put_args */
int *fds;
unsigned int *attrs;
struct fastrpc_mmap **maps;
struct fastrpc_buf *buf;
struct fastrpc_buf *lbuf;
size_t used;
struct fastrpc_file *fl;
uint32_t sc;
struct overlap *overs;
struct overlap **overps;
struct smq_msg msg;
uint32_t *crc;
unsigned int magic;
uint64_t ctxid;
};
struct fastrpc_ctx_lst {
struct hlist_head pending;
struct hlist_head interrupted;
};
struct fastrpc_smmu {
struct device *dev;
struct dma_iommu_mapping *mapping;
const char *dev_name;
int cb;
int enabled;
int faults;
int secure;
int coherent;
};
struct fastrpc_session_ctx {
struct device *dev;
struct fastrpc_smmu smmu;
int used;
};
struct fastrpc_static_pd {
char *spdname;
struct notifier_block pdrnb;
struct notifier_block get_service_nb;
void *pdrhandle;
int pdrcount;
int prevpdrcount;
int ispdup;
int cid;
};
struct fastrpc_channel_ctx {
char *name;
char *subsys;
struct rpmsg_device *rpdev;
struct device *dev;
struct fastrpc_session_ctx session[NUM_SESSIONS];
struct fastrpc_static_pd spd[NUM_SESSIONS];
struct completion work;
struct completion workport;
struct notifier_block nb;
struct mutex smd_mutex;
struct mutex rpmsg_mutex;
int sesscount;
int ssrcount;
void *handle;
int prevssrcount;
int issubsystemup;
int vmid;
struct secure_vm rhvm;
int ramdumpenabled;
void *remoteheap_ramdump_dev;
/* Indicates, if channel is restricted to secure node only */
int secure;
};
struct fastrpc_apps {
struct fastrpc_channel_ctx *channel;
struct cdev cdev;
struct class *class;
struct smq_phy_page range;
struct hlist_head maps;
uint32_t staticpd_flags;
dev_t dev_no;
int compat;
struct hlist_head drivers;
spinlock_t hlock;
struct device *dev;
unsigned int latency;
int rpmsg_register;
spinlock_t ctxlock;
struct smq_invoke_ctx *ctxtable[FASTRPC_CTX_MAX];
bool legacy_remote_heap;
};
struct fastrpc_mmap {
struct hlist_node hn;
struct fastrpc_file *fl;
struct fastrpc_apps *apps;
int fd;
uint32_t flags;
struct dma_buf *buf;
struct sg_table *table;
struct dma_buf_attachment *attach;
struct ion_handle *handle;
uint64_t phys;
size_t size;
uintptr_t va;
size_t len;
int refs;
uintptr_t raddr;
int uncached;
int secure;
uintptr_t attr;
};
enum fastrpc_perfkeys {
PERF_COUNT = 0,
PERF_FLUSH = 1,
PERF_MAP = 2,
PERF_COPY = 3,
PERF_LINK = 4,
PERF_GETARGS = 5,
PERF_PUTARGS = 6,
PERF_INVARGS = 7,
PERF_INVOKE = 8,
PERF_KEY_MAX = 9,
};
struct fastrpc_perf {
int64_t count;
int64_t flush;
int64_t map;
int64_t copy;
int64_t link;
int64_t getargs;
int64_t putargs;
int64_t invargs;
int64_t invoke;
int64_t tid;
struct hlist_node hn;
};
struct fastrpc_file {
struct hlist_node hn;
spinlock_t hlock;
struct hlist_head maps;
struct hlist_head cached_bufs;
struct hlist_head remote_bufs;
struct fastrpc_ctx_lst clst;
struct fastrpc_session_ctx *sctx;
struct fastrpc_buf *init_mem;
struct fastrpc_session_ctx *secsctx;
uint32_t mode;
uint32_t profile;
int sessionid;
int tgid;
int cid;
int ssrcount;
int pd;
char *spdname;
int file_close;
int dsp_process_init;
struct fastrpc_apps *apps;
struct hlist_head perf;
struct dentry *debugfs_file;
struct mutex perf_mutex;
struct pm_qos_request pm_qos_req;
int qos_request;
struct mutex map_mutex;
struct mutex internal_map_mutex;
/* Identifies the device (MINOR_NUM_DEV / MINOR_NUM_SECURE_DEV) */
int dev_minor;
char *debug_buf;
};
static struct fastrpc_apps gfa;
static struct fastrpc_channel_ctx gcinfo[NUM_CHANNELS] = {
{
.name = "adsprpc-smd",
.subsys = "adsp",
.spd = {
{
.spdname =
AUDIO_PDR_SERVICE_LOCATION_CLIENT_NAME,
.pdrnb.notifier_call =
fastrpc_pdr_notifier_cb,
.cid = ADSP_DOMAIN_ID,
},
{
.spdname =
SENSORS_PDR_SERVICE_LOCATION_CLIENT_NAME,
.pdrnb.notifier_call =
fastrpc_pdr_notifier_cb,
.cid = ADSP_DOMAIN_ID,
}
},
},
{
.name = "mdsprpc-smd",
.subsys = "modem",
.spd = {
{
.cid = MDSP_DOMAIN_ID,
}
},
},
{
.name = "sdsprpc-smd",
.subsys = "slpi",
.spd = {
{
.cid = SDSP_DOMAIN_ID,
}
},
},
{
.name = "cdsprpc-smd",
.subsys = "cdsp",
.spd = {
{
.cid = CDSP_DOMAIN_ID,
}
},
},
};
static int hlosvm[1] = {VMID_HLOS};
static int hlosvmperm[1] = {PERM_READ | PERM_WRITE | PERM_EXEC};
static inline int64_t getnstimediff(struct timespec *start)
{
int64_t ns;
struct timespec ts, b;
getnstimeofday(&ts);
b = timespec_sub(ts, *start);
ns = timespec_to_ns(&b);
return ns;
}
static inline int64_t *getperfcounter(struct fastrpc_file *fl, int key)
{
int err = 0;
int64_t *val = NULL;
struct fastrpc_perf *perf = NULL, *fperf = NULL;
struct hlist_node *n = NULL;
VERIFY(err, !IS_ERR_OR_NULL(fl));
if (err)
goto bail;
mutex_lock(&fl->perf_mutex);
hlist_for_each_entry_safe(perf, n, &fl->perf, hn) {
if (perf->tid == current->pid) {
fperf = perf;
break;
}
}
if (IS_ERR_OR_NULL(fperf)) {
fperf = kzalloc(sizeof(*fperf), GFP_KERNEL);
VERIFY(err, !IS_ERR_OR_NULL(fperf));
if (err) {
mutex_unlock(&fl->perf_mutex);
kfree(fperf);
goto bail;
}
fperf->tid = current->pid;
hlist_add_head(&fperf->hn, &fl->perf);
}
val = ((int64_t *)fperf) + key;
mutex_unlock(&fl->perf_mutex);
bail:
return val;
}
static void fastrpc_buf_free(struct fastrpc_buf *buf, int cache)
{
struct fastrpc_file *fl = buf == NULL ? NULL : buf->fl;
int vmid;
if (!fl)
return;
if (cache && buf->size < MAX_CACHE_BUF_SIZE) {
spin_lock(&fl->hlock);
hlist_add_head(&buf->hn, &fl->cached_bufs);
spin_unlock(&fl->hlock);
return;
}
if (buf->remote) {
spin_lock(&fl->hlock);
hlist_del_init(&buf->hn_rem);
spin_unlock(&fl->hlock);
buf->remote = 0;
buf->raddr = 0;
}
if (!IS_ERR_OR_NULL(buf->virt)) {
int destVM[1] = {VMID_HLOS};
int destVMperm[1] = {PERM_READ | PERM_WRITE | PERM_EXEC};
if (fl->sctx->smmu.cb && fl->cid != SDSP_DOMAIN_ID)
buf->phys &= ~((uint64_t)fl->sctx->smmu.cb << 32);
vmid = fl->apps->channel[fl->cid].vmid;
if (vmid) {
int srcVM[2] = {VMID_HLOS, vmid};
hyp_assign_phys(buf->phys, buf_page_size(buf->size),
srcVM, 2, destVM, destVMperm, 1);
}
dma_free_attrs(fl->sctx->smmu.dev, buf->size, buf->virt,
buf->phys, buf->dma_attr);
}
kfree(buf);
}
static void fastrpc_cached_buf_list_free(struct fastrpc_file *fl)
{
struct fastrpc_buf *buf, *free;
do {
struct hlist_node *n;
free = NULL;
spin_lock(&fl->hlock);
hlist_for_each_entry_safe(buf, n, &fl->cached_bufs, hn) {
hlist_del_init(&buf->hn);
free = buf;
break;
}
spin_unlock(&fl->hlock);
if (free)
fastrpc_buf_free(free, 0);
} while (free);
}
static void fastrpc_remote_buf_list_free(struct fastrpc_file *fl)
{
struct fastrpc_buf *buf, *free;
do {
struct hlist_node *n;
free = NULL;
spin_lock(&fl->hlock);
hlist_for_each_entry_safe(buf, n, &fl->remote_bufs, hn_rem) {
free = buf;
break;
}
spin_unlock(&fl->hlock);
if (free)
fastrpc_buf_free(free, 0);
} while (free);
}
static void fastrpc_mmap_add(struct fastrpc_mmap *map)
{
if (map->flags == ADSP_MMAP_HEAP_ADDR ||
map->flags == ADSP_MMAP_REMOTE_HEAP_ADDR) {
struct fastrpc_apps *me = &gfa;
spin_lock(&me->hlock);
hlist_add_head(&map->hn, &me->maps);
spin_unlock(&me->hlock);
} else {
struct fastrpc_file *fl = map->fl;
hlist_add_head(&map->hn, &fl->maps);
}
}
static int fastrpc_mmap_find(struct fastrpc_file *fl, int fd,
uintptr_t va, size_t len, int mflags, int refs,
struct fastrpc_mmap **ppmap)
{
struct fastrpc_apps *me = &gfa;
struct fastrpc_mmap *match = NULL, *map = NULL;
struct hlist_node *n;
if ((va + len) < va)
return -EOVERFLOW;
if (mflags == ADSP_MMAP_HEAP_ADDR ||
mflags == ADSP_MMAP_REMOTE_HEAP_ADDR) {
spin_lock(&me->hlock);
hlist_for_each_entry_safe(map, n, &me->maps, hn) {
if (va >= map->va &&
va + len <= map->va + map->len &&
map->fd == fd) {
if (refs)
map->refs++;
match = map;
break;
}
}
spin_unlock(&me->hlock);
} else {
hlist_for_each_entry_safe(map, n, &fl->maps, hn) {
if (va >= map->va &&
va + len <= map->va + map->len &&
map->fd == fd) {
if (refs)
map->refs++;
match = map;
break;
}
}
}
if (match) {
*ppmap = match;
return 0;
}
return -ENOTTY;
}
static int dma_alloc_memory(dma_addr_t *region_phys, void **vaddr, size_t size,
unsigned long dma_attr)
{
struct fastrpc_apps *me = &gfa;
if (me->dev == NULL) {
pr_err("device adsprpc-mem is not initialized\n");
return -ENODEV;
}
*vaddr = dma_alloc_attrs(me->dev, size, region_phys,
GFP_KERNEL, dma_attr);
if (IS_ERR_OR_NULL(*vaddr)) {
pr_err("adsprpc: %s: %s: dma_alloc_attrs failed for size 0x%zx, returned %ld\n",
current->comm, __func__, size, PTR_ERR(*vaddr));
return -ENOMEM;
}
return 0;
}
static int fastrpc_mmap_remove(struct fastrpc_file *fl, uintptr_t va,
size_t len, struct fastrpc_mmap **ppmap)
{
struct fastrpc_mmap *match = NULL, *map;
struct hlist_node *n;
struct fastrpc_apps *me = &gfa;
spin_lock(&me->hlock);
hlist_for_each_entry_safe(map, n, &me->maps, hn) {
if (map->raddr == va &&
map->raddr + map->len == va + len &&
map->refs == 1) {
match = map;
hlist_del_init(&map->hn);
break;
}
}
spin_unlock(&me->hlock);
if (match) {
*ppmap = match;
return 0;
}
hlist_for_each_entry_safe(map, n, &fl->maps, hn) {
if (map->raddr == va &&
map->raddr + map->len == va + len &&
map->refs == 1) {
match = map;
hlist_del_init(&map->hn);
break;
}
}
if (match) {
*ppmap = match;
return 0;
}
return -ENOTTY;
}
static void fastrpc_mmap_free(struct fastrpc_mmap *map, uint32_t flags)
{
struct fastrpc_apps *me = &gfa;
struct fastrpc_file *fl;
int vmid;
struct fastrpc_session_ctx *sess;
if (!map)
return;
fl = map->fl;
if (map->flags == ADSP_MMAP_HEAP_ADDR ||
map->flags == ADSP_MMAP_REMOTE_HEAP_ADDR) {
map->refs--;
if (!map->refs)
hlist_del_init(&map->hn);
if (map->refs > 0)
return;
} else {
map->refs--;
if (!map->refs)
hlist_del_init(&map->hn);
if (map->refs > 0 && !flags)
return;
}
if (map->flags == ADSP_MMAP_HEAP_ADDR ||
map->flags == ADSP_MMAP_REMOTE_HEAP_ADDR) {
if (me->dev == NULL) {
pr_err("failed to free remote heap allocation\n");
return;
}
if (map->phys) {
dma_free_attrs(me->dev, map->size, (void *)map->va,
(dma_addr_t)map->phys, (unsigned long)map->attr);
}
} else if (map->flags == FASTRPC_DMAHANDLE_NOMAP) {
if (!IS_ERR_OR_NULL(map->table))
dma_buf_unmap_attachment(map->attach, map->table,
DMA_BIDIRECTIONAL);
if (!IS_ERR_OR_NULL(map->attach))
dma_buf_detach(map->buf, map->attach);
if (!IS_ERR_OR_NULL(map->buf))
dma_buf_put(map->buf);
} else {
int destVM[1] = {VMID_HLOS};
int destVMperm[1] = {PERM_READ | PERM_WRITE | PERM_EXEC};
if (map->secure)
sess = fl->secsctx;
else
sess = fl->sctx;
vmid = fl->apps->channel[fl->cid].vmid;
if (vmid && map->phys) {
int srcVM[2] = {VMID_HLOS, vmid};
hyp_assign_phys(map->phys, buf_page_size(map->size),
srcVM, 2, destVM, destVMperm, 1);
}
if (!IS_ERR_OR_NULL(map->table))
dma_buf_unmap_attachment(map->attach, map->table,
DMA_BIDIRECTIONAL);
if (!IS_ERR_OR_NULL(map->attach))
dma_buf_detach(map->buf, map->attach);
if (!IS_ERR_OR_NULL(map->buf))
dma_buf_put(map->buf);
}
kfree(map);
}
static int fastrpc_session_alloc(struct fastrpc_channel_ctx *chan, int secure,
struct fastrpc_session_ctx **session);
static int fastrpc_mmap_create(struct fastrpc_file *fl, int fd,
unsigned int attr, uintptr_t va, size_t len, int mflags,
struct fastrpc_mmap **ppmap)
{
struct fastrpc_apps *me = &gfa;
struct fastrpc_session_ctx *sess;
struct fastrpc_apps *apps = fl->apps;
int cid = fl->cid;
struct fastrpc_channel_ctx *chan = NULL;
struct fastrpc_mmap *map = NULL;
dma_addr_t region_phys = 0;
void *region_vaddr = NULL;
unsigned long flags;
int err = 0, vmid, sgl_index = 0;
struct scatterlist *sgl = NULL;
VERIFY(err, cid >= 0 && cid < NUM_CHANNELS);
if (err)
goto bail;
chan = &apps->channel[cid];
if (!fastrpc_mmap_find(fl, fd, va, len, mflags, 1, ppmap))
return 0;
map = kzalloc(sizeof(*map), GFP_KERNEL);
VERIFY(err, !IS_ERR_OR_NULL(map));
if (err)
goto bail;
INIT_HLIST_NODE(&map->hn);
map->flags = mflags;
map->refs = 1;
map->fl = fl;
map->fd = fd;
map->attr = attr;
if (mflags == ADSP_MMAP_HEAP_ADDR ||
mflags == ADSP_MMAP_REMOTE_HEAP_ADDR) {
map->apps = me;
map->fl = NULL;
map->attr |= DMA_ATTR_SKIP_ZEROING | DMA_ATTR_NO_KERNEL_MAPPING;
VERIFY(err, !dma_alloc_memory(&region_phys, &region_vaddr,
len, (unsigned long) map->attr));
if (err)
goto bail;
map->phys = (uintptr_t)region_phys;
map->size = len;
map->va = (uintptr_t)region_vaddr;
} else if (mflags == FASTRPC_DMAHANDLE_NOMAP) {
VERIFY(err, !IS_ERR_OR_NULL(map->buf = dma_buf_get(fd)));
if (err)
goto bail;
VERIFY(err, !dma_buf_get_flags(map->buf, &flags));
if (err)
goto bail;
map->secure = flags & ION_FLAG_SECURE;
map->uncached = 1;
map->va = 0;
map->phys = 0;
VERIFY(err, !IS_ERR_OR_NULL(map->attach =
dma_buf_attach(map->buf, me->dev)));
if (err)
goto bail;
map->attach->dma_map_attrs |= DMA_ATTR_SKIP_CPU_SYNC;
VERIFY(err, !IS_ERR_OR_NULL(map->table =
dma_buf_map_attachment(map->attach,
DMA_BIDIRECTIONAL)));
if (err)
goto bail;
VERIFY(err, map->table->nents == 1);
if (err)
goto bail;
map->phys = sg_dma_address(map->table->sgl);
} else {
if (map->attr && (map->attr & FASTRPC_ATTR_KEEP_MAP)) {
pr_info("adsprpc: buffer mapped with persist attr %x\n",
(unsigned int)map->attr);
map->refs = 2;
}
VERIFY(err, !IS_ERR_OR_NULL(map->buf = dma_buf_get(fd)));
if (err)
goto bail;
VERIFY(err, !dma_buf_get_flags(map->buf, &flags));
if (err)
goto bail;
map->secure = flags & ION_FLAG_SECURE;
if (map->secure) {
if (!fl->secsctx)
err = fastrpc_session_alloc(chan, 1,
&fl->secsctx);
if (err)
goto bail;
}
if (map->secure)
sess = fl->secsctx;
else
sess = fl->sctx;
VERIFY(err, !IS_ERR_OR_NULL(sess));
if (err)
goto bail;
map->uncached = !(flags & ION_FLAG_CACHED);
if (map->attr & FASTRPC_ATTR_NOVA && !sess->smmu.coherent)
map->uncached = 1;
VERIFY(err, !IS_ERR_OR_NULL(map->attach =
dma_buf_attach(map->buf, sess->smmu.dev)));
if (err)
goto bail;
map->attach->dma_map_attrs |= DMA_ATTR_DELAYED_UNMAP;
map->attach->dma_map_attrs |= DMA_ATTR_EXEC_MAPPING;
if (map->attr & FASTRPC_ATTR_NON_COHERENT ||
(sess->smmu.coherent && map->uncached))
map->attach->dma_map_attrs |=
DMA_ATTR_FORCE_NON_COHERENT |
DMA_ATTR_SKIP_CPU_SYNC;
else if (map->attr & FASTRPC_ATTR_COHERENT)
map->attach->dma_map_attrs |= DMA_ATTR_FORCE_COHERENT;
VERIFY(err, !IS_ERR_OR_NULL(map->table =
dma_buf_map_attachment(map->attach,
DMA_BIDIRECTIONAL)));
if (err)
goto bail;
if (!sess->smmu.enabled) {
VERIFY(err, map->table->nents == 1);
if (err)
goto bail;
}
map->phys = sg_dma_address(map->table->sgl);
if (sess->smmu.cb) {
if (fl->cid != SDSP_DOMAIN_ID)
map->phys += ((uint64_t)sess->smmu.cb << 32);
for_each_sg(map->table->sgl, sgl, map->table->nents,
sgl_index)
map->size += sg_dma_len(sgl);
} else {
map->size = buf_page_size(len);
}
vmid = fl->apps->channel[fl->cid].vmid;
if (!sess->smmu.enabled && !vmid) {
VERIFY(err, map->phys >= me->range.addr &&
map->phys + map->size <=
me->range.addr + me->range.size);
if (err) {
pr_err("adsprpc: %s: phys addr 0x%llx (size 0x%zx) out of CMA heap range\n",
__func__, map->phys, map->size);
goto bail;
}
}
if (vmid) {
int srcVM[1] = {VMID_HLOS};
int destVM[2] = {VMID_HLOS, vmid};
int destVMperm[2] = {PERM_READ | PERM_WRITE,
PERM_READ | PERM_WRITE | PERM_EXEC};
VERIFY(err, !hyp_assign_phys(map->phys,
buf_page_size(map->size),
srcVM, 1, destVM, destVMperm, 2));
if (err)
goto bail;
}
map->va = va;
}
map->len = len;
fastrpc_mmap_add(map);
*ppmap = map;
bail:
if (err && map)
fastrpc_mmap_free(map, 0);
return err;
}
static int fastrpc_buf_alloc(struct fastrpc_file *fl, size_t size,
unsigned long dma_attr, uint32_t rflags,
int remote, struct fastrpc_buf **obuf)
{
int err = 0, vmid;
struct fastrpc_buf *buf = NULL, *fr = NULL;
struct hlist_node *n;
VERIFY(err, size > 0);
if (err)
goto bail;
if (!remote) {
/* find the smallest buffer that fits in the cache */
spin_lock(&fl->hlock);
hlist_for_each_entry_safe(buf, n, &fl->cached_bufs, hn) {
if (buf->size >= size && (!fr || fr->size > buf->size))
fr = buf;
}
if (fr)
hlist_del_init(&fr->hn);
spin_unlock(&fl->hlock);
if (fr) {
*obuf = fr;
return 0;
}
}
buf = NULL;
VERIFY(err, NULL != (buf = kzalloc(sizeof(*buf), GFP_KERNEL)));
if (err)
goto bail;
INIT_HLIST_NODE(&buf->hn);
buf->fl = fl;
buf->virt = NULL;
buf->phys = 0;
buf->size = size;
buf->dma_attr = dma_attr;
buf->flags = rflags;
buf->raddr = 0;
buf->remote = 0;
buf->virt = dma_alloc_attrs(fl->sctx->smmu.dev, buf->size,
(dma_addr_t *)&buf->phys,
GFP_KERNEL, buf->dma_attr);
if (IS_ERR_OR_NULL(buf->virt)) {
/* free cache and retry */
fastrpc_cached_buf_list_free(fl);
buf->virt = dma_alloc_attrs(fl->sctx->smmu.dev, buf->size,
(dma_addr_t *)&buf->phys, GFP_KERNEL,
buf->dma_attr);
VERIFY(err, !IS_ERR_OR_NULL(buf->virt));
}
if (err) {
err = -ENOMEM;
pr_err("adsprpc: %s: %s: dma_alloc_attrs failed for size 0x%zx, returned %ld\n",
current->comm, __func__, size, PTR_ERR(buf->virt));
goto bail;
}
if (fl->sctx->smmu.cb && fl->cid != SDSP_DOMAIN_ID)
buf->phys += ((uint64_t)fl->sctx->smmu.cb << 32);
vmid = fl->apps->channel[fl->cid].vmid;
if (vmid) {
int srcVM[1] = {VMID_HLOS};
int destVM[2] = {VMID_HLOS, vmid};
int destVMperm[2] = {PERM_READ | PERM_WRITE,
PERM_READ | PERM_WRITE | PERM_EXEC};
VERIFY(err, !hyp_assign_phys(buf->phys, buf_page_size(size),
srcVM, 1, destVM, destVMperm, 2));
if (err)
goto bail;
}
if (remote) {
INIT_HLIST_NODE(&buf->hn_rem);
spin_lock(&fl->hlock);
hlist_add_head(&buf->hn_rem, &fl->remote_bufs);
spin_unlock(&fl->hlock);
buf->remote = remote;
}
*obuf = buf;
bail:
if (err && buf)
fastrpc_buf_free(buf, 0);
return err;
}
static int context_restore_interrupted(struct fastrpc_file *fl,
struct fastrpc_ioctl_invoke_crc *inv,
struct smq_invoke_ctx **po)
{
int err = 0;
struct smq_invoke_ctx *ctx = NULL, *ictx = NULL;
struct hlist_node *n;
struct fastrpc_ioctl_invoke *invoke = &inv->inv;
spin_lock(&fl->hlock);
hlist_for_each_entry_safe(ictx, n, &fl->clst.interrupted, hn) {
if (ictx->pid == current->pid) {
if (invoke->sc != ictx->sc || ictx->fl != fl)
err = -1;
else {
ctx = ictx;
hlist_del_init(&ctx->hn);
hlist_add_head(&ctx->hn, &fl->clst.pending);
}
break;
}
}
spin_unlock(&fl->hlock);
if (ctx)
*po = ctx;
return err;
}
#define CMP(aa, bb) ((aa) == (bb) ? 0 : (aa) < (bb) ? -1 : 1)
static int overlap_ptr_cmp(const void *a, const void *b)
{
struct overlap *pa = *((struct overlap **)a);
struct overlap *pb = *((struct overlap **)b);
/* sort with lowest starting buffer first */
int st = CMP(pa->start, pb->start);
/* sort with highest ending buffer first */
int ed = CMP(pb->end, pa->end);
return st == 0 ? ed : st;
}
static int context_build_overlap(struct smq_invoke_ctx *ctx)
{
int i, err = 0;
remote_arg_t *lpra = ctx->lpra;
int inbufs = REMOTE_SCALARS_INBUFS(ctx->sc);
int outbufs = REMOTE_SCALARS_OUTBUFS(ctx->sc);
int nbufs = inbufs + outbufs;
struct overlap max;
for (i = 0; i < nbufs; ++i) {
ctx->overs[i].start = (uintptr_t)lpra[i].buf.pv;
ctx->overs[i].end = ctx->overs[i].start + lpra[i].buf.len;
if (lpra[i].buf.len) {
VERIFY(err, ctx->overs[i].end > ctx->overs[i].start);
if (err)
goto bail;
}
ctx->overs[i].raix = i;
ctx->overps[i] = &ctx->overs[i];
}
sort(ctx->overps, nbufs, sizeof(*ctx->overps), overlap_ptr_cmp, NULL);
max.start = 0;
max.end = 0;
for (i = 0; i < nbufs; ++i) {
if (ctx->overps[i]->start < max.end) {
ctx->overps[i]->mstart = max.end;
ctx->overps[i]->mend = ctx->overps[i]->end;
ctx->overps[i]->offset = max.end -
ctx->overps[i]->start;
if (ctx->overps[i]->end > max.end) {
max.end = ctx->overps[i]->end;
} else {
ctx->overps[i]->mend = 0;
ctx->overps[i]->mstart = 0;
}
} else {
ctx->overps[i]->mend = ctx->overps[i]->end;
ctx->overps[i]->mstart = ctx->overps[i]->start;
ctx->overps[i]->offset = 0;
max = *ctx->overps[i];
}
}
bail:
return err;
}
#define K_COPY_FROM_USER(err, kernel, dst, src, size) \
do {\
if (!(kernel))\
VERIFY(err, 0 == copy_from_user((dst),\
(void const __user *)(src),\
(size)));\
else\
memmove((dst), (src), (size));\
} while (0)
#define K_COPY_TO_USER(err, kernel, dst, src, size) \
do {\
if (!(kernel))\
VERIFY(err, 0 == copy_to_user((void __user *)(dst),\
(src), (size)));\
else\
memmove((dst), (src), (size));\
} while (0)
static void context_free(struct smq_invoke_ctx *ctx);
static int context_alloc(struct fastrpc_file *fl, uint32_t kernel,
struct fastrpc_ioctl_invoke_crc *invokefd,
struct smq_invoke_ctx **po)
{
struct fastrpc_apps *me = &gfa;
int err = 0, bufs, ii, size = 0;
struct smq_invoke_ctx *ctx = NULL;
struct fastrpc_ctx_lst *clst = &fl->clst;
struct fastrpc_ioctl_invoke *invoke = &invokefd->inv;
bufs = REMOTE_SCALARS_LENGTH(invoke->sc);
size = bufs * sizeof(*ctx->lpra) + bufs * sizeof(*ctx->maps) +
sizeof(*ctx->fds) * (bufs) +
sizeof(*ctx->attrs) * (bufs) +
sizeof(*ctx->overs) * (bufs) +
sizeof(*ctx->overps) * (bufs);
VERIFY(err, NULL != (ctx = kzalloc(sizeof(*ctx) + size, GFP_KERNEL)));
if (err)
goto bail;
INIT_HLIST_NODE(&ctx->hn);
hlist_add_fake(&ctx->hn);
ctx->fl = fl;
ctx->maps = (struct fastrpc_mmap **)(&ctx[1]);
ctx->lpra = (remote_arg_t *)(&ctx->maps[bufs]);
ctx->fds = (int *)(&ctx->lpra[bufs]);
ctx->attrs = (unsigned int *)(&ctx->fds[bufs]);
ctx->overs = (struct overlap *)(&ctx->attrs[bufs]);
ctx->overps = (struct overlap **)(&ctx->overs[bufs]);
K_COPY_FROM_USER(err, kernel, (void *)ctx->lpra, invoke->pra,
bufs * sizeof(*ctx->lpra));
if (err)
goto bail;
if (invokefd->fds) {
K_COPY_FROM_USER(err, kernel, ctx->fds, invokefd->fds,
bufs * sizeof(*ctx->fds));
if (err)
goto bail;
} else {
ctx->fds = NULL;
}
if (invokefd->attrs) {
K_COPY_FROM_USER(err, kernel, ctx->attrs, invokefd->attrs,
bufs * sizeof(*ctx->attrs));
if (err)
goto bail;
}
ctx->crc = (uint32_t *)invokefd->crc;
ctx->sc = invoke->sc;
if (bufs) {
VERIFY(err, 0 == context_build_overlap(ctx));
if (err)
goto bail;
}
ctx->retval = -1;
ctx->pid = current->pid;
ctx->tgid = fl->tgid;
init_completion(&ctx->work);
ctx->magic = FASTRPC_CTX_MAGIC;
spin_lock(&fl->hlock);
hlist_add_head(&ctx->hn, &clst->pending);
spin_unlock(&fl->hlock);
spin_lock(&me->ctxlock);
for (ii = 0; ii < FASTRPC_CTX_MAX; ii++) {
if (!me->ctxtable[ii]) {
me->ctxtable[ii] = ctx;
ctx->ctxid = (ptr_to_uint64(ctx) & ~0xFFF)|(ii << 4);
break;
}
}
spin_unlock(&me->ctxlock);
VERIFY(err, ii < FASTRPC_CTX_MAX);
if (err) {
pr_err("adsprpc: out of context memory\n");
goto bail;
}
*po = ctx;
bail:
if (ctx && err)
context_free(ctx);
return err;
}
static void context_save_interrupted(struct smq_invoke_ctx *ctx)
{
struct fastrpc_ctx_lst *clst = &ctx->fl->clst;
spin_lock(&ctx->fl->hlock);
hlist_del_init(&ctx->hn);
hlist_add_head(&ctx->hn, &clst->interrupted);
spin_unlock(&ctx->fl->hlock);
}
static void context_free(struct smq_invoke_ctx *ctx)
{
int i;
struct fastrpc_apps *me = &gfa;
int nbufs = REMOTE_SCALARS_INBUFS(ctx->sc) +
REMOTE_SCALARS_OUTBUFS(ctx->sc);
spin_lock(&ctx->fl->hlock);
hlist_del_init(&ctx->hn);
spin_unlock(&ctx->fl->hlock);
mutex_lock(&ctx->fl->map_mutex);
for (i = 0; i < nbufs; ++i)
fastrpc_mmap_free(ctx->maps[i], 0);
mutex_unlock(&ctx->fl->map_mutex);
fastrpc_buf_free(ctx->buf, 1);
fastrpc_buf_free(ctx->lbuf, 1);
ctx->magic = 0;
ctx->ctxid = 0;
spin_lock(&me->ctxlock);
for (i = 0; i < FASTRPC_CTX_MAX; i++) {
if (me->ctxtable[i] == ctx) {
me->ctxtable[i] = NULL;
break;
}
}
spin_unlock(&me->ctxlock);
kfree(ctx);
}
static void context_notify_user(struct smq_invoke_ctx *ctx, int retval)
{
ctx->retval = retval;
complete(&ctx->work);
}
static void fastrpc_notify_users(struct fastrpc_file *me)
{
struct smq_invoke_ctx *ictx;
struct hlist_node *n;
spin_lock(&me->hlock);
hlist_for_each_entry_safe(ictx, n, &me->clst.pending, hn) {
complete(&ictx->work);
}
hlist_for_each_entry_safe(ictx, n, &me->clst.interrupted, hn) {
complete(&ictx->work);
}
spin_unlock(&me->hlock);
}
static void fastrpc_notify_users_staticpd_pdr(struct fastrpc_file *me)
{
struct smq_invoke_ctx *ictx;
struct hlist_node *n;
spin_lock(&me->hlock);
hlist_for_each_entry_safe(ictx, n, &me->clst.pending, hn) {
if (ictx->msg.pid)
complete(&ictx->work);
}
hlist_for_each_entry_safe(ictx, n, &me->clst.interrupted, hn) {
if (ictx->msg.pid)
complete(&ictx->work);
}
spin_unlock(&me->hlock);
}
static void fastrpc_notify_drivers(struct fastrpc_apps *me, int cid)
{
struct fastrpc_file *fl;
struct hlist_node *n;
spin_lock(&me->hlock);
hlist_for_each_entry_safe(fl, n, &me->drivers, hn) {
if (fl->cid == cid)
fastrpc_notify_users(fl);
}
spin_unlock(&me->hlock);
}
static void fastrpc_notify_pdr_drivers(struct fastrpc_apps *me, char *spdname)
{
struct fastrpc_file *fl;
struct hlist_node *n;
spin_lock(&me->hlock);
hlist_for_each_entry_safe(fl, n, &me->drivers, hn) {
if (fl->spdname && !strcmp(spdname, fl->spdname))
fastrpc_notify_users_staticpd_pdr(fl);
}
spin_unlock(&me->hlock);
}
static void context_list_ctor(struct fastrpc_ctx_lst *me)
{
INIT_HLIST_HEAD(&me->interrupted);
INIT_HLIST_HEAD(&me->pending);
}
static void fastrpc_context_list_dtor(struct fastrpc_file *fl)
{
struct fastrpc_ctx_lst *clst = &fl->clst;
struct smq_invoke_ctx *ictx = NULL, *ctxfree;
struct hlist_node *n;
do {
ctxfree = NULL;
spin_lock(&fl->hlock);
hlist_for_each_entry_safe(ictx, n, &clst->interrupted, hn) {
hlist_del_init(&ictx->hn);
ctxfree = ictx;
break;
}
spin_unlock(&fl->hlock);
if (ctxfree)
context_free(ctxfree);
} while (ctxfree);
do {
ctxfree = NULL;
spin_lock(&fl->hlock);
hlist_for_each_entry_safe(ictx, n, &clst->pending, hn) {
hlist_del_init(&ictx->hn);
ctxfree = ictx;
break;
}
spin_unlock(&fl->hlock);
if (ctxfree)
context_free(ctxfree);
} while (ctxfree);
}
static int fastrpc_file_free(struct fastrpc_file *fl);
static void fastrpc_file_list_dtor(struct fastrpc_apps *me)
{
struct fastrpc_file *fl, *free;
struct hlist_node *n;
do {
free = NULL;
spin_lock(&me->hlock);
hlist_for_each_entry_safe(fl, n, &me->drivers, hn) {
hlist_del_init(&fl->hn);
free = fl;
break;
}
spin_unlock(&me->hlock);
if (free)
fastrpc_file_free(free);
} while (free);
}
static int get_args(uint32_t kernel, struct smq_invoke_ctx *ctx)
{
remote_arg64_t *rpra, *lrpra;
remote_arg_t *lpra = ctx->lpra;
struct smq_invoke_buf *list;
struct smq_phy_page *pages, *ipage;
uint32_t sc = ctx->sc;
int inbufs = REMOTE_SCALARS_INBUFS(sc);
int outbufs = REMOTE_SCALARS_OUTBUFS(sc);
int handles, bufs = inbufs + outbufs;
uintptr_t args;
size_t rlen = 0, copylen = 0, metalen = 0, lrpralen = 0;
int i, oix;
int err = 0;
int mflags = 0;
uint64_t *fdlist;
uint32_t *crclist;
int64_t *perf_counter = getperfcounter(ctx->fl, PERF_COUNT);
/* calculate size of the metadata */
rpra = NULL;
list = smq_invoke_buf_start(rpra, sc);
pages = smq_phy_page_start(sc, list);
ipage = pages;
PERF(ctx->fl->profile, GET_COUNTER(perf_counter, PERF_MAP),
for (i = 0; i < bufs; ++i) {
uintptr_t buf = (uintptr_t)lpra[i].buf.pv;
size_t len = lpra[i].buf.len;
mutex_lock(&ctx->fl->map_mutex);
if (ctx->fds && (ctx->fds[i] != -1))
fastrpc_mmap_create(ctx->fl, ctx->fds[i],
ctx->attrs[i], buf, len,
mflags, &ctx->maps[i]);
mutex_unlock(&ctx->fl->map_mutex);
ipage += 1;
}
PERF_END);
handles = REMOTE_SCALARS_INHANDLES(sc) + REMOTE_SCALARS_OUTHANDLES(sc);
mutex_lock(&ctx->fl->map_mutex);
for (i = bufs; i < bufs + handles; i++) {
int dmaflags = 0;
if (ctx->attrs && (ctx->attrs[i] & FASTRPC_ATTR_NOMAP))
dmaflags = FASTRPC_DMAHANDLE_NOMAP;
VERIFY(err, !fastrpc_mmap_create(ctx->fl, ctx->fds[i],
FASTRPC_ATTR_NOVA, 0, 0, dmaflags,
&ctx->maps[i]));
if (err) {
mutex_unlock(&ctx->fl->map_mutex);
goto bail;
}
ipage += 1;
}
mutex_unlock(&ctx->fl->map_mutex);
metalen = copylen = (size_t)&ipage[0] + (sizeof(uint64_t) * M_FDLIST) +
(sizeof(uint32_t) * M_CRCLIST);
/* allocate new local rpra buffer */
lrpralen = (size_t)&list[0];
if (lrpralen) {
err = fastrpc_buf_alloc(ctx->fl, lrpralen, 0, 0, 0, &ctx->lbuf);
if (err)
goto bail;
}
if (ctx->lbuf->virt)
memset(ctx->lbuf->virt, 0, lrpralen);
lrpra = ctx->lbuf->virt;
ctx->lrpra = lrpra;
/* calculate len required for copying */
for (oix = 0; oix < inbufs + outbufs; ++oix) {
int i = ctx->overps[oix]->raix;
uintptr_t mstart, mend;
size_t len = lpra[i].buf.len;
if (!len)
continue;
if (ctx->maps[i])
continue;
if (ctx->overps[oix]->offset == 0)
copylen = ALIGN(copylen, BALIGN);
mstart = ctx->overps[oix]->mstart;
mend = ctx->overps[oix]->mend;
VERIFY(err, (mend - mstart) <= LONG_MAX);
if (err)
goto bail;
copylen += mend - mstart;
VERIFY(err, copylen >= 0);
if (err)
goto bail;
}
ctx->used = copylen;
/* allocate new buffer */
if (copylen) {
err = fastrpc_buf_alloc(ctx->fl, copylen, 0, 0, 0, &ctx->buf);
if (err)
goto bail;
}
if (ctx->buf->virt && metalen <= copylen)
memset(ctx->buf->virt, 0, metalen);
/* copy metadata */
rpra = ctx->buf->virt;
ctx->rpra = rpra;
list = smq_invoke_buf_start(rpra, sc);
pages = smq_phy_page_start(sc, list);
ipage = pages;
args = (uintptr_t)ctx->buf->virt + metalen;
for (i = 0; i < bufs + handles; ++i) {
if (lpra[i].buf.len)
list[i].num = 1;
else
list[i].num = 0;
list[i].pgidx = ipage - pages;
ipage++;
}
/* map ion buffers */
PERF(ctx->fl->profile, GET_COUNTER(perf_counter, PERF_MAP),
for (i = 0; rpra && lrpra && i < inbufs + outbufs; ++i) {
struct fastrpc_mmap *map = ctx->maps[i];
uint64_t buf = ptr_to_uint64(lpra[i].buf.pv);
size_t len = lpra[i].buf.len;
rpra[i].buf.pv = lrpra[i].buf.pv = 0;
rpra[i].buf.len = lrpra[i].buf.len = len;
if (!len)
continue;
if (map) {
struct vm_area_struct *vma;
uintptr_t offset;
uint64_t num = buf_num_pages(buf, len);
int idx = list[i].pgidx;
if (map->attr & FASTRPC_ATTR_NOVA) {
offset = 0;
} else {
down_read(&current->mm->mmap_sem);
VERIFY(err, NULL != (vma = find_vma(current->mm,
map->va)));
if (err) {
up_read(&current->mm->mmap_sem);
goto bail;
}
offset = buf_page_start(buf) - vma->vm_start;
up_read(&current->mm->mmap_sem);
VERIFY(err, offset < (uintptr_t)map->size);
if (err)
goto bail;
}
pages[idx].addr = map->phys + offset;
pages[idx].size = num << PAGE_SHIFT;
}
rpra[i].buf.pv = lrpra[i].buf.pv = buf;
}
PERF_END);
for (i = bufs; i < bufs + handles; ++i) {
struct fastrpc_mmap *map = ctx->maps[i];
pages[i].addr = map->phys;
pages[i].size = map->size;
}
fdlist = (uint64_t *)&pages[bufs + handles];
for (i = 0; i < M_FDLIST; i++)
fdlist[i] = 0;
crclist = (uint32_t *)&fdlist[M_FDLIST];
memset(crclist, 0, sizeof(uint32_t)*M_CRCLIST);
/* copy non ion buffers */
PERF(ctx->fl->profile, GET_COUNTER(perf_counter, PERF_COPY),
rlen = copylen - metalen;
for (oix = 0; rpra && lrpra && oix < inbufs + outbufs; ++oix) {
int i = ctx->overps[oix]->raix;
struct fastrpc_mmap *map = ctx->maps[i];
size_t mlen;
uint64_t buf;
size_t len = lpra[i].buf.len;
if (!len)
continue;
if (map)
continue;
if (ctx->overps[oix]->offset == 0) {
rlen -= ALIGN(args, BALIGN) - args;
args = ALIGN(args, BALIGN);
}
mlen = ctx->overps[oix]->mend - ctx->overps[oix]->mstart;
VERIFY(err, rlen >= mlen);
if (err)
goto bail;
rpra[i].buf.pv = lrpra[i].buf.pv =
(args - ctx->overps[oix]->offset);
pages[list[i].pgidx].addr = ctx->buf->phys -
ctx->overps[oix]->offset +
(copylen - rlen);
pages[list[i].pgidx].addr =
buf_page_start(pages[list[i].pgidx].addr);
buf = rpra[i].buf.pv;
pages[list[i].pgidx].size = buf_num_pages(buf, len) * PAGE_SIZE;
if (i < inbufs) {
K_COPY_FROM_USER(err, kernel, uint64_to_ptr(buf),
lpra[i].buf.pv, len);
if (err)
goto bail;
}
args = args + mlen;
rlen -= mlen;
}
PERF_END);
PERF(ctx->fl->profile, GET_COUNTER(perf_counter, PERF_FLUSH),
for (oix = 0; oix < inbufs + outbufs; ++oix) {
int i = ctx->overps[oix]->raix;
struct fastrpc_mmap *map = ctx->maps[i];
if (map && map->uncached)
continue;
if (ctx->fl->sctx->smmu.coherent &&
!(map && (map->attr & FASTRPC_ATTR_NON_COHERENT)))
continue;
if (map && (map->attr & FASTRPC_ATTR_COHERENT))
continue;
if (rpra && lrpra && rpra[i].buf.len &&
ctx->overps[oix]->mstart) {
if (map && map->buf) {
dma_buf_begin_cpu_access(map->buf,
DMA_BIDIRECTIONAL);
dma_buf_end_cpu_access(map->buf,
DMA_BIDIRECTIONAL);
} else
dmac_flush_range(uint64_to_ptr(rpra[i].buf.pv),
uint64_to_ptr(rpra[i].buf.pv
+ rpra[i].buf.len));
}
}
PERF_END);
for (i = bufs; rpra && lrpra && i < bufs + handles; i++) {
rpra[i].dma.fd = lrpra[i].dma.fd = ctx->fds[i];
rpra[i].dma.len = lrpra[i].dma.len = (uint32_t)lpra[i].buf.len;
rpra[i].dma.offset = lrpra[i].dma.offset =
(uint32_t)(uintptr_t)lpra[i].buf.pv;
}
bail:
return err;
}
static int put_args(uint32_t kernel, struct smq_invoke_ctx *ctx,
remote_arg_t *upra)
{
uint32_t sc = ctx->sc;
struct smq_invoke_buf *list;
struct smq_phy_page *pages;
struct fastrpc_mmap *mmap;
uint64_t *fdlist;
uint32_t *crclist = NULL;
remote_arg64_t *rpra = ctx->lrpra;
int i, inbufs, outbufs, handles;
int err = 0;
inbufs = REMOTE_SCALARS_INBUFS(sc);
outbufs = REMOTE_SCALARS_OUTBUFS(sc);
handles = REMOTE_SCALARS_INHANDLES(sc) + REMOTE_SCALARS_OUTHANDLES(sc);
list = smq_invoke_buf_start(ctx->rpra, sc);
pages = smq_phy_page_start(sc, list);
fdlist = (uint64_t *)(pages + inbufs + outbufs + handles);
crclist = (uint32_t *)(fdlist + M_FDLIST);
for (i = inbufs; i < inbufs + outbufs; ++i) {
if (!ctx->maps[i]) {
K_COPY_TO_USER(err, kernel,
ctx->lpra[i].buf.pv,
uint64_to_ptr(rpra[i].buf.pv),
rpra[i].buf.len);
if (err)
goto bail;
} else {
mutex_lock(&ctx->fl->map_mutex);
fastrpc_mmap_free(ctx->maps[i], 0);
mutex_unlock(&ctx->fl->map_mutex);
ctx->maps[i] = NULL;
}
}
mutex_lock(&ctx->fl->map_mutex);
if (inbufs + outbufs + handles) {
for (i = 0; i < M_FDLIST; i++) {
if (!fdlist[i])
break;
if (!fastrpc_mmap_find(ctx->fl, (int)fdlist[i], 0, 0,
0, 0, &mmap))
fastrpc_mmap_free(mmap, 0);
}
}
mutex_unlock(&ctx->fl->map_mutex);
if (ctx->crc && crclist && rpra)
K_COPY_TO_USER(err, kernel, ctx->crc,
crclist, M_CRCLIST*sizeof(uint32_t));
bail:
return err;
}
static void inv_args_pre(struct smq_invoke_ctx *ctx)
{
int i, inbufs, outbufs;
uint32_t sc = ctx->sc;
remote_arg64_t *rpra = ctx->rpra;
uintptr_t end;
inbufs = REMOTE_SCALARS_INBUFS(sc);
outbufs = REMOTE_SCALARS_OUTBUFS(sc);
for (i = inbufs; i < inbufs + outbufs; ++i) {
struct fastrpc_mmap *map = ctx->maps[i];
if (map && map->uncached)
continue;
if (!rpra[i].buf.len)
continue;
if (ctx->fl->sctx->smmu.coherent &&
!(map && (map->attr & FASTRPC_ATTR_NON_COHERENT)))
continue;
if (map && (map->attr & FASTRPC_ATTR_COHERENT))
continue;
if (buf_page_start(ptr_to_uint64((void *)rpra)) ==
buf_page_start(rpra[i].buf.pv))
continue;
if (!IS_CACHE_ALIGNED((uintptr_t)
uint64_to_ptr(rpra[i].buf.pv))) {
if (map && map->buf) {
dma_buf_begin_cpu_access(map->buf,
DMA_BIDIRECTIONAL);
dma_buf_end_cpu_access(map->buf,
DMA_BIDIRECTIONAL);
} else
dmac_flush_range(
uint64_to_ptr(rpra[i].buf.pv), (char *)
uint64_to_ptr(rpra[i].buf.pv + 1));
}
end = (uintptr_t)uint64_to_ptr(rpra[i].buf.pv +
rpra[i].buf.len);
if (!IS_CACHE_ALIGNED(end)) {
if (map && map->buf) {
dma_buf_begin_cpu_access(map->buf,
DMA_BIDIRECTIONAL);
dma_buf_end_cpu_access(map->buf,
DMA_BIDIRECTIONAL);
} else
dmac_flush_range((char *)end,
(char *)end + 1);
}
}
}
static void inv_args(struct smq_invoke_ctx *ctx)
{
int i, inbufs, outbufs;
uint32_t sc = ctx->sc;
remote_arg64_t *rpra = ctx->lrpra;
inbufs = REMOTE_SCALARS_INBUFS(sc);
outbufs = REMOTE_SCALARS_OUTBUFS(sc);
for (i = inbufs; i < inbufs + outbufs; ++i) {
struct fastrpc_mmap *map = ctx->maps[i];
if (map && map->uncached)
continue;
if (!rpra[i].buf.len)
continue;
if (ctx->fl->sctx->smmu.coherent &&
!(map && (map->attr & FASTRPC_ATTR_NON_COHERENT)))
continue;
if (map && (map->attr & FASTRPC_ATTR_COHERENT))
continue;
if (buf_page_start(ptr_to_uint64((void *)rpra)) ==
buf_page_start(rpra[i].buf.pv)) {
continue;
}
if (map && map->buf) {
dma_buf_begin_cpu_access(map->buf,
DMA_BIDIRECTIONAL);
dma_buf_end_cpu_access(map->buf,
DMA_BIDIRECTIONAL);
} else
dmac_inv_range((char *)uint64_to_ptr(rpra[i].buf.pv),
(char *)uint64_to_ptr(rpra[i].buf.pv
+ rpra[i].buf.len));
}
}
static int fastrpc_invoke_send(struct smq_invoke_ctx *ctx,
uint32_t kernel, uint32_t handle)
{
struct smq_msg *msg = &ctx->msg;
struct fastrpc_file *fl = ctx->fl;
struct fastrpc_channel_ctx *channel_ctx = &fl->apps->channel[fl->cid];
int err = 0;
mutex_lock(&channel_ctx->smd_mutex);
msg->pid = fl->tgid;
msg->tid = current->pid;
if (fl->sessionid)
msg->tid |= (1 << SESSION_ID_INDEX);
if (kernel)
msg->pid = 0;
msg->invoke.header.ctx = ctx->ctxid | fl->pd;
msg->invoke.header.handle = handle;
msg->invoke.header.sc = ctx->sc;
msg->invoke.page.addr = ctx->buf ? ctx->buf->phys : 0;
msg->invoke.page.size = buf_page_size(ctx->used);
if (fl->ssrcount != channel_ctx->ssrcount) {
err = -ECONNRESET;
mutex_unlock(&channel_ctx->smd_mutex);
goto bail;
}
mutex_unlock(&channel_ctx->smd_mutex);
mutex_lock(&channel_ctx->rpmsg_mutex);
VERIFY(err, !IS_ERR_OR_NULL(channel_ctx->rpdev));
if (err) {
err = -ECONNRESET;
mutex_unlock(&channel_ctx->rpmsg_mutex);
goto bail;
}
err = rpmsg_send(channel_ctx->rpdev->ept, (void *)msg, sizeof(*msg));
mutex_unlock(&channel_ctx->rpmsg_mutex);
bail:
return err;
}
static void fastrpc_init(struct fastrpc_apps *me)
{
int i;
INIT_HLIST_HEAD(&me->drivers);
INIT_HLIST_HEAD(&me->maps);
spin_lock_init(&me->hlock);
spin_lock_init(&me->ctxlock);
me->channel = &gcinfo[0];
for (i = 0; i < NUM_CHANNELS; i++) {
init_completion(&me->channel[i].work);
init_completion(&me->channel[i].workport);
me->channel[i].sesscount = 0;
/* All channels are secure by default except CDSP */
me->channel[i].secure = SECURE_CHANNEL;
mutex_init(&me->channel[i].smd_mutex);
mutex_init(&me->channel[i].rpmsg_mutex);
}
/* Set CDSP channel to non secure */
me->channel[CDSP_DOMAIN_ID].secure = NON_SECURE_CHANNEL;
}
static int fastrpc_release_current_dsp_process(struct fastrpc_file *fl);
static int fastrpc_internal_invoke(struct fastrpc_file *fl, uint32_t mode,
uint32_t kernel,
struct fastrpc_ioctl_invoke_crc *inv)
{
struct smq_invoke_ctx *ctx = NULL;
struct fastrpc_ioctl_invoke *invoke = &inv->inv;
int cid = fl->cid;
int interrupted = 0;
int err = 0;
struct timespec invoket = {0};
int64_t *perf_counter = getperfcounter(fl, PERF_COUNT);
if (fl->profile)
getnstimeofday(&invoket);
if (!kernel) {
VERIFY(err, invoke->handle != FASTRPC_STATIC_HANDLE_KERNEL);
if (err) {
pr_err("adsprpc: ERROR: %s: user application %s trying to send a kernel RPC message to channel %d",
__func__, current->comm, cid);
goto bail;
}
}
VERIFY(err, fl->sctx != NULL);
if (err)
goto bail;
VERIFY(err, fl->cid >= 0 && fl->cid < NUM_CHANNELS);
if (err)
goto bail;
if (!kernel) {
VERIFY(err, 0 == context_restore_interrupted(fl, inv,
&ctx));
if (err)
goto bail;
if (fl->sctx->smmu.faults)
err = FASTRPC_ENOSUCH;
if (err)
goto bail;
if (ctx)
goto wait;
}
VERIFY(err, 0 == context_alloc(fl, kernel, inv, &ctx));
if (err)
goto bail;
if (REMOTE_SCALARS_LENGTH(ctx->sc)) {
PERF(fl->profile, GET_COUNTER(perf_counter, PERF_GETARGS),
VERIFY(err, 0 == get_args(kernel, ctx));
PERF_END);
if (err)
goto bail;
}
if (!fl->sctx->smmu.coherent) {
PERF(fl->profile, GET_COUNTER(perf_counter, PERF_INVARGS),
inv_args_pre(ctx);
PERF_END);
}
PERF(fl->profile, GET_COUNTER(perf_counter, PERF_LINK),
VERIFY(err, 0 == fastrpc_invoke_send(ctx, kernel, invoke->handle));
PERF_END);
if (err)
goto bail;
wait:
if (kernel) {
int rc = wait_for_completion_timeout(&ctx->work,
msecs_to_jiffies(FASTRPC_TIMEOUT));
if (!rc) {
pr_err("wait for completion timeout and trigger ADSP SSR b/132430192\n");
/* b/132430192 WA to trigger adsp SSR */
subsystem_restart("adsp");
goto bail;
}
} else {
interrupted = wait_for_completion_interruptible(&ctx->work);
VERIFY(err, 0 == (err = interrupted));
if (err)
goto bail;
}
PERF(fl->profile, GET_COUNTER(perf_counter, PERF_INVARGS),
if (!fl->sctx->smmu.coherent)
inv_args(ctx);
PERF_END);
VERIFY(err, 0 == (err = ctx->retval));
if (err)
goto bail;
PERF(fl->profile, GET_COUNTER(perf_counter, PERF_PUTARGS),
VERIFY(err, 0 == put_args(kernel, ctx, invoke->pra));
PERF_END);
if (err)
goto bail;
bail:
if (ctx && interrupted == -ERESTARTSYS)
context_save_interrupted(ctx);
else if (ctx)
context_free(ctx);
if (fl->ssrcount != fl->apps->channel[cid].ssrcount)
err = ECONNRESET;
if (fl->profile && !interrupted) {
if (invoke->handle != FASTRPC_STATIC_HANDLE_LISTENER) {
int64_t *count = GET_COUNTER(perf_counter, PERF_INVOKE);
if (count)
*count += getnstimediff(&invoket);
}
if (invoke->handle > FASTRPC_STATIC_HANDLE_MAX) {
int64_t *count = GET_COUNTER(perf_counter, PERF_COUNT);
if (count)
*count = *count+1;
}
}
return err;
}
static int fastrpc_get_adsp_session(char *name, int *session)
{
struct fastrpc_apps *me = &gfa;
int err = 0, i;
for (i = 0; i < NUM_SESSIONS; i++) {
if (!me->channel[0].spd[i].spdname)
continue;
if (!strcmp(name, me->channel[0].spd[i].spdname))
break;
}
VERIFY(err, i < NUM_SESSIONS);
if (err)
goto bail;
*session = i;
bail:
return err;
}
static int fastrpc_mmap_remove_pdr(struct fastrpc_file *fl);
static int fastrpc_channel_open(struct fastrpc_file *fl);
static int fastrpc_mmap_remove_ssr(struct fastrpc_file *fl);
static int fastrpc_init_process(struct fastrpc_file *fl,
struct fastrpc_ioctl_init_attrs *uproc)
{
int err = 0;
struct fastrpc_apps *me = &gfa;
struct fastrpc_ioctl_invoke_crc ioctl;
struct fastrpc_ioctl_init *init = &uproc->init;
struct smq_phy_page pages[1];
struct fastrpc_mmap *file = NULL, *mem = NULL;
struct fastrpc_buf *imem = NULL;
unsigned long imem_dma_attr = 0;
char *proc_name = NULL;
VERIFY(err, 0 == (err = fastrpc_channel_open(fl)));
if (err)
goto bail;
if (init->flags == FASTRPC_INIT_ATTACH ||
init->flags == FASTRPC_INIT_ATTACH_SENSORS) {
remote_arg_t ra[1];
int tgid = fl->tgid;
ra[0].buf.pv = (void *)&tgid;
ra[0].buf.len = sizeof(tgid);
ioctl.inv.handle = FASTRPC_STATIC_HANDLE_KERNEL;
ioctl.inv.sc = REMOTE_SCALARS_MAKE(0, 1, 0);
ioctl.inv.pra = ra;
ioctl.fds = NULL;
ioctl.attrs = NULL;
ioctl.crc = NULL;
if (init->flags == FASTRPC_INIT_ATTACH)
fl->pd = 0;
else if (init->flags == FASTRPC_INIT_ATTACH_SENSORS) {
fl->spdname = SENSORS_PDR_SERVICE_LOCATION_CLIENT_NAME;
fl->pd = 2;
}
VERIFY(err, !(err = fastrpc_internal_invoke(fl,
FASTRPC_MODE_PARALLEL, 1, &ioctl)));
if (err)
goto bail;
} else if (init->flags == FASTRPC_INIT_CREATE) {
int memlen;
remote_arg_t ra[6];
int fds[6];
int mflags = 0;
struct {
int pgid;
unsigned int namelen;
unsigned int filelen;
unsigned int pageslen;
int attrs;
int siglen;
} inbuf;
inbuf.pgid = fl->tgid;
inbuf.namelen = strlen(current->comm) + 1;
inbuf.filelen = init->filelen;
fl->pd = 1;
VERIFY(err, access_ok(0, (void __user *)init->file,
init->filelen));
if (err)
goto bail;
if (init->filelen) {
mutex_lock(&fl->map_mutex);
VERIFY(err, !fastrpc_mmap_create(fl, init->filefd, 0,
init->file, init->filelen, mflags, &file));
mutex_unlock(&fl->map_mutex);
if (err)
goto bail;
}
inbuf.pageslen = 1;
VERIFY(err, !init->mem);
if (err) {
err = -EINVAL;
pr_err("adsprpc: %s: %s: ERROR: donated memory allocated in userspace\n",
current->comm, __func__);
goto bail;
}
memlen = ALIGN(max(1024*1024*3, (int)init->filelen * 4),
1024*1024);
imem_dma_attr = DMA_ATTR_EXEC_MAPPING |
DMA_ATTR_DELAYED_UNMAP |
DMA_ATTR_NO_KERNEL_MAPPING |
DMA_ATTR_FORCE_NON_COHERENT;
err = fastrpc_buf_alloc(fl, memlen, imem_dma_attr, 0, 0, &imem);
if (err)
goto bail;
fl->init_mem = imem;
inbuf.pageslen = 1;
ra[0].buf.pv = (void *)&inbuf;
ra[0].buf.len = sizeof(inbuf);
fds[0] = -1;
ra[1].buf.pv = (void *)current->comm;
ra[1].buf.len = inbuf.namelen;
fds[1] = -1;
ra[2].buf.pv = (void *)init->file;
ra[2].buf.len = inbuf.filelen;
fds[2] = init->filefd;
pages[0].addr = imem->phys;
pages[0].size = imem->size;
ra[3].buf.pv = (void *)pages;
ra[3].buf.len = 1 * sizeof(*pages);
fds[3] = -1;
inbuf.attrs = uproc->attrs;
ra[4].buf.pv = (void *)&(inbuf.attrs);
ra[4].buf.len = sizeof(inbuf.attrs);
fds[4] = -1;
inbuf.siglen = uproc->siglen;
ra[5].buf.pv = (void *)&(inbuf.siglen);
ra[5].buf.len = sizeof(inbuf.siglen);
fds[5] = -1;
ioctl.inv.handle = FASTRPC_STATIC_HANDLE_KERNEL;
ioctl.inv.sc = REMOTE_SCALARS_MAKE(6, 4, 0);
if (uproc->attrs)
ioctl.inv.sc = REMOTE_SCALARS_MAKE(7, 6, 0);
ioctl.inv.pra = ra;
ioctl.fds = fds;
ioctl.attrs = NULL;
ioctl.crc = NULL;
VERIFY(err, !(err = fastrpc_internal_invoke(fl,
FASTRPC_MODE_PARALLEL, 1, &ioctl)));
if (err)
goto bail;
} else if (init->flags == FASTRPC_INIT_CREATE_STATIC) {
remote_arg_t ra[3];
uint64_t phys = 0;
size_t size = 0;
int fds[3];
struct {
int pgid;
unsigned int namelen;
unsigned int pageslen;
} inbuf;
if (!init->filelen)
goto bail;
proc_name = kzalloc(init->filelen, GFP_KERNEL);
VERIFY(err, !IS_ERR_OR_NULL(proc_name));
if (err)
goto bail;
VERIFY(err, 0 == copy_from_user((void *)proc_name,
(void __user *)init->file, init->filelen));
if (err)
goto bail;
fl->pd = 1;
inbuf.pgid = current->tgid;
inbuf.namelen = init->filelen;
inbuf.pageslen = 0;
if (!strcmp(proc_name, "audiopd")) {
fl->spdname = AUDIO_PDR_SERVICE_LOCATION_CLIENT_NAME;
VERIFY(err, !fastrpc_mmap_remove_pdr(fl));
if (err)
goto bail;
}
if (!me->staticpd_flags && !(me->legacy_remote_heap)) {
inbuf.pageslen = 1;
mutex_lock(&fl->map_mutex);
VERIFY(err, !fastrpc_mmap_create(fl, -1, 0, init->mem,
init->memlen, ADSP_MMAP_REMOTE_HEAP_ADDR,
&mem));
mutex_unlock(&fl->map_mutex);
if (err)
goto bail;
phys = mem->phys;
size = mem->size;
if (me->channel[fl->cid].rhvm.vmid) {
VERIFY(err, !hyp_assign_phys(phys,
(uint64_t)size, hlosvm, 1,
me->channel[fl->cid].rhvm.vmid,
me->channel[fl->cid].rhvm.vmperm,
me->channel[fl->cid].rhvm.vmcount));
if (err) {
pr_err("ADSPRPC: hyp_assign_phys fail err %d",
err);
pr_err("map->phys 0x%llx, map->size %d\n",
phys, (int)size);
goto bail;
}
}
me->staticpd_flags = 1;
}
ra[0].buf.pv = (void *)&inbuf;
ra[0].buf.len = sizeof(inbuf);
fds[0] = -1;
ra[1].buf.pv = (void *)proc_name;
ra[1].buf.len = inbuf.namelen;
fds[1] = -1;
pages[0].addr = phys;
pages[0].size = size;
ra[2].buf.pv = (void *)pages;
ra[2].buf.len = sizeof(*pages);
fds[2] = -1;
ioctl.inv.handle = FASTRPC_STATIC_HANDLE_KERNEL;
ioctl.inv.sc = REMOTE_SCALARS_MAKE(8, 3, 0);
ioctl.inv.pra = ra;
ioctl.fds = NULL;
ioctl.attrs = NULL;
ioctl.crc = NULL;
VERIFY(err, !(err = fastrpc_internal_invoke(fl,
FASTRPC_MODE_PARALLEL, 1, &ioctl)));
if (err)
goto bail;
} else {
err = -ENOTTY;
goto bail;
}
fl->dsp_process_init = 1;
bail:
kfree(proc_name);
if (err && (init->flags == FASTRPC_INIT_CREATE_STATIC))
me->staticpd_flags = 0;
if (mem && err) {
if (mem->flags == ADSP_MMAP_REMOTE_HEAP_ADDR
&& me->channel[fl->cid].rhvm.vmid)
hyp_assign_phys(mem->phys, (uint64_t)mem->size,
me->channel[fl->cid].rhvm.vmid,
me->channel[fl->cid].rhvm.vmcount,
hlosvm, hlosvmperm, 1);
mutex_lock(&fl->map_mutex);
fastrpc_mmap_free(mem, 0);
mutex_unlock(&fl->map_mutex);
}
if (file) {
mutex_lock(&fl->map_mutex);
fastrpc_mmap_free(file, 0);
mutex_unlock(&fl->map_mutex);
}
return err;
}
static int fastrpc_release_current_dsp_process(struct fastrpc_file *fl)
{
int err = 0;
struct fastrpc_ioctl_invoke_crc ioctl;
remote_arg_t ra[1];
int tgid = 0;
VERIFY(err, fl->cid >= 0 && fl->cid < NUM_CHANNELS);
if (err)
goto bail;
VERIFY(err, fl->sctx != NULL);
if (err)
goto bail;
VERIFY(err, fl->apps->channel[fl->cid].rpdev != NULL);
if (err)
goto bail;
VERIFY(err, fl->apps->channel[fl->cid].issubsystemup == 1);
if (err)
goto bail;
tgid = fl->tgid;
ra[0].buf.pv = (void *)&tgid;
ra[0].buf.len = sizeof(tgid);
ioctl.inv.handle = FASTRPC_STATIC_HANDLE_KERNEL;
ioctl.inv.sc = REMOTE_SCALARS_MAKE(1, 1, 0);
ioctl.inv.pra = ra;
ioctl.fds = NULL;
ioctl.attrs = NULL;
ioctl.crc = NULL;
VERIFY(err, 0 == (err = fastrpc_internal_invoke(fl,
FASTRPC_MODE_PARALLEL, 1, &ioctl)));
if (err && fl->dsp_process_init)
pr_err("adsprpc: %s: releasing DSP process failed for %s, returned 0x%x",
__func__, current->comm, err);
bail:
return err;
}
static int fastrpc_mmap_on_dsp(struct fastrpc_file *fl, uint32_t flags,
uintptr_t va, uint64_t phys,
size_t size, uintptr_t *raddr)
{
struct fastrpc_ioctl_invoke_crc ioctl;
struct fastrpc_apps *me = &gfa;
struct smq_phy_page page;
int num = 1;
remote_arg_t ra[3];
int err = 0;
struct {
int pid;
uint32_t flags;
uintptr_t vaddrin;
int num;
} inargs;
struct {
uintptr_t vaddrout;
} routargs;
inargs.pid = fl->tgid;
inargs.vaddrin = (uintptr_t)va;
inargs.flags = flags;
inargs.num = fl->apps->compat ? num * sizeof(page) : num;
ra[0].buf.pv = (void *)&inargs;
ra[0].buf.len = sizeof(inargs);
page.addr = phys;
page.size = size;
ra[1].buf.pv = (void *)&page;
ra[1].buf.len = num * sizeof(page);
ra[2].buf.pv = (void *)&routargs;
ra[2].buf.len = sizeof(routargs);
ioctl.inv.handle = FASTRPC_STATIC_HANDLE_KERNEL;
if (fl->apps->compat)
ioctl.inv.sc = REMOTE_SCALARS_MAKE(4, 2, 1);
else
ioctl.inv.sc = REMOTE_SCALARS_MAKE(2, 2, 1);
ioctl.inv.pra = ra;
ioctl.fds = NULL;
ioctl.attrs = NULL;
ioctl.crc = NULL;
VERIFY(err, 0 == (err = fastrpc_internal_invoke(fl,
FASTRPC_MODE_PARALLEL, 1, &ioctl)));
*raddr = (uintptr_t)routargs.vaddrout;
if (err)
goto bail;
if (flags == ADSP_MMAP_HEAP_ADDR) {
struct scm_desc desc = {0};
desc.args[0] = TZ_PIL_AUTH_QDSP6_PROC;
desc.args[1] = phys;
desc.args[2] = size;
desc.arginfo = SCM_ARGS(3);
err = scm_call2(SCM_SIP_FNID(SCM_SVC_PIL,
TZ_PIL_PROTECT_MEM_SUBSYS_ID), &desc);
} else if (flags == ADSP_MMAP_REMOTE_HEAP_ADDR
&& me->channel[fl->cid].rhvm.vmid) {
VERIFY(err, !hyp_assign_phys(phys, (uint64_t)size,
hlosvm, 1, me->channel[fl->cid].rhvm.vmid,
me->channel[fl->cid].rhvm.vmperm,
me->channel[fl->cid].rhvm.vmcount));
if (err)
goto bail;
}
bail:
return err;
}
static int fastrpc_munmap_on_dsp_rh(struct fastrpc_file *fl, uint64_t phys,
size_t size, uint32_t flags)
{
int err = 0;
struct fastrpc_apps *me = &gfa;
int tgid = 0;
int destVM[1] = {VMID_HLOS};
int destVMperm[1] = {PERM_READ | PERM_WRITE | PERM_EXEC};
if (flags == ADSP_MMAP_HEAP_ADDR) {
struct fastrpc_ioctl_invoke_crc ioctl;
struct scm_desc desc = {0};
remote_arg_t ra[2];
int err = 0;
struct {
uint8_t skey;
} routargs;
if (fl == NULL)
goto bail;
tgid = fl->tgid;
ra[0].buf.pv = (void *)&tgid;
ra[0].buf.len = sizeof(tgid);
ra[1].buf.pv = (void *)&routargs;
ra[1].buf.len = sizeof(routargs);
ioctl.inv.handle = FASTRPC_STATIC_HANDLE_KERNEL;
ioctl.inv.sc = REMOTE_SCALARS_MAKE(9, 1, 1);
ioctl.inv.pra = ra;
ioctl.fds = NULL;
ioctl.attrs = NULL;
ioctl.crc = NULL;
VERIFY(err, 0 == (err = fastrpc_internal_invoke(fl,
FASTRPC_MODE_PARALLEL, 1, &ioctl)));
if (err)
goto bail;
desc.args[0] = TZ_PIL_AUTH_QDSP6_PROC;
desc.args[1] = phys;
desc.args[2] = size;
desc.args[3] = routargs.skey;
desc.arginfo = SCM_ARGS(4);
err = scm_call2(SCM_SIP_FNID(SCM_SVC_PIL,
TZ_PIL_CLEAR_PROTECT_MEM_SUBSYS_ID), &desc);
} else if (flags == ADSP_MMAP_REMOTE_HEAP_ADDR) {
if (me->channel[fl->cid].rhvm.vmid) {
VERIFY(err, !hyp_assign_phys(phys,
(uint64_t)size,
me->channel[fl->cid].rhvm.vmid,
me->channel[fl->cid].rhvm.vmcount,
destVM, destVMperm, 1));
if (err)
goto bail;
}
}
bail:
return err;
}
static int fastrpc_munmap_on_dsp(struct fastrpc_file *fl, uintptr_t raddr,
uint64_t phys, size_t size, uint32_t flags)
{
struct fastrpc_ioctl_invoke_crc ioctl;
remote_arg_t ra[1];
int err = 0;
struct {
int pid;
uintptr_t vaddrout;
size_t size;
} inargs;
inargs.pid = fl->tgid;
inargs.size = size;
inargs.vaddrout = raddr;
ra[0].buf.pv = (void *)&inargs;
ra[0].buf.len = sizeof(inargs);
ioctl.inv.handle = FASTRPC_STATIC_HANDLE_KERNEL;
if (fl->apps->compat)
ioctl.inv.sc = REMOTE_SCALARS_MAKE(5, 1, 0);
else
ioctl.inv.sc = REMOTE_SCALARS_MAKE(3, 1, 0);
ioctl.inv.pra = ra;
ioctl.fds = NULL;
ioctl.attrs = NULL;
ioctl.crc = NULL;
VERIFY(err, 0 == (err = fastrpc_internal_invoke(fl,
FASTRPC_MODE_PARALLEL, 1, &ioctl)));
if (err)
goto bail;
if (flags == ADSP_MMAP_HEAP_ADDR ||
flags == ADSP_MMAP_REMOTE_HEAP_ADDR) {
VERIFY(err, !fastrpc_munmap_on_dsp_rh(fl, phys, size, flags));
if (err)
goto bail;
}
bail:
return err;
}
static int fastrpc_mmap_remove_ssr(struct fastrpc_file *fl)
{
struct fastrpc_mmap *match = NULL, *map = NULL;
struct hlist_node *n = NULL;
int err = 0, ret = 0;
struct fastrpc_apps *me = &gfa;
struct ramdump_segment *ramdump_segments_rh = NULL;
do {
match = NULL;
spin_lock(&me->hlock);
hlist_for_each_entry_safe(map, n, &me->maps, hn) {
match = map;
hlist_del_init(&map->hn);
break;
}
spin_unlock(&me->hlock);
if (match) {
VERIFY(err, !fastrpc_munmap_on_dsp_rh(fl, match->phys,
match->size, match->flags));
if (err)
goto bail;
if (me->channel[0].ramdumpenabled) {
ramdump_segments_rh = kcalloc(1,
sizeof(struct ramdump_segment), GFP_KERNEL);
if (ramdump_segments_rh) {
ramdump_segments_rh->address =
match->phys;
ramdump_segments_rh->size = match->size;
ret = do_elf_ramdump(
me->channel[0].remoteheap_ramdump_dev,
ramdump_segments_rh, 1);
if (ret < 0)
pr_err("ADSPRPC: unable to dump heap");
kfree(ramdump_segments_rh);
}
}
fastrpc_mmap_free(match, 0);
}
} while (match);
bail:
if (err && match)
fastrpc_mmap_add(match);
return err;
}
static int fastrpc_mmap_remove_pdr(struct fastrpc_file *fl)
{
struct fastrpc_apps *me = &gfa;
int session = 0, err = 0;
VERIFY(err, !fastrpc_get_adsp_session(
AUDIO_PDR_SERVICE_LOCATION_CLIENT_NAME, &session));
if (err)
goto bail;
if (me->channel[fl->cid].spd[session].pdrcount !=
me->channel[fl->cid].spd[session].prevpdrcount) {
if (fastrpc_mmap_remove_ssr(fl))
pr_err("ADSPRPC: SSR: Failed to unmap remote heap\n");
me->channel[fl->cid].spd[session].prevpdrcount =
me->channel[fl->cid].spd[session].pdrcount;
}
if (!me->channel[fl->cid].spd[session].ispdup) {
VERIFY(err, 0);
if (err) {
err = -ENOTCONN;
goto bail;
}
}
bail:
return err;
}
static int fastrpc_mmap_remove(struct fastrpc_file *fl, uintptr_t va,
size_t len, struct fastrpc_mmap **ppmap);
static void fastrpc_mmap_add(struct fastrpc_mmap *map);
static inline void get_fastrpc_ioctl_mmap_64(
struct fastrpc_ioctl_mmap_64 *mmap64,
struct fastrpc_ioctl_mmap *immap)
{
immap->fd = mmap64->fd;
immap->flags = mmap64->flags;
immap->vaddrin = (uintptr_t)mmap64->vaddrin;
immap->size = mmap64->size;
}
static inline void put_fastrpc_ioctl_mmap_64(
struct fastrpc_ioctl_mmap_64 *mmap64,
struct fastrpc_ioctl_mmap *immap)
{
mmap64->vaddrout = (uint64_t)immap->vaddrout;
}
static inline void get_fastrpc_ioctl_munmap_64(
struct fastrpc_ioctl_munmap_64 *munmap64,
struct fastrpc_ioctl_munmap *imunmap)
{
imunmap->vaddrout = (uintptr_t)munmap64->vaddrout;
imunmap->size = munmap64->size;
}
static int fastrpc_internal_munmap(struct fastrpc_file *fl,
struct fastrpc_ioctl_munmap *ud)
{
int err = 0;
struct fastrpc_mmap *map = NULL;
struct fastrpc_buf *rbuf = NULL, *free = NULL;
struct hlist_node *n;
mutex_lock(&fl->internal_map_mutex);
spin_lock(&fl->hlock);
hlist_for_each_entry_safe(rbuf, n, &fl->remote_bufs, hn_rem) {
if (rbuf->raddr && (rbuf->flags == ADSP_MMAP_ADD_PAGES)) {
if ((rbuf->raddr == ud->vaddrout) &&
(rbuf->size == ud->size)) {
free = rbuf;
break;
}
}
}
spin_unlock(&fl->hlock);
if (free) {
VERIFY(err, !fastrpc_munmap_on_dsp(fl, free->raddr,
free->phys, free->size, free->flags));
if (err)
goto bail;
fastrpc_buf_free(rbuf, 0);
mutex_unlock(&fl->internal_map_mutex);
return err;
}
mutex_lock(&fl->map_mutex);
VERIFY(err, !fastrpc_mmap_remove(fl, ud->vaddrout, ud->size, &map));
mutex_unlock(&fl->map_mutex);
if (err)
goto bail;
VERIFY(err, !fastrpc_munmap_on_dsp(fl, map->raddr,
map->phys, map->size, map->flags));
if (err)
goto bail;
mutex_lock(&fl->map_mutex);
fastrpc_mmap_free(map, 0);
mutex_unlock(&fl->map_mutex);
bail:
if (err && map) {
mutex_lock(&fl->map_mutex);
fastrpc_mmap_add(map);
mutex_unlock(&fl->map_mutex);
}
mutex_unlock(&fl->internal_map_mutex);
return err;
}
static int fastrpc_internal_munmap_fd(struct fastrpc_file *fl,
struct fastrpc_ioctl_munmap_fd *ud)
{
int err = 0;
struct fastrpc_mmap *map = NULL;
VERIFY(err, (fl && ud));
if (err)
goto bail;
mutex_lock(&fl->map_mutex);
if (fastrpc_mmap_find(fl, ud->fd, ud->va, ud->len, 0, 0, &map)) {
pr_err("adsprpc: mapping not found to unmap fd 0x%x, va 0x%llx, len 0x%x\n",
ud->fd, (unsigned long long)ud->va,
(unsigned int)ud->len);
err = -1;
mutex_unlock(&fl->map_mutex);
goto bail;
}
if (map)
fastrpc_mmap_free(map, 0);
mutex_unlock(&fl->map_mutex);
bail:
return err;
}
static int fastrpc_internal_mmap(struct fastrpc_file *fl,
struct fastrpc_ioctl_mmap *ud)
{
struct fastrpc_mmap *map = NULL;
struct fastrpc_buf *rbuf = NULL;
unsigned long dma_attr = 0;
uintptr_t raddr = 0;
int err = 0;
mutex_lock(&fl->internal_map_mutex);
if (ud->flags == ADSP_MMAP_ADD_PAGES) {
if (ud->vaddrin) {
err = -EINVAL;
pr_err("adsprpc: %s: %s: ERROR: adding user allocated pages is not supported\n",
current->comm, __func__);
goto bail;
}
dma_attr = DMA_ATTR_EXEC_MAPPING |
DMA_ATTR_DELAYED_UNMAP |
DMA_ATTR_NO_KERNEL_MAPPING |
DMA_ATTR_FORCE_NON_COHERENT;
err = fastrpc_buf_alloc(fl, ud->size, dma_attr, ud->flags,
1, &rbuf);
if (err)
goto bail;
err = fastrpc_mmap_on_dsp(fl, ud->flags, 0,
rbuf->phys, rbuf->size, &raddr);
if (err)
goto bail;
rbuf->raddr = raddr;
} else {
uintptr_t va_to_dsp;
mutex_lock(&fl->map_mutex);
VERIFY(err, !fastrpc_mmap_create(fl, ud->fd, 0,
(uintptr_t)ud->vaddrin, ud->size,
ud->flags, &map));
mutex_unlock(&fl->map_mutex);
if (err)
goto bail;
if (ud->flags == ADSP_MMAP_HEAP_ADDR ||
ud->flags == ADSP_MMAP_REMOTE_HEAP_ADDR)
va_to_dsp = 0;
else
va_to_dsp = (uintptr_t)map->va;
VERIFY(err, 0 == fastrpc_mmap_on_dsp(fl, ud->flags, va_to_dsp,
map->phys, map->size, &raddr));
if (err)
goto bail;
map->raddr = raddr;
}
ud->vaddrout = raddr;
bail:
if (err) {
if (map) {
mutex_lock(&fl->map_mutex);
fastrpc_mmap_free(map, 0);
mutex_unlock(&fl->map_mutex);
}
if (!IS_ERR_OR_NULL(rbuf))
fastrpc_buf_free(rbuf, 0);
}
mutex_unlock(&fl->internal_map_mutex);
return err;
}
static void fastrpc_context_list_dtor(struct fastrpc_file *fl);
static int fastrpc_session_alloc_locked(struct fastrpc_channel_ctx *chan,
int secure, struct fastrpc_session_ctx **session)
{
struct fastrpc_apps *me = &gfa;
int idx = 0, err = 0;
if (chan->sesscount) {
for (idx = 0; idx < chan->sesscount; ++idx) {
if (!chan->session[idx].used &&
chan->session[idx].smmu.secure == secure) {
chan->session[idx].used = 1;
break;
}
}
VERIFY(err, idx < chan->sesscount);
if (err)
goto bail;
chan->session[idx].smmu.faults = 0;
} else {
VERIFY(err, me->dev != NULL);
if (err)
goto bail;
chan->session[0].dev = me->dev;
chan->session[0].smmu.dev = me->dev;
}
*session = &chan->session[idx];
bail:
return err;
}
static int fastrpc_rpmsg_probe(struct rpmsg_device *rpdev)
{
int err = 0;
int cid = -1;
VERIFY(err, !IS_ERR_OR_NULL(rpdev));
if (err)
return -EINVAL;
if (!strcmp(rpdev->dev.parent->of_node->name, "cdsp"))
cid = CDSP_DOMAIN_ID;